--- /dev/null
+Dongsun Lee <ds73.lee@samsung.com>
--- /dev/null
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author
+# @brief
+#
+
+############################# Check minimum CMake version #####################
+
+CMAKE_MINIMUM_REQUIRED(VERSION 2.6)
+PROJECT("key-manager-se-backend")
+
+SET(SO_VERSION 1)
+SET(VERSION "${SO_VERSION}.0.0")
+
+############################# cmake packages ##################################
+
+INCLUDE(FindPkgConfig)
+
+############################# compiler flags ##################################
+
+SET(CMAKE_C_FLAGS_PROFILING "-g -std=c99 -O0 -pg -Wp,-U_FORTIFY_SOURCE")
+SET(CMAKE_CXX_FLAGS_PROFILING "-g -std=c++0x -O0 -pg -Wp,-U_FORTIFY_SOURCE")
+SET(CMAKE_C_FLAGS_DEBUG "-g -std=c99 -O0 -ggdb -Wp,-U_FORTIFY_SOURCE")
+SET(CMAKE_CXX_FLAGS_DEBUG "-g -std=c++0x -O0 -ggdb -Wp,-U_FORTIFY_SOURCE")
+SET(CMAKE_C_FLAGS_RELEASE "-g -std=c99 -O2")
+SET(CMAKE_CXX_FLAGS_RELEASE "-g -std=c++0x -O2")
+SET(CMAKE_C_FLAGS_CCOV "-g -std=c99 -O2 --coverage")
+SET(CMAKE_CXX_FLAGS_CCOV "-g -std=c++0x -O2 --coverage")
+
+# If supported for the target machine, emit position-independent code,suitable
+# for dynamic linking and avoiding any limit on the size of the global offset
+# table. This option makes a difference on the m68k, PowerPC and SPARC.
+# (BJ: our ARM too?)
+ADD_DEFINITIONS("-fPIC")
+
+# Set compiler warning flags
+ADD_DEFINITIONS("-Werror") # Make all warnings into errors.
+ADD_DEFINITIONS("-Wall") # Generate all warnings
+ADD_DEFINITIONS("-Wextra") # Generate even more extra warnings
+
+STRING(REGEX MATCH "([^.]*)" API_VERSION "${VERSION}")
+ADD_DEFINITIONS("-DAPI_VERSION=\"$(API_VERSION)\"")
+ADD_DEFINITIONS("-DBINDIR=\"${BINDIR}\"")
+
+
+# IF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
+ ADD_DEFINITIONS("-DTIZEN_DEBUG_ENABLE")
+ ADD_DEFINITIONS("-DBUILD_TYPE_DEBUG")
+# ENDIF (CMAKE_BUILD_TYPE MATCHES "DEBUG")
+
+CONFIGURE_FILE(packaging/${PROJECT_NAME}.manifest.in ${PROJECT_NAME}.manifest @ONLY)
+CONFIGURE_FILE(packaging/${PROJECT_NAME}-test.manifest.in ${PROJECT_NAME}-test.manifest @ONLY)
+
+################# common configurations for srcs and test ######################
+SET(DEPENDENTS "openssl1.1 dlog libtzplatform-config")
+PKG_CHECK_MODULES(CKM_SE_EMUL_DEPS
+ REQUIRED
+ ${DEPENDENTS}
+)
+
+############################ Target Setting ################################
+SET(TARGET_LIB ${PROJECT_NAME})
+SET(TARGET_LIB_TEST km_se_backend_tests)
+
+############################ Add Sub Directories ################################
+ADD_SUBDIRECTORY(srcs)
+ADD_SUBDIRECTORY(include)
+ADD_SUBDIRECTORY(build)
+ADD_SUBDIRECTORY(tests)
--- /dev/null
+Copyright (c) 2000 - 2011 Samsung Electronics Co., Ltd. All rights reserved.
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "[]"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright [yyyy] [name of copyright owner]
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
--- /dev/null
+# key-manager-se-backend
+This repo contains the implementation of key-manager SE backend.
+
+# How to build
+
+```
+# For Tizen Emulator
+gbs build --arch i586 --include-all
+
+# For other architecture : x86_64 i586 armv7l aarch64...
+# You can see the all architectures that gbs supports with the following command
+ gbs build --help | grep arch
+```
+
+# How to install
+
+```
+sdb push /home/tizen/GBS-ROOT/local/repos/unified_standard/i586/RPMS/key-manager-se-backend*.rpm /tmp
+sdb root on
+sdb shell "mount -o remount,rw /"
+sdb shell "rpm -Uvh --force --nodeps /tmp/key-manager-se-backend*.rpm"
+Preparing... ################################# [100%]
+Updating / installing...
+ 1:key-manager-se-backend-1.0.0-1 ################################# [ 17%]
+No manifest in this package. Creating default one
+ 2:key-manager-se-backend-devel-1.0.################################# [ 33%]
+ 3:key-manager-se-backend-test-debug################################# [ 50%]
+ 4:key-manager-se-backend-debugsourc################################# [ 67%]
+ 5:key-manager-se-backend-debuginfo-################################# [ 83%]
+ 6:key-manager-se-backend-test-1.0.0################################# [100%]
+No manifest in this package. Creating default one
+```
+
+# How to run unit test
+
+## Build boost package & install boost-test-xxx.i686.rpm rpm
+
+### Download boost package
+```
+git clone git://git.tizen.org/platform/upstream/boost
+```
+
+### Build boost package
+```
+gbs build --arch i586 --include-all
+```
+
+### install boost package
+```
+sdb push /home/tizen/GBS-ROOT/local/repos/unified_standard/i586/RPMS/boost-test-*.rpm /tmp
+sdb shell "rpm -Uvh --force --nodeps /tmp/boost-test-*.rpm"
+Preparing... ################################# [100%]
+Updating / installing...
+ 1:boost-test-debuginfo-1.77.0-0 ################################# [ 50%]
+ 2:boost-test-1.77.0-0 ################################# [100%]
+```
+
+
+## Run unit test
+
+Run `km_se_backend_tests` after sdb login as below.
+
+```
+tizen@lds-desktop:~/srcs/private/key-manager$ sdb shell
+sh-3.2#
+sh-3.2# km_se_backend_tests
+run test program with --run_test=SYSTEM on sdb root turned ON
+run test program with --run_test=USER on sdb root turned OFF
+Running 5 test cases...
+Boost : 1.77.0
+Running test module "KSE_INTERNAL_TEST"
+Starting test suite "USER"
+Starting test suite "SE_EMUL"
+Check Existence of DB Protection Key : Exist=false
+Running test case "kmsb_generate_dbp_key_p"
+ [ OK ], time: 410mks
+Check Existence of DB Protection Key : Exist=true
+Running test case "kmsb_generate_dbp_key_regenerate_p"
+ [ OK ], time: 247mks
+Check Existence of DB Protection Key : Exist=true
+Running test case "kmsb_generate_dbp_key_not_permitted_n"
+ [ OK ], time: 190mks
+Check Existence of DB Protection Key : Exist=true
+Running test case "kmsb_encrypt_with_dbp_key_p"
+ [ OK ], time: 160mks
+Running test case "kmsb_encrypt_with_dbp_key_invalid_parameter_n"
+ [ OK ], time: 185mks
+Finished test suite "SE_EMUL"
+Finished test suite "USER"
+ [ OK ], time: 2190mks
+
+Test module "KSE_INTERNAL_TEST" has passed with:
+ 5 test cases out of 5 passed
+ 13 assertions out of 13 passed
+```
--- /dev/null
+# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @brief
+#
+
+CONFIGURE_FILE(key-manager-se-backend.pc.in key-manager-se-backend.pc @ONLY)
+
+INSTALL(FILES
+ ${CMAKE_BINARY_DIR}/build/key-manager-se-backend.pc
+ DESTINATION
+ ${LIB_INSTALL_DIR}/pkgconfig
+ )
--- /dev/null
+prefix=@PREFIX@
+libdir=@LIBDIR@
+includedir=@PREFIX@/include
+
+Name: @PC_NAME@
+Description: SE Backend of Key Manager
+Version: @VERSION@
+Requires:
+Libs: -lkey-manager-se-backend
+Cflags: @PC_CFLAGS@
--- /dev/null
+INSTALL(FILES
+ ${CMAKE_CURRENT_SOURCE_DIR}/key-manager-se-backend.h
+ DESTINATION ${INCLUDEDIR}
+ )
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file key-manager-se-backend.h
+ * @author Dongsun Lee (ds73.lee@samsung.com)
+ * @version 1.0
+ * @brief provides fucntions for Key Manager SE Backend
+ */
+
+
+#ifndef _KEY_MANAGER_SE_BACKEND_H_
+#define _KEY_MANAGER_SE_BACKEND_H_
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <tizen.h>
+
+//################################################################################
+// Common
+//################################################################################
+/* Tizen Key Manager SE Backend Error */
+#define TIZEN_ERROR_KEY_MANAGER_SE_BACKEND TIZEN_ERROR_KEY_MANAGER | 0x0100
+
+/**
+ * @brief Enumeration for errors of Key Manager SE Backend.
+ */
+typedef enum {
+ KMSB_ERROR_NONE = TIZEN_ERROR_NONE, /**< Successful */
+ KMSB_ERROR_NO_KEY = TIZEN_ERROR_KEY_NOT_AVAILABLE, /**< No Key Available */
+ KMSB_ERROR_OUT_OF_MEMORY = TIZEN_ERROR_OUT_OF_MEMORY, /**< Out of memory */
+ KMSB_ERROR_INVALID_PARAMETER = TIZEN_ERROR_INVALID_PARAMETER, /**< Invalid parameter */
+ KMSB_ERROR_NOT_PERMITTED = TIZEN_ERROR_NOT_PERMITTED, /**< Not permitted operation*/
+ KMSB_ERROR_NOT_SUPPORTED = TIZEN_ERROR_NOT_SUPPORTED, /**< Not supported(implemented) operation*/
+ KMSB_ERROR_OPERATION_FAILED = TIZEN_ERROR_TRY_AGAIN, /**< Operation failed */
+ KMSB_ERROR_VERIFICATION_FAILED = TIZEN_ERROR_KEY_MANAGER_SE_BACKEND | 0x01, /**< Verification failed */
+} kmsb_error_e;
+
+//################################################################################
+// For Supporting Key Manager DB Encryption with SE Key
+//################################################################################
+
+/**
+ * @brief Version of DB Protection Key(DBP Key) Scheme.
+ *
+ * @note This information is used in case of DBP Scheme upgrade.
+ * Version 1 : AES Key with 256 bit and CBC encrypiton mode
+ */
+const unsigned int SE_BACKEND_DBP_SCHEME_VERSION = 1;
+
+/**
+ * @brief Encrypts input with DB Protection Key(DBP Key) in AES CBC mode.
+ *
+ * @param dbp_scheme [in] Version of DB Protection Key(DBP Key) Scheme. This must be 1.
+ * @param input [in] pointer for input data to encrypt
+ * @param input_len [in] length for input data
+ * @param iv [in] pointer for initial vector
+ * @param iv_len [in] length for initial vector
+ * @param output [out] double pointer for output data.
+ * The memory for this is allocated by SE backend
+ * and it must be freed using `free()` by a caller after the usage.
+ * @param output_len [out] pointer for output data length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NO_KEY: when DBK is not generated.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+kmsb_error_e kmsb_encrypt_with_dbp_key(const int dbp_scheme,
+ const unsigned char *input, const unsigned int input_len,
+ const unsigned char *iv, const unsigned int iv_len,
+ unsigned char **output, unsigned int *output_len);
+
+/**
+ * @brief Generates a DB Protection Key(DBP Key).
+ *
+ * @param delete_old [in] flag for overriding an existing key.
+ * if deleted_old == true, the existing key will be deleted before generation of a new key.
+ * if deleted_odd == false, the error(KMSB_ERROR_NOT_PERMITTED) will be returned when an old key exists.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NOT_PERMITTED: when deleted_odd == false and an old key exists.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ *
+ * @note The DBP Key is AES key with 256 bit.
+ * This key is used in kmsb_encrypt_with_dbp_key().
+ */
+kmsb_error_e kmsb_generate_dbp_key(const bool delete_old);
+
+
+//################################################################################
+// For Supporting Preloaded SE Data
+//################################################################################
+
+/**
+ * @brief Enumeration for AES Mode.
+ */
+typedef enum __kmsb_aes_mode {
+ KMSB_ALGO_AES_CTR = 1, /**< AES-CTR algorithm
+ Supported parameters in kmsb_aes_param_s:
+ - mode : KMSB_ALGO_AES_CTR(mandatory),
+ - iv = 16-byte initialization vector(mandatory)
+ - iv_len = 16(mandatory)
+ - ctr_len = length of counter block in bits
+ (optional, only 128b is supported at the moment) */
+ KMSB_ALGO_AES_CBC, /**< AES-CBC algorithm
+ Supported parameters in kmsb_aes_param_s:
+ - mode = KMSB_ALGO_AES_CBC(mandatory),
+ - iv = 16-byte initialization vector(mandatory)
+ - iv_len = 16(mandatory) */
+ KMSB_ALGO_AES_GCM, /**< AES-GCM algorithm
+ Supported parameters in kmsb_aes_param_s:
+ - mode = KMSB_ALGO_AES_GCM(mandatory),
+ - iv = initialization vector(mandatory)
+ - iv_len = IV lenghth in bytes(mandatory)
+ - tag_bit_len = GCM tag length in bits. One of
+ {32, 64, 96, 104, 112, 120, 128} (mandatory)
+ - tag = pointer to tag(mandatory)
+ For encryption case, the resulting tag is written to this pointer.
+ The memory of tag must be assigned by a caller in advance
+ and its size must be larget than tag_bit_len.
+ For decryption case, the caller must set tag value to this pointer in advance.
+ - aad = additional authentication data(optional)
+ - aad_len = AAD lenghth in bytes(optional) */
+ KMSB_ALGO_AES_CFB, /**< AES-CFB algorithm
+ Supported parameters in kmsb_aes_param_s:
+ - mode = KMSB_ALGO_AES_CFB(mandatory),
+ - iv = 16-byte initialization vector(mandatory)
+ - iv_len = 16(mandatory) */
+} kmsb_aes_mode_e;
+
+/**
+ * @brief The structure for AES parameter.
+ */
+typedef struct __kmsb_aes_param {
+ kmsb_aes_mode_e mode; /**< AES mode */
+ unsigned char *iv; /**< Pointer to initialization vector */
+ unsigned int iv_len; /**< Length to initialization vector */
+ unsigned int ctr_bit_len; /**< Length of counter block in bits */
+ unsigned int tag_bit_len; /**< GCM tag length in bits */
+ unsigned char *tag; /**< Pointer to tag */
+ unsigned char *aad; /**< Additional authentication data*/
+ unsigned int aad_len; /**< Length of additional authentication data*/
+} kmsb_aes_param_s;
+
+/*
+ * @brief Encrypts input using AES
+ *
+ * @param key_idx [in] Key index to use
+ * @param param [in/out] Parameters for AES algorithm.
+ * Tag is out in GCM mode.
+ * @param input [in] pointer for input data to encrypt
+ * @param input_len [in] length for input data
+ * @param output [out] double pointer for output data.
+ * The memory for this is allocated by SE backend
+ * and it must be freed using `free()` by a caller after the usage.
+ * @param output_len [out] pointer for output data length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NO_KEY: when there is no key with key_idx.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_NOT_SUPPORTED: when specified algorithms in param is not supported
+ * or this operation is not supported
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+int kmsb_aes_encrypt(const unsigned int key_idx,
+ kmsb_aes_param_s *param,
+ const unsigned char *input, const unsigned int input_len,
+ unsigned char **output, unsigned int *output_len);
+
+/*
+ * @brief Decrypts input using AES
+ *
+ * @param key_idx [in] Key index to use
+ * @param param [in] Parameters for AES algorithm.
+ * @param input [in] pointer for input data to decrypt
+ * @param input_len [in] length for input data
+ * @param output [out] double pointer for output data.
+ * The memory for this is allocated by SE backend
+ * and it must be freed using `frsecp192r1Cee()` by a caller after the usage.
+ * @param output_len [out] pointer for output data length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NO_KEY: when there is no key with key_idx.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_VERIFICATION_FAILED: when GCM tag verification fails
+ * - KMSB_ERROR_NOT_SUPPORTED: when specified algorithms in param is not supported
+ * or this operation is not supported
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+int kmsb_aes_decrypt(const unsigned int key_idx,
+ kmsb_aes_param_s *param,
+ const unsigned char *input, const unsigned int input_len,
+ unsigned char **output, unsigned int *output_len);
+
+/**
+ * @brief Enumeration for elliptic curve.
+ *
+ * @note This is the same as ckmc_ec_type_e in key-manager.
+ */
+typedef enum __kmsb_ec_type {
+ KMSB_EC_PRIME192V1 = 0, /**< Elliptic curve domain "secp192r1" listed in "SEC 2" recommended
+ elliptic curve domain */
+ KMSB_EC_PRIME256V1, /**< "SEC 2" recommended elliptic curve domain - secp256r1 */
+ KMSB_EC_SECP384R1 /**< NIST curve P-384(covers "secp384r1", the elliptic curve domain
+ listed in See SEC 2 */
+} kmsb_ec_type_e;
+
+/**
+ * @brief Enumeration for hash algorithm.
+ *
+ * @note This is the same as ckmc_hash_algo_e in key-manager.
+ */
+typedef enum __kmsb_hash_algo {
+ KMSB_HASH_NONE = 0, /**< No Hash Algorithm */
+ KMSB_HASH_SHA1, /**< Hash Algorithm SHA1 */
+ KMSB_HASH_SHA256, /**< Hash Algorithm SHA256 */
+ KMSB_HASH_SHA384, /**< Hash Algorithm SHA384 */
+ KMSB_HASH_SHA512 /**< Hash Algorithm SHA512 */
+} kmsb_hash_algo_e;
+
+/**
+ * @brief The structure for signing parameter.
+ */
+typedef struct __kmsb_sign_param {
+ kmsb_ec_type_e ec_type; /**< EC type(curve) of a key. (mandatory) */
+ kmsb_hash_algo_e hash_algo; /**< hash algorithm to digest in before processing. (mandatory) */
+} kmsb_sign_param_s;
+
+/*
+ * @brief Sign message with hashing
+ *
+ * @param key_idx [in] Key index of key to use
+ * @param param [in] Parameters for signing.
+ * @param msg [in] pointer for message to sign
+ * @param msg_len [in] length for message
+ * @param sig [out] double pointer for signature.
+ * The memory for this is allocated by SE backend
+ * and it must be freed using `free()` by a caller after the usage.
+ * @param sig_len [out] pointer for signature length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NO_KEY: when there is no key with key_idx.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_NOT_SUPPORTED: when specified algorithms in param is not supported
+ * or this operation is not supported
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+int kmsb_create_signature(const unsigned int key_idx,
+ const kmsb_sign_param_s *param,
+ const unsigned char *msg, const unsigned int msg_len,
+ unsigned char **sig, unsigned int *sig_len);
+
+/*
+ * @brief Verify signature
+ *
+ * @param key_idx [in] Key index of key to use
+ * @param param [in] Parameters for signing.
+ * @param msg [in] pointer for message to sign
+ * @param msg_len [in] length for message
+ * @param sig [in] pointer for signature.
+ * @param sig_len [in] signature length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success of verification, and other means fail
+ * - KMSB_ERROR_VERIFICATION_FAILED: when signature verification fails
+ * - KMSB_ERROR_NO_KEY: when there is no key with key_idx.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_NOT_SUPPORTED: when specified algorithms in param is not supported
+ * or this operation is not supported
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+int kmsb_verify_signature(const unsigned int key_idx,
+ const kmsb_sign_param_s *param,
+ const unsigned char *msg, const unsigned int msg_len,
+ unsigned char *sig, unsigned int sig_len);
+
+/*
+ * @brief Get a key value from SE
+ *
+ * @note Only the value of public key can be extracted from SE.
+ * Private keys or symmetric keys can not be extracted from SE.
+ *
+ * @param key_idx [in] Key index to get
+ * @param output [out] double pointer for output data.
+ * The memory for this is allocated by SE backend
+ * and it must be freed using `free()` by a caller after the usage.
+ * @param output_len [out] pointer for output data length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NO_KEY: when there is no key with key_idx.
+ * - KMSB_ERROR_NOT_PERMITTED: when the key is not allowed to be exported from SE.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_NOT_SUPPORTED: when this operation is not supported
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+int kmsb_get_key(const unsigned int key_idx, unsigned char **output, unsigned int *output_len);
+
+/*
+ * @brief Get a certificate value from SE
+ *
+ * @note the format of certificate is the DER encoded form of X.509.
+ *
+ * @param cert_idx [in] Certificate index to get
+ * @param output [out] double pointer for output data.
+ * The memory for this is allocated by SE backend
+ * and it must be freed using `free()` by a caller after the usage.
+ * @param output_len [out] pointer for output data length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NO_KEY: when there is no certificate with cert_idx.
+ * - KMSB_ERROR_NOT_PERMITTED: when the certificate is not allowed to be exported from SE.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_NOT_SUPPORTED: when this operation is not supported
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+int kmsb_get_certificate(const unsigned int cert_idx, unsigned char **output, unsigned int *output_len);
+
+/*
+ * @brief Get a data value from SE
+ *
+ * @param data_idx [in] Certificate index to get
+ * @param output [out] double pointer for output data.
+ * The memory for this is allocated by SE backend
+ * and it must be freed using `free()` by a caller after the usage.
+ * @param output_len [out] pointer for output data length.
+ * @return kmsb_error_e: TIZEN_ERROR_NONE means success, and other means fail
+ * - KMSB_ERROR_NO_KEY: when there is no certificate with data_idx.
+ * - KMSB_ERROR_NOT_PERMITTED: when the data is not allowed to be exported from SE.
+ * - KMSB_ERROR_OUT_OF_MEMORY: when there is no available memory
+ * - KMSB_ERROR_INVALID_PARAMETER: when input parameter is not valid
+ * - KMSB_ERROR_NOT_SUPPORTED: when this operation is not supported
+ * - KMSB_ERROR_OPERATION_FAILED: when operation fails with unknown reason
+ */
+int kmsb_get_data(const unsigned int data_idx, unsigned char **output, unsigned int *output_len);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /*_KEY_MANAGER_SE_BACKEND_H_*/
\ No newline at end of file
--- /dev/null
+<manifest>
+ <request>
+ <domain name="_" />
+ </request>
+ <assign>
+ <filesystem path="@BINDIR@/se_emul_tests" label="_" exec_label="System" />
+ </assign>
+</manifest>
+
--- /dev/null
+<manifest>
+ <request>
+ <domain name="_" />
+ </request>
+ <assign>
+ </assign>
+</manifest>
--- /dev/null
+Name: key-manager-se-backend
+Summary: SE Backend of Key Manager
+Version: 1.0.0
+Release: 1
+Group: Security/Libraries
+License: Apache-2.0 and BSL-1.0
+Source0: %{name}-%{version}.tar.gz
+
+Requires(post): /sbin/ldconfig
+Requires(postun): /sbin/ldconfig
+
+BuildRequires: cmake
+BuildRequires: pkgconfig(dlog)
+BuildRequires: pkgconfig(openssl1.1)
+BuildRequires: pkgconfig(libtzplatform-config)
+
+%description
+SE Backend of Key Manager
+
+%package devel
+Summary: SE Backend of Key Manager (development files)
+License: Apache-2.0
+Group: Security/Development
+Requires: %{name} = %{version}-%{release}
+
+%description devel
+SE Backend of Key Manager (development files)
+
+%package test
+Summary: Test for SE Backend of Key Manager
+License: Apache-2.0 and BSL-1.0
+Group: Security/Development
+BuildRequires: boost-devel
+Requires: %{name} = %{version}-%{release}
+
+%description test
+Test for SE Backend of Key Manager
+
+%define user_name security_fw
+%define group_name security_fw
+%define smack_domain System
+%define bin_dir %TZ_SYS_BIN
+%define rw_share_dir %TZ_SYS_SHARE
+
+# %define _unpackaged_files_terminate_build 0
+# %define _missing_doc_files_terminate_build 0
+
+%prep
+%setup -q
+
+%build
+%{!?build_type:%define build_type "Release"}
+%cmake . -DPREFIX=%{_prefix} \
+ -DEXEC_PREFIX=%{_exec_prefix} \
+ -DINCLUDEDIR=%{_includedir} \
+ -DLIBDIR=%{_libdir} \
+ -DCMAKE_BUILD_TYPE=%{build_type} \
+ -DRW_SHARE_DIR=%rw_share_dir \
+ -DUSER_NAME=%user_name \
+ -DGROUP_NAME=%group_name \
+ -DSMACK_DOMAIN=%smack_domain \
+ -DBINDIR=%bin_dir
+
+make %{?jobs:-j%jobs}
+
+%install
+%make_install
+
+%files
+%manifest %{name}.manifest
+%license LICENSE
+%license LICENSE.BSL-1.0
+%{_libdir}/lib%{name}.so.*
+
+%files devel
+%{_includedir}/*
+%{_libdir}/pkgconfig/%{name}.pc
+%{_libdir}/lib%{name}.so
+
+%files test
+%manifest %{name}-test.manifest
+%license LICENSE
+%license LICENSE.BSL-1.0
+%{bin_dir}/km_se_backend_tests
--- /dev/null
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author
+# @brief
+#
+
+################################################################################
+# for libkey-manager-se-backend.so
+################################################################################
+SET(KM_SE_BACKEND_SOURCES
+ km_se_backend.c
+)
+
+INCLUDE_DIRECTORIES(
+ ${PROJECT_SOURCE_DIR}/include
+ ${CKM_SE_EMUL_DEPS_INCLUDE_DIRS}
+)
+
+ADD_LIBRARY(${TARGET_LIB} SHARED ${KM_SE_BACKEND_SOURCES})
+
+SET_TARGET_PROPERTIES(${TARGET_LIB} PROPERTIES
+ SOVERSION ${SO_VERSION}
+ VERSION ${VERSION}
+ COMPILE_FLAGS "-D_GNU_SOURCE"
+)
+
+TARGET_LINK_LIBRARIES(${TARGET_LIB}
+ pthread
+ ${CKM_SE_EMUL_DEPS_LIBRARIES}
+)
+
+INSTALL(TARGETS ${TARGET_LIB}
+ DESTINATION ${LIBDIR})
+
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file km_se_backend.c
+ * @author Dongsun Lee (ds73.lee@samsung.com)
+ * @version 1.0
+ * @brief provides fucntions for SE Backedn for Key Manager
+ */
+
+//################################################################################
+// WARNING
+// This is a dummy implementation of SE backend to show how to implement SE backend.
+// Do not use this dummpy implementation in commodity devices.
+//################################################################################
+
+#include <stdlib.h>
+#include <string.h>
+#include <stdbool.h>
+#include <openssl/aes.h>
+#include <openssl/rand.h>
+
+#include "key-manager-se-backend.h"
+
+
+//################################################################################
+// For Supporting Key Manager DB Encryption with SE Key
+//################################################################################
+
+static size_t DBP_KEY_SIZE = 32;
+static uint8_t *DBP_KEY = NULL;
+
+kmsb_error_e kmsb_generate_dbp_key(const bool delete_old)
+{
+ if (!delete_old && DBP_KEY != NULL)
+ return KMSB_ERROR_NOT_PERMITTED;
+
+ if (DBP_KEY == NULL) {
+ DBP_KEY = malloc(DBP_KEY_SIZE);
+ } else {
+ memset(DBP_KEY, 0, DBP_KEY_SIZE);
+ }
+
+ // if (1 != RAND_bytes(DBP_KEY, DBP_KEY_SIZE))
+ // return KMSB_ERROR_OPERATION_FAILED;
+ memset(DBP_KEY, 01, DBP_KEY_SIZE);
+
+ return KMSB_ERROR_NONE;
+}
+
+kmsb_error_e kmsb_encrypt_with_dbp_key(const int dbp_scheme,
+ const unsigned char *input, const unsigned int input_len,
+ const unsigned char *iv, const unsigned int iv_len,
+ unsigned char **output, unsigned int *output_len)
+{
+ unsigned int aes_block_size = 16;
+ if (dbp_scheme != (const int) SE_BACKEND_DBP_SCHEME_VERSION)
+ return KMSB_ERROR_INVALID_PARAMETER;
+ if (DBP_KEY == NULL)
+ return KMSB_ERROR_NO_KEY;
+ if (input == NULL ||
+ input_len == 0 || input_len % aes_block_size != 0 ||
+ iv == NULL ||
+ iv_len != aes_block_size ||
+ output == NULL ||
+ output_len == NULL)
+ return KMSB_ERROR_INVALID_PARAMETER;
+
+ AES_KEY aes_key;
+ AES_set_encrypt_key(DBP_KEY, DBP_KEY_SIZE*8, &aes_key);
+
+ *output = malloc(input_len);
+ if (output == NULL)
+ return KMSB_ERROR_OUT_OF_MEMORY;
+ *output_len = input_len;
+
+ unsigned char *iv_temp = malloc(iv_len);
+ if (iv_temp == NULL)
+ return KMSB_ERROR_OUT_OF_MEMORY;
+ memcpy(iv_temp, iv, iv_len);
+
+ AES_cbc_encrypt(input,
+ *output,
+ input_len,
+ &aes_key,
+ iv_temp,
+ AES_ENCRYPT);
+
+ return KMSB_ERROR_NONE;
+}
+
+//################################################################################
+// For Supporting Preloaded SE Data
+//################################################################################
+int kmsb_aes_encrypt(const unsigned int key_idx,
+ kmsb_aes_param_s *param,
+ const unsigned char *input, const unsigned int input_len,
+ unsigned char **output, unsigned int *output_len)
+{
+ (void) key_idx;
+ (void) param;
+ (void) input;
+ (void) input_len;
+ (void) output;
+ (void) output_len;
+ return KMSB_ERROR_NOT_SUPPORTED;
+}
+
+int kmsb_aes_decrypt(const unsigned int key_idx,
+ kmsb_aes_param_s *param,
+ const unsigned char *input, const unsigned int input_len,
+ unsigned char **output, unsigned int *output_len)
+{
+ (void) key_idx;
+ (void) param;
+ (void) input;
+ (void) input_len;
+ (void) output;
+ (void) output_len;
+ return KMSB_ERROR_NOT_SUPPORTED;
+}
+
+int kmsb_create_signature(const unsigned int key_idx,
+ const kmsb_sign_param_s *param,
+ const unsigned char *msg, const unsigned int msg_len,
+ unsigned char **sig, unsigned int *sig_len)
+{
+ (void) key_idx;
+ (void) param;
+ (void) msg;
+ (void) msg_len;
+ (void) sig;
+ (void) sig_len;
+ return KMSB_ERROR_NOT_SUPPORTED;
+}
+
+int kmsb_verify_signature(const unsigned int key_idx,
+ const kmsb_sign_param_s *param,
+ const unsigned char *msg, const unsigned int msg_len,
+ unsigned char *sig, unsigned int sig_len)
+{
+ (void) key_idx;
+ (void) param;
+ (void) msg;
+ (void) msg_len;
+ (void) sig;
+ (void) sig_len;
+ return KMSB_ERROR_NOT_SUPPORTED;
+}
+
+int kmsb_get_key(const unsigned int key_idx, unsigned char **output, unsigned int *output_len)
+{
+ (void) key_idx;
+ (void) output;
+ (void) output_len;
+ return KMSB_ERROR_NOT_SUPPORTED;
+}
+
+int kmsb_get_certificate(const unsigned int cert_idx, unsigned char **output, unsigned int *output_len)
+{
+ (void) cert_idx;
+ (void) output;
+ (void) output_len;
+ return KMSB_ERROR_NOT_SUPPORTED;
+}
+
+int kmsb_get_data(const unsigned int data_idx, unsigned char **output, unsigned int *output_len)
+{
+ (void) data_idx;
+ (void) output;
+ (void) output_len;
+ return KMSB_ERROR_NOT_SUPPORTED;
+}
--- /dev/null
+# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Kyungwook Tak (k.tak@samsung.com)
+# @brief cmake for test program
+#
+ADD_DEFINITIONS(-DBOOST_TEST_DYN_LINK)
+
+#### main test program ####
+PKG_CHECK_MODULES(${TARGET_LIB_TEST}_DEP
+ REQUIRED
+)
+
+SET(${TARGET_LIB_TEST}_SRCS
+ main.cpp
+ test_cases.cpp
+ colour_log_formatter.cpp
+)
+
+INCLUDE_DIRECTORIES(
+ SYSTEM
+ ${${TARGET_LIB_TEST}_DEP_INCLUDE_DIRS}
+)
+
+INCLUDE_DIRECTORIES(
+ ${PROJECT_SOURCE_DIR}/include
+ .
+)
+
+ADD_EXECUTABLE(${TARGET_LIB_TEST} ${${TARGET_LIB_TEST}_SRCS})
+
+TARGET_LINK_LIBRARIES(${TARGET_LIB_TEST}
+ ${${TARGET_LIB_TEST}_DEP_LIBRARIES}
+ ${TARGET_LIB}
+ -lboost_unit_test_framework
+ -ldl
+)
+
+
+INSTALL(TARGETS ${TARGET_LIB_TEST}
+ DESTINATION ${BINDIR}
+ PERMISSIONS
+ OWNER_READ
+ OWNER_WRITE
+ OWNER_EXECUTE
+ GROUP_READ
+ GROUP_EXECUTE
+ WORLD_READ
+ WORLD_EXECUTE
+)
+
--- /dev/null
+/*
+ * Boost Software License - Version 1.0 - August 17th, 2003
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
+ * SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
+ * FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+#include "colour_log_formatter.h"
+
+#include <iostream>
+#include <string>
+
+#include <boost/test/impl/execution_monitor.ipp>
+#if BOOST_VERSION >= 105900
+#include <boost/test/tree/test_unit.hpp>
+#else
+#include <boost/test/unit_test_suite_impl.hpp>
+#endif
+#include <boost/test/framework.hpp>
+#include <boost/test/utils/basic_cstring/io.hpp>
+#include <boost/test/utils/lazy_ostream.hpp>
+#include <boost/version.hpp>
+
+// ************************************************************************** //
+// ************** colour_log_formatter ************** //
+// ************************************************************************** //
+
+using namespace boost::unit_test;
+namespace Kse {
+namespace Test {
+
+namespace {
+
+const char *GREEN_BEGIN = "\033[0;32m";
+const char *RED_BEGIN = "\033[0;31m";
+const char *CYAN_BEGIN = "\033[0;36m";
+const char *BOLD_YELLOW_BEGIN = "\033[1;33m";
+const char *COLOR_END = "\033[m";
+
+const_string
+test_unit_type_name(const test_unit &tu)
+{
+#if BOOST_VERSION >= 105900
+ return const_string(tu.p_type_name);
+#else
+ return tu.p_type_name.get();
+#endif
+}
+
+const_string
+test_unit_name(const test_unit &tu)
+{
+#if BOOST_VERSION >= 105900
+ return const_string(tu.p_name);
+#else
+ return tu.p_name.get();
+#endif
+}
+
+const_string
+test_phase_identifier()
+{
+ return test_unit_name(framework::current_test_case());
+}
+
+const_string
+get_basename(const const_string &file_name)
+{
+ return basename(file_name.begin());
+}
+
+std::string
+get_basename(const std::string &file_name)
+{
+ return basename(file_name.c_str());
+}
+
+bool
+test_unit_type_name_contains(const test_unit &tu, const std::string &substr)
+{
+ return test_unit_type_name(tu).find(const_string(substr)) == 0;
+}
+
+} // local namespace
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_start(
+ std::ostream &output,
+ counter_t test_cases_amount)
+{
+ if (test_cases_amount > 0)
+ output << "Running " << test_cases_amount << " test "
+ << (test_cases_amount > 1 ? "cases" : "case") << "..." << std::endl;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_finish(std::ostream &ostr)
+{
+ ostr.flush();
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_build_info(std::ostream &output)
+{
+ output << "Platform: " << BOOST_PLATFORM << std::endl
+ << "Compiler: " << BOOST_COMPILER << std::endl
+ << "STL : " << BOOST_STDLIB << std::endl
+ << "Boost : " << BOOST_VERSION / 100000 << "."
+ << BOOST_VERSION / 100 % 1000 << "."
+ << BOOST_VERSION % 100 << std::endl;
+}
+
+
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_build_info(std::ostream &output, bool log_build_info)
+{
+ if (log_build_info)
+ output << "Platform: " << BOOST_PLATFORM << '\n'
+ << "Compiler: " << BOOST_COMPILER << '\n'
+ << "STL : " << BOOST_STDLIB << '\n';
+
+ output << "Boost : " << BOOST_VERSION / 100000 << '.'
+ << BOOST_VERSION / 100 % 1000 << '.'
+ << BOOST_VERSION % 100 << std::endl;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::test_unit_start(
+ std::ostream &output,
+ test_unit const &tu)
+{
+ if (test_unit_type_name_contains(tu, "suite")) {
+ output << "Starting test ";
+ } else {
+ output << "Running test ";
+ }
+ output << test_unit_type_name(tu) << " \"" << test_unit_name(tu) << "\"" <<
+ std::endl;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::test_unit_finish(
+ std::ostream &output,
+ test_unit const &tu,
+ unsigned long elapsed)
+{
+ if (test_unit_type_name_contains(tu, "suite")) {
+ output << "Finished test " << test_unit_type_name(tu) << " \"" << test_unit_name(tu) << "\"" <<
+ std::endl;
+ return;
+ }
+
+ std::string color = GREEN_BEGIN;
+ std::string status = "OK";
+
+ if (m_isTestCaseFailed) {
+ color = RED_BEGIN;
+ status = "FAIL";
+ }
+
+ output << "\t" << "[ " << color << status << COLOR_END << " ]";
+
+ output << ", " << CYAN_BEGIN << "time: ";
+
+ if (elapsed > 0) {
+ if (elapsed % 1000 == 0)
+ output << elapsed / 1000 << "ms";
+ else
+ output << elapsed << "mks";
+ } else {
+ output << "N/A";
+ }
+
+ output << COLOR_END << std::endl;
+ m_isTestCaseFailed = false;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::test_unit_skipped(
+ std::ostream &output,
+ test_unit const &tu)
+{
+ output << "Test " << test_unit_type_name(tu) << " \"" << test_unit_name(tu)
+ << "\"" << "is skipped" << std::endl;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_exception(
+ std::ostream &output,
+ log_checkpoint_data const &checkpoint_data,
+ boost::execution_exception const &ex)
+{
+ boost::execution_exception::location const &loc = ex.where();
+ output << '\t' << BOLD_YELLOW_BEGIN << get_basename(loc.m_file_name)
+ << '(' << loc.m_line_num << "), ";
+
+ output << "fatal error in \""
+ << (loc.m_function.is_empty() ? test_phase_identifier() : loc.m_function) <<
+ "\": ";
+
+ output << COLOR_END << ex.what();
+
+ if (!checkpoint_data.m_file_name.is_empty()) {
+ output << '\n';
+ output << "\tlast checkpoint : " << get_basename(checkpoint_data.m_file_name)
+ << '(' << checkpoint_data.m_line_num << ")";
+
+ if (!checkpoint_data.m_message.empty())
+ output << ": " << checkpoint_data.m_message;
+ }
+
+ output << std::endl;
+ m_isTestCaseFailed = true;
+}
+
+void
+colour_log_formatter::log_exception_start(
+ std::ostream &output,
+ log_checkpoint_data const &checkpoint_data,
+ boost::execution_exception const &ex)
+{
+ boost::execution_exception::location const &loc = ex.where();
+ output << '\t' << BOLD_YELLOW_BEGIN << get_basename(loc.m_file_name)
+ << '(' << loc.m_line_num << "), ";
+
+ output << "fatal error in \""
+ << (loc.m_function.is_empty() ? test_phase_identifier() : loc.m_function) <<
+ "\": ";
+
+ output << COLOR_END << ex.what();
+
+ if (!checkpoint_data.m_file_name.is_empty()) {
+ output << '\n';
+ output << "\tlast checkpoint : " << get_basename(checkpoint_data.m_file_name)
+ << '(' << checkpoint_data.m_line_num << ")";
+
+ if (!checkpoint_data.m_message.empty())
+ output << ": " << checkpoint_data.m_message;
+ }
+
+ output << std::endl;
+ m_isTestCaseFailed = true;
+}
+
+void
+colour_log_formatter::log_exception_finish(std::ostream &os)
+{
+ os.flush();
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_entry_start(
+ std::ostream &output,
+ log_entry_data const &entry_data,
+ log_entry_types let)
+{
+ switch (let) {
+ case BOOST_UTL_ET_INFO:
+ output << '\t' << entry_data.m_file_name << '(' << entry_data.m_line_num <<
+ "), ";
+ output << "info: ";
+ break;
+
+ case BOOST_UTL_ET_MESSAGE:
+ break;
+
+ case BOOST_UTL_ET_WARNING:
+ output << '\t' << get_basename(entry_data.m_file_name) << '(' <<
+ entry_data.m_line_num << "), ";
+ output << "warning in \"" << test_phase_identifier() << "\": ";
+ break;
+
+ case BOOST_UTL_ET_ERROR:
+ output << '\t' << BOLD_YELLOW_BEGIN << get_basename(entry_data.m_file_name)
+ << '(' << entry_data.m_line_num << "), ";
+ output << "error in \"" << test_phase_identifier() << "\": ";
+ m_isTestCaseFailed = true;
+ break;
+
+ case BOOST_UTL_ET_FATAL_ERROR:
+ output << '\t' << BOLD_YELLOW_BEGIN << get_basename(entry_data.m_file_name)
+ << '(' << entry_data.m_line_num << "), ";
+ output << " fatal error in \"" << test_phase_identifier() << "\": ";
+ m_isTestCaseFailed = true;
+ break;
+ }
+
+ output << COLOR_END;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_entry_value(
+ std::ostream &output,
+ const_string value)
+{
+ output << value;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_entry_value(
+ std::ostream &output,
+ lazy_ostream const &value)
+{
+ output << value;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::log_entry_finish(
+ std::ostream &output)
+{
+ output << std::endl;
+}
+
+//____________________________________________________________________________//
+
+void
+colour_log_formatter::entry_context_start(
+ std::ostream& output,
+ boost::unit_test::log_level l)
+{
+ output << (l == log_successful_tests ? "\nAssertion" : "\nFailure")
+ << " occurred in a following context:";
+}
+
+void
+colour_log_formatter::log_entry_context(
+ std::ostream& output,
+ boost::unit_test::const_string value)
+{
+ output << "\n " << value;
+}
+
+void
+colour_log_formatter::entry_context_finish(std::ostream& output)
+{
+ output.flush();
+}
+
+#if BOOST_VERSION >= 106500
+void
+colour_log_formatter::log_entry_context(std::ostream& os, log_level l, const_string value)
+{
+ (void)l;
+ os << "\n " << value;
+}
+void
+colour_log_formatter::entry_context_finish(std::ostream& os, log_level l)
+{
+ (void)l;
+ os.flush();
+}
+#endif
+
+//____________________________________________________________________________//
+} // namespace Test
+} // namespace Kse
+
+//____________________________________________________________________________//
+
--- /dev/null
+/*
+ * Boost Software License - Version 1.0 - August 17th, 2003
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
+ * SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
+ * FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
+ * DEALINGS IN THE SOFTWARE.
+ */
+#pragma once
+
+#include <boost/test/unit_test_log_formatter.hpp>
+
+namespace Kse {
+namespace Test {
+
+class colour_log_formatter : public boost::unit_test::unit_test_log_formatter {
+public:
+ // Formatter interface
+ colour_log_formatter() : m_isTestCaseFailed(false) {}
+ void log_start(
+ std::ostream &,
+ boost::unit_test::counter_t test_cases_amount);
+ void log_finish(std::ostream &);
+ void log_build_info(std::ostream &);
+ void log_build_info(std::ostream &output, bool log_build_info = true);
+
+ void test_unit_start(
+ std::ostream &,
+ boost::unit_test::test_unit const &tu);
+ void test_unit_finish(
+ std::ostream &,
+ boost::unit_test::test_unit const &tu,
+ unsigned long elapsed);
+ void test_unit_skipped(
+ std::ostream &,
+ boost::unit_test::test_unit const &tu);
+
+ void log_exception(
+ std::ostream &,
+ boost::unit_test::log_checkpoint_data const &,
+ boost::execution_exception const &ex);
+ void log_exception_start(
+ std::ostream &,
+ boost::unit_test::log_checkpoint_data const &,
+ boost::execution_exception const &ex);
+ void log_exception_finish(std::ostream &os);
+
+ void log_entry_start(
+ std::ostream &,
+ boost::unit_test::log_entry_data const &,
+ log_entry_types let);
+ void log_entry_value(
+ std::ostream &,
+ boost::unit_test::const_string value);
+ void log_entry_value(
+ std::ostream &,
+ boost::unit_test::lazy_ostream const &value);
+ void log_entry_finish(std::ostream &);
+
+ void entry_context_start(std::ostream& os, boost::unit_test::log_level l);
+ void log_entry_context(std::ostream& os,
+ boost::unit_test::const_string value);
+ void entry_context_finish(std::ostream& os);
+#if BOOST_VERSION >= 106500
+ void log_entry_context(
+ std::ostream& os,
+ boost::unit_test::log_level l,
+ boost::unit_test::const_string value);
+ void entry_context_finish(
+ std::ostream& os,
+ boost::unit_test::log_level l);
+#endif
+
+private:
+ bool m_isTestCaseFailed;
+};
+
+}
+}
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file main.cpp
+ * @author Kyungwook Tak (k.tak@samsung.com)
+ * @version 1.0
+ * @brief test main used boost test framework
+ */
+#define BOOST_TEST_MODULE KSE_INTERNAL_TEST
+
+#include <boost/test/unit_test.hpp>
+
+#include "test-common.h"
+
+BOOST_GLOBAL_FIXTURE(TestConfig);
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file test-common.h
+ * @author Kyungwook Tak (k.tak@samsung.com)
+ * @version 1.0
+ */
+#pragma once
+
+#include <vector>
+
+#include <boost/test/unit_test.hpp>
+#include <boost/test/unit_test_log.hpp>
+#include <boost/test/results_reporter.hpp>
+
+#include "colour_log_formatter.h"
+
+/* fixtures should be declared on outside of namespace */
+struct TestConfig {
+ TestConfig()
+ {
+ boost::unit_test::unit_test_log.set_threshold_level(boost::unit_test::log_test_units);
+ boost::unit_test::results_reporter::set_level(boost::unit_test::SHORT_REPORT);
+ boost::unit_test::unit_test_log.set_formatter(new Kse::Test::colour_log_formatter);
+
+ BOOST_TEST_MESSAGE("run test program with --run_test=SYSTEM on sdb root turned ON");
+ BOOST_TEST_MESSAGE("run test program with --run_test=USER on sdb root turned OFF");
+ }
+};
--- /dev/null
+/*
+ * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ *
+ * @file test_cases.cpp
+ * @author Dongsun Lee (ds73.lee@samsung.com)
+ * @version 1.0
+ * @brief tests for SE Backend
+ */
+#include <boost/test/unit_test.hpp>
+#include <stdio.h>
+#include <string>
+#include <key-manager-se-backend.h>
+
+BOOST_AUTO_TEST_SUITE(USER)
+
+BOOST_AUTO_TEST_SUITE(SE_EMUL);
+
+void _print_bin(char *bin, uint32_t len) {
+ for(uint32_t i=0; i<len; i++) {
+ printf("%02X, ", 0x00FF & bin[i]);
+ }
+ printf("\n");
+}
+
+bool _dbp_key_exist()
+{
+ bool key_exist = true;
+ kmsb_error_e ret = KMSB_ERROR_NONE;
+
+ unsigned char input[32] = {0x01};
+ unsigned char iv[16] = {0x02};
+ unsigned char *output = NULL;
+ unsigned int output_len = 0;
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ &output, &output_len);
+ if (ret == KMSB_ERROR_NO_KEY)
+ key_exist = false;
+
+ BOOST_TEST_MESSAGE( "Check Existence of DB Protection Key : Exist=" << std::boolalpha << key_exist );
+ return key_exist;
+}
+
+struct dbp_key_checker
+{
+ dbp_key_checker() {}
+
+ boost::test_tools::assertion_result operator()(boost::unit_test::test_unit_id)
+ {
+ return _dbp_key_exist();
+ }
+};
+
+struct no_dbp_key_checker
+{
+ no_dbp_key_checker() {}
+
+ boost::test_tools::assertion_result operator()(boost::unit_test::test_unit_id)
+ {
+ return !_dbp_key_exist();
+ }
+};
+
+BOOST_AUTO_TEST_CASE(kmsb_generate_dbp_key_p,
+ * boost::unit_test::precondition(no_dbp_key_checker()))
+{
+ kmsb_error_e ret = KMSB_ERROR_NONE;
+
+ unsigned char input[32] = {0x01};
+ unsigned char iv[16] = {0x02};
+ unsigned char *output = NULL;
+ unsigned int output_len = 0;
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ &output, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_NO_KEY);
+
+ ret = kmsb_generate_dbp_key(false);
+ BOOST_REQUIRE(ret == KMSB_ERROR_NONE);
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ &output, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_NONE);
+ free(output);
+}
+
+BOOST_AUTO_TEST_CASE(kmsb_generate_dbp_key_regenerate_p,
+ * boost::unit_test::precondition(dbp_key_checker()))
+{
+ kmsb_error_e ret = kmsb_generate_dbp_key(true);
+ BOOST_REQUIRE(ret == KMSB_ERROR_NONE);
+}
+
+BOOST_AUTO_TEST_CASE(kmsb_generate_dbp_key_not_permitted_n,
+ * boost::unit_test::precondition(dbp_key_checker()))
+{
+ kmsb_error_e ret = kmsb_generate_dbp_key(false);
+ BOOST_REQUIRE(ret == KMSB_ERROR_NOT_PERMITTED);
+}
+
+BOOST_AUTO_TEST_CASE(kmsb_encrypt_with_dbp_key_p,
+ * boost::unit_test::precondition(dbp_key_checker()))
+{
+ kmsb_error_e ret = KMSB_ERROR_NONE;
+
+ unsigned char input[32] = {0x01};
+ unsigned char iv[16] = {0x02};
+ unsigned char *output1 = NULL;
+ unsigned char *output2 = NULL;
+ unsigned int output_len = 0;
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ &output1, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_NONE);
+ BOOST_REQUIRE(output_len == sizeof(input));
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ &output2, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_NONE);
+ BOOST_REQUIRE(output_len == sizeof(input));
+
+ BOOST_REQUIRE(std::memcmp(output1, output2, output_len) == 0);
+
+ free(output1);
+ free(output2);
+}
+
+BOOST_AUTO_TEST_CASE(kmsb_encrypt_with_dbp_key_invalid_parameter_n)
+{
+ kmsb_error_e ret = KMSB_ERROR_NONE;
+
+ unsigned char input[32] = {0x01};
+ unsigned char iv[16] = {0x02};
+ unsigned char *output = NULL;
+ unsigned int output_len = 0;
+
+ ret = kmsb_encrypt_with_dbp_key(0,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ &output, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_INVALID_PARAMETER);
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ NULL, sizeof(input),
+ iv, sizeof(iv),
+ &output, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_INVALID_PARAMETER);
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, 0,
+ iv, sizeof(iv),
+ &output, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_INVALID_PARAMETER);
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ NULL, sizeof(iv),
+ &output, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_INVALID_PARAMETER);
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, 0,
+ &output, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_INVALID_PARAMETER);
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ NULL, &output_len);
+ BOOST_REQUIRE(ret == KMSB_ERROR_INVALID_PARAMETER);
+
+ ret = kmsb_encrypt_with_dbp_key(SE_BACKEND_DBP_SCHEME_VERSION,
+ input, sizeof(input),
+ iv, sizeof(iv),
+ &output, NULL);
+ BOOST_REQUIRE(ret == KMSB_ERROR_INVALID_PARAMETER);
+}
+
+BOOST_AUTO_TEST_SUITE_END() // SE_EMUL
+
+BOOST_AUTO_TEST_SUITE_END() // USER
projects / platform / core / security / key-manager-se-backend.git / commitdiff