From 2cdc273e8ffcb23ef5d766d145b27e6d9a23caa5 Mon Sep 17 00:00:00 2001
From: Max Bires <jbires@google.com>
Date: Thu, 7 Nov 2019 12:48:07 -0800
Subject: [PATCH] Removing invalid HMAC tests.

Per Keymaster 4.0 spec, TEE and StrongBox implementations are only
required to support HMAC keys between 64 and 512 bits in length.
StrongBox implementations additionally must not support anything larger
than 512 bits. The tests removed in this CL specified key sizes larger
than 512 bits.

Bug: 143404829
Test: m VtsHalKeymasterV4_0TargetTest && adb sync data && \
adb shell data/nativetest64/VtsHalKeymasterV4_0TargetTest/VtsHalKeymasterV4_0TargetTest

Change-Id: I96ee3a20b981c288d88366f536b9924f907268f3
---
 .../functional/keymaster_hidl_hal_test.cpp    | 83 -------------------
 1 file changed, 83 deletions(-)

diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index c5acf8cc53..a7cbb36bfc 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -1540,89 +1540,6 @@ TEST_F(SigningOperationsTest, HmacRfc4231TestCase5) {
     }
 }
 
-/*
- * SigningOperationsTest.HmacRfc4231TestCase6
- *
- * Validates against the test vectors from RFC 4231 test case 6.
- */
-TEST_F(SigningOperationsTest, HmacRfc4231TestCase6) {
-    string key(131, 0xaa);
-    string message = "Test Using Larger Than Block-Size Key - Hash Key First";
-
-    uint8_t sha_224_expected[] = {
-        0x95, 0xe9, 0xa0, 0xdb, 0x96, 0x20, 0x95, 0xad, 0xae, 0xbe, 0x9b, 0x2d, 0x6f, 0x0d,
-        0xbc, 0xe2, 0xd4, 0x99, 0xf1, 0x12, 0xf2, 0xd2, 0xb7, 0x27, 0x3f, 0xa6, 0x87, 0x0e,
-    };
-    uint8_t sha_256_expected[] = {
-        0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26,
-        0xaa, 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28,
-        0xc5, 0x14, 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54,
-    };
-    uint8_t sha_384_expected[] = {
-        0x4e, 0xce, 0x08, 0x44, 0x85, 0x81, 0x3e, 0x90, 0x88, 0xd2, 0xc6, 0x3a,
-        0x04, 0x1b, 0xc5, 0xb4, 0x4f, 0x9e, 0xf1, 0x01, 0x2a, 0x2b, 0x58, 0x8f,
-        0x3c, 0xd1, 0x1f, 0x05, 0x03, 0x3a, 0xc4, 0xc6, 0x0c, 0x2e, 0xf6, 0xab,
-        0x40, 0x30, 0xfe, 0x82, 0x96, 0x24, 0x8d, 0xf1, 0x63, 0xf4, 0x49, 0x52,
-    };
-    uint8_t sha_512_expected[] = {
-        0x80, 0xb2, 0x42, 0x63, 0xc7, 0xc1, 0xa3, 0xeb, 0xb7, 0x14, 0x93, 0xc1, 0xdd,
-        0x7b, 0xe8, 0xb4, 0x9b, 0x46, 0xd1, 0xf4, 0x1b, 0x4a, 0xee, 0xc1, 0x12, 0x1b,
-        0x01, 0x37, 0x83, 0xf8, 0xf3, 0x52, 0x6b, 0x56, 0xd0, 0x37, 0xe0, 0x5f, 0x25,
-        0x98, 0xbd, 0x0f, 0xd2, 0x21, 0x5d, 0x6a, 0x1e, 0x52, 0x95, 0xe6, 0x4f, 0x73,
-        0xf6, 0x3f, 0x0a, 0xec, 0x8b, 0x91, 0x5a, 0x98, 0x5d, 0x78, 0x65, 0x98,
-    };
-
-    CheckHmacTestVector(key, message, Digest::SHA_2_256, make_string(sha_256_expected));
-    if (SecLevel() != SecurityLevel::STRONGBOX) {
-        CheckHmacTestVector(key, message, Digest::SHA_2_224, make_string(sha_224_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_384, make_string(sha_384_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_512, make_string(sha_512_expected));
-    }
-}
-
-/*
- * SigningOperationsTest.HmacRfc4231TestCase7
- *
- * Validates against the test vectors from RFC 4231 test case 7.
- */
-TEST_F(SigningOperationsTest, HmacRfc4231TestCase7) {
-    string key(131, 0xaa);
-    string message =
-        "This is a test using a larger than block-size key and a larger than "
-        "block-size data. The key needs to be hashed before being used by the HMAC "
-        "algorithm.";
-
-    uint8_t sha_224_expected[] = {
-        0x3a, 0x85, 0x41, 0x66, 0xac, 0x5d, 0x9f, 0x02, 0x3f, 0x54, 0xd5, 0x17, 0xd0, 0xb3,
-        0x9d, 0xbd, 0x94, 0x67, 0x70, 0xdb, 0x9c, 0x2b, 0x95, 0xc9, 0xf6, 0xf5, 0x65, 0xd1,
-    };
-    uint8_t sha_256_expected[] = {
-        0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, 0x27, 0x63, 0x5f,
-        0xbc, 0xd5, 0xb0, 0xe9, 0x44, 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07,
-        0x13, 0x93, 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2,
-    };
-    uint8_t sha_384_expected[] = {
-        0x66, 0x17, 0x17, 0x8e, 0x94, 0x1f, 0x02, 0x0d, 0x35, 0x1e, 0x2f, 0x25,
-        0x4e, 0x8f, 0xd3, 0x2c, 0x60, 0x24, 0x20, 0xfe, 0xb0, 0xb8, 0xfb, 0x9a,
-        0xdc, 0xce, 0xbb, 0x82, 0x46, 0x1e, 0x99, 0xc5, 0xa6, 0x78, 0xcc, 0x31,
-        0xe7, 0x99, 0x17, 0x6d, 0x38, 0x60, 0xe6, 0x11, 0x0c, 0x46, 0x52, 0x3e,
-    };
-    uint8_t sha_512_expected[] = {
-        0xe3, 0x7b, 0x6a, 0x77, 0x5d, 0xc8, 0x7d, 0xba, 0xa4, 0xdf, 0xa9, 0xf9, 0x6e,
-        0x5e, 0x3f, 0xfd, 0xde, 0xbd, 0x71, 0xf8, 0x86, 0x72, 0x89, 0x86, 0x5d, 0xf5,
-        0xa3, 0x2d, 0x20, 0xcd, 0xc9, 0x44, 0xb6, 0x02, 0x2c, 0xac, 0x3c, 0x49, 0x82,
-        0xb1, 0x0d, 0x5e, 0xeb, 0x55, 0xc3, 0xe4, 0xde, 0x15, 0x13, 0x46, 0x76, 0xfb,
-        0x6d, 0xe0, 0x44, 0x60, 0x65, 0xc9, 0x74, 0x40, 0xfa, 0x8c, 0x6a, 0x58,
-    };
-
-    CheckHmacTestVector(key, message, Digest::SHA_2_256, make_string(sha_256_expected));
-    if (SecLevel() != SecurityLevel::STRONGBOX) {
-        CheckHmacTestVector(key, message, Digest::SHA_2_224, make_string(sha_224_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_384, make_string(sha_384_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_512, make_string(sha_512_expected));
-    }
-}
-
 typedef KeymasterHidlTest VerificationOperationsTest;
 
 /*