Gitiles
Code Review Sign In
gerrit.openfyde.cn / android.googlesource.com / platform / system / keymaster / 78c5d8796c560deb2a0194f581f13a833437f012 / . / android_keymaster_test_utils.cpp
blob: f62dd66004a2ee4554f40d3273514e6411d49c16 [file] [log] [blame]
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]1/*
2 * Copyright 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
Shawn Willdenb6837e72015-05-16 09:20:59 -0600[diff] [blame]17#include "android_keymaster_test_utils.h"
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]18
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]19#include <algorithm>
20
21#include <openssl/rand.h>
22
Shawn Willdenb6837e72015-05-16 09:20:59 -0600[diff] [blame]23#include <keymaster/android_keymaster_messages.h>
24#include <keymaster/android_keymaster_utils.h>
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]25
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]26using std::copy_if;
27using std::find_if;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]28using std::is_permutation;
29using std::ostream;
30using std::string;
31using std::vector;
32
Shawn Willden78c5d872016-01-08 05:00:26 -0700[diff] [blame^]33#ifndef KEYMASTER_NAME_TAGS
34#error Keymaster test code requires that KEYMASTER_NAME_TAGS is defined
35#endif
36
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]37std::ostream& operator<<(std::ostream& os, const keymaster_key_param_t& param) {
Shawn Willden78c5d872016-01-08 05:00:26 -0700[diff] [blame^]38 os << "Tag: " << keymaster::StringifyTag(param.tag);
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]39 switch (keymaster_tag_get_type(param.tag)) {
40 case KM_INVALID:
41 os << " Invalid";
42 break;
Shawn Willdenc3ac84f2015-06-24 12:25:37 -0700[diff] [blame]43 case KM_UINT_REP:
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]44 os << " (Rep)";
45 /* Falls through */
Shawn Willdenc3ac84f2015-06-24 12:25:37 -0700[diff] [blame]46 case KM_UINT:
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]47 os << " Int: " << param.integer;
48 break;
49 case KM_ENUM_REP:
50 os << " (Rep)";
51 /* Falls through */
52 case KM_ENUM:
53 os << " Enum: " << param.enumerated;
54 break;
Shawn Willdenc3ac84f2015-06-24 12:25:37 -0700[diff] [blame]55 case KM_ULONG_REP:
Shawn Willdeneb63b972015-03-14 08:01:12 -0600[diff] [blame]56 os << " (Rep)";
57 /* Falls through */
Shawn Willdenc3ac84f2015-06-24 12:25:37 -0700[diff] [blame]58 case KM_ULONG:
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]59 os << " Long: " << param.long_integer;
60 break;
61 case KM_DATE:
62 os << " Date: " << param.date_time;
63 break;
64 case KM_BOOL:
65 os << " Bool: " << param.boolean;
66 break;
67 case KM_BIGNUM:
68 os << " Bignum: ";
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]69 if (!param.blob.data)
70 os << "(null)";
71 else
72 for (size_t i = 0; i < param.blob.data_length; ++i)
73 os << std::hex << std::setw(2) << static_cast<int>(param.blob.data[i]) << std::dec;
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]74 break;
75 case KM_BYTES:
76 os << " Bytes: ";
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]77 if (!param.blob.data)
78 os << "(null)";
79 else
80 for (size_t i = 0; i < param.blob.data_length; ++i)
81 os << std::hex << std::setw(2) << static_cast<int>(param.blob.data[i]) << std::dec;
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]82 break;
83 }
84 return os;
85}
86
87bool operator==(const keymaster_key_param_t& a, const keymaster_key_param_t& b) {
88 if (a.tag != b.tag) {
89 return false;
90 }
91
92 switch (keymaster_tag_get_type(a.tag)) {
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]93 case KM_INVALID:
94 return true;
Shawn Willdenc3ac84f2015-06-24 12:25:37 -0700[diff] [blame]95 case KM_UINT_REP:
96 case KM_UINT:
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]97 return a.integer == b.integer;
98 case KM_ENUM_REP:
99 case KM_ENUM:
100 return a.enumerated == b.enumerated;
Shawn Willdenc3ac84f2015-06-24 12:25:37 -0700[diff] [blame]101 case KM_ULONG:
102 case KM_ULONG_REP:
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]103 return a.long_integer == b.long_integer;
104 case KM_DATE:
105 return a.date_time == b.date_time;
106 case KM_BOOL:
107 return a.boolean == b.boolean;
108 case KM_BIGNUM:
109 case KM_BYTES:
110 if ((a.blob.data == NULL || b.blob.data == NULL) && a.blob.data != b.blob.data)
111 return false;
112 return a.blob.data_length == b.blob.data_length &&
113 (memcmp(a.blob.data, b.blob.data, a.blob.data_length) == 0);
114 }
Shawn Willden82114e72015-04-16 15:47:50 -0600[diff] [blame]115
116 return false;
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]117}
118
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]119static char hex_value[256] = {
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]120 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
121 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
122 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0, 0, 0, 0, 0, 0, // '0'..'9'
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]123 0, 10, 11, 12, 13, 14, 15, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 'A'..'F'
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]124 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 10, 11, 12, 13, 14, 15, 0,
125 0, 0, 0, 0, 0, 0, 0, 0, // 'a'..'f'
126 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
127 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
128 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
129 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
130 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
131 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]132
133string hex2str(string a) {
134 string b;
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]135 size_t num = a.size() / 2;
Thai Duong7689ed62015-03-20 16:50:18 -0700[diff] [blame]136 b.resize(num);
137 for (size_t i = 0; i < num; i++) {
138 b[i] = (hex_value[a[i * 2] & 0xFF] << 4) + (hex_value[a[i * 2 + 1] & 0xFF]);
139 }
140 return b;
141}
142
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]143namespace keymaster {
144
145bool operator==(const AuthorizationSet& a, const AuthorizationSet& b) {
146 if (a.size() != b.size())
147 return false;
148
149 for (size_t i = 0; i < a.size(); ++i)
150 if (!(a[i] == b[i]))
151 return false;
152 return true;
153}
154
Shawn Willden2c242002015-02-27 07:01:02 -0700[diff] [blame]155bool operator!=(const AuthorizationSet& a, const AuthorizationSet& b) {
156 return !(a == b);
157}
158
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]159std::ostream& operator<<(std::ostream& os, const AuthorizationSet& set) {
160 if (set.size() == 0)
161 os << "(Empty)" << std::endl;
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]162 else {
163 os << "\n";
Shawn Willden78c5d872016-01-08 05:00:26 -0700[diff] [blame^]164 for (size_t i = 0; i < set.size(); ++i)
165 os << set[i] << std::endl;
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]166 }
167 return os;
168}
169
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]170namespace test {
171
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]172Keymaster2Test::Keymaster2Test() : op_handle_(OP_HANDLE_SENTINEL) {
173 memset(&characteristics_, 0, sizeof(characteristics_));
174 blob_.key_material = nullptr;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]175 RAND_seed("foobar", 6);
176 blob_.key_material = 0;
Shawn Willden58427c42015-05-20 13:00:42 -0600[diff] [blame]177 device_ = GetParam()->CreateDevice();
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]178}
179
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]180Keymaster2Test::~Keymaster2Test() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]181 FreeCharacteristics();
182 FreeKeyBlob();
183 device_->common.close(reinterpret_cast<hw_device_t*>(device_));
184}
185
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]186keymaster2_device_t* Keymaster2Test::device() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]187 return device_;
188}
189
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]190keymaster_error_t Keymaster2Test::GenerateKey(const AuthorizationSetBuilder& builder) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]191 AuthorizationSet params(builder.build());
192 params.push_back(UserAuthParams());
193 params.push_back(ClientParams());
194
195 FreeKeyBlob();
196 FreeCharacteristics();
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]197 return device()->generate_key(device(), &params, &blob_, &characteristics_);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]198}
199
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]200keymaster_error_t Keymaster2Test::DeleteKey() {
Shawn Willden01d8f242015-11-16 14:56:41 -0700[diff] [blame]201 return device()->delete_key(device(), &blob_);
202}
203
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]204keymaster_error_t Keymaster2Test::ImportKey(const AuthorizationSetBuilder& builder,
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]205 keymaster_key_format_t format,
206 const string& key_material) {
207 AuthorizationSet params(builder.build());
208 params.push_back(UserAuthParams());
209 params.push_back(ClientParams());
210
211 FreeKeyBlob();
212 FreeCharacteristics();
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]213 keymaster_blob_t key = {reinterpret_cast<const uint8_t*>(key_material.c_str()),
214 key_material.length()};
215 return device()->import_key(device(), &params, format, &key, &blob_, &characteristics_);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]216}
217
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]218AuthorizationSet Keymaster2Test::UserAuthParams() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]219 AuthorizationSet set;
220 set.push_back(TAG_USER_ID, 7);
Shawn Willdeneb63b972015-03-14 08:01:12 -0600[diff] [blame]221 set.push_back(TAG_USER_AUTH_TYPE, HW_AUTH_PASSWORD);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]222 set.push_back(TAG_AUTH_TIMEOUT, 300);
223 return set;
224}
225
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]226AuthorizationSet Keymaster2Test::ClientParams() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]227 AuthorizationSet set;
228 set.push_back(TAG_APPLICATION_ID, "app_id", 6);
229 return set;
230}
231
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]232keymaster_error_t Keymaster2Test::BeginOperation(keymaster_purpose_t purpose) {
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]233 AuthorizationSet in_params(client_params());
234 keymaster_key_param_set_t out_params;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]235 keymaster_error_t error =
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]236 device()->begin(device(), purpose, &blob_, &in_params, &out_params, &op_handle_);
237 EXPECT_EQ(0U, out_params.length);
238 EXPECT_TRUE(out_params.params == nullptr);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]239 return error;
240}
241
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]242keymaster_error_t Keymaster2Test::BeginOperation(keymaster_purpose_t purpose,
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]243 const AuthorizationSet& input_set,
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]244 AuthorizationSet* output_set) {
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]245 keymaster_key_param_set_t out_params;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]246 keymaster_error_t error =
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]247 device()->begin(device(), purpose, &blob_, &input_set, &out_params, &op_handle_);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]248 if (error == KM_ERROR_OK) {
249 if (output_set) {
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]250 output_set->Reinitialize(out_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]251 } else {
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]252 EXPECT_EQ(0U, out_params.length);
253 EXPECT_TRUE(out_params.params == nullptr);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]254 }
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]255 keymaster_free_param_set(&out_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]256 }
257 return error;
258}
259
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]260keymaster_error_t Keymaster2Test::UpdateOperation(const string& message, string* output,
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]261 size_t* input_consumed) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]262 EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]263 keymaster_blob_t input = {reinterpret_cast<const uint8_t*>(message.c_str()), message.length()};
264 keymaster_blob_t out_tmp;
265 keymaster_key_param_set_t out_params;
266 keymaster_error_t error = device()->update(device(), op_handle_, nullptr /* params */, &input,
267 input_consumed, &out_params, &out_tmp);
268 if (error == KM_ERROR_OK && out_tmp.data)
269 output->append(reinterpret_cast<const char*>(out_tmp.data), out_tmp.data_length);
270 free(const_cast<uint8_t*>(out_tmp.data));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]271 return error;
272}
273
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]274keymaster_error_t Keymaster2Test::UpdateOperation(const AuthorizationSet& additional_params,
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]275 const string& message,
276 AuthorizationSet* output_params, string* output,
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]277 size_t* input_consumed) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]278 EXPECT_NE(op_handle_, OP_HANDLE_SENTINEL);
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]279 keymaster_blob_t input = {reinterpret_cast<const uint8_t*>(message.c_str()), message.length()};
280 keymaster_blob_t out_tmp;
281 keymaster_key_param_set_t out_params;
282 keymaster_error_t error = device()->update(device(), op_handle_, &additional_params, &input,
283 input_consumed, &out_params, &out_tmp);
284 if (error == KM_ERROR_OK && out_tmp.data)
285 output->append(reinterpret_cast<const char*>(out_tmp.data), out_tmp.data_length);
286 free((void*)out_tmp.data);
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]287 if (output_params)
288 output_params->Reinitialize(out_params);
289 keymaster_free_param_set(&out_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]290 return error;
291}
292
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]293keymaster_error_t Keymaster2Test::FinishOperation(string* output) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]294 return FinishOperation("", output);
295}
296
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]297keymaster_error_t Keymaster2Test::FinishOperation(const string& signature, string* output) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]298 AuthorizationSet additional_params;
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]299 AuthorizationSet output_params;
300 return FinishOperation(additional_params, signature, &output_params, output);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]301}
302
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]303keymaster_error_t Keymaster2Test::FinishOperation(const AuthorizationSet& additional_params,
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]304 const string& signature,
305 AuthorizationSet* output_params, string* output) {
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]306 keymaster_blob_t sig = {reinterpret_cast<const uint8_t*>(signature.c_str()),
307 signature.length()};
308 keymaster_blob_t out_tmp;
309 keymaster_key_param_set_t out_params;
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]310 keymaster_error_t error = device()->finish(device(), op_handle_, &additional_params,
311 nullptr /* input */, &sig, &out_params, &out_tmp);
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]312 if (error != KM_ERROR_OK) {
313 EXPECT_TRUE(out_tmp.data == nullptr);
314 EXPECT_TRUE(out_params.params == nullptr);
315 return error;
316 }
317
318 if (out_tmp.data)
319 output->append(reinterpret_cast<const char*>(out_tmp.data), out_tmp.data_length);
320 free((void*)out_tmp.data);
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]321 if (output_params)
322 output_params->Reinitialize(out_params);
323 keymaster_free_param_set(&out_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]324 return error;
325}
326
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]327keymaster_error_t Keymaster2Test::AbortOperation() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]328 return device()->abort(device(), op_handle_);
329}
330
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]331string Keymaster2Test::ProcessMessage(keymaster_purpose_t purpose, const string& message) {
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]332 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]333
334 string result;
335 size_t input_consumed;
336 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed));
337 EXPECT_EQ(message.size(), input_consumed);
338 EXPECT_EQ(KM_ERROR_OK, FinishOperation(&result));
339 return result;
340}
341
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]342string Keymaster2Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]343 const AuthorizationSet& begin_params,
344 const AuthorizationSet& update_params,
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]345 AuthorizationSet* begin_out_params) {
346 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, begin_out_params));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]347
348 string result;
349 size_t input_consumed;
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]350 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, nullptr /* output_params */,
351 &result, &input_consumed));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]352 EXPECT_EQ(message.size(), input_consumed);
353 EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, "", &result));
354 return result;
355}
356
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]357string Keymaster2Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]358 const string& signature, const AuthorizationSet& begin_params,
359 const AuthorizationSet& update_params,
360 AuthorizationSet* output_params) {
361 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params));
362
363 string result;
364 size_t input_consumed;
Shawn Willden0f392562015-06-02 09:00:52 -0600[diff] [blame]365 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, nullptr /* output_params */,
366 &result, &input_consumed));
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]367 EXPECT_EQ(message.size(), input_consumed);
368 EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, signature, &result));
369 return result;
370}
371
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]372string Keymaster2Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]373 const string& signature) {
374 EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]375
376 string result;
377 size_t input_consumed;
378 EXPECT_EQ(KM_ERROR_OK, UpdateOperation(message, &result, &input_consumed));
379 EXPECT_EQ(message.size(), input_consumed);
380 EXPECT_EQ(KM_ERROR_OK, FinishOperation(signature, &result));
381 return result;
382}
383
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]384void Keymaster2Test::SignMessage(const string& message, string* signature,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]385 keymaster_digest_t digest) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]386 SCOPED_TRACE("SignMessage");
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]387 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
388 input_params.push_back(TAG_DIGEST, digest);
389 AuthorizationSet update_params;
390 AuthorizationSet output_params;
391 *signature =
392 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]393 EXPECT_GT(signature->size(), 0U);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]394}
395
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]396void Keymaster2Test::SignMessage(const string& message, string* signature,
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]397 keymaster_digest_t digest, keymaster_padding_t padding) {
398 SCOPED_TRACE("SignMessage");
399 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
400 input_params.push_back(TAG_DIGEST, digest);
401 input_params.push_back(TAG_PADDING, padding);
402 AuthorizationSet update_params;
403 AuthorizationSet output_params;
404 *signature =
405 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
406 EXPECT_GT(signature->size(), 0U);
407}
408
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]409void Keymaster2Test::MacMessage(const string& message, string* signature, size_t mac_length) {
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]410 SCOPED_TRACE("SignMessage");
411 AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
412 input_params.push_back(TAG_MAC_LENGTH, mac_length);
413 AuthorizationSet update_params;
414 AuthorizationSet output_params;
415 *signature =
416 ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
417 EXPECT_GT(signature->size(), 0U);
418}
419
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]420void Keymaster2Test::VerifyMessage(const string& message, const string& signature,
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]421 keymaster_digest_t digest) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]422 SCOPED_TRACE("VerifyMessage");
Shawn Willden226746b2015-05-08 11:36:56 -0600[diff] [blame]423 AuthorizationSet input_params(client_params());
424 input_params.push_back(TAG_DIGEST, digest);
425 AuthorizationSet update_params;
426 AuthorizationSet output_params;
427 ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params,
428 &output_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]429}
430
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]431void Keymaster2Test::VerifyMessage(const string& message, const string& signature,
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]432 keymaster_digest_t digest, keymaster_padding_t padding) {
433 SCOPED_TRACE("VerifyMessage");
434 AuthorizationSet input_params(client_params());
435 input_params.push_back(TAG_DIGEST, digest);
436 input_params.push_back(TAG_PADDING, padding);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]437 AuthorizationSet update_params;
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]438 AuthorizationSet output_params;
439 ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params,
440 &output_params);
441}
442
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]443void Keymaster2Test::VerifyMac(const string& message, const string& signature) {
Shawn Willden33ab0382015-07-08 08:47:25 -0600[diff] [blame]444 SCOPED_TRACE("VerifyMac");
445 ProcessMessage(KM_PURPOSE_VERIFY, message, signature);
446}
447
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]448string Keymaster2Test::EncryptMessage(const string& message, keymaster_padding_t padding,
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]449 string* generated_nonce) {
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]450 SCOPED_TRACE("EncryptMessage");
451 AuthorizationSet begin_params(client_params()), output_params;
452 begin_params.push_back(TAG_PADDING, padding);
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]453 AuthorizationSet update_params;
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]454 string ciphertext =
455 ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, &output_params);
456 if (generated_nonce) {
457 keymaster_blob_t nonce_blob;
458 EXPECT_TRUE(output_params.GetTagValue(TAG_NONCE, &nonce_blob));
459 *generated_nonce = make_string(nonce_blob.data, nonce_blob.data_length);
460 } else {
461 EXPECT_EQ(-1, output_params.find(TAG_NONCE));
462 }
463 return ciphertext;
464}
465
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]466string Keymaster2Test::EncryptMessage(const string& message, keymaster_digest_t digest,
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]467 keymaster_padding_t padding, string* generated_nonce) {
468 AuthorizationSet update_params;
469 return EncryptMessage(update_params, message, digest, padding, generated_nonce);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]470}
471
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]472string Keymaster2Test::EncryptMessage(const string& message, keymaster_block_mode_t block_mode,
Shawn Willden31e063f2015-05-08 14:31:22 -0600[diff] [blame]473 keymaster_padding_t padding, string* generated_nonce) {
474 AuthorizationSet update_params;
475 return EncryptMessage(update_params, message, block_mode, padding, generated_nonce);
476}
477
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]478string Keymaster2Test::EncryptMessage(const AuthorizationSet& update_params, const string& message,
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]479 keymaster_digest_t digest, keymaster_padding_t padding,
480 string* generated_nonce) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]481 SCOPED_TRACE("EncryptMessage");
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]482 AuthorizationSet begin_params(client_params()), output_params;
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]483 begin_params.push_back(TAG_PADDING, padding);
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]484 begin_params.push_back(TAG_DIGEST, digest);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]485 string ciphertext =
486 ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, &output_params);
487 if (generated_nonce) {
488 keymaster_blob_t nonce_blob;
489 EXPECT_TRUE(output_params.GetTagValue(TAG_NONCE, &nonce_blob));
490 *generated_nonce = make_string(nonce_blob.data, nonce_blob.data_length);
491 } else {
492 EXPECT_EQ(-1, output_params.find(TAG_NONCE));
493 }
494 return ciphertext;
495}
496
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]497string Keymaster2Test::EncryptMessage(const AuthorizationSet& update_params, const string& message,
Shawn Willden31e063f2015-05-08 14:31:22 -0600[diff] [blame]498 keymaster_block_mode_t block_mode,
499 keymaster_padding_t padding, string* generated_nonce) {
500 SCOPED_TRACE("EncryptMessage");
501 AuthorizationSet begin_params(client_params()), output_params;
502 begin_params.push_back(TAG_PADDING, padding);
503 begin_params.push_back(TAG_BLOCK_MODE, block_mode);
504 string ciphertext =
505 ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, &output_params);
506 if (generated_nonce) {
507 keymaster_blob_t nonce_blob;
508 EXPECT_TRUE(output_params.GetTagValue(TAG_NONCE, &nonce_blob));
509 *generated_nonce = make_string(nonce_blob.data, nonce_blob.data_length);
510 } else {
511 EXPECT_EQ(-1, output_params.find(TAG_NONCE));
512 }
513 return ciphertext;
514}
515
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]516string Keymaster2Test::EncryptMessageWithParams(const string& message,
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]517 const AuthorizationSet& begin_params,
518 const AuthorizationSet& update_params,
519 AuthorizationSet* output_params) {
520 SCOPED_TRACE("EncryptMessageWithParams");
521 return ProcessMessage(KM_PURPOSE_ENCRYPT, message, begin_params, update_params, output_params);
522}
523
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]524string Keymaster2Test::DecryptMessage(const string& ciphertext, keymaster_padding_t padding) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]525 SCOPED_TRACE("DecryptMessage");
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]526 AuthorizationSet begin_params(client_params());
527 begin_params.push_back(TAG_PADDING, padding);
528 AuthorizationSet update_params;
529 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]530}
531
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]532string Keymaster2Test::DecryptMessage(const string& ciphertext, keymaster_digest_t digest,
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]533 keymaster_padding_t padding) {
534 SCOPED_TRACE("DecryptMessage");
535 AuthorizationSet begin_params(client_params());
536 begin_params.push_back(TAG_PADDING, padding);
537 begin_params.push_back(TAG_DIGEST, digest);
538 AuthorizationSet update_params;
539 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
540}
541
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]542string Keymaster2Test::DecryptMessage(const string& ciphertext, keymaster_block_mode_t block_mode,
Shawn Willden31e063f2015-05-08 14:31:22 -0600[diff] [blame]543 keymaster_padding_t padding) {
544 SCOPED_TRACE("DecryptMessage");
545 AuthorizationSet begin_params(client_params());
546 begin_params.push_back(TAG_PADDING, padding);
547 begin_params.push_back(TAG_BLOCK_MODE, block_mode);
548 AuthorizationSet update_params;
549 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
550}
551
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]552string Keymaster2Test::DecryptMessage(const string& ciphertext, keymaster_digest_t digest,
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]553 keymaster_padding_t padding, const string& nonce) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]554 SCOPED_TRACE("DecryptMessage");
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]555 AuthorizationSet begin_params(client_params());
556 begin_params.push_back(TAG_PADDING, padding);
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]557 begin_params.push_back(TAG_DIGEST, digest);
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]558 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]559 AuthorizationSet update_params;
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]560 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]561}
562
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]563string Keymaster2Test::DecryptMessage(const string& ciphertext, keymaster_block_mode_t block_mode,
Shawn Willden31e063f2015-05-08 14:31:22 -0600[diff] [blame]564 keymaster_padding_t padding, const string& nonce) {
565 SCOPED_TRACE("DecryptMessage");
566 AuthorizationSet begin_params(client_params());
567 begin_params.push_back(TAG_PADDING, padding);
568 begin_params.push_back(TAG_BLOCK_MODE, block_mode);
569 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
570 AuthorizationSet update_params;
571 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
572}
573
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]574string Keymaster2Test::DecryptMessage(const AuthorizationSet& update_params,
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]575 const string& ciphertext, keymaster_digest_t digest,
576 keymaster_padding_t padding, const string& nonce) {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]577 SCOPED_TRACE("DecryptMessage");
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]578 AuthorizationSet begin_params(client_params());
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]579 begin_params.push_back(TAG_PADDING, padding);
Shawn Willden0afa3c82015-06-22 10:39:21 -0600[diff] [blame]580 begin_params.push_back(TAG_DIGEST, digest);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]581 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
582 return ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext, begin_params, update_params);
583}
584
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]585keymaster_error_t Keymaster2Test::GetCharacteristics() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]586 FreeCharacteristics();
587 return device()->get_key_characteristics(device(), &blob_, &client_id_, NULL /* app_data */,
588 &characteristics_);
589}
590
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]591keymaster_error_t Keymaster2Test::ExportKey(keymaster_key_format_t format, string* export_data) {
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]592 keymaster_blob_t export_tmp;
593 keymaster_error_t error = device()->export_key(device(), format, &blob_, &client_id_,
594 NULL /* app_data */, &export_tmp);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]595
596 if (error != KM_ERROR_OK)
597 return error;
598
Shawn Willden0e2ee442015-06-01 14:42:16 -0600[diff] [blame]599 *export_data = string(reinterpret_cast<const char*>(export_tmp.data), export_tmp.data_length);
600 free((void*)export_tmp.data);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]601 return error;
602}
603
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]604void Keymaster2Test::CheckHmacTestVector(string key, string message, keymaster_digest_t digest,
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]605 string expected_mac) {
Shawn Willden33ab0382015-07-08 08:47:25 -0600[diff] [blame]606 ASSERT_EQ(KM_ERROR_OK, ImportKey(AuthorizationSetBuilder()
607 .HmacKey(key.size() * 8)
608 .Authorization(TAG_MIN_MAC_LENGTH, expected_mac.size() * 8)
609 .Digest(digest),
610 KM_KEY_FORMAT_RAW, key));
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]611 string signature;
Shawn Willden33ab0382015-07-08 08:47:25 -0600[diff] [blame]612 MacMessage(message, &signature, expected_mac.size() * 8);
Shawn Willden72a5fdd2015-03-17 20:04:33 -0600[diff] [blame]613 EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest;
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]614}
615
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]616void Keymaster2Test::CheckAesCtrTestVector(const string& key, const string& nonce,
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]617 const string& message,
618 const string& expected_ciphertext) {
619 ASSERT_EQ(KM_ERROR_OK, ImportKey(AuthorizationSetBuilder()
620 .AesEncryptionKey(key.size() * 8)
621 .Authorization(TAG_BLOCK_MODE, KM_MODE_CTR)
Shawn Willden3ad5f052015-05-08 14:05:13 -0600[diff] [blame]622 .Authorization(TAG_CALLER_NONCE)
623 .Padding(KM_PAD_NONE),
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]624 KM_KEY_FORMAT_RAW, key));
625
Shawn Willden09f25272015-04-15 13:49:49 -0600[diff] [blame]626 AuthorizationSet begin_params(client_params()), update_params, output_params;
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]627 begin_params.push_back(TAG_NONCE, nonce.data(), nonce.size());
Shawn Willden31e063f2015-05-08 14:31:22 -0600[diff] [blame]628 begin_params.push_back(TAG_BLOCK_MODE, KM_MODE_CTR);
Shawn Willdenc4424672015-05-11 11:56:02 -0600[diff] [blame]629 begin_params.push_back(TAG_PADDING, KM_PAD_NONE);
Thai Duong20d725d2015-03-24 17:49:58 -0700[diff] [blame]630 string ciphertext =
631 EncryptMessageWithParams(message, begin_params, update_params, &output_params);
632 EXPECT_EQ(expected_ciphertext, ciphertext);
633}
634
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]635AuthorizationSet Keymaster2Test::hw_enforced() {
636 return AuthorizationSet(characteristics_.hw_enforced);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]637}
638
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]639AuthorizationSet Keymaster2Test::sw_enforced() {
640 return AuthorizationSet(characteristics_.sw_enforced);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]641}
642
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]643void Keymaster2Test::FreeCharacteristics() {
644 keymaster_free_characteristics(&characteristics_);
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]645}
646
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]647void Keymaster2Test::FreeKeyBlob() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]648 free(const_cast<uint8_t*>(blob_.key_material));
649 blob_.key_material = NULL;
650}
651
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]652void Keymaster2Test::corrupt_key_blob() {
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]653 assert(blob_.key_material);
654 uint8_t* tmp = const_cast<uint8_t*>(blob_.key_material);
655 ++tmp[blob_.key_material_size / 2];
656}
657
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]658class Sha256OnlyWrapper {
659 public:
660 Sha256OnlyWrapper(const keymaster1_device_t* wrapped_device) : wrapped_device_(wrapped_device) {
661
662 new_module = *wrapped_device_->common.module;
663 new_module_name = std::string("SHA 256-only ") + wrapped_device_->common.module->name;
664 new_module.name = new_module_name.c_str();
665
666 memset(&device_, 0, sizeof(device_));
667 device_.common.module = &new_module;
668
669 device_.common.close = close_device;
670 device_.get_supported_algorithms = get_supported_algorithms;
671 device_.get_supported_block_modes = get_supported_block_modes;
672 device_.get_supported_padding_modes = get_supported_padding_modes;
673 device_.get_supported_digests = get_supported_digests;
674 device_.get_supported_import_formats = get_supported_import_formats;
675 device_.get_supported_export_formats = get_supported_export_formats;
676 device_.add_rng_entropy = add_rng_entropy;
677 device_.generate_key = generate_key;
678 device_.get_key_characteristics = get_key_characteristics;
679 device_.import_key = import_key;
680 device_.export_key = export_key;
681 device_.begin = begin;
682 device_.update = update;
683 device_.finish = finish;
684 device_.abort = abort;
685 }
686
687 keymaster1_device_t* keymaster_device() { return &device_; }
688
689 static bool is_supported(keymaster_digest_t digest) {
690 return digest == KM_DIGEST_NONE || digest == KM_DIGEST_SHA_2_256;
691 }
692
693 static bool all_digests_supported(const keymaster_key_param_set_t* params) {
694 for (size_t i = 0; i < params->length; ++i)
695 if (params->params[i].tag == TAG_DIGEST)
696 if (!is_supported(static_cast<keymaster_digest_t>(params->params[i].enumerated)))
697 return false;
698 return true;
699 }
700
701 static const keymaster_key_param_t*
702 get_algorithm_param(const keymaster_key_param_set_t* params) {
703 keymaster_key_param_t* end = params->params + params->length;
704 auto alg_ptr = std::find_if(params->params, end, [](keymaster_key_param_t& p) {
705 return p.tag == KM_TAG_ALGORITHM;
706 });
707 if (alg_ptr == end)
708 return nullptr;
709 return alg_ptr;
710 }
711
712 static int close_device(hw_device_t* dev) {
713 Sha256OnlyWrapper* wrapper = reinterpret_cast<Sha256OnlyWrapper*>(dev);
714 const keymaster1_device_t* wrapped_device = wrapper->wrapped_device_;
715 delete wrapper;
716 return wrapped_device->common.close(const_cast<hw_device_t*>(&wrapped_device->common));
717 }
718
719 static const keymaster1_device_t* unwrap(const keymaster1_device_t* dev) {
720 return reinterpret_cast<const Sha256OnlyWrapper*>(dev)->wrapped_device_;
721 }
722
723 static keymaster_error_t get_supported_algorithms(const struct keymaster1_device* dev,
724 keymaster_algorithm_t** algorithms,
725 size_t* algorithms_length) {
726 return unwrap(dev)->get_supported_algorithms(unwrap(dev), algorithms, algorithms_length);
727 }
728 static keymaster_error_t get_supported_block_modes(const struct keymaster1_device* dev,
729 keymaster_algorithm_t algorithm,
730 keymaster_purpose_t purpose,
731 keymaster_block_mode_t** modes,
732 size_t* modes_length) {
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]733 return unwrap(dev)->get_supported_block_modes(unwrap(dev), algorithm, purpose, modes,
734 modes_length);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]735 }
736 static keymaster_error_t get_supported_padding_modes(const struct keymaster1_device* dev,
737 keymaster_algorithm_t algorithm,
738 keymaster_purpose_t purpose,
739 keymaster_padding_t** modes,
740 size_t* modes_length) {
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]741 return unwrap(dev)->get_supported_padding_modes(unwrap(dev), algorithm, purpose, modes,
742 modes_length);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]743 }
744
745 static keymaster_error_t get_supported_digests(const keymaster1_device_t* dev,
746 keymaster_algorithm_t algorithm,
747 keymaster_purpose_t purpose,
748 keymaster_digest_t** digests,
749 size_t* digests_length) {
750 keymaster_error_t error = unwrap(dev)->get_supported_digests(
751 unwrap(dev), algorithm, purpose, digests, digests_length);
752 if (error != KM_ERROR_OK)
753 return error;
754
755 std::vector<keymaster_digest_t> filtered_digests;
756 std::copy_if(*digests, *digests + *digests_length, std::back_inserter(filtered_digests),
757 [](keymaster_digest_t digest) { return is_supported(digest); });
758
759 free(*digests);
760 *digests_length = filtered_digests.size();
761 *digests = reinterpret_cast<keymaster_digest_t*>(
762 malloc(*digests_length * sizeof(keymaster_digest_t)));
763 std::copy(filtered_digests.begin(), filtered_digests.end(), *digests);
764
765 return KM_ERROR_OK;
766 }
767
768 static keymaster_error_t get_supported_import_formats(const struct keymaster1_device* dev,
769 keymaster_algorithm_t algorithm,
770 keymaster_key_format_t** formats,
771 size_t* formats_length) {
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]772 return unwrap(dev)->get_supported_import_formats(unwrap(dev), algorithm, formats,
773 formats_length);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]774 }
775 static keymaster_error_t get_supported_export_formats(const struct keymaster1_device* dev,
776 keymaster_algorithm_t algorithm,
777 keymaster_key_format_t** formats,
778 size_t* formats_length) {
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]779 return unwrap(dev)->get_supported_export_formats(unwrap(dev), algorithm, formats,
780 formats_length);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]781 }
782 static keymaster_error_t add_rng_entropy(const struct keymaster1_device* dev,
783 const uint8_t* data, size_t data_length) {
784 return unwrap(dev)->add_rng_entropy(unwrap(dev), data, data_length);
785 }
786
787 static keymaster_error_t generate_key(const keymaster1_device_t* dev,
788 const keymaster_key_param_set_t* params,
789 keymaster_key_blob_t* key_blob,
790 keymaster_key_characteristics_t** characteristics) {
791 auto alg_ptr = get_algorithm_param(params);
792 if (!alg_ptr)
793 return KM_ERROR_UNSUPPORTED_ALGORITHM;
794 if (alg_ptr->enumerated == KM_ALGORITHM_HMAC && !all_digests_supported(params))
795 return KM_ERROR_UNSUPPORTED_DIGEST;
796
797 return unwrap(dev)->generate_key(unwrap(dev), params, key_blob, characteristics);
798 }
799
800 static keymaster_error_t
801 get_key_characteristics(const struct keymaster1_device* dev,
802 const keymaster_key_blob_t* key_blob, const keymaster_blob_t* client_id,
803 const keymaster_blob_t* app_data,
804 keymaster_key_characteristics_t** characteristics) {
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]805 return unwrap(dev)->get_key_characteristics(unwrap(dev), key_blob, client_id, app_data,
806 characteristics);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]807 }
808
809 static keymaster_error_t
810 import_key(const keymaster1_device_t* dev, const keymaster_key_param_set_t* params,
811 keymaster_key_format_t key_format, const keymaster_blob_t* key_data,
812 keymaster_key_blob_t* key_blob, keymaster_key_characteristics_t** characteristics) {
813 auto alg_ptr = get_algorithm_param(params);
814 if (!alg_ptr)
815 return KM_ERROR_UNSUPPORTED_ALGORITHM;
816 if (alg_ptr->enumerated == KM_ALGORITHM_HMAC && !all_digests_supported(params))
817 return KM_ERROR_UNSUPPORTED_DIGEST;
818
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]819 return unwrap(dev)->import_key(unwrap(dev), params, key_format, key_data, key_blob,
820 characteristics);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]821 }
822
823 static keymaster_error_t export_key(const struct keymaster1_device* dev, //
824 keymaster_key_format_t export_format,
825 const keymaster_key_blob_t* key_to_export,
826 const keymaster_blob_t* client_id,
827 const keymaster_blob_t* app_data,
828 keymaster_blob_t* export_data) {
829 return unwrap(dev)->export_key(unwrap(dev), export_format, key_to_export, client_id,
830 app_data, export_data);
831 }
832
833 static keymaster_error_t begin(const keymaster1_device_t* dev, //
834 keymaster_purpose_t purpose, const keymaster_key_blob_t* key,
835 const keymaster_key_param_set_t* in_params,
836 keymaster_key_param_set_t* out_params,
837 keymaster_operation_handle_t* operation_handle) {
838 if (!all_digests_supported(in_params))
839 return KM_ERROR_UNSUPPORTED_DIGEST;
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]840 return unwrap(dev)->begin(unwrap(dev), purpose, key, in_params, out_params,
841 operation_handle);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]842 }
843
844 static keymaster_error_t update(const keymaster1_device_t* dev,
845 keymaster_operation_handle_t operation_handle,
846 const keymaster_key_param_set_t* in_params,
847 const keymaster_blob_t* input, size_t* input_consumed,
848 keymaster_key_param_set_t* out_params,
849 keymaster_blob_t* output) {
850 return unwrap(dev)->update(unwrap(dev), operation_handle, in_params, input, input_consumed,
851 out_params, output);
852 }
853
854 static keymaster_error_t finish(const struct keymaster1_device* dev, //
855 keymaster_operation_handle_t operation_handle,
856 const keymaster_key_param_set_t* in_params,
857 const keymaster_blob_t* signature,
858 keymaster_key_param_set_t* out_params,
859 keymaster_blob_t* output) {
Shawn Willden1937c712016-01-05 19:37:21 -0700[diff] [blame]860 return unwrap(dev)->finish(unwrap(dev), operation_handle, in_params, signature, out_params,
861 output);
Shawn Willdend599b152015-07-27 16:58:30 -0600[diff] [blame]862 }
863
864 static keymaster_error_t abort(const struct keymaster1_device* dev,
865 keymaster_operation_handle_t operation_handle) {
866 return unwrap(dev)->abort(unwrap(dev), operation_handle);
867 }
868
869 private:
870 keymaster1_device_t device_;
871 const keymaster1_device_t* wrapped_device_;
872 hw_module_t new_module;
873 string new_module_name;
874};
875
876keymaster1_device_t* make_device_sha256_only(keymaster1_device_t* device) {
877 return (new Sha256OnlyWrapper(device))->keymaster_device();
878}
879
Shawn Willden95dda362015-02-27 10:58:37 -0700[diff] [blame]880} // namespace test
Shawn Willden76364712014-08-11 17:48:04 -0600[diff] [blame]881} // namespace keymaster