1 /*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #ifndef SYSTEM_KEYMASTER_ANDROID_KEYMASTER_TEST_UTILS_H_
18 #define SYSTEM_KEYMASTER_ANDROID_KEYMASTER_TEST_UTILS_H_
19
20 /*
21 * Utilities used to help with testing. Not used in production code.
22 */
23
24 #include <stdarg.h>
25
26 #include <algorithm>
27 #include <memory>
28 #include <ostream>
29 #include <string>
30 #include <vector>
31
32 #include <gtest/gtest.h>
33
34 #include <hardware/keymaster0.h>
35 #include <hardware/keymaster1.h>
36 #include <hardware/keymaster2.h>
37 #include <hardware/keymaster_defs.h>
38
39 #include <keymaster/android_keymaster_utils.h>
40 #include <keymaster/authorization_set.h>
41 #include <keymaster/keymaster_context.h>
42 #include <keymaster/logger.h>
43
44 std::ostream& operator<<(std::ostream& os, const keymaster_key_param_t& param);
45 bool operator==(const keymaster_key_param_t& a, const keymaster_key_param_t& b);
46 std::string hex2str(std::string);
47
48 namespace keymaster {
49
50 bool operator==(const AuthorizationSet& a, const AuthorizationSet& b);
51 bool operator!=(const AuthorizationSet& a, const AuthorizationSet& b);
52
53 std::ostream& operator<<(std::ostream& os, const AuthorizationSet& set);
54
55 namespace test {
56
57 template <keymaster_tag_t Tag, typename KeymasterEnum>
contains(const AuthorizationSet & set,TypedEnumTag<KM_ENUM,Tag,KeymasterEnum> tag,KeymasterEnum val)58 bool contains(const AuthorizationSet& set, TypedEnumTag<KM_ENUM, Tag, KeymasterEnum> tag,
59 KeymasterEnum val) {
60 int pos = set.find(tag);
61 return pos != -1 && static_cast<KeymasterEnum>(set[pos].enumerated) == val;
62 }
63
64 template <keymaster_tag_t Tag, typename KeymasterEnum>
contains(const AuthorizationSet & set,TypedEnumTag<KM_ENUM_REP,Tag,KeymasterEnum> tag,KeymasterEnum val)65 bool contains(const AuthorizationSet& set, TypedEnumTag<KM_ENUM_REP, Tag, KeymasterEnum> tag,
66 KeymasterEnum val) {
67 int pos = -1;
68 while ((pos = set.find(tag, pos)) != -1)
69 if (static_cast<KeymasterEnum>(set[pos].enumerated) == val)
70 return true;
71 return false;
72 }
73
74 template <keymaster_tag_t Tag>
contains(const AuthorizationSet & set,TypedTag<KM_UINT,Tag> tag,uint32_t val)75 bool contains(const AuthorizationSet& set, TypedTag<KM_UINT, Tag> tag, uint32_t val) {
76 int pos = set.find(tag);
77 return pos != -1 && set[pos].integer == val;
78 }
79
80 template <keymaster_tag_t Tag>
contains(const AuthorizationSet & set,TypedTag<KM_UINT_REP,Tag> tag,uint32_t val)81 bool contains(const AuthorizationSet& set, TypedTag<KM_UINT_REP, Tag> tag, uint32_t val) {
82 int pos = -1;
83 while ((pos = set.find(tag, pos)) != -1)
84 if (set[pos].integer == val)
85 return true;
86 return false;
87 }
88
89 template <keymaster_tag_t Tag>
contains(const AuthorizationSet & set,TypedTag<KM_ULONG,Tag> tag,uint64_t val)90 bool contains(const AuthorizationSet& set, TypedTag<KM_ULONG, Tag> tag, uint64_t val) {
91 int pos = set.find(tag);
92 return pos != -1 && set[pos].long_integer == val;
93 }
94
95 template <keymaster_tag_t Tag>
contains(const AuthorizationSet & set,TypedTag<KM_BYTES,Tag> tag,const std::string & val)96 bool contains(const AuthorizationSet& set, TypedTag<KM_BYTES, Tag> tag, const std::string& val) {
97 int pos = set.find(tag);
98 return pos != -1 &&
99 std::string(reinterpret_cast<const char*>(set[pos].blob.data),
100 set[pos].blob.data_length) == val;
101 }
102
103 template <keymaster_tag_t Tag>
contains(const AuthorizationSet & set,TypedTag<KM_BIGNUM,Tag> tag,const std::string & val)104 bool contains(const AuthorizationSet& set, TypedTag<KM_BIGNUM, Tag> tag, const std::string& val) {
105 int pos = set.find(tag);
106 return pos != -1 &&
107 std::string(reinterpret_cast<const char*>(set[pos].blob.data),
108 set[pos].blob.data_length) == val;
109 }
110
contains(const AuthorizationSet & set,keymaster_tag_t tag)111 inline bool contains(const AuthorizationSet& set, keymaster_tag_t tag) {
112 return set.find(tag) != -1;
113 }
114
115 class StdoutLogger : public Logger {
116 public:
StdoutLogger()117 StdoutLogger() { set_instance(this); }
118
log_msg(LogLevel level,const char * fmt,va_list args)119 int log_msg(LogLevel level, const char* fmt, va_list args) const {
120 int output_len = 0;
121 switch (level) {
122 case DEBUG_LVL:
123 output_len = printf("DEBUG: ");
124 break;
125 case INFO_LVL:
126 output_len = printf("INFO: ");
127 break;
128 case WARNING_LVL:
129 output_len = printf("WARNING: ");
130 break;
131 case ERROR_LVL:
132 output_len = printf("ERROR: ");
133 break;
134 case SEVERE_LVL:
135 output_len = printf("SEVERE: ");
136 break;
137 }
138
139 output_len += vprintf(fmt, args);
140 output_len += printf("\n");
141 return output_len;
142 }
143 };
144
make_string(const uint8_t * data,size_t length)145 inline std::string make_string(const uint8_t* data, size_t length) {
146 return std::string(reinterpret_cast<const char*>(data), length);
147 }
148
make_string(const uint8_t (& a)[N])149 template <size_t N> std::string make_string(const uint8_t (&a)[N]) {
150 return make_string(a, N);
151 }
152
153 /**
154 * Keymaster2TestInstance is used to parameterize Keymaster2Tests. Its main function is to create a
155 * keymaster2_device_t to which test calls can be directed. It also provides a place to specify
156 * various bits of alternative behavior, in cases where different devices are expected to behave
157 * differently (any such cases are a potential bug, but sometimes they may make sense).
158 */
159 class Keymaster2TestInstanceCreator {
160 public:
~Keymaster2TestInstanceCreator()161 virtual ~Keymaster2TestInstanceCreator(){};
162 virtual keymaster2_device_t* CreateDevice() const = 0;
163
164 virtual bool algorithm_in_km0_hardware(keymaster_algorithm_t algorithm) const = 0;
165 virtual int keymaster0_calls() const = 0;
minimal_digest_set()166 virtual int minimal_digest_set() const { return false; }
167 virtual bool is_keymaster1_hw() const = 0;
168 virtual KeymasterContext* keymaster_context() const = 0;
169
170 virtual std::string name() const = 0;
171 };
172
173 // Use a shared_ptr because it's copyable.
174 typedef std::shared_ptr<Keymaster2TestInstanceCreator> InstanceCreatorPtr;
175
176 std::ostream& operator<<(std::ostream& os, const InstanceCreatorPtr& instance_creator);
177
178 const uint64_t OP_HANDLE_SENTINEL = 0xFFFFFFFFFFFFFFFF;
179 class Keymaster2Test : public testing::TestWithParam<InstanceCreatorPtr> {
180 protected:
181 Keymaster2Test();
182 ~Keymaster2Test();
183
184 keymaster2_device_t* device();
185
186 keymaster_error_t GenerateKey(const AuthorizationSetBuilder& builder);
187
188 keymaster_error_t DeleteKey();
189
190 keymaster_error_t ImportKey(const AuthorizationSetBuilder& builder,
191 keymaster_key_format_t format, const std::string& key_material);
192
193 keymaster_error_t ExportKey(keymaster_key_format_t format, std::string* export_data);
194
195 keymaster_error_t GetCharacteristics();
196
197 keymaster_error_t BeginOperation(keymaster_purpose_t purpose);
198 keymaster_error_t BeginOperation(keymaster_purpose_t purpose, const AuthorizationSet& input_set,
199 AuthorizationSet* output_set = NULL);
200
201 keymaster_error_t UpdateOperation(const std::string& message, std::string* output,
202 size_t* input_consumed);
203 keymaster_error_t UpdateOperation(const AuthorizationSet& additional_params,
204 const std::string& message, AuthorizationSet* output_params,
205 std::string* output, size_t* input_consumed);
206
207 keymaster_error_t FinishOperation(std::string* output);
208 keymaster_error_t FinishOperation(const std::string& input, const std::string& signature,
209 std::string* output);
FinishOperation(const AuthorizationSet & additional_params,const std::string & input,const std::string & signature,std::string * output)210 keymaster_error_t FinishOperation(const AuthorizationSet& additional_params,
211 const std::string& input, const std::string& signature,
212 std::string* output) {
213 return FinishOperation(additional_params, input, signature, nullptr /* output_params */,
214 output);
215 }
216 keymaster_error_t FinishOperation(const AuthorizationSet& additional_params,
217 const std::string& input, const std::string& signature,
218 AuthorizationSet* output_params, std::string* output);
219
220 keymaster_error_t AbortOperation();
221
222 keymaster_error_t AttestKey(const std::string& attest_challenge,
223 const std::string& attest_app_id, keymaster_cert_chain_t* chain);
224
225 keymaster_error_t UpgradeKey(const AuthorizationSet& upgrade_params);
226
227 keymaster_error_t GetVersion(uint8_t* major, uint8_t* minor, uint8_t* subminor);
228 std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message);
229 std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message,
230 const AuthorizationSet& begin_params,
231 const AuthorizationSet& update_params,
232 AuthorizationSet* output_params = NULL);
233 std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message,
234 const std::string& signature, const AuthorizationSet& begin_params,
235 const AuthorizationSet& update_params,
236 AuthorizationSet* output_params = NULL);
237 std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message,
238 const std::string& signature);
239
240 void SignMessage(const std::string& message, std::string* signature, keymaster_digest_t digest);
241 void SignMessage(const std::string& message, std::string* signature, keymaster_digest_t digest,
242 keymaster_padding_t padding);
243 void MacMessage(const std::string& message, std::string* signature, size_t mac_length);
244
245 void VerifyMessage(const std::string& message, const std::string& signature,
246 keymaster_digest_t digest);
247 void VerifyMessage(const std::string& message, const std::string& signature,
248 keymaster_digest_t digest, keymaster_padding_t padding);
249 void VerifyMac(const std::string& message, const std::string& signature);
250
251 std::string EncryptMessage(const std::string& message, keymaster_padding_t padding,
252 std::string* generated_nonce = NULL);
253 std::string EncryptMessage(const std::string& message, keymaster_digest_t digest,
254 keymaster_padding_t padding, std::string* generated_nonce = NULL);
255 std::string EncryptMessage(const std::string& message, keymaster_block_mode_t block_mode,
256 keymaster_padding_t padding, std::string* generated_nonce = NULL);
257 std::string EncryptMessage(const AuthorizationSet& update_params, const std::string& message,
258 keymaster_digest_t digest, keymaster_padding_t padding,
259 std::string* generated_nonce = NULL);
260 std::string EncryptMessage(const AuthorizationSet& update_params, const std::string& message,
261 keymaster_block_mode_t block_mode, keymaster_padding_t padding,
262 std::string* generated_nonce = NULL);
263 std::string EncryptMessageWithParams(const std::string& message,
264 const AuthorizationSet& begin_params,
265 const AuthorizationSet& update_params,
266 AuthorizationSet* output_params);
267
268 std::string DecryptMessage(const std::string& ciphertext, keymaster_padding_t padding);
269 std::string DecryptMessage(const std::string& ciphertext, keymaster_digest_t digest,
270 keymaster_padding_t padding);
271 std::string DecryptMessage(const std::string& ciphertext, keymaster_block_mode_t block_mode,
272 keymaster_padding_t padding);
273 std::string DecryptMessage(const std::string& ciphertext, keymaster_digest_t digest,
274 keymaster_padding_t padding, const std::string& nonce);
275 std::string DecryptMessage(const std::string& ciphertext, keymaster_block_mode_t block_mode,
276 keymaster_padding_t padding, const std::string& nonce);
277 std::string DecryptMessage(const AuthorizationSet& update_params, const std::string& ciphertext,
278 keymaster_digest_t digest, keymaster_padding_t padding,
279 const std::string& nonce);
280 std::string DecryptMessage(const AuthorizationSet& update_params, const std::string& ciphertext,
281 keymaster_block_mode_t block_mode, keymaster_padding_t padding,
282 const std::string& nonce);
283
284 void CheckHmacTestVector(const std::string& key, const std::string& message,
285 keymaster_digest_t digest, std::string expected_mac);
286 void CheckAesOcbTestVector(const std::string& key, const std::string& nonce,
287 const std::string& associated_data, const std::string& message,
288 const std::string& expected_ciphertext);
289 void CheckAesCtrTestVector(const std::string& key, const std::string& nonce,
290 const std::string& message, const std::string& expected_ciphertext);
291 AuthorizationSet UserAuthParams();
292 AuthorizationSet ClientParams();
293
294 template <typename T>
ResponseContains(const std::vector<T> & expected,const T * values,size_t len)295 bool ResponseContains(const std::vector<T>& expected, const T* values, size_t len) {
296 return expected.size() == len &&
297 std::is_permutation(values, values + len, expected.begin());
298 }
299
ResponseContains(T expected,const T * values,size_t len)300 template <typename T> bool ResponseContains(T expected, const T* values, size_t len) {
301 return (len == 1 && *values == expected);
302 }
303
304 AuthorizationSet hw_enforced();
305 AuthorizationSet sw_enforced();
306
307 void FreeCharacteristics();
308 void FreeKeyBlob();
309
310 void corrupt_key_blob();
311
set_key_blob(const uint8_t * key,size_t key_length)312 void set_key_blob(const uint8_t* key, size_t key_length) {
313 FreeKeyBlob();
314 blob_.key_material = key;
315 blob_.key_material_size = key_length;
316 }
317
client_params()318 AuthorizationSet client_params() {
319 return AuthorizationSet(client_params_, sizeof(client_params_) / sizeof(client_params_[0]));
320 }
321
322 private:
323 keymaster2_device_t* device_;
324 keymaster_blob_t client_id_ = {.data = reinterpret_cast<const uint8_t*>("app_id"),
325 .data_length = 6};
326 keymaster_key_param_t client_params_[1] = {
327 Authorization(TAG_APPLICATION_ID, client_id_.data, client_id_.data_length)};
328
329 uint64_t op_handle_;
330
331 keymaster_key_blob_t blob_;
332 keymaster_key_characteristics_t characteristics_;
333 };
334
335 struct Keymaster0CountingWrapper : public keymaster0_device_t {
Keymaster0CountingWrapperKeymaster0CountingWrapper336 explicit Keymaster0CountingWrapper(keymaster0_device_t* device) : device_(device), counter_(0) {
337 common = device_->common;
338 common.close = counting_close_device;
339 client_version = device_->client_version;
340 flags = device_->flags;
341 context = this;
342
343 generate_keypair = counting_generate_keypair;
344 import_keypair = counting_import_keypair;
345 get_keypair_public = counting_get_keypair_public;
346 delete_keypair = counting_delete_keypair;
347 delete_all = counting_delete_all;
348 sign_data = counting_sign_data;
349 verify_data = counting_verify_data;
350 }
351
countKeymaster0CountingWrapper352 int count() { return counter_; }
353
354 // The blobs generated by the underlying softkeymaster start with "PK#8". Tweak the prefix so
355 // they don't get identified as softkeymaster blobs.
munge_blobKeymaster0CountingWrapper356 static void munge_blob(uint8_t* blob, size_t blob_length) {
357 if (blob && blob_length > 0 && *blob == 'P')
358 *blob = 'Q'; // Mind your Ps and Qs!
359 }
360
361 // Copy and un-modfy the blob. The caller must clean up the return value.
unmunge_blobKeymaster0CountingWrapper362 static uint8_t* unmunge_blob(const uint8_t* blob, size_t blob_length) {
363 uint8_t* dup_blob = dup_buffer(blob, blob_length);
364 if (dup_blob && blob_length > 0 && *dup_blob == 'Q')
365 *dup_blob = 'P';
366 return dup_blob;
367 }
368
deviceKeymaster0CountingWrapper369 static keymaster0_device_t* device(const keymaster0_device_t* dev) {
370 Keymaster0CountingWrapper* wrapper =
371 reinterpret_cast<Keymaster0CountingWrapper*>(dev->context);
372 return wrapper->device_;
373 }
374
incrementKeymaster0CountingWrapper375 static void increment(const keymaster0_device_t* dev) {
376 Keymaster0CountingWrapper* wrapper =
377 reinterpret_cast<Keymaster0CountingWrapper*>(dev->context);
378 wrapper->counter_++;
379 }
380
counting_close_deviceKeymaster0CountingWrapper381 static int counting_close_device(hw_device_t* dev) {
382 keymaster0_device_t* k0_dev = reinterpret_cast<keymaster0_device_t*>(dev);
383 increment(k0_dev);
384 Keymaster0CountingWrapper* wrapper =
385 reinterpret_cast<Keymaster0CountingWrapper*>(k0_dev->context);
386 int retval =
387 wrapper->device_->common.close(reinterpret_cast<hw_device_t*>(wrapper->device_));
388 delete wrapper;
389 return retval;
390 }
391
counting_generate_keypairKeymaster0CountingWrapper392 static int counting_generate_keypair(const struct keymaster0_device* dev,
393 const keymaster_keypair_t key_type, const void* key_params,
394 uint8_t** key_blob, size_t* key_blob_length) {
395 increment(dev);
396 int result = device(dev)->generate_keypair(device(dev), key_type, key_params, key_blob,
397 key_blob_length);
398 if (result == 0)
399 munge_blob(*key_blob, *key_blob_length);
400 return result;
401 }
402
counting_import_keypairKeymaster0CountingWrapper403 static int counting_import_keypair(const struct keymaster0_device* dev, const uint8_t* key,
404 const size_t key_length, uint8_t** key_blob,
405 size_t* key_blob_length) {
406 increment(dev);
407 int result =
408 device(dev)->import_keypair(device(dev), key, key_length, key_blob, key_blob_length);
409 if (result == 0)
410 munge_blob(*key_blob, *key_blob_length);
411 return result;
412 }
413
counting_get_keypair_publicKeymaster0CountingWrapper414 static int counting_get_keypair_public(const struct keymaster0_device* dev,
415 const uint8_t* key_blob, const size_t key_blob_length,
416 uint8_t** x509_data, size_t* x509_data_length) {
417 increment(dev);
418 std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
419 return device(dev)->get_keypair_public(device(dev), dup_blob.get(), key_blob_length,
420 x509_data, x509_data_length);
421 }
422
counting_delete_keypairKeymaster0CountingWrapper423 static int counting_delete_keypair(const struct keymaster0_device* dev, const uint8_t* key_blob,
424 const size_t key_blob_length) {
425 increment(dev);
426 if (key_blob && key_blob_length > 0)
427 EXPECT_EQ('Q', *key_blob);
428 if (device(dev)->delete_keypair) {
429 std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
430 return device(dev)->delete_keypair(device(dev), dup_blob.get(), key_blob_length);
431 }
432 return 0;
433 }
434
counting_delete_allKeymaster0CountingWrapper435 static int counting_delete_all(const struct keymaster0_device* dev) {
436 increment(dev);
437 if (device(dev)->delete_all)
438 return device(dev)->delete_all(device(dev));
439 return 0;
440 }
441
counting_sign_dataKeymaster0CountingWrapper442 static int counting_sign_data(const struct keymaster0_device* dev, const void* signing_params,
443 const uint8_t* key_blob, const size_t key_blob_length,
444 const uint8_t* data, const size_t data_length,
445 uint8_t** signed_data, size_t* signed_data_length) {
446 increment(dev);
447 std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
448 return device(dev)->sign_data(device(dev), signing_params, dup_blob.get(), key_blob_length,
449 data, data_length, signed_data, signed_data_length);
450 }
451
counting_verify_dataKeymaster0CountingWrapper452 static int counting_verify_data(const struct keymaster0_device* dev, const void* signing_params,
453 const uint8_t* key_blob, const size_t key_blob_length,
454 const uint8_t* signed_data, const size_t signed_data_length,
455 const uint8_t* signature, const size_t signature_length) {
456 increment(dev);
457 std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
458 return device(dev)->verify_data(device(dev), signing_params, dup_blob.get(),
459 key_blob_length, signed_data, signed_data_length, signature,
460 signature_length);
461 }
462
463 private:
464 keymaster0_device_t* device_;
465 int counter_;
466 };
467
468 /**
469 * This function takes a keymaster1_device_t and wraps it in an adapter that supports only
470 * KM_DIGEST_SHA_2_256.
471 */
472 keymaster1_device_t* make_device_sha256_only(keymaster1_device_t* device);
473
474 } // namespace test
475 } // namespace keymaster
476
477 #endif // SYSTEM_KEYMASTER_ANDROID_KEYMASTER_TEST_UTILS_H_
478