From f76c91e057f36bf565545742bbb64b0782d17527 Mon Sep 17 00:00:00 2001 From: subrahmanyaman Date: Thu, 9 Dec 2021 17:36:51 +0000 Subject: [PATCH 1/2] Updated the cts keystore patch --- .../cts_tests_tests_keystore.patch | 213 +++++++++++------- 1 file changed, 128 insertions(+), 85 deletions(-) diff --git a/aosp_integration_patches/cts_tests_tests_keystore.patch b/aosp_integration_patches/cts_tests_tests_keystore.patch index 85ffb05c..f699b56a 100644 --- a/aosp_integration_patches/cts_tests_tests_keystore.patch +++ b/aosp_integration_patches/cts_tests_tests_keystore.patch @@ -1,167 +1,207 @@ diff --git a/tests/tests/keystore/src/android/keystore/cts/AttestKeyTest.java b/tests/tests/keystore/src/android/keystore/cts/AttestKeyTest.java -index 0f064b645fd..452c034fcb0 100644 +index 0f064b645fd..6ea7f55af84 100644 --- a/tests/tests/keystore/src/android/keystore/cts/AttestKeyTest.java +++ b/tests/tests/keystore/src/android/keystore/cts/AttestKeyTest.java -@@ -144,7 +144,13 @@ public class AttestKeyTest { - @Test +@@ -145,6 +145,13 @@ public class AttestKeyTest { public void testAttestKeySecurityLevelMismatch() throws Exception { TestUtils.assumeStrongBox(); -- -+ int keyStoreFeatureVersionStrongBox = -+ TestUtils.getFeatureVersionKeystoreStrongBox(InstrumentationRegistry.getInstrumentation().getTargetContext()); + ++ int keyStoreFeatureVersionStrongBox = ++ TestUtils.getFeatureVersionKeystoreStrongBox(InstrumentationRegistry.getInstrumentation().getTargetContext()); + if(Attestation.KM_VERSION_KEYMASTER_4 == keyStoreFeatureVersionStrongBox + || Attestation.KM_VERSION_KEYMASTER_4_1 == keyStoreFeatureVersionStrongBox) { + return; + } -+ ++ final String strongBoxAttestKeyAlias = "nonAttestKey"; final String attestedKeyAlias = "attestedKey"; generateKeyPair(KEY_ALGORITHM_EC, diff --git a/tests/tests/keystore/src/android/keystore/cts/BlockCipherTestBase.java b/tests/tests/keystore/src/android/keystore/cts/BlockCipherTestBase.java -index ccbadf98a31..eca7b6c2abe 100644 +index 055fa8cc229..3940859532e 100644 --- a/tests/tests/keystore/src/android/keystore/cts/BlockCipherTestBase.java +++ b/tests/tests/keystore/src/android/keystore/cts/BlockCipherTestBase.java -@@ -744,17 +744,27 @@ abstract class BlockCipherTestBase extends AndroidTestCase { +@@ -34,6 +34,7 @@ import androidx.test.runner.AndroidJUnit4; + + import junit.framework.AssertionFailedError; + ++import java.io.ByteArrayOutputStream; + import java.nio.Buffer; + import java.nio.ByteBuffer; + import java.security.AlgorithmParameters; +@@ -776,22 +777,41 @@ abstract class BlockCipherTestBase { + byte[] expectedCiphertext = getKatCiphertext(); int blockSize = getBlockSize(); if (isStreamCipher()) { ++ ByteArrayOutputStream actualCiphertext = new ByteArrayOutputStream(); // Stream cipher -- one byte in, one byte out -+ int comparingPosition = 0; -+ //Stream cipher -- one byte in, one byte out (unless when Strongbox is used) for (int plaintextIndex = 0; plaintextIndex < plaintext.length; plaintextIndex++) { byte[] output = update(new byte[] {plaintext[plaintextIndex]}); - assertEquals("plaintext index: " + plaintextIndex, 1, output.length); - assertEquals("plaintext index: " + plaintextIndex, - expectedCiphertext[plaintextIndex], output[0]); ++ if (output != null) { ++ actualCiphertext.write(output); ++ } ++ // Some StrongBox implementations cannot support 1:1 input:output lengths, so ++ // we relax this API restriction for them. + if (!isStrongbox()) { -+ assertTrue(output != null); + assertEquals("plaintext index: " + plaintextIndex, 1, output.length); -+ } -+ if (output != null) { -+ for (int i = 0; i < output.length; ++i) { -+ assertEquals("ciphertext comparison position: " + comparingPosition, -+ expectedCiphertext[comparingPosition], output[i]); -+ comparingPosition += 1; -+ } ++ assertEquals("plaintext index: " + plaintextIndex, ++ expectedCiphertext[plaintextIndex], output[0]); + } } byte[] finalOutput = doFinal(); - byte[] expectedFinalOutput; +- byte[] expectedFinalOutput; - if (isAuthenticatedCipher()) { -+ if (isAuthenticatedCipher() || (isStrongbox() && finalOutput.length != 0)) { - expectedFinalOutput = +- expectedFinalOutput = - subarray(expectedCiphertext, plaintext.length, expectedCiphertext.length); -+ subarray(expectedCiphertext, comparingPosition, expectedCiphertext.length); - } else { - expectedFinalOutput = EmptyArray.BYTE; +- } else { +- expectedFinalOutput = EmptyArray.BYTE; ++ if (!isStrongbox()) { ++ byte[] expectedFinalOutput; ++ if (isAuthenticatedCipher()) { ++ expectedFinalOutput = ++ subarray(expectedCiphertext, plaintext.length, ++ expectedCiphertext.length); ++ } else { ++ expectedFinalOutput = EmptyArray.BYTE; ++ } ++ assertArrayEquals(expectedFinalOutput, finalOutput); ++ } ++ ++ // StrongBox doesn't require 1:1 in:out, so just compare the full ciphertext. We perform ++ // this check on non-StrongBox implementations as well to ensure the test logic is ++ // exercised on non-StrongBox platforms. ++ if (finalOutput != null) { ++ actualCiphertext.write(finalOutput); } -@@ -814,15 +824,28 @@ abstract class BlockCipherTestBase extends AndroidTestCase { +- assertArrayEquals(expectedFinalOutput, finalOutput); ++ assertArrayEquals(expectedCiphertext, actualCiphertext.toByteArray()); + } else { + // Not a stream cipher -- operates on full blocks only. + +@@ -848,15 +868,33 @@ abstract class BlockCipherTestBase { byte[] finalOutput = doFinal(); - assertEquals(expectedPlaintext, finalOutput); + assertArrayEquals(expectedPlaintext, finalOutput); } else if (isStreamCipher()) { -- // Unauthenticated stream cipher -- one byte in, one byte out -+ int comparingPosition = 0; -+ // Unauthenticated stream cipher -- one byte in, one byte out (unless when Strongbox is used) ++ ByteArrayOutputStream actualPlaintext = new ByteArrayOutputStream(); + // Unauthenticated stream cipher -- one byte in, one byte out for (int ciphertextIndex = 0; ciphertextIndex < ciphertext.length; ciphertextIndex++) { byte[] output = update(new byte[] {ciphertext[ciphertextIndex]}); - assertEquals("ciphertext index: " + ciphertextIndex, 1, output.length); - assertEquals("ciphertext index: " + ciphertextIndex, - expectedPlaintext[ciphertextIndex], output[0]); ++ if (output != null) { ++ actualPlaintext.write(output); ++ } ++ // Some StrongBox implementations cannot support 1:1 input:output lengths, so ++ // we relax this API restriction for them. + if (!isStrongbox()) { -+ assertTrue(output != null); + assertEquals("ciphertext index: " + ciphertextIndex, 1, output.length); -+ } -+ if (output != null) { -+ for (int i = 0; i < output.length; ++i) { -+ assertEquals("plaintext comparison position: " + comparingPosition, -+ expectedPlaintext[comparingPosition], output[i]); -+ comparingPosition += 1; -+ } ++ assertEquals("ciphertext index: " + ciphertextIndex, ++ expectedPlaintext[ciphertextIndex], output[0]); + } } byte[] finalOutput = doFinal(); - assertEquals(0, finalOutput.length); -+ int expectedPlainTextLength = 0; -+ if (isStrongbox()) { -+ expectedPlainTextLength = (expectedPlaintext.length - comparingPosition); ++ if (!isStrongbox()) { ++ assertEquals(0, finalOutput.length); ++ } ++ ++ // StrongBox doesn't require 1:1 in:out, so just compare the full ciphertext. We perform ++ // this check on non-StrongBox implementations as well to ensure the test logic is ++ // exercised on non-StrongBox platforms. ++ if (finalOutput != null) { ++ actualPlaintext.write(finalOutput); + } -+ assertEquals(expectedPlainTextLength, finalOutput.length); ++ assertArrayEquals(expectedPlaintext, actualPlaintext.toByteArray()); } else { // Unauthenticated block cipher -- operates in full blocks only -@@ -1187,6 +1210,8 @@ abstract class BlockCipherTestBase extends AndroidTestCase { - throw new AssertionFailedError("Unsupported opmode: " + opmode); - } - -+ boolean allowZeroLengthOutput = expectedOutput.length == 0; -+ +@@ -1231,43 +1269,65 @@ abstract class BlockCipherTestBase { int inputEndIndexInBuffer = inputOffsetInBuffer + input.length; int outputEndIndexInBuffer = outputOffsetInBuffer + expectedOutput.length; -@@ -1195,15 +1220,15 @@ abstract class BlockCipherTestBase extends AndroidTestCase { ++ assertTrue("StrongBox output assumptions below need input to be at least a block.", ++ input.length >= blockSize); ++ + // Test the update(byte[], int, int, byte[], int) variant + byte[] buffer = new byte[Math.max(inputEndIndexInBuffer, outputEndIndexInBuffer)]; System.arraycopy(input, 0, buffer, inputOffsetInBuffer, input.length); createCipher(); initKat(opmode); -- String additionalInformation = ""; + String additionalInformation = ""; - if (isStrongbox() && opmode == Cipher.ENCRYPT_MODE) { - additionalInformation = "May fail due to b/194134359"; -- } ++ int outputLength = update(buffer, inputOffsetInBuffer, input.length, ++ buffer, outputOffsetInBuffer); ++ if (isStrongbox()) { ++ // StrongBox does not have to support one byte of output per byte of input. ++ assertTrue("output length: " + outputLength, ++ outputLength >= blockSize || (expectedOutput.length == 0 && outputLength == 0)); ++ outputEndIndexInBuffer = outputOffsetInBuffer + outputLength; ++ } else { ++ assertEquals(expectedOutput.length, outputLength); + } - assertEquals(additionalInformation, expectedOutput.length, - update(buffer, inputOffsetInBuffer, input.length, - buffer, outputOffsetInBuffer)); -- assertEquals(expectedOutput, -- subarray(buffer, outputOffsetInBuffer, outputEndIndexInBuffer)); -+ int bytes = update(buffer, inputOffsetInBuffer, input.length, -+ buffer, outputOffsetInBuffer); -+ // We make little assumptions about the size of the output. But we make sure that at least -+ // one block was processed. -+ assertTrue(bytes >= blockSize || (allowZeroLengthOutput && bytes == 0)); -+ // Check that all that was processed was as expected. -+ assertEquals(subarray(expectedOutput, 0, bytes), -+ subarray(buffer, outputOffsetInBuffer, outputOffsetInBuffer + bytes)); -+ +- assertArrayEquals(expectedOutput, ++ assertArrayEquals(subarray(expectedOutput, 0, outputLength), + subarray(buffer, outputOffsetInBuffer, outputEndIndexInBuffer)); if (outputOffsetInBuffer == 0) { // We can use the update variant which assumes that output offset is 0. -@@ -1211,10 +1236,10 @@ abstract class BlockCipherTestBase extends AndroidTestCase { +- buffer = new byte[Math.max(inputEndIndexInBuffer, outputEndIndexInBuffer)]; ++ Arrays.fill(buffer, (byte)0); System.arraycopy(input, 0, buffer, inputOffsetInBuffer, input.length); createCipher(); initKat(opmode); - assertEquals(expectedOutput.length, - update(buffer, inputOffsetInBuffer, input.length, buffer)); -- assertEquals(expectedOutput, -- subarray(buffer, outputOffsetInBuffer, outputEndIndexInBuffer)); -+ bytes = update(buffer, inputOffsetInBuffer, input.length, buffer); -+ assertTrue(bytes >= blockSize || (allowZeroLengthOutput && bytes == 0)); -+ assertEquals(subarray(expectedOutput, 0, bytes), -+ subarray(buffer, outputOffsetInBuffer, outputOffsetInBuffer + bytes)); +- assertArrayEquals(expectedOutput, ++ outputLength = update(buffer, inputOffsetInBuffer, input.length, buffer, outputOffsetInBuffer); ++ if (isStrongbox()) { ++ // StrongBox does not have to support one byte of output per byte of input. ++ assertTrue("output length: " + outputLength, ++ outputLength >= blockSize || (expectedOutput.length == 0 && outputLength == 0)); ++ outputEndIndexInBuffer = outputOffsetInBuffer + outputLength; ++ } else { ++ assertEquals(expectedOutput.length, outputLength); ++ } ++ assertArrayEquals(subarray(expectedOutput, 0, outputLength), + subarray(buffer, outputOffsetInBuffer, outputEndIndexInBuffer)); } // Test the update(ByteBuffer, ByteBuffer) variant -@@ -1225,9 +1250,10 @@ abstract class BlockCipherTestBase extends AndroidTestCase { +- buffer = new byte[Math.max(inputEndIndexInBuffer, outputEndIndexInBuffer)]; ++ Arrays.fill(buffer, (byte)0); + System.arraycopy(input, 0, buffer, inputOffsetInBuffer, input.length); + ByteBuffer inputBuffer = ByteBuffer.wrap(buffer, inputOffsetInBuffer, input.length); + ByteBuffer outputBuffer = ByteBuffer.wrap(buffer, outputOffsetInBuffer, expectedOutput.length); createCipher(); initKat(opmode); - assertEquals(expectedOutput.length, update(inputBuffer, outputBuffer)); -- assertEquals(expectedOutput, -- subarray(buffer, outputOffsetInBuffer, outputEndIndexInBuffer)); -+ bytes = update(inputBuffer, outputBuffer); -+ assertTrue(bytes >= blockSize || (allowZeroLengthOutput && bytes == 0)); -+ assertEquals(subarray(expectedOutput, 0, bytes), -+ subarray(buffer, outputOffsetInBuffer, outputOffsetInBuffer + bytes)); +- assertArrayEquals(expectedOutput, ++ outputLength = update(inputBuffer, outputBuffer); ++ if (isStrongbox()) { ++ // StrongBox does not have to support one byte of output per byte of input. ++ assertTrue("output length: " + outputLength, ++ outputLength >= blockSize || (expectedOutput.length == 0 && outputLength == 0)); ++ outputEndIndexInBuffer = outputOffsetInBuffer + outputLength; ++ } else { ++ assertEquals(expectedOutput.length, outputLength); ++ } ++ assertArrayEquals(subarray(expectedOutput, 0, outputLength), + subarray(buffer, outputOffsetInBuffer, outputEndIndexInBuffer)); } - public void testDoFinalCopySafe() throws Exception { -@@ -1485,16 +1511,15 @@ abstract class BlockCipherTestBase extends AndroidTestCase { - 0, outputLength); - return; +@@ -1530,14 +1590,11 @@ abstract class BlockCipherTestBase { } -+ /* -+ * Strongbox implementations did not have the following restrictions. -+ */ -+ if (isStrongbox()) return; if (isStreamCipher()) { - if (outputLength != inputLength) { +- if (outputLength != inputLength) { - if (isStrongbox()) { - fail("Output of update (" + outputLength + ") not same size as input (" - + inputLength + ") b/194123581"); @@ -169,6 +209,9 @@ index ccbadf98a31..eca7b6c2abe 100644 - fail("Output of update (" + outputLength + ") not same size as input (" - + inputLength + ")"); - } ++ // Some StrongBox implementations cannot support 1:1 input:output lengths, so ++ // we relax this API restriction for them. ++ if (outputLength != inputLength && !isStrongbox()) { + fail("Output of update (" + outputLength + ") not same size as input (" + + inputLength + ")"); } From 04b523bb2d93e68f481160b8f7beb8e9b91e8c40 Mon Sep 17 00:00:00 2001 From: subrahmanyaman Date: Thu, 9 Dec 2021 20:22:25 +0000 Subject: [PATCH 2/2] Updated KMFunctionalTest --- .../javacard/test/KMFunctionalTest.java | 255 +++++++++++++++--- 1 file changed, 213 insertions(+), 42 deletions(-) diff --git a/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java b/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java index bbba28ab..42f102e9 100644 --- a/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java +++ b/Applet/JCardSimProvider/test/com/android/javacard/test/KMFunctionalTest.java @@ -430,6 +430,209 @@ public class KMFunctionalTest { (byte) 0x6e, (byte) 0x20, (byte) 0x49, (byte) 0x6e, (byte) 0x74, (byte) 0x65, (byte) 0x72, (byte) 0x6d, (byte) 0x65, (byte) 0x64, (byte) 0x69, (byte) 0x61, (byte) 0x74, (byte) 0x65}; + + private static final byte[] rsa_key_pkcs8 = { + (byte) 0x30, (byte) 0x82, (byte) 0x04, (byte) 0xbc, (byte) 0x02, (byte) 0x01, (byte) 0x00, + (byte) 0x30, (byte) 0x0d, (byte) 0x06, (byte) 0x09, (byte) 0x2a, (byte) 0x86, (byte) 0x48, + (byte) 0x86, (byte) 0xf7, (byte) 0x0d, (byte) 0x01, (byte) 0x01, (byte) 0x01, (byte) 0x05, + (byte) 0x00, (byte) 0x04, (byte) 0x82, (byte) 0x04, (byte) 0xa6, (byte) 0x30, (byte) 0x82, + (byte) 0x04, (byte) 0xa2, (byte) 0x02, (byte) 0x01, (byte) 0x00, (byte) 0x02, (byte) 0x82, + (byte) 0x01, (byte) 0x01, (byte) 0x00, (byte) 0xc5, (byte) 0x28, (byte) 0x06, (byte) 0xb1, + (byte) 0x75, (byte) 0x6c, (byte) 0x84, (byte) 0x7a, (byte) 0x61, (byte) 0x6e, (byte) 0x49, + (byte) 0x66, (byte) 0xf8, (byte) 0x60, (byte) 0x4f, (byte) 0xec, (byte) 0x17, (byte) 0x8b, + (byte) 0x34, (byte) 0xfc, (byte) 0x3f, (byte) 0xce, (byte) 0x70, (byte) 0x6a, (byte) 0x02, + (byte) 0xf2, (byte) 0xf3, (byte) 0x6b, (byte) 0xb4, (byte) 0x78, (byte) 0xac, (byte) 0x8c, + (byte) 0x7e, (byte) 0xc5, (byte) 0xf2, (byte) 0xa8, (byte) 0xea, (byte) 0xc1, (byte) 0xe5, + (byte) 0xd3, (byte) 0xa8, (byte) 0xa9, (byte) 0x4b, (byte) 0x4b, (byte) 0x5a, (byte) 0x49, + (byte) 0xc2, (byte) 0xe7, (byte) 0x85, (byte) 0xdf, (byte) 0x56, (byte) 0xa5, (byte) 0x34, + (byte) 0xb2, (byte) 0xb6, (byte) 0xfd, (byte) 0xf2, (byte) 0xbc, (byte) 0xf1, (byte) 0xca, + (byte) 0x34, (byte) 0xba, (byte) 0x60, (byte) 0x50, (byte) 0x8d, (byte) 0x0b, (byte) 0x61, + (byte) 0xca, (byte) 0xd2, (byte) 0x76, (byte) 0x7d, (byte) 0xe4, (byte) 0xff, (byte) 0xdf, + (byte) 0x39, (byte) 0x10, (byte) 0x68, (byte) 0x9c, (byte) 0x45, (byte) 0x79, (byte) 0x8c, + (byte) 0x80, (byte) 0x0b, (byte) 0x58, (byte) 0xe4, (byte) 0x30, (byte) 0x9b, (byte) 0x74, + (byte) 0xc5, (byte) 0x09, (byte) 0x5e, (byte) 0x16, (byte) 0xa1, (byte) 0x63, (byte) 0x7f, + (byte) 0x03, (byte) 0xe9, (byte) 0xb0, (byte) 0x87, (byte) 0xf9, (byte) 0x81, (byte) 0x69, + (byte) 0x35, (byte) 0xca, (byte) 0x86, (byte) 0xe6, (byte) 0xa2, (byte) 0x1d, (byte) 0x3f, + (byte) 0xb8, (byte) 0x66, (byte) 0x39, (byte) 0x35, (byte) 0xf0, (byte) 0xef, (byte) 0xe3, + (byte) 0xde, (byte) 0x11, (byte) 0xa9, (byte) 0x9d, (byte) 0x54, (byte) 0x6f, (byte) 0xa8, + (byte) 0x04, (byte) 0x67, (byte) 0x75, (byte) 0x83, (byte) 0x67, (byte) 0xfb, (byte) 0xc2, + (byte) 0x71, (byte) 0x25, (byte) 0x43, (byte) 0xbe, (byte) 0x9c, (byte) 0x8b, (byte) 0x3e, + (byte) 0x94, (byte) 0x5e, (byte) 0xc1, (byte) 0x18, (byte) 0x83, (byte) 0x48, (byte) 0x9f, + (byte) 0x4d, (byte) 0x09, (byte) 0x1c, (byte) 0x0c, (byte) 0x61, (byte) 0xc5, (byte) 0x50, + (byte) 0x47, (byte) 0x34, (byte) 0x49, (byte) 0x17, (byte) 0x51, (byte) 0x16, (byte) 0xbc, + (byte) 0x09, (byte) 0x9b, (byte) 0x14, (byte) 0xc9, (byte) 0x44, (byte) 0x68, (byte) 0x58, + (byte) 0x19, (byte) 0xac, (byte) 0xf9, (byte) 0xd5, (byte) 0xa8, (byte) 0x52, (byte) 0x1f, + (byte) 0xb2, (byte) 0xcc, (byte) 0x9a, (byte) 0x22, (byte) 0xfe, (byte) 0xa7, (byte) 0x76, + (byte) 0x12, (byte) 0xe6, (byte) 0xfa, (byte) 0x3b, (byte) 0xc8, (byte) 0xe5, (byte) 0x26, + (byte) 0x6f, (byte) 0x62, (byte) 0xd8, (byte) 0xa4, (byte) 0x20, (byte) 0x0a, (byte) 0x6b, + (byte) 0x82, (byte) 0x6e, (byte) 0x43, (byte) 0x34, (byte) 0x34, (byte) 0x00, (byte) 0x59, + (byte) 0xbb, (byte) 0x3e, (byte) 0x54, (byte) 0xc9, (byte) 0x35, (byte) 0x77, (byte) 0x14, + (byte) 0xfd, (byte) 0x8b, (byte) 0xbd, (byte) 0x4e, (byte) 0xf0, (byte) 0x82, (byte) 0x6c, + (byte) 0xd1, (byte) 0x3d, (byte) 0xc0, (byte) 0x65, (byte) 0x98, (byte) 0xe4, (byte) 0x7e, + (byte) 0x4b, (byte) 0x69, (byte) 0xe0, (byte) 0x06, (byte) 0x92, (byte) 0x69, (byte) 0xb0, + (byte) 0x77, (byte) 0x90, (byte) 0x6b, (byte) 0xaa, (byte) 0x48, (byte) 0x2b, (byte) 0xd5, + (byte) 0x27, (byte) 0x95, (byte) 0xc2, (byte) 0xa6, (byte) 0x84, (byte) 0x45, (byte) 0xe2, + (byte) 0x84, (byte) 0x18, (byte) 0x0f, (byte) 0xfe, (byte) 0xc5, (byte) 0xf9, (byte) 0xab, + (byte) 0xbd, (byte) 0x28, (byte) 0x1d, (byte) 0x33, (byte) 0xcf, (byte) 0xb3, (byte) 0xb3, + (byte) 0x02, (byte) 0x03, (byte) 0x01, (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x82, + (byte) 0x01, (byte) 0x00, (byte) 0x35, (byte) 0x96, (byte) 0x54, (byte) 0x83, (byte) 0x65, + (byte) 0x6c, (byte) 0x32, (byte) 0x71, (byte) 0xe5, (byte) 0x0b, (byte) 0x89, (byte) 0xed, + (byte) 0xef, (byte) 0xf2, (byte) 0x95, (byte) 0xa6, (byte) 0x91, (byte) 0x1b, (byte) 0xa8, + (byte) 0x32, (byte) 0x2b, (byte) 0xd1, (byte) 0x9b, (byte) 0xa2, (byte) 0x64, (byte) 0xdc, + (byte) 0xce, (byte) 0x26, (byte) 0xe7, (byte) 0x2d, (byte) 0xa9, (byte) 0x90, (byte) 0xa2, + (byte) 0x60, (byte) 0x81, (byte) 0x3d, (byte) 0x42, (byte) 0x59, (byte) 0xa3, (byte) 0x73, + (byte) 0x2d, (byte) 0x33, (byte) 0x9e, (byte) 0xa0, (byte) 0x83, (byte) 0x90, (byte) 0xea, + (byte) 0xe5, (byte) 0xec, (byte) 0xf0, (byte) 0x30, (byte) 0x67, (byte) 0xc4, (byte) 0xf4, + (byte) 0x12, (byte) 0x62, (byte) 0xe1, (byte) 0xd8, (byte) 0x53, (byte) 0x4b, (byte) 0xe7, + (byte) 0x9b, (byte) 0x04, (byte) 0xd4, (byte) 0xc0, (byte) 0x11, (byte) 0x68, (byte) 0xea, + (byte) 0x2c, (byte) 0xdc, (byte) 0x42, (byte) 0x09, (byte) 0xbd, (byte) 0x36, (byte) 0x5a, + (byte) 0x17, (byte) 0x48, (byte) 0xa7, (byte) 0xb9, (byte) 0x06, (byte) 0x79, (byte) 0x96, + (byte) 0xcf, (byte) 0xfe, (byte) 0xc0, (byte) 0x3f, (byte) 0x29, (byte) 0xf1, (byte) 0xca, + (byte) 0x20, (byte) 0x6a, (byte) 0xaf, (byte) 0x71, (byte) 0xfc, (byte) 0x4e, (byte) 0x28, + (byte) 0xad, (byte) 0x1a, (byte) 0xeb, (byte) 0x4a, (byte) 0x78, (byte) 0xcf, (byte) 0x34, + (byte) 0xec, (byte) 0xb0, (byte) 0x4f, (byte) 0xfd, (byte) 0x9e, (byte) 0x3f, (byte) 0x94, + (byte) 0x8a, (byte) 0x4c, (byte) 0x60, (byte) 0x89, (byte) 0xf5, (byte) 0x5a, (byte) 0x15, + (byte) 0x20, (byte) 0xed, (byte) 0xde, (byte) 0x32, (byte) 0x76, (byte) 0x0a, (byte) 0xcf, + (byte) 0xef, (byte) 0xa2, (byte) 0xf4, (byte) 0x2d, (byte) 0x13, (byte) 0xd9, (byte) 0xea, + (byte) 0x74, (byte) 0x89, (byte) 0xe5, (byte) 0x17, (byte) 0xae, (byte) 0xbf, (byte) 0x1d, + (byte) 0xbe, (byte) 0x0a, (byte) 0xc4, (byte) 0x4b, (byte) 0xf7, (byte) 0xbb, (byte) 0xc9, + (byte) 0x33, (byte) 0xd7, (byte) 0x5b, (byte) 0xa3, (byte) 0x45, (byte) 0xf4, (byte) 0xbe, + (byte) 0x02, (byte) 0xe6, (byte) 0x77, (byte) 0xd7, (byte) 0xfa, (byte) 0xa5, (byte) 0xda, + (byte) 0x13, (byte) 0x68, (byte) 0x94, (byte) 0x9f, (byte) 0x3e, (byte) 0xff, (byte) 0x15, + (byte) 0xf4, (byte) 0xd6, (byte) 0xa8, (byte) 0x28, (byte) 0xe1, (byte) 0x3f, (byte) 0x4e, + (byte) 0xa0, (byte) 0xce, (byte) 0x38, (byte) 0xa5, (byte) 0xb5, (byte) 0x17, (byte) 0x65, + (byte) 0x14, (byte) 0x06, (byte) 0x6c, (byte) 0xca, (byte) 0xb5, (byte) 0x8f, (byte) 0x70, + (byte) 0x98, (byte) 0x4d, (byte) 0x2a, (byte) 0xda, (byte) 0xeb, (byte) 0xe9, (byte) 0x07, + (byte) 0xb8, (byte) 0x09, (byte) 0xe7, (byte) 0x29, (byte) 0x31, (byte) 0x17, (byte) 0xf6, + (byte) 0x61, (byte) 0x96, (byte) 0xbf, (byte) 0x98, (byte) 0x76, (byte) 0x0d, (byte) 0x93, + (byte) 0xe1, (byte) 0xf8, (byte) 0xc7, (byte) 0xd1, (byte) 0xc4, (byte) 0xd8, (byte) 0x3a, + (byte) 0x33, (byte) 0x66, (byte) 0x4e, (byte) 0x84, (byte) 0xbd, (byte) 0x35, (byte) 0x29, + (byte) 0x51, (byte) 0x32, (byte) 0x34, (byte) 0x02, (byte) 0xcc, (byte) 0x16, (byte) 0xc6, + (byte) 0xce, (byte) 0xfa, (byte) 0x4f, (byte) 0x11, (byte) 0x9f, (byte) 0x61, (byte) 0x19, + (byte) 0xf6, (byte) 0xb6, (byte) 0xc1, (byte) 0xa4, (byte) 0xef, (byte) 0x83, (byte) 0x17, + (byte) 0xf1, (byte) 0x1e, (byte) 0xe6, (byte) 0x08, (byte) 0x76, (byte) 0x7a, (byte) 0xf0, + (byte) 0xf7, (byte) 0xa2, (byte) 0x9d, (byte) 0xa3, (byte) 0xa5, (byte) 0x69, (byte) 0x02, + (byte) 0x81, (byte) 0x81, (byte) 0x00, (byte) 0xee, (byte) 0xb0, (byte) 0x63, (byte) 0x52, + (byte) 0x47, (byte) 0x7e, (byte) 0x94, (byte) 0x3b, (byte) 0xe5, (byte) 0x0c, (byte) 0x5c, + (byte) 0x0c, (byte) 0x5f, (byte) 0x9f, (byte) 0xec, (byte) 0xb8, (byte) 0xe6, (byte) 0x81, + (byte) 0x32, (byte) 0x7b, (byte) 0x2d, (byte) 0xf9, (byte) 0x2c, (byte) 0xa5, (byte) 0x30, + (byte) 0x86, (byte) 0x2b, (byte) 0xd0, (byte) 0x6f, (byte) 0x64, (byte) 0xfd, (byte) 0xb5, + (byte) 0xb7, (byte) 0x32, (byte) 0xe4, (byte) 0x02, (byte) 0x2f, (byte) 0x16, (byte) 0x94, + (byte) 0x95, (byte) 0xae, (byte) 0x7b, (byte) 0x57, (byte) 0xee, (byte) 0x4b, (byte) 0xf0, + (byte) 0xde, (byte) 0x9d, (byte) 0x54, (byte) 0x29, (byte) 0x99, (byte) 0xcc, (byte) 0xe0, + (byte) 0xf6, (byte) 0xb5, (byte) 0x17, (byte) 0x03, (byte) 0xfe, (byte) 0xfc, (byte) 0x56, + (byte) 0x91, (byte) 0x43, (byte) 0x22, (byte) 0xce, (byte) 0x0f, (byte) 0xfa, (byte) 0x08, + (byte) 0x88, (byte) 0x5e, (byte) 0xb6, (byte) 0x73, (byte) 0xaa, (byte) 0x82, (byte) 0xe7, + (byte) 0x4c, (byte) 0x2a, (byte) 0xaf, (byte) 0x80, (byte) 0xc6, (byte) 0x83, (byte) 0xab, + (byte) 0x2a, (byte) 0xdd, (byte) 0xd7, (byte) 0xc1, (byte) 0x15, (byte) 0xdb, (byte) 0x94, + (byte) 0x98, (byte) 0x0a, (byte) 0x97, (byte) 0x00, (byte) 0x26, (byte) 0x5b, (byte) 0x62, + (byte) 0x0b, (byte) 0x27, (byte) 0xc3, (byte) 0x64, (byte) 0x38, (byte) 0x98, (byte) 0xd7, + (byte) 0x26, (byte) 0xcf, (byte) 0x73, (byte) 0x98, (byte) 0xe4, (byte) 0x59, (byte) 0x0a, + (byte) 0xb1, (byte) 0x06, (byte) 0x1f, (byte) 0x80, (byte) 0x3c, (byte) 0x19, (byte) 0x20, + (byte) 0x1b, (byte) 0xc3, (byte) 0x47, (byte) 0xaf, (byte) 0x2b, (byte) 0x12, (byte) 0xdf, + (byte) 0xef, (byte) 0x1d, (byte) 0x4d, (byte) 0xfc, (byte) 0xbd, (byte) 0x02, (byte) 0x81, + (byte) 0x81, (byte) 0x00, (byte) 0xd3, (byte) 0x74, (byte) 0x85, (byte) 0xf6, (byte) 0xad, + (byte) 0xdf, (byte) 0x84, (byte) 0xf4, (byte) 0xde, (byte) 0x97, (byte) 0x19, (byte) 0x30, + (byte) 0xa8, (byte) 0x4a, (byte) 0xf6, (byte) 0x7f, (byte) 0x80, (byte) 0x55, (byte) 0x49, + (byte) 0xad, (byte) 0x55, (byte) 0x2c, (byte) 0x87, (byte) 0x5f, (byte) 0x29, (byte) 0xda, + (byte) 0x7a, (byte) 0x81, (byte) 0xd6, (byte) 0xe5, (byte) 0xd8, (byte) 0x8e, (byte) 0x9f, + (byte) 0xbd, (byte) 0x35, (byte) 0xfe, (byte) 0x82, (byte) 0x0b, (byte) 0x5c, (byte) 0x28, + (byte) 0x95, (byte) 0x44, (byte) 0xab, (byte) 0x8c, (byte) 0x9e, (byte) 0xa1, (byte) 0xf2, + (byte) 0x5f, (byte) 0x2a, (byte) 0x6a, (byte) 0x96, (byte) 0x35, (byte) 0xbc, (byte) 0x09, + (byte) 0x4a, (byte) 0xb1, (byte) 0x19, (byte) 0x2f, (byte) 0xc1, (byte) 0x00, (byte) 0xba, + (byte) 0x3f, (byte) 0x8b, (byte) 0x9e, (byte) 0x2b, (byte) 0xbd, (byte) 0x0a, (byte) 0x0f, + (byte) 0x2d, (byte) 0x75, (byte) 0x09, (byte) 0xb6, (byte) 0xea, (byte) 0x98, (byte) 0xb1, + (byte) 0xff, (byte) 0xd8, (byte) 0x21, (byte) 0x13, (byte) 0x5d, (byte) 0xee, (byte) 0x5b, + (byte) 0xf2, (byte) 0xad, (byte) 0x46, (byte) 0x81, (byte) 0x9d, (byte) 0x18, (byte) 0x2b, + (byte) 0x9e, (byte) 0x77, (byte) 0x78, (byte) 0x27, (byte) 0xf5, (byte) 0x3a, (byte) 0x5a, + (byte) 0xb5, (byte) 0x9b, (byte) 0x02, (byte) 0x66, (byte) 0x1b, (byte) 0xb8, (byte) 0x51, + (byte) 0x9a, (byte) 0x07, (byte) 0xb7, (byte) 0x3f, (byte) 0x41, (byte) 0x8b, (byte) 0xfe, + (byte) 0x1e, (byte) 0x85, (byte) 0xc7, (byte) 0xfe, (byte) 0x01, (byte) 0x7a, (byte) 0x7e, + (byte) 0x2e, (byte) 0xb6, (byte) 0x3b, (byte) 0x64, (byte) 0x6e, (byte) 0xdc, (byte) 0x9d, + (byte) 0x7a, (byte) 0x48, (byte) 0xd1, (byte) 0x2f, (byte) 0x02, (byte) 0x81, (byte) 0x80, + (byte) 0x36, (byte) 0x6a, (byte) 0x76, (byte) 0x2a, (byte) 0x42, (byte) 0xec, (byte) 0x63, + (byte) 0xa5, (byte) 0x08, (byte) 0x01, (byte) 0xfa, (byte) 0x56, (byte) 0x43, (byte) 0xd2, + (byte) 0xb4, (byte) 0xe8, (byte) 0x2e, (byte) 0x7c, (byte) 0xd3, (byte) 0xe2, (byte) 0x6b, + (byte) 0x47, (byte) 0xbc, (byte) 0x5a, (byte) 0xe8, (byte) 0xa6, (byte) 0x1e, (byte) 0x05, + (byte) 0x05, (byte) 0xf0, (byte) 0x53, (byte) 0x3b, (byte) 0x03, (byte) 0x4a, (byte) 0x11, + (byte) 0xdb, (byte) 0x41, (byte) 0x9a, (byte) 0xf7, (byte) 0x42, (byte) 0xec, (byte) 0xa5, + (byte) 0x68, (byte) 0x15, (byte) 0x86, (byte) 0xb0, (byte) 0xa2, (byte) 0x3f, (byte) 0xe1, + (byte) 0xf9, (byte) 0x1d, (byte) 0xfc, (byte) 0x2c, (byte) 0x69, (byte) 0x72, (byte) 0x3d, + (byte) 0x8e, (byte) 0x06, (byte) 0xaa, (byte) 0xc6, (byte) 0x9d, (byte) 0x95, (byte) 0x5d, + (byte) 0xb0, (byte) 0xf6, (byte) 0xc9, (byte) 0x7c, (byte) 0xfa, (byte) 0x82, (byte) 0x05, + (byte) 0x3c, (byte) 0x77, (byte) 0x6a, (byte) 0x22, (byte) 0x8b, (byte) 0x25, (byte) 0xcc, + (byte) 0x1f, (byte) 0x22, (byte) 0xa2, (byte) 0xcf, (byte) 0xfa, (byte) 0x14, (byte) 0xdb, + (byte) 0x64, (byte) 0x44, (byte) 0xb4, (byte) 0x6b, (byte) 0xbb, (byte) 0x01, (byte) 0xe7, + (byte) 0x0c, (byte) 0xfc, (byte) 0xb1, (byte) 0xa6, (byte) 0xb7, (byte) 0x7e, (byte) 0x58, + (byte) 0x38, (byte) 0x58, (byte) 0x02, (byte) 0xd8, (byte) 0x42, (byte) 0x1b, (byte) 0xd7, + (byte) 0x71, (byte) 0xca, (byte) 0xd5, (byte) 0x55, (byte) 0xef, (byte) 0xa7, (byte) 0xc2, + (byte) 0xb4, (byte) 0xbc, (byte) 0x7e, (byte) 0xc9, (byte) 0xe8, (byte) 0x2a, (byte) 0x6c, + (byte) 0x04, (byte) 0x4e, (byte) 0x60, (byte) 0x9e, (byte) 0x36, (byte) 0xe8, (byte) 0x4a, + (byte) 0x68, (byte) 0x4d, (byte) 0x02, (byte) 0x81, (byte) 0x80, (byte) 0x06, (byte) 0x73, + (byte) 0x24, (byte) 0x6e, (byte) 0xec, (byte) 0xc8, (byte) 0xc7, (byte) 0x96, (byte) 0x6c, + (byte) 0x7f, (byte) 0xb1, (byte) 0x5e, (byte) 0x01, (byte) 0x94, (byte) 0x1f, (byte) 0xc6, + (byte) 0xad, (byte) 0xd4, (byte) 0x6c, (byte) 0x25, (byte) 0xe4, (byte) 0x56, (byte) 0x32, + (byte) 0x5e, (byte) 0xdd, (byte) 0xb8, (byte) 0xf3, (byte) 0x49, (byte) 0xa8, (byte) 0x93, + (byte) 0x64, (byte) 0x32, (byte) 0x9d, (byte) 0x7e, (byte) 0xb8, (byte) 0xf9, (byte) 0xe5, + (byte) 0x5f, (byte) 0x91, (byte) 0x55, (byte) 0x0f, (byte) 0x90, (byte) 0x83, (byte) 0xa7, + (byte) 0x0b, (byte) 0x63, (byte) 0xa7, (byte) 0x2f, (byte) 0xed, (byte) 0xec, (byte) 0x48, + (byte) 0x5e, (byte) 0xa5, (byte) 0x38, (byte) 0xa7, (byte) 0x55, (byte) 0x95, (byte) 0x8e, + (byte) 0x16, (byte) 0x55, (byte) 0xfe, (byte) 0x58, (byte) 0x57, (byte) 0xda, (byte) 0xe0, + (byte) 0x3c, (byte) 0xa8, (byte) 0xe4, (byte) 0xe3, (byte) 0x9f, (byte) 0x11, (byte) 0x47, + (byte) 0xca, (byte) 0x0a, (byte) 0x14, (byte) 0x4b, (byte) 0xd8, (byte) 0x7c, (byte) 0xd1, + (byte) 0xc9, (byte) 0x68, (byte) 0xae, (byte) 0xd7, (byte) 0x4d, (byte) 0x1f, (byte) 0xbc, + (byte) 0x6e, (byte) 0x5d, (byte) 0x41, (byte) 0x5f, (byte) 0x59, (byte) 0x07, (byte) 0x8a, + (byte) 0x38, (byte) 0x79, (byte) 0xaa, (byte) 0x30, (byte) 0xa5, (byte) 0xe4, (byte) 0xc1, + (byte) 0xd6, (byte) 0x90, (byte) 0x9d, (byte) 0xb4, (byte) 0x94, (byte) 0x0d, (byte) 0xab, + (byte) 0xd9, (byte) 0x44, (byte) 0xfa, (byte) 0xe0, (byte) 0x55, (byte) 0x76, (byte) 0x4f, + (byte) 0x32, (byte) 0x1e, (byte) 0x59, (byte) 0x60, (byte) 0xf5, (byte) 0x60, (byte) 0x04, + (byte) 0x65, (byte) 0x39, (byte) 0x47, (byte) 0x78, (byte) 0x66, (byte) 0x66, (byte) 0x33, + (byte) 0x02, (byte) 0x81, (byte) 0x80, (byte) 0x37, (byte) 0x90, (byte) 0x1c, (byte) 0x72, + (byte) 0x46, (byte) 0xc4, (byte) 0xda, (byte) 0x2c, (byte) 0x50, (byte) 0xb8, (byte) 0x4f, + (byte) 0xdc, (byte) 0x82, (byte) 0x98, (byte) 0xbc, (byte) 0xec, (byte) 0x1d, (byte) 0x84, + (byte) 0xc1, (byte) 0x33, (byte) 0xb7, (byte) 0x60, (byte) 0x1e, (byte) 0x58, (byte) 0x81, + (byte) 0x01, (byte) 0x24, (byte) 0x4c, (byte) 0x66, (byte) 0x17, (byte) 0xbc, (byte) 0xc3, + (byte) 0x83, (byte) 0x0b, (byte) 0x10, (byte) 0x38, (byte) 0x3c, (byte) 0x3c, (byte) 0xb4, + (byte) 0x36, (byte) 0x0e, (byte) 0x1b, (byte) 0xb5, (byte) 0x93, (byte) 0xd7, (byte) 0x47, + (byte) 0x14, (byte) 0x48, (byte) 0xf1, (byte) 0xf9, (byte) 0x53, (byte) 0xb5, (byte) 0xe1, + (byte) 0xe3, (byte) 0x0b, (byte) 0x51, (byte) 0x02, (byte) 0x14, (byte) 0x24, (byte) 0x0c, + (byte) 0x37, (byte) 0xf5, (byte) 0x78, (byte) 0xac, (byte) 0x00, (byte) 0x9f, (byte) 0xb2, + (byte) 0xfb, (byte) 0x32, (byte) 0x6c, (byte) 0xef, (byte) 0x2d, (byte) 0xa1, (byte) 0x7c, + (byte) 0xaf, (byte) 0xbb, (byte) 0x53, (byte) 0x9e, (byte) 0x7a, (byte) 0xc2, (byte) 0x5f, + (byte) 0x37, (byte) 0x74, (byte) 0xe9, (byte) 0x9b, (byte) 0x2b, (byte) 0xdb, (byte) 0x48, + (byte) 0xa0, (byte) 0x62, (byte) 0xcb, (byte) 0xee, (byte) 0x80, (byte) 0x07, (byte) 0xdc, + (byte) 0x0c, (byte) 0xc5, (byte) 0xe6, (byte) 0xc5, (byte) 0xbe, (byte) 0xd8, (byte) 0x82, + (byte) 0xd1, (byte) 0xd8, (byte) 0xd0, (byte) 0xd5, (byte) 0x8c, (byte) 0x55, (byte) 0xd4, + (byte) 0xfa, (byte) 0x50, (byte) 0x05, (byte) 0x7a, (byte) 0x02, (byte) 0x6d, (byte) 0xda, + (byte) 0x56, (byte) 0xec, (byte) 0xca, (byte) 0xf4, (byte) 0x27, (byte) 0xf0, (byte) 0x8f, + (byte) 0x8f, (byte) 0xc5, (byte) 0x3c, (byte) 0x28, (byte) 0x30 + }; + + private static final byte[] ec_key_pkcs8 = { + (byte)0x30, (byte)0x81, (byte)0x87, (byte)0x02, (byte)0x01, (byte)0x00, + (byte)0x30, (byte)0x13, (byte)0x06, (byte)0x07, (byte)0x2a, (byte)0x86, + (byte)0x48, (byte)0xce, (byte)0x3d, (byte)0x02, (byte)0x01, (byte)0x06, + (byte)0x08, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0xce, (byte)0x3d, + (byte)0x03, (byte)0x01, (byte)0x07, (byte)0x04, (byte)0x6d, (byte)0x30, + (byte)0x6b, (byte)0x02, (byte)0x01, (byte)0x01, (byte)0x04, (byte)0x20, + (byte)0xfc, (byte)0x06, (byte)0xed, (byte)0x57, (byte)0xe9, (byte)0x03, + (byte)0xd9, (byte)0xfe, (byte)0x3f, (byte)0x32, (byte)0x34, (byte)0x0f, + (byte)0xd3, (byte)0x69, (byte)0x0a, (byte)0x4d, (byte)0xe8, (byte)0x0b, + (byte)0x08, (byte)0xcd, (byte)0x17, (byte)0x1c, (byte)0x5f, (byte)0xe5, + (byte)0xd3, (byte)0xaa, (byte)0x34, (byte)0xd2, (byte)0x09, (byte)0x0b, + (byte)0xb2, (byte)0x1a, (byte)0xa1, (byte)0x44, (byte)0x03, (byte)0x42, + (byte)0x00, (byte)0x04, (byte)0xf7, (byte)0x84, (byte)0xf4, (byte)0xae, + (byte)0xf2, (byte)0x80, (byte)0xca, (byte)0xe0, (byte)0xe6, (byte)0x38, + (byte)0x63, (byte)0x83, (byte)0x39, (byte)0x65, (byte)0xd7, (byte)0x4c, + (byte)0x3d, (byte)0x75, (byte)0x13, (byte)0x7a, (byte)0x3b, (byte)0xcd, + (byte)0x1a, (byte)0xca, (byte)0xa1, (byte)0x4b, (byte)0x1d, (byte)0xa1, + (byte)0x6a, (byte)0xa2, (byte)0x13, (byte)0xf5, (byte)0xf5, (byte)0xee, + (byte)0x90, (byte)0x92, (byte)0xeb, (byte)0x8f, (byte)0x67, (byte)0xb1, + (byte)0xd0, (byte)0xa2, (byte)0x6e, (byte)0x02, (byte)0x1a, (byte)0x83, + (byte)0x12, (byte)0x5b, (byte)0x68, (byte)0x8e, (byte)0x50, (byte)0x65, + (byte)0x35, (byte)0x66, (byte)0xa1, (byte)0xee, (byte)0x86, (byte)0x62, + (byte)0x22, (byte)0xe6, (byte)0x00, (byte)0x61, (byte)0x54, (byte)0x86 + }; // AttestationApplicationId ::= SEQUENCE { // * packageInfoRecords SET OF PackageInfoRecord, // * signatureDigests SET OF OCTET_STRING, @@ -732,11 +935,7 @@ public void testAesImportKeySuccess() { KMArray.cast(arrPtr).add((short) 4, KMEnumTag.instance(KMType.ALGORITHM, KMType.AES)); short keyParams = KMKeyParameters.instance(arrPtr); short keyFormatPtr = KMEnum.instance(KMType.KEY_FORMAT, KMType.RAW); - short keyBlob = KMArray.instance((short) 1); - KMArray.cast(keyBlob).add((short) 0, KMByteBlob.instance(aesKeySecret, (short) 0, (short) 16)); - byte[] blob = new byte[256]; - short len = encoder.encode(keyBlob, blob, (short) 0); - keyBlob = KMByteBlob.instance(blob, (short) 0, len); + short keyBlob = KMByteBlob.instance(aesKeySecret, (short) 0, (short) 16); arrPtr = KMArray.instance((short) 3); KMArray arg = KMArray.cast(arrPtr); arg.add((short) 0, keyParams); @@ -751,7 +950,7 @@ public void testAesImportKeySuccess() { short inst = KMKeyCharacteristics.exp(); KMArray.cast(ret).add((short) 2, inst); byte[] respBuf = response.getBytes(); - len = (short) respBuf.length; + short len = (short) respBuf.length; ret = decoder.decode(ret, respBuf, (short) 0, len); short error = KMInteger.cast(KMArray.cast(ret).get((short) 0)).getShort(); short keyBlobLength = KMByteBlob.cast(KMArray.cast(ret).get((short) 1)).length(); @@ -795,11 +994,7 @@ public void testHmacImportKeySuccess() { KMArray.cast(arrPtr).add((short) 4, KMEnumTag.instance(KMType.ALGORITHM, KMType.HMAC)); short keyParams = KMKeyParameters.instance(arrPtr); short keyFormatPtr = KMEnum.instance(KMType.KEY_FORMAT, KMType.RAW); - short keyBlob = KMArray.instance((short) 1); - KMArray.cast(keyBlob).add((short) 0, KMByteBlob.instance(hmacKeySecret, (short) 0, (short) 16)); - byte[] blob = new byte[256]; - short len = encoder.encode(keyBlob, blob, (short) 0); - keyBlob = KMByteBlob.instance(blob, (short) 0, len); + short keyBlob = KMByteBlob.instance(hmacKeySecret, (short) 0, (short) 16); arrPtr = KMArray.instance((short) 3); KMArray arg = KMArray.cast(arrPtr); arg.add((short) 0, keyParams); @@ -814,7 +1009,7 @@ public void testHmacImportKeySuccess() { short inst = KMKeyCharacteristics.exp(); KMArray.cast(ret).add((short) 2, inst); byte[] respBuf = response.getBytes(); - len = (short) respBuf.length; + short len = (short) respBuf.length; ret = decoder.decode(ret, respBuf, (short) 0, len); short error = KMInteger.cast(KMArray.cast(ret).get((short) 0)).getShort(); short keyBlobLength = KMByteBlob.cast(KMArray.cast(ret).get((short) 1)).length(); @@ -842,12 +1037,6 @@ public void testHmacImportKeySuccess() { public void testRsaImportKeySuccess() { init(); byte[] pub = new byte[]{0x00, 0x01, 0x00, 0x01}; - byte[] mod = new byte[256]; - byte[] priv = new byte[256]; - short[] lengths = new short[2]; - cryptoProvider - .createAsymmetricKey(KMType.RSA, priv, (short) 0, (short) 256, mod, (short) 0, (short) 256, - lengths); short arrPtr = KMArray.instance((short) 6); short boolTag = KMBoolTag.instance(KMType.NO_AUTH_REQUIRED); short keySize = KMIntegerTag @@ -867,13 +1056,8 @@ public void testRsaImportKeySuccess() { KMArray.cast(arrPtr).add((short) 4, KMEnumTag.instance(KMType.ALGORITHM, KMType.RSA)); KMArray.cast(arrPtr).add((short) 5, padding); short keyParams = KMKeyParameters.instance(arrPtr); - short keyFormatPtr = KMEnum.instance(KMType.KEY_FORMAT, KMType.RAW);// Note: VTS uses PKCS8 - short keyBlob = KMArray.instance((short) 2); - KMArray.cast(keyBlob).add((short) 0, KMByteBlob.instance(priv, (short) 0, (short) 256)); - KMArray.cast(keyBlob).add((short) 1, KMByteBlob.instance(mod, (short) 0, (short) 256)); - byte[] blob = new byte[620]; - short len = encoder.encode(keyBlob, blob, (short) 0); - keyBlob = KMByteBlob.instance(blob, (short) 0, len); + short keyFormatPtr = KMEnum.instance(KMType.KEY_FORMAT, KMType.PKCS8); + short keyBlob = KMByteBlob.instance(rsa_key_pkcs8, (short) 0, (short) rsa_key_pkcs8.length); arrPtr = KMArray.instance((short) 3); KMArray arg = KMArray.cast(arrPtr); arg.add((short) 0, keyParams); @@ -888,7 +1072,7 @@ public void testRsaImportKeySuccess() { short inst = KMKeyCharacteristics.exp(); KMArray.cast(ret).add((short) 2, inst); byte[] respBuf = response.getBytes(); - len = (short) respBuf.length; + short len = (short) respBuf.length; ret = decoder.decode(ret, respBuf, (short) 0, len); short error = KMInteger.cast(KMArray.cast(ret).get((short) 0)).getShort(); short keyBlobLength = KMByteBlob.cast(KMArray.cast(ret).get((short) 1)).length(); @@ -1100,14 +1284,6 @@ private short signVerificationToken(short verToken, byte machineType) { @Test public void testEcImportKeySuccess() { init(); - byte[] pub = new byte[128]; - byte[] priv = new byte[128]; - short[] lengths = new short[2]; - cryptoProvider - .createAsymmetricKey(KMType.EC, priv, (short) 0, (short) 128, pub, (short) 0, (short) 128, - lengths); - short pubBlob = KMByteBlob.instance(pub, (short) 0, lengths[1]); - short privBlob = KMByteBlob.instance(priv, (short) 0, lengths[0]); short arrPtr = KMArray.instance((short) 5); short boolTag = KMBoolTag.instance(KMType.NO_AUTH_REQUIRED); short keySize = KMIntegerTag @@ -1122,13 +1298,8 @@ public void testEcImportKeySuccess() { KMArray.cast(arrPtr).add((short) 3, ecCurve); KMArray.cast(arrPtr).add((short) 4, KMEnumTag.instance(KMType.ALGORITHM, KMType.EC)); short keyParams = KMKeyParameters.instance(arrPtr); - short keyFormatPtr = KMEnum.instance(KMType.KEY_FORMAT, KMType.RAW);// Note: VTS uses PKCS8 - short keyBlob = KMArray.instance((short) 2); - KMArray.cast(keyBlob).add((short) 0, privBlob); - KMArray.cast(keyBlob).add((short) 1, pubBlob); - byte[] blob = new byte[128]; - short len = encoder.encode(keyBlob, blob, (short) 0); - keyBlob = KMByteBlob.instance(blob, (short) 0, len); + short keyFormatPtr = KMEnum.instance(KMType.KEY_FORMAT, KMType.PKCS8); + short keyBlob = KMByteBlob.instance(ec_key_pkcs8, (short) 0, (short) ec_key_pkcs8.length); arrPtr = KMArray.instance((short) 3); KMArray arg = KMArray.cast(arrPtr); arg.add((short) 0, keyParams); @@ -1143,7 +1314,7 @@ public void testEcImportKeySuccess() { short inst = KMKeyCharacteristics.exp(); KMArray.cast(ret).add((short) 2, inst); byte[] respBuf = response.getBytes(); - len = (short) respBuf.length; + short len = (short) respBuf.length; ret = decoder.decode(ret, respBuf, (short) 0, len); short error = KMInteger.cast(KMArray.cast(ret).get((short) 0)).getShort(); short keyBlobLength = KMByteBlob.cast(KMArray.cast(ret).get((short) 1)).length();