diff options
Diffstat (limited to 'provisioner/rkp_factory_extraction_lib_test.cpp')
| -rw-r--r-- | provisioner/rkp_factory_extraction_lib_test.cpp | 268 |
1 files changed, 268 insertions, 0 deletions
diff --git a/provisioner/rkp_factory_extraction_lib_test.cpp b/provisioner/rkp_factory_extraction_lib_test.cpp new file mode 100644 index 00000000..3fe88da8 --- /dev/null +++ b/provisioner/rkp_factory_extraction_lib_test.cpp @@ -0,0 +1,268 @@ +/* + * Copyright (C) 2022 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "rkp_factory_extraction_lib.h" + +#include "gmock/gmock-matchers.h" +#include "gmock/gmock-more-matchers.h" +#include <aidl/android/hardware/security/keymint/DeviceInfo.h> +#include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h> +#include <aidl/android/hardware/security/keymint/MacedPublicKey.h> +#include <aidl/android/hardware/security/keymint/RpcHardwareInfo.h> +#include <android-base/properties.h> +#include <gmock/gmock.h> +#include <gtest/gtest.h> + +#include <cstdint> +#include <memory> +#include <ostream> +#include <set> +#include <vector> + +#include "aidl/android/hardware/security/keymint/ProtectedData.h" +#include "android/binder_auto_utils.h" +#include "android/binder_interface_utils.h" +#include "cppbor.h" + +using ::ndk::ScopedAStatus; +using ::ndk::SharedRefBase; + +using namespace ::aidl::android::hardware::security::keymint; +using namespace ::cppbor; +using namespace ::testing; + +namespace cppbor { + +std::ostream& operator<<(std::ostream& os, const Item& item) { + return os << prettyPrint(&item); +} + +std::ostream& operator<<(std::ostream& os, const std::unique_ptr<Item>& item) { + return os << *item; +} + +std::ostream& operator<<(std::ostream& os, const Item* item) { + return os << *item; +} + +} // namespace cppbor + +class MockIRemotelyProvisionedComponent : public IRemotelyProvisionedComponentDefault { + public: + MOCK_METHOD(ScopedAStatus, getHardwareInfo, (RpcHardwareInfo * _aidl_return), (override)); + MOCK_METHOD(ScopedAStatus, generateEcdsaP256KeyPair, + (bool in_testMode, MacedPublicKey* out_macedPublicKey, + std::vector<uint8_t>* _aidl_return), + (override)); + MOCK_METHOD(ScopedAStatus, generateCertificateRequest, + (bool in_testMode, const std::vector<MacedPublicKey>& in_keysToSign, + const std::vector<uint8_t>& in_endpointEncryptionCertChain, + const std::vector<uint8_t>& in_challenge, DeviceInfo* out_deviceInfo, + ProtectedData* out_protectedData, std::vector<uint8_t>* _aidl_return), + (override)); + MOCK_METHOD(ScopedAStatus, generateCertificateRequestV2, + (const std::vector<MacedPublicKey>& in_keysToSign, + const std::vector<uint8_t>& in_challenge, std::vector<uint8_t>* _aidl_return), + (override)); + MOCK_METHOD(ScopedAStatus, getInterfaceVersion, (int32_t * _aidl_return), (override)); + MOCK_METHOD(ScopedAStatus, getInterfaceHash, (std::string * _aidl_return), (override)); +}; + +TEST(LibRkpFactoryExtractionTests, ToBase64) { + std::vector<uint8_t> input(UINT8_MAX + 1); + for (int i = 0; i < input.size(); ++i) { + input[i] = i; + } + + // Test three lengths so we get all the different paddding options + EXPECT_EQ("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4" + "vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV" + "5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMj" + "Y6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8" + "vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uv" + "s7e7v8PHy8/T19vf4+fr7/P3+/w==", + toBase64(input)); + + input.push_back(42); + EXPECT_EQ("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4" + "vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV" + "5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMj" + "Y6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8" + "vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uv" + "s7e7v8PHy8/T19vf4+fr7/P3+/yo=", + toBase64(input)); + + input.push_back(42); + EXPECT_EQ("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4" + "vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV" + "5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMj" + "Y6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8" + "vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uv" + "s7e7v8PHy8/T19vf4+fr7/P3+/yoq", + toBase64(input)); +} + +TEST(LibRkpFactoryExtractionTests, UniqueChallengeSmokeTest) { + // This will at least catch VERY broken implementations. + constexpr size_t NUM_CHALLENGES = 32; + std::set<std::vector<uint8_t>> challenges; + for (size_t i = 0; i < NUM_CHALLENGES; ++i) { + const std::vector<uint8_t> challenge = generateChallenge(); + const auto [_, wasInserted] = challenges.insert(generateChallenge()); + EXPECT_TRUE(wasInserted) << "Duplicate challenge: " << toBase64(challenge); + } +} + +TEST(LibRkpFactoryExtractionTests, GetCsrWithV2Hal) { + ASSERT_TRUE(true); + + const std::vector<uint8_t> kFakeMac = {1, 2, 3, 4}; + + Map cborDeviceInfo; + cborDeviceInfo.add("product", "gShoe"); + cborDeviceInfo.add("version", 2); + cborDeviceInfo.add("brand", "Fake Brand"); + cborDeviceInfo.add("manufacturer", "Fake Mfr"); + cborDeviceInfo.add("model", "Fake Model"); + cborDeviceInfo.add("device", "Fake Device"); + cborDeviceInfo.add("vb_state", "orange"); + cborDeviceInfo.add("bootloader_state", "unlocked"); + cborDeviceInfo.add("vbmeta_digest", std::vector<uint8_t>{1, 2, 3, 4}); + cborDeviceInfo.add("system_patch_level", 42); + cborDeviceInfo.add("boot_patch_level", 31415); + cborDeviceInfo.add("vendor_patch_level", 0); + cborDeviceInfo.add("fused", 0); + cborDeviceInfo.add("security_level", "tee"); + cborDeviceInfo.add("os_version", "the best version"); + const DeviceInfo kVerifiedDeviceInfo = {cborDeviceInfo.canonicalize().encode()}; + + Array cborProtectedData; + cborProtectedData.add(Bstr()); // protected + cborProtectedData.add(Map()); // unprotected + cborProtectedData.add(Bstr()); // ciphertext + cborProtectedData.add(Array()); // recipients + const ProtectedData kProtectedData = {cborProtectedData.encode()}; + + std::vector<uint8_t> eekChain; + std::vector<uint8_t> challenge; + + // Set up mock, then call getSCsr + auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>(); + EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) { + hwInfo->versionNumber = 2; + return ScopedAStatus::ok(); + }); + EXPECT_CALL(*mockRpc, + generateCertificateRequest(false, // testMode + IsEmpty(), // keysToSign + _, // endpointEncryptionCertChain + _, // challenge + NotNull(), // deviceInfo + NotNull(), // protectedData + NotNull())) // _aidl_return + .WillOnce(DoAll(SaveArg<2>(&eekChain), // + SaveArg<3>(&challenge), // + SetArgPointee<4>(kVerifiedDeviceInfo), // + SetArgPointee<5>(kProtectedData), // + SetArgPointee<6>(kFakeMac), // + Return(ByMove(ScopedAStatus::ok())))); // + + auto [csr, csrErrMsg] = getCsr("mock component name", mockRpc.get(), + /*selfTest=*/false); + ASSERT_THAT(csr, NotNull()) << csrErrMsg; + ASSERT_THAT(csr->asArray(), Pointee(Property(&Array::size, Eq(4)))); + + // Verify the input parameters that we received + auto [parsedEek, ignore1, eekParseError] = parse(eekChain); + ASSERT_THAT(parsedEek, NotNull()) << eekParseError; + EXPECT_THAT(parsedEek->asArray(), Pointee(Property(&Array::size, Gt(1)))); + EXPECT_THAT(challenge, Property(&std::vector<uint8_t>::size, Eq(kChallengeSize))); + + // Device info consists of (verified info, unverified info) + const Array* deviceInfoArray = csr->get(0)->asArray(); + EXPECT_THAT(deviceInfoArray, Pointee(Property(&Array::size, 2))); + + // Verified device info must match our mock value + const Map* actualVerifiedDeviceInfo = deviceInfoArray->get(0)->asMap(); + EXPECT_THAT(actualVerifiedDeviceInfo, Pointee(Property(&Map::size, Eq(cborDeviceInfo.size())))); + EXPECT_THAT(actualVerifiedDeviceInfo->get("product"), Pointee(Eq(Tstr("gShoe")))); + EXPECT_THAT(actualVerifiedDeviceInfo->get("version"), Pointee(Eq(Uint(2)))); + + // Empty unverified device info + const Map* actualUnverifiedDeviceInfo = deviceInfoArray->get(1)->asMap(); + EXPECT_THAT(actualUnverifiedDeviceInfo, Pointee(Property(&Map::size, Eq(0)))); + + // Challenge must match the call to generateCertificateRequest + const Bstr* actualChallenge = csr->get(1)->asBstr(); + EXPECT_THAT(actualChallenge, Pointee(Property(&Bstr::value, Eq(challenge)))); + + // Protected data must match the mock value + const Array* actualProtectedData = csr->get(2)->asArray(); + EXPECT_THAT(actualProtectedData, Pointee(Eq(ByRef(cborProtectedData)))); + + // Ensure the maced public key matches the expected COSE_mac0 + const Array* actualMacedKeys = csr->get(3)->asArray(); + ASSERT_THAT(actualMacedKeys, Pointee(Property(&Array::size, Eq(4)))); + ASSERT_THAT(actualMacedKeys->get(0)->asBstr(), NotNull()); + auto [macProtectedParams, ignore2, macParamParseError] = + parse(actualMacedKeys->get(0)->asBstr()); + ASSERT_THAT(macProtectedParams, NotNull()) << macParamParseError; + Map expectedMacProtectedParams; + expectedMacProtectedParams.add(1, 5); + EXPECT_THAT(macProtectedParams, Pointee(Eq(ByRef(expectedMacProtectedParams)))); + EXPECT_THAT(actualMacedKeys->get(1)->asMap(), Pointee(Property(&Map::size, Eq(0)))); + EXPECT_THAT(actualMacedKeys->get(2)->asNull(), NotNull()); + EXPECT_THAT(actualMacedKeys->get(3)->asBstr(), Pointee(Eq(Bstr(kFakeMac)))); +} + +TEST(LibRkpFactoryExtractionTests, GetCsrWithV3Hal) { + const std::vector<uint8_t> kCsr = Array() + .add(3 /* version */) + .add(Map() /* UdsCerts */) + .add(Array() /* DiceCertChain */) + .add(Array() /* SignedData */) + .encode(); + std::vector<uint8_t> challenge; + + // Set up mock, then call getCsr + auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>(); + EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) { + hwInfo->versionNumber = 3; + return ScopedAStatus::ok(); + }); + EXPECT_CALL(*mockRpc, + generateCertificateRequestV2(IsEmpty(), // keysToSign + _, // challenge + NotNull())) // _aidl_return + .WillOnce(DoAll(SaveArg<1>(&challenge), SetArgPointee<2>(kCsr), + Return(ByMove(ScopedAStatus::ok())))); + + auto [csr, csrErrMsg] = getCsr("mock component name", mockRpc.get(), + /*selfTest=*/false); + ASSERT_THAT(csr, NotNull()) << csrErrMsg; + ASSERT_THAT(csr, Pointee(Property(&Array::size, Eq(5)))); + + EXPECT_THAT(csr->get(0 /* version */), Pointee(Eq(Uint(3)))); + EXPECT_THAT(csr->get(1)->asMap(), NotNull()); + EXPECT_THAT(csr->get(2)->asArray(), NotNull()); + EXPECT_THAT(csr->get(3)->asArray(), NotNull()); + + const Map* unverifedDeviceInfo = csr->get(4)->asMap(); + ASSERT_THAT(unverifedDeviceInfo, NotNull()); + EXPECT_THAT(unverifedDeviceInfo->get("fingerprint"), NotNull()); + const Tstr fingerprint(android::base::GetProperty("ro.build.fingerprint", "")); + EXPECT_THAT(*unverifedDeviceInfo->get("fingerprint")->asTstr(), Eq(fingerprint)); +} |