Merge "Add EncryptionOperationsTest.AesCbcZeroInputSuccess" (5adaa1e8) · Commits · e / os / android_hardware_interfaces

keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp

+43 −0

Original line number	Diff line number	Diff line
		@@ -3104,6 +3104,49 @@ TEST_P(EncryptionOperationsTest, AesCbcRoundTripSuccess) {
		EXPECT_EQ(message, plaintext);
		}

		/*
		* EncryptionOperationsTest.AesCbcZeroInputSuccessb
		*
		* Verifies that keymaster generates correct output on zero-input with
		* NonePadding mode
		*/
		TEST_P(EncryptionOperationsTest, AesCbcZeroInputSuccess) {
		ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.AesEncryptionKey(128)
		.BlockMode(BlockMode::CBC)
		.Padding(PaddingMode::NONE, PaddingMode::PKCS7)));

		// Zero input message
		string message = "";
		for (auto padding : {PaddingMode::NONE, PaddingMode::PKCS7}) {
		auto params = AuthorizationSetBuilder().BlockMode(BlockMode::CBC).Padding(padding);
		AuthorizationSet out_params;
		string ciphertext1 = EncryptMessage(message, params, &out_params);
		HidlBuf iv1 = CopyIv(out_params);
		if (padding == PaddingMode::NONE)
		EXPECT_EQ(message.size(), ciphertext1.size()) << "PaddingMode: " << padding;
		else
		EXPECT_EQ(message.size(), ciphertext1.size() - 16) << "PaddingMode: " << padding;

		out_params.Clear();

		string ciphertext2 = EncryptMessage(message, params, &out_params);
		HidlBuf iv2 = CopyIv(out_params);
		if (padding == PaddingMode::NONE)
		EXPECT_EQ(message.size(), ciphertext2.size()) << "PaddingMode: " << padding;
		else
		EXPECT_EQ(message.size(), ciphertext2.size() - 16) << "PaddingMode: " << padding;

		// IVs should be random
		EXPECT_NE(iv1, iv2) << "PaddingMode: " << padding;

		params.push_back(TAG_NONCE, iv1);
		string plaintext = DecryptMessage(ciphertext1, params);
		EXPECT_EQ(message, plaintext) << "PaddingMode: " << padding;
		}
		}

		/*
		* EncryptionOperationsTest.AesCallerNonce
		*

security/keymint/aidl/vts/functional/KeyMintTest.cpp

+43 −0

Original line number	Diff line number	Diff line
		@@ -5776,6 +5776,49 @@ TEST_P(EncryptionOperationsTest, AesCbcRoundTripSuccess) {
		EXPECT_EQ(message, plaintext);
		}

		/*
		* EncryptionOperationsTest.AesCbcZeroInputSuccessb
		*
		* Verifies that keymaster generates correct output on zero-input with
		* NonePadding mode
		*/
		TEST_P(EncryptionOperationsTest, AesCbcZeroInputSuccess) {
		ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.AesEncryptionKey(128)
		.BlockMode(BlockMode::CBC)
		.Padding(PaddingMode::NONE, PaddingMode::PKCS7)));

		// Zero input message
		string message = "";
		for (auto padding : {PaddingMode::NONE, PaddingMode::PKCS7}) {
		auto params = AuthorizationSetBuilder().BlockMode(BlockMode::CBC).Padding(padding);
		AuthorizationSet out_params;
		string ciphertext1 = EncryptMessage(message, params, &out_params);
		vector<uint8_t> iv1 = CopyIv(out_params);
		if (padding == PaddingMode::NONE)
		EXPECT_EQ(message.size(), ciphertext1.size()) << "PaddingMode: " << padding;
		else
		EXPECT_EQ(message.size(), ciphertext1.size() - 16) << "PaddingMode: " << padding;

		out_params.Clear();

		string ciphertext2 = EncryptMessage(message, params, &out_params);
		vector<uint8_t> iv2 = CopyIv(out_params);
		if (padding == PaddingMode::NONE)
		EXPECT_EQ(message.size(), ciphertext2.size()) << "PaddingMode: " << padding;
		else
		EXPECT_EQ(message.size(), ciphertext2.size() - 16) << "PaddingMode: " << padding;

		// IVs should be random
		EXPECT_NE(iv1, iv2) << "PaddingMode: " << padding;

		params.push_back(TAG_NONCE, iv1);
		string plaintext = DecryptMessage(ciphertext1, params);
		EXPECT_EQ(message, plaintext) << "PaddingMode: " << padding;
		}
		}

		/*
		* EncryptionOperationsTest.AesCallerNonce
		*