firmware_Cr50U2fCommands: test truncated U2F_ATTEST data
This CL adds a test for the case when dataSize field in U2F_ATTEST
message points after the end of the message.
BUG=b:147020573
TEST=test_that <dut> firmware_Cr50U2fCommands
Cq-Depend: chromium:1984894
Change-Id: I06cd8f4f18dda43039337f36c2186c061d407eae
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/autotest/+/1986115
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
diff --git a/server/site_tests/firmware_Cr50U2fCommands/firmware_Cr50U2fCommands.py b/server/site_tests/firmware_Cr50U2fCommands/firmware_Cr50U2fCommands.py
index d43ea8d..7d17efd 100644
--- a/server/site_tests/firmware_Cr50U2fCommands/firmware_Cr50U2fCommands.py
+++ b/server/site_tests/firmware_Cr50U2fCommands/firmware_Cr50U2fCommands.py
@@ -49,6 +49,7 @@
# Response Codes
VENDOR_CMD_RESPONSE_SUCCESS = '00000000'
+VENDOR_CMD_RESPONSE_BOGUS_ARGS = '00000501'
VENDOR_CMD_RESPONSE_NOT_ALLOWED = '00000507'
VENDOR_CMD_RESPONSE_PASSWORD_REQUIRED = '0000050A'
@@ -207,12 +208,19 @@
format,
data,
expected_response=VENDOR_CMD_RESPONSE_SUCCESS,
- pad=False):
+ pad=False,
+ truncated=False):
assert_byte_length(user_secret, 32)
assert_byte_length(format, 1)
data_len_str = get_str_length_as_hex(data)
+ if truncated:
+ # Send 1 less byte of data than will be advertised in data_len field
+ assert pad == False
+ assert len(data) >= 2
+ data = data[:len(data) - 2]
+
if pad:
# Max data size is 256 bytes
data = data + '0' * (512 - len(data))
@@ -491,6 +499,19 @@
'ff' * U2F_ATTEST_REG_RESP_SIZE_BYTES,
VENDOR_CMD_RESPONSE_NOT_ALLOWED)
+ def __test_attest_truncated_data(self):
+ registration = self.__u2f_generate(APP_ID, USER_SECRET_1, '00')
+
+ register_resp = '00{}{}{}{}'.format(
+ APP_ID,
+ RANDOM_32, # challenge
+ registration['keyHandle'],
+ registration['pubKey'])
+
+ # Attempt to attest to valid data with invalid format.
+ self.__u2f_attest(USER_SECRET_1, U2F_ATTEST_FORMAT_REG_RESP, register_resp,
+ VENDOR_CMD_RESPONSE_BOGUS_ARGS, truncated=True)
+
def __test_attest_invalid_format(self):
registration = self.__u2f_generate(APP_ID, USER_SECRET_1, '00')
@@ -574,6 +595,7 @@
self.__test_attest_wrong_app_id()
self.__test_attest_wrong_pub_key()
self.__test_attest_garbage_data()
+ self.__test_attest_truncated_data()
self.__test_attest_invalid_format()
self.__test_attest_invalid_reserved_byte()