Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 11:36:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "KeyMint VTS: test default MGF_DIGEST behaviour"

Browse Source
This commit is contained in:
David Drysdale
2022-07-07 07:00:24 +00:00
committed by Gerrit Code Review
parent fc29bf7e5c ae3727bf45
commit 5d88e95b36
2 changed files with 74 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp
View File

@@ -981,7 +981,7 @@ string KeyMintAidlTestBase::LocalRsaEncryptMessage(const string& message,
// Retrieve relevant tags.
Digest digest = Digest::NONE;
Digest mgf_digest = Digest::NONE;
Digest mgf_digest = Digest::SHA1;
PaddingMode padding = PaddingMode::NONE;
auto digest_tag = params.GetTagValue(TAG_DIGEST);

73
security/keymint/aidl/vts/functional/KeyMintTest.cpp
View File

@@ -5168,6 +5168,79 @@ TEST_P(EncryptionOperationsTest, RsaOaepWithMGFDigestSuccess) {
}
}
/*
* EncryptionOperationsTest.RsaOaepMGFDigestDefaultSuccess
*
* Verifies that RSA-OAEP decryption operations work when no MGF digest is
* specified, defaulting to SHA-1.
*/
TEST_P(EncryptionOperationsTest, RsaOaepMGFDigestDefaultSuccess) {
size_t key_size = 2048;
ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.RsaEncryptionKey(key_size, 65537)
.Padding(PaddingMode::RSA_OAEP)
.Digest(Digest::SHA_2_256)
.SetDefaultValidity()));
// Do local RSA encryption using the default MGF digest of SHA-1.
string message = "Hello";
auto params =
AuthorizationSetBuilder().Digest(Digest::SHA_2_256).Padding(PaddingMode::RSA_OAEP);
string ciphertext = LocalRsaEncryptMessage(message, params);
EXPECT_EQ(key_size / 8, ciphertext.size());
// Do KeyMint RSA decryption also using the default MGF digest of SHA-1.
string plaintext = DecryptMessage(ciphertext, params);
EXPECT_EQ(message, plaintext) << "RSA-OAEP failed with default digest";
// Decrypting corrupted ciphertext should fail.
size_t offset_to_corrupt = random() % ciphertext.size();
char corrupt_byte;
do {
corrupt_byte = static_cast<char>(random() % 256);
} while (corrupt_byte == ciphertext[offset_to_corrupt]);
ciphertext[offset_to_corrupt] = corrupt_byte;
EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, params));
string result;
EXPECT_EQ(ErrorCode::UNKNOWN_ERROR, Finish(ciphertext, &result));
EXPECT_EQ(0U, result.size());
}
/*
* EncryptionOperationsTest.RsaOaepMGFDigestDefaultFail
*
* Verifies that RSA-OAEP decryption operations fail when no MGF digest is
* specified on begin (thus defaulting to SHA-1), but the key characteristics
* has an explicit set of values for MGF_DIGEST that do not contain SHA-1.
*/
TEST_P(EncryptionOperationsTest, RsaOaepMGFDigestDefaultFail) {
size_t key_size = 2048;
ASSERT_EQ(ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder()
.Authorization(TAG_NO_AUTH_REQUIRED)
.Authorization(TAG_RSA_OAEP_MGF_DIGEST, Digest::SHA_2_256)
.RsaEncryptionKey(key_size, 65537)
.Padding(PaddingMode::RSA_OAEP)
.Digest(Digest::SHA_2_256)
.SetDefaultValidity()));
// Do local RSA encryption using the default MGF digest of SHA-1.
string message = "Hello";
auto params =
AuthorizationSetBuilder().Digest(Digest::SHA_2_256).Padding(PaddingMode::RSA_OAEP);
string ciphertext = LocalRsaEncryptMessage(message, params);
EXPECT_EQ(key_size / 8, ciphertext.size());
// begin() params do not include MGF_DIGEST, so a default of SHA1 is assumed.
// Key characteristics *do* include values for MGF_DIGEST, so the SHA1 value
// is checked against those values, and found absent.
auto result = Begin(KeyPurpose::DECRYPT, params);
EXPECT_TRUE(result == ErrorCode::UNSUPPORTED_MGF_DIGEST ||
result == ErrorCode::INCOMPATIBLE_MGF_DIGEST);
}
/*
* EncryptionOperationsTest.RsaOaepWithMGFIncompatibleDigest
*