From: Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
Date: Wed, 12 Jul 2023 13:43:36 +0000 (+0200)
Subject: CKM: Disable non-GCM tests in TZ cipher API
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=149311f843b82c2a779bacff63cae593012004ef;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

CKM: Disable non-GCM tests in TZ cipher API

Currently TZ backend cipher API does not support other encryption modes
beside GCM.

Change-Id: I0fad8ba60b3081af0601f07ac92f724cc88f2fc0
---

diff --git a/src/ckm/unprivileged/encryption-decryption-env.h b/src/ckm/unprivileged/encryption-decryption-env.h
index ac564f31..64c22121 100644
--- a/src/ckm/unprivileged/encryption-decryption-env.h
+++ b/src/ckm/unprivileged/encryption-decryption-env.h
@@ -53,6 +53,7 @@ struct EncryptionApi
                                     ckmc_raw_buffer_s **ppdecrypted) = 0;
 
     virtual bool symmetricOnly() const { return false; }
+    virtual bool gcmOnly() const { return false; }
 
     virtual ~EncryptionApi() {}
 };
@@ -140,6 +141,10 @@ public:
 
     bool symmetricOnly() const override { return true; }
 
+#ifdef TZ_BACKEND
+    bool gcmOnly() const override { return true; }
+#endif
+
 private:
     int crypt(ckmc_cipher_ctx_h ctx, unsigned char *ptr, size_t left, CKM::RawBuffer& output);
     EncryptionError ckmcError2Result(int error);
diff --git a/src/ckm/unprivileged/encryption-decryption.cpp b/src/ckm/unprivileged/encryption-decryption.cpp
index d8b98b3a..9327777b 100644
--- a/src/ckm/unprivileged/encryption-decryption.cpp
+++ b/src/ckm/unprivileged/encryption-decryption.cpp
@@ -344,12 +344,16 @@ EncryptionResult encrypt(const Algo& algo,
 
 void testAllAlgorithms(const std::function<void(const Algo& algo)>& test)
 {
-    test( { CKMC_ALGO_AES_CBC, 128 });
-    test( { CKMC_ALGO_AES_CBC, 192 });
-    test( { CKMC_ALGO_AES_CBC, 256 });
     test( { CKMC_ALGO_AES_GCM, 128 });
     test( { CKMC_ALGO_AES_GCM, 192 });
     test( { CKMC_ALGO_AES_GCM, 256 });
+
+    if (g_api->gcmOnly())
+        return;
+
+    test( { CKMC_ALGO_AES_CBC, 128 });
+    test( { CKMC_ALGO_AES_CBC, 192 });
+    test( { CKMC_ALGO_AES_CBC, 256 });
     test( { CKMC_ALGO_AES_CTR, 128 });
     test( { CKMC_ALGO_AES_CTR, 192 });
     test( { CKMC_ALGO_AES_CTR, 256 });
@@ -357,11 +361,12 @@ void testAllAlgorithms(const std::function<void(const Algo& algo)>& test)
     test( { CKMC_ALGO_AES_CFB, 192 });
     test( { CKMC_ALGO_AES_CFB, 256 });
 
-    if (!g_api->symmetricOnly()) {
-        test( { CKMC_ALGO_RSA_OAEP, 1024 });
-        test( { CKMC_ALGO_RSA_OAEP, 2048 });
-        test( { CKMC_ALGO_RSA_OAEP, 4096 });
-    }
+    if (g_api->symmetricOnly())
+        return;
+
+    test( { CKMC_ALGO_RSA_OAEP, 1024 });
+    test( { CKMC_ALGO_RSA_OAEP, 2048 });
+    test( { CKMC_ALGO_RSA_OAEP, 4096 });
 }
 
 void testNoIvEnc(const Algo& algo)