xref: /aosp_15_r20/external/open-dice/src/android_test.cc (revision 60b67249c2e226f42f35cc6cfe66c6048e0bae6b) 
1*60b67249SAndroid Build Coastguard Worker // Copyright 2021 Google LLC
2*60b67249SAndroid Build Coastguard Worker //
3*60b67249SAndroid Build Coastguard Worker // Licensed under the Apache License, Version 2.0 (the "License"); you may not
4*60b67249SAndroid Build Coastguard Worker // use this file except in compliance with the License. You may obtain a copy of
5*60b67249SAndroid Build Coastguard Worker // the License at
6*60b67249SAndroid Build Coastguard Worker //
7*60b67249SAndroid Build Coastguard Worker //     https://www.apache.org/licenses/LICENSE-2.0
8*60b67249SAndroid Build Coastguard Worker //
9*60b67249SAndroid Build Coastguard Worker // Unless required by applicable law or agreed to in writing, software
10*60b67249SAndroid Build Coastguard Worker // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
11*60b67249SAndroid Build Coastguard Worker // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
12*60b67249SAndroid Build Coastguard Worker // License for the specific language governing permissions and limitations under
13*60b67249SAndroid Build Coastguard Worker // the License.
14*60b67249SAndroid Build Coastguard Worker 
15*60b67249SAndroid Build Coastguard Worker #include "dice/android.h"
16*60b67249SAndroid Build Coastguard Worker 
17*60b67249SAndroid Build Coastguard Worker #include "dice/test_framework.h"
18*60b67249SAndroid Build Coastguard Worker 
19*60b67249SAndroid Build Coastguard Worker namespace {
20*60b67249SAndroid Build Coastguard Worker 
21*60b67249SAndroid Build Coastguard Worker extern "C" {
22*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidConfigTest,NoConfigFields)23*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidConfigTest, NoConfigFields) {
24*60b67249SAndroid Build Coastguard Worker   DiceAndroidConfigValues input_values = {};
25*60b67249SAndroid Build Coastguard Worker   uint8_t buffer[10];
26*60b67249SAndroid Build Coastguard Worker   size_t buffer_size;
27*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidFormatConfigDescriptor(
28*60b67249SAndroid Build Coastguard Worker       &input_values, sizeof(buffer), buffer, &buffer_size);
29*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
30*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(1u, buffer_size);
31*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0xa0, buffer[0]);
32*60b67249SAndroid Build Coastguard Worker }
33*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidConfigTest,NoConfigFieldsMeasurement)34*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidConfigTest, NoConfigFieldsMeasurement) {
35*60b67249SAndroid Build Coastguard Worker   DiceAndroidConfigValues config_values = {};
36*60b67249SAndroid Build Coastguard Worker   size_t buffer_size;
37*60b67249SAndroid Build Coastguard Worker   DiceResult result =
38*60b67249SAndroid Build Coastguard Worker       DiceAndroidFormatConfigDescriptor(&config_values, 0, NULL, &buffer_size);
39*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultBufferTooSmall, result);
40*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(1u, buffer_size);
41*60b67249SAndroid Build Coastguard Worker }
42*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidConfigTest,AllConfigFields)43*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidConfigTest, AllConfigFields) {
44*60b67249SAndroid Build Coastguard Worker   DiceAndroidConfigValues config_values = {
45*60b67249SAndroid Build Coastguard Worker       .configs = DICE_ANDROID_CONFIG_COMPONENT_NAME |
46*60b67249SAndroid Build Coastguard Worker                  DICE_ANDROID_CONFIG_COMPONENT_VERSION |
47*60b67249SAndroid Build Coastguard Worker                  DICE_ANDROID_CONFIG_RESETTABLE |
48*60b67249SAndroid Build Coastguard Worker                  DICE_ANDROID_CONFIG_SECURITY_VERSION |
49*60b67249SAndroid Build Coastguard Worker                  DICE_ANDROID_CONFIG_RKP_VM_MARKER,
50*60b67249SAndroid Build Coastguard Worker       .component_name = "Test Component Name",
51*60b67249SAndroid Build Coastguard Worker       .component_version = 0x232a13dec90f42b5,
52*60b67249SAndroid Build Coastguard Worker       .security_version = 0xfab777c1,
53*60b67249SAndroid Build Coastguard Worker   };
54*60b67249SAndroid Build Coastguard Worker   size_t buffer_size;
55*60b67249SAndroid Build Coastguard Worker   DiceResult result =
56*60b67249SAndroid Build Coastguard Worker       DiceAndroidFormatConfigDescriptor(&config_values, 0, NULL, &buffer_size);
57*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultBufferTooSmall, result);
58*60b67249SAndroid Build Coastguard Worker   std::vector<uint8_t> buffer(buffer_size);
59*60b67249SAndroid Build Coastguard Worker   const uint8_t expected[] = {
60*60b67249SAndroid Build Coastguard Worker       0xa5, 0x3a, 0x00, 0x01, 0x11, 0x71, 0x73, 'T',  'e',  's',  't',
61*60b67249SAndroid Build Coastguard Worker       ' ',  'C',  'o',  'm',  'p',  'o',  'n',  'e',  'n',  't',  ' ',
62*60b67249SAndroid Build Coastguard Worker       'N',  'a',  'm',  'e',  0x3a, 0x00, 0x01, 0x11, 0x72, 0x1b, 0x23,
63*60b67249SAndroid Build Coastguard Worker       0x2a, 0x13, 0xde, 0xc9, 0x0f, 0x42, 0xb5, 0x3a, 0x00, 0x01, 0x11,
64*60b67249SAndroid Build Coastguard Worker       0x73, 0xf6, 0x3a, 0x00, 0x01, 0x11, 0x74, 0x1a, 0xfa, 0xb7, 0x77,
65*60b67249SAndroid Build Coastguard Worker       0xc1, 0x3a, 0x00, 0x01, 0x11, 0x75, 0xf6};
66*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(sizeof(expected), buffer.size());
67*60b67249SAndroid Build Coastguard Worker   result = DiceAndroidFormatConfigDescriptor(&config_values, buffer.size(),
68*60b67249SAndroid Build Coastguard Worker                                              buffer.data(), &buffer_size);
69*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(sizeof(expected), buffer_size);
70*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(expected, buffer.data(), sizeof(expected)));
71*60b67249SAndroid Build Coastguard Worker }
72*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidTest,PreservesPreviousEntries)73*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidTest, PreservesPreviousEntries) {
74*60b67249SAndroid Build Coastguard Worker   const uint8_t chain[] = {
75*60b67249SAndroid Build Coastguard Worker       // Fake DICE chain with the root public key and two entries.
76*60b67249SAndroid Build Coastguard Worker       0x83,
77*60b67249SAndroid Build Coastguard Worker       // Fake public key.
78*60b67249SAndroid Build Coastguard Worker       0xa6, 0x01, 0x02, 0x03, 0x27, 0x04, 0x02, 0x20, 0x01, 0x21, 0x40, 0x22,
79*60b67249SAndroid Build Coastguard Worker       0x40,
80*60b67249SAndroid Build Coastguard Worker       // Fake DICE chain entry.
81*60b67249SAndroid Build Coastguard Worker       0x84, 0x40, 0xa0, 0x40, 0x40,
82*60b67249SAndroid Build Coastguard Worker       // Fake DICE chain entry.
83*60b67249SAndroid Build Coastguard Worker       0x84, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40,
84*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
85*60b67249SAndroid Build Coastguard Worker       0x84, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
86*60b67249SAndroid Build Coastguard Worker   const uint8_t fake_cdi_attest[DICE_CDI_SIZE] = {};
87*60b67249SAndroid Build Coastguard Worker   const uint8_t fake_cdi_seal[DICE_CDI_SIZE] = {};
88*60b67249SAndroid Build Coastguard Worker   DiceInputValues input_values = {};
89*60b67249SAndroid Build Coastguard Worker   size_t next_chain_size;
90*60b67249SAndroid Build Coastguard Worker   uint8_t next_cdi_attest[DICE_CDI_SIZE];
91*60b67249SAndroid Build Coastguard Worker   uint8_t next_cdi_seal[DICE_CDI_SIZE];
92*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidMainFlow(
93*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, fake_cdi_attest, fake_cdi_seal, chain, sizeof(chain),
94*60b67249SAndroid Build Coastguard Worker       &input_values, 0, NULL, &next_chain_size, next_cdi_attest, next_cdi_seal);
95*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultBufferTooSmall, result);
96*60b67249SAndroid Build Coastguard Worker   EXPECT_GT(next_chain_size, sizeof(chain));
97*60b67249SAndroid Build Coastguard Worker   std::vector<uint8_t> next_chain(next_chain_size);
98*60b67249SAndroid Build Coastguard Worker   result = DiceAndroidMainFlow(
99*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, fake_cdi_attest, fake_cdi_seal, chain, sizeof(chain),
100*60b67249SAndroid Build Coastguard Worker       &input_values, next_chain.size(), next_chain.data(), &next_chain_size,
101*60b67249SAndroid Build Coastguard Worker       next_cdi_attest, next_cdi_seal);
102*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
103*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(next_chain_size, next_chain.size());
104*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0x84, next_chain[0]);
105*60b67249SAndroid Build Coastguard Worker   EXPECT_NE(0, memcmp(next_chain.data() + 1, chain + 1, sizeof(chain) - 1));
106*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(next_chain.data() + 1, chain + 1, sizeof(chain) - 8 - 1));
107*60b67249SAndroid Build Coastguard Worker }
108*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidHandoverTest,PreservesPreviousEntries)109*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidHandoverTest, PreservesPreviousEntries) {
110*60b67249SAndroid Build Coastguard Worker   const uint8_t handover[] = {
111*60b67249SAndroid Build Coastguard Worker       0xa3,
112*60b67249SAndroid Build Coastguard Worker       // CDI attest
113*60b67249SAndroid Build Coastguard Worker       0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
114*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
115*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
116*60b67249SAndroid Build Coastguard Worker       // CDI seal
117*60b67249SAndroid Build Coastguard Worker       0x02, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
118*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
119*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
120*60b67249SAndroid Build Coastguard Worker       // DICE chain
121*60b67249SAndroid Build Coastguard Worker       0x03, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x27, 0x04, 0x02, 0x20, 0x01, 0x21,
122*60b67249SAndroid Build Coastguard Worker       0x40, 0x22, 0x40, 0x84, 0x40, 0xa0, 0x40, 0x40,
123*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
124*60b67249SAndroid Build Coastguard Worker       0x84, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
125*60b67249SAndroid Build Coastguard Worker   DiceInputValues input_values = {};
126*60b67249SAndroid Build Coastguard Worker   size_t next_handover_size;
127*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidHandoverMainFlow(
128*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, handover, sizeof(handover), &input_values, 0, NULL,
129*60b67249SAndroid Build Coastguard Worker       &next_handover_size);
130*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultBufferTooSmall, result);
131*60b67249SAndroid Build Coastguard Worker   EXPECT_GT(next_handover_size, sizeof(handover));
132*60b67249SAndroid Build Coastguard Worker   std::vector<uint8_t> next_handover(next_handover_size);
133*60b67249SAndroid Build Coastguard Worker   result = DiceAndroidHandoverMainFlow(
134*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, handover, sizeof(handover), &input_values,
135*60b67249SAndroid Build Coastguard Worker       next_handover.size(), next_handover.data(), &next_handover_size);
136*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
137*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(next_handover_size, next_handover.size());
138*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0xa3, next_handover[0]);
139*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0x83, next_handover[72]);
140*60b67249SAndroid Build Coastguard Worker   EXPECT_NE(0, memcmp(next_handover.data() + 73, handover + 73,
141*60b67249SAndroid Build Coastguard Worker                       sizeof(handover) - 73));
142*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0, memcmp(next_handover.data() + 73, handover + 73,
143*60b67249SAndroid Build Coastguard Worker                       sizeof(handover) - 8 - 73));
144*60b67249SAndroid Build Coastguard Worker }
145*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidHandoverTest,InHandoverWithoutDiceChainOutHandoverWithDiceChain)146*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidHandoverTest,
147*60b67249SAndroid Build Coastguard Worker      InHandoverWithoutDiceChainOutHandoverWithDiceChain) {
148*60b67249SAndroid Build Coastguard Worker   const uint8_t handover[] = {
149*60b67249SAndroid Build Coastguard Worker       0xa2,
150*60b67249SAndroid Build Coastguard Worker       // CDI attest
151*60b67249SAndroid Build Coastguard Worker       0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
152*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
153*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
154*60b67249SAndroid Build Coastguard Worker       // CDI seal
155*60b67249SAndroid Build Coastguard Worker       0x02, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
156*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
157*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
158*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
159*60b67249SAndroid Build Coastguard Worker       0x00, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
160*60b67249SAndroid Build Coastguard Worker   DiceInputValues input_values = {};
161*60b67249SAndroid Build Coastguard Worker   size_t next_handover_size;
162*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidHandoverMainFlow(
163*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, handover, sizeof(handover), &input_values, 0, NULL,
164*60b67249SAndroid Build Coastguard Worker       &next_handover_size);
165*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultBufferTooSmall, result);
166*60b67249SAndroid Build Coastguard Worker   EXPECT_GT(next_handover_size, sizeof(handover));
167*60b67249SAndroid Build Coastguard Worker   std::vector<uint8_t> next_handover(next_handover_size);
168*60b67249SAndroid Build Coastguard Worker   result = DiceAndroidHandoverMainFlow(
169*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, handover, sizeof(handover), &input_values,
170*60b67249SAndroid Build Coastguard Worker       next_handover.size(), next_handover.data(), &next_handover_size);
171*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
172*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(next_handover_size, next_handover.size());
173*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0xa3, next_handover[0]);
174*60b67249SAndroid Build Coastguard Worker }
175*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidHandoverTest,InHandoverWithoutDiceChainButUnknownFieldOutHandoverWithDiceChain)176*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidHandoverTest,
177*60b67249SAndroid Build Coastguard Worker      InHandoverWithoutDiceChainButUnknownFieldOutHandoverWithDiceChain) {
178*60b67249SAndroid Build Coastguard Worker   const uint8_t handover[] = {
179*60b67249SAndroid Build Coastguard Worker       0xa3,
180*60b67249SAndroid Build Coastguard Worker       // CDI attest
181*60b67249SAndroid Build Coastguard Worker       0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
182*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
183*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
184*60b67249SAndroid Build Coastguard Worker       // CDI seal
185*60b67249SAndroid Build Coastguard Worker       0x02, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
186*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
187*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
188*60b67249SAndroid Build Coastguard Worker       // Ignored unknown field
189*60b67249SAndroid Build Coastguard Worker       0x04, 0x01,
190*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
191*60b67249SAndroid Build Coastguard Worker       0x00, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
192*60b67249SAndroid Build Coastguard Worker   DiceInputValues input_values = {};
193*60b67249SAndroid Build Coastguard Worker   size_t next_handover_size;
194*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidHandoverMainFlow(
195*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, handover, sizeof(handover), &input_values, 0, NULL,
196*60b67249SAndroid Build Coastguard Worker       &next_handover_size);
197*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultBufferTooSmall, result);
198*60b67249SAndroid Build Coastguard Worker   EXPECT_GT(next_handover_size, sizeof(handover));
199*60b67249SAndroid Build Coastguard Worker   std::vector<uint8_t> next_handover(next_handover_size);
200*60b67249SAndroid Build Coastguard Worker   result = DiceAndroidHandoverMainFlow(
201*60b67249SAndroid Build Coastguard Worker       /*context=*/NULL, handover, sizeof(handover), &input_values,
202*60b67249SAndroid Build Coastguard Worker       next_handover.size(), next_handover.data(), &next_handover_size);
203*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
204*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(next_handover_size, next_handover.size());
205*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0xa3, next_handover[0]);
206*60b67249SAndroid Build Coastguard Worker }
207*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidHandoverTest,ParseHandover)208*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidHandoverTest, ParseHandover) {
209*60b67249SAndroid Build Coastguard Worker   const uint8_t handover[] = {
210*60b67249SAndroid Build Coastguard Worker       0xa3,
211*60b67249SAndroid Build Coastguard Worker       // CDI attest
212*60b67249SAndroid Build Coastguard Worker       0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
213*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
214*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
215*60b67249SAndroid Build Coastguard Worker       // CDI seal
216*60b67249SAndroid Build Coastguard Worker       0x02, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
217*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
218*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
219*60b67249SAndroid Build Coastguard Worker       // DICE chain
220*60b67249SAndroid Build Coastguard Worker       0x03, 0x82, 0xa6, 0x01, 0x02, 0x03, 0x27, 0x04, 0x02, 0x20, 0x01, 0x21,
221*60b67249SAndroid Build Coastguard Worker       0x40, 0x22, 0x40, 0x84, 0x40, 0xa0, 0x40, 0x40,
222*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
223*60b67249SAndroid Build Coastguard Worker       0x00, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
224*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_attest;
225*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_seal;
226*60b67249SAndroid Build Coastguard Worker   const uint8_t *chain;
227*60b67249SAndroid Build Coastguard Worker   size_t chain_size;
228*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidHandoverParse(
229*60b67249SAndroid Build Coastguard Worker       handover, sizeof(handover), &cdi_attest, &cdi_seal, &chain, &chain_size);
230*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
231*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(handover + 4, cdi_attest);
232*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(handover + 39, cdi_seal);
233*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(handover + 72, chain);
234*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(19u, chain_size);
235*60b67249SAndroid Build Coastguard Worker }
236*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidHandoverTest,ParseHandoverWithoutDiceChain)237*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidHandoverTest, ParseHandoverWithoutDiceChain) {
238*60b67249SAndroid Build Coastguard Worker   const uint8_t handover[] = {
239*60b67249SAndroid Build Coastguard Worker       0xa2,
240*60b67249SAndroid Build Coastguard Worker       // CDI attest
241*60b67249SAndroid Build Coastguard Worker       0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
242*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
243*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
244*60b67249SAndroid Build Coastguard Worker       // CDI seal
245*60b67249SAndroid Build Coastguard Worker       0x02, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
246*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
247*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
248*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
249*60b67249SAndroid Build Coastguard Worker       0x00, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
250*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_attest;
251*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_seal;
252*60b67249SAndroid Build Coastguard Worker   const uint8_t *chain;
253*60b67249SAndroid Build Coastguard Worker   size_t chain_size;
254*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidHandoverParse(
255*60b67249SAndroid Build Coastguard Worker       handover, sizeof(handover), &cdi_attest, &cdi_seal, &chain, &chain_size);
256*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
257*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(handover + 4, cdi_attest);
258*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(handover + 39, cdi_seal);
259*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(nullptr, chain);
260*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0u, chain_size);
261*60b67249SAndroid Build Coastguard Worker }
262*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidHandoverTest,ParseHandoverWithoutDiceChainButUnknownField)263*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidHandoverTest, ParseHandoverWithoutDiceChainButUnknownField) {
264*60b67249SAndroid Build Coastguard Worker   const uint8_t handover[] = {
265*60b67249SAndroid Build Coastguard Worker       0xa3,
266*60b67249SAndroid Build Coastguard Worker       // CDI attest
267*60b67249SAndroid Build Coastguard Worker       0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
268*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
269*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
270*60b67249SAndroid Build Coastguard Worker       // CDI seal
271*60b67249SAndroid Build Coastguard Worker       0x02, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
272*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
273*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
274*60b67249SAndroid Build Coastguard Worker       // Ignored unknown field
275*60b67249SAndroid Build Coastguard Worker       0x04, 0x01,
276*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
277*60b67249SAndroid Build Coastguard Worker       0x00, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
278*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_attest;
279*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_seal;
280*60b67249SAndroid Build Coastguard Worker   const uint8_t *chain;
281*60b67249SAndroid Build Coastguard Worker   size_t chain_size;
282*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidHandoverParse(
283*60b67249SAndroid Build Coastguard Worker       handover, sizeof(handover), &cdi_attest, &cdi_seal, &chain, &chain_size);
284*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultOk, result);
285*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(handover + 4, cdi_attest);
286*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(handover + 39, cdi_seal);
287*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(nullptr, chain);
288*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(0u, chain_size);
289*60b67249SAndroid Build Coastguard Worker }
290*60b67249SAndroid Build Coastguard Worker 
TEST(DiceAndroidHandoverTest,ParseHandoverCdiTooLarge)291*60b67249SAndroid Build Coastguard Worker TEST(DiceAndroidHandoverTest, ParseHandoverCdiTooLarge) {
292*60b67249SAndroid Build Coastguard Worker   const uint8_t handover[] = {
293*60b67249SAndroid Build Coastguard Worker       0xa2,
294*60b67249SAndroid Build Coastguard Worker       // CDI attest
295*60b67249SAndroid Build Coastguard Worker       0x01, 0x58, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
296*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
297*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
298*60b67249SAndroid Build Coastguard Worker       // CDI seal
299*60b67249SAndroid Build Coastguard Worker       0x02, 0x58, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
300*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
301*60b67249SAndroid Build Coastguard Worker       0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
302*60b67249SAndroid Build Coastguard Worker       // 8-bytes of trailing data that aren't part of the DICE chain.
303*60b67249SAndroid Build Coastguard Worker       0x00, 0x41, 0x55, 0xa0, 0x42, 0x11, 0x22, 0x40};
304*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_attest;
305*60b67249SAndroid Build Coastguard Worker   const uint8_t *cdi_seal;
306*60b67249SAndroid Build Coastguard Worker   const uint8_t *chain;
307*60b67249SAndroid Build Coastguard Worker   size_t chain_size;
308*60b67249SAndroid Build Coastguard Worker   DiceResult result = DiceAndroidHandoverParse(
309*60b67249SAndroid Build Coastguard Worker       handover, sizeof(handover), &cdi_attest, &cdi_seal, &chain, &chain_size);
310*60b67249SAndroid Build Coastguard Worker   EXPECT_EQ(kDiceResultInvalidInput, result);
311*60b67249SAndroid Build Coastguard Worker }
312*60b67249SAndroid Build Coastguard Worker }
313*60b67249SAndroid Build Coastguard Worker 
314*60b67249SAndroid Build Coastguard Worker }  // namespace
315