1/* 2 * Copyright 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17#include <keymaster/km_openssl/ecies_kem.h> 18 19#include <gtest/gtest.h> 20#include <openssl/evp.h> 21 22#include <hardware/keymaster_defs.h> 23 24#include <keymaster/android_keymaster_utils.h> 25#include <keymaster/km_openssl/nist_curve_key_exchange.h> 26 27#include "android_keymaster_test_utils.h" 28 29using std::string; 30 31namespace keymaster { 32namespace test { 33 34StdoutLogger logger; 35 36static const keymaster_ec_curve_t kEcCurves[] = {KM_EC_CURVE_P_224, KM_EC_CURVE_P_256, 37 KM_EC_CURVE_P_384, KM_EC_CURVE_P_521}; 38 39/** 40 * TestConsistency just tests that the basic key encapsulation hold. 41 */ 42TEST(EciesKem, TestConsistency) { 43 static const uint32_t kKeyLen = 32; 44 for (auto& curve : kEcCurves) { 45 AuthorizationSet kem_description(AuthorizationSetBuilder() 46 .Authorization(TAG_EC_CURVE, curve) 47 .Authorization(TAG_KDF, KM_KDF_RFC5869_SHA256) 48 .Authorization(TAG_ECIES_SINGLE_HASH_MODE) 49 .Authorization(TAG_KEY_SIZE, kKeyLen)); 50 keymaster_error_t error; 51 EciesKem* kem = new EciesKem(kem_description, &error); 52 ASSERT_EQ(KM_ERROR_OK, error); 53 54 NistCurveKeyExchange* key_exchange = NistCurveKeyExchange::GenerateKeyExchange(curve); 55 Buffer peer_public_value; 56 ASSERT_TRUE(key_exchange->public_value(&peer_public_value)); 57 58 Buffer output_clear_key; 59 Buffer output_encrypted_key; 60 ASSERT_TRUE(kem->Encrypt(peer_public_value, &output_clear_key, &output_encrypted_key)); 61 ASSERT_EQ(kKeyLen, output_clear_key.available_read()); 62 ASSERT_EQ(peer_public_value.available_read(), output_encrypted_key.available_read()); 63 64 Buffer decrypted_clear_key; 65 ASSERT_TRUE( 66 kem->Decrypt(key_exchange->private_key(), output_encrypted_key, &decrypted_clear_key)); 67 ASSERT_EQ(kKeyLen, decrypted_clear_key.available_read()); 68 EXPECT_EQ(0, memcmp(output_clear_key.peek_read(), decrypted_clear_key.peek_read(), 69 output_clear_key.available_read())); 70 } 71} 72 73} // namespace test 74} // namespace keymaster 75