--- /dev/null
+/*
+ * Copyright (c) 2023 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <vector>
+
+#include <boost_macros_wrapper.h>
+
+#include <platform/decider.h>
+
+using namespace CKM;
+using namespace CKM::Crypto;
+
+namespace {
+
+struct Mapping {
+ bool import; // true - import, false - generate
+ bool encrypted;
+ DataType type;
+ bool extractable;
+ bool swBackend;
+ bool tzBackend;
+};
+
+std::vector<Mapping> MAPPING {
+// imp., enc., type, ext., SW, TZ
+ {true, false, DataType::BINARY_DATA, false, true, true },
+ {true, false, DataType::BINARY_DATA, true, true, true },
+
+ {true, false, DataType::KEY_AES, false, true, true },
+ {true, false, DataType::KEY_AES, true, true, false },
+
+ {true, false, DataType::KEY_RSA_PRIVATE, false, true, true },
+ {true, false, DataType::KEY_RSA_PRIVATE, true, true, false },
+ {true, false, DataType::KEY_RSA_PUBLIC, false, true, true },
+ {true, false, DataType::KEY_RSA_PUBLIC, true, true, false },
+
+ {true, false, DataType::KEY_DSA_PRIVATE, false, true, true },
+ {true, false, DataType::KEY_DSA_PRIVATE, true, true, false },
+ {true, false, DataType::KEY_DSA_PUBLIC, false, true, true },
+ {true, false, DataType::KEY_DSA_PUBLIC, true, true, false },
+
+ {true, false, DataType::KEY_ECDSA_PRIVATE, false, true, true },
+ {true, false, DataType::KEY_ECDSA_PRIVATE, true, true, false },
+ {true, false, DataType::KEY_ECDSA_PUBLIC, false, true, true },
+ {true, false, DataType::KEY_ECDSA_PUBLIC, true, true, false },
+
+ {true, false, DataType::CERTIFICATE, false, true, false },
+ {true, false, DataType::CERTIFICATE, true, true, false },
+
+ {true, false, DataType::CHAIN_CERT_0, false, true, false },
+ {true, false, DataType::CHAIN_CERT_0, true, true, false },
+
+
+ {true, true, DataType::BINARY_DATA, false, false, true },
+ {true, true, DataType::BINARY_DATA, true, false, true },
+
+ {true, true, DataType::KEY_AES, false, false, true },
+ {true, true, DataType::KEY_AES, true, false, false },
+
+ {true, true, DataType::KEY_RSA_PRIVATE, false, false, true },
+ {true, true, DataType::KEY_RSA_PRIVATE, true, false, false },
+ {true, true, DataType::KEY_RSA_PUBLIC, false, false, true },
+ {true, true, DataType::KEY_RSA_PUBLIC, true, false, false },
+
+ {true, true, DataType::KEY_DSA_PRIVATE, false, false, true },
+ {true, true, DataType::KEY_DSA_PRIVATE, true, false, false },
+ {true, true, DataType::KEY_DSA_PUBLIC, false, false, true },
+ {true, true, DataType::KEY_DSA_PUBLIC, true, false, false },
+
+ {true, true, DataType::KEY_ECDSA_PRIVATE, false, false, true },
+ {true, true, DataType::KEY_ECDSA_PRIVATE, true, false, false },
+ {true, true, DataType::KEY_ECDSA_PUBLIC, false, false, true },
+ {true, true, DataType::KEY_ECDSA_PUBLIC, true, false, false },
+
+ {true, true, DataType::CERTIFICATE, false, false, false },
+ {true, true, DataType::CERTIFICATE, true, false, false },
+
+ {true, true, DataType::CHAIN_CERT_0, false, false, false },
+ {true, true, DataType::CHAIN_CERT_0, true, false, false },
+
+
+ {false, false, DataType::BINARY_DATA, false, true, true },
+ {false, false, DataType::BINARY_DATA, true, true, true },
+
+ {false, false, DataType::KEY_AES, false, true, true },
+ {false, false, DataType::KEY_AES, true, true, false },
+
+ {false, false, DataType::KEY_RSA_PRIVATE, false, true, true },
+ {false, false, DataType::KEY_RSA_PRIVATE, true, true, false },
+ {false, false, DataType::KEY_RSA_PUBLIC, false, true, true },
+ {false, false, DataType::KEY_RSA_PUBLIC, true, true, false },
+
+ {false, false, DataType::KEY_DSA_PRIVATE, false, true, true },
+ {false, false, DataType::KEY_DSA_PRIVATE, true, true, false },
+ {false, false, DataType::KEY_DSA_PUBLIC, false, true, true },
+ {false, false, DataType::KEY_DSA_PUBLIC, true, true, false },
+
+ {false, false, DataType::KEY_ECDSA_PRIVATE, false, true, true },
+ {false, false, DataType::KEY_ECDSA_PRIVATE, true, true, false },
+ {false, false, DataType::KEY_ECDSA_PUBLIC, false, true, true },
+ {false, false, DataType::KEY_ECDSA_PUBLIC, true, true, false },
+
+ {false, false, DataType::CERTIFICATE, false, false, false },
+ {false, false, DataType::CERTIFICATE, true, false, false },
+
+ {false, false, DataType::CHAIN_CERT_0, false, false, false },
+ {false, false, DataType::CHAIN_CERT_0, true, false, false },
+};
+
+} // namespace
+
+BOOST_AUTO_TEST_SUITE(DECIDER_TEST)
+
+POSITIVE_TEST_CASE(MappingTest)
+{
+ Decider d;
+ bool ret;
+ for (const auto& row : MAPPING) {
+ Policy policy("", row.extractable);
+
+ ret = d.checkStore(CryptoBackend::OpenSSL, row.type, policy, row.import, row.encrypted);
+ BOOST_REQUIRE(ret == row.swBackend);
+
+ ret = d.checkStore(CryptoBackend::TrustZone, row.type, policy, row.import, row.encrypted);
+#ifdef TZ_BACKEND_ENABLED
+ BOOST_REQUIRE(ret == row.tzBackend);
+#else
+ BOOST_REQUIRE(ret == false);
+#endif
+
+ ret = d.checkStore(CryptoBackend::None, row.type, policy, row.import, row.encrypted);
+ BOOST_REQUIRE(ret == false);
+
+ ret = d.checkStore(CryptoBackend::SecureElement,
+ row.type,
+ policy,
+ row.import,
+ row.encrypted);
+ BOOST_REQUIRE(ret == false);
+ }
+}
+
+BOOST_AUTO_TEST_SUITE_END()