X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=tests%2Ftest_db_crypto.cpp;h=a4934484ffc7ddc564d7946d68bcfdb7bab0a47a;hb=ea59c2825e3b8bb2b42ea30f113a96e32dff16bb;hp=4344541b08e06dd3c8bd748d153aa7446ec26b50;hpb=258a1480470b000782260ac7034f33476d43af3b;p=platform%2Fcore%2Fsecurity%2Fkey-manager.git

diff --git a/tests/test_db_crypto.cpp b/tests/test_db_crypto.cpp
index 4344541..a493448 100644
--- a/tests/test_db_crypto.cpp
+++ b/tests/test_db_crypto.cpp
@@ -1,5 +1,4 @@
 #include <boost/test/unit_test.hpp>
-#include <boost/test/results_reporter.hpp>
 #include <unistd.h>
 #include <db-crypto.h>
 #include <iostream>
@@ -9,8 +8,6 @@
 #include <test_common.h>
 #include <DBFixture.h>
 
-BOOST_GLOBAL_FIXTURE(TestConfig)
-
 using namespace CKM;
 
 namespace
@@ -19,15 +16,15 @@ const int restricted_local = 1;
 const int restricted_global = 0;
 
 const unsigned int c_test_retries = 1000;
-const unsigned int c_num_aliases = 500;
-const unsigned int c_num_aliases_add_test = 5000;
-const unsigned int c_alias_per_label = 15;
-}
+const unsigned int c_num_names = 500;
+const unsigned int c_num_names_add_test = 5000;
+const unsigned int c_names_per_label = 15;
 
+} // namespace anonymous
 
 BOOST_FIXTURE_TEST_SUITE(DBCRYPTO_TEST, DBFixture)
 BOOST_AUTO_TEST_CASE(DBtestSimple) {
-    DBRow rowPattern = create_default_row();
+    DB::Row rowPattern = create_default_row();
     rowPattern.data = RawBuffer(32, 1);
     rowPattern.dataSize = rowPattern.data.size();
     rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
@@ -35,7 +32,7 @@ BOOST_AUTO_TEST_CASE(DBtestSimple) {
     check_DB_integrity(rowPattern);
 }
 BOOST_AUTO_TEST_CASE(DBtestBIG) {
-    DBRow rowPattern = create_default_row();
+    DB::Row rowPattern = create_default_row();
     rowPattern.data = createBigBlob(4096);
     rowPattern.dataSize = rowPattern.data.size();
     rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
@@ -43,263 +40,152 @@ BOOST_AUTO_TEST_CASE(DBtestBIG) {
     check_DB_integrity(rowPattern);
 }
 BOOST_AUTO_TEST_CASE(DBtestGlobal) {
-    DBRow rowPattern = create_default_row();
+    DB::Row rowPattern = create_default_row();
     rowPattern.data = RawBuffer(1024, 2);
     rowPattern.dataSize = rowPattern.data.size();
     rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
 
-    BOOST_REQUIRE_NO_THROW(m_db.saveDBRow(rowPattern));
-
-    DBRow alias_duplicate = rowPattern;
-    rowPattern.smackLabel = rowPattern.smackLabel + "1";
+    BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
 
-    BOOST_REQUIRE_THROW(m_db.saveDBRow(alias_duplicate),
-            DBCrypto::Exception::AliasExists);
+    DB::Row name_duplicate = rowPattern;
+    rowPattern.ownerLabel = rowPattern.ownerLabel + "1";
 }
 BOOST_AUTO_TEST_CASE(DBtestTransaction) {
-    DBRow rowPattern = create_default_row();
+    DB::Row rowPattern = create_default_row();
     rowPattern.data = RawBuffer(100, 20);
     rowPattern.dataSize = rowPattern.data.size();
     rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
-    DBCrypto::Transaction transaction(&m_db);
+    DB::Crypto::Transaction transaction(&m_db);
 
-    BOOST_REQUIRE_NO_THROW(m_db.saveDBRow(rowPattern));
+    BOOST_REQUIRE_NO_THROW(m_db.saveRow(rowPattern));
     BOOST_REQUIRE_NO_THROW(transaction.rollback());
 
-    DBCrypto::DBRowOptional row_optional;
-    BOOST_REQUIRE_NO_THROW(row_optional = m_db.getDBRow(m_default_alias, m_default_label,
-            DBDataType::BINARY_DATA));
+    DB::Crypto::RowOptional row_optional;
+    BOOST_REQUIRE_NO_THROW(row_optional = m_db.getRow(m_default_name, m_default_label,
+                                                      DataType::BINARY_DATA));
     BOOST_CHECK_MESSAGE(!row_optional, "Row still present after rollback");
-
 }
 
-BOOST_AUTO_TEST_CASE(DBaddDataCheckIfPermissionIsAdded)
-{
-    std::string row_A_alias, row_B_alias;
-    std::string row_A_label, row_B_label;
-    generate_alias(0, row_A_alias); generate_label(0, row_A_label);
-    generate_alias(1, row_B_alias); generate_label(1, row_B_label);
-
-    // insert initial data set
-    insert_row(row_A_alias, row_A_label);
-    insert_row(row_B_alias, row_B_label);
-    read_row_expect_success(row_A_alias, row_A_label);
-    read_row_expect_success(row_B_alias, row_B_label);
-
-    // verify that no entries present in the permission table
-    // read row A from label B and vice versa
-    read_row_expect_fail(row_A_alias, row_B_label);
-    read_row_expect_fail(row_B_alias, row_A_label);
-
-    // add appropriate permissions for label B
-    add_permission(row_A_alias, row_A_label, row_B_label);
-
-    // B should have access to A, while A should not to B
-    // read row A from label B and vice versa
-    read_row_expect_success(row_A_alias, row_B_label);
-    read_row_expect_fail(row_B_alias, row_A_label);
-
-    // add appropriate permissions for label A
-    add_permission(row_B_alias, row_B_label, row_A_label);
-
-    // B should have access to A, same as A have access to B
-    // read row A from label B and vice versa
-    read_row_expect_success(row_A_alias, row_B_label);
-    read_row_expect_success(row_B_alias, row_A_label);
-}
+BOOST_AUTO_TEST_CASE(DBtestBackend) {
+    DB::Row rowPattern = create_default_row();
+    rowPattern.data = RawBuffer(32, 1);
+    rowPattern.dataSize = rowPattern.data.size();
+    rowPattern.tag = RawBuffer(AES_GCM_TAG_SIZE, 1);
+
+    rowPattern.backendId =  CryptoBackend::OpenSSL;
+    check_DB_integrity(rowPattern);
 
+    rowPattern.backendId =  CryptoBackend::TrustZone;
+    check_DB_integrity(rowPattern);
 
-BOOST_AUTO_TEST_CASE(DBremoveDataCheckIfPermissionIsRemoved)
-{
-    std::string row_A_alias, row_B_alias, row_C_alias;
-    std::string row_A_label, row_B_label, row_C_label;
-    generate_alias(0, row_A_alias); generate_label(0, row_A_label);
-    generate_alias(1, row_B_alias); generate_label(1, row_B_label);
-    generate_alias(2, row_C_alias); generate_label(2, row_C_label);
-
-    // insert initial data set
-    insert_row(row_A_alias, row_A_label);
-    insert_row(row_B_alias, row_B_label);
-    insert_row(row_C_alias, row_C_label);
-    add_permission(row_A_alias, row_A_label, row_B_label);
-    add_permission(row_B_alias, row_B_label, row_A_label);
-    // to test multiple permissions removal
-    // put intentionally after row_B_alias permission entry
-    add_permission(row_A_alias, row_A_label, row_C_label);
-
-    // B should have access to A, same as A have access to B
-    // read row A from label B and vice versa
-    read_row_expect_success(row_A_alias, row_B_label);
-    read_row_expect_success(row_A_alias, row_C_label);
-    read_row_expect_success(row_B_alias, row_A_label);
-    read_row_expect_fail(row_B_alias, row_C_label);
-
-    // remove data A - expect permissions for B and C to be removed as well
-    delete_row(row_A_alias, row_A_label);
-    // insert it again - expect permissions for label B and C not to be there anymore
-    insert_row(row_A_alias, row_A_label);
-
-    // read row A from label B and vice versa
-    read_row_expect_fail(row_A_alias, row_B_label);
-    read_row_expect_fail(row_A_alias, row_C_label);
-    read_row_expect_success(row_B_alias, row_A_label);
-
-    // remove data B - expect permission to be removed as well
-    delete_row(row_B_alias, row_B_label);
-    // insert it again - expect permissions for label A not to be there anymore
-    insert_row(row_B_alias, row_B_label);
-
-    // read row A from label B and vice versa
-    read_row_expect_fail(row_A_alias, row_B_label);
-    read_row_expect_fail(row_A_alias, row_C_label);
-    read_row_expect_fail(row_B_alias, row_A_label);
-
-    // sanity check: data exists
-    read_row_expect_success(row_A_alias, row_A_label);
-    read_row_expect_success(row_B_alias, row_B_label);
+    rowPattern.backendId =  CryptoBackend::None;
+    check_DB_integrity(rowPattern);
 }
+
 BOOST_AUTO_TEST_SUITE_END()
 
 
 
 BOOST_FIXTURE_TEST_SUITE(DBCRYPTO_PERF_TEST, DBFixture)
 
-BOOST_AUTO_TEST_CASE(DBperfAddAliases)
+BOOST_AUTO_TEST_CASE(DBperfAddNames)
 {
     // actual test
-    performance_start("saveDBRow");
+    performance_start("saveRow");
     {
-        generate_perf_DB(c_num_aliases_add_test, c_alias_per_label);
+        generate_perf_DB(c_num_names_add_test, c_names_per_label);
     }
-    performance_stop(c_num_aliases_add_test);
+    performance_stop(c_num_names_add_test);
 }
 
 BOOST_AUTO_TEST_CASE(DBperfLookupAliasByOwner)
 {
     // prepare data
-    generate_perf_DB(c_num_aliases, c_alias_per_label);
+    generate_perf_DB(c_num_names, c_names_per_label);
 
-    unsigned int num_labels = c_num_aliases/c_alias_per_label;
-    std::string alias, label;
+    unsigned int num_labels = c_num_names/c_names_per_label;
+    Name name;
+    Label label;
 
     // actual test - successful lookup
-    performance_start("getDBRow");
+    performance_start("getRow");
     for(unsigned int t=0; t<c_test_retries; t++)
     {
         int label_num = rand() % num_labels;
         generate_label(label_num, label);
 
-        unsigned int start_alias = label_num*c_alias_per_label;
-        for(unsigned int alias_num=start_alias; alias_num<(start_alias+c_alias_per_label); alias_num++)
+        unsigned int start_name = label_num*c_names_per_label;
+        for(unsigned int name_num=start_name; name_num<(start_name+c_names_per_label); name_num++)
         {
-            generate_alias(alias_num, alias);
-            read_row_expect_success(alias, label);
+            generate_name(name_num, name);
+            read_row_expect_success(name, label);
         }
     }
-    performance_stop(c_test_retries * c_num_aliases);
-}
-
-BOOST_AUTO_TEST_CASE(DBperfLookupAliasByNotAllowed)
-{
-    // prepare data
-    generate_perf_DB(c_num_aliases, c_alias_per_label);
-
-    std::string alias, label;
-    const unsigned int unavailable_label_idx = (c_num_aliases/c_alias_per_label) + 1;
-    generate_label(unavailable_label_idx, label);
-
-    // actual test - failure lookup
-    performance_start("getDBRow");
-    for(unsigned int t=0; t<c_test_retries; t++)
-    {
-        generate_alias(rand()%c_num_aliases, alias);
-
-        read_row_expect_fail(alias, label);
-    }
-    performance_stop(c_test_retries * c_num_aliases);
+    performance_stop(c_test_retries * c_num_names);
 }
 
 BOOST_AUTO_TEST_CASE(DBperfLookupAliasRandomOwnershipNoPermissions)
 {
     // prepare data
-    generate_perf_DB(c_num_aliases, c_alias_per_label);
+    generate_perf_DB(c_num_names, c_names_per_label);
 
-    std::string alias, label;
-    unsigned int num_labels = c_num_aliases / c_alias_per_label;
+    Name name;
+    Label owner_label;
+    Label smack_label;
+    unsigned int num_labels = c_num_names / c_names_per_label;
 
     // actual test - random lookup
-    performance_start("getDBRow");
+    performance_start("getRow");
     for(unsigned int t=0; t<c_test_retries; t++)
     {
-        generate_alias(rand()%c_num_aliases, alias);
-        generate_label(rand()%num_labels, label);
+        int name_idx = rand()%c_num_names;
+        generate_name(name_idx, name);
+        generate_label(name_idx/c_names_per_label, owner_label);
+        generate_label(rand()%num_labels, smack_label);
 
-        try
-        {
-            m_db.getDBRow(alias, label, DBDataType::BINARY_DATA);
-        }
-        catch (const DBCrypto::Exception::PermissionDenied &e) {}
+        // do not care of result
+        m_db.getRow(name, owner_label, DataType::BINARY_DATA);
     }
-    performance_stop(c_test_retries * c_num_aliases);
+    performance_stop(c_test_retries * c_num_names);
 }
 
 BOOST_AUTO_TEST_CASE(DBperfAddPermissions)
 {
     // prepare data
-    generate_perf_DB(c_num_aliases, c_alias_per_label);
+    generate_perf_DB(c_num_names, c_names_per_label);
 
     // actual test - add access rights
-    performance_start("setAccessRights");
-    long iterations = add_full_access_rights(c_num_aliases, c_alias_per_label);
+    performance_start("setPermission");
+    long iterations = add_full_access_rights(c_num_names, c_names_per_label);
     performance_stop(iterations);
 }
 
-BOOST_AUTO_TEST_CASE(DBperfLookupAliasRandomOwnershipWithPermissions)
-{
-    // prepare data
-    generate_perf_DB(c_num_aliases, c_alias_per_label);
-    add_full_access_rights(c_num_aliases, c_alias_per_label);
-
-    std::string alias, label;
-    unsigned int num_labels = c_num_aliases / c_alias_per_label;
-
-    // actual test - random lookup
-    performance_start("getDBRow/perm");
-    for(unsigned int t=0; t<c_test_retries; t++)
-    {
-        generate_alias(rand()%c_num_aliases, alias);
-        generate_label(rand()%num_labels, label);
-
-        read_row_expect_success(alias, label);
-    }
-    performance_stop(c_test_retries * c_num_aliases);
-}
-
 BOOST_AUTO_TEST_CASE(DBperfAliasRemoval)
 {
     // prepare data
-    generate_perf_DB(c_num_aliases, c_alias_per_label);
-    add_full_access_rights(c_num_aliases, c_alias_per_label);
+    generate_perf_DB(c_num_names, c_names_per_label);
+    add_full_access_rights(c_num_names, c_names_per_label);
 
     // actual test - random lookup
-    performance_start("deleteDBRow");
-    std::string alias, label;
-    for(unsigned int t=0; t<c_num_aliases; t++)
+    performance_start("deleteRow");
+    Name name;
+    Label label;
+    for(unsigned int t=0; t<c_num_names; t++)
     {
-        generate_alias(t, alias);
-        generate_label(t/c_alias_per_label, label);
+        generate_name(t, name);
+        generate_label(t/c_names_per_label, label);
 
-        BOOST_REQUIRE_NO_THROW(m_db.deleteDBRow(alias, label));
+        BOOST_REQUIRE_NO_THROW(m_db.deleteRow(name, label));
     }
-    performance_stop(c_num_aliases);
+    performance_stop(c_num_names);
 
     // verify everything has been removed
-    unsigned int num_labels = c_num_aliases / c_alias_per_label;
+    unsigned int num_labels = c_num_names / c_names_per_label;
     for(unsigned int l=0; l<num_labels; l++)
     {
         generate_label(l, label);
-        AliasVector expect_no_data;
-        BOOST_REQUIRE_NO_THROW(m_db.getAliases(label, DBDataType::BINARY_DATA, expect_no_data));
+        LabelNameVector expect_no_data;
+        BOOST_REQUIRE_NO_THROW(m_db.listNames(label, expect_no_data, DataType::BINARY_DATA));
         BOOST_REQUIRE(0 == expect_no_data.size());
     }
 }
@@ -307,24 +193,144 @@ BOOST_AUTO_TEST_CASE(DBperfAliasRemoval)
 BOOST_AUTO_TEST_CASE(DBperfGetAliasList)
 {
     // prepare data
-    generate_perf_DB(c_num_aliases, c_alias_per_label);
-    add_full_access_rights(c_num_aliases, c_alias_per_label);
+    generate_perf_DB(c_num_names, c_names_per_label);
+    add_full_access_rights(c_num_names, c_names_per_label);
 
-    unsigned int num_labels = c_num_aliases / c_alias_per_label;
-    std::string label;
+    unsigned int num_labels = c_num_names / c_names_per_label;
+    Label label;
 
     // actual test - random lookup
-    performance_start("getAliases");
+    performance_start("listNames");
     for(unsigned int t=0; t<(c_test_retries/num_labels); t++)
     {
-        AliasVector ret_list;
+        LabelNameVector ret_list;
         generate_label(rand()%num_labels, label);
 
-        BOOST_REQUIRE_NO_THROW(m_db.getAliases(label, DBDataType::BINARY_DATA, ret_list));
-        BOOST_REQUIRE(c_num_aliases == ret_list.size());
+        BOOST_REQUIRE_NO_THROW(m_db.listNames(label, ret_list, DataType::BINARY_DATA));
+        BOOST_REQUIRE(c_num_names == ret_list.size());
         ret_list.clear();
     }
     performance_stop(c_test_retries/num_labels);
 }
+BOOST_AUTO_TEST_SUITE_END()
+
+
+BOOST_AUTO_TEST_SUITE(DBCRYPTO_MIGRATION_TEST)
+namespace
+{
+const unsigned migration_names = 16107;
+const unsigned migration_labels = 273;
+const unsigned migration_reference_label_idx = 0;
+const unsigned migration_accessed_element_idx = 7;
+
+void verifyDBisValid(DBFixture & fixture)
+{
+    /**
+     * there are (migration_labels), each having (migration_names)/(migration_labels) entries.
+     * reference label (migration_reference_label_idx) exists such that it has access to
+     * all others' label element with index (migration_accessed_element_idx).
+     *
+     * Example:
+     * - migration_label_63 has access to all items owned by migration_label_63,
+     *   which gives (migration_names)/(migration_labels) entries.
+     *
+     * - migration_label_0 (0 is the reference label) has access to all items
+     *   owned by migration_label_0 and all others' label element index 7,
+     *   which gives (migration_names)/(migration_labels)  + (migration_labels-1) entries.
+     *
+     */
+    Label reference_label;
+    fixture.generate_label(migration_reference_label_idx, reference_label);
+
+    // check number of elements accessible to the reference label
+    LabelNameVector ret_list;
+    BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(reference_label, ret_list, DataType::BINARY_DATA));
+    BOOST_REQUIRE((migration_names/migration_labels)/*own items*/ + (migration_labels-1)/*other labels'*/ == ret_list.size());
+    ret_list.clear();
+
+    // check number of elements accessible to the other labels
+    for(unsigned int l=0; l<migration_labels; l++)
+    {
+        // bypass the reference owner label
+        if(l == migration_reference_label_idx)
+            continue;
+
+        Label current_label;
+        fixture.generate_label(l, current_label);
+        BOOST_REQUIRE_NO_THROW(fixture.m_db.listNames(current_label, ret_list, DataType::BINARY_DATA));
+        BOOST_REQUIRE((migration_names/migration_labels) == ret_list.size());
+        for(auto it: ret_list)
+            BOOST_REQUIRE(it.first == current_label);
+        ret_list.clear();
+    }
+}
+
+struct DBVer1Migration : public DBFixture
+{
+    DBVer1Migration() : DBFixture("/usr/share/ckm-db-test/testme_ver1.db")
+    {}
+};
+
+struct DBVer2Migration : public DBFixture
+{
+    DBVer2Migration() : DBFixture("/usr/share/ckm-db-test/testme_ver2.db")
+    {}
+};
+
+struct DBVer3Migration : public DBFixture
+{
+    DBVer3Migration() : DBFixture("/usr/share/ckm-db-test/testme_ver3.db")
+    {}
+};
+}
+
+BOOST_AUTO_TEST_CASE(DBMigrationDBVer1)
+{
+    DBVer1Migration DBver1;
+    verifyDBisValid(DBver1);
+}
+
+BOOST_AUTO_TEST_CASE(DBMigrationDBVer2)
+{
+    DBVer2Migration DBver2;
+    verifyDBisValid(DBver2);
+}
+
+BOOST_AUTO_TEST_CASE(DBMigrationDBVer3)
+{
+    DBVer3Migration DBver3;
+    verifyDBisValid(DBver3);
+}
+
+BOOST_AUTO_TEST_CASE(DBMigrationDBCurrent)
+{
+    DBFixture currentDB;
+
+    // prepare data using current DB mechanism
+    Label reference_label;
+    currentDB.generate_label(migration_reference_label_idx, reference_label);
+    {
+        currentDB.generate_perf_DB(migration_names, migration_names/migration_labels);
+
+        // only the reference label has access to the other labels element <migration_accessed_element_idx>
+        for(unsigned int l=0; l<migration_labels; l++)
+        {
+            // bypass the reference owner label
+            if(l == migration_reference_label_idx)
+                continue;
+
+            unsigned element_index = migration_accessed_element_idx + l*migration_names/migration_labels;
+
+            // add permission
+            Name accessed_name;
+            currentDB.generate_name(element_index, accessed_name);
+            Label current_label;
+            currentDB.generate_label(l, current_label);
+            currentDB.add_permission(accessed_name, current_label, reference_label);
+        }
+    }
+
+    verifyDBisValid(currentDB);
+}
 
 BOOST_AUTO_TEST_SUITE_END()