Adding tests to verify grant and ungrant APIs.
- Grant a key to the user with DELETE access. Vefify that grantee can
delete the granted key successfully.
- Grant a key to the user. In grantee context try to grant this key to
another user. Test should fail with `PERMISSION_DENIED` error
response to grant a key to another user from grantee context for
designated key.
- Try to grant a key to the user with `GRANT` access. Test should fail with
`PERMISSION_DENIED` error response code. Keystore2 system must
not allow `GRANT` permission to be granted.
- Try to grant a non-existing key to the user. Test should fail to grant
a key with `KEY_NOT_FOUND` error response.
- Grant a key to the user and ungrant it before the grantee can use the
granted key. In grantee context while trying to use the granted key
`KEY_NOT_FOUND` error response is expected.
- Try to ungrant a non-existing key. Test should fail with
`KEY_NOT_FOUND` error response.
- Grant a key to multiple users. All grantees should be able to access
the key and use it for crypto operation.
- Grante a key to two users with GET_INFO|DELETE permissions. In one of
the grantee contexts delete the key. In another grantee context when
it tries to access the granted key, it should fail with
`KEY_NOT_FOUND` error response.
Bug: 194359114
Test: atest keystore2_client_test
Change-Id: I0bd6faeeaff2fa436413604dfbad67ea65dc8597
2 files changed