Add tests checking if key attributes are respected #135
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
These tests check: * asymmetric signature operations can only be done if they is of correct type * the specific algorithm used for those operations needs to be permitted * the usage flags of the key need to allow the operation Signed-off-by: Hugues de Valon <[email protected]>
hug-dev
force-pushed
the
key_attributes_tests
branch
from
39d25b7
to
ed2978c
Compare
ionut-arm
approved these changes
Mar 31, 2020
Comment on lines
+10
to
+50
| #[ignore] | ||
| #[test] | ||
| fn wrong_type() { | ||
| let mut client = TestClient::new(); | ||
| let key_name = String::from("wrong_type"); | ||
|
|
||
| // Wrong key type | ||
| let key_type = KeyType::Derive; | ||
| let permitted_algorithm = | ||
| Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign { | ||
| hash_alg: Hash::Sha256, | ||
| }); | ||
| let key_attributes = KeyAttributes { | ||
| key_type, | ||
| key_bits: 1024, | ||
| key_policy: KeyPolicy { | ||
| key_usage_flags: UsageFlags { | ||
| sign_hash: true, | ||
| verify_hash: false, | ||
| sign_message: false, | ||
| verify_message: false, | ||
| export: false, | ||
| encrypt: false, | ||
| decrypt: false, | ||
| cache: false, | ||
| copy: false, | ||
| derive: false, | ||
| }, | ||
| key_algorithm: permitted_algorithm, | ||
| }, | ||
| }; | ||
|
|
||
| client | ||
| .generate_key(key_name.clone(), key_attributes) | ||
| .unwrap(); | ||
| let status = client | ||
| .sign_with_rsa_sha256(key_name, vec![0xDE, 0xAD, 0xBE, 0xEF]) | ||
| .unwrap_err(); | ||
|
|
||
| assert_eq!(status, ResponseStatus::PsaErrorNotPermitted); | ||
| } |
Comment on lines
+102
to
+121
| let permitted_algorithm = Algorithm::Cipher(Cipher::Ctr); | ||
| let key_attributes = KeyAttributes { | ||
| key_type, | ||
| key_bits: 1024, | ||
| key_policy: KeyPolicy { | ||
| key_usage_flags: UsageFlags { | ||
| sign_hash: true, | ||
| verify_hash: false, | ||
| sign_message: false, | ||
| verify_message: false, | ||
| export: false, | ||
| encrypt: false, | ||
| decrypt: false, | ||
| cache: false, | ||
| copy: false, | ||
| derive: false, | ||
| }, | ||
| key_algorithm: permitted_algorithm, | ||
| }, | ||
| }; |
There was a problem hiding this comment.
I'm wondering if this should even be permitted to exist. Feels like the kind of thing we can enforce, because we know what is allowed and what isn't. We can't use type checking directly, but maybe we can use constructors (e.g. for KeyAttributes)
There was a problem hiding this comment.
True! Those things could be done as part of parallaxsecond/parsec-interface-rs#32
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
These tests check:
type
The tests are disabled for now until the checking feature is implemented.