diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-07-27 23:15:08 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2023-07-27 23:15:08 +0000 |
commit | 6ae324a171e861d76a5824a62913134c9d770756 (patch) | |
tree | cec47ead12e435072cce20bebcaeddd793f07c43 | |
parent | 40168fca1c016c94464144841ab8476f89dd49b2 (diff) | |
parent | c3e87764ba8176d3eaec4dd7ab44ccc718f86cb5 (diff) | |
download | wycheproof-android14-d1-release.tar.gz |
Snap for 10573380 from c3e87764ba8176d3eaec4dd7ab44ccc718f86cb5 to udc-d1-releaseandroid-14.0.0_r9android-14.0.0_r8android-14.0.0_r7android-14.0.0_r6android-14.0.0_r5android-14.0.0_r4android-14.0.0_r3android-14.0.0_r12android-14.0.0_r11android-14.0.0_r10android14-d1-s7-releaseandroid14-d1-s6-releaseandroid14-d1-s5-releaseandroid14-d1-s4-releaseandroid14-d1-s3-releaseandroid14-d1-s2-releaseandroid14-d1-s1-releaseandroid14-d1-release
Change-Id: If0544dbf83a42c049f285e6eb9d3fa2371388bcb
4 files changed, 33 insertions, 3 deletions
diff --git a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java index 14020e0..001ab89 100644 --- a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java +++ b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java @@ -13,6 +13,7 @@ */ package android.keystore.cts.util; +import static org.junit.Assume.assumeTrue; import android.content.Context; import android.security.keystore.KeyProtection; import android.keystore.cts.util.TestUtils; @@ -53,6 +54,8 @@ public class KeyStoreUtil { public static final int KM_VERSION_KEYMASTER_4 = 40; public static final int KM_VERSION_KEYMASTER_4_1 = 41; public static final int KM_VERSION_KEYMINT_1 = 100; + public static final int KM_VERSION_KEYMINT_2 = 200; + public static final int KM_VERSION_KEYMINT_3 = 300; private static final List kmSupportedDigests = List.of("md5","sha-1","sha-224","sha-384", "sha-256","sha-512"); @@ -177,4 +180,9 @@ public class KeyStoreUtil { new ByteArrayInputStream(x509holder.getEncoded())); return x509c; } + + public static void assumeKeyMintV1OrNewer(boolean isStrongBox) { + assumeTrue("Test can only run on KeyMint v1 and above", + KeyStoreUtil.getFeatureVersionKeystore(isStrongBox) >= KM_VERSION_KEYMINT_1); + } } diff --git a/keystore-cts/java/com/google/security/wycheproof/testcases/MacTest.java b/keystore-cts/java/com/google/security/wycheproof/testcases/MacTest.java index 3a42761..81be1bd 100644 --- a/keystore-cts/java/com/google/security/wycheproof/testcases/MacTest.java +++ b/keystore-cts/java/com/google/security/wycheproof/testcases/MacTest.java @@ -332,6 +332,9 @@ public class MacTest { @Test public void testLongMacSha1() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); + testLongMac( "HMACSHA1", "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f", @@ -348,6 +351,8 @@ public class MacTest { @Test public void testLongMacSha256() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); testLongMacSha256(false); } @Test @@ -375,6 +380,9 @@ public class MacTest { @Test public void testLongMacSha384() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); + testLongMac( "HMACSHA384", "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" @@ -395,6 +403,9 @@ public class MacTest { @Test public void testLongMacSha512() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); + testLongMac( "HMACSHA512", "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f" diff --git a/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java b/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java index 29f8905..0a82423 100644 --- a/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java +++ b/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java @@ -196,10 +196,13 @@ public class RsaOaepTest { String sha = getString(group, "sha"); String mgf = getString(group, "mgf"); String mgfSha = getString(group, "mgfSha"); - // mgfDigest other than SHA-1 are supported from KeyMint V1 and above. + // mgfDigest other than SHA-1 are supported from KeyMint V1 and above but some implementations + // of keymint V1 and V2 (notably the C++ reference implementation) does not include MGF_DIGEST + // tag in key characteriestics hence issue b/287532460 introduced. So non-default MGF_DIGEST is + // tested on Keymint V3 and above. if (!mgfSha.equalsIgnoreCase("SHA-1")) { - assumeTrue("This test is valid for KeyMint version 1 and above.", - KeyStoreUtil.getFeatureVersionKeystore(isStrongBox) >= KeyStoreUtil.KM_VERSION_KEYMINT_1); + assumeTrue("This test is valid for KeyMint version 3 and above.", + KeyStoreUtil.getFeatureVersionKeystore(isStrongBox) >= KeyStoreUtil.KM_VERSION_KEYMINT_3); } PSource p = PSource.PSpecified.DEFAULT; if (test.has("label") && !TextUtils.isEmpty(getString(test, "label"))) { @@ -362,6 +365,8 @@ public class RsaOaepTest { @Test public void testRsaOaep2048Sha1Mgf1Sha1() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); testOaep("rsa_oaep_2048_sha1_mgf1sha1_test.json", false); } @@ -420,6 +425,8 @@ public class RsaOaepTest { @Test public void testRsaOaep3072Sha256Mgf1Sha1() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); testOaep("rsa_oaep_3072_sha256_mgf1sha1_test.json", false); } @@ -440,6 +447,8 @@ public class RsaOaepTest { @Test public void testRsaOaep4096Sha256Mgf1Sha1() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); testOaep("rsa_oaep_4096_sha256_mgf1sha1_test.json", false); } diff --git a/keystore-cts/java/com/google/security/wycheproof/testcases/RsaSignatureTest.java b/keystore-cts/java/com/google/security/wycheproof/testcases/RsaSignatureTest.java index d41bb98..de86dc5 100644 --- a/keystore-cts/java/com/google/security/wycheproof/testcases/RsaSignatureTest.java +++ b/keystore-cts/java/com/google/security/wycheproof/testcases/RsaSignatureTest.java @@ -1265,6 +1265,8 @@ public class RsaSignatureTest { */ @Test public void testFaultySigner() throws Exception { + // b/244609904#comment64 + KeyStoreUtil.assumeKeyMintV1OrNewer(false); testFaultySigner(false); } @Test |