[ckm] Refactor TestData to replace cert easily
[platform/core/test/security-tests.git] / src / ckm / privileged / main.cpp
1 /*
2  *  Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
3  *
4  *  Licensed under the Apache License, Version 2.0 (the "License");
5  *  you may not use this file except in compliance with the License.
6  *  You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  *  Unless required by applicable law or agreed to in writing, software
11  *  distributed under the License is distributed on an "AS IS" BASIS,
12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  *  See the License for the specific language governing permissions and
14  *  limitations under the License
15  */
16 #include <netdb.h>
17
18 #include <dpl/test/test_runner.h>
19 #include <dpl/test/test_runner_child.h>
20
21 #include <tests_common.h>
22 #include <test-certs.h>
23 #include <access_provider2.h>
24 #include <ckm-common.h>
25 #include <ckm-privileged-common.h>
26
27 #include <ckm/ckm-manager.h>
28 #include <ckm/ckm-control.h>
29 #include <ckm/ckm-password.h>
30 #include <ckm/ckm-type.h>
31 #include <ckm/ckm-pkcs12.h>
32
33 #include <fstream>
34
35 #include <openssl/x509.h>
36 #include <openssl/x509v3.h>
37
38 namespace {
39 const int USER_APP = 5000;
40 const int GROUP_APP = 5000;
41
42 const int USER_APP_2 = 5020;
43 const int USER_APP_3 = 5030;
44
45 const char * const APP_PASS  = "user-pass";
46 const int USER_TEST = 5001;
47
48 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
49 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
50 } // namespace anonymous
51
52 /*
53  *  How to numerate tests:
54  *  TABCD_NAME
55  *  T - test case (always T)
56  *  AB - number of test group (always two digits)
57  *  C - test number in group (all tests with same TABC must be run in the same time).
58  *  D - subtest.
59  */
60
61 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
62
63 RUNNER_TEST(T1510_init_unlock_key)
64 {
65     reset_user_data(USER_TEST, APP_PASS);
66 }
67
68 RUNNER_TEST(T1511_insert_data)
69 {
70     auto certee = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
71     auto certim = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
72     CKM::Alias certeeAlias("CertEE");
73     CKM::Alias certimAlias("CertIM");
74     {
75         ScopedDBUnlock unlock(USER_TEST, APP_PASS);
76         ScopedAccessProvider ap(TEST_LABEL);
77         ap.allowAPI("key-manager::api-storage", "rw");
78         ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
79
80         auto manager = CKM::Manager::create();
81         RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
82         RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
83     }
84
85     // restart CKM
86     stop_service(MANAGER);
87     start_service(MANAGER);
88
89     // actual test
90     {
91         ScopedDBUnlock unlock(USER_TEST, APP_PASS);
92         ScopedAccessProvider ap(TEST_LABEL);
93         ap.allowAPI("key-manager::api-storage", "rw");
94         ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
95
96         auto manager = CKM::Manager::create();
97         int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
98         int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
99         RUNNER_ASSERT_MSG(
100             CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
101             "Certificate should be in database already. Error=" << CKMErrorToString(status1));
102         RUNNER_ASSERT_MSG(
103             CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
104             "Certificate should be in database already. Error=" << CKMErrorToString(status2));
105     }
106 }
107
108 RUNNER_TEST(T1519_deinit)
109 {
110     remove_user_data(USER_TEST);
111 }
112
113 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
114
115 RUNNER_TEST(T1701_init_unlock_key)
116 {
117     unlock_user_data(USER_TEST+1, "t170-special-password");
118
119     ScopedAccessProvider ap(TEST_LABEL);
120     ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
121 }
122
123 RUNNER_CHILD_TEST(T1702_insert_data)
124 {
125     int temp;
126     ScopedAccessProvider ap(TEST_LABEL);
127     ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
128
129     auto certee = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
130
131     auto manager = CKM::Manager::create();
132     size_t current_aliases_num = count_aliases(ALIAS_CERT);
133     int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
134
135     RUNNER_ASSERT_MSG(
136         CKM_API_SUCCESS == status1,
137         "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
138
139     CKM::AliasVector av;
140     RUNNER_ASSERT_MSG(
141         CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
142         "Error=" << CKMErrorToString(temp));
143     RUNNER_ASSERT_MSG(
144         (current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
145         "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
146 }
147
148 RUNNER_TEST(T1703_removeApplicationData)
149 {
150     int tmp;
151     auto control = CKM::Control::create();
152     RUNNER_ASSERT_MSG(
153         CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL)),
154         "Error=" << CKMErrorToString(tmp));
155 }
156
157 RUNNER_CHILD_TEST(T1704_data_test)
158 {
159     int temp;
160     ScopedAccessProvider ap(TEST_LABEL);
161     ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
162
163     CKM::AliasVector av;
164     auto manager = CKM::Manager::create();
165
166     RUNNER_ASSERT_MSG(
167         CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
168         "Error=" << CKMErrorToString(temp));
169     RUNNER_ASSERT_MSG(
170         0 == (temp = av.size()),
171         "Vector size: " << temp << ". Expected: 0");
172 }
173
174 RUNNER_TEST(T1705_deinit)
175 {
176     remove_user_data(USER_TEST+1);
177 }
178
179 RUNNER_TEST(T17101_init)
180 {
181     int tmp;
182
183     auto control = CKM::Control::create();
184     RUNNER_ASSERT_MSG(
185         CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
186         "Error=" << CKMErrorToString(tmp));
187     RUNNER_ASSERT_MSG(
188         CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
189         "Error=" << CKMErrorToString(tmp));
190     RUNNER_ASSERT_MSG(
191         CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
192         "Error=" << CKMErrorToString(tmp));
193
194     RUNNER_ASSERT_MSG(
195         CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
196         "Error=" << CKMErrorToString(tmp));
197     RUNNER_ASSERT_MSG(
198         CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
199         "Error=" << CKMErrorToString(tmp));
200     RUNNER_ASSERT_MSG(
201          CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
202          "Error=" << CKMErrorToString(tmp));
203 }
204
205 RUNNER_CHILD_TEST(T17102_prep_data_01)
206 {
207     int temp;
208     ScopedAccessProvider ap(TEST_LABEL);
209     ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
210
211     CKM::AliasVector av;
212     auto manager = CKM::Manager::create();
213
214     std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
215
216     CKM::RawBuffer buffer(data.begin(), data.end());
217     CKM::Policy exportable(CKM::Password(), true);
218
219     RUNNER_ASSERT_MSG(
220         CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
221         "Error=" << CKMErrorToString(temp));
222 }
223
224 RUNNER_CHILD_TEST(T17103_prep_data_02)
225 {
226     int temp;
227     ScopedAccessProvider ap(TEST_LABEL_2);
228     ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
229
230     CKM::AliasVector av;
231     auto manager = CKM::Manager::create();
232
233     std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
234
235     CKM::RawBuffer buffer(data.begin(), data.end());
236     CKM::Policy exportable(CKM::Password(), true);
237
238     RUNNER_ASSERT_MSG(
239         CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
240         "Error=" << CKMErrorToString(temp));
241 }
242
243 RUNNER_CHILD_TEST(T17104_prep_data_03)
244 {
245     int temp;
246     ScopedAccessProvider ap(TEST_LABEL);
247     ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
248
249     CKM::AliasVector av;
250     auto manager = CKM::Manager::create();
251
252     std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
253
254     CKM::RawBuffer buffer(data.begin(), data.end());
255     CKM::Policy exportable(CKM::Password(), true);
256
257     RUNNER_ASSERT_MSG(
258         CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
259         "Error=" << CKMErrorToString(temp));
260 }
261
262 RUNNER_CHILD_TEST(T17105_prep_data_04)
263 {
264     int temp;
265     ScopedAccessProvider ap(TEST_LABEL_2);
266     ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
267
268     CKM::AliasVector av;
269     auto manager = CKM::Manager::create();
270
271     std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
272
273     CKM::RawBuffer buffer(data.begin(), data.end());
274     CKM::Policy exportable(CKM::Password(), true);
275
276     RUNNER_ASSERT_MSG(
277         CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
278         "Error=" << CKMErrorToString(temp));
279 }
280
281 RUNNER_TEST(T17106_remove_application)
282 {
283     int tmp;
284
285     auto control = CKM::Control::create();
286     RUNNER_ASSERT_MSG(
287         CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
288         "Error=" << CKMErrorToString(tmp));
289     RUNNER_ASSERT_MSG(
290         CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL)),
291         "Error=" << CKMErrorToString(tmp));
292 }
293
294 RUNNER_CHILD_TEST(T17107_check_data_01)
295 {
296     int temp;
297     ScopedAccessProvider ap(TEST_LABEL);
298     ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
299
300     CKM::AliasVector av;
301     auto manager = CKM::Manager::create();
302
303     RUNNER_ASSERT_MSG(
304         CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
305         "Error=" << CKMErrorToString(temp));
306     RUNNER_ASSERT_MSG(
307         0 == (temp = av.size()),
308         "Vector size: " << temp << ". Expected: 0");
309 }
310
311 RUNNER_CHILD_TEST(T17108_check_data_02)
312 {
313     int temp;
314     ScopedAccessProvider ap(TEST_LABEL_2);
315     ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
316
317     CKM::AliasVector av;
318     auto manager = CKM::Manager::create();
319
320     RUNNER_ASSERT_MSG(
321         CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
322         "Error=" << CKMErrorToString(temp));
323     RUNNER_ASSERT_MSG(
324         1 == (temp = av.size()),
325         "Vector size: " << temp << ". Expected: 1");
326 }
327
328 RUNNER_TEST(T17109_unlock_user2)
329 {
330     int tmp;
331
332     auto control = CKM::Control::create();
333     RUNNER_ASSERT_MSG(
334          CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
335          "Error=" << CKMErrorToString(tmp));
336 }
337
338 RUNNER_CHILD_TEST(T17110_check_data_03)
339 {
340     int temp;
341     ScopedAccessProvider ap(TEST_LABEL);
342     ap.allowAPI("key-manager::api-storage", "rw");
343     ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
344
345     CKM::AliasVector av;
346     auto manager = CKM::Manager::create();
347
348     RUNNER_ASSERT_MSG(
349         CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
350         "Error=" << CKMErrorToString(temp));
351     RUNNER_ASSERT_MSG(
352         0 == (temp = av.size()),
353         "Vector size: " << temp << ". Expected: 0");
354 }
355
356 RUNNER_CHILD_TEST(T17111_check_data_04)
357 {
358     int temp;
359     ScopedAccessProvider ap(TEST_LABEL_2);
360     ap.allowAPI("key-manager::api-storage", "rw");
361     ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
362
363     CKM::AliasVector av;
364     auto manager = CKM::Manager::create();
365
366     RUNNER_ASSERT_MSG(
367         CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
368         "Error=" << CKMErrorToString(temp));
369     RUNNER_ASSERT_MSG(
370         1 == (temp = av.size()),
371         "Vector size: " << temp << ". Expected: 1");
372 }
373
374 RUNNER_TEST(T17112_deinit)
375 {
376     remove_user_data(USER_TEST+2);
377     remove_user_data(USER_TEST+3);
378 }
379
380 int main(int argc, char *argv[])
381 {
382     return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
383 }