commit 6770635e8ba485102be7a629ba936d8f5cf3d3ab
author Shawn Willden <swillden@google.com> Tue Apr 28 00:43:19 2015 -0600
committer Shawn Willden <swillden@google.com> Wed Apr 29 23:11:54 2015 -0600
tree fc6dfc592bdc2c00188f9b1add6203e0cc785494
parent fea5412ca56afb5d6065ba3621b69eba30f8c44f

Diagnose erroneous caller nonce/IV.

Bug: 20127433
Change-Id: Ic8ec74daf4b732aea6a393fe5f0ed4abe9e6eef2

google_keymaster_test.cpp

diff --git a/google_keymaster_test.cpp b/google_keymaster_test.cpp
index da3c7fc..bc1e3db 100644
--- a/google_keymaster_test.cpp
+++ b/google_keymaster_test.cpp
@@ -1604,6 +1604,31 @@
     EXPECT_NE(message, plaintext);
 }
 
+TEST_F(EncryptionOperationsTest, AesCallerNonceProhibited) {
+    ASSERT_EQ(KM_ERROR_OK,
+              GenerateKey(AuthorizationSetBuilder().AesEncryptionKey(128).Authorization(
+                  TAG_BLOCK_MODE, KM_MODE_CBC)));
+
+    string message = "12345678901234567890123456789012";
+    string iv1;
+    // Don't specify nonce, should get a random one.
+    string ciphertext1 = EncryptMessage(message, &iv1);
+    EXPECT_EQ(message.size(), ciphertext1.size());
+    EXPECT_EQ(16U, iv1.size());
+
+    string plaintext = DecryptMessage(ciphertext1, iv1);
+    EXPECT_EQ(message, plaintext);
+
+    // Now specify a nonce, should fail.
+    AuthorizationSet input_params(client_params());
+    AuthorizationSet update_params;
+    AuthorizationSet output_params;
+    input_params.push_back(TAG_NONCE, "abcdefghijklmnop", 16);
+
+    EXPECT_EQ(KM_ERROR_CALLER_NONCE_PROHIBITED,
+              BeginOperation(KM_PURPOSE_ENCRYPT, input_params, &output_params));
+}
+
 TEST_F(EncryptionOperationsTest, AesCbcIncrementalNoPadding) {
     ASSERT_EQ(KM_ERROR_OK,
               GenerateKey(AuthorizationSetBuilder().AesEncryptionKey(128).Authorization(