/*
- * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2016 - 2020 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* See the License for the specific language governing permissions and
* limitations under the License
*/
+#include <unistd.h>
+#include <sys/types.h>
+
+#include <fstream>
+#include <iostream>
+
#include <netdb.h>
#include <dpl/test/test_runner.h>
#include <tests_common.h>
#include <test-certs.h>
-#include <access_provider2.h>
+#include <scoped-app-context.h>
#include <ckm-common.h>
#include <ckm-privileged-common.h>
+#include <ckm_helpers.h>
#include <ckm/ckm-manager.h>
#include <ckm/ckm-control.h>
#include <ckm/ckm-type.h>
#include <ckm/ckm-pkcs12.h>
-#include <fstream>
-
#include <openssl/x509.h>
#include <openssl/x509v3.h>
RUNNER_TEST(T1511_insert_data)
{
- auto certee = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
- auto certim = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
+ auto certee = TestData::getTestCertificate(TestData::TEST_LEAF);
+ auto certim = TestData::getTestCertificate(TestData::TEST_IM_CA);
CKM::Alias certeeAlias("CertEE");
CKM::Alias certimAlias("CertIM");
{
ScopedDBUnlock unlock(USER_TEST, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST, GROUP_APP);
auto manager = CKM::Manager::create();
RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
// actual test
{
ScopedDBUnlock unlock(USER_TEST, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST, GROUP_APP);
auto manager = CKM::Manager::create();
int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
RUNNER_ASSERT_MSG(
CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
- "Certificate should be in database already. Error=" << CKMErrorToString(status1));
+ "Certificate should be in database already. Error=" << CKM::APICodeToString(status1));
RUNNER_ASSERT_MSG(
CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
- "Certificate should be in database already. Error=" << CKMErrorToString(status2));
+ "Certificate should be in database already. Error=" << CKM::APICodeToString(status2));
}
}
{
unlock_user_data(USER_TEST+1, "t170-special-password");
- ScopedAccessProvider ap(TEST_LABEL);
- ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST+1, GROUP_APP);
}
RUNNER_CHILD_TEST(T1702_insert_data)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL);
- ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST+1, GROUP_APP);
- auto certee = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
+ auto certee = TestData::getTestCertificate(TestData::TEST_LEAF);
auto manager = CKM::Manager::create();
size_t current_aliases_num = count_aliases(ALIAS_CERT);
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == status1,
- "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
+ "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
CKM::AliasVector av;
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
RUNNER_ASSERT_MSG(
(current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
"Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL)),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
}
RUNNER_CHILD_TEST(T1704_data_test)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL);
- ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST+1, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
RUNNER_ASSERT_MSG(
0 == (temp = av.size()),
"Vector size: " << temp << ". Expected: 0");
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
}
RUNNER_CHILD_TEST(T17102_prep_data_01)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL);
- ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST+2, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
}
RUNNER_CHILD_TEST(T17103_prep_data_02)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+2, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
}
RUNNER_CHILD_TEST(T17104_prep_data_03)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL);
- ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST+3, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
}
RUNNER_CHILD_TEST(T17105_prep_data_04)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+3, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
}
RUNNER_TEST(T17106_remove_application)
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL)),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
}
RUNNER_CHILD_TEST(T17107_check_data_01)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL);
- ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST+2, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
RUNNER_ASSERT_MSG(
0 == (temp = av.size()),
"Vector size: " << temp << ". Expected: 0");
RUNNER_CHILD_TEST(T17108_check_data_02)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+2, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
RUNNER_ASSERT_MSG(
1 == (temp = av.size()),
"Vector size: " << temp << ". Expected: 1");
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
- "Error=" << CKMErrorToString(tmp));
+ "Error=" << CKM::APICodeToString(tmp));
}
RUNNER_CHILD_TEST(T17110_check_data_03)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_TEST+3, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
RUNNER_ASSERT_MSG(
0 == (temp = av.size()),
"Vector size: " << temp << ". Expected: 0");
RUNNER_CHILD_TEST(T17111_check_data_04)
{
int temp;
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_TEST+3, GROUP_APP);
CKM::AliasVector av;
auto manager = CKM::Manager::create();
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
- "Error=" << CKMErrorToString(temp));
+ "Error=" << CKM::APICodeToString(temp));
RUNNER_ASSERT_MSG(
1 == (temp = av.size()),
"Vector size: " << temp << ". Expected: 1");
int main(int argc, char *argv[])
{
- return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+ if (geteuid() != 0)
+ {
+ std::cerr << argv[0] << " should be executed as root. Aborting" << std::endl;
+ return -1;
+ }
+ int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+
+ detectCkmBugTrustzoneLeak();
+
+ return exitCode;
}
projects / platform / core / test / security-tests.git / blobdiff