1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <gtest/gtest.h>
18 #include <string.h>
19 #include <stdlib.h>
20 #include <stdio.h>
21
22 #include <gatekeeper/gatekeeper_messages.h>
23
24 #include <vector>
25
26 using ::gatekeeper::SizedBuffer;
27 using ::testing::Test;
28 using ::gatekeeper::EnrollRequest;
29 using ::gatekeeper::EnrollResponse;
30 using ::gatekeeper::VerifyRequest;
31 using ::gatekeeper::VerifyResponse;
32 using std::cout;
33 using std::endl;
34
35 static const uint32_t USER_ID = 3857;
36
make_buffer(uint32_t size)37 static SizedBuffer make_buffer(uint32_t size) {
38 uint8_t *buffer = new uint8_t[size];
39 srand(size);
40
41 for (uint32_t i = 0; i < size; i++) {
42 buffer[i] = rand();
43 }
44
45 return { buffer, size };
46 }
47
TEST(RoundTripTest,EnrollRequestNullEnrolledNullHandle)48 TEST(RoundTripTest, EnrollRequestNullEnrolledNullHandle) {
49 const uint32_t password_size = 512;
50 const SizedBuffer *deserialized_password;
51 // create request, serialize, deserialize, and validate
52 EnrollRequest msg(USER_ID, {}, make_buffer(password_size), {});
53
54 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
55 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
56
57 EnrollRequest deserialized_msg;
58 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
59 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
60
61 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
62 deserialized_msg.error);
63
64 deserialized_password = &deserialized_msg.provided_password;
65 ASSERT_EQ(USER_ID, deserialized_msg.user_id);
66 ASSERT_EQ((uint32_t) password_size, deserialized_password->size());
67 ASSERT_EQ(0, memcmp(msg.provided_password.Data<uint8_t>(), deserialized_password->Data<uint8_t>(), password_size));
68 ASSERT_FALSE(deserialized_msg.enrolled_password);
69 ASSERT_FALSE(deserialized_msg.password_handle);
70 }
71
TEST(RoundTripTest,EnrollRequestEmptyEnrolledEmptyHandle)72 TEST(RoundTripTest, EnrollRequestEmptyEnrolledEmptyHandle) {
73 const uint32_t password_size = 512;
74 const SizedBuffer *deserialized_password;
75 // create request, serialize, deserialize, and validate
76 EnrollRequest msg(USER_ID, {}, make_buffer(password_size), {});
77 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
78 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
79
80 EnrollRequest deserialized_msg;
81 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
82 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
83
84 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
85 deserialized_msg.error);
86
87 deserialized_password = &deserialized_msg.provided_password;
88 ASSERT_EQ(USER_ID, deserialized_msg.user_id);
89 ASSERT_EQ((uint32_t) password_size, deserialized_password->size());
90 ASSERT_EQ(0, memcmp(msg.provided_password.Data<uint8_t>(), deserialized_password->Data<uint8_t>(), password_size));
91 ASSERT_FALSE(deserialized_msg.enrolled_password);
92 ASSERT_FALSE(deserialized_msg.password_handle);
93 }
94
TEST(RoundTripTest,EnrollRequestNonNullEnrolledOrHandle)95 TEST(RoundTripTest, EnrollRequestNonNullEnrolledOrHandle) {
96 const uint32_t password_size = 512;
97 SizedBuffer provided_password = make_buffer(password_size);
98 SizedBuffer enrolled_password = make_buffer(password_size);
99 SizedBuffer password_handle = make_buffer(password_size);
100 const SizedBuffer *deserialized_password;
101 const SizedBuffer *deserialized_enrolled;
102 const SizedBuffer *deserialized_handle;
103 // create request, serialize, deserialize, and validate
104 EnrollRequest msg(USER_ID, move(password_handle), move(provided_password), move(enrolled_password));
105 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
106 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
107
108 EnrollRequest deserialized_msg;
109 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
110 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
111
112 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
113 deserialized_msg.error);
114
115 deserialized_password = &deserialized_msg.provided_password;
116 deserialized_enrolled = &deserialized_msg.enrolled_password;
117 deserialized_handle = &deserialized_msg.password_handle;
118 ASSERT_EQ(USER_ID, deserialized_msg.user_id);
119 ASSERT_EQ((uint32_t) password_size, deserialized_password->size());
120 ASSERT_EQ(0, memcmp(msg.provided_password.Data<uint8_t>(), deserialized_password->Data<uint8_t>(), password_size));
121 ASSERT_EQ((uint32_t) password_size, deserialized_enrolled->size());
122 ASSERT_EQ(0, memcmp(msg.enrolled_password.Data<uint8_t>(), deserialized_enrolled->Data<uint8_t>(), password_size));
123 ASSERT_EQ((uint32_t) password_size, deserialized_handle->size());
124 ASSERT_EQ(0, memcmp(msg.password_handle.Data<uint8_t>(), deserialized_handle->Data<uint8_t>(), password_size));
125 }
126
127
TEST(RoundTripTest,EnrollResponse)128 TEST(RoundTripTest, EnrollResponse) {
129 const uint32_t password_size = 512;
130 const SizedBuffer *deserialized_password;
131 // create request, serialize, deserialize, and validate
132 EnrollResponse msg(USER_ID, make_buffer(password_size));
133 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
134 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
135
136 EnrollResponse deserialized_msg;
137 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
138 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
139
140 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
141 deserialized_msg.error);
142
143 deserialized_password = &deserialized_msg.enrolled_password_handle;
144 ASSERT_EQ(USER_ID, deserialized_msg.user_id);
145 ASSERT_EQ((uint32_t) password_size, deserialized_password->size());
146 ASSERT_EQ(0, memcmp(msg.enrolled_password_handle.Data<uint8_t>(),
147 deserialized_password->Data<uint8_t>(), password_size));
148 }
149
TEST(RoundTripTest,VerifyRequest)150 TEST(RoundTripTest, VerifyRequest) {
151 const uint32_t password_size = 512;
152 const SizedBuffer *deserialized_password;
153 // create request, serialize, deserialize, and validate
154 VerifyRequest msg(USER_ID, 1, make_buffer(password_size), make_buffer(password_size));
155 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
156 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
157
158 VerifyRequest deserialized_msg;
159 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
160 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
161
162 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
163 deserialized_msg.error);
164
165 ASSERT_EQ(USER_ID, deserialized_msg.user_id);
166 ASSERT_EQ((uint64_t) 1, deserialized_msg.challenge);
167 deserialized_password = &deserialized_msg.password_handle;
168 ASSERT_EQ((uint32_t) password_size, deserialized_password->size());
169 ASSERT_EQ(0, memcmp(msg.provided_password.Data<uint8_t>(), deserialized_password->Data<uint8_t>(),
170 password_size));
171
172 deserialized_password = &deserialized_msg.password_handle;
173 ASSERT_EQ((uint32_t) password_size, deserialized_password->size());
174 ASSERT_EQ(0, memcmp(msg.password_handle.Data<uint8_t>(), deserialized_password->Data<uint8_t>(),
175 password_size));
176 }
177
TEST(RoundTripTest,VerifyResponse)178 TEST(RoundTripTest, VerifyResponse) {
179 const uint32_t password_size = 512;
180 const SizedBuffer *deserialized_password;
181 // create request, serialize, deserialize, and validate
182 VerifyResponse msg(USER_ID, make_buffer(password_size));
183 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
184 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
185
186 VerifyResponse deserialized_msg;
187 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
188 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
189
190 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
191 deserialized_msg.error);
192
193 ASSERT_EQ(USER_ID, deserialized_msg.user_id);
194 deserialized_password = &deserialized_msg.auth_token;
195 ASSERT_EQ((uint32_t) password_size, deserialized_password->size());
196 ASSERT_EQ(0, memcmp(msg.auth_token.Data<uint8_t>(), deserialized_password->Data<uint8_t>(),
197 password_size));
198 }
199
TEST(RoundTripTest,VerifyResponseError)200 TEST(RoundTripTest, VerifyResponseError) {
201 VerifyResponse msg;
202 msg.error = gatekeeper::gatekeeper_error_t::ERROR_INVALID;
203 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
204 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
205 VerifyResponse deserialized_msg;
206 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
207 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
208 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_INVALID,
209 deserialized_msg.error);
210 }
211
TEST(RoundTripTest,VerifyRequestError)212 TEST(RoundTripTest, VerifyRequestError) {
213 VerifyRequest msg;
214 msg.error = gatekeeper::gatekeeper_error_t::ERROR_INVALID;
215 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
216 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
217 VerifyRequest deserialized_msg;
218 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
219 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
220 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_INVALID,
221 deserialized_msg.error);
222 }
223
TEST(RoundTripTest,EnrollResponseError)224 TEST(RoundTripTest, EnrollResponseError) {
225 EnrollResponse msg;
226 msg.error = gatekeeper::gatekeeper_error_t::ERROR_INVALID;
227 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
228 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
229 EnrollResponse deserialized_msg;
230 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
231 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
232 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_INVALID,
233 deserialized_msg.error);
234 }
235
TEST(RoundTripTest,EnrollRequestError)236 TEST(RoundTripTest, EnrollRequestError) {
237 EnrollRequest msg;
238 msg.error = gatekeeper::gatekeeper_error_t::ERROR_INVALID;
239 std::vector<uint8_t> serialized_msg(msg.GetSerializedSize());
240 ASSERT_EQ(serialized_msg.size(), msg.Serialize(&*serialized_msg.begin(), &*serialized_msg.end()));
241 EnrollRequest deserialized_msg;
242 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
243 deserialized_msg.Deserialize(&*serialized_msg.begin(), &*serialized_msg.end()));
244 ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_INVALID,
245 deserialized_msg.error);
246 }
247
248 uint8_t msgbuf[] = {
249 220, 88, 183, 255, 71, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
250 0, 173, 0, 0, 0, 228, 174, 98, 187, 191, 135, 253, 200, 51, 230, 114, 247, 151, 109,
251 237, 79, 87, 32, 94, 5, 204, 46, 154, 30, 91, 6, 103, 148, 254, 129, 65, 171, 228,
252 167, 224, 163, 9, 15, 206, 90, 58, 11, 205, 55, 211, 33, 87, 178, 149, 91, 28, 236,
253 218, 112, 231, 34, 82, 82, 134, 103, 137, 115, 27, 156, 102, 159, 220, 226, 89, 42, 25,
254 37, 9, 84, 239, 76, 161, 198, 72, 167, 163, 39, 91, 148, 191, 17, 191, 87, 169, 179,
255 136, 10, 194, 154, 4, 40, 107, 109, 61, 161, 20, 176, 247, 13, 214, 106, 229, 45, 17,
256 5, 60, 189, 64, 39, 166, 208, 14, 57, 25, 140, 148, 25, 177, 246, 189, 43, 181, 88,
257 204, 29, 126, 224, 100, 143, 93, 60, 57, 249, 55, 0, 87, 83, 227, 224, 166, 59, 214,
258 81, 144, 129, 58, 6, 57, 46, 254, 232, 41, 220, 209, 230, 167, 138, 158, 94, 180, 125,
259 247, 26, 162, 116, 238, 202, 187, 100, 65, 13, 180, 44, 245, 159, 83, 161, 176, 58, 72,
260 236, 109, 105, 160, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
261 0, 11, 0, 0, 0, 98, 0, 0, 0, 1, 0, 0, 32, 2, 0, 0, 0, 1, 0,
262 0, 32, 3, 0, 0, 0, 2, 0, 0, 16, 1, 0, 0, 0, 3, 0, 0, 48, 0,
263 1, 0, 0, 200, 0, 0, 80, 3, 0, 0, 0, 0, 0, 0, 0, 244, 1, 0, 112,
264 1, 246, 1, 0, 112, 1, 189, 2, 0, 96, 144, 178, 236, 250, 255, 255, 255, 255, 145,
265 1, 0, 96, 144, 226, 33, 60, 222, 2, 0, 0, 189, 2, 0, 96, 0, 0, 0, 0,
266 0, 0, 0, 0, 190, 2, 0, 16, 1, 0, 0, 0, 12, 0, 0, 0, 0, 0, 0,
267 0, 0, 0, 0, 0, 0, 0, 0, 0, 110, 0, 0, 0, 0, 0, 0, 0, 11, 0,
268 0, 0, 98, 0, 0, 0, 1, 0, 0, 32, 2, 0, 0, 0, 1, 0, 0, 32, 3,
269 0, 0, 0, 2, 0, 0, 16, 1, 0, 0, 0, 3, 0, 0, 48, 0, 1, 0, 0,
270 200, 0, 0, 80, 3, 0, 0, 0, 0, 0, 0, 0, 244, 1, 0, 112, 1, 246, 1,
271 0, 112, 1, 189, 2, 0, 96, 144, 178, 236, 250, 255, 255, 255, 255, 145, 1, 0, 96,
272 144, 226, 33, 60, 222, 2, 0, 0, 189, 2, 0, 96, 0, 0, 0, 0, 0, 0, 0,
273 0, 190, 2, 0, 16, 1, 0, 0, 0,
274 };
275
276
277 /*
278 * These tests don't have any assertions or expectations. They just try to parse garbage, to see if
279 * the result will be a crash. This is especially informative when run under Valgrind memcheck.
280 */
281
parse_garbage()282 template <typename Message> void parse_garbage() {
283 Message msg;
284 uint32_t array_length = sizeof(msgbuf) / sizeof(msgbuf[0]);
285 const uint8_t* end = msgbuf + array_length;
286 for (uint32_t i = 0; i < array_length; ++i) {
287 const uint8_t* begin = msgbuf + i;
288 const uint8_t* p = begin;
289 msg.Deserialize(p, end);
290 }
291 }
292
293 #define GARBAGE_TEST(Message) \
294 TEST(GarbageTest, Message) { parse_garbage<Message>(); }
295
296 GARBAGE_TEST(VerifyRequest);
297 GARBAGE_TEST(VerifyResponse);
298 GARBAGE_TEST(EnrollRequest);
299 GARBAGE_TEST(EnrollResponse);
300