commit 2cdc273e8ffcb23ef5d766d145b27e6d9a23caa5
author Max Bires <jbires@google.com> Thu Nov 07 12:48:07 2019 -0800
committer Max Bires <jbires@google.com> Thu Nov 07 12:48:07 2019 -0800
tree 4528f8ed2f5f688bb1349e2720247a686800217d
parent f581c60f088350ee5fd65af24e8422f24b830aeb

Removing invalid HMAC tests.

Per Keymaster 4.0 spec, TEE and StrongBox implementations are only
required to support HMAC keys between 64 and 512 bits in length.
StrongBox implementations additionally must not support anything larger
than 512 bits. The tests removed in this CL specified key sizes larger
than 512 bits.

Bug: 143404829
Test: m VtsHalKeymasterV4_0TargetTest && adb sync data && \
adb shell data/nativetest64/VtsHalKeymasterV4_0TargetTest/VtsHalKeymasterV4_0TargetTest

Change-Id: I96ee3a20b981c288d88366f536b9924f907268f3

keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp

diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index c5acf8c..a7cbb36 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -1540,89 +1540,6 @@
     }
 }
 
-/*
- * SigningOperationsTest.HmacRfc4231TestCase6
- *
- * Validates against the test vectors from RFC 4231 test case 6.
- */
-TEST_F(SigningOperationsTest, HmacRfc4231TestCase6) {
-    string key(131, 0xaa);
-    string message = "Test Using Larger Than Block-Size Key - Hash Key First";
-
-    uint8_t sha_224_expected[] = {
-        0x95, 0xe9, 0xa0, 0xdb, 0x96, 0x20, 0x95, 0xad, 0xae, 0xbe, 0x9b, 0x2d, 0x6f, 0x0d,
-        0xbc, 0xe2, 0xd4, 0x99, 0xf1, 0x12, 0xf2, 0xd2, 0xb7, 0x27, 0x3f, 0xa6, 0x87, 0x0e,
-    };
-    uint8_t sha_256_expected[] = {
-        0x60, 0xe4, 0x31, 0x59, 0x1e, 0xe0, 0xb6, 0x7f, 0x0d, 0x8a, 0x26,
-        0xaa, 0xcb, 0xf5, 0xb7, 0x7f, 0x8e, 0x0b, 0xc6, 0x21, 0x37, 0x28,
-        0xc5, 0x14, 0x05, 0x46, 0x04, 0x0f, 0x0e, 0xe3, 0x7f, 0x54,
-    };
-    uint8_t sha_384_expected[] = {
-        0x4e, 0xce, 0x08, 0x44, 0x85, 0x81, 0x3e, 0x90, 0x88, 0xd2, 0xc6, 0x3a,
-        0x04, 0x1b, 0xc5, 0xb4, 0x4f, 0x9e, 0xf1, 0x01, 0x2a, 0x2b, 0x58, 0x8f,
-        0x3c, 0xd1, 0x1f, 0x05, 0x03, 0x3a, 0xc4, 0xc6, 0x0c, 0x2e, 0xf6, 0xab,
-        0x40, 0x30, 0xfe, 0x82, 0x96, 0x24, 0x8d, 0xf1, 0x63, 0xf4, 0x49, 0x52,
-    };
-    uint8_t sha_512_expected[] = {
-        0x80, 0xb2, 0x42, 0x63, 0xc7, 0xc1, 0xa3, 0xeb, 0xb7, 0x14, 0x93, 0xc1, 0xdd,
-        0x7b, 0xe8, 0xb4, 0x9b, 0x46, 0xd1, 0xf4, 0x1b, 0x4a, 0xee, 0xc1, 0x12, 0x1b,
-        0x01, 0x37, 0x83, 0xf8, 0xf3, 0x52, 0x6b, 0x56, 0xd0, 0x37, 0xe0, 0x5f, 0x25,
-        0x98, 0xbd, 0x0f, 0xd2, 0x21, 0x5d, 0x6a, 0x1e, 0x52, 0x95, 0xe6, 0x4f, 0x73,
-        0xf6, 0x3f, 0x0a, 0xec, 0x8b, 0x91, 0x5a, 0x98, 0x5d, 0x78, 0x65, 0x98,
-    };
-
-    CheckHmacTestVector(key, message, Digest::SHA_2_256, make_string(sha_256_expected));
-    if (SecLevel() != SecurityLevel::STRONGBOX) {
-        CheckHmacTestVector(key, message, Digest::SHA_2_224, make_string(sha_224_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_384, make_string(sha_384_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_512, make_string(sha_512_expected));
-    }
-}
-
-/*
- * SigningOperationsTest.HmacRfc4231TestCase7
- *
- * Validates against the test vectors from RFC 4231 test case 7.
- */
-TEST_F(SigningOperationsTest, HmacRfc4231TestCase7) {
-    string key(131, 0xaa);
-    string message =
-        "This is a test using a larger than block-size key and a larger than "
-        "block-size data. The key needs to be hashed before being used by the HMAC "
-        "algorithm.";
-
-    uint8_t sha_224_expected[] = {
-        0x3a, 0x85, 0x41, 0x66, 0xac, 0x5d, 0x9f, 0x02, 0x3f, 0x54, 0xd5, 0x17, 0xd0, 0xb3,
-        0x9d, 0xbd, 0x94, 0x67, 0x70, 0xdb, 0x9c, 0x2b, 0x95, 0xc9, 0xf6, 0xf5, 0x65, 0xd1,
-    };
-    uint8_t sha_256_expected[] = {
-        0x9b, 0x09, 0xff, 0xa7, 0x1b, 0x94, 0x2f, 0xcb, 0x27, 0x63, 0x5f,
-        0xbc, 0xd5, 0xb0, 0xe9, 0x44, 0xbf, 0xdc, 0x63, 0x64, 0x4f, 0x07,
-        0x13, 0x93, 0x8a, 0x7f, 0x51, 0x53, 0x5c, 0x3a, 0x35, 0xe2,
-    };
-    uint8_t sha_384_expected[] = {
-        0x66, 0x17, 0x17, 0x8e, 0x94, 0x1f, 0x02, 0x0d, 0x35, 0x1e, 0x2f, 0x25,
-        0x4e, 0x8f, 0xd3, 0x2c, 0x60, 0x24, 0x20, 0xfe, 0xb0, 0xb8, 0xfb, 0x9a,
-        0xdc, 0xce, 0xbb, 0x82, 0x46, 0x1e, 0x99, 0xc5, 0xa6, 0x78, 0xcc, 0x31,
-        0xe7, 0x99, 0x17, 0x6d, 0x38, 0x60, 0xe6, 0x11, 0x0c, 0x46, 0x52, 0x3e,
-    };
-    uint8_t sha_512_expected[] = {
-        0xe3, 0x7b, 0x6a, 0x77, 0x5d, 0xc8, 0x7d, 0xba, 0xa4, 0xdf, 0xa9, 0xf9, 0x6e,
-        0x5e, 0x3f, 0xfd, 0xde, 0xbd, 0x71, 0xf8, 0x86, 0x72, 0x89, 0x86, 0x5d, 0xf5,
-        0xa3, 0x2d, 0x20, 0xcd, 0xc9, 0x44, 0xb6, 0x02, 0x2c, 0xac, 0x3c, 0x49, 0x82,
-        0xb1, 0x0d, 0x5e, 0xeb, 0x55, 0xc3, 0xe4, 0xde, 0x15, 0x13, 0x46, 0x76, 0xfb,
-        0x6d, 0xe0, 0x44, 0x60, 0x65, 0xc9, 0x74, 0x40, 0xfa, 0x8c, 0x6a, 0x58,
-    };
-
-    CheckHmacTestVector(key, message, Digest::SHA_2_256, make_string(sha_256_expected));
-    if (SecLevel() != SecurityLevel::STRONGBOX) {
-        CheckHmacTestVector(key, message, Digest::SHA_2_224, make_string(sha_224_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_384, make_string(sha_384_expected));
-        CheckHmacTestVector(key, message, Digest::SHA_2_512, make_string(sha_512_expected));
-    }
-}
-
 typedef KeymasterHidlTest VerificationOperationsTest;
 
 /*