Adding tests using AES algorithm.
- Generate AES keys with block modes [ECB, CBC] and padding modes [NONE,
PKCS7]. Should be able to create operations successfully with these
generated keys.
- Generate AES keys with block modes [CTR, GCM] and padding modes [NONE,
PKCS7]. Should be able to create operations successfully with padding
mode NONE. With PKCS7 padding mode creation of an operation should
fail with incompatible padding mode.
- Try to generate a key and create an operation with invalid inputs, it
should fail with proper error codes.
- with unsupported key size
- with GCM block mode without providing min-mac-length
- with multiple block modes
- with multiple padding modes
- with incompatible padding modes
- with incompatible block modes
- with missing mac-length
- with invalid mac-length
- with unsupported mac-length
- With AES-CBC-PKCS7 key without `CALLER_NONCE` authorization, Try to
set nonce while creating an operation.
Bug: 194359114
Test: atest keystore2_client_test
Change-Id: Ibf1b8460317b4c99d9060d5889c8b3778a80ca5b
diff --git a/keystore2/test_utils/authorizations.rs b/keystore2/test_utils/authorizations.rs
index 5876c09..c2f0279 100644
--- a/keystore2/test_utils/authorizations.rs
+++ b/keystore2/test_utils/authorizations.rs
@@ -142,6 +142,25 @@
});
self
}
+
+ /// Add nonce.
+ pub fn nonce(mut self, b: Vec<u8>) -> Self {
+ self.0.push(KeyParameter { tag: Tag::NONCE, value: KeyParameterValue::Blob(b) });
+ self
+ }
+
+ /// Add MAC length.
+ pub fn mac_length(mut self, l: i32) -> Self {
+ self.0.push(KeyParameter { tag: Tag::MAC_LENGTH, value: KeyParameterValue::Integer(l) });
+ self
+ }
+
+ /// Add min MAC length.
+ pub fn min_mac_length(mut self, l: i32) -> Self {
+ self.0
+ .push(KeyParameter { tag: Tag::MIN_MAC_LENGTH, value: KeyParameterValue::Integer(l) });
+ self
+ }
}
impl Deref for AuthSetBuilder {