Added a new test case to validate AES algorithm with invalid key sizes.
Strongbox keymaster does not support keysize of length 192 for AES algorithm.
Test: Executed keymaster vts test cases.
Change-Id: I3db310f4e2353761c68a4c94aa19d9fa71aa9215
diff --git a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
index e0d60fc..9e37ed0 100644
--- a/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
+++ b/keymaster/4.0/vts/functional/keymaster_hidl_hal_test.cpp
@@ -921,6 +921,23 @@
.Authorization(TAG_MIN_MAC_LENGTH, 128)));
}
+/**
+ * NewKeyGenerationTest.AesInvalidKeySize
+ *
+ * Verifies that specifying an invalid key size for AES key generation returns
+ * UNSUPPORTED_KEY_SIZE.
+ */
+TEST_P(NewKeyGenerationTest, AesInvalidKeySize) {
+ for (auto key_size : InvalidKeySizes(Algorithm::AES)) {
+ ASSERT_EQ(ErrorCode::UNSUPPORTED_KEY_SIZE,
+ GenerateKey(AuthorizationSetBuilder()
+ .Authorization(TAG_NO_AUTH_REQUIRED)
+ .AesEncryptionKey(key_size)
+ .Authorization(TAG_BLOCK_MODE, BlockMode::ECB)
+ .Padding(PaddingMode::NONE)));
+ }
+}
+
INSTANTIATE_KEYMASTER_HIDL_TEST(NewKeyGenerationTest);
typedef KeymasterHidlTest SigningOperationsTest;