2 * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 * @author Dongsun Lee (ds73.lee@samsung.com)
19 * Kyungwook Tak (k.tak@samsung.com)
21 * @brief internal functions test
23 #include "web_app_enc.h"
29 #include <boost/test/unit_test.hpp>
31 #include "key_handler.h"
32 #include "crypto_service.h"
34 #include "test-common.h"
38 using rb_raii = std::unique_ptr<raw_buffer_s, void(*)(raw_buffer_s *)>;
39 using ce_raii = std::unique_ptr<crypto_element_s, void(*)(crypto_element_s *)>;
40 using map_raii = std::unique_ptr<crypto_element_map_s, void(*)(crypto_element_map_s *)>;
42 inline rb_raii _safe(raw_buffer_s *ptr)
44 return rb_raii(ptr, buffer_destroy);
47 inline ce_raii _safe(crypto_element_s *ptr)
49 return ce_raii(ptr, crypto_element_destroy);
52 inline map_raii _safe(crypto_element_map_s *ptr)
54 return map_raii(ptr, crypto_element_map_destroy);
57 crypto_element_s *_create_ce(void)
59 raw_buffer_s *dek = buffer_create(32);
60 raw_buffer_s *iv = buffer_create(16);
61 crypto_element_s *ce = crypto_element_create(dek, iv);
66 } else if (_get_random(ce->dek) != WAE_ERROR_NONE) {
67 crypto_element_destroy(ce);
69 } else if (_get_random(ce->iv) != WAE_ERROR_NONE) {
70 crypto_element_destroy(ce);
74 BOOST_REQUIRE(ce != nullptr);
81 BOOST_AUTO_TEST_SUITE(SYSTEM)
83 BOOST_AUTO_TEST_SUITE(INTERNALS)
85 BOOST_AUTO_TEST_CASE(encrypt_decrypt_app_dek)
87 const char *private_key =
88 "-----BEGIN RSA PRIVATE KEY-----\n"
89 "MIIEpgIBAAKCAQEA0kWtjpRO7Zh2KX2naVE/BDJdrfwK9xexfNA0MkY2VJ4J2AKM\n"
90 "YTj1D1jntceryupCEHOvP3rum+WsFvPXduz9+VKnSsSqj4jcTUubtpDUGA5G79Iq\n"
91 "LEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq8JkqBPoCCwtUs73ruE9VbtsBO/kT\n"
92 "lASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCwS2OTvQDNvsXfFnA0ZJEEYw/rZLir\n"
93 "j7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12YxqHdy7gnJXodLhvE/cR4SN9VW7+qmC\n"
94 "MBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4+wIDAQABAoIBAQCwxqV/vc2RUGDe\n"
95 "xuXM0+IvrAw37jJlw4SS0xNexMp+XxMViCbuwYy851h96azS/himbiuCKd6aL/96\n"
96 "mGunbtyiFEvSvv5Jh5z2Wr9BQAcfZjla+4w7BIsg9UNifE/OfgLsQBu34xhsHtfK\n"
97 "7nFehCOl/I5n+qtnD5KZPe0DWacQdwY4vEAj6YyXdb2bBg+MiwE9KVxGEIUDbklh\n"
98 "Is70JXczjLZCS+lIpOKh0/lbZmBZePoUbVTtS+GvtPTpQC/aTHRkwGoEtuPEWpbL\n"
99 "0Q1d6zO+vDJVLJlb5FF2haghs8IlqAxkkPjeUTNye+WktRrDQxmPu/blbxQrygfq\n"
100 "Au5tBnsxAoGBAOiVtcpg32puo3Yq2Y78oboe9PuHaQP0d3DhwP3/7J0BeNslpjW7\n"
101 "E1LWsVsCanxTE8XPUdFfAWgMk7lQqESN0wawGmSmWk+eQPZdjHanBaC8vh7aKjo6\n"
102 "q9FdT1DKjrRi23QyDco3f3E7hvM93IAAhw1ikNu8DT19JAxtdeMh5WAZAoGBAOdw\n"
103 "6neEvIFXh3RWEv2/GKVhVR8mxDqxmuFdXpOF+YWsK0Tg4uC8jm9kUGnwXgT2Mjke\n"
104 "oAwYAFcRbHQQGsxy/vkV16kv4aurTE2hMpjeXCAakwV0Pi2w1f9WnDokjgORkOmc\n"
105 "+QK9I8egdFPMVDfQjhLslhSUY0Eb4qcJ6q9WxfQzAoGBANSsAFybk+7oWAO3TtQW\n"
106 "YXOk1vIgcYAyS/0mEKixGZS/QdlxZbf/5b17nxTO8rvX416fIftG2ixgQ7vR6us0\n"
107 "m9+jq56ZFj9zP4eHJudf9h9yNo5TgwVXnMCGh/4iGbcMJgrrsfxUHu5VNiK5UCSj\n"
108 "VtqAZGDoZVryUMIkXQVhezIRAoGBAN7QUIqcGbcUA24257Wu4hVlrUN+WPCAyDEr\n"
109 "aL/x/ZV5eXaoYwQlw6LuGpTDOmDgfN2M5FyARuOL/LOIRaSLGXnIU4WoeUSCd8VM\n"
110 "6Z9Og7bMnrpjfPEUDBH02hcH1kkNPUwLOZgva2Dm0tdSIcpSWFVTu/E4Io4uQHi8\n"
111 "DVqc2ZsNAoGBAJT76ezXNSSv8hnrKqTpwgTicpqhRZ3eFQjyl4HRL26AJMKv++x8\n"
112 "4/IsVIwxaHzpbN3nnCjmAHV4gX9YpxVnvYcZflC9WZeDkwNMLmPYb3Zg27EzSMfQ\n"
113 "8yrfWJZo3qobipcHf1yohAt4fHk9kUKtPHEwp0xKe//rfhswLb3VCzvQ\n"
114 "-----END RSA PRIVATE KEY-----";
116 const char *public_key =
117 "-----BEGIN PUBLIC KEY-----\n"
118 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kWtjpRO7Zh2KX2naVE/\n"
119 "BDJdrfwK9xexfNA0MkY2VJ4J2AKMYTj1D1jntceryupCEHOvP3rum+WsFvPXduz9\n"
120 "+VKnSsSqj4jcTUubtpDUGA5G79IqLEPFuSBaqI8Uwkzd08pE+s30oaJDnNazMhSq\n"
121 "8JkqBPoCCwtUs73ruE9VbtsBO/kTlASIAfe8nXqcJLcDQgWYhizjJw0Pi6d74oCw\n"
122 "S2OTvQDNvsXfFnA0ZJEEYw/rZLirj7OHoOjz+Sh5N+1uA3Up6SPPEbHuP6L12Yxq\n"
123 "Hdy7gnJXodLhvE/cR4SN9VW7+qmCMBjmLkBejGrEX3STS9sLI7MZHu9Y26dwuYb4\n"
125 "-----END PUBLIC KEY-----";
127 raw_buffer_s *dek = buffer_create(32);
129 auto _raii1 = _safe(dek);
131 BOOST_REQUIRE_MESSAGE(dek != nullptr && dek->size == 32, "Failed to create buffer");
132 BOOST_REQUIRE_MESSAGE(_get_random(dek) == WAE_ERROR_NONE, "Failed to get random");
136 pubkey.buf = (unsigned char *)public_key;
137 pubkey.size = strlen(public_key);
139 raw_buffer_s *encrypted = nullptr;
140 int ret = encrypt_app_dek(&pubkey, dek, &encrypted);
142 auto _raii2 = _safe(encrypted);
144 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to encrypt_app_dek. ec: " << ret);
147 prikey.buf = (unsigned char *)private_key;
148 prikey.size = strlen(private_key);
150 raw_buffer_s *decrypted = nullptr;
151 ret = decrypt_app_dek(&prikey, nullptr, encrypted, &decrypted);
153 auto _raii3 = _safe(decrypted);
155 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to decrypt_app_dek. ec: " << ret);
157 BOOST_REQUIRE_MESSAGE(Wae::Test::bytes_to_hex(dek) == Wae::Test::bytes_to_hex(decrypted),
158 "encrypted/decrypted dek isn't valid. "
159 "dek(" << Wae::Test::bytes_to_hex(dek) << ") "
160 "decrypted(" << Wae::Test::bytes_to_hex(decrypted) << ")");
163 BOOST_AUTO_TEST_CASE(encrypt_decrypt_aes_cbc)
165 raw_buffer_s *data = buffer_create(16);
167 auto _raii1 = _safe(data);
169 BOOST_REQUIRE_MESSAGE(data != nullptr && data->size == 16, "Failed to create buffer");
171 crypto_element_s *ce = _create_ce();
173 auto _raii2 = _safe(ce);
175 raw_buffer_s *encrypted = nullptr;
176 int ret = encrypt_aes_cbc(ce, data, &encrypted);
178 auto _raii3 = _safe(encrypted);
180 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to encrypt_aes_cbc. ec: " << ret);
182 raw_buffer_s *decrypted = nullptr;
183 ret = decrypt_aes_cbc(ce, encrypted, &decrypted);
185 auto _raii4 = _safe(decrypted);
187 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to decrypt_aes_cbc. ec: " << ret);
188 BOOST_REQUIRE_MESSAGE(Wae::Test::bytes_to_hex(data) == Wae::Test::bytes_to_hex(decrypted),
189 "decrypted plaintext isn't valid. "
190 "plaintext(" << Wae::Test::bytes_to_hex(data) << ") "
191 "decrypted(" << Wae::Test::bytes_to_hex(decrypted) << ")");
194 BOOST_AUTO_TEST_CASE(cache)
196 const char *pkg1 = "pkg1";
197 const char *pkg2 = "pkg2";
198 const char *pkg3 = "pkg3";
199 const char *pkgDummy = "dummy";
201 auto ce1 = _create_ce();
202 auto ce2 = _create_ce();
203 auto ce3 = _create_ce();
205 crypto_element_map_s *map = nullptr;
207 int tmp = crypto_element_map_add(&map, pkg1, ce1);
208 BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to add ce to map. ret: " << tmp);
210 tmp = crypto_element_map_add(&map, pkg2, ce2);
211 BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to add ce to map. ret: " << tmp);
213 tmp = crypto_element_map_add(&map, pkg3, ce3);
214 BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to add ce to map. ret: " << tmp);
216 BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg1) == ce1,
217 "cached ce has different address with actual.");
218 BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg2) == ce2,
219 "cached ce has different address with actual.");
220 BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg3) == ce3,
221 "cached ce has different address with actual.");
222 BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkgDummy) == nullptr,
223 "something returned with pkg dummy from map which should be null.");
225 crypto_element_map_remove(&map, pkg3);
227 BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg3) == nullptr,
228 "removed pkg(" << pkg3 << ") is returned from map which should be null.");
230 auto ce4 = _create_ce();
231 tmp = crypto_element_map_add(&map, pkg1, ce4);
232 BOOST_REQUIRE_MESSAGE(tmp == WAE_ERROR_NONE, "Failed to update ce to map. ret: " << tmp);
234 BOOST_REQUIRE_MESSAGE(crypto_element_map_get(map, pkg1) == ce4,
235 "cached ce has different address with actual.");
237 crypto_element_map_destroy(map);
240 BOOST_AUTO_TEST_CASE(cache_max)
242 crypto_element_map_s *map = nullptr;
244 for (size_t i = 0; i < MAX_MAP_ELEMENT_SIZE + 1; ++i) {
245 BOOST_REQUIRE(crypto_element_map_add(&map, std::to_string(i).c_str(), _create_ce()) == WAE_ERROR_NONE);
248 BOOST_REQUIRE(crypto_element_map_get(map, "0") == nullptr);
250 crypto_element_map_destroy(map);
253 BOOST_AUTO_TEST_CASE(read_write_encrypted_app_dek)
255 const char *pkg_id = "write_test_pkg";
257 raw_buffer_s *dek = buffer_create(256);
259 auto raii1 = _safe(dek);
261 BOOST_REQUIRE(dek != nullptr);
262 BOOST_REQUIRE(_get_random(dek) == WAE_ERROR_NONE);
264 int ret = _write_encrypted_app_dek_to_file(pkg_id, dek);
265 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to write_encrypted_app_dek_to_file. ec: " << ret);
267 raw_buffer_s *readed = nullptr;
268 ret = _read_encrypted_app_dek_from_file(pkg_id, &readed);
269 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to read_encrypted_app_dek_from_file. ec: " << ret);
271 auto raii2 = _safe(readed);
273 BOOST_REQUIRE_MESSAGE(Wae::Test::bytes_to_hex(dek) == Wae::Test::bytes_to_hex(readed),
274 "dek isn't match after write/read file. "
275 "dek(" << Wae::Test::bytes_to_hex(dek) << ") "
276 "readed(" << Wae::Test::bytes_to_hex(readed) << ")");
279 BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1)
281 const char *pkg_id = "TEST_PKG_ID_FOR_CREATE";
283 const crypto_element_s *readed = nullptr;
284 int ret = get_preloaded_app_ce(pkg_id, &readed);
286 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NO_KEY,
287 "preloaded app ce to create is already exist. ec: " << ret);
289 const crypto_element_s *ce = nullptr;
290 ret = create_preloaded_app_ce(pkg_id, &ce);
292 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
293 "Failed to create_preloaded_app_ce. ec: " << ret);
295 ret = get_preloaded_app_ce(pkg_id, &readed);
296 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
297 "Failed to get_preloaded_app_ce. ec: " << ret);
299 BOOST_REQUIRE_MESSAGE(readed == ce, "cached ce address and actual is different!");
302 BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2)
304 const char *pkg_id1 = "TEST_PKGID_1";
305 const char *pkg_id2 = "TEST_PKGID_2";
307 char path1[MAX_PATH_LEN] = {0, };
308 char path2[MAX_PATH_LEN] = {0, };
309 _get_preloaded_app_dek_file_path(pkg_id1, sizeof(path1), path1);
310 _get_preloaded_app_dek_file_path(pkg_id2, sizeof(path2), path2);
312 // remove old test data
313 remove_app_ce(pkg_id1, WAE_PRELOADED_APP);
314 remove_app_ce(pkg_id2, WAE_PRELOADED_APP);
318 // create 2 ces for preloaded app
319 const crypto_element_s *ce1 = nullptr;
320 int ret = create_preloaded_app_ce(pkg_id1, &ce1);
321 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
322 "Failed to create_preloaded_app_ce. ec: " << ret);
324 const crypto_element_s *ce2 = nullptr;
325 ret = create_preloaded_app_ce(pkg_id2, &ce2);
326 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
327 "Failed to create_preloaded_app_ce. ec: " << ret);
329 ret = load_preloaded_app_deks(true);
330 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
331 "Failed to load_preloaded_app_deks. ec: " << ret);
333 const crypto_element_s *readed1 = nullptr;
334 ret = get_app_ce(pkg_id1, WAE_PRELOADED_APP, false, &readed1);
335 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to get_app_dek. ec: " << ret);
337 const crypto_element_s *readed2 = nullptr;
338 ret = get_app_ce(pkg_id2, WAE_PRELOADED_APP, false, &readed2);
339 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to get_app_dek. ec: " << ret);
341 BOOST_REQUIRE_MESSAGE(readed1 == ce1, "cached ce and actual address is different!");
342 BOOST_REQUIRE_MESSAGE(readed2 == ce2, "cached ce and actual address is different!");
344 ret = remove_app_ce(pkg_id1, WAE_PRELOADED_APP);
345 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed remove app ce. ec: " << ret);
347 ret = remove_app_ce(pkg_id2, WAE_PRELOADED_APP);
348 BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed remove app ce. ec: " << ret);
351 BOOST_AUTO_TEST_SUITE_END() // INTERNALS
353 BOOST_AUTO_TEST_SUITE_END() // SYSTEM