From fd1b38dc66de6a88899e08cd0f12c9fb96a48146 Mon Sep 17 00:00:00 2001 From: David Drysdale Date: Thu, 10 Jun 2021 14:33:25 +0100 Subject: [PATCH] VTS tests: check size of byte strings Bug: 181883620 Test: VtsAidlSecureClockTargetTest, VtsAidlSharedSecretTargetTest Change-Id: I9ea8687e0c9e89140bcddfefcc2a6177c99b2e4d --- .../vts/functional/SecureClockAidlTest.cpp | 4 + .../vts/functional/SharedSecretAidlTest.cpp | 81 +++++++++++++++++++ 2 files changed, 85 insertions(+) diff --git a/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp b/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp index 31f4854e8e..bf332d5428 100644 --- a/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp +++ b/security/secureclock/aidl/vts/functional/SecureClockAidlTest.cpp @@ -114,6 +114,7 @@ TEST_P(SecureClockAidlTest, TestCreation) { EXPECT_EQ(ErrorCode::OK, result1.error); EXPECT_EQ(1U, result1.token.challenge); EXPECT_GT(result1.token.timestamp.milliSeconds, 0U); + EXPECT_EQ(32U, result1.token.mac.size()); unsigned long time_to_sleep = 200; sleep_ms(time_to_sleep); @@ -123,6 +124,7 @@ TEST_P(SecureClockAidlTest, TestCreation) { EXPECT_EQ(ErrorCode::OK, result2.error); EXPECT_EQ(2U, result2.token.challenge); EXPECT_GT(result2.token.timestamp.milliSeconds, 0U); + EXPECT_EQ(32U, result2.token.mac.size()); auto host_time_delta = result2_time - result1_time; @@ -153,6 +155,7 @@ TEST_P(SecureClockAidlTest, MacChangesOnChangingTimestamp) { EXPECT_EQ(ErrorCode::OK, result1.error); EXPECT_EQ(0U, result1.token.challenge); EXPECT_GT(result1.token.timestamp.milliSeconds, 0U); + EXPECT_EQ(32U, result1.token.mac.size()); unsigned long time_to_sleep = 200; sleep_ms(time_to_sleep); @@ -162,6 +165,7 @@ TEST_P(SecureClockAidlTest, MacChangesOnChangingTimestamp) { EXPECT_EQ(ErrorCode::OK, result2.error); EXPECT_EQ(1U, result2.token.challenge); EXPECT_GT(result2.token.timestamp.milliSeconds, 0U); + EXPECT_EQ(32U, result2.token.mac.size()); auto host_time_delta = result2_time - result1_time; diff --git a/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp b/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp index 842612087f..919f882631 100644 --- a/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp +++ b/security/sharedsecret/aidl/vts/functional/SharedSecretAidlTest.cpp @@ -48,6 +48,9 @@ class SharedSecretAidlTest : public ::testing::Test { SharedSecretParameters params; auto error = GetReturnErrorCode(sharedSecret->getSharedSecretParameters(¶ms)); EXPECT_EQ(ErrorCode::OK, error); + EXPECT_TRUE(params.seed.size() == 0 || params.seed.size() == 32); + EXPECT_TRUE(params.nonce.size() == 32); + GetParamsResult result; result.tie() = std::tie(error, params); return result; @@ -234,6 +237,45 @@ TEST_F(SharedSecretAidlTest, ComputeSharedSecretCorruptNonce) { } } +TEST_F(SharedSecretAidlTest, ComputeSharedSecretShortNonce) { + auto sharedSecrets = allSharedSecrets(); + if (sharedSecrets.empty()) { + GTEST_SKIP() << "Skipping the test as no shared secret service is found."; + } + auto fixup_hmac = finally([&]() { computeAllSharedSecrets(getAllSharedSecretParameters()); }); + + auto params = getAllSharedSecretParameters(); + ASSERT_EQ(sharedSecrets.size(), params.size()) + << "One or more shared secret services failed to provide parameters."; + + // All should be well in the normal case + auto responses = computeAllSharedSecrets(params); + + ASSERT_GT(responses.size(), 0U); + vector correct_response = responses[0].sharing_check; + verifyResponses(correct_response, responses); + + // Pick a random param and shorten that nonce by one. + size_t param_to_tweak = rand() % params.size(); + auto& to_tweak = params[param_to_tweak].nonce; + ASSERT_TRUE(to_tweak.size() == 32); + to_tweak.resize(31); + + responses = computeAllSharedSecrets(params); + for (size_t i = 0; i < responses.size(); ++i) { + if (i == param_to_tweak) { + EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error) + << "Shared secret service that provided tweaked param should fail to compute " + "shared secret"; + } else { + EXPECT_EQ(ErrorCode::OK, responses[i].error) << "Others should succeed"; + EXPECT_NE(correct_response, responses[i].sharing_check) + << "Others should calculate a different shared secret, due to the tweaked " + "nonce."; + } + } +} + TEST_F(SharedSecretAidlTest, ComputeSharedSecretCorruptSeed) { auto sharedSecrets = allSharedSecrets(); if (sharedSecrets.empty()) { @@ -275,6 +317,45 @@ TEST_F(SharedSecretAidlTest, ComputeSharedSecretCorruptSeed) { } } } + +TEST_F(SharedSecretAidlTest, ComputeSharedSecretShortSeed) { + auto sharedSecrets = allSharedSecrets(); + if (sharedSecrets.empty()) { + GTEST_SKIP() << "Skipping the test as no shared secret service is found."; + } + auto fixup_hmac = finally([&]() { computeAllSharedSecrets(getAllSharedSecretParameters()); }); + auto params = getAllSharedSecretParameters(); + ASSERT_EQ(sharedSecrets.size(), params.size()) + << "One or more shared secret service failed to provide parameters."; + + // All should be well in the normal case + auto responses = computeAllSharedSecrets(params); + + ASSERT_GT(responses.size(), 0U); + vector correct_response = responses[0].sharing_check; + verifyResponses(correct_response, responses); + + // Pick a random param and modify the seed to be of (invalid) length 31. + auto param_to_tweak = rand() % params.size(); + auto& to_tweak = params[param_to_tweak].seed; + ASSERT_TRUE(to_tweak.size() == 32 || to_tweak.size() == 0); + to_tweak.resize(31); + + responses = computeAllSharedSecrets(params); + for (size_t i = 0; i < responses.size(); ++i) { + if (i == param_to_tweak) { + EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, responses[i].error) + << "Shared secret service that provided tweaked param should fail to compute " + "shared secret"; + } else { + EXPECT_EQ(ErrorCode::OK, responses[i].error) << "Others should succeed"; + EXPECT_NE(correct_response, responses[i].sharing_check) + << "Others should calculate a different shared secret, due to the tweaked " + "nonce."; + } + } +} + } // namespace aidl::android::hardware::security::sharedsecret::test int main(int argc, char** argv) {