diff options
-rw-r--r-- | keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java | 2 | ||||
-rw-r--r-- | keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java | 9 |
2 files changed, 8 insertions, 3 deletions
diff --git a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java index 91ab070..001ab89 100644 --- a/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java +++ b/keystore-cts/java/android/keystore/cts/util/KeyStoreUtil.java @@ -54,6 +54,8 @@ public class KeyStoreUtil { public static final int KM_VERSION_KEYMASTER_4 = 40; public static final int KM_VERSION_KEYMASTER_4_1 = 41; public static final int KM_VERSION_KEYMINT_1 = 100; + public static final int KM_VERSION_KEYMINT_2 = 200; + public static final int KM_VERSION_KEYMINT_3 = 300; private static final List kmSupportedDigests = List.of("md5","sha-1","sha-224","sha-384", "sha-256","sha-512"); diff --git a/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java b/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java index 3782fc6..0a82423 100644 --- a/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java +++ b/keystore-cts/java/com/google/security/wycheproof/testcases/RsaOaepTest.java @@ -196,10 +196,13 @@ public class RsaOaepTest { String sha = getString(group, "sha"); String mgf = getString(group, "mgf"); String mgfSha = getString(group, "mgfSha"); - // mgfDigest other than SHA-1 are supported from KeyMint V1 and above. + // mgfDigest other than SHA-1 are supported from KeyMint V1 and above but some implementations + // of keymint V1 and V2 (notably the C++ reference implementation) does not include MGF_DIGEST + // tag in key characteriestics hence issue b/287532460 introduced. So non-default MGF_DIGEST is + // tested on Keymint V3 and above. if (!mgfSha.equalsIgnoreCase("SHA-1")) { - assumeTrue("This test is valid for KeyMint version 1 and above.", - KeyStoreUtil.getFeatureVersionKeystore(isStrongBox) >= KeyStoreUtil.KM_VERSION_KEYMINT_1); + assumeTrue("This test is valid for KeyMint version 3 and above.", + KeyStoreUtil.getFeatureVersionKeystore(isStrongBox) >= KeyStoreUtil.KM_VERSION_KEYMINT_3); } PSource p = PSource.PSpecified.DEFAULT; if (test.has("label") && !TextUtils.isEmpty(getString(test, "label"))) { |