app/test-app/main.cc - trusty/app/cast-auth - Git at Google

 /*
  * Copyright (C) 2022 The Android Open Source Project
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 #define TLOG_TAG "cast-auth-trusty-test"

 #include <stddef.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>

 #include <array>
 #include <cstdint>

 #include <binder/RpcSession.h>
 #include <binder/RpcTransportTipcTrusty.h>
 #include <lib/unittest/unittest.h>
 #include <trusty_ipc.h>
 #include <trusty_log.h>
 #include <trusty_unittest.h>
 #include <uapi/err.h>

 #include "BpCastAuth.h"

 // trusty_unittest.h doesn't provide these by default.
 #define ASSERT_TRUE(val, args...) ASSERT_EQ(true, (bool)(val), ##args)
 #define ASSERT_FALSE(val, args...) ASSERT_EQ(false, (bool)(val), ##args)
 #define EXPECT_TRUE(val, args...) EXPECT_EQ(true, (bool)(val), ##args)
 #define EXPECT_FALSE(val, args...) EXPECT_EQ(false, (bool)(val), ##args)

 unsigned char message_bin[] = {0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0a};
 unsigned int message_bin_len = 8;

 /* The following test_hash is the SHA256 hash of the message consisting of these
  * bytes: 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0a
  * prefixed by the appropriate DER prefix for SHA256.
  */
 const std::vector<uint8_t> test_hash{
         0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65,
         0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, 0x00, 0xcf, 0x20,
         0xe0, 0x7a, 0xa9, 0x69, 0x9f, 0x6c, 0x4f, 0x93, 0x42, 0x30, 0xee,
         0xff, 0x8f, 0xc6, 0xf6, 0xcf, 0xdd, 0x57, 0xc8, 0xe5, 0xaf, 0x93,
         0x49, 0x60, 0x82, 0xd7, 0x5c, 0xee, 0x42};

 /* The following is a test RSA 2048 bit key, generated using openssl genrsa. It
  * is in PKCS1 RSAPrivateKey (DER) format.
  */
 const std::vector<uint8_t> test_pkcs1_der{
         0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
         0xca, 0xc1, 0x47, 0xf3, 0x2f, 0xf9, 0xd8, 0x47, 0x7f, 0x3b, 0x14, 0xb7,
         0xde, 0x0f, 0xa8, 0x41, 0xe6, 0x30, 0x01, 0x27, 0x1b, 0x8a, 0x30, 0x96,
         0xd0, 0x50, 0xa7, 0xfc, 0x19, 0xe0, 0xdf, 0x71, 0x6d, 0x0e, 0x8b, 0x79,
         0x01, 0xa8, 0xe2, 0x01, 0x2d, 0x26, 0x93, 0xad, 0x3a, 0x2d, 0x84, 0xa0,
         0x52, 0x64, 0xc9, 0x49, 0xdc, 0xf5, 0xa0, 0xd0, 0xd6, 0xab, 0xe1, 0xc5,
         0x3d, 0x39, 0x53, 0x6b, 0xd5, 0x12, 0x33, 0x6b, 0xcd, 0x88, 0xb1, 0xa4,
         0x6c, 0x69, 0x7f, 0x1c, 0x74, 0x6c, 0x27, 0xd6, 0xb8, 0x09, 0x1b, 0x0d,
         0xb3, 0xc7, 0xd2, 0xaf, 0x52, 0xad, 0xf7, 0x61, 0x91, 0xa1, 0x39, 0x58,
         0x99, 0xa4, 0x9b, 0x7d, 0x76, 0xe2, 0x26, 0x56, 0x86, 0x60, 0x1a, 0x47,
         0xba, 0xdd, 0x94, 0xf2, 0x19, 0x08, 0x8f, 0x66, 0x9f, 0x59, 0xb9, 0x69,
         0x9f, 0x53, 0x76, 0xb4, 0x2b, 0xac, 0x32, 0x87, 0x6d, 0x48, 0xeb, 0x80,
         0x56, 0x2f, 0x1c, 0x7b, 0x82, 0x5b, 0x45, 0x51, 0xe3, 0xc1, 0xa9, 0xf0,
         0x5c, 0xff, 0xc8, 0xf7, 0x6c, 0xfa, 0xf0, 0x84, 0x2f, 0x43, 0xa6, 0x25,
         0xdf, 0xc6, 0xbd, 0xd8, 0x68, 0x56, 0x6f, 0x7b, 0xea, 0x9e, 0xf2, 0x69,
         0xad, 0xf8, 0x7d, 0x18, 0x83, 0x73, 0xea, 0x09, 0xf7, 0x6d, 0x86, 0x41,
         0x14, 0xd0, 0x98, 0xaa, 0xb0, 0x2d, 0x10, 0xd7, 0xa8, 0xdc, 0x02, 0x33,
         0x31, 0xe5, 0xf6, 0xf4, 0x25, 0x4f, 0x97, 0xa8, 0xc6, 0x48, 0x6f, 0x00,
         0xa4, 0x9f, 0x58, 0xce, 0x7b, 0xf7, 0x0d, 0x1b, 0x13, 0x4d, 0x9c, 0x69,
         0x06, 0x19, 0x01, 0x60, 0x99, 0xa3, 0xeb, 0x09, 0x81, 0x17, 0x98, 0xcd,
         0x45, 0xc1, 0xd1, 0xc6, 0x5a, 0xa4, 0xce, 0x87, 0x16, 0x75, 0x21, 0xda,
         0x3e, 0xbd, 0x56, 0xdc, 0x54, 0xea, 0x50, 0x5e, 0xb1, 0xe8, 0x41, 0x74,
         0x26, 0x4a, 0xde, 0x69, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
         0x00, 0x5e, 0x94, 0x38, 0xa6, 0xe5, 0x4b, 0x4b, 0xab, 0x56, 0x5b, 0x4d,
         0xf7, 0xd3, 0x1b, 0x44, 0xa6, 0xb0, 0xe4, 0xd5, 0xb4, 0xd3, 0x70, 0xeb,
         0xe7, 0x7d, 0xf7, 0x11, 0xd5, 0x54, 0x91, 0x04, 0x4a, 0x19, 0xd0, 0x3e,
         0x19, 0x4d, 0x3f, 0xe5, 0x65, 0x1d, 0x15, 0xb0, 0xaf, 0x8e, 0xc2, 0xea,
         0xea, 0x0a, 0x65, 0x3f, 0x4c, 0x38, 0x49, 0x50, 0x21, 0xfa, 0xf1, 0xa4,
         0xd8, 0x68, 0x0d, 0xd4, 0xaf, 0x29, 0x6e, 0x5b, 0x14, 0x3f, 0x85, 0x33,
         0x30, 0x7a, 0xed, 0xdf, 0x40, 0x7b, 0xc2, 0x73, 0xf7, 0x02, 0x54, 0x25,
         0x0d, 0x88, 0x3e, 0x7f, 0x36, 0x0f, 0x80, 0x5d, 0x34, 0x63, 0x45, 0x6c,
         0xc5, 0xba, 0xae, 0x01, 0x66, 0x4e, 0x4d, 0x82, 0x0a, 0xbc, 0x96, 0x19,
         0xcc, 0x3a, 0x0b, 0xe0, 0xcd, 0xea, 0x05, 0x87, 0x37, 0x1c, 0xc0, 0x32,
         0xf0, 0x65, 0x44, 0xfe, 0xcb, 0x5e, 0xcf, 0xed, 0xa5, 0x4f, 0x1a, 0x07,
         0x0a, 0x5b, 0x23, 0xea, 0x6c, 0x08, 0xcc, 0xae, 0x96, 0xc1, 0xae, 0xca,
         0xa2, 0x3b, 0xa8, 0xae, 0x56, 0x5a, 0xe7, 0xe7, 0x97, 0x5e, 0x76, 0x7c,
         0xdf, 0xab, 0xa6, 0x98, 0x81, 0x92, 0x7f, 0xc2, 0x53, 0x73, 0xd1, 0x6e,
         0xcf, 0x34, 0x23, 0x8d, 0xaa, 0xe0, 0x06, 0x96, 0x37, 0x23, 0x9c, 0xe3,
         0xf7, 0x4f, 0x7f, 0x3f, 0xe0, 0xa7, 0x79, 0xf4, 0x3f, 0x88, 0x57, 0x7b,
         0x66, 0x65, 0xd1, 0xd3, 0xb7, 0x35, 0x28, 0x6f, 0xff, 0xda, 0x5e, 0x94,
         0xbf, 0xa8, 0x8f, 0xbd, 0x02, 0x7d, 0x47, 0x1b, 0xe0, 0x7e, 0x07, 0x0b,
         0x50, 0x01, 0x59, 0x9b, 0x3c, 0x0c, 0xbe, 0x57, 0x8d, 0x75, 0xb9, 0x6a,
         0x19, 0x89, 0x51, 0x16, 0x30, 0xb1, 0xec, 0x1c, 0x21, 0x4b, 0xc6, 0xd1,
         0x0b, 0x73, 0xda, 0x9d, 0x5a, 0x8d, 0x44, 0x58, 0x3b, 0x77, 0x69, 0xa8,
         0x19, 0xec, 0xdd, 0x2c, 0x6d, 0x02, 0x81, 0x81, 0x00, 0xfc, 0x45, 0xfc,
         0xbe, 0x2b, 0xe7, 0x2b, 0xb5, 0x4a, 0xf9, 0x36, 0x8e, 0x45, 0x77, 0xea,
         0xf0, 0x6a, 0xd7, 0xd7, 0x54, 0x49, 0x6f, 0x3a, 0x60, 0x8a, 0x62, 0xb7,
         0x0a, 0x14, 0x89, 0x96, 0xf2, 0xc6, 0xc2, 0x73, 0x3d, 0xc3, 0xa4, 0x2e,
         0x32, 0x85, 0x0a, 0x14, 0x02, 0x3d, 0x71, 0x0c, 0xdb, 0xef, 0x71, 0xf2,
         0x6c, 0xf4, 0xe6, 0x09, 0x71, 0x79, 0xb8, 0xea, 0x7a, 0xeb, 0x19, 0x24,
         0x5a, 0x91, 0x21, 0xc5, 0x5c, 0x72, 0x71, 0xa3, 0xd7, 0x40, 0x6b, 0x26,
         0x65, 0x47, 0x1d, 0xf4, 0xa3, 0xf8, 0xe2, 0x45, 0xdf, 0x90, 0xd7, 0xd5,
         0x40, 0x64, 0x2f, 0xb1, 0x67, 0xf9, 0x5d, 0x32, 0xe0, 0xac, 0x85, 0xd4,
         0x91, 0x29, 0x94, 0x44, 0xf5, 0x9a, 0xba, 0x6c, 0x0f, 0xd8, 0xef, 0x17,
         0x41, 0xe9, 0x04, 0xb6, 0x59, 0xf0, 0xde, 0x79, 0xff, 0xaa, 0x98, 0x2e,
         0xd6, 0xe0, 0x5d, 0xa6, 0xe3, 0x02, 0x81, 0x81, 0x00, 0xcd, 0xc0, 0x08,
         0x2f, 0xda, 0xa0, 0x30, 0x59, 0x87, 0x6c, 0x72, 0x4d, 0x35, 0x59, 0x7a,
         0x64, 0x4e, 0x25, 0x03, 0x56, 0xe8, 0xa4, 0x26, 0x9f, 0xcb, 0xb7, 0xdd,
         0x87, 0xc3, 0x61, 0xc2, 0xf3, 0xd7, 0x7a, 0x78, 0xab, 0x65, 0xc8, 0xfe,
         0xad, 0x53, 0x3a, 0xea, 0xa0, 0xdf, 0x8f, 0x78, 0x0c, 0xc7, 0x98, 0x5d,
         0xce, 0x7c, 0x31, 0x46, 0x3a, 0x84, 0x1d, 0xf3, 0x62, 0xce, 0xb3, 0x9a,
         0x60, 0xd8, 0x5e, 0x15, 0xee, 0xe1, 0x85, 0x70, 0x3e, 0x99, 0x50, 0x3d,
         0x7e, 0x1e, 0xee, 0x95, 0x31, 0x91, 0xa1, 0x4c, 0xd9, 0xbc, 0x76, 0x40,
         0x9f, 0x58, 0x2a, 0x4e, 0x5b, 0x9f, 0x82, 0xcc, 0xcb, 0x68, 0x83, 0x54,
         0xd1, 0xdf, 0xe9, 0xed, 0x19, 0xd6, 0x28, 0x8d, 0x69, 0x91, 0x02, 0xcc,
         0x48, 0x41, 0x70, 0x5d, 0xcf, 0x37, 0x72, 0x8c, 0x4e, 0x22, 0x06, 0x4f,
         0x87, 0xab, 0x2c, 0xdb, 0x43, 0x02, 0x81, 0x81, 0x00, 0xb4, 0x36, 0xc6,
         0xfb, 0x8f, 0x5f, 0x5f, 0xe0, 0xed, 0xc3, 0x24, 0x0e, 0xf4, 0x5f, 0x5b,
         0x0d, 0x0e, 0x36, 0x4c, 0x93, 0xe0, 0xb5, 0xbd, 0x8d, 0x33, 0xae, 0x9b,
         0x35, 0x6f, 0x40, 0x6e, 0xfd, 0xd5, 0xb1, 0x19, 0x24, 0x19, 0x3b, 0x92,
         0xe8, 0xf2, 0x13, 0x26, 0x02, 0x07, 0xa4, 0x57, 0xdc, 0x51, 0xac, 0x23,
         0xd3, 0x64, 0x0b, 0x64, 0xd9, 0x94, 0x6b, 0xdd, 0xcd, 0x9b, 0x5e, 0xe5,
         0x92, 0x71, 0x35, 0x1f, 0xc9, 0x0f, 0xd4, 0x50, 0x87, 0xb7, 0x74, 0x14,
         0x04, 0xab, 0x8e, 0x21, 0xb2, 0x75, 0x5c, 0x27, 0x30, 0x33, 0x47, 0x8c,
         0x06, 0xa8, 0xcb, 0x4d, 0x3f, 0x8a, 0x6a, 0xe2, 0xaa, 0x8f, 0x74, 0x37,
         0x4a, 0xcf, 0xda, 0x24, 0x7d, 0x13, 0x60, 0x73, 0x4b, 0xca, 0xdb, 0xd9,
         0xd0, 0x72, 0xc6, 0xb4, 0x01, 0x82, 0x49, 0x5b, 0xfb, 0xa1, 0x01, 0x80,
         0x0c, 0x6e, 0x51, 0x58, 0xa3, 0x02, 0x81, 0x80, 0x22, 0xb4, 0x17, 0x2d,
         0x6b, 0x24, 0xc5, 0xc2, 0xf4, 0x12, 0x98, 0x9c, 0xe9, 0x38, 0xb4, 0x6a,
         0x22, 0xbc, 0x1f, 0x7a, 0x13, 0x37, 0x4c, 0xc4, 0x7b, 0x2a, 0x02, 0x15,
         0x9a, 0x20, 0xed, 0x2f, 0x0f, 0xd3, 0x3a, 0x73, 0x3e, 0x71, 0xce, 0x73,
         0x11, 0xac, 0xc8, 0x52, 0x66, 0x22, 0xde, 0xce, 0xd9, 0x03, 0x9c, 0x1e,
         0xed, 0xd7, 0xa9, 0xce, 0xc8, 0xe5, 0xfc, 0x5d, 0x58, 0x1b, 0xf7, 0x18,
         0x0a, 0xa6, 0xa3, 0xf0, 0x6c, 0xdd, 0x82, 0xf7, 0x2c, 0x08, 0xda, 0xb6,
         0x61, 0x25, 0x40, 0xc8, 0xe1, 0x95, 0x61, 0x4f, 0x00, 0x78, 0xb9, 0xa1,
         0xa6, 0xcf, 0x4b, 0xf4, 0x2c, 0x4d, 0x75, 0x99, 0x81, 0x81, 0x55, 0x57,
         0x28, 0xfb, 0x5d, 0xe0, 0x93, 0xbc, 0xb7, 0x4d, 0x6d, 0x06, 0x19, 0xca,
         0xbe, 0x2e, 0xe3, 0xc3, 0xc5, 0xc8, 0x6e, 0x5d, 0xe7, 0x63, 0x45, 0x1a,
         0xcf, 0x06, 0x7b, 0xdd, 0x02, 0x81, 0x81, 0x00, 0xef, 0xc8, 0x33, 0x35,
         0x86, 0xa1, 0x19, 0x34, 0xca, 0x6a, 0x5b, 0x43, 0x2c, 0x5b, 0x31, 0xaf,
         0xc5, 0x0e, 0xf8, 0x12, 0x91, 0x16, 0xb9, 0x8b, 0x01, 0xf9, 0xa8, 0x9c,
         0x5b, 0x9e, 0xbb, 0xc6, 0x8d, 0xf7, 0xe7, 0xeb, 0x6f, 0x04, 0xbe, 0xa9,
         0x06, 0xba, 0xed, 0x9a, 0xf9, 0x6c, 0xe1, 0x3f, 0x3e, 0x27, 0x79, 0xdb,
         0x5a, 0x8f, 0x5b, 0x4d, 0xd4, 0xd0, 0xf5, 0x2f, 0xc4, 0xaf, 0xc9, 0xc4,
         0x44, 0x5b, 0xf1, 0xde, 0x1a, 0x91, 0xb7, 0x2b, 0x24, 0xc0, 0xed, 0xdd,
         0xb1, 0x1f, 0x57, 0x82, 0x82, 0xd2, 0xa5, 0x58, 0x7e, 0xcd, 0x91, 0xf6,
         0x2c, 0x46, 0xb0, 0x9b, 0xc3, 0x01, 0x2c, 0x85, 0x38, 0xba, 0x6b, 0x8c,
         0xfc, 0x04, 0x0a, 0x8c, 0xc1, 0xde, 0x42, 0xd2, 0x14, 0x77, 0xe1, 0x1f,
         0x58, 0xe9, 0x78, 0x63, 0x10, 0xf9, 0x7d, 0x68, 0xdb, 0xb4, 0x63, 0xa5,
         0x58, 0x04, 0x33, 0xa5};

 /* The following is the signature of the above message generated using
  * "openssl dgst" with the above private key, using the PKCS1v1.5 signature
  * algorithm and SHA256 hash.
  * This should be the output of the TA, given the above key and hash.
  */
 unsigned char test_signature[] = {
         0x9a, 0x89, 0x5b, 0x21, 0x8e, 0x01, 0x79, 0x59, 0x64, 0xf3, 0xbf, 0x8f,
         0x82, 0x14, 0xe8, 0x39, 0x97, 0x96, 0x78, 0x96, 0xc1, 0xcb, 0x02, 0x91,
         0xf2, 0xb3, 0x17, 0x7b, 0xe6, 0xaf, 0xa9, 0x67, 0x7a, 0xc1, 0x89, 0xac,
         0x99, 0x3f, 0x6f, 0x07, 0xe4, 0x02, 0x2f, 0xc5, 0x0c, 0xb2, 0x7b, 0x2b,
         0xb5, 0x7b, 0xba, 0x41, 0xfc, 0xf1, 0x4f, 0xc4, 0x23, 0x88, 0x52, 0xef,
         0x0e, 0x3d, 0x35, 0x07, 0xb1, 0x70, 0x0f, 0xeb, 0x62, 0x9e, 0x6d, 0x4c,
         0x9e, 0x22, 0x11, 0x38, 0x35, 0x75, 0xd5, 0xef, 0xd6, 0x0e, 0x38, 0xcb,
         0xe1, 0x13, 0x1c, 0xeb, 0xfb, 0x1c, 0x1e, 0x1c, 0x9f, 0x0a, 0x33, 0x4b,
         0x3a, 0x2c, 0x02, 0x03, 0x81, 0x74, 0x2c, 0x23, 0x2c, 0x58, 0x55, 0x14,
         0x5c, 0xfd, 0x4d, 0x46, 0x64, 0x0d, 0x0a, 0xb3, 0x01, 0x55, 0x11, 0x5a,
         0x2b, 0x05, 0x76, 0x50, 0xd8, 0x95, 0xd5, 0x07, 0xe6, 0x94, 0x3c, 0xef,
         0xde, 0x87, 0x15, 0x3c, 0xf9, 0xa2, 0x06, 0xec, 0x94, 0x29, 0xf1, 0x0b,
         0x6d, 0x06, 0xe3, 0xdf, 0xb3, 0x0b, 0xca, 0x77, 0x33, 0x59, 0xdc, 0xb7,
         0xd9, 0x45, 0x63, 0x2e, 0xa1, 0xdf, 0xc5, 0x48, 0x7c, 0x57, 0x82, 0xe3,
         0x34, 0x0d, 0xb6, 0xcb, 0xe0, 0xca, 0x14, 0x1d, 0x1b, 0x81, 0x93, 0x4b,
         0xc0, 0xc8, 0x2c, 0x33, 0xd9, 0x77, 0xd6, 0x5e, 0x47, 0x2a, 0x67, 0x5f,
         0xaa, 0xd1, 0x17, 0xe8, 0xa2, 0xe4, 0xa9, 0xac, 0xb2, 0x65, 0x49, 0x58,
         0x57, 0x7e, 0x00, 0xa8, 0xae, 0xd4, 0x38, 0x91, 0x6c, 0xb1, 0x00, 0xa0,
         0x4d, 0xaa, 0x1f, 0x77, 0xf3, 0x44, 0x6c, 0x81, 0xcf, 0xa5, 0x86, 0x43,
         0x02, 0x4a, 0x67, 0x01, 0x5e, 0x7a, 0xde, 0x98, 0x90, 0x1c, 0xbf, 0xfe,
         0xb5, 0xb1, 0x41, 0xdf, 0x2d, 0xfe, 0x80, 0x1e, 0xe2, 0x78, 0x50, 0xd0,
         0x7b, 0xde, 0x9e, 0xb2};

 /* The following function is solely for the purpose of testing. It "wraps" a key
  * such that it can be unwrapped by the sample keybox implementation in Trusty
  * As warned therein:
  *
  * THIS DOES NOT PROVIDE ANY SECURITY
  *
  * This is not a useful wrapping system. This is just intended as enough to mock
  * that:
  * 1. The wrapped data and unwrapped data are not the same.
  * 2. The wrapped data will fail to unwrap if it is trivially tampered with.
  *
  * Note this wrapping function has no error checking. It's assumed to be called
  * correctly i.e. such that the destination buffer (wrapped_keybox) is at least
  * one byte bigger than the source buffer (keybox_plaintext).
  */
 void keybox_wrap_for_test(const uint8_t* keybox_plaintext,
                           size_t keybox_plaintext_len,
                           uint8_t* wrapped_keybox,
                           size_t wrapped_keybox_buf_len,
                           size_t* wrapped_keybox_len) {
     /* Generate checksum */
     uint8_t checksum = 0;
     for (size_t i = 0; i < keybox_plaintext_len; i++) {
         checksum ^= keybox_plaintext[i];
     }

     /* Flip bits with masking byte */
     for (size_t i = 0; i < keybox_plaintext_len; i++) {
         wrapped_keybox[i] = keybox_plaintext[i] ^ 0x42;
     }

     *wrapped_keybox_len = keybox_plaintext_len + 1;
     wrapped_keybox[keybox_plaintext_len] = checksum;
 }

 typedef struct {
     android::sp<android::RpcSession> sess;
     android::sp<ICastAuth> srv;
 } CastAuthTest_t;

 static void CastAuthTest_SetUp(CastAuthTest_t* state) {
     int rc;
     android::binder::unique_fd chan;
     android::status_t status;
     android::sp<android::IBinder> root;

     rc = connect(ICastAuth::PORT().c_str(), IPC_CONNECT_WAIT_FOR_PORT);
     ASSERT_GE(rc, 0);
     chan.reset(rc);

     state->sess = android::RpcSession::make(
             android::RpcTransportCtxFactoryTipcTrusty::make());
     ASSERT_NE(nullptr, state->sess.get());

     status = state->sess->setupPreconnectedClient(
             std::move(chan), []() { return android::binder::unique_fd(); });
     ASSERT_EQ(android::OK, status);

     root = state->sess->getRootObject();
     ASSERT_NE(nullptr, root.get());

     state->srv = ICastAuth::asInterface(root);
     ASSERT_NE(nullptr, state->srv.get());

 test_abort:;
 }

 static void CastAuthTest_TearDown(CastAuthTest_t* state) {
     state->srv.clear();
 }

 TEST_F(CastAuthTest, ProvisionAndSignHash) {
     std::vector<uint8_t> wrapped_keybox(test_pkcs1_der.size() + 1);
     size_t wrapped_keybox_len;
     keybox_wrap_for_test(test_pkcs1_der.data(), test_pkcs1_der.size(),
                          wrapped_keybox.data(), wrapped_keybox.size(),
                          &wrapped_keybox_len);
     wrapped_keybox.resize(wrapped_keybox_len);

     {
         auto status = _state->srv->ProvisionKey(wrapped_keybox);
         ASSERT_TRUE(status.isOk(), "ProvisionKey");
     }

     {
         std::vector<uint8_t> signature(256);
         auto status = _state->srv->SignHash(test_hash, &signature);
         ASSERT_TRUE(status.isOk(), "SignHash");
         ASSERT_EQ(signature.size(), sizeof(test_signature), "signature size");
         for (unsigned int i = 0; i < signature.size(); ++i) {
             EXPECT_EQ(signature[i], test_signature[i], "signature diff");
         }
     }

 test_abort:;
 }

 TEST_F(CastAuthTest, ProvisionUnwrappedAndSignHash) {
     {
         auto status = _state->srv->ProvisionKey(test_pkcs1_der);
         ASSERT_TRUE(status.isOk(), "ProvisionKey");
     }

     {
         std::vector<uint8_t> signature(256);
         auto status = _state->srv->SignHash(test_hash, &signature);
         ASSERT_TRUE(status.isOk(), "SignHash");
         ASSERT_EQ(signature.size(), sizeof(test_signature), "signature size");
         for (unsigned int i = 0; i < signature.size(); ++i) {
             EXPECT_EQ(signature[i], test_signature[i], "signature diff");
         }
     }

 test_abort:;
 }

 PORT_TEST(CastAuthTest, "com.android.trusty.cast_auth.test")
	/*
	* Copyright (C) 2022 The Android Open Source Project
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	#define TLOG_TAG "cast-auth-trusty-test"

	#include <stddef.h>
	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>

	#include <array>
	#include <cstdint>

	#include <binder/RpcSession.h>
	#include <binder/RpcTransportTipcTrusty.h>
	#include <lib/unittest/unittest.h>
	#include <trusty_ipc.h>
	#include <trusty_log.h>
	#include <trusty_unittest.h>
	#include <uapi/err.h>

	#include "BpCastAuth.h"

	// trusty_unittest.h doesn't provide these by default.
	#define ASSERT_TRUE(val, args...) ASSERT_EQ(true, (bool)(val), ##args)
	#define ASSERT_FALSE(val, args...) ASSERT_EQ(false, (bool)(val), ##args)
	#define EXPECT_TRUE(val, args...) EXPECT_EQ(true, (bool)(val), ##args)
	#define EXPECT_FALSE(val, args...) EXPECT_EQ(false, (bool)(val), ##args)

	unsigned char message_bin[] = {0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0a};
	unsigned int message_bin_len = 8;

	/* The following test_hash is the SHA256 hash of the message consisting of these
	* bytes: 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0a
	* prefixed by the appropriate DER prefix for SHA256.
	*/
	const std::vector<uint8_t> test_hash{
	0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65,
	0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20, 0x00, 0xcf, 0x20,
	0xe0, 0x7a, 0xa9, 0x69, 0x9f, 0x6c, 0x4f, 0x93, 0x42, 0x30, 0xee,
	0xff, 0x8f, 0xc6, 0xf6, 0xcf, 0xdd, 0x57, 0xc8, 0xe5, 0xaf, 0x93,
	0x49, 0x60, 0x82, 0xd7, 0x5c, 0xee, 0x42};

	/* The following is a test RSA 2048 bit key, generated using openssl genrsa. It
	* is in PKCS1 RSAPrivateKey (DER) format.
	*/
	const std::vector<uint8_t> test_pkcs1_der{
	0x30, 0x82, 0x04, 0xa4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, 0x01, 0x00,
	0xca, 0xc1, 0x47, 0xf3, 0x2f, 0xf9, 0xd8, 0x47, 0x7f, 0x3b, 0x14, 0xb7,
	0xde, 0x0f, 0xa8, 0x41, 0xe6, 0x30, 0x01, 0x27, 0x1b, 0x8a, 0x30, 0x96,
	0xd0, 0x50, 0xa7, 0xfc, 0x19, 0xe0, 0xdf, 0x71, 0x6d, 0x0e, 0x8b, 0x79,
	0x01, 0xa8, 0xe2, 0x01, 0x2d, 0x26, 0x93, 0xad, 0x3a, 0x2d, 0x84, 0xa0,
	0x52, 0x64, 0xc9, 0x49, 0xdc, 0xf5, 0xa0, 0xd0, 0xd6, 0xab, 0xe1, 0xc5,
	0x3d, 0x39, 0x53, 0x6b, 0xd5, 0x12, 0x33, 0x6b, 0xcd, 0x88, 0xb1, 0xa4,
	0x6c, 0x69, 0x7f, 0x1c, 0x74, 0x6c, 0x27, 0xd6, 0xb8, 0x09, 0x1b, 0x0d,
	0xb3, 0xc7, 0xd2, 0xaf, 0x52, 0xad, 0xf7, 0x61, 0x91, 0xa1, 0x39, 0x58,
	0x99, 0xa4, 0x9b, 0x7d, 0x76, 0xe2, 0x26, 0x56, 0x86, 0x60, 0x1a, 0x47,
	0xba, 0xdd, 0x94, 0xf2, 0x19, 0x08, 0x8f, 0x66, 0x9f, 0x59, 0xb9, 0x69,
	0x9f, 0x53, 0x76, 0xb4, 0x2b, 0xac, 0x32, 0x87, 0x6d, 0x48, 0xeb, 0x80,
	0x56, 0x2f, 0x1c, 0x7b, 0x82, 0x5b, 0x45, 0x51, 0xe3, 0xc1, 0xa9, 0xf0,
	0x5c, 0xff, 0xc8, 0xf7, 0x6c, 0xfa, 0xf0, 0x84, 0x2f, 0x43, 0xa6, 0x25,
	0xdf, 0xc6, 0xbd, 0xd8, 0x68, 0x56, 0x6f, 0x7b, 0xea, 0x9e, 0xf2, 0x69,
	0xad, 0xf8, 0x7d, 0x18, 0x83, 0x73, 0xea, 0x09, 0xf7, 0x6d, 0x86, 0x41,
	0x14, 0xd0, 0x98, 0xaa, 0xb0, 0x2d, 0x10, 0xd7, 0xa8, 0xdc, 0x02, 0x33,
	0x31, 0xe5, 0xf6, 0xf4, 0x25, 0x4f, 0x97, 0xa8, 0xc6, 0x48, 0x6f, 0x00,
	0xa4, 0x9f, 0x58, 0xce, 0x7b, 0xf7, 0x0d, 0x1b, 0x13, 0x4d, 0x9c, 0x69,
	0x06, 0x19, 0x01, 0x60, 0x99, 0xa3, 0xeb, 0x09, 0x81, 0x17, 0x98, 0xcd,
	0x45, 0xc1, 0xd1, 0xc6, 0x5a, 0xa4, 0xce, 0x87, 0x16, 0x75, 0x21, 0xda,
	0x3e, 0xbd, 0x56, 0xdc, 0x54, 0xea, 0x50, 0x5e, 0xb1, 0xe8, 0x41, 0x74,
	0x26, 0x4a, 0xde, 0x69, 0x02, 0x03, 0x01, 0x00, 0x01, 0x02, 0x82, 0x01,
	0x00, 0x5e, 0x94, 0x38, 0xa6, 0xe5, 0x4b, 0x4b, 0xab, 0x56, 0x5b, 0x4d,
	0xf7, 0xd3, 0x1b, 0x44, 0xa6, 0xb0, 0xe4, 0xd5, 0xb4, 0xd3, 0x70, 0xeb,
	0xe7, 0x7d, 0xf7, 0x11, 0xd5, 0x54, 0x91, 0x04, 0x4a, 0x19, 0xd0, 0x3e,
	0x19, 0x4d, 0x3f, 0xe5, 0x65, 0x1d, 0x15, 0xb0, 0xaf, 0x8e, 0xc2, 0xea,
	0xea, 0x0a, 0x65, 0x3f, 0x4c, 0x38, 0x49, 0x50, 0x21, 0xfa, 0xf1, 0xa4,
	0xd8, 0x68, 0x0d, 0xd4, 0xaf, 0x29, 0x6e, 0x5b, 0x14, 0x3f, 0x85, 0x33,
	0x30, 0x7a, 0xed, 0xdf, 0x40, 0x7b, 0xc2, 0x73, 0xf7, 0x02, 0x54, 0x25,
	0x0d, 0x88, 0x3e, 0x7f, 0x36, 0x0f, 0x80, 0x5d, 0x34, 0x63, 0x45, 0x6c,
	0xc5, 0xba, 0xae, 0x01, 0x66, 0x4e, 0x4d, 0x82, 0x0a, 0xbc, 0x96, 0x19,
	0xcc, 0x3a, 0x0b, 0xe0, 0xcd, 0xea, 0x05, 0x87, 0x37, 0x1c, 0xc0, 0x32,
	0xf0, 0x65, 0x44, 0xfe, 0xcb, 0x5e, 0xcf, 0xed, 0xa5, 0x4f, 0x1a, 0x07,
	0x0a, 0x5b, 0x23, 0xea, 0x6c, 0x08, 0xcc, 0xae, 0x96, 0xc1, 0xae, 0xca,
	0xa2, 0x3b, 0xa8, 0xae, 0x56, 0x5a, 0xe7, 0xe7, 0x97, 0x5e, 0x76, 0x7c,
	0xdf, 0xab, 0xa6, 0x98, 0x81, 0x92, 0x7f, 0xc2, 0x53, 0x73, 0xd1, 0x6e,
	0xcf, 0x34, 0x23, 0x8d, 0xaa, 0xe0, 0x06, 0x96, 0x37, 0x23, 0x9c, 0xe3,
	0xf7, 0x4f, 0x7f, 0x3f, 0xe0, 0xa7, 0x79, 0xf4, 0x3f, 0x88, 0x57, 0x7b,
	0x66, 0x65, 0xd1, 0xd3, 0xb7, 0x35, 0x28, 0x6f, 0xff, 0xda, 0x5e, 0x94,
	0xbf, 0xa8, 0x8f, 0xbd, 0x02, 0x7d, 0x47, 0x1b, 0xe0, 0x7e, 0x07, 0x0b,
	0x50, 0x01, 0x59, 0x9b, 0x3c, 0x0c, 0xbe, 0x57, 0x8d, 0x75, 0xb9, 0x6a,
	0x19, 0x89, 0x51, 0x16, 0x30, 0xb1, 0xec, 0x1c, 0x21, 0x4b, 0xc6, 0xd1,
	0x0b, 0x73, 0xda, 0x9d, 0x5a, 0x8d, 0x44, 0x58, 0x3b, 0x77, 0x69, 0xa8,
	0x19, 0xec, 0xdd, 0x2c, 0x6d, 0x02, 0x81, 0x81, 0x00, 0xfc, 0x45, 0xfc,
	0xbe, 0x2b, 0xe7, 0x2b, 0xb5, 0x4a, 0xf9, 0x36, 0x8e, 0x45, 0x77, 0xea,
	0xf0, 0x6a, 0xd7, 0xd7, 0x54, 0x49, 0x6f, 0x3a, 0x60, 0x8a, 0x62, 0xb7,
	0x0a, 0x14, 0x89, 0x96, 0xf2, 0xc6, 0xc2, 0x73, 0x3d, 0xc3, 0xa4, 0x2e,
	0x32, 0x85, 0x0a, 0x14, 0x02, 0x3d, 0x71, 0x0c, 0xdb, 0xef, 0x71, 0xf2,
	0x6c, 0xf4, 0xe6, 0x09, 0x71, 0x79, 0xb8, 0xea, 0x7a, 0xeb, 0x19, 0x24,
	0x5a, 0x91, 0x21, 0xc5, 0x5c, 0x72, 0x71, 0xa3, 0xd7, 0x40, 0x6b, 0x26,
	0x65, 0x47, 0x1d, 0xf4, 0xa3, 0xf8, 0xe2, 0x45, 0xdf, 0x90, 0xd7, 0xd5,
	0x40, 0x64, 0x2f, 0xb1, 0x67, 0xf9, 0x5d, 0x32, 0xe0, 0xac, 0x85, 0xd4,
	0x91, 0x29, 0x94, 0x44, 0xf5, 0x9a, 0xba, 0x6c, 0x0f, 0xd8, 0xef, 0x17,
	0x41, 0xe9, 0x04, 0xb6, 0x59, 0xf0, 0xde, 0x79, 0xff, 0xaa, 0x98, 0x2e,
	0xd6, 0xe0, 0x5d, 0xa6, 0xe3, 0x02, 0x81, 0x81, 0x00, 0xcd, 0xc0, 0x08,
	0x2f, 0xda, 0xa0, 0x30, 0x59, 0x87, 0x6c, 0x72, 0x4d, 0x35, 0x59, 0x7a,
	0x64, 0x4e, 0x25, 0x03, 0x56, 0xe8, 0xa4, 0x26, 0x9f, 0xcb, 0xb7, 0xdd,
	0x87, 0xc3, 0x61, 0xc2, 0xf3, 0xd7, 0x7a, 0x78, 0xab, 0x65, 0xc8, 0xfe,
	0xad, 0x53, 0x3a, 0xea, 0xa0, 0xdf, 0x8f, 0x78, 0x0c, 0xc7, 0x98, 0x5d,
	0xce, 0x7c, 0x31, 0x46, 0x3a, 0x84, 0x1d, 0xf3, 0x62, 0xce, 0xb3, 0x9a,
	0x60, 0xd8, 0x5e, 0x15, 0xee, 0xe1, 0x85, 0x70, 0x3e, 0x99, 0x50, 0x3d,
	0x7e, 0x1e, 0xee, 0x95, 0x31, 0x91, 0xa1, 0x4c, 0xd9, 0xbc, 0x76, 0x40,
	0x9f, 0x58, 0x2a, 0x4e, 0x5b, 0x9f, 0x82, 0xcc, 0xcb, 0x68, 0x83, 0x54,
	0xd1, 0xdf, 0xe9, 0xed, 0x19, 0xd6, 0x28, 0x8d, 0x69, 0x91, 0x02, 0xcc,
	0x48, 0x41, 0x70, 0x5d, 0xcf, 0x37, 0x72, 0x8c, 0x4e, 0x22, 0x06, 0x4f,
	0x87, 0xab, 0x2c, 0xdb, 0x43, 0x02, 0x81, 0x81, 0x00, 0xb4, 0x36, 0xc6,
	0xfb, 0x8f, 0x5f, 0x5f, 0xe0, 0xed, 0xc3, 0x24, 0x0e, 0xf4, 0x5f, 0x5b,
	0x0d, 0x0e, 0x36, 0x4c, 0x93, 0xe0, 0xb5, 0xbd, 0x8d, 0x33, 0xae, 0x9b,
	0x35, 0x6f, 0x40, 0x6e, 0xfd, 0xd5, 0xb1, 0x19, 0x24, 0x19, 0x3b, 0x92,
	0xe8, 0xf2, 0x13, 0x26, 0x02, 0x07, 0xa4, 0x57, 0xdc, 0x51, 0xac, 0x23,
	0xd3, 0x64, 0x0b, 0x64, 0xd9, 0x94, 0x6b, 0xdd, 0xcd, 0x9b, 0x5e, 0xe5,
	0x92, 0x71, 0x35, 0x1f, 0xc9, 0x0f, 0xd4, 0x50, 0x87, 0xb7, 0x74, 0x14,
	0x04, 0xab, 0x8e, 0x21, 0xb2, 0x75, 0x5c, 0x27, 0x30, 0x33, 0x47, 0x8c,
	0x06, 0xa8, 0xcb, 0x4d, 0x3f, 0x8a, 0x6a, 0xe2, 0xaa, 0x8f, 0x74, 0x37,
	0x4a, 0xcf, 0xda, 0x24, 0x7d, 0x13, 0x60, 0x73, 0x4b, 0xca, 0xdb, 0xd9,
	0xd0, 0x72, 0xc6, 0xb4, 0x01, 0x82, 0x49, 0x5b, 0xfb, 0xa1, 0x01, 0x80,
	0x0c, 0x6e, 0x51, 0x58, 0xa3, 0x02, 0x81, 0x80, 0x22, 0xb4, 0x17, 0x2d,
	0x6b, 0x24, 0xc5, 0xc2, 0xf4, 0x12, 0x98, 0x9c, 0xe9, 0x38, 0xb4, 0x6a,
	0x22, 0xbc, 0x1f, 0x7a, 0x13, 0x37, 0x4c, 0xc4, 0x7b, 0x2a, 0x02, 0x15,
	0x9a, 0x20, 0xed, 0x2f, 0x0f, 0xd3, 0x3a, 0x73, 0x3e, 0x71, 0xce, 0x73,
	0x11, 0xac, 0xc8, 0x52, 0x66, 0x22, 0xde, 0xce, 0xd9, 0x03, 0x9c, 0x1e,
	0xed, 0xd7, 0xa9, 0xce, 0xc8, 0xe5, 0xfc, 0x5d, 0x58, 0x1b, 0xf7, 0x18,
	0x0a, 0xa6, 0xa3, 0xf0, 0x6c, 0xdd, 0x82, 0xf7, 0x2c, 0x08, 0xda, 0xb6,
	0x61, 0x25, 0x40, 0xc8, 0xe1, 0x95, 0x61, 0x4f, 0x00, 0x78, 0xb9, 0xa1,
	0xa6, 0xcf, 0x4b, 0xf4, 0x2c, 0x4d, 0x75, 0x99, 0x81, 0x81, 0x55, 0x57,
	0x28, 0xfb, 0x5d, 0xe0, 0x93, 0xbc, 0xb7, 0x4d, 0x6d, 0x06, 0x19, 0xca,
	0xbe, 0x2e, 0xe3, 0xc3, 0xc5, 0xc8, 0x6e, 0x5d, 0xe7, 0x63, 0x45, 0x1a,
	0xcf, 0x06, 0x7b, 0xdd, 0x02, 0x81, 0x81, 0x00, 0xef, 0xc8, 0x33, 0x35,
	0x86, 0xa1, 0x19, 0x34, 0xca, 0x6a, 0x5b, 0x43, 0x2c, 0x5b, 0x31, 0xaf,
	0xc5, 0x0e, 0xf8, 0x12, 0x91, 0x16, 0xb9, 0x8b, 0x01, 0xf9, 0xa8, 0x9c,
	0x5b, 0x9e, 0xbb, 0xc6, 0x8d, 0xf7, 0xe7, 0xeb, 0x6f, 0x04, 0xbe, 0xa9,
	0x06, 0xba, 0xed, 0x9a, 0xf9, 0x6c, 0xe1, 0x3f, 0x3e, 0x27, 0x79, 0xdb,
	0x5a, 0x8f, 0x5b, 0x4d, 0xd4, 0xd0, 0xf5, 0x2f, 0xc4, 0xaf, 0xc9, 0xc4,
	0x44, 0x5b, 0xf1, 0xde, 0x1a, 0x91, 0xb7, 0x2b, 0x24, 0xc0, 0xed, 0xdd,
	0xb1, 0x1f, 0x57, 0x82, 0x82, 0xd2, 0xa5, 0x58, 0x7e, 0xcd, 0x91, 0xf6,
	0x2c, 0x46, 0xb0, 0x9b, 0xc3, 0x01, 0x2c, 0x85, 0x38, 0xba, 0x6b, 0x8c,
	0xfc, 0x04, 0x0a, 0x8c, 0xc1, 0xde, 0x42, 0xd2, 0x14, 0x77, 0xe1, 0x1f,
	0x58, 0xe9, 0x78, 0x63, 0x10, 0xf9, 0x7d, 0x68, 0xdb, 0xb4, 0x63, 0xa5,
	0x58, 0x04, 0x33, 0xa5};

	/* The following is the signature of the above message generated using
	* "openssl dgst" with the above private key, using the PKCS1v1.5 signature
	* algorithm and SHA256 hash.
	* This should be the output of the TA, given the above key and hash.
	*/
	unsigned char test_signature[] = {
	0x9a, 0x89, 0x5b, 0x21, 0x8e, 0x01, 0x79, 0x59, 0x64, 0xf3, 0xbf, 0x8f,
	0x82, 0x14, 0xe8, 0x39, 0x97, 0x96, 0x78, 0x96, 0xc1, 0xcb, 0x02, 0x91,
	0xf2, 0xb3, 0x17, 0x7b, 0xe6, 0xaf, 0xa9, 0x67, 0x7a, 0xc1, 0x89, 0xac,
	0x99, 0x3f, 0x6f, 0x07, 0xe4, 0x02, 0x2f, 0xc5, 0x0c, 0xb2, 0x7b, 0x2b,
	0xb5, 0x7b, 0xba, 0x41, 0xfc, 0xf1, 0x4f, 0xc4, 0x23, 0x88, 0x52, 0xef,
	0x0e, 0x3d, 0x35, 0x07, 0xb1, 0x70, 0x0f, 0xeb, 0x62, 0x9e, 0x6d, 0x4c,
	0x9e, 0x22, 0x11, 0x38, 0x35, 0x75, 0xd5, 0xef, 0xd6, 0x0e, 0x38, 0xcb,
	0xe1, 0x13, 0x1c, 0xeb, 0xfb, 0x1c, 0x1e, 0x1c, 0x9f, 0x0a, 0x33, 0x4b,
	0x3a, 0x2c, 0x02, 0x03, 0x81, 0x74, 0x2c, 0x23, 0x2c, 0x58, 0x55, 0x14,
	0x5c, 0xfd, 0x4d, 0x46, 0x64, 0x0d, 0x0a, 0xb3, 0x01, 0x55, 0x11, 0x5a,
	0x2b, 0x05, 0x76, 0x50, 0xd8, 0x95, 0xd5, 0x07, 0xe6, 0x94, 0x3c, 0xef,
	0xde, 0x87, 0x15, 0x3c, 0xf9, 0xa2, 0x06, 0xec, 0x94, 0x29, 0xf1, 0x0b,
	0x6d, 0x06, 0xe3, 0xdf, 0xb3, 0x0b, 0xca, 0x77, 0x33, 0x59, 0xdc, 0xb7,
	0xd9, 0x45, 0x63, 0x2e, 0xa1, 0xdf, 0xc5, 0x48, 0x7c, 0x57, 0x82, 0xe3,
	0x34, 0x0d, 0xb6, 0xcb, 0xe0, 0xca, 0x14, 0x1d, 0x1b, 0x81, 0x93, 0x4b,
	0xc0, 0xc8, 0x2c, 0x33, 0xd9, 0x77, 0xd6, 0x5e, 0x47, 0x2a, 0x67, 0x5f,
	0xaa, 0xd1, 0x17, 0xe8, 0xa2, 0xe4, 0xa9, 0xac, 0xb2, 0x65, 0x49, 0x58,
	0x57, 0x7e, 0x00, 0xa8, 0xae, 0xd4, 0x38, 0x91, 0x6c, 0xb1, 0x00, 0xa0,
	0x4d, 0xaa, 0x1f, 0x77, 0xf3, 0x44, 0x6c, 0x81, 0xcf, 0xa5, 0x86, 0x43,
	0x02, 0x4a, 0x67, 0x01, 0x5e, 0x7a, 0xde, 0x98, 0x90, 0x1c, 0xbf, 0xfe,
	0xb5, 0xb1, 0x41, 0xdf, 0x2d, 0xfe, 0x80, 0x1e, 0xe2, 0x78, 0x50, 0xd0,
	0x7b, 0xde, 0x9e, 0xb2};

	/* The following function is solely for the purpose of testing. It "wraps" a key
	* such that it can be unwrapped by the sample keybox implementation in Trusty
	* As warned therein:
	*
	* THIS DOES NOT PROVIDE ANY SECURITY
	*
	* This is not a useful wrapping system. This is just intended as enough to mock
	* that:
	* 1. The wrapped data and unwrapped data are not the same.
	* 2. The wrapped data will fail to unwrap if it is trivially tampered with.
	*
	* Note this wrapping function has no error checking. It's assumed to be called
	* correctly i.e. such that the destination buffer (wrapped_keybox) is at least
	* one byte bigger than the source buffer (keybox_plaintext).
	*/
	void keybox_wrap_for_test(const uint8_t* keybox_plaintext,
	size_t keybox_plaintext_len,
	uint8_t* wrapped_keybox,
	size_t wrapped_keybox_buf_len,
	size_t* wrapped_keybox_len) {
	/* Generate checksum */
	uint8_t checksum = 0;
	for (size_t i = 0; i < keybox_plaintext_len; i++) {
	checksum ^= keybox_plaintext[i];
	}

	/* Flip bits with masking byte */
	for (size_t i = 0; i < keybox_plaintext_len; i++) {
	wrapped_keybox[i] = keybox_plaintext[i] ^ 0x42;
	}

	*wrapped_keybox_len = keybox_plaintext_len + 1;
	wrapped_keybox[keybox_plaintext_len] = checksum;
	}

	typedef struct {
	android::sp<android::RpcSession> sess;
	android::sp<ICastAuth> srv;
	} CastAuthTest_t;

	static void CastAuthTest_SetUp(CastAuthTest_t* state) {
	int rc;
	android::binder::unique_fd chan;
	android::status_t status;
	android::sp<android::IBinder> root;

	rc = connect(ICastAuth::PORT().c_str(), IPC_CONNECT_WAIT_FOR_PORT);
	ASSERT_GE(rc, 0);
	chan.reset(rc);

	state->sess = android::RpcSession::make(
	android::RpcTransportCtxFactoryTipcTrusty::make());
	ASSERT_NE(nullptr, state->sess.get());

	status = state->sess->setupPreconnectedClient(
	std::move(chan), []() { return android::binder::unique_fd(); });
	ASSERT_EQ(android::OK, status);

	root = state->sess->getRootObject();
	ASSERT_NE(nullptr, root.get());

	state->srv = ICastAuth::asInterface(root);
	ASSERT_NE(nullptr, state->srv.get());

	test_abort:;
	}

	static void CastAuthTest_TearDown(CastAuthTest_t* state) {
	state->srv.clear();
	}

	TEST_F(CastAuthTest, ProvisionAndSignHash) {
	std::vector<uint8_t> wrapped_keybox(test_pkcs1_der.size() + 1);
	size_t wrapped_keybox_len;
	keybox_wrap_for_test(test_pkcs1_der.data(), test_pkcs1_der.size(),
	wrapped_keybox.data(), wrapped_keybox.size(),
	&wrapped_keybox_len);
	wrapped_keybox.resize(wrapped_keybox_len);

	{
	auto status = _state->srv->ProvisionKey(wrapped_keybox);
	ASSERT_TRUE(status.isOk(), "ProvisionKey");
	}

	{
	std::vector<uint8_t> signature(256);
	auto status = _state->srv->SignHash(test_hash, &signature);
	ASSERT_TRUE(status.isOk(), "SignHash");
	ASSERT_EQ(signature.size(), sizeof(test_signature), "signature size");
	for (unsigned int i = 0; i < signature.size(); ++i) {
	EXPECT_EQ(signature[i], test_signature[i], "signature diff");
	}
	}

	test_abort:;
	}

	TEST_F(CastAuthTest, ProvisionUnwrappedAndSignHash) {
	{
	auto status = _state->srv->ProvisionKey(test_pkcs1_der);
	ASSERT_TRUE(status.isOk(), "ProvisionKey");
	}

	{
	std::vector<uint8_t> signature(256);
	auto status = _state->srv->SignHash(test_hash, &signature);
	ASSERT_TRUE(status.isOk(), "SignHash");
	ASSERT_EQ(signature.size(), sizeof(test_signature), "signature size");
	for (unsigned int i = 0; i < signature.size(); ++i) {
	EXPECT_EQ(signature[i], test_signature[i], "signature diff");
	}
	}

	test_abort:;
	}

	PORT_TEST(CastAuthTest, "com.android.trusty.cast_auth.test")