1 #include <boost/test/unit_test.hpp>
5 #include <ckm/ckm-type.h>
6 #include <ckm/ckm-error.h>
8 #include <test_common.h>
15 const int restricted_local = 1;
16 const int restricted_global = 0;
18 const unsigned int c_test_retries = 1000;
19 const unsigned int c_num_names = 500;
20 const unsigned int c_num_names_add_test = 5000;
21 const unsigned int c_names_per_label = 15;
27 FILE *fp = fopen("/dev/urandom", "r");
29 std::cerr << "err to open /dev/urandom" << std::endl;
33 if (1 != fread(&randVal, sizeof(randVal), 1, fp)) {
34 std::cerr << "err to fread /dev/urandom" << std::endl;
43 } // namespace anonymous
45 BOOST_FIXTURE_TEST_SUITE(DBCRYPTO_TEST, DBFixture)
46 BOOST_AUTO_TEST_CASE(DBtestSimple) {
47 DB::Row rowPattern = create_default_row();
48 rowPattern.data = RawBuffer(32, 1);
49 rowPattern.dataSize = rowPattern.data.size();
50 rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
52 check_DB_integrity(rowPattern);
54 BOOST_AUTO_TEST_CASE(DBtestBIG) {
55 DB::Row rowPattern = create_default_row();
56 rowPattern.data = createBigBlob(4096);
57 rowPattern.dataSize = rowPattern.data.size();
58 rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
60 check_DB_integrity(rowPattern);
62 BOOST_AUTO_TEST_CASE(DBtestGlobal) {
63 DB::Row rowPattern = create_default_row();
64 rowPattern.data = RawBuffer(1024, 2);
65 rowPattern.dataSize = rowPattern.data.size();
66 rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
68 BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
70 DB::Row name_duplicate = rowPattern;
71 rowPattern.ownerLabel = rowPattern.ownerLabel + "1";
73 BOOST_AUTO_TEST_CASE(DBtestTransaction) {
74 DB::Row rowPattern = create_default_row();
75 rowPattern.data = RawBuffer(100, 20);
76 rowPattern.dataSize = rowPattern.data.size();
77 rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
78 DB::Crypto::Transaction transaction(&m_db);
80 BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
81 BOOST_REQUIRE_NO_THROW(transaction.rollback());
83 DB::Crypto::RowOptional row_optional;
84 BOOST_REQUIRE_NO_THROW(row_optional = m_db.getRow(m_default_name, m_default_label,
85 DataType::BINARY_DATA));
86 BOOST_CHECK_MESSAGE(!row_optional, "Row still present after rollback");
89 BOOST_AUTO_TEST_SUITE_END()
93 BOOST_FIXTURE_TEST_SUITE(DBCRYPTO_PERF_TEST, DBFixture)
95 BOOST_AUTO_TEST_CASE(DBperfAddNames)
98 performance_start("saveRow");
100 generate_perf_DB(c_num_names_add_test, c_names_per_label);
102 performance_stop(c_num_names_add_test);
105 BOOST_AUTO_TEST_CASE(DBperfLookupAliasByOwner)
108 generate_perf_DB(c_num_names, c_names_per_label);
110 unsigned int num_labels = c_num_names/c_names_per_label;
114 // actual test - successful lookup
115 performance_start("getRow");
116 for(unsigned int t=0; t<c_test_retries; t++)
118 int label_num = getRandom() % num_labels;
119 generate_label(label_num, label);
121 unsigned int start_name = label_num*c_names_per_label;
122 for(unsigned int name_num=start_name; name_num<(start_name+c_names_per_label); name_num++)
124 generate_name(name_num, name);
125 read_row_expect_success(name, label);
128 performance_stop(c_test_retries * c_num_names);
131 BOOST_AUTO_TEST_CASE(DBperfLookupAliasRandomOwnershipNoPermissions)
134 generate_perf_DB(c_num_names, c_names_per_label);
139 unsigned int num_labels = c_num_names / c_names_per_label;
141 // actual test - random lookup
142 performance_start("getRow");
143 for(unsigned int t=0; t<c_test_retries; t++)
145 int name_idx = getRandom()%c_num_names;
146 generate_name(name_idx, name);
147 generate_label(name_idx/c_names_per_label, owner_label);
148 generate_label(getRandom()%num_labels, smack_label);
150 // do not care of result
151 m_db.getRow(name, owner_label, DataType::BINARY_DATA);
153 performance_stop(c_test_retries * c_num_names);
156 BOOST_AUTO_TEST_CASE(DBperfAddPermissions)
159 generate_perf_DB(c_num_names, c_names_per_label);
161 // actual test - add access rights
162 performance_start("setPermission");
163 long iterations = add_full_access_rights(c_num_names, c_names_per_label);
164 performance_stop(iterations);
167 BOOST_AUTO_TEST_CASE(DBperfAliasRemoval)
170 generate_perf_DB(c_num_names, c_names_per_label);
171 add_full_access_rights(c_num_names, c_names_per_label);
173 // actual test - random lookup
174 performance_start("deleteRow");
177 for(unsigned int t=0; t<c_num_names; t++)
179 generate_name(t, name);
180 generate_label(t/c_names_per_label, label);
182 BOOST_REQUIRE_NO_THROW(m_db.deleteRow(name, label));
184 performance_stop(c_num_names);
186 // verify everything has been removed
187 unsigned int num_labels = c_num_names / c_names_per_label;
188 for(unsigned int l=0; l<num_labels; l++)
190 generate_label(l, label);
191 LabelNameVector expect_no_data;
192 BOOST_REQUIRE_NO_THROW(m_db.listNames(label, expect_no_data, DataType::BINARY_DATA));
193 BOOST_REQUIRE(0 == expect_no_data.size());
197 BOOST_AUTO_TEST_CASE(DBperfGetAliasList)
200 generate_perf_DB(c_num_names, c_names_per_label);
201 add_full_access_rights(c_num_names, c_names_per_label);
203 unsigned int num_labels = c_num_names / c_names_per_label;
206 // actual test - random lookup
207 performance_start("listNames");
208 for(unsigned int t=0; t<(c_test_retries/num_labels); t++)
210 LabelNameVector ret_list;
211 generate_label(getRandom()%num_labels, label);
213 BOOST_REQUIRE_NO_THROW(m_db.listNames(label, ret_list, DataType::BINARY_DATA));
214 BOOST_REQUIRE(c_num_names == ret_list.size());
217 performance_stop(c_test_retries/num_labels);
219 BOOST_AUTO_TEST_SUITE_END()
222 BOOST_AUTO_TEST_SUITE(DBCRYPTO_MIGRATION_TEST)
225 const unsigned migration_names = 16107;
226 const unsigned migration_labels = 273;
227 const unsigned migration_reference_label_idx = 0;
228 const unsigned migration_accessed_element_idx = 7;
230 void verifyDBisValid(DBFixture & fixture)
233 * there are (migration_labels), each having (migration_names)/(migration_labels) entries.
234 * reference label (migration_reference_label_idx) exists such that it has access to
235 * all others' label element with index (migration_accessed_element_idx).
238 * - migration_label_63 has access to all items owned by migration_label_63,
239 * which gives (migration_names)/(migration_labels) entries.
241 * - migration_label_0 (0 is the reference label) has access to all items
242 * owned by migration_label_0 and all others' label element index 7,
243 * which gives (migration_names)/(migration_labels) + (migration_labels-1) entries.
246 Label reference_label;
247 fixture.generate_label(migration_reference_label_idx, reference_label);
249 // check number of elements accessible to the reference label
250 LabelNameVector ret_list;
251 BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(reference_label, ret_list, DataType::BINARY_DATA));
252 BOOST_REQUIRE((migration_names/migration_labels)/*own items*/ + (migration_labels-1)/*other labels'*/ == ret_list.size());
255 // check number of elements accessible to the other labels
256 for(unsigned int l=0; l<migration_labels; l++)
258 // bypass the reference owner label
259 if(l == migration_reference_label_idx)
263 fixture.generate_label(l, current_label);
264 BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(current_label, ret_list, DataType::BINARY_DATA));
265 BOOST_REQUIRE((migration_names/migration_labels) == ret_list.size());
266 for(auto it: ret_list)
267 BOOST_REQUIRE(it.first == current_label);
271 struct DBVer1Migration : public DBFixture
273 DBVer1Migration() : DBFixture("/usr/share/ckm-db-test/testme_ver1.db")
277 struct DBVer2Migration : public DBFixture
279 DBVer2Migration() : DBFixture("/usr/share/ckm-db-test/testme_ver2.db")
284 BOOST_AUTO_TEST_CASE(DBMigrationDBVer1)
286 DBVer1Migration DBver1;
287 verifyDBisValid(DBver1);
290 BOOST_AUTO_TEST_CASE(DBMigrationDBVer2)
292 DBVer2Migration DBver2;
293 verifyDBisValid(DBver2);
296 BOOST_AUTO_TEST_CASE(DBMigrationDBCurrent)
300 // prepare data using current DB mechanism
301 Label reference_label;
302 currentDB.generate_label(migration_reference_label_idx, reference_label);
304 currentDB.generate_perf_DB(migration_names, migration_names/migration_labels);
306 // only the reference label has access to the other labels element <migration_accessed_element_idx>
307 for(unsigned int l=0; l<migration_labels; l++)
309 // bypass the reference owner label
310 if(l == migration_reference_label_idx)
313 unsigned element_index = migration_accessed_element_idx + l*migration_names/migration_labels;
317 currentDB.generate_name(element_index, accessed_name);
319 currentDB.generate_label(l, current_label);
320 currentDB.add_permission(accessed_name, current_label, reference_label);
324 verifyDBisValid(currentDB);
327 BOOST_AUTO_TEST_SUITE_END()