2 * Copyright (c) 2015 -2020 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file test_encryption-scheme.cpp
18 * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
26 #define BOOST_TEST_MODULE KEY_MANAGER_SCHEME_TEST
27 #include <boost_macros_wrapper.h>
28 #include <boost/test/results_reporter.hpp>
29 #include <boost/test/unit_test.hpp>
30 #include <boost/test/unit_test_log.hpp>
32 #include <exception.h>
33 #include <key-provider.h>
34 #include <dpl/log/log.h>
35 #include <log-setup.h>
37 #include <colour_log_formatter.h>
38 #include "scheme-test.h"
43 // this is done to limit the amount of code included in binary
44 const int OLD_ENC_SCHEME = 0;
45 const int NEW_ENC_SCHEME = 1;
47 const char* const ONLYCAP = "/sys/fs/smackfs/onlycap";
49 class OnlycapFixture {
52 std::fstream file(ONLYCAP);
64 std::ofstream file(ONLYCAP);
69 std::string m_oldOnlycap;
75 boost::unit_test::unit_test_log.set_threshold_level(
76 boost::unit_test::log_test_units);
77 boost::unit_test::results_reporter::set_level(boost::unit_test::SHORT_REPORT);
78 boost::unit_test::unit_test_log.set_formatter(new CKM::colour_log_formatter);
85 struct KeyProviderLib {
89 KeyProvider::initializeLibrary();
90 } catch (const Exc::Exception &) {
91 std::cout << "Library initialization failed!" << std::endl;
97 KeyProvider::closeLibrary();
98 } catch (const Exc::Exception &) {
99 std::cout << "Library deinitialization failed!" << std::endl;
107 SetupClientLogSystem();
108 Singleton<Log::LogSystem>::Instance().SetTag("CKM_SCHEME_TESTS");
113 } // namespace anonymous
115 BOOST_GLOBAL_FIXTURE(KeyProviderLib);
116 BOOST_GLOBAL_FIXTURE(TestConfig);
117 BOOST_GLOBAL_FIXTURE(LogSetup);
118 BOOST_FIXTURE_TEST_SUITE(ENCRYPTION_SCHEME_TEST, OnlycapFixture)
120 // Test database should have the old scheme
121 POSITIVE_TEST_CASE(T010_Check_old_scheme)
127 test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
130 POSITIVE_TEST_CASE(T1111_Alias_Info_old_scheme)
136 test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
137 test.CheckAliasInfo();
139 test.CheckAliasInfo();
142 // Newly written data should use the new scheme
143 POSITIVE_TEST_CASE(T020_Check_new_scheme)
146 test.RemoveUserData();
150 test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
153 POSITIVE_TEST_CASE(T030_Remove_old_scheme)
159 size_t aliases = test.CountObjects();
160 BOOST_REQUIRE_MESSAGE(aliases == 0, "All aliases should be removed");
163 POSITIVE_TEST_CASE(T040_Remove_new_scheme)
166 test.RemoveUserData();
170 size_t aliases = test.CountObjects();
171 BOOST_REQUIRE_MESSAGE(aliases == 0, "All aliases should be removed");
174 // Reading old db should reencrypt objects with new scheme
175 POSITIVE_TEST_CASE(T100_Read)
182 filter.exportableOnly = true;
183 test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
186 POSITIVE_TEST_CASE(T110_Count_objects_after_read)
190 size_t orig = test.CountObjects();
191 BOOST_REQUIRE_MESSAGE(orig > 0, "No objects in db");
195 size_t current = test.CountObjects();
196 BOOST_REQUIRE_MESSAGE(current == orig,
197 "Original number of objects: " << orig << " Current: " << current);
200 // Reading old db with incorrect passwords should leave the scheme unchanged
201 NEGATIVE_TEST_CASE(T120_Read_wrong_pass)
208 test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
211 // Signing/verification should reencrypt objects with new scheme
212 POSITIVE_TEST_CASE(T200_SignVerify)
218 ItemFilter filter(DataType::KEY_RSA_PUBLIC, DataType::KEY_RSA_PRIVATE);
219 test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
222 // Encryption/decryption should reencrypt objects with new scheme
223 POSITIVE_TEST_CASE(T210_EncryptDecrypt)
227 test.EncryptDecrypt();
229 ItemFilter filter1(DataType::KEY_RSA_PUBLIC, DataType::KEY_RSA_PRIVATE);
230 test.CheckSchemeVersion(filter1, NEW_ENC_SCHEME);
232 ItemFilter filter2(DataType::KEY_AES);
233 test.CheckSchemeVersion(filter2, NEW_ENC_SCHEME);
236 // Chain creation should reencrypt objects with new scheme
237 POSITIVE_TEST_CASE(T220_CreateChain)
243 // non exportable certificates and certificates protected with passwords can't be used for chain
245 ItemFilter filter1(DataType::CERTIFICATE);
246 filter1.exportableOnly = true;
247 filter1.noPassword = true;
248 test.CheckSchemeVersion(filter1, NEW_ENC_SCHEME);
250 ItemFilter filter2(DataType::CHAIN_CERT_0, DataType::CHAIN_CERT_15);
251 filter2.exportableOnly = true;
252 filter2.noPassword = true;
253 test.CheckSchemeVersion(filter2, NEW_ENC_SCHEME);
256 BOOST_AUTO_TEST_SUITE_END()