From: Dongsun Lee <ds73.lee@samsung.com>
Date: Fri, 11 Aug 2023 05:08:29 +0000 (+0900)
Subject: CKM: Don't set password for importing asymmetric key to TZ_BACKEND
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=cd27ff1955df12c2cfb2ff52c00896cb24f774f5;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

CKM: Don't set password for importing asymmetric key to TZ_BACKEND

Change-Id: I05fd59f4d3171e8a1af6a0587e569903250b3591
---

diff --git a/src/ckm/ckm-common.cpp b/src/ckm/ckm-common.cpp
index a0bdcee4..a9f68fd8 100644
--- a/src/ckm/ckm-common.cpp
+++ b/src/ckm/ckm-common.cpp
@@ -620,9 +620,9 @@ CipherCtxPtr create_cipher_ctx(ckmc_cipher_ctx_h ctx)
     return CipherCtxPtr(ctx, ckmc_cipher_free);
 }
 
-CKM::Policy generate_ckm_policy(int iterator_nr) {
+CKM::Policy generate_ckm_policy(int iterator_nr, bool set_pass) {
     CKM::Password password;
-    if ((iterator_nr & 0x1) != 0)
+    if (((iterator_nr & 0x1) != 0) && set_pass)
         password.assign("test_pwd");
     return CKM::Policy(password, (iterator_nr & 0x2) != 0);
 }
diff --git a/src/ckm/ckm-common.h b/src/ckm/ckm-common.h
index 07cf3ccb..ab686228 100644
--- a/src/ckm/ckm-common.h
+++ b/src/ckm/ckm-common.h
@@ -181,7 +181,7 @@ ckmc_raw_buffer_s* createRandomBufferCAPI(size_t random_bytes);
 ckmc_key_s *generate_AES_key(size_t lengthBits, const char *passwd);
 void validate_AES_key(ckmc_key_s *analyzed);
 void compare_AES_keys(ckmc_key_s *first, ckmc_key_s *second); // true if equal
-CKM::Policy generate_ckm_policy(int iterator_nr); // generates policy based on given number
+CKM::Policy generate_ckm_policy(int iterator_nr, bool set_pass = true); // generates policy based on given number
 
 // Test env class for database cleanup. Pass database uids to cleanup before and after test
 template <uid_t ...Args>
diff --git a/src/ckm/unprivileged/main.cpp b/src/ckm/unprivileged/main.cpp
index 07edb738..64e59ff3 100644
--- a/src/ckm/unprivileged/main.cpp
+++ b/src/ckm/unprivileged/main.cpp
@@ -457,7 +457,12 @@ RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
     // make aliases with & without: password protection, exportable flag
     for (int it = 0; it < aliasNameCount; ++it)
     {
-        CKM::Policy policy = generate_ckm_policy(it);
+#ifdef TZ_BACKEND
+        // TZ_BACKEND doesn't support importing asymmetric key with password
+        CKM::Policy policy = generate_ckm_policy(it, false);
+#else
+        CKM::Policy policy = generate_ckm_policy(it, true);
+#endif
         currentAlias = "T1024_appkey" + std::to_string(it);
         expected.emplace_back(currentAlias,
                               !policy.password.empty(),