Merge "vts: Correct the parameters on strongbox" am: 384c82dd14 am: 01409e422d (5dc26272) · Commits · e / os / android_hardware_interfaces

security/keymint/aidl/vts/functional/DeviceUniqueAttestationTest.cpp

+0 −2

Original line number	Diff line number	Diff line
		@@ -70,7 +70,6 @@ TEST_P(DeviceUniqueAttestationTest, RsaNonStrongBoxUnimplemented) {
		.Digest(Digest::SHA_2_256)
		.Padding(PaddingMode::RSA_PKCS1_1_5_SIGN)
		.Authorization(TAG_INCLUDE_UNIQUE_ID)
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.AttestationChallenge("challenge")
		.AttestationApplicationId("foo")
		.Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),
		@@ -124,7 +123,6 @@ TEST_P(DeviceUniqueAttestationTest, RsaDeviceUniqueAttestation) {
		.Digest(Digest::SHA_2_256)
		.Padding(PaddingMode::RSA_PKCS1_1_5_SIGN)
		.Authorization(TAG_INCLUDE_UNIQUE_ID)
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.AttestationChallenge("challenge")
		.AttestationApplicationId("foo")
		.Authorization(TAG_DEVICE_UNIQUE_ATTESTATION),

security/keymint/aidl/vts/functional/KeyMintTest.cpp

+13 −9

Original line number	Diff line number	Diff line
		@@ -634,9 +634,8 @@ TEST_P(NewKeyGenerationTest, AesInvalidPadding) {
		for (auto padding_mode : InvalidPaddingModes(Algorithm::AES, block_mode)) {
		SCOPED_TRACE(testing::Message()
		<< "AES-" << key_size << "-" << block_mode << "-" << padding_mode);
		vector<uint8_t> key_blob;
		vector<KeyCharacteristics> key_characteristics;
		auto builder = AuthorizationSetBuilder()
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.AesEncryptionKey(key_size)
		.BlockMode(block_mode)
		.Padding(padding_mode)
		@@ -645,11 +644,14 @@ TEST_P(NewKeyGenerationTest, AesInvalidPadding) {
		builder.Authorization(TAG_MIN_MAC_LENGTH, 128);
		}

		auto result = GenerateKey(builder, &key_blob, &key_characteristics);
		auto result = GenerateKey(builder);
		if (result == ErrorCode::OK) {
		// Key creation was OK but has generated a key that cannot be used.
		auto params =
		AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding_mode);
		if (block_mode == BlockMode::GCM) {
		params.Authorization(TAG_MAC_LENGTH, 128);
		}
		auto result = Begin(KeyPurpose::ENCRYPT, params);
		EXPECT_TRUE(result == ErrorCode::INCOMPATIBLE_PADDING_MODE \|\|
		result == ErrorCode::INVALID_KEY_BLOB);
		@@ -3261,13 +3263,14 @@ TEST_P(ImportKeyTest, AesFailure) {
		string key = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
		uint32_t bitlen = key.size() * 8;
		for (uint32_t key_size : {bitlen - 1, bitlen + 1, bitlen - 8, bitlen + 8}) {
		ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
		ImportKey(AuthorizationSetBuilder()
		auto result = ImportKey(AuthorizationSetBuilder()
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.AesEncryptionKey(key_size)
		.EcbMode()
		.Padding(PaddingMode::PKCS7),
		KeyFormat::RAW, key));
		KeyFormat::RAW, key);
		ASSERT_TRUE(result == ErrorCode::IMPORT_PARAMETER_MISMATCH \|\|
		result == ErrorCode::UNSUPPORTED_KEY_SIZE);
		}
		}

		@@ -3307,13 +3310,14 @@ TEST_P(ImportKeyTest, TripleDesFailure) {
		string key = hex2str("a49d7564199e97cb529d2c9d97bf2f98d35edf57ba1f7358");
		uint32_t bitlen = key.size() * 8;
		for (uint32_t key_size : {bitlen - 1, bitlen + 1, bitlen - 8, bitlen + 8}) {
		ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
		ImportKey(AuthorizationSetBuilder()
		auto result = ImportKey(AuthorizationSetBuilder()
		.Authorization(TAG_NO_AUTH_REQUIRED)
		.TripleDesEncryptionKey(key_size)
		.EcbMode()
		.Padding(PaddingMode::PKCS7),
		KeyFormat::RAW, key));
		KeyFormat::RAW, key);
		ASSERT_TRUE(result == ErrorCode::IMPORT_PARAMETER_MISMATCH \|\|
		result == ErrorCode::UNSUPPORTED_KEY_SIZE);
		}
		}