diff options
Diffstat (limited to 'test/fpsensor_state.c')
-rw-r--r-- | test/fpsensor_state.c | 202 |
1 files changed, 200 insertions, 2 deletions
diff --git a/test/fpsensor_state.c b/test/fpsensor_state.c index 3822fe49ab..0b61e1c2d4 100644 --- a/test/fpsensor_state.c +++ b/test/fpsensor_state.c @@ -1,4 +1,4 @@ -/* Copyright 2020 The Chromium OS Authors. All rights reserved. +/* Copyright 2020 The ChromiumOS Authors * Use of this source code is governed by a BSD-style license that can be * found in the LICENSE file. */ @@ -186,7 +186,198 @@ test_static int test_fp_set_maintenance_mode(void) return EC_SUCCESS; } -void run_test(int argc, char **argv) +test_static int test_fp_command_read_match_secret_fail_fgr_less_than_zero(void) +{ + /* Create invalid param with fgr < 0 */ + struct ec_params_fp_read_match_secret test_match_secret = { + .fgr = -1, + }; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret, + sizeof(test_match_secret), NULL, + 0) == EC_RES_INVALID_PARAM); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_fail_fgr_large_than_max(void) +{ + /* Create invalid param with fgr = FP_MAX_FINGER_COUNT */ + struct ec_params_fp_read_match_secret test_match_secret = { + .fgr = FP_MAX_FINGER_COUNT, + }; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret, + sizeof(test_match_secret), NULL, + 0) == EC_RES_INVALID_PARAM); + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_fail_timeout(void) +{ + /* Create valid param with 0 <= fgr < 5 */ + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = 1, + }; + + /* Disable positive secret match to create 0 deadline val */ + fp_disable_positive_match_secret(&positive_match_secret_state); + + TEST_ASSERT(positive_match_secret_state.deadline.val == 0); + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, + sizeof(test_match_secret_1), NULL, + 0) == EC_RES_TIMEOUT); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_unmatched_fgr(void) +{ + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + uint16_t unmatched_fgr = 2; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + /* Create positive secret match state with valid deadline value, + * readable state, and wrong template matched + */ + struct positive_match_secret_state test_state = { + .deadline.val = 5000000, + .readable = true, + .template_matched = unmatched_fgr, + }; + + /* Test for the wrong matched finger state */ + positive_match_secret_state = test_state; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, + sizeof(test_match_secret_1), NULL, + 0) == EC_RES_ACCESS_DENIED); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_unreadable_state(void) +{ + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + /* + * Create positive secret match state with valid deadline value , + * unreadable state, and correct matched template + */ + struct positive_match_secret_state test_state = { + .deadline.val = 5000000, + .readable = false, + .template_matched = matched_fgr, + }; + + /* Test for the unreadable state */ + positive_match_secret_state = test_state; + + TEST_ASSERT(test_send_host_command(EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, + sizeof(test_match_secret_1), NULL, + 0) == EC_RES_ACCESS_DENIED); + + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_derive_fail(void) +{ + struct ec_response_fp_read_match_secret response = { 0 }; + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + /* Create positive secret match state with valid deadline value, + * readable state, and correct template matched + */ + struct positive_match_secret_state test_state_1 = { + .deadline.val = 5000000, + .readable = true, + .template_matched = matched_fgr, + }; + positive_match_secret_state = test_state_1; + /* Set fp_positive_match_salt to the trivial value */ + memcpy(fp_positive_match_salt, trivial_fp_positive_match_salt, + sizeof(trivial_fp_positive_match_salt)); + + /* Test with the correct matched finger state and a trivial + * fp_positive_match_salt + */ + TEST_ASSERT(test_send_host_command( + EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, sizeof(test_match_secret_1), + &response, sizeof(response)) == EC_RES_ERROR); + return EC_SUCCESS; +} + +test_static int test_fp_command_read_match_secret_derive_succeed(void) +{ + struct ec_response_fp_read_match_secret response = { 0 }; + /* Create valid param with 0 <= fgr < 5 */ + uint16_t matched_fgr = 1; + struct ec_params_fp_read_match_secret test_match_secret_1 = { + .fgr = matched_fgr, + }; + + /* Expected positive_match_secret same as in test/fpsensor_crypto.c*/ + static const uint8_t + expected_positive_match_secret_for_empty_user_id[] = { + 0x8d, 0xc4, 0x5b, 0xdf, 0x55, 0x1e, 0xa8, 0x72, + 0xd6, 0xdd, 0xa1, 0x4c, 0xb8, 0xa1, 0x76, 0x2b, + 0xde, 0x38, 0xd5, 0x03, 0xce, 0xe4, 0x74, 0x51, + 0x63, 0x6c, 0x6a, 0x26, 0xa9, 0xb7, 0xfa, 0x68, + }; + /* Create positive secret match state with valid deadline value, + * readable state, and correct template matched + */ + struct positive_match_secret_state test_state_1 = { + .deadline.val = 5000000, + .readable = true, + .template_matched = matched_fgr, + }; + positive_match_secret_state = test_state_1; + /* Set fp_positive_match_salt to the trivial value */ + memcpy(fp_positive_match_salt, default_fake_fp_positive_match_salt, + sizeof(default_fake_fp_positive_match_salt)); + + TEST_ASSERT_ARRAY_EQ( + (uint8_t const *)fp_positive_match_salt, + (uint8_t const *)default_fake_fp_positive_match_salt, + sizeof(default_fake_fp_positive_match_salt)); + + /* Initialize an empty user_id to compare positive_match_secret */ + memset(user_id, 0, sizeof(user_id)); + + TEST_ASSERT(fp_tpm_seed_is_set()); + /* Test with the correct matched finger state and the default fake + * fp_positive_match_salt + */ + TEST_ASSERT(test_send_host_command( + EC_CMD_FP_READ_MATCH_SECRET, 0, + &test_match_secret_1, sizeof(test_match_secret_1), + &response, sizeof(response)) == EC_SUCCESS); + + TEST_ASSERT_ARRAY_EQ( + response.positive_match_secret, + expected_positive_match_secret_for_empty_user_id, + sizeof(expected_positive_match_secret_for_empty_user_id)); + + return EC_SUCCESS; +} + +void run_test(int argc, const char **argv) { RUN_TEST(test_fp_enc_status_valid_flags); RUN_TEST(test_fp_tpm_seed_not_set); @@ -194,5 +385,12 @@ void run_test(int argc, char **argv) RUN_TEST(test_set_fp_tpm_seed_again); RUN_TEST(test_fp_set_sensor_mode); RUN_TEST(test_fp_set_maintenance_mode); + RUN_TEST(test_fp_command_read_match_secret_fail_fgr_less_than_zero); + RUN_TEST(test_fp_command_read_match_secret_fail_fgr_large_than_max); + RUN_TEST(test_fp_command_read_match_secret_fail_timeout); + RUN_TEST(test_fp_command_read_match_secret_unmatched_fgr); + RUN_TEST(test_fp_command_read_match_secret_unreadable_state); + RUN_TEST(test_fp_command_read_match_secret_derive_fail); + RUN_TEST(test_fp_command_read_match_secret_derive_succeed); test_print_result(); } |