1 /*
2  * Copyright (C) 2020 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #include <attestation/HmacKeyManager.h>
18 #include <gtest/gtest.h>
19 
20 namespace android {
21 
22 class HmacKeyManagerTest : public testing::Test {
23 protected:
24     HmacKeyManager mHmacKeyManager;
25 };
26 
27 /**
28  * Ensure that separate calls to sign the same data are generating the same key.
29  * We avoid asserting against INVALID_HMAC. Since the key is random, there is a non-zero chance
30  * that a specific key and data combination would produce INVALID_HMAC, which would cause flaky
31  * tests.
32  */
TEST_F(HmacKeyManagerTest,GeneratedHmac_IsConsistent)33 TEST_F(HmacKeyManagerTest, GeneratedHmac_IsConsistent) {
34     std::array<uint8_t, 10> data = {4, 3, 5, 1, 8, 5, 2, 7, 1, 8};
35 
36     std::array<uint8_t, 32> hmac1 = mHmacKeyManager.sign(data.data(), sizeof(data));
37     std::array<uint8_t, 32> hmac2 = mHmacKeyManager.sign(data.data(), sizeof(data));
38     ASSERT_EQ(hmac1, hmac2);
39 }
40 
41 /**
42  * Ensure that changes in the hmac verification data produce a different hmac.
43  */
TEST_F(HmacKeyManagerTest,GeneratedHmac_ChangesWhenFieldsChange)44 TEST_F(HmacKeyManagerTest, GeneratedHmac_ChangesWhenFieldsChange) {
45     std::array<uint8_t, 10> data = {4, 3, 5, 1, 8, 5, 2, 7, 1, 8};
46     std::array<uint8_t, 32> initialHmac = mHmacKeyManager.sign(data.data(), sizeof(data));
47 
48     data[2] = 2;
49     ASSERT_NE(initialHmac, mHmacKeyManager.sign(data.data(), sizeof(data)));
50 }
51 
52 } // namespace android