Loading security/keymint/aidl/vts/functional/KeyMintTest.cpp +37 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ #include <openssl/ec.h> #include <openssl/evp.h> #include <openssl/mem.h> #include <openssl/x509.h> #include <openssl/x509v3.h> #include <cutils/properties.h> Loading Loading @@ -1058,6 +1059,42 @@ TEST_P(NewKeyGenerationTest, RsaWithMissingValidity) { &key_blob, &key_characteristics)); } /* * NewKeyGenerationTest.RsaWithSpecifiedValidity * * Verifies that KeyMint respects specified NOT_BEFORE and NOT_AFTER certificate dates. */ TEST_P(NewKeyGenerationTest, RsaWithSpecifiedValidity) { vector<uint8_t> key_blob; vector<KeyCharacteristics> key_characteristics; ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_CERTIFICATE_NOT_BEFORE, 1183806000000 /* 2007-07-07T11:00:00Z */) .Authorization(TAG_CERTIFICATE_NOT_AFTER, 1916049600000 /* 2030-09-19T12:00:00Z */), &key_blob, &key_characteristics)); ASSERT_GT(cert_chain_.size(), 0); X509_Ptr cert(parse_cert_blob(cert_chain_[0].encodedCertificate)); ASSERT_TRUE(!!cert.get()); const ASN1_TIME* not_before = X509_get0_notBefore(cert.get()); ASSERT_NE(not_before, nullptr); time_t not_before_time; ASSERT_EQ(ASN1_TIME_to_time_t(not_before, ¬_before_time), 1); EXPECT_EQ(not_before_time, 1183806000); const ASN1_TIME* not_after = X509_get0_notAfter(cert.get()); ASSERT_NE(not_after, nullptr); time_t not_after_time; ASSERT_EQ(ASN1_TIME_to_time_t(not_after, ¬_after_time), 1); EXPECT_EQ(not_after_time, 1916049600); } /* * NewKeyGenerationTest.RsaWithAttestation * Loading Loading
security/keymint/aidl/vts/functional/KeyMintTest.cpp +37 −0 Original line number Diff line number Diff line Loading @@ -26,6 +26,7 @@ #include <openssl/ec.h> #include <openssl/evp.h> #include <openssl/mem.h> #include <openssl/x509.h> #include <openssl/x509v3.h> #include <cutils/properties.h> Loading Loading @@ -1058,6 +1059,42 @@ TEST_P(NewKeyGenerationTest, RsaWithMissingValidity) { &key_blob, &key_characteristics)); } /* * NewKeyGenerationTest.RsaWithSpecifiedValidity * * Verifies that KeyMint respects specified NOT_BEFORE and NOT_AFTER certificate dates. */ TEST_P(NewKeyGenerationTest, RsaWithSpecifiedValidity) { vector<uint8_t> key_blob; vector<KeyCharacteristics> key_characteristics; ASSERT_EQ(ErrorCode::OK, GenerateKey(AuthorizationSetBuilder() .RsaSigningKey(2048, 65537) .Digest(Digest::NONE) .Padding(PaddingMode::NONE) .Authorization(TAG_CERTIFICATE_NOT_BEFORE, 1183806000000 /* 2007-07-07T11:00:00Z */) .Authorization(TAG_CERTIFICATE_NOT_AFTER, 1916049600000 /* 2030-09-19T12:00:00Z */), &key_blob, &key_characteristics)); ASSERT_GT(cert_chain_.size(), 0); X509_Ptr cert(parse_cert_blob(cert_chain_[0].encodedCertificate)); ASSERT_TRUE(!!cert.get()); const ASN1_TIME* not_before = X509_get0_notBefore(cert.get()); ASSERT_NE(not_before, nullptr); time_t not_before_time; ASSERT_EQ(ASN1_TIME_to_time_t(not_before, ¬_before_time), 1); EXPECT_EQ(not_before_time, 1183806000); const ASN1_TIME* not_after = X509_get0_notAfter(cert.get()); ASSERT_NE(not_after, nullptr); time_t not_after_time; ASSERT_EQ(ASN1_TIME_to_time_t(not_after, ¬_after_time), 1); EXPECT_EQ(not_after_time, 1916049600); } /* * NewKeyGenerationTest.RsaWithAttestation * Loading
