1 /*
2 * Copyright (C) 2018 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 /**
18 * This app tests the API in app/keymaster/secure_storage.h. To run this test,
19 * include keymaster/storage_test in TRUSTY_ALL_USER_TASKS, and it will be start
20 * once an RPMB proxy becomes available.
21 *
22 * Different application has different namespace, so this would not affect the
23 * keymaster app's RPMB storage.
24 */
25
26 #include <assert.h>
27 #include <malloc.h>
28 #include <stdio.h>
29 #ifndef __clang__
30 // We need to diable foritfy level for memset in gcc because we want to use
31 // memset unoptimized. This would falsely trigger __warn_memset_zero_len in
32 // /usr/include/bits/string3.h. The inline checking function is only supposed to
33 // work when the optimization level is at least 1. In android_keymaster_utils.h
34 // we would use memset unoptimized.
35 #pragma push_macro("__USE_FORTIFY_LEVEL")
36 #undef __USE_FORTIFY_LEVEL
37 #endif
38 #include <string.h>
39 #ifndef __clang__
40 #pragma pop_macro("__USE_FORTIFY_LEVEL")
41 #endif
42 #include <fstream>
43
44 #define typeof(x) __typeof__(x)
45 #include <trusty_unittest.h>
46
47 #include <keymaster/android_keymaster_utils.h>
48 #include "second_imei_attestation.h"
49 #include "secure_storage_manager.h"
50
51 #define DATA_SIZE 2048
52 #define CHAIN_LENGTH 3
53
54 #define TLOG_TAG "km_storage_test"
55
56 using keymaster::AttestationKeySlot;
57 using keymaster::calculate_luhn_checksum_digit;
58 using keymaster::CertificateChain;
59 using keymaster::kAttestationUuidSize;
60 using keymaster::KeymasterKeyBlob;
61 using keymaster::kProductIdSize;
62 using keymaster::SecureStorageManager;
63 using keymaster::validate_second_imei;
64
NewRandBuf(size_t size)65 uint8_t* NewRandBuf(size_t size) {
66 uint8_t* buf = new uint8_t[size];
67 if (buf == nullptr) {
68 return buf;
69 }
70 for (uint8_t* i = buf;
71 reinterpret_cast<size_t>(i) < reinterpret_cast<size_t>(buf) + size;
72 i++) {
73 *i = static_cast<uint8_t>(rand() % UINT8_MAX);
74 }
75 return buf;
76 }
77
TestKeyStorage(AttestationKeySlot key_slot)78 void TestKeyStorage(AttestationKeySlot key_slot) {
79 keymaster_error_t error = KM_ERROR_OK;
80 keymaster::UniquePtr<uint8_t[]> write_key;
81 KeymasterKeyBlob key_blob;
82 bool key_exists = false;
83
84 SecureStorageManager* ss_manager = SecureStorageManager::get_instance();
85 ASSERT_NE(nullptr, ss_manager);
86
87 write_key.reset(NewRandBuf(DATA_SIZE));
88 ASSERT_NE(nullptr, write_key.get());
89
90 error = ss_manager->WriteKeyToStorage(key_slot, write_key.get(), DATA_SIZE);
91 ASSERT_EQ(KM_ERROR_OK, error);
92
93 key_blob = ss_manager->ReadKeyFromStorage(key_slot, &error);
94 ASSERT_EQ(KM_ERROR_OK, error);
95 ASSERT_EQ(DATA_SIZE, key_blob.key_material_size);
96 ASSERT_NE(nullptr, write_key.get());
97 ASSERT_EQ(0, memcmp(write_key.get(), key_blob.writable_data(), DATA_SIZE));
98
99 error = ss_manager->AttestationKeyExists(key_slot, &key_exists);
100 ASSERT_EQ(KM_ERROR_OK, error);
101 ASSERT_EQ(true, key_exists);
102
103 test_abort:;
104 }
105
TestCertChainStorage(AttestationKeySlot key_slot,bool chain_exists)106 void TestCertChainStorage(AttestationKeySlot key_slot, bool chain_exists) {
107 keymaster_error_t error = KM_ERROR_OK;
108 keymaster::UniquePtr<uint8_t[]> write_cert[CHAIN_LENGTH];
109 unsigned int i = 0;
110 uint32_t cert_chain_length;
111 CertificateChain chain;
112
113 SecureStorageManager* ss_manager = SecureStorageManager::get_instance();
114 ASSERT_NE(nullptr, ss_manager);
115
116 for (i = 0; i < CHAIN_LENGTH; ++i) {
117 write_cert[i].reset(NewRandBuf(DATA_SIZE));
118 ASSERT_NE(nullptr, write_cert[i].get());
119
120 error = ss_manager->WriteCertToStorage(key_slot, write_cert[i].get(),
121 DATA_SIZE, i);
122 ASSERT_EQ(KM_ERROR_OK, error);
123
124 error = ss_manager->ReadCertChainLength(key_slot, &cert_chain_length);
125 ASSERT_EQ(KM_ERROR_OK, error);
126 if (chain_exists) {
127 ASSERT_EQ(3, cert_chain_length);
128 } else {
129 ASSERT_EQ(i + 1, cert_chain_length);
130 }
131 }
132
133 error = ss_manager->ReadCertChainFromStorage(key_slot, &chain);
134 ASSERT_EQ(KM_ERROR_OK, error);
135 ASSERT_EQ(CHAIN_LENGTH, chain.entry_count);
136 for (i = 0; i < CHAIN_LENGTH; ++i) {
137 ASSERT_EQ(DATA_SIZE, chain.entries[i].data_length);
138 ASSERT_EQ(0, memcmp(write_cert[i].get(), chain.entries[i].data,
139 DATA_SIZE));
140 }
141
142 error = ss_manager->DeleteCertChainFromStorage(key_slot);
143 ASSERT_EQ(KM_ERROR_OK, error);
144 chain.Clear();
145 error = ss_manager->ReadCertChainFromStorage(key_slot, &chain);
146 ASSERT_EQ(KM_ERROR_OK, error);
147 ASSERT_EQ(0, chain.entry_count);
148
149 test_abort:;
150 }
151
TestCertStorageInvalid(AttestationKeySlot key_slot)152 void TestCertStorageInvalid(AttestationKeySlot key_slot) {
153 keymaster_error_t error = KM_ERROR_OK;
154 keymaster::UniquePtr<uint8_t[]> write_cert;
155 uint32_t cert_chain_length;
156
157 SecureStorageManager* ss_manager = SecureStorageManager::get_instance();
158 ASSERT_NE(nullptr, ss_manager);
159
160 // Clear existing certificate chain
161 error = ss_manager->DeleteKey(key_slot, true);
162 ASSERT_EQ(KM_ERROR_OK, error);
163 error = ss_manager->ReadCertChainLength(key_slot, &cert_chain_length);
164 ASSERT_EQ(KM_ERROR_OK, error);
165 ASSERT_EQ(0, cert_chain_length);
166
167 // Try to write to index (chain_length + 1)
168 write_cert.reset(NewRandBuf(DATA_SIZE));
169 ASSERT_NE(nullptr, write_cert.get());
170 error = ss_manager->WriteCertToStorage(key_slot, write_cert.get(),
171 DATA_SIZE, 1);
172 ASSERT_EQ(KM_ERROR_INVALID_ARGUMENT, error);
173
174 // Verify that cert chain length didn't change
175 error = ss_manager->ReadCertChainLength(key_slot, &cert_chain_length);
176 ASSERT_EQ(KM_ERROR_OK, error);
177 ASSERT_EQ(0, cert_chain_length);
178
179 test_abort:;
180 }
181
DeleteAttestationData()182 void DeleteAttestationData() {
183 keymaster_error_t error = KM_ERROR_OK;
184 uint32_t cert_chain_length;
185 bool key_exists;
186
187 SecureStorageManager* ss_manager = SecureStorageManager::get_instance();
188 ASSERT_NE(nullptr, ss_manager);
189
190 error = ss_manager->DeleteAllAttestationData();
191 ASSERT_EQ(KM_ERROR_OK, error);
192
193 error = ss_manager->ReadCertChainLength(AttestationKeySlot::kRsa,
194 &cert_chain_length);
195 ASSERT_EQ(KM_ERROR_OK, error);
196 ASSERT_EQ(0, cert_chain_length);
197 error = ss_manager->ReadCertChainLength(AttestationKeySlot::kEcdsa,
198 &cert_chain_length);
199 ASSERT_EQ(KM_ERROR_OK, error);
200 ASSERT_EQ(0, cert_chain_length);
201
202 error = ss_manager->AttestationKeyExists(AttestationKeySlot::kRsa,
203 &key_exists);
204 ASSERT_EQ(KM_ERROR_OK, error);
205 ASSERT_EQ(false, key_exists);
206 error = ss_manager->AttestationKeyExists(AttestationKeySlot::kEcdsa,
207 &key_exists);
208 ASSERT_EQ(KM_ERROR_OK, error);
209 ASSERT_EQ(false, key_exists);
210
211 test_abort:;
212 }
213
TestUuidStorage()214 void TestUuidStorage() {
215 keymaster_error_t error = KM_ERROR_OK;
216 keymaster::UniquePtr<uint8_t[]> write_uuid;
217 keymaster::UniquePtr<uint8_t[]> read_uuid(
218 new uint8_t[kAttestationUuidSize]);
219
220 SecureStorageManager* ss_manager = SecureStorageManager::get_instance();
221 ASSERT_NE(nullptr, ss_manager);
222
223 error = ss_manager->DeleteAttestationUuid();
224 ASSERT_EQ(KM_ERROR_OK, error);
225
226 write_uuid.reset(NewRandBuf(kAttestationUuidSize));
227 ASSERT_NE(nullptr, write_uuid.get());
228
229 error = ss_manager->WriteAttestationUuid((const uint8_t*)write_uuid.get());
230 ASSERT_EQ(KM_ERROR_OK, error);
231
232 error = ss_manager->ReadAttestationUuid(read_uuid.get());
233 ASSERT_EQ(KM_ERROR_OK, error);
234 ASSERT_NE(nullptr, read_uuid.get());
235 ASSERT_EQ(0, memcmp(write_uuid.get(), read_uuid.get(), kProductIdSize));
236
237 error = ss_manager->DeleteAttestationUuid();
238 ASSERT_EQ(KM_ERROR_OK, error);
239
240 test_abort:;
241 }
242
TestProductIdStorage()243 void TestProductIdStorage() {
244 keymaster_error_t error = KM_ERROR_OK;
245 keymaster::UniquePtr<uint8_t[]> write_productid;
246 keymaster::UniquePtr<uint8_t[]> read_productid(new uint8_t[kProductIdSize]);
247
248 SecureStorageManager* ss_manager = SecureStorageManager::get_instance();
249 ASSERT_NE(nullptr, ss_manager);
250
251 error = ss_manager->DeleteProductId();
252 ASSERT_EQ(KM_ERROR_OK, error);
253
254 write_productid.reset(NewRandBuf(kProductIdSize));
255 ASSERT_NE(nullptr, write_productid.get());
256
257 error = ss_manager->SetProductId((const uint8_t*)write_productid.get());
258 ASSERT_EQ(KM_ERROR_OK, error);
259
260 error = ss_manager->ReadProductId(read_productid.get());
261 ASSERT_EQ(KM_ERROR_OK, error);
262 ASSERT_NE(nullptr, read_productid.get());
263 ASSERT_EQ(0, memcmp(write_productid.get(), read_productid.get(),
264 kProductIdSize));
265
266 error = ss_manager->DeleteProductId();
267 ASSERT_EQ(KM_ERROR_OK, error);
268
269 test_abort:;
270 }
271
TestProductIdStoragePreventOverwrite()272 void TestProductIdStoragePreventOverwrite() {
273 keymaster_error_t error = KM_ERROR_OK;
274 keymaster::UniquePtr<uint8_t[]> write_productid;
275 keymaster::UniquePtr<uint8_t[]> overwrite_productid;
276 keymaster::UniquePtr<uint8_t[]> read_productid(new uint8_t[kProductIdSize]);
277
278 SecureStorageManager* ss_manager = SecureStorageManager::get_instance();
279 ASSERT_NE(nullptr, ss_manager);
280
281 error = ss_manager->DeleteProductId();
282 ASSERT_EQ(KM_ERROR_OK, error);
283
284 write_productid.reset(NewRandBuf(kProductIdSize));
285 ASSERT_NE(nullptr, write_productid.get());
286
287 error = ss_manager->SetProductId((const uint8_t*)write_productid.get());
288 ASSERT_EQ(KM_ERROR_OK, error);
289
290 overwrite_productid.reset(NewRandBuf(kProductIdSize));
291 error = ss_manager->SetProductId((const uint8_t*)write_productid.get());
292 ASSERT_EQ(KM_ERROR_INVALID_ARGUMENT, error);
293
294 error = ss_manager->ReadProductId(read_productid.get());
295 ASSERT_EQ(KM_ERROR_OK, error);
296 ASSERT_NE(nullptr, read_productid.get());
297 ASSERT_EQ(0, memcmp(write_productid.get(), read_productid.get(),
298 kProductIdSize));
299
300 error = ss_manager->DeleteProductId();
301 ASSERT_EQ(KM_ERROR_OK, error);
302
303 test_abort:;
304 }
305
306 #if defined(KEYMASTER_LEGACY_FORMAT)
307 // Test to verify backward compatibility.
TestFormatChange()308 void TestFormatChange() {
309 keymaster_error_t error = KM_ERROR_OK;
310 keymaster::UniquePtr<uint8_t[]> write_key[2];
311 KeymasterKeyBlob key_blob;
312 bool key_exists = false;
313 AttestationKeySlot key_slots[] = {AttestationKeySlot::kRsa,
314 AttestationKeySlot::kEcdsa};
315 keymaster::UniquePtr<uint8_t[]> write_cert[2][CHAIN_LENGTH];
316 CertificateChain chain;
317
318 SecureStorageManager* ss_manager =
319 SecureStorageManager::get_instance(false);
320 ASSERT_NE(nullptr, ss_manager);
321
322 // Write the key and cert in old format.
323 for (size_t i = 0; i < 2; i++) {
324 AttestationKeySlot key_slot = key_slots[i];
325 write_key[i].reset(NewRandBuf(DATA_SIZE));
326 ASSERT_NE(nullptr, write_key[i].get());
327 error = ss_manager->LegacyWriteKeyToStorage(
328 key_slot, write_key[i].get(), DATA_SIZE);
329 ASSERT_EQ(KM_ERROR_OK, error);
330
331 for (int index = 0; index < CHAIN_LENGTH; index++) {
332 write_cert[i][index].reset(NewRandBuf(DATA_SIZE));
333 ASSERT_NE(nullptr, write_cert[i][index].get());
334
335 error = ss_manager->LegacyWriteCertToStorage(
336 key_slot, write_cert[i][index].get(), DATA_SIZE, index);
337 ASSERT_EQ(KM_ERROR_OK, error);
338 }
339 }
340
341 // Try to translate the format.
342 ss_manager = SecureStorageManager::get_instance();
343 ASSERT_NE(nullptr, ss_manager);
344
345 // Read key and cert out using new format.
346 for (size_t i = 0; i < 2; i++) {
347 AttestationKeySlot key_slot = key_slots[i];
348 key_blob = ss_manager->ReadKeyFromStorage(key_slot, &error);
349 ASSERT_EQ(KM_ERROR_OK, error);
350 ASSERT_EQ(DATA_SIZE, key_blob.key_material_size);
351 ASSERT_NE(nullptr, write_key[i].get());
352 ASSERT_EQ(0, memcmp(write_key[i].get(), key_blob.writable_data(),
353 DATA_SIZE));
354
355 error = ss_manager->AttestationKeyExists(key_slot, &key_exists);
356 ASSERT_EQ(KM_ERROR_OK, error);
357 ASSERT_EQ(true, key_exists);
358 uint32_t cert_chain_length;
359 error = ss_manager->ReadCertChainLength(key_slot, &cert_chain_length);
360 ASSERT_EQ(KM_ERROR_OK, error);
361 ASSERT_EQ(CHAIN_LENGTH, cert_chain_length);
362
363 chain.Clear();
364 error = ss_manager->ReadCertChainFromStorage(key_slot, &chain);
365 ASSERT_EQ(KM_ERROR_OK, error);
366 ASSERT_EQ(CHAIN_LENGTH, chain.entry_count);
367
368 for (int index = 0; index < CHAIN_LENGTH; index++) {
369 ASSERT_EQ(DATA_SIZE, chain.entries[i].data_length);
370 ASSERT_EQ(0, memcmp(write_cert[i][index].get(),
371 chain.entries[index].data, DATA_SIZE));
372 }
373 }
374
375 DeleteAttestationData();
376 ss_manager->DeleteProductId();
377 ss_manager->DeleteAttestationUuid();
378
379 test_abort:;
380 }
381 #endif
382
383 #if defined(KEYMASTER_LEGACY_FORMAT)
TEST(KeymasterFormatChangeTest,TestFormatChange)384 TEST(KeymasterFormatChangeTest, TestFormatChange) {
385 TestFormatChange();
386 }
387 #endif
388
TestLuhnChecksumCalculation()389 void TestLuhnChecksumCalculation() {
390 ASSERT_EQ(0u, calculate_luhn_checksum_digit(0));
391 ASSERT_EQ(3, calculate_luhn_checksum_digit(7992739871ul));
392 ASSERT_EQ(3, calculate_luhn_checksum_digit(7992739871ul));
393 ASSERT_EQ(6, calculate_luhn_checksum_digit(735423462345ul));
394 ASSERT_EQ(4, calculate_luhn_checksum_digit(721367498765427ul));
395 test_abort:;
396 }
397
toBlob(const char * str)398 keymaster_blob_t toBlob(const char* str) {
399 return {reinterpret_cast<const uint8_t*>(str), strlen(str)};
400 }
401
TestSecondImeiValidation()402 void TestSecondImeiValidation() {
403 // First IMEI used throughout the test
404 const uint64_t first_imei = 721367498765404;
405 // Sequential IMEI
406 const char* second_imei = "721367498765412";
407 // Valid IMEI, but not a sequential one
408 const char* second_imei_not_seq = "721367498765420";
409 // Invalid IMEI, not a sequential one.
410 const char* invalid_imei = "721367498765437";
411 // Invalid IMEI: Sequential to first_imei but the checksum digit is wrong.
412 const char* invalid_seq_imei = "721367498765415";
413 ASSERT_EQ(true, validate_second_imei(toBlob(second_imei), first_imei));
414
415 ASSERT_EQ(false,
416 validate_second_imei(toBlob(second_imei_not_seq), first_imei));
417 ASSERT_EQ(false, validate_second_imei(toBlob(invalid_imei), first_imei));
418 ASSERT_EQ(false,
419 validate_second_imei(toBlob(invalid_seq_imei), first_imei));
420 test_abort:;
421 }
422
423 typedef struct {
424 } KeymasterTest_t;
425
KeymasterTest_SetUp(KeymasterTest_t * state)426 static void KeymasterTest_SetUp(KeymasterTest_t* state) {
427 DeleteAttestationData();
428 }
429
KeymasterTest_TearDown(KeymasterTest_t * state)430 static void KeymasterTest_TearDown(KeymasterTest_t* state) {
431 DeleteAttestationData();
432 }
433
TEST_F(KeymasterTest,TestKeyStorageRsa)434 TEST_F(KeymasterTest, TestKeyStorageRsa) {
435 TestKeyStorage(AttestationKeySlot::kRsa);
436 }
437
TEST_F(KeymasterTest,TestKeyStorageEcdsa)438 TEST_F(KeymasterTest, TestKeyStorageEcdsa) {
439 TestKeyStorage(AttestationKeySlot::kEcdsa);
440 }
441
TEST_F(KeymasterTest,TestCertChainStorageRsa)442 TEST_F(KeymasterTest, TestCertChainStorageRsa) {
443 TestCertChainStorage(AttestationKeySlot::kRsa, false);
444 }
445
TEST_F(KeymasterTest,TestCertChainStorageEcdsa)446 TEST_F(KeymasterTest, TestCertChainStorageEcdsa) {
447 TestCertChainStorage(AttestationKeySlot::kEcdsa, false);
448 }
449
TEST_F(KeymasterTest,TestRewriteKey)450 TEST_F(KeymasterTest, TestRewriteKey) {
451 TestKeyStorage(AttestationKeySlot::kRsa);
452 // Rewriting keys should work
453 TestKeyStorage(AttestationKeySlot::kRsa);
454 }
455
TEST_F(KeymasterTest,TestRewriteChain)456 TEST_F(KeymasterTest, TestRewriteChain) {
457 TestCertChainStorage(AttestationKeySlot::kRsa, false);
458 TestCertChainStorage(AttestationKeySlot::kRsa, false);
459 }
460
TEST_F(KeymasterTest,TestCertStorageInvalid)461 TEST_F(KeymasterTest, TestCertStorageInvalid) {
462 TestCertStorageInvalid(AttestationKeySlot::kRsa);
463 }
464
TEST_F(KeymasterTest,TestUuidStorage)465 TEST_F(KeymasterTest, TestUuidStorage) {
466 TestUuidStorage();
467 }
468
TEST_F(KeymasterTest,TestProductIdStorage)469 TEST_F(KeymasterTest, TestProductIdStorage) {
470 TestProductIdStorage();
471 }
472
TEST_F(KeymasterTest,TestLuhnChecksumCalculation)473 TEST_F(KeymasterTest, TestLuhnChecksumCalculation) {
474 TestLuhnChecksumCalculation();
475 }
476
TEST_F(KeymasterTest,TestSecondImeiValidation)477 TEST_F(KeymasterTest, TestSecondImeiValidation) {
478 TestSecondImeiValidation();
479 }
480
481 #ifndef KEYMASTER_DEBUG
TEST_F(KeymasterTest,TestProductIdStoragePreventOverwrite)482 TEST_F(KeymasterTest, TestProductIdStoragePreventOverwrite) {
483 TestProductIdStoragePreventOverwrite();
484 }
485 #endif
486
main(void)487 int main(void) {
488 bool passed1 = RUN_ALL_SUITE_TESTS("KeymasterFormatChangeTest");
489 bool passed2 = RUN_ALL_SUITE_TESTS("KeymasterTest");
490 return (passed1 && passed2) ? 0 : 1;
491 }
492