Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 02a96eed authored by David Drysdale's avatar David Drysdale Committed by Automerger Merge Worker
Browse files

Merge "KeyMint VTS: test default MGF_DIGEST behaviour" am: 5d88e95b am: 0fdf10c4 am: dd4c2f2c 

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1888675



Change-Id: I3194d27e41b8e25f0fbc24b20f04d18522075f17
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 605df8b6 dd4c2f2c

security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp

+1 −1
Original line number Original line Diff line number Diff line
@@ -981,7 +981,7 @@ string KeyMintAidlTestBase::LocalRsaEncryptMessage(const string& message, 




    // Retrieve relevant tags.

    // Retrieve relevant tags.

    Digest digest = Digest::NONE;

    Digest digest = Digest::NONE;

    Digest mgf_digest = Digest::NONE;

    Digest mgf_digest = Digest::SHA1;

    PaddingMode padding = PaddingMode::NONE;

    PaddingMode padding = PaddingMode::NONE;





    auto digest_tag = params.GetTagValue(TAG_DIGEST);

    auto digest_tag = params.GetTagValue(TAG_DIGEST);

security/keymint/aidl/vts/functional/KeyMintTest.cpp

+73 −0
Original line number Original line Diff line number Diff line
@@ -5168,6 +5168,79 @@ TEST_P(EncryptionOperationsTest, RsaOaepWithMGFDigestSuccess) { 
    }

    }

}

}





/*

 * EncryptionOperationsTest.RsaOaepMGFDigestDefaultSuccess

 *

 * Verifies that RSA-OAEP decryption operations work when no MGF digest is

 * specified, defaulting to SHA-1.

 */

TEST_P(EncryptionOperationsTest, RsaOaepMGFDigestDefaultSuccess) {

    size_t key_size = 2048;

    ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()

                                                 .Authorization(TAG_NO_AUTH_REQUIRED)

                                                 .RsaEncryptionKey(key_size, 65537)

                                                 .Padding(PaddingMode::RSA_OAEP)

                                                 .Digest(Digest::SHA_2_256)

                                                 .SetDefaultValidity()));



    // Do local RSA encryption using the default MGF digest of SHA-1.

    string message = "Hello";

    auto params =

            AuthorizationSetBuilder().Digest(Digest::SHA_2_256).Padding(PaddingMode::RSA_OAEP);

    string ciphertext = LocalRsaEncryptMessage(message, params);

    EXPECT_EQ(key_size / 8, ciphertext.size());



    // Do KeyMint RSA decryption also using the default MGF digest of SHA-1.

    string plaintext = DecryptMessage(ciphertext, params);

    EXPECT_EQ(message, plaintext) << "RSA-OAEP failed with default digest";



    // Decrypting corrupted ciphertext should fail.

    size_t offset_to_corrupt = random() % ciphertext.size();

    char corrupt_byte;

    do {

        corrupt_byte = static_cast<char>(random() % 256);

    } while (corrupt_byte == ciphertext[offset_to_corrupt]);

    ciphertext[offset_to_corrupt] = corrupt_byte;



    EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, params));

    string result;

    EXPECT_EQ(ErrorCode::UNKNOWN_ERROR, Finish(ciphertext, &result));

    EXPECT_EQ(0U, result.size());

}



/*

 * EncryptionOperationsTest.RsaOaepMGFDigestDefaultFail

 *

 * Verifies that RSA-OAEP decryption operations fail when no MGF digest is

 * specified on begin (thus defaulting to SHA-1), but the key characteristics

 * has an explicit set of values for MGF_DIGEST that do not contain SHA-1.

 */

TEST_P(EncryptionOperationsTest, RsaOaepMGFDigestDefaultFail) {

    size_t key_size = 2048;

    ASSERT_EQ(ErrorCode::OK,

              GenerateKey(AuthorizationSetBuilder()

                                  .Authorization(TAG_NO_AUTH_REQUIRED)

                                  .Authorization(TAG_RSA_OAEP_MGF_DIGEST, Digest::SHA_2_256)

                                  .RsaEncryptionKey(key_size, 65537)

                                  .Padding(PaddingMode::RSA_OAEP)

                                  .Digest(Digest::SHA_2_256)

                                  .SetDefaultValidity()));



    // Do local RSA encryption using the default MGF digest of SHA-1.

    string message = "Hello";

    auto params =

            AuthorizationSetBuilder().Digest(Digest::SHA_2_256).Padding(PaddingMode::RSA_OAEP);

    string ciphertext = LocalRsaEncryptMessage(message, params);

    EXPECT_EQ(key_size / 8, ciphertext.size());



    // begin() params do not include MGF_DIGEST, so a default of SHA1 is assumed.

    // Key characteristics *do* include values for MGF_DIGEST, so the SHA1 value

    // is checked against those values, and found absent.

    auto result = Begin(KeyPurpose::DECRYPT, params);

    EXPECT_TRUE(result == ErrorCode::UNSUPPORTED_MGF_DIGEST ||

                result == ErrorCode::INCOMPATIBLE_MGF_DIGEST);

}



/*

/*

 * EncryptionOperationsTest.RsaOaepWithMGFIncompatibleDigest

 * EncryptionOperationsTest.RsaOaepWithMGFIncompatibleDigest

 *

 *