Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 55d453f1 authored by Seth Moore's avatar Seth Moore Committed by Automerger Merge Worker
Browse files

Add a unit test for remote_prov_utils am: 42a2f6b6 

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1748601

Change-Id: I885b63ac7aadd88351a3991576dc94562e13740d
parents be53a67a 42a2f6b6

security/keymint/support/Android.bp

+16 −0
Original line number Original line Diff line number Diff line
@@ -62,3 +62,19 @@ cc_library { 
        "libcrypto",

        "libcrypto",

    ],

    ],

}

}



cc_test {

    name: "libkeymint_remote_prov_support_test",

    srcs: ["remote_prov_utils_test.cpp"],

    static_libs: [

        "libgmock",

        "libgtest_main",

    ],

    shared_libs: [

        "libcppbor_external",

        "libcppcose_rkp",

        "libcrypto",

        "libkeymaster_portable",

        "libkeymint_remote_prov_support",

    ],

}

security/keymint/support/remote_prov_utils.cpp

+4 −0
Original line number Original line Diff line number Diff line
@@ -31,6 +31,10 @@ bytevec randomBytes(size_t numBytes) { 
}

}





ErrMsgOr<EekChain> generateEekChain(size_t length, const bytevec& eekId) {

ErrMsgOr<EekChain> generateEekChain(size_t length, const bytevec& eekId) {

    if (length < 2) {

        return "EEK chain must contain at least 2 certs.";

    }



    auto eekChain = cppbor::Array();

    auto eekChain = cppbor::Array();





    bytevec prev_priv_key;

    bytevec prev_priv_key;

security/keymint/support/remote_prov_utils_test.cpp

0 → 100644
+55 −0
Original line number Original line Diff line number Diff line 
/*

 * Copyright 2021 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



#include <gmock/gmock.h>

#include <gtest/gtest.h>

#include <keymaster/android_keymaster_utils.h>

#include <keymaster/remote_provisioning_utils.h>

#include <openssl/curve25519.h>

#include <remote_prov/remote_prov_utils.h>

#include <cstdint>



namespace aidl::android::hardware::security::keymint::remote_prov {

namespace {



using ::keymaster::KeymasterBlob;

using ::keymaster::validateAndExtractEekPubAndId;

using ::testing::ElementsAreArray;



TEST(RemoteProvUtilsTest, GenerateEekChainInvalidLength) {

    ASSERT_FALSE(generateEekChain(1, /*eekId=*/{}));

}



TEST(RemoteProvUtilsTest, GenerateEekChain) {

    bytevec kTestEekId = {'t', 'e', 's', 't', 'I', 'd', 0};

    for (size_t length : {2, 3, 31}) {

        auto get_eek_result = generateEekChain(length, kTestEekId);

        ASSERT_TRUE(get_eek_result) << get_eek_result.message();



        auto& [chain, pubkey, privkey] = *get_eek_result;



        auto validation_result = validateAndExtractEekPubAndId(

                /*testMode=*/true, KeymasterBlob(chain.data(), chain.size()));

        ASSERT_TRUE(validation_result.isOk());



        auto& [eekPub, eekId] = *validation_result;

        EXPECT_THAT(eekId, ElementsAreArray(kTestEekId));

        EXPECT_THAT(eekPub, ElementsAreArray(pubkey));

    }

}



}  // namespace

}  // namespace aidl::android::hardware::security::keymint::remote_prov