/*############################################################################
# Copyright 2017 Intel Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
############################################################################*/
/*!
* \file
* \brief Provision key unit tests.
*/
#include <cstring>
#include <vector>
#include "epid/common-testhelper/epid_gtest-testhelper.h"
#include "gtest/gtest.h"
#include "epid/common-testhelper/errors-testhelper.h"
#include "epid/common-testhelper/mem_params-testhelper.h"
#include "epid/common-testhelper/prng-testhelper.h"
#include "epid/member/tiny/unittests/member-testhelper.h"
extern "C" {
#include "epid/member/api.h"
}
namespace {
EpidStatus ProvisionBulkAndStart(MemberCtx* ctx, GroupPubKey const* pub_key,
PrivKey const* priv_key,
MemberPrecomp const* precomp_str) {
EpidStatus sts;
sts = EpidProvisionKey(ctx, pub_key, priv_key, precomp_str);
if (sts != kEpidNoErr) {
return sts;
}
sts = EpidMemberStartup(ctx);
return sts;
}
TEST_F(EpidMemberTest, ProvisionBulkFailsGivenNullParameters) {
Prng prng;
GroupPubKey pub_key = this->kGroupPublicKey;
PrivKey priv_key = this->kMemberPrivateKey;
MemberPrecomp precomp = this->kMemberPrecomp;
MemberParams params = {0};
SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms);
MemberCtxObj member(¶ms);
EXPECT_EQ(kEpidBadArgErr,
EpidProvisionKey(nullptr, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
EpidProvisionKey(member, nullptr, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
EpidProvisionKey(member, &pub_key, nullptr, &precomp));
EXPECT_EQ(kEpidBadArgErr,
EpidProvisionKey(nullptr, &pub_key, &priv_key, nullptr));
EXPECT_EQ(kEpidBadArgErr,
EpidProvisionKey(member, nullptr, &priv_key, nullptr));
EXPECT_EQ(kEpidBadArgErr,
EpidProvisionKey(member, &pub_key, nullptr, nullptr));
}
TEST_F(EpidMemberTest, ProvisionBulkSucceedsGivenValidParameters) {
Prng prng;
GroupPubKey pub_key = this->kGroupPublicKey;
PrivKey priv_key = this->kMemberPrivateKey;
MemberPrecomp precomp = this->kMemberPrecomp;
MemberParams params = {0};
SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms);
MemberCtxObj member(¶ms);
EXPECT_EQ(kEpidNoErr,
EpidProvisionKey(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidNoErr, EpidProvisionKey(member, &pub_key, &priv_key, nullptr));
}
// test that create succeeds with valid IKGF given parameters
TEST_F(EpidMemberTest, ProvisionBulkSucceedsGivenValidParametersUsingIKGFData) {
Prng prng;
const GroupPubKey pub_key = {
#include "epid/common-testhelper/testdata/ikgf/groupa/pubkey.inc"
};
const PrivKey priv_key = {
#include "epid/common-testhelper/testdata/ikgf/groupa/member0/mprivkey.inc"
};
const MemberPrecomp precomp = {
#include "epid/common-testhelper/testdata/ikgf/groupa/member0/mprecomp.inc"
};
MemberParams params = {0};
SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms);
MemberCtxObj member(¶ms);
EXPECT_EQ(kEpidNoErr,
EpidProvisionKey(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidNoErr, EpidProvisionKey(member, &pub_key, &priv_key, nullptr));
}
TEST_F(EpidMemberTest, ProvisionBulkFailsForInvalidGroupPubKey) {
Prng prng;
GroupPubKey pub_key = this->kGroupPublicKey;
PrivKey priv_key = this->kMemberPrivateKey;
MemberPrecomp precomp = this->kMemberPrecomp;
MemberParams params = {0};
SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms);
MemberCtxObj member(¶ms);
pub_key = this->kGroupPublicKey;
pub_key.h1.x.data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
pub_key = this->kGroupPublicKey;
pub_key.h1.y.data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
pub_key = this->kGroupPublicKey;
pub_key.h2.x.data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
pub_key = this->kGroupPublicKey;
pub_key.h2.y.data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
pub_key = this->kGroupPublicKey;
pub_key.w.x[0].data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
pub_key = this->kGroupPublicKey;
pub_key.w.x[1].data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
pub_key = this->kGroupPublicKey;
pub_key.w.y[0].data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
pub_key = this->kGroupPublicKey;
pub_key.w.y[1].data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
}
TEST_F(EpidMemberTest, ProvisionBulkFailsForInvalidF) {
Prng prng;
FpElemStr f = {
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff,
0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x00,
};
GroupPubKey pub_key = this->kGroupPublicKey;
PrivKey priv_key = this->kMemberPrivateKey;
MemberPrecomp precomp = this->kMemberPrecomp;
MemberParams params = {0};
SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms);
MemberCtxObj member(¶ms);
priv_key = this->kMemberPrivateKey;
priv_key.f = f;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
}
TEST_F(EpidMemberTest, ProvisionBulkFailsForInvalidPrivateKey) {
Prng prng;
GroupPubKey pub_key = this->kGroupPublicKey;
PrivKey priv_key = this->kMemberPrivateKey;
MemberPrecomp precomp = this->kMemberPrecomp;
MemberParams params = {0};
SetMemberParams(&Prng::Generate, &prng, nullptr, ¶ms);
MemberCtxObj member(¶ms);
priv_key = this->kMemberPrivateKey;
priv_key.A.x.data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
priv_key = this->kMemberPrivateKey;
priv_key.A.y.data.data[0]++;
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, &precomp));
EXPECT_EQ(kEpidBadArgErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
}
TEST_F(EpidMemberTest, DISABLED_ProvisionBulkCanStoreMembershipCredential) {
Prng prng;
GroupPubKey pub_key = this->kGroupPublicKey;
PrivKey priv_key = this->kMemberPrivateKey;
MemberParams params = {0};
SetMemberParams(&Prng::Generate, &prng, &priv_key.f, ¶ms);
MemberCtxObj member(¶ms);
EXPECT_EQ(kEpidNoErr,
ProvisionBulkAndStart(member, &pub_key, &priv_key, nullptr));
FAIL() << "todo(developer): implement verification that credentials are "
"provisioned";
// uint32_t nv_index = 0x01c10100;
// MembershipCredential credential;
// MembershipCredential const orig_credential{ priv_key.gid, priv_key.A,
// priv_key.x };
// EXPECT_EQ(kEpidNoErr, EpidNvReadMembershipCredential(
// member->tpm2_ctx, nv_index, &pub_key,
// &credential));
// EXPECT_EQ(orig_credential, credential);
}
} // namespace