From b5110de1b3a159dad898b0b0636bc7fb8f582faf Mon Sep 17 00:00:00 2001
From: Tianjie Xu <xunchang@google.com>
Date: Tue, 23 Oct 2018 23:31:43 -0700
Subject: Add sanity check when loading public keys for OTA package

For RSA keys, check if it has a 2048 bits modulus, and its public
exponent is 3 or 65537. For EC keys, check if the field size is 256
bits for its curve.

Bug: 116655889
Test: unit tests pass
Change-Id: I5c00f4d2b61c98c434f0b49db232155d5d0770ec
---
 tests/component/verifier_test.cpp | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

(limited to 'tests/component/verifier_test.cpp')

diff --git a/tests/component/verifier_test.cpp b/tests/component/verifier_test.cpp
index d110c37e0..14b6060c3 100644
--- a/tests/component/verifier_test.cpp
+++ b/tests/component/verifier_test.cpp
@@ -30,6 +30,9 @@
 #include <android-base/test_utils.h>
 #include <android-base/unique_fd.h>
 #include <gtest/gtest.h>
+#include <openssl/bn.h>
+#include <openssl/ec.h>
+#include <openssl/nid.h>
 #include <ziparchive/zip_writer.h>
 
 #include "common/test_constants.h"
@@ -148,6 +151,35 @@ TEST(VerifierTest, LoadCertificateFromBuffer_sha256_ec256bits) {
   VerifyPackageWithSingleCertificate("otasigned_v5.zip", std::move(cert));
 }
 
+TEST(VerifierTest, LoadCertificateFromBuffer_check_rsa_keys) {
+  std::unique_ptr<RSA, RSADeleter> rsa(RSA_new());
+  std::unique_ptr<BIGNUM, decltype(&BN_free)> exponent(BN_new(), BN_free);
+  BN_set_word(exponent.get(), 3);
+  RSA_generate_key_ex(rsa.get(), 2048, exponent.get(), nullptr);
+  ASSERT_TRUE(CheckRSAKey(rsa));
+
+  // Exponent is expected to be 3 or 65537
+  BN_set_word(exponent.get(), 17);
+  RSA_generate_key_ex(rsa.get(), 2048, exponent.get(), nullptr);
+  ASSERT_FALSE(CheckRSAKey(rsa));
+
+  // Modulus is expected to be 2048.
+  BN_set_word(exponent.get(), 3);
+  RSA_generate_key_ex(rsa.get(), 1024, exponent.get(), nullptr);
+  ASSERT_FALSE(CheckRSAKey(rsa));
+}
+
+TEST(VerifierTest, LoadCertificateFromBuffer_check_ec_keys) {
+  std::unique_ptr<EC_KEY, ECKEYDeleter> ec(EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+  ASSERT_EQ(1, EC_KEY_generate_key(ec.get()));
+  ASSERT_TRUE(CheckECKey(ec));
+
+  // Expects 256-bit EC key with curve NIST P-256
+  ec.reset(EC_KEY_new_by_curve_name(NID_secp224r1));
+  ASSERT_EQ(1, EC_KEY_generate_key(ec.get()));
+  ASSERT_FALSE(CheckECKey(ec));
+}
+
 TEST(VerifierTest, LoadKeysFromZipfile_empty_archive) {
   TemporaryFile otacerts;
   BuildCertificateArchive({}, otacerts.release());
-- 
cgit v1.2.3