xref: /system/keymaster/android_keymaster_test_utils.h

/*
 * Copyright 2014 The Android Open Source Project
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef SYSTEM_KEYMASTER_ANDROID_KEYMASTER_TEST_UTILS_H_
#define SYSTEM_KEYMASTER_ANDROID_KEYMASTER_TEST_UTILS_H_

/*
 * Utilities used to help with testing.  Not used in production code.
 */

#include <stdarg.h>

#include <algorithm>
#include <memory>
#include <ostream>
#include <string>
#include <vector>

#include <gtest/gtest.h>

#include <hardware/keymaster0.h>
#include <hardware/keymaster1.h>
#include <hardware/keymaster2.h>
#include <hardware/keymaster_defs.h>

#include <keymaster/android_keymaster_utils.h>
#include <keymaster/authorization_set.h>
#include <keymaster/keymaster_context.h>
#include <keymaster/logger.h>

std::ostream& operator<<(std::ostream& os, const keymaster_key_param_t& param);
bool operator==(const keymaster_key_param_t& a, const keymaster_key_param_t& b);
std::string hex2str(std::string);

namespace keymaster {

bool operator==(const AuthorizationSet& a, const AuthorizationSet& b);
bool operator!=(const AuthorizationSet& a, const AuthorizationSet& b);

std::ostream& operator<<(std::ostream& os, const AuthorizationSet& set);

namespace test {

template <keymaster_tag_t Tag, typename KeymasterEnum>
bool contains(const AuthorizationSet& set, TypedEnumTag<KM_ENUM, Tag, KeymasterEnum> tag,
              KeymasterEnum val) {
    int pos = set.find(tag);
    return pos != -1 && static_cast<KeymasterEnum>(set[pos].enumerated) == val;
}

template <keymaster_tag_t Tag, typename KeymasterEnum>
bool contains(const AuthorizationSet& set, TypedEnumTag<KM_ENUM_REP, Tag, KeymasterEnum> tag,
              KeymasterEnum val) {
    int pos = -1;
    while ((pos = set.find(tag, pos)) != -1)
        if (static_cast<KeymasterEnum>(set[pos].enumerated) == val)
            return true;
    return false;
}

template <keymaster_tag_t Tag>
bool contains(const AuthorizationSet& set, TypedTag<KM_UINT, Tag> tag, uint32_t val) {
    int pos = set.find(tag);
    return pos != -1 && set[pos].integer == val;
}

template <keymaster_tag_t Tag>
bool contains(const AuthorizationSet& set, TypedTag<KM_UINT_REP, Tag> tag, uint32_t val) {
    int pos = -1;
    while ((pos = set.find(tag, pos)) != -1)
        if (set[pos].integer == val)
            return true;
    return false;
}

template <keymaster_tag_t Tag>
bool contains(const AuthorizationSet& set, TypedTag<KM_ULONG, Tag> tag, uint64_t val) {
    int pos = set.find(tag);
    return pos != -1 && set[pos].long_integer == val;
}

template <keymaster_tag_t Tag>
bool contains(const AuthorizationSet& set, TypedTag<KM_BYTES, Tag> tag, const std::string& val) {
    int pos = set.find(tag);
    return pos != -1 &&
           std::string(reinterpret_cast<const char*>(set[pos].blob.data),
                       set[pos].blob.data_length) == val;
}

template <keymaster_tag_t Tag>
bool contains(const AuthorizationSet& set, TypedTag<KM_BIGNUM, Tag> tag, const std::string& val) {
    int pos = set.find(tag);
    return pos != -1 &&
           std::string(reinterpret_cast<const char*>(set[pos].blob.data),
                       set[pos].blob.data_length) == val;
}

inline bool contains(const AuthorizationSet& set, keymaster_tag_t tag) {
    return set.find(tag) != -1;
}

class StdoutLogger : public Logger {
  public:
    StdoutLogger() { set_instance(this); }

    int log_msg(LogLevel level, const char* fmt, va_list args) const {
        int output_len = 0;
        switch (level) {
        case DEBUG_LVL:
            output_len = printf("DEBUG: ");
            break;
        case INFO_LVL:
            output_len = printf("INFO: ");
            break;
        case WARNING_LVL:
            output_len = printf("WARNING: ");
            break;
        case ERROR_LVL:
            output_len = printf("ERROR: ");
            break;
        case SEVERE_LVL:
            output_len = printf("SEVERE: ");
            break;
        }

        output_len += vprintf(fmt, args);
        output_len += printf("\n");
        return output_len;
    }
};

inline std::string make_string(const uint8_t* data, size_t length) {
    return std::string(reinterpret_cast<const char*>(data), length);
}

template <size_t N> std::string make_string(const uint8_t (&a)[N]) {
    return make_string(a, N);
}

/**
 * Keymaster2TestInstance is used to parameterize Keymaster2Tests.  Its main function is to create a
 * keymaster2_device_t to which test calls can be directed.  It also provides a place to specify
 * various bits of alternative behavior, in cases where different devices are expected to behave
 * differently (any such cases are a potential bug, but sometimes they may make sense).
 */
class Keymaster2TestInstanceCreator {
  public:
    virtual ~Keymaster2TestInstanceCreator(){};
    virtual keymaster2_device_t* CreateDevice() const = 0;

    virtual bool algorithm_in_km0_hardware(keymaster_algorithm_t algorithm) const = 0;
    virtual int keymaster0_calls() const = 0;
    virtual int minimal_digest_set() const { return false; }
    virtual bool is_keymaster1_hw() const = 0;
    virtual KeymasterContext* keymaster_context() const = 0;

    virtual std::string name() const = 0;
};

// Use a shared_ptr because it's copyable.
typedef std::shared_ptr<Keymaster2TestInstanceCreator> InstanceCreatorPtr;

std::ostream& operator<<(std::ostream& os, const InstanceCreatorPtr& instance_creator);

const uint64_t OP_HANDLE_SENTINEL = 0xFFFFFFFFFFFFFFFF;
class Keymaster2Test : public testing::TestWithParam<InstanceCreatorPtr> {
  protected:
    Keymaster2Test();
    ~Keymaster2Test();

    keymaster2_device_t* device();

    keymaster_error_t GenerateKey(const AuthorizationSetBuilder& builder);

    keymaster_error_t DeleteKey();

    keymaster_error_t ImportKey(const AuthorizationSetBuilder& builder,
                                keymaster_key_format_t format, const std::string& key_material);

    keymaster_error_t ExportKey(keymaster_key_format_t format, std::string* export_data);

    keymaster_error_t GetCharacteristics();

    keymaster_error_t BeginOperation(keymaster_purpose_t purpose);
    keymaster_error_t BeginOperation(keymaster_purpose_t purpose, const AuthorizationSet& input_set,
                                     AuthorizationSet* output_set = NULL);

    keymaster_error_t UpdateOperation(const std::string& message, std::string* output,
                                      size_t* input_consumed);
    keymaster_error_t UpdateOperation(const AuthorizationSet& additional_params,
                                      const std::string& message, AuthorizationSet* output_params,
                                      std::string* output, size_t* input_consumed);

    keymaster_error_t FinishOperation(std::string* output);
    keymaster_error_t FinishOperation(const std::string& input, const std::string& signature,
                                      std::string* output);
    keymaster_error_t FinishOperation(const AuthorizationSet& additional_params,
                                      const std::string& input, const std::string& signature,
                                      std::string* output) {
        return FinishOperation(additional_params, input, signature, nullptr /* output_params */,
                               output);
    }
    keymaster_error_t FinishOperation(const AuthorizationSet& additional_params,
                                      const std::string& input, const std::string& signature,
                                      AuthorizationSet* output_params, std::string* output);

    keymaster_error_t AbortOperation();

    keymaster_error_t AttestKey(const std::string& attest_challenge,
                                const std::string& attest_app_id, keymaster_cert_chain_t* chain);

    keymaster_error_t UpgradeKey(const AuthorizationSet& upgrade_params);

    keymaster_error_t GetVersion(uint8_t* major, uint8_t* minor, uint8_t* subminor);
    std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message);
    std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message,
                               const AuthorizationSet& begin_params,
                               const AuthorizationSet& update_params,
                               AuthorizationSet* output_params = NULL);
    std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message,
                               const std::string& signature, const AuthorizationSet& begin_params,
                               const AuthorizationSet& update_params,
                               AuthorizationSet* output_params = NULL);
    std::string ProcessMessage(keymaster_purpose_t purpose, const std::string& message,
                               const std::string& signature);

    void SignMessage(const std::string& message, std::string* signature, keymaster_digest_t digest);
    void SignMessage(const std::string& message, std::string* signature, keymaster_digest_t digest,
                     keymaster_padding_t padding);
    void MacMessage(const std::string& message, std::string* signature, size_t mac_length);

    void VerifyMessage(const std::string& message, const std::string& signature,
                       keymaster_digest_t digest);
    void VerifyMessage(const std::string& message, const std::string& signature,
                       keymaster_digest_t digest, keymaster_padding_t padding);
    void VerifyMac(const std::string& message, const std::string& signature);

    std::string EncryptMessage(const std::string& message, keymaster_padding_t padding,
                               std::string* generated_nonce = NULL);
    std::string EncryptMessage(const std::string& message, keymaster_digest_t digest,
                               keymaster_padding_t padding, std::string* generated_nonce = NULL);
    std::string EncryptMessage(const std::string& message, keymaster_block_mode_t block_mode,
                               keymaster_padding_t padding, std::string* generated_nonce = NULL);
    std::string EncryptMessage(const AuthorizationSet& update_params, const std::string& message,
                               keymaster_digest_t digest, keymaster_padding_t padding,
                               std::string* generated_nonce = NULL);
    std::string EncryptMessage(const AuthorizationSet& update_params, const std::string& message,
                               keymaster_block_mode_t block_mode, keymaster_padding_t padding,
                               std::string* generated_nonce = NULL);
    std::string EncryptMessageWithParams(const std::string& message,
                                         const AuthorizationSet& begin_params,
                                         const AuthorizationSet& update_params,
                                         AuthorizationSet* output_params);

    std::string DecryptMessage(const std::string& ciphertext, keymaster_padding_t padding);
    std::string DecryptMessage(const std::string& ciphertext, keymaster_digest_t digest,
                               keymaster_padding_t padding);
    std::string DecryptMessage(const std::string& ciphertext, keymaster_block_mode_t block_mode,
                               keymaster_padding_t padding);
    std::string DecryptMessage(const std::string& ciphertext, keymaster_digest_t digest,
                               keymaster_padding_t padding, const std::string& nonce);
    std::string DecryptMessage(const std::string& ciphertext, keymaster_block_mode_t block_mode,
                               keymaster_padding_t padding, const std::string& nonce);
    std::string DecryptMessage(const AuthorizationSet& update_params, const std::string& ciphertext,
                               keymaster_digest_t digest, keymaster_padding_t padding,
                               const std::string& nonce);
    std::string DecryptMessage(const AuthorizationSet& update_params, const std::string& ciphertext,
                               keymaster_block_mode_t block_mode, keymaster_padding_t padding,
                               const std::string& nonce);

    void CheckHmacTestVector(const std::string& key, const std::string& message,
                             keymaster_digest_t digest, std::string expected_mac);
    void CheckAesOcbTestVector(const std::string& key, const std::string& nonce,
                               const std::string& associated_data, const std::string& message,
                               const std::string& expected_ciphertext);
    void CheckAesCtrTestVector(const std::string& key, const std::string& nonce,
                               const std::string& message, const std::string& expected_ciphertext);
    AuthorizationSet UserAuthParams();
    AuthorizationSet ClientParams();

    template <typename T>
    bool ResponseContains(const std::vector<T>& expected, const T* values, size_t len) {
        return expected.size() == len &&
               std::is_permutation(values, values + len, expected.begin());
    }

    template <typename T> bool ResponseContains(T expected, const T* values, size_t len) {
        return (len == 1 && *values == expected);
    }

    AuthorizationSet hw_enforced();
    AuthorizationSet sw_enforced();

    void FreeCharacteristics();
    void FreeKeyBlob();

    void corrupt_key_blob();

    void set_key_blob(const uint8_t* key, size_t key_length) {
        FreeKeyBlob();
        blob_.key_material = key;
        blob_.key_material_size = key_length;
    }

    AuthorizationSet client_params() {
        return AuthorizationSet(client_params_, sizeof(client_params_) / sizeof(client_params_[0]));
    }

  private:
    keymaster2_device_t* device_;
    keymaster_blob_t client_id_ = {.data = reinterpret_cast<const uint8_t*>("app_id"),
                                   .data_length = 6};
    keymaster_key_param_t client_params_[1] = {
        Authorization(TAG_APPLICATION_ID, client_id_.data, client_id_.data_length)};

    uint64_t op_handle_;

    keymaster_key_blob_t blob_;
    keymaster_key_characteristics_t characteristics_;
};

struct Keymaster0CountingWrapper : public keymaster0_device_t {
    explicit Keymaster0CountingWrapper(keymaster0_device_t* device) : device_(device), counter_(0) {
        common = device_->common;
        common.close = counting_close_device;
        client_version = device_->client_version;
        flags = device_->flags;
        context = this;

        generate_keypair = counting_generate_keypair;
        import_keypair = counting_import_keypair;
        get_keypair_public = counting_get_keypair_public;
        delete_keypair = counting_delete_keypair;
        delete_all = counting_delete_all;
        sign_data = counting_sign_data;
        verify_data = counting_verify_data;
    }

    int count() { return counter_; }

    // The blobs generated by the underlying softkeymaster start with "PK#8".  Tweak the prefix so
    // they don't get identified as softkeymaster blobs.
    static void munge_blob(uint8_t* blob, size_t blob_length) {
        if (blob && blob_length > 0 && *blob == 'P')
            *blob = 'Q';  // Mind your Ps and Qs!
    }

    // Copy and un-modfy the blob.  The caller must clean up the return value.
    static uint8_t* unmunge_blob(const uint8_t* blob, size_t blob_length) {
        uint8_t* dup_blob = dup_buffer(blob, blob_length);
        if (dup_blob && blob_length > 0 && *dup_blob == 'Q')
            *dup_blob = 'P';
        return dup_blob;
    }

    static keymaster0_device_t* device(const keymaster0_device_t* dev) {
        Keymaster0CountingWrapper* wrapper =
            reinterpret_cast<Keymaster0CountingWrapper*>(dev->context);
        return wrapper->device_;
    }

    static void increment(const keymaster0_device_t* dev) {
        Keymaster0CountingWrapper* wrapper =
            reinterpret_cast<Keymaster0CountingWrapper*>(dev->context);
        wrapper->counter_++;
    }

    static int counting_close_device(hw_device_t* dev) {
        keymaster0_device_t* k0_dev = reinterpret_cast<keymaster0_device_t*>(dev);
        increment(k0_dev);
        Keymaster0CountingWrapper* wrapper =
            reinterpret_cast<Keymaster0CountingWrapper*>(k0_dev->context);
        int retval =
            wrapper->device_->common.close(reinterpret_cast<hw_device_t*>(wrapper->device_));
        delete wrapper;
        return retval;
    }

    static int counting_generate_keypair(const struct keymaster0_device* dev,
                                         const keymaster_keypair_t key_type, const void* key_params,
                                         uint8_t** key_blob, size_t* key_blob_length) {
        increment(dev);
        int result = device(dev)->generate_keypair(device(dev), key_type, key_params, key_blob,
                                                   key_blob_length);
        if (result == 0)
            munge_blob(*key_blob, *key_blob_length);
        return result;
    }

    static int counting_import_keypair(const struct keymaster0_device* dev, const uint8_t* key,
                                       const size_t key_length, uint8_t** key_blob,
                                       size_t* key_blob_length) {
        increment(dev);
        int result =
            device(dev)->import_keypair(device(dev), key, key_length, key_blob, key_blob_length);
        if (result == 0)
            munge_blob(*key_blob, *key_blob_length);
        return result;
    }

    static int counting_get_keypair_public(const struct keymaster0_device* dev,
                                           const uint8_t* key_blob, const size_t key_blob_length,
                                           uint8_t** x509_data, size_t* x509_data_length) {
        increment(dev);
        std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
        return device(dev)->get_keypair_public(device(dev), dup_blob.get(), key_blob_length,
                                               x509_data, x509_data_length);
    }

    static int counting_delete_keypair(const struct keymaster0_device* dev, const uint8_t* key_blob,
                                       const size_t key_blob_length) {
        increment(dev);
        if (key_blob && key_blob_length > 0)
            EXPECT_EQ('Q', *key_blob);
        if (device(dev)->delete_keypair) {
            std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
            return device(dev)->delete_keypair(device(dev), dup_blob.get(), key_blob_length);
        }
        return 0;
    }

    static int counting_delete_all(const struct keymaster0_device* dev) {
        increment(dev);
        if (device(dev)->delete_all)
            return device(dev)->delete_all(device(dev));
        return 0;
    }

    static int counting_sign_data(const struct keymaster0_device* dev, const void* signing_params,
                                  const uint8_t* key_blob, const size_t key_blob_length,
                                  const uint8_t* data, const size_t data_length,
                                  uint8_t** signed_data, size_t* signed_data_length) {
        increment(dev);
        std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
        return device(dev)->sign_data(device(dev), signing_params, dup_blob.get(), key_blob_length,
                                      data, data_length, signed_data, signed_data_length);
    }

    static int counting_verify_data(const struct keymaster0_device* dev, const void* signing_params,
                                    const uint8_t* key_blob, const size_t key_blob_length,
                                    const uint8_t* signed_data, const size_t signed_data_length,
                                    const uint8_t* signature, const size_t signature_length) {
        increment(dev);
        std::unique_ptr<uint8_t[]> dup_blob(unmunge_blob(key_blob, key_blob_length));
        return device(dev)->verify_data(device(dev), signing_params, dup_blob.get(),
                                        key_blob_length, signed_data, signed_data_length, signature,
                                        signature_length);
    }

  private:
    keymaster0_device_t* device_;
    int counter_;
};

/**
 * This function takes a keymaster1_device_t and wraps it in an adapter that supports only
 * KM_DIGEST_SHA_2_256.
 */
keymaster1_device_t* make_device_sha256_only(keymaster1_device_t* device);

}  // namespace test
}  // namespace keymaster

#endif  // SYSTEM_KEYMASTER_ANDROID_KEYMASTER_TEST_UTILS_H_