1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Permission is hereby granted, free of charge, to any person
5 * obtaining a copy of this software and associated documentation
6 * files (the "Software"), to deal in the Software without
7 * restriction, including without limitation the rights to use, copy,
8 * modify, merge, publish, distribute, sublicense, and/or sell copies
9 * of the Software, and to permit persons to whom the Software is
10 * furnished to do so, subject to the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be
13 * included in all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19 * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20 * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22 * SOFTWARE.
23 */
24
25#include "atap_unittest_util.h"
26
27#include <base/files/file_util.h>
28#include <gtest/gtest.h>
29#include <libatap/libatap.h>
30
31/* These tests verify serialization, deserialization, and validation functions
32 * in atap_util.c.
33 */
34namespace atap {
35
36// Subclass BaseAtapToolTest to check for memory leaks.
37class UtilTest : public BaseAtapTest {
38 public:
39  UtilTest() {}
40};
41
42namespace {
43
44static void validate_blob(const uint8_t* buf, AtapBlob* blob) {
45  EXPECT_EQ(blob->data_length, *(uint32_t*)&buf[0]);
46  EXPECT_EQ(0, memcmp(&buf[4], blob->data, blob->data_length));
47}
48
49static void alloc_test_blob(AtapBlob* blob) {
50  blob->data_length = 20;
51  blob->data = (uint8_t*)atap_malloc(20);
52  atap_memset(blob->data, 0x77, blob->data_length);
53}
54
55static void validate_cert_chain(const uint8_t* buf, AtapCertChain* chain) {
56  uint32_t chain_size = cert_chain_serialized_size(chain) - sizeof(uint32_t);
57  EXPECT_EQ(*(uint32_t*)&buf[0], chain_size);
58  size_t index = 4;
59  for (size_t i = 0; i < chain->entry_count; ++i) {
60    validate_blob(&buf[index], &chain->entries[i]);
61    index += sizeof(uint32_t) + chain->entries[i].data_length;
62  }
63}
64
65static void alloc_test_cert_chain(AtapCertChain* chain) {
66  chain->entry_count = 3;
67  for (size_t i = 0; i < chain->entry_count; ++i) {
68    alloc_test_blob(&chain->entries[i]);
69  }
70}
71
72static void validate_header(uint8_t* buf,
73                            uint32_t serialized_size,
74                            uint32_t* index) {
75  uint8_t protocol_version = *next(buf, index, 4);
76  EXPECT_EQ(ATAP_PROTOCOL_VERSION, protocol_version);
77  uint32_t message_len = *(uint32_t*)next(buf, index, sizeof(uint32_t));
78  EXPECT_EQ(serialized_size - ATAP_HEADER_LEN, message_len);
79}
80
81}  // unnamed namespace
82
83TEST_F(UtilTest, AppendToBuf) {
84  uint64_t x = 0x1122334455667788;
85  uint8_t buf[sizeof(uint64_t)];
86  uint8_t* res = append_to_buf(buf, &x, sizeof(uint64_t));
87  EXPECT_EQ(buf + sizeof(uint64_t), res);
88  EXPECT_EQ(*(uint64_t*)buf, x);
89}
90
91TEST_F(UtilTest, CopyFromBuf) {
92  uint8_t buf[sizeof(uint64_t)];
93  uint8_t* buf_ptr = &buf[0];
94  uint64_t x = 0x1122334455667788;
95  atap_memcpy(buf, &x, sizeof(uint64_t));
96  x = 0;
97  copy_from_buf(&buf_ptr, &x, sizeof(uint64_t));
98  EXPECT_EQ(buf + sizeof(uint64_t), buf_ptr);
99  EXPECT_EQ(*(uint64_t*)buf, x);
100}
101
102TEST_F(UtilTest, AppendHeaderToBuf) {
103  uint8_t buf[ATAP_HEADER_LEN];
104  uint32_t message_len = 100;
105  uint8_t* res = append_header_to_buf(buf, message_len);
106  EXPECT_EQ(buf + ATAP_HEADER_LEN, res);
107  EXPECT_EQ(ATAP_PROTOCOL_VERSION, buf[0]);
108  EXPECT_EQ(message_len, *(uint32_t*)&buf[4]);
109}
110
111TEST_F(UtilTest, SerializeBlob) {
112  AtapBlob blob;
113  alloc_test_blob(&blob);
114
115  uint8_t buf[32];
116  uint8_t* end = append_blob_to_buf(buf, &blob);
117  EXPECT_EQ(buf + blob_serialized_size(&blob), end);
118  validate_blob(buf, &blob);
119  free_blob(blob);
120
121  end = &buf[0];
122  copy_blob_from_buf(&end, &blob);
123  EXPECT_EQ(buf + blob_serialized_size(&blob), end);
124  validate_blob(buf, &blob);
125  free_blob(blob);
126}
127
128TEST_F(UtilTest, SerializeCertChain) {
129  AtapCertChain chain;
130  alloc_test_cert_chain(&chain);
131
132  uint8_t buf[128];
133  uint8_t* end = append_cert_chain_to_buf(buf, &chain);
134  EXPECT_EQ(buf + cert_chain_serialized_size(&chain), end);
135  validate_cert_chain(buf, &chain);
136  free_cert_chain(chain);
137
138  end = &buf[0];
139  EXPECT_TRUE(copy_cert_chain_from_buf(&end, &chain));
140  EXPECT_EQ(buf + cert_chain_serialized_size(&chain), end);
141  validate_cert_chain(buf, &chain);
142  free_cert_chain(chain);
143
144  // malformed serialized certificate chains
145  buf[0] -= 7;
146  end = &buf[0];
147  EXPECT_FALSE(copy_cert_chain_from_buf(&end, &chain));
148
149  buf[0] += 7;
150  buf[7] -= 7;
151  end = &buf[0];
152  EXPECT_FALSE(copy_cert_chain_from_buf(&end, &chain));
153}
154
155TEST_F(UtilTest, InnerCaRequestCertifyWithAuth) {
156  AtapInnerCaRequest req;
157  atap_memset(&req, 0, sizeof(AtapInnerCaRequest));
158  alloc_test_cert_chain(&req.auth_key_cert_chain);
159  alloc_test_blob(&req.signature);
160  atap_memset(req.product_id_hash, 0x66, ATAP_SHA256_DIGEST_LEN);
161  alloc_test_blob(&req.RSA_pubkey);
162  alloc_test_blob(&req.ECDSA_pubkey);
163  alloc_test_blob(&req.edDSA_pubkey);
164  uint32_t size = inner_ca_request_serialized_size(&req);
165
166  uint8_t buf[4096];
167  uint8_t* end = append_inner_ca_request_to_buf(buf, &req);
168  EXPECT_EQ(buf + size, end);
169  uint32_t i = 0;
170  validate_header(buf, size, &i);
171  uint8_t* auth_cert_chain_buf =
172      next(buf, &i, cert_chain_serialized_size(&req.auth_key_cert_chain));
173  validate_cert_chain(auth_cert_chain_buf, &req.auth_key_cert_chain);
174  uint8_t* auth_signature_buf =
175      next(buf, &i, blob_serialized_size(&req.signature));
176  validate_blob(auth_signature_buf, &req.signature);
177  uint8_t* product_id_hash = next(buf, &i, ATAP_SHA256_DIGEST_LEN);
178  EXPECT_EQ(
179      0, memcmp(req.product_id_hash, product_id_hash, ATAP_SHA256_DIGEST_LEN));
180  uint8_t* RSA_pubkey_buf =
181      next(buf, &i, blob_serialized_size(&req.RSA_pubkey));
182  validate_blob(RSA_pubkey_buf, &req.RSA_pubkey);
183  uint8_t* ECDSA_pubkey_buf =
184      next(buf, &i, blob_serialized_size(&req.ECDSA_pubkey));
185  validate_blob(ECDSA_pubkey_buf, &req.ECDSA_pubkey);
186  uint8_t* edDSA_pubkey_buf =
187      next(buf, &i, blob_serialized_size(&req.edDSA_pubkey));
188  validate_blob(edDSA_pubkey_buf, &req.edDSA_pubkey);
189  free_inner_ca_request(req);
190}
191
192TEST_F(UtilTest, InnerCaRequestCertifyNoAuth) {
193  AtapInnerCaRequest req;
194  atap_memset(&req, 0, sizeof(AtapInnerCaRequest));
195  atap_memset(req.product_id_hash, 0x66, ATAP_SHA256_DIGEST_LEN);
196  alloc_test_blob(&req.RSA_pubkey);
197  alloc_test_blob(&req.ECDSA_pubkey);
198  alloc_test_blob(&req.edDSA_pubkey);
199  uint32_t size = inner_ca_request_serialized_size(&req);
200
201  uint8_t buf[4096];
202  uint8_t* end = append_inner_ca_request_to_buf(buf, &req);
203  EXPECT_EQ(buf + size, end);
204  uint32_t i = 0;
205  validate_header(buf, size, &i);
206  int32_t auth_cert_chain_len = *(int32_t*)next(buf, &i, sizeof(int32_t));
207  EXPECT_EQ(0, auth_cert_chain_len);
208  int32_t auth_signature_len = *(int32_t*)next(buf, &i, sizeof(int32_t));
209  EXPECT_EQ(0, auth_signature_len);
210  uint8_t* product_id_hash = next(buf, &i, ATAP_SHA256_DIGEST_LEN);
211  EXPECT_EQ(
212      0, memcmp(req.product_id_hash, product_id_hash, ATAP_SHA256_DIGEST_LEN));
213  uint8_t* RSA_pubkey_buf =
214      next(buf, &i, blob_serialized_size(&req.RSA_pubkey));
215  validate_blob(RSA_pubkey_buf, &req.RSA_pubkey);
216  uint8_t* ECDSA_pubkey_buf =
217      next(buf, &i, blob_serialized_size(&req.ECDSA_pubkey));
218  validate_blob(ECDSA_pubkey_buf, &req.ECDSA_pubkey);
219  uint8_t* edDSA_pubkey_buf =
220      next(buf, &i, blob_serialized_size(&req.edDSA_pubkey));
221  validate_blob(edDSA_pubkey_buf, &req.edDSA_pubkey);
222  free_inner_ca_request(req);
223}
224
225TEST_F(UtilTest, InnerCaRequestIssueWithAuth) {
226  AtapInnerCaRequest req;
227  atap_memset(&req, 0, sizeof(AtapInnerCaRequest));
228  alloc_test_cert_chain(&req.auth_key_cert_chain);
229  alloc_test_blob(&req.signature);
230  atap_memset(req.product_id_hash, 0x66, ATAP_SHA256_DIGEST_LEN);
231  uint32_t size = inner_ca_request_serialized_size(&req);
232
233  uint8_t buf[4096];
234  uint8_t* end = append_inner_ca_request_to_buf(buf, &req);
235  EXPECT_EQ(buf + size, end);
236  uint32_t i = 0;
237  validate_header(buf, size, &i);
238  uint8_t* auth_cert_chain_buf =
239      next(buf, &i, cert_chain_serialized_size(&req.auth_key_cert_chain));
240  validate_cert_chain(auth_cert_chain_buf, &req.auth_key_cert_chain);
241  uint8_t* auth_signature_buf =
242      next(buf, &i, blob_serialized_size(&req.signature));
243  validate_blob(auth_signature_buf, &req.signature);
244  uint8_t* product_id_hash = next(buf, &i, ATAP_SHA256_DIGEST_LEN);
245  EXPECT_EQ(
246      0, memcmp(req.product_id_hash, product_id_hash, ATAP_SHA256_DIGEST_LEN));
247  int32_t RSA_pubkey_size = *(int32_t*)next(buf, &i, sizeof(int32_t));
248  EXPECT_EQ(0, RSA_pubkey_size);
249  int32_t ECDSA_pubkey_size = *(int32_t*)next(buf, &i, sizeof(int32_t));
250  EXPECT_EQ(0, ECDSA_pubkey_size);
251  int32_t edDSA_pubkey_size = *(int32_t*)next(buf, &i, sizeof(int32_t));
252  EXPECT_EQ(0, edDSA_pubkey_size);
253  free_inner_ca_request(req);
254}
255
256TEST_F(UtilTest, InnerCaRequestIssueNoAuth) {
257  AtapInnerCaRequest req;
258  atap_memset(&req, 0, sizeof(AtapInnerCaRequest));
259  atap_memset(req.product_id_hash, 0x66, ATAP_SHA256_DIGEST_LEN);
260  uint32_t size = inner_ca_request_serialized_size(&req);
261
262  uint8_t buf[4096];
263  uint8_t* end = append_inner_ca_request_to_buf(buf, &req);
264  EXPECT_EQ(buf + size, end);
265  uint32_t i = 0;
266  validate_header(buf, size, &i);
267  int32_t auth_cert_chain_len = *(int32_t*)next(buf, &i, sizeof(int32_t));
268  EXPECT_EQ(0, auth_cert_chain_len);
269  int32_t auth_signature_len = *(int32_t*)next(buf, &i, sizeof(int32_t));
270  EXPECT_EQ(0, auth_signature_len);
271  uint8_t* product_id_hash = next(buf, &i, ATAP_SHA256_DIGEST_LEN);
272  EXPECT_EQ(
273      0, memcmp(req.product_id_hash, product_id_hash, ATAP_SHA256_DIGEST_LEN));
274  int32_t RSA_pubkey_size = *(int32_t*)next(buf, &i, sizeof(int32_t));
275  EXPECT_EQ(0, RSA_pubkey_size);
276  int32_t ECDSA_pubkey_size = *(int32_t*)next(buf, &i, sizeof(int32_t));
277  EXPECT_EQ(0, ECDSA_pubkey_size);
278  int32_t edDSA_pubkey_size = *(int32_t*)next(buf, &i, sizeof(int32_t));
279  EXPECT_EQ(0, edDSA_pubkey_size);
280  free_inner_ca_request(req);
281}
282
283TEST_F(UtilTest, CaRequest) {
284  AtapCaRequest req;
285  atap_memset(&req, 0, sizeof(AtapCaRequest));
286  atap_memset(req.device_pubkey, 0x66, ATAP_ECDH_KEY_LEN);
287  atap_memset(req.iv, 0x55, ATAP_GCM_IV_LEN);
288  alloc_test_blob(&req.encrypted_inner_ca_request);
289  atap_memset(req.tag, 0x44, ATAP_GCM_TAG_LEN);
290  uint32_t size = ca_request_serialized_size(&req);
291
292  uint8_t buf[4096];
293  uint8_t* end = append_ca_request_to_buf(buf, &req);
294  EXPECT_EQ(buf + size, end);
295  uint32_t i = 0;
296  validate_header(buf, size, &i);
297  uint8_t* device_pubkey = next(buf, &i, ATAP_ECDH_KEY_LEN);
298  EXPECT_EQ(0, memcmp(req.device_pubkey, device_pubkey, ATAP_ECDH_KEY_LEN));
299  uint8_t* iv = next(buf, &i, ATAP_GCM_IV_LEN);
300  EXPECT_EQ(0, memcmp(req.iv, iv, ATAP_GCM_IV_LEN));
301  uint8_t* encrypted_inner_buf =
302      next(buf, &i, blob_serialized_size(&req.encrypted_inner_ca_request));
303  validate_blob(encrypted_inner_buf, &req.encrypted_inner_ca_request);
304  uint8_t* tag = next(buf, &i, ATAP_GCM_TAG_LEN);
305  EXPECT_EQ(0, memcmp(req.tag, tag, ATAP_GCM_TAG_LEN));
306  free_ca_request(req);
307}
308
309TEST_F(UtilTest, ValidateEncryptedMessage) {
310  uint8_t buf[128];
311  uint32_t message_len = 128 - ATAP_HEADER_LEN;
312  uint32_t encrypted_len =
313      message_len - ATAP_GCM_IV_LEN - sizeof(uint32_t) - ATAP_GCM_TAG_LEN;
314
315  append_header_to_buf(buf, message_len);
316  *(uint32_t*)&buf[ATAP_HEADER_LEN + ATAP_GCM_IV_LEN] = encrypted_len;
317  EXPECT_EQ(true, validate_encrypted_message(buf, 128));
318  EXPECT_EQ(false, validate_encrypted_message(buf, 8));
319  *(uint32_t*)&buf[ATAP_HEADER_LEN + ATAP_GCM_IV_LEN] = 4;
320  EXPECT_EQ(false, validate_encrypted_message(buf, 128));
321}
322
323TEST_F(UtilTest, ValidateInnerCaResponse) {
324  std::string inner_ca_resp;
325
326  ASSERT_TRUE(base::ReadFileToString(
327      base::FilePath(kIssueX25519InnerCaResponsePath), &inner_ca_resp));
328  ASSERT_EQ(6954, (int)inner_ca_resp.size());
329  EXPECT_EQ(true,
330            validate_inner_ca_response((uint8_t*)&inner_ca_resp[0],
331                                       inner_ca_resp.size(),
332                                       ATAP_OPERATION_ISSUE));
333  // Invalid InnerCaResponse message format
334  *(uint32_t*)&inner_ca_resp[4] = 100;
335  EXPECT_EQ(false,
336            validate_inner_ca_response((uint8_t*)&inner_ca_resp[0],
337                                       inner_ca_resp.size(),
338                                       ATAP_OPERATION_ISSUE));
339}
340
341}  // namespace atap
342