--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file Api.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief Implementation of App custom trust anchor CAPI.
+ */
+#include "acta/app-custom-trust-anchor.h"
+
+#include "AppCustomTrustAnchor.h"
+
+using namespace transec;
+
+int acta_global_install(const char *package_id,
+ const char *app_certificates_path,
+ bool with_system_certificates)
+{
+ AppCustomTrustAnchor acta(package_id, app_certificates_path);
+ return acta.install(with_system_certificates);
+}
+
+int acta_usr_install(const char *package_id,
+ const char *app_certificates_path,
+ uid_t uid,
+ bool with_system_certificates)
+{
+ AppCustomTrustAnchor acta(package_id, app_certificates_path, uid);
+ return acta.install(with_system_certificates);
+}
+
+int acta_global_launch(const char *package_id,
+ const char *app_certificates_path,
+ bool with_system_certificates)
+{
+ AppCustomTrustAnchor acta(package_id, app_certificates_path);
+ return acta.launch(with_system_certificates);
+}
+
+int acta_usr_launch(const char *package_id,
+ const char *app_certificates_path,
+ uid_t uid,
+ bool with_system_certificates)
+{
+ AppCustomTrustAnchor acta(package_id, app_certificates_path, uid);
+ return acta.launch(with_system_certificates);
+}
+
+int acta_global_uninstall(const char *package_id,
+ const char *app_certificates_path)
+{
+ AppCustomTrustAnchor acta(package_id, app_certificates_path);
+ return acta.uninstall();
+}
+
+int acta_usr_uninstall(const char *package_id,
+ const char *app_certificates_path,
+ uid_t uid)
+{
+ AppCustomTrustAnchor acta(package_id, app_certificates_path, uid);
+ return acta.uninstall();
+}
SET(${TARGET_TRANSEC_LIB}_SRCS
InitLib.cpp
Exception.cpp
+ Api.cpp
Certificate.cpp
AppCustomTrustAnchor.cpp
)
TARGET_LINK_LIBRARIES(${TARGET_TRANSEC_LIB}
${${TARGET_TRANSEC_LIB}_DEP_LIBRARIES}
)
+
INSTALL(TARGETS ${TARGET_TRANSEC_LIB} DESTINATION ${LIB_INSTALL_DIR})
+
INSTALL(FILES
AppCustomTrustAnchor.h
DESTINATION
${INCLUDEDIR}/cert-svc/transec
)
+
+INSTALL(DIRECTORY
+ acta
+ DESTINATION
+ ${INCLUDEDIR})
#
SET(TEST_SRCS
main.cpp
+ test-util.cpp
+ test-capi-installer.cpp
+ test-capi-launcher.cpp
test-acta-installer.cpp
test-acta-launcher.cpp
test-certificate.cpp
#include <AppCustomTrustAnchor.h>
-#include <cstdio>
-#include <sched.h>
#include <unistd.h>
-#include <iostream>
-#include <memory>
-#include <vector>
-
+#include "test-util.h"
#include "test-resource.h"
RUNNER_TEST_GROUP_INIT(T0600_API_ACTA_LAUNCER)
using namespace transec;
-namespace {
-
-std::string ls(const char *path)
-{
- using FilePtr = std::unique_ptr<FILE, decltype(&::pclose)>;
- std::string cmd("/bin/ls ");
- cmd.append(path);
-
- FilePtr ls(::popen(cmd.c_str(), "r"), ::pclose);
- if (ls == nullptr)
- return std::string();
-
- std::vector<char> buf(1024);
- std::string ret;
- while (::fgets(buf.data(), buf.size(), ls.get()))
- ret.append(buf.data());
-
- return ret;
-}
-
-std::string cat(const char *path)
-{
- using FilePtr = std::unique_ptr<FILE, decltype(&::pclose)>;
- std::string cmd("/bin/cat ");
- cmd.append(path);
-
- FilePtr ls(::popen(cmd.c_str(), "r"), ::pclose);
- if (ls == nullptr)
- return std::string();
-
- std::vector<char> buf(1024);
- std::string ret;
- while (::fgets(buf.data(), buf.size(), ls.get()))
- ret.append(buf.data());
-
- return ret;
-}
-
-} // namesapce anonymous
-
// Launch needs CAP_SYS_ADMIN
RUNNER_TEST(T0601_ACTA_LAUNCH)
{
- auto beforeLs = ::ls(TZ_SYS_RO_CA_CERTS);
- auto beforeCat = ::cat(TZ_SYS_RO_CA_BUNDLE);
+ auto beforeLs = test::util::ls(TZ_SYS_RO_CA_CERTS);
+ auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
AppCustomTrustAnchor acta(DUMMY_PKG_ID, APP_CERTS_DIR);
int ret = acta.install(true);
ret = acta.launch(true);
RUNNER_ASSERT_MSG(ret == 0, "ACTA launch should be success.");
- auto afterLsChild = ::ls(TZ_SYS_RO_CA_CERTS);
+ auto afterLsChild = test::util::ls(TZ_SYS_RO_CA_CERTS);
RUNNER_ASSERT_MSG(beforeLs != afterLsChild, "Failed to launch.");
- auto afterCatChild = ::cat(TZ_SYS_RO_CA_BUNDLE);
+ auto afterCatChild = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
RUNNER_ASSERT_MSG(beforeCat != afterCatChild, "Failed to launch.");
} else {
- auto afterLsParent = ::ls(TZ_SYS_RO_CA_CERTS);
+ auto afterLsParent = test::util::ls(TZ_SYS_RO_CA_CERTS);
RUNNER_ASSERT_MSG(beforeLs == afterLsParent, "Failed to launch.");
- auto afterCatParent = ::cat(TZ_SYS_RO_CA_BUNDLE);
+ auto afterCatParent = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
RUNNER_ASSERT_MSG(beforeCat == afterCatParent, "Failed to launch.");
}
}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file test-capi-installer.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief Unit test program of ACTA CAPI for installer
+ */
+
+#include <dpl/test/test_runner.h>
+
+#include "acta/app-custom-trust-anchor.h"
+
+#include "test-resource.h"
+
+RUNNER_TEST_GROUP_INIT(T0800_CAPI_ACTA_INSTALLER)
+
+RUNNER_TEST(T0801_CAPI_ACTA_INSTALL_GLOBAL_APP_POSITIVE)
+{
+ int ret = acta_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, false);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA install should be success.");
+}
+
+RUNNER_TEST(T0802_CAPI_ACTA_INSTALL_GLOBAL_APP_WITH_SYS_POSITIVE)
+{
+ int ret = acta_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, true);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA install should be success.");
+}
+
+RUNNER_TEST(T0803_CAPI_ACTA_INSTALL_USER_APP_POSITIVE)
+{
+ int ret = acta_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, false);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA install should be success.");
+}
+
+RUNNER_TEST(T0804_CAPI_ACTA_INSTALL_USER_APP_WITH_SYS_POSITIVE)
+{
+ int ret = acta_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, true);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA install should be success.");
+}
+
+RUNNER_TEST(T0805_CAPI_ACTA_INSTALL_GLOBAL_APP_NEGATIVE)
+{
+ int ret = acta_global_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, false);
+ RUNNER_ASSERT_MSG(ret != 0, "ACTA install should be fail.");
+}
+
+RUNNER_TEST(T0806_CAPI_ACTA_INSTALL_GLOBAL_APP_WITH_SYS_NEGATIVE)
+{
+ int ret = acta_global_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, true);
+ RUNNER_ASSERT_MSG(ret != 0, "ACTA install should be fail.");
+}
+
+RUNNER_TEST(T0807_CAPI_ACTA_INSTALL_USER_APP_NEGATIVE)
+{
+ int ret = acta_usr_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, false);
+ RUNNER_ASSERT_MSG(ret != 0, "ACTA install should be fail.");
+}
+
+RUNNER_TEST(T0808_CAPI_ACTA_INSTALL_USER_APP_WITH_SYS_NEGATIVE)
+{
+ int ret = acta_usr_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, true);
+ RUNNER_ASSERT_MSG(ret != 0, "ACTA install should be fail.");
+}
+
+RUNNER_TEST(T0821_CAPI_ACTA_UNINSTALL_GLOBAL_APP_POSITIVE)
+{
+ int ret = acta_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, false);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA install should be success.");
+
+ ret = acta_global_uninstall(DUMMY_PKG_ID, APP_CERTS_DIR);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA uninstall should be success.");
+}
+
+RUNNER_TEST(T0822_CAPI_ACTA_UNINSTALL_USER_APP_POSITIVE)
+{
+ int ret = acta_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, false);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA install should be success.");
+
+ ret = acta_usr_uninstall(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA uninstall should be success.");
+}
+
+RUNNER_TEST(T0823_CAPI_ACTA_UNINSTALL_GLOBAL_APP_NEGATIVE)
+{
+ int ret = acta_global_uninstall(DUMMY_PKG_ID, DUMMY_CERTS_DIR);
+ RUNNER_ASSERT_MSG(ret != 0, "ACTA uninstall should be fail.");
+}
+
+RUNNER_TEST(T0824_CAPI_ACTA_UNINSTALL_USER_APP_NEGATIVE)
+{
+ int ret = acta_usr_uninstall(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID);
+ RUNNER_ASSERT_MSG(ret != 0, "ACTA uninstall should be fail.");
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file test-capi-launcher.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief Unit test program of ACTA for launcher
+ */
+
+#include <dpl/test/test_runner.h>
+
+#include <acta/app-custom-trust-anchor.h>
+
+#include <unistd.h>
+
+#include "test-util.h"
+#include "test-resource.h"
+
+RUNNER_TEST_GROUP_INIT(T0500_CAPI_ACTA_LAUNCER)
+
+// Launch needs CAP_SYS_ADMIN
+RUNNER_TEST(T0501_ACTA_LAUNCH)
+{
+ auto beforeLs = test::util::ls(TZ_SYS_RO_CA_CERTS);
+ auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
+
+ int ret = acta_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, true);
+
+ // pre-condition
+ int pid = fork();
+
+ if (pid == 0) {
+ ret = acta_global_launch(DUMMY_PKG_ID, APP_CERTS_DIR, true);
+ RUNNER_ASSERT_MSG(ret == 0, "ACTA launch should be success.");
+
+ auto afterLsChild = test::util::ls(TZ_SYS_RO_CA_CERTS);
+ RUNNER_ASSERT_MSG(beforeLs != afterLsChild, "Failed to launch.");
+
+ auto afterCatChild = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
+ RUNNER_ASSERT_MSG(beforeCat != afterCatChild, "Failed to launch.");
+
+ } else {
+ auto afterLsParent = test::util::ls(TZ_SYS_RO_CA_CERTS);
+ RUNNER_ASSERT_MSG(beforeLs == afterLsParent, "Failed to launch.");
+
+ auto afterCatParent = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
+ RUNNER_ASSERT_MSG(beforeCat == afterCatParent, "Failed to launch.");
+ }
+}
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file test-util.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief
+ */
+#include "test-util.h"
+
+#include <sched.h>
+
+#include <cstdio>
+#include <memory>
+#include <vector>
+
+namespace test {
+namespace util {
+
+std::string ls(const char *path)
+{
+ using FilePtr = std::unique_ptr<FILE, decltype(&::pclose)>;
+ std::string cmd("/bin/ls ");
+ cmd.append(path);
+
+ FilePtr ls(::popen(cmd.c_str(), "r"), ::pclose);
+ if (ls == nullptr)
+ return std::string();
+
+ std::vector<char> buf(1024);
+ std::string ret;
+ while (::fgets(buf.data(), buf.size(), ls.get()))
+ ret.append(buf.data());
+
+ return ret;
+}
+
+std::string cat(const char *path)
+{
+ using FilePtr = std::unique_ptr<FILE, decltype(&::pclose)>;
+ std::string cmd("/bin/cat ");
+ cmd.append(path);
+
+ FilePtr ls(::popen(cmd.c_str(), "r"), ::pclose);
+ if (ls == nullptr)
+ return std::string();
+
+ std::vector<char> buf(1024);
+ std::string ret;
+ while (::fgets(buf.data(), buf.size(), ls.get()))
+ ret.append(buf.data());
+
+ return ret;
+}
+
+} // namespace util
+} // namespace test
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file test-util.h
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief
+ */
+#pragma once
+
+#include <stddef.h>
+#include <string>
+
+namespace test {
+namespace util {
+
+std::string ls(const char *path);
+std::string cat(const char *path);
+
+} // namespace util
+} // namespace test