@@ -125,7 +125,7 @@ use trussed::{
125125 client:: { ClientImplementation , FilesystemClient , HmacSha256 } ,
126126 service:: Service ,
127127 syscall, try_syscall,
128- types:: { Bytes , Location , PathBuf } ,
128+ types:: { Bytes , Location , Message , PathBuf } ,
129129 virt:: { self , Ram } ,
130130} ;
131131use trussed_auth:: { AuthClient as _, PinId , MAX_HW_KEY_LEN } ;
@@ -662,3 +662,30 @@ fn delete_all_pins() {
662662 assert ! ( result. is_err( ) ) ;
663663 } )
664664}
665+
666+ #[ test]
667+ fn application_key ( ) {
668+ run ( BACKENDS , |client| {
669+ let info1 = Message :: from_slice ( b"test1" ) . unwrap ( ) ;
670+ let info2 = Message :: from_slice ( b"test2" ) . unwrap ( ) ;
671+ let app_key1 = syscall ! ( client. get_application_key( info1. clone( ) ) ) . key ;
672+ let app_key2 = syscall ! ( client. get_application_key( info2) ) . key ;
673+ let mac1 = syscall ! ( client. sign_hmacsha256( app_key1, b"Some data" ) ) . signature ;
674+ let mac2 = syscall ! ( client. sign_hmacsha256( app_key2, b"Some data" ) ) . signature ;
675+ // Different info leads to different keys
676+ assert_ne ! ( mac1, mac2) ;
677+
678+ let app_key1_again = syscall ! ( client. get_application_key( info1. clone( ) ) ) . key ;
679+ let mac1_again = syscall ! ( client. sign_hmacsha256( app_key1_again, b"Some data" ) ) . signature ;
680+ // Same info leads to same key
681+ assert_eq ! ( mac1, mac1_again) ;
682+
683+ syscall ! ( client. delete_all_pins( ) ) ;
684+
685+ // After deletion same info leads to different keys
686+ let app_key1_after_delete = syscall ! ( client. get_application_key( info1) ) . key ;
687+ let mac1_after_delete =
688+ syscall ! ( client. sign_hmacsha256( app_key1_after_delete, b"Some data" ) ) . signature ;
689+ assert_ne ! ( mac1, mac1_after_delete) ;
690+ } )
691+ }
0 commit comments