1 // Copyright 2022, The Android Open Source Project
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // http://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 use super::{
16 sdd_mem::InMemorySlotManager, SecureDeletionSecretManager, SecureDeletionSlot, SlotHolder,
17 SlotPurpose,
18 };
19
20 #[derive(Default)]
21 struct FakeRng(u8);
22
23 impl crate::crypto::Rng for FakeRng {
add_entropy(&mut self, _data: &[u8])24 fn add_entropy(&mut self, _data: &[u8]) {}
fill_bytes(&mut self, dest: &mut [u8])25 fn fill_bytes(&mut self, dest: &mut [u8]) {
26 for b in dest {
27 *b = self.0;
28 self.0 += 1;
29 }
30 }
31 }
32
33 #[test]
test_sdd_slot_holder()34 fn test_sdd_slot_holder() {
35 let mut sdd_mgr = InMemorySlotManager::<10>::default();
36 let mut rng = FakeRng::default();
37 let (slot_holder0, sdd0) =
38 SlotHolder::new(&mut sdd_mgr, &mut rng, SlotPurpose::KeyGeneration).unwrap();
39 let slot0 = slot_holder0.consume();
40 assert_eq!(slot0, SecureDeletionSlot(0));
41 assert!(sdd_mgr.get_secret(slot0).unwrap() == sdd0);
42
43 let (slot_holder1, sdd1) =
44 SlotHolder::new(&mut sdd_mgr, &mut rng, SlotPurpose::KeyGeneration).unwrap();
45 let slot1 = slot_holder1.consume();
46 assert_eq!(slot1, SecureDeletionSlot(1));
47 assert!(sdd_mgr.get_secret(slot1).unwrap() == sdd1);
48
49 assert!(sdd_mgr.get_secret(slot0).unwrap() == sdd0);
50 assert!(sdd_mgr.get_secret(slot1).unwrap() == sdd1);
51 assert!(sdd0 != sdd1);
52
53 // If the slot holder is dropped rather than consumed, it should free the slot.
54 let (slot_holder2, _sdd2a) =
55 SlotHolder::new(&mut sdd_mgr, &mut rng, SlotPurpose::KeyGeneration).unwrap();
56 drop(slot_holder2);
57 assert!(sdd_mgr.get_secret(SecureDeletionSlot(2)).is_err());
58
59 // Slot 2 is available again.
60 let (slot_holder2, sdd2b) =
61 SlotHolder::new(&mut sdd_mgr, &mut rng, SlotPurpose::KeyGeneration).unwrap();
62 let slot2 = slot_holder2.consume();
63 assert_eq!(slot2, SecureDeletionSlot(2));
64 assert!(sdd_mgr.get_secret(slot2).unwrap() == sdd2b);
65 }
66
67 #[test]
test_sdd_factory_secret()68 fn test_sdd_factory_secret() {
69 let mut sdd_mgr = InMemorySlotManager::<10>::default();
70 let mut rng = FakeRng::default();
71 assert!(sdd_mgr.get_factory_reset_secret().is_err());
72 let secret1 = sdd_mgr.get_or_create_factory_reset_secret(&mut rng).unwrap();
73 let secret2 = sdd_mgr.get_factory_reset_secret().unwrap();
74 assert!(secret1 == secret2);
75 let secret3 = sdd_mgr.get_or_create_factory_reset_secret(&mut rng).unwrap();
76 assert!(secret1 == secret3);
77 }
78
79 #[test]
test_sdd_exhaustion()80 fn test_sdd_exhaustion() {
81 let mut sdd_mgr = InMemorySlotManager::<2>::default();
82 let mut rng = FakeRng::default();
83 let (_slot0, _sdd0) = sdd_mgr.new_secret(&mut rng, SlotPurpose::KeyGeneration).unwrap();
84 let (slot1a, sdd1a) = sdd_mgr.new_secret(&mut rng, SlotPurpose::KeyGeneration).unwrap();
85 assert!(sdd_mgr.new_secret(&mut rng, SlotPurpose::KeyGeneration).is_err());
86 sdd_mgr.delete_secret(slot1a).unwrap();
87 let (slot1b, sdd1b) = sdd_mgr.new_secret(&mut rng, SlotPurpose::KeyGeneration).unwrap();
88 assert_eq!(slot1a, slot1b);
89 assert!(sdd1a != sdd1b);
90 }
91