X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=src%2Fckm%2Fcapi-testcases.cpp;h=0de06f08a61e03051f5adbe7cd2dbe9f2792903f;hb=refs%2Fchanges%2F67%2F81467%2F3;hp=8961ba617e2c7b8ee52fd104a7690a96dd08d5b1;hpb=57c6caf20481518c3855a4ef8e769b5f69333fec;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

diff --git a/src/ckm/capi-testcases.cpp b/src/ckm/capi-testcases.cpp
index 8961ba6..0de06f0 100644
--- a/src/ckm/capi-testcases.cpp
+++ b/src/ckm/capi-testcases.cpp
@@ -18,6 +18,7 @@
 #include <ckm-common.h>
 
 #include <string>
+#include <fstream>
 #include <string.h>
 #include <stdio.h>
 #include <stddef.h>
@@ -27,7 +28,8 @@ namespace {
 const int USER_APP = 5000;
 const int GROUP_APP = 5000;
 const char* USER_PASS = "user-pass";
-const char* TEST_LABEL = "test_label";
+const char *const TEST_OBJECT1 = "OBJECT1";
+const std::string TEST_ALIAS1 = aliasWithLabel(TEST_LABEL,TEST_OBJECT1);
 const char* TEST_SYSTEM_ALIAS = "system-alias-1";
 const char* TEST_DATA = "ABCD";
 } // namespace anonymous
@@ -152,7 +154,7 @@ RUNNER_TEST(T3017_Control_C_API_remove_system_DB)
 	save_data(sharedDatabase(TEST_SYSTEM_ALIAS).c_str(), TEST_DATA);
 
 	// [test] - expect success
-	check_read(TEST_SYSTEM_ALIAS, ckmc_label_shared_owner, TEST_DATA);
+	check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA);
 
 	// remove user data - expect to map to the system DB
 	int temp;
@@ -161,12 +163,12 @@ RUNNER_TEST(T3017_Control_C_API_remove_system_DB)
 			CKMCReadableError(temp));
 
 	// [test] - expect fail
-	check_read(TEST_SYSTEM_ALIAS, ckmc_label_shared_owner, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
+	check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
 }
 
 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
 
-RUNNER_TEST(T3021_init_C_API)
+RUNNER_TEST(T30201_init_C_API)
 {
 	int temp;
 
@@ -176,7 +178,7 @@ RUNNER_TEST(T3021_init_C_API)
 			CKMCReadableError(temp));
 }
 
-RUNNER_TEST(T3022_key_C_API)
+RUNNER_TEST(T30202_RSA_key_C_API)
 {
 	int temp;
 
@@ -218,7 +220,32 @@ RUNNER_TEST(T3022_key_C_API)
 			CKMCReadableError(temp));
 }
 
-RUNNER_TEST(T3023_certificate_C_API)
+RUNNER_TEST(T30203_AES_key_C_API)
+{
+	int temp;
+	CKM::Alias alias = sharedDatabase("my_AES_key");
+	size_t key_length = 192;
+
+	ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
+	ckmc_key_s *test_key2;
+	ckmc_policy_s test_policy;
+	test_policy.password = NULL;
+	test_policy.extractable = 1;
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+			CKMCReadableError(temp));
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), NULL, &test_key2)),
+			CKMCReadableError(temp));
+
+	compare_AES_keys(test_key, test_key2);
+	ckmc_key_free(test_key);
+	ckmc_key_free(test_key2);
+}
+
+RUNNER_TEST(T30204_certificate_C_API)
 {
 	int temp;
 
@@ -251,7 +278,7 @@ RUNNER_TEST(T3023_certificate_C_API)
 	ckmc_cert_free(cert2);
 }
 
-RUNNER_TEST(T3024_certificate_remove_C_API)
+RUNNER_TEST(T30205_certificate_remove_C_API)
 {
 	int temp;
 
@@ -273,7 +300,7 @@ RUNNER_TEST(T3024_certificate_remove_C_API)
 			CKMCReadableError(temp));
 }
 
-RUNNER_TEST(T3025_certificate_list_C_API)
+RUNNER_TEST(T30206_certificate_list_C_API)
 {
 	int temp;
 
@@ -313,9 +340,9 @@ RUNNER_TEST(T3025_certificate_list_C_API)
 }
 
 
-RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
+RUNNER_CHILD_TEST(T30207_user_app_save_RSA_key_C_API)
 {
-	ScopedAccessProvider ap("mylabel");
+	ScopedAccessProvider ap(TEST_LABEL);
 	ap.allowAPI("key-manager::api-storage", "rw");
 	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
 
@@ -360,11 +387,64 @@ RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
 
 	//	 RUNNER_ASSERT_MSG(
 	//			 key.getDER() == key2.getDER(), "Key value has been changed by service");
+
+	delete [] char_keypem;
+}
+
+RUNNER_CHILD_TEST(T30208_user_app_save_AES_key_C_API)
+{
+	AccessProvider ap(TEST_LABEL);
+	ap.allowAPI("key-manager::api-storage", "rw");
+	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+	int temp;
+	const char* password = NULL;
+	size_t key_length = 192;
+	CKM::Alias alias = "my_AES_key";
+
+	ckmc_key_s *test_key = generate_AES_key(key_length, password);
+	ckmc_key_s *test_key2;
+	ckmc_policy_s test_policy;
+	test_policy.password = const_cast<char *>(password);
+	test_policy.extractable = 1;
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+			CKMCReadableError(temp));
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
+			CKMCReadableError(temp));
+
+	compare_AES_keys(test_key, test_key2);
+	ckmc_key_free(test_key);
+	ckmc_key_free(test_key2);
 }
 
-RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
+RUNNER_CHILD_TEST(T30209_user_app_save_AES_key_passwd_C_API)
 {
-	ScopedAccessProvider ap("mylabel");
+	AccessProvider ap(TEST_LABEL);
+	ap.allowAPI("key-manager::api-storage", "rw");
+	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+	int temp;
+	const char* password = "x";
+	size_t key_length = 192;
+	CKM::Alias alias = "my_AES_key-2";
+
+	ckmc_key_s *test_key = generate_AES_key(key_length, password);
+	ckmc_policy_s test_policy;
+	test_policy.password = const_cast<char *>(password);
+	test_policy.extractable = 1;
+
+	RUNNER_ASSERT_MSG(
+		CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+		CKMCReadableError(temp));
+	ckmc_key_free(test_key);
+}
+
+RUNNER_CHILD_TEST(T30210_app_user_save_RSA_keys_exportable_flag)
+{
+	ScopedAccessProvider ap(TEST_LABEL);
 	ap.allowAPI("key-manager::api-storage", "rw");
 	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
 
@@ -390,7 +470,7 @@ RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
 	test_key.raw_key = (unsigned char *)char_keypem;
 	test_key.key_size = keyPem.length();
 	test_key.key_type = CKMC_KEY_RSA_PUBLIC;
-	test_key.password = password;
+	test_key.password = NULL;
 
 	test_policy.password = password;
 	test_policy.extractable = 0;
@@ -404,8 +484,34 @@ RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
 			CKMCReadableError(temp));
 }
 
+RUNNER_CHILD_TEST(T30211_app_user_save_AES_keys_exportable_flag)
+{
+	AccessProvider ap(TEST_LABEL);
+	ap.allowAPI("key-manager::api-storage", "rw");
+	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
 
-RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
+	int temp;
+	const char* password = NULL;
+	size_t key_length = 256;
+	CKM::Alias alias = "my_AES_key-3";
+
+	ckmc_key_s *test_key = generate_AES_key(key_length, password);
+	ckmc_key_s *test_key2;
+	ckmc_policy_s test_policy;
+	test_policy.password = const_cast<char *>(password);
+	test_policy.extractable = 0;
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+			CKMCReadableError(temp));
+	ckmc_key_free(test_key);
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
+			CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T30212_certificate_with_DSA_key_C_API)
 {
 	int temp;
 
@@ -437,7 +543,7 @@ RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
 	ckmc_cert_free(cert2);
 }
 
-RUNNER_TEST(T3029_deinit_C_API)
+RUNNER_TEST(T30213_deinit_C_API)
 {
 	int temp;
 
@@ -463,7 +569,7 @@ RUNNER_TEST(T3031_init_C_API)
 			CKMCReadableError(temp));
 }
 
-RUNNER_TEST(T3032_save_keys_get_alias_C_API)
+RUNNER_TEST(T3032_save_asymmetric_keys_get_alias_C_API)
 {
 	int temp;
 
@@ -519,7 +625,7 @@ RUNNER_TEST(T3032_save_keys_get_alias_C_API)
 }
 
 
-RUNNER_TEST(T3033_remove_key_C_API)
+RUNNER_TEST(T3033_remove_asymmetric_key_C_API)
 {
 	int temp;
 
@@ -539,7 +645,72 @@ RUNNER_TEST(T3033_remove_key_C_API)
 			CKMCReadableError(temp));
 }
 
-RUNNER_TEST(T3034_deinit_C_API)
+RUNNER_TEST(T3034_save_symmetric_keys_get_alias_C_API)
+{
+	int temp;
+	size_t key_length = 128;
+	ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
+	ckmc_policy_s test_policy1, test_policy2, test_policy3;
+	test_policy1.password = NULL;
+	test_policy1.extractable = 1;
+
+	test_policy2.password = NULL;
+	test_policy2.extractable = 1;
+
+	test_policy3.password = NULL;
+	test_policy3.extractable = 1;
+
+	int current_aliases_num = count_aliases(ALIAS_KEY);
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key1").c_str(), *test_key, test_policy1)),
+			CKMCReadableError(temp));
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key2").c_str(), *test_key, test_policy2)),
+			CKMCReadableError(temp));
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key3").c_str(), *test_key, test_policy3)),
+			CKMCReadableError(temp));
+
+	RUNNER_ASSERT_MSG(
+			(current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
+			"Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+
+	ckmc_key_free(test_key);
+}
+
+
+RUNNER_TEST(T3035_remove_symmetric_key_C_API)
+{
+	int temp;
+
+	ckmc_key_s *test_key2;
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key1").c_str(), NULL, &test_key2)),
+			CKMCReadableError(temp));
+	validate_AES_key(test_key2);
+	ckmc_key_free(test_key2);
+
+	// actual test - remove middle item
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("AES_key2").c_str())),
+			CKMCReadableError(temp));
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(sharedDatabase("AES_key2").c_str(), NULL, &test_key2)),
+			CKMCReadableError(temp));
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key3").c_str(), NULL, &test_key2)),
+			CKMCReadableError(temp));
+	validate_AES_key(test_key2);
+	ckmc_key_free(test_key2);
+
+}
+
+RUNNER_TEST(T3036_deinit_C_API)
 {
 	int temp;
 
@@ -556,11 +727,8 @@ RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
 
 RUNNER_TEST(T3041_init_C_API)
 {
-	int temp;
 	remove_user_data(0);
-	RUNNER_ASSERT_MSG(
-			CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
-			CKMCReadableError(temp));
+	reset_user_data(USER_APP, "simple-password");
 }
 
 RUNNER_TEST(T3042_save_get_bin_data_C_API)
@@ -631,7 +799,7 @@ RUNNER_TEST(T3042_save_get_bin_data_C_API)
 
 RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
 {
-	ScopedAccessProvider ap("mylabel");
+	ScopedAccessProvider ap(TEST_LABEL);
 	ap.allowAPI("key-manager::api-storage", "rw");
 	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
 
@@ -715,7 +883,24 @@ RUNNER_TEST(T3044_remove_bin_data_C_API)
 			CKMCReadableError(temp));
 }
 
-RUNNER_TEST(T3045_deinit_C_API)
+RUNNER_TEST(T3045_save_big_data_C_API, RemoveDataEnv<USER_APP>)
+{
+	const size_t BIG_SIZE = 5000000;
+	ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP);
+
+	std::vector<char> big_data(BIG_SIZE);
+	std::ifstream is("/dev/urandom", std::ifstream::binary);
+	if(is)
+		is.read(big_data.data(), BIG_SIZE);
+
+	RUNNER_ASSERT_MSG(is,
+			"Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
+
+	save_data(TEST_ALIAS1.c_str(), big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
+	check_read(TEST_OBJECT1, TEST_LABEL, big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
+}
+
+RUNNER_TEST(T3050_deinit_C_API)
 {
 	int temp;
 
@@ -743,11 +928,11 @@ RUNNER_TEST(T3051_CAPI_init)
 			CKMCReadableError(temp));
 }
 
-RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
+RUNNER_CHILD_TEST(T3052_CAPI_create_RSA_key)
 {
 	int temp;
 
-	ScopedAccessProvider ap("mylabel");
+	ScopedAccessProvider ap(TEST_LABEL);
 	ap.allowAPI("key-manager::api-storage", "rw");
 	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
 
@@ -803,11 +988,11 @@ RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
 			CKMCReadableError(temp));
 }
 
-RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
+RUNNER_CHILD_TEST(T3053_CAPI_create_DSA_key)
 {
 	int temp;
 
-	AccessProvider ap("mylabel");
+	AccessProvider ap(TEST_LABEL);
 	ap.allowAPI("key-manager::api-storage", "rw");
 	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
 
@@ -865,7 +1050,36 @@ RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
 }
 
 
-RUNNER_TEST(T3054_CAPI_deinit)
+RUNNER_CHILD_TEST(T3054_CAPI_create_AES_key)
+{
+	int temp;
+	size_t size = 128;
+	CKM::Alias key_alias = sharedDatabase("AES-gen-test-1");
+	ckmc_policy_s policy_key;
+
+	policy_key.password = NULL;
+	policy_key.extractable = 1;
+
+	int current_aliases_num = count_aliases(ALIAS_KEY);
+
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_create_key_aes(size, key_alias.c_str(), policy_key)),
+			CKMCReadableError(temp));
+
+	RUNNER_ASSERT_MSG(
+			(current_aliases_num+1) == (temp = count_aliases(ALIAS_KEY)),
+			"Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
+
+	ckmc_key_s *get_AES_key = 0;
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_get_key(key_alias.c_str(), policy_key.password, &get_AES_key)),
+			CKMCReadableError(temp));
+	validate_AES_key(get_AES_key);
+	ckmc_key_free(get_AES_key);
+}
+
+
+RUNNER_TEST(T3055_CAPI_deinit)
 {
 	int temp;
 
@@ -963,7 +1177,6 @@ RUNNER_TEST(T3065_CAPI_deinit)
 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
 
 
-
 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
 
 RUNNER_TEST(T3071_CAPI_init)
@@ -1829,7 +2042,7 @@ RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
 }
 
 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
-	const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
+	const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
 	const char *password = "password";
 
 	int temp;
@@ -1881,7 +2094,7 @@ RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
 }
 
 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
-	const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
+	const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
 	const char *password = "password";
 
 	int temp;
@@ -1958,7 +2171,7 @@ RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
 	ckmc_pkcs12_s *ppkcs12 = NULL;
 	int temp;
 	RUNNER_ASSERT_MSG(
-			CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
+			CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/test1801.pkcs12", wrong_passwd, &ppkcs12)),
 			CKMCReadableError(temp));
 }
 
@@ -1967,7 +2180,7 @@ RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
 	ckmc_pkcs12_s *ppkcs12 = NULL;
 	int temp;
 	RUNNER_ASSERT_MSG(
-			CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
+			CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/pkcs.p12", NULL, &ppkcs12)),
 			CKMCReadableError(temp));
 
 	RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
@@ -2094,10 +2307,10 @@ RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
 
 	// remove the whole PKCS12 bundles
 	RUNNER_ASSERT_MSG(
-			CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_exportable.c_str())),
+			CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_exportable.c_str())),
 			CKMCReadableError(tmp));
 	RUNNER_ASSERT_MSG(
-			CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_not_exportable.c_str())),
+			CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_not_exportable.c_str())),
 			CKMCReadableError(tmp));
 
 	// expect lookup fails due to unknown alias
@@ -2141,10 +2354,10 @@ RUNNER_TEST(T3201_CAPI_unlock_database)
 
 RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
 {
+	ScopedDBUnlock unlock(USER_APP, USER_PASS);
 	ScopedAccessProvider ap(TEST_LABEL);
 	ap.allowAPI("key-manager::api-storage", "rw");
 	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-	ScopedDBUnlock unlock(USER_APP, USER_PASS);
 
 	int temp;
 	CKM::Alias alias = "mykey";
@@ -2160,9 +2373,6 @@ RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
 
 RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
 {
-	ScopedAccessProvider ap(TEST_LABEL);
-	ap.allowAPI("key-manager::api-storage", "rw");
-	ap.applyAndSwithToUser(USER_APP, GROUP_APP);
 	ScopedDBUnlock unlock(USER_APP, USER_PASS);
 
 	int temp;