Tomasz Swierczek [Fri, 3 Jun 2016 12:12:51 +0000 (14:12 +0200)]
Fixed expected return value & improper usage of getUserStruct
Accessing another user's policy without privilege should be treated as error.
getUserStruct needs to be run in privileged environment (otherwise getpwnam
returns EACCESS).
Change-Id: Id1185deddcded420a409386605d20954d58b6bb0
Tomasz Swierczek [Wed, 1 Jun 2016 17:37:54 +0000 (19:37 +0200)]
Adjusted privilege-related tests to privacy privileges
Change-Id: I008235e8a58be9a8d58aadaf21b66ffe898f8203
Zofia Abramowska [Mon, 23 May 2016 11:45:41 +0000 (13:45 +0200)]
SM: Fix group names
Change-Id: I0806acce5be77390c6ff57e95d35df8c66344ea5
Tomasz Swierczek [Thu, 19 May 2016 10:05:31 +0000 (12:05 +0200)]
Fix security_manager_67_path_req_shared_ro_3_0 test case.
The test case should allow for Tizen 3.0 app to have data/shared directory;
there should be no Smack rules to other application's data/shared directory.
Change-Id: I3f00ec55d649d116f75ce2ae4c69573ed62d08d1
Krzysztof Jackiewicz [Thu, 12 May 2016 15:25:57 +0000 (17:25 +0200)]
security-manager-tests: Add test for TrustedRW package registration
Add tests verifying proper request handling and labeling of
SECURITY_MANAGER_PATH_TRUSTED_RW path.
Verification: run security-manager-tests --regexp=trusted_rw
Change-Id: Ie2a7c52dc0e6937bbac188d3aeffea276ad4acc4
Krzysztof Jackiewicz [Thu, 12 May 2016 15:00:27 +0000 (17:00 +0200)]
security-manager-tests: Add tests for SharedRO path registration
Add tests verifying proper request handling and labeling of
SECURITY_MANAGER_PATH_OWNER_RW_OTHER_RO path.
Verification: run security-manager-tests --regexp=path_req_shared_ro
Change-Id: I3a5e0594ad37a87271d51d72ecca6e4de7c2fd84
Krzysztof Jackiewicz [Tue, 10 May 2016 10:58:55 +0000 (12:58 +0200)]
security-manager-tests: add path request tests
Add several tests for path registration API. Run with:
security-manager-tests --regexp=path_req
Change-Id: I65952c309ff37d4e41a1248e78c6f92bc06cab40
Krzysztof Jackiewicz [Tue, 10 May 2016 10:56:29 +0000 (12:56 +0200)]
security-manager-tests: helper API for path request testing
Add wrappers for path request wrapper and path registration.
Change-Id: Ia5d285b4873ca204fdde1edc0434aa7bf8cf48cf
Krzysztof Jackiewicz [Mon, 9 May 2016 08:57:50 +0000 (10:57 +0200)]
security-manager-tests: fix expected error of security_manager_49b_*
The app installation fails because for local installations security-manager
expects that a user's directory in /home exists (/home/tizenglobalapp). In case
of global user there's no such directory. It's not a matter of authentication
but directory existence. Test has been updated to expect
SECURITY_MANAGER_ERROR_SERVER_ERROR rather than
SECURITY_MANAGER_ERROR_AUTHENTICATION_FAILED.
Change-Id: Iee34f5010731a3c0c45c92aa574b5266113e65c8
Rafal Krypa [Mon, 25 Apr 2016 14:15:11 +0000 (16:15 +0200)]
security-manager-tests: fix cleanup in security_manager_45_test_*
The test case security_manager_45_test_authorId_identificator_creation failed
to properly clean after itself by removing temporary applications from
security-manager.
Change-Id: Ie79e812a7c67fff9d2c491f1353fab9566a8e315
Zbigniew Jasinski [Wed, 13 Apr 2016 14:58:08 +0000 (16:58 +0200)]
App install type tests
Run security-manager-tests --regexp='set_install_type'
Change-Id: I10f0b25b9e3613ce68ddd8b7cb06e83357abbabe
Signed-off-by: Zbigniew Jasinski <z.jasinski@samsung.com>
Zbigniew Jasinski [Wed, 20 Apr 2016 15:47:31 +0000 (17:47 +0200)]
Merge branch 'tizen' into security-manager
Change-Id: I7ac3279e0d1cc56ee8c327af381dca9a303a3026
Signed-off-by: Zbigniew Jasinski <z.jasinski@samsung.com>
Rafal Krypa [Tue, 19 Apr 2016 14:59:05 +0000 (16:59 +0200)]
Increase time limit for RUNNER_CHILD_TEST to 90 seconds
Current time limit of 10s for each RUNNER_CHILD_TEST is insufficient.
Several existing tests may take significantly longer time, but they
eventually succeed.
Change-Id: I3867ed3aee0449d95c0fa89b79aa3104f31f81a7
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Wed, 20 Apr 2016 15:00:46 +0000 (17:00 +0200)]
security-manager-tests: Fix security_manager_12_(...)
Fix the test fetching entire policy with privacy-manager API.
This test incorrectly assumes that the only policy fetched from
security-manager is policy for test users and applications created
in this test case. But security-manager, when queried for entire
policy by admin user fetches policy for all apps, including preloaded.
This fix first queries security-manager for existing policy, then
adds test users and apps, fetches the policy again and finally
analyzes the difference.
Change-Id: I5cde709b326b43939dc3a403e49b37d1083bec60
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Tue, 19 Apr 2016 12:26:44 +0000 (14:26 +0200)]
TemporaryTestUser: encapsulate communication with gumd in separate process
Gumd interface libgum has nasty side effects on the calling process.
On the first call to gumd service it allocates persistent resources
in the calling thread that are not freed and are used for subsequent
calls to gumd. These resources include a new thread, socket connection
and two eventfds.
This doesn't play well with process that changes it's Smack label and
DAC credentials back and forth. It also breaks encapsulation between
test cases, leading to nasty "gumd timeout" issues.
This patch attempts to fix this issue by dedicated a separate process
for calling libgum functions. The TemporaryTestUser class will no longer
call libgum directly, but delegate the calls to the dedicated process.
Change-Id: Id111d5ef79d65135e3b378582a220f168f8a2284
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Tue, 19 Apr 2016 12:03:02 +0000 (14:03 +0200)]
Drop usage of RUNNER_MULTIPROCESS_TEST*
Replace all uses of RUNNER_MULTIPROCESS_TEST* with RUNNER_CHILD_TEST* because of
several issues of multiprocess test functionality:
- it runs the test function in the main process, suffering from all the issues
that plagued RUNNER_TEST
- it doesn't handle waiting and error checking for child processes of higher
order
- it hangs when the main process has a pre-existing child process prior to
invocation of RUNNER_MULTIPROCESS_TEST*
Simpler RUNNER_CHILD_TEST* macros are sufficient replacement for the broken
ones. We never used additional features provided by RUNNER_MULTIPROCESS_TEST*.
Change-Id: I8583a5b8829343f14c03e8336015f5322122369d
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Fri, 4 Mar 2016 09:26:27 +0000 (10:26 +0100)]
security-manager-tests: fix and re-enable ignored tests
Turn on the following previously disabled tests:
- security_manager_15_privacy_manager_send_policy_update_for_admin
- security_manager_15_privacy_manager_send_policy_update_for_admin_wildcard
- security_manager_15_privacy_manager_send_policy_update_for_self
- security_manager_18_user_cynara_policy
- security_manager_19_security_manager_cmd_install
- security_manager_20_security_manager_cmd_users
Change-Id: I68f09f70d2cbdcd22351bb444757918d56f078f8
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Thu, 7 Apr 2016 12:55:02 +0000 (14:55 +0200)]
Fix security_manager_14_privacy_manager_fetch_and_update_policy_for_admin
Call administrative privacy manager API from admin-type user.
Change-Id: I560e14639cd36346ed056ef395199a07a13dd570
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Thu, 7 Apr 2016 14:11:04 +0000 (16:11 +0200)]
security-manager-tests: properly check exit status of child processes
Test cases 10-14, 15*, 16, 17 and 21 create one or more child processes
to run tests across. But they fail to properly verify whether the
child returned properly or not.
Although forked processes do use RUNNER_* macros, they may fail without
parent process noticing and the tests passes when it should not.
Change-Id: Ie4ba9de8f47782c800d877131412f8afdbfe2100
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Bartlomiej Grzelewski [Wed, 10 Feb 2016 14:13:52 +0000 (15:13 +0100)]
Add test for pkgId
During deinstallation rules with pkg are removed.
If more that one application is connected with pkg id
the rule must be untouch.
Change-Id: I59cc7976fc539d462dc5210ae25ae78c9a8d546e
Rafal Krypa [Thu, 7 Apr 2016 09:33:59 +0000 (11:33 +0200)]
security-manager-tests: prepare for security-manager integration with cynara
Security-manager will soon requires the caller to hold appropriate privilege.
Tests must always call security-manager APIs with Smack label which has
privilege.
This change makes sure that privileged operations from security-tests
are always called with proper Smack label.
It also adapts for the only part of security-manager that already checks
permission of the caller - privacy-manager APIs. The permissions
required for calling privacy-manager APIs have changed, so security-tests
must change them too.
Change-Id: Ib5e046dbf7fef8e8187b2f7f5700f236ef73bbda
Rafal Krypa [Tue, 5 Apr 2016 11:04:21 +0000 (13:04 +0200)]
security-manager-tests: install global apps to /opt/usr/apps, not /usr/apps
Directory /usr/apps is now only for preloaded applications (TZ_SYS_RO_APP).
Security-manager tests install some global applications, hence it should use
/opt/usr/apps (TZ_SYS_RW_APP).
It should be fixed to rely on tizen-platform-config instead of hardcoding those
paths.
Change-Id: Ia82809ea21badff95b7b6c2e6be2e5d9789db1ab
Rafal Krypa [Fri, 4 Mar 2016 10:59:35 +0000 (11:59 +0100)]
security-manager-tests: fix security_manager_48_groups_get
This test case is verifying whether security_manager_groups_get() returns
proper array of groups currently mapped to any of known privileges.
The test case expected the function only to return groups explicitly added
by security-tests. But now this feature is actively used on the image. There
are groups mapped to privileges, that are not setup by security-tests, but
are part of the system security policy.
Fix the test case by reading mapping from
/usr/share/security-manager/policy/privilege-group.list.
The groups configured in that file are now also expected.
Change-Id: I01ccc45a773b774144ab7f04f7c48bb2192c5ce1
Rafal Krypa [Thu, 7 Apr 2016 09:25:55 +0000 (11:25 +0200)]
Merge remote-tracking branch 'tizen/tizen' into HEAD
Change-Id: Ie1d708ebbfe9444bcbc17b017bdc8e9b7e2dfcfe
Rafal Krypa [Wed, 6 Apr 2016 14:14:28 +0000 (16:14 +0200)]
Remove invocation of api_feature_loader in %post
This binary was part of libprivilege-control, support for which was dropped
in the previous commit.
Change-Id: I492a597ee7e2aca46f143fb211cb9560ae8a21f5
Rafal Krypa [Mon, 4 Apr 2016 15:04:58 +0000 (17:04 +0200)]
Remove libprivilege-control tests
Libprivilege-control should be long gone on Tizen 3.0.
There is no point in keeping those tests here.
Change-Id: I9dc6f27952e41a632d607faed14cfe45849d1d40
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Fri, 4 Mar 2016 10:13:27 +0000 (11:13 +0100)]
security-manager-tests: fix security_manager_19_security_manager_cmd_install
Adapt to security-manager-cmd changed path types.
Change-Id: Iaa4c5d83f2e733e0ceac15a87de903af97fc24b1
Oskar Świtalski [Wed, 12 Aug 2015 12:26:33 +0000 (14:26 +0200)]
Add test for security_manager_groups_get() API
Change-Id: If68c8b79a5cbc3a523909ee761a466a7b5c11cd6
Zbigniew Jasinski [Wed, 23 Mar 2016 12:37:25 +0000 (13:37 +0100)]
Merge branch 'tizen' into security-manager
Change-Id: I18dd77f5b98c59cfff3e3d4f943b4c67c29f46e2
Zbigniew Jasinski [Mon, 21 Mar 2016 12:14:51 +0000 (13:14 +0100)]
Merge branch 'ckm' into tizen
Change-Id: I34396fcbad8b282e7d72ca6d596f4eb246d33840
Kyungwook Tak [Wed, 16 Mar 2016 01:40:34 +0000 (10:40 +0900)]
CKM::ErrorToString removed from key-manager
Change-Id: I74d50dfc88b3c2a7196872ca7c4393665e5ef323
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Rafal Krypa [Thu, 3 Mar 2016 09:37:05 +0000 (10:37 +0100)]
security-manager-tests: fix cleanup in security_manager_30f_bad_paths
Add missing uninstall of secondInstalledApp.
Change-Id: Ic9f25d59e89be1cd3aea9136b56430231f9453d5
Rafal Krypa [Tue, 1 Mar 2016 17:01:36 +0000 (18:01 +0100)]
security-manager-tests: don't use semaphores in privacy_manager tests
Drop usage of POSIX semaphores in
security_manager_*_privacy_manager_* test cases. It doesn't handle
failing scenario properly - tests are hanging, waiting inifinitely
on a semaphore.
Use internal SynchronizationPipe class instead, with a proper RAII
semantics.
Change-Id: I8dd250f5403cf453bb25df9a87b88f58a577d475
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Bartlomiej Grzelewski [Mon, 15 Feb 2016 11:26:24 +0000 (12:26 +0100)]
CKM: Process identification test.
Change-Id: I829c31ff3601ffbbab7d3ae4a72e8128333fabe0
Bartlomiej Grzelewski [Mon, 15 Feb 2016 10:59:52 +0000 (11:59 +0100)]
Merge remote-tracking branch 'tizen/tizen' into ckm
Change-Id: Ieb9b5bd0f3c25ef9d37472cab42187d1b60b4f6d
Bartlomiej Grzelewski [Mon, 15 Feb 2016 10:58:08 +0000 (11:58 +0100)]
Merge branch 'security-manager' into tizen
Change-Id: Ia22cf2876e6e034c74e135814523f43740b79501
Rafal Krypa [Wed, 10 Feb 2016 12:31:13 +0000 (13:31 +0100)]
security-manager: add tests for security_manager_app_has_privilege
Change-Id: I77ba0e25c95d6dd6dcce3ade7d938884a8896f77
Rafal Krypa [Wed, 10 Feb 2016 12:30:20 +0000 (13:30 +0100)]
Add SM tests for getting pkg & app Id from sock or pid
Change-Id: Ic0afac87c087ad819806a8be89d41cbf018e5d16
Rafal Krypa [Thu, 4 Feb 2016 11:48:42 +0000 (12:48 +0100)]
Remove SM privilege mapping tests
Functionality removed from security-manager, now provided by privilege-checker
(which is out of our project scope).
Change-Id: Ica93ab99f2617c97f538e60965a5098d5614acdf
Rafal Krypa [Thu, 14 Jan 2016 14:56:39 +0000 (15:56 +0100)]
security-manager: fix privilege-to-gid mapping tests
Verification whether privileges are correctly mapped to grouops is based
on an assumption that the privileges used (camera, location) are not mapped
to any groups in the real configuration. But recently the camera privilege has
been mapped to a group "priv_camera" on the image.
To keep the test working, it now uses a different privilege instead ("nfc") that
doesn't have a group associated to it.
Change-Id: I3cb6ae7911abb5c7efab6558ffdb8043714fbce7
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Bartlomiej Grzelewski [Tue, 2 Feb 2016 15:08:30 +0000 (16:08 +0100)]
[SM] Turn off tests that does not work because of gumd timeout.
Change-Id: Ib5ea1935e370486c13f4f27d5d34adf12b444a30
Bartlomiej Grzelewski [Wed, 3 Feb 2016 11:05:07 +0000 (12:05 +0100)]
Merge remote-tracking branch 'tizen/tizen' into ckm
Change-Id: Idd9657344d2e3130e2f92557545f3884732ef3af
Bartlomiej Grzelewski [Tue, 2 Feb 2016 11:53:37 +0000 (12:53 +0100)]
[SM] Changes in InstallRequest API.
Replace "const char *" with std::string type.
Change-Id: I955f850ea1f09e310fbd0ae7775c84fe6f15c2e5
Zofia Abramowska [Fri, 29 Jan 2016 15:49:13 +0000 (16:49 +0100)]
[SM] Apply/drop sharing tests
Change-Id: I21e89b450726efef8041d128c4a2221e8dc7009e
Bartlomiej Grzelewski [Thu, 28 Jan 2016 18:57:12 +0000 (19:57 +0100)]
[SM] Tests for trusted dir.
Change-Id: I4c97747253b8395a41bd85c004104f66bffc852a
Krzysztof Jackiewicz [Fri, 15 Jan 2016 12:38:45 +0000 (13:38 +0100)]
Add security_manager_app_inst_req_set_author_id tests
[Verification] Run security-manager-tests --regexp=security_manager_27
Change-Id: Idd9705f8328cb352039821804dd961bf68a25b49
Maciej J. Karpiuk [Thu, 28 Jan 2016 09:06:54 +0000 (10:06 +0100)]
security-manager: added tests of 2.X shared folders backward compatibility
Change-Id: Ic83a9570a1bff97a80c4a3bfc4e38d73bee472f0
Bartlomiej Grzelewski [Wed, 27 Jan 2016 16:50:49 +0000 (17:50 +0100)]
Merge branch 'tizen' into security-manager
Change-Id: I1740cb2f5e0aa5de10952364e05b03a10c115b11
Bartlomiej Grzelewski [Wed, 27 Jan 2016 16:45:05 +0000 (17:45 +0100)]
Merge branch 'ckm' into tizen
Change-Id: Ia52221f3c05fa81a4d5b53bd183ca0174f49020e
Bartlomiej Grzelewski [Wed, 27 Jan 2016 15:37:08 +0000 (16:37 +0100)]
Remove key-manager-listener dependency.
key-manager-listener package is empty.
Its functionality is provided by key-manager package now.
Change-Id: Ib7ce4575ae507825b408c80eccfe6e1df8543465
Rafal Krypa [Thu, 14 Jan 2016 14:43:54 +0000 (15:43 +0100)]
Drop tests related to security-server
Security-server has been removed from Tizen 3.0 images.
Change-Id: I6cd8349abd94b2136726a357f515308cb482bce9
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Krzysztof Jackiewicz [Tue, 12 Jan 2016 12:24:40 +0000 (13:24 +0100)]
CKM: Read ckm data dir location from tzplatform_config
[Problem] Key-manager reads data dir location from tzplatform_config.
Security-tests have the path hardcoded.
[Solution] Make security-tests read data dir location from tzplatform_config as
well.
[Verification] Run ckm-tests
Change-Id: I3e5c6f98bc34c27664218972e6ee76139b0a12e7
Krzysztof Jackiewicz [Tue, 5 Jan 2016 12:28:00 +0000 (13:28 +0100)]
CKM: Fix T3203_CAPI_lock_database
[Problem] Test is failing because ordinary user attempts to lock its database.
[Solution] Test is modified so that it's executed as root.
[Verification] Run ckm-tests --group=T320_CAPI_EMPTY_DATABASE
Change-Id: I5dd9893792be4dbcc4e2161dbe48f99bafcbc7dc
Krzysztof Jackiewicz [Tue, 5 Jan 2016 12:21:16 +0000 (13:21 +0100)]
CKM: Revert "Add PASSWORD_PROTECTION_DISABLE feature"
This reverts commit
83ce88e2df836f7fe23260f635c6ef69d26c748b.
Change-Id: I59bca49f8c4cb67fabda6a455ff7533a507abb6e
Bartlomiej Grzelewski [Tue, 22 Dec 2015 17:36:06 +0000 (18:36 +0100)]
CKM: Unblock ocsp test.
Change-Id: Icad1ae774a6413c72b0eb71fc6c76cddd898f464
Bartlomiej Grzelewski [Tue, 22 Dec 2015 15:30:19 +0000 (16:30 +0100)]
CKM: Remove ccMode related code.
Support for MDPP state was removed from key-manager code.
Also the change of ccMode is no longer suppoted in key-manager.
Change-Id: Ic06bc7294aeeb1a0d795154cb636d3977d8d330d
Bartlomiej Grzelewski [Mon, 30 Nov 2015 16:24:31 +0000 (17:24 +0100)]
Revert "CKM: Turn off all broken tests."
This reverts commit
86ba2aa7c6e01dd9193e08d01ba1c2f8bfc2d459.
Change-Id: Icd0af8e29d8eece9c1884d92cf34f61d5d37e569
Bartlomiej Grzelewski [Thu, 17 Dec 2015 10:52:44 +0000 (11:52 +0100)]
CKM: Remove GarbageCollector
Change-Id: I75e1a61f9e705c261000426c07b41fd5c466da30
Bartlomiej Grzelewski [Tue, 8 Dec 2015 16:00:36 +0000 (17:00 +0100)]
CKM: Replace deprecated certificate with new one.
Change-Id: If400a0f46b763d30703718b0635dfc33eb496285
Bartlomiej Grzelewski [Tue, 8 Dec 2015 11:13:42 +0000 (12:13 +0100)]
CKM: Comment out deprecated integration tests.
Change-Id: I3679ce2f8fb62731d973adabb2308f2bfdf05af5
Zbigniew Jasinski [Mon, 30 Nov 2015 11:57:48 +0000 (12:57 +0100)]
Merge branch 'tizen' into ckm
Change-Id: I420a571f81f4abdec743722b0ebac6c128b399d6
Bartlomiej Grzelewski [Fri, 27 Nov 2015 11:41:49 +0000 (12:41 +0100)]
CKM: Turn off all broken tests.
Change-Id: I21d32cae8a6681955efdd336c93a8345b1b7c754
Maciej J. Karpiuk [Mon, 29 Jun 2015 10:23:02 +0000 (12:23 +0200)]
CKM: test for encrypted initial values
Change-Id: Ic395d86caff2649d2a4adb801007dc68d1cc502f
Krzysztof Jackiewicz [Mon, 9 Nov 2015 08:40:49 +0000 (09:40 +0100)]
CKM: Get rid of GrabageCollector in initial values test
[Problem] GarbageCollector launched for System user will revoke all "System"
rules.
[Solution] GarbageCollector replaced by Env class for test.
[Verification] Run ckm-tests --group=T60_INITIAL_VALUES. There should be no
smack denials in logs.
Change-Id: Ie2c3090286bfc412201b6b46cf4e7cb1596d1c2b
Dongsun Lee [Fri, 20 Nov 2015 11:24:20 +0000 (20:24 +0900)]
Add PASSWORD_PROTECTION_DISABLE feature
Change-Id: I29215c373931c552c14cfa73ac1a8514a8bd1e62
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Krzysztof Jackiewicz [Tue, 27 Oct 2015 09:40:27 +0000 (10:40 +0100)]
CKM: Google certificate updated
[Problem] *.google.com certificate have expired.
[Solution] Certificate updated.
[Verification] Run ckm-tests --group=T307_CKMC_CAPI_CERTIFICATE_CHAINS
Change-Id: I70820a2f62b15e333ae497673ab75f3d53e1e8f0
Zbigniew Jasinski [Tue, 27 Oct 2015 09:58:36 +0000 (10:58 +0100)]
Merge branch 'tizen' into security-manager
Change-Id: I9e66326308285f10f2146825918cc37ddcf859f0
Zbigniew Jasinski [Mon, 26 Oct 2015 14:00:36 +0000 (15:00 +0100)]
Merge branch 'tizen' into ckm
Change-Id: Ie5475e1937fa3035a2c4ba4412583bd0b7badf77
Zbigniew Jasinski [Mon, 26 Oct 2015 14:00:07 +0000 (15:00 +0100)]
Merge branch 'ckm' into tizen
Change-Id: Ic602f0abdd1aae730aeb668cebc50d3bca09616c
Kyungwook Tak [Mon, 5 Oct 2015 07:14:40 +0000 (16:14 +0900)]
[CKM] (ACR-429) Remove removed API related TC
- ckmc_get_cert_chain_trustedcert_with_alias
Change-Id: I6abe05e1fe729391d0d307d298d2aa158f6d78ff
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Wed, 14 Oct 2015 08:04:18 +0000 (17:04 +0900)]
Replace ckmc_label_shared_owner
Change-Id: I792190f989ff4f42823e34bdeb07b9d34b0c2738
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Kyungwook Tak [Mon, 5 Oct 2015 06:11:47 +0000 (15:11 +0900)]
ckmc API changed (ACR-392)
* ckmc_param_list_s* -> ckmc_param_list_h
* ckmc_generate_params's parameter changed
- ckmc_param_list_s *params -> ckmc_param_list_h *pparams
* ckmc_param_list_add_XXX -> ckmc_param_list_set_XXX
Change-Id: Ia3b0831772e76cfdbe77c6d9a9d04961018a37e3
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Oskar Świtalski [Thu, 1 Oct 2015 06:44:58 +0000 (08:44 +0200)]
Merge branch 'cynara' into tizen
Change-Id: I115ec35a71d6f2a08f2dc08bbc6b63e0b0156e50
Bartlomiej Grzelewski [Thu, 17 Sep 2015 15:00:43 +0000 (17:00 +0200)]
CKM: Add support for new error code: CKMC_ERROR_NOT_SUPPORTED.
Change-Id: I2eb31975f03f8b3d63107c9e0da6804ea248c5f1
Bartlomiej Grzelewski [Fri, 11 Sep 2015 12:45:43 +0000 (14:45 +0200)]
CKMI: Add ckm-integration tests.
Change-Id: I6a253a2a763e49d61c4b758b87ac240f06536bff
Bartlomiej Grzelewski [Fri, 11 Sep 2015 12:45:02 +0000 (14:45 +0200)]
CKMI: Implementation of ckm-policy.
Change-Id: I60da89cf4aeff7818f7ebd92a1e20eb7f6ac4d96
Bartlomiej Grzelewski [Fri, 11 Sep 2015 12:43:31 +0000 (14:43 +0200)]
CKMI: Implementation of ProcessSettings module.
Change-Id: I6e26297ec5238ad65d91120880a7a5df75ac9244
Bartlomiej Grzelewski [Wed, 9 Sep 2015 16:30:42 +0000 (18:30 +0200)]
Merge branch 'tizen' into ckm
Change-Id: I0f1e194e469e6dd00ef0627ed9d9357eef422afb
Bartlomiej Grzelewski [Wed, 9 Sep 2015 16:25:00 +0000 (18:25 +0200)]
Merge remote-tracking branch 'tizen/ckm' into tizen
Change-Id: Ibc41fc4de18b1aaaa5b87dda7b23d7c114f9bb70
Bartlomiej Grzelewski [Wed, 9 Sep 2015 16:22:51 +0000 (18:22 +0200)]
Merge remote-tracking branch 'tizen/security-manager' into tizen
Change-Id: I1cd3c0199be5ec53d3cafff715d9f1159bd9fc8f
Rafal Krypa [Thu, 3 Sep 2015 15:59:28 +0000 (17:59 +0200)]
security-manager: adapt tests to new application labeling schema
Security-manager labeling of application files has been changed
in patch https://review.tizen.org/gerrit/46841.
Adapting tests accordingly.
Change-Id: Ie3bcbaa385845544610bfd83817a71079c99fb8e
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Bartlomiej Grzelewski [Tue, 8 Sep 2015 16:01:16 +0000 (18:01 +0200)]
CKM: Fix T120 group of tests.
Change-Id: I8ddf507da7c40e786c9b657b09bf2166ebb930d8
Bartlomiej Grzelewski [Wed, 26 Aug 2015 15:59:38 +0000 (17:59 +0200)]
CKM: Use pkgId instead smack label in tests.
Change-Id: Ia912089bacff330df230292fa136d10848534300
Bartlomiej Grzelewski [Wed, 26 Aug 2015 13:28:28 +0000 (15:28 +0200)]
CKM: AccessProvider2 takes owner id instead smack label.
Change-Id: I9d75c180c06336faca33459645b189a64dc287f2
Bartlomiej Grzelewski [Tue, 25 Aug 2015 13:47:21 +0000 (15:47 +0200)]
CKM: Fix tests for initial-values: T6010, T6030, T6040.
Change-Id: I0182c9e9dcdb1e3f3d4efff9b7c8c1e8349094eb
Bartlomiej Grzelewski [Mon, 24 Aug 2015 16:50:06 +0000 (18:50 +0200)]
CKM: Fix system-db tests T5037, T5038, T5039.
One of the tests does not clean environement.
Change-Id: Ia7a4d2fd234c23566d009ab922a0e33cb96b63a5
Maciej J. Karpiuk [Tue, 25 Aug 2015 06:43:53 +0000 (08:43 +0200)]
CKM: added test for client app trying to add item to system DB [expected fail]
Change-Id: I1ed7359ac15ea5593ded8f77009454a1e517ea78
Bartlomiej Grzelewski [Tue, 25 Aug 2015 13:53:20 +0000 (15:53 +0200)]
Replace ckmc_remove_pkcs12 with ckmc_remove_alias.
Change-Id: Ia34541a7963661e074d3313c25970a63e35fd720
Dongsun Lee [Tue, 25 Aug 2015 07:32:55 +0000 (16:32 +0900)]
fix build break caused by libwebappenc API change
Change-Id: I5e6073196d267bb15ef41395dbbeab531b2503df
Signed-off-by: Dongsun Lee <ds73.lee@samsung.com>
Bartlomiej Grzelewski [Thu, 20 Aug 2015 12:47:24 +0000 (14:47 +0200)]
Fix tests of systemDB.
Change-Id: Icf05c56c39255525589f8ce79cadc96716c2674e
Zofia Abramowska [Thu, 16 Jul 2015 15:34:38 +0000 (17:34 +0200)]
Add SM privilege mapping tests
Change-Id: Ib1c86133b116bd7f77e380233144cf7866d900ed
Bartlomiej Grzelewski [Fri, 7 Aug 2015 14:27:51 +0000 (16:27 +0200)]
Adopt to new implementation of smack.
In new implmentation connect will success only if
client have "w" rule to system socket and system process
have "w" rule to client.
Change-Id: I68caadb430678b8e8ee5b235576ff4ea95103abe
Bartlomiej Grzelewski [Tue, 4 Aug 2015 13:50:27 +0000 (15:50 +0200)]
Adopt tests to CKM version 0.1.15.
Change-Id: I8c5c3b2f2fbee9778c084f4d9f7218a149defdca
Krzysztof Jackiewicz [Thu, 30 Jul 2015 10:30:58 +0000 (12:30 +0200)]
CKM: Update google certificate
[Problem] Google.com certificate have expired
[Solution] New certificate is used
[Verification] Run ckm-tests --group=T307_CKMC_CAPI_CERTIFICATE_CHAINS
Change-Id: Ic9e2ffe85ac770bb6e9245826013d3022d6feea0
Krzysztof Jackiewicz [Fri, 10 Jul 2015 10:27:30 +0000 (12:27 +0200)]
CKM: Unlock journald logs
[Problem] Journald logging fails after dropping root privileges and changing
the label.
[Solution] Change execute label to User so that sockets created by ckm-tests
are allowed to wx to System. Add permissions for custom label to wx to System::Run.
[Verification] Run ckm-tests and check journald logs for smack messages. There
should be none.
Change-Id: I8ddca950755f3b7079ae42fba4416b506ea9e35e
Krzysztof Jackiewicz [Thu, 9 Jul 2015 16:09:30 +0000 (18:09 +0200)]
CKM: Add tests for missing observer in encryption API
[Problem] There's no test for missing observer in encryption API tests.
[Solution] Tests added
[Verification] Run ckm-tests --group=CKM_ENCRYPTION_DECRYPTION --regexp=no_observer_async
Change-Id: I5f9930f6f23e6959f16f81756dfe55c75e1a2d35
Krzysztof Jackiewicz [Thu, 9 Jul 2015 12:20:03 +0000 (14:20 +0200)]
CKM: Implement asynchronous tests for encryption/decryption
[Feature] Encryption/decryption API implementation
[Solution] Add asynchronous environment to existing encryption/decryption tests
[Verification] Run ckm-tests --group=CKM_ENCRYPTION_DECRYPTION
Change-Id: I1ff9b89b45c643a95521381d676349a3c2408a22
Krzysztof Jackiewicz [Wed, 8 Jul 2015 11:18:34 +0000 (13:18 +0200)]
CKM: Extend test framework with multiple environment testing
[Problem] It's impossible to execute the same test in different environments.
[Solution] Add support for running the same test in multiple environments.
[Verification] Test with next commit
Change-Id: I8ad04d1d28364026f63cb2c5f44bad87e7b4343b
Krzysztof Jackiewicz [Thu, 21 May 2015 09:05:35 +0000 (11:05 +0200)]
CKM: Add tests for encryption/decryption
[Problem] No tests for encryption/decryption
[Solution] Tests added
[Verification] Run test: ckm-test --group=CKM_ENCRYPTION_DECRYPTION
Change-Id: I4a50ccccf692d8dd211247951bfd30fb892e898d
Krzysztof Jackiewicz [Thu, 2 Jul 2015 14:09:13 +0000 (16:09 +0200)]
CKM: Add test for empty certificate in getCertificateChain
[Problem] No test checking getCertificateChain behavior with empty certificate.
[Solution] Tests added.
[Verification] Run ckm-tests --regexp=T13122_get_chain_empty_cert &&
ckm-tests --regexp=T13121_get_chain_no_cert
Change-Id: I1b64facec253d4ec57d0955ef5e441c3ba958012
projects / platform / core / test / security-tests.git / log