2 * Copyright (c) 2015 -2019 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 * @file test_encryption-scheme.cpp
18 * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
25 #include <boost/test/unit_test.hpp>
26 #include <boost/test/results_reporter.hpp>
28 #include <scheme-test.h>
33 // this is done to limit the amount of code included in binary
34 const int OLD_ENC_SCHEME = 0;
35 const int NEW_ENC_SCHEME = 1;
37 const char* const ONLYCAP = "/sys/fs/smackfs/onlycap";
39 class OnlycapFixture {
42 std::fstream file(ONLYCAP);
54 std::ofstream file(ONLYCAP);
59 std::string m_oldOnlycap;
62 } // namespace anonymous
64 BOOST_FIXTURE_TEST_SUITE(ENCRYPTION_SCHEME_TEST, OnlycapFixture)
66 // Test database should have the old scheme
67 BOOST_AUTO_TEST_CASE(T010_Check_old_scheme)
73 test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
76 BOOST_AUTO_TEST_CASE(T1111_Alias_Info_old_scheme)
82 test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
83 test.CheckAliasInfo();
85 test.CheckAliasInfo();
88 // Newly written data should use the new scheme
89 BOOST_AUTO_TEST_CASE(T020_Check_new_scheme)
92 test.RemoveUserData();
96 test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
99 BOOST_AUTO_TEST_CASE(T030_Remove_old_scheme)
105 size_t aliases = test.CountObjects();
106 BOOST_REQUIRE_MESSAGE(aliases == 0, "All aliases should be removed");
109 BOOST_AUTO_TEST_CASE(T040_Remove_new_scheme)
112 test.RemoveUserData();
116 size_t aliases = test.CountObjects();
117 BOOST_REQUIRE_MESSAGE(aliases == 0, "All aliases should be removed");
120 // Reading old db should reencrypt objects with new scheme
121 BOOST_AUTO_TEST_CASE(T100_Read)
128 filter.exportableOnly = true;
129 test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
132 BOOST_AUTO_TEST_CASE(T110_Count_objects_after_read)
136 size_t orig = test.CountObjects();
137 BOOST_REQUIRE_MESSAGE(orig > 0, "No objects in db");
141 size_t current = test.CountObjects();
142 BOOST_REQUIRE_MESSAGE(current == orig,
143 "Original number of objects: " << orig << " Current: " << current);
146 // Reading old db with incorrect passwords should leave the scheme unchanged
147 BOOST_AUTO_TEST_CASE(T120_Read_wrong_pass)
154 test.CheckSchemeVersion(filter, OLD_ENC_SCHEME);
157 // Signing/verification should reencrypt objects with new scheme
158 BOOST_AUTO_TEST_CASE(T200_SignVerify)
164 ItemFilter filter(DataType::KEY_RSA_PUBLIC, DataType::KEY_RSA_PRIVATE);
165 test.CheckSchemeVersion(filter, NEW_ENC_SCHEME);
168 // Encryption/decryption should reencrypt objects with new scheme
169 BOOST_AUTO_TEST_CASE(T210_EncryptDecrypt)
173 test.EncryptDecrypt();
175 ItemFilter filter1(DataType::KEY_RSA_PUBLIC, DataType::KEY_RSA_PRIVATE);
176 test.CheckSchemeVersion(filter1, NEW_ENC_SCHEME);
178 ItemFilter filter2(DataType::KEY_AES);
179 test.CheckSchemeVersion(filter2, NEW_ENC_SCHEME);
182 // Chain creation should reencrypt objects with new scheme
183 BOOST_AUTO_TEST_CASE(T220_CreateChain)
189 // non exportable certificates and certificates protected with passwords can't be used for chain
191 ItemFilter filter1(DataType::CERTIFICATE);
192 filter1.exportableOnly = true;
193 filter1.noPassword = true;
194 test.CheckSchemeVersion(filter1, NEW_ENC_SCHEME);
196 ItemFilter filter2(DataType::CHAIN_CERT_0, DataType::CHAIN_CERT_15);
197 filter2.exportableOnly = true;
198 filter2.noPassword = true;
199 test.CheckSchemeVersion(filter2, NEW_ENC_SCHEME);
202 BOOST_AUTO_TEST_SUITE_END()