diff options
author | Prashant Patil <patilprashant@google.com> | 2023-02-22 11:03:42 +0000 |
---|---|---|
committer | Prashant Patil <patilprashant@google.com> | 2023-03-21 15:43:49 +0000 |
commit | 51d61afa63c27bf47e4b0927b070ae115b4198f4 (patch) | |
tree | ce56f39d098bfd038773e3aeb900421814fba742 /keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java | |
parent | a24305c53ea214bf58cf1efff5eaab2f131855a5 (diff) | |
download | wycheproof-51d61afa63c27bf47e4b0927b070ae115b4198f4.tar.gz |
Keystore:Filter out unexpected RSA key parameters
Non expected KeySize and Digests are filtered from RsaOaepTest class.
Bug: 229182999
Bug: 267261867
Bug: 268354992
Test: atest CtsKeystoreWycheproofTestCases:com.google.security.wycheproof.RsaOaepTest
Change-Id: I5da4e51d25368d1207125e4076e1c131d52008e0
Diffstat (limited to 'keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java')
-rw-r--r-- | keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java | 27 |
1 files changed, 22 insertions, 5 deletions
diff --git a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java index d174cbf..ea5d91b 100644 --- a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java +++ b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java @@ -38,6 +38,7 @@ import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; import java.util.Date; import java.util.Enumeration; +import java.util.List; import javax.crypto.spec.SecretKeySpec; import javax.security.auth.x500.X500Principal; @@ -53,6 +54,9 @@ public class KeyStoreUtil { public static final int KM_VERSION_KEYMASTER_4_1 = 41; public static final int KM_VERSION_KEYMINT_1 = 100; + private static final List kmSupportedDigests = List.of("md5","sha-1","sha-224","sha-384", + "sha-256","sha-512"); + public static KeyStore saveKeysToKeystore(String alias, PublicKey pubKey, PrivateKey privKey, KeyProtection keyProtection) throws Exception { KeyPair keyPair = new KeyPair(pubKey, privKey); @@ -100,13 +104,26 @@ public class KeyStoreUtil { TestUtils.assumeStrongBox(); } - public static boolean isStrongBoxSupportDigest(String digest) { - return digest.equalsIgnoreCase("sha-1") - || digest.equalsIgnoreCase("sha-256"); + public static boolean isSupportedDigest(String digest, boolean isStrongBox) { + if (isStrongBox) { + return digest.equalsIgnoreCase("sha-256"); + } + return kmSupportedDigests.contains(digest.toLowerCase()); + } + + public static boolean isSupportedMgfDigest(String digest, boolean isStrongBox) { + if (isStrongBox) { + return digest.equalsIgnoreCase("sha-1") + || digest.equalsIgnoreCase("sha-256"); + } + return kmSupportedDigests.contains(digest.toLowerCase()); } - public static boolean isStrongBoxSupportKeySize(int keySize) { - return keySize == 2048; + public static boolean isSupportedRsaKeySize(int keySize, boolean isStrongBox) { + if (isStrongBox) { + return keySize == 2048; + } + return keySize == 2048 || keySize == 3072 || keySize == 4096; } public static X509Certificate createCertificate( |