1 /*
2 * Copyright (C) 2023 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <memory>
18 #include <optional>
19 #include <string>
20 #include <vector>
21
22 #include <android-base/properties.h>
23 #include <fstab/fstab.h>
24 #include <libavb/libavb.h>
25 #include <libavb_user/avb_ops_user.h>
26
27 #include "KeymasterHidlTest.h"
28
29 namespace android::hardware::keymaster::V4_0::test {
30
31 using ::std::string;
32 using ::std::vector;
33
34 // Since this test needs to talk to Keymaster HAL, it can only run as root. Thus,
35 // bootloader can not be locked.
36 class BootloaderStateTest : public KeymasterHidlTest {
37 public:
SetUp()38 virtual void SetUp() override {
39 KeymasterHidlTest::SetUp();
40
41 // Generate a key.
42 auto ec = GenerateKey(AuthorizationSetBuilder()
43 .Authorization(TAG_NO_AUTH_REQUIRED)
44 .EcdsaSigningKey(EcCurve::P_256)
45 .Digest(Digest::SHA_2_256));
46 ASSERT_EQ(ec, ErrorCode::OK) << "Failed to generate key.";
47
48 // Generate attestation.
49 hidl_vec<hidl_vec<uint8_t>> cert_chain;
50 ec = AttestKey(AuthorizationSetBuilder()
51 .Authorization(TAG_ATTESTATION_CHALLENGE, HidlBuf("challenge"))
52 .Authorization(TAG_ATTESTATION_APPLICATION_ID, HidlBuf("foo")),
53 &cert_chain);
54 ASSERT_EQ(ec, ErrorCode::OK) << "Failed to generate attestation.";
55
56 X509_Ptr cert(parse_cert_blob(cert_chain[0]));
57 ASSERT_TRUE(cert.get()) << "Failed to parse certificate blob.";
58
59 ASN1_OCTET_STRING* attest_rec = get_attestation_record(cert.get());
60 ASSERT_TRUE(attest_rec) << "Failed to get attestation record.";
61
62 // Parse root of trust.
63 auto result = parse_root_of_trust(attest_rec->data, attest_rec->length, &attestedVbKey_,
64 &attestedVbState_, &attestedBootloaderState_,
65 &attestedVbmetaDigest_);
66 ASSERT_EQ(result, ErrorCode::OK) << "Failed to parse root of trust.";
67 }
68
69 hidl_vec<uint8_t> attestedVbKey_;
70 keymaster_verified_boot_t attestedVbState_;
71 bool attestedBootloaderState_;
72 hidl_vec<uint8_t> attestedVbmetaDigest_;
73 };
74
75 // Check that attested bootloader state is set to unlocked.
TEST_P(BootloaderStateTest,BootloaderIsUnlocked)76 TEST_P(BootloaderStateTest, BootloaderIsUnlocked) {
77 ASSERT_FALSE(attestedBootloaderState_)
78 << "This test runs as root. Bootloader must be unlocked.";
79 }
80
81 // Check that verified boot state is set to "unverified", i.e. "orange".
TEST_P(BootloaderStateTest,VbStateIsUnverified)82 TEST_P(BootloaderStateTest, VbStateIsUnverified) {
83 // Unlocked bootloader implies that verified boot state must be "unverified".
84 ASSERT_EQ(attestedVbState_, KM_VERIFIED_BOOT_UNVERIFIED)
85 << "Verified boot state must be \"UNVERIFIED\" aka \"orange\".";
86
87 // AVB spec stipulates that bootloader must set "androidboot.verifiedbootstate" parameter
88 // on the kernel command-line. This parameter is exposed to userspace as
89 // "ro.boot.verifiedbootstate" property.
90 auto vbStateProp = ::android::base::GetProperty("ro.boot.verifiedbootstate", "");
91 ASSERT_EQ(vbStateProp, "orange")
92 << "Verified boot state must be \"UNVERIFIED\" aka \"orange\".";
93 }
94
95 // Following error codes from avb_slot_data() mean that slot data was loaded
96 // (even if verification failed).
avb_slot_data_loaded(AvbSlotVerifyResult result)97 static inline bool avb_slot_data_loaded(AvbSlotVerifyResult result) {
98 switch (result) {
99 case AVB_SLOT_VERIFY_RESULT_OK:
100 case AVB_SLOT_VERIFY_RESULT_ERROR_VERIFICATION:
101 case AVB_SLOT_VERIFY_RESULT_ERROR_ROLLBACK_INDEX:
102 case AVB_SLOT_VERIFY_RESULT_ERROR_PUBLIC_KEY_REJECTED:
103 return true;
104 default:
105 return false;
106 }
107 }
108
109 // Check that attested vbmeta digest is correct.
TEST_P(BootloaderStateTest,VbmetaDigest)110 TEST_P(BootloaderStateTest, VbmetaDigest) {
111 AvbSlotVerifyData* avbSlotData;
112 auto suffix = fs_mgr_get_slot_suffix();
113 const char* partitions[] = {nullptr};
114 auto avbOps = avb_ops_user_new();
115
116 // For VTS, devices run with vendor_boot-debug.img, which is not release key
117 // signed. Use AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR to bypass avb
118 // verification errors. This is OK since we only care about the digest for
119 // this test case.
120 auto result = avb_slot_verify(avbOps, partitions, suffix.c_str(),
121 AVB_SLOT_VERIFY_FLAGS_ALLOW_VERIFICATION_ERROR,
122 AVB_HASHTREE_ERROR_MODE_EIO, &avbSlotData);
123 ASSERT_TRUE(avb_slot_data_loaded(result)) << "Failed to load avb slot data";
124
125 // Unfortunately, bootloader is not required to report the algorithm used
126 // to calculate the digest. There are only two supported options though,
127 // SHA256 and SHA512. Attested VBMeta digest must match one of these.
128 vector<uint8_t> digest256(AVB_SHA256_DIGEST_SIZE);
129 vector<uint8_t> digest512(AVB_SHA512_DIGEST_SIZE);
130
131 avb_slot_verify_data_calculate_vbmeta_digest(avbSlotData, AVB_DIGEST_TYPE_SHA256,
132 digest256.data());
133 avb_slot_verify_data_calculate_vbmeta_digest(avbSlotData, AVB_DIGEST_TYPE_SHA512,
134 digest512.data());
135
136 ASSERT_TRUE((attestedVbmetaDigest_ == digest256) || (attestedVbmetaDigest_ == digest512))
137 << "Attested digest does not match computed digest.";
138 }
139
140 INSTANTIATE_KEYMASTER_HIDL_TEST(BootloaderStateTest);
141
142 } // namespace android::hardware::keymaster::V4_0::test
143