From 66f842ceec0948a288b6ca5ea7b1dfc2640377ca Mon Sep 17 00:00:00 2001
From: Matthew Maurer <mmaurer@google.com>
Date: Mon, 13 May 2019 09:52:12 -0700
Subject: [PATCH] Allow INVALID_INPUT_LENGTH for oversized messages

In Keymaster 3, both INVALID_INPUT_LENGTH and INVALID_ARGUMENT were
acceptable for oversized messages. Keymaster 4 VTS requires that
INVALID_ARGUMENT be returned, but the spec has no such restriction. This
loosens VTS to allow either INVALID_INPUT_LENGTH or INVALID_ARGUMENT in
this case.

Bug: 129297054
Test: atest VtsHalKeymasterV4_0TargetTest Pixel 3, Trusty tests
---
 keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index d069d5dbff..d280092e60 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -2261,7 +2261,8 @@ TEST_F(EncryptionOperationsTest, RsaOaepTooLarge) {
               Begin(KeyPurpose::ENCRYPT,
                     AuthorizationSetBuilder().Padding(PaddingMode::RSA_OAEP).Digest(Digest::SHA_2_256)));
     string result;
-    EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, Finish(message, &result));
+    auto error = Finish(message, &result);
+    EXPECT_TRUE(error == ErrorCode::INVALID_INPUT_LENGTH || error == ErrorCode::INVALID_ARGUMENT);
     EXPECT_EQ(0U, result.size());
 }
 
@@ -2319,7 +2320,8 @@ TEST_F(EncryptionOperationsTest, RsaPkcs1TooLarge) {
     auto params = AuthorizationSetBuilder().Padding(PaddingMode::RSA_PKCS1_1_5_ENCRYPT);
     EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::ENCRYPT, params));
     string result;
-    EXPECT_EQ(ErrorCode::INVALID_ARGUMENT, Finish(message, &result));
+    auto error = Finish(message, &result);
+    EXPECT_TRUE(error == ErrorCode::INVALID_INPUT_LENGTH || error == ErrorCode::INVALID_ARGUMENT);
     EXPECT_EQ(0U, result.size());
 }