const char* APP_PASS = "user-pass";
const char* TEST_ALIAS = "test-alias";
-const char* SYSTEM_LABEL = ckmc_label_shared_owner;
+const char* SYSTEM_LABEL = ckmc_owner_id_system;
const char* INVALID_LABEL = "coco-jumbo";
std::string TEST_SYSTEM_ALIAS = aliasWithLabel(SYSTEM_LABEL, TEST_ALIAS);
std::string TEST_SYSTEM_ALIAS_2 = aliasWithLabel(SYSTEM_LABEL, "test-alias-2");
// [prepare]
remove_user_data(USER_APP);
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
allow_access(TEST_SYSTEM_ALIAS.c_str(), TEST_LABEL, CKMC_PERMISSION_READ);
// [test]
}
}
-RUNNER_TEST(T5030_CLIENT_APP_TRY_ADDING_SYSTEM_ITEM)
+RUNNER_TEST(T5030_CLIENT_APP_TRY_ADDING_SYSTEM_ITEM, RemoveDataEnv<0, USER_APP>)
{
// [test]
// switch to user app, unlock DB
// try to add item to system DB - expect fail
- // [prepare]
- remove_user_data(USER_APP);
-
// [test]
{
ScopedDBUnlock unlock(USER_APP, APP_PASS);
}
}
-RUNNER_TEST(T5031_CLIENT_APP_ACCESS_WITH_PERMISSION)
+RUNNER_TEST(T5031_CLIENT_APP_ACCESS_WITH_PERMISSION, RemoveDataEnv<0, USER_APP>)
{
// [prepare]
// start as system service
// switch to user app, unlock DB
// try to access the system item - expect success
- // [prepare]
- remove_user_data(USER_APP);
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
allow_access(TEST_SYSTEM_ALIAS.c_str(), TEST_LABEL, CKMC_PERMISSION_READ);
// [test]
}
}
-RUNNER_TEST(T5032_CLIENT_APP_ACCESS_NO_PERMISSION)
+RUNNER_TEST(T5032_CLIENT_APP_ACCESS_NO_PERMISSION, RemoveDataEnv<0, USER_APP>)
{
// [prepare]
// start as system service
// try to access the system item - expect fail
// [prepare]
- remove_user_data(USER_APP);
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
// [test]
{
}
}
-RUNNER_TEST(T5033_CLIENT_APP_PERMISSION_REMOVAL)
+RUNNER_TEST(T5033_CLIENT_APP_PERMISSION_REMOVAL, RemoveDataEnv<0, USER_APP>)
{
// [prepare]
// start as system service
// try to access the system item - expect fail
// [prepare]
- remove_user_data(USER_APP);
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
allow_access(TEST_SYSTEM_ALIAS.c_str(), TEST_LABEL, CKMC_PERMISSION_READ);
// [test]
}
}
-RUNNER_TEST(T5034_CLIENT_APP_SET_READ_ACCESS)
+RUNNER_TEST(T5034_CLIENT_APP_SET_READ_ACCESS, RemoveDataEnv<0, USER_APP>)
{
// [test]
// switch to user app, unlock DB
// [test]
{
- remove_user_data(USER_APP);
ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
}
}
-RUNNER_TEST(T5035_CLIENT_APP_TRY_REMOVING_SYSTEM_ITEM)
+RUNNER_TEST(T5035_CLIENT_APP_TRY_REMOVING_SYSTEM_ITEM, RemoveDataEnv<0, USER_APP>)
{
// [prepare]
// start as system service
// try to remove item from system DB - expect fail
// [prepare]
- remove_user_data(USER_APP);
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
allow_access(TEST_SYSTEM_ALIAS.c_str(), TEST_LABEL, CKMC_PERMISSION_READ);
// [test]
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
check_remove_denied(TEST_SYSTEM_ALIAS.c_str());
}
}
-RUNNER_TEST(T5036_CLIENT_LIST_ACCESSIBLE_ITEMS)
+RUNNER_TEST(T5036_CLIENT_LIST_ACCESSIBLE_ITEMS, RemoveDataEnv<0, USER_APP>)
{
// [prepare]
// start as system service
// user lists items - expect system item A and private item
// [prepare]
- remove_user_data(USER_APP);
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
- gc.save(TEST_SYSTEM_ALIAS_2.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS_2.c_str(), TEST_DATA);
allow_access(TEST_SYSTEM_ALIAS.c_str(), TEST_LABEL, CKMC_PERMISSION_READ);
// [test]
}
}
-RUNNER_TEST(T5037_CLIENT_APP_TRY_GENERATE_KEY_IN_SYSTEM_DB)
+RUNNER_TEST(T5037_CLIENT_APP_TRY_GENERATE_KEY_IN_SYSTEM_DB, RemoveDataEnv<USER_APP>)
{
// [test]
// switch to user app, unlock DB
// [test]
{
- remove_user_data(USER_APP);
ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- const char *private_key_alias = "/ sys-db-priv";
- const char *public_key_alias = "/ sys-db-pub";
+ std::string private_key_alias = aliasWithLabel(SYSTEM_LABEL, "sys-db-priv");
+ std::string public_key_alias = aliasWithLabel(SYSTEM_LABEL, "sys-db-pub");
ckmc_policy_s policy_private_key;
ckmc_policy_s policy_public_key;
policy_private_key.password = NULL;
RUNNER_ASSERT_MSG(
CKMC_ERROR_PERMISSION_DENIED ==
(temp = ckmc_create_key_pair_rsa(1024,
- private_key_alias,
- public_key_alias,
+ private_key_alias.c_str(),
+ public_key_alias.c_str(),
policy_private_key,
policy_public_key)),
CKMCReadableError(temp));
}
}
-RUNNER_TEST(T5038_CLIENT_SERVER_CREATE_VERIFY_SYSTEM_DB)
+RUNNER_TEST(T5038_CLIENT_SERVER_CREATE_VERIFY_SYSTEM_DB, RemoveDataEnv<0,USER_APP>)
{
// [prepare]
// start as system service
// try to create signature in system DB - expect fail
// [prepare]
- remove_user_data(USER_APP);
- GarbageCollector gc;
- const char *private_key_alias = "/ sys-db-priv";
- const char *public_key_alias = "/ sys-db-pub";
- gc.add(private_key_alias);
- gc.add(public_key_alias);
+ std::string private_key_alias = aliasWithLabel(SYSTEM_LABEL, "sys-db-priv");
+ std::string public_key_alias = aliasWithLabel(SYSTEM_LABEL, "sys-db-pub");
ckmc_policy_s policy_private_key;
ckmc_policy_s policy_public_key;
policy_private_key.password = NULL;
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE ==
(temp = ckmc_create_key_pair_rsa(1024,
- private_key_alias,
- public_key_alias,
+ private_key_alias.c_str(),
+ public_key_alias.c_str(),
policy_private_key,
policy_public_key)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- private_key_alias,
+ private_key_alias.c_str(),
NULL,
msg_buff,
hash_algo,
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- public_key_alias,
+ public_key_alias.c_str(),
NULL,
msg_buff,
*signature,
RUNNER_ASSERT_MSG(
CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_create_signature(
- private_key_alias,
+ private_key_alias.c_str(),
NULL,
msg_buff,
hash_algo,
}
}
-RUNNER_TEST(T5039_SYSTEM_APP_SET_REMOVE_ACCESS)
+RUNNER_TEST(T5039_SYSTEM_APP_SET_REMOVE_ACCESS, RemoveDataEnv<0>)
{
// [prepare]
// start as system service
// add remove permission to a user app - expect fail
// [prepare]
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
// [test]
allow_access_negative(TEST_SYSTEM_ALIAS.c_str(), TEST_LABEL, CKMC_PERMISSION_REMOVE, CKMC_ERROR_INVALID_PARAMETER);
}
-RUNNER_TEST(T5040_SYSTEM_SVC_ACCESS_DB)
+RUNNER_TEST(T5040_SYSTEM_SVC_ACCESS_DB, RemoveDataEnv<0>)
{
// [prepare]
// start as system service
// try to access the item - expect success
// [prepare]
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
// [test]
check_read(TEST_ALIAS, SYSTEM_LABEL, TEST_DATA);
}
-RUNNER_TEST(T5041_SYSTEM_SVC_1234_ACCESS_DB)
+RUNNER_TEST(T5041_SYSTEM_SVC_1234_ACCESS_DB, RemoveDataEnv<0>)
{
// [prepare]
// start as system service
// try to access the item - expect success
// [prepare]
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
// [test]
{
}
}
-RUNNER_TEST(T5043_SYSTEM_SVC_4999_ACCESS_DB)
+RUNNER_TEST(T5043_SYSTEM_SVC_4999_ACCESS_DB, RemoveDataEnv<0>)
{
// [prepare]
// start as system service
// try to access the item - expect success
// [prepare]
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
// [test]
{
}
}
-RUNNER_TEST(T5044_SYSTEM_SVC_5000_ACCESS_DB)
+RUNNER_TEST(T5044_SYSTEM_SVC_5000_ACCESS_DB, RemoveDataEnv<0>)
{
RUNNER_IGNORED_MSG("This test is turn off because fix "
"from tizen 2.4 that unlock db with empty password");
// try to access the item - expect fail (no system service)
// [prepare]
- GarbageCollector gc;
- gc.save(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
+ save_data(TEST_SYSTEM_ALIAS.c_str(), TEST_DATA);
// [test]
{
}
}
-RUNNER_TEST(T5045_SYSTEM_DB_ADD_WITH_INVALID_LABEL)
+RUNNER_TEST(T5045_SYSTEM_DB_ADD_WITH_INVALID_LABEL, RemoveDataEnv<0>)
{
// [prepare]
// start as system service
// try to add item to system DB using wrong label - expect fail
// try to add item using explicit system label - expect success
- // [prepare]
- remove_user_data(USER_APP);
-
// [test]
save_data(aliasWithLabel(INVALID_LABEL, TEST_ALIAS).c_str(), TEST_DATA, CKMC_ERROR_INVALID_PARAMETER);
check_read(TEST_ALIAS, INVALID_LABEL, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
projects / platform / core / test / security-tests.git / blobdiff