%package -n trust-anchor-test
Summary: Trust Anchor API test
Group: Development/Libraries
+BuildRequires: pkgconfig(libcurl)
%description -n trust-anchor-test
Testcases for trust anchor library
%{_bindir}/%{lib_name}-test-launcher
%{_bindir}/%{lib_name}-test-clauncher
%{_bindir}/%{lib_name}-test-internal
+%{_bindir}/%{lib_name}-test-init.sh
%{TZ_SYS_DATA}/%{lib_name}/test
%{TZ_SYS_DATA}/%{lib_name}/test/certs
-%{TZ_SYS_DATA}/%{lib_name}/test/script
# @author Sangwan Kwon (sangwan.kwon@samsung.com)
# @breif Make trust anchor test program
#
+PKG_CHECK_MODULES(${TARGET_TANCHOR_TEST}_DEP REQUIRED libcurl)
INCLUDE_DIRECTORIES(SYSTEM .
${TANCHOR_INCLUDE}
${TANCHOR_SRC}
- ${${TARGET_TANCHOR_LIB}_DEP_INCLUDE_DIRS})
+ ${${TARGET_TANCHOR_LIB}_DEP_INCLUDE_DIRS}
+ ${${TARGET_TANCHOR_TEST}_DEP_INCLUDE_DIRS})
FUNCTION(BUILD_TEST TEST_NAME TEST_SRCS)
ADD_EXECUTABLE(${TEST_NAME} ${TEST_SRCS})
- TARGET_LINK_LIBRARIES(${TEST_NAME} ${TARGET_TANCHOR_LIB})
+ TARGET_LINK_LIBRARIES(${TEST_NAME} ${TARGET_TANCHOR_LIB}
+ ${${TARGET_TANCHOR_TEST}_DEP_LIBRARIES})
SET_SOURCE_FILES_PROPERTIES(${TEST_SRCS}
PROPERTIES
COMPILE_FLAGS "-D_GNU_SOURCE -fPIE")
test-util.cpp
test-capi-launcher.cpp)
SET(INTERNAL_SRCS main.cpp
+ test-curl.cpp
+ test-util.cpp
test-certificate.cpp)
SET(TEST_INSTALLER ${TARGET_TANCHOR_TEST}-installer)
#include <klay/testbench.h>
+#include <curl/curl.h>
+
int main(int /*argc*/, char** /*argv*/)
{
audit::Logger::setLogLevel(audit::LogLevel::Trace);
+ curl_global_init(CURL_GLOBAL_DEFAULT);
+
testbench::Testbench::runAllTestSuites();
+ curl_global_cleanup();
+
return 0;
}
# @author Sangwan Kwon (sangwan.kwon@samsung.com)
#
-CONFIGURE_FILE(pre-test.sh.in pre-test.sh @ONLY)
-INSTALL(FILES pre-test.sh
- DESTINATION ${TANCHOR_TEST}/script
+SET(TEST_INIT ${TARGET_TANCHOR_TEST}-init.sh)
+CONFIGURE_FILE(pre-test.sh.in ${TEST_INIT} @ONLY)
+INSTALL(FILES ${TEST_INIT}
+ DESTINATION ${BIN_INSTALL_DIR}
PERMISSIONS OWNER_READ
OWNER_WRITE
OWNER_EXECUTE
CLAUNCHER=@BIN_INSTALL_DIR@/@TEST_CLAUNCHER@
INTERNAL=@BIN_INSTALL_DIR@/@TEST_INTERNAL@
+CURL=@BIN_INSTALL_DIR@/curl
+
declare -a TESTS=("$INSTALLER $LAUNCHER $CLAUNCER $INTERNAL")
for t in "${TESTS[@]}"
chsmack -e "@SMACK_LABEL@" $t
done
+# curl should be System label for https communication test
+chsmack -e "@SMACK_LABEL@" $CURL
+
# launch() needs CAP_SYS_ADMIN
setcap cap_sys_admin+ep $LAUNCHER
setcap cap_sys_admin+ep $CLAUNCHER
--- /dev/null
+/*
+ * Copyright (c) 2017 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file test-curl.cpp
+ * @author Sangwan Kwon (sangwan.kwon@samsung.com)
+ * @version 0.1
+ * @brief Unit test program of Curl
+ */
+
+#include <klay/testbench.h>
+
+#include <iostream>
+#include <stdexcept>
+
+#include "test-util.hxx"
+#include "test-resource.hxx"
+
+TESTCASE(CONNECT_SSL)
+{
+ int ret = test::util::connectSSL("https://google.com");
+ TEST_EXPECT(true, ret == 0);
+
+ if (ret != 0)
+ std::cout << "Check wifi connection.." << std::endl;
+}
#include <unistd.h>
+#include <iostream>
+
#include "test-util.hxx"
#include "test-resource.hxx"
auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR);
- int ret = ta.install(true);
+ int ret = ta.install(false);
+
+ std::cout << "## Before trust-anchor launch#############" << std::endl;
+ ret = test::util::connectSSL("https://google.com");
+ std::cout << "##########################################" << std::endl;
+ TEST_EXPECT(true, ret == 0);
// pre-condition
int pid = fork();
if (pid == 0) {
- ret = ta.launch(true);
+ ret = ta.launch(false);
TEST_EXPECT(true, ret == 0);
+ // check file-system
auto afterLsChild = test::util::ls(TZ_SYS_RO_CA_CERTS);
TEST_EXPECT(true, beforeLs != afterLsChild);
auto afterCatChild = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
TEST_EXPECT(true, beforeCat != afterCatChild);
+
+ // check SSL communication
+ std::cout << "## After trust-anchor launch(APP)#########" << std::endl;
+ ret = test::util::connectSSL("https://google.com");
+ std::cout << "##########################################" << std::endl;
+ TEST_EXPECT(false, ret == 0);
+
} else {
auto afterLsParent = test::util::ls(TZ_SYS_RO_CA_CERTS);
TEST_EXPECT(true, beforeLs == afterLsParent);
auto afterCatParent = test::util::cat(TZ_SYS_RO_CA_BUNDLE);
TEST_EXPECT(true, beforeCat == afterCatParent);
+
+ ret = test::util::connectSSL("https://google.com");
+ TEST_EXPECT(true, ret == 0);
}
}
#include <sched.h>
+#include <iostream>
#include <cstdio>
#include <memory>
#include <vector>
+#include <curl/curl.h>
+
namespace test {
namespace util {
return ret;
}
+int connectSSL(const std::string &addr)
+{
+ if (addr.empty())
+ return -1;
+
+ using CURLPtr = std::unique_ptr<CURL, decltype(&::curl_easy_cleanup)>;
+ CURLPtr curl(::curl_easy_init(), ::curl_easy_cleanup);
+ if (curl == nullptr) {
+ std::cout << "Failed to get curl object." << std::endl;
+ return -1;
+ }
+
+ curl_easy_setopt(curl.get(), CURLOPT_URL, addr.c_str());
+
+ CURLcode res = curl_easy_perform(curl.get());
+ if(res != CURLE_OK) {
+ std::cout << "Failed to connect failed: "
+ << curl_easy_strerror(res) << std::endl;
+ return -1;
+ }
+
+ return 0;
+}
+
} // namespace util
} // namespace test
std::string ls(const char *path);
std::string cat(const char *path);
+int connectSSL(const std::string &addr);
+
} // namespace util
} // namespace test