/*
- * Copyright (c) 2000 - 2015 Samsung Electronics Co.
+ * Copyright (c) 2000 - 2020 Samsung Electronics Co.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <ckm/ckm-control.h>
#include <ckmc/ckmc-manager.h>
#include <ckmc/ckmc-type.h>
-#include <access_provider2.h>
+#include <scoped-app-context.h>
#include <unistd.h>
#include <sys/types.h>
const char* TEST_ALIAS = "test-alias";
const char* INVALID_LABEL = "coco-jumbo";
+const char* TEST_PASSWORD = "ckm-password";
std::string TEST_SYSTEM_ALIAS = sharedDatabase(TEST_ALIAS);
std::string TEST_SYSTEM_ALIAS_2 = sharedDatabase("test-alias-2");
// [test]
{
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_LOCKED);
}
{
remove_user_data(USER_APP);
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
ScopedSaveData ssd(TEST_ALIAS, TEST_DATA);
check_read(TEST_ALIAS, TEST_LABEL, TEST_DATA);
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
save_data(aliasWithLabel(SYSTEM_LABEL, TEST_ALIAS).c_str(), TEST_DATA, CKMC_ERROR_PERMISSION_DENIED);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA);
}
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
}
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA);
}
// [test2]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
}
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
ScopedSaveData ssdsystem_user(TEST_ALIAS, TEST_DATA);
ScopedSaveData ssdsystem_system(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA, CKMC_ERROR_PERMISSION_DENIED);
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
check_remove_denied(TEST_SYSTEM_ALIAS.c_str());
}
// [test2]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
ScopedSaveData user_data(TEST_ALIAS, TEST_DATA);
check_alias_list({TEST_SYSTEM_ALIAS.c_str(),
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
std::string private_key_alias = aliasWithLabel(SYSTEM_LABEL, "sys-db-priv");
std::string public_key_alias = aliasWithLabel(SYSTEM_LABEL, "sys-db-pub");
// [test2]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
- ScopedAccessProvider ap(TEST_LABEL);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedAppContext ctx(TEST_LABEL, USER_APP, GROUP_APP);
ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
// [test]
{
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_SERVICE_2, GROUP_SERVICE_2);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_2, GROUP_SERVICE_2);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA);
}
// [prepare]
{
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_SERVICE_2, GROUP_SERVICE_2);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_2, GROUP_SERVICE_2);
// [test]
ScopedSaveData ssd(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
// [test]
{
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_SERVICE_MAX, GROUP_SERVICE_MAX);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_MAX, GROUP_SERVICE_MAX);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA);
}
// [test]
{
- ScopedAccessProvider ap(TEST_LABEL_2);
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_SERVICE_FAIL, GROUP_SERVICE_FAIL);
+ ScopedAppContext ctx(TEST_LABEL_2, USER_SERVICE_FAIL, GROUP_SERVICE_FAIL);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA, CKMC_ERROR_DB_LOCKED);
}
save_data(aliasWithLabel(SYSTEM_LABEL, TEST_ALIAS).c_str(), TEST_DATA);
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA);
}
+
+RUNNER_TEST(T5046_CLIENT_GET_ALIAS_STATUS_NO_PASSWORD, RemoveDataEnv<0>)
+{
+ // [prepare]
+ // start as system service
+ // add data A to the system DB
+ // add data B to the system DB
+ // [test]
+ // system service list alias status - expect both items to have no password protection
+
+ // [prepare]
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS_2.c_str(), TEST_DATA);
+
+ // [test]
+ InfoVector expected;
+ expected.emplace_back(TEST_SYSTEM_ALIAS, false, backend());
+ expected.emplace_back(TEST_SYSTEM_ALIAS_2, false, backend());
+
+ check_alias_info_list(expected);
+}
+
+RUNNER_TEST(T5047_CLIENT_GET_ALIAS_STATUS_PASSWORD_PROTECTED, RemoveDataEnv<0>)
+{
+ // [prepare]
+ // start as system service
+ // add data A to the system DB
+ // add data B with password protection to the system DB
+ // add data C with password protection to the system DB
+ // [test]
+ // system service list alias status - expect: first alias - no password protection, second, third -
+ // protected with password
+
+ // [prepare]
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS_2.c_str(), TEST_DATA, strlen(TEST_DATA), TEST_PASSWORD);
+ save_data((TEST_SYSTEM_ALIAS_2 + "1").c_str(), TEST_DATA, strlen(TEST_DATA), TEST_PASSWORD);
+
+ // [test]
+ InfoVector expected;
+ expected.emplace_back(TEST_SYSTEM_ALIAS, false, backend());
+ expected.emplace_back(TEST_SYSTEM_ALIAS_2, true, backend());
+ expected.emplace_back(TEST_SYSTEM_ALIAS_2 + "1", true, backend());
+
+ check_alias_info_list(expected);
+}
projects / platform / core / test / security-tests.git / blobdiff