Enforce digest specifications. Bug: 20917242, 19509156 Change-Id: I5b3509bea78754192f0d5e2a76de24621fc43621

commit: 226746bfb5f79857145d5f3ebdfd6f49b6c114ac [log] [tgz]
author: Shawn Willden <swillden@google.com> Fri May 08 11:36:56 2015 -0600
committer: Shawn Willden <swillden@google.com> Sat May 09 06:56:14 2015 -0600
tree: 52684a877828ab0f77986953bd7edc171b79ad04
parent: 13e29e0e2a3377ec50b5168b4384d3912559bb63 [diff] [blame]
diff --git a/google_keymaster_test_utils.cpp b/google_keymaster_test_utils.cpp
index f63f130..289d6a7 100644
--- a/google_keymaster_test_utils.cpp
+++ b/google_keymaster_test_utils.cpp

@@ -297,12 +297,8 @@
     return device()->abort(device(), op_handle_);
 }
 
-string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
-                                      bool use_client_params) {
-    AuthorizationSet input_params;
-    if (use_client_params)
-        input_params.push_back(AuthorizationSet(client_params_, array_length(client_params_)));
-    EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, input_params, NULL /* output_params */));
+string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message) {
+    EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
 
     string result;
     size_t input_consumed;
@@ -327,11 +323,22 @@
 }
 
 string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
-                                      const string& signature, bool use_client_params) {
-    AuthorizationSet input_params;
-    if (use_client_params)
-        input_params.push_back(AuthorizationSet(client_params_, array_length(client_params_)));
-    EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, input_params, NULL /* output_params */));
+                                      const string& signature, const AuthorizationSet& begin_params,
+                                      const AuthorizationSet& update_params,
+                                      AuthorizationSet* output_params) {
+    EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, begin_params, output_params));
+
+    string result;
+    size_t input_consumed;
+    EXPECT_EQ(KM_ERROR_OK, UpdateOperation(update_params, message, &result, &input_consumed));
+    EXPECT_EQ(message.size(), input_consumed);
+    EXPECT_EQ(KM_ERROR_OK, FinishOperation(update_params, signature, &result));
+    return result;
+}
+
+string Keymaster1Test::ProcessMessage(keymaster_purpose_t purpose, const string& message,
+                                      const string& signature) {
+    EXPECT_EQ(KM_ERROR_OK, BeginOperation(purpose, client_params(), NULL /* output_params */));
 
     string result;
     size_t input_consumed;
@@ -341,16 +348,24 @@
     return result;
 }
 
-void Keymaster1Test::SignMessage(const string& message, string* signature, bool use_client_params) {
+void Keymaster1Test::SignMessage(const string& message, string* signature,
+                                 keymaster_digest_t digest) {
     SCOPED_TRACE("SignMessage");
-    *signature = ProcessMessage(KM_PURPOSE_SIGN, message, use_client_params);
+    AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
+    input_params.push_back(TAG_DIGEST, digest);
+    AuthorizationSet update_params;
+    AuthorizationSet output_params;
+    *signature =
+        ProcessMessage(KM_PURPOSE_SIGN, message, input_params, update_params, &output_params);
     EXPECT_GT(signature->size(), 0U);
 }
 
-void Keymaster1Test::MacMessage(const string& message, string* signature, size_t mac_length) {
+void Keymaster1Test::MacMessage(const string& message, string* signature, keymaster_digest_t digest,
+                                size_t mac_length) {
     SCOPED_TRACE("SignMessage");
     AuthorizationSet input_params(AuthorizationSet(client_params_, array_length(client_params_)));
     input_params.push_back(TAG_MAC_LENGTH, mac_length);
+    input_params.push_back(TAG_DIGEST, digest);
     AuthorizationSet update_params;
     AuthorizationSet output_params;
     *signature =
@@ -359,9 +374,14 @@
 }
 
 void Keymaster1Test::VerifyMessage(const string& message, const string& signature,
-                                   bool use_client_params) {
+                                   keymaster_digest_t digest) {
     SCOPED_TRACE("VerifyMessage");
-    ProcessMessage(KM_PURPOSE_VERIFY, message, signature, use_client_params);
+    AuthorizationSet input_params(client_params());
+    input_params.push_back(TAG_DIGEST, digest);
+    AuthorizationSet update_params;
+    AuthorizationSet output_params;
+    ProcessMessage(KM_PURPOSE_VERIFY, message, signature, input_params, update_params,
+                   &output_params);
 }
 
 string Keymaster1Test::EncryptMessage(const string& message, string* generated_nonce) {
@@ -447,7 +467,7 @@
               ImportKey(AuthorizationSetBuilder().HmacKey(key.size() * 8).Digest(digest),
                         KM_KEY_FORMAT_RAW, key));
     string signature;
-    MacMessage(message, &signature, expected_mac.size() * 8);
+    MacMessage(message, &signature, digest, expected_mac.size() * 8);
     EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest;
 }
commit	226746bfb5f79857145d5f3ebdfd6f49b6c114ac	[log] [tgz]
author	Shawn Willden <swillden@google.com>	Fri May 08 11:36:56 2015 -0600
committer	Shawn Willden <swillden@google.com>	Sat May 09 06:56:14 2015 -0600
tree	52684a877828ab0f77986953bd7edc171b79ad04
parent	13e29e0e2a3377ec50b5168b4384d3912559bb63 [diff] [blame]