Loading security/keymint/aidl/vts/functional/KeyMintTest.cpp +54 −14 Original line number Diff line number Diff line Loading @@ -71,6 +71,12 @@ namespace { bool check_patchLevels = false; // The maximum number of times we'll attempt to verify that corruption // of an ecrypted blob results in an error. Retries are necessary as there // is a small (roughly 1/256) chance that corrupting ciphertext still results // in valid PKCS7 padding. constexpr size_t kMaxPaddingCorruptionRetries = 8; template <TagType tag_type, Tag tag, typename ValueT> bool contains(const vector<KeyParameter>& set, TypedTag<tag_type, tag> ttag, ValueT expected_value) { Loading Loading @@ -4376,11 +4382,22 @@ TEST_P(EncryptionOperationsTest, AesEcbPkcs7PaddingCorrupted) { string ciphertext = EncryptMessage(message, params); EXPECT_EQ(16U, ciphertext.size()); EXPECT_NE(ciphertext, message); for (size_t i = 0; i < kMaxPaddingCorruptionRetries; ++i) { ++ciphertext[ciphertext.size() / 2]; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, params)); string plaintext; EXPECT_EQ(ErrorCode::INVALID_INPUT_LENGTH, Finish(message, &plaintext)); ErrorCode error = Finish(message, &plaintext); if (error == ErrorCode::INVALID_INPUT_LENGTH) { // This is the expected error, we can exit the test now. return; } else { // Very small chance we got valid decryption, so try again. ASSERT_EQ(error, ErrorCode::OK); } } FAIL() << "Corrupt ciphertext should have failed to decrypt by now."; } vector<uint8_t> CopyIv(const AuthorizationSet& set) { Loading Loading @@ -5343,15 +5360,27 @@ TEST_P(EncryptionOperationsTest, TripleDesEcbPkcs7PaddingCorrupted) { string ciphertext = EncryptMessage(message, BlockMode::ECB, PaddingMode::PKCS7); EXPECT_EQ(8U, ciphertext.size()); EXPECT_NE(ciphertext, message); ++ciphertext[ciphertext.size() / 2]; AuthorizationSetBuilder begin_params; begin_params.push_back(TAG_BLOCK_MODE, BlockMode::ECB); begin_params.push_back(TAG_PADDING, PaddingMode::PKCS7); for (size_t i = 0; i < kMaxPaddingCorruptionRetries; ++i) { ++ciphertext[ciphertext.size() / 2]; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, begin_params)); string plaintext; EXPECT_EQ(ErrorCode::OK, Update(ciphertext, &plaintext)); EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, Finish(&plaintext)); ErrorCode error = Finish(&plaintext); if (error == ErrorCode::INVALID_ARGUMENT) { // This is the expected error, we can exit the test now. return; } else { // Very small chance we got valid decryption, so try again. ASSERT_EQ(error, ErrorCode::OK); } } FAIL() << "Corrupt ciphertext should have failed to decrypt by now."; } struct TripleDesTestVector { Loading Loading @@ -5679,16 +5708,27 @@ TEST_P(EncryptionOperationsTest, TripleDesCbcPkcs7PaddingCorrupted) { string ciphertext = EncryptMessage(message, BlockMode::CBC, PaddingMode::PKCS7, &iv); EXPECT_EQ(8U, ciphertext.size()); EXPECT_NE(ciphertext, message); ++ciphertext[ciphertext.size() / 2]; auto begin_params = AuthorizationSetBuilder() .BlockMode(BlockMode::CBC) .Padding(PaddingMode::PKCS7) .Authorization(TAG_NONCE, iv); for (size_t i = 0; i < kMaxPaddingCorruptionRetries; ++i) { ++ciphertext[ciphertext.size() / 2]; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, begin_params)); string plaintext; EXPECT_EQ(ErrorCode::OK, Update(ciphertext, &plaintext)); EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, Finish(&plaintext)); ErrorCode error = Finish(&plaintext); if (error == ErrorCode::INVALID_ARGUMENT) { // This is the expected error, we can exit the test now. return; } else { // Very small chance we got valid decryption, so try again. ASSERT_EQ(error, ErrorCode::OK); } } FAIL() << "Corrupt ciphertext should have failed to decrypt by now."; } /* Loading Loading
security/keymint/aidl/vts/functional/KeyMintTest.cpp +54 −14 Original line number Diff line number Diff line Loading @@ -71,6 +71,12 @@ namespace { bool check_patchLevels = false; // The maximum number of times we'll attempt to verify that corruption // of an ecrypted blob results in an error. Retries are necessary as there // is a small (roughly 1/256) chance that corrupting ciphertext still results // in valid PKCS7 padding. constexpr size_t kMaxPaddingCorruptionRetries = 8; template <TagType tag_type, Tag tag, typename ValueT> bool contains(const vector<KeyParameter>& set, TypedTag<tag_type, tag> ttag, ValueT expected_value) { Loading Loading @@ -4376,11 +4382,22 @@ TEST_P(EncryptionOperationsTest, AesEcbPkcs7PaddingCorrupted) { string ciphertext = EncryptMessage(message, params); EXPECT_EQ(16U, ciphertext.size()); EXPECT_NE(ciphertext, message); for (size_t i = 0; i < kMaxPaddingCorruptionRetries; ++i) { ++ciphertext[ciphertext.size() / 2]; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, params)); string plaintext; EXPECT_EQ(ErrorCode::INVALID_INPUT_LENGTH, Finish(message, &plaintext)); ErrorCode error = Finish(message, &plaintext); if (error == ErrorCode::INVALID_INPUT_LENGTH) { // This is the expected error, we can exit the test now. return; } else { // Very small chance we got valid decryption, so try again. ASSERT_EQ(error, ErrorCode::OK); } } FAIL() << "Corrupt ciphertext should have failed to decrypt by now."; } vector<uint8_t> CopyIv(const AuthorizationSet& set) { Loading Loading @@ -5343,15 +5360,27 @@ TEST_P(EncryptionOperationsTest, TripleDesEcbPkcs7PaddingCorrupted) { string ciphertext = EncryptMessage(message, BlockMode::ECB, PaddingMode::PKCS7); EXPECT_EQ(8U, ciphertext.size()); EXPECT_NE(ciphertext, message); ++ciphertext[ciphertext.size() / 2]; AuthorizationSetBuilder begin_params; begin_params.push_back(TAG_BLOCK_MODE, BlockMode::ECB); begin_params.push_back(TAG_PADDING, PaddingMode::PKCS7); for (size_t i = 0; i < kMaxPaddingCorruptionRetries; ++i) { ++ciphertext[ciphertext.size() / 2]; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, begin_params)); string plaintext; EXPECT_EQ(ErrorCode::OK, Update(ciphertext, &plaintext)); EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, Finish(&plaintext)); ErrorCode error = Finish(&plaintext); if (error == ErrorCode::INVALID_ARGUMENT) { // This is the expected error, we can exit the test now. return; } else { // Very small chance we got valid decryption, so try again. ASSERT_EQ(error, ErrorCode::OK); } } FAIL() << "Corrupt ciphertext should have failed to decrypt by now."; } struct TripleDesTestVector { Loading Loading @@ -5679,16 +5708,27 @@ TEST_P(EncryptionOperationsTest, TripleDesCbcPkcs7PaddingCorrupted) { string ciphertext = EncryptMessage(message, BlockMode::CBC, PaddingMode::PKCS7, &iv); EXPECT_EQ(8U, ciphertext.size()); EXPECT_NE(ciphertext, message); ++ciphertext[ciphertext.size() / 2]; auto begin_params = AuthorizationSetBuilder() .BlockMode(BlockMode::CBC) .Padding(PaddingMode::PKCS7) .Authorization(TAG_NONCE, iv); for (size_t i = 0; i < kMaxPaddingCorruptionRetries; ++i) { ++ciphertext[ciphertext.size() / 2]; EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, begin_params)); string plaintext; EXPECT_EQ(ErrorCode::OK, Update(ciphertext, &plaintext)); EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, Finish(&plaintext)); ErrorCode error = Finish(&plaintext); if (error == ErrorCode::INVALID_ARGUMENT) { // This is the expected error, we can exit the test now. return; } else { // Very small chance we got valid decryption, so try again. ASSERT_EQ(error, ErrorCode::OK); } } FAIL() << "Corrupt ciphertext should have failed to decrypt by now."; } /* Loading
