Restructred blob utilities to make them accessible in tests.
Creating a new library "libkeystore2_with_test_utils" where it includes blob utils
apis and sample test vectors based on feature flag keystore2_blob_test_utils.
Bug: 213173772
Bug: 213172664
Bug: 203101472
Test: keystore2_test
Change-Id: I869d27d1d3e8c6d28d8f5e5d6aed4305b5265816
diff --git a/keystore2/Android.bp b/keystore2/Android.bp
index 2027af4..74aa4bd 100644
--- a/keystore2/Android.bp
+++ b/keystore2/Android.bp
@@ -89,6 +89,19 @@
],
}
+rust_library {
+ name: "libkeystore2_with_test_utils",
+ defaults: ["libkeystore2_defaults"],
+ features: [
+ "keystore2_blob_test_utils",
+ ],
+ rustlibs: [
+ "liblibsqlite3_sys",
+ "librusqlite",
+ "libkeystore2_test_utils",
+ ],
+}
+
rust_test {
name: "keystore2_test_utils_test",
srcs: ["test_utils/lib.rs"],
@@ -119,10 +132,12 @@
"liblibsqlite3_sys",
"libnix",
"librusqlite",
+ "libkeystore2_with_test_utils",
],
// The test should always include watchdog.
features: [
"watchdog",
+ "keystore2_blob_test_utils",
],
}
diff --git a/keystore2/src/legacy_blob.rs b/keystore2/src/legacy_blob.rs
index cbc680d..d75bfd2 100644
--- a/keystore2/src/legacy_blob.rs
+++ b/keystore2/src/legacy_blob.rs
@@ -1387,25 +1387,24 @@
}
}
-#[cfg(test)]
-mod test {
+/// This module implements utility apis for creating legacy blob files.
+#[cfg(feature = "keystore2_blob_test_utils")]
+pub mod test_utils {
#![allow(dead_code)]
- use super::*;
- use keystore2_crypto::{aes_gcm_decrypt, aes_gcm_encrypt};
- use rand::Rng;
- use std::string::FromUtf8Error;
- mod legacy_blob_test_vectors;
+
+ /// test vectors for legacy key blobs
+ pub mod legacy_blob_test_vectors;
+
use crate::legacy_blob::blob_types::{
GENERIC, KEY_CHARACTERISTICS, KEY_CHARACTERISTICS_CACHE, KM_BLOB, SUPER_KEY,
SUPER_KEY_AES256,
};
- use crate::legacy_blob::test::legacy_blob_test_vectors::*;
+ use crate::legacy_blob::*;
use anyhow::{anyhow, Result};
- use keystore2_test_utils::TempDir;
+ use keystore2_crypto::{aes_gcm_decrypt, aes_gcm_encrypt};
use std::convert::TryInto;
use std::fs::OpenOptions;
use std::io::Write;
- use std::ops::Deref;
/// This function takes a blob and synchronizes the encrypted/super encrypted flags
/// with the blob type for the pairs Generic/EncryptedGeneric,
@@ -1414,7 +1413,7 @@
/// or flags::ENCRYPTED is set, the payload is encrypted and the corresponding
/// encrypted variant is returned, and vice versa. All other variants remain untouched
/// even if flags and BlobValue variant are inconsistent.
- fn prepare_blob(blob: Blob, key: &[u8]) -> Result<Blob> {
+ pub fn prepare_blob(blob: Blob, key: &[u8]) -> Result<Blob> {
match blob {
Blob { value: BlobValue::Generic(data), flags } if blob.is_encrypted() => {
let (ciphertext, iv, tag) = aes_gcm_encrypt(&data, key).unwrap();
@@ -1453,7 +1452,8 @@
}
}
- struct LegacyBlobHeader {
+ /// Legacy blob header structure.
+ pub struct LegacyBlobHeader {
version: u8,
blob_type: u8,
flags: u8,
@@ -1467,7 +1467,7 @@
/// version 3. Note that the flags field and the values field may be
/// inconsistent and could be sanitized by this function. It is intentionally
/// not done to enable tests to construct malformed blobs.
- fn write_legacy_blob(out: &mut dyn Write, blob: Blob) -> Result<usize> {
+ pub fn write_legacy_blob(out: &mut dyn Write, blob: Blob) -> Result<usize> {
let (header, data, salt) = match blob {
Blob { value: BlobValue::Generic(data), flags } => (
LegacyBlobHeader {
@@ -1581,7 +1581,9 @@
write_legacy_blob_helper(out, &header, &data, salt.as_deref())
}
- fn write_legacy_blob_helper(
+ /// This function takes LegacyBlobHeader, blob payload and writes it to out as a legacy blob file
+ /// version 3.
+ pub fn write_legacy_blob_helper(
out: &mut dyn Write,
header: &LegacyBlobHeader,
data: &[u8],
@@ -1622,10 +1624,51 @@
Ok(40 + data.len() + info.map(|v| v.len()).unwrap_or(0))
}
- fn make_encrypted_characteristics_file<P: AsRef<Path>>(path: P, key: &[u8]) -> Result<()> {
+ /// Create encrypted characteristics file using given key.
+ pub fn make_encrypted_characteristics_file<P: AsRef<Path>>(
+ path: P,
+ key: &[u8],
+ data: &[u8],
+ ) -> Result<()> {
+ let mut file = OpenOptions::new().write(true).create_new(true).open(path).unwrap();
+ let blob =
+ Blob { value: BlobValue::Characteristics(data.to_vec()), flags: flags::ENCRYPTED };
+ let blob = prepare_blob(blob, key).unwrap();
+ write_legacy_blob(&mut file, blob).unwrap();
+ Ok(())
+ }
+
+ /// Create encrypted user certificate file using given key.
+ pub fn make_encrypted_usr_cert_file<P: AsRef<Path>>(
+ path: P,
+ key: &[u8],
+ data: &[u8],
+ ) -> Result<()> {
+ let mut file = OpenOptions::new().write(true).create_new(true).open(path).unwrap();
+ let blob = Blob { value: BlobValue::Generic(data.to_vec()), flags: flags::ENCRYPTED };
+ let blob = prepare_blob(blob, key).unwrap();
+ write_legacy_blob(&mut file, blob).unwrap();
+ Ok(())
+ }
+
+ /// Create encrypted CA certificate file using given key.
+ pub fn make_encrypted_ca_cert_file<P: AsRef<Path>>(
+ path: P,
+ key: &[u8],
+ data: &[u8],
+ ) -> Result<()> {
+ let mut file = OpenOptions::new().write(true).create_new(true).open(path).unwrap();
+ let blob = Blob { value: BlobValue::Generic(data.to_vec()), flags: flags::ENCRYPTED };
+ let blob = prepare_blob(blob, key).unwrap();
+ write_legacy_blob(&mut file, blob).unwrap();
+ Ok(())
+ }
+
+ /// Create encrypted user key file using given key.
+ pub fn make_encrypted_key_file<P: AsRef<Path>>(path: P, key: &[u8], data: &[u8]) -> Result<()> {
let mut file = OpenOptions::new().write(true).create_new(true).open(path).unwrap();
let blob = Blob {
- value: BlobValue::Characteristics(KEY_PARAMETERS.to_vec()),
+ value: BlobValue::Decrypted(ZVec::try_from(data).unwrap()),
flags: flags::ENCRYPTED,
};
let blob = prepare_blob(blob, key).unwrap();
@@ -1633,27 +1676,29 @@
Ok(())
}
- fn make_encrypted_usr_cert_file<P: AsRef<Path>>(path: P, key: &[u8]) -> Result<()> {
+ /// Create user or ca cert blob file.
+ pub fn make_cert_blob_file<P: AsRef<Path>>(path: P, data: &[u8]) -> Result<()> {
let mut file = OpenOptions::new().write(true).create_new(true).open(path).unwrap();
- let blob = Blob {
- value: BlobValue::Generic(LOADED_CERT_AUTHBOUND.to_vec()),
- flags: flags::ENCRYPTED,
- };
- let blob = prepare_blob(blob, key).unwrap();
+ let blob = Blob { value: BlobValue::Generic(data.to_vec()), flags: 0 };
+ let blob = prepare_blob(blob, &[]).unwrap();
write_legacy_blob(&mut file, blob).unwrap();
Ok(())
}
+}
- fn make_encrypted_ca_cert_file<P: AsRef<Path>>(path: P, key: &[u8]) -> Result<()> {
- let mut file = OpenOptions::new().write(true).create_new(true).open(path).unwrap();
- let blob = Blob {
- value: BlobValue::Generic(LOADED_CACERT_AUTHBOUND.to_vec()),
- flags: flags::ENCRYPTED,
- };
- let blob = prepare_blob(blob, key).unwrap();
- write_legacy_blob(&mut file, blob).unwrap();
- Ok(())
- }
+#[cfg(test)]
+mod test {
+ #![allow(dead_code)]
+ use super::*;
+ use crate::legacy_blob::test_utils::legacy_blob_test_vectors::*;
+ use crate::legacy_blob::test_utils::*;
+ use anyhow::{anyhow, Result};
+ use keystore2_crypto::aes_gcm_decrypt;
+ use keystore2_test_utils::TempDir;
+ use rand::Rng;
+ use std::convert::TryInto;
+ use std::ops::Deref;
+ use std::string::FromUtf8Error;
#[test]
fn decode_encode_alias_test() {
@@ -1962,6 +2007,7 @@
make_encrypted_characteristics_file(
&*temp_dir.build().push("user_0").push(".10223_chr_USRPKEY_authbound"),
&super_key,
+ KEY_PARAMETERS,
)
.unwrap();
std::fs::write(
@@ -2053,11 +2099,13 @@
make_encrypted_usr_cert_file(
&*temp_dir.build().push("user_0").push("10223_USRCERT_authbound"),
&super_key,
+ LOADED_CERT_AUTHBOUND,
)
.unwrap();
make_encrypted_ca_cert_file(
&*temp_dir.build().push("user_0").push("10223_CACERT_authbound"),
&super_key,
+ LOADED_CACERT_AUTHBOUND,
)
.unwrap();
@@ -2139,11 +2187,13 @@
make_encrypted_usr_cert_file(
&*temp_dir.build().push("user_0").push("10223_USRCERT_authbound"),
&super_key,
+ LOADED_CERT_AUTHBOUND,
)
.unwrap();
make_encrypted_ca_cert_file(
&*temp_dir.build().push("user_0").push("10223_CACERT_authbound"),
&super_key,
+ LOADED_CACERT_AUTHBOUND,
)
.unwrap();
diff --git a/keystore2/src/legacy_blob/test/legacy_blob_test_vectors.rs b/keystore2/src/legacy_blob/test_utils/legacy_blob_test_vectors.rs
similarity index 98%
rename from keystore2/src/legacy_blob/test/legacy_blob_test_vectors.rs
rename to keystore2/src/legacy_blob/test_utils/legacy_blob_test_vectors.rs
index 2049ac2..3eecee0 100644
--- a/keystore2/src/legacy_blob/test/legacy_blob_test_vectors.rs
+++ b/keystore2/src/legacy_blob/test_utils/legacy_blob_test_vectors.rs
@@ -20,6 +20,7 @@
KeyPurpose::KeyPurpose, SecurityLevel::SecurityLevel,
};
+/// Holds Blob structure.
pub static BLOB: &[u8] = &[
3, // version
1, // type
@@ -31,6 +32,7 @@
0xde, 0xed, 0xbe, 0xef, // payload
];
+/// Creates LegacyKeyCharacteristics with security level KEYSTORE.
pub fn structured_test_params() -> LegacyKeyCharacteristics {
LegacyKeyCharacteristics::File(vec![
KeyParameter::new(KeyParameterValue::KeyPurpose(KeyPurpose::SIGN), SecurityLevel::KEYSTORE),
@@ -61,6 +63,7 @@
])
}
+/// Creates LegacyKeyCharacteristics with security level TRUSTED_ENVIRONMENT.
pub fn structured_test_params_cache() -> LegacyKeyCharacteristics {
LegacyKeyCharacteristics::Cache(vec![
KeyParameter::new(
@@ -117,7 +120,7 @@
])
}
-// One encoded list of key parameters.
+/// One encoded list of key parameters.
pub static KEY_PARAMETERS: &[u8] = &[
0x00, 0x00, 0x00, 0x00, 0x0f, 0x00, 0x00, 0x00, 0x7c, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x20,
0x02, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x20, 0x03, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x20,
@@ -130,6 +133,7 @@
0x30, 0x01, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00,
];
+/// Real legacy blob.
pub static REAL_LEGACY_BLOB: &[u8] = &[
0x03, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -161,6 +165,7 @@
0xda, 0x40, 0x2b, 0x75, 0xd0, 0xd2, 0x81, 0x7f, 0xe2, 0x2b, 0xef, 0x64,
];
+/// Real legacy blob payload.
pub static REAL_LEGACY_BLOB_PAYLOAD: &[u8] = &[
0x6c, 0x01, 0x00, 0x00, 0x00, 0x32, 0x00, 0x25, 0x00, 0x0b, 0x00, 0x06, 0x00, 0x72, 0x00, 0x00,
0x00, 0x06, 0x00, 0x80, 0x00, 0x43, 0x00, 0x20, 0x85, 0x42, 0x9e, 0xe9, 0x34, 0x85, 0x2a, 0x00,
@@ -190,11 +195,13 @@
0xe2, 0x2b, 0xef, 0x64,
];
+/// AES key blob.
pub static AES_KEY: &[u8] = &[
0x48, 0xe4, 0xb5, 0xff, 0xcd, 0x9c, 0x41, 0x1e, 0x20, 0x41, 0xf2, 0x65, 0xa0, 0x4f, 0xf6, 0x57,
0xc6, 0x58, 0xca, 0xbf, 0x28, 0xa3, 0x01, 0x98, 0x01, 0x76, 0x10, 0xc0, 0x30, 0x4e, 0x35, 0x6e,
];
+/// AES-GCM encrypted blob.
pub static AES_GCM_ENCRYPTED_BLOB: &[u8] = &[
0x03, 0x04, 0x04, 0x00, 0xbd, 0xdb, 0x8d, 0x69, 0x72, 0x56, 0xf0, 0xf5, 0xa4, 0x02, 0x88, 0x7f,
0x00, 0x00, 0x00, 0x00, 0x50, 0xd9, 0x97, 0x95, 0x37, 0x6e, 0x28, 0x6a, 0x28, 0x9d, 0x51, 0xb9,
@@ -227,6 +234,7 @@
0x2e, 0x0c, 0xc7, 0xbf, 0x29, 0x1e, 0x31, 0xdc, 0x0e, 0x85, 0x96, 0x7b,
];
+/// Decrypted payload.
pub static DECRYPTED_PAYLOAD: &[u8] = &[
0x7c, 0x01, 0x00, 0x00, 0x00, 0x32, 0x00, 0x25, 0x00, 0x0b, 0x00, 0x06, 0x00, 0x72, 0x00, 0x00,
0x00, 0x06, 0x00, 0x80, 0x00, 0x43, 0x00, 0x20, 0xa4, 0xee, 0xdc, 0x1f, 0x9e, 0xba, 0x42, 0xd6,
@@ -257,6 +265,7 @@
0xf6, 0x0b, 0x81, 0x07,
];
+/// Password blob.
pub static PASSWORD: &[u8] = &[
0x42, 0x39, 0x30, 0x37, 0x44, 0x37, 0x32, 0x37, 0x39, 0x39, 0x43, 0x42, 0x39, 0x41, 0x42, 0x30,
0x34, 0x31, 0x30, 0x38, 0x46, 0x44, 0x33, 0x45, 0x39, 0x42, 0x32, 0x38, 0x36, 0x35, 0x41, 0x36,
@@ -264,6 +273,7 @@
0x32, 0x45, 0x31, 0x35, 0x43, 0x43, 0x46, 0x32, 0x39, 0x36, 0x33, 0x34, 0x31, 0x32, 0x41, 0x39,
];
+/// Super key blob.
pub static SUPERKEY: &[u8] = &[
0x03, 0x07, 0x01, 0x10, 0x9a, 0x81, 0x56, 0x7d, 0xf5, 0x86, 0x7c, 0x62, 0xd7, 0xf9, 0x26, 0x06,
0x00, 0x00, 0x00, 0x00, 0xde, 0x2a, 0xcb, 0xac, 0x98, 0x57, 0x2b, 0xe5, 0x57, 0x18, 0x78, 0x57,
@@ -273,23 +283,28 @@
0x94, 0xb6, 0x67, 0x7b, 0x39, 0x85, 0x28, 0x11,
];
+/// Super key IV.
pub static SUPERKEY_IV: &[u8] = &[
0x9a, 0x81, 0x56, 0x7d, 0xf5, 0x86, 0x7c, 0x62, 0xd7, 0xf9, 0x26, 0x06, 0x00, 0x00, 0x00, 0x00,
];
+/// Super key tag.
pub static SUPERKEY_TAG: &[u8] = &[
0xde, 0x2a, 0xcb, 0xac, 0x98, 0x57, 0x2b, 0xe5, 0x57, 0x18, 0x78, 0x57, 0x6e, 0x10, 0x09, 0x84,
];
+/// Super key salt.
pub static SUPERKEY_SALT: &[u8] = &[
0x04, 0x5b, 0xb4, 0x8a, 0x09, 0x22, 0x13, 0x0c, 0x94, 0xb6, 0x67, 0x7b, 0x39, 0x85, 0x28, 0x11,
];
+/// Super key payload.
pub static SUPERKEY_PAYLOAD: &[u8] = &[
0xac, 0x6d, 0x13, 0xe6, 0xad, 0x2c, 0x89, 0x53, 0x1a, 0x99, 0xa5, 0x6c, 0x88, 0xe9, 0xeb, 0x5c,
0xef, 0x68, 0x5e, 0x5b, 0x53, 0xa8, 0xe7, 0xa2, 0x76, 0x04, 0x2a, 0x48, 0xd1, 0xa7, 0x59, 0xd1,
];
+/// user key blob.
pub static USRPKEY_AUTHBOUND: &[u8] = &[
0x03, 0x04, 0x04, 0x00, 0x1c, 0x34, 0x87, 0x6f, 0xc8, 0x35, 0x0d, 0x34, 0x88, 0x59, 0xbc, 0xf5,
0x00, 0x00, 0x00, 0x00, 0x62, 0xe3, 0x38, 0x2d, 0xd0, 0x58, 0x40, 0xc1, 0xb0, 0xf2, 0x4a, 0xdd,
@@ -330,14 +345,17 @@
0x83, 0x42, 0xdd, 0x4e, 0x6d,
];
+/// Authbound IV.
pub static USRPKEY_AUTHBOUND_IV: &[u8] = &[
0x1c, 0x34, 0x87, 0x6f, 0xc8, 0x35, 0x0d, 0x34, 0x88, 0x59, 0xbc, 0xf5, 0x00, 0x00, 0x00, 0x00,
];
+/// Authbond IV Tag.
pub static USRPKEY_AUTHBOUND_TAG: &[u8] = &[
0x62, 0xe3, 0x38, 0x2d, 0xd0, 0x58, 0x40, 0xc1, 0xb0, 0xf2, 0x4a, 0xdd, 0xf7, 0x81, 0x67, 0x0b,
];
+/// Encrypted use key payload.
pub static USRPKEY_AUTHBOUND_ENC_PAYLOAD: &[u8] = &[
0x05, 0xb2, 0x5a, 0x1d, 0x1b, 0x25, 0x19, 0x48, 0xbf, 0x76, 0x0b, 0x37, 0x8c, 0x60, 0x52, 0xea,
0x30, 0x2a, 0x2c, 0x89, 0x99, 0x95, 0x57, 0x5c, 0xec, 0x62, 0x3c, 0x08, 0x1a, 0xc6, 0x65, 0xf9,
@@ -375,6 +393,7 @@
0x73, 0x08, 0x50, 0xb2, 0x19, 0xe8, 0x23, 0x1b, 0x83, 0x42, 0xdd, 0x4e, 0x6d,
];
+/// User key characterstics blob.
pub static USRPKEY_AUTHBOUND_CHR: &[u8] = &[
0x03, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -390,6 +409,8 @@
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x14, 0x00, 0x00, 0x00, 0xbd, 0x02, 0x00, 0x60,
0x10, 0x9d, 0x8b, 0x31, 0x76, 0x01, 0x00, 0x00, 0xf5, 0x01, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00,
];
+
+/// User certificate blob.
pub static USRCERT_AUTHBOUND: &[u8] = &[
0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -436,6 +457,8 @@
0x39, 0x58, 0xe9, 0x89, 0x1a, 0x14, 0x41, 0x8d, 0xe0, 0xdc, 0x3d, 0x88, 0xf4, 0x2c, 0x7c, 0xda,
0xa1, 0x84, 0xfa, 0x7f, 0xf9, 0x07, 0x97, 0xfb, 0xb5, 0xb7, 0x28, 0x28, 0x00, 0x7c, 0xa7,
];
+
+/// CA certificate blob.
pub static CACERT_AUTHBOUND: &[u8] = &[
0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -624,6 +647,7 @@
0xab, 0xae, 0x24, 0xe2, 0x44, 0x35, 0x16, 0x8d, 0x55, 0x3c, 0xe4,
];
+/// User non-authbond-key blob.
pub static USRPKEY_NON_AUTHBOUND: &[u8] = &[
0x03, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -663,6 +687,8 @@
0x46, 0xf0, 0xee, 0x50, 0x73, 0x6a, 0x7b, 0xa3, 0xe9, 0xb1, 0x08, 0x81, 0x00, 0xdf, 0x0e, 0xc9,
0xc3, 0x2c, 0x13, 0x64, 0xa1,
];
+
+/// User non-authbond-key characteristics blob.
pub static USRPKEY_NON_AUTHBOUND_CHR: &[u8] = &[
0x03, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -678,6 +704,7 @@
0x60, 0x60, 0x60, 0x8c, 0x31, 0x76, 0x01, 0x00, 0x00, 0xf5, 0x01, 0x00, 0x30, 0x00, 0x00, 0x00,
0x00,
];
+/// User non-authbond-key certificate blob.
pub static USRCERT_NON_AUTHBOUND: &[u8] = &[
0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -725,6 +752,7 @@
0xd8, 0xd5, 0xd1, 0x64, 0x4c, 0x05, 0xdd, 0x13, 0x0e, 0xa4, 0xf3, 0x38, 0xbf, 0x18, 0xd5,
];
+/// User non-authbond-key ca-certs blob.
pub static CACERT_NON_AUTHBOUND: &[u8] = &[
0x03, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -913,6 +941,7 @@
0xab, 0xae, 0x24, 0xe2, 0x44, 0x35, 0x16, 0x8d, 0x55, 0x3c, 0xe4,
];
+/// User decrypted authbond-key blob.
pub static _DECRYPTED_USRPKEY_AUTHBOUND: &[u8] = &[
0x44, 0x4b, 0x4d, 0x4b, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
0xc6, 0x15, 0x3a, 0x08, 0x1e, 0x43, 0xba, 0x7a, 0x0f, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
@@ -950,6 +979,7 @@
0x60, 0x5e, 0xcd, 0xce, 0x3a, 0xd8, 0x09, 0xeb, 0x9d, 0x40, 0xdb, 0x58, 0x53,
];
+/// User loaded authbond certs blob.
pub static LOADED_CERT_AUTHBOUND: &[u8] = &[
0x30, 0x82, 0x02, 0x93, 0x30, 0x82, 0x02, 0x3A, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01,
0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x04, 0x03, 0x02, 0x30, 0x29, 0x31, 0x19,
@@ -994,6 +1024,8 @@
0xE0, 0xDC, 0x3D, 0x88, 0xF4, 0x2C, 0x7C, 0xDA, 0xA1, 0x84, 0xFA, 0x7F, 0xF9, 0x07, 0x97, 0xFB,
0xB5, 0xB7, 0x28, 0x28, 0x00, 0x7C, 0xA7,
];
+
+/// User loaded authbond ca-certs blob.
pub static LOADED_CACERT_AUTHBOUND: &[u8] = &[
0x30, 0x82, 0x02, 0x26, 0x30, 0x82, 0x01, 0xAB, 0xA0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0A, 0x05,
0x84, 0x20, 0x26, 0x90, 0x76, 0x23, 0x58, 0x71, 0x77, 0x30, 0x0A, 0x06, 0x08, 0x2A, 0x86, 0x48,
@@ -1180,6 +1212,7 @@
0x55, 0x3C, 0xE4,
];
+/// User loaded non-authbond user key blob.
pub static LOADED_USRPKEY_NON_AUTHBOUND: &[u8] = &[
0x44, 0x4b, 0x4d, 0x4b, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00,
0x8a, 0xc1, 0x08, 0x13, 0x7c, 0x47, 0xba, 0x09, 0x0e, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00,
@@ -1217,6 +1250,7 @@
0xe9, 0xb1, 0x08, 0x81, 0x00, 0xdf, 0x0e, 0xc9, 0xc3, 0x2c, 0x13, 0x64, 0xa1,
];
+/// User loaded non-authbond certificate blob.
pub static LOADED_CERT_NON_AUTHBOUND: &[u8] = &[
0x30, 0x82, 0x02, 0x93, 0x30, 0x82, 0x02, 0x39, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x01, 0x01,
0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, 0x30, 0x29, 0x31, 0x19,
@@ -1262,6 +1296,7 @@
0x0e, 0xa4, 0xf3, 0x38, 0xbf, 0x18, 0xd5,
];
+/// User loaded non-authbond ca-certificates blob.
pub static LOADED_CACERT_NON_AUTHBOUND: &[u8] = &[
0x30, 0x82, 0x02, 0x26, 0x30, 0x82, 0x01, 0xab, 0xa0, 0x03, 0x02, 0x01, 0x02, 0x02, 0x0a, 0x05,
0x84, 0x20, 0x26, 0x90, 0x76, 0x23, 0x58, 0x71, 0x77, 0x30, 0x0a, 0x06, 0x08, 0x2a, 0x86, 0x48,