Merge changes I8b34a94c,I46e62ab9 into android13-tests-dev am: c8b9250b am: a012a313

    ],

    ],

    static_libs: [

    static_libs: [

        "android.hardware.security.secureclock-V1-ndk",

        "android.hardware.security.secureclock-V1-ndk",

        "libavb_user",

        "libavb",

        "libcppbor_external",

        "libcppbor_external",

        "libcppcose_rkp",

        "libcppcose_rkp",

        "libfs_mgr",

        "libjsoncpp",

        "libjsoncpp",

        "libkeymint",

        "libkeymint",

        "libkeymint_remote_prov_support",

        "libkeymint_remote_prov_support",

    ],

    ],

    srcs: [

    srcs: [

        "AttestKeyTest.cpp",

        "AttestKeyTest.cpp",

        "BootloaderStateTest.cpp",

        "DeviceUniqueAttestationTest.cpp",

        "DeviceUniqueAttestationTest.cpp",

        "KeyMintTest.cpp",

        "KeyMintTest.cpp",

        "SecureElementProvisioningTest.cpp",

        "SecureElementProvisioningTest.cpp",

/*

 * Copyright (C) 2023 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#define LOG_TAG "keymint_1_bootloader_test"

#include <memory>

#include <optional>

#include <string>

#include <vector>

#include <android-base/properties.h>

#include <android/binder_manager.h>

#include <fstab/fstab.h>

#include <libavb/libavb.h>

#include <libavb_user/avb_ops_user.h>

#include <remote_prov/remote_prov_utils.h>

#include "KeyMintAidlTestBase.h"

namespace aidl::android::hardware::security::keymint::test {

using ::android::getAidlHalInstanceNames;

using ::std::string;

using ::std::vector;

// Since this test needs to talk to KeyMint HAL, it can only run as root. Thus,

// bootloader can not be locked.

// @CddTest = 9.10/C-0-2

class BootloaderStateTest : public KeyMintAidlTestBase {

  public:

    virtual void SetUp() override {

        KeyMintAidlTestBase::SetUp();

        // Generate a key with attestation.

        vector<uint8_t> key_blob;

        vector<KeyCharacteristics> key_characteristics;

        AuthorizationSet keyDesc = AuthorizationSetBuilder()

                                           .Authorization(TAG_NO_AUTH_REQUIRED)

                                           .EcdsaSigningKey(EcCurve::P_256)

                                           .AttestationChallenge("foo")

                                           .AttestationApplicationId("bar")

                                           .Digest(Digest::NONE)

                                           .SetDefaultValidity();

        auto result = GenerateKey(keyDesc, &key_blob, &key_characteristics);

        // If factory provisioned attestation key is not supported by Strongbox,

        // then create a key with self-signed attestation and use it as the

        // attestation key instead.

        if (SecLevel() == SecurityLevel::STRONGBOX &&

            result == ErrorCode::ATTESTATION_KEYS_NOT_PROVISIONED) {

            result = GenerateKeyWithSelfSignedAttestKey(

                    AuthorizationSetBuilder()

                            .EcdsaKey(EcCurve::P_256)

                            .AttestKey()

                            .SetDefaultValidity(), /* attest key params */

                    keyDesc, &key_blob, &key_characteristics);

        }

        ASSERT_EQ(ErrorCode::OK, result);

        // Parse attested AVB values.

        X509_Ptr cert(parse_cert_blob(cert_chain_[0].encodedCertificate));

        ASSERT_TRUE(cert.get());

        ASN1_OCTET_STRING* attest_rec = get_attestation_record(cert.get());

        ASSERT_TRUE(attest_rec);

        auto error = parse_root_of_trust(attest_rec->data, attest_rec->length, &attestedVbKey_,

                                         &attestedVbState_, &attestedBootloaderState_,

                                         &attestedVbmetaDigest_);

        ASSERT_EQ(error, ErrorCode::OK);

    }

    vector<uint8_t> attestedVbKey_;

    VerifiedBoot attestedVbState_;

    bool attestedBootloaderState_;

    vector<uint8_t> attestedVbmetaDigest_;

};

// Check that attested bootloader state is set to unlocked.

TEST_P(BootloaderStateTest, BootloaderIsUnlocked) {

    ASSERT_FALSE(attestedBootloaderState_)

            << "This test runs as root. Bootloader must be unlocked.";

}

// Check that verified boot state is set to "unverified", i.e. "orange".

TEST_P(BootloaderStateTest, VbStateIsUnverified) {

    // Unlocked bootloader implies that verified boot state must be "unverified".

    ASSERT_EQ(attestedVbState_, VerifiedBoot::UNVERIFIED)

            << "Verified boot state must be \"UNVERIFIED\" aka \"orange\".";

    // AVB spec stipulates that bootloader must set "androidboot.verifiedbootstate" parameter

    // on the kernel command-line. This parameter is exposed to userspace as

    // "ro.boot.verifiedbootstate" property.

    auto vbStateProp = ::android::base::GetProperty("ro.boot.verifiedbootstate", "");

    ASSERT_EQ(vbStateProp, "orange")

            << "Verified boot state must be \"UNVERIFIED\" aka \"orange\".";

}

// Following error codes from avb_slot_data() mean that slot data was loaded

// (even if verification failed).

static inline bool avb_slot_data_loaded(AvbSlotVerifyResult result) {

    switch (result) {

        case AVB_SLOT_VERIFY_RESULT_OK:

        case AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION:

        case AVB_SLOT_VERIFY_RESULT_ERROR_ROLLBACK_INDEX:

        case AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED:

            return true;

        default:

            return false;

    }

}

// Check that attested vbmeta digest is correct.

TEST_P(BootloaderStateTest, VbmetaDigest) {

    AvbSlotVerifyData* avbSlotData;

    auto suffix = fs_mgr_get_slot_suffix();

    const char* partitions[] = {nullptr};

    auto avbOps = avb_ops_user_new();

    // For VTS, devices run with vendor_boot-debug.img, which is not release key

    // signed. Use AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR to bypass avb

    // verification errors. This is OK since we only care about the digest for

    // this test case.

    auto result = avb_slot_verify(avbOps, partitions, suffix.c_str(),

                                  AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR,

                                  AVB_HASHTREE_ERROR_MODE_EIO, &avbSlotData);

    ASSERT_TRUE(avb_slot_data_loaded(result)) << "Failed to load avb slot data";

    // Unfortunately, bootloader is not required to report the algorithm used

    // to calculate the digest. There are only two supported options though,

    // SHA256 and SHA512. Attested VBMeta digest must match one of these.

    vector<uint8_t> digest256(AVB_SHA256_DIGEST_SIZE);

    vector<uint8_t> digest512(AVB_SHA512_DIGEST_SIZE);

    avb_slot_verify_data_calculate_vbmeta_digest(avbSlotData, AVB_DIGEST_TYPE_SHA256,

                                                 digest256.data());

    avb_slot_verify_data_calculate_vbmeta_digest(avbSlotData, AVB_DIGEST_TYPE_SHA512,

                                                 digest512.data());

    ASSERT_TRUE((attestedVbmetaDigest_ == digest256) || (attestedVbmetaDigest_ == digest512))

            << "Attested digest does not match computed digest.";

}

INSTANTIATE_KEYMINT_AIDL_TEST(BootloaderStateTest);

}  // namespace aidl::android::hardware::security::keymint::test

    return true;

    return true;

}

}

// Extract attestation record from cert. Returned object is still part of cert; don't free it

// separately.

ASN1_OCTET_STRING* get_attestation_record(X509* certificate) {

    ASN1_OBJECT_Ptr oid(OBJ_txt2obj(kAttestionRecordOid, 1 /* dotted string format */));

    EXPECT_TRUE(!!oid.get());

    if (!oid.get()) return nullptr;

    int location = X509_get_ext_by_OBJ(certificate, oid.get(), -1 /* search from beginning */);

    EXPECT_NE(-1, location) << "Attestation extension not found in certificate";

    if (location == -1) return nullptr;

    X509_EXTENSION* attest_rec_ext = X509_get_ext(certificate, location);

    EXPECT_TRUE(!!attest_rec_ext)

            << "Found attestation extension but couldn't retrieve it?  Probably a BoringSSL bug.";

    if (!attest_rec_ext) return nullptr;

    ASN1_OCTET_STRING* attest_rec = X509_EXTENSION_get_data(attest_rec_ext);

    EXPECT_TRUE(!!attest_rec) << "Attestation extension contained no data";

    return attest_rec;

}

void check_attestation_version(uint32_t attestation_version, int32_t aidl_version) {

void check_attestation_version(uint32_t attestation_version, int32_t aidl_version) {

    // Version numbers in attestation extensions should be a multiple of 100.

    // Version numbers in attestation extensions should be a multiple of 100.

    EXPECT_EQ(attestation_version % 100, 0);

    EXPECT_EQ(attestation_version % 100, 0);

    return X509_Ptr(d2i_X509(nullptr /* allocate new */, &p, blob.size()));

    return X509_Ptr(d2i_X509(nullptr /* allocate new */, &p, blob.size()));

}

}

// Extract attestation record from cert. Returned object is still part of cert; don't free it

// separately.

ASN1_OCTET_STRING* get_attestation_record(X509* certificate) {

    ASN1_OBJECT_Ptr oid(OBJ_txt2obj(kAttestionRecordOid, 1 /* dotted string format */));

    EXPECT_TRUE(!!oid.get());

    if (!oid.get()) return nullptr;

    int location = X509_get_ext_by_OBJ(certificate, oid.get(), -1 /* search from beginning */);

    EXPECT_NE(-1, location) << "Attestation extension not found in certificate";

    if (location == -1) return nullptr;

    X509_EXTENSION* attest_rec_ext = X509_get_ext(certificate, location);

    EXPECT_TRUE(!!attest_rec_ext)

            << "Found attestation extension but couldn't retrieve it?  Probably a BoringSSL bug.";

    if (!attest_rec_ext) return nullptr;

    ASN1_OCTET_STRING* attest_rec = X509_EXTENSION_get_data(attest_rec_ext);

    EXPECT_TRUE(!!attest_rec) << "Attestation extension contained no data";

    return attest_rec;

}

vector<uint8_t> make_name_from_str(const string& name) {

vector<uint8_t> make_name_from_str(const string& name) {

    X509_NAME_Ptr x509_name(X509_NAME_new());

    X509_NAME_Ptr x509_name(X509_NAME_new());

    EXPECT_TRUE(x509_name.get() != nullptr);

    EXPECT_TRUE(x509_name.get() != nullptr);

string bin2hex(const vector<uint8_t>& data);

string bin2hex(const vector<uint8_t>& data);

X509_Ptr parse_cert_blob(const vector<uint8_t>& blob);

X509_Ptr parse_cert_blob(const vector<uint8_t>& blob);

ASN1_OCTET_STRING* get_attestation_record(X509* certificate);

vector<uint8_t> make_name_from_str(const string& name);

vector<uint8_t> make_name_from_str(const string& name);

void check_maced_pubkey(const MacedPublicKey& macedPubKey, bool testMode,

void check_maced_pubkey(const MacedPublicKey& macedPubKey, bool testMode,

                        vector<uint8_t>* payload_value);

                        vector<uint8_t>* payload_value);