crypto: add in additional keyring functionality

This commit adds in the FindPolicyKey and RemovePolicyKey functions to
complement the InsertPolicyKey function. The existing functions were
also refactored slightly.

Change-Id: Iabd275f2186a9e3023d5efd44c772966123e3657

1 files changed, 8 insertions, 2 deletions

diff --git a/crypto/crypto_test.go b/crypto/crypto_test.go
index 674baeb..2141fb8 100644
--- a/crypto/crypto_test.go
+++ b/crypto/crypto_test.go
@@ -234,24 +234,30 @@ func TestKeyLargeResize(t *testing.T) {
 	}
 }
 
-// Adds a key with and without legacy (check keyctl to see the key identifiers).
-func TestAddKeys(t *testing.T) {
+// Adds and removes a key with various services.
+func TestAddRemoveKeys(t *testing.T) {
 	for _, service := range []string{ServiceDefault, ServiceExt4, ServiceF2FS} {
 		if err := InsertPolicyKey(fakeValidPolicyKey, fakeValidDescriptor, service); err != nil {
 			t.Error(err)
 		}
+		if err := RemovePolicyKey(fakeValidDescriptor, service); err != nil {
+			t.Error(err)
+		}
 	}
 }
 
 // Makes sure a key fails with bad descriptor, policy, or service
 func TestBadAddKeys(t *testing.T) {
 	if InsertPolicyKey(fakeInvalidPolicyKey, fakeValidDescriptor, ServiceDefault) == nil {
+		RemovePolicyKey(fakeValidDescriptor, ServiceDefault)
 		t.Error("InsertPolicyKey should fail with bad policy key")
 	}
 	if InsertPolicyKey(fakeValidPolicyKey, fakeInvalidDescriptor, ServiceDefault) == nil {
+		RemovePolicyKey(fakeInvalidDescriptor, ServiceDefault)
 		t.Error("InsertPolicyKey should fail with bad descriptor")
 	}
 	if InsertPolicyKey(fakeValidPolicyKey, fakeValidDescriptor, "ext4") == nil {
+		RemovePolicyKey(fakeValidDescriptor, "ext4")
 		t.Error("InsertPolicyKey should fail with bad service")
 	}
 }