diff options
| author | Tommy Chiu <tommychiu@google.com> | 2021-05-03 22:01:46 +0800 |
|---|---|---|
| committer | Tommy Chiu <tommychiu@google.com> | 2021-05-04 23:09:56 +0800 |
| commit | 3950b45a448375b3c7b01f9f2b66f5cd88d66739 (patch) | |
| tree | 1e06717337974dee27bd9ecc5ecc6b574ff004e9 /security/keymint/aidl/vts/functional/KeyMintTest.cpp | |
| parent | 8b25958b758ab9b3c4e3fb9cd44665d784a35112 (diff) | |
vts: Correct the parameters on strongbox
If GenerateKey() with user-provide key_blob, it needs to be specified in
the following begin() operations as well. Update the test case just to
take key_blob from private member instead of creating a local one.
Note:
- Remove redudent TAG_NO_AUTH_REQUIRED in DeviceUniqueAttestationTest
Change-Id: I81860294e1e7e01a57e66e08e75507a8292ec0c3
Diffstat (limited to 'security/keymint/aidl/vts/functional/KeyMintTest.cpp')
| -rw-r--r-- | security/keymint/aidl/vts/functional/KeyMintTest.cpp | 22 |
1 files changed, 13 insertions, 9 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp index f9a99aaafa..19ee83c65b 100644 --- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -443,9 +443,8 @@ TEST_P(NewKeyGenerationTest, AesInvalidPadding) { for (auto padding_mode : InvalidPaddingModes(Algorithm::AES, block_mode)) { SCOPED_TRACE(testing::Message() << "AES-" << key_size << "-" << block_mode << "-" << padding_mode); - vector<uint8_t> key_blob; - vector<KeyCharacteristics> key_characteristics; auto builder = AuthorizationSetBuilder() + .Authorization(TAG_NO_AUTH_REQUIRED) .AesEncryptionKey(key_size) .BlockMode(block_mode) .Padding(padding_mode) @@ -454,11 +453,14 @@ TEST_P(NewKeyGenerationTest, AesInvalidPadding) { builder.Authorization(TAG_MIN_MAC_LENGTH, 128); } - auto result = GenerateKey(builder, &key_blob, &key_characteristics); + auto result = GenerateKey(builder); if (result == ErrorCode::OK) { // Key creation was OK but has generated a key that cannot be used. auto params = AuthorizationSetBuilder().BlockMode(block_mode).Padding(padding_mode); + if (block_mode == BlockMode::GCM) { + params.Authorization(TAG_MAC_LENGTH, 128); + } auto result = Begin(KeyPurpose::ENCRYPT, params); EXPECT_TRUE(result == ErrorCode::INCOMPATIBLE_PADDING_MODE || result == ErrorCode::INVALID_KEY_BLOB); @@ -2884,13 +2886,14 @@ TEST_P(ImportKeyTest, AesFailure) { string key = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; uint32_t bitlen = key.size() * 8; for (uint32_t key_size : {bitlen - 1, bitlen + 1, bitlen - 8, bitlen + 8}) { - ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE, - ImportKey(AuthorizationSetBuilder() + auto result = ImportKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .AesEncryptionKey(key_size) .EcbMode() .Padding(PaddingMode::PKCS7), - KeyFormat::RAW, key)); + KeyFormat::RAW, key); + ASSERT_TRUE(result == ErrorCode::IMPORT_PARAMETER_MISMATCH || + result == ErrorCode::UNSUPPORTED_KEY_SIZE); } } @@ -2930,13 +2933,14 @@ TEST_P(ImportKeyTest, TripleDesFailure) { string key = hex2str("a49d7564199e97cb529d2c9d97bf2f98d35edf57ba1f7358"); uint32_t bitlen = key.size() * 8; for (uint32_t key_size : {bitlen - 1, bitlen + 1, bitlen - 8, bitlen + 8}) { - ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE, - ImportKey(AuthorizationSetBuilder() + auto result = ImportKey(AuthorizationSetBuilder() .Authorization(TAG_NO_AUTH_REQUIRED) .TripleDesEncryptionKey(key_size) .EcbMode() .Padding(PaddingMode::PKCS7), - KeyFormat::RAW, key)); + KeyFormat::RAW, key); + ASSERT_TRUE(result == ErrorCode::IMPORT_PARAMETER_MISMATCH || + result == ErrorCode::UNSUPPORTED_KEY_SIZE); } } |