From 59c328b5c00bc72f71fce0debad8f416d399a070 Mon Sep 17 00:00:00 2001 From: Christopher Weimer Date: Wed, 22 Apr 2020 23:18:43 +0000 Subject: [PATCH] Update the unseal flow to support additional capabilities. The Message Unseal command was updated to support: - ECDH seeds - Sealing to multiple PCRs - Different RSA padding schemes The Cerberus protocol version was updated to version 3. --- core/attestation/attestation_slave.c | 49 +- core/attestation/attestation_slave.h | 30 +- core/attestation/aux_attestation.c | 254 +- core/attestation/aux_attestation.h | 57 +- core/attestation/pcr_store.h | 6 +- core/cmd_interface/cerberus_protocol.h | 2 +- .../cerberus_protocol_optional_commands.c | 56 +- .../cerberus_protocol_optional_commands.h | 36 +- core/cmd_interface/cmd_background.h | 17 +- core/cmd_interface/cmd_interface_system.c | 2 +- core/crypto/rsa_mbedtls.c | 11 + core/riot/riot_key_manager.c | 4 +- core/testing/attestation_slave_test.c | 2754 +++---- core/testing/aux_attestation_test.c | 6517 ++++++++++------- core/testing/aux_attestation_testing.h | 8 +- ...cerberus_protocol_optional_commands_test.c | 719 +- ...berus_protocol_optional_commands_testing.h | 30 +- core/testing/cmd_interface_system_test.c | 156 +- core/testing/config_reset_test.c | 9 +- core/testing/keys/rsa3kpriv.pem | 39 + core/testing/keys/rsa3kpub.pem | 11 + core/testing/mctp_interface_control_test.c | 4 +- core/testing/mock/attestation_slave_mock.c | 49 +- core/testing/mock/cmd_background_mock.c | 37 +- core/testing/mock/ecc_mock.c | 2 +- core/testing/rsa_test.c | 237 + core/testing/rsa_testing.h | 17 + projects/freertos/cmd_background_task.c | 109 +- projects/freertos/cmd_background_task.h | 14 +- testing/mock.h | 12 +- 30 files changed, 6204 insertions(+), 5044 deletions(-) create mode 100644 core/testing/keys/rsa3kpriv.pem create mode 100644 core/testing/keys/rsa3kpub.pem diff --git a/core/attestation/attestation_slave.c b/core/attestation/attestation_slave.c index fbadcf7..baab90c 100644 --- a/core/attestation/attestation_slave.c +++ b/core/attestation/attestation_slave.c @@ -226,46 +226,27 @@ cleanup: } static int attestation_aux_attestation_unseal (struct attestation_slave *attestation, - struct hash_engine *hash, const uint8_t *seed, size_t seed_length, const uint8_t *hmac, - const uint8_t *ciphertext, size_t cipher_length, const uint8_t *sealing, uint8_t *key, - size_t key_length, uint8_t platform_pcr) + struct hash_engine *hash, enum aux_attestation_key_length key_type, const uint8_t *seed, + size_t seed_length, enum aux_attestation_seed_type seed_type, + enum aux_attestation_seed_padding seed_padding, const uint8_t *hmac, enum hmac_hash hmac_type, + const uint8_t *ciphertext, size_t cipher_length, const uint8_t sealing[][64], size_t pcr_count, + uint8_t *key, size_t key_length) { - uint8_t measurement[PCR_DIGEST_LENGTH]; - uint8_t *encryption_key = NULL; - size_t encryption_key_len = 0; - int status; - - if ((attestation == NULL) || (key == NULL) || (key_length == 0) || (hash == NULL)) { + if (attestation == NULL) { return ATTESTATION_INVALID_ARGUMENT; } - status = pcr_store_compute (attestation->pcr_store, hash, platform_pcr, measurement); - if (ROT_IS_ERROR (status)) { - return status; - } - - status = aux_attestation_unseal (attestation->aux, hash, seed, seed_length, hmac, - ciphertext, cipher_length, sealing, measurement, &encryption_key, &encryption_key_len); - if (status != 0) { - return status; - } - - if (encryption_key_len > key_length) { - platform_free (encryption_key); - return ATTESTATION_BUF_TOO_SMALL; - } - - memcpy (key, encryption_key, encryption_key_len); - - platform_free (encryption_key); - - return encryption_key_len; + return aux_attestation_unseal (attestation->aux, hash, attestation->pcr_store, key_type, seed, + seed_length, seed_type, seed_padding, hmac, hmac_type, ciphertext, cipher_length, sealing, + pcr_count, key, key_length); } -static int attestation_aux_attestation_unseal_unsupported ( - struct attestation_slave *attestation, struct hash_engine *hash, const uint8_t *seed, - size_t seed_length, const uint8_t *hmac, const uint8_t *ciphertext, size_t cipher_length, - const uint8_t *sealing, uint8_t *key, size_t key_length, uint8_t platform_pcr) +static int attestation_aux_attestation_unseal_unsupported (struct attestation_slave *attestation, + struct hash_engine *hash, enum aux_attestation_key_length key_type, const uint8_t *seed, + size_t seed_length, enum aux_attestation_seed_type seed_type, + enum aux_attestation_seed_padding seed_padding, const uint8_t *hmac, enum hmac_hash hmac_type, + const uint8_t *ciphertext, size_t cipher_length, const uint8_t sealing[][64], size_t pcr_count, + uint8_t *key, size_t key_length) { return ATTESTATION_UNSUPPORTED_OPERATION; } diff --git a/core/attestation/attestation_slave.h b/core/attestation/attestation_slave.h index 7e452e9..38c9d10 100644 --- a/core/attestation/attestation_slave.h +++ b/core/attestation/attestation_slave.h @@ -59,23 +59,31 @@ struct attestation_slave { * Unseal an encryption key for auxiliary attestation flows. * * @param attestation The slave attestation manager interface to utilize. - * @param hash Hashing engine to utilize. - * @param seed The request seed encrypted with the attestation public key. - * @param seed_length The length of the request seed. - * @param hmac The HMAC for the attestation request. This is an HMAC-SHA256 value. + * @param hash The hash engine to use for unsealing. + * @param key_type The length of the encryption and signing keys that will be generated. + * @param seed The obfuscated seed to use for key derivation. + * @param seed_length The length of the obfuscated seed. + * @param seed_type The method to use for determining the KDF seed. + * @param seed_padding The type of padding used to encrypt the seed. For ECDH seeds, this value + * does not matter and can be anything. + * @param hmac HMAC of the ciphertext and sealing data using the signing key. + * @param hmac_type The type of HMAC used. * @param ciphertext The encrypted attestation data. * @param cipher_length Length of the encrypted data. - * @param sealing A 64-byte sealing value for the attestation data. + * @param sealing A list of 64-byte sealing values for the attestation data. + * @param pcr_count The number of PCRs used for sealing. * @param key Output for the unsealed encryption key that will decrypt the attestation data. - * @param key_length Length of the key buffer. - * @param platform_pcr PCR to utilize for platform measurement. + * @param key_length Length of the encryption key buffer. This must be large enough to support + * the requested key length. * - * @return Encryption key length if the unsealing was successful or an error code. + * @return 0 if the unsealing was successful or an error code. */ int (*aux_attestation_unseal) (struct attestation_slave *attestation, struct hash_engine *hash, - const uint8_t *seed, size_t seed_length, const uint8_t *hmac, const uint8_t *ciphertext, - size_t cipher_length, const uint8_t *sealing, uint8_t *key, size_t key_length, - uint8_t platform_pcr); + enum aux_attestation_key_length key_type, const uint8_t *seed, size_t seed_length, + enum aux_attestation_seed_type seed_type, enum aux_attestation_seed_padding seed_padding, + const uint8_t *hmac, enum hmac_hash hmac_type, const uint8_t *ciphertext, + size_t cipher_length, const uint8_t sealing[][64], size_t pcr_count, uint8_t *key, + size_t key_length); /** * Decrypt a payload using the the auxiliary attestation key. diff --git a/core/attestation/aux_attestation.c b/core/attestation/aux_attestation.c index 446f813..04d4188 100644 --- a/core/attestation/aux_attestation.c +++ b/core/attestation/aux_attestation.c @@ -29,15 +29,19 @@ static const char AUX_ATTESTATION_SIGNING_LABEL[] = "signing key"; * Initialize the handler for auxiliary attestation requests. * * @param aux The attestation handler to initialize. - * @param keystore The keystore used to store the private key. - * @param rsa The RSA engine to use with the private key. + * @param keystore The keystore used to store the RSA private key. This can be null if RSA is not + * supported. + * @param rsa The RSA engine to use with the private key. Set to null if RSA is not supported. + * @param riot The RIoT keys to use for ECC operations. This can be null if ECC is not supported. + * @param ecc The ECC engine to use with RIoT keys. Set to null if ECC is not supported. * * @return 0 if the attestation handler was successfully initialized or an error code. */ int aux_attestation_init (struct aux_attestation *aux, struct keystore *keystore, - struct rsa_engine *rsa) + struct rsa_engine *rsa, struct riot_key_manager *riot, struct ecc_engine *ecc) { - if ((aux == NULL) || (keystore == NULL) || (rsa == NULL)) { + if ((aux == NULL) || ((rsa != NULL) && (keystore == NULL)) || + ((ecc != NULL) && (riot == NULL))) { return AUX_ATTESTATION_INVALID_ARGUMENT; } @@ -45,6 +49,8 @@ int aux_attestation_init (struct aux_attestation *aux, struct keystore *keystore aux->keystore = keystore; aux->rsa = rsa; + aux->riot = riot; + aux->ecc = ecc; return 0; } @@ -97,6 +103,10 @@ int aux_attestation_generate_key (struct aux_attestation *aux) return AUX_ATTESTATION_INVALID_ARGUMENT; } + if (aux->rsa == NULL) { + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; + } + status = aux->rsa->generate_key (aux->rsa, &rsa_key, AUX_ATTESTATION_KEY_BITS); if (status != 0) { return status; @@ -129,6 +139,10 @@ int aux_attestation_erase_key (struct aux_attestation *aux) return AUX_ATTESTATION_INVALID_ARGUMENT; } + if (aux->rsa == NULL) { + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; + } + /* There is no synchronization on these calls, but that shouldn't be an issue. This will only * get called in very rare scenarios and/or development situations. The certificate and key * are also only rarely used, reducing the chance of conflict. */ @@ -169,6 +183,10 @@ int aux_attestation_create_certificate (struct aux_attestation *aux, struct x509 return AUX_ATTESTATION_INVALID_ARGUMENT; } + if (aux->rsa == NULL) { + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; + } + status = aux->keystore->load_key (aux->keystore, 0, &priv, &length); if (status != 0) { return status; @@ -232,6 +250,10 @@ int aux_attestation_set_certificate (struct aux_attestation *aux, uint8_t *cert, return AUX_ATTESTATION_INVALID_ARGUMENT; } + if (aux->rsa == NULL) { + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; + } + if (aux->cert.cert) { return AUX_ATTESTATION_HAS_CERTIFICATE; } @@ -290,72 +312,158 @@ const struct der_cert* aux_attestation_get_certificate (struct aux_attestation * * * @param aux The attestation handler to run. * @param hash The hash engine to use for unsealing. - * @param seed The request seed encrypted with the attestation public key. - * @param seed_length The length of the request seed. - * @param hmac The HMAC for the attestation request. This is an HMAC-SHA256 value. + * @param pcr Local PCRs to use for sealing verification. + * @param key_type The length of the encryption and signing keys that will be generated. + * @param seed The obfuscated seed to use for key derivation. + * @param seed_length The length of the obfuscated seed. + * @param seed_type The method to use for determining the KDF seed. + * @param seed_padding The padding method used when encrypting the seed. This parameter does not + * matter for ECDH seeds and can be set to anything in those cases. + * @param hmac HMAC of the ciphertext and sealing data using the signing key. + * @param hmac_type The type of HMAC used. * @param ciphertext The encrypted attestation data. * @param cipher_length Length of the encrypted data. - * @param sealing A 64-byte sealing value for the attestation data. - * @param pcr The platform PCR from local firmware measurements. This is an HMAC-SHA256 value. - * @param key Output for the unsealed encryption key that will decrypt the attestation data. This - * is a dynamically allocated buffer and is the responsibility of the caller to free. This will be - * null on error. - * @param key_length Output for the length of the encryption key. + * @param sealing A list of 64-byte sealing values for the attestation data. + * @param pcr_count The number of PCRs used for sealing. + * @param key Output for the unsealed encryption key that will decrypt the attestation data. + * @param key_length Length of the encryption key buffer. This must be large enough to support the + * requested key length. * * @return 0 if the unsealing was successful or an error code. */ int aux_attestation_unseal (struct aux_attestation *aux, struct hash_engine *hash, - const uint8_t *seed, size_t seed_length, const uint8_t *hmac, const uint8_t *ciphertext, - size_t cipher_length, const uint8_t *sealing, const uint8_t *pcr, uint8_t **key, - size_t *key_length) + struct pcr_store *pcr, enum aux_attestation_key_length key_type, const uint8_t *seed, + size_t seed_length, enum aux_attestation_seed_type seed_type, + enum aux_attestation_seed_padding seed_padding, const uint8_t *hmac, enum hmac_hash hmac_type, + const uint8_t *ciphertext, size_t cipher_length, const uint8_t sealing[][64], size_t pcr_count, + uint8_t *key, size_t key_length) { - struct rsa_private_key priv; - uint8_t *priv_der; - size_t priv_length; uint8_t secret[AUX_ATTESTATION_KEY_BYTES]; - int secret_length; + int secret_length = 0; struct hmac_engine run_hmac; uint8_t i[4] = {0}; uint8_t L[4] = {0}; - uint8_t signing_key[SHA256_HASH_LENGTH]; + uint8_t signing_key[AUX_ATTESTATION_KEY_256BIT]; uint8_t payload_hmac[SHA256_HASH_LENGTH]; - bool bypass = true; + uint8_t pcr_value[SHA256_HASH_LENGTH]; + bool bypass; int j; + int k; int status; - if (key == NULL) { - return AUX_ATTESTATION_INVALID_ARGUMENT; - } - - *key = NULL; - if ((aux == NULL) || (hash == NULL) || (seed == NULL) || (seed_length == 0) || + if ((aux == NULL) || (hash == NULL) || (pcr == NULL) || (seed == NULL) || (seed_length == 0) || (hmac == NULL) || (ciphertext == NULL) || (cipher_length == 0) || (sealing == NULL) || - (pcr == NULL) || (key_length == NULL)) { + (pcr_count == 0) || (key == NULL)) { return AUX_ATTESTATION_INVALID_ARGUMENT; } - status = aux->keystore->load_key (aux->keystore, 0, &priv_der, &priv_length); + if (key_type != AUX_ATTESTATION_KEY_256BIT) { + return AUX_ATTESTATION_UNSUPPORTED_KEY_LENGTH; + } + + if (hmac_type != HMAC_SHA256) { + return AUX_ATTESTATION_UNSUPPORTED_HMAC; + } + + if (key_length < AUX_ATTESTATION_KEY_256BIT) { + return AUX_ATTESTATION_BUFFER_TOO_SMALL; + } + + /* Get the key derivation seed. */ + switch (seed_type) { + case AUX_ATTESTATION_SEED_RSA: { + struct rsa_private_key priv; + uint8_t *priv_der; + size_t priv_length; + enum hash_type padding; + + if (aux->rsa == NULL) { + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; + } + + switch (seed_padding) { + case AUX_ATTESTATION_PADDING_OAEP_SHA1: + padding = HASH_TYPE_SHA1; + break; + + case AUX_ATTESTATION_PADDING_OAEP_SHA256: + padding = HASH_TYPE_SHA256; + break; + + default: + return AUX_ATTESTATION_BAD_SEED_PADDING; + } + + status = aux->keystore->load_key (aux->keystore, 0, &priv_der, &priv_length); + if (status != 0) { + return status; + } + + status = aux->rsa->init_private_key (aux->rsa, &priv, priv_der, priv_length); + if (status != 0) { + goto rsa_init_error; + } + + secret_length = aux->rsa->decrypt (aux->rsa, &priv, seed, seed_length, NULL, 0, padding, + secret, sizeof (secret)); + if (ROT_IS_ERROR (secret_length)) { + status = secret_length; + } + + aux->rsa->release_key (aux->rsa, &priv); +rsa_init_error: + riot_core_clear (priv_der, priv_length); + platform_free (priv_der); + break; + } + +#ifdef ECC_ENABLE_ECDH + case AUX_ATTESTATION_SEED_ECDH: { + struct ecc_private_key priv; + struct ecc_public_key pub; + const struct riot_keys *keys; + + if (aux->ecc == NULL) { + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; + } + + status = aux->ecc->init_public_key (aux->ecc, seed, seed_length, &pub); + if (status != 0) { + return status; + } + + keys = riot_key_manager_get_riot_keys (aux->riot); + status = aux->ecc->init_key_pair (aux->ecc, keys->alias_key, keys->alias_key_length, + &priv, NULL); + riot_key_manager_release_riot_keys (aux->riot, keys); + if (status != 0) { + goto ecc_init_error; + } + + secret_length = aux->ecc->compute_shared_secret (aux->ecc, &priv, &pub, secret, + sizeof (secret)); + if (ROT_IS_ERROR (secret_length)) { + status = secret_length; + } + + aux->ecc->release_key_pair (aux->ecc, &priv, NULL); +ecc_init_error: + aux->ecc->release_key_pair (aux->ecc, NULL, &pub); + break; + } +#else + case AUX_ATTESTATION_SEED_ECDH: + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; +#endif + + default: + return AUX_ATTESTATION_UNKNOWN_SEED; + } + if (status != 0) { return status; } - /* Decrypt the key derivation seed. */ - status = aux->rsa->init_private_key (aux->rsa, &priv, priv_der, priv_length); - if (status != 0) { - goto rsa_init_error; - } - - secret_length = aux->rsa->decrypt (aux->rsa, &priv, seed, seed_length, NULL, 0, - HASH_TYPE_SHA1, secret, sizeof (secret)); - if (ROT_IS_ERROR (secret_length)) { - status = secret_length; - goto rsa_decrypt_error; - } - - aux->rsa->release_key (aux->rsa, &priv); - riot_core_clear (priv_der, priv_length); - platform_free (priv_der); - i[3] = 1; L[2] = 1; @@ -397,7 +505,7 @@ int aux_attestation_unseal (struct aux_attestation *aux, struct hash_engine *has goto hmac_error; } - status = hash_hmac_update (&run_hmac, sealing, 64); + status = hash_hmac_update (&run_hmac, sealing[0], 64 * pcr_count); if (status != 0) { goto hmac_error; } @@ -411,16 +519,28 @@ int aux_attestation_unseal (struct aux_attestation *aux, struct hash_engine *has return AUX_ATTESTATION_HMAC_MISMATCH; } - j = 0; - while (bypass && (j < 64)) { - if (sealing[j++] != 0) { - bypass = false; + for (k = 0; k < pcr_count; k++) { + j = 0; + bypass = true; + while (bypass && (j < 64)) { + if (sealing[k][j++] != 0) { + if (j < 32) { + /* The first 32-bytes are unused and must be 0. */ + return AUX_ATTESTATION_PCR_MISMATCH; + } + bypass = false; + } } - } - if (!bypass) { - if (memcmp (pcr, &sealing[32], SHA256_HASH_LENGTH) != 0) { - return AUX_ATTESTATION_PCR_MISMATCH; + if (!bypass) { + status = pcr_store_compute (pcr, hash, k, pcr_value); + if (ROT_IS_ERROR (status)) { + return status; + } + + if (memcmp (pcr_value, &sealing[k][32], SHA256_HASH_LENGTH) != 0) { + return AUX_ATTESTATION_PCR_MISMATCH; + } } } @@ -446,29 +566,13 @@ int aux_attestation_unseal (struct aux_attestation *aux, struct hash_engine *has goto hmac_error; } - *key = platform_malloc (SHA256_HASH_LENGTH); - if (*key == NULL) { - status = AUX_ATTESTATION_NO_MEMORY; - goto hmac_error; - } - - status = hash_hmac_finish (&run_hmac, *key, SHA256_HASH_LENGTH); + status = hash_hmac_finish (&run_hmac, key, SHA256_HASH_LENGTH); if (status != 0) { - platform_free (*key); - *key = NULL; return status; } - *key_length = SHA256_HASH_LENGTH; return 0; -rsa_decrypt_error: - aux->rsa->release_key (aux->rsa, &priv); -rsa_init_error: - riot_core_clear (priv_der, priv_length); - platform_free (priv_der); - return status; - hmac_error: hash_hmac_cancel (&run_hmac); return status; @@ -501,6 +605,10 @@ int aux_attestation_decrypt (struct aux_attestation *aux, const uint8_t *encrypt return AUX_ATTESTATION_INVALID_ARGUMENT; } + if (aux->rsa == NULL) { + return AUX_ATTESTATION_UNSUPPORTED_CRYPTO; + } + status = aux->keystore->load_key (aux->keystore, 0, &priv_der, &priv_length); if (status != 0) { return status; diff --git a/core/attestation/aux_attestation.h b/core/attestation/aux_attestation.h index c44cb7c..830713a 100644 --- a/core/attestation/aux_attestation.h +++ b/core/attestation/aux_attestation.h @@ -10,25 +10,56 @@ #include "status/rot_status.h" #include "keystore/keystore.h" #include "crypto/rsa.h" +#include "crypto/ecc.h" #include "crypto/hash.h" #include "crypto/x509.h" #include "crypto/rng.h" #include "common/certificate.h" +#include "attestation/pcr_store.h" +#include "riot/riot_key_manager.h" +#include "cmd_interface/cerberus_protocol_optional_commands.h" +/** + * The types of seeds that can be used for attestation unsealing. + */ +enum aux_attestation_seed_type { + AUX_ATTESTATION_SEED_RSA = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA, /**< Attestation seed is RSA encrypted. */ + AUX_ATTESTATION_SEED_ECDH = CERBERUS_PROTOCOL_UNSEAL_SEED_ECDH /**< Attestation seed is an ECC public key. */ +}; + +/** + * The padding types possible for the encrypted seed. + */ +enum aux_attestation_seed_padding { + AUX_ATTESTATION_PADDING_PKCS15 = CERBERUS_PROTOCOL_UNSEAL_RSA_PKCS15, /**< Attestation seed is padded per PKCS#1 v1.5. */ + AUX_ATTESTATION_PADDING_OAEP_SHA1 = CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA1, /**< Attestation seed is OAEP padded with SHA1. */ + AUX_ATTESTATION_PADDING_OAEP_SHA256 = CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA256, /**< Attestation seed is OAEP padded with SHA256. */ + AUX_ATTESTATION_PADDING_UNSPECIFIED = 0xff /**< Seed uses an unspecified padding scheme. */ +}; + +/** + * Supported encryption and signing key lengths that can be generated. + */ +enum aux_attestation_key_length { + AUX_ATTESTATION_KEY_256BIT = SHA256_HASH_LENGTH /**< Generate 256-bit signing and encryption keys. */ +}; + /** * Handler for providing an auxiliary method of attestation. */ struct aux_attestation { struct keystore *keystore; /**< Storage for the attestation private key. */ struct rsa_engine *rsa; /**< Interface for RSA operations with the private key. */ + struct riot_key_manager *riot; /**< Storage for the ECC attestation key. */ + struct ecc_engine *ecc; /**< Interface for ECC unsealing operations. */ struct der_cert cert; /**< The certificate for the attestation private key. */ bool is_static; /**< Flag indicating if the certificate is in static memory. */ }; int aux_attestation_init (struct aux_attestation *aux, struct keystore *keystore, - struct rsa_engine *rsa); + struct rsa_engine *rsa, struct riot_key_manager *riot, struct ecc_engine *ecc); void aux_attestation_release (struct aux_attestation *aux); int aux_attestation_generate_key (struct aux_attestation *aux); @@ -43,9 +74,11 @@ int aux_attestation_set_static_certificate (struct aux_attestation *aux, const u const struct der_cert* aux_attestation_get_certificate (struct aux_attestation *aux); int aux_attestation_unseal (struct aux_attestation *aux, struct hash_engine *hash, - const uint8_t *seed, size_t seed_length, const uint8_t *hmac, const uint8_t *ciphertext, - size_t cipher_length, const uint8_t *sealing, const uint8_t *pcr, uint8_t **key, - size_t *key_length); + struct pcr_store *pcr, enum aux_attestation_key_length key_type, const uint8_t *seed, + size_t seed_length, enum aux_attestation_seed_type seed_type, + enum aux_attestation_seed_padding padding, const uint8_t *hmac, enum hmac_hash hmac_type, + const uint8_t *ciphertext, size_t cipher_length, const uint8_t sealing[][64], size_t pcr_count, + uint8_t *key, size_t key_length); int aux_attestation_decrypt (struct aux_attestation *aux, const uint8_t *encrypted, size_t len_encrypted, const uint8_t *label, size_t len_label, enum hash_type pad_hash, @@ -58,11 +91,17 @@ int aux_attestation_decrypt (struct aux_attestation *aux, const uint8_t *encrypt * Error codes that can be generated by an auxiliary attestation handler. */ enum { - AUX_ATTESTATION_INVALID_ARGUMENT = AUX_ATTESTATION_ERROR (0x00), /**< Input parameter is null or not valid. */ - AUX_ATTESTATION_NO_MEMORY = AUX_ATTESTATION_ERROR (0x01), /**< Memory allocation failed. */ - AUX_ATTESTATION_HAS_CERTIFICATE = AUX_ATTESTATION_ERROR (0x02), /**< A certificate has already been provisioned. */ - AUX_ATTESTATION_PCR_MISMATCH = AUX_ATTESTATION_ERROR (0x03), /**< The sealing policy doesn't match local PCR0. */ - AUX_ATTESTATION_HMAC_MISMATCH = AUX_ATTESTATION_ERROR (0x04), /**< The payload failed verification against the HMAC. */ + AUX_ATTESTATION_INVALID_ARGUMENT = AUX_ATTESTATION_ERROR (0x00), /**< Input parameter is null or not valid. */ + AUX_ATTESTATION_NO_MEMORY = AUX_ATTESTATION_ERROR (0x01), /**< Memory allocation failed. */ + AUX_ATTESTATION_HAS_CERTIFICATE = AUX_ATTESTATION_ERROR (0x02), /**< A certificate has already been provisioned. */ + AUX_ATTESTATION_PCR_MISMATCH = AUX_ATTESTATION_ERROR (0x03), /**< The sealing policy doesn't match the local PCRs. */ + AUX_ATTESTATION_HMAC_MISMATCH = AUX_ATTESTATION_ERROR (0x04), /**< The payload failed verification against the HMAC. */ + AUX_ATTESTATION_UNSUPPORTED_CRYPTO = AUX_ATTESTATION_ERROR (0x05), /**< The asymmetric crypto algorithm is not supported. */ + AUX_ATTESTATION_UNSUPPORTED_KEY_LENGTH = AUX_ATTESTATION_ERROR (0x06), /**< The requested key length is not supported. */ + AUX_ATTESTATION_UNSUPPORTED_HMAC = AUX_ATTESTATION_ERROR (0x07), /**< The HMAC algorithm is not supported. */ + AUX_ATTESTATION_UNKNOWN_SEED = AUX_ATTESTATION_ERROR (0x08), /**< Unknown seed algorithm. */ + AUX_ATTESTATION_BUFFER_TOO_SMALL = AUX_ATTESTATION_ERROR (0x09), /**< Output buffer too small. */ + AUX_ATTESTATION_BAD_SEED_PADDING = AUX_ATTESTATION_ERROR (0x0a), /**< Seed padding type is invalid or unsupported. */ }; diff --git a/core/attestation/pcr_store.h b/core/attestation/pcr_store.h index 06b53d6..7be00d2 100644 --- a/core/attestation/pcr_store.h +++ b/core/attestation/pcr_store.h @@ -53,10 +53,10 @@ struct pcr_store_tcg_log_entry { int pcr_store_init (struct pcr_store *store, uint8_t *num_pcr_measurements, size_t num_pcr); void pcr_store_release (struct pcr_store *store); -int pcr_store_check_measurement_type(struct pcr_store *store, uint16_t measurement_type); +int pcr_store_check_measurement_type (struct pcr_store *store, uint16_t measurement_type); int pcr_store_get_num_banks (struct pcr_store *store); -int pcr_store_update_digest (struct pcr_store *store, uint16_t measurement_type, +int pcr_store_update_digest (struct pcr_store *store, uint16_t measurement_type, const uint8_t *digest, size_t digest_len); int pcr_store_update_buffer (struct pcr_store *store, struct hash_engine *hash, uint16_t measurement_type, const uint8_t *buf, size_t buf_len); @@ -67,7 +67,7 @@ int pcr_store_get_measurement (struct pcr_store *store, uint16_t measurement_typ struct pcr_measurement *measurement); int pcr_store_invalidate_measurement (struct pcr_store *store, uint16_t measurement_type); -int pcr_store_get_tcg_log (struct pcr_store *store, struct hash_engine *hash, uint32_t offset, +int pcr_store_get_tcg_log (struct pcr_store *store, struct hash_engine *hash, uint32_t offset, uint8_t *contents, size_t length); int pcr_store_get_tcg_log_size (struct pcr_store *store); diff --git a/core/cmd_interface/cerberus_protocol.h b/core/cmd_interface/cerberus_protocol.h index 7cce2a8..73b7765 100644 --- a/core/cmd_interface/cerberus_protocol.h +++ b/core/cmd_interface/cerberus_protocol.h @@ -12,7 +12,7 @@ #define CERBERUS_PROTOCOL_MAX_PAYLOAD_PER_MSG (MCTP_PROTOCOL_MAX_MESSAGE_BODY - CERBERUS_PROTOCOL_MIN_MSG_LEN) #define CERBERUS_PROTOCOL_MSFT_PCI_VID 0x1414 -#define CERBERUS_PROTOCOL_PROTOCOL_VERSION 2 +#define CERBERUS_PROTOCOL_PROTOCOL_VERSION 3 /** diff --git a/core/cmd_interface/cerberus_protocol_optional_commands.c b/core/cmd_interface/cerberus_protocol_optional_commands.c index 4fea591..f531313 100644 --- a/core/cmd_interface/cerberus_protocol_optional_commands.c +++ b/core/cmd_interface/cerberus_protocol_optional_commands.c @@ -681,60 +681,56 @@ int cerberus_protocol_get_host_reset_status (struct host_control *host_0_ctrl, * * @param background Command background instance to utilize * @param request Unseal request to process - * @param platform_pcr PCR to utilize for platform measurement * * @return 0 if processing completed successfully or an error code. */ int cerberus_protocol_unseal_message (struct cmd_background *background, - struct cmd_interface_request *request, uint8_t platform_pcr) + struct cmd_interface_request *request) { - uint16_t seed_len; - uint16_t cipher_len; - uint16_t seed_offset; - uint16_t cipher_offset; - uint16_t hmac_offset; - uint16_t sealing_offset; + struct cerberus_protocol_message_unseal *rq = + (struct cerberus_protocol_message_unseal*) request->data; + uint8_t *end = request->data + request->length; + int status; request->crypto_timeout = true; - if ((CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)) > request->length) { + if (request->length < sizeof (struct cerberus_protocol_message_unseal)) { return CMD_HANDLER_BAD_LENGTH; } - memcpy (&seed_len, &request->data[CERBERUS_PROTOCOL_MIN_MSG_LEN], sizeof (seed_len)); - if (seed_len == 0) { + if ((rq->hmac_type != CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256) || + (rq->seed_type > CERBERUS_PROTOCOL_UNSEAL_SEED_ECDH)) { + return CMD_HANDLER_OUT_OF_RANGE; + } + + if ((rq->seed_type == CERBERUS_PROTOCOL_UNSEAL_SEED_RSA) && + (rq->seed_params.rsa.padding > CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA256)) { + return CMD_HANDLER_OUT_OF_RANGE; + } + + if ((rq->seed_length == 0) || (cerberus_protocol_unseal_ciphertext_length_ptr (rq) >= end)) { return CMD_HANDLER_BAD_LENGTH; } - if ((CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + seed_len + sizeof (cipher_len)) > - request->length) { + if ((cerberus_protocol_unseal_ciphertext_length (rq) == 0) || + (cerberus_protocol_unseal_hmac_length_ptr (rq) >= end)) { return CMD_HANDLER_BAD_LENGTH; } - seed_offset = CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len); - - memcpy (&cipher_len, &request->data[seed_offset + seed_len], sizeof (cipher_len)); - if (cipher_len == 0) { + if ((cerberus_protocol_unseal_hmac_length (rq) != SHA256_HASH_LENGTH) || + ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (rq) >= end)) { return CMD_HANDLER_BAD_LENGTH; } - cipher_offset = seed_offset + seed_len + sizeof (cipher_len); - hmac_offset = cipher_offset + cipher_len; - sealing_offset = hmac_offset + SHA256_HASH_LENGTH; - - if ((sealing_offset + 64) != request->length) { + if (((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (rq) + + sizeof (struct cerberus_protocol_unseal_pmrs)) != end) { return CMD_HANDLER_BAD_LENGTH; } + status = background->unseal_start (background, request->data, request->length); + request->length = 0; - if (background != NULL) { - return background->unseal_start (background, &request->data[seed_offset], seed_len, - &request->data[hmac_offset], &request->data[cipher_offset], cipher_len, - &request->data[sealing_offset], platform_pcr); - } - else { - return CMD_HANDLER_UNSUPPORTED_COMMAND; - } + return status; } /** diff --git a/core/cmd_interface/cerberus_protocol_optional_commands.h b/core/cmd_interface/cerberus_protocol_optional_commands.h index 7eae286..f0efcc8 100644 --- a/core/cmd_interface/cerberus_protocol_optional_commands.h +++ b/core/cmd_interface/cerberus_protocol_optional_commands.h @@ -64,11 +64,30 @@ enum { CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256 = 0 /**< Unseal HMAC using SHA-256 */ }; +/** + * Identifier for the unsealing seed type. + */ enum { CERBERUS_PROTOCOL_UNSEAL_SEED_RSA = 0, /**< Unseal seed is RSA encrypted */ - CERBERUS_PROTOCOL_UNSEAL_SEED_ECC /**< Unseal seed uses ECDH */ + CERBERUS_PROTOCOL_UNSEAL_SEED_ECDH /**< Unseal seed uses ECDH */ }; +/** + * Identifier for unsealing RSA parameters. + */ +enum { + CERBERUS_PROTOCOL_UNSEAL_RSA_PKCS15 = 0, /**< Seed is encrypted with PKCS 1.5 padding */ + CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA1, /**< Seed is encrypted with OAEP-SHA1 padding */ + CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA256, /**< Seed is encrypted with OAEP-SHA256 padding */ +}; + +/** + * Maximum number of PMRs that can be used for unsealing. + * + * + */ +#define CERBERUS_PROTOCOL_MAX_PMR 5 + #pragma pack(push, 1) /** @@ -494,6 +513,15 @@ struct cerberus_protocol_message_unseal { uint8_t seed_type:2; /**< Type of seed used for unsealing */ uint8_t hmac_type:3; /**< Type of HMAC used for unsealing */ uint8_t reserved:3; /**< Unused */ + union { + struct { + uint8_t padding:3; /**< RSA encryption padding scheme */ + uint8_t reserved:5; /**< Unused */ + } rsa; + struct { + uint8_t reserved; /**< Unused. */ + } ecdh; + } seed_params; /**< Additional parameters for the seed */ uint16_t seed_length; /**< Length of the unsealing seed */ uint8_t seed; /**< First byte of the unsealing seed */ }; @@ -502,7 +530,7 @@ struct cerberus_protocol_message_unseal { * PMRs used for unsealing a message. */ struct cerberus_protocol_unseal_pmrs { - uint8_t pmr[5][64]; /**< PMRs used for sealing */ + uint8_t pmr[CERBERUS_PROTOCOL_MAX_PMR][64]; /**< PMRs used for sealing */ }; /** @@ -546,7 +574,7 @@ struct cerberus_protocol_unseal_pmrs { * struct cerberus_protocol_unseal_pmrs. */ #define cerberus_protocol_get_unseal_pmr_sealing(req) \ - (struct cerberus_protocol_unseal_pmrs*) (cerberus_protocol_unseal_hmac (req) + cerberus_protocol_unseal_hmac_length (req)) + ((const struct cerberus_protocol_unseal_pmrs*) (cerberus_protocol_unseal_hmac (req) + cerberus_protocol_unseal_hmac_length (req))) /** * Cerberus protocol message unseal result request format @@ -625,7 +653,7 @@ int cerberus_protocol_get_host_reset_status (struct host_control *host_0_ctrl, struct host_control *host_1_ctrl, struct cmd_interface_request *request); int cerberus_protocol_unseal_message (struct cmd_background *background, - struct cmd_interface_request *request, uint8_t platform_pcr); + struct cmd_interface_request *request); int cerberus_protocol_unseal_message_result (struct cmd_background *background, struct cmd_interface_request *request); diff --git a/core/cmd_interface/cmd_background.h b/core/cmd_interface/cmd_background.h index 256d958..60a8697 100644 --- a/core/cmd_interface/cmd_background.h +++ b/core/cmd_interface/cmd_background.h @@ -35,26 +35,21 @@ struct cmd_background { * Process an attestation payload to unseal the device encryption key. * * @param cmd The background context for executing the operation. - * @param seed The request seed encrypted with the attestation public key. - * @param seed_length The length of the request seed. - * @param hmac The HMAC for the attestation request. This is an HMAC-SHA256 value. - * @param ciphertext The encrypted attestation data. - * @param cipher_length Length of the encrypted data. - * @param sealing A 64-byte sealing value for the attestation data. - * @param platform_pcr PCR to utilize as platform measurement. + * @param unseal_request Buffer containing the complete unseal request to execute. The request + * should be validated for correctness before passing it here. + * @param length Length of the unseal request. * * @return 0 if the action was successfully scheduled or an error code. */ - int (*unseal_start) (struct cmd_background *cmd, const uint8_t *seed, size_t seed_length, - const uint8_t *hmac, const uint8_t *ciphertext, size_t cipher_length, - const uint8_t *sealing, uint8_t platform_pcr); + int (*unseal_start) (struct cmd_background *cmd, const uint8_t *unseal_request, size_t length); /** * Get the result of the last unseal operation requested. * * @param cmd The background context for executing the operation. * @param key Output for the unsealed encryption key that will decrypt the attestation data. - * @param key_length Length of the key buffer as input, then key length as output. + * @param key_length Length of the key buffer as input, then key length as output. This will be + * 0 if the unseal operation has not successfully completed. * @param unseal_status Output buffer with the unsealing status. The lower 8 bits will be the * status as per {@link enum attestation_cmd_status}. The rest of the bits will be the return * code from the operation. diff --git a/core/cmd_interface/cmd_interface_system.c b/core/cmd_interface/cmd_interface_system.c index b04dbd1..f38811f 100644 --- a/core/cmd_interface/cmd_interface_system.c +++ b/core/cmd_interface/cmd_interface_system.c @@ -161,7 +161,7 @@ int cmd_interface_system_process_request (struct cmd_interface *intf, return cerberus_protocol_reset_counter (interface->cmd_device, request); case CERBERUS_PROTOCOL_UNSEAL_MESSAGE: - return cerberus_protocol_unseal_message (interface->background, request, 0); + return cerberus_protocol_unseal_message (interface->background, request); case CERBERUS_PROTOCOL_UNSEAL_MESSAGE_RESULT: return cerberus_protocol_unseal_message_result (interface->background, request); diff --git a/core/crypto/rsa_mbedtls.c b/core/crypto/rsa_mbedtls.c index b42a776..948e243 100644 --- a/core/crypto/rsa_mbedtls.c +++ b/core/crypto/rsa_mbedtls.c @@ -301,6 +301,17 @@ static int rsa_mbedtls_decrypt (struct rsa_engine *engine, const struct rsa_priv return RSA_ENGINE_UNSUPPORTED_HASH_TYPE; } +#ifndef MBEDTLS_SHA1_C + if (pad_hash == HASH_TYPE_SHA1) { + return RSA_ENGINE_UNSUPPORTED_HASH_TYPE; + } +#endif +#ifndef MBEDTLS_SHA256_C + if (pad_hash == HASH_TYPE_SHA256) { + return RSA_ENGINE_UNSUPPORTED_HASH_TYPE; + } +#endif + if (pad_hash == HASH_TYPE_SHA256) { mbedtls_rsa_set_padding (rsa_mbedtls_get_rsa_key (key), MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256); diff --git a/core/riot/riot_key_manager.c b/core/riot/riot_key_manager.c index 38a2c69..c5abd8c 100644 --- a/core/riot/riot_key_manager.c +++ b/core/riot/riot_key_manager.c @@ -395,11 +395,11 @@ exit: /** * Get the RIoT Core device keys. Updates to the RIoT keys will be blocked until the caller - * indicates they are finished using them by calling {@link riot_key_manager_release_riot_keys}. + * indicates they are finished using them by calling riot_key_manager_release_riot_keys(). * * @param riot The RIoT key manager to query. * - * @return The RIoT keys or null. If not null, {@link riot_key_manager_release_riot_keys} must be + * @return The RIoT keys or null. If not null, riot_key_manager_release_riot_keys() must be * called after the keys are used. */ const struct riot_keys* riot_key_manager_get_riot_keys (struct riot_key_manager *riot) diff --git a/core/testing/attestation_slave_test.c b/core/testing/attestation_slave_test.c index 786458e..30ea65a 100644 --- a/core/testing/attestation_slave_test.c +++ b/core/testing/attestation_slave_test.c @@ -25,6 +25,9 @@ static const char *SUITE = "attestation_slave"; +/** + * RIoT keys for testing. + */ static struct riot_keys keys = { .devid_cert = RIOT_CORE_DEVID_CERT, .devid_cert_length = 0, @@ -36,75 +39,161 @@ static struct riot_keys keys = { .alias_cert_length = 0 }; +/** + * Dependencies for testing slave attestation processing. + */ +struct attestation_slave_testing { + struct hash_engine_mock hash; /**< Mock for hash operations. */ + struct ecc_engine_mock ecc; /**< Mock for ECC operations. */ + struct rsa_engine_mock rsa; /**< Mock for RSA operations. */ + struct x509_engine_mock x509; /**< Mock for X.509 operations. */ + struct rng_engine_mock rng; /**< Mock for random number generation. */ + struct keystore_mock keystore; /**< Mock for the attestation keystore. */ + struct riot_key_manager riot; /**< Key manager for RIoT keys. */ + struct pcr_store store; /**< Slave PCRs. */ + struct aux_attestation aux; /**< Manager for auxiliary attesattion flows. */ + struct attestation_slave slave; /**< Attestation slave being tested. */ +}; /** - * Helper function to setup the attestation manager to use mock crypto engines. + * Initialize all testing dependencies. * * @param test The test framework - * @param attestation The attestation manager instance to initialize - * @param hash The hash engine mock to initialize - * @param ecc The ECC engine mock to initialize - * @param rsa The RSA engine mock to initialize - * @param x509 The x509 engine mock to initialize - * @param rng The RNG engine mock to initialize - * @param riot RIoT keys manager to initialize - * @param store PCR store to initialize - * @param keystore The keystore to initialize - * @param aux Attestation service handler to initialize + * @param attestation Testing dependencies to initialize + * */ -static void setup_attestation_slave_mock_test (CuTest *test, - struct attestation_slave *attestation, struct hash_engine_mock *hash, - struct ecc_engine_mock *ecc, struct rsa_engine_mock *rsa, struct x509_engine_mock *x509, - struct rng_engine_mock *rng, struct riot_key_manager *riot, struct pcr_store *store, - struct keystore_mock *keystore, struct aux_attestation *aux) +static void attestation_slave_testing_init_dependencies (CuTest *test, + struct attestation_slave_testing *attestation) { - uint8_t num_pcr_measurements[1] = {1}; + uint8_t num_pcr_measurements[1] = {0}; uint8_t *dev_id_der = NULL; int status; - status = hash_mock_init (hash); + status = hash_mock_init (&attestation->hash); CuAssertIntEquals (test, 0, status); - status = ecc_mock_init (ecc); + status = ecc_mock_init (&attestation->ecc); CuAssertIntEquals (test, 0, status); - status = rsa_mock_init (rsa); + status = rsa_mock_init (&attestation->rsa); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (x509); + status = x509_mock_init (&attestation->x509); CuAssertIntEquals (test, 0, status); - status = rng_mock_init (rng); + status = rng_mock_init (&attestation->rng); CuAssertIntEquals (test, 0, status); - status = pcr_store_init (store, num_pcr_measurements, sizeof (num_pcr_measurements)); + status = pcr_store_init (&attestation->store, num_pcr_measurements, + sizeof (num_pcr_measurements)); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (keystore); + status = keystore_mock_init (&attestation->keystore); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (aux, &keystore->base, &rsa->base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore->mock, keystore->base.load_key, keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output_tmp (&keystore->mock, 1, &dev_id_der, sizeof (dev_id_der), -1); + status = mock_expect (&attestation->keystore.mock, attestation->keystore.base.load_key, + &attestation->keystore, KEYSTORE_NO_KEY, MOCK_ARG (0), MOCK_ARG_NOT_NULL, + MOCK_ARG_NOT_NULL); + status |= mock_expect_output_tmp (&attestation->keystore.mock, 1, &dev_id_der, + sizeof (dev_id_der), -1); CuAssertIntEquals (test, 0, status); keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - status = riot_key_manager_init_static (riot, &keystore->base, &keys, &x509->base); + status = riot_key_manager_init_static (&attestation->riot, &attestation->keystore.base, &keys, + &attestation->x509.base); CuAssertIntEquals (test, 0, status); - status = mock_expect (&ecc->mock, ecc->base.init_key_pair, ecc, 0, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation->ecc_priv_key), MOCK_ARG (NULL)); + status = aux_attestation_init (&attestation->aux, &attestation->keystore.base, + &attestation->rsa.base, &attestation->riot, &attestation->ecc.base); + CuAssertIntEquals (test, 0, status); +} + +/** + * Release all testing dependencies and validate mocks. + * + * @param test The test framework + * @param attestation Testing dependencies to release + * + */ +static void attestation_slave_testing_release_dependencies (CuTest *test, + struct attestation_slave_testing *attestation) +{ + int status; + + status = hash_mock_validate_and_release (&attestation->hash); CuAssertIntEquals (test, 0, status); - status = attestation_slave_init (attestation, riot, &hash->base, &ecc->base, &rng->base, - store, aux); + status = ecc_mock_validate_and_release (&attestation->ecc); + CuAssertIntEquals (test, 0, status); + + status = rsa_mock_validate_and_release (&attestation->rsa); + CuAssertIntEquals (test, 0, status); + + status = x509_mock_validate_and_release (&attestation->x509); + CuAssertIntEquals (test, 0, status); + + status = rng_mock_validate_and_release (&attestation->rng); + CuAssertIntEquals (test, 0, status); + + status = keystore_mock_validate_and_release (&attestation->keystore); + CuAssertIntEquals (test, 0, status); + + aux_attestation_release (&attestation->aux); + riot_key_manager_release (&attestation->riot); + pcr_store_release (&attestation->store); +} + +/** + * Helper function to setup the attestation manager to use mock crypto engines. + * + * @param test The test framework + * @param attestation Testing dependencies to initialize + */ +static void setup_attestation_slave_mock_test (CuTest *test, + struct attestation_slave_testing *attestation) +{ + int status; + + attestation_slave_testing_init_dependencies (test, attestation); + + status = mock_expect (&attestation->ecc.mock, attestation->ecc.base.init_key_pair, + &attestation->ecc, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation->ecc.mock, 2, 0); + CuAssertIntEquals (test, 0, status); + + status = attestation_slave_init (&attestation->slave, &attestation->riot, + &attestation->hash.base, &attestation->ecc.base, &attestation->rng.base, + &attestation->store, &attestation->aux); + CuAssertIntEquals (test, 0, status); +} + +/** + * Helper function to setup the attestation manager without aux attestation to use mock crypto + * engines. + * + * @param test The test framework + * @param attestation Testing dependencies to initialize + */ +static void setup_attestation_slave_no_aux_mock_test (CuTest *test, + struct attestation_slave_testing *attestation) +{ + int status; + + attestation_slave_testing_init_dependencies (test, attestation); + + status = mock_expect (&attestation->ecc.mock, attestation->ecc.base.init_key_pair, + &attestation->ecc, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation->ecc.mock, 2, 0); + CuAssertIntEquals (test, 0, status); + + status = attestation_slave_init_no_aux (&attestation->slave, &attestation->riot, + &attestation->hash.base, &attestation->ecc.base, &attestation->rng.base, + &attestation->store); CuAssertIntEquals (test, 0, status); } @@ -112,159 +201,20 @@ static void setup_attestation_slave_mock_test (CuTest *test, * Helper function to release attestation manager instance. * * @param test The test framework - * @param attestation The attestation manager instance to release - * @param hash The hash engine mock to release - * @param ecc The ECC engine mock to release - * @param rsa The RSA engine mock to release - * @param x509 The x509 engine mock to release - * @param rng The RNG engine mock to release - * @param store PCR store to release - * @param keystore The keystore mock to release - * @param aux The attestation service handler to release - * @param riot RIoT key manager to release + * @param attestation Testing dependencies to release */ static void complete_attestation_slave_mock_test (CuTest *test, - struct attestation_slave *attestation, struct hash_engine_mock *hash, - struct ecc_engine_mock *ecc, struct rsa_engine_mock *rsa, struct x509_engine_mock *x509, - struct rng_engine_mock *rng, struct pcr_store *store, struct keystore_mock *keystore, - struct aux_attestation *aux, struct riot_key_manager *riot) + struct attestation_slave_testing *attestation) { int status; - status = mock_expect (&ecc->mock, ecc->base.release_key_pair, ecc, 0, - MOCK_ARG (&attestation->ecc_priv_key), MOCK_ARG (NULL)); + status = mock_expect (&attestation->ecc.mock, attestation->ecc.base.release_key_pair, + &attestation->ecc, 0, MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); CuAssertIntEquals (test, 0, status); - attestation_slave_release (attestation); + attestation_slave_release (&attestation->slave); - status = hash_mock_validate_and_release (hash); - CuAssertIntEquals (test, 0, status); - - status = ecc_mock_validate_and_release (ecc); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_validate_and_release (keystore); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (aux); - riot_key_manager_release (riot); - pcr_store_release (store); -} - -/** - * Helper function to setup the attestation manager without attestation to use mock crypto engines. - * - * @param test The test framework - * @param attestation The attestation manager instance to initialize - * @param hash The hash engine mock to initialize - * @param ecc The ECC engine mock to initialize - * @param x509 The x509 engine mock to initialize - * @param rng The RNG engine mock to initialize - * @param riot RIoT keys manager to initialize - * @param store PCR store to initialize - * @param keystore The keystore to initialize - */ -static void setup_attestation_slave_no_aux_mock_test (CuTest *test, - struct attestation_slave *attestation, struct hash_engine_mock *hash, - struct ecc_engine_mock *ecc, struct x509_engine_mock *x509, struct rng_engine_mock *rng, - struct riot_key_manager *riot, struct pcr_store *store, struct keystore_mock *keystore) -{ - uint8_t num_pcr_measurements[1] = {3}; - uint8_t *dev_id_der = NULL; - int status; - - status = hash_mock_init (hash); - CuAssertIntEquals (test, 0, status); - - status = ecc_mock_init (ecc); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (rng); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_init (store, num_pcr_measurements, sizeof (num_pcr_measurements)); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (keystore); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore->mock, keystore->base.load_key, keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output_tmp (&keystore->mock, 1, &dev_id_der, sizeof (dev_id_der), -1); - CuAssertIntEquals (test, 0, status); - - keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; - keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; - keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - - status = riot_key_manager_init_static (riot, &keystore->base, &keys, &x509->base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&ecc->mock, ecc->base.init_key_pair, ecc, 0, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation->ecc_priv_key), MOCK_ARG (NULL)); - CuAssertIntEquals (test, 0, status); - - status = attestation_slave_init_no_aux (attestation, riot, &hash->base, &ecc->base, - &rng->base, store); - CuAssertIntEquals (test, 0, status); -} - -/** - * Helper function to release attestation manager instance with attestation. - * - * @param test The test framework - * @param attestation The attestation manager instance to release - * @param hash The hash engine mock to release - * @param ecc The ECC engine mock to release - * @param x509 The x509 engine mock to release - * @param rng The RNG engine mock to release - * @param store PCR store to release - * @param keystore The keystore mock to release - * @param riot RIoT key manager to release - */ -static void complete_attestation_slave_no_aux_mock_test (CuTest *test, - struct attestation_slave *attestation, struct hash_engine_mock *hash, - struct ecc_engine_mock *ecc, struct x509_engine_mock *x509, struct rng_engine_mock *rng, - struct pcr_store *store, struct keystore_mock *keystore, struct riot_key_manager *riot) -{ - int status; - - status = mock_expect (&ecc->mock, ecc->base.release_key_pair, ecc, 0, - MOCK_ARG (&attestation->ecc_priv_key), MOCK_ARG (NULL)); - CuAssertIntEquals (test, 0, status); - - attestation_slave_release (attestation); - - status = hash_mock_validate_and_release (hash); - CuAssertIntEquals (test, 0, status); - - status = ecc_mock_validate_and_release (ecc); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_validate_and_release (keystore); - CuAssertIntEquals (test, 0, status); - - riot_key_manager_release (riot); - pcr_store_release (store); + attestation_slave_testing_release_dependencies (test, attestation); } /** @@ -274,53 +224,56 @@ static void complete_attestation_slave_no_aux_mock_test (CuTest *test, * @param riot RIoT keys manager to utilize * @param keystore The keystore to utilize * @param x509 The x509 engine mock to utilize - * @param dev_id_der Buffer for signed device ID cert - * @param ca_der Buffer for root CA cert - * @param int_der Buffer for intermediate CA cert */ static void add_int_ca_to_riot_key_manager (CuTest *test, struct riot_key_manager *riot, - struct keystore_mock *keystore, struct x509_engine_mock *x509, uint8_t **dev_id_der, - uint8_t **ca_der, uint8_t **int_der) + struct keystore_mock *keystore, struct x509_engine_mock *x509) { + uint8_t *dev_id_der; + uint8_t *ca_der; + uint8_t *int_der; int status; - *dev_id_der = platform_malloc (RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN); + dev_id_der = platform_malloc (RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN); CuAssertPtrNotNull (test, dev_id_der); - *ca_der = platform_malloc (X509_CERTSS_RSA_CA_NOPL_DER_LEN); + ca_der = platform_malloc (X509_CERTSS_RSA_CA_NOPL_DER_LEN); CuAssertPtrNotNull (test, ca_der); - *int_der = platform_malloc (X509_CERTCA_ECC_CA_NOPL_DER_LEN); + int_der = platform_malloc (X509_CERTCA_ECC_CA_NOPL_DER_LEN); CuAssertPtrNotNull (test, int_der); - memcpy (*dev_id_der, RIOT_CORE_DEVID_INTR_SIGNED_CERT, RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN); - memcpy (*ca_der, X509_CERTSS_RSA_CA_NOPL_DER, X509_CERTSS_RSA_CA_NOPL_DER_LEN); - memcpy (*int_der, X509_CERTCA_ECC_CA_NOPL_DER, X509_CERTCA_ECC_CA_NOPL_DER_LEN); + memcpy (dev_id_der, RIOT_CORE_DEVID_INTR_SIGNED_CERT, RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN); + memcpy (ca_der, X509_CERTSS_RSA_CA_NOPL_DER, X509_CERTSS_RSA_CA_NOPL_DER_LEN); + memcpy (int_der, X509_CERTCA_ECC_CA_NOPL_DER, X509_CERTCA_ECC_CA_NOPL_DER_LEN); status = mock_expect (&keystore->mock, keystore->base.load_key, keystore, 0, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore->mock, 1, dev_id_der, sizeof (*dev_id_der), -1); + status |= mock_expect_output_tmp (&keystore->mock, 1, &dev_id_der, sizeof (dev_id_der), -1); status |= mock_expect_output (&keystore->mock, 2, &RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN, sizeof (RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), -1); + status |= mock_expect (&keystore->mock, keystore->base.load_key, keystore, 0, MOCK_ARG (1), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore->mock, 1, ca_der, sizeof (*ca_der), -1); + status |= mock_expect_output_tmp (&keystore->mock, 1, &ca_der, sizeof (ca_der), -1); status |= mock_expect_output (&keystore->mock, 2, &X509_CERTSS_RSA_CA_NOPL_DER_LEN, sizeof (X509_CERTSS_RSA_CA_NOPL_DER_LEN), -1); + status |= mock_expect (&keystore->mock, keystore->base.load_key, keystore, 0, MOCK_ARG (2), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore->mock, 1, int_der, sizeof (*int_der), -1); + status |= mock_expect_output_tmp (&keystore->mock, 1, &int_der, sizeof (int_der), -1); status |= mock_expect_output (&keystore->mock, 2, &X509_CERTCA_ECC_CA_NOPL_DER_LEN, sizeof (X509_CERTCA_ECC_CA_NOPL_DER_LEN), -1); + CuAssertIntEquals (test, 0, status); status = mock_expect (&x509->mock, x509->base.load_certificate, x509, 0, MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG (RIOT_CORE_ALIAS_CERT_LEN)); - mock_expect_save_arg (&x509->mock, 0, 0); - status |= mock_expect (&x509->mock, x509->base.init_ca_cert_store, x509, 0, - MOCK_ARG_NOT_NULL); + status |= mock_expect_save_arg (&x509->mock, 0, 0); + + status |= mock_expect (&x509->mock, x509->base.init_ca_cert_store, x509, 0, MOCK_ARG_NOT_NULL); status |= mock_expect_save_arg (&x509->mock, 0, 1); + status |= mock_expect (&x509->mock, x509->base.add_root_ca, x509, 0, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_PTR_CONTAINS (X509_CERTSS_RSA_CA_NOPL_DER, X509_CERTSS_RSA_CA_NOPL_DER_LEN), MOCK_ARG (X509_CERTSS_RSA_CA_NOPL_DER_LEN)); @@ -333,18 +286,22 @@ static void add_int_ca_to_riot_key_manager (CuTest *test, struct riot_key_manage MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_INTR_SIGNED_CERT, RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN)); + status |= mock_expect (&x509->mock, x509->base.authenticate, x509, 0, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_SAVED_ARG (1)); + status |= mock_expect (&x509->mock, x509->base.release_ca_cert_store, x509, 0, MOCK_ARG_SAVED_ARG (1)); status |= mock_expect (&x509->mock, x509->base.release_certificate, x509, 0, MOCK_ARG_SAVED_ARG (0)); + CuAssertIntEquals (test, 0, status); status = riot_key_manager_verify_stored_certs (riot); CuAssertIntEquals (test, 0, status); } + /******************* * Test cases *******************/ @@ -352,489 +309,175 @@ static void add_int_ca_to_riot_key_manager (CuTest *test, struct riot_key_manage static void attestation_slave_test_init (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t num_pcr_measurements[1] = {6}; - uint8_t *dev_id_der = NULL; + struct attestation_slave_testing attestation; TEST_START; - status = hash_mock_init (&hash); + attestation_slave_testing_init_dependencies (test, &attestation); + + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.init_key_pair, + &attestation.ecc, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation.ecc.mock, 2, 0); CuAssertIntEquals (test, 0, status); - status = ecc_mock_init (&ecc); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, &attestation.aux); CuAssertIntEquals (test, 0, status); + CuAssertPtrNotNull (test, attestation.slave.get_digests); + CuAssertPtrNotNull (test, attestation.slave.get_certificate); + CuAssertPtrNotNull (test, attestation.slave.challenge_response); + CuAssertPtrNotNull (test, attestation.slave.aux_attestation_unseal); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); - CuAssertIntEquals (test, 0, status); - - keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; - keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; - keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - - status = riot_key_manager_init_static (&riot, &keystore.base, &keys, &x509.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&ecc.mock, ecc.base.init_key_pair, &ecc, 0, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation.ecc_priv_key), MOCK_ARG (NULL)); - CuAssertIntEquals (test, 0, status); - - status = attestation_slave_init (&attestation, &riot, &hash.base, &ecc.base, &rng.base, - &store, &aux); - CuAssertIntEquals (test, 0, status); - CuAssertPtrNotNull (test, attestation.get_digests); - CuAssertPtrNotNull (test, attestation.get_certificate); - CuAssertPtrNotNull (test, attestation.challenge_response); - CuAssertPtrNotNull (test, attestation.aux_attestation_unseal); - - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_init_init_keypair_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - uint8_t num_pcr_measurements[1] = {6}; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t *dev_id_der = NULL; + struct attestation_slave_testing attestation; TEST_START; - status = hash_mock_init (&hash); - CuAssertIntEquals (test, 0, status); + attestation_slave_testing_init_dependencies (test, &attestation); - status = ecc_mock_init (&ecc); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); - CuAssertIntEquals (test, 0, status); - - keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; - keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; - keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - - status = riot_key_manager_init_static (&riot, &keystore.base, &keys, &x509.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&ecc.mock, ecc.base.init_key_pair, &ecc, -1, + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.init_key_pair, + &attestation.ecc, ECC_ENGINE_KEY_PAIR_FAILED, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation.ecc_priv_key), MOCK_ARG (NULL)); + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation.ecc.mock, 2, 0); CuAssertIntEquals (test, 0, status); - status = attestation_slave_init (&attestation, &riot, &hash.base, &ecc.base, &rng.base, - &store, &aux); - CuAssertIntEquals (test, -1, status); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, &attestation.aux); + CuAssertIntEquals (test, ECC_ENGINE_KEY_PAIR_FAILED, status); - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - status = ecc_mock_validate_and_release (&ecc); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); - riot_key_manager_release (&riot); - pcr_store_release (&store); + attestation_slave_testing_release_dependencies (test, &attestation); } static void attestation_slave_test_init_null (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - uint8_t num_pcr_measurements[1] = {6}; - struct aux_attestation aux; - struct keystore_mock keystore; - uint8_t *dev_id_der = NULL; + struct attestation_slave_testing attestation; TEST_START; - status = hash_mock_init (&hash); - CuAssertIntEquals (test, 0, status); + attestation_slave_testing_init_dependencies (test, &attestation); - status = ecc_mock_init (&ecc); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); - CuAssertIntEquals (test, 0, status); - - keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; - keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; - keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - - status = riot_key_manager_init_static (&riot, &keystore.base, &keys, &x509.base); - CuAssertIntEquals (test, 0, status); - - status = attestation_slave_init (NULL, &riot, &hash.base, &ecc.base, &rng.base, &store, - &aux); + status = attestation_slave_init (NULL, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, &attestation.aux); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init (&attestation, NULL, &hash.base, &ecc.base, &rng.base, - &store, &aux); + status = attestation_slave_init (&attestation.slave, NULL, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, &attestation.aux); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init (&attestation, &riot, NULL, &ecc.base, &rng.base, &store, - &aux); + status = attestation_slave_init (&attestation.slave, &attestation.riot, NULL, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, &attestation.aux); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init (&attestation, &riot, &hash.base, NULL, &rng.base, &store, - &aux); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + NULL, &attestation.rng.base, &attestation.store, &attestation.aux); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init (&attestation, &riot, &hash.base, &ecc.base, NULL, &store, - &aux); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, NULL, &attestation.store, &attestation.aux); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init (&attestation, &riot, &hash.base, &ecc.base, &rng.base, NULL, - &aux); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, NULL, &attestation.aux); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init (&attestation, &riot, &hash.base, &ecc.base, &rng.base, &store, - NULL); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, NULL); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - status = ecc_mock_validate_and_release (&ecc); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); - riot_key_manager_release (&riot); - pcr_store_release (&store); + attestation_slave_testing_release_dependencies (test, &attestation); } static void attestation_slave_test_init_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - uint8_t num_pcr_measurements[1] = {6}; - uint8_t *dev_id_der = NULL; + struct attestation_slave_testing attestation; TEST_START; - status = hash_mock_init (&hash); + attestation_slave_testing_init_dependencies (test, &attestation); + + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.init_key_pair, + &attestation.ecc, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation.ecc.mock, 2, 0); CuAssertIntEquals (test, 0, status); - status = ecc_mock_init (&ecc); + status = attestation_slave_init_no_aux (&attestation.slave, &attestation.riot, + &attestation.hash.base, &attestation.ecc.base, &attestation.rng.base, &attestation.store); CuAssertIntEquals (test, 0, status); + CuAssertPtrNotNull (test, attestation.slave.get_digests); + CuAssertPtrNotNull (test, attestation.slave.get_certificate); + CuAssertPtrNotNull (test, attestation.slave.challenge_response); + CuAssertPtrNotNull (test, attestation.slave.aux_attestation_unseal); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); - CuAssertIntEquals (test, 0, status); - - keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; - keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; - keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - - status = riot_key_manager_init_static (&riot, &keystore.base, &keys, &x509.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&ecc.mock, ecc.base.init_key_pair, &ecc, 0, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation.ecc_priv_key), MOCK_ARG (NULL)); - CuAssertIntEquals (test, 0, status); - - status = attestation_slave_init_no_aux (&attestation, &riot, &hash.base, &ecc.base, - &rng.base, &store); - CuAssertIntEquals (test, 0, status); - CuAssertPtrNotNull (test, attestation.get_digests); - CuAssertPtrNotNull (test, attestation.get_certificate); - CuAssertPtrNotNull (test, attestation.challenge_response); - CuAssertPtrNotNull (test, attestation.aux_attestation_unseal); - - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_init_no_aux_init_keypair_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - uint8_t num_pcr_measurements[1] = {6}; - struct keystore_mock keystore; - uint8_t *dev_id_der = NULL; + struct attestation_slave_testing attestation; TEST_START; - status = hash_mock_init (&hash); - CuAssertIntEquals (test, 0, status); + attestation_slave_testing_init_dependencies (test, &attestation); - status = ecc_mock_init (&ecc); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); - CuAssertIntEquals (test, 0, status); - - keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; - keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; - keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - - status = riot_key_manager_init_static (&riot, &keystore.base, &keys, &x509.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&ecc.mock, ecc.base.init_key_pair, &ecc, -1, + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.init_key_pair, + &attestation.ecc, ECC_ENGINE_KEY_PAIR_FAILED, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation.ecc_priv_key), MOCK_ARG (NULL)); + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation.ecc.mock, 2, 0); CuAssertIntEquals (test, 0, status); - status = attestation_slave_init_no_aux (&attestation, &riot, &hash.base, &ecc.base, - &rng.base, &store); - CuAssertIntEquals (test, -1, status); + status = attestation_slave_init_no_aux (&attestation.slave, &attestation.riot, + &attestation.hash.base, &attestation.ecc.base, &attestation.rng.base, &attestation.store); + CuAssertIntEquals (test, ECC_ENGINE_KEY_PAIR_FAILED, status); - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - status = ecc_mock_validate_and_release (&ecc); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - riot_key_manager_release (&riot); - pcr_store_release (&store); + attestation_slave_testing_release_dependencies (test, &attestation); } static void attestation_slave_test_init_no_aux_null (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - uint8_t num_pcr_measurements[1] = {6}; - struct keystore_mock keystore; - uint8_t *dev_id_der = NULL; + struct attestation_slave_testing attestation; TEST_START; - status = hash_mock_init (&hash); - CuAssertIntEquals (test, 0, status); + attestation_slave_testing_init_dependencies (test, &attestation); - status = ecc_mock_init (&ecc); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); - CuAssertIntEquals (test, 0, status); - - keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; - keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; - keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - - status = riot_key_manager_init_static (&riot, &keystore.base, &keys, &x509.base); - CuAssertIntEquals (test, 0, status); - - status = attestation_slave_init_no_aux (NULL, &riot, &hash.base, &ecc.base, &rng.base, - &store); + status = attestation_slave_init_no_aux (NULL, &attestation.riot, + &attestation.hash.base, &attestation.ecc.base, &attestation.rng.base, &attestation.store); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init_no_aux (&attestation, NULL, &hash.base, &ecc.base, &rng.base, - &store); + status = attestation_slave_init_no_aux (&attestation.slave, NULL, + &attestation.hash.base, &attestation.ecc.base, &attestation.rng.base, &attestation.store); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init_no_aux (&attestation, &riot, NULL, &ecc.base, &rng.base, - &store); + status = attestation_slave_init_no_aux (&attestation.slave, &attestation.riot, + NULL, &attestation.ecc.base, &attestation.rng.base, &attestation.store); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init_no_aux (&attestation, &riot, &hash.base, NULL, &rng.base, - &store); + status = attestation_slave_init_no_aux (&attestation.slave, &attestation.riot, + &attestation.hash.base, NULL, &attestation.rng.base, &attestation.store); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init_no_aux (&attestation, &riot, &hash.base, &ecc.base, NULL, - &store); + status = attestation_slave_init_no_aux (&attestation.slave, &attestation.riot, + &attestation.hash.base, &attestation.ecc.base, NULL, &attestation.store); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation_slave_init_no_aux (&attestation, &riot, &hash.base, &ecc.base, &rng.base, - NULL); + status = attestation_slave_init_no_aux (&attestation.slave, &attestation.riot, + &attestation.hash.base, &attestation.ecc.base, &attestation.rng.base, NULL); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - status = ecc_mock_validate_and_release (&ecc); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - riot_key_manager_release (&riot); - pcr_store_release (&store); + attestation_slave_testing_release_dependencies (test, &attestation); } static void attestation_slave_test_release_null (CuTest *test) @@ -847,20 +490,8 @@ static void attestation_slave_test_release_null (CuTest *test) static void attestation_slave_test_get_digests (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[96] = {0}; - uint8_t *dev_id_der; - uint8_t *ca_der; - uint8_t *int_der; uint8_t cert_hash[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f, @@ -873,52 +504,44 @@ static void attestation_slave_test_get_digests (CuTest *test) TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - add_int_ca_to_riot_key_manager (test, &riot, &keystore, &x509, &dev_id_der, &ca_der, &int_der); + add_int_ca_to_riot_key_manager (test, &attestation.riot, &attestation.keystore, + &attestation.x509); - status = mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (X509_CERTCA_ECC_CA_NOPL_DER, X509_CERTCA_ECC_CA_NOPL_DER_LEN), MOCK_ARG (X509_CERTCA_ECC_CA_NOPL_DER_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, cert_hash, 32, -1); - status |= mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status |= mock_expect_output (&attestation.hash.mock, 2, cert_hash, 32, -1); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_INTR_SIGNED_CERT, RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, &cert_hash[32], 32, -1); - status |= mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status |= mock_expect_output (&attestation.hash.mock, 2, &cert_hash[32], 32, -1); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG (RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, &cert_hash[64], 32, -1); + status |= mock_expect_output (&attestation.hash.mock, 2, &cert_hash[64], 32, -1); CuAssertIntEquals (test, 0, status); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, 96, status); CuAssertIntEquals (test, 3, num_cert); status = testing_validate_array (cert_hash, buf, 96); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; + struct attestation_slave_testing attestation; uint8_t buf[96] = {0}; - uint8_t *dev_id_der; - uint8_t *ca_der; - uint8_t *int_der; uint8_t cert_hash[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f, @@ -931,83 +554,63 @@ static void attestation_slave_test_get_digests_no_aux (CuTest *test) TEST_START; - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &riot, &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - add_int_ca_to_riot_key_manager (test, &riot, &keystore, &x509, &dev_id_der, &ca_der, &int_der); + add_int_ca_to_riot_key_manager (test, &attestation.riot, &attestation.keystore, + &attestation.x509); - status = mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (X509_CERTCA_ECC_CA_NOPL_DER, X509_CERTCA_ECC_CA_NOPL_DER_LEN), MOCK_ARG (X509_CERTCA_ECC_CA_NOPL_DER_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, cert_hash, 32, -1); - status |= mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status |= mock_expect_output (&attestation.hash.mock, 2, cert_hash, 32, -1); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_INTR_SIGNED_CERT, RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, &cert_hash[32], 32, -1); - status |= mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status |= mock_expect_output (&attestation.hash.mock, 2, &cert_hash[32], 32, -1); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG (RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, &cert_hash[64], 32, -1); + status |= mock_expect_output (&attestation.hash.mock, 2, &cert_hash[64], 32, -1); CuAssertIntEquals (test, 0, status); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, 96, status); CuAssertIntEquals (test, 3, num_cert); status = testing_validate_array (cert_hash, buf, 96); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_buf_too_small (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[1] = {0}; - uint8_t *dev_id_der; - uint8_t *ca_der; - uint8_t *int_der; uint8_t num_cert = 0; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - add_int_ca_to_riot_key_manager (test, &riot, &keystore, &x509, &dev_id_der, &ca_der, &int_der); + add_int_ca_to_riot_key_manager (test, &attestation.riot, &attestation.keystore, + &attestation.x509); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, ATTESTATION_BUF_TOO_SMALL, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_no_int_ca (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[96] = {0}; uint8_t cert_hash[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, @@ -1019,230 +622,169 @@ static void attestation_slave_test_get_digests_no_int_ca (CuTest *test) TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, cert_hash, 32, -1); - status |= mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status |= mock_expect_output (&attestation.hash.mock, 2, cert_hash, 32, -1); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG (RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect_output (&hash.mock, 2, &cert_hash[32], 32, -1); + status |= mock_expect_output (&attestation.hash.mock, 2, &cert_hash[32], 32, -1); CuAssertIntEquals (test, 0, status); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, 64, status); CuAssertIntEquals (test, 2, num_cert); status = testing_validate_array (cert_hash, buf, 64); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_no_int_ca_buf_too_small (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[1] = {0}; uint8_t num_cert = 0; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, ATTESTATION_BUF_TOO_SMALL, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_devid_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[96] = {0}; uint8_t num_cert = 0; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, HASH_ENGINE_SHA256_FAILED, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, HASH_ENGINE_SHA256_FAILED, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); CuAssertIntEquals (test, 0, status); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, HASH_ENGINE_SHA256_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_alias_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[96] = {0}; uint8_t num_cert = 0; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, HASH_ENGINE_SHA256_FAILED, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, HASH_ENGINE_SHA256_FAILED, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG (RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); CuAssertIntEquals (test, 0, status); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, HASH_ENGINE_SHA256_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_int_ca_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[96] = {0}; - uint8_t *dev_id_der; - uint8_t *ca_der; - uint8_t *int_der; uint8_t num_cert = 0; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - add_int_ca_to_riot_key_manager (test, &riot, &keystore, &x509, &dev_id_der, &ca_der, &int_der); + add_int_ca_to_riot_key_manager (test, &attestation.riot, &attestation.keystore, + &attestation.x509); - status = mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (X509_CERTCA_ECC_CA_NOPL_DER, X509_CERTCA_ECC_CA_NOPL_DER_LEN), MOCK_ARG (X509_CERTCA_ECC_CA_NOPL_DER_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, 0, + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_INTR_SIGNED_CERT, RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_INTR_SIGNED_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect (&hash.mock, hash.base.calculate_sha256, &hash, HASH_ENGINE_SHA256_FAILED, + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.calculate_sha256, + &attestation.hash, HASH_ENGINE_SHA256_FAILED, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG (RIOT_CORE_ALIAS_CERT_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (32)); CuAssertIntEquals (test, 0, status); - status = attestation.get_digests (&attestation, buf, sizeof (buf), &num_cert); + status = attestation.slave.get_digests (&attestation.slave, buf, sizeof (buf), &num_cert); CuAssertIntEquals (test, HASH_ENGINE_SHA256_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_digests_null (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint16_t buf_len = 96; uint8_t buf[96] = {0}; uint8_t num_cert = 0; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_digests (NULL, buf, buf_len, &num_cert); + status = attestation.slave.get_digests (NULL, buf, buf_len, &num_cert); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation.get_digests (&attestation, NULL, buf_len, &num_cert); + status = attestation.slave.get_digests (&attestation.slave, NULL, buf_len, &num_cert); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation.get_digests (&attestation, buf, buf_len, NULL); + status = attestation.slave.get_digests (&attestation.slave, buf, buf_len, NULL); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_dev_id_certificate (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 0, 1, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 1, &cert); CuAssertIntEquals (test, 0, status); CuAssertIntEquals (test, RIOT_CORE_DEVID_CERT_LEN, cert.length); CuAssertPtrNotNull (test, cert.cert); @@ -1250,29 +792,20 @@ static void attestation_slave_test_get_dev_id_certificate (CuTest *test) status = testing_validate_array (cert.cert, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_dev_id_certificate_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; TEST_START; - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &riot, &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 0, 1, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 1, &cert); CuAssertIntEquals (test, 0, status); CuAssertIntEquals (test, RIOT_CORE_DEVID_CERT_LEN, cert.length); CuAssertPtrNotNull (test, cert.cert); @@ -1280,31 +813,20 @@ static void attestation_slave_test_get_dev_id_certificate_no_aux (CuTest *test) status = testing_validate_array (cert.cert, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_alias_certificate (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 0, 2, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 2, &cert); CuAssertIntEquals (test, 0, status); CuAssertIntEquals (test, RIOT_CORE_ALIAS_CERT_LEN, cert.length); CuAssertPtrNotNull (test, cert.cert); @@ -1312,29 +834,20 @@ static void attestation_slave_test_get_alias_certificate (CuTest *test) status = testing_validate_array (cert.cert, RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_alias_certificate_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; TEST_START; - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &riot, &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 0, 2, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 2, &cert); CuAssertIntEquals (test, 0, status); CuAssertIntEquals (test, RIOT_CORE_ALIAS_CERT_LEN, cert.length); CuAssertPtrNotNull (test, cert.cert); @@ -1342,36 +855,23 @@ static void attestation_slave_test_get_alias_certificate_no_aux (CuTest *test) status = testing_validate_array (cert.cert, RIOT_CORE_ALIAS_CERT, RIOT_CORE_ALIAS_CERT_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_int_ca_certificate (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t *dev_id_der; - uint8_t *ca_der; - uint8_t *int_der; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - add_int_ca_to_riot_key_manager (test, &riot, &keystore, &x509, &dev_id_der, &ca_der, &int_der); + add_int_ca_to_riot_key_manager (test, &attestation.riot, &attestation.keystore, + &attestation.x509); - status = attestation.get_certificate (&attestation, 0, 0, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 0, &cert); CuAssertIntEquals (test, 0, status); CuAssertIntEquals (test, X509_CERTCA_ECC_CA_NOPL_DER_LEN, cert.length); CuAssertPtrNotNull (test, cert.cert); @@ -1380,34 +880,23 @@ static void attestation_slave_test_get_int_ca_certificate (CuTest *test) X509_CERTCA_ECC_CA_NOPL_DER_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_int_ca_certificate_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - uint8_t *dev_id_der; - uint8_t *ca_der; - uint8_t *int_der; TEST_START; - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &riot, &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - add_int_ca_to_riot_key_manager (test, &riot, &keystore, &x509, &dev_id_der, &ca_der, &int_der); + add_int_ca_to_riot_key_manager (test, &attestation.riot, &attestation.keystore, + &attestation.x509); - status = attestation.get_certificate (&attestation, 0, 0, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 0, &cert); CuAssertIntEquals (test, 0, status); CuAssertIntEquals (test, X509_CERTCA_ECC_CA_NOPL_DER_LEN, cert.length); CuAssertPtrNotNull (test, cert.cert); @@ -1416,39 +905,29 @@ static void attestation_slave_test_get_int_ca_certificate_no_aux (CuTest *test) X509_CERTCA_ECC_CA_NOPL_DER_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_aux_certificate (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; uint8_t *aux_der; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); aux_der = platform_malloc (X509_CERTCA_RSA_EE_DER_LEN); CuAssertPtrNotNull (test, aux_der); memcpy (aux_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = aux_attestation_set_certificate (&aux, aux_der, X509_CERTCA_RSA_EE_DER_LEN); + status = aux_attestation_set_certificate (&attestation.aux, aux_der, + X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - status = attestation.get_certificate (&attestation, 1, 2, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 1, 2, &cert); CuAssertIntEquals (test, 0, status); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert.length); CuAssertPtrNotNull (test, cert.cert); @@ -1456,334 +935,250 @@ static void attestation_slave_test_get_aux_certificate (CuTest *test) status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert.cert, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_aux_certificate_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; TEST_START; - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &riot, &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 1, 2, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 1, 2, &cert); CuAssertIntEquals (test, ATTESTATION_CERT_NOT_AVAILABLE, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_dev_id_certificate_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; struct riot_keys bad_keys; uint8_t num_pcr_measurements[1] = {6}; + struct der_cert cert; uint8_t *dev_id_der = NULL; TEST_START; - status = hash_mock_init (&hash); + status = hash_mock_init (&attestation.hash); CuAssertIntEquals (test, 0, status); - status = ecc_mock_init (&ecc); + status = ecc_mock_init (&attestation.ecc); CuAssertIntEquals (test, 0, status); - status = rsa_mock_init (&rsa); + status = rsa_mock_init (&attestation.rsa); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (&x509); + status = x509_mock_init (&attestation.x509); CuAssertIntEquals (test, 0, status); - status = rng_mock_init (&rng); + status = rng_mock_init (&attestation.rng); CuAssertIntEquals (test, 0, status); - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); + status = pcr_store_init (&attestation.store, num_pcr_measurements, + sizeof (num_pcr_measurements)); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + status = keystore_mock_init (&attestation.keystore); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, KEYSTORE_NO_KEY, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&attestation.keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), + -1); CuAssertIntEquals (test, 0, status); memset (&bad_keys, 0, sizeof (bad_keys)); bad_keys.alias_key = RIOT_CORE_ALIAS_KEY; bad_keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - status = riot_key_manager_init_static (&riot, &keystore.base, &bad_keys, &x509.base); + status = riot_key_manager_init_static (&attestation.riot, &attestation.keystore.base, &bad_keys, + &attestation.x509.base); CuAssertIntEquals (test, 0, status); - status = mock_expect (&ecc.mock, ecc.base.init_key_pair, &ecc, 0, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation.ecc_priv_key), MOCK_ARG (NULL)); + status = aux_attestation_init (&attestation.aux, &attestation.keystore.base, + &attestation.rsa.base, &attestation.riot, &attestation.ecc.base); CuAssertIntEquals (test, 0, status); - status = attestation_slave_init (&attestation, &riot, &hash.base, &ecc.base, &rng.base, - &store, &aux); + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.init_key_pair, + &attestation.ecc, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation.ecc.mock, 2, 0); CuAssertIntEquals (test, 0, status); - status = attestation.get_certificate (&attestation, 0, 1, &cert); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, &attestation.aux); + CuAssertIntEquals (test, 0, status); + + status = attestation.slave.get_certificate (&attestation.slave, 0, 1, &cert); CuAssertIntEquals (test, ATTESTATION_CERT_NOT_AVAILABLE, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_alias_certificate_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; struct riot_keys bad_keys; uint8_t num_pcr_measurements[1] = {6}; + struct der_cert cert; uint8_t *dev_id_der = NULL; TEST_START; - status = hash_mock_init (&hash); + status = hash_mock_init (&attestation.hash); CuAssertIntEquals (test, 0, status); - status = ecc_mock_init (&ecc); + status = ecc_mock_init (&attestation.ecc); CuAssertIntEquals (test, 0, status); - status = rsa_mock_init (&rsa); + status = rsa_mock_init (&attestation.rsa); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (&x509); + status = x509_mock_init (&attestation.x509); CuAssertIntEquals (test, 0, status); - status = rng_mock_init (&rng); + status = rng_mock_init (&attestation.rng); CuAssertIntEquals (test, 0, status); - status = pcr_store_init (&store, num_pcr_measurements, sizeof (num_pcr_measurements)); + status = pcr_store_init (&attestation.store, num_pcr_measurements, + sizeof (num_pcr_measurements)); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + status = keystore_mock_init (&attestation.keystore); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, KEYSTORE_NO_KEY, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&attestation.keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), + -1); CuAssertIntEquals (test, 0, status); memset (&bad_keys, 0, sizeof (bad_keys)); bad_keys.alias_key = RIOT_CORE_ALIAS_KEY; bad_keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; - status = riot_key_manager_init_static (&riot, &keystore.base, &bad_keys, &x509.base); + status = riot_key_manager_init_static (&attestation.riot, &attestation.keystore.base, &bad_keys, + &attestation.x509.base); CuAssertIntEquals (test, 0, status); - status = mock_expect (&ecc.mock, ecc.base.init_key_pair, &ecc, 0, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), - MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG (&attestation.ecc_priv_key), MOCK_ARG (NULL)); + status = aux_attestation_init (&attestation.aux, &attestation.keystore.base, + &attestation.rsa.base, &attestation.riot, &attestation.ecc.base); CuAssertIntEquals (test, 0, status); - status = attestation_slave_init (&attestation, &riot, &hash.base, &ecc.base, &rng.base, - &store, &aux); + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.init_key_pair, + &attestation.ecc, 0, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&attestation.ecc.mock, 2, 0); CuAssertIntEquals (test, 0, status); - status = attestation.get_certificate (&attestation, 0, 2, &cert); + status = attestation_slave_init (&attestation.slave, &attestation.riot, &attestation.hash.base, + &attestation.ecc.base, &attestation.rng.base, &attestation.store, &attestation.aux); + CuAssertIntEquals (test, 0, status); + + status = attestation.slave.get_certificate (&attestation.slave, 0, 2, &cert); CuAssertIntEquals (test, ATTESTATION_CERT_NOT_AVAILABLE, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_int_ca_certificate_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 0, 0, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 0, &cert); CuAssertIntEquals (test, ATTESTATION_CERT_NOT_AVAILABLE, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_aux_certificate_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 1, 2, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 1, 2, &cert); CuAssertIntEquals (test, ATTESTATION_CERT_NOT_AVAILABLE, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_certificate_invalid_slot_num (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, NUM_ATTESTATION_SLOT_NUM, 0, &cert); + status = attestation.slave.get_certificate (&attestation.slave, NUM_ATTESTATION_SLOT_NUM, 0, + &cert); CuAssertIntEquals (test, ATTESTATION_INVALID_SLOT_NUM, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_certificate_invalid_cert_num (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_certificate (&attestation, 0, 3, &cert); + status = attestation.slave.get_certificate (&attestation.slave, 0, 3, &cert); CuAssertIntEquals (test, ATTESTATION_INVALID_CERT_NUM, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_get_certificate_null (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct der_cert cert; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.get_certificate (NULL, 0, 0, &cert); + status = attestation.slave.get_certificate (NULL, 0, 0, &cert); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation.get_certificate (&attestation, 0, 0, NULL); + status = attestation.slave.get_certificate (&attestation.slave, 0, 0, NULL); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct attestation_challenge challenge = {0}; struct attestation_response *response; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; uint8_t buf[136] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -1796,52 +1191,41 @@ static void attestation_slave_test_pa_rot_challenge_response (CuTest *test) }; uint16_t buf_len = sizeof (buf); + TEST_START; + response = (struct attestation_response*)buf; challenge.nonce[0] = 0xAA; challenge.nonce[31] = 0xBB; - memcpy (buf, (uint8_t*)&challenge, sizeof (struct attestation_challenge)); + memcpy (buf, (uint8_t*) &challenge, sizeof (struct attestation_challenge)); + setup_attestation_slave_mock_test (test, &attestation); - TEST_START; - - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); - - status = mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (32), - MOCK_ARG_NOT_NULL); + status = mock_expect (&attestation.rng.mock, attestation.rng.base.generate_random_buffer, + &attestation.rng, 0, MOCK_ARG (32), MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), MOCK_ARG (sizeof (struct attestation_challenge))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG (32 + sizeof (struct attestation_response))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG (32)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_NOT_NULL, MOCK_ARG (32 + sizeof (struct attestation_response))); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.finish, &attestation.hash, + 0, MOCK_ARG_NOT_NULL, MOCK_ARG (32)); CuAssertIntEquals (test, 0, status); - status = mock_expect (&ecc.mock, ecc.base.sign, &ecc, 64, MOCK_ARG (&attestation.ecc_priv_key), - MOCK_ARG_NOT_NULL, MOCK_ARG (32), MOCK_ARG_NOT_NULL, MOCK_ARG (64)); - status |= mock_expect_output (&ecc.mock, 3, signature, sizeof (signature), -1); + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.sign, &attestation.ecc, 64, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG (32), MOCK_ARG_NOT_NULL, MOCK_ARG (64)); + status |= mock_expect_output (&attestation.ecc.mock, 3, signature, sizeof (signature), -1); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, 136, status); CuAssertIntEquals (test, 0, response->slot_num); CuAssertIntEquals (test, 1, response->slot_mask); @@ -1857,37 +1241,20 @@ static void attestation_slave_test_pa_rot_challenge_response (CuTest *test) sizeof (signature)); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct attestation_challenge challenge = {0}; struct attestation_response *response; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; uint8_t buf[136] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f }; - uint8_t digest1[] = { - 0xfc,0x3d,0x9d,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0x77,0x5b,0x12,0xc7,0x4d,0x6e, - 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4e,0x7f,0x38,0x9c,0x4f,0x6f,0x38,0x9c,0x4a - }; - uint8_t digest2[] = { - 0xf3,0xaa,0x91,0xe6,0x00,0x13,0xd6,0x11,0x12,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, - 0x7d,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x34,0x9c,0x4f - }; uint8_t signature[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f, @@ -1903,70 +1270,40 @@ static void attestation_slave_test_pa_rot_challenge_response_no_aux (CuTest *tes challenge.nonce[0] = 0xAA; challenge.nonce[31] = 0xBB; - memcpy (buf, (uint8_t*)&challenge, sizeof (struct attestation_challenge)); + memcpy (buf, (uint8_t*) &challenge, sizeof (struct attestation_challenge)); - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &riot, &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - status = mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (32), - MOCK_ARG_NOT_NULL); + status = mock_expect (&attestation.rng.mock, attestation.rng.base.generate_random_buffer, + &attestation.rng, 0, MOCK_ARG (32), MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, digest1, sizeof (digest1), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (digest1, sizeof (digest1)), MOCK_ARG (sizeof (digest1))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, digest2, sizeof (digest2), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (digest2, sizeof (digest2)), MOCK_ARG (sizeof (digest2))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), MOCK_ARG (sizeof (struct attestation_challenge))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG (32 + sizeof (struct attestation_response))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG (32)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_NOT_NULL, MOCK_ARG (32 + sizeof (struct attestation_response))); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.finish, &attestation.hash, + 0, MOCK_ARG_NOT_NULL, MOCK_ARG (32)); CuAssertIntEquals (test, 0, status); - status = mock_expect (&ecc.mock, ecc.base.sign, &ecc, 64, MOCK_ARG (&attestation.ecc_priv_key), - MOCK_ARG_NOT_NULL, MOCK_ARG (32), MOCK_ARG_NOT_NULL, MOCK_ARG (64)); - status |= mock_expect_output (&ecc.mock, 3, signature, sizeof (signature), -1); + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.sign, &attestation.ecc, 64, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG (32), MOCK_ARG_NOT_NULL, MOCK_ARG (64)); + status |= mock_expect_output (&attestation.ecc.mock, 3, signature, sizeof (signature), -1); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, 136, status); CuAssertIntEquals (test, 0, response->slot_num); CuAssertIntEquals (test, 1, response->slot_mask); CuAssertIntEquals (test, 1, response->min_protocol_version); CuAssertIntEquals (test, 1, response->max_protocol_version); - CuAssertIntEquals (test, 3, response->num_digests); + CuAssertIntEquals (test, 1, response->num_digests); CuAssertIntEquals (test, 32, response->digests_size); status = testing_validate_array (measurement, buf + sizeof (struct attestation_response), @@ -1976,86 +1313,53 @@ static void attestation_slave_test_pa_rot_challenge_response_no_aux (CuTest *tes sizeof (signature)); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_invalid_slot_num (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[137]; uint16_t buf_len = sizeof (buf); TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); buf[0] = 1; - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, ATTESTATION_INVALID_SLOT_NUM, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_compute_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[137] = {0}; uint16_t buf_len = sizeof (buf); TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - attestation.pcr_store = NULL; + attestation.slave.pcr_store = NULL; - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, PCR_INVALID_ARGUMENT, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_buf_smaller_than_response ( CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[72] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -2064,44 +1368,22 @@ static void attestation_slave_test_pa_rot_challenge_response_buf_smaller_than_re TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); - CuAssertIntEquals (test, 0, status); - - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, ATTESTATION_BUF_TOO_SMALL, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_start_hash_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[137] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -2110,50 +1392,28 @@ static void attestation_slave_test_pa_rot_challenge_response_start_hash_fail (Cu TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, HASH_ENGINE_START_SHA256_FAILED); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, - HASH_ENGINE_START_SHA256_FAILED); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); - CuAssertIntEquals (test, 0, status); - - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, HASH_ENGINE_START_SHA256_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_update_challenge_hash_fail ( CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct attestation_challenge challenge = {0}; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; uint8_t buf[137] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -2165,54 +1425,35 @@ static void attestation_slave_test_pa_rot_challenge_response_update_challenge_ha challenge.nonce[0] = 0xAA; challenge.nonce[31] = 0xBB; - memcpy (buf, (uint8_t*)&challenge, sizeof (struct attestation_challenge)); + memcpy (buf, (uint8_t*) &challenge, sizeof (struct attestation_challenge)); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_SHA256_FAILED, + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + HASH_ENGINE_SHA256_FAILED, MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), MOCK_ARG (sizeof (struct attestation_challenge))); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.cancel, &attestation.hash, + 0); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, HASH_ENGINE_SHA256_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_rng_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct attestation_challenge challenge = {0}; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; uint8_t buf[137] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -2224,59 +1465,39 @@ static void attestation_slave_test_pa_rot_challenge_response_rng_fail (CuTest *t challenge.nonce[0] = 0xAA; challenge.nonce[31] = 0xBB; - memcpy (buf, (uint8_t*)&challenge, sizeof (struct attestation_challenge)); + memcpy (buf, (uint8_t*) &challenge, sizeof (struct attestation_challenge)); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, RNG_ENGINE_NO_MEMORY, - MOCK_ARG (32), MOCK_ARG_NOT_NULL); + status = mock_expect (&attestation.rng.mock, attestation.rng.base.generate_random_buffer, + &attestation.rng, RNG_ENGINE_NO_MEMORY, MOCK_ARG (32), MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), MOCK_ARG (sizeof (struct attestation_challenge))); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.cancel, &attestation.hash, + 0); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, RNG_ENGINE_NO_MEMORY, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_update_response_hash_fail ( CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct attestation_challenge challenge = {0}; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; uint8_t buf[137] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -2288,60 +1509,41 @@ static void attestation_slave_test_pa_rot_challenge_response_update_response_has challenge.nonce[0] = 0xAA; challenge.nonce[31] = 0xBB; - memcpy (buf, (uint8_t*)&challenge, sizeof (struct attestation_challenge)); + memcpy (buf, (uint8_t*) &challenge, sizeof (struct attestation_challenge)); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (32), - MOCK_ARG_NOT_NULL); + status = mock_expect (&attestation.rng.mock, attestation.rng.base.generate_random_buffer, + &attestation.rng, 0, MOCK_ARG (32), MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), MOCK_ARG (sizeof (struct attestation_challenge))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_SHA256_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG (32 + sizeof (struct attestation_response))); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + HASH_ENGINE_SHA256_FAILED, MOCK_ARG_NOT_NULL, + MOCK_ARG (32 + sizeof (struct attestation_response))); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.cancel, &attestation.hash, + 0); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, HASH_ENGINE_SHA256_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_finish_hash_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct attestation_challenge challenge = {0}; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; uint8_t buf[137] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -2353,62 +1555,42 @@ static void attestation_slave_test_pa_rot_challenge_response_finish_hash_fail (C challenge.nonce[0] = 0xAA; challenge.nonce[31] = 0xBB; - memcpy (buf, (uint8_t*)&challenge, sizeof (struct attestation_challenge)); + memcpy (buf, (uint8_t*) &challenge, sizeof (struct attestation_challenge)); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (32), - MOCK_ARG_NOT_NULL); + status = mock_expect (&attestation.rng.mock, attestation.rng.base.generate_random_buffer, + &attestation.rng, 0, MOCK_ARG (32), MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), MOCK_ARG (sizeof (struct attestation_challenge))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG (32 + sizeof (struct attestation_response))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, HASH_ENGINE_FINISH_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG (32)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_NOT_NULL, MOCK_ARG (32 + sizeof (struct attestation_response))); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.finish, &attestation.hash, + HASH_ENGINE_FINISH_FAILED, MOCK_ARG_NOT_NULL, MOCK_ARG (32)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.cancel, &attestation.hash, + 0); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, HASH_ENGINE_FINISH_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_sign_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; + struct attestation_slave_testing attestation; struct attestation_challenge challenge = {0}; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; uint8_t buf[136] = {0}; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; uint8_t measurement[] = { 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f @@ -2420,128 +1602,80 @@ static void attestation_slave_test_pa_rot_challenge_response_sign_fail (CuTest * challenge.nonce[0] = 0xAA; challenge.nonce[31] = 0xBB; - memcpy (buf, (uint8_t*)&challenge, sizeof (struct attestation_challenge)); + memcpy (buf, (uint8_t*) &challenge, sizeof (struct attestation_challenge)); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (32), - MOCK_ARG_NOT_NULL); + status = mock_expect (&attestation.rng.mock, attestation.rng.base.generate_random_buffer, + &attestation.rng, 0, MOCK_ARG (32), MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (measurement, sizeof (measurement)), MOCK_ARG (sizeof (measurement))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&hash.mock, 0, measurement, sizeof (measurement), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&hash.mock, hash.base.start_sha256, &hash, 0); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), + status = mock_expect (&attestation.hash.mock, attestation.hash.base.start_sha256, + &attestation.hash, 0); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (&challenge, sizeof (struct attestation_challenge)), MOCK_ARG (sizeof (struct attestation_challenge))); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG (32 + sizeof (struct attestation_response))); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG (32)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_NOT_NULL, MOCK_ARG (32 + sizeof (struct attestation_response))); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.finish, &attestation.hash, + 0, MOCK_ARG_NOT_NULL, MOCK_ARG (32)); CuAssertIntEquals (test, 0, status); - status = mock_expect (&ecc.mock, ecc.base.sign, &ecc, ECC_ENGINE_NO_MEMORY, - MOCK_ARG (&attestation.ecc_priv_key), MOCK_ARG_NOT_NULL, MOCK_ARG (32), MOCK_ARG_NOT_NULL, - MOCK_ARG (64)); + status = mock_expect (&attestation.ecc.mock, attestation.ecc.base.sign, &attestation.ecc, + ECC_ENGINE_NO_MEMORY, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG (32), + MOCK_ARG_NOT_NULL, MOCK_ARG (64)); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, measurement, sizeof (measurement)); + status = pcr_store_update_digest (&attestation.store, 0, measurement, sizeof (measurement)); CuAssertIntEquals (test, 0, status); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, ECC_ENGINE_NO_MEMORY, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_buf_too_small (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[1]; uint16_t buf_len = sizeof (buf); TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.challenge_response (&attestation, buf, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, buf, buf_len); CuAssertIntEquals (test, ATTESTATION_BAD_LENGTH, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_pa_rot_challenge_response_null (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t buf[137]; uint16_t buf_len = sizeof (buf); TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.challenge_response (NULL, buf, buf_len); + status = attestation.slave.challenge_response (NULL, buf, buf_len); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation.challenge_response (&attestation, NULL, buf_len); + status = attestation.slave.challenge_response (&attestation.slave, NULL, buf_len); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_attestation_unseal (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct hash_engine_mock aux_hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; - uint8_t buffer1[] = { - 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, - 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f - }; + struct attestation_slave_testing attestation; uint8_t key[SHA256_HASH_LENGTH]; uint8_t *key_der; @@ -2552,406 +1686,289 @@ static void attestation_slave_test_aux_attestation_unseal (CuTest *test) memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = hash_mock_init (&aux_hash); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&aux_hash.mock, aux_hash.base.start_sha256, &aux_hash, 0); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer1, sizeof (buffer1)), MOCK_ARG (sizeof (buffer1))); - status |= mock_expect (&aux_hash.mock, aux_hash.base.finish, &aux_hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&aux_hash.mock, 0, PCR0_VALUE, PCR0_VALUE_LEN, -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, 0, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&attestation.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&attestation.keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, sizeof (RSA_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - status = mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, + status = mock_expect (&attestation.rsa.mock, attestation.rsa.base.init_private_key, + &attestation.rsa, 0, MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect_save_arg (&attestation.rsa.mock, 0, 0); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.decrypt, &attestation.rsa, + KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect_output (&attestation.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.release_key, + &attestation.rsa, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = hash_mock_expect_hmac_init (&aux_hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + status = hash_mock_expect_hmac_init (&attestation.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&aux_hash, KEY_SEED, KEY_SEED_LEN, NULL, + status |= hash_mock_expect_hmac_finish (&attestation.hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); - status |= hash_mock_expect_hmac_init (&aux_hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), + status |= hash_mock_expect_hmac_init (&attestation.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&aux_hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_finish (&attestation.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); - status |= hash_mock_expect_hmac_init (&aux_hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + status |= hash_mock_expect_hmac_init (&attestation.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&aux_hash, KEY_SEED, KEY_SEED_LEN, NULL, + status |= hash_mock_expect_hmac_finish (&attestation.hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); CuAssertIntEquals (test, 0, status); - status = pcr_store_update_digest (&store, 0, buffer1, sizeof (buffer1)); + status = pcr_store_update_digest (&attestation.store, 0, PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = attestation.aux_attestation_unseal (&attestation, &aux_hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, key, - sizeof (key), 0); - CuAssertIntEquals (test, ENCRYPTION_KEY_LEN, status); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, 0, status); status = testing_validate_array (ENCRYPTION_KEY, key, status); CuAssertIntEquals (test, 0, status); - status = hash_mock_validate_and_release (&aux_hash); + complete_attestation_slave_mock_test (test, &attestation); +} + +static void attestation_slave_test_aux_attestation_unseal_sha256 (CuTest *test) +{ + int status; + struct attestation_slave_testing attestation; + uint8_t key[SHA256_HASH_LENGTH]; + uint8_t *key_der; + + TEST_START; + + key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + + setup_attestation_slave_mock_test (test, &attestation); + + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, 0, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&attestation.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&attestation.keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, + sizeof (RSA_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + status = mock_expect (&attestation.rsa.mock, attestation.rsa.base.init_private_key, + &attestation.rsa, 0, MOCK_ARG_NOT_NULL, + MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), + MOCK_ARG (RSA_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&attestation.rsa.mock, 0, 0); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.decrypt, &attestation.rsa, + KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP_SHA256, KEY_SEED_ENCRYPT_OAEP_SHA256_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_SHA256_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA256), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&attestation.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.release_key, + &attestation.rsa, 0, MOCK_ARG_SAVED_ARG (0)); + CuAssertIntEquals (test, 0, status); + + status = hash_mock_expect_hmac_init (&attestation.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&attestation.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_init (&attestation.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), + MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&attestation.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + status |= hash_mock_expect_hmac_init (&attestation.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&attestation.hash.mock, attestation.hash.base.update, &attestation.hash, + 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&attestation.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&attestation.store, 0, PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP_SHA256, KEY_SEED_ENCRYPT_OAEP_SHA256_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA256, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, key, status); + CuAssertIntEquals (test, 0, status); + + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_attestation_unseal_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; + struct attestation_slave_testing attestation; uint8_t key[SHA256_HASH_LENGTH]; TEST_START; - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &riot, &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - status = attestation.aux_attestation_unseal (&attestation, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, key, - sizeof (key), 0); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); CuAssertIntEquals (test, ATTESTATION_UNSUPPORTED_OPERATION, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_attestation_unseal_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct hash_engine_mock aux_hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t key[SHA256_HASH_LENGTH]; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; - uint8_t buffer1[] = { - 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, - 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f - }; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = hash_mock_init (&aux_hash); + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, KEYSTORE_LOAD_FAILED, MOCK_ARG (0), MOCK_ARG_NOT_NULL, + MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = mock_expect (&aux_hash.mock, aux_hash.base.start_sha256, &aux_hash, 0); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer1, sizeof (buffer1)), MOCK_ARG (sizeof (buffer1))); - status |= mock_expect (&aux_hash.mock, aux_hash.base.finish, &aux_hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&aux_hash.mock, 0, PCR0_VALUE, PCR0_VALUE_LEN, -1); + status = pcr_store_update_digest (&attestation.store, 0, PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, -1, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - CuAssertIntEquals (test, 0, status); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, KEYSTORE_LOAD_FAILED, status); - status = pcr_store_update_digest (&store, 0, buffer1, sizeof (buffer1)); - CuAssertIntEquals (test, 0, status); - - status = attestation.aux_attestation_unseal (&attestation, &aux_hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, key, - sizeof (key), 0); - CuAssertIntEquals (test, -1, status); - - status = hash_mock_validate_and_release (&aux_hash); - CuAssertIntEquals (test, 0, status); - - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); -} - -static void attestation_slave_test_aux_attestation_unseal_get_measurement_fail (CuTest *test) -{ - int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct hash_engine_mock aux_hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t key[SHA256_HASH_LENGTH]; - uint8_t buffer1[] = { - 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, - 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f - }; - - TEST_START; - - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); - - status = hash_mock_init (&aux_hash); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&aux_hash.mock, aux_hash.base.start_sha256, &aux_hash, - HASH_ENGINE_NO_MEMORY); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_update_digest (&store, 0, buffer1, sizeof (buffer1)); - CuAssertIntEquals (test, 0, status); - - status = attestation.aux_attestation_unseal (&attestation, &aux_hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, key, - sizeof (key), 0); - CuAssertIntEquals (test, HASH_ENGINE_NO_MEMORY, status); - - status = hash_mock_validate_and_release (&aux_hash); - CuAssertIntEquals (test, 0, status); - - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); -} - -static void attestation_slave_test_aux_attestation_unseal_invalid_key_len (CuTest *test) -{ - int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct hash_engine_mock aux_hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t key[SHA256_HASH_LENGTH]; - uint8_t buffer0[PCR_DIGEST_LENGTH] = {0}; - uint8_t buffer1[] = { - 0xfc,0x3d,0x91,0xe6,0xc1,0x13,0xd6,0x82,0x18,0x33,0xf6,0x5b,0x12,0xc7,0xe7,0x6e, - 0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f,0x7f,0x38,0x9c,0x4f - }; - uint8_t *key_der; - - TEST_START; - - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); - CuAssertPtrNotNull (test, key_der); - - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); - - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); - - status = hash_mock_init (&aux_hash); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&aux_hash.mock, aux_hash.base.start_sha256, &aux_hash, 0); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer0, sizeof (buffer0)), MOCK_ARG (sizeof (buffer0))); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (buffer1, sizeof (buffer1)), MOCK_ARG (sizeof (buffer1))); - status |= mock_expect (&aux_hash.mock, aux_hash.base.finish, &aux_hash, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG (PCR_DIGEST_LENGTH)); - status |= mock_expect_output (&aux_hash.mock, 0, PCR0_VALUE, PCR0_VALUE_LEN, -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), - MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), - MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), - MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_expect_hmac_init (&aux_hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), - MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), - MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), - MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&aux_hash, KEY_SEED, KEY_SEED_LEN, NULL, - SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); - status |= hash_mock_expect_hmac_init (&aux_hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&aux_hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, - SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); - status |= hash_mock_expect_hmac_init (&aux_hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), - MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), - MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); - status |= mock_expect (&aux_hash.mock, aux_hash.base.update, &aux_hash, 0, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), - MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&aux_hash, KEY_SEED, KEY_SEED_LEN, NULL, - SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); - CuAssertIntEquals (test, 0, status); - - status = pcr_store_update_digest (&store, 0, buffer1, sizeof (buffer1)); - CuAssertIntEquals (test, 0, status); - - status = attestation.aux_attestation_unseal (&attestation, &aux_hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, key, - sizeof (key) - 1, 0); - CuAssertIntEquals (test, ATTESTATION_BUF_TOO_SMALL, status); - - status = hash_mock_validate_and_release (&aux_hash); - CuAssertIntEquals (test, 0, status); - - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_attestation_unseal_null (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct hash_engine_mock aux_hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; - const uint8_t seed = 0; - const uint8_t hmac = 0; - const uint8_t ciphertext = 0; - const uint8_t sealing = 0; - uint8_t key[2]; - size_t seed_length = 1; - size_t cipher_length = 1; + struct attestation_slave_testing attestation; + uint8_t key[32]; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = hash_mock_init (&aux_hash); - CuAssertIntEquals (test, 0, status); - - status = attestation.aux_attestation_unseal (NULL, &aux_hash.base, &seed, seed_length, &hmac, - &ciphertext, cipher_length, &sealing, key, sizeof (key), 0); + status = attestation.slave.aux_attestation_unseal (NULL, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - status = attestation.aux_attestation_unseal (&attestation, NULL, &seed, seed_length, &hmac, - &ciphertext, cipher_length, &sealing, key, sizeof (key), 0); - CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, NULL, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = attestation.aux_attestation_unseal (&attestation, &aux_hash.base, &seed, seed_length, - &hmac, &ciphertext, cipher_length, &sealing, NULL, sizeof (key), 0); - CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, NULL, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = attestation.aux_attestation_unseal (&attestation, &aux_hash.base, &seed, seed_length, - &hmac, &ciphertext, cipher_length, &sealing, key, 0, 0); - CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, 0, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = hash_mock_validate_and_release (&aux_hash); - CuAssertIntEquals (test, 0, status); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, NULL, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + NULL, CIPHER_TEXT_LEN, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, 0, SEALING_POLICY, 1, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, NULL, 1, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 0, key, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = attestation.slave.aux_attestation_unseal (&attestation.slave, &attestation.hash.base, + AUX_ATTESTATION_KEY_256BIT, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, NULL, sizeof (key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_decrypt (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t decrypted[4224]; uint8_t *key_der; @@ -2962,52 +1979,43 @@ static void attestation_slave_test_aux_decrypt (CuTest *test) memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, 0, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&attestation.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&attestation.keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, sizeof (RSA_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - status = mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, + status = mock_expect (&attestation.rsa.mock, attestation.rsa.base.init_private_key, + &attestation.rsa, 0, MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), - MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), - MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), - MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect_save_arg (&attestation.rsa.mock, 0, 0); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.decrypt, &attestation.rsa, + KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, + KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), + MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); + status |= mock_expect_output (&attestation.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.release_key, + &attestation.rsa, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = attestation.aux_decrypt (&attestation, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, - NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); + status = attestation.slave.aux_decrypt (&attestation.slave, KEY_SEED_ENCRYPT_OAEP, + KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEY_SEED_LEN, status); status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_decrypt_with_label (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t decrypted[4224]; uint8_t *key_der; @@ -3018,55 +2026,47 @@ static void attestation_slave_test_aux_decrypt_with_label (CuTest *test) memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, 0, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&attestation.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&attestation.keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, sizeof (RSA_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - status = mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, + status = mock_expect (&attestation.rsa.mock, attestation.rsa.base.init_private_key, + &attestation.rsa, 0, MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect_save_arg (&attestation.rsa.mock, 0, 0); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.decrypt, &attestation.rsa, + KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG_PTR_CONTAINS (RSA_ENCRYPT_LABEL, RSA_ENCRYPT_LABEL_LEN), MOCK_ARG (RSA_ENCRYPT_LABEL_LEN), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect_output (&attestation.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.release_key, + &attestation.rsa, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = attestation.aux_decrypt (&attestation, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, - (uint8_t*) RSA_ENCRYPT_LABEL, RSA_ENCRYPT_LABEL_LEN, HASH_TYPE_SHA1, decrypted, - sizeof (decrypted)); + status = attestation.slave.aux_decrypt (&attestation.slave, KEY_SEED_ENCRYPT_OAEP, + KEY_SEED_ENCRYPT_OAEP_LEN, (uint8_t*) RSA_ENCRYPT_LABEL, RSA_ENCRYPT_LABEL_LEN, + HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEY_SEED_LEN, status); status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_decrypt_sha256 (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t decrypted[4224]; uint8_t *key_der; @@ -3077,125 +2077,97 @@ static void attestation_slave_test_aux_decrypt_sha256 (CuTest *test) memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, 0, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&attestation.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&attestation.keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, sizeof (RSA_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - status = mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, + status = mock_expect (&attestation.rsa.mock, attestation.rsa.base.init_private_key, + &attestation.rsa, 0, MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect_save_arg (&attestation.rsa.mock, 0, 0); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.decrypt, &attestation.rsa, + KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA256), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect_output (&attestation.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect (&attestation.rsa.mock, attestation.rsa.base.release_key, + &attestation.rsa, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = attestation.aux_decrypt (&attestation, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, - NULL, 0, HASH_TYPE_SHA256, decrypted, sizeof (decrypted)); + status = attestation.slave.aux_decrypt (&attestation.slave, KEY_SEED_ENCRYPT_OAEP, + KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA256, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEY_SEED_LEN, status); status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); CuAssertIntEquals (test, 0, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_decrypt_no_aux (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; + struct attestation_slave_testing attestation; uint8_t decrypted[4224]; TEST_START; - setup_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, &riot, - &store, &keystore); + setup_attestation_slave_no_aux_mock_test (test, &attestation); - status = attestation.aux_decrypt (&attestation, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, - NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); + status = attestation.slave.aux_decrypt (&attestation.slave, KEY_SEED_ENCRYPT_OAEP, + KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, ATTESTATION_UNSUPPORTED_OPERATION, status); - complete_attestation_slave_no_aux_mock_test (test, &attestation, &hash, &ecc, &x509, &rng, - &store, &keystore, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_decrypt_fail (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t decrypted[4224]; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_LOAD_FAILED, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status = mock_expect (&attestation.keystore.mock, attestation.keystore.base.load_key, + &attestation.keystore, KEYSTORE_LOAD_FAILED, MOCK_ARG (0), MOCK_ARG_NOT_NULL, + MOCK_ARG_NOT_NULL); CuAssertIntEquals (test, 0, status); - status = attestation.aux_decrypt (&attestation, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, - NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); + status = attestation.slave.aux_decrypt (&attestation.slave, KEY_SEED_ENCRYPT_OAEP, + KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEYSTORE_LOAD_FAILED, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } static void attestation_slave_test_aux_decrypt_null (CuTest *test) { int status; - struct attestation_slave attestation; - struct hash_engine_mock hash; - struct ecc_engine_mock ecc; - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct riot_key_manager riot; - struct pcr_store store; - struct keystore_mock keystore; - struct aux_attestation aux; + struct attestation_slave_testing attestation; uint8_t decrypted[4224]; TEST_START; - setup_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, - &riot, &store, &keystore, &aux); + setup_attestation_slave_mock_test (test, &attestation); - status = attestation.aux_decrypt (NULL, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + status = attestation.slave.aux_decrypt (NULL, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, ATTESTATION_INVALID_ARGUMENT, status); - complete_attestation_slave_mock_test (test, &attestation, &hash, &ecc, &rsa, &x509, &rng, &store, - &keystore, &aux, &riot); + complete_attestation_slave_mock_test (test, &attestation); } + CuSuite* get_attestation_slave_suite () { CuSuite *suite = CuSuiteNew (); @@ -3248,11 +2220,9 @@ CuSuite* get_attestation_slave_suite () SUITE_ADD_TEST (suite, attestation_slave_test_pa_rot_challenge_response_buf_too_small); SUITE_ADD_TEST (suite, attestation_slave_test_pa_rot_challenge_response_null); SUITE_ADD_TEST (suite, attestation_slave_test_aux_attestation_unseal); + SUITE_ADD_TEST (suite, attestation_slave_test_aux_attestation_unseal_sha256); SUITE_ADD_TEST (suite, attestation_slave_test_aux_attestation_unseal_no_aux); SUITE_ADD_TEST (suite, attestation_slave_test_aux_attestation_unseal_fail); - SUITE_ADD_TEST (suite, - attestation_slave_test_aux_attestation_unseal_get_measurement_fail); - SUITE_ADD_TEST (suite, attestation_slave_test_aux_attestation_unseal_invalid_key_len); SUITE_ADD_TEST (suite, attestation_slave_test_aux_attestation_unseal_null); SUITE_ADD_TEST (suite, attestation_slave_test_aux_decrypt); SUITE_ADD_TEST (suite, attestation_slave_test_aux_decrypt_with_label); diff --git a/core/testing/aux_attestation_test.c b/core/testing/aux_attestation_test.c index 2871e27..d65404f 100644 --- a/core/testing/aux_attestation_test.c +++ b/core/testing/aux_attestation_test.c @@ -9,14 +9,17 @@ #include "attestation/aux_attestation.h" #include "mock/keystore_mock.h" #include "mock/rsa_mock.h" +#include "mock/ecc_mock.h" #include "mock/hash_mock.h" #include "mock/x509_mock.h" #include "mock/rng_mock.h" #include "engines/rsa_testing_engine.h" +#include "engines/ecc_testing_engine.h" #include "engines/hash_testing_engine.h" #include "engines/x509_testing_engine.h" #include "engines/rng_testing_engine.h" #include "rsa_testing.h" +#include "ecc_testing.h" #include "riot_core_testing.h" #include "x509_testing.h" @@ -28,35 +31,76 @@ static const char *SUITE = "aux_attestation"; * The random seed for key derivation. */ const uint8_t KEY_SEED[] = { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef + 0xc1,0x2e,0x04,0x48,0x28,0x26,0x1e,0x80,0x38,0xb0,0x62,0x2a,0x7f,0x41,0xb1,0x9d, + 0x04,0x11,0xea,0xae,0xbb,0x8c,0xde,0x67,0x5a,0x6b,0xc5,0x18,0x8b,0x59,0xb1,0xd3 }; const size_t KEY_SEED_LEN = sizeof (KEY_SEED); /** - * The random seed encrypted with the RSA public key using OAEP padding. + * The random seed encrypted with the RSA3k public key using OAEP SHA1 padding. */ const uint8_t KEY_SEED_ENCRYPT_OAEP[] = { - 0x91,0x78,0x45,0xa6,0xc0,0x00,0x39,0x05,0x9a,0xfe,0xc2,0xeb,0x0c,0xfb,0xe7,0x43, - 0xae,0x52,0xd3,0x6a,0xce,0x0e,0xac,0xb7,0x0b,0xc1,0x51,0xb3,0x9c,0xbd,0xce,0xd9, - 0x41,0x87,0x79,0x45,0x30,0xe9,0x63,0x7d,0xfd,0xc6,0x83,0xcb,0x50,0x95,0x1e,0xab, - 0x6d,0xdf,0x76,0x29,0x5c,0x62,0xb9,0x20,0x30,0x4f,0xf2,0x90,0x61,0x1e,0x38,0x9a, - 0x37,0x9a,0x8e,0x75,0xcd,0x77,0x99,0x6a,0x3f,0x63,0x5c,0xac,0xa7,0xfb,0x25,0xf6, - 0xf9,0xeb,0x9e,0x1e,0x8b,0xd6,0xde,0x9d,0xc4,0x90,0x46,0xe7,0xe9,0x90,0x65,0x1b, - 0xbe,0x18,0x63,0xe8,0xfa,0x9f,0x1c,0x20,0x06,0x4d,0xb4,0xab,0x7d,0x7e,0x83,0xaf, - 0x4a,0xa2,0xb6,0x7d,0x61,0xfe,0x01,0x20,0xce,0xe2,0xf7,0x46,0x0d,0x52,0x68,0x0c, - 0x03,0x96,0x3e,0x64,0x9b,0x12,0x4b,0x13,0xc4,0xf1,0x90,0x6d,0x6c,0x80,0xac,0xcd, - 0xb3,0x07,0xbb,0xee,0xdf,0x67,0x5c,0xfa,0xd0,0x79,0xe9,0x75,0x28,0x82,0x2f,0x9a, - 0x4c,0x8b,0xc5,0x31,0xf4,0x14,0x93,0xcb,0xf0,0xd8,0xd7,0x77,0x38,0x58,0x98,0xf1, - 0x99,0x51,0x1b,0xe2,0x1b,0x5f,0xd3,0xcb,0x0c,0x1d,0x36,0x6d,0x4b,0xe3,0x6f,0xa8, - 0xff,0x0f,0xc5,0x97,0x49,0xb2,0xce,0xf9,0xce,0x94,0x17,0xb0,0xe5,0x66,0x7e,0x6b, - 0x52,0x8c,0xeb,0x1d,0x22,0x08,0x58,0x1b,0x83,0xb7,0x61,0x1c,0x97,0x04,0x92,0x52, - 0xca,0x9d,0x35,0x71,0xf4,0x88,0x95,0x96,0xc8,0xee,0xb0,0xfe,0xba,0xb0,0xc3,0x09, - 0x75,0x81,0x14,0xe1,0x22,0xa1,0x2a,0xc1,0x3a,0xa6,0xdb,0xe0,0xe9,0x34,0x07,0x5a + 0x64,0x1d,0x5b,0xb2,0xf1,0x71,0x2e,0xca,0xd4,0x88,0x02,0x0a,0xc5,0x5d,0x48,0x54, + 0xe9,0x14,0x33,0x46,0x4a,0xcf,0x2b,0xff,0x95,0xd0,0x6e,0xdf,0xf5,0xae,0xd4,0x63, + 0xa8,0x48,0x97,0x92,0x2c,0xaf,0xd0,0x7d,0xaf,0x90,0x7d,0x81,0xbb,0x3a,0xb5,0xe4, + 0xc4,0xf7,0xb5,0x1a,0xb7,0xdc,0xdc,0x43,0xf6,0x4d,0xb7,0x63,0x50,0x87,0x98,0x5c, + 0x97,0xb6,0x48,0x1c,0x05,0x52,0x9c,0xb6,0xc0,0x03,0xfa,0x57,0x58,0x64,0x5e,0xdd, + 0xe5,0x1f,0xc9,0x54,0xf0,0x82,0x2d,0xd8,0x02,0xdf,0x7a,0xcc,0xa1,0x47,0xf7,0x56, + 0x80,0xc8,0xf2,0x10,0xac,0xb2,0xf0,0x72,0x19,0xf1,0x55,0x46,0x54,0x66,0x99,0x24, + 0x99,0x5e,0x79,0x72,0x70,0x0d,0x31,0x1d,0x34,0x8e,0xbb,0x0b,0xb0,0xa3,0x30,0x77, + 0x71,0x63,0xdc,0xfb,0x15,0x27,0x41,0xdf,0x6b,0xef,0x1f,0xfa,0xd3,0x15,0xdc,0x2a, + 0x64,0x84,0x03,0x7c,0xb3,0x39,0x49,0x98,0xbc,0x18,0xff,0xfa,0xa4,0xfb,0x4a,0xe7, + 0xe1,0x88,0xe3,0x9e,0x3d,0xe1,0x2e,0x45,0x8d,0x49,0x22,0xf9,0xf2,0x67,0xd9,0xfd, + 0x72,0x3d,0x56,0xa3,0x13,0xd0,0xf4,0x02,0x95,0xf2,0x6a,0xa8,0x04,0xd2,0x96,0xa6, + 0x12,0xf6,0x18,0xbd,0x46,0xa6,0x74,0xa9,0xa4,0x08,0x74,0xc7,0xce,0x65,0x4a,0x1e, + 0xba,0xd6,0xeb,0xd2,0x36,0x59,0x52,0xfd,0x84,0x80,0xe7,0x98,0x4f,0x31,0xe7,0xcf, + 0xc8,0x5e,0xb6,0x61,0x66,0x01,0x8a,0xdc,0xda,0x6e,0xca,0x31,0x70,0x4a,0x30,0xcf, + 0x89,0x95,0xda,0xee,0xdc,0x96,0x37,0x97,0x5d,0x10,0x5a,0xdd,0xdc,0xe4,0x91,0xc6, + 0x59,0xa6,0xb0,0xe3,0x98,0xe6,0x6a,0xbf,0x91,0x37,0xc7,0xf0,0xef,0x35,0x1a,0x41, + 0xda,0x3c,0x49,0x10,0x9a,0xf6,0x5b,0x29,0x69,0x28,0x88,0xe2,0xf3,0x00,0xb6,0xd9, + 0x36,0xe0,0x32,0xe2,0x16,0xa6,0xe9,0x55,0x60,0x17,0xe2,0x29,0x6d,0x2e,0x3f,0xb7, + 0x94,0xd5,0x67,0xc9,0x07,0xca,0x28,0xa0,0xec,0x3d,0x73,0x07,0x59,0x1f,0x96,0x60, + 0x0a,0xab,0x9e,0x57,0x37,0xbd,0x35,0x4a,0x76,0x73,0xdf,0xf5,0xeb,0xf6,0xe7,0x7c, + 0x5f,0x5f,0xeb,0x18,0x87,0xfc,0xc1,0x17,0xe4,0xe3,0x3d,0x07,0xaf,0x84,0x1e,0x67, + 0xe0,0xc4,0x1a,0x38,0x9b,0x29,0xd9,0x25,0xdd,0x09,0x86,0xaa,0x24,0xa2,0x33,0x0c, + 0x59,0xdc,0x1c,0x33,0x69,0xdc,0xbd,0x4d,0xa0,0xe0,0x3b,0xc5,0x74,0xc7,0x6b,0x3d }; const size_t KEY_SEED_ENCRYPT_OAEP_LEN = sizeof (KEY_SEED_ENCRYPT_OAEP); +/** + * The random seed encrypted with the RSA3k public key using OAEP SHA256 padding. + */ +const uint8_t KEY_SEED_ENCRYPT_OAEP_SHA256[] = { + 0x6b,0x63,0x55,0x15,0xab,0x59,0xf4,0xd1,0x33,0x78,0x37,0x2d,0xe8,0x52,0x80,0xbc, + 0x5a,0x45,0x1d,0x70,0xff,0x9f,0x3e,0x1c,0x47,0x3e,0xa6,0xaf,0x38,0x66,0xae,0x58, + 0xd9,0x58,0x68,0x1e,0x02,0x72,0x36,0xef,0x2d,0xad,0x3d,0x3a,0xb4,0xe6,0x6a,0xfc, + 0xa3,0x3d,0x73,0x7a,0x4f,0x22,0x07,0x46,0xe1,0xb3,0x15,0xfe,0xe3,0x27,0x44,0x41, + 0x7d,0xd2,0x62,0xd6,0x09,0xf3,0xc3,0x1f,0xe5,0x63,0x12,0x1f,0xb6,0xf2,0x47,0xac, + 0xfa,0xb0,0x1d,0x3c,0x0e,0x78,0x8e,0xee,0xb8,0xd7,0x90,0xe9,0x4d,0xf2,0x1d,0x4e, + 0xec,0x8b,0xe9,0x17,0x26,0x26,0xe6,0x13,0xbf,0x7b,0x0b,0x6a,0x59,0xe0,0x2b,0x88, + 0x8f,0x94,0x1e,0xda,0x64,0x71,0xc7,0x7b,0xda,0xed,0xb9,0xe3,0x72,0xbc,0xc7,0x41, + 0xa1,0x81,0x76,0x64,0xaf,0x7f,0xe0,0xea,0x37,0x91,0x4a,0xcc,0x38,0x24,0xca,0xd6, + 0xad,0x91,0x25,0xf2,0xa8,0x07,0xe5,0xee,0x7f,0xd3,0x06,0x76,0x2b,0x85,0xc3,0x1e, + 0x6e,0xe1,0x1b,0xe6,0xae,0xb4,0xed,0x8d,0x0d,0xc0,0x49,0xbd,0x88,0xd6,0xd8,0xe5, + 0x60,0x05,0x7f,0x1c,0x1e,0xa4,0xb2,0x77,0xf1,0x7c,0x6d,0x8b,0xa1,0xaf,0x08,0x2e, + 0x23,0x58,0x6e,0x13,0xb4,0x63,0x1c,0xaf,0x7f,0xf4,0x51,0x97,0x8c,0xae,0xe4,0x88, + 0x3a,0xfb,0x33,0xbe,0x17,0x94,0x5f,0x97,0xbc,0x59,0x4a,0x5f,0xe0,0xcc,0xa4,0xd9, + 0xbc,0x64,0xaa,0x93,0x82,0x91,0x4e,0xe0,0x58,0x30,0x33,0x45,0xab,0xca,0x03,0xcc, + 0x2f,0x1a,0xd4,0x0d,0x29,0xa7,0x72,0x6a,0xc0,0xe9,0x6e,0x7d,0x27,0xb4,0x8d,0xbe, + 0x90,0x12,0x7e,0x79,0xad,0xb9,0x02,0xc6,0x8f,0xdc,0xe0,0x6d,0x83,0x3c,0xf3,0x0c, + 0x85,0x3a,0xc2,0x22,0x5b,0x66,0xb6,0xf1,0x73,0x1c,0xe8,0xf0,0xb2,0x70,0x83,0x4b, + 0xa8,0x63,0x1f,0x93,0xbe,0xce,0xb2,0xad,0x14,0x8f,0xea,0x9b,0x95,0xb5,0xea,0xbe, + 0xc8,0x0f,0xaa,0xf8,0xc5,0x53,0x06,0x33,0xeb,0x72,0x3a,0x0c,0x95,0x1e,0x24,0x14, + 0xf8,0xbe,0x06,0xed,0x93,0xfb,0xb4,0xfa,0x77,0x13,0xde,0xc7,0x3d,0xfa,0xb5,0x7a, + 0x22,0x16,0xa4,0x43,0xb5,0x35,0x51,0x72,0x66,0x2d,0x1f,0xee,0x37,0xc1,0x56,0x3f, + 0x0d,0xfd,0x48,0x89,0xad,0x8a,0xfb,0x80,0xdd,0xb0,0x72,0x5d,0xc5,0x59,0x9c,0xf3, + 0x7b,0x12,0x29,0xb7,0x51,0x76,0xe0,0xda,0x5e,0x01,0x26,0xc1,0x2b,0x11,0xb6,0xcd +}; + +const size_t KEY_SEED_ENCRYPT_OAEP_SHA256_LEN = sizeof (KEY_SEED_ENCRYPT_OAEP_SHA256); + /** * The value of i in the NIST SP800-108 KDF algorithm. */ @@ -93,8 +137,8 @@ const size_t NIST_KEY_DERIVE_L_LEN = sizeof (NIST_KEY_DERIVE_L); * The encryption key derived from the seed. (Label=encryption key, Context=empty). */ const uint8_t ENCRYPTION_KEY[] = { - 0x4d,0xb6,0x71,0x95,0x44,0xa8,0x43,0x26,0x6f,0x0e,0xeb,0x3b,0xff,0xc7,0xfd,0xe3, - 0x08,0xe3,0x7f,0x80,0xb7,0xf0,0x0e,0x40,0x46,0xa0,0x3e,0x71,0x3b,0xc1,0x8d,0x95 + 0xa7,0x57,0x34,0xc6,0x14,0x9c,0x25,0x05,0x29,0xff,0x8e,0x6e,0xd8,0x27,0x74,0x5c, + 0x58,0xf7,0x97,0xdf,0xce,0xca,0xca,0xb2,0x68,0xa2,0x00,0x98,0xb9,0x5d,0x3e,0x83 }; const size_t ENCRYPTION_KEY_LEN = sizeof (ENCRYPTION_KEY); @@ -103,8 +147,8 @@ const size_t ENCRYPTION_KEY_LEN = sizeof (ENCRYPTION_KEY); * The signing key derived from the seed. (Label=signing key, Context=empty). */ const uint8_t SIGNING_KEY[] = { - 0x84,0x89,0xf7,0x68,0x6e,0xa3,0xcc,0xb3,0x9c,0xef,0x4c,0x21,0x8b,0x84,0xfa,0xdd, - 0x48,0x85,0xc4,0x66,0x8b,0xda,0xe9,0x6f,0xcb,0xbe,0xa5,0x7b,0x14,0x40,0xcc,0x24 + 0xd4,0xd3,0x21,0x9f,0x70,0x61,0x4e,0x24,0x59,0x5f,0xb3,0xb0,0x34,0xae,0xe3,0x52, + 0xc2,0xe9,0xcf,0x2f,0xe0,0x99,0xf6,0x98,0x75,0xbd,0xb0,0x1c,0x65,0x66,0x20,0xc3 }; const size_t SIGNING_KEY_LEN = sizeof (SIGNING_KEY); @@ -121,11 +165,13 @@ const size_t CIPHER_TEXT_LEN = sizeof (CIPHER_TEXT); /** * 64-byte Sealing policy value. */ -const uint8_t SEALING_POLICY[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0xf7,0x0e,0x27,0xc8,0xf0,0x0d,0x40,0x34,0xad,0xab,0x82,0x40,0x17,0x3e,0xd7,0x74, - 0xe4,0x4a,0xcb,0xd7,0x4d,0x0b,0x24,0xad,0x3d,0x4b,0x75,0x29,0x11,0x57,0x98,0x1e +const uint8_t SEALING_POLICY[][64] = { + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xf7,0x0e,0x27,0xc8,0xf0,0x0d,0x40,0x34,0xad,0xab,0x82,0x40,0x17,0x3e,0xd7,0x74, + 0xe4,0x4a,0xcb,0xd7,0x4d,0x0b,0x24,0xad,0x3d,0x4b,0x75,0x29,0x11,0x57,0x98,0x1e + } }; const size_t SEALING_POLICY_LEN = sizeof (SEALING_POLICY); @@ -134,20 +180,142 @@ const size_t SEALING_POLICY_LEN = sizeof (SEALING_POLICY); * HMAC (SIGNING_KEY, CIPHER_TEXT || SEALING_POLICY). */ const uint8_t PAYLOAD_HMAC[] = { - 0x42,0xce,0xa2,0xdf,0x4c,0xf0,0x7a,0x66,0xf1,0x46,0x82,0xef,0xd9,0x75,0x0b,0xb8, - 0x35,0x00,0x8c,0x4f,0xae,0x36,0x53,0xe4,0x89,0x4d,0xaa,0xc8,0x2a,0xa0,0x16,0x72 + 0x03,0x89,0x2b,0x36,0x42,0xf1,0x42,0x55,0xff,0x0d,0x25,0xfe,0x96,0xae,0x99,0x59, + 0xa0,0x37,0xb5,0xc8,0x3a,0xa4,0xcd,0x8e,0x8f,0xad,0x4f,0x6d,0xb3,0xe6,0x34,0xc8 }; const size_t PAYLOAD_HMAC_LEN = sizeof (PAYLOAD_HMAC); +/** + * Sealing policy value using multiple PCRs + */ +const uint8_t SEALING_POLICY_MULTIPLE[][64] = { + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xf7,0x0e,0x27,0xc8,0xf0,0x0d,0x40,0x34,0xad,0xab,0x82,0x40,0x17,0x3e,0xd7,0x74, + 0xe4,0x4a,0xcb,0xd7,0x4d,0x0b,0x24,0xad,0x3d,0x4b,0x75,0x29,0x11,0x57,0x98,0x1e + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x88,0x69,0xde,0x57,0x9d,0xd0,0xe9,0x05,0xe0,0xa7,0x11,0x24,0x57,0x55,0x94,0xf5, + 0x0a,0x03,0xd3,0xd9,0xcd,0xf1,0x6e,0x9a,0x3f,0x9d,0x6c,0x60,0xc0,0x32,0x4b,0x54 + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xf1,0x3b,0x43,0x16,0x2c,0xe4,0x05,0x75,0x73,0xc5,0x54,0x10,0xad,0xd5,0xc5,0xc6, + 0x0e,0x9a,0x37,0xff,0x3e,0xa0,0x02,0x34,0xd6,0x41,0x80,0xfa,0x1a,0x0e,0x0a,0x04 + } +}; + +const size_t SEALING_POLICY_MULTIPLE_LEN = sizeof (SEALING_POLICY_MULTIPLE); + +/** + * HMAC (SIGNING_KEY, CIPHER_TEXT || SEALING_POLICY_MULTIPLE). + */ +const uint8_t PAYLOAD_MULTIPLE_HMAC[] = { + 0xed,0xa9,0x26,0x4e,0x46,0xc6,0x23,0x32,0xc1,0x29,0xe9,0x45,0x6c,0x31,0xfc,0xa1, + 0x7f,0x5c,0x4f,0xff,0x54,0x91,0x28,0x78,0x03,0x35,0x22,0x10,0xf1,0xb3,0x58,0x41 +}; + +const size_t PAYLOAD_MULTIPLE_HMAC_LEN = sizeof (PAYLOAD_MULTIPLE_HMAC); + +/** + * Sealing policy value skipping a PCR + */ +const uint8_t SEALING_POLICY_SKIP[][64] = { + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xf7,0x0e,0x27,0xc8,0xf0,0x0d,0x40,0x34,0xad,0xab,0x82,0x40,0x17,0x3e,0xd7,0x74, + 0xe4,0x4a,0xcb,0xd7,0x4d,0x0b,0x24,0xad,0x3d,0x4b,0x75,0x29,0x11,0x57,0x98,0x1e + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xf1,0x3b,0x43,0x16,0x2c,0xe4,0x05,0x75,0x73,0xc5,0x54,0x10,0xad,0xd5,0xc5,0xc6, + 0x0e,0x9a,0x37,0xff,0x3e,0xa0,0x02,0x34,0xd6,0x41,0x80,0xfa,0x1a,0x0e,0x0a,0x04 + } +}; + +const size_t SEALING_POLICY_SKIP_LEN = sizeof (SEALING_POLICY_SKIP); + +/** + * HMAC (SIGNING_KEY, CIPHER_TEXT || SEALING_POLICY_SKIP). + */ +const uint8_t PAYLOAD_SKIP_HMAC[] = { + 0x15,0x30,0xf3,0x03,0x03,0x66,0x88,0xd2,0x28,0x1d,0x6e,0x59,0xcc,0x76,0xa9,0x79, + 0x52,0xe1,0x29,0x39,0x9c,0x89,0xa3,0xb4,0x98,0x7f,0xcc,0xb0,0xda,0xc0,0x57,0xf5 +}; + +const size_t PAYLOAD_SKIP_HMAC_LEN = sizeof (PAYLOAD_SKIP_HMAC); + +/** + * Sealing policy value using multiple PCRs with some unused + */ +const uint8_t SEALING_POLICY_MULTIPLE_UNUSED[][64] = { + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xf7,0x0e,0x27,0xc8,0xf0,0x0d,0x40,0x34,0xad,0xab,0x82,0x40,0x17,0x3e,0xd7,0x74, + 0xe4,0x4a,0xcb,0xd7,0x4d,0x0b,0x24,0xad,0x3d,0x4b,0x75,0x29,0x11,0x57,0x98,0x1e + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x88,0x69,0xde,0x57,0x9d,0xd0,0xe9,0x05,0xe0,0xa7,0x11,0x24,0x57,0x55,0x94,0xf5, + 0x0a,0x03,0xd3,0xd9,0xcd,0xf1,0x6e,0x9a,0x3f,0x9d,0x6c,0x60,0xc0,0x32,0x4b,0x54 + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0xf1,0x3b,0x43,0x16,0x2c,0xe4,0x05,0x75,0x73,0xc5,0x54,0x10,0xad,0xd5,0xc5,0xc6, + 0x0e,0x9a,0x37,0xff,0x3e,0xa0,0x02,0x34,0xd6,0x41,0x80,0xfa,0x1a,0x0e,0x0a,0x04 + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + } +}; + +const size_t SEALING_POLICY_MULTIPLE_UNUSED_LEN = sizeof (SEALING_POLICY_MULTIPLE_UNUSED); + +/** + * HMAC (SIGNING_KEY, CIPHER_TEXT || SEALING_POLICY_MULTIPLE_UNUSED). + */ +const uint8_t PAYLOAD_MULTIPLE_UNUSED_HMAC[] = { + 0x42,0x78,0x2d,0x8f,0x13,0xdb,0x9e,0xd6,0x9f,0x24,0x23,0x0f,0x43,0x93,0xc3,0xf0, + 0xb3,0x23,0x3f,0x59,0x34,0x3c,0xf6,0x1b,0x26,0xf7,0xde,0xb8,0x91,0x3f,0x30,0xbb +}; + +const size_t PAYLOAD_MULTIPLE_UNUSED_HMAC_LEN = sizeof (PAYLOAD_MULTIPLE_UNUSED_HMAC); + /** * Sealing policy that bypasses PCR checks. */ -static const uint8_t SEALING_POLICY_BYPASS[] = { - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, - 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 +static const uint8_t SEALING_POLICY_BYPASS[][64] = { + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 + } }; static const size_t SEALING_POLICY_BYPASS_LEN = sizeof (SEALING_POLICY_BYPASS); @@ -156,12 +324,48 @@ static const size_t SEALING_POLICY_BYPASS_LEN = sizeof (SEALING_POLICY_BYPASS); * HMAC (SIGNING_KEY, CIPHER_TEXT || SEALING_POLICY_BYPASS). */ static const uint8_t PAYLOAD_BYPASS_HMAC[] = { - 0x5a,0xfa,0xb0,0x2c,0xe2,0x3f,0x24,0x8d,0x50,0x44,0x77,0xde,0x82,0x40,0x1a,0xe4, - 0x8a,0x45,0x81,0xee,0xe5,0x15,0x82,0x82,0x68,0x51,0x37,0xb4,0x0b,0x87,0x5f,0xb8 + 0x48,0x4f,0x0b,0x87,0xf2,0xe0,0xd1,0xf8,0x2e,0x04,0x23,0x5a,0x1b,0xbd,0x54,0x55, + 0xee,0x76,0xa7,0x43,0x1d,0xa6,0xdd,0x45,0x84,0x96,0x32,0xd4,0x49,0x6e,0xeb,0xbb }; static const size_t PAYLOAD_BYPASS_HMAC_LEN = sizeof (PAYLOAD_BYPASS_HMAC); +/** + * Sealing policy that bypasses multiple PCR checks. + */ +static const uint8_t SEALING_POLICY_BYPASS_MULTIPLE[][64] = { + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 + }, + { + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, + 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 + } +}; + +static const size_t SEALING_POLICY_BYPASS_MULTIPLE_LEN = sizeof (SEALING_POLICY_BYPASS_MULTIPLE); + +/** + * HMAC (SIGNING_KEY, CIPHER_TEXT || SEALING_POLICY_BYPASS_MULTIPLE). + */ +static const uint8_t PAYLOAD_BYPASS_MULTIPLE_HMAC[] = { + 0xea,0x3b,0x7a,0x94,0x19,0xde,0x11,0x06,0x53,0x1d,0xab,0x7f,0x76,0x65,0x11,0xff, + 0x42,0x88,0x3e,0x9b,0xd9,0x10,0x22,0x96,0x07,0x8e,0xd7,0x1a,0xbc,0x69,0x30,0xa3 +}; + +static const size_t PAYLOAD_BYPASS_MULTIPLE_HMAC_LEN = sizeof (PAYLOAD_BYPASS_MULTIPLE_HMAC); + /** * The local PCR0 value. */ @@ -172,6 +376,194 @@ const uint8_t PCR0_VALUE[] = { const size_t PCR0_VALUE_LEN = sizeof (PCR0_VALUE); +/** + * The local PCR1 value. + */ +const uint8_t PCR1_VALUE[] = { + 0x88,0x69,0xde,0x57,0x9d,0xd0,0xe9,0x05,0xe0,0xa7,0x11,0x24,0x57,0x55,0x94,0xf5, + 0x0a,0x03,0xd3,0xd9,0xcd,0xf1,0x6e,0x9a,0x3f,0x9d,0x6c,0x60,0xc0,0x32,0x4b,0x54 +}; + +const size_t PCR1_VALUE_LEN = sizeof (PCR1_VALUE); + +/** + * The local PCR2 value. + */ +const uint8_t PCR2_VALUE[] = { + 0xf1,0x3b,0x43,0x16,0x2c,0xe4,0x05,0x75,0x73,0xc5,0x54,0x10,0xad,0xd5,0xc5,0xc6, + 0x0e,0x9a,0x37,0xff,0x3e,0xa0,0x02,0x34,0xd6,0x41,0x80,0xfa,0x1a,0x0e,0x0a,0x04 +}; + +const size_t PCR2_VALUE_LEN = sizeof (PCR2_VALUE); + +/** + * RIoT keys for testing. + */ +static struct riot_keys keys = { + .devid_cert = RIOT_CORE_DEVID_CERT, + .devid_cert_length = 0, + .devid_csr = RIOT_CORE_DEVID_CSR, + .devid_csr_length = 0, + .alias_key = RIOT_CORE_ALIAS_KEY, + .alias_key_length = 0, + .alias_cert = RIOT_CORE_ALIAS_CERT, + .alias_cert_length = 0 +}; + +/** + * Dependencies for testing auxiliary attestation flows. + */ +struct aux_attestation_testing { + struct rsa_engine_mock rsa; /**< Mock for RSA operations. */ + struct ecc_engine_mock ecc; /**< Mock for ECC operations. */ + struct x509_engine_mock x509; /**< Mock for X.509 operations. */ + struct rng_engine_mock rng; /**< Mock for RNG operations. */ + struct hash_engine_mock hash; /**< Mock for hash operations. */ + struct keystore_mock keystore; /**< Mock for the attestation keystore. */ + struct riot_key_manager riot; /**< Key manager for RIoT keys. */ + struct aux_attestation test; /**< Attestation instance being tested. */ +}; + +/** + * Initialize the key manager for RIoT keys. + * + * @param test The testing framework. + * @param aux Testing dependencies containing the RIoT keys to initialize. + */ +static void aux_attestation_testing_init_riot_keys (CuTest *test, + struct aux_attestation_testing *aux) +{ + uint8_t *dev_id_der = NULL; + int status; + + status = x509_mock_init (&aux->x509); + CuAssertIntEquals (test, 0, status); + + status = keystore_mock_init (&aux->keystore); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux->keystore.mock, aux->keystore.base.load_key, &aux->keystore, + KEYSTORE_NO_KEY, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output_tmp (&aux->keystore.mock, 1, &dev_id_der, sizeof (dev_id_der), -1); + CuAssertIntEquals (test, 0, status); + + status = riot_key_manager_init_static (&aux->riot, &aux->keystore.base, &keys, &aux->x509.base); + CuAssertIntEquals (test, 0, status); + + status = mock_validate (&aux->keystore.mock); + CuAssertIntEquals (test, 0, status); +} + +/** + * Release the key manager for RIoT keys used for testing. + * + * @param test The testing framework. + * @param aux Testing dependencies containing the RIoT keys to release. + */ +static void aux_attestation_testing_release_riot_keys (CuTest *test, + struct aux_attestation_testing *aux) +{ + int status; + + status = keystore_mock_validate_and_release (&aux->keystore); + CuAssertIntEquals (test, 0, status); + + status = x509_mock_validate_and_release (&aux->x509); + CuAssertIntEquals (test, 0, status); + + riot_key_manager_release (&aux->riot); +} + +/** + * Initialize all dependencies for attestation testing. + * + * @param test The testing framework. + * @param aux Dependecies to initialize. + */ +static void aux_attestation_testing_init_dependencies (CuTest *test, + struct aux_attestation_testing *aux) +{ + int status; + + keys.devid_cert_length = RIOT_CORE_DEVID_CERT_LEN; + keys.devid_csr_length = RIOT_CORE_DEVID_CSR_LEN; + keys.alias_key_length = RIOT_CORE_ALIAS_KEY_LEN; + keys.alias_cert_length = RIOT_CORE_ALIAS_CERT_LEN; + + aux_attestation_testing_init_riot_keys (test, aux); + + status = rsa_mock_init (&aux->rsa); + CuAssertIntEquals (test, 0, status); + + status = ecc_mock_init (&aux->ecc); + CuAssertIntEquals (test, 0, status); + + status = rng_mock_init (&aux->rng); + CuAssertIntEquals (test, 0, status); + + status = hash_mock_init (&aux->hash); + CuAssertIntEquals (test, 0, status); +} + +/** + * Release all testing dependencies and validate mocks. + * + * @param test The testing framework. + * @param aux Dependencies to release. + * + */ +static void aux_attestation_testing_validate_and_release_dependencies (CuTest *test, + struct aux_attestation_testing *aux) +{ + int status; + + status = rsa_mock_validate_and_release (&aux->rsa); + CuAssertIntEquals (test, 0, status); + + status = ecc_mock_validate_and_release (&aux->ecc); + CuAssertIntEquals (test, 0, status); + + status = rng_mock_validate_and_release (&aux->rng); + CuAssertIntEquals (test, 0, status); + + status = hash_mock_validate_and_release (&aux->hash); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_release_riot_keys (test, aux); +} + +/** + * Initiaize the auxiliary attestation instance for testing. + * + * @param test The testing framework. + * @param aux Components to initialize. + * + */ +static void aux_attestation_testing_init (CuTest *test, struct aux_attestation_testing *aux) +{ + int status; + + aux_attestation_testing_init_dependencies (test, aux); + + status = aux_attestation_init (&aux->test, &aux->keystore.base, &aux->rsa.base, &aux->riot, + &aux->ecc.base); + CuAssertIntEquals (test, 0, status); +} + +/** + * Release the auxiliary attesation instance and all dependencies. Mocks will be validated. + * + * @param test The testing framework. + * @param aux Components to release. + * + */ +static void aux_attestation_testing_validate_and_release (CuTest *test, + struct aux_attestation_testing *aux) +{ + aux_attestation_release (&aux->test); + aux_attestation_testing_validate_and_release_dependencies (test, aux); +} + /******************* * Test cases @@ -179,62 +571,48 @@ const size_t PCR0_VALUE_LEN = sizeof (PCR0_VALUE); static void aux_attestation_test_init (CuTest *test) { - RSA_TESTING_ENGINE rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; TEST_START; - status = RSA_TESTING_ENGINE_INIT (&rsa); + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &aux.rsa.base, &aux.riot, + &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_validate_and_release_dependencies (test, &aux); - aux_attestation_release (&aux); - - RSA_TESTING_ENGINE_RELEASE (&rsa); + aux_attestation_release (&aux.test); } static void aux_attestation_test_init_null (CuTest *test) { - RSA_TESTING_ENGINE rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; TEST_START; - status = RSA_TESTING_ENGINE_INIT (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init_dependencies (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (NULL, &keystore.base, &rsa.base); + status = aux_attestation_init (NULL, &aux.keystore.base, &aux.rsa.base, &aux.riot, + &aux.ecc.base); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_init (&aux, NULL, &rsa.base); + status = aux_attestation_init (&aux.test, NULL, &aux.rsa.base, &aux.riot, + &aux.ecc.base); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_init (&aux, &keystore.base, NULL); + status = aux_attestation_init (&aux.test, &aux.keystore.base, &aux.rsa.base, NULL, + &aux.ecc.base); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - RSA_TESTING_ENGINE_RELEASE (&rsa); + aux_attestation_testing_validate_and_release_dependencies (test, &aux); } static void aux_attestation_test_release_null (CuTest *test) @@ -246,226 +624,169 @@ static void aux_attestation_test_release_null (CuTest *test) static void aux_attestation_test_generate_key (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; uint8_t *key_der = NULL; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status |= mock_expect (&rsa.mock, rsa.base.generate_key, &rsa, 0, MOCK_ARG_NOT_NULL, + status = mock_expect (&aux.rsa.mock, aux.rsa.base.generate_key, &aux.rsa, 0, MOCK_ARG_NOT_NULL, MOCK_ARG (3072)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.get_private_key_der, &rsa, 0, MOCK_ARG_SAVED_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rsa.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&rsa.mock, 2, &RSA_PRIVKEY_DER_LEN, sizeof (RSA_PRIVKEY_DER_LEN), - -1); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.get_private_key_der, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rsa.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.rsa.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status |= mock_expect (&keystore.mock, keystore.base.save_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); + status |= mock_expect (&aux.keystore.mock, aux.keystore.base.save_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_generate_key (&aux); + status = aux_attestation_generate_key (&aux.test); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_generate_key_null (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); status = aux_attestation_generate_key (NULL); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = keystore_mock_validate_and_release (&keystore); + aux_attestation_testing_validate_and_release (test, &aux); +} + +static void aux_attestation_test_generate_key_generation_no_rsa_support (CuTest *test) +{ + struct aux_attestation_testing aux; + int status; + + TEST_START; + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_generate_key (&aux.test); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_generate_key_generation_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status |= mock_expect (&rsa.mock, rsa.base.generate_key, &rsa, RSA_ENGINE_GENERATE_KEY_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG (3072)); + status = mock_expect (&aux.rsa.mock, aux.rsa.base.generate_key, &aux.rsa, + RSA_ENGINE_GENERATE_KEY_FAILED, MOCK_ARG_NOT_NULL, MOCK_ARG (3072)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_generate_key (&aux); + status = aux_attestation_generate_key (&aux.test); CuAssertIntEquals (test, RSA_ENGINE_GENERATE_KEY_FAILED, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_generate_key_der_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status |= mock_expect (&rsa.mock, rsa.base.generate_key, &rsa, 0, MOCK_ARG_NOT_NULL, + status = mock_expect (&aux.rsa.mock, aux.rsa.base.generate_key, &aux.rsa, 0, MOCK_ARG_NOT_NULL, MOCK_ARG (3072)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.get_private_key_der, &rsa, + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.get_private_key_der, &aux.rsa, RSA_ENGINE_PRIVATE_KEY_DER_FAILED, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_generate_key (&aux); + status = aux_attestation_generate_key (&aux.test); CuAssertIntEquals (test, RSA_ENGINE_PRIVATE_KEY_DER_FAILED, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_generate_key_save_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; uint8_t *key_der = NULL; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status |= mock_expect (&rsa.mock, rsa.base.generate_key, &rsa, 0, MOCK_ARG_NOT_NULL, + status = mock_expect (&aux.rsa.mock, aux.rsa.base.generate_key, &aux.rsa, 0, MOCK_ARG_NOT_NULL, MOCK_ARG (3072)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.get_private_key_der, &rsa, 0, MOCK_ARG_SAVED_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rsa.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&rsa.mock, 2, &RSA_PRIVKEY_DER_LEN, sizeof (RSA_PRIVKEY_DER_LEN), - -1); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.get_private_key_der, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rsa.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.rsa.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status |= mock_expect (&keystore.mock, keystore.base.save_key, &keystore, KEYSTORE_SAVE_FAILED, - MOCK_ARG (0), MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); + status |= mock_expect (&aux.keystore.mock, aux.keystore.base.save_key, &aux.keystore, + KEYSTORE_SAVE_FAILED, MOCK_ARG (0), + MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_generate_key (&aux); + status = aux_attestation_generate_key (&aux.test); CuAssertIntEquals (test, KEYSTORE_SAVE_FAILED, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -473,92 +794,68 @@ static void aux_attestation_test_create_certificate (CuTest *test) TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); cert_der = platform_malloc (X509_CERTCA_RSA_EE_DER_LEN); CuAssertPtrNotNull (test, cert_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect_save_arg (&x509.mock, 0, 1); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 1); - status |= mock_expect (&x509.mock, x509.base.get_certificate_der, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.get_certificate_der, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&x509.mock, 1, &cert_der, sizeof (cert_der), -1); - status |= mock_expect_output (&x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, + status |= mock_expect_output (&aux.x509.mock, 1, &cert_der, sizeof (cert_der), -1); + status |= mock_expect_output (&aux.x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, sizeof (X509_CERTCA_RSA_EE_DER_LEN), -1); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_authenticate (CuTest *test) @@ -566,8 +863,7 @@ static void aux_attestation_test_create_certificate_authenticate (CuTest *test) RSA_TESTING_ENGINE rsa; X509_TESTING_ENGINE x509; RNG_TESTING_ENGINE rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -591,26 +887,26 @@ static void aux_attestation_test_create_certificate_authenticate (CuTest *test) status = RNG_TESTING_ENGINE_INIT (&rng); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &rsa.base, &aux.riot, + &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, sizeof (RSA_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &x509.base, &rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); status = x509.base.load_certificate (&x509.base, &aux_cert, cert->cert, cert->length); @@ -637,10 +933,7 @@ static void aux_attestation_test_create_certificate_authenticate (CuTest *test) x509.base.release_certificate (&x509.base, &aux_cert); x509.base.release_ca_cert_store (&x509.base, &ca_certs); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); RSA_TESTING_ENGINE_RELEASE (&rsa); X509_TESTING_ENGINE_RELEASE (&x509); @@ -652,18 +945,17 @@ static void aux_attestation_test_create_certificate_twice (CuTest *test) RSA_TESTING_ENGINE rsa; X509_TESTING_ENGINE x509; RNG_TESTING_ENGINE rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); status = RSA_TESTING_ENGINE_INIT (&rsa); CuAssertIntEquals (test, 0, status); @@ -674,56 +966,53 @@ static void aux_attestation_test_create_certificate_twice (CuTest *test) status = RNG_TESTING_ENGINE_INIT (&rng); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &rsa.base, &aux.riot, + &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &x509.base, &rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); - status = mock_validate (&keystore.mock); + status = mock_validate (&aux.keystore.mock); CuAssertIntEquals (test, 0, status); - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &x509.base, &rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); RSA_TESTING_ENGINE_RELEASE (&rsa); X509_TESTING_ENGINE_RELEASE (&x509); @@ -732,11 +1021,7 @@ static void aux_attestation_test_create_certificate_twice (CuTest *test) static void aux_attestation_test_create_certificate_zero_serial_number (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -744,89 +1029,61 @@ static void aux_attestation_test_create_certificate_zero_serial_number (CuTest * TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, zero, sizeof (zero), 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, zero, sizeof (zero), 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, X509_ENGINE_CA_SIGNED_FAILED, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, X509_ENGINE_CA_SIGNED_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_zero_serial_number_twice (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -834,572 +1091,367 @@ static void aux_attestation_test_create_certificate_zero_serial_number_twice (Cu TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, zero, sizeof (zero), 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, zero, sizeof (zero), 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, zero, sizeof (zero), 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, zero, sizeof (zero), 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, X509_ENGINE_CA_SIGNED_FAILED, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, X509_ENGINE_CA_SIGNED_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_null (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_create_certificate (NULL, &x509.base, &rng.base, + status = aux_attestation_create_certificate (NULL, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_create_certificate (&aux, NULL, &rng.base, + status = aux_attestation_create_certificate (&aux.test, NULL, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_create_certificate (&aux, &x509.base, NULL, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, NULL, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, NULL, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, 0, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, NULL, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, 0); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); + aux_attestation_testing_validate_and_release (test, &aux); +} + +static void aux_attestation_test_create_certificate_no_rsa_support (CuTest *test) +{ + struct aux_attestation_testing aux; + int status; + const struct der_cert *cert; + + TEST_START; + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, + RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, + RIOT_CORE_DEVICE_ID_LEN); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); + cert = aux_attestation_get_certificate (&aux.test); + CuAssertPtrEquals (test, NULL, (void*) cert); - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_no_private_key (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *null = NULL; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_NO_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &null, sizeof (null), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, + KEYSTORE_NO_KEY, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &null, sizeof (null), -1); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, KEYSTORE_NO_KEY, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_bad_private_key (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *null = NULL; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_BAD_KEY, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &null, sizeof (null), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, + KEYSTORE_BAD_KEY, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &null, sizeof (null), -1); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, KEYSTORE_BAD_KEY, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_load_key_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der = NULL; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_LOAD_FAILED, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, + KEYSTORE_LOAD_FAILED, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, KEYSTORE_LOAD_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_load_ca_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, X509_ENGINE_LOAD_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, + X509_ENGINE_LOAD_FAILED, MOCK_ARG_NOT_NULL, + MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, X509_ENGINE_LOAD_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_serial_number_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, RNG_ENGINE_RANDOM_FAILED, MOCK_ARG (8), MOCK_ARG_NOT_NULL); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, RNG_ENGINE_RANDOM_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_create_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, X509_ENGINE_CA_SIGNED_FAILED, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, X509_ENGINE_CA_SIGNED_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_create_certificate_cert_der_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -1407,90 +1459,63 @@ static void aux_attestation_test_create_certificate_cert_der_error (CuTest *test TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect_save_arg (&x509.mock, 0, 1); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 1); - status |= mock_expect (&x509.mock, x509.base.get_certificate_der, &x509, + status |= mock_expect (&aux.x509.mock, aux.x509.base.get_certificate_der, &aux.x509, X509_ENGINE_CERT_DER_FAILED, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&x509.mock, 1, &cert_der, sizeof (cert_der), -1); + status |= mock_expect_output (&aux.x509.mock, 1, &cert_der, sizeof (cert_der), -1); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, X509_ENGINE_CERT_DER_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_set_certificate (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *cert_der; @@ -1502,22 +1527,12 @@ static void aux_attestation_test_set_certificate (CuTest *test) memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_certificate (&aux, cert_der, X509_CERTCA_RSA_EE_DER_LEN); - CuAssertIntEquals (test, 0, status); - - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertPtrEquals (test, cert_der, (void*) cert->cert); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); @@ -1525,25 +1540,12 @@ static void aux_attestation_test_set_certificate (CuTest *test) status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_set_certificate_before_create (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -1556,103 +1558,76 @@ static void aux_attestation_test_set_certificate_before_create (CuTest *test) memcpy (cert_der, X509_CERTCA_ECC_EE_DER, X509_CERTCA_ECC_EE_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_ECC_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_certificate (&aux, cert_der, X509_CERTCA_ECC_EE_DER_LEN); - CuAssertIntEquals (test, 0, status); - - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); cert_der = platform_malloc (X509_CERTCA_RSA_EE_DER_LEN); CuAssertPtrNotNull (test, cert_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect_save_arg (&x509.mock, 0, 1); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 1); - status |= mock_expect (&x509.mock, x509.base.get_certificate_der, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.get_certificate_der, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&x509.mock, 1, &cert_der, sizeof (cert_der), -1); - status |= mock_expect_output (&x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, + status |= mock_expect_output (&aux.x509.mock, 1, &cert_der, sizeof (cert_der), -1); + status |= mock_expect_output (&aux.x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, sizeof (X509_CERTCA_RSA_EE_DER_LEN), -1); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_set_certificate_null (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *cert_der; @@ -1664,50 +1639,58 @@ static void aux_attestation_test_set_certificate_null (CuTest *test) memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); status = aux_attestation_set_certificate (NULL, cert_der, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_set_certificate (&aux, NULL, X509_CERTCA_RSA_EE_DER_LEN); + status = aux_attestation_set_certificate (&aux.test, NULL, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_set_certificate (&aux, cert_der, 0); + status = aux_attestation_set_certificate (&aux.test, cert_der, 0); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); + aux_attestation_testing_validate_and_release (test, &aux); + + platform_free (cert_der); +} + +static void aux_attestation_test_set_certificate_no_rsa_support (CuTest *test) +{ + struct aux_attestation_testing aux; + int status; + const struct der_cert *cert; + uint8_t *cert_der; + + TEST_START; + + cert_der = platform_malloc (X509_CERTCA_RSA_EE_DER_LEN); + CuAssertPtrNotNull (test, cert_der); + + memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_RSA_EE_DER_LEN); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); + cert = aux_attestation_get_certificate (&aux.test); + CuAssertPtrEquals (test, NULL, (void*) cert); - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); platform_free (cert_der); } static void aux_attestation_test_set_certificate_twice (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *cert_der; @@ -1719,19 +1702,9 @@ static void aux_attestation_test_set_certificate_twice (CuTest *test) memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_certificate (&aux, cert_der, X509_CERTCA_RSA_EE_DER_LEN); + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); cert_der = platform_malloc (X509_CERTCA_ECC_EE_DER_LEN); @@ -1739,10 +1712,10 @@ static void aux_attestation_test_set_certificate_twice (CuTest *test) memcpy (cert_der, X509_CERTCA_ECC_EE_DER, X509_CERTCA_ECC_EE_DER_LEN); - status = aux_attestation_set_certificate (&aux, cert_der, X509_CERTCA_ECC_EE_DER_LEN); + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_ECC_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_HAS_CERTIFICATE, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertTrue (test, (cert_der != cert->cert)); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); @@ -1750,27 +1723,14 @@ static void aux_attestation_test_set_certificate_twice (CuTest *test) status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); platform_free (cert_der); } static void aux_attestation_test_set_certificate_after_create (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -1778,68 +1738,56 @@ static void aux_attestation_test_set_certificate_after_create (CuTest *test) TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); cert_der = platform_malloc (X509_CERTCA_RSA_EE_DER_LEN); CuAssertPtrNotNull (test, cert_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect_save_arg (&x509.mock, 0, 1); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 1); - status |= mock_expect (&x509.mock, x509.base.get_certificate_der, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.get_certificate_der, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&x509.mock, 1, &cert_der, sizeof (cert_der), -1); - status |= mock_expect_output (&x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, + status |= mock_expect_output (&aux.x509.mock, 1, &cert_der, sizeof (cert_der), -1); + status |= mock_expect_output (&aux.x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, sizeof (X509_CERTCA_RSA_EE_DER_LEN), -1); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); @@ -1849,10 +1797,10 @@ static void aux_attestation_test_set_certificate_after_create (CuTest *test) memcpy (cert_der, X509_CERTCA_ECC_EE_DER, X509_CERTCA_ECC_EE_DER_LEN); - status = aux_attestation_set_certificate (&aux, cert_der, X509_CERTCA_ECC_EE_DER_LEN); + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_ECC_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_HAS_CERTIFICATE, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertTrue (test, (cert_der != cert->cert)); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); @@ -1860,51 +1808,26 @@ static void aux_attestation_test_set_certificate_after_create (CuTest *test) status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); platform_free (cert_der); } static void aux_attestation_test_set_static_certificate (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_static_certificate (&aux, X509_CERTCA_RSA_EE_DER, + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertPtrEquals (test, (void*) X509_CERTCA_RSA_EE_DER, (void*) cert->cert); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); @@ -1912,25 +1835,12 @@ static void aux_attestation_test_set_static_certificate (CuTest *test) status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_set_static_certificate_before_create (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -1938,180 +1848,144 @@ static void aux_attestation_test_set_static_certificate_before_create (CuTest *t TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_static_certificate (&aux, X509_CERTCA_ECC_EE_DER, + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_ECC_EE_DER, X509_CERTCA_ECC_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); cert_der = platform_malloc (X509_CERTCA_RSA_EE_DER_LEN); CuAssertPtrNotNull (test, cert_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect_save_arg (&x509.mock, 0, 1); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 1); - status |= mock_expect (&x509.mock, x509.base.get_certificate_der, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.get_certificate_der, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&x509.mock, 1, &cert_der, sizeof (cert_der), -1); - status |= mock_expect_output (&x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, + status |= mock_expect_output (&aux.x509.mock, 1, &cert_der, sizeof (cert_der), -1); + status |= mock_expect_output (&aux.x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, sizeof (X509_CERTCA_RSA_EE_DER_LEN), -1); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_set_static_certificate_null (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); status = aux_attestation_set_static_certificate (NULL, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_set_static_certificate (&aux, NULL, + status = aux_attestation_set_static_certificate (&aux.test, NULL, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_set_static_certificate (&aux, X509_CERTCA_RSA_EE_DER, + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_RSA_EE_DER, 0); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } -static void aux_attestation_test_set_static_certificate_twice (CuTest *test) +static void aux_attestation_test_set_static_certificate_no_rsa_support (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; TEST_START; - status = rsa_mock_init (&rsa); + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_RSA_EE_DER, + X509_CERTCA_RSA_EE_DER_LEN); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); + cert = aux_attestation_get_certificate (&aux.test); + CuAssertPtrEquals (test, NULL, (void*) cert); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_validate_and_release (test, &aux); +} - status = aux_attestation_set_static_certificate (&aux, X509_CERTCA_RSA_EE_DER, +static void aux_attestation_test_set_static_certificate_twice (CuTest *test) +{ + struct aux_attestation_testing aux; + int status; + const struct der_cert *cert; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - status = aux_attestation_set_static_certificate (&aux, X509_CERTCA_ECC_EE_DER, + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_ECC_EE_DER, X509_CERTCA_ECC_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_HAS_CERTIFICATE, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertTrue (test, (X509_CERTCA_ECC_EE_DER != cert->cert)); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); @@ -2119,25 +1993,12 @@ static void aux_attestation_test_set_static_certificate_twice (CuTest *test) status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_set_static_certificate_after_create (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct rng_engine_mock rng; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *key_der; @@ -2145,77 +2006,65 @@ static void aux_attestation_test_set_static_certificate_after_create (CuTest *te TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); cert_der = platform_malloc (X509_CERTCA_RSA_EE_DER_LEN); CuAssertPtrNotNull (test, cert_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = rng_mock_init (&rng); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&x509.mock, x509.base.load_certificate, &x509, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.load_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN), MOCK_ARG (RIOT_CORE_DEVID_CERT_LEN)); - status |= mock_expect_save_arg (&x509.mock, 0, 0); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 0); - status |= mock_expect (&rng.mock, rng.base.generate_random_buffer, &rng, 0, MOCK_ARG (8), - MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, 0); + status |= mock_expect (&aux.rng.mock, aux.rng.base.generate_random_buffer, &aux.rng, 0, + MOCK_ARG (8), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.rng.mock, 1, X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN, + 0); - status |= mock_expect (&x509.mock, x509.base.create_ca_signed_certificate, &x509, 0, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN), + status |= mock_expect (&aux.x509.mock, aux.x509.base.create_ca_signed_certificate, &aux.x509, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN), MOCK_ARG_PTR_CONTAINS (X509_CA2_SERIAL_NUM, X509_CA2_SERIAL_NUM_LEN), MOCK_ARG (8), MOCK_ARG_PTR_CONTAINS ("AUX", 3), MOCK_ARG (X509_CERT_END_ENTITY), MOCK_ARG_PTR_CONTAINS (RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG (RIOT_CORE_DEVICE_ID_LEN), MOCK_ARG_SAVED_ARG (0), MOCK_ARG (NULL)); - status |= mock_expect_save_arg (&x509.mock, 0, 1); + status |= mock_expect_save_arg (&aux.x509.mock, 0, 1); - status |= mock_expect (&x509.mock, x509.base.get_certificate_der, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.get_certificate_der, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&x509.mock, 1, &cert_der, sizeof (cert_der), -1); - status |= mock_expect_output (&x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, + status |= mock_expect_output (&aux.x509.mock, 1, &cert_der, sizeof (cert_der), -1); + status |= mock_expect_output (&aux.x509.mock, 2, &X509_CERTCA_RSA_EE_DER_LEN, sizeof (X509_CERTCA_RSA_EE_DER_LEN), -1); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (1)); - status |= mock_expect (&x509.mock, x509.base.release_certificate, &x509, 0, + status |= mock_expect (&aux.x509.mock, aux.x509.base.release_certificate, &aux.x509, 0, MOCK_ARG_SAVED_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_create_certificate (&aux, &x509.base, &rng.base, + status = aux_attestation_create_certificate (&aux.test, &aux.x509.base, &aux.rng.base, RIOT_CORE_DEVID_CERT, RIOT_CORE_DEVID_CERT_LEN, RIOT_CORE_DEVICE_ID, RIOT_CORE_DEVICE_ID_LEN); CuAssertIntEquals (test, 0, status); - status = aux_attestation_set_static_certificate (&aux, X509_CERTCA_ECC_EE_DER, + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_ECC_EE_DER, X509_CERTCA_ECC_EE_DER_LEN); CuAssertIntEquals (test, AUX_ATTESTATION_HAS_CERTIFICATE, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrNotNull (test, cert); CuAssertTrue (test, (X509_CERTCA_ECC_EE_DER != cert->cert)); CuAssertIntEquals (test, X509_CERTCA_RSA_EE_DER_LEN, cert->length); @@ -2223,19 +2072,7 @@ static void aux_attestation_test_set_static_certificate_after_create (CuTest *te status = testing_validate_array (X509_CERTCA_RSA_EE_DER, cert->cert, cert->length); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - status = rng_mock_validate_and_release (&rng); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_get_certificate_null (CuTest *test) @@ -2249,129 +2086,329 @@ static void aux_attestation_test_get_certificate_null (CuTest *test) } -static void aux_attestation_test_unseal (CuTest *test) +static void aux_attestation_test_unseal_rsa_oaep_sha1 (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); /* Derive encryption key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, 0, status); - CuAssertPtrNotNull (test, attestation_key); - CuAssertIntEquals (test, ENCRYPTION_KEY_LEN, key_length); - - status = testing_validate_array (ENCRYPTION_KEY, attestation_key, key_length); CuAssertIntEquals (test, 0, status); - platform_free (attestation_key); - - status = keystore_mock_validate_and_release (&keystore); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); CuAssertIntEquals (test, 0, status); - status = hash_mock_validate_and_release (&hash); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_rsa_oaep_sha256 (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - aux_attestation_release (&aux); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP_SHA256, KEY_SEED_ENCRYPT_OAEP_SHA256_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_SHA256_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA256), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + + /* Derive encryption key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP_SHA256, KEY_SEED_ENCRYPT_OAEP_SHA256_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA256, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_rsa_pkcs15 (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_PKCS15, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_BAD_SEED_PADDING, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_ecdh (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + /* Derive seed */ + status = mock_expect (&aux.ecc.mock, aux.ecc.base.init_public_key, &aux.ecc, 0, + MOCK_ARG_PTR_CONTAINS (ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN), MOCK_ARG (ECC_PUBKEY_DER_LEN), + MOCK_ARG_NOT_NULL); + status |= mock_expect_save_arg (&aux.ecc.mock, 2, 0); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.init_key_pair, &aux.ecc, 0, + MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&aux.ecc.mock, 2, 1); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.compute_shared_secret, &aux.ecc, + KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_SAVED_ARG (0), MOCK_ARG_NOT_NULL, + MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.ecc.mock, 2, KEY_SEED, KEY_SEED_LEN, 3); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.release_key_pair, &aux.ecc, 0, + MOCK_ARG_SAVED_ARG (1), MOCK_ARG (NULL)); + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.release_key_pair, &aux.ecc, 0, + MOCK_ARG (NULL), MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + + /* Derive encryption key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, AUX_ATTESTATION_SEED_ECDH, + AUX_ATTESTATION_PADDING_UNSPECIFIED, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_pcr_mismatch (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; uint8_t bad_pcr[PCR0_VALUE_LEN]; TEST_START; @@ -2379,311 +2416,1040 @@ static void aux_attestation_test_unseal_pcr_mismatch (CuTest *test) memcpy (bad_pcr, PCR0_VALUE, PCR0_VALUE_LEN); bad_pcr[0] ^= 0x55; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), bad_pcr, sizeof (bad_pcr)); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - bad_pcr, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, AUX_ATTESTATION_PCR_MISMATCH, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_unused_byte_nonzero (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + uint8_t bad_sealing[1][64]; + + TEST_START; + + memcpy (bad_sealing, SEALING_POLICY, sizeof (bad_sealing)); + bad_sealing[0][16] ^= 0x55; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = hash_mock_validate_and_release (&hash); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (bad_sealing, sizeof (bad_sealing)), MOCK_ARG (sizeof (bad_sealing))); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + CuAssertIntEquals (test, 0, status); - aux_attestation_release (&aux); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + (const uint8_t(*)[64]) bad_sealing, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_PCR_MISMATCH, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_bypass_pcr_check (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (SEALING_POLICY_BYPASS, SEALING_POLICY_BYPASS_LEN), MOCK_ARG (SEALING_POLICY_BYPASS_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_BYPASS_HMAC, PAYLOAD_BYPASS_HMAC_LEN); /* Derive encryption key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_BYPASS_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, - SEALING_POLICY_BYPASS, PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, 0, status); - CuAssertPtrNotNull (test, attestation_key); - CuAssertIntEquals (test, ENCRYPTION_KEY_LEN, key_length); - - status = testing_validate_array (ENCRYPTION_KEY, attestation_key, key_length); CuAssertIntEquals (test, 0, status); - platform_free (attestation_key); - - status = keystore_mock_validate_and_release (&keystore); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_BYPASS_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY_BYPASS, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); CuAssertIntEquals (test, 0, status); - status = hash_mock_validate_and_release (&hash); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_multiple_pcr (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - aux_attestation_release (&aux); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (2, 0), PCR2_VALUE, PCR2_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY_MULTIPLE, SEALING_POLICY_MULTIPLE_LEN), + MOCK_ARG (SEALING_POLICY_MULTIPLE_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_MULTIPLE_HMAC, PAYLOAD_MULTIPLE_HMAC_LEN); + + /* Derive encryption key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_MULTIPLE_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY_MULTIPLE, 3, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_multiple_pcr_mismatch (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + uint8_t bad_pcr[PCR0_VALUE_LEN]; + + TEST_START; + + memcpy (bad_pcr, PCR2_VALUE, PCR2_VALUE_LEN); + bad_pcr[0] ^= 0x55; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (2, 0), bad_pcr, sizeof (bad_pcr)); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY_MULTIPLE, SEALING_POLICY_MULTIPLE_LEN), + MOCK_ARG (SEALING_POLICY_MULTIPLE_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_MULTIPLE_HMAC, PAYLOAD_MULTIPLE_HMAC_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_MULTIPLE_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY_MULTIPLE, 3, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_PCR_MISMATCH, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_multiple_pcr_unused_byte_nonzero (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + uint8_t bad_sealing[3][64]; + + TEST_START; + + memcpy (bad_sealing, SEALING_POLICY_MULTIPLE, sizeof (bad_sealing)); + bad_sealing[2][16] ^= 0x55; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (2, 0), PCR2_VALUE, PCR2_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (bad_sealing, sizeof (bad_sealing)), MOCK_ARG (sizeof (bad_sealing))); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_MULTIPLE_HMAC, PAYLOAD_MULTIPLE_HMAC_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_MULTIPLE_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, (const uint8_t(*)[64]) bad_sealing, 3, attestation_key, + sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_PCR_MISMATCH, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_multiple_pcr_bypass_single (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (2, 0), PCR2_VALUE, PCR2_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY_SKIP, SEALING_POLICY_SKIP_LEN), + MOCK_ARG (SEALING_POLICY_SKIP_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_SKIP_HMAC, PAYLOAD_SKIP_HMAC_LEN); + + /* Derive encryption key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_SKIP_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY_SKIP, 3, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_multiple_pcr_bypass_multiple (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (2, 0), PCR2_VALUE, PCR2_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY_BYPASS_MULTIPLE, SEALING_POLICY_BYPASS_MULTIPLE_LEN), + MOCK_ARG (SEALING_POLICY_BYPASS_MULTIPLE_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_BYPASS_MULTIPLE_HMAC, PAYLOAD_BYPASS_MULTIPLE_HMAC_LEN); + + /* Derive encryption key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_BYPASS_MULTIPLE_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY_BYPASS_MULTIPLE, 3, attestation_key, + sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_unused_pcrs (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (2, 0), PCR2_VALUE, PCR2_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + + /* Derive encryption key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_unsupported_pcrs_unused (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (2, 0), PCR2_VALUE, PCR2_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY_MULTIPLE_UNUSED, SEALING_POLICY_MULTIPLE_UNUSED_LEN), + MOCK_ARG (SEALING_POLICY_MULTIPLE_UNUSED_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_MULTIPLE_UNUSED_HMAC, PAYLOAD_MULTIPLE_UNUSED_HMAC_LEN); + + /* Derive encryption key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), + MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, ENCRYPTION_KEY, ENCRYPTION_KEY_LEN); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_MULTIPLE_UNUSED_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY_MULTIPLE_UNUSED, 5, attestation_key, + sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_bad_hmac (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_BYPASS_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, - SEALING_POLICY, PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_BYPASS_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, AUX_ATTESTATION_HMAC_MISMATCH, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } -static void aux_attestation_test_unseal_no_mock (CuTest *test) +static void aux_attestation_test_unseal_rsa_oaep_sha1_no_mock (CuTest *test) { RSA_TESTING_ENGINE rsa; HASH_TESTING_ENGINE hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); status = RSA_TESTING_ENGINE_INIT (&rsa); CuAssertIntEquals (test, 0, status); @@ -2691,1659 +3457,2050 @@ static void aux_attestation_test_unseal_no_mock (CuTest *test) status = HASH_TESTING_ENGINE_INIT (&hash); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &rsa.base, &aux.riot, + &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, 0, status); - CuAssertPtrNotNull (test, attestation_key); - CuAssertIntEquals (test, ENCRYPTION_KEY_LEN, key_length); - - status = testing_validate_array (ENCRYPTION_KEY, attestation_key, key_length); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - platform_free (attestation_key); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = keystore_mock_validate_and_release (&keystore); CuAssertIntEquals (test, 0, status); - aux_attestation_release (&aux); + status = aux_attestation_unseal (&aux.test, &hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); RSA_TESTING_ENGINE_RELEASE (&rsa); HASH_TESTING_ENGINE_RELEASE (&hash); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_rsa_oaep_sha256_no_mock (CuTest *test) +{ + RSA_TESTING_ENGINE rsa; + HASH_TESTING_ENGINE hash; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + status = RSA_TESTING_ENGINE_INIT (&rsa); + CuAssertIntEquals (test, 0, status); + + status = HASH_TESTING_ENGINE_INIT (&hash); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &rsa.base, &aux.riot, + &aux.ecc.base); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP_SHA256, KEY_SEED_ENCRYPT_OAEP_SHA256_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA256, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + + RSA_TESTING_ENGINE_RELEASE (&rsa); + HASH_TESTING_ENGINE_RELEASE (&hash); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_ecdh_no_mock (CuTest *test) +{ + ECC_TESTING_ENGINE ecc; + HASH_TESTING_ENGINE hash; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + status = ECC_TESTING_ENGINE_INIT (&ecc); + CuAssertIntEquals (test, 0, status); + + status = HASH_TESTING_ENGINE_INIT (&hash); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &aux.rsa.base, &aux.riot, + &ecc.base); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, AUX_ATTESTATION_SEED_ECDH, + AUX_ATTESTATION_PADDING_UNSPECIFIED, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + + ECC_TESTING_ENGINE_RELEASE (&ecc); + HASH_TESTING_ENGINE_RELEASE (&hash); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_rsa_no_ecc (CuTest *test) +{ + RSA_TESTING_ENGINE rsa; + HASH_TESTING_ENGINE hash; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + status = RSA_TESTING_ENGINE_INIT (&rsa); + CuAssertIntEquals (test, 0, status); + + status = HASH_TESTING_ENGINE_INIT (&hash); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &rsa.base, NULL, NULL); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + + RSA_TESTING_ENGINE_RELEASE (&rsa); + HASH_TESTING_ENGINE_RELEASE (&hash); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_ecdh_no_rsa (CuTest *test) +{ + ECC_TESTING_ENGINE ecc; + HASH_TESTING_ENGINE hash; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + status = ECC_TESTING_ENGINE_INIT (&ecc); + CuAssertIntEquals (test, 0, status); + + status = HASH_TESTING_ENGINE_INIT (&hash); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &ecc.base); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, AUX_ATTESTATION_SEED_ECDH, + AUX_ATTESTATION_PADDING_UNSPECIFIED, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, 0, status); + + status = testing_validate_array (ENCRYPTION_KEY, attestation_key, ENCRYPTION_KEY_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + + ECC_TESTING_ENGINE_RELEASE (&ecc); + HASH_TESTING_ENGINE_RELEASE (&hash); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_null (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (NULL, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, NULL, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, NULL, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - 0, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, NULL, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, NULL, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, 0, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, NULL, - PCR0_VALUE, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - NULL, &attestation_key, &key_length); - CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, NULL, &key_length); + status = aux_attestation_unseal (NULL, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, NULL); + status = aux_attestation_unseal (&aux.test, NULL, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, NULL, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + NULL, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, 0, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - aux_attestation_release (&aux); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, NULL, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, NULL, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, 0, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + NULL, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 0, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, NULL, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } -static void aux_attestation_test_unseal_load_error (CuTest *test) +static void aux_attestation_test_unseal_invalid_key_length (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[48]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, + (enum aux_attestation_key_length) 48, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + AUX_ATTESTATION_SEED_RSA, AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, + CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_KEY_LENGTH, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_invalid_hmac_type (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA1, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_HMAC, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_buffer_too_small (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32 - 1]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_BUFFER_TOO_SMALL, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, 0); + CuAssertIntEquals (test, AUX_ATTESTATION_BUFFER_TOO_SMALL, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_no_rsa_support (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &aux.ecc.base); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_no_ecc_support (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &aux.rsa.base, NULL, NULL); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, AUX_ATTESTATION_SEED_ECDH, + AUX_ATTESTATION_PADDING_UNSPECIFIED, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_unknown_seed (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, (enum aux_attestation_seed_type) 2, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_UNKNOWN_SEED, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_rsa_invalid_padding (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + (enum aux_attestation_seed_padding) 3, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, AUX_ATTESTATION_BAD_SEED_PADDING, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_rsa_load_error (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der = NULL; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, + KEYSTORE_LOAD_FAILED, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_LOAD_FAILED, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, KEYSTORE_LOAD_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } -static void aux_attestation_test_unseal_init_key_error (CuTest *test) +static void aux_attestation_test_unseal_rsa_init_key_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, RSA_ENGINE_KEY_PAIR_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, + RSA_ENGINE_KEY_PAIR_FAILED, MOCK_ARG_NOT_NULL, + MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, RSA_ENGINE_KEY_PAIR_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } -static void aux_attestation_test_unseal_decrypt_error (CuTest *test) +static void aux_attestation_test_unseal_rsa_decrypt_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, RSA_ENGINE_DECRYPT_FAILED, + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, RSA_ENGINE_DECRYPT_FAILED, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, RSA_ENGINE_DECRYPT_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_ecdh_public_key_error (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = hash_mock_validate_and_release (&hash); + /* Derive seed */ + status = mock_expect (&aux.ecc.mock, aux.ecc.base.init_public_key, &aux.ecc, + ECC_ENGINE_PUBLIC_KEY_FAILED, MOCK_ARG_PTR_CONTAINS (ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN), + MOCK_ARG (ECC_PUBKEY_DER_LEN), MOCK_ARG_NOT_NULL); + CuAssertIntEquals (test, 0, status); - aux_attestation_release (&aux); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, AUX_ATTESTATION_SEED_ECDH, + AUX_ATTESTATION_PADDING_UNSPECIFIED, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, ECC_ENGINE_PUBLIC_KEY_FAILED, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_ecdh_private_key_error (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + /* Derive seed */ + status = mock_expect (&aux.ecc.mock, aux.ecc.base.init_public_key, &aux.ecc, 0, + MOCK_ARG_PTR_CONTAINS (ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN), MOCK_ARG (ECC_PUBKEY_DER_LEN), + MOCK_ARG_NOT_NULL); + status |= mock_expect_save_arg (&aux.ecc.mock, 2, 0); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.init_key_pair, &aux.ecc, + ECC_ENGINE_KEY_PAIR_FAILED, + MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.release_key_pair, &aux.ecc, 0, + MOCK_ARG (NULL), MOCK_ARG_SAVED_ARG (0)); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, AUX_ATTESTATION_SEED_ECDH, + AUX_ATTESTATION_PADDING_UNSPECIFIED, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, ECC_ENGINE_KEY_PAIR_FAILED, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_ecdh_shared_secret_error (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; + int status; + uint8_t attestation_key[32]; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); + CuAssertIntEquals (test, 0, status); + + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + CuAssertIntEquals (test, 0, status); + + /* Derive seed */ + status = mock_expect (&aux.ecc.mock, aux.ecc.base.init_public_key, &aux.ecc, 0, + MOCK_ARG_PTR_CONTAINS (ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN), MOCK_ARG (ECC_PUBKEY_DER_LEN), + MOCK_ARG_NOT_NULL); + status |= mock_expect_save_arg (&aux.ecc.mock, 2, 0); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.init_key_pair, &aux.ecc, 0, + MOCK_ARG_PTR_CONTAINS (RIOT_CORE_ALIAS_KEY, RIOT_CORE_ALIAS_KEY_LEN), + MOCK_ARG (RIOT_CORE_ALIAS_KEY_LEN), MOCK_ARG_NOT_NULL, MOCK_ARG (NULL)); + status |= mock_expect_save_arg (&aux.ecc.mock, 2, 1); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.compute_shared_secret, &aux.ecc, + ECC_ENGINE_SHARED_SECRET_FAILED, MOCK_ARG_SAVED_ARG (1), MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.release_key_pair, &aux.ecc, 0, + MOCK_ARG_SAVED_ARG (1), MOCK_ARG (NULL)); + status |= mock_expect (&aux.ecc.mock, aux.ecc.base.release_key_pair, &aux.ecc, 0, + MOCK_ARG (NULL), MOCK_ARG_SAVED_ARG (0)); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN, AUX_ATTESTATION_SEED_ECDH, + AUX_ATTESTATION_PADDING_UNSPECIFIED, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, ECC_ENGINE_SHARED_SECRET_FAILED, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_signing_key_init_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= mock_expect (&hash.mock, hash.base.start_sha256, &hash, + status |= mock_expect (&aux.hash.mock, aux.hash.base.start_sha256, &aux.hash, HASH_ENGINE_START_SHA256_FAILED); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_START_SHA256_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_signing_key_hash_i_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_signing_key_hash_label_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_signing_key_hash_L_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_signing_key_finish_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, HASH_ENGINE_FINISH_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG (SHA256_HASH_LENGTH)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.finish, &aux.hash, + HASH_ENGINE_FINISH_FAILED, MOCK_ARG_NOT_NULL, MOCK_ARG (SHA256_HASH_LENGTH)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_FINISH_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_validate_init_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= mock_expect (&hash.mock, hash.base.start_sha256, &hash, + status |= mock_expect (&aux.hash.mock, aux.hash.base.start_sha256, &aux.hash, HASH_ENGINE_START_SHA256_FAILED); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_START_SHA256_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_validate_hash_cipher_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_validate_hash_policy_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_validate_finish_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, HASH_ENGINE_FINISH_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG (SHA256_HASH_LENGTH)); + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.finish, &aux.hash, + HASH_ENGINE_FINISH_FAILED, MOCK_ARG_NOT_NULL, MOCK_ARG (SHA256_HASH_LENGTH)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_FINISH_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); +} + +static void aux_attestation_test_unseal_unsupported_pcr (CuTest *test) +{ + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0, 0}; + int status; + uint8_t *key_der; + uint8_t attestation_key[32]; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); + status |= pcr_store_update_digest (&pcr, PCR_MEASUREMENT (1, 0), PCR1_VALUE, PCR1_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = hash_mock_validate_and_release (&hash); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + /* Decrypt seed */ + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), + MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), + MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), + MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + + /* Derive signing key */ + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), + MOCK_ARG (SIGNING_KEY_LABEL_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); + + /* Validate cipher text and sealing policy */ + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY_MULTIPLE, SEALING_POLICY_MULTIPLE_LEN), + MOCK_ARG (SEALING_POLICY_MULTIPLE_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + SHA256_HASH_LENGTH, PAYLOAD_MULTIPLE_HMAC, PAYLOAD_MULTIPLE_HMAC_LEN); + CuAssertIntEquals (test, 0, status); - aux_attestation_release (&aux); + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_MULTIPLE_HMAC, HMAC_SHA256, CIPHER_TEXT, + CIPHER_TEXT_LEN, SEALING_POLICY_MULTIPLE, 3, attestation_key, sizeof (attestation_key)); + CuAssertIntEquals (test, PCR_INVALID_PCR, status); + + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_encryption_key_init_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); /* Derive encryption key */ - status |= mock_expect (&hash.mock, hash.base.start_sha256, &hash, + status |= mock_expect (&aux.hash.mock, aux.hash.base.start_sha256, &aux.hash, HASH_ENGINE_START_SHA256_FAILED); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_START_SHA256_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_encryption_key_hash_i_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); /* Derive encryption key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_encryption_key_hash_label_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); /* Derive encryption key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_encryption_key_hash_L_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); /* Derive encryption key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, HASH_ENGINE_UPDATE_FAILED, - MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, + HASH_ENGINE_UPDATE_FAILED, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_UPDATE_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_unseal_encryption_key_finish_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct hash_engine_mock hash; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; + struct pcr_store pcr; + uint8_t num_measurements[] = {0}; int status; uint8_t *key_der; - uint8_t *attestation_key; - size_t key_length; + uint8_t attestation_key[32]; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = pcr_store_init (&pcr, num_measurements, sizeof (num_measurements)); CuAssertIntEquals (test, 0, status); - status = hash_mock_init (&hash); + status = pcr_store_update_digest (&pcr, PCR_MEASUREMENT (0, 0), PCR0_VALUE, PCR0_VALUE_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); /* Decrypt seed */ - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (3072 / 8)); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); /* Derive signing key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) SIGNING_KEY_LABEL, SIGNING_KEY_LABEL_LEN), MOCK_ARG (SIGNING_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, KEY_SEED, KEY_SEED_LEN, NULL, SHA256_HASH_LENGTH, - SIGNING_KEY, SIGNING_KEY_LEN); + status |= hash_mock_expect_hmac_finish (&aux.hash, KEY_SEED, KEY_SEED_LEN, NULL, + SHA256_HASH_LENGTH, SIGNING_KEY, SIGNING_KEY_LEN); /* Validate cipher text and sealing policy */ - status |= hash_mock_expect_hmac_init (&hash, SIGNING_KEY, SIGNING_KEY_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), - MOCK_ARG (CIPHER_TEXT_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, - MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), - MOCK_ARG (SEALING_POLICY_LEN)); - status |= hash_mock_expect_hmac_finish (&hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, + status |= hash_mock_expect_hmac_init (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (CIPHER_TEXT, CIPHER_TEXT_LEN), MOCK_ARG (CIPHER_TEXT_LEN)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, + MOCK_ARG_PTR_CONTAINS (SEALING_POLICY, SEALING_POLICY_LEN), MOCK_ARG (SEALING_POLICY_LEN)); + status |= hash_mock_expect_hmac_finish (&aux.hash, SIGNING_KEY, SIGNING_KEY_LEN, NULL, SHA256_HASH_LENGTH, PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); /* Derive encryption key */ - status |= hash_mock_expect_hmac_init (&hash, KEY_SEED, KEY_SEED_LEN); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= hash_mock_expect_hmac_init (&aux.hash, KEY_SEED, KEY_SEED_LEN); + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_I, NIST_KEY_DERIVE_I_LEN), MOCK_ARG (NIST_KEY_DERIVE_I_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS ((uint8_t*) ENCRYPTION_KEY_LABEL, ENCRYPTION_KEY_LABEL_LEN), MOCK_ARG (ENCRYPTION_KEY_LABEL_LEN)); - status |= mock_expect (&hash.mock, hash.base.update, &hash, 0, + status |= mock_expect (&aux.hash.mock, aux.hash.base.update, &aux.hash, 0, MOCK_ARG_PTR_CONTAINS (NIST_KEY_DERIVE_L, NIST_KEY_DERIVE_L_LEN), MOCK_ARG (NIST_KEY_DERIVE_L_LEN)); - status |= mock_expect (&hash.mock, hash.base.finish, &hash, HASH_ENGINE_FINISH_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG (SHA256_HASH_LENGTH)); + status |= mock_expect (&aux.hash.mock, aux.hash.base.finish, &aux.hash, + HASH_ENGINE_FINISH_FAILED, MOCK_ARG_NOT_NULL, MOCK_ARG (SHA256_HASH_LENGTH)); - status |= mock_expect (&hash.mock, hash.base.cancel, &hash, 0); + status |= mock_expect (&aux.hash.mock, aux.hash.base.cancel, &aux.hash, 0); - attestation_key = (uint8_t*) &status; - status = aux_attestation_unseal (&aux, &hash.base, KEY_SEED_ENCRYPT_OAEP, - KEY_SEED_ENCRYPT_OAEP_LEN, PAYLOAD_HMAC, CIPHER_TEXT, CIPHER_TEXT_LEN, SEALING_POLICY, - PCR0_VALUE, &attestation_key, &key_length); + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_unseal (&aux.test, &aux.hash.base, &pcr, AUX_ATTESTATION_KEY_256BIT, + KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, AUX_ATTESTATION_SEED_RSA, + AUX_ATTESTATION_PADDING_OAEP_SHA1, PAYLOAD_HMAC, HMAC_SHA256, CIPHER_TEXT, CIPHER_TEXT_LEN, + SEALING_POLICY, 1, attestation_key, sizeof (attestation_key)); CuAssertIntEquals (test, HASH_ENGINE_FINISH_FAILED, status); - CuAssertPtrEquals (test, NULL, attestation_key); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = hash_mock_validate_and_release (&hash); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); + pcr_store_release (&pcr); } static void aux_attestation_test_erase_key (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; TEST_START; - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.erase_key, &aux.keystore, 0, + MOCK_ARG (0)); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + status = aux_attestation_erase_key (&aux.test); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.erase_key, &keystore, 0, MOCK_ARG (0)); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_erase_key (&aux); - CuAssertIntEquals (test, 0, status); - - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_erase_key_with_certificate (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *cert_der; @@ -4355,126 +5512,82 @@ static void aux_attestation_test_erase_key_with_certificate (CuTest *test) memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (&x509); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.erase_key, &aux.keystore, 0, + MOCK_ARG (0)); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + status = aux_attestation_erase_key (&aux.test); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_certificate (&aux, cert_der, X509_CERTCA_RSA_EE_DER_LEN); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.erase_key, &keystore, 0, MOCK_ARG (0)); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_erase_key (&aux); - CuAssertIntEquals (test, 0, status); - - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_erase_key_with_static_certificate (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = x509_mock_init (&x509); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_static_certificate (&aux, X509_CERTCA_RSA_EE_DER, + status = aux_attestation_set_static_certificate (&aux.test, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - status = mock_expect (&keystore.mock, keystore.base.erase_key, &keystore, 0, MOCK_ARG (0)); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.erase_key, &aux.keystore, 0, + MOCK_ARG (0)); CuAssertIntEquals (test, 0, status); - status = aux_attestation_erase_key (&aux); + status = aux_attestation_erase_key (&aux.test); CuAssertIntEquals (test, 0, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_erase_key_null (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; int status; TEST_START; - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); - - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - status = aux_attestation_erase_key (NULL); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); +} - status = keystore_mock_validate_and_release (&keystore); +static void aux_attestation_test_erase_key_no_rsa_support (CuTest *test) +{ + struct aux_attestation_testing aux; + int status; + + TEST_START; + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); + status = aux_attestation_erase_key (&aux.test); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_erase_key_erase_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct x509_engine_mock x509; - struct keystore_mock keystore; - struct aux_attestation aux; + struct aux_attestation_testing aux; int status; const struct der_cert *cert; uint8_t *cert_der; @@ -4486,150 +5599,115 @@ static void aux_attestation_test_erase_key_erase_error (CuTest *test) memcpy (cert_der, X509_CERTCA_RSA_EE_DER, X509_CERTCA_RSA_EE_DER_LEN); - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = aux_attestation_set_certificate (&aux.test, cert_der, X509_CERTCA_RSA_EE_DER_LEN); CuAssertIntEquals (test, 0, status); - status = x509_mock_init (&x509); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.erase_key, &aux.keystore, + KEYSTORE_ERASE_FAILED, MOCK_ARG (0)); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_set_certificate (&aux, cert_der, X509_CERTCA_RSA_EE_DER_LEN); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.erase_key, &keystore, KEYSTORE_ERASE_FAILED, - MOCK_ARG (0)); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_erase_key (&aux); + status = aux_attestation_erase_key (&aux.test); CuAssertIntEquals (test, KEYSTORE_ERASE_FAILED, status); - cert = aux_attestation_get_certificate (&aux); + cert = aux_attestation_get_certificate (&aux.test); CuAssertPtrEquals (test, NULL, (void*) cert); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - status = x509_mock_validate_and_release (&x509); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_decrypt (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t decrypted[4224]; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; uint8_t *key_der; int status; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); - status = aux_attestation_decrypt (&aux, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEY_SEED_LEN, status); status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_decrypt_with_label (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t decrypted[4224]; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; uint8_t *key_der; int status; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG_PTR_CONTAINS (RSA_ENCRYPT_LABEL, RSA_ENCRYPT_LABEL_LEN), MOCK_ARG (RSA_ENCRYPT_LABEL_LEN), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); - status = aux_attestation_decrypt (&aux, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, (uint8_t*) RSA_ENCRYPT_LABEL, RSA_ENCRYPT_LABEL_LEN, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEY_SEED_LEN, status); @@ -4637,256 +5715,293 @@ static void aux_attestation_test_decrypt_with_label (CuTest *test) status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_decrypt_sha256 (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t decrypted[4224]; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; uint8_t *key_der; int status; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, KEY_SEED_LEN, MOCK_ARG_SAVED_ARG (0), + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, KEY_SEED_LEN, + MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA256), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); - status |= mock_expect_output (&rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); + status |= mock_expect_output (&aux.rsa.mock, 6, KEY_SEED, KEY_SEED_LEN, 7); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); - status = aux_attestation_decrypt (&aux, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA256, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEY_SEED_LEN, status); status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); CuAssertIntEquals (test, 0, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } -static void aux_attestation_test_decrypt_null (CuTest *test) +static void aux_attestation_test_decrypt_no_mock (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t decrypted[4224]; + RSA_TESTING_ENGINE rsa; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; + uint8_t *key_der; int status; TEST_START; - status = rsa_mock_init (&rsa); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + status = RSA_TESTING_ENGINE_INIT (&rsa); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &rsa.base, &aux.riot, + &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + CuAssertIntEquals (test, 0, status); + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); + CuAssertIntEquals (test, KEY_SEED_LEN, status); + + status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + + RSA_TESTING_ENGINE_RELEASE (&rsa); +} + +static void aux_attestation_test_decrypt_sha256_no_mock (CuTest *test) +{ + RSA_TESTING_ENGINE rsa; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; + uint8_t *key_der; + int status; + + TEST_START; + + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); + CuAssertPtrNotNull (test, key_der); + + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + status = RSA_TESTING_ENGINE_INIT (&rsa); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, &aux.keystore.base, &rsa.base, &aux.riot, + &aux.ecc.base); + CuAssertIntEquals (test, 0, status); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + CuAssertIntEquals (test, 0, status); + + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP_SHA256, + KEY_SEED_ENCRYPT_OAEP_SHA256_LEN, NULL, 0, HASH_TYPE_SHA256, decrypted, sizeof (decrypted)); + CuAssertIntEquals (test, KEY_SEED_LEN, status); + + status = testing_validate_array (KEY_SEED, decrypted, KEY_SEED_LEN); + CuAssertIntEquals (test, 0, status); + + aux_attestation_testing_validate_and_release (test, &aux); + + RSA_TESTING_ENGINE_RELEASE (&rsa); +} + +static void aux_attestation_test_decrypt_null (CuTest *test) +{ + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; + int status; + + TEST_START; + + aux_attestation_testing_init (test, &aux); + status = aux_attestation_decrypt (NULL, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_decrypt (&aux, NULL, KEY_SEED_ENCRYPT_OAEP_LEN, + status = aux_attestation_decrypt (&aux.test, NULL, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = aux_attestation_decrypt (&aux, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, NULL, sizeof (decrypted)); CuAssertIntEquals (test, AUX_ATTESTATION_INVALID_ARGUMENT, status); - status = keystore_mock_validate_and_release (&keystore); + aux_attestation_testing_validate_and_release (test, &aux); +} + +static void aux_attestation_test_decrypt_no_rsa_support (CuTest *test) +{ + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; + int status; + + TEST_START; + + aux_attestation_testing_init_dependencies (test, &aux); + + status = aux_attestation_init (&aux.test, NULL, NULL, &aux.riot, &aux.ecc.base); CuAssertIntEquals (test, 0, status); - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - aux_attestation_release (&aux); + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); + CuAssertIntEquals (test, AUX_ATTESTATION_UNSUPPORTED_CRYPTO, status); + + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_decrypt_load_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t decrypted[4224]; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; int status; TEST_START; - status = rsa_mock_init (&rsa); + aux_attestation_testing_init (test, &aux); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, + KEYSTORE_LOAD_FAILED, MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, KEYSTORE_LOAD_FAILED, - MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_decrypt (&aux, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, KEYSTORE_LOAD_FAILED, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_decrypt_init_key_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t decrypted[4224]; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; uint8_t *key_der; int status; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); + + aux_attestation_testing_init (test, &aux); + + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); + + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, + RSA_ENGINE_KEY_PAIR_FAILED, MOCK_ARG_NOT_NULL, + MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); - status = rsa_mock_init (&rsa); CuAssertIntEquals (test, 0, status); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); - - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, RSA_ENGINE_KEY_PAIR_FAILED, - MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - CuAssertIntEquals (test, 0, status); - - status = aux_attestation_decrypt (&aux, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, RSA_ENGINE_KEY_PAIR_FAILED, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } static void aux_attestation_test_decrypt_error (CuTest *test) { - struct rsa_engine_mock rsa; - struct keystore_mock keystore; - struct aux_attestation aux; - uint8_t decrypted[4224]; + struct aux_attestation_testing aux; + uint8_t decrypted[RSA_KEY_LENGTH_3K]; uint8_t *key_der; int status; TEST_START; - key_der = platform_malloc (RSA_PRIVKEY_DER_LEN); + key_der = platform_malloc (RSA3K_PRIVKEY_DER_LEN); CuAssertPtrNotNull (test, key_der); - memcpy (key_der, RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN); + memcpy (key_der, RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN); - status = rsa_mock_init (&rsa); - CuAssertIntEquals (test, 0, status); + aux_attestation_testing_init (test, &aux); - status = keystore_mock_init (&keystore); - CuAssertIntEquals (test, 0, status); + status = mock_expect (&aux.keystore.mock, aux.keystore.base.load_key, &aux.keystore, 0, + MOCK_ARG (0), MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&aux.keystore.mock, 1, &key_der, sizeof (key_der), -1); + status |= mock_expect_output (&aux.keystore.mock, 2, &RSA3K_PRIVKEY_DER_LEN, + sizeof (RSA3K_PRIVKEY_DER_LEN), -1); - status = aux_attestation_init (&aux, &keystore.base, &rsa.base); - CuAssertIntEquals (test, 0, status); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.init_private_key, &aux.rsa, 0, + MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS (RSA3K_PRIVKEY_DER, RSA3K_PRIVKEY_DER_LEN), + MOCK_ARG (RSA3K_PRIVKEY_DER_LEN)); + status |= mock_expect_save_arg (&aux.rsa.mock, 0, 0); - status = mock_expect (&keystore.mock, keystore.base.load_key, &keystore, 0, MOCK_ARG (0), - MOCK_ARG_NOT_NULL, MOCK_ARG_NOT_NULL); - status |= mock_expect_output (&keystore.mock, 1, &key_der, sizeof (key_der), -1); - status |= mock_expect_output (&keystore.mock, 2, &RSA_PRIVKEY_DER_LEN, - sizeof (RSA_PRIVKEY_DER_LEN), -1); - - status |= mock_expect (&rsa.mock, rsa.base.init_private_key, &rsa, 0, MOCK_ARG_NOT_NULL, - MOCK_ARG_PTR_CONTAINS (RSA_PRIVKEY_DER, RSA_PRIVKEY_DER_LEN), - MOCK_ARG (RSA_PRIVKEY_DER_LEN)); - status |= mock_expect_save_arg (&rsa.mock, 0, 0); - - status |= mock_expect (&rsa.mock, rsa.base.decrypt, &rsa, RSA_ENGINE_DECRYPT_FAILED, + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.decrypt, &aux.rsa, RSA_ENGINE_DECRYPT_FAILED, MOCK_ARG_SAVED_ARG (0), MOCK_ARG_PTR_CONTAINS (KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (KEY_SEED_ENCRYPT_OAEP_LEN), MOCK_ARG (NULL), MOCK_ARG (0), MOCK_ARG (HASH_TYPE_SHA1), MOCK_ARG_NOT_NULL, MOCK_ARG (sizeof (decrypted))); - status |= mock_expect (&rsa.mock, rsa.base.release_key, &rsa, 0, MOCK_ARG_SAVED_ARG (0)); + status |= mock_expect (&aux.rsa.mock, aux.rsa.base.release_key, &aux.rsa, 0, + MOCK_ARG_SAVED_ARG (0)); + CuAssertIntEquals (test, 0, status); - status = aux_attestation_decrypt (&aux, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, + status = aux_attestation_decrypt (&aux.test, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN, NULL, 0, HASH_TYPE_SHA1, decrypted, sizeof (decrypted)); CuAssertIntEquals (test, RSA_ENGINE_DECRYPT_FAILED, status); - status = keystore_mock_validate_and_release (&keystore); - CuAssertIntEquals (test, 0, status); - - status = rsa_mock_validate_and_release (&rsa); - CuAssertIntEquals (test, 0, status); - - aux_attestation_release (&aux); + aux_attestation_testing_validate_and_release (test, &aux); } @@ -4899,6 +6014,7 @@ CuSuite* get_aux_attestation_suite () SUITE_ADD_TEST (suite, aux_attestation_test_release_null); SUITE_ADD_TEST (suite, aux_attestation_test_generate_key); SUITE_ADD_TEST (suite, aux_attestation_test_generate_key_null); + SUITE_ADD_TEST (suite, aux_attestation_test_generate_key_generation_no_rsa_support); SUITE_ADD_TEST (suite, aux_attestation_test_generate_key_generation_error); SUITE_ADD_TEST (suite, aux_attestation_test_generate_key_der_error); SUITE_ADD_TEST (suite, aux_attestation_test_generate_key_save_error); @@ -4908,6 +6024,7 @@ CuSuite* get_aux_attestation_suite () SUITE_ADD_TEST (suite, aux_attestation_test_create_certificate_zero_serial_number); SUITE_ADD_TEST (suite, aux_attestation_test_create_certificate_zero_serial_number_twice); SUITE_ADD_TEST (suite, aux_attestation_test_create_certificate_null); + SUITE_ADD_TEST (suite, aux_attestation_test_create_certificate_no_rsa_support); SUITE_ADD_TEST (suite, aux_attestation_test_create_certificate_no_private_key); SUITE_ADD_TEST (suite, aux_attestation_test_create_certificate_bad_private_key); SUITE_ADD_TEST (suite, aux_attestation_test_create_certificate_load_key_error); @@ -4918,23 +6035,50 @@ CuSuite* get_aux_attestation_suite () SUITE_ADD_TEST (suite, aux_attestation_test_set_certificate); SUITE_ADD_TEST (suite, aux_attestation_test_set_certificate_before_create); SUITE_ADD_TEST (suite, aux_attestation_test_set_certificate_null); + SUITE_ADD_TEST (suite, aux_attestation_test_set_certificate_no_rsa_support); SUITE_ADD_TEST (suite, aux_attestation_test_set_certificate_twice); SUITE_ADD_TEST (suite, aux_attestation_test_set_certificate_after_create); SUITE_ADD_TEST (suite, aux_attestation_test_set_static_certificate); SUITE_ADD_TEST (suite, aux_attestation_test_set_static_certificate_before_create); SUITE_ADD_TEST (suite, aux_attestation_test_set_static_certificate_null); + SUITE_ADD_TEST (suite, aux_attestation_test_set_static_certificate_no_rsa_support); SUITE_ADD_TEST (suite, aux_attestation_test_set_static_certificate_twice); SUITE_ADD_TEST (suite, aux_attestation_test_set_static_certificate_after_create); SUITE_ADD_TEST (suite, aux_attestation_test_get_certificate_null); - SUITE_ADD_TEST (suite, aux_attestation_test_unseal); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_oaep_sha1); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_oaep_sha256); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_pkcs15); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_ecdh); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_pcr_mismatch); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_unused_byte_nonzero); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_bypass_pcr_check); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_multiple_pcr); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_multiple_pcr_mismatch); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_multiple_pcr_unused_byte_nonzero); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_multiple_pcr_bypass_single); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_multiple_pcr_bypass_multiple); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_unused_pcrs); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_unsupported_pcrs_unused); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_bad_hmac); - SUITE_ADD_TEST (suite, aux_attestation_test_unseal_no_mock); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_oaep_sha1_no_mock); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_oaep_sha256_no_mock); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_ecdh_no_mock); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_no_ecc); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_ecdh_no_rsa); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_null); - SUITE_ADD_TEST (suite, aux_attestation_test_unseal_load_error); - SUITE_ADD_TEST (suite, aux_attestation_test_unseal_init_key_error); - SUITE_ADD_TEST (suite, aux_attestation_test_unseal_decrypt_error); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_invalid_key_length); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_invalid_hmac_type); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_buffer_too_small); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_no_rsa_support); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_no_ecc_support); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_unknown_seed); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_invalid_padding); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_load_error); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_init_key_error); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_rsa_decrypt_error); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_ecdh_public_key_error); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_ecdh_private_key_error); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_ecdh_shared_secret_error); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_signing_key_init_error); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_signing_key_hash_i_error); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_signing_key_hash_label_error); @@ -4944,6 +6088,7 @@ CuSuite* get_aux_attestation_suite () SUITE_ADD_TEST (suite, aux_attestation_test_unseal_validate_hash_cipher_error); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_validate_hash_policy_error); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_validate_finish_error); + SUITE_ADD_TEST (suite, aux_attestation_test_unseal_unsupported_pcr); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_encryption_key_init_error); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_encryption_key_hash_i_error); SUITE_ADD_TEST (suite, aux_attestation_test_unseal_encryption_key_hash_label_error); @@ -4953,11 +6098,15 @@ CuSuite* get_aux_attestation_suite () SUITE_ADD_TEST (suite, aux_attestation_test_erase_key_with_certificate); SUITE_ADD_TEST (suite, aux_attestation_test_erase_key_with_static_certificate); SUITE_ADD_TEST (suite, aux_attestation_test_erase_key_null); + SUITE_ADD_TEST (suite, aux_attestation_test_erase_key_no_rsa_support); SUITE_ADD_TEST (suite, aux_attestation_test_erase_key_erase_error); SUITE_ADD_TEST (suite, aux_attestation_test_decrypt); SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_with_label); SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_sha256); + SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_no_mock); + SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_sha256_no_mock); SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_null); + SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_no_rsa_support); SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_load_error); SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_init_key_error); SUITE_ADD_TEST (suite, aux_attestation_test_decrypt_error); diff --git a/core/testing/aux_attestation_testing.h b/core/testing/aux_attestation_testing.h index cae3f20..aefaa3c 100644 --- a/core/testing/aux_attestation_testing.h +++ b/core/testing/aux_attestation_testing.h @@ -11,6 +11,8 @@ extern const uint8_t KEY_SEED[]; extern const size_t KEY_SEED_LEN; extern const uint8_t KEY_SEED_ENCRYPT_OAEP[]; extern const size_t KEY_SEED_ENCRYPT_OAEP_LEN; +extern const uint8_t KEY_SEED_ENCRYPT_OAEP_SHA256[]; +extern const size_t KEY_SEED_ENCRYPT_OAEP_SHA256_LEN; extern const uint8_t NIST_KEY_DERIVE_I[]; extern const size_t NIST_KEY_DERIVE_I_LEN; extern const uint8_t NIST_KEY_DERIVE_L[]; @@ -21,10 +23,14 @@ extern const uint8_t ENCRYPTION_KEY[]; extern const size_t ENCRYPTION_KEY_LEN; extern const uint8_t CIPHER_TEXT[]; extern const size_t CIPHER_TEXT_LEN; -extern const uint8_t SEALING_POLICY[]; +extern const uint8_t SEALING_POLICY[][64]; extern const size_t SEALING_POLICY_LEN; extern const uint8_t PAYLOAD_HMAC[]; extern const size_t PAYLOAD_HMAC_LEN; +extern const uint8_t SEALING_POLICY_MULTIPLE[][64]; +extern const size_t SEALING_POLICY_MULTPLE_LEN; +extern const uint8_t PAYLOAD_MULTIPLE_HMAC[]; +extern const size_t PAYLOAD_MULTIPLE_HMAC_LEN; extern const char ENCRYPTION_KEY_LABEL[]; extern const size_t ENCRYPTION_KEY_LABEL_LEN; extern const char SIGNING_KEY_LABEL[]; diff --git a/core/testing/cerberus_protocol_optional_commands_test.c b/core/testing/cerberus_protocol_optional_commands_test.c index 7837668..e3d02b6 100644 --- a/core/testing/cerberus_protocol_optional_commands_test.c +++ b/core/testing/cerberus_protocol_optional_commands_test.c @@ -12,10 +12,13 @@ #include "cmd_interface/attestation_cmd_interface.h" #include "logging/debug_log.h" #include "recovery/recovery_image_header.h" +#include "attestation/aux_attestation.h" #include "mock/pfm_mock.h" #include "mock/recovery_image_mock.h" #include "cerberus_protocol_optional_commands_testing.h" #include "recovery_image_header_testing.h" +#include "aux_attestation_testing.h" +#include "ecc_testing.h" static const char *SUITE = "cerberus_protocol_optional_commands"; @@ -3688,54 +3691,89 @@ void cerberus_protocol_optional_commands_testing_process_log_read_invalid_len (C CuAssertIntEquals (test, false, request.crypto_timeout); } -void cerberus_protocol_optional_commands_testing_process_request_unseal (CuTest *test, - struct cmd_interface *cmd, struct cmd_background_mock *background, int pcr) +void cerberus_protocol_optional_commands_testing_process_request_unseal_rsa (CuTest *test, + struct cmd_interface *cmd, struct cmd_background_mock *background) { - uint16_t seed_len = 2; - uint16_t cipher_len = 2; struct cmd_interface_request request; - struct cerberus_protocol_header header = {0}; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; int status; - memset (&request, 0, sizeof (request)); - header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; - header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; - header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); - memcpy (request.data, &header, sizeof (header)); - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN], &seed_len, sizeof (seed_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)] = 0xAA; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 1] = 0xBB; - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2], &cipher_len, - sizeof (cipher_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len)] = - 0xCC; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 3 + sizeof (cipher_len)] = - 0xDD; - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len)], - 0x55, SHA256_HASH_LENGTH); - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len) + - SHA256_HASH_LENGTH], 0xAA, 64); - request.length = CERBERUS_PROTOCOL_MIN_MSG_LEN + 104; + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; request.source_eid = MCTP_PROTOCOL_BMC_EID; request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; status = mock_expect (&background->mock, background->base.unseal_start, background, 0, - MOCK_ARG_PTR_CONTAINS_TMP ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)], seed_len), - MOCK_ARG (seed_len), MOCK_ARG_PTR_CONTAINS_TMP ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + - sizeof (cipher_len)], - SHA256_HASH_LENGTH), - MOCK_ARG_PTR_CONTAINS_TMP (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + - sizeof (seed_len) + 2 + sizeof (cipher_len)], cipher_len), - MOCK_ARG (cipher_len), MOCK_ARG_PTR_CONTAINS_TMP ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + - sizeof (cipher_len) + SHA256_HASH_LENGTH], 64), - MOCK_ARG (pcr)); + MOCK_ARG_PTR_CONTAINS_TMP (request.data, request.length), MOCK_ARG (request.length)); + CuAssertIntEquals (test, 0, status); + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, 0, status); + CuAssertIntEquals (test, 0, request.length); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_ecc (CuTest *test, + struct cmd_interface *cmd, struct cmd_background_mock *background) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_ECDH; + req->seed_length = ECC_PUBKEY_DER_LEN; + memcpy (&req->seed, ECC_PUBKEY_DER, ECC_PUBKEY_DER_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + ECC_PUBKEY_DER_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + status = mock_expect (&background->mock, background->base.unseal_start, background, 0, + MOCK_ARG_PTR_CONTAINS_TMP (request.data, request.length), MOCK_ARG (request.length)); CuAssertIntEquals (test, 0, status); request.crypto_timeout = false; @@ -3746,50 +3784,43 @@ void cerberus_protocol_optional_commands_testing_process_request_unseal (CuTest } void cerberus_protocol_optional_commands_testing_process_request_unseal_fail (CuTest *test, - struct cmd_interface *cmd, struct cmd_background_mock *background, int pcr) + struct cmd_interface *cmd, struct cmd_background_mock *background) { - uint16_t seed_len = 2; - uint16_t cipher_len = 2; struct cmd_interface_request request; - struct cerberus_protocol_header header = {0}; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; int status; - memset (&request, 0, sizeof (request)); - header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; - header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; - header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); - memcpy (request.data, &header, sizeof (header)); - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN], &seed_len, sizeof (seed_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)] = 0xAA; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 1] = 0xBB; - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2], &cipher_len, - sizeof (cipher_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len)] = - 0xCC; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 3 + sizeof (cipher_len)] = - 0xDD; - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len)], - 0x55, SHA256_HASH_LENGTH); - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len) + - SHA256_HASH_LENGTH], 0xAA, 64); - request.length = CERBERUS_PROTOCOL_MIN_MSG_LEN + 104; + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; request.source_eid = MCTP_PROTOCOL_BMC_EID; request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; status = mock_expect (&background->mock, background->base.unseal_start, background, - CMD_BACKGROUND_UNSEAL_FAILED, MOCK_ARG_PTR_CONTAINS_TMP ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)], seed_len), - MOCK_ARG (seed_len), MOCK_ARG_PTR_CONTAINS_TMP ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len)], - SHA256_HASH_LENGTH), MOCK_ARG_PTR_CONTAINS_TMP ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len)], - cipher_len), MOCK_ARG (cipher_len), MOCK_ARG_PTR_CONTAINS_TMP ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len) + - SHA256_HASH_LENGTH], 64), MOCK_ARG (pcr)); + CMD_BACKGROUND_UNSEAL_FAILED, MOCK_ARG_PTR_CONTAINS_TMP (request.data, request.length), + MOCK_ARG (request.length)); CuAssertIntEquals (test, 0, status); request.crypto_timeout = false; @@ -3798,117 +3829,473 @@ void cerberus_protocol_optional_commands_testing_process_request_unseal_fail (Cu CuAssertIntEquals (test, true, request.crypto_timeout); } -void cerberus_protocol_optional_commands_testing_process_request_unseal_no_seed_len (CuTest *test, +void cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_hmac (CuTest *test, struct cmd_interface *cmd) { - uint16_t seed_len = 0; - uint16_t cipher_len = 2; struct cmd_interface_request request; - struct cerberus_protocol_header header = {0}; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; int status; - memset (&request, 0, sizeof (request)); - header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; - header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; - header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); - memcpy (request.data, &header, sizeof (header)); - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN], &seed_len, sizeof (seed_len)); - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)], &cipher_len, - sizeof (cipher_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + sizeof (cipher_len)] = - 0xCC; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 1 + sizeof (cipher_len)] = - 0xDD; - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len)], - 0x55, SHA256_HASH_LENGTH); - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len) + - SHA256_HASH_LENGTH], 0xAA, 64); - request.length = CERBERUS_PROTOCOL_MIN_MSG_LEN + 102; + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = 1; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; request.source_eid = MCTP_PROTOCOL_BMC_EID; request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; request.crypto_timeout = false; status = cmd->process_request (cmd, &request); - CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, CMD_HANDLER_OUT_OF_RANGE, status); CuAssertIntEquals (test, true, request.crypto_timeout); } -void cerberus_protocol_optional_commands_testing_process_request_unseal_no_cipher_len (CuTest *test, +void cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_seed (CuTest *test, struct cmd_interface *cmd) { - uint16_t seed_len = 2; - uint16_t cipher_len = 0; struct cmd_interface_request request; - struct cerberus_protocol_header header = {0}; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; int status; - memset (&request, 0, sizeof (request)); - header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; - header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; - header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); - memcpy (request.data, &header, sizeof (header)); - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN], &seed_len, sizeof (seed_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)] = 0xAA; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 1] = 0xBB; - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2], &cipher_len, - sizeof (cipher_len)); - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len)], - 0x55, SHA256_HASH_LENGTH); - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len) + - SHA256_HASH_LENGTH], 0xAA, 64); - request.length = CERBERUS_PROTOCOL_MIN_MSG_LEN + 102; + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = 2; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; request.source_eid = MCTP_PROTOCOL_BMC_EID; request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; request.crypto_timeout = false; status = cmd->process_request (cmd, &request); - CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, CMD_HANDLER_OUT_OF_RANGE, status); CuAssertIntEquals (test, true, request.crypto_timeout); } -void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_payload ( +void cerberus_protocol_optional_commands_testing_process_request_unseal_rsa_invalid_padding ( CuTest *test, struct cmd_interface *cmd) { - uint16_t seed_len = 2; - uint16_t cipher_len = 2; struct cmd_interface_request request; - struct cerberus_protocol_header header = {0}; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; int status; - memset (&request, 0, sizeof (request)); - header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; - header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; - header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); - memcpy (request.data, &header, sizeof (header)); - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN], &seed_len, sizeof (seed_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len)] = 0xAA; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 1] = 0xBB; - memcpy (&request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2], &cipher_len, - sizeof (cipher_len)); - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 2 + sizeof (cipher_len)] = - 0xCC; - request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 3 + sizeof (cipher_len)] = - 0xDD; - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len)], - 0x55, SHA256_HASH_LENGTH); - memset ( - &request.data[CERBERUS_PROTOCOL_MIN_MSG_LEN + sizeof (seed_len) + 4 + sizeof (cipher_len) + - SHA256_HASH_LENGTH], 0xAA, 64); - request.length = CERBERUS_PROTOCOL_MIN_MSG_LEN; + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_params.rsa.padding = 3; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; request.source_eid = MCTP_PROTOCOL_BMC_EID; request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_OUT_OF_RANGE, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_no_seed (CuTest *test, + struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = 0; + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + 2 + CIPHER_TEXT_LEN + + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_seed ( + CuTest *test, struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN - 1; + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_no_ciphertext (CuTest *test, + struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = 0; + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing); + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_ciphertext ( + CuTest *test, struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN - 1; + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_no_hmac (CuTest *test, + struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = 0; + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + sizeof (sealing); + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_bad_hmac_length ( + CuTest *test, struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN + 1; + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + 1 + + sizeof (sealing); + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); + + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN - 1; + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + (PAYLOAD_HMAC_LEN - 1) + + sizeof (sealing); + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_hmac ( + CuTest *test, struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN - 1; + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); +} + +void cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_len (CuTest *test, + struct cmd_interface *cmd) +{ + struct cmd_interface_request request; + struct cerberus_protocol_message_unseal *req = + (struct cerberus_protocol_message_unseal*) request.data; + struct cerberus_protocol_unseal_pmrs sealing; + int status; + + memset (sealing.pmr[0], 0, sizeof (sealing.pmr[0])); + memset (sealing.pmr[1], 1, sizeof (sealing.pmr[0])); + memset (sealing.pmr[2], 2, sizeof (sealing.pmr[0])); + memset (sealing.pmr[3], 3, sizeof (sealing.pmr[0])); + memset (sealing.pmr[4], 4, sizeof (sealing.pmr[0])); + + memset (&request, 0, sizeof (request)); + req->header.msg_type = MCTP_PROTOCOL_MSG_TYPE_VENDOR_DEF; + req->header.pci_vendor_id = CERBERUS_PROTOCOL_MSFT_PCI_VID; + req->header.command = CERBERUS_PROTOCOL_UNSEAL_MESSAGE; + + req->hmac_type = CERBERUS_PROTOCOL_UNSEAL_HMAC_SHA256; + req->seed_type = CERBERUS_PROTOCOL_UNSEAL_SEED_RSA; + req->seed_length = KEY_SEED_ENCRYPT_OAEP_LEN; + memcpy (&req->seed, KEY_SEED_ENCRYPT_OAEP, KEY_SEED_ENCRYPT_OAEP_LEN); + cerberus_protocol_unseal_ciphertext_length (req) = CIPHER_TEXT_LEN; + memcpy (cerberus_protocol_unseal_ciphertext (req), CIPHER_TEXT, CIPHER_TEXT_LEN); + cerberus_protocol_unseal_hmac_length (req) = PAYLOAD_HMAC_LEN; + memcpy (cerberus_protocol_unseal_hmac (req), PAYLOAD_HMAC, PAYLOAD_HMAC_LEN); + memcpy ((uint8_t*) cerberus_protocol_get_unseal_pmr_sealing (req), &sealing, sizeof (sealing)); + request.length = sizeof (struct cerberus_protocol_message_unseal) - 1; + request.max_response = MCTP_PROTOCOL_MAX_MESSAGE_BODY; + request.source_eid = MCTP_PROTOCOL_BMC_EID; + request.target_eid = MCTP_PROTOCOL_PA_ROT_CTRL_EID; + + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); + + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing) - + 1; + request.crypto_timeout = false; + status = cmd->process_request (cmd, &request); + CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); + CuAssertIntEquals (test, true, request.crypto_timeout); + + request.length = (sizeof (struct cerberus_protocol_message_unseal) - 1) + + KEY_SEED_ENCRYPT_OAEP_LEN + 2 + CIPHER_TEXT_LEN + 2 + PAYLOAD_HMAC_LEN + sizeof (sealing) + + 1; request.crypto_timeout = false; status = cmd->process_request (cmd, &request); CuAssertIntEquals (test, CMD_HANDLER_BAD_LENGTH, status); @@ -4052,6 +4439,7 @@ void cerberus_protocol_optional_commands_testing_process_request_unseal_result_b size_t max_buf_len = MCTP_PROTOCOL_MAX_MESSAGE_BODY - sizeof (struct cerberus_protocol_message_unseal_result_completed_response) + 1; uint32_t attestation_status = ATTESTATION_CMD_STATUS_RUNNING; + uint16_t key_len = 0; int status; memset (&request, 0, sizeof (request)); @@ -4067,6 +4455,7 @@ void cerberus_protocol_optional_commands_testing_process_request_unseal_result_b status = mock_expect (&background->mock, background->base.unseal_result, background, 0, MOCK_ARG_NOT_NULL, MOCK_ARG_PTR_CONTAINS_TMP (&max_buf_len, sizeof (max_buf_len)), MOCK_ARG_NOT_NULL); + status |= mock_expect_output (&background->mock, 1, &key_len, sizeof (key_len), -1); status |= mock_expect_output (&background->mock, 2, &attestation_status, sizeof (attestation_status), -1); @@ -7219,7 +7608,7 @@ static void cerberus_protocol_optional_commands_test_message_unseal_format (CuTe { uint8_t raw_buffer_req[] = { 0x7e,0x14,0x13,0x03,0x89, - 0x01, + 0x01,0x02, 0x48,0x00, 0x30,0x46,0x02,0x21,0x00,0x86,0x1d,0x0e,0x39,0x20,0xdc,0xae,0x77,0xcc,0xb0,0x33, 0x38,0xb7,0xd8,0x47,0xb9,0x7a,0x6b,0x65,0x3b,0xe2,0x72,0x52,0x8f,0x77,0x82,0x00, @@ -7253,7 +7642,7 @@ static void cerberus_protocol_optional_commands_test_message_unseal_format (CuTe 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, }; struct cerberus_protocol_message_unseal *req; - struct cerberus_protocol_unseal_pmrs *pmrs; + const struct cerberus_protocol_unseal_pmrs *pmrs; TEST_START; @@ -7270,20 +7659,24 @@ static void cerberus_protocol_optional_commands_test_message_unseal_format (CuTe CuAssertIntEquals (test, 0x00, req->reserved); CuAssertIntEquals (test, 0x00, req->hmac_type); CuAssertIntEquals (test, 0x01, req->seed_type); + CuAssertIntEquals (test, 0x00, req->seed_params.rsa.reserved); + CuAssertIntEquals (test, CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA256, + req->seed_params.rsa.padding); + CuAssertIntEquals (test, 0x02, req->seed_params.ecdh.reserved); CuAssertIntEquals (test, 0x0048, req->seed_length); - CuAssertPtrEquals (test, &raw_buffer_req[8], &req->seed); + CuAssertPtrEquals (test, &raw_buffer_req[9], &req->seed); CuAssertIntEquals (test, 0x0010, cerberus_protocol_unseal_ciphertext_length (req)); - CuAssertPtrEquals (test, &raw_buffer_req[82], cerberus_protocol_unseal_ciphertext (req)); + CuAssertPtrEquals (test, &raw_buffer_req[83], cerberus_protocol_unseal_ciphertext (req)); CuAssertIntEquals (test, 0x0020, cerberus_protocol_unseal_hmac_length (req)); - CuAssertPtrEquals (test, &raw_buffer_req[100], cerberus_protocol_unseal_hmac (req)); + CuAssertPtrEquals (test, &raw_buffer_req[101], cerberus_protocol_unseal_hmac (req)); pmrs = cerberus_protocol_get_unseal_pmr_sealing (req); - CuAssertPtrEquals (test, &raw_buffer_req[132], pmrs); - CuAssertPtrEquals (test, &raw_buffer_req[132], pmrs->pmr[0]); - CuAssertPtrEquals (test, &raw_buffer_req[196], pmrs->pmr[1]); - CuAssertPtrEquals (test, &raw_buffer_req[260], pmrs->pmr[2]); - CuAssertPtrEquals (test, &raw_buffer_req[324], pmrs->pmr[3]); - CuAssertPtrEquals (test, &raw_buffer_req[388], pmrs->pmr[4]); + CuAssertPtrEquals (test, &raw_buffer_req[133], (uint8_t*) pmrs); + CuAssertPtrEquals (test, &raw_buffer_req[133], (uint8_t*) pmrs->pmr[0]); + CuAssertPtrEquals (test, &raw_buffer_req[197], (uint8_t*) pmrs->pmr[1]); + CuAssertPtrEquals (test, &raw_buffer_req[261], (uint8_t*) pmrs->pmr[2]); + CuAssertPtrEquals (test, &raw_buffer_req[325], (uint8_t*) pmrs->pmr[3]); + CuAssertPtrEquals (test, &raw_buffer_req[389], (uint8_t*) pmrs->pmr[4]); raw_buffer_req[5] = 0x21; CuAssertIntEquals (test, 0x01, req->reserved); @@ -7294,6 +7687,24 @@ static void cerberus_protocol_optional_commands_test_message_unseal_format (CuTe CuAssertIntEquals (test, 0x01, req->reserved); CuAssertIntEquals (test, 0x02, req->hmac_type); CuAssertIntEquals (test, 0x01, req->seed_type); + + raw_buffer_req[6] = 0x01; + CuAssertIntEquals (test, 0x00, req->seed_params.rsa.reserved); + CuAssertIntEquals (test, CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA1, + req->seed_params.rsa.padding); + CuAssertIntEquals (test, 0x01, req->seed_params.ecdh.reserved); + + raw_buffer_req[6] = 0x11; + CuAssertIntEquals (test, 0x02, req->seed_params.rsa.reserved); + CuAssertIntEquals (test, CERBERUS_PROTOCOL_UNSEAL_RSA_OAEP_SHA1, + req->seed_params.rsa.padding); + CuAssertIntEquals (test, 0x11, req->seed_params.ecdh.reserved); + + raw_buffer_req[6] = 0x10; + CuAssertIntEquals (test, 0x02, req->seed_params.rsa.reserved); + CuAssertIntEquals (test, CERBERUS_PROTOCOL_UNSEAL_RSA_PKCS15, + req->seed_params.rsa.padding); + CuAssertIntEquals (test, 0x10, req->seed_params.ecdh.reserved); } static void cerberus_protocol_optional_commands_test_message_unseal_result_format (CuTest *test) diff --git a/core/testing/cerberus_protocol_optional_commands_testing.h b/core/testing/cerberus_protocol_optional_commands_testing.h index 64e0a20..9237c2a 100644 --- a/core/testing/cerberus_protocol_optional_commands_testing.h +++ b/core/testing/cerberus_protocol_optional_commands_testing.h @@ -201,16 +201,34 @@ void cerberus_protocol_optional_commands_testing_process_log_read_invalid_type ( void cerberus_protocol_optional_commands_testing_process_log_read_invalid_len (CuTest *test, struct cmd_interface *cmd); -void cerberus_protocol_optional_commands_testing_process_request_unseal (CuTest *test, - struct cmd_interface *cmd, struct cmd_background_mock *background, int pcr); +void cerberus_protocol_optional_commands_testing_process_request_unseal_rsa (CuTest *test, + struct cmd_interface *cmd, struct cmd_background_mock *background); +void cerberus_protocol_optional_commands_testing_process_request_unseal_ecc (CuTest *test, + struct cmd_interface *cmd, struct cmd_background_mock *background); void cerberus_protocol_optional_commands_testing_process_request_unseal_fail (CuTest *test, - struct cmd_interface *cmd, struct cmd_background_mock *background, int pcr); -void cerberus_protocol_optional_commands_testing_process_request_unseal_no_seed_len (CuTest *test, + struct cmd_interface *cmd, struct cmd_background_mock *background); +void cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_hmac (CuTest *test, struct cmd_interface *cmd); -void cerberus_protocol_optional_commands_testing_process_request_unseal_no_cipher_len (CuTest *test, +void cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_seed (CuTest *test, struct cmd_interface *cmd); -void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_payload ( +void cerberus_protocol_optional_commands_testing_process_request_unseal_rsa_invalid_padding ( CuTest *test, struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_no_seed (CuTest *test, + struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_seed ( + CuTest *test, struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_no_ciphertext (CuTest *test, + struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_ciphertext ( + CuTest *test, struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_no_hmac (CuTest *test, + struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_bad_hmac_length ( + CuTest *test, struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_hmac ( + CuTest *test, struct cmd_interface *cmd); +void cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_len (CuTest *test, + struct cmd_interface *cmd); void cerberus_protocol_optional_commands_testing_process_request_unseal_result (CuTest *test, struct cmd_interface *cmd, struct cmd_background_mock *background); diff --git a/core/testing/cmd_interface_system_test.c b/core/testing/cmd_interface_system_test.c index 767e33b..33b09c8 100644 --- a/core/testing/cmd_interface_system_test.c +++ b/core/testing/cmd_interface_system_test.c @@ -3854,7 +3854,7 @@ static void cmd_interface_system_test_process_get_capabilities_invalid_len (CuTe complete_cmd_interface_system_mock_test (test, &cmd); } -static void cmd_interface_system_test_process_request_unseal (CuTest *test) +static void cmd_interface_system_test_process_request_unseal_rsa (CuTest *test) { struct cmd_interface_system_testing cmd; @@ -3862,8 +3862,21 @@ static void cmd_interface_system_test_process_request_unseal (CuTest *test) setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, true, DEVICE_MANAGER_UPSTREAM); - cerberus_protocol_optional_commands_testing_process_request_unseal (test, &cmd.handler.base, - &cmd.background, 0); + cerberus_protocol_optional_commands_testing_process_request_unseal_rsa (test, &cmd.handler.base, + &cmd.background); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_ecc (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_rsa (test, &cmd.handler.base, + &cmd.background); complete_cmd_interface_system_mock_test (test, &cmd); } @@ -3876,11 +3889,11 @@ static void cmd_interface_system_test_process_request_unseal_fail (CuTest *test) setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, true, DEVICE_MANAGER_UPSTREAM); cerberus_protocol_optional_commands_testing_process_request_unseal_fail (test, - &cmd.handler.base, &cmd.background, 0); + &cmd.handler.base, &cmd.background); complete_cmd_interface_system_mock_test (test, &cmd); } -static void cmd_interface_system_test_process_request_unseal_no_seed_len (CuTest *test) +static void cmd_interface_system_test_process_request_unseal_invalid_hmac (CuTest *test) { struct cmd_interface_system_testing cmd; @@ -3888,12 +3901,12 @@ static void cmd_interface_system_test_process_request_unseal_no_seed_len (CuTest setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, true, DEVICE_MANAGER_UPSTREAM); - cerberus_protocol_optional_commands_testing_process_request_unseal_no_seed_len (test, + cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_hmac (test, &cmd.handler.base); complete_cmd_interface_system_mock_test (test, &cmd); } -static void cmd_interface_system_test_process_request_unseal_no_cipher_len (CuTest *test) +static void cmd_interface_system_test_process_request_unseal_invalid_seed (CuTest *test) { struct cmd_interface_system_testing cmd; @@ -3901,12 +3914,12 @@ static void cmd_interface_system_test_process_request_unseal_no_cipher_len (CuTe setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, true, DEVICE_MANAGER_UPSTREAM); - cerberus_protocol_optional_commands_testing_process_request_unseal_no_cipher_len (test, + cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_seed (test, &cmd.handler.base); complete_cmd_interface_system_mock_test (test, &cmd); } -static void cmd_interface_system_test_process_request_unseal_incomplete_payload (CuTest *test) +static void cmd_interface_system_test_process_request_unseal_rsa_invalid_padding (CuTest *test) { struct cmd_interface_system_testing cmd; @@ -3914,7 +3927,111 @@ static void cmd_interface_system_test_process_request_unseal_incomplete_payload setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, true, DEVICE_MANAGER_UPSTREAM); - cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_payload (test, + cerberus_protocol_optional_commands_testing_process_request_unseal_rsa_invalid_padding (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_no_seed (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_no_seed (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_incomplete_seed (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_seed (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_no_ciphertext (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_no_ciphertext (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_incomplete_ciphertext (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_ciphertext (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_no_hmac (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_no_hmac (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_bad_hmac_length (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_bad_hmac_length (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_incomplete_hmac (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_incomplete_hmac (test, + &cmd.handler.base); + complete_cmd_interface_system_mock_test (test, &cmd); +} + +static void cmd_interface_system_test_process_request_unseal_invalid_len (CuTest *test) +{ + struct cmd_interface_system_testing cmd; + + TEST_START; + + setup_cmd_interface_system_mock_test (test, &cmd, true, true, true, true, false, false, true, + true, DEVICE_MANAGER_UPSTREAM); + cerberus_protocol_optional_commands_testing_process_request_unseal_invalid_len (test, &cmd.handler.base); complete_cmd_interface_system_mock_test (test, &cmd); } @@ -6012,11 +6129,20 @@ CuSuite* get_cmd_interface_system_suite () SUITE_ADD_TEST (suite, cmd_interface_system_test_process_get_capabilities); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_get_capabilities_invalid_device); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_get_capabilities_invalid_len); - SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_rsa); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_ecc); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_fail); - SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_no_seed_len); - SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_no_cipher_len); - SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_incomplete_payload); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_invalid_hmac); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_invalid_seed); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_rsa_invalid_padding); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_no_seed); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_incomplete_seed); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_no_ciphertext); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_incomplete_ciphertext); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_no_hmac); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_bad_hmac_length); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_incomplete_hmac); + SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_invalid_len); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_result); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_request_unseal_result_limited_response); @@ -6043,7 +6169,6 @@ CuSuite* get_cmd_interface_system_suite () cmd_interface_system_test_process_get_host_reset_status_reset_check_error); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_get_host_reset_status_hold_check_error); - SUITE_ADD_TEST (suite, cmd_interface_system_test_issue_request_null); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_get_pcd_id); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_get_pcd_id_no_id_type); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_get_pcd_id_no_pcd); @@ -6171,6 +6296,7 @@ CuSuite* get_cmd_interface_system_suite () SUITE_ADD_TEST (suite, cmd_interface_system_test_process_reset_counter_invalid_len); SUITE_ADD_TEST (suite, cmd_interface_system_test_process_reset_counter_invalid_counter); SUITE_ADD_TEST (suite, cmd_interface_system_test_supports_all_required_commands); + SUITE_ADD_TEST (suite, cmd_interface_system_test_issue_request_null); SUITE_ADD_TEST (suite, cmd_interface_system_test_issue_request_invalid_request); SUITE_ADD_TEST (suite, cmd_interface_system_test_issue_get_device_capabilities); SUITE_ADD_TEST (suite, cmd_interface_system_test_issue_get_device_capabilities_buf_too_small); diff --git a/core/testing/config_reset_test.c b/core/testing/config_reset_test.c index 4cb7599..49c3243 100644 --- a/core/testing/config_reset_test.c +++ b/core/testing/config_reset_test.c @@ -12,6 +12,7 @@ #include "mock/keystore_mock.h" #include "engines/x509_testing_engine.h" #include "engines/rsa_testing_engine.h" +#include "engines/ecc_testing_engine.h" #include "riot_core_testing.h" #include "mock/recovery_image_manager_mock.h" @@ -25,6 +26,7 @@ static const char *SUITE = "config_reset"; struct config_reset_testing_keys { X509_TESTING_ENGINE x509; /**< X.509 engine for RIoT certificates. */ RSA_TESTING_ENGINE rsa; /**< RSA engine for auxiliary attestation. */ + ECC_TESTING_ENGINE ecc; /**< ECC engine for auxiliary attestation. */ struct keystore_mock riot_keystore; /**< Keystore for RIoT keys. */ struct riot_key_manager riot; /**< RIoT keys. */ struct keystore_mock aux_keystore; /**< Keystore for attestation keys. */ @@ -63,6 +65,9 @@ static void config_reset_testing_init_attestation_keys (CuTest *test, status = RSA_TESTING_ENGINE_INIT (&keys->rsa); CuAssertIntEquals (test, 0, status); + status = ECC_TESTING_ENGINE_INIT (&keys->ecc); + CuAssertIntEquals (test, 0, status); + status = keystore_mock_init (&keys->riot_keystore); CuAssertIntEquals (test, 0, status); @@ -80,7 +85,8 @@ static void config_reset_testing_init_attestation_keys (CuTest *test, &keys->x509.base); CuAssertIntEquals (test, 0, status); - status = aux_attestation_init (&keys->aux, &keys->aux_keystore.base, &keys->rsa.base); + status = aux_attestation_init (&keys->aux, &keys->aux_keystore.base, &keys->rsa.base, + &keys->riot, &keys->ecc.base); CuAssertIntEquals (test, 0, status); status = mock_validate (&keys->riot_keystore.mock); @@ -112,6 +118,7 @@ static void config_reset_testing_release_attestation_keys (CuTest *test, X509_TESTING_ENGINE_RELEASE (&keys->x509); RSA_TESTING_ENGINE_RELEASE (&keys->rsa); + ECC_TESTING_ENGINE_RELEASE (&keys->ecc); } diff --git a/core/testing/keys/rsa3kpriv.pem b/core/testing/keys/rsa3kpriv.pem new file mode 100644 index 0000000..567de7a --- /dev/null +++ b/core/testing/keys/rsa3kpriv.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEAw79NCAgl6qpyN83jCAHxYhJzNf9IcnUX+unKpS8RgxNkf4+e +AeXEXojYxLV5YQZM7rg137lPdQ5hrNY9fyprbsAnqzxsrFD0G0evNh4QP0SNniPT +EvbQJ6kuzoCh4udF4x7T5NSsfRyXDYOdkemxj8L1VB/85gzPBbFFvyYDpZfTJKuf +/C/B2rQD4Q+DK8/rbWjVpZzi+hjDc15K9wNpWK0LTBuU+GgXo/u8aM5TjUzxvNzU +7ovUytceuqt/Xm2SmfvmJorx7NkvQwFFYWfdXqwKxIdXzs4fc5CNlBj3f0TvTcGW +FJ7Ycp8UOgzTCRaKf4dPprdFc7ws8YHltjz5OShRQGrAkdL6W3tGguQbyZoXXnFT +LZQ8K40TsA1qC2wKDXyIz19ZWRIFWVnPKObNgbe7xKLF9m67D8QGwByuUzThb6u1 +7Wq0PomJeZmLBqn1/571Yk0z7fTpYe5ckieSHIBfjU4wMt876ZPY44RJe/td4JYL +MTCP/FC7DkI2lFB1AgMBAAECggGASUaSeoA6WWcmzJcI9tVrW9AWSs9eemI08NuV +3VIKVyvqQgosFv/BC7ZklvZsEpL+N5rDqBVBlksk60Njz/e8McBC2UoMUFEZoCCs +iTCl2lk6Pkmg2QeFkmM1v13NvBfhRI0kuxOV4lvSe9+aG6YErxFHLw+uZxvCX5ol +xtFfKhz0kFSi1g+2nL0oepaI/tydf95vo8hf+0lL2SMiIuenBuf4Q6xLjtXAi8VP +mVgrVMjJ8W4lU4sKxEfVHAHY8ytGvmOMv29Jj2noIWLDL9mXKiH1FwU7x8eTeBPi +VLe8UhWT9fWZ6uvgzSKe7NX5t/i/K6di6wyC1V6GXaVtFHmq/UXu6Rn1lwrjYCR0 +KRIhj8Qjr/cdBcp1psbVEysSecp3p1o6+W0hbigRSIts9Y5q2cB4HpcQg2iZgzFa +iNUj6Tr8ovemAkRYitBjLGPO2VMCWho79WSNXjpJ3pff5LBFqigQAKrOYBDaDNew +ml1GqMrfTkHweCAnYIpSnADfwijhAoHBAPeoniRTnSfL5r1Jtnv0+jIQXQQGg4r4 +bmcvnUOD/5Dnbz42ETOQvJNOgg6QSNNB+kPMqIsT0RhMLK0j6ZivSn+Aogm71FBL +Z7yhfrB/eLchQkZ5JYVLPBRWHNNbVZucXHv10crjfR7/UJ3+f1ERKmn90eDweEzm +qFi7oJqXtuskoeuBpoXZk6Bxv0XDBXQpNBhg5lEwEKTwFLALKPoV8Ywc2CJcjCaH +g0zFpXQ3hPy9+dxLUgczSvD9e2qEyg7HzQKBwQDKVxau1I3fbS9cVU6xuaV/DZ2G +oLW+INoNAEaYSj5buWvHsdZe1FK6hEvYGh9QwgzlKmT3hMxFzVrJyk1c4A0MD3fg +eKdwCHXnPVOaRWNjjfKs8MUJrgF8iw+XxXto924wSM0UnXj/hye35TRDh4mxOybJ +e2d2fj6F4BIkutA1hIv2hzEu7CSPbr6EiAxz5hgoPvH3vb6HJD0rqm4zfCH+jZnW +lQfJW8d0RLysoI9Mj/C6+Tq5Lmm3O7dd1NJNs0kCgcEAzg59hbwMBhCg6t1p97jc +cssqmS7SQ85wDWqQbpxlByuIYzqZFU5XmDi5/WQPM7axg7fEg/L5Bj5a7bPzqBYw +5eUg7PharnQO2+OChVeKGNSTUA98KGtwkXsUgMZ9c/uk936QDz8325KSgOI/DDQ8 +FfQZrA5oCZPgffOerQGOMBdKoag95SAitFvvyRt6bivaLG5zMxnKv3EBxXeDoJCh +aPKW4gAem/AkTrwj7Y5EGAX43lHM7jC/KcO96+KQO7wBAoHBAI1h1u6ohM2GfF5X +GVqj7pjdiaGFcBh+2f3VoH5O+k2bPU1W3QR79aZwRJKmhhUm0l3ahpxRRW7Ms9Bm +NDJeN5+iu0+03sIwlznRpzYXn//zMotW3UcLN+yvOmEBU18f7PV+GRZ7hg1+gelE +FYXOEg8t1sdYHA423jcrP2I8yrlqeWX0RxCTXmR+rE7sxU7Ci0Sr3uUNxzCkyL1X +JBODfDli9ghzL/Kp169NTEyPEDIeLcZn2XmFjcbDyjedOqmiSQKBwF/sDcJDMK+n +XSM2ugcc1M7jNzzEPr8gqD6Of81uPg6XxFM8yATINs6kf227uAgOaW2gTOo7mu4/ +du7kxSEAxNFyvG3VojCyXlkgAgytwIKqREOi68eLO5eas9VRJdV2S8dEcHseHQeO +peFbzBS9IEsbg5SkVVd5dT8OzuUwWowrg+tc6zJUHIW54vBF7oNsfxBubPx+7xSY +jbWcpYCEPyuG9vrA4AEMlkeJbAxPbNhWEziQHX5WjrKj5TYyQr/R4g== +-----END RSA PRIVATE KEY----- diff --git a/core/testing/keys/rsa3kpub.pem b/core/testing/keys/rsa3kpub.pem new file mode 100644 index 0000000..6c0f26c --- /dev/null +++ b/core/testing/keys/rsa3kpub.pem @@ -0,0 +1,11 @@ +-----BEGIN PUBLIC KEY----- +MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAw79NCAgl6qpyN83jCAHx +YhJzNf9IcnUX+unKpS8RgxNkf4+eAeXEXojYxLV5YQZM7rg137lPdQ5hrNY9fypr +bsAnqzxsrFD0G0evNh4QP0SNniPTEvbQJ6kuzoCh4udF4x7T5NSsfRyXDYOdkemx +j8L1VB/85gzPBbFFvyYDpZfTJKuf/C/B2rQD4Q+DK8/rbWjVpZzi+hjDc15K9wNp +WK0LTBuU+GgXo/u8aM5TjUzxvNzU7ovUytceuqt/Xm2SmfvmJorx7NkvQwFFYWfd +XqwKxIdXzs4fc5CNlBj3f0TvTcGWFJ7Ycp8UOgzTCRaKf4dPprdFc7ws8YHltjz5 +OShRQGrAkdL6W3tGguQbyZoXXnFTLZQ8K40TsA1qC2wKDXyIz19ZWRIFWVnPKObN +gbe7xKLF9m67D8QGwByuUzThb6u17Wq0PomJeZmLBqn1/571Yk0z7fTpYe5ckieS +HIBfjU4wMt876ZPY44RJe/td4JYLMTCP/FC7DkI2lFB1AgMBAAE= +-----END PUBLIC KEY----- diff --git a/core/testing/mctp_interface_control_test.c b/core/testing/mctp_interface_control_test.c index eedacd9..18c9046 100644 --- a/core/testing/mctp_interface_control_test.c +++ b/core/testing/mctp_interface_control_test.c @@ -301,7 +301,7 @@ static void mctp_interface_control_test_process_get_vendor_def_msg_support (CuTe CuAssertIntEquals (test, 0, response->vid_set_selector); CuAssertIntEquals (test, 0, response->vid_format); CuAssertIntEquals (test, 0x1414, response->vid); - CuAssertIntEquals (test, 0x200, response->protocol_version); + CuAssertIntEquals (test, 0x0300, response->protocol_version); CuAssertIntEquals (test, false, request.new_request); CuAssertIntEquals (test, false, request.crypto_timeout); @@ -380,7 +380,7 @@ static void mctp_interface_control_test_process_get_vendor_def_msg_support_vid_e CuAssertIntEquals (test, 0, response->vid_set_selector); CuAssertIntEquals (test, 0, response->vid_format); CuAssertIntEquals (test, 0xFF00, response->vid); - CuAssertIntEquals (test, 0x200, response->protocol_version); + CuAssertIntEquals (test, 0x0300, response->protocol_version); CuAssertIntEquals (test, false, request.new_request); CuAssertIntEquals (test, false, request.crypto_timeout); diff --git a/core/testing/mock/attestation_slave_mock.c b/core/testing/mock/attestation_slave_mock.c index 9b7a40c..23ccc73 100644 --- a/core/testing/mock/attestation_slave_mock.c +++ b/core/testing/mock/attestation_slave_mock.c @@ -46,9 +46,11 @@ static int attestation_slave_mock_challenge_response (struct attestation_slave * } static int attestation_slave_mock_aux_attestation_unseal (struct attestation_slave *attestation, - struct hash_engine *hash, const uint8_t *seed, size_t seed_length, const uint8_t *hmac, - const uint8_t *ciphertext, size_t cipher_length, const uint8_t *sealing, uint8_t *key, - size_t key_length, uint8_t platform_pcr) + struct hash_engine *hash, enum aux_attestation_key_length key_type, const uint8_t *seed, + size_t seed_length, enum aux_attestation_seed_type seed_type, + enum aux_attestation_seed_padding seed_padding, const uint8_t *hmac, enum hmac_hash hmac_type, + const uint8_t *ciphertext, size_t cipher_length, const uint8_t sealing[][64], size_t pcr_count, + uint8_t *key, size_t key_length) { struct attestation_slave_mock *mock = (struct attestation_slave_mock*) attestation; @@ -57,10 +59,11 @@ static int attestation_slave_mock_aux_attestation_unseal (struct attestation_sla } MOCK_RETURN (&mock->mock, attestation_slave_mock_aux_attestation_unseal, attestation, - MOCK_ARG_CALL (hash), MOCK_ARG_CALL (seed), MOCK_ARG_CALL (seed_length), - MOCK_ARG_CALL (hmac), MOCK_ARG_CALL (ciphertext), MOCK_ARG_CALL (cipher_length), - MOCK_ARG_CALL (sealing), MOCK_ARG_CALL (key), MOCK_ARG_CALL (key_length), - MOCK_ARG_CALL (platform_pcr)); + MOCK_ARG_CALL (hash), MOCK_ARG_CALL (key_type), MOCK_ARG_CALL (seed), + MOCK_ARG_CALL (seed_length), MOCK_ARG_CALL (seed_type), MOCK_ARG_CALL (seed_padding), + MOCK_ARG_CALL (hmac), MOCK_ARG_CALL (hmac_type), MOCK_ARG_CALL (ciphertext), + MOCK_ARG_CALL (cipher_length), MOCK_ARG_CALL (sealing), MOCK_ARG_CALL (pcr_count), + MOCK_ARG_CALL (key), MOCK_ARG_CALL (key_length)); } static int attestation_slave_mock_aux_decrypt (struct attestation_slave *attestation, @@ -82,7 +85,7 @@ static int attestation_slave_mock_aux_decrypt (struct attestation_slave *attesta static int attestation_slave_mock_func_arg_count (void *func) { if (func == attestation_slave_mock_aux_attestation_unseal) { - return 10; + return 14; } else if (func == attestation_slave_mock_aux_decrypt) { return 7; @@ -171,31 +174,43 @@ static const char* attestation_slave_mock_arg_name_map (void *func, int arg) return "hash"; case 1: - return "seed"; + return "key_type"; case 2: - return "seed_length"; + return "seed"; case 3: - return "hmac"; + return "seed_length"; case 4: - return "ciphertext"; + return "seed_type"; case 5: - return "cipher_length"; + return "seed_padding"; case 6: - return "sealing"; + return "hmac"; case 7: - return "key"; + return "hmac_type"; case 8: - return "key_length"; + return "ciphertext"; case 9: - return "platform_pcr"; + return "cipher_length"; + + case 10: + return "sealing"; + + case 11: + return "pcr_count"; + + case 12: + return "key"; + + case 13: + return "key_length"; default: return "unknown"; diff --git a/core/testing/mock/cmd_background_mock.c b/core/testing/mock/cmd_background_mock.c index d35ec75..4aa7558 100644 --- a/core/testing/mock/cmd_background_mock.c +++ b/core/testing/mock/cmd_background_mock.c @@ -7,9 +7,8 @@ #include "cmd_background_mock.h" -static int cmd_background_mock_unseal_start (struct cmd_background *cmd, const uint8_t *seed, - size_t seed_length, const uint8_t *hmac, const uint8_t *ciphertext, size_t cipher_length, - const uint8_t *sealing, uint8_t platform_pcr) +static int cmd_background_mock_unseal_start (struct cmd_background *cmd, + const uint8_t *unseal_request, size_t length) { struct cmd_background_mock *mock = (struct cmd_background_mock*) cmd; @@ -17,9 +16,8 @@ static int cmd_background_mock_unseal_start (struct cmd_background *cmd, const u return MOCK_INVALID_ARGUMENT; } - MOCK_RETURN (&mock->mock, cmd_background_mock_unseal_start, cmd, MOCK_ARG_CALL (seed), - MOCK_ARG_CALL (seed_length), MOCK_ARG_CALL (hmac), MOCK_ARG_CALL (ciphertext), - MOCK_ARG_CALL (cipher_length), MOCK_ARG_CALL (sealing), MOCK_ARG_CALL (platform_pcr)); + MOCK_RETURN (&mock->mock, cmd_background_mock_unseal_start, cmd, MOCK_ARG_CALL (unseal_request), + MOCK_ARG_CALL (length)); } static int cmd_background_mock_unseal_result (struct cmd_background *cmd, uint8_t *key, @@ -114,12 +112,12 @@ static int cmd_background_mock_get_riot_cert_chain_state (struct cmd_background static int cmd_background_mock_func_arg_count (void *func) { - if (func == cmd_background_mock_unseal_start) { - return 7; - } - else if (func == cmd_background_mock_unseal_result) { + if (func == cmd_background_mock_unseal_result) { return 3; } + else if (func == cmd_background_mock_unseal_start) { + return 2; + } else { return 0; } @@ -164,25 +162,10 @@ static const char* cmd_background_mock_arg_name_map (void *func, int arg) if (func == cmd_background_mock_unseal_start) { switch (arg) { case 0: - return "seed"; + return "unseal_request"; case 1: - return "seed_length"; - - case 2: - return "hmac"; - - case 3: - return "ciphertext"; - - case 4: - return "cipher_length"; - - case 5: - return "sealing"; - - case 6: - return "platform_pcr"; + return "length"; } } else if (func == cmd_background_mock_unseal_result) { diff --git a/core/testing/mock/ecc_mock.c b/core/testing/mock/ecc_mock.c index 93bdd5c..7c4ee65 100644 --- a/core/testing/mock/ecc_mock.c +++ b/core/testing/mock/ecc_mock.c @@ -158,7 +158,7 @@ static int ecc_mock_compute_shared_secret (struct ecc_engine *engine, return MOCK_INVALID_ARGUMENT; } - MOCK_RETURN (&mock->mock, ecc_mock_verify, engine, MOCK_ARG_CALL (priv_key), + MOCK_RETURN (&mock->mock, ecc_mock_compute_shared_secret, engine, MOCK_ARG_CALL (priv_key), MOCK_ARG_CALL (pub_key), MOCK_ARG_CALL (secret), MOCK_ARG_CALL (length)); } diff --git a/core/testing/rsa_test.c b/core/testing/rsa_test.c index 27a7958..b66b12e 100644 --- a/core/testing/rsa_test.c +++ b/core/testing/rsa_test.c @@ -1123,6 +1123,243 @@ const uint8_t RSA_SIGNATURE3_BAD[] = { 0x65,0xa5,0xb3,0x24,0xa2,0x50,0x64,0x95,0x63,0xbb,0x78,0xed,0x81,0xfa,0x95,0xad }; +#if (RSA_MAX_KEY_LENGTH >= RSA_KEY_LENGTH_3K) +const struct rsa_public_key RSA3K_PUBLIC_KEY = { + .modulus = { + 0xc3,0xbf,0x4d,0x08,0x08,0x25,0xea,0xaa,0x72,0x37,0xcd,0xe3,0x08,0x01,0xf1,0x62, + 0x12,0x73,0x35,0xff,0x48,0x72,0x75,0x17,0xfa,0xe9,0xca,0xa5,0x2f,0x11,0x83,0x13, + 0x64,0x7f,0x8f,0x9e,0x01,0xe5,0xc4,0x5e,0x88,0xd8,0xc4,0xb5,0x79,0x61,0x06,0x4c, + 0xee,0xb8,0x35,0xdf,0xb9,0x4f,0x75,0x0e,0x61,0xac,0xd6,0x3d,0x7f,0x2a,0x6b,0x6e, + 0xc0,0x27,0xab,0x3c,0x6c,0xac,0x50,0xf4,0x1b,0x47,0xaf,0x36,0x1e,0x10,0x3f,0x44, + 0x8d,0x9e,0x23,0xd3,0x12,0xf6,0xd0,0x27,0xa9,0x2e,0xce,0x80,0xa1,0xe2,0xe7,0x45, + 0xe3,0x1e,0xd3,0xe4,0xd4,0xac,0x7d,0x1c,0x97,0x0d,0x83,0x9d,0x91,0xe9,0xb1,0x8f, + 0xc2,0xf5,0x54,0x1f,0xfc,0xe6,0x0c,0xcf,0x05,0xb1,0x45,0xbf,0x26,0x03,0xa5,0x97, + 0xd3,0x24,0xab,0x9f,0xfc,0x2f,0xc1,0xda,0xb4,0x03,0xe1,0x0f,0x83,0x2b,0xcf,0xeb, + 0x6d,0x68,0xd5,0xa5,0x9c,0xe2,0xfa,0x18,0xc3,0x73,0x5e,0x4a,0xf7,0x03,0x69,0x58, + 0xad,0x0b,0x4c,0x1b,0x94,0xf8,0x68,0x17,0xa3,0xfb,0xbc,0x68,0xce,0x53,0x8d,0x4c, + 0xf1,0xbc,0xdc,0xd4,0xee,0x8b,0xd4,0xca,0xd7,0x1e,0xba,0xab,0x7f,0x5e,0x6d,0x92, + 0x99,0xfb,0xe6,0x26,0x8a,0xf1,0xec,0xd9,0x2f,0x43,0x01,0x45,0x61,0x67,0xdd,0x5e, + 0xac,0x0a,0xc4,0x87,0x57,0xce,0xce,0x1f,0x73,0x90,0x8d,0x94,0x18,0xf7,0x7f,0x44, + 0xef,0x4d,0xc1,0x96,0x14,0x9e,0xd8,0x72,0x9f,0x14,0x3a,0x0c,0xd3,0x09,0x16,0x8a, + 0x7f,0x87,0x4f,0xa6,0xb7,0x45,0x73,0xbc,0x2c,0xf1,0x81,0xe5,0xb6,0x3c,0xf9,0x39, + 0x28,0x51,0x40,0x6a,0xc0,0x91,0xd2,0xfa,0x5b,0x7b,0x46,0x82,0xe4,0x1b,0xc9,0x9a, + 0x17,0x5e,0x71,0x53,0x2d,0x94,0x3c,0x2b,0x8d,0x13,0xb0,0x0d,0x6a,0x0b,0x6c,0x0a, + 0x0d,0x7c,0x88,0xcf,0x5f,0x59,0x59,0x12,0x05,0x59,0x59,0xcf,0x28,0xe6,0xcd,0x81, + 0xb7,0xbb,0xc4,0xa2,0xc5,0xf6,0x6e,0xbb,0x0f,0xc4,0x06,0xc0,0x1c,0xae,0x53,0x34, + 0xe1,0x6f,0xab,0xb5,0xed,0x6a,0xb4,0x3e,0x89,0x89,0x79,0x99,0x8b,0x06,0xa9,0xf5, + 0xff,0x9e,0xf5,0x62,0x4d,0x33,0xed,0xf4,0xe9,0x61,0xee,0x5c,0x92,0x27,0x92,0x1c, + 0x80,0x5f,0x8d,0x4e,0x30,0x32,0xdf,0x3b,0xe9,0x93,0xd8,0xe3,0x84,0x49,0x7b,0xfb, + 0x5d,0xe0,0x96,0x0b,0x31,0x30,0x8f,0xfc,0x50,0xbb,0x0e,0x42,0x36,0x94,0x50,0x75 + }, + .mod_length = 384, + .exponent = 65537 +}; +#endif + +const char RSA3K_PUBKEY_PEM[] = "-----BEGIN PUBLIC KEY-----\n" + "MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAw79NCAgl6qpyN83jCAHx" + "YhJzNf9IcnUX+unKpS8RgxNkf4+eAeXEXojYxLV5YQZM7rg137lPdQ5hrNY9fypr" + "bsAnqzxsrFD0G0evNh4QP0SNniPTEvbQJ6kuzoCh4udF4x7T5NSsfRyXDYOdkemx" + "j8L1VB/85gzPBbFFvyYDpZfTJKuf/C/B2rQD4Q+DK8/rbWjVpZzi+hjDc15K9wNp" + "WK0LTBuU+GgXo/u8aM5TjUzxvNzU7ovUytceuqt/Xm2SmfvmJorx7NkvQwFFYWfd" + "XqwKxIdXzs4fc5CNlBj3f0TvTcGWFJ7Ycp8UOgzTCRaKf4dPprdFc7ws8YHltjz5" + "OShRQGrAkdL6W3tGguQbyZoXXnFTLZQ8K40TsA1qC2wKDXyIz19ZWRIFWVnPKObN" + "gbe7xKLF9m67D8QGwByuUzThb6u17Wq0PomJeZmLBqn1/571Yk0z7fTpYe5ckieS" + "HIBfjU4wMt876ZPY44RJe/td4JYLMTCP/FC7DkI2lFB1AgMBAAE=\n" + "-----END PUBLIC KEY-----\n"; + +const size_t RSA3K_PUBKEY_PEM_LEN = sizeof (RSA3K_PUBKEY_PEM); + +const uint8_t RSA3K_PUBKEY_DER[] = { + 0x30,0x82,0x01,0xa2,0x30,0x0d,0x06,0x09,0x2a,0x86,0x48,0x86,0xf7,0x0d,0x01,0x01, + 0x01,0x05,0x00,0x03,0x82,0x01,0x8f,0x00,0x30,0x82,0x01,0x8a,0x02,0x82,0x01,0x81, + 0x00,0xc3,0xbf,0x4d,0x08,0x08,0x25,0xea,0xaa,0x72,0x37,0xcd,0xe3,0x08,0x01,0xf1, + 0x62,0x12,0x73,0x35,0xff,0x48,0x72,0x75,0x17,0xfa,0xe9,0xca,0xa5,0x2f,0x11,0x83, + 0x13,0x64,0x7f,0x8f,0x9e,0x01,0xe5,0xc4,0x5e,0x88,0xd8,0xc4,0xb5,0x79,0x61,0x06, + 0x4c,0xee,0xb8,0x35,0xdf,0xb9,0x4f,0x75,0x0e,0x61,0xac,0xd6,0x3d,0x7f,0x2a,0x6b, + 0x6e,0xc0,0x27,0xab,0x3c,0x6c,0xac,0x50,0xf4,0x1b,0x47,0xaf,0x36,0x1e,0x10,0x3f, + 0x44,0x8d,0x9e,0x23,0xd3,0x12,0xf6,0xd0,0x27,0xa9,0x2e,0xce,0x80,0xa1,0xe2,0xe7, + 0x45,0xe3,0x1e,0xd3,0xe4,0xd4,0xac,0x7d,0x1c,0x97,0x0d,0x83,0x9d,0x91,0xe9,0xb1, + 0x8f,0xc2,0xf5,0x54,0x1f,0xfc,0xe6,0x0c,0xcf,0x05,0xb1,0x45,0xbf,0x26,0x03,0xa5, + 0x97,0xd3,0x24,0xab,0x9f,0xfc,0x2f,0xc1,0xda,0xb4,0x03,0xe1,0x0f,0x83,0x2b,0xcf, + 0xeb,0x6d,0x68,0xd5,0xa5,0x9c,0xe2,0xfa,0x18,0xc3,0x73,0x5e,0x4a,0xf7,0x03,0x69, + 0x58,0xad,0x0b,0x4c,0x1b,0x94,0xf8,0x68,0x17,0xa3,0xfb,0xbc,0x68,0xce,0x53,0x8d, + 0x4c,0xf1,0xbc,0xdc,0xd4,0xee,0x8b,0xd4,0xca,0xd7,0x1e,0xba,0xab,0x7f,0x5e,0x6d, + 0x92,0x99,0xfb,0xe6,0x26,0x8a,0xf1,0xec,0xd9,0x2f,0x43,0x01,0x45,0x61,0x67,0xdd, + 0x5e,0xac,0x0a,0xc4,0x87,0x57,0xce,0xce,0x1f,0x73,0x90,0x8d,0x94,0x18,0xf7,0x7f, + 0x44,0xef,0x4d,0xc1,0x96,0x14,0x9e,0xd8,0x72,0x9f,0x14,0x3a,0x0c,0xd3,0x09,0x16, + 0x8a,0x7f,0x87,0x4f,0xa6,0xb7,0x45,0x73,0xbc,0x2c,0xf1,0x81,0xe5,0xb6,0x3c,0xf9, + 0x39,0x28,0x51,0x40,0x6a,0xc0,0x91,0xd2,0xfa,0x5b,0x7b,0x46,0x82,0xe4,0x1b,0xc9, + 0x9a,0x17,0x5e,0x71,0x53,0x2d,0x94,0x3c,0x2b,0x8d,0x13,0xb0,0x0d,0x6a,0x0b,0x6c, + 0x0a,0x0d,0x7c,0x88,0xcf,0x5f,0x59,0x59,0x12,0x05,0x59,0x59,0xcf,0x28,0xe6,0xcd, + 0x81,0xb7,0xbb,0xc4,0xa2,0xc5,0xf6,0x6e,0xbb,0x0f,0xc4,0x06,0xc0,0x1c,0xae,0x53, + 0x34,0xe1,0x6f,0xab,0xb5,0xed,0x6a,0xb4,0x3e,0x89,0x89,0x79,0x99,0x8b,0x06,0xa9, + 0xf5,0xff,0x9e,0xf5,0x62,0x4d,0x33,0xed,0xf4,0xe9,0x61,0xee,0x5c,0x92,0x27,0x92, + 0x1c,0x80,0x5f,0x8d,0x4e,0x30,0x32,0xdf,0x3b,0xe9,0x93,0xd8,0xe3,0x84,0x49,0x7b, + 0xfb,0x5d,0xe0,0x96,0x0b,0x31,0x30,0x8f,0xfc,0x50,0xbb,0x0e,0x42,0x36,0x94,0x50, + 0x75,0x02,0x03,0x01,0x00,0x01 +}; + +const size_t RSA3K_PUBKEY_DER_LEN = sizeof (RSA3K_PUBKEY_DER); + +const char RSA3K_PRIVKEY_PEM[] = "-----BEGIN RSA PRIVATE KEY-----\n" + "MIIG5AIBAAKCAYEAw79NCAgl6qpyN83jCAHxYhJzNf9IcnUX+unKpS8RgxNkf4+e" + "AeXEXojYxLV5YQZM7rg137lPdQ5hrNY9fyprbsAnqzxsrFD0G0evNh4QP0SNniPT" + "EvbQJ6kuzoCh4udF4x7T5NSsfRyXDYOdkemxj8L1VB/85gzPBbFFvyYDpZfTJKuf" + "/C/B2rQD4Q+DK8/rbWjVpZzi+hjDc15K9wNpWK0LTBuU+GgXo/u8aM5TjUzxvNzU" + "7ovUytceuqt/Xm2SmfvmJorx7NkvQwFFYWfdXqwKxIdXzs4fc5CNlBj3f0TvTcGW" + "FJ7Ycp8UOgzTCRaKf4dPprdFc7ws8YHltjz5OShRQGrAkdL6W3tGguQbyZoXXnFT" + "LZQ8K40TsA1qC2wKDXyIz19ZWRIFWVnPKObNgbe7xKLF9m67D8QGwByuUzThb6u1" + "7Wq0PomJeZmLBqn1/571Yk0z7fTpYe5ckieSHIBfjU4wMt876ZPY44RJe/td4JYL" + "MTCP/FC7DkI2lFB1AgMBAAECggGASUaSeoA6WWcmzJcI9tVrW9AWSs9eemI08NuV" + "3VIKVyvqQgosFv/BC7ZklvZsEpL+N5rDqBVBlksk60Njz/e8McBC2UoMUFEZoCCs" + "iTCl2lk6Pkmg2QeFkmM1v13NvBfhRI0kuxOV4lvSe9+aG6YErxFHLw+uZxvCX5ol" + "xtFfKhz0kFSi1g+2nL0oepaI/tydf95vo8hf+0lL2SMiIuenBuf4Q6xLjtXAi8VP" + "mVgrVMjJ8W4lU4sKxEfVHAHY8ytGvmOMv29Jj2noIWLDL9mXKiH1FwU7x8eTeBPi" + "VLe8UhWT9fWZ6uvgzSKe7NX5t/i/K6di6wyC1V6GXaVtFHmq/UXu6Rn1lwrjYCR0" + "KRIhj8Qjr/cdBcp1psbVEysSecp3p1o6+W0hbigRSIts9Y5q2cB4HpcQg2iZgzFa" + "iNUj6Tr8ovemAkRYitBjLGPO2VMCWho79WSNXjpJ3pff5LBFqigQAKrOYBDaDNew" + "ml1GqMrfTkHweCAnYIpSnADfwijhAoHBAPeoniRTnSfL5r1Jtnv0+jIQXQQGg4r4" + "bmcvnUOD/5Dnbz42ETOQvJNOgg6QSNNB+kPMqIsT0RhMLK0j6ZivSn+Aogm71FBL" + "Z7yhfrB/eLchQkZ5JYVLPBRWHNNbVZucXHv10crjfR7/UJ3+f1ERKmn90eDweEzm" + "qFi7oJqXtuskoeuBpoXZk6Bxv0XDBXQpNBhg5lEwEKTwFLALKPoV8Ywc2CJcjCaH" + "g0zFpXQ3hPy9+dxLUgczSvD9e2qEyg7HzQKBwQDKVxau1I3fbS9cVU6xuaV/DZ2G" + "oLW+INoNAEaYSj5buWvHsdZe1FK6hEvYGh9QwgzlKmT3hMxFzVrJyk1c4A0MD3fg" + "eKdwCHXnPVOaRWNjjfKs8MUJrgF8iw+XxXto924wSM0UnXj/hye35TRDh4mxOybJ" + "e2d2fj6F4BIkutA1hIv2hzEu7CSPbr6EiAxz5hgoPvH3vb6HJD0rqm4zfCH+jZnW" + "lQfJW8d0RLysoI9Mj/C6+Tq5Lmm3O7dd1NJNs0kCgcEAzg59hbwMBhCg6t1p97jc" + "cssqmS7SQ85wDWqQbpxlByuIYzqZFU5XmDi5/WQPM7axg7fEg/L5Bj5a7bPzqBYw" + "5eUg7PharnQO2+OChVeKGNSTUA98KGtwkXsUgMZ9c/uk936QDz8325KSgOI/DDQ8" + "FfQZrA5oCZPgffOerQGOMBdKoag95SAitFvvyRt6bivaLG5zMxnKv3EBxXeDoJCh" + "aPKW4gAem/AkTrwj7Y5EGAX43lHM7jC/KcO96+KQO7wBAoHBAI1h1u6ohM2GfF5X" + "GVqj7pjdiaGFcBh+2f3VoH5O+k2bPU1W3QR79aZwRJKmhhUm0l3ahpxRRW7Ms9Bm" + "NDJeN5+iu0+03sIwlznRpzYXn//zMotW3UcLN+yvOmEBU18f7PV+GRZ7hg1+gelE" + "FYXOEg8t1sdYHA423jcrP2I8yrlqeWX0RxCTXmR+rE7sxU7Ci0Sr3uUNxzCkyL1X" + "JBODfDli9ghzL/Kp169NTEyPEDIeLcZn2XmFjcbDyjedOqmiSQKBwF/sDcJDMK+n" + "XSM2ugcc1M7jNzzEPr8gqD6Of81uPg6XxFM8yATINs6kf227uAgOaW2gTOo7mu4/" + "du7kxSEAxNFyvG3VojCyXlkgAgytwIKqREOi68eLO5eas9VRJdV2S8dEcHseHQeO" + "peFbzBS9IEsbg5SkVVd5dT8OzuUwWowrg+tc6zJUHIW54vBF7oNsfxBubPx+7xSY" + "jbWcpYCEPyuG9vrA4AEMlkeJbAxPbNhWEziQHX5WjrKj5TYyQr/R4g==\n" + "-----END RSA PRIVATE KEY-----\n"; + +const size_t RSA3K_PRIVKEY_PEM_LEN = sizeof (RSA3K_PRIVKEY_PEM); + +const uint8_t RSA3K_PRIVKEY_DER[] = { + 0x30,0x82,0x06,0xe4,0x02,0x01,0x00,0x02,0x82,0x01,0x81,0x00,0xc3,0xbf,0x4d,0x08, + 0x08,0x25,0xea,0xaa,0x72,0x37,0xcd,0xe3,0x08,0x01,0xf1,0x62,0x12,0x73,0x35,0xff, + 0x48,0x72,0x75,0x17,0xfa,0xe9,0xca,0xa5,0x2f,0x11,0x83,0x13,0x64,0x7f,0x8f,0x9e, + 0x01,0xe5,0xc4,0x5e,0x88,0xd8,0xc4,0xb5,0x79,0x61,0x06,0x4c,0xee,0xb8,0x35,0xdf, + 0xb9,0x4f,0x75,0x0e,0x61,0xac,0xd6,0x3d,0x7f,0x2a,0x6b,0x6e,0xc0,0x27,0xab,0x3c, + 0x6c,0xac,0x50,0xf4,0x1b,0x47,0xaf,0x36,0x1e,0x10,0x3f,0x44,0x8d,0x9e,0x23,0xd3, + 0x12,0xf6,0xd0,0x27,0xa9,0x2e,0xce,0x80,0xa1,0xe2,0xe7,0x45,0xe3,0x1e,0xd3,0xe4, + 0xd4,0xac,0x7d,0x1c,0x97,0x0d,0x83,0x9d,0x91,0xe9,0xb1,0x8f,0xc2,0xf5,0x54,0x1f, + 0xfc,0xe6,0x0c,0xcf,0x05,0xb1,0x45,0xbf,0x26,0x03,0xa5,0x97,0xd3,0x24,0xab,0x9f, + 0xfc,0x2f,0xc1,0xda,0xb4,0x03,0xe1,0x0f,0x83,0x2b,0xcf,0xeb,0x6d,0x68,0xd5,0xa5, + 0x9c,0xe2,0xfa,0x18,0xc3,0x73,0x5e,0x4a,0xf7,0x03,0x69,0x58,0xad,0x0b,0x4c,0x1b, + 0x94,0xf8,0x68,0x17,0xa3,0xfb,0xbc,0x68,0xce,0x53,0x8d,0x4c,0xf1,0xbc,0xdc,0xd4, + 0xee,0x8b,0xd4,0xca,0xd7,0x1e,0xba,0xab,0x7f,0x5e,0x6d,0x92,0x99,0xfb,0xe6,0x26, + 0x8a,0xf1,0xec,0xd9,0x2f,0x43,0x01,0x45,0x61,0x67,0xdd,0x5e,0xac,0x0a,0xc4,0x87, + 0x57,0xce,0xce,0x1f,0x73,0x90,0x8d,0x94,0x18,0xf7,0x7f,0x44,0xef,0x4d,0xc1,0x96, + 0x14,0x9e,0xd8,0x72,0x9f,0x14,0x3a,0x0c,0xd3,0x09,0x16,0x8a,0x7f,0x87,0x4f,0xa6, + 0xb7,0x45,0x73,0xbc,0x2c,0xf1,0x81,0xe5,0xb6,0x3c,0xf9,0x39,0x28,0x51,0x40,0x6a, + 0xc0,0x91,0xd2,0xfa,0x5b,0x7b,0x46,0x82,0xe4,0x1b,0xc9,0x9a,0x17,0x5e,0x71,0x53, + 0x2d,0x94,0x3c,0x2b,0x8d,0x13,0xb0,0x0d,0x6a,0x0b,0x6c,0x0a,0x0d,0x7c,0x88,0xcf, + 0x5f,0x59,0x59,0x12,0x05,0x59,0x59,0xcf,0x28,0xe6,0xcd,0x81,0xb7,0xbb,0xc4,0xa2, + 0xc5,0xf6,0x6e,0xbb,0x0f,0xc4,0x06,0xc0,0x1c,0xae,0x53,0x34,0xe1,0x6f,0xab,0xb5, + 0xed,0x6a,0xb4,0x3e,0x89,0x89,0x79,0x99,0x8b,0x06,0xa9,0xf5,0xff,0x9e,0xf5,0x62, + 0x4d,0x33,0xed,0xf4,0xe9,0x61,0xee,0x5c,0x92,0x27,0x92,0x1c,0x80,0x5f,0x8d,0x4e, + 0x30,0x32,0xdf,0x3b,0xe9,0x93,0xd8,0xe3,0x84,0x49,0x7b,0xfb,0x5d,0xe0,0x96,0x0b, + 0x31,0x30,0x8f,0xfc,0x50,0xbb,0x0e,0x42,0x36,0x94,0x50,0x75,0x02,0x03,0x01,0x00, + 0x01,0x02,0x82,0x01,0x80,0x49,0x46,0x92,0x7a,0x80,0x3a,0x59,0x67,0x26,0xcc,0x97, + 0x08,0xf6,0xd5,0x6b,0x5b,0xd0,0x16,0x4a,0xcf,0x5e,0x7a,0x62,0x34,0xf0,0xdb,0x95, + 0xdd,0x52,0x0a,0x57,0x2b,0xea,0x42,0x0a,0x2c,0x16,0xff,0xc1,0x0b,0xb6,0x64,0x96, + 0xf6,0x6c,0x12,0x92,0xfe,0x37,0x9a,0xc3,0xa8,0x15,0x41,0x96,0x4b,0x24,0xeb,0x43, + 0x63,0xcf,0xf7,0xbc,0x31,0xc0,0x42,0xd9,0x4a,0x0c,0x50,0x51,0x19,0xa0,0x20,0xac, + 0x89,0x30,0xa5,0xda,0x59,0x3a,0x3e,0x49,0xa0,0xd9,0x07,0x85,0x92,0x63,0x35,0xbf, + 0x5d,0xcd,0xbc,0x17,0xe1,0x44,0x8d,0x24,0xbb,0x13,0x95,0xe2,0x5b,0xd2,0x7b,0xdf, + 0x9a,0x1b,0xa6,0x04,0xaf,0x11,0x47,0x2f,0x0f,0xae,0x67,0x1b,0xc2,0x5f,0x9a,0x25, + 0xc6,0xd1,0x5f,0x2a,0x1c,0xf4,0x90,0x54,0xa2,0xd6,0x0f,0xb6,0x9c,0xbd,0x28,0x7a, + 0x96,0x88,0xfe,0xdc,0x9d,0x7f,0xde,0x6f,0xa3,0xc8,0x5f,0xfb,0x49,0x4b,0xd9,0x23, + 0x22,0x22,0xe7,0xa7,0x06,0xe7,0xf8,0x43,0xac,0x4b,0x8e,0xd5,0xc0,0x8b,0xc5,0x4f, + 0x99,0x58,0x2b,0x54,0xc8,0xc9,0xf1,0x6e,0x25,0x53,0x8b,0x0a,0xc4,0x47,0xd5,0x1c, + 0x01,0xd8,0xf3,0x2b,0x46,0xbe,0x63,0x8c,0xbf,0x6f,0x49,0x8f,0x69,0xe8,0x21,0x62, + 0xc3,0x2f,0xd9,0x97,0x2a,0x21,0xf5,0x17,0x05,0x3b,0xc7,0xc7,0x93,0x78,0x13,0xe2, + 0x54,0xb7,0xbc,0x52,0x15,0x93,0xf5,0xf5,0x99,0xea,0xeb,0xe0,0xcd,0x22,0x9e,0xec, + 0xd5,0xf9,0xb7,0xf8,0xbf,0x2b,0xa7,0x62,0xeb,0x0c,0x82,0xd5,0x5e,0x86,0x5d,0xa5, + 0x6d,0x14,0x79,0xaa,0xfd,0x45,0xee,0xe9,0x19,0xf5,0x97,0x0a,0xe3,0x60,0x24,0x74, + 0x29,0x12,0x21,0x8f,0xc4,0x23,0xaf,0xf7,0x1d,0x05,0xca,0x75,0xa6,0xc6,0xd5,0x13, + 0x2b,0x12,0x79,0xca,0x77,0xa7,0x5a,0x3a,0xf9,0x6d,0x21,0x6e,0x28,0x11,0x48,0x8b, + 0x6c,0xf5,0x8e,0x6a,0xd9,0xc0,0x78,0x1e,0x97,0x10,0x83,0x68,0x99,0x83,0x31,0x5a, + 0x88,0xd5,0x23,0xe9,0x3a,0xfc,0xa2,0xf7,0xa6,0x02,0x44,0x58,0x8a,0xd0,0x63,0x2c, + 0x63,0xce,0xd9,0x53,0x02,0x5a,0x1a,0x3b,0xf5,0x64,0x8d,0x5e,0x3a,0x49,0xde,0x97, + 0xdf,0xe4,0xb0,0x45,0xaa,0x28,0x10,0x00,0xaa,0xce,0x60,0x10,0xda,0x0c,0xd7,0xb0, + 0x9a,0x5d,0x46,0xa8,0xca,0xdf,0x4e,0x41,0xf0,0x78,0x20,0x27,0x60,0x8a,0x52,0x9c, + 0x00,0xdf,0xc2,0x28,0xe1,0x02,0x81,0xc1,0x00,0xf7,0xa8,0x9e,0x24,0x53,0x9d,0x27, + 0xcb,0xe6,0xbd,0x49,0xb6,0x7b,0xf4,0xfa,0x32,0x10,0x5d,0x04,0x06,0x83,0x8a,0xf8, + 0x6e,0x67,0x2f,0x9d,0x43,0x83,0xff,0x90,0xe7,0x6f,0x3e,0x36,0x11,0x33,0x90,0xbc, + 0x93,0x4e,0x82,0x0e,0x90,0x48,0xd3,0x41,0xfa,0x43,0xcc,0xa8,0x8b,0x13,0xd1,0x18, + 0x4c,0x2c,0xad,0x23,0xe9,0x98,0xaf,0x4a,0x7f,0x80,0xa2,0x09,0xbb,0xd4,0x50,0x4b, + 0x67,0xbc,0xa1,0x7e,0xb0,0x7f,0x78,0xb7,0x21,0x42,0x46,0x79,0x25,0x85,0x4b,0x3c, + 0x14,0x56,0x1c,0xd3,0x5b,0x55,0x9b,0x9c,0x5c,0x7b,0xf5,0xd1,0xca,0xe3,0x7d,0x1e, + 0xff,0x50,0x9d,0xfe,0x7f,0x51,0x11,0x2a,0x69,0xfd,0xd1,0xe0,0xf0,0x78,0x4c,0xe6, + 0xa8,0x58,0xbb,0xa0,0x9a,0x97,0xb6,0xeb,0x24,0xa1,0xeb,0x81,0xa6,0x85,0xd9,0x93, + 0xa0,0x71,0xbf,0x45,0xc3,0x05,0x74,0x29,0x34,0x18,0x60,0xe6,0x51,0x30,0x10,0xa4, + 0xf0,0x14,0xb0,0x0b,0x28,0xfa,0x15,0xf1,0x8c,0x1c,0xd8,0x22,0x5c,0x8c,0x26,0x87, + 0x83,0x4c,0xc5,0xa5,0x74,0x37,0x84,0xfc,0xbd,0xf9,0xdc,0x4b,0x52,0x07,0x33,0x4a, + 0xf0,0xfd,0x7b,0x6a,0x84,0xca,0x0e,0xc7,0xcd,0x02,0x81,0xc1,0x00,0xca,0x57,0x16, + 0xae,0xd4,0x8d,0xdf,0x6d,0x2f,0x5c,0x55,0x4e,0xb1,0xb9,0xa5,0x7f,0x0d,0x9d,0x86, + 0xa0,0xb5,0xbe,0x20,0xda,0x0d,0x00,0x46,0x98,0x4a,0x3e,0x5b,0xb9,0x6b,0xc7,0xb1, + 0xd6,0x5e,0xd4,0x52,0xba,0x84,0x4b,0xd8,0x1a,0x1f,0x50,0xc2,0x0c,0xe5,0x2a,0x64, + 0xf7,0x84,0xcc,0x45,0xcd,0x5a,0xc9,0xca,0x4d,0x5c,0xe0,0x0d,0x0c,0x0f,0x77,0xe0, + 0x78,0xa7,0x70,0x08,0x75,0xe7,0x3d,0x53,0x9a,0x45,0x63,0x63,0x8d,0xf2,0xac,0xf0, + 0xc5,0x09,0xae,0x01,0x7c,0x8b,0x0f,0x97,0xc5,0x7b,0x68,0xf7,0x6e,0x30,0x48,0xcd, + 0x14,0x9d,0x78,0xff,0x87,0x27,0xb7,0xe5,0x34,0x43,0x87,0x89,0xb1,0x3b,0x26,0xc9, + 0x7b,0x67,0x76,0x7e,0x3e,0x85,0xe0,0x12,0x24,0xba,0xd0,0x35,0x84,0x8b,0xf6,0x87, + 0x31,0x2e,0xec,0x24,0x8f,0x6e,0xbe,0x84,0x88,0x0c,0x73,0xe6,0x18,0x28,0x3e,0xf1, + 0xf7,0xbd,0xbe,0x87,0x24,0x3d,0x2b,0xaa,0x6e,0x33,0x7c,0x21,0xfe,0x8d,0x99,0xd6, + 0x95,0x07,0xc9,0x5b,0xc7,0x74,0x44,0xbc,0xac,0xa0,0x8f,0x4c,0x8f,0xf0,0xba,0xf9, + 0x3a,0xb9,0x2e,0x69,0xb7,0x3b,0xb7,0x5d,0xd4,0xd2,0x4d,0xb3,0x49,0x02,0x81,0xc1, + 0x00,0xce,0x0e,0x7d,0x85,0xbc,0x0c,0x06,0x10,0xa0,0xea,0xdd,0x69,0xf7,0xb8,0xdc, + 0x72,0xcb,0x2a,0x99,0x2e,0xd2,0x43,0xce,0x70,0x0d,0x6a,0x90,0x6e,0x9c,0x65,0x07, + 0x2b,0x88,0x63,0x3a,0x99,0x15,0x4e,0x57,0x98,0x38,0xb9,0xfd,0x64,0x0f,0x33,0xb6, + 0xb1,0x83,0xb7,0xc4,0x83,0xf2,0xf9,0x06,0x3e,0x5a,0xed,0xb3,0xf3,0xa8,0x16,0x30, + 0xe5,0xe5,0x20,0xec,0xf8,0x5a,0xae,0x74,0x0e,0xdb,0xe3,0x82,0x85,0x57,0x8a,0x18, + 0xd4,0x93,0x50,0x0f,0x7c,0x28,0x6b,0x70,0x91,0x7b,0x14,0x80,0xc6,0x7d,0x73,0xfb, + 0xa4,0xf7,0x7e,0x90,0x0f,0x3f,0x37,0xdb,0x92,0x92,0x80,0xe2,0x3f,0x0c,0x34,0x3c, + 0x15,0xf4,0x19,0xac,0x0e,0x68,0x09,0x93,0xe0,0x7d,0xf3,0x9e,0xad,0x01,0x8e,0x30, + 0x17,0x4a,0xa1,0xa8,0x3d,0xe5,0x20,0x22,0xb4,0x5b,0xef,0xc9,0x1b,0x7a,0x6e,0x2b, + 0xda,0x2c,0x6e,0x73,0x33,0x19,0xca,0xbf,0x71,0x01,0xc5,0x77,0x83,0xa0,0x90,0xa1, + 0x68,0xf2,0x96,0xe2,0x00,0x1e,0x9b,0xf0,0x24,0x4e,0xbc,0x23,0xed,0x8e,0x44,0x18, + 0x05,0xf8,0xde,0x51,0xcc,0xee,0x30,0xbf,0x29,0xc3,0xbd,0xeb,0xe2,0x90,0x3b,0xbc, + 0x01,0x02,0x81,0xc1,0x00,0x8d,0x61,0xd6,0xee,0xa8,0x84,0xcd,0x86,0x7c,0x5e,0x57, + 0x19,0x5a,0xa3,0xee,0x98,0xdd,0x89,0xa1,0x85,0x70,0x18,0x7e,0xd9,0xfd,0xd5,0xa0, + 0x7e,0x4e,0xfa,0x4d,0x9b,0x3d,0x4d,0x56,0xdd,0x04,0x7b,0xf5,0xa6,0x70,0x44,0x92, + 0xa6,0x86,0x15,0x26,0xd2,0x5d,0xda,0x86,0x9c,0x51,0x45,0x6e,0xcc,0xb3,0xd0,0x66, + 0x34,0x32,0x5e,0x37,0x9f,0xa2,0xbb,0x4f,0xb4,0xde,0xc2,0x30,0x97,0x39,0xd1,0xa7, + 0x36,0x17,0x9f,0xff,0xf3,0x32,0x8b,0x56,0xdd,0x47,0x0b,0x37,0xec,0xaf,0x3a,0x61, + 0x01,0x53,0x5f,0x1f,0xec,0xf5,0x7e,0x19,0x16,0x7b,0x86,0x0d,0x7e,0x81,0xe9,0x44, + 0x15,0x85,0xce,0x12,0x0f,0x2d,0xd6,0xc7,0x58,0x1c,0x0e,0x36,0xde,0x37,0x2b,0x3f, + 0x62,0x3c,0xca,0xb9,0x6a,0x79,0x65,0xf4,0x47,0x10,0x93,0x5e,0x64,0x7e,0xac,0x4e, + 0xec,0xc5,0x4e,0xc2,0x8b,0x44,0xab,0xde,0xe5,0x0d,0xc7,0x30,0xa4,0xc8,0xbd,0x57, + 0x24,0x13,0x83,0x7c,0x39,0x62,0xf6,0x08,0x73,0x2f,0xf2,0xa9,0xd7,0xaf,0x4d,0x4c, + 0x4c,0x8f,0x10,0x32,0x1e,0x2d,0xc6,0x67,0xd9,0x79,0x85,0x8d,0xc6,0xc3,0xca,0x37, + 0x9d,0x3a,0xa9,0xa2,0x49,0x02,0x81,0xc0,0x5f,0xec,0x0d,0xc2,0x43,0x30,0xaf,0xa7, + 0x5d,0x23,0x36,0xba,0x07,0x1c,0xd4,0xce,0xe3,0x37,0x3c,0xc4,0x3e,0xbf,0x20,0xa8, + 0x3e,0x8e,0x7f,0xcd,0x6e,0x3e,0x0e,0x97,0xc4,0x53,0x3c,0xc8,0x04,0xc8,0x36,0xce, + 0xa4,0x7f,0x6d,0xbb,0xb8,0x08,0x0e,0x69,0x6d,0xa0,0x4c,0xea,0x3b,0x9a,0xee,0x3f, + 0x76,0xee,0xe4,0xc5,0x21,0x00,0xc4,0xd1,0x72,0xbc,0x6d,0xd5,0xa2,0x30,0xb2,0x5e, + 0x59,0x20,0x02,0x0c,0xad,0xc0,0x82,0xaa,0x44,0x43,0xa2,0xeb,0xc7,0x8b,0x3b,0x97, + 0x9a,0xb3,0xd5,0x51,0x25,0xd5,0x76,0x4b,0xc7,0x44,0x70,0x7b,0x1e,0x1d,0x07,0x8e, + 0xa5,0xe1,0x5b,0xcc,0x14,0xbd,0x20,0x4b,0x1b,0x83,0x94,0xa4,0x55,0x57,0x79,0x75, + 0x3f,0x0e,0xce,0xe5,0x30,0x5a,0x8c,0x2b,0x83,0xeb,0x5c,0xeb,0x32,0x54,0x1c,0x85, + 0xb9,0xe2,0xf0,0x45,0xee,0x83,0x6c,0x7f,0x10,0x6e,0x6c,0xfc,0x7e,0xef,0x14,0x98, + 0x8d,0xb5,0x9c,0xa5,0x80,0x84,0x3f,0x2b,0x86,0xf6,0xfa,0xc0,0xe0,0x01,0x0c,0x96, + 0x47,0x89,0x6c,0x0c,0x4f,0x6c,0xd8,0x56,0x13,0x38,0x90,0x1d,0x7e,0x56,0x8e,0xb2, + 0xa3,0xe5,0x36,0x32,0x42,0xbf,0xd1,0xe2 +}; + +const size_t RSA3K_PRIVKEY_DER_LEN = sizeof (RSA3K_PRIVKEY_DER); + #if (RSA_MAX_KEY_LENGTH >= RSA_KEY_LENGTH_4K) const struct rsa_public_key RSA4K_PUBLIC_KEY = { .modulus = { diff --git a/core/testing/rsa_testing.h b/core/testing/rsa_testing.h index d08b21f..a794724 100644 --- a/core/testing/rsa_testing.h +++ b/core/testing/rsa_testing.h @@ -95,6 +95,23 @@ extern const uint8_t RSA_SIGNATURE3_BAD[]; #define RSA_ENCRYPT_LEN (2048 / 8) +#if (RSA_MAX_KEY_LENGTH >= RSA_KEY_LENGTH_3K) +extern const struct rsa_public_key RSA3K_PUBLIC_KEY; +#endif + +extern const char RSA3K_PUBKEY_PEM[]; +extern const size_t RSA3K_PUBKEY_PEM_LEN; + +extern const uint8_t RSA3K_PUBKEY_DER[]; +extern const size_t RSA3K_PUBKEY_DER_LEN; + +extern const char RSA3K_PRIVKEY_PEM[]; +extern const size_t RSA3K_PRIVKEY_PEM_LEN; + +extern const uint8_t RSA3K_PRIVKEY_DER[]; +extern const size_t RSA3K_PRIVKEY_DER_LEN; + + #if (RSA_MAX_KEY_LENGTH >= RSA_KEY_LENGTH_4K) extern const struct rsa_public_key RSA4K_PUBLIC_KEY; #endif diff --git a/projects/freertos/cmd_background_task.c b/projects/freertos/cmd_background_task.c index 858c326..9dbecd9 100644 --- a/projects/freertos/cmd_background_task.c +++ b/projects/freertos/cmd_background_task.c @@ -7,6 +7,7 @@ #include #include "cmd_interface/attestation_cmd_interface.h" #include "cmd_interface/cmd_logging.h" +#include "cmd_interface/cerberus_protocol_optional_commands.h" #include "flash/flash_common.h" #include "logging/logging_flash.h" #include "cmd_background_task.h" @@ -20,10 +21,6 @@ #define CMD_BACKGROUND_DEBUG_LOG_FILL (1U << 4) #define CMD_BACKGROUND_AUTH_RIOT (1U << 5) -#define CMD_BACKGROUND_PCR_NUM_SHIFT (29) -#define CMD_BACKGROUND_PCR_NUM_MASK (7U << CMD_BACKGROUND_PCR_NUM_SHIFT) - - /** * Set the current operation status. @@ -47,7 +44,6 @@ void cmd_background_task_set_status (struct cmd_background_task *task, int *op_s static void cmd_background_task_handler (struct cmd_background_task *task) { uint32_t notification; - uint8_t pcr_num; int *op_status; int status; @@ -58,26 +54,33 @@ static void cmd_background_task_handler (struct cmd_background_task *task) xTaskNotifyWait (pdFALSE, ULONG_MAX, ¬ification, portMAX_DELAY); if (notification & CMD_BACKGROUND_RUN_UNSEAL) { + struct cerberus_protocol_message_unseal *unseal = + (struct cerberus_protocol_message_unseal*) task->attestation.unseal_request; + op_status = &task->attestation.attestation_status; - pcr_num = (notification & CMD_BACKGROUND_PCR_NUM_MASK) >> - CMD_BACKGROUND_PCR_NUM_SHIFT; status = task->attestation.attestation->aux_attestation_unseal ( - task->attestation.attestation, task->attestation.hash, task->attestation.seed, - task->attestation.seed_length, task->attestation.hmac, - task->attestation.ciphertext, task->attestation.cipher_length, - task->attestation.sealing, task->attestation.key_buf, - sizeof (task->attestation.key_buf), pcr_num); + task->attestation.attestation, task->attestation.hash, AUX_ATTESTATION_KEY_256BIT, + &unseal->seed, unseal->seed_length, + (enum aux_attestation_seed_type) unseal->seed_type, + (enum aux_attestation_seed_padding) unseal->seed_params.rsa.padding, + cerberus_protocol_unseal_hmac (unseal), HMAC_SHA256, + cerberus_protocol_unseal_ciphertext (unseal), + cerberus_protocol_unseal_ciphertext_length (unseal), + cerberus_protocol_get_unseal_pmr_sealing (unseal)->pmr, CERBERUS_PROTOCOL_MAX_PMR, + task->attestation.key, sizeof (task->attestation.key)); if (ROT_IS_ERROR (status)) { - debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, + debug_log_create_entry (DEBUG_LOG_SEVERITY_ERROR, DEBUG_LOG_COMPONENT_CMD_INTERFACE, CMD_LOGGING_UNSEAL_FAIL, status, 0); status = CMD_BACKGROUND_STATUS (ATTESTATION_CMD_STATUS_FAILURE, status); } else { - task->attestation.key_len = status; status = ATTESTATION_CMD_STATUS_SUCCESS; } + + platform_free (task->attestation.unseal_request); + task->attestation.unseal_request = NULL; } else if (notification & CMD_BACKGROUND_RUN_BYPASS) { cmd_background_task_set_status (task, &task->config.config_status, @@ -170,15 +173,13 @@ static void cmd_background_task_handler (struct cmd_background_task *task) } while (1); } -static int cmd_background_task_unseal_start (struct cmd_background *cmd, const uint8_t *seed, - size_t seed_length, const uint8_t *hmac, const uint8_t *ciphertext, size_t cipher_length, - const uint8_t *sealing, uint8_t platform_pcr) +static int cmd_background_task_unseal_start (struct cmd_background *cmd, + const uint8_t *unseal_request, size_t length) { struct cmd_background_task *task = (struct cmd_background_task*) cmd; int status = 0; - if ((task == NULL) || (seed == NULL) || (hmac == NULL) || (ciphertext == NULL) || - (sealing == NULL)) { + if ((task == NULL) || (unseal_request == NULL) || (length == 0)) { return CMD_BACKGROUND_INVALID_ARGUMENT; } @@ -186,39 +187,41 @@ static int cmd_background_task_unseal_start (struct cmd_background *cmd, const u return CMD_BACKGROUND_UNSUPPORTED_REQUEST; } - if ((seed_length > sizeof (task->attestation.seed)) || - (cipher_length > sizeof (task->attestation.ciphertext))) { - return CMD_BACKGROUND_INPUT_TOO_BIG; - } - if (task->task) { xSemaphoreTake (task->lock, portMAX_DELAY); if (!task->running) { - task->attestation.attestation_status = ATTESTATION_CMD_STATUS_RUNNING; - task->running = 1; + if (task->attestation.unseal_request != NULL) { + platform_free (task->attestation.unseal_request); + } - memcpy (task->attestation.seed, seed, seed_length); - memcpy (task->attestation.hmac, hmac, sizeof (task->attestation.hmac)); - memcpy (task->attestation.ciphertext, ciphertext, cipher_length); - memcpy (task->attestation.sealing, sealing, sizeof (task->attestation.sealing)); + task->attestation.unseal_request = platform_malloc (length); + if (task->attestation.unseal_request != NULL) { + task->attestation.attestation_status = ATTESTATION_CMD_STATUS_RUNNING; + task->running = 1; - task->attestation.seed_length = seed_length; - task->attestation.cipher_length = cipher_length; + memcpy (task->attestation.unseal_request, unseal_request, length); - xSemaphoreGive (task->lock); - xTaskNotify (task->task, - (CMD_BACKGROUND_RUN_UNSEAL | (platform_pcr << CMD_BACKGROUND_PCR_NUM_SHIFT)), - eSetBits); + xSemaphoreGive (task->lock); + xTaskNotify (task->task, CMD_BACKGROUND_RUN_UNSEAL, eSetBits); + } + else { + status = CMD_BACKGROUND_NO_MEMORY; + task->attestation.attestation_status = + CMD_BACKGROUND_STATUS (ATTESTATION_CMD_STATUS_FAILURE, status); + xSemaphoreGive (task->lock); + } } else { - task->attestation.attestation_status = ATTESTATION_CMD_STATUS_REQUEST_BLOCKED; status = CMD_BACKGROUND_TASK_BUSY; + task->attestation.attestation_status = + CMD_BACKGROUND_STATUS (ATTESTATION_CMD_STATUS_REQUEST_BLOCKED, status); xSemaphoreGive (task->lock); } } else { - task->attestation.attestation_status = ATTESTATION_CMD_STATUS_TASK_NOT_RUNNING; status = CMD_BACKGROUND_NO_TASK; + task->attestation.attestation_status = + CMD_BACKGROUND_STATUS (ATTESTATION_CMD_STATUS_TASK_NOT_RUNNING, status); } return status; @@ -242,15 +245,19 @@ static int cmd_background_task_unseal_result (struct cmd_background *cmd, uint8_ *unseal_status = task->attestation.attestation_status; if (task->attestation.attestation_status == ATTESTATION_CMD_STATUS_SUCCESS) { - if (*key_length < task->attestation.key_len) { + if (*key_length < sizeof (task->attestation.key)) { xSemaphoreGive (task->lock); return CMD_BACKGROUND_BUF_TOO_SMALL; } else { - memcpy (key, task->attestation.key_buf, task->attestation.key_len); - *key_length = task->attestation.key_len; + memcpy (key, task->attestation.key, sizeof (task->attestation.key)); + *key_length = sizeof (task->attestation.key); + task->attestation.attestation_status = ATTESTATION_CMD_STATUS_NONE_STARTED; } } + else { + *key_length = 0; + } xSemaphoreGive (task->lock); @@ -279,14 +286,16 @@ static int cmd_background_task_reset_bypass (struct cmd_background *cmd) xTaskNotify (task->task, CMD_BACKGROUND_RUN_BYPASS, eSetBits); } else { - task->config.config_status = CONFIG_RESET_STATUS_REQUEST_BLOCKED; status = CMD_BACKGROUND_TASK_BUSY; + task->config.config_status = + CMD_BACKGROUND_STATUS (CONFIG_RESET_STATUS_REQUEST_BLOCKED, status); xSemaphoreGive (task->lock); } } else { - task->config.config_status = CONFIG_RESET_STATUS_TASK_NOT_RUNNING; status = CMD_BACKGROUND_NO_TASK; + task->config.config_status = + CMD_BACKGROUND_STATUS (CONFIG_RESET_STATUS_TASK_NOT_RUNNING, status); } return status; @@ -314,14 +323,16 @@ static int cmd_background_task_restore_defaults (struct cmd_background *cmd) xTaskNotify (task->task, CMD_BACKGROUND_RUN_DEFAULTS, eSetBits); } else { - task->config.config_status = CONFIG_RESET_STATUS_REQUEST_BLOCKED; status = CMD_BACKGROUND_TASK_BUSY; + task->config.config_status = + CMD_BACKGROUND_STATUS (CONFIG_RESET_STATUS_REQUEST_BLOCKED, status); xSemaphoreGive (task->lock); } } else { - task->config.config_status = CONFIG_RESET_STATUS_TASK_NOT_RUNNING; status = CMD_BACKGROUND_NO_TASK; + task->config.config_status = + CMD_BACKGROUND_STATUS (CONFIG_RESET_STATUS_TASK_NOT_RUNNING, status); } return status; @@ -412,8 +423,8 @@ int cmd_background_task_authenticate_riot_certs (struct cmd_background *cmd) } else { status = CMD_BACKGROUND_TASK_BUSY; - task->config.config_status = CMD_BACKGROUND_STATUS (RIOT_CERT_STATE_CHAIN_INVALID, - status); + task->config.config_status = + CMD_BACKGROUND_STATUS (RIOT_CERT_STATE_CHAIN_INVALID, status); xSemaphoreGive (task->lock); } } @@ -452,8 +463,8 @@ int cmd_background_task_get_riot_cert_chain_state (struct cmd_background *cmd) * * @return 0 if the task was successfully initialized or an error code. */ -int cmd_background_task_init (struct cmd_background_task *task, - struct attestation_slave *attestation, struct hash_engine *hash, struct config_reset *reset, +int cmd_background_task_init (struct cmd_background_task *task, + struct attestation_slave *attestation, struct hash_engine *hash, struct config_reset *reset, struct riot_key_manager *riot) { if (task == NULL) { diff --git a/projects/freertos/cmd_background_task.h b/projects/freertos/cmd_background_task.h index 9846c58..bec02d2 100644 --- a/projects/freertos/cmd_background_task.h +++ b/projects/freertos/cmd_background_task.h @@ -20,14 +20,8 @@ struct cmd_background_attestation { struct attestation_slave *attestation; /**< Attestation manager to utilize for attestation operations. */ struct hash_engine *hash; /**< Hash engine to be used in attestation operations. */ int attestation_status; /**< The attestation operation status. */ - uint8_t seed[512]; /**< The request seed encrypted with the attestation public key. */ - size_t seed_length; /**< The length of the request seed. */ - uint8_t hmac[SHA256_HASH_LENGTH]; /**< The HMAC for the attestation request. This is an HMAC-SHA256 value. */ - uint8_t ciphertext[255]; /**< The encrypted attestation data. */ - size_t cipher_length; /**< Length of the encrypted data. */ - uint8_t sealing[64]; /**< A 64-byte sealing value for the attestation data. */ - uint8_t key_buf[255]; /**< Buffer to hold unsealed encryption key. */ - size_t key_len; /**< Unsealed encryption key length. */ + uint8_t *unseal_request; /**< The current unseal request. */ + uint8_t key[AUX_ATTESTATION_KEY_256BIT]; /**< Buffer for the unsealed key. */ }; /** @@ -60,8 +54,8 @@ struct cmd_background_task { }; -int cmd_background_task_init (struct cmd_background_task *task, - struct attestation_slave *attestation, struct hash_engine *hash, struct config_reset *reset, +int cmd_background_task_init (struct cmd_background_task *task, + struct attestation_slave *attestation, struct hash_engine *hash, struct config_reset *reset, struct riot_key_manager *riot); int cmd_background_task_start (struct cmd_background_task *task); diff --git a/testing/mock.h b/testing/mock.h index 5a1ac1d..4b4f276 100644 --- a/testing/mock.h +++ b/testing/mock.h @@ -261,12 +261,12 @@ int mock_validate (struct mock *mock); * Error codes that can be generated by a mock object. */ enum { - MOCK_INVALID_ARGUMENT = MOCK_ERROR (0), /**< Input parameter is null or not valid. */ - MOCK_NO_MEMORY = MOCK_ERROR (1), /**< Memory allocation failed. */ - MOCK_NO_EXPECTATION = MOCK_ERROR (2), /**< No expectation to modify. */ - MOCK_BAD_ARG_INDEX = MOCK_ERROR (3), /**< Argument index is not valid for the call. */ - MOCK_SAVE_ARG_EXISTS = MOCK_ERROR (4), /**< A saved argument already exists for an ID. */ - MOCK_NO_SAVE_ARG = MOCK_ERROR (5), /**< No saved argument for an ID. */ + MOCK_INVALID_ARGUMENT = MOCK_ERROR (0x00), /**< Input parameter is null or not valid. */ + MOCK_NO_MEMORY = MOCK_ERROR (0x01), /**< Memory allocation failed. */ + MOCK_NO_EXPECTATION = MOCK_ERROR (0x02), /**< No expectation to modify. */ + MOCK_BAD_ARG_INDEX = MOCK_ERROR (0x03), /**< Argument index is not valid for the call. */ + MOCK_SAVE_ARG_EXISTS = MOCK_ERROR (0x04), /**< A saved argument already exists for an ID. */ + MOCK_NO_SAVE_ARG = MOCK_ERROR (0x05), /**< No saved argument for an ID. */ };