/*
- * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2000-2020 Samsung Electronics Co., Ltd. All rights reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#pragma once
-#include <unordered_set>
+#include <string>
#include <memory>
+#include <stdexcept>
#include <ckm/ckm-type.h>
+#include <ckm/ckm-manager-async.h>
+#include <ckmc/ckmc-type.h>
#include <ckmc/ckmc-error.h>
#include <tests_common.h>
+#include <sys/types.h>
-void switch_to_storage_user(const char* label);
-void switch_to_storage_ocsp_user(const char* label);
+extern const std::string SMACK_USER_APP_PREFIX;
+extern const char *SYSTEM_LABEL;
+extern const char *TEST_LABEL;
+extern const char *TEST_LABEL_2;
+extern const char *TEST_LABEL_3;
+extern const char *TEST_LABEL_4;
+extern const char *TEST_LABEL_5;
+// support for error printing
+const char * CKMCErrorToString(int error);
+std::string CKMCReadableError(int error);
// RUNNER_ASSERT wrappers
template <typename F, typename... Args>
void assert_result(int expected, F&& func, Args... args)
{
int ret = func(args...);
- RUNNER_ASSERT_MSG(ret == expected, "Expected " << expected << " got: " << ret);
+ RUNNER_ASSERT_MSG(ret == expected,
+ "Expected: " << CKMCErrorToString(expected) << "(" << expected << ")"
+ " got: " << CKMCErrorToString(ret) << "(" << ret << ")");
}
template <typename F, typename... Args>
return size;
}
+std::string getLabel();
+// returns process owner id
+std::string getOwnerIdFromSelf();
-// service lifecycle management
-enum ServiceIdx {
- LISTENER,
- MANAGER
-};
-void start_service(ServiceIdx idx);
-void stop_service(ServiceIdx idx);
+std::string aliasWithLabel(const char *label, const char *alias);
-// support for error printing
-const char * CKMCErrorToString(int error);
-std::string CKMCReadableError(int error);
+std::string aliasWithLabelFromSelf(const char *alias);
-// Class responsible for db cleanup after positive tests. Will remove all used aliases in destructor
-class DBCleanup
+void save_data(const char* alias, const char *data, size_t len, const char* password,
+ int expected_err = CKMC_ERROR_NONE, bool exportable = true);
+void save_data(const char* alias, const char *data, int expected_err = CKMC_ERROR_NONE,
+ bool exportable = true);
+void save_data(const char* alias, const char *data, size_t len,
+ int expected_err = CKMC_ERROR_NONE, bool exportable = true);
+class ScopedSaveData
{
public:
- DBCleanup() {}
-
- const char* alias(const char* alias)
- {
- return m_aliases.insert(CKM::Alias(alias)).first->c_str();
- }
-
- ~DBCleanup();
+ ScopedSaveData(const char* alias, const char *data, int expected_err = CKMC_ERROR_NONE);
+ virtual ~ScopedSaveData();
private:
- std::unordered_set<CKM::Alias> m_aliases;
+ std::string m_alias;
};
-// scoped free
-typedef std::unique_ptr<char, void (*)(void *)> CharPtr;
-
-// returns process label
-CharPtr get_label();
-
-std::string aliasWithLabel(const char *label, const char *alias);
-
-// changes process label
-void change_label(const char* label);
-
-// changes process label upon construction and restores it upon destruction
-class ScopedLabel
+class ScopedDBUnlock
{
public:
- ScopedLabel(const char* label);
- ~ScopedLabel();
+ ScopedDBUnlock(uid_t user_id, const char* passwd);
+ virtual ~ScopedDBUnlock();
private:
- CharPtr m_original_label;
+ uid_t m_uid;
};
+void check_remove_allowed(const char* alias);
+void check_remove_denied(const char* alias);
+void check_remove_not_visible(const char* alias);
+void check_read(const char* alias,
+ const char *label,
+ const char *test_data,
+ size_t len,
+ int expected_code = CKMC_ERROR_NONE);
+void check_read(const char* alias,
+ const char *label,
+ const char *test_data,
+ int expected_code = CKMC_ERROR_NONE);
+void check_read_allowed(const char* alias, const char *data);
+void check_read_not_visible(const char* alias);
+void check_key(const char *alias,
+ int expected_error = CKMC_ERROR_NONE,
+ ckmc_key_type_e expected_type = CKMC_KEY_NONE);
+void check_key_allowed(const char *alias, ckmc_key_type_e expected_type = CKMC_KEY_NONE);
+void check_key_not_visible(const char *alias);
+void check_cert_allowed(const char *alias);
+void check_cert_not_visible(const char *alias);
+void allow_access(const char* alias, const char* accessor, int permissionMask);
+void allow_access_negative(const char* alias, const char* accessor, int permissionMask, int expectedCode);
+void deny_access(const char* alias, const char* accessor);
+void deny_access_negative(const char* alias, const char* accessor, int expectedCode);
+
void unlock_user_data(uid_t user_id, const char *passwd);
void remove_user_data(uid_t user_id);
void reset_user_data(uid_t user_id, const char *passwd);
+
+ckmc_raw_buffer_s prepare_message_buffer(const char * input);
+void check_alias_list(const CKM::AliasVector& expected);
+void check_alias_info_list_helper(const CKM::AliasPwdVector& expected, const CKM::AliasPwdVector& actual,
+ const std::string &userSmackLabel = {});
+void check_alias_info_list(const CKM::AliasPwdVector& expected);
+
+typedef enum {
+ ALIAS_KEY,
+ ALIAS_CERT,
+ ALIAS_DATA
+} alias_type_;
+size_t count_aliases(alias_type_ type, size_t minimum_initial_element_count = 0);
+std::string sharedDatabase(const CKM::Alias & alias);
+CKM::RawBuffer createRandomBuffer(size_t random_bytes);
+ckmc_raw_buffer_s* createRandomBufferCAPI(size_t random_bytes);
+
+ckmc_key_s *generate_AES_key(size_t lengthBits, const char *passwd);
+void validate_AES_key(ckmc_key_s *analyzed);
+void compare_AES_keys(ckmc_key_s *first, ckmc_key_s *second); // true if equal
+CKM::Policy generate_ckm_policy(int iterator_nr); // generates policy based on given number
+
+// Test env class for database cleanup. Pass database uids to cleanup before and after test
+template <uid_t ...Args>
+class RemoveDataEnv;
+
+template <>
+class RemoveDataEnv<>
+{
+public:
+ void init(const std::string&)
+ {}
+ void finish()
+ {}
+};
+
+template <uid_t UID, uid_t ...Args>
+class RemoveDataEnv<UID, Args...> : public RemoveDataEnv<Args...>
+{
+public:
+ void init(const std::string & str) {
+ remove_user_data(UID);
+ RemoveDataEnv<Args...>::init(str);
+ }
+ void finish() {
+ RemoveDataEnv<Args...>::finish();
+ remove_user_data(UID);
+ }
+};
+
+typedef std::shared_ptr<ckmc_raw_buffer_s> RawBufferPtr;
+typedef std::shared_ptr<struct __ckmc_param_list> ParamListPtr;
+
+ParamListPtr createParamListPtr();
+void setParam(ParamListPtr& params, ckmc_param_name_e name, ckmc_raw_buffer_s* buffer);
+void setParam(ParamListPtr& params, ckmc_param_name_e name, uint64_t integer);
+
+void assert_buffers_equal(const ckmc_raw_buffer_s* b1, const ckmc_raw_buffer_s* b2, bool equal=true);
+
+RawBufferPtr create_raw_buffer(ckmc_raw_buffer_s* buffer);
+
+
+template <typename F, typename... Args>
+void test_no_observer(F&& func, Args... args)
+{
+ CKM::ManagerAsync::ObserverPtr obs;
+ CKM::ManagerAsync mgr;
+
+ try {
+ (mgr.*func)(obs, args...);
+ RUNNER_ASSERT_MSG(false, "function() should have thrown an exception");
+ } catch (const std::invalid_argument& e) {
+ RUNNER_ASSERT(true);
+ } catch (...) {
+ RUNNER_ASSERT_MSG(false, "Unexpected exception");
+ }
+}
projects / platform / core / test / security-tests.git / blobdiff