Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 60f8d4d5 authored by Prashant Patil's avatar Prashant Patil
Browse files

KeyMint: Test Ecdsa key generation without curve 

Added new VTS EcdsaMissingCurve to test if EC_CURVE not specified while
generating new EC Key, keyGeneration should fail.

Bug: 225135360
Test: run vts -m VtsAidlKeyMintTargetTest
Change-Id: I32bbba05ed5203690292f7150d14f9644c4be6df
parent 96bfaeb6

security/keymint/aidl/vts/functional/KeyMintTest.cpp

+23 −0
Original line number Diff line number Diff line
@@ -2442,6 +2442,29 @@ TEST_P(NewKeyGenerationTest, EcdsaInvalidCurve) { 
                                  .SetDefaultValidity()));

}



/*

 * NewKeyGenerationTest.EcdsaMissingCurve

 *

 * Verifies that EC key generation fails if EC_CURVE not specified after KeyMint V2.

 */

TEST_P(NewKeyGenerationTest, EcdsaMissingCurve) {

    if (AidlVersion() < 2) {

        /*

         * The KeyMint V1 spec required that EC_CURVE be specified for EC keys.

         * However, this was not checked at the time so we can only be strict about checking this

         * for implementations of KeyMint version 2 and above.

         */

        GTEST_SKIP() << "Requiring EC_CURVE only strict since KeyMint v2";

    }

    /* If EC_CURVE not provided, generateKey

     * must return ErrorCode::UNSUPPORTED_KEY_SIZE or ErrorCode::UNSUPPORTED_EC_CURVE.

     */

    auto result = GenerateKey(

            AuthorizationSetBuilder().EcdsaKey(256).Digest(Digest::NONE).SetDefaultValidity());

    ASSERT_TRUE(result == ErrorCode::UNSUPPORTED_KEY_SIZE ||

                result == ErrorCode::UNSUPPORTED_EC_CURVE);

}



/*

 * NewKeyGenerationTest.EcdsaMismatchKeySize

 *