"Error=" << CKM::ErrorToString(tmp));
}
+RUNNER_TEST_GROUP_INIT (T200_CKM_CC_MODE_TESTS); // this test group is only for non-cc certified device
+/* sequence
+ * default status : no event callback registered. // vconftool unset file/security_mdpp/security_mdpp_state
+ * - `ps axf | grep key-manager-listener | grep -v grep | awk '{print "kill -9 " $1}'`
+ * - vconftool unset file/security_mdpp/security_mdpp_state
+ * - /usr/bin/key-manager-listener
+
+ * - Create RSA key // createKeyPairRSA
+ * - try to get private key -> must be success // getKey
+ * - vconftool set -t string file/security_mdpp/security_mdpp_state "Enabled"
+ * - try to get private key : must be success because no callback registered. // getKey
+ *
+ * new status : event callback registered. // unset mdpp_state vconf key and reset mdpp state vconf key
+ * - `ps axf | grep key-manager-listener | grep -v grep | awk '{print "kill -9 " $1}'`
+ * - vconftool set -t string file/security_mdpp/security_mdpp_state "Disabled" -f
+ * - /usr/bin/key-manager-listener
+ * - Create RSA key // createKeyPairRSA
+ * - try to get private key -> must be success // getKey
+ * - vconftool set -t string file/security_mdpp/security_mdpp_state "Enabled" -f
+ * - try to get private key -> must be fail because cc mode is set to 1
+ */
+
+RUNNER_TEST(T2001_init_cc_mode_tests)
+{
+ system("`ps axf | grep key-manager-listener | grep -v grep | awk '{print \"kill -9 \" $1}'`");
+ system("vconftool unset file/security_mdpp/security_mdpp_state");
+ system("/usr/bin/key-manager-listener");
+
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG( CKM_API_SUCCESS == (tmp = control->setCCMode(CKM::CCModeState::CC_MODE_OFF)), // default state : cc mode off
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG( CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG( CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t200-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+ system("");
+}
+
+RUNNER_TEST(T2002_CC_Mode_Changed_Event_Callback_Not_Registered)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::Alias rsa_pri_alias("rsa-private-T2002");
+ CKM::Alias rsa_pub_alias("rsa-public-T2002");
+ CKM::Alias ecdsa_pri_alias("ecdsa-private-T2002");
+ CKM::Alias ecdsa_pub_alias("ecdsa-public-T2002");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(
+ 1024,
+ rsa_pri_alias,
+ rsa_pub_alias,
+ CKM::Policy(CKM::Password(), true),
+ CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(
+ CKM::ElipticCurve::prime192v1,
+ ecdsa_pri_alias,
+ ecdsa_pub_alias,
+ CKM::Policy(CKM::Password(), true),
+ CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::KeyShPtr key1;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(
+ rsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(
+ ecdsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ system("vconftool set -t string file/security_mdpp/security_mdpp_state \"Enabled\"");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(
+ rsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(
+ ecdsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T2003_CC_Mode_Changed_Event_Callback_Registered)
+{
+ system("`ps axf | grep key-manager-listener | grep -v grep | awk '{print \"kill -9 \" $1}'`");
+ system("vconftool set -t string file/security_mdpp/security_mdpp_state \"Disabled\" -f");
+ system("/usr/bin/key-manager-listener");
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::Alias rsa_pri_alias("rsa-private-T2003");
+ CKM::Alias rsa_pub_alias("rsa-public-T2003");
+ CKM::Alias ecdsa_pri_alias("ecdsa-private-T2003");
+ CKM::Alias ecdsa_pub_alias("ecdsa-public-T2003");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(
+ 1024,
+ rsa_pri_alias,
+ rsa_pub_alias,
+ CKM::Policy(CKM::Password(), true),
+ CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(
+ CKM::ElipticCurve::prime192v1,
+ ecdsa_pri_alias,
+ ecdsa_pub_alias,
+ CKM::Policy(CKM::Password(), true),
+ CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::KeyShPtr key1;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(
+ rsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(
+ ecdsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ system("vconftool set -t string file/security_mdpp/security_mdpp_state \"Enabled\" -f");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_BAD_REQUEST == (temp = manager->getKey(
+ rsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_BAD_REQUEST == (temp = manager->getKey(
+ ecdsa_pri_alias,
+ CKM::Password(),
+ key1)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T2004_deinit)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG( CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ system("`ps axf | grep key-manager-listener | grep -v grep | awk '{print \"kill -9 \" $1}'`");
+ system("vconftool unset file/security_mdpp/security_mdpp_state");
+ system("/usr/bin/key-manager-listener");
+}
+
int main(int argc, char *argv[])
{
DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
projects / platform / core / test / security-tests.git / commitdiff