1/*
2 * Copyright 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17#include <fstream>
18
19#include <gtest/gtest.h>
20
21#include <keymaster/keymaster_context.h>
22
23#include "android_keymaster_test_utils.h"
24#include <keymaster/attestation_record.h>
25
26namespace keymaster {
27namespace test {
28
29class TestContext : public AttestationRecordContext {
30  public:
31    keymaster_security_level_t GetSecurityLevel() const override {
32        return KM_SECURITY_LEVEL_SOFTWARE;
33    }
34    keymaster_error_t GenerateUniqueId(uint64_t /* creation_date_time */,
35                                       const keymaster_blob_t& /* application_id */,
36                                       bool /* reset_since_rotation */, Buffer* unique_id) const override {
37        // Finally, the reason for defining this class:
38        unique_id->Reinitialize("foo", 3);
39        return KM_ERROR_OK;
40    }
41};
42
43TEST(AttestTest, Simple) {
44    AuthorizationSet hw_set(AuthorizationSetBuilder()
45                                .RsaSigningKey(512, 3)
46                                .Digest(KM_DIGEST_SHA_2_256)
47                                .Digest(KM_DIGEST_SHA_2_384)
48                                .Authorization(TAG_OS_VERSION, 60000)
49                                .Authorization(TAG_OS_PATCHLEVEL, 201512)
50                                .Authorization(TAG_APPLICATION_ID, "bar", 3));
51    AuthorizationSet sw_set(AuthorizationSetBuilder().Authorization(TAG_ACTIVE_DATETIME, 10));
52
53    UniquePtr<uint8_t[]> asn1;
54    size_t asn1_len;
55    AuthorizationSet attest_params(
56        AuthorizationSetBuilder()
57            .Authorization(TAG_ATTESTATION_CHALLENGE, "hello", 5)
58            .Authorization(TAG_ATTESTATION_APPLICATION_ID, "hello again", 11));
59    EXPECT_EQ(KM_ERROR_OK, build_attestation_record(attest_params, sw_set, hw_set, TestContext(),
60                                                    &asn1, &asn1_len));
61    EXPECT_GT(asn1_len, 0U);
62
63    std::ofstream output("attest.der",
64                         std::ofstream::out | std::ofstream::binary | std::ofstream::trunc);
65    if (output)
66        output.write(reinterpret_cast<const char*>(asn1.get()), asn1_len);
67    output.close();
68
69    AuthorizationSet parsed_hw_set;
70    AuthorizationSet parsed_sw_set;
71    uint32_t attestation_version;
72    uint32_t keymaster_version;
73    keymaster_security_level_t attestation_security_level;
74    keymaster_security_level_t keymaster_security_level;
75    keymaster_blob_t attestation_challenge = {};
76    keymaster_blob_t unique_id = {};
77    EXPECT_EQ(KM_ERROR_OK,
78              parse_attestation_record(asn1.get(), asn1_len, &attestation_version,
79                                       &attestation_security_level, &keymaster_version,
80                                       &keymaster_security_level, &attestation_challenge,
81                                       &parsed_sw_set, &parsed_hw_set, &unique_id));
82
83    delete[] attestation_challenge.data;
84    delete[] unique_id.data;
85
86    hw_set.Sort();
87    sw_set.Sort();
88    parsed_hw_set.Sort();
89    parsed_sw_set.Sort();
90    EXPECT_EQ(hw_set, parsed_hw_set);
91    EXPECT_EQ(sw_set, parsed_sw_set);
92}
93
94}  // namespace test
95}  // namespace keymaster
96