From: sangwan.kwon Date: Wed, 12 Jul 2017 06:27:24 +0000 (+0900) Subject: [API Changed] Unify API sets(global, usr) X-Git-Tag: submit/tizen/20170720.071940~4 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=97f5bdbfb8edd50ea454cf618899a214735b7319;p=platform%2Fcore%2Fsecurity%2Ftrust-anchor.git [API Changed] Unify API sets(global, usr) Since global package has own uid, API can be unified. Change-Id: Iefd89f86a00fc52bf143de45b0341662651c9f42 Signed-off-by: sangwan.kwon --- diff --git a/CMakeLists.txt b/CMakeLists.txt index 8f03b61..2af5a0a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -33,8 +33,7 @@ SET(TANCHOR_SRC ${PROJECT_SOURCE_DIR}/src) SET(TARGET_TANCHOR_LIB ${LIB_NAME}) SET(TARGET_TANCHOR_TEST ${LIB_NAME}-test) -ADD_DEFINITIONS("-DTANCHOR_USR_DIR=\"${TANCHOR_USR}\"") -ADD_DEFINITIONS("-DTANCHOR_GLOBAL_DIR=\"${TANCHOR_GLOBAL}\"") +ADD_DEFINITIONS("-DTANCHOR_PKG_DIR=\"${TANCHOR_PKG}\"") ADD_DEFINITIONS("-DTANCHOR_TEST_DIR=\"${TANCHOR_TEST}\"") ADD_DEFINITIONS("-DTANCHOR_BUNDLE=\"${TANCHOR_BUNDLE}\"") ADD_DEFINITIONS("-DTANCHOR_SYSCA=\"${TANCHOR_SYSCA}\"") diff --git a/api/tanchor/trust-anchor.h b/api/tanchor/trust-anchor.h index 3a7f123..a19ac1d 100644 --- a/api/tanchor/trust-anchor.h +++ b/api/tanchor/trust-anchor.h @@ -38,58 +38,13 @@ extern "C" { /** - * @brief Install trust anchor for global app. - * @details App custom certificates would be installed on system. - * This function should be called before trust_anchor_global_launch(). + * @brief Install trust anchor. + * @details Package custom certificates would be installed on system. + * This function should be called before trust_anchor_launch(). * @param[in] package_id Package id - * @param[in] app_certificates_path App custom certificates path - * @param[in] with_system_certificates Whether system certificates use or not - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INVALID_PARAMETER Invalid parameter error - * @retval #TRUST_ANCHOR_ERROR_PERMISSION_DENIED Permission denied error - * @retval #TRUST_ANCHOR_ERROR_NO_SUCH_FILE No such file or directory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_global_launch() - * @see trust_anchor_global_uninstall() - */ -int trust_anchor_global_install(const char *package_id, - const char *app_certificates_path, - bool with_system_certificates); - - -/** - * @brief Install trust anchor for user app. - * @details App custom certificates would be installed on system. - * This function should be called before trust_anchor_usr_launch(). - * @param[in] package_id Package id - * @param[in] app_certificates_path App custom certificates path + * @param[in] pkg_certs_path Package custom certificates path * @param[in] uid user id - * @param[in] with_system_certificates Whether system certificates use or not - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INVALID_PARAMETER Invalid parameter error - * @retval #TRUST_ANCHOR_ERROR_PERMISSION_DENIED Permission denied error - * @retval #TRUST_ANCHOR_ERROR_NO_SUCH_FILE No such file or directory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_usr_launch() - * @see trust_anchor_usr_uninstall() - */ -int trust_anchor_usr_install(const char *package_id, - const char *app_certificates_path, - uid_t uid, - bool with_system_certificates); - - -/** - * @brief Launch trust anchor for global app. - * @details After lauching trust anchor, app can use custom certificates. - * @param[in] package_id Package id - * @param[in] app_certificates_path App custom certificates path + * @param[in] with_system_certs Whether system certificates use or not * @return #TRUST_ANCHOR_ERROR_NONE on success, * negative on error * @retval #TRUST_ANCHOR_ERROR_NONE Successful @@ -98,17 +53,20 @@ int trust_anchor_usr_install(const char *package_id, * @retval #TRUST_ANCHOR_ERROR_PERMISSION_DENIED Permission denied error * @retval #TRUST_ANCHOR_ERROR_NO_SUCH_FILE No such file or directory error * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_global_install() + * @see trust_anchor_launch() + * @see trust_anchor_uninstall() */ -int trust_anchor_global_launch(const char *package_id, - const char *app_certificates_path); +int trust_anchor_install(const char *package_id, + const char *pkg_certs_path, + uid_t uid, + bool with_system_certs); /** - * @brief Launch trust anchor for user app. - * @details After lauching trust anchor, app can use custom certificates. + * @brief Launch trust anchor. + * @details After lauching trust anchor, package can use custom certificates. * @param[in] package_id Package id - * @param[in] app_certificates_path App custom certificates path + * @param[in] pkg_certs_path Package custom certificates path * @param[in] uid user id * @return #TRUST_ANCHOR_ERROR_NONE on success, * negative on error @@ -118,43 +76,28 @@ int trust_anchor_global_launch(const char *package_id, * @retval #TRUST_ANCHOR_ERROR_PERMISSION_DENIED Permission denied error * @retval #TRUST_ANCHOR_ERROR_NO_SUCH_FILE No such file or directory error * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_usr_install() - */ -int trust_anchor_usr_launch(const char *package_id, - const char *app_certificates_path, - uid_t uid); - - -/** - * @brief Uninstall trust anchor for global app. - * @param[in] package_id Package id - * @param[in] app_certificates_path App custom certificates path - * @return #TRUST_ANCHOR_ERROR_NONE on success, - * negative on error - * @retval #TRUST_ANCHOR_ERROR_NONE Successful - * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error - * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_global_install() + * @see trust_anchor_install() */ -int trust_anchor_global_uninstall(const char *package_id, - const char *app_certificates_path); +int trust_anchor_launch(const char *package_id, + const char *pkg_certs_path, + uid_t uid); /** - * @brief Uninstall trust anchor for user app. + * @brief Uninstall trust anchor. * @param[in] package_id Package id - * @param[in] app_certificates_path App custom certificates path + * @param[in] pkg_certs_path Package custom certificates path * @param[in] uid user id * @return #TRUST_ANCHOR_ERROR_NONE on success, * negative on error * @retval #TRUST_ANCHOR_ERROR_NONE Successful * @retval #TRUST_ANCHOR_ERROR_OUT_OF_MEMORY Out of memory error * @retval #TRUST_ANCHOR_ERROR_INTERNAL Internal error - * @see trust_anchor_usr_install() + * @see trust_anchor_install() */ -int trust_anchor_usr_uninstall(const char *package_id, - const char *app_certificates_path, - uid_t uid); +int trust_anchor_uninstall(const char *package_id, + const char *pkg_certs_path, + uid_t uid); #ifdef __cplusplus diff --git a/api/tanchor/trust-anchor.hxx b/api/tanchor/trust-anchor.hxx index a26350f..01dba2e 100644 --- a/api/tanchor/trust-anchor.hxx +++ b/api/tanchor/trust-anchor.hxx @@ -41,8 +41,6 @@ public: explicit TrustAnchor(const std::string &packageId, const std::string &certsDir, uid_t uid) noexcept; - explicit TrustAnchor(const std::string &packageId, - const std::string &certsDir) noexcept; virtual ~TrustAnchor(void); TrustAnchor(const TrustAnchor &) = delete; diff --git a/examples/installer.c b/examples/installer.c index 6b944e0..f4b26f1 100644 --- a/examples/installer.c +++ b/examples/installer.c @@ -27,25 +27,24 @@ int main() { /* - * When app installed trust_anchor_global_install() should be called once. - * If app is user-app, call trust_anchor_usr_install() with uid. + * When package installed trust_anchor_install() should be called once. * * [pre-condition] - * 1. Get with_sys_certs information from App configuration. + * 1. Get with_sys_certs information from package configuration. */ bool with_sys = false; + uid_t uid = -1; - int ret = trust_anchor_global_install("pkgid", "/app_certs_path", with_sys); + int ret = trust_anchor_install("pkgid", "/pkg_certs_path", uid, with_sys); if (ret != TRUST_ANCHOR_ERROR_NONE) { printf("Failed to install operation"); return -1; } /* - * When app uninstalled trust_anchor_global_uninstall() should be called once. - * If app is user-app, call trust_anchor_usr_uninstall() with uid. + * When app uninstalled trust_anchor_uninstall() should be called once. */ - ret = trust_anchor_global_uninstall("pkgid", "/app_certs_path"); + ret = trust_anchor_uninstall("pkgid", "/pkg_certs_path", uid); if (ret != TRUST_ANCHOR_ERROR_NONE) { printf("Failed to uninstall operation"); return -1; diff --git a/examples/launcher.c b/examples/launcher.c index 33f5110..b193da8 100644 --- a/examples/launcher.c +++ b/examples/launcher.c @@ -27,17 +27,18 @@ int main() { /* - * When app launched trust_anchor_global_launch() should be called once. - * If app is user-app, call trust_anchor_usr_launch() with uid. + * When package launched trust_anchor_launch() should be called once. * * [caution] * Since trust anchor launch operation disassocaite namespace, - * other mount tasks should be done before trust_anchor_usr_launch() called. + * other mount tasks should be done before trust_anchor_launch() called. * * [pre-condition] * 1. Launcher should have CAP_SYS_ADMIN. */ - int ret = trust_anchor_global_launch("pkgid", "/app_certs_path"); + uid_t uid = -1; + + int ret = trust_anchor_launch("pkgid", "/pkg_certs_path", uid); if (ret != TRUST_ANCHOR_ERROR_NONE) { printf("Failed to launch operation"); return -1; diff --git a/packaging/trust-anchor.spec b/packaging/trust-anchor.spec index 292ce00..931cad3 100644 --- a/packaging/trust-anchor.spec +++ b/packaging/trust-anchor.spec @@ -22,8 +22,7 @@ Requires(postun): /sbin/ldconfig %global smack_label System %global tanchor_base %{TZ_SYS_DATA}/%{lib_name} -%global tanchor_usr %{tanchor_base}/usr -%global tanchor_global %{tanchor_base}/global +%global tanchor_pkg %{tanchor_base}/pkg %global tanchor_bundle %{tanchor_base}/ca-bundle.pem %global tanchor_sysca %{tanchor_base}/.sysca %global tanchor_test %{tanchor_base}/test @@ -39,8 +38,7 @@ SSL root certificates for its HTTPS communication. %{_libdir}/lib%{lib_name}.so.1 %{_libdir}/lib%{lib_name}.so.%{version} %dir %attr(-, %{user_name}, %{group_name}) %{tanchor_base} -%dir %attr(-, %{user_name}, %{group_name}) %{tanchor_usr} -%dir %attr(-, %{user_name}, %{group_name}) %{tanchor_global} +%dir %attr(-, %{user_name}, %{group_name}) %{tanchor_pkg} %attr(-, %{user_name}, %{group_name}) %{tanchor_bundle} %attr(444 %{user_name}, %{group_name}) %{tanchor_sysca} @@ -62,8 +60,7 @@ SSL root certificates for its HTTPS communication. -DGROUP_NAME=%{group_name} \ -DSMACK_LABEL=%{smack_label} \ -DTANCHOR_BASE=%{tanchor_base} \ - -DTANCHOR_USR=%{tanchor_usr} \ - -DTANCHOR_GLOBAL=%{tanchor_global} \ + -DTANCHOR_PKG=%{tanchor_pkg} \ -DTANCHOR_BUNDLE=%{tanchor_bundle} \ -DTANCHOR_SYSCA=%{tanchor_sysca} \ -DTANCHOR_TEST=%{tanchor_test} \ @@ -78,8 +75,7 @@ make %{?_smp_mflags} %install %make_install -mkdir -p %{buildroot}%{tanchor_usr} -mkdir -p %{buildroot}%{tanchor_global} +mkdir -p %{buildroot}%{tanchor_pkg} touch %{buildroot}%{tanchor_bundle} touch %{buildroot}%{tanchor_sysca} diff --git a/src/api.cpp b/src/api.cpp index 2858ed2..a9ecc8d 100644 --- a/src/api.cpp +++ b/src/api.cpp @@ -27,54 +27,29 @@ using namespace tanchor; TANCHOR_API -int trust_anchor_global_install(const char *package_id, - const char *app_certificates_path, - bool with_system_certificates) +int trust_anchor_install(const char *package_id, + const char *pkg_certs_path, + uid_t uid, + bool with_system_certs) { - TrustAnchor ta(package_id, app_certificates_path); - return ta.install(with_system_certificates); + TrustAnchor ta(package_id, pkg_certs_path, uid); + return ta.install(with_system_certs); } TANCHOR_API -int trust_anchor_usr_install(const char *package_id, - const char *app_certificates_path, - uid_t uid, - bool with_system_certificates) +int trust_anchor_launch(const char *package_id, + const char *pkg_certs_path, + uid_t uid) { - TrustAnchor ta(package_id, app_certificates_path, uid); - return ta.install(with_system_certificates); -} - -TANCHOR_API -int trust_anchor_global_launch(const char *package_id, - const char *app_certificates_path) -{ - TrustAnchor ta(package_id, app_certificates_path); - return ta.launch(); -} - -TANCHOR_API -int trust_anchor_usr_launch(const char *package_id, - const char *app_certificates_path, - uid_t uid) -{ - TrustAnchor ta(package_id, app_certificates_path, uid); + TrustAnchor ta(package_id, pkg_certs_path, uid); return ta.launch(); } TANCHOR_API -int trust_anchor_global_uninstall(const char *package_id, - const char *app_certificates_path) -{ - TrustAnchor ta(package_id, app_certificates_path); - return ta.uninstall(); -} - -TANCHOR_API -int trust_anchor_usr_uninstall(const char *package_id, - const char *app_certificates_path, - uid_t uid) +int trust_anchor_uninstall(const char *package_id, + const char *pkg_certs_path, + uid_t uid) { - TrustAnchor ta(package_id, app_certificates_path, uid); + TrustAnchor ta(package_id, pkg_certs_path, uid); return ta.uninstall(); } diff --git a/src/environment.hxx b/src/environment.hxx index b0d296a..60558bb 100644 --- a/src/environment.hxx +++ b/src/environment.hxx @@ -24,8 +24,7 @@ namespace tanchor { namespace path { -const std::string BASE_USR_PATH(TANCHOR_USR_DIR); -const std::string BASE_GLOBAL_PATH(TANCHOR_GLOBAL_DIR); +const std::string BASE_PKG_PATH(TANCHOR_PKG_DIR); const std::string SYS_CERTS_PATH(TZ_SYS_CA_CERTS); const std::string SYS_BUNDLE_PATH(TZ_SYS_CA_BUNDLE); diff --git a/src/logic.cpp b/src/logic.cpp index e5e7e9d..bc3779d 100644 --- a/src/logic.cpp +++ b/src/logic.cpp @@ -39,8 +39,8 @@ namespace tanchor { -Logic::Logic(const std::string &appCertsPath, const std::string &basePath) : - m_appCertsPath(appCertsPath), +Logic::Logic(const std::string &pkgCertsPath, const std::string &basePath) : + m_pkgCertsPath(pkgCertsPath), m_customBasePath(basePath), m_customCertsPath(m_customBasePath + "/certs"), m_customBundlePath(m_customBasePath + "/bundle"), @@ -51,7 +51,7 @@ void Logic::init(void) const { runtime::File customBaseDir(this->m_customBasePath); if (customBaseDir.exists()) { - WARN("App custom directory is already exist. remove it!"); + WARN("Pkg custom directory is already exist. remove it!"); customBaseDir.remove(true); } customBaseDir.makeDirectory(true); @@ -90,8 +90,8 @@ void Logic::makeCustomCerts(void) DEBUG("Success to migrate system certificates."); } - // link app certificates to the custom directory as subjectNameHash - runtime::DirectoryIterator iter(this->m_appCertsPath), end; + // link pkg certificates to the custom directory as subjectNameHash + runtime::DirectoryIterator iter(this->m_pkgCertsPath), end; while (iter != end) { Certificate cert(iter->getPath()); std::string uName = this->getUniqueCertName(cert.getSubjectNameHash()); @@ -108,7 +108,7 @@ void Logic::makeCustomBundle(void) runtime::File customBundle(this->m_customBundlePath + "/" + File::getName(path::SYS_BUNDLE_PATH)); if (customBundle.exists()) { - WARN("App custom bundle is already exist. remove it!"); + WARN("Pkg custom bundle is already exist. remove it!"); customBundle.remove(); } @@ -124,7 +124,7 @@ void Logic::makeCustomBundle(void) if (this->m_customCertsData.empty()) { DEBUG("System certificates is changed after TrustAnchor installation."); - runtime::DirectoryIterator iter(this->m_appCertsPath), end; + runtime::DirectoryIterator iter(this->m_pkgCertsPath), end; while (iter != end) { Certificate cert(iter->getPath()); this->m_customCertsData.emplace_back(cert.getCertificateData()); @@ -132,7 +132,7 @@ void Logic::makeCustomBundle(void) } } - DEBUG("Start to add app's certificate to bundle."); + DEBUG("Start to add pkg's certificate to bundle."); customBundle.open(O_RDWR | O_APPEND); for (const auto &cert : this->m_customCertsData) { customBundle.write(cert.c_str(), cert.length()); @@ -140,12 +140,12 @@ void Logic::makeCustomBundle(void) customBundle.write(newLine.c_str(), newLine.length()); } - INFO("Success to make app custom bundle."); + INFO("Success to make pkg custom bundle."); } -bool Logic::isAppCertsValid(void) const +bool Logic::isPkgCertsValid(void) const { - runtime::File file(this->m_appCertsPath); + runtime::File file(this->m_pkgCertsPath); if (!file.exists()) ThrowExc(TRUST_ANCHOR_ERROR_NO_SUCH_FILE, diff --git a/src/logic.hxx b/src/logic.hxx index 9540243..a543363 100644 --- a/src/logic.hxx +++ b/src/logic.hxx @@ -29,7 +29,7 @@ namespace tanchor { class Logic { public: - explicit Logic(const std::string &appCertsPath, const std::string &basePath); + explicit Logic(const std::string &pkgCertsPath, const std::string &basePath); virtual ~Logic(void) = default; Logic(const Logic &) = delete; @@ -43,7 +43,7 @@ public: void makeCustomCerts(void); void makeCustomBundle(void); - bool isAppCertsValid(void) const; + bool isPkgCertsValid(void) const; bool isSystemCertsUsed(void) const; bool isSystemCertsModified(void) const; @@ -56,7 +56,7 @@ public: private: std::string getUniqueCertName(const std::string &name) const; - std::string m_appCertsPath; + std::string m_pkgCertsPath; std::string m_customBasePath; std::string m_customCertsPath; std::string m_customBundlePath; diff --git a/src/trust-anchor.cpp b/src/trust-anchor.cpp index e2c3ea0..e08ae57 100644 --- a/src/trust-anchor.cpp +++ b/src/trust-anchor.cpp @@ -34,8 +34,6 @@ public: explicit Impl(const std::string &packageId, const std::string &certsDir, uid_t uid) noexcept; - explicit Impl(const std::string &packageId, - const std::string &certsDir) noexcept; virtual ~Impl(void) = default; int install(bool withSystemCerts) noexcept; @@ -54,26 +52,19 @@ TrustAnchor::Impl::Impl(const std::string &packageId, const std::string &certsDir, uid_t uid) noexcept : m_logic(certsDir, - path::BASE_USR_PATH + "/" + + path::BASE_PKG_PATH + "/" + std::to_string(static_cast(uid)) + "/" + packageId) { - INFO("Start tanchor about usr[" << uid << "], app[" << packageId << "]"); -} - -TrustAnchor::Impl::Impl(const std::string &packageId, - const std::string &certsDir) noexcept : - m_logic(certsDir, path::BASE_GLOBAL_PATH + "/" + packageId) -{ - INFO("Start tanchor about global app[" << packageId << "]"); + INFO("Start tanchor about uid[" << uid << "], pkg[" << packageId << "]"); } void TrustAnchor::Impl::preInstall(void) { this->m_logic.init(); - if (!this->m_logic.isAppCertsValid()) - throw std::invalid_argument("App certs dir should be directory."); + if (!this->m_logic.isPkgCertsValid()) + throw std::invalid_argument("Pkg certs dir should be directory."); DEBUG("Success to pre-install stage."); } @@ -153,10 +144,6 @@ TrustAnchor::TrustAnchor(const std::string &packageId, uid_t uid) noexcept : m_pImpl(new Impl(packageId, certsDir, uid)) {} -TrustAnchor::TrustAnchor(const std::string &packageId, - const std::string &certsDir) noexcept : - m_pImpl(new Impl(packageId, certsDir)) {} - TrustAnchor::~TrustAnchor(void) = default; int TrustAnchor::install(bool withSystemCerts) noexcept diff --git a/tests/test-capi-installer.cpp b/tests/test-capi-installer.cpp index 6390cae..546cc6b 100644 --- a/tests/test-capi-installer.cpp +++ b/tests/test-capi-installer.cpp @@ -26,80 +26,41 @@ #include "test-resource.hxx" -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_POSITIVE) +TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_POSITIVE) { - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, false); + int ret = trust_anchor_install(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID, false); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_POSITIVE) +TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_WITH_SYS_POSITIVE) { - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, true); + int ret = trust_anchor_install(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID, true); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_USER_APP_POSITIVE) +TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_NEGATIVE) { - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, false); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_POSITIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, true); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_NEGATIVE) -{ - int ret = trust_anchor_global_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, false); - TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_NEGATIVE) -{ - int ret = trust_anchor_global_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, true); - TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_USER_APP_NEGATIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, false); + int ret = trust_anchor_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, false); TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_NEGATIVE) +TESTCASE(CAPI_TRUST_ANCHOR_INSTALL_WITH_SYS_NEGATIVE) { - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, true); + int ret = trust_anchor_install(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID, true); TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(CAPI_TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_POSITIVE) +TESTCASE(CAPI_TRUST_ANCHOR_UNINSTALL_POSITIVE) { - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, false); + int ret = trust_anchor_install(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID, false); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); - ret = trust_anchor_global_uninstall(DUMMY_PKG_ID, APP_CERTS_DIR); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(CAPI_TRUST_ANCHOR_UNINSTALL_USER_APP_POSITIVE) -{ - int ret = trust_anchor_usr_install(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID, false); + ret = trust_anchor_uninstall(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); - - ret = trust_anchor_usr_uninstall(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(CAPI_TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_NEGATIVE) -{ - int ret = trust_anchor_global_uninstall(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(CAPI_TRUST_ANCHOR_UNINSTALL_USER_APP_NEGATIVE) +TESTCASE(CAPI_TRUST_ANCHOR_UNINSTALL_NEGATIVE) { - int ret = trust_anchor_usr_uninstall(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); + int ret = trust_anchor_uninstall(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); } diff --git a/tests/test-capi-launcher.cpp b/tests/test-capi-launcher.cpp index 942b0e3..2953953 100644 --- a/tests/test-capi-launcher.cpp +++ b/tests/test-capi-launcher.cpp @@ -35,13 +35,13 @@ TESTCASE(CAPI_TRUST_ANCHOR_LAUNCH) auto beforeLs = test::util::ls(TZ_SYS_RO_CA_CERTS); auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - int ret = trust_anchor_global_install(DUMMY_PKG_ID, APP_CERTS_DIR, true); + int ret = trust_anchor_install(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID, true); // pre-condition int pid = fork(); if (pid == 0) { - ret = trust_anchor_global_launch(DUMMY_PKG_ID, APP_CERTS_DIR); + ret = trust_anchor_launch(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); auto afterLsChild = test::util::ls(TZ_SYS_RO_CA_CERTS); diff --git a/tests/test-curl.cpp b/tests/test-curl.cpp index 6635edd..a3764fd 100644 --- a/tests/test-curl.cpp +++ b/tests/test-curl.cpp @@ -42,7 +42,7 @@ TESTCASE(CONNECT_SSL) TESTCASE(TRUST_ANCHOR_LAUNCH) { - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); + tanchor::TrustAnchor ta(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); int ret = ta.install(false); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); @@ -79,7 +79,7 @@ TESTCASE(TRUST_ANCHOR_LAUNCH) TESTCASE(TRUST_ANCHOR_LAUNCH_WITH_SYS) { - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); + tanchor::TrustAnchor ta(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); int ret = ta.install(true); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); @@ -99,7 +99,7 @@ TESTCASE(TRUST_ANCHOR_LAUNCH_WITH_SYS) // check SSL communication std::cout << "###########################################" << std::endl; - std::cout << "## After trust-anchor launch(APP) with SYS#" << std::endl; + std::cout << "## After trust-anchor launch(PKG) with SYS#" << std::endl; std::cout << "###########################################" << std::endl; ret = test::util::connectSSL("https://google.com"); TEST_EXPECT(true, ret == 0); diff --git a/tests/test-installer.cpp b/tests/test-installer.cpp index 15d827c..b75d632 100644 --- a/tests/test-installer.cpp +++ b/tests/test-installer.cpp @@ -32,79 +32,37 @@ #include "test-resource.hxx" #include "test-util.hxx" -TESTCASE(TRUST_ANCHOR_INSTALL_GLOBAL_APP_POSITIVE) +TESTCASE(TRUST_ANCHOR_INSTALL_POSITIVE) { - TIME_MEASURE_START - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); + tanchor::TrustAnchor ta(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); int ret = ta.install(false); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); - TIME_MEASURE_END } -TESTCASE(TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_POSITIVE) +TESTCASE(TRUST_ANCHOR_INSTALL_WITH_SYS_POSITIVE) { - TIME_MEASURE_START - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); + tanchor::TrustAnchor ta(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); int ret = ta.install(true); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); - TIME_MEASURE_END } -TESTCASE(TRUST_ANCHOR_INSTALL_USER_APP_POSITIVE) -{ - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); - int ret = ta.install(false); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_POSITIVE) -{ - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); - int ret = ta.install(true); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(TRUST_ANCHOR_INSTALL_GLOBAL_APP_NEGATIVE) -{ - tanchor::TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - int ret = ta.install(false); - TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(TRUST_ANCHOR_INSTALL_GLOBAL_APP_WITH_SYS_NEGATIVE) -{ - tanchor::TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - int ret = ta.install(true); - TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(TRUST_ANCHOR_INSTALL_USER_APP_NEGATIVE) +TESTCASE(TRUST_ANCHOR_INSTALL_NEGATIVE) { tanchor::TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); int ret = ta.install(false); TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(TRUST_ANCHOR_INSTALL_USER_APP_WITH_SYS_NEGATIVE) +TESTCASE(TRUST_ANCHOR_INSTALL_WITH_SYS_NEGATIVE) { tanchor::TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); int ret = ta.install(true); TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_POSITIVE) -{ - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); - int ret = ta.install(false); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); - - ret = ta.uninstall(); - TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(TRUST_ANCHOR_UNINSTALL_USER_APP_POSITIVE) +TESTCASE(TRUST_ANCHOR_UNINSTALL_POSITIVE) { - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR, DUMMY_UID); + tanchor::TrustAnchor ta(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); int ret = ta.install(false); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); @@ -112,14 +70,7 @@ TESTCASE(TRUST_ANCHOR_UNINSTALL_USER_APP_POSITIVE) TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); } -TESTCASE(TRUST_ANCHOR_UNINSTALL_GLOBAL_APP_NEGATIVE) -{ - tanchor::TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR); - int ret = ta.uninstall(); - TEST_EXPECT(false, ret == TRUST_ANCHOR_ERROR_NONE); -} - -TESTCASE(TRUST_ANCHOR_UNINSTALL_USER_APP_NEGATIVE) +TESTCASE(TRUST_ANCHOR_UNINSTALL_NEGATIVE) { tanchor::TrustAnchor ta(DUMMY_PKG_ID, DUMMY_CERTS_DIR, DUMMY_UID); int ret = ta.uninstall(); diff --git a/tests/test-launcher.cpp b/tests/test-launcher.cpp index 0db5d21..96e1aa8 100644 --- a/tests/test-launcher.cpp +++ b/tests/test-launcher.cpp @@ -37,7 +37,7 @@ TESTCASE(TRUST_ANCHOR_LAUNCH) auto beforeLs = test::util::ls(TZ_SYS_RO_CA_CERTS); auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); + tanchor::TrustAnchor ta(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); int ret = ta.install(false); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); @@ -73,7 +73,7 @@ TESTCASE(TRUST_ANCHOR_LAUNCH_WITH_SYS) auto beforeLs = test::util::ls(TZ_SYS_RO_CA_CERTS); auto beforeCat = test::util::cat(TZ_SYS_RO_CA_BUNDLE); - tanchor::TrustAnchor ta(DUMMY_PKG_ID, APP_CERTS_DIR); + tanchor::TrustAnchor ta(DUMMY_PKG_ID, PKG_CERTS_DIR, DUMMY_UID); int ret = ta.install(true); TEST_EXPECT(true, ret == TRUST_ANCHOR_ERROR_NONE); diff --git a/tests/test-resource.hxx b/tests/test-resource.hxx index 1c9d828..a36f92f 100644 --- a/tests/test-resource.hxx +++ b/tests/test-resource.hxx @@ -25,9 +25,9 @@ #define DUMMY_UID 5001 #define DUMMY_CERTS_DIR "/home/dummy" -#define APP_CERTS_DIR TANCHOR_TEST_DIR "/certs" +#define PKG_CERTS_DIR TANCHOR_TEST_DIR "/certs" -#define TEST_PEM_PATH APP_CERTS_DIR "/02265526.0" +#define TEST_PEM_PATH PKG_CERTS_DIR "/02265526.0" #define TEST_PEM_HASH "02265526" #define TEST_PEM_DATA \