| /* |
| * Copyright (C) 2022 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| #include "rkp_factory_extraction_lib.h" |
| |
| #include "gmock/gmock-matchers.h" |
| #include "gmock/gmock-more-matchers.h" |
| #include <aidl/android/hardware/security/keymint/DeviceInfo.h> |
| #include <aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.h> |
| #include <aidl/android/hardware/security/keymint/MacedPublicKey.h> |
| #include <aidl/android/hardware/security/keymint/RpcHardwareInfo.h> |
| #include <android-base/properties.h> |
| #include <gmock/gmock.h> |
| #include <gtest/gtest.h> |
| |
| #include <cstdint> |
| #include <memory> |
| #include <ostream> |
| #include <set> |
| #include <vector> |
| |
| #include "aidl/android/hardware/security/keymint/ProtectedData.h" |
| #include "android/binder_auto_utils.h" |
| #include "android/binder_interface_utils.h" |
| #include "cppbor.h" |
| |
| using ::ndk::ScopedAStatus; |
| using ::ndk::SharedRefBase; |
| |
| using namespace ::aidl::android::hardware::security::keymint; |
| using namespace ::cppbor; |
| using namespace ::testing; |
| |
| namespace cppbor { |
| |
| std::ostream& operator<<(std::ostream& os, const Item& item) { |
| return os << prettyPrint(&item); |
| } |
| |
| std::ostream& operator<<(std::ostream& os, const std::unique_ptr<Item>& item) { |
| return os << *item; |
| } |
| |
| std::ostream& operator<<(std::ostream& os, const Item* item) { |
| return os << *item; |
| } |
| |
| } // namespace cppbor |
| |
| class MockIRemotelyProvisionedComponent : public IRemotelyProvisionedComponentDefault { |
| public: |
| MOCK_METHOD(ScopedAStatus, getHardwareInfo, (RpcHardwareInfo * _aidl_return), (override)); |
| MOCK_METHOD(ScopedAStatus, generateEcdsaP256KeyPair, |
| (bool in_testMode, MacedPublicKey* out_macedPublicKey, |
| std::vector<uint8_t>* _aidl_return), |
| (override)); |
| MOCK_METHOD(ScopedAStatus, generateCertificateRequest, |
| (bool in_testMode, const std::vector<MacedPublicKey>& in_keysToSign, |
| const std::vector<uint8_t>& in_endpointEncryptionCertChain, |
| const std::vector<uint8_t>& in_challenge, DeviceInfo* out_deviceInfo, |
| ProtectedData* out_protectedData, std::vector<uint8_t>* _aidl_return), |
| (override)); |
| MOCK_METHOD(ScopedAStatus, generateCertificateRequestV2, |
| (const std::vector<MacedPublicKey>& in_keysToSign, |
| const std::vector<uint8_t>& in_challenge, std::vector<uint8_t>* _aidl_return), |
| (override)); |
| MOCK_METHOD(ScopedAStatus, getInterfaceVersion, (int32_t * _aidl_return), (override)); |
| MOCK_METHOD(ScopedAStatus, getInterfaceHash, (std::string * _aidl_return), (override)); |
| }; |
| |
| TEST(LibRkpFactoryExtractionTests, ToBase64) { |
| std::vector<uint8_t> input(UINT8_MAX + 1); |
| for (int i = 0; i < input.size(); ++i) { |
| input[i] = i; |
| } |
| |
| // Test three lengths so we get all the different paddding options |
| EXPECT_EQ("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4" |
| "vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV" |
| "5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMj" |
| "Y6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8" |
| "vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uv" |
| "s7e7v8PHy8/T19vf4+fr7/P3+/w==", |
| toBase64(input)); |
| |
| input.push_back(42); |
| EXPECT_EQ("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4" |
| "vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV" |
| "5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMj" |
| "Y6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8" |
| "vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uv" |
| "s7e7v8PHy8/T19vf4+fr7/P3+/yo=", |
| toBase64(input)); |
| |
| input.push_back(42); |
| EXPECT_EQ("AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4" |
| "vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV" |
| "5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMj" |
| "Y6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8" |
| "vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uv" |
| "s7e7v8PHy8/T19vf4+fr7/P3+/yoq", |
| toBase64(input)); |
| } |
| |
| TEST(LibRkpFactoryExtractionTests, UniqueChallengeSmokeTest) { |
| // This will at least catch VERY broken implementations. |
| constexpr size_t NUM_CHALLENGES = 32; |
| std::set<std::vector<uint8_t>> challenges; |
| for (size_t i = 0; i < NUM_CHALLENGES; ++i) { |
| const std::vector<uint8_t> challenge = generateChallenge(); |
| const auto [_, wasInserted] = challenges.insert(generateChallenge()); |
| EXPECT_TRUE(wasInserted) << "Duplicate challenge: " << toBase64(challenge); |
| } |
| } |
| |
| TEST(LibRkpFactoryExtractionTests, GetCsrWithV2Hal) { |
| ASSERT_TRUE(true); |
| |
| const std::vector<uint8_t> kFakeMac = {1, 2, 3, 4}; |
| |
| Map cborDeviceInfo; |
| cborDeviceInfo.add("product", "gShoe"); |
| cborDeviceInfo.add("version", 2); |
| cborDeviceInfo.add("brand", "Fake Brand"); |
| cborDeviceInfo.add("manufacturer", "Fake Mfr"); |
| cborDeviceInfo.add("model", "Fake Model"); |
| cborDeviceInfo.add("device", "Fake Device"); |
| cborDeviceInfo.add("vb_state", "orange"); |
| cborDeviceInfo.add("bootloader_state", "unlocked"); |
| cborDeviceInfo.add("vbmeta_digest", std::vector<uint8_t>{1, 2, 3, 4}); |
| cborDeviceInfo.add("system_patch_level", 42); |
| cborDeviceInfo.add("boot_patch_level", 31415); |
| cborDeviceInfo.add("vendor_patch_level", 0); |
| cborDeviceInfo.add("fused", 0); |
| cborDeviceInfo.add("security_level", "tee"); |
| cborDeviceInfo.add("os_version", "the best version"); |
| const DeviceInfo kVerifiedDeviceInfo = {cborDeviceInfo.canonicalize().encode()}; |
| |
| Array cborProtectedData; |
| cborProtectedData.add(Bstr()); // protected |
| cborProtectedData.add(Map()); // unprotected |
| cborProtectedData.add(Bstr()); // ciphertext |
| cborProtectedData.add(Array()); // recipients |
| const ProtectedData kProtectedData = {cborProtectedData.encode()}; |
| |
| std::vector<uint8_t> eekChain; |
| std::vector<uint8_t> challenge; |
| |
| // Set up mock, then call getSCsr |
| auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>(); |
| EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) { |
| hwInfo->versionNumber = 2; |
| return ScopedAStatus::ok(); |
| }); |
| EXPECT_CALL(*mockRpc, |
| generateCertificateRequest(false, // testMode |
| IsEmpty(), // keysToSign |
| _, // endpointEncryptionCertChain |
| _, // challenge |
| NotNull(), // deviceInfo |
| NotNull(), // protectedData |
| NotNull())) // _aidl_return |
| .WillOnce(DoAll(SaveArg<2>(&eekChain), // |
| SaveArg<3>(&challenge), // |
| SetArgPointee<4>(kVerifiedDeviceInfo), // |
| SetArgPointee<5>(kProtectedData), // |
| SetArgPointee<6>(kFakeMac), // |
| Return(ByMove(ScopedAStatus::ok())))); // |
| |
| auto [csr, csrErrMsg] = getCsr("mock component name", mockRpc.get()); |
| ASSERT_THAT(csr, NotNull()) << csrErrMsg; |
| ASSERT_THAT(csr->asArray(), Pointee(Property(&Array::size, Eq(4)))); |
| |
| // Verify the input parameters that we received |
| auto [parsedEek, ignore1, eekParseError] = parse(eekChain); |
| ASSERT_THAT(parsedEek, NotNull()) << eekParseError; |
| EXPECT_THAT(parsedEek->asArray(), Pointee(Property(&Array::size, Gt(1)))); |
| EXPECT_THAT(challenge, Property(&std::vector<uint8_t>::size, Eq(kChallengeSize))); |
| |
| // Device info consists of (verified info, unverified info) |
| const Array* deviceInfoArray = csr->get(0)->asArray(); |
| EXPECT_THAT(deviceInfoArray, Pointee(Property(&Array::size, 2))); |
| |
| // Verified device info must match our mock value |
| const Map* actualVerifiedDeviceInfo = deviceInfoArray->get(0)->asMap(); |
| EXPECT_THAT(actualVerifiedDeviceInfo, Pointee(Property(&Map::size, Eq(cborDeviceInfo.size())))); |
| EXPECT_THAT(actualVerifiedDeviceInfo->get("product"), Pointee(Eq(Tstr("gShoe")))); |
| EXPECT_THAT(actualVerifiedDeviceInfo->get("version"), Pointee(Eq(Uint(2)))); |
| |
| // Empty unverified device info |
| const Map* actualUnverifiedDeviceInfo = deviceInfoArray->get(1)->asMap(); |
| EXPECT_THAT(actualUnverifiedDeviceInfo, Pointee(Property(&Map::size, Eq(0)))); |
| |
| // Challenge must match the call to generateCertificateRequest |
| const Bstr* actualChallenge = csr->get(1)->asBstr(); |
| EXPECT_THAT(actualChallenge, Pointee(Property(&Bstr::value, Eq(challenge)))); |
| |
| // Protected data must match the mock value |
| const Array* actualProtectedData = csr->get(2)->asArray(); |
| EXPECT_THAT(actualProtectedData, Pointee(Eq(ByRef(cborProtectedData)))); |
| |
| // Ensure the maced public key matches the expected COSE_mac0 |
| const Array* actualMacedKeys = csr->get(3)->asArray(); |
| ASSERT_THAT(actualMacedKeys, Pointee(Property(&Array::size, Eq(4)))); |
| ASSERT_THAT(actualMacedKeys->get(0)->asBstr(), NotNull()); |
| auto [macProtectedParams, ignore2, macParamParseError] = |
| parse(actualMacedKeys->get(0)->asBstr()); |
| ASSERT_THAT(macProtectedParams, NotNull()) << macParamParseError; |
| Map expectedMacProtectedParams; |
| expectedMacProtectedParams.add(1, 5); |
| EXPECT_THAT(macProtectedParams, Pointee(Eq(ByRef(expectedMacProtectedParams)))); |
| EXPECT_THAT(actualMacedKeys->get(1)->asMap(), Pointee(Property(&Map::size, Eq(0)))); |
| EXPECT_THAT(actualMacedKeys->get(2)->asNull(), NotNull()); |
| EXPECT_THAT(actualMacedKeys->get(3)->asBstr(), Pointee(Eq(Bstr(kFakeMac)))); |
| } |
| |
| TEST(LibRkpFactoryExtractionTests, GetCsrWithV3Hal) { |
| const std::vector<uint8_t> kCsr = Array() |
| .add(3 /* version */) |
| .add(Map() /* UdsCerts */) |
| .add(Array() /* DiceCertChain */) |
| .add(Array() /* SignedData */) |
| .encode(); |
| std::vector<uint8_t> challenge; |
| |
| // Set up mock, then call getCsr |
| auto mockRpc = SharedRefBase::make<MockIRemotelyProvisionedComponent>(); |
| EXPECT_CALL(*mockRpc, getHardwareInfo(NotNull())).WillRepeatedly([](RpcHardwareInfo* hwInfo) { |
| hwInfo->versionNumber = 3; |
| return ScopedAStatus::ok(); |
| }); |
| EXPECT_CALL(*mockRpc, |
| generateCertificateRequestV2(IsEmpty(), // keysToSign |
| _, // challenge |
| NotNull())) // _aidl_return |
| .WillOnce(DoAll(SaveArg<1>(&challenge), SetArgPointee<2>(kCsr), |
| Return(ByMove(ScopedAStatus::ok())))); |
| |
| auto [csr, csrErrMsg] = getCsr("mock component name", mockRpc.get()); |
| ASSERT_THAT(csr, NotNull()) << csrErrMsg; |
| ASSERT_THAT(csr, Pointee(Property(&Array::size, Eq(5)))); |
| |
| EXPECT_THAT(csr->get(0 /* version */), Pointee(Eq(Uint(3)))); |
| EXPECT_THAT(csr->get(1)->asMap(), NotNull()); |
| EXPECT_THAT(csr->get(2)->asArray(), NotNull()); |
| EXPECT_THAT(csr->get(3)->asArray(), NotNull()); |
| |
| const Map* unverifedDeviceInfo = csr->get(4)->asMap(); |
| ASSERT_THAT(unverifedDeviceInfo, NotNull()); |
| EXPECT_THAT(unverifedDeviceInfo->get("fingerprint"), NotNull()); |
| const Tstr fingerprint(android::base::GetProperty("ro.build.fingerprint", "")); |
| EXPECT_THAT(*unverifedDeviceInfo->get("fingerprint")->asTstr(), Eq(fingerprint)); |
| } |