From 7c2b88b5b7fe8b4a661b3b67f6f3bc8e6bc381ce Mon Sep 17 00:00:00 2001 From: Gaurav Kashyap Date: Mon, 15 Jun 2020 13:58:39 -0700 Subject: VtsKernelEncryptionTest: fix wrapped key tests and test adding corrupted key 1. Correctly implement the derivation of raw secret when using wrapped keys. This is used to verify the key identifier and to derive the inode hash key for IV_INO_LBLK_32 (emmc_optimized) encryption policies. 2. Add a new test case (TestHwWrappedKeyCorruption) that fails when any byte of the key that is added is corrupted. Test: VtsKernelEncryptionTest on device with HW wrapped keys supported. Bug: 153730132 Change-Id: Id51f2dd514fed903783af4a442bad50280a64387 --- encryption/utils.cpp | 50 +++++++++++++++++++++++++++++++++++++------------- 1 file changed, 37 insertions(+), 13 deletions(-) (limited to 'encryption/utils.cpp') diff --git a/encryption/utils.cpp b/encryption/utils.cpp index 1956d0a1..03a46bfc 100644 --- a/encryption/utils.cpp +++ b/encryption/utils.cpp @@ -379,6 +379,27 @@ static void GetFixedInputString(uint32_t counter, PushBigEndian32(derived_key_len, fixed_input_string); } +static bool AesCmacKdfHelper(const std::vector &key, + const std::vector &label, + const std::vector &context, + uint32_t output_key_size, + std::vector *output_data) { + output_data->resize(output_key_size); + for (size_t count = 0; count < (output_key_size / kAesBlockSize); count++) { + std::vector fixed_input_string; + GetFixedInputString(count + 1, label, context, (output_key_size * 8), + &fixed_input_string); + if (!AES_CMAC(output_data->data() + (kAesBlockSize * count), key.data(), + key.size(), fixed_input_string.data(), + fixed_input_string.size())) { + ADD_FAILURE() + << "AES_CMAC failed while deriving subkey from HW wrapped key"; + return false; + } + } + return true; +} + bool DeriveHwWrappedEncryptionKey(const std::vector &master_key, std::vector *enc_key) { std::vector label{0x00, 0x00, 0x40, 0x00, 0x00, 0x00, @@ -392,19 +413,22 @@ bool DeriveHwWrappedEncryptionKey(const std::vector &master_key, 0x00, 0x00, 0x00, 0x02, 0x43, 0x00, 0x82, 0x50, 0x0, 0x0, 0x0, 0x0}; - enc_key->resize(kAes256XtsKeySize); - for (size_t count = 0; count < (kAes256XtsKeySize / kAesBlockSize); count++) { - std::vector fixed_input_string; - GetFixedInputString(count + 1, label, context, (kAes256XtsKeySize * 8), - &fixed_input_string); - if (!AES_CMAC(enc_key->data() + (kAesBlockSize * count), master_key.data(), - master_key.size(), fixed_input_string.data(), - fixed_input_string.size())) { - ADD_FAILURE() << "AES_CMAC failed while deriving inline encryption key"; - return false; - } - } - return true; + return AesCmacKdfHelper(master_key, label, context, kAes256XtsKeySize, + enc_key); +} + +bool DeriveHwWrappedRawSecret(const std::vector &master_key, + std::vector *secret) { + std::vector label{0x00, 0x00, 0x40, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x20}; + // Context in fixed input string comprises of software provided context, + // padding to eight bytes (if required) and the key policy. + std::vector context = {'r', 'a', 'w', ' ', 's', 'e', 'c', + 'r', 'e', 't', 0x0, 0x0, 0x0, 0x0, + 0x0, 0x0, 0x00, 0x00, 0x00, 0x02, 0x17, + 0x00, 0x80, 0x50, 0x0, 0x0, 0x0, 0x0}; + + return AesCmacKdfHelper(master_key, label, context, kAes256KeySize, secret); } } // namespace kernel -- cgit v1.2.3