#include <condition_variable>
#include <cassert>
+#include <ckmc/ckmc-type.h>
#include <ckm/ckm-manager-async.h>
#include <ckm/ckm-manager.h>
#include <ckm/ckm-control.h>
void ReceivedSaveCertificate() { Succeeded(); }
void ReceivedSaveData() { Succeeded(); }
- void ReceivedRemovedKey() { Succeeded(); }
- void ReceivedRemovedCertificate() { Succeeded(); }
- void ReceivedRemovedData() { Succeeded(); }
+ void ReceivedRemovedAlias() { Succeeded(); }
void ReceivedKey(Key &&) { Succeeded(); }
void ReceivedCertificate(Certificate &&) { Succeeded(); }
void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
void ReceivedVerifySignature() { Succeeded(); }
-
void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
- void ReceivedAllowAccess() { Succeeded(); }
- void ReceivedDenyAccess() { Succeeded(); }
+ void ReceivedSetPermission() { Succeeded(); }
+
void WaitForResponse()
{
{
int temp;
ControlShPtr control = Control::create();
- RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(APP_UID, TEST_PASS)),
- "Error=" << ErrorToString(temp));
RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
"Error=" << ErrorToString(temp));
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy());
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
test_negative(&ManagerAsync::saveKey,
CKM_API_ERROR_DB_ALIAS_EXISTS,
- dbc.key("alias"),
+ dbc.alias("alias"),
keys[RSA][0].prv,
Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy());
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
test_negative(&ManagerAsync::saveCertificate,
CKM_API_ERROR_DB_ALIAS_EXISTS,
- dbc.cert("alias"),
+ dbc.alias("alias"),
certs[0],
Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
test_negative(&ManagerAsync::saveData,
CKM_API_ERROR_DB_ALIAS_EXISTS,
- dbc.data("alias"),
+ dbc.alias("alias"),
test_buffer,
Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
}
// removeKey
-RUNNER_CHILD_TEST(TA0310_remove_key_invalid_param)
+RUNNER_CHILD_TEST(TA0310_remove_alias_invalid_param)
{
switch_to_storage_user(TEST_LABEL);
- test_no_observer(&ManagerAsync::removeKey, "alias");
- test_invalid_param(&ManagerAsync::removeKey, "");
+ test_no_observer(&ManagerAsync::removeAlias, "alias");
+ test_invalid_param(&ManagerAsync::removeAlias, "");
}
-RUNNER_CHILD_TEST(TA0330_remove_key_unknown_alias)
+RUNNER_CHILD_TEST(TA0330_remove_alias_unknown_alias)
{
switch_to_storage_user(TEST_LABEL);
- test_negative(&ManagerAsync::removeKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
}
RUNNER_CHILD_TEST(TA0350_remove_key_positive)
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy());
- test_positive(&ManagerAsync::removeKey, dbc.key("alias"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
}
-// removeCert
-RUNNER_CHILD_TEST(TA0410_remove_cert_invalid_param)
-{
- switch_to_storage_user(TEST_LABEL);
-
- test_no_observer(&ManagerAsync::removeCertificate, "alias");
- test_invalid_param(&ManagerAsync::removeCertificate, "");
-}
-
-RUNNER_CHILD_TEST(TA0430_remove_cert_unknown_alias)
-{
- switch_to_storage_user(TEST_LABEL);
-
- test_negative(&ManagerAsync::removeCertificate,
- CKM_API_ERROR_DB_ALIAS_UNKNOWN,
- "non-existing-alias");
-}
-
RUNNER_CHILD_TEST(TA0450_remove_cert_positive)
{
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy());
- test_positive(&ManagerAsync::removeCertificate, dbc.cert("alias"));
-}
-
-
-// removeData
-RUNNER_CHILD_TEST(TA0510_remove_data_invalid_param)
-{
- switch_to_storage_user(TEST_LABEL);
-
- test_no_observer(&ManagerAsync::removeData, "alias");
- test_invalid_param(&ManagerAsync::removeData, "");
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
}
-RUNNER_CHILD_TEST(TA0530_remove_data_unknown_alias)
-{
- switch_to_storage_user(TEST_LABEL);
-
- test_negative(&ManagerAsync::removeData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
-}
RUNNER_CHILD_TEST(TA0550_remove_data_positive)
{
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
- test_positive(&ManagerAsync::removeData, dbc.data("alias"));
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
test_negative(&ManagerAsync::getKey,
CKM_API_ERROR_SERVER_ERROR,
- dbc.key("alias"),
+ dbc.alias("alias"),
"wrong-password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
- test_positive(&ManagerAsync::getKey, dbc.key("alias"), "password");
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
+ test_positive(&ManagerAsync::getKey, dbc.alias("alias"), "password");
}
DBCleanup dbc;
test_positive(&ManagerAsync::saveCertificate,
- dbc.cert("alias"),
+ dbc.alias("alias"),
certs[0],
Policy("password"));
test_negative(&ManagerAsync::getCertificate,
CKM_API_ERROR_SERVER_ERROR,
- dbc.cert("alias"),
+ dbc.alias("alias"),
"wrong-password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy("password"));
- test_positive(&ManagerAsync::getCertificate, dbc.cert("alias"), "password");
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy("password"));
+ test_positive(&ManagerAsync::getCertificate, dbc.alias("alias"), "password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy("password"));
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
test_negative(&ManagerAsync::getData,
CKM_API_ERROR_SERVER_ERROR,
- dbc.data("alias"),
+ dbc.alias("alias"),
"wrong-password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy("password"));
- test_positive(&ManagerAsync::getData, dbc.data("alias"), "password");
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
+ test_positive(&ManagerAsync::getData, dbc.alias("alias"), "password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias1"), keys[RSA][0].prv, Policy());
- test_check_aliases(&ManagerAsync::getKeyAliasVector, { Alias(dbc.key("alias1")) });
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias1"), keys[RSA][0].prv, Policy());
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
- test_positive(&ManagerAsync::saveKey, dbc.key("alias2"), keys[DSA][0].prv, Policy());
- test_check_aliases(&ManagerAsync::getKeyAliasVector, { Alias(dbc.key("alias1")),
- Alias(dbc.key("alias2")) });
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias2"), keys[DSA][0].prv, Policy());
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
- test_positive(&ManagerAsync::removeKey, dbc.key("alias1"));
- test_check_aliases(&ManagerAsync::getKeyAliasVector, { Alias(dbc.key("alias2")) });
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias1"), certs[0], Policy());
- test_check_aliases(&ManagerAsync::getCertificateAliasVector, { Alias(dbc.cert("alias1")) });
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), certs[0], Policy());
+ test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
- test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias2"), certs[1], Policy());
- test_check_aliases(&ManagerAsync::getCertificateAliasVector, { Alias(dbc.cert("alias1")),
- Alias(dbc.cert("alias2")) });
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), certs[1], Policy());
+ test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
- test_positive(&ManagerAsync::removeCertificate, dbc.cert("alias1"));
- test_check_aliases(&ManagerAsync::getCertificateAliasVector, { Alias(dbc.cert("alias2")) });
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
+ test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias1"), test_buffer, Policy());
- test_check_aliases(&ManagerAsync::getDataAliasVector, { Alias(dbc.data("alias1")) });
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias1"), test_buffer, Policy());
+ test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
- test_positive(&ManagerAsync::saveData, dbc.data("alias2"), test_buffer, Policy());
- test_check_aliases(&ManagerAsync::getDataAliasVector, { Alias(dbc.data("alias1")),
- Alias(dbc.data("alias2")) });
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
+ test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
- test_positive(&ManagerAsync::removeData, dbc.data("alias1"));
- test_check_aliases(&ManagerAsync::getDataAliasVector, { Alias(dbc.data("alias2")) });
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
+ test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy());
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy());
test_negative(&ManagerAsync::createKeyPairRSA,
CKM_API_ERROR_DB_ALIAS_EXISTS,
1024,
- dbc.key("alias_prv"),
- dbc.key("alias_pub"),
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
Policy(),
Policy());
}
DBCleanup dbc;
test_positive(&ManagerAsync::createKeyPairRSA,
1024,
- dbc.key("alias_prv"),
- dbc.key("alias_pub"),
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
Policy(),
Policy());
- test_check_aliases(&ManagerAsync::getKeyAliasVector, { Alias(dbc.data("alias_prv")),
- Alias(dbc.data("alias_pub")) });
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
}
// createKeyPairDSA
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[DSA][0].prv, Policy());
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[DSA][0].prv, Policy());
test_negative(&ManagerAsync::createKeyPairDSA,
CKM_API_ERROR_DB_ALIAS_EXISTS,
1024,
- dbc.key("alias_prv"),
- dbc.key("alias_pub"),
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
Policy(),
Policy());
}
DBCleanup dbc;
test_positive(&ManagerAsync::createKeyPairDSA,
1024,
- dbc.key("alias_prv"),
- dbc.key("alias_pub"),
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
Policy(),
Policy());
- test_check_aliases(&ManagerAsync::getKeyAliasVector, { Alias(dbc.data("alias_prv")),
- Alias(dbc.data("alias_pub")) });
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
}
// createKeyPairECDSA
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[ECDSA][0].prv, Policy());
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[ECDSA][0].prv, Policy());
test_negative(&ManagerAsync::createKeyPairECDSA,
CKM_API_ERROR_DB_ALIAS_EXISTS,
ElipticCurve::prime192v1,
- dbc.key("alias_prv"),
- dbc.key("alias_pub"),
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
Policy(),
Policy());
}
DBCleanup dbc;
test_positive(&ManagerAsync::createKeyPairECDSA,
ElipticCurve::prime192v1,
- dbc.key("alias_prv"),
- dbc.key("alias_pub"),
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
Policy(),
Policy());
- test_check_aliases(&ManagerAsync::getKeyAliasVector, { Alias(dbc.data("alias_prv")),
- Alias(dbc.data("alias_pub")) });
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
}
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
certv);
- AliasVector aliasv = { dbc.cert("alias") };
+ AliasVector aliasv = { dbc.alias("alias") };
test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[0], Policy());
test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
CertificateShPtrVector certv = { certs[1] };
test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain, 3, cert, certv);
- AliasVector aliasv = { dbc.cert("alias") };
+ AliasVector aliasv = { dbc.alias("alias") };
test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[1], Policy());
test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain, 3, cert, aliasv);
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
test_negative(&ManagerAsync::createSignature,
CKM_API_ERROR_INPUT_PARAM,
- dbc.key("alias"),
+ dbc.alias("alias"),
"wrong-password",
RawBuffer(),
HashAlgorithm::SHA1,
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
test_positive(&ManagerAsync::createSignature,
- dbc.key("alias"),
+ dbc.alias("alias"),
"password",
test_buffer,
HashAlgorithm::SHA1,
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
auto obs = test_positive(&ManagerAsync::createSignature,
- dbc.key("alias_prv"),
+ dbc.alias("alias_prv"),
"pass1",
test_buffer,
HashAlgorithm::SHA1,
test_negative(&ManagerAsync::verifySignature,
CKM_API_ERROR_SERVER_ERROR,
- dbc.key("alias_pub"),
+ dbc.alias("alias_pub"),
"wrong-password",
test_buffer,
obs->m_signed,
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy(""));
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy(""));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
auto obs = test_positive(&ManagerAsync::createSignature,
- dbc.key("alias_prv"),
+ dbc.alias("alias_prv"),
"",
test_buffer,
HashAlgorithm::SHA1,
test_negative(&ManagerAsync::verifySignature,
CKM_API_ERROR_VERIFICATION_FAILED,
- dbc.key("alias_pub"),
+ dbc.alias("alias_pub"),
"",
raw_buffer("invalid-unsigned-mesage"),
obs->m_signed,
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy(""));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
test_negative(&ManagerAsync::verifySignature,
CKM_API_ERROR_VERIFICATION_FAILED,
- dbc.key("alias_pub"),
+ dbc.alias("alias_pub"),
"",
test_buffer,
raw_buffer("invalid-signature"),
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy(""));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
auto obs = test_positive(&ManagerAsync::createSignature,
- dbc.key("alias_prv"),
+ dbc.alias("alias_prv"),
"",
test_buffer,
HashAlgorithm::SHA1,
test_negative(&ManagerAsync::verifySignature,
CKM_API_ERROR_SERVER_ERROR,
- dbc.key("alias_prv"),
+ dbc.alias("alias_prv"),
"",
test_buffer,
obs->m_signed,
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
- test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
auto obs = test_positive(&ManagerAsync::createSignature,
- dbc.key("alias_prv"),
+ dbc.alias("alias_prv"),
"pass1",
test_buffer,
HashAlgorithm::SHA1,
RSAPaddingAlgorithm::PKCS1);
test_positive(&ManagerAsync::verifySignature,
- dbc.key("alias_pub"),
+ dbc.alias("alias_pub"),
"pass2",
test_buffer,
obs->m_signed,
"Verification failed. Error: " << obs->m_ocspStatus);
}
-// allowAccess
+// setPermission
RUNNER_CHILD_TEST(TA1810_allow_access_invalid_param)
{
switch_to_storage_user(TEST_LABEL);
- test_no_observer(&ManagerAsync::allowAccess, "alias", "accessor", AccessRight::AR_READ_REMOVE);
- test_invalid_param(&ManagerAsync::allowAccess, "", "accessor", AccessRight::AR_READ_REMOVE);
- test_invalid_param(&ManagerAsync::allowAccess, "alias", "", AccessRight::AR_READ_REMOVE);
+ test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
+ test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
+ test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::READ | CKM::Permission::REMOVE);
}
RUNNER_TEST(TA1820_allow_access)
{
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
- test_positive(&ManagerAsync::saveData, dbc.data("alias2"), test_buffer, Policy());
- test_positive(&ManagerAsync::saveData, dbc.data("alias3"), test_buffer, Policy());
- test_positive(&ManagerAsync::allowAccess,
- dbc.data("alias2"),
+ CharPtr top_label = get_label();
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias3"), test_buffer, Policy());
+ test_positive(&ManagerAsync::setPermission,
+ dbc.alias("alias2"),
TEST_LABEL,
- AccessRight::AR_READ);
- test_positive(&ManagerAsync::allowAccess,
- dbc.data("alias3"),
+ CKM::Permission::READ);
+ test_positive(&ManagerAsync::setPermission,
+ dbc.alias("alias3"),
TEST_LABEL,
- AccessRight::AR_READ_REMOVE);
+ CKM::Permission::READ | CKM::Permission::REMOVE);
{
ScopedLabel label(TEST_LABEL);
- test_negative(&ManagerAsync::getData, CKM_API_ERROR_ACCESS_DENIED, dbc.data("alias"), "");
- test_negative(&ManagerAsync::removeData, CKM_API_ERROR_ACCESS_DENIED, dbc.data("alias"));
+ test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"), "");
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"));
+
+ // test from allowed label, but without properly addressing alias (coming from default label)
+ test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias2"), "");
- test_positive(&ManagerAsync::getData, dbc.data("alias2"), "");
- test_negative(&ManagerAsync::removeData, CKM_API_ERROR_ACCESS_DENIED, dbc.data("alias2"));
+ // now test with appropriate addressing
+ std::string full_alias2_address = aliasWithLabel(top_label.get(), dbc.alias("alias2"));
+ test_positive(&ManagerAsync::getData, full_alias2_address, "");
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_ACCESS_DENIED, full_alias2_address);
- test_positive(&ManagerAsync::getData, dbc.data("alias3"), "");
- test_positive(&ManagerAsync::removeData, dbc.data("alias3"));
+ std::string full_alias3_address = aliasWithLabel(top_label.get(), dbc.alias("alias3"));
+ test_positive(&ManagerAsync::getData, full_alias3_address, "");
+ test_positive(&ManagerAsync::removeAlias, full_alias3_address);
}
}
{
switch_to_storage_user(TEST_LABEL);
- test_no_observer(&ManagerAsync::denyAccess, "alias", "accessor");
- test_invalid_param(&ManagerAsync::denyAccess, "", "accessor");
- test_invalid_param(&ManagerAsync::denyAccess, "alias", "");
+ test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::NONE);
+ test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::NONE);
+ test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::NONE);
}
RUNNER_TEST(TA1920_deny_access)
{
DBCleanup dbc;
- test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
- test_positive(&ManagerAsync::allowAccess,
- dbc.data("alias"),
+ CharPtr top_label = get_label();
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::setPermission,
+ dbc.alias("alias"),
TEST_LABEL,
- AccessRight::AR_READ_REMOVE);
- test_positive(&ManagerAsync::denyAccess, dbc.data("alias"), TEST_LABEL);
+ CKM::Permission::READ | CKM::Permission::REMOVE);
+ test_positive(&ManagerAsync::setPermission, dbc.alias("alias"), TEST_LABEL, CKM::Permission::NONE);
{
ScopedLabel label(TEST_LABEL);
- test_negative(&ManagerAsync::getData, CKM_API_ERROR_ACCESS_DENIED, dbc.data("alias"), "");
- test_negative(&ManagerAsync::removeData, CKM_API_ERROR_ACCESS_DENIED, dbc.data("alias"));
+ std::string full_alias_address = aliasWithLabel(top_label.get(), dbc.alias("alias"));
+ test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address, "");
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address);
}
}
projects / platform / core / test / security-tests.git / blobdiff