Loading security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp +2 −2 Original line number Diff line number Diff line Loading @@ -577,8 +577,8 @@ string KeyMintAidlTestBase::EncryptMessage(const string& message, BlockMode bloc string ciphertext = EncryptMessage(message, params, &out_params); EXPECT_EQ(1U, out_params.size()); auto ivVal = out_params.GetTagValue(TAG_NONCE); EXPECT_TRUE(ivVal.isOk()); if (ivVal.isOk()) *iv_out = ivVal.value(); EXPECT_TRUE(ivVal); if (ivVal) *iv_out = *ivVal; return ciphertext; } Loading security/keymint/aidl/vts/functional/KeyMintTest.cpp +17 −14 Original line number Diff line number Diff line Loading @@ -80,7 +80,10 @@ namespace { template <TagType tag_type, Tag tag, typename ValueT> bool contains(vector<KeyParameter>& set, TypedTag<tag_type, tag> ttag, ValueT expected_value) { auto it = std::find_if(set.begin(), set.end(), [&](const KeyParameter& param) { return param.tag == tag && accessTagValue(ttag, param) == expected_value; if (auto p = authorizationValue(ttag, param)) { return *p == expected_value; } return false; }); return (it != set.end()); } Loading Loading @@ -251,10 +254,10 @@ class NewKeyGenerationTest : public KeyMintAidlTestBase { EXPECT_TRUE(auths.Contains(TAG_OS_VERSION, os_version())) << "OS version is " << os_version() << " key reported " << auths.GetTagValue(TAG_OS_VERSION); << auths.GetTagValue(TAG_OS_VERSION)->get(); EXPECT_TRUE(auths.Contains(TAG_OS_PATCHLEVEL, os_patch_level())) << "OS patch level is " << os_patch_level() << " key reported " << auths.GetTagValue(TAG_OS_PATCHLEVEL); << auths.GetTagValue(TAG_OS_PATCHLEVEL)->get(); } }; Loading Loading @@ -2333,8 +2336,8 @@ TEST_P(EncryptionOperationsTest, AesEcbPkcs7PaddingCorrupted) { vector<uint8_t> CopyIv(const AuthorizationSet& set) { auto iv = set.GetTagValue(TAG_NONCE); EXPECT_TRUE(iv.isOk()); return iv.value(); EXPECT_TRUE(iv); return iv->get(); } /* Loading Loading @@ -2459,13 +2462,13 @@ TEST_P(EncryptionOperationsTest, AesIncremental) { case BlockMode::CBC: case BlockMode::GCM: case BlockMode::CTR: ASSERT_TRUE(iv.isOk()) << "No IV for block mode " << block_mode; EXPECT_EQ(block_mode == BlockMode::GCM ? 12U : 16U, iv.value().size()); params.push_back(TAG_NONCE, iv.value()); ASSERT_TRUE(iv) << "No IV for block mode " << block_mode; EXPECT_EQ(block_mode == BlockMode::GCM ? 12U : 16U, iv->get().size()); params.push_back(TAG_NONCE, iv->get()); break; case BlockMode::ECB: EXPECT_FALSE(iv.isOk()) << "ECB mode should not generate IV"; EXPECT_FALSE(iv) << "ECB mode should not generate IV"; break; } Loading Loading @@ -2649,9 +2652,9 @@ TEST_P(EncryptionOperationsTest, AesCallerNonce) { AuthorizationSet out_params; string ciphertext = EncryptMessage(message, params, &out_params); EXPECT_EQ(message.size(), ciphertext.size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE).value().size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE)->get().size()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE).value()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE)->get()); string plaintext = DecryptMessage(ciphertext, params); EXPECT_EQ(message, plaintext); Loading Loading @@ -2697,9 +2700,9 @@ TEST_P(EncryptionOperationsTest, AesCallerNonceProhibited) { AuthorizationSet out_params; string ciphertext = EncryptMessage(message, params, &out_params); EXPECT_EQ(message.size(), ciphertext.size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE).value().size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE)->get().size()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE).value()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE)->get()); string plaintext = DecryptMessage(ciphertext, params); EXPECT_EQ(message, plaintext); Loading Loading @@ -2893,7 +2896,7 @@ TEST_P(EncryptionOperationsTest, AesGcmTooShortTagOnDecrypt) { AuthorizationSet begin_out_params; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params, &begin_out_params)); EXPECT_EQ(1U, begin_out_params.size()); ASSERT_TRUE(begin_out_params.GetTagValue(TAG_NONCE).isOk()); ASSERT_TRUE(begin_out_params.GetTagValue(TAG_NONCE)); AuthorizationSet finish_out_params; string ciphertext; Loading security/keymint/support/authorization_set.cpp +3 −2 Original line number Diff line number Diff line Loading @@ -106,10 +106,11 @@ bool AuthorizationSet::erase(int index) { return false; } NullOr<const KeyParameter&> AuthorizationSet::GetEntry(Tag tag) const { std::optional<std::reference_wrapper<const KeyParameter>> AuthorizationSet::GetEntry( Tag tag) const { int pos = find(tag); if (pos == -1) return {}; return data_[pos]; return std::reference_wrapper(data_[pos]); } AuthorizationSetBuilder& AuthorizationSetBuilder::RsaKey(uint32_t key_size, Loading security/keymint/support/include/keymint_support/authorization_set.h +4 −4 Original line number Diff line number Diff line Loading @@ -168,7 +168,7 @@ class AuthorizationSet { bool Contains(TypedTag<tag_type, tag> ttag, const ValueT& value) const { for (const auto& param : data_) { auto entry = authorizationValue(ttag, param); if (entry.isOk() && static_cast<ValueT>(entry.value()) == value) return true; if (entry && static_cast<ValueT>(*entry) == value) return true; } return false; } Loading @@ -178,9 +178,9 @@ class AuthorizationSet { size_t GetTagCount(Tag tag) const; template <typename T> inline NullOr<const typename TypedTag2ValueType<T>::type&> GetTagValue(T tag) const { inline auto GetTagValue(T tag) const -> decltype(authorizationValue(tag, KeyParameter())) { auto entry = GetEntry(tag); if (entry.isOk()) return authorizationValue(tag, entry.value()); if (entry) return authorizationValue(tag, *entry); return {}; } Loading Loading @@ -219,7 +219,7 @@ class AuthorizationSet { } private: NullOr<const KeyParameter&> GetEntry(Tag tag) const; std::optional<std::reference_wrapper<const KeyParameter>> GetEntry(Tag tag) const; std::vector<KeyParameter> data_; }; Loading security/keymint/support/include/keymint_support/key_param_output.h +1 −1 Original line number Diff line number Diff line Loading @@ -71,7 +71,7 @@ inline ::std::ostream& operator<<(::std::ostream& os, SecurityLevel value) { } template <typename ValueT> ::std::ostream& operator<<(::std::ostream& os, const NullOr<ValueT>& value) { ::std::ostream& operator<<(::std::ostream& os, const std::optional<ValueT>& value) { if (!value.isOk()) { os << "(value not present)"; } else { Loading Loading
security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp +2 −2 Original line number Diff line number Diff line Loading @@ -577,8 +577,8 @@ string KeyMintAidlTestBase::EncryptMessage(const string& message, BlockMode bloc string ciphertext = EncryptMessage(message, params, &out_params); EXPECT_EQ(1U, out_params.size()); auto ivVal = out_params.GetTagValue(TAG_NONCE); EXPECT_TRUE(ivVal.isOk()); if (ivVal.isOk()) *iv_out = ivVal.value(); EXPECT_TRUE(ivVal); if (ivVal) *iv_out = *ivVal; return ciphertext; } Loading
security/keymint/aidl/vts/functional/KeyMintTest.cpp +17 −14 Original line number Diff line number Diff line Loading @@ -80,7 +80,10 @@ namespace { template <TagType tag_type, Tag tag, typename ValueT> bool contains(vector<KeyParameter>& set, TypedTag<tag_type, tag> ttag, ValueT expected_value) { auto it = std::find_if(set.begin(), set.end(), [&](const KeyParameter& param) { return param.tag == tag && accessTagValue(ttag, param) == expected_value; if (auto p = authorizationValue(ttag, param)) { return *p == expected_value; } return false; }); return (it != set.end()); } Loading Loading @@ -251,10 +254,10 @@ class NewKeyGenerationTest : public KeyMintAidlTestBase { EXPECT_TRUE(auths.Contains(TAG_OS_VERSION, os_version())) << "OS version is " << os_version() << " key reported " << auths.GetTagValue(TAG_OS_VERSION); << auths.GetTagValue(TAG_OS_VERSION)->get(); EXPECT_TRUE(auths.Contains(TAG_OS_PATCHLEVEL, os_patch_level())) << "OS patch level is " << os_patch_level() << " key reported " << auths.GetTagValue(TAG_OS_PATCHLEVEL); << auths.GetTagValue(TAG_OS_PATCHLEVEL)->get(); } }; Loading Loading @@ -2333,8 +2336,8 @@ TEST_P(EncryptionOperationsTest, AesEcbPkcs7PaddingCorrupted) { vector<uint8_t> CopyIv(const AuthorizationSet& set) { auto iv = set.GetTagValue(TAG_NONCE); EXPECT_TRUE(iv.isOk()); return iv.value(); EXPECT_TRUE(iv); return iv->get(); } /* Loading Loading @@ -2459,13 +2462,13 @@ TEST_P(EncryptionOperationsTest, AesIncremental) { case BlockMode::CBC: case BlockMode::GCM: case BlockMode::CTR: ASSERT_TRUE(iv.isOk()) << "No IV for block mode " << block_mode; EXPECT_EQ(block_mode == BlockMode::GCM ? 12U : 16U, iv.value().size()); params.push_back(TAG_NONCE, iv.value()); ASSERT_TRUE(iv) << "No IV for block mode " << block_mode; EXPECT_EQ(block_mode == BlockMode::GCM ? 12U : 16U, iv->get().size()); params.push_back(TAG_NONCE, iv->get()); break; case BlockMode::ECB: EXPECT_FALSE(iv.isOk()) << "ECB mode should not generate IV"; EXPECT_FALSE(iv) << "ECB mode should not generate IV"; break; } Loading Loading @@ -2649,9 +2652,9 @@ TEST_P(EncryptionOperationsTest, AesCallerNonce) { AuthorizationSet out_params; string ciphertext = EncryptMessage(message, params, &out_params); EXPECT_EQ(message.size(), ciphertext.size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE).value().size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE)->get().size()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE).value()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE)->get()); string plaintext = DecryptMessage(ciphertext, params); EXPECT_EQ(message, plaintext); Loading Loading @@ -2697,9 +2700,9 @@ TEST_P(EncryptionOperationsTest, AesCallerNonceProhibited) { AuthorizationSet out_params; string ciphertext = EncryptMessage(message, params, &out_params); EXPECT_EQ(message.size(), ciphertext.size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE).value().size()); EXPECT_EQ(16U, out_params.GetTagValue(TAG_NONCE)->get().size()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE).value()); params.push_back(TAG_NONCE, out_params.GetTagValue(TAG_NONCE)->get()); string plaintext = DecryptMessage(ciphertext, params); EXPECT_EQ(message, plaintext); Loading Loading @@ -2893,7 +2896,7 @@ TEST_P(EncryptionOperationsTest, AesGcmTooShortTagOnDecrypt) { AuthorizationSet begin_out_params; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params, &begin_out_params)); EXPECT_EQ(1U, begin_out_params.size()); ASSERT_TRUE(begin_out_params.GetTagValue(TAG_NONCE).isOk()); ASSERT_TRUE(begin_out_params.GetTagValue(TAG_NONCE)); AuthorizationSet finish_out_params; string ciphertext; Loading
security/keymint/support/authorization_set.cpp +3 −2 Original line number Diff line number Diff line Loading @@ -106,10 +106,11 @@ bool AuthorizationSet::erase(int index) { return false; } NullOr<const KeyParameter&> AuthorizationSet::GetEntry(Tag tag) const { std::optional<std::reference_wrapper<const KeyParameter>> AuthorizationSet::GetEntry( Tag tag) const { int pos = find(tag); if (pos == -1) return {}; return data_[pos]; return std::reference_wrapper(data_[pos]); } AuthorizationSetBuilder& AuthorizationSetBuilder::RsaKey(uint32_t key_size, Loading
security/keymint/support/include/keymint_support/authorization_set.h +4 −4 Original line number Diff line number Diff line Loading @@ -168,7 +168,7 @@ class AuthorizationSet { bool Contains(TypedTag<tag_type, tag> ttag, const ValueT& value) const { for (const auto& param : data_) { auto entry = authorizationValue(ttag, param); if (entry.isOk() && static_cast<ValueT>(entry.value()) == value) return true; if (entry && static_cast<ValueT>(*entry) == value) return true; } return false; } Loading @@ -178,9 +178,9 @@ class AuthorizationSet { size_t GetTagCount(Tag tag) const; template <typename T> inline NullOr<const typename TypedTag2ValueType<T>::type&> GetTagValue(T tag) const { inline auto GetTagValue(T tag) const -> decltype(authorizationValue(tag, KeyParameter())) { auto entry = GetEntry(tag); if (entry.isOk()) return authorizationValue(tag, entry.value()); if (entry) return authorizationValue(tag, *entry); return {}; } Loading Loading @@ -219,7 +219,7 @@ class AuthorizationSet { } private: NullOr<const KeyParameter&> GetEntry(Tag tag) const; std::optional<std::reference_wrapper<const KeyParameter>> GetEntry(Tag tag) const; std::vector<KeyParameter> data_; }; Loading
security/keymint/support/include/keymint_support/key_param_output.h +1 −1 Original line number Diff line number Diff line Loading @@ -71,7 +71,7 @@ inline ::std::ostream& operator<<(::std::ostream& os, SecurityLevel value) { } template <typename ValueT> ::std::ostream& operator<<(::std::ostream& os, const NullOr<ValueT>& value) { ::std::ostream& operator<<(::std::ostream& os, const std::optional<ValueT>& value) { if (!value.isOk()) { os << "(value not present)"; } else { Loading
