1 /* Copyright 2019, The Android Open Source Project, Inc. 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 package com.google.android.attestation; 17 18 import static com.google.common.truth.Truth.assertThat; 19 20 import com.google.android.attestation.RootOfTrust.VerifiedBootState; 21 import java.io.IOException; 22 import org.bouncycastle.asn1.ASN1Sequence; 23 import org.bouncycastle.util.encoders.Base64; 24 import org.junit.Test; 25 import org.junit.runner.RunWith; 26 import org.junit.runners.JUnit4; 27 28 /** Test for {@link RootOfTrust}. */ 29 @RunWith(JUnit4.class) 30 public class RootOfTrustTest { 31 32 // Generated from certificate with EC Algorithm and StrongBox Security Level 33 private static final String ROOT_OF_TRUST = 34 "MEoEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQEACgECBCByjbEnTx8c8Vcd5DgLBIpVSsSjgOdvU1UI" 35 + "NSkISpN4AQ==\n"; 36 private static final int ATTESTATION_VERSION = 3; 37 38 private static final byte[] EXPECTED_VERIFIED_BOOT_KEY = 39 Base64.decode("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="); 40 private static final boolean EXPECTED_DEVICE_LOCKED = false; 41 private static final VerifiedBootState EXPECTED_VERIFIED_BOOT_STATE = 42 VerifiedBootState.UNVERIFIED; 43 private static final byte[] EXPECTED_VERIFIED_BOOT_HASH = 44 Base64.decode("co2xJ08fHPFXHeQ4CwSKVUrEo4Dnb1NVCDUpCEqTeAE="); 45 getRootOfTrustSequence(String rootOfTrustB64)46 private static ASN1Sequence getRootOfTrustSequence(String rootOfTrustB64) throws IOException { 47 byte[] rootOfTrustBytes = Base64.decode(rootOfTrustB64); 48 return (ASN1Sequence) ASN1Sequence.fromByteArray(rootOfTrustBytes); 49 } 50 51 @Test testCreateRootOfTrust()52 public void testCreateRootOfTrust() throws IOException { 53 ASN1Sequence rootOfTrustSequence = getRootOfTrustSequence(ROOT_OF_TRUST); 54 RootOfTrust rootOfTrust = 55 RootOfTrust.createRootOfTrust(rootOfTrustSequence, ATTESTATION_VERSION); 56 57 assertThat(rootOfTrust).isNotNull(); 58 assertThat(rootOfTrust.verifiedBootKey).isEqualTo(EXPECTED_VERIFIED_BOOT_KEY); 59 assertThat(rootOfTrust.deviceLocked).isEqualTo(EXPECTED_DEVICE_LOCKED); 60 assertThat(rootOfTrust.verifiedBootState).isEqualTo(EXPECTED_VERIFIED_BOOT_STATE); 61 assertThat(rootOfTrust.verifiedBootHash).isEqualTo(EXPECTED_VERIFIED_BOOT_HASH); 62 } 63 64 @Test testCreateEmptyRootOfTrust()65 public void testCreateEmptyRootOfTrust() { 66 assertThat(RootOfTrust.createRootOfTrust(null, ATTESTATION_VERSION)).isNull(); 67 } 68 } 69