diff options
Diffstat (limited to 'security/keymint/aidl/vts/functional/KeyMintTest.cpp')
| -rw-r--r-- | security/keymint/aidl/vts/functional/KeyMintTest.cpp | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/security/keymint/aidl/vts/functional/KeyMintTest.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp index 49fe5fbea5..5b80b6fac0 100644 --- a/security/keymint/aidl/vts/functional/KeyMintTest.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -3355,6 +3355,26 @@ TEST_P(ImportKeyTest, RsaPublicExponentMismatch) { } /* + * ImportKeyTest.RsaAttestMultiPurposeFail + * + * Verifies that importing an RSA key pair with purpose ATTEST_KEY+SIGN fails. + */ +TEST_P(ImportKeyTest, RsaAttestMultiPurposeFail) { + uint32_t key_size = 2048; + string key = rsa_2048_key; + + ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE, + ImportKey(AuthorizationSetBuilder() + .Authorization(TAG_NO_AUTH_REQUIRED) + .RsaSigningKey(key_size, 65537) + .AttestKey() + .Digest(Digest::SHA_2_256) + .Padding(PaddingMode::RSA_PSS) + .SetDefaultValidity(), + KeyFormat::PKCS8, key)); +} + +/* * ImportKeyTest.EcdsaSuccess * * Verifies that importing and using an ECDSA P-256 key pair works correctly. @@ -3473,6 +3493,22 @@ TEST_P(ImportKeyTest, EcdsaCurveMismatch) { } /* + * ImportKeyTest.EcdsaAttestMultiPurposeFail + * + * Verifies that importing and using an ECDSA P-256 key pair with purpose ATTEST_KEY+SIGN fails. + */ +TEST_P(ImportKeyTest, EcdsaAttestMultiPurposeFail) { + ASSERT_EQ(ErrorCode::INCOMPATIBLE_PURPOSE, + ImportKey(AuthorizationSetBuilder() + .Authorization(TAG_NO_AUTH_REQUIRED) + .EcdsaSigningKey(EcCurve::P_256) + .AttestKey() + .Digest(Digest::SHA_2_256) + .SetDefaultValidity(), + KeyFormat::PKCS8, ec_256_key)); +} + +/* * ImportKeyTest.AesSuccess * * Verifies that importing and using an AES key works. |