Merge branch 'tizen' into yaca

[platform/core/test/security-tests.git] / src / ckm-integration / group02.cpp

/*
 *  Copyright (c) 2015 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License
 */
/*
 * @file       group02.cpp
 * @author     Bartlomiej Grzelewski (b.grzelewski@samsung.com)
 * @version    1.0
 */

#include <sys/types.h>
#include <unistd.h>
#include <ckm-common.h>

#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>

#include <ckm/ckm-manager.h>
#include <ckm/ckm-control.h>
#include <ckm/ckm-password.h>
#include <ckm/ckm-type.h>

#include <ckm-policy.h>

typedef ProcessSettings::Executor<
    CKMPolicy,
    ProcessSettings::CreateUser,
    ProcessSettings::UnlockCkm,
    ProcessSettings::InstallApp,
    ProcessSettings::ChangeSmack,
    ProcessSettings::ChangeUid> PS;

typedef ProcessSettings::Executor<
    CKMPolicy,
    ProcessSettings::CreateUser,
    ProcessSettings::UnlockCkm,
    ProcessSettings::InstallApp,
    ProcessSettings::ChangeSmack> PSNoUid;

typedef ProcessSettings::Executor<
    CKMPolicy,
    ProcessSettings::ChangeUid> PSUid;

RUNNER_TEST_GROUP_INIT(GROUP_02_IntegrationStorageApiWithCynara);

RUNNER_CHILD_TEST(G02T01_StorageNegative) {
    RUNNER_IGNORED_MSG("Cynara integration with CKM Storage API was canceled.");
    // We are ordinary user without any privileges.
    // Cynara should deny all accesses.
    PS ps("PkgIdG02T01", "UserG02T01", PrivNone);
    ps.Apply();

    int temp;
    auto manager = CKM::Manager::create();
    std::string data = "Custom data";
    CKM::RawBuffer rawBuffer(data.begin(), data.end());
    CKM::RawBuffer output;
    const char *alias = "dataG02T01";

    RUNNER_ASSERT_MSG(
        CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, rawBuffer, CKM::Policy())),
        "Error=" << CKM::APICodeToString(temp));

    RUNNER_ASSERT_MSG(
        CKM_API_ERROR_ACCESS_DENIED == (temp = manager->getData(alias, CKM::Password(), output)),
        "Error=" << CKM::APICodeToString(temp));
}

RUNNER_CHILD_TEST(G02T02_StoragePositive) {
    RUNNER_IGNORED_MSG("Cynara integration with CKM Storage API was canceled.");
    // We are root. We will be allowed.
    int temp;
    auto manager = CKM::Manager::create();
    std::string data = "Custom data";
    CKM::RawBuffer rawBuffer(data.begin(), data.end());
    CKM::RawBuffer output;
    const char *alias = "/System dataG02T02";

    // This funciton may return error.
    manager->removeAlias(alias);

    RUNNER_ASSERT_MSG(
        CKM_API_SUCCESS == (temp = manager->saveData(alias, rawBuffer, CKM::Policy())),
        "Error=" << CKM::APICodeToString(temp));

    RUNNER_ASSERT_MSG(
        CKM_API_SUCCESS == (temp = manager->getData(alias, CKM::Password(), output)),
        "Error=" << CKM::APICodeToString(temp));

    RUNNER_ASSERT_MSG(rawBuffer == output, "Data mismatch.");
}

RUNNER_CHILD_TEST(G02T03_StoragePositive) {
    RUNNER_IGNORED_MSG("Cynara integration with CKM Storage API was canceled.");
    // We are oridinary user with proper privileges.
    PS ps("PkgIdG02T03", "UserG02T03", PrivCKMStore);
    ps.Apply();

    int temp;
    auto manager = CKM::Manager::create();
    std::string data = "Custom data";
    CKM::RawBuffer rawBuffer(data.begin(), data.end());
    CKM::RawBuffer output;
    const char *dataAlias = "dataG02T03";

    RUNNER_ASSERT_MSG(
        CKM_API_SUCCESS == (temp = manager->saveData(dataAlias, rawBuffer, CKM::Policy())),
        "Error=" << CKM::APICodeToString(temp));

    RUNNER_ASSERT_MSG(
        CKM_API_SUCCESS == (temp = manager->getData(dataAlias, CKM::Password(), output)),
        "Error=" << CKM::APICodeToString(temp));

    RUNNER_ASSERT_MSG(rawBuffer == output, "Data mismatch.");
}

RUNNER_CHILD_TEST(G02T04_StorageNegative) {
    RUNNER_IGNORED_MSG("Cynara integration with CKM Storage API was canceled.");
    // There is some user with privileges but we are
    // are ordinary user without any.
    // Cynara should deny all accesses.
    PSNoUid ps("PkgIdG02T04", "UserG02T04", PrivCKMBoth);
    ps.Apply();

    PSUid ps2("", "", PrivNone);
    ps2.SetUid(ps.GetUid()+1);
    ps2.Apply();

    int temp;
    auto manager = CKM::Manager::create();
    std::string data = "Custom data";
    CKM::RawBuffer rawBuffer(data.begin(), data.end());
    CKM::RawBuffer output;
    const char *alias = "dataG02T04";

    RUNNER_ASSERT_MSG(
        CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, rawBuffer, CKM::Policy())),
        "Error=" << CKM::APICodeToString(temp));

    RUNNER_ASSERT_MSG(
        CKM_API_ERROR_ACCESS_DENIED == (temp = manager->getData(alias, CKM::Password(), output)),
        "Error=" << CKM::APICodeToString(temp));
}

RUNNER_CHILD_TEST(G02T05_StorageNegative) {
    RUNNER_IGNORED_MSG("Cynara integration with CKM Storage API was canceled.");
    // We have wrong privilege.
    // Cynara should deny all accesses to storage.
    PSNoUid ps("PkgIdG02T05", "UserG02T05", PrivCKMControl);
    ps.Apply();

    int temp;
    auto manager = CKM::Manager::create();
    std::string data = "Custom data";
    CKM::RawBuffer rawBuffer(data.begin(), data.end());
    CKM::RawBuffer output;
    const char *alias = "dataG02T05";

    RUNNER_ASSERT_MSG(
        CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, rawBuffer, CKM::Policy())),
        "Error=" << CKM::APICodeToString(temp));

    RUNNER_ASSERT_MSG(
        CKM_API_ERROR_ACCESS_DENIED == (temp = manager->getData(alias, CKM::Password(), output)),
        "Error=" << CKM::APICodeToString(temp));
}