1// 2// Copyright (C) 2015 The Android Open Source Project 3// 4// Licensed under the Apache License, Version 2.0 (the "License"); 5// you may not use this file except in compliance with the License. 6// You may obtain a copy of the License at 7// 8// http://www.apache.org/licenses/LICENSE-2.0 9// 10// Unless required by applicable law or agreed to in writing, software 11// distributed under the License is distributed on an "AS IS" BASIS, 12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13// See the License for the specific language governing permissions and 14// limitations under the License. 15// 16 17#include "trunks/session_manager_impl.h" 18 19#include <vector> 20 21#include <base/logging.h> 22#include <base/strings/string_number_conversions.h> 23#include <gmock/gmock.h> 24#include <gtest/gtest.h> 25 26#include "trunks/error_codes.h" 27#include "trunks/mock_tpm.h" 28#include "trunks/tpm_generated.h" 29#include "trunks/tpm_utility.h" 30#include "trunks/trunks_factory_for_test.h" 31 32using testing::_; 33using testing::DoAll; 34using testing::NiceMock; 35using testing::Return; 36using testing::SetArgPointee; 37 38namespace trunks { 39 40class SessionManagerTest : public testing::Test { 41 public: 42 SessionManagerTest() : session_manager_(factory_) { 43 delegate_ = new HmacAuthorizationDelegate(); 44 } 45 ~SessionManagerTest() override {} 46 47 void SetUp() override { 48 factory_.set_tpm(&mock_tpm_); 49 } 50 51 void SetHandle(TPM_HANDLE handle) { 52 session_manager_.session_handle_ = handle; 53 } 54 55 TPM2B_PUBLIC_KEY_RSA GetValidRSAPublicKey() { 56 const char kValidModulus[] = 57 "A1D50D088994000492B5F3ED8A9C5FC8772706219F4C063B2F6A8C6B74D3AD6B" 58 "212A53D01DABB34A6261288540D420D3BA59ED279D859DE6227A7AB6BD88FADD" 59 "FC3078D465F4DF97E03A52A587BD0165AE3B180FE7B255B7BEDC1BE81CB1383F" 60 "E9E46F9312B1EF28F4025E7D332E33F4416525FEB8F0FC7B815E8FBB79CDABE6" 61 "327B5A155FEF13F559A7086CB8A543D72AD6ECAEE2E704FF28824149D7F4E393" 62 "D3C74E721ACA97F7ADBE2CCF7B4BCC165F7380F48065F2C8370F25F066091259" 63 "D14EA362BAF236E3CD8771A94BDEDA3900577143A238AB92B6C55F11DEFAFB31" 64 "7D1DC5B6AE210C52B008D87F2A7BFF6EB5C4FB32D6ECEC6505796173951A3167"; 65 std::vector<uint8_t> bytes; 66 CHECK(base::HexStringToBytes(kValidModulus, &bytes)); 67 CHECK_EQ(bytes.size(), 256u); 68 TPM2B_PUBLIC_KEY_RSA rsa; 69 rsa.size = bytes.size(); 70 memcpy(rsa.buffer, bytes.data(), bytes.size()); 71 return rsa; 72 } 73 74 protected: 75 TrunksFactoryForTest factory_; 76 NiceMock<MockTpm> mock_tpm_; 77 HmacAuthorizationDelegate* delegate_; 78 SessionManagerImpl session_manager_; 79}; 80 81TEST_F(SessionManagerTest, CloseSessionSuccess) { 82 TPM_HANDLE handle = TPM_RH_FIRST; 83 SetHandle(handle); 84 EXPECT_CALL(mock_tpm_, FlushContextSync(handle, nullptr)) 85 .WillOnce(Return(TPM_RC_SUCCESS)); 86 session_manager_.CloseSession(); 87} 88 89TEST_F(SessionManagerTest, CloseSessionNoHandle) { 90 TPM_HANDLE handle = kUninitializedHandle; 91 SetHandle(handle); 92 EXPECT_CALL(mock_tpm_, FlushContextSync(handle, nullptr)) 93 .Times(0); 94 session_manager_.CloseSession(); 95} 96 97TEST_F(SessionManagerTest, GetSessionHandleTest) { 98 TPM_HANDLE handle = TPM_RH_FIRST; 99 EXPECT_EQ(kUninitializedHandle, session_manager_.GetSessionHandle()); 100 SetHandle(handle); 101 EXPECT_EQ(handle, session_manager_.GetSessionHandle()); 102} 103 104 105TEST_F(SessionManagerTest, StartSessionSuccess) { 106 TPM_SE session_type = TPM_SE_TRIAL; 107 TPM2B_PUBLIC public_data; 108 public_data.public_area.unique.rsa = GetValidRSAPublicKey(); 109 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 110 .WillOnce(DoAll(SetArgPointee<2>(public_data), 111 Return(TPM_RC_SUCCESS))); 112 TPM_HANDLE handle = TPM_RH_FIRST; 113 TPM2B_NONCE nonce; 114 nonce.size = 20; 115 EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_, handle, 116 _, _, session_type, _, _, 117 _, _, _)) 118 .WillOnce(DoAll(SetArgPointee<8>(nonce), 119 Return(TPM_RC_SUCCESS))); 120 EXPECT_EQ(TPM_RC_SUCCESS, session_manager_.StartSession(session_type, 121 handle, "", false, 122 delegate_)); 123} 124 125TEST_F(SessionManagerTest, StartSessionBadSaltingKey) { 126 TPM2B_PUBLIC public_data; 127 public_data.public_area.unique.rsa.size = 32; 128 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 129 .WillOnce(DoAll(SetArgPointee<2>(public_data), 130 Return(TPM_RC_SUCCESS))); 131 EXPECT_EQ(TRUNKS_RC_SESSION_SETUP_ERROR, 132 session_manager_.StartSession(TPM_SE_TRIAL, TPM_RH_NULL, "", false, 133 delegate_)); 134} 135 136TEST_F(SessionManagerTest, StartSessionFailure) { 137 TPM2B_PUBLIC public_data; 138 public_data.public_area.unique.rsa = GetValidRSAPublicKey(); 139 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 140 .WillOnce(DoAll(SetArgPointee<2>(public_data), 141 Return(TPM_RC_SUCCESS))); 142 EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_, 143 TPM_RH_NULL, 144 _, _, _, _, _, _, _, _)) 145 .WillOnce(Return(TPM_RC_FAILURE)); 146 EXPECT_EQ(TPM_RC_FAILURE, session_manager_.StartSession(TPM_SE_TRIAL, 147 TPM_RH_NULL, "", 148 false, delegate_)); 149} 150 151TEST_F(SessionManagerTest, StartSessionBadNonce) { 152 TPM_SE session_type = TPM_SE_TRIAL; 153 TPM2B_PUBLIC public_data; 154 public_data.public_area.unique.rsa = GetValidRSAPublicKey(); 155 EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, nullptr)) 156 .WillOnce(DoAll(SetArgPointee<2>(public_data), 157 Return(TPM_RC_SUCCESS))); 158 TPM_HANDLE handle = TPM_RH_FIRST; 159 TPM2B_NONCE nonce; 160 nonce.size = 0; 161 EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_, handle, 162 _, _, session_type, _, _, 163 _, _, _)) 164 .WillOnce(DoAll(SetArgPointee<8>(nonce), 165 Return(TPM_RC_SUCCESS))); 166 EXPECT_EQ(TPM_RC_FAILURE, session_manager_.StartSession(session_type, 167 handle, "", false, 168 delegate_)); 169} 170 171} // namespace trunks 172