diff options
author | nagendra modadugu <ngm@google.com> | 2018-05-15 21:57:54 -0700 |
---|---|---|
committer | nagendra modadugu <ngm@google.com> | 2018-05-16 14:07:26 -0700 |
commit | 805c8afb9529f93609988ece64c76d245f5b1f21 (patch) | |
tree | cf61af1f83615646eeec3a27cc613847c0630878 | |
parent | dfd6e4e13a9165e1efd161867834dac4fa300061 (diff) | |
download | system-test-harness-805c8afb9529f93609988ece64c76d245f5b1f21.tar.gz |
keymaster: remove support for p224, p384, p521
Bug: 37427639
Change-Id: Iaa2335caa0642b81e290d15651024d696ffbc849
-rw-r--r-- | src/blob.h | 8 | ||||
-rw-r--r-- | src/keymaster-import-key-tests.cc | 27 |
2 files changed, 15 insertions, 20 deletions
@@ -61,12 +61,12 @@ enum blob_alg { struct km_blob { struct { - uint32_t id; - /* TODO: salt etc. */ - } header __attribute__((packed)); - struct { uint32_t magic; uint32_t version; + uint32_t id; + uint32_t iv[4]; + } h __attribute__((packed)); + struct { /* TODO: is sw_enforced expected to be managed by h/w? */ struct blob_enforcements sw_enforced; struct blob_enforcements tee_enforced; diff --git a/src/keymaster-import-key-tests.cc b/src/keymaster-import-key-tests.cc index f26c454..ca3984f 100644 --- a/src/keymaster-import-key-tests.cc +++ b/src/keymaster-import-key-tests.cc @@ -291,9 +291,9 @@ TEST_F(ImportKeyTest, ECMisMatchedCurveIdTagFails) { param = params->add_params(); param->set_tag(Tag::EC_CURVE); - param->set_integer((uint32_t)EcCurve::P_224); + param->set_integer((uint32_t)EcCurve::P_256); - request.mutable_ec()->set_curve_id((uint32_t)EcCurve::P_256); + request.mutable_ec()->set_curve_id(((uint32_t)EcCurve::P_256) + 1); ASSERT_NO_ERROR(service->ImportKey(request, &response), ""); EXPECT_EQ((ErrorCode)response.error_code(), ErrorCode::INVALID_ARGUMENT); @@ -310,20 +310,18 @@ TEST_F(ImportKeyTest, ECMisMatchedKeySizeTagCurveTagFails) { param = params->add_params(); param->set_tag(Tag::EC_CURVE); - param->set_integer((uint32_t)EcCurve::P_224); + param->set_integer((uint32_t)EcCurve::P_256); param = params->add_params(); param->set_tag(Tag::KEY_SIZE); - param->set_integer((uint32_t)256); /* Should be 224 */ + param->set_integer((uint32_t)384); /* Should be 256 */ - request.mutable_ec()->set_curve_id((uint32_t)EcCurve::P_224); + request.mutable_ec()->set_curve_id((uint32_t)EcCurve::P_256); ASSERT_NO_ERROR(service->ImportKey(request, &response), ""); EXPECT_EQ((ErrorCode)response.error_code(), ErrorCode::INVALID_ARGUMENT); } -// TODO: tests for P224. - TEST_F(ImportKeyTest, ECMisMatchedP256KeySizeFails) { ImportKeyRequest request; ImportKeyResponse response; @@ -338,9 +336,9 @@ TEST_F(ImportKeyTest, ECMisMatchedP256KeySizeFails) { param->set_integer((uint32_t)EcCurve::P_256); request.mutable_ec()->set_curve_id((uint32_t)EcCurve::P_256); - request.mutable_ec()->set_d(string((224 >> 3) - 1, '\0')); - request.mutable_ec()->set_x(string((224 >> 3), '\0')); - request.mutable_ec()->set_y(string((224 >> 3), '\0')); + request.mutable_ec()->set_d(string((256 >> 3) - 1, '\0')); + request.mutable_ec()->set_x(string((256 >> 3), '\0')); + request.mutable_ec()->set_y(string((256 >> 3), '\0')); ASSERT_NO_ERROR(service->ImportKey(request, &response), ""); EXPECT_EQ((ErrorCode)response.error_code(), ErrorCode::INVALID_ARGUMENT); @@ -361,9 +359,9 @@ TEST_F(ImportKeyTest, ECP256BadKeyFails) { param->set_integer((uint32_t)EcCurve::P_256); request.mutable_ec()->set_curve_id((uint32_t)EcCurve::P_256); - request.mutable_ec()->set_d(string((224 >> 3), '\0')); - request.mutable_ec()->set_x(string((224 >> 3), '\0')); - request.mutable_ec()->set_y(string((224 >> 3), '\0')); + request.mutable_ec()->set_d(string((256 >> 3), '\0')); + request.mutable_ec()->set_x(string((256 >> 3), '\0')); + request.mutable_ec()->set_y(string((256 >> 3), '\0')); ASSERT_NO_ERROR(service->ImportKey(request, &response), ""); EXPECT_EQ((ErrorCode)response.error_code(), ErrorCode::INVALID_ARGUMENT); @@ -417,9 +415,6 @@ TEST_F (ImportKeyTest, ImportECP256KeySuccess) { EXPECT_EQ((ErrorCode)response.error_code(), ErrorCode::OK); } -// TODO: tests for P384, P521. - - // TODO: add tests for symmetric key import. } // namespace |