Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / refs/heads/factory-14778.B / . / cryptohome / signature_sealing / structures_proto_test.cc
blob: d5145de6a38dfc1e4d854e8436ae2175e5a44821 [file] [log] [blame]
// Copyright 2021 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <string>
#include <utility>
#include <variant>
#include <gtest/gtest.h>
#include "cryptohome/signature_sealing/structures_proto.h"
using brillo::BlobFromString;
namespace cryptohome {
TEST(ChallengeSignatureAlgorithmTest, ToProtoFromProto) {
for (auto algo : {
structure::ChallengeSignatureAlgorithm::kRsassaPkcs1V15Sha1,
structure::ChallengeSignatureAlgorithm::kRsassaPkcs1V15Sha256,
structure::ChallengeSignatureAlgorithm::kRsassaPkcs1V15Sha384,
structure::ChallengeSignatureAlgorithm::kRsassaPkcs1V15Sha512,
}) {
EXPECT_EQ(algo, proto::FromProto(proto::ToProto(algo)));
}
}
TEST(ChallengeSignatureAlgorithmTest, FromProtoToProto) {
for (auto algo : {
ChallengeSignatureAlgorithm::CHALLENGE_RSASSA_PKCS1_V1_5_SHA1,
ChallengeSignatureAlgorithm::CHALLENGE_RSASSA_PKCS1_V1_5_SHA256,
ChallengeSignatureAlgorithm::CHALLENGE_RSASSA_PKCS1_V1_5_SHA384,
ChallengeSignatureAlgorithm::CHALLENGE_RSASSA_PKCS1_V1_5_SHA512,
}) {
EXPECT_EQ(algo, proto::ToProto(proto::FromProto(algo)));
}
}
TEST(SignatureSealedDataTest, ToProtoFromProtoTPM2) {
structure::Tpm2PolicySignedData data{
.public_key_spki_der = BlobFromString("public_key_spki_der"),
.srk_wrapped_secret = BlobFromString("srk_wrapped_secret"),
.scheme = 0x54321,
.hash_alg = 0x12345,
.default_pcr_policy_digest = BlobFromString("default_pcr_policy_digest"),
.extended_pcr_policy_digest =
BlobFromString("extended_pcr_policy_digest"),
};
structure::SignatureSealedData struct_data = data;
ASSERT_TRUE(
std::holds_alternative<structure::Tpm2PolicySignedData>(struct_data));
structure::SignatureSealedData final_data =
proto::FromProto(proto::ToProto(struct_data));
ASSERT_TRUE(
std::holds_alternative<structure::Tpm2PolicySignedData>(final_data));
const structure::Tpm2PolicySignedData& tpm2_data =
std::get<structure::Tpm2PolicySignedData>(final_data);
EXPECT_EQ(tpm2_data.public_key_spki_der, data.public_key_spki_der);
EXPECT_EQ(tpm2_data.srk_wrapped_secret, data.srk_wrapped_secret);
EXPECT_EQ(tpm2_data.scheme, data.scheme);
EXPECT_EQ(tpm2_data.hash_alg, data.hash_alg);
EXPECT_EQ(tpm2_data.default_pcr_policy_digest,
data.default_pcr_policy_digest);
EXPECT_EQ(tpm2_data.extended_pcr_policy_digest,
data.extended_pcr_policy_digest);
}
TEST(SignatureSealedDataTest, ToProtoFromProtoTPM1) {
structure::Tpm12CertifiedMigratableKeyData data{
.public_key_spki_der = BlobFromString("public_key_spki_der"),
.srk_wrapped_cmk = BlobFromString("srk_wrapped_cmk"),
.cmk_pubkey = BlobFromString("cmk_pubkey"),
.cmk_wrapped_auth_data = BlobFromString("cmk_wrapped_auth_data"),
.default_pcr_bound_secret = BlobFromString("default_pcr_bound_secret"),
.extended_pcr_bound_secret = BlobFromString("extended_pcr_bound_secret"),
};
structure::SignatureSealedData struct_data = data;
ASSERT_TRUE(
std::holds_alternative<structure::Tpm12CertifiedMigratableKeyData>(
struct_data));
structure::SignatureSealedData final_data =
proto::FromProto(proto::ToProto(struct_data));
ASSERT_TRUE(
std::holds_alternative<structure::Tpm12CertifiedMigratableKeyData>(
final_data));
const structure::Tpm12CertifiedMigratableKeyData& tpm1_data =
std::get<structure::Tpm12CertifiedMigratableKeyData>(final_data);
EXPECT_EQ(tpm1_data.public_key_spki_der, data.public_key_spki_der);
EXPECT_EQ(tpm1_data.srk_wrapped_cmk, data.srk_wrapped_cmk);
EXPECT_EQ(tpm1_data.cmk_pubkey, data.cmk_pubkey);
EXPECT_EQ(tpm1_data.cmk_wrapped_auth_data, data.cmk_wrapped_auth_data);
EXPECT_EQ(tpm1_data.default_pcr_bound_secret, data.default_pcr_bound_secret);
EXPECT_EQ(tpm1_data.extended_pcr_bound_secret,
data.extended_pcr_bound_secret);
}
TEST(SignatureChallengeInfoTest, ToProtoFromProto) {
structure::Tpm2PolicySignedData policy_data = {
.public_key_spki_der = BlobFromString("public_key_spki_der"),
.srk_wrapped_secret = BlobFromString("srk_wrapped_secret"),
.scheme = 0x54321,
.hash_alg = 0x12345,
.default_pcr_policy_digest = BlobFromString("default_pcr_policy_digest"),
.extended_pcr_policy_digest =
BlobFromString("extended_pcr_policy_digest"),
};
structure::SignatureChallengeInfo data{
.public_key_spki_der = BlobFromString("public_key_spki_der"),
.sealed_secret = policy_data,
.salt = BlobFromString("salt"),
.salt_signature_algorithm =
structure::ChallengeSignatureAlgorithm::kRsassaPkcs1V15Sha384,
};
structure::SignatureChallengeInfo final_data =
proto::FromProto(proto::ToProto(data));
EXPECT_EQ(final_data.public_key_spki_der, data.public_key_spki_der);
EXPECT_EQ(final_data.salt, data.salt);
EXPECT_EQ(final_data.salt_signature_algorithm, data.salt_signature_algorithm);
ASSERT_TRUE(std::holds_alternative<structure::Tpm2PolicySignedData>(
final_data.sealed_secret));
const structure::Tpm2PolicySignedData& tpm2_data =
std::get<structure::Tpm2PolicySignedData>(final_data.sealed_secret);
EXPECT_EQ(tpm2_data.public_key_spki_der, policy_data.public_key_spki_der);
EXPECT_EQ(tpm2_data.srk_wrapped_secret, policy_data.srk_wrapped_secret);
EXPECT_EQ(tpm2_data.scheme, policy_data.scheme);
EXPECT_EQ(tpm2_data.hash_alg, policy_data.hash_alg);
EXPECT_EQ(tpm2_data.default_pcr_policy_digest,
policy_data.default_pcr_policy_digest);
EXPECT_EQ(tpm2_data.extended_pcr_policy_digest,
policy_data.extended_pcr_policy_digest);
}
TEST(ChallengePublicKeyInfoTest, ToProtoFromProto) {
structure::ChallengePublicKeyInfo data{
.public_key_spki_der = BlobFromString("public_key_spki_der"),
.signature_algorithm = {
structure::ChallengeSignatureAlgorithm::kRsassaPkcs1V15Sha1,
structure::ChallengeSignatureAlgorithm::kRsassaPkcs1V15Sha256,
}};
structure::ChallengePublicKeyInfo final_data =
proto::FromProto(proto::ToProto(data));
EXPECT_EQ(final_data.public_key_spki_der, data.public_key_spki_der);
EXPECT_EQ(final_data.signature_algorithm, data.signature_algorithm);
}
} // namespace cryptohome