1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <keymaster/UniquePtr.h>
18 
19 #include <gtest/gtest.h>
20 
21 #include <keymaster/android_keymaster.h>
22 #include <keymaster/android_keymaster_utils.h>
23 #include <keymaster/keymaster_tags.h>
24 
25 #include "android_keymaster_test_utils.h"
26 
27 namespace keymaster {
28 namespace test {
29 
30 /**
31  * Serialize and deserialize a message.
32  */
33 template <typename Message>
round_trip(int32_t ver,const Message & message,size_t expected_size)34 Message* round_trip(int32_t ver, const Message& message, size_t expected_size) {
35     size_t size = message.SerializedSize();
36     EXPECT_EQ(expected_size, size);
37     if (size == 0)
38         return nullptr;
39 
40     UniquePtr<uint8_t[]> buf(new uint8_t[size]);
41     EXPECT_EQ(buf.get() + size, message.Serialize(buf.get(), buf.get() + size));
42 
43     Message* deserialized = new Message(ver);
44     const uint8_t* p = buf.get();
45     EXPECT_TRUE(deserialized->Deserialize(&p, p + size));
46     EXPECT_EQ((ptrdiff_t)size, p - buf.get());
47     return deserialized;
48 }
49 
50 struct EmptyKeymasterResponse : public KeymasterResponse {
EmptyKeymasterResponsekeymaster::test::EmptyKeymasterResponse51     explicit EmptyKeymasterResponse(int32_t ver) : KeymasterResponse(ver) {}
NonErrorSerializedSizekeymaster::test::EmptyKeymasterResponse52     size_t NonErrorSerializedSize() const { return 1; }
NonErrorSerializekeymaster::test::EmptyKeymasterResponse53     uint8_t* NonErrorSerialize(uint8_t* buf, const uint8_t* /* end */) const {
54         *buf++ = 0;
55         return buf;
56     }
NonErrorDeserializekeymaster::test::EmptyKeymasterResponse57     bool NonErrorDeserialize(const uint8_t** buf_ptr, const uint8_t* end) {
58         if (*buf_ptr >= end)
59             return false;
60         EXPECT_EQ(0, **buf_ptr);
61         (*buf_ptr)++;
62         return true;
63     }
64 };
65 
TEST(RoundTrip,EmptyKeymasterResponse)66 TEST(RoundTrip, EmptyKeymasterResponse) {
67     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
68         EmptyKeymasterResponse msg(ver);
69         msg.error = KM_ERROR_OK;
70 
71         UniquePtr<EmptyKeymasterResponse> deserialized(round_trip(ver, msg, 5));
72     }
73 }
74 
TEST(RoundTrip,EmptyKeymasterResponseError)75 TEST(RoundTrip, EmptyKeymasterResponseError) {
76     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
77         EmptyKeymasterResponse msg(ver);
78         msg.error = KM_ERROR_MEMORY_ALLOCATION_FAILED;
79 
80         UniquePtr<EmptyKeymasterResponse> deserialized(round_trip(ver, msg, 4));
81     }
82 }
83 
TEST(RoundTrip,SupportedByAlgorithmRequest)84 TEST(RoundTrip, SupportedByAlgorithmRequest) {
85     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
86         SupportedByAlgorithmRequest req(ver);
87         req.algorithm = KM_ALGORITHM_EC;
88 
89         UniquePtr<SupportedByAlgorithmRequest> deserialized(round_trip(ver, req, 4));
90         EXPECT_EQ(KM_ALGORITHM_EC, deserialized->algorithm);
91     }
92 }
93 
TEST(RoundTrip,SupportedByAlgorithmAndPurposeRequest)94 TEST(RoundTrip, SupportedByAlgorithmAndPurposeRequest) {
95     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
96         SupportedByAlgorithmAndPurposeRequest req(ver);
97         req.algorithm = KM_ALGORITHM_EC;
98         req.purpose = KM_PURPOSE_DECRYPT;
99 
100         UniquePtr<SupportedByAlgorithmAndPurposeRequest> deserialized(round_trip(ver, req, 8));
101         EXPECT_EQ(KM_ALGORITHM_EC, deserialized->algorithm);
102         EXPECT_EQ(KM_PURPOSE_DECRYPT, deserialized->purpose);
103     }
104 }
105 
TEST(RoundTrip,SupportedResponse)106 TEST(RoundTrip, SupportedResponse) {
107     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
108         SupportedResponse<keymaster_digest_t> rsp(ver);
109         keymaster_digest_t digests[] = {KM_DIGEST_NONE, KM_DIGEST_MD5, KM_DIGEST_SHA1};
110         rsp.error = KM_ERROR_OK;
111         rsp.SetResults(digests);
112 
113         UniquePtr<SupportedResponse<keymaster_digest_t>> deserialized(round_trip(ver, rsp, 20));
114         EXPECT_EQ(array_length(digests), deserialized->results_length);
115         EXPECT_EQ(0, memcmp(deserialized->results, digests, array_size(digests)));
116     }
117 }
118 
119 static keymaster_key_param_t params[] = {
120     Authorization(TAG_PURPOSE, KM_PURPOSE_SIGN),
121     Authorization(TAG_PURPOSE, KM_PURPOSE_VERIFY),
122     Authorization(TAG_ALGORITHM, KM_ALGORITHM_RSA),
123     Authorization(TAG_USER_ID, 7),
124     Authorization(TAG_USER_AUTH_TYPE, HW_AUTH_PASSWORD),
125     Authorization(TAG_APPLICATION_ID, "app_id", 6),
126     Authorization(TAG_AUTH_TIMEOUT, 300),
127 };
128 uint8_t TEST_DATA[] = "a key blob";
129 
TEST(RoundTrip,GenerateKeyRequest)130 TEST(RoundTrip, GenerateKeyRequest) {
131     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
132         GenerateKeyRequest req(ver);
133         req.key_description.Reinitialize(params, array_length(params));
134         UniquePtr<GenerateKeyRequest> deserialized(round_trip(ver, req, 78));
135         EXPECT_EQ(deserialized->key_description, req.key_description);
136     }
137 }
138 
TEST(RoundTrip,GenerateKeyResponse)139 TEST(RoundTrip, GenerateKeyResponse) {
140     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
141         GenerateKeyResponse rsp(ver);
142         rsp.error = KM_ERROR_OK;
143         rsp.key_blob.key_material = dup_array(TEST_DATA);
144         rsp.key_blob.key_material_size = array_length(TEST_DATA);
145         rsp.enforced.Reinitialize(params, array_length(params));
146 
147         UniquePtr<GenerateKeyResponse> deserialized(round_trip(ver, rsp, 109));
148         EXPECT_EQ(KM_ERROR_OK, deserialized->error);
149         EXPECT_EQ(deserialized->enforced, rsp.enforced);
150         EXPECT_EQ(deserialized->unenforced, rsp.unenforced);
151     }
152 }
153 
TEST(RoundTrip,GenerateKeyResponseTestError)154 TEST(RoundTrip, GenerateKeyResponseTestError) {
155     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
156         GenerateKeyResponse rsp(ver);
157         rsp.error = KM_ERROR_UNSUPPORTED_ALGORITHM;
158         rsp.key_blob.key_material = dup_array(TEST_DATA);
159         rsp.key_blob.key_material_size = array_length(TEST_DATA);
160         rsp.enforced.Reinitialize(params, array_length(params));
161 
162         UniquePtr<GenerateKeyResponse> deserialized(round_trip(ver, rsp, 4));
163         EXPECT_EQ(KM_ERROR_UNSUPPORTED_ALGORITHM, deserialized->error);
164         EXPECT_EQ(0U, deserialized->enforced.size());
165         EXPECT_EQ(0U, deserialized->unenforced.size());
166         EXPECT_EQ(0U, deserialized->key_blob.key_material_size);
167     }
168 }
169 
TEST(RoundTrip,GetKeyCharacteristicsRequest)170 TEST(RoundTrip, GetKeyCharacteristicsRequest) {
171     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
172         GetKeyCharacteristicsRequest req(ver);
173         req.additional_params.Reinitialize(params, array_length(params));
174         req.SetKeyMaterial("foo", 3);
175 
176         UniquePtr<GetKeyCharacteristicsRequest> deserialized(round_trip(ver, req, 85));
177         EXPECT_EQ(7U, deserialized->additional_params.size());
178         EXPECT_EQ(3U, deserialized->key_blob.key_material_size);
179         EXPECT_EQ(0, memcmp(deserialized->key_blob.key_material, "foo", 3));
180     }
181 }
182 
TEST(RoundTrip,GetKeyCharacteristicsResponse)183 TEST(RoundTrip, GetKeyCharacteristicsResponse) {
184     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
185         GetKeyCharacteristicsResponse msg(ver);
186         msg.error = KM_ERROR_OK;
187         msg.enforced.Reinitialize(params, array_length(params));
188         msg.unenforced.Reinitialize(params, array_length(params));
189 
190         UniquePtr<GetKeyCharacteristicsResponse> deserialized(round_trip(ver, msg, 160));
191         EXPECT_EQ(msg.enforced, deserialized->enforced);
192         EXPECT_EQ(msg.unenforced, deserialized->unenforced);
193     }
194 }
195 
TEST(RoundTrip,BeginOperationRequest)196 TEST(RoundTrip, BeginOperationRequest) {
197     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
198         BeginOperationRequest msg(ver);
199         msg.purpose = KM_PURPOSE_SIGN;
200         msg.SetKeyMaterial("foo", 3);
201         msg.additional_params.Reinitialize(params, array_length(params));
202 
203         UniquePtr<BeginOperationRequest> deserialized(round_trip(ver, msg, 89));
204         EXPECT_EQ(KM_PURPOSE_SIGN, deserialized->purpose);
205         EXPECT_EQ(3U, deserialized->key_blob.key_material_size);
206         EXPECT_EQ(0, memcmp(deserialized->key_blob.key_material, "foo", 3));
207         EXPECT_EQ(msg.additional_params, deserialized->additional_params);
208     }
209 }
210 
TEST(RoundTrip,BeginOperationResponse)211 TEST(RoundTrip, BeginOperationResponse) {
212     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
213         BeginOperationResponse msg(ver);
214         msg.error = KM_ERROR_OK;
215         msg.op_handle = 0xDEADBEEF;
216         msg.output_params.push_back(Authorization(TAG_NONCE, "foo", 3));
217 
218         UniquePtr<BeginOperationResponse> deserialized;
219         switch (ver) {
220         case 0:
221             deserialized.reset(round_trip(ver, msg, 12));
222             break;
223         case 1:
224         case 2:
225         case 3:
226             deserialized.reset(round_trip(ver, msg, 39));
227             break;
228         default:
229             FAIL();
230         }
231 
232         EXPECT_EQ(KM_ERROR_OK, deserialized->error);
233         EXPECT_EQ(0xDEADBEEF, deserialized->op_handle);
234 
235         switch (ver) {
236         case 0:
237             EXPECT_EQ(0U, deserialized->output_params.size());
238             break;
239         case 1:
240         case 2:
241         case 3:
242             EXPECT_EQ(msg.output_params, deserialized->output_params);
243             break;
244         default:
245             FAIL();
246         }
247     }
248 }
249 
TEST(RoundTrip,BeginOperationResponseError)250 TEST(RoundTrip, BeginOperationResponseError) {
251     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
252         BeginOperationResponse msg(ver);
253         msg.error = KM_ERROR_INVALID_OPERATION_HANDLE;
254         msg.op_handle = 0xDEADBEEF;
255 
256         UniquePtr<BeginOperationResponse> deserialized(round_trip(ver, msg, 4));
257         EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, deserialized->error);
258     }
259 }
260 
TEST(RoundTrip,UpdateOperationRequest)261 TEST(RoundTrip, UpdateOperationRequest) {
262     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
263         UpdateOperationRequest msg(ver);
264         msg.op_handle = 0xDEADBEEF;
265         msg.input.Reinitialize("foo", 3);
266 
267         UniquePtr<UpdateOperationRequest> deserialized;
268         switch (ver) {
269         case 0:
270             deserialized.reset(round_trip(ver, msg, 15));
271             break;
272         case 1:
273         case 2:
274         case 3:
275             deserialized.reset(round_trip(ver, msg, 27));
276             break;
277         default:
278             FAIL();
279         }
280         EXPECT_EQ(3U, deserialized->input.available_read());
281         EXPECT_EQ(0, memcmp(deserialized->input.peek_read(), "foo", 3));
282     }
283 }
284 
TEST(RoundTrip,UpdateOperationResponse)285 TEST(RoundTrip, UpdateOperationResponse) {
286     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
287         UpdateOperationResponse msg(ver);
288         msg.error = KM_ERROR_OK;
289         msg.output.Reinitialize("foo", 3);
290         msg.input_consumed = 99;
291         msg.output_params.push_back(TAG_APPLICATION_ID, "bar", 3);
292 
293         UniquePtr<UpdateOperationResponse> deserialized;
294         switch (ver) {
295         case 0:
296             deserialized.reset(round_trip(ver, msg, 11));
297             break;
298         case 1:
299             deserialized.reset(round_trip(ver, msg, 15));
300             break;
301         case 2:
302         case 3:
303             deserialized.reset(round_trip(ver, msg, 42));
304             break;
305         default:
306             FAIL();
307         }
308         EXPECT_EQ(KM_ERROR_OK, deserialized->error);
309         EXPECT_EQ(3U, deserialized->output.available_read());
310         EXPECT_EQ(0, memcmp(deserialized->output.peek_read(), "foo", 3));
311 
312         switch (ver) {
313         case 0:
314             EXPECT_EQ(0U, deserialized->input_consumed);
315             break;
316         case 1:
317             EXPECT_EQ(99U, deserialized->input_consumed);
318             break;
319         case 2:
320         case 3:
321             EXPECT_EQ(99U, deserialized->input_consumed);
322             EXPECT_EQ(1U, deserialized->output_params.size());
323             break;
324         default:
325             FAIL();
326         }
327     }
328 }
329 
TEST(RoundTrip,FinishOperationRequest)330 TEST(RoundTrip, FinishOperationRequest) {
331     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
332         FinishOperationRequest msg(ver);
333         msg.op_handle = 0xDEADBEEF;
334         msg.signature.Reinitialize("bar", 3);
335         msg.input.Reinitialize("baz", 3);
336 
337         UniquePtr<FinishOperationRequest> deserialized;
338         switch (ver) {
339         case 0:
340             deserialized.reset(round_trip(ver, msg, 15));
341             break;
342         case 1:
343         case 2:
344             deserialized.reset(round_trip(ver, msg, 27));
345             break;
346         case 3:
347             deserialized.reset(round_trip(ver, msg, 34));
348             break;
349         default:
350             FAIL();
351         }
352         EXPECT_EQ(0xDEADBEEF, deserialized->op_handle);
353         EXPECT_EQ(3U, deserialized->signature.available_read());
354         EXPECT_EQ(0, memcmp(deserialized->signature.peek_read(), "bar", 3));
355     }
356 }
357 
TEST(Round_Trip,FinishOperationResponse)358 TEST(Round_Trip, FinishOperationResponse) {
359     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
360         FinishOperationResponse msg(ver);
361         msg.error = KM_ERROR_OK;
362         msg.output.Reinitialize("foo", 3);
363 
364         UniquePtr<FinishOperationResponse> deserialized;
365         switch (ver) {
366         case 0:
367         case 1:
368             deserialized.reset(round_trip(ver, msg, 11));
369             break;
370         case 2:
371         case 3:
372             deserialized.reset(round_trip(ver, msg, 23));
373             break;
374         default:
375             FAIL();
376         }
377         EXPECT_EQ(msg.error, deserialized->error);
378         EXPECT_EQ(msg.output.available_read(), deserialized->output.available_read());
379         EXPECT_EQ(0, memcmp(msg.output.peek_read(), deserialized->output.peek_read(),
380                             msg.output.available_read()));
381     }
382 }
383 
TEST(RoundTrip,ImportKeyRequest)384 TEST(RoundTrip, ImportKeyRequest) {
385     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
386         ImportKeyRequest msg(ver);
387         msg.key_description.Reinitialize(params, array_length(params));
388         msg.key_format = KM_KEY_FORMAT_X509;
389         msg.SetKeyMaterial("foo", 3);
390 
391         UniquePtr<ImportKeyRequest> deserialized(round_trip(ver, msg, 89));
392         EXPECT_EQ(msg.key_description, deserialized->key_description);
393         EXPECT_EQ(msg.key_format, deserialized->key_format);
394         EXPECT_EQ(msg.key_data_length, deserialized->key_data_length);
395         EXPECT_EQ(0, memcmp(msg.key_data, deserialized->key_data, msg.key_data_length));
396     }
397 }
398 
TEST(RoundTrip,ImportKeyResponse)399 TEST(RoundTrip, ImportKeyResponse) {
400     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
401         ImportKeyResponse msg(ver);
402         msg.error = KM_ERROR_OK;
403         msg.SetKeyMaterial("foo", 3);
404         msg.enforced.Reinitialize(params, array_length(params));
405         msg.unenforced.Reinitialize(params, array_length(params));
406 
407         UniquePtr<ImportKeyResponse> deserialized(round_trip(ver, msg, 167));
408         EXPECT_EQ(msg.error, deserialized->error);
409         EXPECT_EQ(msg.key_blob.key_material_size, deserialized->key_blob.key_material_size);
410         EXPECT_EQ(0, memcmp(msg.key_blob.key_material, deserialized->key_blob.key_material,
411                             msg.key_blob.key_material_size));
412         EXPECT_EQ(msg.enforced, deserialized->enforced);
413         EXPECT_EQ(msg.unenforced, deserialized->unenforced);
414     }
415 }
416 
TEST(RoundTrip,ExportKeyRequest)417 TEST(RoundTrip, ExportKeyRequest) {
418     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
419         ExportKeyRequest msg(ver);
420         msg.additional_params.Reinitialize(params, array_length(params));
421         msg.key_format = KM_KEY_FORMAT_X509;
422         msg.SetKeyMaterial("foo", 3);
423 
424         UniquePtr<ExportKeyRequest> deserialized(round_trip(ver, msg, 89));
425         EXPECT_EQ(msg.additional_params, deserialized->additional_params);
426         EXPECT_EQ(msg.key_format, deserialized->key_format);
427         EXPECT_EQ(3U, deserialized->key_blob.key_material_size);
428         EXPECT_EQ(0, memcmp("foo", deserialized->key_blob.key_material, 3));
429     }
430 }
431 
TEST(RoundTrip,ExportKeyResponse)432 TEST(RoundTrip, ExportKeyResponse) {
433     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
434         ExportKeyResponse msg(ver);
435         msg.error = KM_ERROR_OK;
436         msg.SetKeyMaterial("foo", 3);
437 
438         UniquePtr<ExportKeyResponse> deserialized(round_trip(ver, msg, 11));
439         EXPECT_EQ(3U, deserialized->key_data_length);
440         EXPECT_EQ(0, memcmp("foo", deserialized->key_data, 3));
441     }
442 }
443 
TEST(RoundTrip,DeleteKeyRequest)444 TEST(RoundTrip, DeleteKeyRequest) {
445     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
446         DeleteKeyRequest msg(ver);
447         msg.SetKeyMaterial("foo", 3);
448 
449         UniquePtr<DeleteKeyRequest> deserialized(round_trip(ver, msg, 7));
450         EXPECT_EQ(3U, deserialized->key_blob.key_material_size);
451         EXPECT_EQ(0, memcmp("foo", deserialized->key_blob.key_material, 3));
452     }
453 }
454 
TEST(RoundTrip,DeleteKeyResponse)455 TEST(RoundTrip, DeleteKeyResponse) {
456     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
457         DeleteKeyResponse msg(ver);
458         UniquePtr<DeleteKeyResponse> deserialized(round_trip(ver, msg, 4));
459     }
460 }
461 
TEST(RoundTrip,DeleteAllKeysRequest)462 TEST(RoundTrip, DeleteAllKeysRequest) {
463     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
464         DeleteAllKeysRequest msg(ver);
465         UniquePtr<DeleteAllKeysRequest> deserialized(round_trip(ver, msg, 0));
466     }
467 }
468 
TEST(RoundTrip,DeleteAllKeysResponse)469 TEST(RoundTrip, DeleteAllKeysResponse) {
470     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
471         DeleteAllKeysResponse msg(ver);
472         UniquePtr<DeleteAllKeysResponse> deserialized(round_trip(ver, msg, 4));
473     }
474 }
475 
TEST(RoundTrip,GetVersionRequest)476 TEST(RoundTrip, GetVersionRequest) {
477     GetVersionRequest msg;
478 
479     size_t size = msg.SerializedSize();
480     ASSERT_EQ(0U, size);
481 
482     UniquePtr<uint8_t[]> buf(new uint8_t[size]);
483     EXPECT_EQ(buf.get() + size, msg.Serialize(buf.get(), buf.get() + size));
484 
485     GetVersionRequest deserialized;
486     const uint8_t* p = buf.get();
487     EXPECT_TRUE(deserialized.Deserialize(&p, p + size));
488     EXPECT_EQ((ptrdiff_t)size, p - buf.get());
489 }
490 
TEST(RoundTrip,GetVersionResponse)491 TEST(RoundTrip, GetVersionResponse) {
492     GetVersionResponse msg;
493     msg.error = KM_ERROR_OK;
494     msg.major_ver = 9;
495     msg.minor_ver = 98;
496     msg.subminor_ver = 38;
497 
498     size_t size = msg.SerializedSize();
499     ASSERT_EQ(7U, size);
500 
501     UniquePtr<uint8_t[]> buf(new uint8_t[size]);
502     EXPECT_EQ(buf.get() + size, msg.Serialize(buf.get(), buf.get() + size));
503 
504     GetVersionResponse deserialized;
505     const uint8_t* p = buf.get();
506     EXPECT_TRUE(deserialized.Deserialize(&p, p + size));
507     EXPECT_EQ((ptrdiff_t)size, p - buf.get());
508     EXPECT_EQ(9U, msg.major_ver);
509     EXPECT_EQ(98U, msg.minor_ver);
510     EXPECT_EQ(38U, msg.subminor_ver);
511 }
512 
TEST(RoundTrip,ConfigureRequest)513 TEST(RoundTrip, ConfigureRequest) {
514     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
515         ConfigureRequest req(ver);
516         req.os_version = 1;
517         req.os_patchlevel = 1;
518 
519         UniquePtr<ConfigureRequest> deserialized(round_trip(ver, req, 8));
520         EXPECT_EQ(deserialized->os_version, req.os_version);
521         EXPECT_EQ(deserialized->os_patchlevel, req.os_patchlevel);
522     }
523 }
524 
TEST(RoundTrip,ConfigureResponse)525 TEST(RoundTrip, ConfigureResponse) {
526     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
527         ConfigureResponse rsp(ver);
528         UniquePtr<ConfigureResponse> deserialized(round_trip(ver, rsp, 4));
529     }
530 }
531 
TEST(RoundTrip,AddEntropyRequest)532 TEST(RoundTrip, AddEntropyRequest) {
533     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
534         AddEntropyRequest msg(ver);
535         msg.random_data.Reinitialize("foo", 3);
536 
537         UniquePtr<AddEntropyRequest> deserialized(round_trip(ver, msg, 7));
538         EXPECT_EQ(3U, deserialized->random_data.available_read());
539         EXPECT_EQ(0, memcmp("foo", deserialized->random_data.peek_read(), 3));
540     }
541 }
542 
TEST(RoundTrip,AddEntropyResponse)543 TEST(RoundTrip, AddEntropyResponse) {
544     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
545         AddEntropyResponse msg(ver);
546         UniquePtr<AddEntropyResponse> deserialized(round_trip(ver, msg, 4));
547     }
548 }
549 
TEST(RoundTrip,AbortOperationRequest)550 TEST(RoundTrip, AbortOperationRequest) {
551     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
552         AbortOperationRequest msg(ver);
553         UniquePtr<AbortOperationRequest> deserialized(round_trip(ver, msg, 8));
554     }
555 }
556 
TEST(RoundTrip,AbortOperationResponse)557 TEST(RoundTrip, AbortOperationResponse) {
558     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
559         AbortOperationResponse msg(ver);
560         UniquePtr<AbortOperationResponse> deserialized(round_trip(ver, msg, 4));
561     }
562 }
563 
TEST(RoundTrip,AttestKeyRequest)564 TEST(RoundTrip, AttestKeyRequest) {
565     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
566         AttestKeyRequest msg(ver);
567         msg.SetKeyMaterial("foo", 3);
568         msg.attest_params.Reinitialize(params, array_length(params));
569 
570         UniquePtr<AttestKeyRequest> deserialized(round_trip(ver, msg, 85));
571         EXPECT_EQ(3U, deserialized->key_blob.key_material_size);
572         EXPECT_EQ(0, memcmp("foo", deserialized->key_blob.key_material, 3));
573         EXPECT_EQ(msg.attest_params, deserialized->attest_params);
574     }
575 }
576 
TEST(RoundTrip,AttestKeyResponse)577 TEST(RoundTrip, AttestKeyResponse) {
578     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
579         AttestKeyResponse msg(ver);
580         msg.error = KM_ERROR_OK;
581         EXPECT_TRUE(msg.AllocateChain(3));
582         msg.certificate_chain.entries[0] = {dup_buffer("foo", 3), 3};
583         msg.certificate_chain.entries[1] = {dup_buffer("bar", 3), 3};
584         msg.certificate_chain.entries[2] = {dup_buffer("baz", 3), 3};
585 
586         UniquePtr<AttestKeyResponse> deserialized(round_trip(ver, msg, 29));
587         keymaster_cert_chain_t* chain = &deserialized->certificate_chain;
588 
589         EXPECT_NE(nullptr, chain->entries);
590         EXPECT_EQ(3U, chain->entry_count);
591         EXPECT_EQ(3U, chain->entries[0].data_length);
592         EXPECT_EQ(0, memcmp("foo", chain->entries[0].data, 3));
593         EXPECT_EQ(3U, chain->entries[1].data_length);
594         EXPECT_EQ(0, memcmp("bar", chain->entries[1].data, 3));
595         EXPECT_EQ(3U, chain->entries[2].data_length);
596         EXPECT_EQ(0, memcmp("baz", chain->entries[2].data, 3));
597     }
598 }
599 
TEST(RoundTrip,UpgradeKeyRequest)600 TEST(RoundTrip, UpgradeKeyRequest) {
601     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
602         UpgradeKeyRequest msg(ver);
603         msg.SetKeyMaterial("foo", 3);
604         msg.upgrade_params.Reinitialize(params, array_length(params));
605 
606         UniquePtr<UpgradeKeyRequest> deserialized(round_trip(ver, msg, 85));
607         EXPECT_EQ(3U, deserialized->key_blob.key_material_size);
608         EXPECT_EQ(0, memcmp("foo", deserialized->key_blob.key_material, 3));
609         EXPECT_EQ(msg.upgrade_params, deserialized->upgrade_params);
610     }
611 }
612 
TEST(RoundTrip,UpgradeKeyResponse)613 TEST(RoundTrip, UpgradeKeyResponse) {
614     for (int ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
615         UpgradeKeyResponse req(ver);
616         req.error = KM_ERROR_OK;
617         req.upgraded_key.key_material = dup_array(TEST_DATA);
618         req.upgraded_key.key_material_size = array_length(TEST_DATA);
619 
620         UniquePtr<UpgradeKeyResponse> deserialized(round_trip(ver, req, 19));
621         EXPECT_EQ(KM_ERROR_OK, deserialized->error);
622         EXPECT_EQ(req.upgraded_key.key_material_size, deserialized->upgraded_key.key_material_size);
623         EXPECT_EQ(0, memcmp(req.upgraded_key.key_material, deserialized->upgraded_key.key_material,
624                             req.upgraded_key.key_material_size));
625     }
626 }
627 
628 uint8_t msgbuf[] = {
629     220, 88,  183, 255, 71,  1,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,
630     0,   173, 0,   0,   0,   228, 174, 98,  187, 191, 135, 253, 200, 51,  230, 114, 247, 151, 109,
631     237, 79,  87,  32,  94,  5,   204, 46,  154, 30,  91,  6,   103, 148, 254, 129, 65,  171, 228,
632     167, 224, 163, 9,   15,  206, 90,  58,  11,  205, 55,  211, 33,  87,  178, 149, 91,  28,  236,
633     218, 112, 231, 34,  82,  82,  134, 103, 137, 115, 27,  156, 102, 159, 220, 226, 89,  42,  25,
634     37,  9,   84,  239, 76,  161, 198, 72,  167, 163, 39,  91,  148, 191, 17,  191, 87,  169, 179,
635     136, 10,  194, 154, 4,   40,  107, 109, 61,  161, 20,  176, 247, 13,  214, 106, 229, 45,  17,
636     5,   60,  189, 64,  39,  166, 208, 14,  57,  25,  140, 148, 25,  177, 246, 189, 43,  181, 88,
637     204, 29,  126, 224, 100, 143, 93,  60,  57,  249, 55,  0,   87,  83,  227, 224, 166, 59,  214,
638     81,  144, 129, 58,  6,   57,  46,  254, 232, 41,  220, 209, 230, 167, 138, 158, 94,  180, 125,
639     247, 26,  162, 116, 238, 202, 187, 100, 65,  13,  180, 44,  245, 159, 83,  161, 176, 58,  72,
640     236, 109, 105, 160, 0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,
641     0,   11,  0,   0,   0,   98,  0,   0,   0,   1,   0,   0,   32,  2,   0,   0,   0,   1,   0,
642     0,   32,  3,   0,   0,   0,   2,   0,   0,   16,  1,   0,   0,   0,   3,   0,   0,   48,  0,
643     1,   0,   0,   200, 0,   0,   80,  3,   0,   0,   0,   0,   0,   0,   0,   244, 1,   0,   112,
644     1,   246, 1,   0,   112, 1,   189, 2,   0,   96,  144, 178, 236, 250, 255, 255, 255, 255, 145,
645     1,   0,   96,  144, 226, 33,  60,  222, 2,   0,   0,   189, 2,   0,   96,  0,   0,   0,   0,
646     0,   0,   0,   0,   190, 2,   0,   16,  1,   0,   0,   0,   12,  0,   0,   0,   0,   0,   0,
647     0,   0,   0,   0,   0,   0,   0,   0,   0,   110, 0,   0,   0,   0,   0,   0,   0,   11,  0,
648     0,   0,   98,  0,   0,   0,   1,   0,   0,   32,  2,   0,   0,   0,   1,   0,   0,   32,  3,
649     0,   0,   0,   2,   0,   0,   16,  1,   0,   0,   0,   3,   0,   0,   48,  0,   1,   0,   0,
650     200, 0,   0,   80,  3,   0,   0,   0,   0,   0,   0,   0,   244, 1,   0,   112, 1,   246, 1,
651     0,   112, 1,   189, 2,   0,   96,  144, 178, 236, 250, 255, 255, 255, 255, 145, 1,   0,   96,
652     144, 226, 33,  60,  222, 2,   0,   0,   189, 2,   0,   96,  0,   0,   0,   0,   0,   0,   0,
653     0,   190, 2,   0,   16,  1,   0,   0,   0,
654 };
655 
656 /*
657  * These tests don't have any assertions or expectations. They just try to parse garbage, to see if
658  * the result will be a crash.  This is especially informative when run under Valgrind memcheck.
659  */
660 
parse_garbage()661 template <typename Message> void parse_garbage() {
662     for (int32_t ver = 0; ver <= MAX_MESSAGE_VERSION; ++ver) {
663         Message msg(ver);
664         const uint8_t* end = msgbuf + array_length(msgbuf);
665         for (size_t i = 0; i < array_length(msgbuf); ++i) {
666             const uint8_t* begin = msgbuf + i;
667             const uint8_t* p = begin;
668             msg.Deserialize(&p, end);
669         }
670     }
671 
672     time_t now = time(nullptr);
673     std::cout << "Seeding rand() with " << now << " for fuzz test." << std::endl;
674     srand(now);
675 
676     // Fill large buffer with random bytes.
677     const int kBufSize = 10000;
678     UniquePtr<uint8_t[]> buf(new uint8_t[kBufSize]);
679     for (size_t i = 0; i < kBufSize; ++i)
680         buf[i] = static_cast<uint8_t>(rand());
681 
682     for (uint32_t ver = 0; ver < MAX_MESSAGE_VERSION; ++ver) {
683         Message msg(ver);
684         const uint8_t* end = buf.get() + kBufSize;
685         for (size_t i = 0; i < kBufSize; ++i) {
686             const uint8_t* begin = buf.get() + i;
687             const uint8_t* p = begin;
688             msg.Deserialize(&p, end);
689         }
690     }
691 }
692 
693 #define GARBAGE_TEST(Message)                                                                      \
694     TEST(GarbageTest, Message) { parse_garbage<Message>(); }
695 
696 GARBAGE_TEST(AbortOperationRequest);
697 GARBAGE_TEST(AbortOperationResponse);
698 GARBAGE_TEST(AddEntropyRequest);
699 GARBAGE_TEST(AddEntropyResponse);
700 GARBAGE_TEST(BeginOperationRequest);
701 GARBAGE_TEST(BeginOperationResponse);
702 GARBAGE_TEST(DeleteAllKeysRequest);
703 GARBAGE_TEST(DeleteAllKeysResponse);
704 GARBAGE_TEST(DeleteKeyRequest);
705 GARBAGE_TEST(DeleteKeyResponse);
706 GARBAGE_TEST(ExportKeyRequest);
707 GARBAGE_TEST(ExportKeyResponse);
708 GARBAGE_TEST(FinishOperationRequest);
709 GARBAGE_TEST(FinishOperationResponse);
710 GARBAGE_TEST(GenerateKeyRequest);
711 GARBAGE_TEST(GenerateKeyResponse);
712 GARBAGE_TEST(GetKeyCharacteristicsRequest);
713 GARBAGE_TEST(GetKeyCharacteristicsResponse);
714 GARBAGE_TEST(ImportKeyRequest);
715 GARBAGE_TEST(ImportKeyResponse);
716 GARBAGE_TEST(SupportedByAlgorithmAndPurposeRequest)
717 GARBAGE_TEST(SupportedByAlgorithmRequest)
718 GARBAGE_TEST(UpdateOperationRequest);
719 GARBAGE_TEST(UpdateOperationResponse);
720 GARBAGE_TEST(AttestKeyRequest);
721 GARBAGE_TEST(AttestKeyResponse);
722 GARBAGE_TEST(UpgradeKeyRequest);
723 GARBAGE_TEST(UpgradeKeyResponse);
724 
725 // The macro doesn't work on this one.
TEST(GarbageTest,SupportedResponse)726 TEST(GarbageTest, SupportedResponse) {
727     parse_garbage<SupportedResponse<keymaster_digest_t>>();
728 }
729 
730 }  // namespace test
731 
732 }  // namespace keymaster
733