CKM: CC mode uses user label to read & write keys.

[platform/core/test/security-tests.git] / tests / ckm / cc-mode.cpp

diff --git a/tests/ckm/cc-mode.cpp b/tests/ckm/cc-mode.cpp
index 3d62a54..e164917 100644 (file)
--- a/tests/ckm/cc-mode.cpp
+++ b/tests/ckm/cc-mode.cpp
@@ -51,13 +51,13 @@ const size_t MAX_RETRIES = 50;
 const char* const ENABLED = "Enabled";
 const char* const ENFORCING = "Enforcing";
 const char* const DISABLED = "Disabled";
+const char* const READY = "Ready";
+const char* const UNSET = "Unset"; // Meaningless value for unset.
 
+const char* const USER_LABEL = "User";
 const char* const CKM_LOCK = "/var/run/key-manager.pid";
 
 
-// disable CC
-int _unset_mdpp_key = vconf_unset(VCONFKEY_SECURITY_MDPP_STATE);
-
 // Wrapper for mdpp state that restores the original value upon destruction
 class MdppState
 {
@@ -74,26 +74,31 @@ private:
 
 MdppState::MdppState()
 {
+    ScopedLabel sl(USER_LABEL);
     m_original = vconf_get_str(VCONFKEY_SECURITY_MDPP_STATE);
 }
 
 MdppState::~MdppState()
 {
+    ScopedLabel sl(USER_LABEL);
     if (!m_original)
-        vconf_unset(VCONFKEY_SECURITY_MDPP_STATE);
+        vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, UNSET);
     else {
         vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, m_original);
-        free(m_original);
     }
 }
 
 void MdppState::set(const char* const value)
 {
+    ScopedLabel sl(USER_LABEL);
     if (value)
-        RUNNER_ASSERT_MSG(0 == vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, value),
-                             "vconf_set() failed");
+    {
+        int ret = vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, value);
+        RUNNER_ASSERT_MSG(0 == ret,
+                             "vconf_set() failed, ec: " << ret);
+    }
     else
-        vconf_unset(VCONFKEY_SECURITY_MDPP_STATE);
+        vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, UNSET);
 }
 
 void remove_user_data()
@@ -144,6 +149,10 @@ void read_key(ManagerShPtr& manager, const Alias& alias, int expected) {
 
 void read_keys(int expected)
 {
+// if mdpp is disabled at compilation time we expect that read_key always succeeds
+#ifndef DSECURITY_MDFPP_STATE_ENABLE
+    expected = CKM_API_SUCCESS;
+#endif
     auto manager = Manager::create();
 
     read_key(manager, rsa_pri_alias, expected);
@@ -198,6 +207,9 @@ RUNNER_TEST(TCC_0010_updateCCMode)
     mdpp.set(DISABLED);
     update_cc_mode();
 
+    mdpp.set(READY);
+    update_cc_mode();
+
     mdpp.set("whatever");
     update_cc_mode();
 }
@@ -234,6 +246,10 @@ RUNNER_TEST(TCC_0020_noListener)
     update_cc_mode();
     read_keys(CKM_API_ERROR_BAD_REQUEST);
 
+    mdpp.set(READY);
+    update_cc_mode();
+    read_keys(CKM_API_SUCCESS);
+
     mdpp.set("whatever");
     update_cc_mode();
     read_keys(CKM_API_SUCCESS);
@@ -290,6 +306,10 @@ RUNNER_TEST(TCC_0040_callbackRegistered)
     usleep(SLEEP); // give some time for notification to reach ckm
     read_keys(CKM_API_ERROR_BAD_REQUEST);
 
+    mdpp.set(READY);
+    usleep(SLEEP); // give some time for notification to reach ckm
+    read_keys(CKM_API_SUCCESS);
+
     mdpp.set(ENFORCING);
     usleep(SLEEP); // give some time for notification to reach ckm
     read_keys(CKM_API_ERROR_BAD_REQUEST);
@@ -330,6 +350,16 @@ RUNNER_TEST(TCC_0070_manualCkmEnforcing)
 }
 
 // run ckm manually and see if it properly loads mdpp setting
+RUNNER_TEST(TCC_0075_manualCkmReady)
+{
+    restart_ckm(READY);
+
+    remove_user_data();
+    save_keys();
+    read_keys(CKM_API_SUCCESS);
+}
+
+// run ckm manually and see if it properly loads mdpp setting
 RUNNER_TEST(TCC_0080_manualCkmWhatever)
 {
     restart_ckm("whatever");