projects / platform / core / security / key-manager.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Migrate secure-storage data
[platform/core/security/key-manager.git] / tests / test_encryption-scheme.cpp
1 /*
2  *  Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
3  *
4  *  Licensed under the Apache License, Version 2.0 (the "License");
5  *  you may not use this file except in compliance with the License.
6  *  You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  *  Unless required by applicable law or agreed to in writing, software
11  *  distributed under the License is distributed on an "AS IS" BASIS,
12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  *  See the License for the specific language governing permissions and
14  *  limitations under the License
15  */
16 /*
17  * @file       test_encryption-scheme.cpp
18  * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
19  * @version    1.0
20  */
21
22 #include <boost/test/unit_test.hpp>
23 #include <boost/test/results_reporter.hpp>
24
25 #include <scheme-test.h>
26
27 using namespace CKM;
28
29 namespace {
30 // this is done to limit the amount of code included in binary
31 const int OLD_ENC_SCHEME  = 0;
32 const int NEW_ENC_SCHEME  = 1;
33 } // namespace anonymous
34
35
36 BOOST_AUTO_TEST_SUITE(ENCRYPTION_SCHEME_TEST)
37
38 // Test database should have the old scheme
39 BOOST_AUTO_TEST_CASE(T010_Check_old_scheme)
40 {
41         SchemeTest test;
42         test.RestoreDb();
43
44         ItemFilter filter;
45         test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
46 }
47
48 // Newly written data should use the new scheme
49 BOOST_AUTO_TEST_CASE(T020_Check_new_scheme)
50 {
51         SchemeTest test;
52         test.RemoveUserData();
53         test.FillDb();
54
55         ItemFilter filter;
56         test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
57 }
58
59 BOOST_AUTO_TEST_CASE(T030_Remove_old_scheme)
60 {
61         SchemeTest test;
62         test.RestoreDb();
63         test.RemoveAll();
64
65         size_t aliases = test.CountObjects();
66         BOOST_REQUIRE_MESSAGE(aliases == 0, "All aliases should be removed");
67 }
68
69 BOOST_AUTO_TEST_CASE(T040_Remove_new_scheme)
70 {
71         SchemeTest test;
72         test.RemoveUserData();
73         test.FillDb();
74         test.RemoveAll();
75
76         size_t aliases = test.CountObjects();
77         BOOST_REQUIRE_MESSAGE(aliases == 0, "All aliases should be removed");
78 }
79
80 // Reading old db should reencrypt objects with new scheme
81 BOOST_AUTO_TEST_CASE(T100_Read)
82 {
83         SchemeTest test;
84         test.RestoreDb();
85         test.ReadAll();
86
87         ItemFilter filter;
88         filter.exportableOnly = true;
89         test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
90 }
91
92 BOOST_AUTO_TEST_CASE(T110_Count_objects_after_read)
93 {
94         SchemeTest test;
95         test.RestoreDb();
96         size_t orig = test.CountObjects();
97         BOOST_REQUIRE_MESSAGE(orig > 0, "No objects in db");
98
99         test.ReadAll();
100
101         size_t current = test.CountObjects();
102         BOOST_REQUIRE_MESSAGE(current == orig,
103                                                   "Original number of objects: " << orig << " Current: " << current);
104 }
105
106 // Reading old db with incorrect passwords should leave the scheme unchanged
107 BOOST_AUTO_TEST_CASE(T120_Read_wrong_pass)
108 {
109         SchemeTest test;
110         test.RestoreDb();
111         test.ReadAll(true);
112
113         ItemFilter filter;
114         test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
115 }
116
117 // Signing/verification should reencrypt objects with new scheme
118 BOOST_AUTO_TEST_CASE(T200_SignVerify)
119 {
120         SchemeTest test;
121         test.RestoreDb();
122         test.SignVerify();
123
124         ItemFilter filter(DataType::KEY_RSA_PUBLIC, DataType::KEY_RSA_PRIVATE);
125         test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
126 }
127
128 // Encryption/decryption should reencrypt objects with new scheme
129 BOOST_AUTO_TEST_CASE(T210_EncryptDecrypt)
130 {
131         SchemeTest test;
132         test.RestoreDb();
133         test.EncryptDecrypt();
134
135         ItemFilter filter1(DataType::KEY_RSA_PUBLIC, DataType::KEY_RSA_PRIVATE);
136         test.CheckSchemeVersion(filter1, NEW_ENC_SCHEME);
137
138         ItemFilter filter2(DataType::KEY_AES);
139         test.CheckSchemeVersion(filter2, NEW_ENC_SCHEME);
140 }
141
142 // Chain creation should reencrypt objects with new scheme
143 BOOST_AUTO_TEST_CASE(T220_CreateChain)
144 {
145         SchemeTest test;
146         test.RestoreDb();
147         test.CreateChain();
148
149         // non exportable certificates and certificates protected with passwords can't be used for chain
150         // creation
151         ItemFilter filter1(DataType::CERTIFICATE);
152         filter1.exportableOnly = true;
153         filter1.noPassword = true;
154         test.CheckSchemeVersion(filter1, NEW_ENC_SCHEME);
155
156         ItemFilter filter2(DataType::CHAIN_CERT_0, DataType::CHAIN_CERT_15);
157         filter2.exportableOnly = true;
158         filter2.noPassword = true;
159         test.CheckSchemeVersion(filter2, NEW_ENC_SCHEME);
160 }
161
162 BOOST_AUTO_TEST_SUITE_END()
Domain: Security / Utilities;