Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / f436a9326c19134f6f7e0a06b7221f64915a6b4b^! / . / keystore2 / test_utils / authorizations.rs
commitf436a9326c19134f6f7e0a06b7221f64915a6b4b[log] [tgz]
authorRajesh Nyamagoud <nyamagoud@google.com>Fri May 12 01:16:07 2023 +0000
committerRajesh Nyamagoud <nyamagoud@google.com>Mon Oct 09 21:44:48 2023 +0000
tree91b2279d3cf13e7a0f57a496c6fc4ead2a3a0ed6
parent75dfa0c2ec8c93cc5b064838401fef32a07147ab [diff] [blame]
Adding tests using `MAX_USES_PER_BOOT`, `EARLY_BOOT_ONLY`, `BOOTLOADER_ONLY` and `USAGE_COUNT_LIMIT`

1. Generate a key with `BOOTLOADER_ONLY` tag. Test should successfully
   generate a key and verify the key characteristics. Test should fail
   with error code `INVALID_KEY_BLOB` during creation of an operation
   using this key.

2. Generate a key with `EARLY_BOOT_ONLY` tag. Test should successfully
   generate a key and verify the key characteristics. Test should fail
   with error code `EARLY_BOOT_ENDED` during creation of an operation
   using this key.

3. Generate a key with `MAX_USES_PER_BOOT` tag. Test should successfully
   generate a key and verify the key characteristics. Test should be
   able to use the key successfully `MAX_USES_COUNT` times. After
   exceeding key usage `MAX_USES_COUNT` times subsequent attempts to use
   the key in test should fail with error code `MAX_OPS_EXCEEDED`.

4. Generate a key with `USAGE_COUNT_LIMIT` tag. Test should successfully
   generate a key and verify the key characteristics. Test should be
   able to use the key successfully `MAX_USES_COUNT` times. After
   exceeding key usage `MAX_USES_COUNT` times subsequent attempts to use
   the key in test should fail with error code `KEY_NOT_FOUND`. Test
   should also check attest record for attested keys that
   `USAGE_COUNT_LIMIT` is included in attest record.

Bug: 279721870
Test: atest keystore2_client_tests
Change-Id: I205964b571d92dc0fcbd11b1f6d45bc3aea7c050

diff --git a/keystore2/test_utils/authorizations.rs b/keystore2/test_utils/authorizations.rs
index aa75982..b73aab5 100644
--- a/keystore2/test_utils/authorizations.rs
+++ b/keystore2/test_utils/authorizations.rs

@@ -269,6 +269,42 @@
         });
         self
     }
+
+    /// Set boot loader only.
+    pub fn boot_loader_only(mut self) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::BOOTLOADER_ONLY,
+            value: KeyParameterValue::BoolValue(true),
+        });
+        self
+    }
+
+    /// Set early boot only.
+    pub fn early_boot_only(mut self) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::EARLY_BOOT_ONLY,
+            value: KeyParameterValue::BoolValue(true),
+        });
+        self
+    }
+
+    /// Set max uses per boot.
+    pub fn max_uses_per_boot(mut self, max_uses: i32) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::MAX_USES_PER_BOOT,
+            value: KeyParameterValue::Integer(max_uses),
+        });
+        self
+    }
+
+    /// Set max usage count.
+    pub fn usage_count_limit(mut self, usage_count: i32) -> Self {
+        self.0.push(KeyParameter {
+            tag: Tag::USAGE_COUNT_LIMIT,
+            value: KeyParameterValue::Integer(usage_count),
+        });
+        self
+    }
 }
 
 impl Deref for AuthSetBuilder {