Loading keymaster/4.0/vts/functional/KeymasterHidlTest.cpp +2 −0 Original line number Diff line number Diff line Loading @@ -651,6 +651,8 @@ std::vector<uint32_t> KeymasterHidlTest::InvalidKeySizes(Algorithm algorithm) { return {3072, 4096}; case Algorithm::EC: return {224, 384, 521}; case Algorithm::AES: return {192}; default: return {}; } Loading keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp +49 −45 Original line number Diff line number Diff line Loading @@ -773,7 +773,7 @@ TEST_F(SigningOperationsTest, NoUserConfirmation) { */ TEST_F(SigningOperationsTest, RsaPkcs1Sha256Success) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::SHA_2_256) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); Loading @@ -790,7 +790,7 @@ TEST_F(SigningOperationsTest, RsaPkcs1Sha256Success) { */ TEST_F(SigningOperationsTest, RsaPkcs1NoDigestSuccess) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); Loading @@ -808,11 +808,11 @@ TEST_F(SigningOperationsTest, RsaPkcs1NoDigestSuccess) { */ TEST_F(SigningOperationsTest, RsaPkcs1NoDigestTooLong) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); string message(129, 'a'); string message(257, 'a'); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder() Loading Loading @@ -855,12 +855,12 @@ TEST_F(SigningOperationsTest, RsaPssSha512TooSmallKey) { */ TEST_F(SigningOperationsTest, RsaNoPaddingTooLong) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); // One byte too long string message(1024 / 8 + 1, 'a'); string message(2048 / 8 + 1, 'a'); ASSERT_EQ(ErrorCode::OK, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder() .Digest(Digest::NONE) Loading Loading @@ -889,7 +889,7 @@ TEST_F(SigningOperationsTest, RsaNoPaddingTooLong) { */ TEST_F(SigningOperationsTest, RsaAbort) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::NONE))); Loading @@ -914,7 +914,7 @@ TEST_F(SigningOperationsTest, RsaAbort) { */ TEST_F(SigningOperationsTest, RsaUnsupportedPadding) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Authorization(TAG_NO_AUTH_REQUIRED) .Digest(Digest::SHA_2_256 /* supported digest */) .Padding(PaddingMode::PKCS7))); Loading @@ -931,7 +931,7 @@ TEST_F(SigningOperationsTest, RsaUnsupportedPadding) { */ TEST_F(SigningOperationsTest, RsaNoDigest) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Authorization(TAG_NO_AUTH_REQUIRED) .Digest(Digest::NONE) .Padding(PaddingMode::RSA_PSS))); Loading @@ -952,7 +952,7 @@ TEST_F(SigningOperationsTest, RsaNoDigest) { TEST_F(SigningOperationsTest, RsaNoPadding) { // Padding must be specified ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaKey(1024, 65537) .RsaKey(2048, 65537) .Authorization(TAG_NO_AUTH_REQUIRED) .SigningKey() .Digest(Digest::NONE))); Loading @@ -968,12 +968,12 @@ TEST_F(SigningOperationsTest, RsaNoPadding) { TEST_F(SigningOperationsTest, RsaTooShortMessage) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); // Barely shorter string message(1024 / 8 - 1, 'a'); string message(2048 / 8 - 1, 'a'); SignMessage(message, AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE)); // Much shorter Loading @@ -989,7 +989,7 @@ TEST_F(SigningOperationsTest, RsaTooShortMessage) { TEST_F(SigningOperationsTest, RsaSignWithEncryptionKey) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE, Loading @@ -1006,12 +1006,12 @@ TEST_F(SigningOperationsTest, RsaSignWithEncryptionKey) { TEST_F(SigningOperationsTest, RsaSignTooLargeMessage) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); // Largest possible message will always be larger than the public modulus. string message(1024 / 8, static_cast<char>(0xff)); string message(2048 / 8, static_cast<char>(0xff)); ASSERT_EQ(ErrorCode::OK, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .Digest(Digest::NONE) Loading Loading @@ -1328,7 +1328,7 @@ typedef KeymasterHidlTest VerificationOperationsTest; TEST_F(VerificationOperationsTest, RsaSuccess) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); string message = "12345678901234567890123456789012"; Loading Loading @@ -1567,7 +1567,7 @@ typedef KeymasterHidlTest ExportKeyTest; */ TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); HidlBuf export_data; Loading @@ -1583,7 +1583,7 @@ TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) { TEST_F(ExportKeyTest, RsaCorruptedKeyBlob) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); for (size_t i = 0; i < key_blob_.size(); ++i) { Loading Loading @@ -1975,16 +1975,16 @@ typedef KeymasterHidlTest EncryptionOperationsTest; TEST_F(EncryptionOperationsTest, RsaNoPaddingSuccess) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); string message = string(1024 / 8, 'a'); string message = string(2048 / 8, 'a'); auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE); string ciphertext1 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext1.size()); EXPECT_EQ(2048U / 8, ciphertext1.size()); string ciphertext2 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext2.size()); EXPECT_EQ(2048U / 8, ciphertext2.size()); // Unpadded RSA is deterministic EXPECT_EQ(ciphertext1, ciphertext2); Loading @@ -1998,16 +1998,16 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingSuccess) { TEST_F(EncryptionOperationsTest, RsaNoPaddingShortMessage) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); string message = "1"; auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE); string ciphertext = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext.size()); EXPECT_EQ(2048U / 8, ciphertext.size()); string expected_plaintext = string(1024 / 8 - 1, 0) + message; string expected_plaintext = string(2048U / 8 - 1, 0) + message; string plaintext = DecryptMessage(ciphertext, params); EXPECT_EQ(expected_plaintext, plaintext); Loading @@ -2015,8 +2015,8 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingShortMessage) { // Degenerate case, encrypting a numeric 1 yields 0x00..01 as the ciphertext. message = static_cast<char>(1); ciphertext = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext.size()); EXPECT_EQ(ciphertext, string(1024 / 8 - 1, 0) + message); EXPECT_EQ(2048U / 8, ciphertext.size()); EXPECT_EQ(ciphertext, string(2048U / 8 - 1, 0) + message); } /* Loading @@ -2027,10 +2027,10 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingShortMessage) { TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLong) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); string message(1024 / 8 + 1, 'a'); string message(2048 / 8 + 1, 'a'); auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params)); Loading @@ -2047,7 +2047,7 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLong) { TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLarge) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); HidlBuf exported; Loading @@ -2058,7 +2058,7 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLarge) { RSA_Ptr rsa(EVP_PKEY_get1_RSA(pkey.get())); size_t modulus_len = BN_num_bytes(rsa->n); ASSERT_EQ(1024U / 8, modulus_len); ASSERT_EQ(2048U / 8, modulus_len); std::unique_ptr<uint8_t[]> modulus_buf(new uint8_t[modulus_len]); BN_bn2bin(rsa->n, modulus_buf.get()); Loading @@ -2074,7 +2074,7 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLarge) { // One smaller than the modulus is okay. BN_sub(rsa->n, rsa->n, BN_value_one()); modulus_len = BN_num_bytes(rsa->n); ASSERT_EQ(1024U / 8, modulus_len); ASSERT_EQ(2048U / 8, modulus_len); BN_bn2bin(rsa->n, modulus_buf.get()); message = string(reinterpret_cast<const char*>(modulus_buf.get()), modulus_len); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params)); Loading Loading @@ -2140,7 +2140,7 @@ TEST_F(EncryptionOperationsTest, RsaOaepSuccess) { TEST_F(EncryptionOperationsTest, RsaOaepInvalidDigest) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_OAEP) .Digest(Digest::NONE))); string message = "Hello World!"; Loading Loading @@ -2186,12 +2186,12 @@ TEST_F(EncryptionOperationsTest, RsaOaepDecryptWithWrongDigest) { TEST_F(EncryptionOperationsTest, RsaOaepTooLarge) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_OAEP) .Digest(Digest::SHA_2_256))); constexpr size_t digest_size = 256 /* SHA_2_256 */ / 8; constexpr size_t oaep_overhead = 2 * digest_size + 2; string message(1024 / 8 - oaep_overhead + 1, 'a'); string message(2048 / 8 - oaep_overhead + 1, 'a'); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, AuthorizationSetBuilder().Padding(PaddingMode::RSA_OAEP).Digest(Digest::SHA_2_256))); Loading @@ -2208,16 +2208,16 @@ TEST_F(EncryptionOperationsTest, RsaOaepTooLarge) { TEST_F(EncryptionOperationsTest, RsaPkcs1Success) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT))); string message = "Hello World!"; auto params = AuthorizationSetBuilder().Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT); string ciphertext1 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext1.size()); EXPECT_EQ(2048U / 8, ciphertext1.size()); string ciphertext2 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext2.size()); EXPECT_EQ(2048U / 8, ciphertext2.size()); // PKCS1 v1.5 randomizes padding so every result should be different. EXPECT_NE(ciphertext1, ciphertext2); Loading Loading @@ -2247,9 +2247,9 @@ TEST_F(EncryptionOperationsTest, RsaPkcs1Success) { TEST_F(EncryptionOperationsTest, RsaPkcs1TooLarge) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT))); string message(1024 / 8 - 10, 'a'); string message(2048 / 8 - 10, 'a'); auto params = AuthorizationSetBuilder().Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params)); Loading Loading @@ -2632,9 +2632,13 @@ static const AesCtrSp80038aTestVector kAesCtrSp80038aTestVectors[] = { * Verifies AES CTR implementation against SP800-38A test vectors. */ TEST_F(EncryptionOperationsTest, AesCtrSp80038aTestVector) { std::vector<uint32_t> InvalidSizes = InvalidKeySizes(Algorithm::AES); for (size_t i = 0; i < 3; i++) { const AesCtrSp80038aTestVector& test(kAesCtrSp80038aTestVectors[i]); const string key = hex2str(test.key); if (std::find(InvalidSizes.begin(), InvalidSizes.end(), (key.size() * 8)) != InvalidSizes.end()) continue; const string nonce = hex2str(test.nonce); const string plaintext = hex2str(test.plaintext); const string ciphertext = hex2str(test.ciphertext); Loading Loading @@ -3827,7 +3831,7 @@ typedef KeymasterHidlTest AttestationTest; TEST_F(AttestationTest, RsaAttestation) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_INCLUDE_UNIQUE_ID))); Loading @@ -3854,7 +3858,7 @@ TEST_F(AttestationTest, RsaAttestation) { TEST_F(AttestationTest, RsaAttestationRequiresAppId) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_INCLUDE_UNIQUE_ID))); Loading Loading @@ -3965,7 +3969,7 @@ typedef KeymasterHidlTest KeyDeletionTest; */ TEST_F(KeyDeletionTest, DeleteKey) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_NO_AUTH_REQUIRED))); Loading Loading @@ -4009,7 +4013,7 @@ TEST_F(KeyDeletionTest, DeleteKey) { TEST_F(KeyDeletionTest, DeleteInvalidKey) { // Generate key just to check if rollback protection is implemented ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_NO_AUTH_REQUIRED))); Loading Loading @@ -4048,7 +4052,7 @@ TEST_F(KeyDeletionTest, DeleteInvalidKey) { TEST_F(KeyDeletionTest, DeleteAllKeys) { if (!arm_deleteAllKeys) return; ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_NO_AUTH_REQUIRED))); Loading Loading
keymaster/4.0/vts/functional/KeymasterHidlTest.cpp +2 −0 Original line number Diff line number Diff line Loading @@ -651,6 +651,8 @@ std::vector<uint32_t> KeymasterHidlTest::InvalidKeySizes(Algorithm algorithm) { return {3072, 4096}; case Algorithm::EC: return {224, 384, 521}; case Algorithm::AES: return {192}; default: return {}; } Loading
keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp +49 −45 Original line number Diff line number Diff line Loading @@ -773,7 +773,7 @@ TEST_F(SigningOperationsTest, NoUserConfirmation) { */ TEST_F(SigningOperationsTest, RsaPkcs1Sha256Success) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::SHA_2_256) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); Loading @@ -790,7 +790,7 @@ TEST_F(SigningOperationsTest, RsaPkcs1Sha256Success) { */ TEST_F(SigningOperationsTest, RsaPkcs1NoDigestSuccess) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); Loading @@ -808,11 +808,11 @@ TEST_F(SigningOperationsTest, RsaPkcs1NoDigestSuccess) { */ TEST_F(SigningOperationsTest, RsaPkcs1NoDigestTooLong) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); string message(129, 'a'); string message(257, 'a'); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder() Loading Loading @@ -855,12 +855,12 @@ TEST_F(SigningOperationsTest, RsaPssSha512TooSmallKey) { */ TEST_F(SigningOperationsTest, RsaNoPaddingTooLong) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::RSA_PKCS1_1_5_SIGN))); // One byte too long string message(1024 / 8 + 1, 'a'); string message(2048 / 8 + 1, 'a'); ASSERT_EQ(ErrorCode::OK, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder() .Digest(Digest::NONE) Loading Loading @@ -889,7 +889,7 @@ TEST_F(SigningOperationsTest, RsaNoPaddingTooLong) { */ TEST_F(SigningOperationsTest, RsaAbort) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Authorization(TAG_NO_AUTH_REQUIRED) .Padding(PaddingMode::NONE))); Loading @@ -914,7 +914,7 @@ TEST_F(SigningOperationsTest, RsaAbort) { */ TEST_F(SigningOperationsTest, RsaUnsupportedPadding) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Authorization(TAG_NO_AUTH_REQUIRED) .Digest(Digest::SHA_2_256 /* supported digest */) .Padding(PaddingMode::PKCS7))); Loading @@ -931,7 +931,7 @@ TEST_F(SigningOperationsTest, RsaUnsupportedPadding) { */ TEST_F(SigningOperationsTest, RsaNoDigest) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Authorization(TAG_NO_AUTH_REQUIRED) .Digest(Digest::NONE) .Padding(PaddingMode::RSA_PSS))); Loading @@ -952,7 +952,7 @@ TEST_F(SigningOperationsTest, RsaNoDigest) { TEST_F(SigningOperationsTest, RsaNoPadding) { // Padding must be specified ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaKey(1024, 65537) .RsaKey(2048, 65537) .Authorization(TAG_NO_AUTH_REQUIRED) .SigningKey() .Digest(Digest::NONE))); Loading @@ -968,12 +968,12 @@ TEST_F(SigningOperationsTest, RsaNoPadding) { TEST_F(SigningOperationsTest, RsaTooShortMessage) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); // Barely shorter string message(1024 / 8 - 1, 'a'); string message(2048 / 8 - 1, 'a'); SignMessage(message, AuthorizationSetBuilder().Digest(Digest::NONE).Padding(PaddingMode::NONE)); // Much shorter Loading @@ -989,7 +989,7 @@ TEST_F(SigningOperationsTest, RsaTooShortMessage) { TEST_F(SigningOperationsTest, RsaSignWithEncryptionKey) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE, Loading @@ -1006,12 +1006,12 @@ TEST_F(SigningOperationsTest, RsaSignWithEncryptionKey) { TEST_F(SigningOperationsTest, RsaSignTooLargeMessage) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); // Largest possible message will always be larger than the public modulus. string message(1024 / 8, static_cast<char>(0xff)); string message(2048 / 8, static_cast<char>(0xff)); ASSERT_EQ(ErrorCode::OK, Begin(KeyPurpose::SIGN, AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .Digest(Digest::NONE) Loading Loading @@ -1328,7 +1328,7 @@ typedef KeymasterHidlTest VerificationOperationsTest; TEST_F(VerificationOperationsTest, RsaSuccess) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); string message = "12345678901234567890123456789012"; Loading Loading @@ -1567,7 +1567,7 @@ typedef KeymasterHidlTest ExportKeyTest; */ TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); HidlBuf export_data; Loading @@ -1583,7 +1583,7 @@ TEST_F(ExportKeyTest, RsaUnsupportedKeyFormat) { TEST_F(ExportKeyTest, RsaCorruptedKeyBlob) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE))); for (size_t i = 0; i < key_blob_.size(); ++i) { Loading Loading @@ -1975,16 +1975,16 @@ typedef KeymasterHidlTest EncryptionOperationsTest; TEST_F(EncryptionOperationsTest, RsaNoPaddingSuccess) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); string message = string(1024 / 8, 'a'); string message = string(2048 / 8, 'a'); auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE); string ciphertext1 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext1.size()); EXPECT_EQ(2048U / 8, ciphertext1.size()); string ciphertext2 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext2.size()); EXPECT_EQ(2048U / 8, ciphertext2.size()); // Unpadded RSA is deterministic EXPECT_EQ(ciphertext1, ciphertext2); Loading @@ -1998,16 +1998,16 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingSuccess) { TEST_F(EncryptionOperationsTest, RsaNoPaddingShortMessage) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); string message = "1"; auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE); string ciphertext = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext.size()); EXPECT_EQ(2048U / 8, ciphertext.size()); string expected_plaintext = string(1024 / 8 - 1, 0) + message; string expected_plaintext = string(2048U / 8 - 1, 0) + message; string plaintext = DecryptMessage(ciphertext, params); EXPECT_EQ(expected_plaintext, plaintext); Loading @@ -2015,8 +2015,8 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingShortMessage) { // Degenerate case, encrypting a numeric 1 yields 0x00..01 as the ciphertext. message = static_cast<char>(1); ciphertext = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext.size()); EXPECT_EQ(ciphertext, string(1024 / 8 - 1, 0) + message); EXPECT_EQ(2048U / 8, ciphertext.size()); EXPECT_EQ(ciphertext, string(2048U / 8 - 1, 0) + message); } /* Loading @@ -2027,10 +2027,10 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingShortMessage) { TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLong) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); string message(1024 / 8 + 1, 'a'); string message(2048 / 8 + 1, 'a'); auto params = AuthorizationSetBuilder().Padding(PaddingMode::NONE); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params)); Loading @@ -2047,7 +2047,7 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLong) { TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLarge) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::NONE))); HidlBuf exported; Loading @@ -2058,7 +2058,7 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLarge) { RSA_Ptr rsa(EVP_PKEY_get1_RSA(pkey.get())); size_t modulus_len = BN_num_bytes(rsa->n); ASSERT_EQ(1024U / 8, modulus_len); ASSERT_EQ(2048U / 8, modulus_len); std::unique_ptr<uint8_t[]> modulus_buf(new uint8_t[modulus_len]); BN_bn2bin(rsa->n, modulus_buf.get()); Loading @@ -2074,7 +2074,7 @@ TEST_F(EncryptionOperationsTest, RsaNoPaddingTooLarge) { // One smaller than the modulus is okay. BN_sub(rsa->n, rsa->n, BN_value_one()); modulus_len = BN_num_bytes(rsa->n); ASSERT_EQ(1024U / 8, modulus_len); ASSERT_EQ(2048U / 8, modulus_len); BN_bn2bin(rsa->n, modulus_buf.get()); message = string(reinterpret_cast<const char*>(modulus_buf.get()), modulus_len); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params)); Loading Loading @@ -2140,7 +2140,7 @@ TEST_F(EncryptionOperationsTest, RsaOaepSuccess) { TEST_F(EncryptionOperationsTest, RsaOaepInvalidDigest) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_OAEP) .Digest(Digest::NONE))); string message = "Hello World!"; Loading Loading @@ -2186,12 +2186,12 @@ TEST_F(EncryptionOperationsTest, RsaOaepDecryptWithWrongDigest) { TEST_F(EncryptionOperationsTest, RsaOaepTooLarge) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_OAEP) .Digest(Digest::SHA_2_256))); constexpr size_t digest_size = 256 /* SHA_2_256 */ / 8; constexpr size_t oaep_overhead = 2 * digest_size + 2; string message(1024 / 8 - oaep_overhead + 1, 'a'); string message(2048 / 8 - oaep_overhead + 1, 'a'); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, AuthorizationSetBuilder().Padding(PaddingMode::RSA_OAEP).Digest(Digest::SHA_2_256))); Loading @@ -2208,16 +2208,16 @@ TEST_F(EncryptionOperationsTest, RsaOaepTooLarge) { TEST_F(EncryptionOperationsTest, RsaPkcs1Success) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT))); string message = "Hello World!"; auto params = AuthorizationSetBuilder().Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT); string ciphertext1 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext1.size()); EXPECT_EQ(2048U / 8, ciphertext1.size()); string ciphertext2 = EncryptMessage(message, params); EXPECT_EQ(1024U / 8, ciphertext2.size()); EXPECT_EQ(2048U / 8, ciphertext2.size()); // PKCS1 v1.5 randomizes padding so every result should be different. EXPECT_NE(ciphertext1, ciphertext2); Loading Loading @@ -2247,9 +2247,9 @@ TEST_F(EncryptionOperationsTest, RsaPkcs1Success) { TEST_F(EncryptionOperationsTest, RsaPkcs1TooLarge) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaEncryptionKey(1024, 65537) .RsaEncryptionKey(2048, 65537) .Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT))); string message(1024 / 8 - 10, 'a'); string message(2048 / 8 - 10, 'a'); auto params = AuthorizationSetBuilder().Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT); EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params)); Loading Loading @@ -2632,9 +2632,13 @@ static const AesCtrSp80038aTestVector kAesCtrSp80038aTestVectors[] = { * Verifies AES CTR implementation against SP800-38A test vectors. */ TEST_F(EncryptionOperationsTest, AesCtrSp80038aTestVector) { std::vector<uint32_t> InvalidSizes = InvalidKeySizes(Algorithm::AES); for (size_t i = 0; i < 3; i++) { const AesCtrSp80038aTestVector& test(kAesCtrSp80038aTestVectors[i]); const string key = hex2str(test.key); if (std::find(InvalidSizes.begin(), InvalidSizes.end(), (key.size() * 8)) != InvalidSizes.end()) continue; const string nonce = hex2str(test.nonce); const string plaintext = hex2str(test.plaintext); const string ciphertext = hex2str(test.ciphertext); Loading Loading @@ -3827,7 +3831,7 @@ typedef KeymasterHidlTest AttestationTest; TEST_F(AttestationTest, RsaAttestation) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_INCLUDE_UNIQUE_ID))); Loading @@ -3854,7 +3858,7 @@ TEST_F(AttestationTest, RsaAttestation) { TEST_F(AttestationTest, RsaAttestationRequiresAppId) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_INCLUDE_UNIQUE_ID))); Loading Loading @@ -3965,7 +3969,7 @@ typedef KeymasterHidlTest KeyDeletionTest; */ TEST_F(KeyDeletionTest, DeleteKey) { ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_NO_AUTH_REQUIRED))); Loading Loading @@ -4009,7 +4013,7 @@ TEST_F(KeyDeletionTest, DeleteKey) { TEST_F(KeyDeletionTest, DeleteInvalidKey) { // Generate key just to check if rollback protection is implemented ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_NO_AUTH_REQUIRED))); Loading Loading @@ -4048,7 +4052,7 @@ TEST_F(KeyDeletionTest, DeleteInvalidKey) { TEST_F(KeyDeletionTest, DeleteAllKeys) { if (!arm_deleteAllKeys) return; ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(1024, 65537) .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_NO_AUTH_REQUIRED))); Loading
