tests/internals.cpp

   1 /*
   2  *  Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *  Licensed under the Apache License, Version 2.0 (the "License");
   5  *  you may not use this file except in compliance with the License.
   6  *  You may obtain a copy of the License at
   7  *
   8  *      http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *  Unless required by applicable law or agreed to in writing, software
  11  *  distributed under the License is distributed on an "AS IS" BASIS,
  12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *  See the License for the specific language governing permissions and
  14  *  limitations under the License
  15  *
  16  *
  17  * @file        internals.cpp
  18  * @author      Dongsun Lee (ds73.lee@samsung.com)
  19  *              Kyungwook Tak (k.tak@samsung.com)
  20  * @version     2.0
  21  * @brief       internal functions test
  22  */
  23 #include "web_app_enc.h"
  24
  25 #include <string>
  26 #include <cstring>
  27 #include <unistd.h>
  28
  29 #include <boost/test/unit_test.hpp>
  30
  31 #include "key_handler.h"
  32 #include "crypto_service.h"
  33
  34 #include "test-common.h"
  35
  36 namespace {
  37
  38 using rb_raii = std::unique_ptr<raw_buffer_s, void(*)(raw_buffer_s *)>;
  39 using ce_raii = std::unique_ptr<crypto_element_s, void(*)(crypto_element_s *)>;
  40 using map_raii = std::unique_ptr<crypto_element_map_s, void(*)(crypto_element_map_s *)>;
  41
  42 inline rb_raii _safe(raw_buffer_s *ptr)
  43 {
  44         return rb_raii(ptr, buffer_destroy);
  45 }
  46
  47 inline ce_raii _safe(crypto_element_s *ptr)
  48 {
  49         return ce_raii(ptr, crypto_element_destroy);
  50 }
  51
  52 inline map_raii _safe(crypto_element_map_s *ptr)
  53 {
  54         return map_raii(ptr, crypto_element_map_destroy);
  55 }
  56
  57 crypto_element_s *_create_ce(void)
  58 {
  59         raw_buffer_s *dek = buffer_create(32);
  60         raw_buffer_s *iv = buffer_create(16);
  61         crypto_element_s *ce = crypto_element_create(dek, iv);
  62
  63         if (ce == nullptr) {
  64                 buffer_destroy(dek);
  65                 buffer_destroy(iv);
  66         } else if (_get_random(ce->dek) != WAE_ERROR_NONE) {
  67                 crypto_element_destroy(ce);
  68                 ce = nullptr;
  69         } else if (_get_random(ce->iv) != WAE_ERROR_NONE) {
  70                 crypto_element_destroy(ce);
  71                 ce = nullptr;
  72         }
  73
  74         BOOST_REQUIRE(ce != nullptr);
  75
  76         return ce;
  77 }
  78
  79 }
  80
  81 BOOST_AUTO_TEST_SUITE(SYSTEM)
  82
  83 BOOST_AUTO_TEST_SUITE(INTERNALS)
  84
  85 BOOST_AUTO_TEST_CASE(encrypt_decrypt_app_dek)
  86 {
  87         const char *private_key =
  88                 "-----BEGIN RSA PRIVATE KEY-----\n"
  89                 "MIIEpgIBAAKCAQEA0kWtjpRO7Zh2KX2naVE/BDJdrfwK9xexfNA0MkY2VJ4J2AKM\n"
  90                 "YTj1D1jntceryupCEHOvP3rum+WsFvPXduz9+VKnSsSqj4jcTUubtpDUGA5G79Iq\n"
  91                 "LEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq8JkqBPoCCwtUs73ruE9VbtsBO/kT\n"
  92                 "lASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCwS2OTvQDNvsXfFnA0ZJEEYw/rZLir\n"
  93                 "j7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12YxqHdy7gnJXodLhvE/cR4SN9VW7+qmC\n"
  94                 "MBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4+wIDAQABAoIBAQCwxqV/vc2RUGDe\n"
  95                 "xuXM0+IvrAw37jJlw4SS0xNexMp+XxMViCbuwYy851h96azS/himbiuCKd6aL/96\n"
  96                 "mGunbtyiFEvSvv5Jh5z2Wr9BQAcfZjla+4w7BIsg9UNifE/OfgLsQBu34xhsHtfK\n"
  97                 "7nFehCOl/I5n+qtnD5KZPe0DWacQdwY4vEAj6YyXdb2bBg+MiwE9KVxGEIUDbklh\n"
  98                 "Is70JXczjLZCS+lIpOKh0/lbZmBZePoUbVTtS+GvtPTpQC/aTHRkwGoEtuPEWpbL\n"
  99                 "0Q1d6zO+vDJVLJlb5FF2haghs8IlqAxkkPjeUTNye+WktRrDQxmPu/blbxQrygfq\n"
 100                 "Au5tBnsxAoGBAOiVtcpg32puo3Yq2Y78oboe9PuHaQP0d3DhwP3/7J0BeNslpjW7\n"
 101                 "E1LWsVsCanxTE8XPUdFfAWgMk7lQqESN0wawGmSmWk+eQPZdjHanBaC8vh7aKjo6\n"
 102                 "q9FdT1DKjrRi23QyDco3f3E7hvM93IAAhw1ikNu8DT19JAxtdeMh5WAZAoGBAOdw\n"
 103                 "6neEvIFXh3RWEv2/GKVhVR8mxDqxmuFdXpOF+YWsK0Tg4uC8jm9kUGnwXgT2Mjke\n"
 104                 "oAwYAFcRbHQQGsxy/vkV16kv4aurTE2hMpjeXCAakwV0Pi2w1f9WnDokjgORkOmc\n"
 105                 "+QK9I8egdFPMVDfQjhLslhSUY0Eb4qcJ6q9WxfQzAoGBANSsAFybk+7oWAO3TtQW\n"
 106                 "YXOk1vIgcYAyS/0mEKixGZS/QdlxZbf/5b17nxTO8rvX416fIftG2ixgQ7vR6us0\n"
 107                 "m9+jq56ZFj9zP4eHJudf9h9yNo5TgwVXnMCGh/4iGbcMJgrrsfxUHu5VNiK5UCSj\n"
 108                 "VtqAZGDoZVryUMIkXQVhezIRAoGBAN7QUIqcGbcUA24257Wu4hVlrUN+WPCAyDEr\n"
 109                 "aL/x/ZV5eXaoYwQlw6LuGpTDOmDgfN2M5FyARuOL/LOIRaSLGXnIU4WoeUSCd8VM\n"
 110                 "6Z9Og7bMnrpjfPEUDBH02hcH1kkNPUwLOZgva2Dm0tdSIcpSWFVTu/E4Io4uQHi8\n"
 111                 "DVqc2ZsNAoGBAJT76ezXNSSv8hnrKqTpwgTicpqhRZ3eFQjyl4HRL26AJMKv++x8\n"
 112                 "4/IsVIwxaHzpbN3nnCjmAHV4gX9YpxVnvYcZflC9WZeDkwNMLmPYb3Zg27EzSMfQ\n"
 113                 "8yrfWJZo3qobipcHf1yohAt4fHk9kUKtPHEwp0xKe//rfhswLb3VCzvQ\n"
 114                 "-----END RSA PRIVATE KEY-----";
 115
 116         const char *public_key =
 117                 "-----BEGIN PUBLIC KEY-----\n"
 118                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kWtjpRO7Zh2KX2naVE/\n"
 119                 "BDJdrfwK9xexfNA0MkY2VJ4J2AKMYTj1D1jntceryupCEHOvP3rum+WsFvPXduz9\n"
 120                 "+VKnSsSqj4jcTUubtpDUGA5G79IqLEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq\n"
 121                 "8JkqBPoCCwtUs73ruE9VbtsBO/kTlASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCw\n"
 122                 "S2OTvQDNvsXfFnA0ZJEEYw/rZLirj7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12Yxq\n"
 123                 "Hdy7gnJXodLhvE/cR4SN9VW7+qmCMBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4\n"
 124                 "+wIDAQAB\n"
 125                 "-----END PUBLIC KEY-----";
 126
 127         raw_buffer_s *dek = buffer_create(32);
 128
 129         auto _raii1 = _safe(dek);
 130
 131         BOOST_REQUIRE_MESSAGE(dek != nullptr && dek->size == 32, "Failed to create buffer");
 132         BOOST_REQUIRE_MESSAGE(_get_random(dek) == WAE_ERROR_NONE, "Failed to get random");
 133
 134         raw_buffer_s pubkey;
 135
 136         pubkey.buf = (unsigned char *)public_key;
 137         pubkey.size = strlen(public_key);
 138
 139         raw_buffer_s *encrypted = nullptr;
 140         int ret = encrypt_app_dek(&pubkey, dek, &encrypted);
 141
 142         auto _raii2 = _safe(encrypted);
 143
 144         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to encrypt_app_dek. ec: " << ret);
 145
 146         raw_buffer_s prikey;
 147         prikey.buf = (unsigned char *)private_key;
 148         prikey.size = strlen(private_key);
 149
 150         raw_buffer_s *decrypted = nullptr;
 151         ret = decrypt_app_dek(&prikey, nullptr, encrypted, &decrypted);
 152
 153         auto _raii3 = _safe(decrypted);
 154
 155         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to decrypt_app_dek. ec: " << ret);
 156
 157         BOOST_REQUIRE_MESSAGE(Wae::Test::bytes_to_hex(dek) == Wae::Test::bytes_to_hex(decrypted),
 158                         "encrypted/decrypted dek isn't valid. "
 159                         "dek(" << Wae::Test::bytes_to_hex(dek) << ") "
 160                         "decrypted(" << Wae::Test::bytes_to_hex(decrypted) << ")");
 161 }
 162
 163 BOOST_AUTO_TEST_CASE(encrypt_decrypt_aes_cbc)
 164 {
 165         raw_buffer_s *data = buffer_create(16);
 166
 167         auto _raii1 = _safe(data);
 168
 169         BOOST_REQUIRE_MESSAGE(data != nullptr && data->size == 16, "Failed to create buffer");
 170
 171         crypto_element_s *ce = _create_ce();
 172
 173         auto _raii2 = _safe(ce);
 174
 175         raw_buffer_s *encrypted = nullptr;
 176         int ret = encrypt_aes_cbc(ce, data, &encrypted);
 177
 178         auto _raii3 = _safe(encrypted);
 179
 180         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to encrypt_aes_cbc. ec: " << ret);
 181
 182         raw_buffer_s *decrypted = nullptr;
 183         ret = decrypt_aes_cbc(ce, encrypted, &decrypted);
 184
 185         auto _raii4 = _safe(decrypted);
 186
 187         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to decrypt_aes_cbc. ec: " << ret);
 188         BOOST_REQUIRE_MESSAGE(Wae::Test::bytes_to_hex(data) == Wae::Test::bytes_to_hex(decrypted),
 189                         "decrypted plaintext isn't valid. "
 190                         "plaintext(" << Wae::Test::bytes_to_hex(data) << ") "
 191                         "decrypted(" << Wae::Test::bytes_to_hex(decrypted) << ")");
 192 }
 193
 194 BOOST_AUTO_TEST_CASE(cache)
 195 {
 196         const char *pkg1 = "pkg1";
 197         const char *pkg2 = "pkg2";
 198         const char *pkg3 = "pkg3";
 199         const char *pkgDummy = "dummy";
 200
 201         auto ce1 = _create_ce();
 202         auto ce2 = _create_ce();
 203         auto ce3 = _create_ce();
 204
 205         crypto_element_map_s *map = nullptr;
 206
 207         int tmp = crypto_element_map_add(&map, pkg1, ce1);
 208         BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to add ce to map. ret: " << tmp);
 209
 210         tmp = crypto_element_map_add(&map, pkg2, ce2);
 211         BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to add ce to map. ret: " << tmp);
 212
 213         tmp = crypto_element_map_add(&map, pkg3, ce3);
 214         BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to add ce to map. ret: " << tmp);
 215
 216         BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg1) == ce1,
 217                         "cached ce has different address with actual.");
 218         BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg2) == ce2,
 219                         "cached ce has different address with actual.");
 220         BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg3) == ce3,
 221                         "cached ce has different address with actual.");
 222         BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkgDummy) == nullptr,
 223                         "something returned with pkg dummy from map which should be null.");
 224
 225         crypto_element_map_remove(&map, pkg3);
 226
 227         BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg3) == nullptr,
 228                         "removed pkg(" << pkg3 << ") is returned from map which should be null.");
 229
 230         auto ce4 = _create_ce();
 231         tmp = crypto_element_map_add(&map, pkg1, ce4);
 232         BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to update ce to map. ret: " << tmp);
 233
 234         BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg1) == ce4,
 235                         "cached ce has different address with actual.");
 236
 237         crypto_element_map_destroy(map);
 238 }
 239
 240 BOOST_AUTO_TEST_CASE(cache_max)
 241 {
 242         crypto_element_map_s *map = nullptr;
 243
 244         for (size_t i = 0; i < MAX_MAP_ELEMENT_SIZE + 1; ++i) {
 245                 BOOST_REQUIRE(crypto_element_map_add(&map, std::to_string(i).c_str(), _create_ce()) == WAE_ERROR_NONE);
 246         }
 247
 248         BOOST_REQUIRE(crypto_element_map_get(map, "0") == nullptr);
 249
 250         crypto_element_map_destroy(map);
 251 }
 252
 253 BOOST_AUTO_TEST_CASE(read_write_encrypted_app_dek)
 254 {
 255         const char *pkg_id = "write_test_pkg";
 256
 257         raw_buffer_s *dek = buffer_create(256);
 258
 259         auto raii1 = _safe(dek);
 260
 261         BOOST_REQUIRE(dek != nullptr);
 262         BOOST_REQUIRE(_get_random(dek) == WAE_ERROR_NONE);
 263
 264         int ret = _write_encrypted_app_dek_to_file(pkg_id, dek);
 265         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to write_encrypted_app_dek_to_file. ec: " << ret);
 266
 267         raw_buffer_s *readed = nullptr;
 268         ret = _read_encrypted_app_dek_from_file(pkg_id, &readed);
 269         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to read_encrypted_app_dek_from_file. ec: " << ret);
 270
 271         auto raii2 = _safe(readed);
 272
 273         BOOST_REQUIRE_MESSAGE(Wae::Test::bytes_to_hex(dek) == Wae::Test::bytes_to_hex(readed),
 274                         "dek isn't match after write/read file. "
 275                         "dek(" << Wae::Test::bytes_to_hex(dek) << ") "
 276                         "readed(" << Wae::Test::bytes_to_hex(readed) << ")");
 277 }
 278
 279 BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1)
 280 {
 281         const char *pkg_id = "TEST_PKG_ID_FOR_CREATE";
 282
 283         const crypto_element_s *readed = nullptr;
 284         int ret = get_preloaded_app_ce(pkg_id, &readed);
 285
 286         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NO_KEY,
 287                         "preloaded app ce to create is already exist. ec: " << ret);
 288
 289         const crypto_element_s *ce = nullptr;
 290         ret = create_preloaded_app_ce(pkg_id, &ce);
 291
 292         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
 293                         "Failed to create_preloaded_app_ce. ec: " << ret);
 294
 295         ret = get_preloaded_app_ce(pkg_id, &readed);
 296         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
 297                         "Failed to get_preloaded_app_ce. ec: " << ret);
 298
 299         BOOST_REQUIRE_MESSAGE(readed == ce, "cached ce address and actual is different!");
 300 }
 301
 302 BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2)
 303 {
 304         const char *pkg_id1 = "TEST_PKGID_1";
 305         const char *pkg_id2 = "TEST_PKGID_2";
 306
 307         char path1[MAX_PATH_LEN] = {0, };
 308         char path2[MAX_PATH_LEN] = {0, };
 309         _get_preloaded_app_dek_file_path(pkg_id1, sizeof(path1), path1);
 310         _get_preloaded_app_dek_file_path(pkg_id2, sizeof(path2), path2);
 311
 312         // remove old test data
 313         remove_app_ce(pkg_id1, WAE_PRELOADED_APP);
 314         remove_app_ce(pkg_id2, WAE_PRELOADED_APP);
 315         unlink(path1);
 316         unlink(path2);
 317
 318         // create 2 ces for preloaded app
 319         const crypto_element_s *ce1 = nullptr;
 320         int ret = create_preloaded_app_ce(pkg_id1, &ce1);
 321         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
 322                         "Failed to create_preloaded_app_ce. ec: " << ret);
 323
 324         const crypto_element_s *ce2 = nullptr;
 325         ret = create_preloaded_app_ce(pkg_id2, &ce2);
 326         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
 327                         "Failed to create_preloaded_app_ce. ec: " << ret);
 328
 329         ret = load_preloaded_app_deks(true);
 330         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
 331                         "Failed to load_preloaded_app_deks. ec: " << ret);
 332
 333         const crypto_element_s *readed1 = nullptr;
 334         ret = get_app_ce(pkg_id1, WAE_PRELOADED_APP, false, &readed1);
 335         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to get_app_dek. ec: " << ret);
 336
 337         const crypto_element_s *readed2 = nullptr;
 338         ret = get_app_ce(pkg_id2, WAE_PRELOADED_APP, false, &readed2);
 339         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to get_app_dek. ec: " << ret);
 340
 341         BOOST_REQUIRE_MESSAGE(readed1 == ce1, "cached ce and actual address is different!");
 342         BOOST_REQUIRE_MESSAGE(readed2 == ce2, "cached ce and actual address is different!");
 343
 344         ret = remove_app_ce(pkg_id1, WAE_PRELOADED_APP);
 345         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed remove app ce. ec: " << ret);
 346
 347         ret = remove_app_ce(pkg_id2, WAE_PRELOADED_APP);
 348         BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed remove app ce. ec: " << ret);
 349 }
 350
 351 BOOST_AUTO_TEST_SUITE_END() // INTERNALS
 352
 353 BOOST_AUTO_TEST_SUITE_END() // SYSTEM