From: Krzysztof Jackiewicz Date: Mon, 31 Mar 2025 17:00:11 +0000 (+0200) Subject: Move alias info tests to separate group & file X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=2a1db9432aa5a84c0be3dc62302b7ac1f412ea77;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Move alias info tests to separate group & file ckm-privileged-tests --group=CKMC_ALIAS_INFO Change-Id: Ic097b2844405fa13050123bb69af0cb00852bdc5 --- diff --git a/src/ckm/privileged/CMakeLists.txt b/src/ckm/privileged/CMakeLists.txt index 80d21827..7d998855 100644 --- a/src/ckm/privileged/CMakeLists.txt +++ b/src/ckm/privileged/CMakeLists.txt @@ -78,6 +78,7 @@ INSTALL(FILES ${EIV_FILES} DESTINATION ${CKM_TEST_DIR}) SET(CKM_SOURCES async-api.cpp + alias-info.cpp capi-access_control.cpp ckm-privileged-common.cpp initial-values.cpp diff --git a/src/ckm/privileged/alias-info.cpp b/src/ckm/privileged/alias-info.cpp new file mode 100644 index 00000000..bd3b6c0f --- /dev/null +++ b/src/ckm/privileged/alias-info.cpp @@ -0,0 +1,254 @@ +/* + * Copyright (c) 2025 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +#include +#include + +#include + +namespace { + +const char * const APP_PASS_1 = "app-pass-1"; +const char* TEST_ALIAS = "test-alias"; +const char* TEST_DATA = "dsflsdkghkslhglrtghierhgilrehgidsafasdffsgfdgdgfdgfdgfdgfdggf"; +const char* RSA_PUB_KEY_PEM = + "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n" + "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n" + "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n" + "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n" + "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n" + "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n" + "zQIDAQAB\n" + "-----END PUBLIC KEY-----"; + +uid_t USER_ID; +std::string PKG_ID; + +std::unique_ptr APP; + +constexpr uid_t SYSTEM_UID = 0; + +class AppInstallationFixture: public DPL::Test::TestGroup +{ +public: + void Init() override + { + m_user = std::make_unique( + TestUser::createTemporary("ckm_test_user", GUM_USERTYPE_NORMAL, false)); + USER_ID = m_user->getUid(); + + APP = std::make_unique("ckm_test_app", m_user->getUid()); + m_installer = std::make_unique(*APP); + + PKG_ID = APP->getPkgId(); + + // clean system db just in case + remove_user_data(SYSTEM_UID); + } + + void Finish() override + { + m_installer.reset(); + m_user.reset(); + } + +private: + std::unique_ptr m_installer; + std::unique_ptr m_user; +}; + +} // namespace + +RUNNER_TEST_GROUP_INIT_ENV(CKMC_ALIAS_INFO, AppInstallationFixture); + +RUNNER_TEST(utc_ckmc_get_key_alias_info_list_p) +{ + ckmc_alias_info_list_s* ppalias_list = nullptr; + + int ret = ckmc_get_key_alias_info_list(&ppalias_list); + ckmc_alias_info_list_all_free(ppalias_list); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_DB_ALIAS_UNKNOWN, + "Expected CKMC_ERROR_DB_ALIAS_UNKNOWN, returned: " << CKMCErrorToString(ret)); +} + +RUNNER_TEST(utc_ckmc_get_key_alias_info_list_n) +{ + int ret = ckmc_get_key_alias_info_list(nullptr); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_INVALID_PARAMETER, + "Expected invalid parameter error, returned: " << CKMCErrorToString(ret)); +} + +RUNNER_TEST(utc_ckmc_get_cert_alias_info_list_p) +{ + ckmc_alias_info_list_s* ppalias_list = nullptr; + + int ret = ckmc_get_cert_alias_info_list(&ppalias_list); + ckmc_alias_info_list_all_free(ppalias_list); + RUNNER_ASSERT_MSG( + ret == CKMC_ERROR_DB_ALIAS_UNKNOWN, + "Expected CKMC_ERROR_DB_ALIAS_UNKNOWN, returned: " << CKMCErrorToString(ret)); +} + +RUNNER_TEST(utc_ckmc_get_cert_alias_info_list_n) +{ + int ret = ckmc_get_cert_alias_info_list(nullptr); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_INVALID_PARAMETER, + "Expected invalid parameter error, returned: " << CKMCErrorToString(ret)); +} + + +RUNNER_TEST(utc_ckmc_get_data_alias_info_list_p1) +{ + ckmc_alias_info_list_s* ppalias_list = nullptr; + + int ret = ckmc_get_data_alias_info_list(&ppalias_list); + ckmc_alias_info_list_all_free(ppalias_list); + RUNNER_ASSERT_MSG( + ret == CKMC_ERROR_DB_ALIAS_UNKNOWN, + "Expected CKMC_ERROR_DB_ALIAS_UNKNOWN, returned: " << CKMCErrorToString(ret)); +} + + +RUNNER_CHILD_TEST(utc_ckmc_get_data_alias_info_list_p2) +{ + ScopedDBUnlock unlock(USER_ID, APP_PASS_1); + ScopedAppLauncher(*APP, [&]{ + ScopedSaveData ssd(TEST_ALIAS, TEST_DATA); + + ckmc_alias_info_list_s* ppalias_list = nullptr; + + int ret = ckmc_get_data_alias_info_list(&ppalias_list); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, + "Expected no error, returned: " << CKMCErrorToString(ret)); + + char* alias = nullptr; + ret = ckmc_alias_info_get_alias(ppalias_list->info, &alias); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, + "Failed to get alias, returned: " << CKMCErrorToString(ret)); + RUNNER_ASSERT_MSG(ppalias_list->next == nullptr, "More elements returned"); + std::string aliasOrig = std::string(PKG_ID) + " " + std::string(TEST_ALIAS); + RUNNER_ASSERT_MSG(aliasOrig == alias, "Invalid alias returned : " << alias); + + ckmc_alias_info_list_all_free(ppalias_list); + }); +} + + +RUNNER_TEST(utc_ckmc_get_data_alias_info_list_n) +{ + int ret = ckmc_get_data_alias_info_list(nullptr); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_INVALID_PARAMETER, + "Expected invalid parameter error, returned: " << CKMCErrorToString(ret)); +} + +RUNNER_TEST(utc_ckmc_alias_info_get_alias_p) +{ + ckmc_alias_info_list_s *ppalias_list, *tmp; + ckmc_key_s test_key; + ckmc_policy_s test_policy; + int ret; + char* current_alias; + const char* alias = "utc_ckmc_alias_info_get_alias_p_test_alias"; + bool foundAlias = false; + + test_key.raw_key = reinterpret_cast(const_cast(RSA_PUB_KEY_PEM)); + test_key.key_size = strlen(RSA_PUB_KEY_PEM); + test_key.key_type = CKMC_KEY_RSA_PUBLIC; + test_key.password = nullptr; + + test_policy.password = nullptr; + test_policy.extractable = true; + + ret = ckmc_save_key(alias, test_key, test_policy); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); + + ret = ckmc_get_key_alias_info_list(&ppalias_list); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); + + tmp = ppalias_list; + + while (tmp) { + ret = ckmc_alias_info_get_alias(tmp->info, ¤t_alias); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, + "Expected no error, got " << CKMCErrorToString(ret)); + if (strstr(current_alias, alias)) { + foundAlias = true; + break; + } + tmp = tmp->next; + } + ckmc_alias_info_list_all_free(ppalias_list); + ckmc_remove_key(alias); + RUNNER_ASSERT_MSG(foundAlias, "Expected to find alias, but alias not found"); +} + +RUNNER_TEST(utc_ckmc_alias_info_is_password_protected_p) +{ + ckmc_alias_info_list_s *ppalias_list, *tmp; + ckmc_key_s test_key; + ckmc_policy_s test_policy; + int ret; + char* current_alias; + const char* alias = "utc_ckmc_alias_info_get_alias_p_test_alias"; + bool foundAlias = false; + + test_key.raw_key = reinterpret_cast(const_cast(RSA_PUB_KEY_PEM)); + test_key.key_size = strlen(RSA_PUB_KEY_PEM); + test_key.key_type = CKMC_KEY_RSA_PUBLIC; + test_key.password = nullptr; + + test_policy.password = nullptr; + test_policy.extractable = true; + + ret = ckmc_save_key(alias, test_key, test_policy); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); + + ret = ckmc_get_key_alias_info_list(&ppalias_list); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); + + tmp = ppalias_list; + + while (tmp) { + ret = ckmc_alias_info_get_alias(tmp->info, ¤t_alias); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, + "Expected no error, got " << CKMCErrorToString(ret)); + if (strstr(current_alias, alias)) { + foundAlias = true; + bool is_password_protected; + ret = ckmc_alias_info_is_password_protected(tmp->info, &is_password_protected); + RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, + "Expected no error, got " << CKMCErrorToString(ret)); + RUNNER_ASSERT(!is_password_protected); + break; + } + tmp = tmp->next; + } + ckmc_alias_info_list_all_free(ppalias_list); + ckmc_remove_key(alias); + RUNNER_ASSERT(foundAlias); +} diff --git a/src/ckm/privileged/capi-access_control.cpp b/src/ckm/privileged/capi-access_control.cpp index 1275b442..471ab0e5 100644 --- a/src/ckm/privileged/capi-access_control.cpp +++ b/src/ckm/privileged/capi-access_control.cpp @@ -29,16 +29,6 @@ const char* TEST_ALIAS2 = "test-alias2"; const char* TEST_ALIAS3 = "test-alias3"; const char* TEST_DATA = "dsflsdkghkslhglrtghierhgilrehgidsafasdffsgfdgdgfdgfdgfdgfdggf"; -const char* RSA_PUB_KEY_PEM = - "-----BEGIN PUBLIC KEY-----\n" - "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n" - "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n" - "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n" - "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n" - "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n" - "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n" - "zQIDAQAB\n" - "-----END PUBLIC KEY-----"; uid_t USER_ID; uid_t USER_ID_2; @@ -1166,170 +1156,3 @@ RUNNER_CHILD_TEST(T3143_control_deprecated_access_allowed_with_remove) syncPipe.post(); } -RUNNER_TEST(utc_ckmc_get_key_alias_info_list_p) -{ - ckmc_alias_info_list_s* ppalias_list = nullptr; - - int ret = ckmc_get_key_alias_info_list(&ppalias_list); - ckmc_alias_info_list_all_free(ppalias_list); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_DB_ALIAS_UNKNOWN, - "Expected CKMC_ERROR_DB_ALIAS_UNKNOWN, returned: " << CKMCErrorToString(ret)); -} - -RUNNER_TEST(utc_ckmc_get_key_alias_info_list_n) -{ - int ret = ckmc_get_key_alias_info_list(nullptr); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_INVALID_PARAMETER, - "Expected invalid parameter error, returned: " << CKMCErrorToString(ret)); -} - -RUNNER_TEST(utc_ckmc_get_cert_alias_info_list_p) -{ - ckmc_alias_info_list_s* ppalias_list = nullptr; - - int ret = ckmc_get_cert_alias_info_list(&ppalias_list); - ckmc_alias_info_list_all_free(ppalias_list); - RUNNER_ASSERT_MSG( - ret == CKMC_ERROR_DB_ALIAS_UNKNOWN, - "Expected CKMC_ERROR_DB_ALIAS_UNKNOWN, returned: " << CKMCErrorToString(ret)); -} - -RUNNER_TEST(utc_ckmc_get_cert_alias_info_list_n) -{ - int ret = ckmc_get_cert_alias_info_list(nullptr); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_INVALID_PARAMETER, - "Expected invalid parameter error, returned: " << CKMCErrorToString(ret)); -} - - -RUNNER_TEST(utc_ckmc_get_data_alias_info_list_p1) -{ - ckmc_alias_info_list_s* ppalias_list = nullptr; - - int ret = ckmc_get_data_alias_info_list(&ppalias_list); - ckmc_alias_info_list_all_free(ppalias_list); - RUNNER_ASSERT_MSG( - ret == CKMC_ERROR_DB_ALIAS_UNKNOWN, - "Expected CKMC_ERROR_DB_ALIAS_UNKNOWN, returned: " << CKMCErrorToString(ret)); -} - - -RUNNER_CHILD_TEST(utc_ckmc_get_data_alias_info_list_p2) -{ - ScopedDBUnlock unlock(USER_ID, APP_PASS_1); - ScopedAppLauncher(*USER1_APP1, [&]{ - ScopedSaveData ssd(TEST_ALIAS, TEST_DATA); - - ckmc_alias_info_list_s* ppalias_list = nullptr; - - int ret = ckmc_get_data_alias_info_list(&ppalias_list); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, - "Expected no error, returned: " << CKMCErrorToString(ret)); - - char* alias = nullptr; - ret = ckmc_alias_info_get_alias(ppalias_list->info, &alias); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, - "Failed to get alias, returned: " << CKMCErrorToString(ret)); - RUNNER_ASSERT_MSG(ppalias_list->next == nullptr, "More elements returned"); - std::string aliasOrig = std::string(PKG_ID) + " " + std::string(TEST_ALIAS); - RUNNER_ASSERT_MSG(strcmp(alias, aliasOrig.c_str()) == 0, - "Invalid aliast returned : " << alias); - - ckmc_alias_info_list_all_free(ppalias_list); - }); -} - - -RUNNER_TEST(utc_ckmc_get_data_alias_info_list_n) -{ - int ret = ckmc_get_data_alias_info_list(nullptr); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_INVALID_PARAMETER, - "Expected invalid parameter error, returned: " << CKMCErrorToString(ret)); -} - -RUNNER_TEST(utc_ckmc_alias_info_get_alias_p) -{ - ckmc_alias_info_list_s *ppalias_list, *tmp; - ckmc_key_s test_key; - ckmc_policy_s test_policy; - int ret; - char* current_alias; - const char* alias = "utc_ckmc_alias_info_get_alias_p_test_alias"; - bool foundAlias = false; - - test_key.raw_key = (unsigned char *)RSA_PUB_KEY_PEM; - test_key.key_size = strlen(RSA_PUB_KEY_PEM); - test_key.key_type = CKMC_KEY_RSA_PUBLIC; - test_key.password = nullptr; - - test_policy.password = nullptr; - test_policy.extractable = true; - - ret = ckmc_save_key(alias, test_key, test_policy); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); - - ret = ckmc_get_key_alias_info_list(&ppalias_list); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); - - tmp = ppalias_list; - - while (tmp) { - ret = ckmc_alias_info_get_alias(tmp->info, ¤t_alias); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, - "Expected no error, got " << CKMCErrorToString(ret)); - if (strstr(current_alias, alias)) { - foundAlias = true; - break; - } - tmp = tmp->next; - } - ckmc_alias_info_list_all_free(ppalias_list); - ckmc_remove_key(alias); - RUNNER_ASSERT_MSG(foundAlias == true, "Expected to find alias, but alias not found"); -} - -RUNNER_TEST(utc_ckmc_alias_info_is_password_protected_p) -{ - ckmc_alias_info_list_s *ppalias_list, *tmp; - ckmc_key_s test_key; - ckmc_policy_s test_policy; - int ret; - char* current_alias; - const char* alias = "utc_ckmc_alias_info_get_alias_p_test_alias"; - bool foundAlias = false; - - test_key.raw_key = (unsigned char *)RSA_PUB_KEY_PEM; - test_key.key_size = strlen(RSA_PUB_KEY_PEM); - test_key.key_type = CKMC_KEY_RSA_PUBLIC; - test_key.password = nullptr; - - test_policy.password = nullptr; - test_policy.extractable = true; - - ret = ckmc_save_key(alias, test_key, test_policy); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); - - ret = ckmc_get_key_alias_info_list(&ppalias_list); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, "Expected no error, got " << CKMCErrorToString(ret)); - - tmp = ppalias_list; - - while (tmp) { - ret = ckmc_alias_info_get_alias(tmp->info, ¤t_alias); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, - "Expected no error, got " << CKMCErrorToString(ret)); - if (strstr(current_alias, alias)) { - foundAlias = true; - bool is_password_protected; - ret = ckmc_alias_info_is_password_protected(tmp->info, &is_password_protected); - RUNNER_ASSERT_MSG(ret == CKMC_ERROR_NONE, - "Expected no error, got " << CKMCErrorToString(ret)); - RUNNER_ASSERT(is_password_protected == false); - break; - } - tmp = tmp->next; - } - ckmc_alias_info_list_all_free(ppalias_list); - ckmc_remove_key(alias); - RUNNER_ASSERT(foundAlias == true); -}