Enforce padding parameter for AES. Bug: 20917242 Change-Id: If1c35792279a4b03731552ced86ae7755efc6fc8 (cherry picked from commit 5bc56cdf1e466da3c3ebfeb3f49f07094d11b376)

commit: c442467181d8a9427c83fea4f0a272c8a7b46043 [log] [tgz]
author: Shawn Willden <swillden@google.com> Mon May 11 11:56:02 2015 -0600
committer: Shawn Willden <swillden@google.com> Tue May 12 11:24:03 2015 +0000
tree: eaa669ffb5b303dc6c0d11a0e181150dad6822e1
parent: c3326552d973ce34f0f3138333a05a4a1865a699 [diff] [blame]
diff --git a/google_keymaster_test.cpp b/google_keymaster_test.cpp
index 4a409f4..eeda13c 100644
--- a/google_keymaster_test.cpp
+++ b/google_keymaster_test.cpp

@@ -1266,8 +1266,8 @@
     EXPECT_TRUE(contains(sw_enforced(), KM_TAG_CREATION_DATETIME));
 
     string message = "Hello World!";
-    string ciphertext = EncryptMessage(message, KM_MODE_ECB, KM_PAD_NONE);
-    string plaintext = DecryptMessage(ciphertext, KM_MODE_ECB, KM_PAD_NONE);
+    string ciphertext = EncryptMessage(message, KM_MODE_ECB, KM_PAD_PKCS7);
+    string plaintext = DecryptMessage(ciphertext, KM_MODE_ECB, KM_PAD_PKCS7);
     EXPECT_EQ(message, plaintext);
 }
 
@@ -1466,6 +1466,7 @@
 
     AuthorizationSet begin_params(client_params());
     begin_params.push_back(TAG_BLOCK_MODE, KM_MODE_ECB);
+    begin_params.push_back(TAG_PADDING, KM_PAD_NONE);
     EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_ENCRYPT, begin_params));
     string ciphertext;
     size_t input_consumed;
@@ -1504,6 +1505,7 @@
 
     AuthorizationSet begin_params(client_params());
     begin_params.push_back(TAG_BLOCK_MODE, KM_MODE_ECB);
+    begin_params.push_back(TAG_PADDING, KM_PAD_PKCS7);
     EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, begin_params));
     string plaintext;
     size_t input_consumed;
@@ -1546,6 +1548,7 @@
     string message(239, 'a');
     AuthorizationSet input_params(client_params());
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CTR);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
     AuthorizationSet output_params;
     EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_ENCRYPT, input_params, &output_params));
 
@@ -1561,6 +1564,7 @@
     input_params.Reinitialize(output_params);
     input_params.push_back(client_params());
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CTR);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
     output_params.Clear();
 
     EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, input_params, &output_params));
@@ -1628,6 +1632,7 @@
                                            .Authorization(TAG_PADDING, KM_PAD_PKCS7)));
     AuthorizationSet begin_params(client_params());
     begin_params.push_back(TAG_BLOCK_MODE, KM_MODE_CTR);
+    begin_params.push_back(TAG_PADDING, KM_PAD_NONE);
     EXPECT_EQ(KM_ERROR_INCOMPATIBLE_PADDING_MODE, BeginOperation(KM_PURPOSE_ENCRYPT, begin_params));
 }
 
@@ -1640,6 +1645,7 @@
 
     AuthorizationSet input_params(client_params());
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CTR);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
     input_params.push_back(TAG_NONCE, "123", 3);
     EXPECT_EQ(KM_ERROR_INVALID_NONCE, BeginOperation(KM_PURPOSE_ENCRYPT, input_params));
 }
@@ -1689,6 +1695,7 @@
     AuthorizationSet output_params;
     input_params.push_back(TAG_NONCE, "abcdefghijklmnop", 16);
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CBC);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
     string ciphertext2 =
         ProcessMessage(KM_PURPOSE_ENCRYPT, message, input_params, update_params, &output_params);
 
@@ -1700,6 +1707,7 @@
     // Now try with wrong nonce.
     input_params.Reinitialize(client_params());
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CBC);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
     input_params.push_back(TAG_NONCE, "aaaaaaaaaaaaaaaa", 16);
     plaintext = ProcessMessage(KM_PURPOSE_DECRYPT, ciphertext2, input_params, update_params,
                                &output_params);
@@ -1728,6 +1736,7 @@
     AuthorizationSet output_params;
     input_params.push_back(TAG_NONCE, "abcdefghijklmnop", 16);
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CBC);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
 
     EXPECT_EQ(KM_ERROR_CALLER_NONCE_PROHIBITED,
               BeginOperation(KM_PURPOSE_ENCRYPT, input_params, &output_params));
@@ -1743,6 +1752,7 @@
     string message(240, 'a');
     AuthorizationSet input_params(client_params());
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CBC);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
     AuthorizationSet output_params;
     EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_ENCRYPT, input_params, &output_params));
 
@@ -1758,6 +1768,7 @@
     input_params.Reinitialize(output_params);
     input_params.push_back(client_params());
     input_params.push_back(TAG_BLOCK_MODE, KM_MODE_CBC);
+    input_params.push_back(TAG_PADDING, KM_PAD_NONE);
     output_params.Clear();
 
     EXPECT_EQ(KM_ERROR_OK, BeginOperation(KM_PURPOSE_DECRYPT, input_params, &output_params));
commit	c442467181d8a9427c83fea4f0a272c8a7b46043	[log] [tgz]
author	Shawn Willden <swillden@google.com>	Mon May 11 11:56:02 2015 -0600
committer	Shawn Willden <swillden@google.com>	Tue May 12 11:24:03 2015 +0000
tree	eaa669ffb5b303dc6c0d11a0e181150dad6822e1
parent	c3326552d973ce34f0f3138333a05a4a1865a699 [diff] [blame]