Add test for RSA OAEP wrapping with different hashes

Change-Id: I9a06501cdb67fe2ac8558b694b0e49b12c7e793f

diff --git a/src/ckm/unprivileged/key-wrapping.cpp b/src/ckm/unprivileged/key-wrapping.cpp
index d5a601c3f15a2e9aa85873d52a1c760671bae018..f22489c0dbd24e0ec2cb7a08ce06f26836f1d114 100644 (file)
--- a/src/ckm/unprivileged/key-wrapping.cpp
+++ b/src/ckm/unprivileged/key-wrapping.cpp
@@ -385,33 +385,6 @@ void testImportValidArgs(const Algo &algo,
        assert_aes_key_value(IMPORTED_ALIAS, nullptr, plainData);
 }
 
-void testImportRSAHashes(int buffLen,
-                                                const Alias &wrappingKeyAlias,
-                                                const Alias &unwrappingKeyAlias){
-       ParamListPtr params = getDefaultParams({CKMC_ALGO_RSA_OAEP, 0});
-
-       auto test = [&]{
-               RawBufferPtr plainKey = encryptAndImport(params,
-                                       buffLen,
-                                       wrappingKeyAlias,
-                                       nullptr,
-                                       unwrappingKeyAlias,
-                                       nullptr,
-                                       IMPORTED_ALIAS.c_str(),
-                                       UNEXPORTABLE);
-
-               assert_aes_key_value(IMPORTED_ALIAS, nullptr, plainKey);
-
-               ckmc_remove_key(IMPORTED_ALIAS.c_str());
-       };
-
-       test();
-       setParam(params, CKMC_PARAM_ED_OAEP_HASH, CKMC_HASH_SHA1);
-       test();
-       setParam(params, CKMC_PARAM_ED_OAEP_HASH, CKMC_HASH_SHA256);
-       test();
-}
-
 void testBadWrappedKey(const Algo &algo){
        ParamListPtr params = getDefaultParams(algo);
        ckmc_key_s *wrongKey = generate_AES_key(128, nullptr);
@@ -1206,12 +1179,6 @@ RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_4096){
        testImportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PUB_ALIAS, RSA_KEY_4096_PRV_ALIAS);
 }
 
-RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_DIFFERENT_HASH){
-       // 1024 is too short for SHA512 hash
-       testImportRSAHashes(16, RSA_KEY_2048_PUB_ALIAS, RSA_KEY_2048_PRV_ALIAS);
-       testImportRSAHashes(16, RSA_KEY_4096_PUB_ALIAS, RSA_KEY_4096_PRV_ALIAS);
-}
-
 RUNNER_TEST(TKW_RSAOAEP_INVALID_BUFF_LENGTH){
        testImportInvalidBuffLen(RSA_OAEP_ALGO, 8, RSA_KEY_1024_PUB_ALIAS, RSA_KEY_1024_PRV_ALIAS);
        testImportInvalidBuffLen(RSA_OAEP_ALGO, 12, RSA_KEY_1024_PUB_ALIAS, RSA_KEY_1024_PRV_ALIAS);
@@ -1535,6 +1502,25 @@ RUNNER_TEST(TKW_IMPORT_EXPORT_RSA_LABEL){
        testImportExportCustomParameters(RSA_OAEP_ALGO, RSA_KEY_4096_PUB_ALIAS, nullptr, RSA_KEY_4096_PRV_ALIAS, nullptr, DEFAULT_IV, CKMC_PARAM_ED_LABEL, AAD64);
 }
 
+RUNNER_TEST(TKW_IMPORT_EXPORT_RSA_HASH){
+       auto test = [](const Alias &wrappingKeyAlias, const Alias &unwrappingKeyAlias){
+               for (auto hash : {CKMC_HASH_SHA1, CKMC_HASH_SHA256}) {
+                       // DEFAULT_IV will be ignored by RSA
+                       testImportExportCustomParameters(RSA_OAEP_ALGO,
+                                               wrappingKeyAlias,
+                                               nullptr,
+                                               unwrappingKeyAlias,
+                                               nullptr,
+                                               DEFAULT_IV,
+                                               CKMC_PARAM_ED_OAEP_HASH,
+                                               hash);
+               }
+       };
+       test(RSA_KEY_1024_PUB_ALIAS, RSA_KEY_1024_PRV_ALIAS);
+       test(RSA_KEY_2048_PUB_ALIAS, RSA_KEY_2048_PRV_ALIAS);
+       test(RSA_KEY_4096_PUB_ALIAS, RSA_KEY_4096_PRV_ALIAS);
+}
+
 RUNNER_TEST(TKW_RSA_WRAPPED_KEY){
        ParamListPtr params = getDefaultParams(AES_CTR_ALGO);