1*d289c2baSAndroid Build Coastguard Worker /*
2*d289c2baSAndroid Build Coastguard Worker * Copyright (C) 2016 The Android Open Source Project
3*d289c2baSAndroid Build Coastguard Worker *
4*d289c2baSAndroid Build Coastguard Worker * Permission is hereby granted, free of charge, to any person
5*d289c2baSAndroid Build Coastguard Worker * obtaining a copy of this software and associated documentation
6*d289c2baSAndroid Build Coastguard Worker * files (the "Software"), to deal in the Software without
7*d289c2baSAndroid Build Coastguard Worker * restriction, including without limitation the rights to use, copy,
8*d289c2baSAndroid Build Coastguard Worker * modify, merge, publish, distribute, sublicense, and/or sell copies
9*d289c2baSAndroid Build Coastguard Worker * of the Software, and to permit persons to whom the Software is
10*d289c2baSAndroid Build Coastguard Worker * furnished to do so, subject to the following conditions:
11*d289c2baSAndroid Build Coastguard Worker *
12*d289c2baSAndroid Build Coastguard Worker * The above copyright notice and this permission notice shall be
13*d289c2baSAndroid Build Coastguard Worker * included in all copies or substantial portions of the Software.
14*d289c2baSAndroid Build Coastguard Worker *
15*d289c2baSAndroid Build Coastguard Worker * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16*d289c2baSAndroid Build Coastguard Worker * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17*d289c2baSAndroid Build Coastguard Worker * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
18*d289c2baSAndroid Build Coastguard Worker * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
19*d289c2baSAndroid Build Coastguard Worker * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
20*d289c2baSAndroid Build Coastguard Worker * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
21*d289c2baSAndroid Build Coastguard Worker * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22*d289c2baSAndroid Build Coastguard Worker * SOFTWARE.
23*d289c2baSAndroid Build Coastguard Worker */
24*d289c2baSAndroid Build Coastguard Worker
25*d289c2baSAndroid Build Coastguard Worker #include <base/files/file_util.h>
26*d289c2baSAndroid Build Coastguard Worker #include <gtest/gtest.h>
27*d289c2baSAndroid Build Coastguard Worker #include <libavb_cert/libavb_cert.h>
28*d289c2baSAndroid Build Coastguard Worker #include <openssl/objects.h>
29*d289c2baSAndroid Build Coastguard Worker #include <openssl/pem.h>
30*d289c2baSAndroid Build Coastguard Worker #include <openssl/rsa.h>
31*d289c2baSAndroid Build Coastguard Worker #include <openssl/sha.h>
32*d289c2baSAndroid Build Coastguard Worker #include <stdio.h>
33*d289c2baSAndroid Build Coastguard Worker #include <string.h>
34*d289c2baSAndroid Build Coastguard Worker
35*d289c2baSAndroid Build Coastguard Worker #include "avb_unittest_util.h"
36*d289c2baSAndroid Build Coastguard Worker #include "fake_avb_ops.h"
37*d289c2baSAndroid Build Coastguard Worker
38*d289c2baSAndroid Build Coastguard Worker namespace {
39*d289c2baSAndroid Build Coastguard Worker
40*d289c2baSAndroid Build Coastguard Worker const char kMetadataPath[] = "test/data/cert_metadata.bin";
41*d289c2baSAndroid Build Coastguard Worker const char kPermanentAttributesPath[] =
42*d289c2baSAndroid Build Coastguard Worker "test/data/cert_permanent_attributes.bin";
43*d289c2baSAndroid Build Coastguard Worker const char kPRKPrivateKeyPath[] = "test/data/testkey_cert_prk.pem";
44*d289c2baSAndroid Build Coastguard Worker const char kPIKPrivateKeyPath[] = "test/data/testkey_cert_pik.pem";
45*d289c2baSAndroid Build Coastguard Worker const char kPSKPrivateKeyPath[] = "test/data/testkey_cert_psk.pem";
46*d289c2baSAndroid Build Coastguard Worker const char kPUKPrivateKeyPath[] = "test/data/testkey_cert_puk.pem";
47*d289c2baSAndroid Build Coastguard Worker const char kUnlockChallengePath[] = "test/data/cert_unlock_challenge.bin";
48*d289c2baSAndroid Build Coastguard Worker const char kUnlockCredentialPath[] = "test/data/cert_unlock_credential.bin";
49*d289c2baSAndroid Build Coastguard Worker
50*d289c2baSAndroid Build Coastguard Worker class ScopedRSA {
51*d289c2baSAndroid Build Coastguard Worker public:
ScopedRSA(const char * pem_key_path)52*d289c2baSAndroid Build Coastguard Worker ScopedRSA(const char* pem_key_path) {
53*d289c2baSAndroid Build Coastguard Worker FILE* file = fopen(pem_key_path, "r");
54*d289c2baSAndroid Build Coastguard Worker rsa_ = PEM_read_RSAPrivateKey(file, nullptr, nullptr, nullptr);
55*d289c2baSAndroid Build Coastguard Worker fclose(file);
56*d289c2baSAndroid Build Coastguard Worker }
57*d289c2baSAndroid Build Coastguard Worker
~ScopedRSA()58*d289c2baSAndroid Build Coastguard Worker ~ScopedRSA() {
59*d289c2baSAndroid Build Coastguard Worker if (rsa_) {
60*d289c2baSAndroid Build Coastguard Worker RSA_free(rsa_);
61*d289c2baSAndroid Build Coastguard Worker }
62*d289c2baSAndroid Build Coastguard Worker }
63*d289c2baSAndroid Build Coastguard Worker
64*d289c2baSAndroid Build Coastguard Worker // PKCS #1 v1.5 signature using SHA512. Returns true on success.
Sign(const void * data_to_sign,size_t length,uint8_t signature[])65*d289c2baSAndroid Build Coastguard Worker bool Sign(const void* data_to_sign, size_t length, uint8_t signature[]) {
66*d289c2baSAndroid Build Coastguard Worker uint8_t digest[AVB_SHA512_DIGEST_SIZE];
67*d289c2baSAndroid Build Coastguard Worker const unsigned char* data_to_sign_buf =
68*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<const unsigned char*>(data_to_sign);
69*d289c2baSAndroid Build Coastguard Worker SHA512(data_to_sign_buf, length, digest);
70*d289c2baSAndroid Build Coastguard Worker unsigned int signature_length = 0;
71*d289c2baSAndroid Build Coastguard Worker return (1 == RSA_sign(NID_sha512,
72*d289c2baSAndroid Build Coastguard Worker digest,
73*d289c2baSAndroid Build Coastguard Worker AVB_SHA512_DIGEST_SIZE,
74*d289c2baSAndroid Build Coastguard Worker signature,
75*d289c2baSAndroid Build Coastguard Worker &signature_length,
76*d289c2baSAndroid Build Coastguard Worker rsa_));
77*d289c2baSAndroid Build Coastguard Worker }
78*d289c2baSAndroid Build Coastguard Worker
79*d289c2baSAndroid Build Coastguard Worker private:
80*d289c2baSAndroid Build Coastguard Worker RSA* rsa_;
81*d289c2baSAndroid Build Coastguard Worker };
82*d289c2baSAndroid Build Coastguard Worker
83*d289c2baSAndroid Build Coastguard Worker } /* namespace */
84*d289c2baSAndroid Build Coastguard Worker
85*d289c2baSAndroid Build Coastguard Worker namespace avb {
86*d289c2baSAndroid Build Coastguard Worker
87*d289c2baSAndroid Build Coastguard Worker class AvbCertValidateTest : public ::testing::Test,
88*d289c2baSAndroid Build Coastguard Worker public FakeAvbOpsDelegateWithDefaults {
89*d289c2baSAndroid Build Coastguard Worker public:
~AvbCertValidateTest()90*d289c2baSAndroid Build Coastguard Worker ~AvbCertValidateTest() override {}
91*d289c2baSAndroid Build Coastguard Worker
SetUp()92*d289c2baSAndroid Build Coastguard Worker void SetUp() override {
93*d289c2baSAndroid Build Coastguard Worker ReadDefaultData();
94*d289c2baSAndroid Build Coastguard Worker ops_.set_delegate(this);
95*d289c2baSAndroid Build Coastguard Worker ops_.set_permanent_attributes(attributes_);
96*d289c2baSAndroid Build Coastguard Worker ops_.set_stored_rollback_indexes({{AVB_CERT_PIK_VERSION_LOCATION, 0},
97*d289c2baSAndroid Build Coastguard Worker {AVB_CERT_PSK_VERSION_LOCATION, 0}});
98*d289c2baSAndroid Build Coastguard Worker }
99*d289c2baSAndroid Build Coastguard Worker
100*d289c2baSAndroid Build Coastguard Worker // FakeAvbOpsDelegate methods.
read_from_partition(const char * partition,int64_t offset,size_t num_bytes,void * buffer,size_t * out_num_read)101*d289c2baSAndroid Build Coastguard Worker AvbIOResult read_from_partition(const char* partition,
102*d289c2baSAndroid Build Coastguard Worker int64_t offset,
103*d289c2baSAndroid Build Coastguard Worker size_t num_bytes,
104*d289c2baSAndroid Build Coastguard Worker void* buffer,
105*d289c2baSAndroid Build Coastguard Worker size_t* out_num_read) override {
106*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
107*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
108*d289c2baSAndroid Build Coastguard Worker }
109*d289c2baSAndroid Build Coastguard Worker
get_preloaded_partition(const char * partition,size_t num_bytes,uint8_t ** out_pointer,size_t * out_num_bytes_preloaded)110*d289c2baSAndroid Build Coastguard Worker AvbIOResult get_preloaded_partition(
111*d289c2baSAndroid Build Coastguard Worker const char* partition,
112*d289c2baSAndroid Build Coastguard Worker size_t num_bytes,
113*d289c2baSAndroid Build Coastguard Worker uint8_t** out_pointer,
114*d289c2baSAndroid Build Coastguard Worker size_t* out_num_bytes_preloaded) override {
115*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
116*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
117*d289c2baSAndroid Build Coastguard Worker }
118*d289c2baSAndroid Build Coastguard Worker
write_to_partition(const char * partition,int64_t offset,size_t num_bytes,const void * buffer)119*d289c2baSAndroid Build Coastguard Worker AvbIOResult write_to_partition(const char* partition,
120*d289c2baSAndroid Build Coastguard Worker int64_t offset,
121*d289c2baSAndroid Build Coastguard Worker size_t num_bytes,
122*d289c2baSAndroid Build Coastguard Worker const void* buffer) override {
123*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
124*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
125*d289c2baSAndroid Build Coastguard Worker }
126*d289c2baSAndroid Build Coastguard Worker
validate_vbmeta_public_key(AvbOps * ops,const uint8_t * public_key_data,size_t public_key_length,const uint8_t * public_key_metadata,size_t public_key_metadata_length,bool * out_key_is_trusted)127*d289c2baSAndroid Build Coastguard Worker AvbIOResult validate_vbmeta_public_key(AvbOps* ops,
128*d289c2baSAndroid Build Coastguard Worker const uint8_t* public_key_data,
129*d289c2baSAndroid Build Coastguard Worker size_t public_key_length,
130*d289c2baSAndroid Build Coastguard Worker const uint8_t* public_key_metadata,
131*d289c2baSAndroid Build Coastguard Worker size_t public_key_metadata_length,
132*d289c2baSAndroid Build Coastguard Worker bool* out_key_is_trusted) override {
133*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
134*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
135*d289c2baSAndroid Build Coastguard Worker }
136*d289c2baSAndroid Build Coastguard Worker
read_rollback_index(AvbOps * ops,size_t rollback_index_slot,uint64_t * out_rollback_index)137*d289c2baSAndroid Build Coastguard Worker AvbIOResult read_rollback_index(AvbOps* ops,
138*d289c2baSAndroid Build Coastguard Worker size_t rollback_index_slot,
139*d289c2baSAndroid Build Coastguard Worker uint64_t* out_rollback_index) override {
140*d289c2baSAndroid Build Coastguard Worker if ((fail_read_pik_rollback_index_ &&
141*d289c2baSAndroid Build Coastguard Worker rollback_index_slot == AVB_CERT_PIK_VERSION_LOCATION) ||
142*d289c2baSAndroid Build Coastguard Worker (fail_read_psk_rollback_index_ &&
143*d289c2baSAndroid Build Coastguard Worker rollback_index_slot == AVB_CERT_PSK_VERSION_LOCATION)) {
144*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_IO;
145*d289c2baSAndroid Build Coastguard Worker }
146*d289c2baSAndroid Build Coastguard Worker return ops_.read_rollback_index(
147*d289c2baSAndroid Build Coastguard Worker ops, rollback_index_slot, out_rollback_index);
148*d289c2baSAndroid Build Coastguard Worker }
149*d289c2baSAndroid Build Coastguard Worker
write_rollback_index(AvbOps * ops,size_t rollback_index_slot,uint64_t rollback_index)150*d289c2baSAndroid Build Coastguard Worker AvbIOResult write_rollback_index(AvbOps* ops,
151*d289c2baSAndroid Build Coastguard Worker size_t rollback_index_slot,
152*d289c2baSAndroid Build Coastguard Worker uint64_t rollback_index) override {
153*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
154*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
155*d289c2baSAndroid Build Coastguard Worker }
156*d289c2baSAndroid Build Coastguard Worker
read_is_device_unlocked(AvbOps * ops,bool * out_is_device_unlocked)157*d289c2baSAndroid Build Coastguard Worker AvbIOResult read_is_device_unlocked(AvbOps* ops,
158*d289c2baSAndroid Build Coastguard Worker bool* out_is_device_unlocked) override {
159*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
160*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
161*d289c2baSAndroid Build Coastguard Worker }
162*d289c2baSAndroid Build Coastguard Worker
get_unique_guid_for_partition(AvbOps * ops,const char * partition,char * guid_buf,size_t guid_buf_size)163*d289c2baSAndroid Build Coastguard Worker AvbIOResult get_unique_guid_for_partition(AvbOps* ops,
164*d289c2baSAndroid Build Coastguard Worker const char* partition,
165*d289c2baSAndroid Build Coastguard Worker char* guid_buf,
166*d289c2baSAndroid Build Coastguard Worker size_t guid_buf_size) override {
167*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
168*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
169*d289c2baSAndroid Build Coastguard Worker }
170*d289c2baSAndroid Build Coastguard Worker
get_size_of_partition(AvbOps * ops,const char * partition,uint64_t * out_size)171*d289c2baSAndroid Build Coastguard Worker AvbIOResult get_size_of_partition(AvbOps* ops,
172*d289c2baSAndroid Build Coastguard Worker const char* partition,
173*d289c2baSAndroid Build Coastguard Worker uint64_t* out_size) override {
174*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
175*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_PARTITION;
176*d289c2baSAndroid Build Coastguard Worker }
177*d289c2baSAndroid Build Coastguard Worker
read_persistent_value(const char * name,size_t buffer_size,uint8_t * out_buffer,size_t * out_num_bytes_read)178*d289c2baSAndroid Build Coastguard Worker AvbIOResult read_persistent_value(const char* name,
179*d289c2baSAndroid Build Coastguard Worker size_t buffer_size,
180*d289c2baSAndroid Build Coastguard Worker uint8_t* out_buffer,
181*d289c2baSAndroid Build Coastguard Worker size_t* out_num_bytes_read) override {
182*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
183*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_VALUE;
184*d289c2baSAndroid Build Coastguard Worker }
185*d289c2baSAndroid Build Coastguard Worker
write_persistent_value(const char * name,size_t value_size,const uint8_t * value)186*d289c2baSAndroid Build Coastguard Worker AvbIOResult write_persistent_value(const char* name,
187*d289c2baSAndroid Build Coastguard Worker size_t value_size,
188*d289c2baSAndroid Build Coastguard Worker const uint8_t* value) override {
189*d289c2baSAndroid Build Coastguard Worker // Expect method not used.
190*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_NO_SUCH_VALUE;
191*d289c2baSAndroid Build Coastguard Worker }
192*d289c2baSAndroid Build Coastguard Worker
read_permanent_attributes(AvbCertPermanentAttributes * attributes)193*d289c2baSAndroid Build Coastguard Worker AvbIOResult read_permanent_attributes(
194*d289c2baSAndroid Build Coastguard Worker AvbCertPermanentAttributes* attributes) override {
195*d289c2baSAndroid Build Coastguard Worker if (fail_read_permanent_attributes_) {
196*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_IO;
197*d289c2baSAndroid Build Coastguard Worker }
198*d289c2baSAndroid Build Coastguard Worker return ops_.read_permanent_attributes(attributes);
199*d289c2baSAndroid Build Coastguard Worker }
200*d289c2baSAndroid Build Coastguard Worker
read_permanent_attributes_hash(uint8_t hash[AVB_SHA256_DIGEST_SIZE])201*d289c2baSAndroid Build Coastguard Worker AvbIOResult read_permanent_attributes_hash(
202*d289c2baSAndroid Build Coastguard Worker uint8_t hash[AVB_SHA256_DIGEST_SIZE]) override {
203*d289c2baSAndroid Build Coastguard Worker if (fail_read_permanent_attributes_hash_) {
204*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_IO;
205*d289c2baSAndroid Build Coastguard Worker }
206*d289c2baSAndroid Build Coastguard Worker return ops_.read_permanent_attributes_hash(hash);
207*d289c2baSAndroid Build Coastguard Worker }
208*d289c2baSAndroid Build Coastguard Worker
set_key_version(size_t rollback_index_location,uint64_t key_version)209*d289c2baSAndroid Build Coastguard Worker void set_key_version(size_t rollback_index_location,
210*d289c2baSAndroid Build Coastguard Worker uint64_t key_version) override {
211*d289c2baSAndroid Build Coastguard Worker ops_.set_key_version(rollback_index_location, key_version);
212*d289c2baSAndroid Build Coastguard Worker }
213*d289c2baSAndroid Build Coastguard Worker
get_random(size_t num_bytes,uint8_t * output)214*d289c2baSAndroid Build Coastguard Worker AvbIOResult get_random(size_t num_bytes, uint8_t* output) override {
215*d289c2baSAndroid Build Coastguard Worker if (fail_get_random_) {
216*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_ERROR_IO;
217*d289c2baSAndroid Build Coastguard Worker }
218*d289c2baSAndroid Build Coastguard Worker if (fake_random_.size() >= num_bytes) {
219*d289c2baSAndroid Build Coastguard Worker memcpy(output, fake_random_.data(), num_bytes);
220*d289c2baSAndroid Build Coastguard Worker return AVB_IO_RESULT_OK;
221*d289c2baSAndroid Build Coastguard Worker }
222*d289c2baSAndroid Build Coastguard Worker return ops_.get_random(num_bytes, output);
223*d289c2baSAndroid Build Coastguard Worker }
224*d289c2baSAndroid Build Coastguard Worker
225*d289c2baSAndroid Build Coastguard Worker protected:
Validate(bool * is_trusted)226*d289c2baSAndroid Build Coastguard Worker virtual AvbIOResult Validate(bool* is_trusted) {
227*d289c2baSAndroid Build Coastguard Worker return avb_cert_validate_vbmeta_public_key(
228*d289c2baSAndroid Build Coastguard Worker ops_.avb_ops(),
229*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.public_key,
230*d289c2baSAndroid Build Coastguard Worker AVB_CERT_PUBLIC_KEY_SIZE,
231*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<const uint8_t*>(&metadata_),
232*d289c2baSAndroid Build Coastguard Worker sizeof(metadata_),
233*d289c2baSAndroid Build Coastguard Worker is_trusted);
234*d289c2baSAndroid Build Coastguard Worker }
235*d289c2baSAndroid Build Coastguard Worker
ValidateUnlock(bool * is_trusted)236*d289c2baSAndroid Build Coastguard Worker AvbIOResult ValidateUnlock(bool* is_trusted) {
237*d289c2baSAndroid Build Coastguard Worker return avb_cert_validate_unlock_credential(
238*d289c2baSAndroid Build Coastguard Worker ops_.avb_cert_ops(), &unlock_credential_, is_trusted);
239*d289c2baSAndroid Build Coastguard Worker }
240*d289c2baSAndroid Build Coastguard Worker
SignPIKCertificate()241*d289c2baSAndroid Build Coastguard Worker void SignPIKCertificate() {
242*d289c2baSAndroid Build Coastguard Worker memset(metadata_.product_intermediate_key_certificate.signature,
243*d289c2baSAndroid Build Coastguard Worker 0,
244*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
245*d289c2baSAndroid Build Coastguard Worker ScopedRSA key(kPRKPrivateKeyPath);
246*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(
247*d289c2baSAndroid Build Coastguard Worker key.Sign(&metadata_.product_intermediate_key_certificate.signed_data,
248*d289c2baSAndroid Build Coastguard Worker sizeof(AvbCertCertificateSignedData),
249*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signature));
250*d289c2baSAndroid Build Coastguard Worker }
251*d289c2baSAndroid Build Coastguard Worker
SignPSKCertificate()252*d289c2baSAndroid Build Coastguard Worker void SignPSKCertificate() {
253*d289c2baSAndroid Build Coastguard Worker memset(metadata_.product_signing_key_certificate.signature,
254*d289c2baSAndroid Build Coastguard Worker 0,
255*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
256*d289c2baSAndroid Build Coastguard Worker ScopedRSA key(kPIKPrivateKeyPath);
257*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(key.Sign(&metadata_.product_signing_key_certificate.signed_data,
258*d289c2baSAndroid Build Coastguard Worker sizeof(AvbCertCertificateSignedData),
259*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signature));
260*d289c2baSAndroid Build Coastguard Worker }
261*d289c2baSAndroid Build Coastguard Worker
SignUnlockCredentialPIKCertificate()262*d289c2baSAndroid Build Coastguard Worker void SignUnlockCredentialPIKCertificate() {
263*d289c2baSAndroid Build Coastguard Worker memset(unlock_credential_.product_intermediate_key_certificate.signature,
264*d289c2baSAndroid Build Coastguard Worker 0,
265*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
266*d289c2baSAndroid Build Coastguard Worker ScopedRSA key(kPRKPrivateKeyPath);
267*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(key.Sign(
268*d289c2baSAndroid Build Coastguard Worker &unlock_credential_.product_intermediate_key_certificate.signed_data,
269*d289c2baSAndroid Build Coastguard Worker sizeof(AvbCertCertificateSignedData),
270*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signature));
271*d289c2baSAndroid Build Coastguard Worker }
272*d289c2baSAndroid Build Coastguard Worker
SignUnlockCredentialPUKCertificate()273*d289c2baSAndroid Build Coastguard Worker void SignUnlockCredentialPUKCertificate() {
274*d289c2baSAndroid Build Coastguard Worker memset(unlock_credential_.product_unlock_key_certificate.signature,
275*d289c2baSAndroid Build Coastguard Worker 0,
276*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
277*d289c2baSAndroid Build Coastguard Worker ScopedRSA key(kPIKPrivateKeyPath);
278*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(
279*d289c2baSAndroid Build Coastguard Worker key.Sign(&unlock_credential_.product_unlock_key_certificate.signed_data,
280*d289c2baSAndroid Build Coastguard Worker sizeof(AvbCertCertificateSignedData),
281*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signature));
282*d289c2baSAndroid Build Coastguard Worker }
283*d289c2baSAndroid Build Coastguard Worker
SignUnlockCredentialChallenge(const char * key_path)284*d289c2baSAndroid Build Coastguard Worker void SignUnlockCredentialChallenge(const char* key_path) {
285*d289c2baSAndroid Build Coastguard Worker memset(unlock_credential_.challenge_signature, 0, AVB_RSA4096_NUM_BYTES);
286*d289c2baSAndroid Build Coastguard Worker ScopedRSA key(key_path);
287*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(key.Sign(unlock_challenge_.data(),
288*d289c2baSAndroid Build Coastguard Worker unlock_challenge_.size(),
289*d289c2baSAndroid Build Coastguard Worker unlock_credential_.challenge_signature));
290*d289c2baSAndroid Build Coastguard Worker }
291*d289c2baSAndroid Build Coastguard Worker
PrepareUnlockCredential()292*d289c2baSAndroid Build Coastguard Worker bool PrepareUnlockCredential() {
293*d289c2baSAndroid Build Coastguard Worker // Stage a challenge to be remembered as the 'most recent challenge'. Then
294*d289c2baSAndroid Build Coastguard Worker // the next call to unlock with |unlock_credential_| is expected to succeed.
295*d289c2baSAndroid Build Coastguard Worker fake_random_ = unlock_challenge_;
296*d289c2baSAndroid Build Coastguard Worker AvbCertUnlockChallenge challenge;
297*d289c2baSAndroid Build Coastguard Worker return (AVB_IO_RESULT_OK == avb_cert_generate_unlock_challenge(
298*d289c2baSAndroid Build Coastguard Worker ops_.avb_cert_ops(), &challenge));
299*d289c2baSAndroid Build Coastguard Worker }
300*d289c2baSAndroid Build Coastguard Worker
301*d289c2baSAndroid Build Coastguard Worker AvbCertPermanentAttributes attributes_;
302*d289c2baSAndroid Build Coastguard Worker AvbCertPublicKeyMetadata metadata_;
303*d289c2baSAndroid Build Coastguard Worker bool fail_read_permanent_attributes_{false};
304*d289c2baSAndroid Build Coastguard Worker bool fail_read_permanent_attributes_hash_{false};
305*d289c2baSAndroid Build Coastguard Worker bool fail_read_pik_rollback_index_{false};
306*d289c2baSAndroid Build Coastguard Worker bool fail_read_psk_rollback_index_{false};
307*d289c2baSAndroid Build Coastguard Worker bool fail_get_random_{false};
308*d289c2baSAndroid Build Coastguard Worker std::string fake_random_;
309*d289c2baSAndroid Build Coastguard Worker AvbCertUnlockCredential unlock_credential_;
310*d289c2baSAndroid Build Coastguard Worker std::string unlock_challenge_;
311*d289c2baSAndroid Build Coastguard Worker
312*d289c2baSAndroid Build Coastguard Worker private:
ReadDefaultData()313*d289c2baSAndroid Build Coastguard Worker void ReadDefaultData() {
314*d289c2baSAndroid Build Coastguard Worker std::string tmp;
315*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(base::ReadFileToString(base::FilePath(kMetadataPath), &tmp));
316*d289c2baSAndroid Build Coastguard Worker ASSERT_EQ(tmp.size(), sizeof(AvbCertPublicKeyMetadata));
317*d289c2baSAndroid Build Coastguard Worker memcpy(&metadata_, tmp.data(), tmp.size());
318*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(
319*d289c2baSAndroid Build Coastguard Worker base::ReadFileToString(base::FilePath(kPermanentAttributesPath), &tmp));
320*d289c2baSAndroid Build Coastguard Worker ASSERT_EQ(tmp.size(), sizeof(AvbCertPermanentAttributes));
321*d289c2baSAndroid Build Coastguard Worker memcpy(&attributes_, tmp.data(), tmp.size());
322*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(base::ReadFileToString(base::FilePath(kUnlockChallengePath),
323*d289c2baSAndroid Build Coastguard Worker &unlock_challenge_));
324*d289c2baSAndroid Build Coastguard Worker ASSERT_EQ(size_t(AVB_CERT_UNLOCK_CHALLENGE_SIZE), unlock_challenge_.size());
325*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(
326*d289c2baSAndroid Build Coastguard Worker base::ReadFileToString(base::FilePath(kUnlockCredentialPath), &tmp));
327*d289c2baSAndroid Build Coastguard Worker ASSERT_EQ(tmp.size(), sizeof(AvbCertUnlockCredential));
328*d289c2baSAndroid Build Coastguard Worker memcpy(&unlock_credential_, tmp.data(), tmp.size());
329*d289c2baSAndroid Build Coastguard Worker }
330*d289c2baSAndroid Build Coastguard Worker };
331*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,Success)332*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, Success) {
333*d289c2baSAndroid Build Coastguard Worker bool is_trusted = false;
334*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
335*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
336*d289c2baSAndroid Build Coastguard Worker
337*d289c2baSAndroid Build Coastguard Worker // Check that the key versions were reported correctly.
338*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(
339*d289c2baSAndroid Build Coastguard Worker ops_.get_verified_rollback_indexes()[AVB_CERT_PIK_VERSION_LOCATION],
340*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.key_version);
341*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(ops_.get_verified_rollback_indexes()[AVB_CERT_PSK_VERSION_LOCATION],
342*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.key_version);
343*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(2UL, ops_.get_verified_rollback_indexes().size());
344*d289c2baSAndroid Build Coastguard Worker }
345*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,SuccessAfterNewSign)346*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, SuccessAfterNewSign) {
347*d289c2baSAndroid Build Coastguard Worker std::string old_pik_sig(
348*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<char*>(
349*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signature),
350*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
351*d289c2baSAndroid Build Coastguard Worker std::string old_psk_sig(
352*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<char*>(
353*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signature),
354*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
355*d289c2baSAndroid Build Coastguard Worker SignPIKCertificate();
356*d289c2baSAndroid Build Coastguard Worker SignPSKCertificate();
357*d289c2baSAndroid Build Coastguard Worker std::string new_pik_sig(
358*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<char*>(
359*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signature),
360*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
361*d289c2baSAndroid Build Coastguard Worker std::string new_psk_sig(
362*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<char*>(
363*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signature),
364*d289c2baSAndroid Build Coastguard Worker AVB_RSA4096_NUM_BYTES);
365*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(old_pik_sig, new_pik_sig);
366*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(old_psk_sig, new_psk_sig);
367*d289c2baSAndroid Build Coastguard Worker bool is_trusted = false;
368*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
369*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
370*d289c2baSAndroid Build Coastguard Worker }
371*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,FailReadPermamentAttributes)372*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, FailReadPermamentAttributes) {
373*d289c2baSAndroid Build Coastguard Worker fail_read_permanent_attributes_ = true;
374*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
375*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, Validate(&is_trusted));
376*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
377*d289c2baSAndroid Build Coastguard Worker }
378*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,FailReadPermamentAttributesHash)379*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, FailReadPermamentAttributesHash) {
380*d289c2baSAndroid Build Coastguard Worker fail_read_permanent_attributes_hash_ = true;
381*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
382*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, Validate(&is_trusted));
383*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
384*d289c2baSAndroid Build Coastguard Worker }
385*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,UnsupportedPermanentAttributesVersion)386*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, UnsupportedPermanentAttributesVersion) {
387*d289c2baSAndroid Build Coastguard Worker attributes_.version = 25;
388*d289c2baSAndroid Build Coastguard Worker ops_.set_permanent_attributes(attributes_);
389*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
390*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
391*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
392*d289c2baSAndroid Build Coastguard Worker }
393*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PermanentAttributesHashMismatch)394*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PermanentAttributesHashMismatch) {
395*d289c2baSAndroid Build Coastguard Worker ops_.set_permanent_attributes_hash("bad_hash");
396*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
397*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
398*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
399*d289c2baSAndroid Build Coastguard Worker }
400*d289c2baSAndroid Build Coastguard Worker
401*d289c2baSAndroid Build Coastguard Worker // A fixture with parameterized metadata length.
402*d289c2baSAndroid Build Coastguard Worker class AvbCertValidateTestWithMetadataLength
403*d289c2baSAndroid Build Coastguard Worker : public AvbCertValidateTest,
404*d289c2baSAndroid Build Coastguard Worker public ::testing::WithParamInterface<size_t> {
405*d289c2baSAndroid Build Coastguard Worker protected:
Validate(bool * is_trusted)406*d289c2baSAndroid Build Coastguard Worker AvbIOResult Validate(bool* is_trusted) override {
407*d289c2baSAndroid Build Coastguard Worker return avb_cert_validate_vbmeta_public_key(
408*d289c2baSAndroid Build Coastguard Worker ops_.avb_ops(),
409*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.public_key,
410*d289c2baSAndroid Build Coastguard Worker AVB_CERT_PUBLIC_KEY_SIZE,
411*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<const uint8_t*>(&metadata_),
412*d289c2baSAndroid Build Coastguard Worker GetParam(),
413*d289c2baSAndroid Build Coastguard Worker is_trusted);
414*d289c2baSAndroid Build Coastguard Worker }
415*d289c2baSAndroid Build Coastguard Worker };
416*d289c2baSAndroid Build Coastguard Worker
TEST_P(AvbCertValidateTestWithMetadataLength,InvalidMetadataLength)417*d289c2baSAndroid Build Coastguard Worker TEST_P(AvbCertValidateTestWithMetadataLength, InvalidMetadataLength) {
418*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
419*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
420*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
421*d289c2baSAndroid Build Coastguard Worker }
422*d289c2baSAndroid Build Coastguard Worker
423*d289c2baSAndroid Build Coastguard Worker // Test a bunch of invalid metadata length values.
424*d289c2baSAndroid Build Coastguard Worker INSTANTIATE_TEST_CASE_P(P,
425*d289c2baSAndroid Build Coastguard Worker AvbCertValidateTestWithMetadataLength,
426*d289c2baSAndroid Build Coastguard Worker ::testing::Values(0,
427*d289c2baSAndroid Build Coastguard Worker 1,
428*d289c2baSAndroid Build Coastguard Worker sizeof(AvbCertPublicKeyMetadata) - 1,
429*d289c2baSAndroid Build Coastguard Worker sizeof(AvbCertPublicKeyMetadata) + 1,
430*d289c2baSAndroid Build Coastguard Worker -1));
431*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,UnsupportedMetadataVersion)432*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, UnsupportedMetadataVersion) {
433*d289c2baSAndroid Build Coastguard Worker metadata_.version = 25;
434*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
435*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
436*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
437*d289c2baSAndroid Build Coastguard Worker }
438*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,FailReadPIKRollbackIndex)439*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, FailReadPIKRollbackIndex) {
440*d289c2baSAndroid Build Coastguard Worker fail_read_pik_rollback_index_ = true;
441*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
442*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, Validate(&is_trusted));
443*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
444*d289c2baSAndroid Build Coastguard Worker }
445*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,UnsupportedPIKCertificateVersion)446*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, UnsupportedPIKCertificateVersion) {
447*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.version = 25;
448*d289c2baSAndroid Build Coastguard Worker SignPIKCertificate();
449*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
450*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
451*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
452*d289c2baSAndroid Build Coastguard Worker }
453*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPIKCert_ModifiedSubjectPublicKey)454*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPIKCert_ModifiedSubjectPublicKey) {
455*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.public_key[0] ^= 1;
456*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
457*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
458*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
459*d289c2baSAndroid Build Coastguard Worker }
460*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPIKCert_ModifiedSubject)461*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPIKCert_ModifiedSubject) {
462*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.subject[0] ^= 1;
463*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
464*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
465*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
466*d289c2baSAndroid Build Coastguard Worker }
467*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPIKCert_ModifiedUsage)468*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPIKCert_ModifiedUsage) {
469*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.usage[0] ^= 1;
470*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
471*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
472*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
473*d289c2baSAndroid Build Coastguard Worker }
474*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPIKCert_ModifiedKeyVersion)475*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPIKCert_ModifiedKeyVersion) {
476*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.key_version ^= 1;
477*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
478*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
479*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
480*d289c2baSAndroid Build Coastguard Worker }
481*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPIKCert_BadSignature)482*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPIKCert_BadSignature) {
483*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signature[0] ^= 1;
484*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
485*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
486*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
487*d289c2baSAndroid Build Coastguard Worker }
488*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PIKCertSubjectIgnored)489*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PIKCertSubjectIgnored) {
490*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.subject[0] ^= 1;
491*d289c2baSAndroid Build Coastguard Worker SignPIKCertificate();
492*d289c2baSAndroid Build Coastguard Worker bool is_trusted = false;
493*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
494*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
495*d289c2baSAndroid Build Coastguard Worker }
496*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PIKCertUnexpectedUsage)497*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PIKCertUnexpectedUsage) {
498*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.usage[0] ^= 1;
499*d289c2baSAndroid Build Coastguard Worker SignPIKCertificate();
500*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
501*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
502*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
503*d289c2baSAndroid Build Coastguard Worker }
504*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PIKRollback)505*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PIKRollback) {
506*d289c2baSAndroid Build Coastguard Worker ops_.set_stored_rollback_indexes(
507*d289c2baSAndroid Build Coastguard Worker {{AVB_CERT_PIK_VERSION_LOCATION,
508*d289c2baSAndroid Build Coastguard Worker metadata_.product_intermediate_key_certificate.signed_data.key_version +
509*d289c2baSAndroid Build Coastguard Worker 1},
510*d289c2baSAndroid Build Coastguard Worker {AVB_CERT_PSK_VERSION_LOCATION, 0}});
511*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
512*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
513*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
514*d289c2baSAndroid Build Coastguard Worker }
515*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,FailReadPSKRollbackIndex)516*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, FailReadPSKRollbackIndex) {
517*d289c2baSAndroid Build Coastguard Worker fail_read_psk_rollback_index_ = true;
518*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
519*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, Validate(&is_trusted));
520*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
521*d289c2baSAndroid Build Coastguard Worker }
522*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,UnsupportedPSKCertificateVersion)523*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, UnsupportedPSKCertificateVersion) {
524*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.version = 25;
525*d289c2baSAndroid Build Coastguard Worker SignPSKCertificate();
526*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
527*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
528*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
529*d289c2baSAndroid Build Coastguard Worker }
530*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPSKCert_ModifiedSubjectPublicKey)531*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPSKCert_ModifiedSubjectPublicKey) {
532*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.public_key[0] ^= 1;
533*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
534*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
535*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
536*d289c2baSAndroid Build Coastguard Worker }
537*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPSKCert_ModifiedSubject)538*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPSKCert_ModifiedSubject) {
539*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.subject[0] ^= 1;
540*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
541*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
542*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
543*d289c2baSAndroid Build Coastguard Worker }
544*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPSKCert_ModifiedUsage)545*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPSKCert_ModifiedUsage) {
546*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.usage[0] ^= 1;
547*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
548*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
549*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
550*d289c2baSAndroid Build Coastguard Worker }
551*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPSKCert_ModifiedKeyVersion)552*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPSKCert_ModifiedKeyVersion) {
553*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.key_version ^= 1;
554*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
555*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
556*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
557*d289c2baSAndroid Build Coastguard Worker }
558*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,BadPSKCert_BadSignature)559*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, BadPSKCert_BadSignature) {
560*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signature[0] ^= 1;
561*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
562*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
563*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
564*d289c2baSAndroid Build Coastguard Worker }
565*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PSKCertUnexpectedSubject)566*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PSKCertUnexpectedSubject) {
567*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.subject[0] ^= 1;
568*d289c2baSAndroid Build Coastguard Worker SignPSKCertificate();
569*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
570*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
571*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
572*d289c2baSAndroid Build Coastguard Worker }
573*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PSKCertUnexpectedUsage)574*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PSKCertUnexpectedUsage) {
575*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.usage[0] ^= 1;
576*d289c2baSAndroid Build Coastguard Worker SignPSKCertificate();
577*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
578*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
579*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
580*d289c2baSAndroid Build Coastguard Worker }
581*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PSKRollback)582*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PSKRollback) {
583*d289c2baSAndroid Build Coastguard Worker ops_.set_stored_rollback_indexes(
584*d289c2baSAndroid Build Coastguard Worker {{AVB_CERT_PIK_VERSION_LOCATION, 0},
585*d289c2baSAndroid Build Coastguard Worker {AVB_CERT_PSK_VERSION_LOCATION,
586*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.key_version +
587*d289c2baSAndroid Build Coastguard Worker 1}});
588*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
589*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
590*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
591*d289c2baSAndroid Build Coastguard Worker }
592*d289c2baSAndroid Build Coastguard Worker
593*d289c2baSAndroid Build Coastguard Worker // A fixture with parameterized public key length.
594*d289c2baSAndroid Build Coastguard Worker class AvbCertValidateTestWithPublicKeyLength
595*d289c2baSAndroid Build Coastguard Worker : public AvbCertValidateTest,
596*d289c2baSAndroid Build Coastguard Worker public ::testing::WithParamInterface<size_t> {
597*d289c2baSAndroid Build Coastguard Worker protected:
Validate(bool * is_trusted)598*d289c2baSAndroid Build Coastguard Worker AvbIOResult Validate(bool* is_trusted) override {
599*d289c2baSAndroid Build Coastguard Worker return avb_cert_validate_vbmeta_public_key(
600*d289c2baSAndroid Build Coastguard Worker ops_.avb_ops(),
601*d289c2baSAndroid Build Coastguard Worker metadata_.product_signing_key_certificate.signed_data.public_key,
602*d289c2baSAndroid Build Coastguard Worker GetParam(),
603*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<const uint8_t*>(&metadata_),
604*d289c2baSAndroid Build Coastguard Worker sizeof(metadata_),
605*d289c2baSAndroid Build Coastguard Worker is_trusted);
606*d289c2baSAndroid Build Coastguard Worker }
607*d289c2baSAndroid Build Coastguard Worker };
608*d289c2baSAndroid Build Coastguard Worker
TEST_P(AvbCertValidateTestWithPublicKeyLength,InvalidPublicKeyLength)609*d289c2baSAndroid Build Coastguard Worker TEST_P(AvbCertValidateTestWithPublicKeyLength, InvalidPublicKeyLength) {
610*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
611*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, Validate(&is_trusted));
612*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
613*d289c2baSAndroid Build Coastguard Worker }
614*d289c2baSAndroid Build Coastguard Worker
615*d289c2baSAndroid Build Coastguard Worker // Test a bunch of invalid public key length values.
616*d289c2baSAndroid Build Coastguard Worker INSTANTIATE_TEST_CASE_P(P,
617*d289c2baSAndroid Build Coastguard Worker AvbCertValidateTestWithPublicKeyLength,
618*d289c2baSAndroid Build Coastguard Worker ::testing::Values(0,
619*d289c2baSAndroid Build Coastguard Worker 1,
620*d289c2baSAndroid Build Coastguard Worker AVB_CERT_PUBLIC_KEY_SIZE - 1,
621*d289c2baSAndroid Build Coastguard Worker AVB_CERT_PUBLIC_KEY_SIZE + 1,
622*d289c2baSAndroid Build Coastguard Worker AVB_CERT_PUBLIC_KEY_SIZE - 512,
623*d289c2baSAndroid Build Coastguard Worker -1));
624*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,PSKMismatch)625*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, PSKMismatch) {
626*d289c2baSAndroid Build Coastguard Worker uint8_t bad_key[AVB_CERT_PUBLIC_KEY_SIZE] = {};
627*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
628*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK,
629*d289c2baSAndroid Build Coastguard Worker avb_cert_validate_vbmeta_public_key(
630*d289c2baSAndroid Build Coastguard Worker ops_.avb_ops(),
631*d289c2baSAndroid Build Coastguard Worker bad_key,
632*d289c2baSAndroid Build Coastguard Worker AVB_CERT_PUBLIC_KEY_SIZE,
633*d289c2baSAndroid Build Coastguard Worker reinterpret_cast<const uint8_t*>(&metadata_),
634*d289c2baSAndroid Build Coastguard Worker sizeof(metadata_),
635*d289c2baSAndroid Build Coastguard Worker &is_trusted));
636*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
637*d289c2baSAndroid Build Coastguard Worker }
638*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,GenerateUnlockChallenge)639*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, GenerateUnlockChallenge) {
640*d289c2baSAndroid Build Coastguard Worker fake_random_ = std::string(AVB_CERT_UNLOCK_CHALLENGE_SIZE, 'C');
641*d289c2baSAndroid Build Coastguard Worker AvbCertUnlockChallenge challenge;
642*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(
643*d289c2baSAndroid Build Coastguard Worker AVB_IO_RESULT_OK,
644*d289c2baSAndroid Build Coastguard Worker avb_cert_generate_unlock_challenge(ops_.avb_cert_ops(), &challenge));
645*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(1UL, challenge.version);
646*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(0,
647*d289c2baSAndroid Build Coastguard Worker memcmp(fake_random_.data(),
648*d289c2baSAndroid Build Coastguard Worker challenge.challenge,
649*d289c2baSAndroid Build Coastguard Worker AVB_CERT_UNLOCK_CHALLENGE_SIZE));
650*d289c2baSAndroid Build Coastguard Worker uint8_t expected_pid_hash[AVB_SHA256_DIGEST_SIZE];
651*d289c2baSAndroid Build Coastguard Worker SHA256(attributes_.product_id, AVB_CERT_PRODUCT_ID_SIZE, expected_pid_hash);
652*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(0,
653*d289c2baSAndroid Build Coastguard Worker memcmp(expected_pid_hash,
654*d289c2baSAndroid Build Coastguard Worker challenge.product_id_hash,
655*d289c2baSAndroid Build Coastguard Worker AVB_SHA256_DIGEST_SIZE));
656*d289c2baSAndroid Build Coastguard Worker }
657*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,GenerateUnlockChallenge_NoAttributes)658*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, GenerateUnlockChallenge_NoAttributes) {
659*d289c2baSAndroid Build Coastguard Worker fail_read_permanent_attributes_ = true;
660*d289c2baSAndroid Build Coastguard Worker AvbCertUnlockChallenge challenge;
661*d289c2baSAndroid Build Coastguard Worker EXPECT_NE(
662*d289c2baSAndroid Build Coastguard Worker AVB_IO_RESULT_OK,
663*d289c2baSAndroid Build Coastguard Worker avb_cert_generate_unlock_challenge(ops_.avb_cert_ops(), &challenge));
664*d289c2baSAndroid Build Coastguard Worker }
665*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,GenerateUnlockChallenge_NoRNG)666*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, GenerateUnlockChallenge_NoRNG) {
667*d289c2baSAndroid Build Coastguard Worker fail_get_random_ = true;
668*d289c2baSAndroid Build Coastguard Worker AvbCertUnlockChallenge challenge;
669*d289c2baSAndroid Build Coastguard Worker EXPECT_NE(
670*d289c2baSAndroid Build Coastguard Worker AVB_IO_RESULT_OK,
671*d289c2baSAndroid Build Coastguard Worker avb_cert_generate_unlock_challenge(ops_.avb_cert_ops(), &challenge));
672*d289c2baSAndroid Build Coastguard Worker }
673*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential)674*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential) {
675*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
676*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
677*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
678*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
679*d289c2baSAndroid Build Coastguard Worker }
680*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_UnsupportedVersion)681*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_UnsupportedVersion) {
682*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
683*d289c2baSAndroid Build Coastguard Worker unlock_credential_.version++;
684*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
685*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
686*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
687*d289c2baSAndroid Build Coastguard Worker }
688*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_NoAttributes)689*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_NoAttributes) {
690*d289c2baSAndroid Build Coastguard Worker PrepareUnlockCredential();
691*d289c2baSAndroid Build Coastguard Worker fail_read_permanent_attributes_ = true;
692*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
693*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, ValidateUnlock(&is_trusted));
694*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
695*d289c2baSAndroid Build Coastguard Worker }
696*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_NoAttributesHash)697*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_NoAttributesHash) {
698*d289c2baSAndroid Build Coastguard Worker PrepareUnlockCredential();
699*d289c2baSAndroid Build Coastguard Worker fail_read_permanent_attributes_hash_ = true;
700*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
701*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, ValidateUnlock(&is_trusted));
702*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
703*d289c2baSAndroid Build Coastguard Worker }
704*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_UnsupportedAttributesVersion)705*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
706*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_UnsupportedAttributesVersion) {
707*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
708*d289c2baSAndroid Build Coastguard Worker attributes_.version = 25;
709*d289c2baSAndroid Build Coastguard Worker ops_.set_permanent_attributes(attributes_);
710*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
711*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
712*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
713*d289c2baSAndroid Build Coastguard Worker }
714*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_AttributesHashMismatch)715*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_AttributesHashMismatch) {
716*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
717*d289c2baSAndroid Build Coastguard Worker ops_.set_permanent_attributes_hash("bad_hash");
718*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
719*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
720*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
721*d289c2baSAndroid Build Coastguard Worker }
722*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_FailReadPIKRollbackIndex)723*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_FailReadPIKRollbackIndex) {
724*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
725*d289c2baSAndroid Build Coastguard Worker fail_read_pik_rollback_index_ = true;
726*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
727*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, ValidateUnlock(&is_trusted));
728*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
729*d289c2baSAndroid Build Coastguard Worker }
730*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_UnsupportedPIKCertificateVersion)731*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
732*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_UnsupportedPIKCertificateVersion) {
733*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
734*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data.version =
735*d289c2baSAndroid Build Coastguard Worker 25;
736*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialPIKCertificate();
737*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
738*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
739*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
740*d289c2baSAndroid Build Coastguard Worker }
741*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPIKCert_ModifiedSubjectPublicKey)742*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
743*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_BadPIKCert_ModifiedSubjectPublicKey) {
744*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
745*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data
746*d289c2baSAndroid Build Coastguard Worker .public_key[0] ^= 1;
747*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
748*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
749*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
750*d289c2baSAndroid Build Coastguard Worker }
751*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPIKCert_ModifiedSubject)752*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
753*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_BadPIKCert_ModifiedSubject) {
754*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
755*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data
756*d289c2baSAndroid Build Coastguard Worker .subject[0] ^= 1;
757*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
758*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
759*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
760*d289c2baSAndroid Build Coastguard Worker }
761*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPIKCert_ModifiedUsage)762*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_BadPIKCert_ModifiedUsage) {
763*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
764*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data
765*d289c2baSAndroid Build Coastguard Worker .usage[0] ^= 1;
766*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
767*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
768*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
769*d289c2baSAndroid Build Coastguard Worker }
770*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPIKCert_ModifiedKeyVersion)771*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
772*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_BadPIKCert_ModifiedKeyVersion) {
773*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
774*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data
775*d289c2baSAndroid Build Coastguard Worker .key_version ^= 1;
776*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
777*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
778*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
779*d289c2baSAndroid Build Coastguard Worker }
780*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPIKCert_BadSignature)781*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_BadPIKCert_BadSignature) {
782*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
783*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signature[0] ^= 1;
784*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
785*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
786*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
787*d289c2baSAndroid Build Coastguard Worker }
788*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_PIKCertSubjectIgnored)789*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_PIKCertSubjectIgnored) {
790*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
791*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data
792*d289c2baSAndroid Build Coastguard Worker .subject[0] ^= 1;
793*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialPIKCertificate();
794*d289c2baSAndroid Build Coastguard Worker bool is_trusted = false;
795*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
796*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
797*d289c2baSAndroid Build Coastguard Worker }
798*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_PIKCertUnexpectedUsage)799*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_PIKCertUnexpectedUsage) {
800*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
801*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data
802*d289c2baSAndroid Build Coastguard Worker .usage[0] ^= 1;
803*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialPIKCertificate();
804*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
805*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
806*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
807*d289c2baSAndroid Build Coastguard Worker }
808*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_PIKRollback)809*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_PIKRollback) {
810*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
811*d289c2baSAndroid Build Coastguard Worker ops_.set_stored_rollback_indexes(
812*d289c2baSAndroid Build Coastguard Worker {{AVB_CERT_PIK_VERSION_LOCATION,
813*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_intermediate_key_certificate.signed_data
814*d289c2baSAndroid Build Coastguard Worker .key_version +
815*d289c2baSAndroid Build Coastguard Worker 1},
816*d289c2baSAndroid Build Coastguard Worker {AVB_CERT_PSK_VERSION_LOCATION, 0}});
817*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
818*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
819*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
820*d289c2baSAndroid Build Coastguard Worker }
821*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_FailReadPSKRollbackIndex)822*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_FailReadPSKRollbackIndex) {
823*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
824*d289c2baSAndroid Build Coastguard Worker fail_read_psk_rollback_index_ = true;
825*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
826*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_ERROR_IO, ValidateUnlock(&is_trusted));
827*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
828*d289c2baSAndroid Build Coastguard Worker }
829*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_UnsupportedPUKCertificateVersion)830*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
831*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_UnsupportedPUKCertificateVersion) {
832*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
833*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data.version = 25;
834*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialPUKCertificate();
835*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
836*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
837*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
838*d289c2baSAndroid Build Coastguard Worker }
839*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPUKCert_ModifiedSubjectPublicKey)840*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
841*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_BadPUKCert_ModifiedSubjectPublicKey) {
842*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
843*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data.public_key[0] ^=
844*d289c2baSAndroid Build Coastguard Worker 1;
845*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
846*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
847*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
848*d289c2baSAndroid Build Coastguard Worker }
849*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPUKCert_ModifiedSubject)850*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
851*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_BadPUKCert_ModifiedSubject) {
852*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
853*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data.subject[0] ^= 1;
854*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
855*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
856*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
857*d289c2baSAndroid Build Coastguard Worker }
858*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPUKCert_ModifiedUsage)859*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_BadPUKCert_ModifiedUsage) {
860*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
861*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data.usage[0] ^= 1;
862*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
863*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
864*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
865*d289c2baSAndroid Build Coastguard Worker }
866*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPUKCert_ModifiedKeyVersion)867*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest,
868*d289c2baSAndroid Build Coastguard Worker ValidateUnlockCredential_BadPUKCert_ModifiedKeyVersion) {
869*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
870*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data.key_version ^=
871*d289c2baSAndroid Build Coastguard Worker 1;
872*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
873*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
874*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
875*d289c2baSAndroid Build Coastguard Worker }
876*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadPUKCert_BadSignature)877*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_BadPUKCert_BadSignature) {
878*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
879*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signature[0] ^= 1;
880*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
881*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
882*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
883*d289c2baSAndroid Build Coastguard Worker }
884*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_PUKCertUnexpectedSubject)885*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_PUKCertUnexpectedSubject) {
886*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
887*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data.subject[0] ^= 1;
888*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialPUKCertificate();
889*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
890*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
891*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
892*d289c2baSAndroid Build Coastguard Worker }
893*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_PUKCertUnexpectedUsage)894*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_PUKCertUnexpectedUsage) {
895*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
896*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data.usage[0] ^= 1;
897*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialPUKCertificate();
898*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
899*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
900*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
901*d289c2baSAndroid Build Coastguard Worker }
902*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_PUKRollback)903*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_PUKRollback) {
904*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
905*d289c2baSAndroid Build Coastguard Worker ops_.set_stored_rollback_indexes(
906*d289c2baSAndroid Build Coastguard Worker {{AVB_CERT_PIK_VERSION_LOCATION, 0},
907*d289c2baSAndroid Build Coastguard Worker {AVB_CERT_PSK_VERSION_LOCATION,
908*d289c2baSAndroid Build Coastguard Worker unlock_credential_.product_unlock_key_certificate.signed_data
909*d289c2baSAndroid Build Coastguard Worker .key_version +
910*d289c2baSAndroid Build Coastguard Worker 1}});
911*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
912*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
913*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
914*d289c2baSAndroid Build Coastguard Worker }
915*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_BadChallengeSignature)916*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_BadChallengeSignature) {
917*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
918*d289c2baSAndroid Build Coastguard Worker unlock_credential_.challenge_signature[10] ^= 1;
919*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
920*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
921*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
922*d289c2baSAndroid Build Coastguard Worker }
923*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_ChallengeMismatch)924*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_ChallengeMismatch) {
925*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
926*d289c2baSAndroid Build Coastguard Worker unlock_challenge_ = "bad";
927*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialChallenge(kPUKPrivateKeyPath);
928*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
929*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
930*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
931*d289c2baSAndroid Build Coastguard Worker }
932*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_UnlockWithPSK)933*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_UnlockWithPSK) {
934*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
935*d289c2baSAndroid Build Coastguard Worker // Copy the PSK cert as the PUK cert.
936*d289c2baSAndroid Build Coastguard Worker memcpy(&unlock_credential_.product_unlock_key_certificate,
937*d289c2baSAndroid Build Coastguard Worker &metadata_.product_signing_key_certificate,
938*d289c2baSAndroid Build Coastguard Worker sizeof(AvbCertCertificate));
939*d289c2baSAndroid Build Coastguard Worker // Sign the challenge with the PSK instead of the PUK.
940*d289c2baSAndroid Build Coastguard Worker SignUnlockCredentialChallenge(kPSKPrivateKeyPath);
941*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
942*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
943*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
944*d289c2baSAndroid Build Coastguard Worker }
945*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_ReplayChallenge)946*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_ReplayChallenge) {
947*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
948*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
949*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
950*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
951*d289c2baSAndroid Build Coastguard Worker // A second attempt with the same challenge should fail.
952*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
953*d289c2baSAndroid Build Coastguard Worker EXPECT_FALSE(is_trusted);
954*d289c2baSAndroid Build Coastguard Worker }
955*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertValidateTest,ValidateUnlockCredential_MultipleUnlock)956*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertValidateTest, ValidateUnlockCredential_MultipleUnlock) {
957*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
958*d289c2baSAndroid Build Coastguard Worker bool is_trusted = true;
959*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
960*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
961*d289c2baSAndroid Build Coastguard Worker // A second attempt with a newly staged challenge should succeed.
962*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(PrepareUnlockCredential());
963*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_IO_RESULT_OK, ValidateUnlock(&is_trusted));
964*d289c2baSAndroid Build Coastguard Worker EXPECT_TRUE(is_trusted);
965*d289c2baSAndroid Build Coastguard Worker }
966*d289c2baSAndroid Build Coastguard Worker
967*d289c2baSAndroid Build Coastguard Worker // A fixture for testing avb_slot_verify() with libavb_cert.
968*d289c2baSAndroid Build Coastguard Worker class AvbCertSlotVerifyTest : public BaseAvbToolTest,
969*d289c2baSAndroid Build Coastguard Worker public FakeAvbOpsDelegateWithDefaults {
970*d289c2baSAndroid Build Coastguard Worker public:
971*d289c2baSAndroid Build Coastguard Worker ~AvbCertSlotVerifyTest() override = default;
972*d289c2baSAndroid Build Coastguard Worker
SetUp()973*d289c2baSAndroid Build Coastguard Worker void SetUp() override {
974*d289c2baSAndroid Build Coastguard Worker BaseAvbToolTest::SetUp();
975*d289c2baSAndroid Build Coastguard Worker ReadCertDefaultData();
976*d289c2baSAndroid Build Coastguard Worker ops_.set_partition_dir(testdir_);
977*d289c2baSAndroid Build Coastguard Worker ops_.set_delegate(this);
978*d289c2baSAndroid Build Coastguard Worker ops_.set_permanent_attributes(attributes_);
979*d289c2baSAndroid Build Coastguard Worker ops_.set_stored_rollback_indexes({{0, 0},
980*d289c2baSAndroid Build Coastguard Worker {1, 0},
981*d289c2baSAndroid Build Coastguard Worker {2, 0},
982*d289c2baSAndroid Build Coastguard Worker {3, 0},
983*d289c2baSAndroid Build Coastguard Worker {AVB_CERT_PIK_VERSION_LOCATION, 0},
984*d289c2baSAndroid Build Coastguard Worker {AVB_CERT_PSK_VERSION_LOCATION, 0}});
985*d289c2baSAndroid Build Coastguard Worker ops_.set_stored_is_device_unlocked(false);
986*d289c2baSAndroid Build Coastguard Worker }
987*d289c2baSAndroid Build Coastguard Worker
988*d289c2baSAndroid Build Coastguard Worker // FakeAvbOpsDelegate override.
validate_vbmeta_public_key(AvbOps * ops,const uint8_t * public_key_data,size_t public_key_length,const uint8_t * public_key_metadata,size_t public_key_metadata_length,bool * out_key_is_trusted)989*d289c2baSAndroid Build Coastguard Worker AvbIOResult validate_vbmeta_public_key(AvbOps* ops,
990*d289c2baSAndroid Build Coastguard Worker const uint8_t* public_key_data,
991*d289c2baSAndroid Build Coastguard Worker size_t public_key_length,
992*d289c2baSAndroid Build Coastguard Worker const uint8_t* public_key_metadata,
993*d289c2baSAndroid Build Coastguard Worker size_t public_key_metadata_length,
994*d289c2baSAndroid Build Coastguard Worker bool* out_key_is_trusted) override {
995*d289c2baSAndroid Build Coastguard Worker // Send to libavb_cert implementation.
996*d289c2baSAndroid Build Coastguard Worker ++num_cert_calls_;
997*d289c2baSAndroid Build Coastguard Worker return avb_cert_validate_vbmeta_public_key(ops_.avb_ops(),
998*d289c2baSAndroid Build Coastguard Worker public_key_data,
999*d289c2baSAndroid Build Coastguard Worker public_key_length,
1000*d289c2baSAndroid Build Coastguard Worker public_key_metadata,
1001*d289c2baSAndroid Build Coastguard Worker public_key_metadata_length,
1002*d289c2baSAndroid Build Coastguard Worker out_key_is_trusted);
1003*d289c2baSAndroid Build Coastguard Worker }
1004*d289c2baSAndroid Build Coastguard Worker
1005*d289c2baSAndroid Build Coastguard Worker protected:
1006*d289c2baSAndroid Build Coastguard Worker AvbCertPermanentAttributes attributes_;
1007*d289c2baSAndroid Build Coastguard Worker int num_cert_calls_ = 0;
1008*d289c2baSAndroid Build Coastguard Worker
1009*d289c2baSAndroid Build Coastguard Worker private:
ReadCertDefaultData()1010*d289c2baSAndroid Build Coastguard Worker void ReadCertDefaultData() {
1011*d289c2baSAndroid Build Coastguard Worker std::string tmp;
1012*d289c2baSAndroid Build Coastguard Worker ASSERT_TRUE(
1013*d289c2baSAndroid Build Coastguard Worker base::ReadFileToString(base::FilePath(kPermanentAttributesPath), &tmp));
1014*d289c2baSAndroid Build Coastguard Worker ASSERT_EQ(tmp.size(), sizeof(AvbCertPermanentAttributes));
1015*d289c2baSAndroid Build Coastguard Worker memcpy(&attributes_, tmp.data(), tmp.size());
1016*d289c2baSAndroid Build Coastguard Worker }
1017*d289c2baSAndroid Build Coastguard Worker };
1018*d289c2baSAndroid Build Coastguard Worker
TEST_F(AvbCertSlotVerifyTest,SlotVerifyWithCert)1019*d289c2baSAndroid Build Coastguard Worker TEST_F(AvbCertSlotVerifyTest, SlotVerifyWithCert) {
1020*d289c2baSAndroid Build Coastguard Worker std::string metadata_option = "--public_key_metadata=";
1021*d289c2baSAndroid Build Coastguard Worker metadata_option += kMetadataPath;
1022*d289c2baSAndroid Build Coastguard Worker GenerateVBMetaImage("vbmeta_a.img",
1023*d289c2baSAndroid Build Coastguard Worker "SHA512_RSA4096",
1024*d289c2baSAndroid Build Coastguard Worker 0,
1025*d289c2baSAndroid Build Coastguard Worker "test/data/testkey_cert_psk.pem",
1026*d289c2baSAndroid Build Coastguard Worker metadata_option);
1027*d289c2baSAndroid Build Coastguard Worker
1028*d289c2baSAndroid Build Coastguard Worker ops_.set_expected_public_key(PublicKeyAVB("test/data/testkey_cert_psk.pem"));
1029*d289c2baSAndroid Build Coastguard Worker
1030*d289c2baSAndroid Build Coastguard Worker AvbSlotVerifyData* slot_data = NULL;
1031*d289c2baSAndroid Build Coastguard Worker const char* requested_partitions[] = {"boot", NULL};
1032*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(AVB_SLOT_VERIFY_RESULT_OK,
1033*d289c2baSAndroid Build Coastguard Worker avb_slot_verify(ops_.avb_ops(),
1034*d289c2baSAndroid Build Coastguard Worker requested_partitions,
1035*d289c2baSAndroid Build Coastguard Worker "_a",
1036*d289c2baSAndroid Build Coastguard Worker AVB_SLOT_VERIFY_FLAGS_NONE,
1037*d289c2baSAndroid Build Coastguard Worker AVB_HASHTREE_ERROR_MODE_RESTART_AND_INVALIDATE,
1038*d289c2baSAndroid Build Coastguard Worker &slot_data));
1039*d289c2baSAndroid Build Coastguard Worker EXPECT_NE(nullptr, slot_data);
1040*d289c2baSAndroid Build Coastguard Worker avb_slot_verify_data_free(slot_data);
1041*d289c2baSAndroid Build Coastguard Worker EXPECT_EQ(1, num_cert_calls_);
1042*d289c2baSAndroid Build Coastguard Worker }
1043*d289c2baSAndroid Build Coastguard Worker
1044*d289c2baSAndroid Build Coastguard Worker } // namespace avb
1045