From: Bartlomiej Grzelewski <b.grzelewski@samsung.com>
Date: Mon, 15 Feb 2016 11:26:24 +0000 (+0100)
Subject: CKM: Process identification test.
X-Git-Tag: security-manager_5.5_testing~9^2~27
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=e96d3b27b764d53d6b24233c2e310bc52af3bae6;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

CKM: Process identification test.

Change-Id: I829c31ff3601ffbbab7d3ae4a72e8128333fabe0
---

diff --git a/src/ckm-integration/group01.cpp b/src/ckm-integration/group01.cpp
index 7356f3a..c40da84 100644
--- a/src/ckm-integration/group01.cpp
+++ b/src/ckm-integration/group01.cpp
@@ -38,6 +38,14 @@ typedef ProcessSettings::Executor<
     ProcessSettings::ChangeSmack,
     ProcessSettings::ChangeUid> ProcSettings;
 
+typedef ProcessSettings::Executor<
+    CKMPolicy,
+    ProcessSettings::CreateUser,
+    ProcessSettings::UnlockCkm,
+    ProcessSettings::InstallApp,
+    ProcessSettings::ChangeSmack,
+    ProcessSettings::ChangeUid> ProcSettingsT03;
+
 RUNNER_TEST_GROUP_INIT(GROUP_01_ControlApiAccess);
 
 RUNNER_CHILD_TEST(G01T01_ControlNegative) {
@@ -118,3 +126,24 @@ RUNNER_CHILD_TEST(G01T02_ControlPositive) {
         "Error=" << CKM::ErrorToString(temp));
 }
 
+RUNNER_CHILD_TEST(G01T03_ProcessIdentificationBySecurityManager) {
+    // Socket is secured with 0700
+    // in this test we have no access to this socket
+    // DAC should DENIED access to CKM
+    ProcSettingsT03 ps("PkgIdG01T03", "UserG01T03", PrivCKMStore);
+    ps.Apply();
+
+    auto manager = CKM::Manager::create();
+    std::string someData = "some random data";
+    CKM::RawBuffer buffer(someData.begin(), someData.end());
+    CKM::RawBuffer buffer2;
+
+    RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveData("data3", buffer, CKM::Policy()));
+
+    RUNNER_ASSERT(CKM_API_SUCCESS == manager->getData("PkgIdG01T03 data3", CKM::Password(), buffer2));
+
+    RUNNER_ASSERT(buffer == buffer2);
+
+    RUNNER_ASSERT(CKM_API_SUCCESS == manager->removeAlias("PkgIdG01T03 data3"));
+}
+