Merge "Add test ensuring that BCC keys not unique ids" into sc-dev am: 1e3ab5940f
Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/15192756 Change-Id: I62924dde925b421da700bcf95050d58738a9778f
This commit is contained in:
commit
4b5df9c9ba
1 changed files with 49 additions and 1 deletions
|
@ -29,6 +29,7 @@
|
|||
#include <openssl/ec_key.h>
|
||||
#include <openssl/x509.h>
|
||||
#include <remote_prov/remote_prov_utils.h>
|
||||
#include <vector>
|
||||
|
||||
#include "KeyMintAidlTestBase.h"
|
||||
|
||||
|
@ -297,7 +298,8 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
|
|||
}
|
||||
|
||||
void checkProtectedData(const DeviceInfo& deviceInfo, const cppbor::Array& keysToSign,
|
||||
const bytevec& keysToSignMac, const ProtectedData& protectedData) {
|
||||
const bytevec& keysToSignMac, const ProtectedData& protectedData,
|
||||
std::vector<BccEntryData>* bccOutput = nullptr) {
|
||||
auto [parsedProtectedData, _, protDataErrMsg] = cppbor::parse(protectedData.protectedData);
|
||||
ASSERT_TRUE(parsedProtectedData) << protDataErrMsg;
|
||||
ASSERT_TRUE(parsedProtectedData->asArray());
|
||||
|
@ -354,6 +356,10 @@ class CertificateRequestTest : public VtsRemotelyProvisionedComponentTests {
|
|||
|
||||
auto macPayload = verifyAndParseCoseMac0(&coseMac0, *macKey);
|
||||
ASSERT_TRUE(macPayload) << macPayload.message();
|
||||
|
||||
if (bccOutput) {
|
||||
*bccOutput = std::move(*bccContents);
|
||||
}
|
||||
}
|
||||
|
||||
bytevec eekId_;
|
||||
|
@ -386,6 +392,48 @@ TEST_P(CertificateRequestTest, EmptyRequest_testMode) {
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Ensure that test mode outputs a unique BCC root key every time we request a
|
||||
* certificate request. Else, it's possible that the test mode API could be used
|
||||
* to fingerprint devices. Only the GEEK should be allowed to decrypt the same
|
||||
* device public key multiple times.
|
||||
*/
|
||||
TEST_P(CertificateRequestTest, NewKeyPerCallInTestMode) {
|
||||
constexpr bool testMode = true;
|
||||
constexpr size_t eekLength = 2;
|
||||
|
||||
generateEek(eekLength);
|
||||
|
||||
bytevec keysToSignMac;
|
||||
DeviceInfo deviceInfo;
|
||||
ProtectedData protectedData;
|
||||
auto status = provisionable_->generateCertificateRequest(
|
||||
testMode, {} /* keysToSign */, eekChain_.chain, challenge_, &deviceInfo, &protectedData,
|
||||
&keysToSignMac);
|
||||
ASSERT_TRUE(status.isOk()) << status.getMessage();
|
||||
|
||||
std::vector<BccEntryData> firstBcc;
|
||||
checkProtectedData(deviceInfo, /*keysToSign=*/cppbor::Array(), keysToSignMac, protectedData,
|
||||
&firstBcc);
|
||||
|
||||
status = provisionable_->generateCertificateRequest(testMode, {} /* keysToSign */,
|
||||
eekChain_.chain, challenge_, &deviceInfo,
|
||||
&protectedData, &keysToSignMac);
|
||||
ASSERT_TRUE(status.isOk()) << status.getMessage();
|
||||
|
||||
std::vector<BccEntryData> secondBcc;
|
||||
checkProtectedData(deviceInfo, /*keysToSign=*/cppbor::Array(), keysToSignMac, protectedData,
|
||||
&secondBcc);
|
||||
|
||||
// Verify that none of the keys in the first BCC are repeated in the second one.
|
||||
for (const auto& i : firstBcc) {
|
||||
for (auto& j : secondBcc) {
|
||||
ASSERT_THAT(i.pubKey, testing::Not(testing::ElementsAreArray(j.pubKey)))
|
||||
<< "Found a repeated pubkey in two generateCertificateRequest test mode calls";
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate an empty certificate request in prod mode. Generation will fail because we don't have a
|
||||
* valid GEEK.
|
||||
|
|
Loading…
Reference in a new issue