Daniel Kita [Thu, 16 Mar 2023 12:14:30 +0000 (13:14 +0100)]
CKM: Add key-wrapping tests
Change-Id: I99fce2906c245d0b8174e1b3b15f990535b39caf
Krzysztof Jackiewicz [Tue, 21 Mar 2023 16:32:43 +0000 (17:32 +0100)]
E2EE: Require e2ee-tests to be ran by default user
Change-Id: I87e1b8b68f91d4410144e4b986022da49e58fe24
Krzysztof Jackiewicz [Wed, 1 Mar 2023 09:54:50 +0000 (10:54 +0100)]
E2EE: OCF API implementation
Tests included.
Change-Id: I04a3b56d66b51b5508e7fa4f14d923e876122f78
Krzysztof Jackiewicz [Fri, 24 Feb 2023 08:58:28 +0000 (09:58 +0100)]
E2EE: PBKDF API implementation
Tests included
Change-Id: I4cbe3363690ff116a8c26dba3e6bfca8d9e0dad5
Krzysztof Jackiewicz [Wed, 1 Mar 2023 09:54:21 +0000 (10:54 +0100)]
E2EE: Key agreement API implementation
Tests included
Change-Id: Iab51c84b848060f3392cb11de7dedd7ab2580034
Krzysztof Jackiewicz [Wed, 18 Jan 2023 07:19:30 +0000 (08:19 +0100)]
E2EE: Adaptation layer API
Change-Id: Id16918721d65af96795104c1ccea229b5aa1a65a
Krzysztof Jackiewicz [Thu, 23 Feb 2023 09:14:43 +0000 (10:14 +0100)]
CKM: Add KBKDF tests
Change-Id: I8af39566757c6f3b4e9ca82184f9f99708c3271a
Krzysztof Jackiewicz [Fri, 17 Feb 2023 10:39:10 +0000 (11:39 +0100)]
CKM: Add ECDH tests
Change-Id: I79dc55e11c9c61db1074b1e70a856999d4632d56
Krzysztof Jackiewicz [Fri, 3 Mar 2023 13:35:26 +0000 (14:35 +0100)]
CKM: Remove unused typedef
Change-Id: Id0c756f0af4dfda7a6fb9af5a7c397d2111f4862
Krzysztof Jackiewicz [Thu, 23 Feb 2023 09:07:34 +0000 (10:07 +0100)]
CKM: Saving unexportable data is now allowed
Change-Id: Idfc450ee67d26a0389c62076b8401339c6404362
Krzysztof Jackiewicz [Fri, 17 Feb 2023 17:03:28 +0000 (18:03 +0100)]
CKM: Helper functions refactored
Functions moved to ckm-common.h to be accessible by other test cases.
Use unsigned integer in param lists.
Use pointers to buffers in buffer comparison.
Change-Id: I6d094cc4fc202be2a047861548f157775fe17a60
Dariusz Michaluk [Mon, 9 Jan 2023 14:06:28 +0000 (15:06 +0100)]
Merge branch 'ckm' into tizen
Change-Id: Ia90081c32b85a24ebd01d8f7f2e76ebae5399d0f
Krzysztof Jackiewicz [Mon, 26 Sep 2022 08:53:26 +0000 (10:53 +0200)]
CKM: Multithreaded encryption test
Change-Id: I8aa6a784e672957c717790e755b8b2de0274ba99
Krzysztof Jackiewicz [Mon, 25 Jul 2022 20:40:35 +0000 (22:40 +0200)]
CKM: Get rid of early expiring certificates
* Use OCSP chain with longer validity (Jan 28 2028)
* Use last CA certificate before root CA for OCSP tests (CA has longer
validity than EE certificate)
* Remove "third party" chain to avoid expiration issues
* Replace above chain with "OCSP" or "test" chain where possible
* Simplify or remove tests that do not make sense with current chains
Change-Id: I22eba70ae8b73607cc4c8de1f18f014104fd12ea
Dariusz Michaluk [Tue, 5 Jul 2022 11:50:22 +0000 (13:50 +0200)]
Merge branch 'ckm' into tizen
Change-Id: Id782d46989eedf10f2740a61e14da6e124def563
Lukasz Pawelczyk [Mon, 13 Jun 2022 13:19:59 +0000 (15:19 +0200)]
CKM: Replace expired certificates with new ones
- Closest expiration date is Jul 28, 2022
Change-Id: I269862728bf8734c040ade881f3cef54f437d04a
Lukasz Pawelczyk [Tue, 15 Mar 2022 15:44:40 +0000 (16:44 +0100)]
CKM: Replace expired certificates with new ones
- Closest expiration date is Jun 22, 2022
Change-Id: Ie6348d62c16510bf850f04421da24aa307a3c6ce
Lukasz Pawelczyk [Tue, 5 Oct 2021 12:42:30 +0000 (14:42 +0200)]
CKM: Replace expired certificates with new ones
- Closest expiration date is Mar 30, 2022
- I've also reordered the certs so it's consistent
Change-Id: I163b8d1a52b01d2b096b7eb0f90550965d459856
Krzysztof Jackiewicz [Thu, 22 Jul 2021 15:00:48 +0000 (17:00 +0200)]
CKM: Replace expired certificates with new ones
Change-Id: I6011a1787cd71ad3b46ad5fb2fe824caa70a247f
Krzysztof Jackiewicz [Wed, 7 Apr 2021 21:04:57 +0000 (23:04 +0200)]
Adjust to openssl 1.1.1j padding changes
The SSL v2.3 padding has been modified in recent openssl 1.1.1j. PKCS1
and PKCS1 SSLv2.3 are now compatible both ways but this is not what our
test expects.
The test has been adjusted.
Change-Id: I961345ac7f1864f4b768521c7814eac5b293fbd9
Krzysztof Jackiewicz [Thu, 25 Mar 2021 13:41:06 +0000 (14:41 +0100)]
Fix T9050 accidentally valid padding issue
Usually happens at least once per 2000 runs when using public RSA
encryption with OAEP padding followed by private RSA decryption with
PKCS1 v1.5 padding. The OAEP is quite unpredictable and can produce a
valid PKCS1 v1.5 padding from time to time.
Valid PKCS1 v1.5 padded message looks as follows:
0x00 || 0x02 || PS || 0x00 || M
where M is a decrypted message and PS is 8+ non-zero octets.
Fix by checking the unpadded message length if above case occurs.
Change-Id: I9991730f5e5cc895dfbfbaf6a6c757dd15f7a313
Hint: Use only 512-bit keys to speed up testing.
Krzysztof Jackiewicz [Thu, 18 Feb 2021 10:19:23 +0000 (11:19 +0100)]
Update certificates for OCSP tests
For some reason http://ocsp.msocsp.com responds with "unauthorized(6)"
error when asked for certificate validity. The certificate is still
valid. I'm not sure what was the problem but updating the certificate
with the latest one fixed it.
Verification:
su - owner -c "ckm-tests --regexp=ocsp"
Change-Id: Idc2a7b41da3e0cf5624b1d3193a3b65f4085ad49
Krzysztof Jackiewicz [Wed, 17 Feb 2021 12:48:32 +0000 (13:48 +0100)]
Fix TA1750_ocsp_check_positive test assert message
Change-Id: Id26d29f7cec5dd1aa6b55ce8b6f19318bc3724de
Dariusz Michaluk [Mon, 21 Dec 2020 14:07:37 +0000 (15:07 +0100)]
Merge branch 'tizen' into yaca
Change-Id: Ia32fcd193587e8771dcfa06c64490bc9db7f60a5
Dariusz Michaluk [Mon, 21 Dec 2020 13:41:21 +0000 (14:41 +0100)]
Merge branch 'tizen' into ckm
Change-Id: I3d06e113f7956ff5dda7fe8ddfa7579930b74637
Dariusz Michaluk [Mon, 21 Dec 2020 10:08:18 +0000 (11:08 +0100)]
Cleanup attr/xattr.h usage.
After attr package upgrade, attr/xattr.h has ben removed,
sys/xattr.h should be used instead.
To fix build break, unnecessary attr/xattr.h usage has ben removed
or changed to proper one.
Change-Id: I5a5acfd9f65e60975a1c28d0231d1bc035e99044
Dariusz Michaluk [Wed, 16 Dec 2020 12:07:27 +0000 (13:07 +0100)]
Merge branch 'tizen' into yaca
Change-Id: I9854e1e1e8d29d204041ccd831b032b87ec5173c
Mateusz Cegielka [Thu, 30 Jul 2020 12:01:32 +0000 (14:01 +0200)]
Add warning on CKM TrustZone space leak
Current implementation of ckmc_remove_user_data is not able to remove
individual objects from TrustZone, because their names are stored in a
possibly encrypted database. This rarely happens in actual code, but
tests extensively use this function to clean up objects they create.
Because of this, running CKM tests multiple times with TrustZone enabled
may exceed TrustZone limits.
Fixing the behaviour is a larger task, and making all tests clean up
individual objects is too verbose, complex and error-prone for a bug
workaround that only affects developers (this approach has already been
tried once, and it was removed years ago).
I have added a heuristic check that tries to create a single-byte data
object in TrustZone. If that fails, it displays a warning message
explaining the problem and suggesting to reset TrustZone and key-manager
state, as well as instructions on how to do use using Tizen emulator and
tef-simulator.
Change-Id: Id99c22c33f3e5adfbeff5c7b1b58d2d995ed4cca
Dariusz Michaluk [Tue, 29 Sep 2020 10:50:35 +0000 (10:50 +0000)]
Merge "Merge branch 'tizen' into 'ckm'" into ckm
Krzysztof Jackiewicz [Mon, 28 Sep 2020 12:36:33 +0000 (14:36 +0200)]
Merge branch 'tizen' into 'ckm'
Change-Id: I225457a8788e581233979590e7e11f1887fda88b
Mateusz Cegielka [Wed, 5 Aug 2020 11:07:53 +0000 (13:07 +0200)]
Refactor AccessProvider and ScopedAccessProvider
AccessProvider is a helper class for setting up Smack rules, user id,
group id and process labels before or during a test. CKM tests also
contain different AccessProvider and ScopedAccessProvider classes, but
only use a single constructor of the latter to pretend to be an app.
These classes contain some duplicated code. Also, after the removal of
libsmack-tests, the responsibilities of these classes have shrunk to
pretending to be an app and nothing else.
I have cleaned up src/common/ AccessProvider, renamed it to AppContext
and made it flexible enough so that ScopedAccessProvider can be
implemented in terms of it and src/ckm/ AccessProvider can be removed. I
have then cleaned up ScopedAccessProvider and renamed it to
ScopedAppContext.
Change-Id: I325f7bd1d9c2ac276960530384682227cefec7da
Krzysztof Jackiewicz [Fri, 18 Sep 2020 07:53:41 +0000 (09:53 +0200)]
Switch to c++17
Latest key-manager changes require c++17.
Change-Id: Ifadce309c2fa195fe4d2a432770803308f1e29d1
Mateusz Cegielka [Tue, 15 Sep 2020 08:44:53 +0000 (10:44 +0200)]
Remove libsmack tests
These tests are not executed on Jenkins, and currently are also broken.
More importantly, libsmack is an open-source library not specific to
Tizen, so there's not actually a lot of benefit in testing it.
I have removed libsmack-tests directory, as well as all related build
commands.
Change-Id: Ib5c78f2425d4a43567e50a41b90e25eab1597ae3
Mateusz Cegielka [Mon, 27 Jul 2020 09:29:24 +0000 (11:29 +0200)]
Remove key-manager::api-storage privilege use in CKM tests
Some CKM tests request the key-manager::api-storage privilege when
switching context to the user. However. this privilege was removed five
years ago (see commits 06d3064 and d5e32f8 in key-manager) and is no
longer required to use key-manager.
I have removed all calls responsible for requesting this privilege. This
also made it possible to only use the simplest ScopedAccessRequest
constructor and remove all other constructors.
Change-Id: I788e44f8e59575f80c8999b6b64eaefcc905fb75
Mateusz Cegielka [Fri, 24 Jul 2020 15:13:25 +0000 (17:13 +0200)]
Fix only partial rollback of Smack rules
Some tests temporarily add new Smack rules in order to test unprivileged
access to system services. After the test, they are cleared with
smack_revoke_subject. However, this only removes rules where the test
application is the subject.
I have replaced calls where this is an issue with a smack_accesses_clear
call, which removes all rules loaded with a given handle. Since affected
tests do not modify Smack rules in any other way and only use test
labels for fake apps, no rules removed by the old call and not by the
new call can exist.
Change-Id: I841d6b7ad05549d8837645e3d9176f4db7029908
Dariusz Michaluk [Mon, 15 Jun 2020 15:05:29 +0000 (17:05 +0200)]
Merge branch 'tizen' into ckm
Change-Id: Iecead619e756e6986f6677f88fdf6e596d6e40ef
Dariusz Michaluk [Mon, 15 Jun 2020 15:00:51 +0000 (17:00 +0200)]
Merge branch 'tizen' into security-manager
Change-Id: I973bc6f714c4987e7d53d23e3efcaa2cf8768c4f
Dariusz Michaluk [Mon, 15 Jun 2020 14:23:22 +0000 (16:23 +0200)]
Merge branch 'tizen' into yaca
Change-Id: I7269ea66733779c44fa3437f5d7623a973b86471
Konrad Lipinski [Wed, 29 Apr 2020 07:12:07 +0000 (09:12 +0200)]
Spring cleaning
* drop some unused code
* shrink interfaces a tiny bit
* obviate construction of a few intermediate objects
Change-Id: I66cbbfdab5270bc64fbb2e51b3de027f96ec86a9
Dariusz Michaluk [Mon, 15 Jun 2020 11:41:41 +0000 (13:41 +0200)]
Merge branch 'ckm' into tizen
Change-Id: I8e7dbe5e42290ebc991669d6e8405ff65eeb9972
Dariusz Michaluk [Mon, 15 Jun 2020 11:25:16 +0000 (13:25 +0200)]
Merge branch 'security-manager' into tizen
Change-Id: I80391846ba53b683da6e46eb6e82b00739996c25
Krzysztof Jackiewicz [Mon, 11 May 2020 07:56:33 +0000 (09:56 +0200)]
Improve async getters' tests
Received item is not checked in async tests. It may as well be empty.
Compare retrieved object with saved one.
Change-Id: I0a6dbe988791accd308c7fe138531eac220b9279
Tomasz Swierczek [Fri, 8 May 2020 09:35:07 +0000 (11:35 +0200)]
Remove ugly manual setup of pkgmgr database
Use new SM APIs instead so privilege-checker
doesn't have to call pkgmgr.
Change-Id: I15cdee3693ec1f16c789a9234e12703c2a6b3fcf
Krzysztof Jackiewicz [Fri, 24 Apr 2020 12:08:22 +0000 (14:08 +0200)]
Smack privilege tests with different configurations
Change-Id: I93138c69683dc910df44515d216b42f0b5855ff5
Krzysztof Jackiewicz [Thu, 7 May 2020 20:05:04 +0000 (22:05 +0200)]
Fix smack privilege tests policy management
Because TEST_RUNNER_CHILD is used, the security-manager's policy is
being modified in individual processes. This leads to redundant
security-manager restarts and could leave security-manager with
improper policy after the test.
Manage the security-manager policy in the main process only.
Change-Id: I5d9924806f9ecdd28007f9cfd3ea3668e1a47a33
Krzysztof Jackiewicz [Fri, 24 Apr 2020 19:51:37 +0000 (21:51 +0200)]
Use TemporaryTestUser::getUidString where applicable
Change-Id: I0663b3a29ca74eea2f5019319d857d03a0562885
Zofia Abramowska [Tue, 7 Apr 2020 15:59:43 +0000 (17:59 +0200)]
Remove package from pkgmgr-parser.db even when sm install fails
Change-Id: I645fc92a632f60a5891759b92a1da51ee5d3300d
Krzysztof Jackiewicz [Wed, 22 Apr 2020 11:17:29 +0000 (13:17 +0200)]
Provide configuration for smack-privilege tests
Security-manager has empty configuration for smack privileges by default. To
test this functionality smack privilege tests provide their own configurations.
Change-Id: I71028202f00eb159ee8d4df76041a25b4be188b1
Dariusz Michaluk [Thu, 30 Apr 2020 12:44:04 +0000 (14:44 +0200)]
Add new test scenario, where app is killed during policy change.
Change-Id: I9a57548b1f136f3612d8be5b1b2b6f64f335970d
Krzysztof Jackiewicz [Fri, 17 Apr 2020 12:34:05 +0000 (14:34 +0200)]
Add smack-privilege tests
Change-Id: Ic6b5535199e0b6095eda8539db847dc11aef356b
Krzysztof Jackiewicz [Mon, 20 Apr 2020 06:50:03 +0000 (08:50 +0200)]
Allow uid change in AppInstallHelper
Change-Id: I3d329b8afa481e90b367abbaeb80f20bd3cc2a45
Krzysztof Jackiewicz [Thu, 16 Apr 2020 20:18:49 +0000 (22:18 +0200)]
Group privilege check refactoring
Make the checking function a passive one. Do not change process suplementary
groups in it. Modify ScopedAppLauncher to perform the test in launched app.
Test group setting api in a separate test.
Change-Id: Iccc20810dad0b667f0f4007701bd0c99e5c99f83
Krzysztof Jackiewicz [Mon, 20 Apr 2020 13:18:10 +0000 (15:18 +0200)]
Make ScopedAppLauncher child always notify the parent
In case any of ScopedAppLauncher child process asserts fails, make sure the
parent is notified and displays the error properly.
Change-Id: I75bbe0e7781cf338b62a39de03fda8f305ae8d50
Krzysztof Jackiewicz [Mon, 20 Apr 2020 11:50:39 +0000 (13:50 +0200)]
Cleanup namespace after app termination
This API call is necessary to cleanup /var/run/user/ app links after app is
terminated. Security-manager detects running apps basing on these links
existence.
Change-Id: If4feb5d158deac30098d05230c9f7fca928eacd2
Krzysztof Jackiewicz [Wed, 15 Apr 2020 14:42:40 +0000 (16:42 +0200)]
Check smack leftovers after uninstallation
Not all smack rules are removed after user removal. It is due to improper
handling of hybridity update when apps are installed for different user than
the one passed in the update request.
Check it in security_manager_09_app. The check would fail. It has been marked
as "ignored" until proper fix lands in security-manager.
Change-Id: I7936d711e6a3f0dc14ecb405f35247b20f4cb37a
Krzysztof Jackiewicz [Thu, 23 Apr 2020 08:24:07 +0000 (10:24 +0200)]
Add smack-privilege checkers to AppInstallHelperExt
Change-Id: I814dc54983ebcd4c42db8e8fbca36df71e732f54
Krzysztof Jackiewicz [Thu, 23 Apr 2020 09:46:21 +0000 (11:46 +0200)]
Add smack-privilege parsing to PolicyConfiguration
Change-Id: I9fa0b5b86138725cb9520379e25f71f82a3e43f7
Krzysztof Jackiewicz [Fri, 24 Apr 2020 14:09:05 +0000 (16:09 +0200)]
Unify privilege representation
- Use common privilege names in all sm tests
- Remove ambigious/deprecated methods from AppInstallHelper
- Use PrivilegeVector instead of PolicyConfiguration::PrivVector in
AppInstallHelper and related code
- Add privilege vectors instead of individual privileges where possible
Change-Id: I96cac9bacc8de271f9b9f9ceb7bf7c248fb26171
Krzysztof Jackiewicz [Mon, 6 Apr 2020 15:35:56 +0000 (17:35 +0200)]
Extend AppInstallHelper with checker methods
Move app checkers to AppInstallHelper derived class. Too many arguments
have to be passed here and there. Writing new checkers is pain in the
back. There's still a lot to be improved. Testing framework has to be
adjusted to allow multiple apps in the package.
Change-Id: I4b363a6b0d102bd1df6ed8cce8494c884c8d088a
Krzysztof Jackiewicz [Fri, 24 Apr 2020 13:11:31 +0000 (15:11 +0200)]
Add privilege names
Also add new Privilege ctor to work with char* privilege names.
Change-Id: I8dd79e095bf118eb2f83b94182944a9eef0cfb11
Krzysztof Jackiewicz [Thu, 23 Apr 2020 09:48:12 +0000 (11:48 +0200)]
Add rule file path getters to PolicyConfiguration
Change-Id: If06e8ac749aeec23006ae5bd6d78b1658f13031e
Krzysztof Jackiewicz [Tue, 31 Mar 2020 20:18:36 +0000 (22:18 +0200)]
Remove unused shared ro template
Change-Id: Ifd8f21e347934318edee10d9abc508ee902213df
Krzysztof Jackiewicz [Fri, 3 Apr 2020 20:11:49 +0000 (22:11 +0200)]
Avoid appId and pkgId copying in AppInstallHelper
Change-Id: Ief63d53563143a18358b435a374685c9317ecbd7
Krzysztof Jackiewicz [Fri, 3 Apr 2020 20:00:22 +0000 (22:00 +0200)]
Add ScopedAppLauncher
Needed to check smack rules while app is running
Change-Id: I6ef63fc76dd27fb6119245541dc2fd9544ff98fe
Krzysztof Jackiewicz [Thu, 2 Apr 2020 12:41:59 +0000 (14:41 +0200)]
Replace magic policy level strings with constexpr
Change-Id: Ia539ec68d641448a8d84e175eb8efe2e888e6671
Krzysztof Jackiewicz [Tue, 31 Mar 2020 20:18:36 +0000 (22:18 +0200)]
Remove unused shared ro template
Change-Id: Ifd8f21e347934318edee10d9abc508ee902213df
Tomasz Swierczek [Thu, 16 Jan 2020 09:04:46 +0000 (10:04 +0100)]
Fix nss tests
Adjusted to new nss implementation where daemon set of groups
is always static.
Change-Id: I50974b1cce07b1ca77d0b42118042ae0210631fa
Dariusz Michaluk [Wed, 22 Jan 2020 15:50:52 +0000 (16:50 +0100)]
Merge branch 'tizen' into yaca
Change-Id: I3c62439feb7a3460c01f10c4af072f7a1c64fdd1
Dariusz Michaluk [Wed, 22 Jan 2020 15:50:05 +0000 (16:50 +0100)]
Merge branch 'tizen' into security-manager
Change-Id: I6fb4dea8149fcd280c42a997c8f36ee8f8795e6f
Dariusz Michaluk [Wed, 22 Jan 2020 15:48:49 +0000 (16:48 +0100)]
Merge branch 'tizen' into ckm
Change-Id: I15cbe4302195ecaf5af4ce882126889db33a6f49
Dariusz Michaluk [Mon, 20 Jan 2020 12:31:07 +0000 (13:31 +0100)]
CKM: Update Microsoft certificates
Change-Id: I1607f3be5179323bc50ba7d7806475637f70e5f7
Dariusz Michaluk [Wed, 22 Jan 2020 15:19:26 +0000 (16:19 +0100)]
Revert assert removed in
6ee70830c0
Change-Id: I68e768e2f28f53bfc1984a4e41a7d1795fbe54ee
Konrad Lipinski [Wed, 22 Jan 2020 15:04:50 +0000 (16:04 +0100)]
cynara-tests: replace select w/ poll
Change-Id: If7cf3efec5d0a38a6467a1dbea962c80820c6cd5
Dariusz Michaluk [Wed, 22 Jan 2020 12:48:09 +0000 (13:48 +0100)]
Fix for gcc 9 toolchain upgrade
Change-Id: I96c36e41b2048337faee2d683d1ffe9f44f91be2
Dariusz Michaluk [Wed, 22 Jan 2020 12:28:51 +0000 (13:28 +0100)]
Merge branch 'ode' into tizen
Change-Id: I22e1736002482934b4a8f85c8eb6303ae02abfc6
Dariusz Michaluk [Wed, 22 Jan 2020 12:24:42 +0000 (13:24 +0100)]
Merge branch 'nether' into tizen
Change-Id: If0dd79ca73bc75b14666067a8a11afd2680f7931
Dariusz Michaluk [Wed, 22 Jan 2020 12:18:47 +0000 (13:18 +0100)]
Merge branch 'yaca' into tizen
Change-Id: I240f8551fa276fe600dca2d1f098ddc636a9f905
Dariusz Michaluk [Wed, 22 Jan 2020 12:17:02 +0000 (13:17 +0100)]
Merge branch 'ckm' into tizen
Change-Id: Iac9d5cc6393e8598a33c783aabff77006046b187
Dariusz Michaluk [Wed, 22 Jan 2020 11:53:48 +0000 (12:53 +0100)]
Merge branch 'security-manager' into tizen
Change-Id: I84d015537ad379d56d5d897dfe180080d5b6a687
Tomasz Swierczek [Wed, 22 Jan 2020 06:11:29 +0000 (07:11 +0100)]
Fix for gcc 9 toochain upgrade
Change-Id: If7f8f1e4a00267661ebb66f53111eed9a3ed1460
Konrad Lipinski [Wed, 15 Jan 2020 16:10:36 +0000 (17:10 +0100)]
Add prepareApp benchmark
Change-Id: Ia489e00a7ea6720191812d7a31a4e8d856d397e8
Zofia Grzelewska [Tue, 10 Dec 2019 14:11:27 +0000 (15:11 +0100)]
Fix shared_ro tests
Properly setup application context, before checking access
to sharedRO/nonSharedRO directories to apply mount namespaces.
Change-Id: Ied891a1cad6ad82402a995f5fc210a23fa1c09d9
Konrad Lipinski [Tue, 1 Oct 2019 13:09:16 +0000 (15:09 +0200)]
CKM: Test asymmetric key initial value import
Change-Id: I48a977ee84602ab71b9889e39e79a004811f5f48
Krzysztof Jackiewicz [Fri, 27 Sep 2019 10:41:38 +0000 (12:41 +0200)]
Add missing break in TestRunner
In a highly unlikey case of throwing the RUNNER_IGNORED_MSG during the test
finishing stage, after the SafeCleanup collected some exception handling
errors, these errors would be added to the ignore message.
Change-Id: I1aeedb46bf98b8300223a26c312abf98d63ca838
Krzysztof Jackiewicz [Wed, 18 Sep 2019 13:12:09 +0000 (15:12 +0200)]
Merge branch 'tizen' into 'ckm'
Change-Id: If83694b3e0cd759296da5b920ec0adb50dcc54c2
Alicja Kluczek [Thu, 4 Jul 2019 10:57:32 +0000 (12:57 +0200)]
Add SM test covering hybridity upgrade
Add functionality checking if there aren't any rules related
to app in Smack rules file (both for hybrid and non-hybrid package).
Apply above functionality every time when checking if
whole package has been uninstalled properly.
Add a test checking if Smack rules were properly deleted
after uninstall.
Change-Id: Ia638f478dc007a4ef42fe32e01a282dd960d50d7
Alicja Kluczek [Thu, 4 Jul 2019 10:57:32 +0000 (12:57 +0200)]
Add SM tests covering many apps in single request
Add tests covering installation & updating many apps in single request.
Add a function checking if an app has proper Smack policy.
Add a function parsing smack rules template files.
Add a function creating a new app in InstallRequest class.
Modify ScopedInstaller class for many apps in single request
compatibility.
Change-Id: I35bb9757f54b111629d45b1769ca4e53ccccd017
Tomasz Swierczek [Fri, 23 Aug 2019 06:51:07 +0000 (08:51 +0200)]
Adjust prepareApp to use new API that sets up context for candidate process
Change-Id: Ia0eb474cc21392aaf677b3e434903ed286094d30
Dariusz Michaluk [Thu, 18 Jul 2019 15:10:21 +0000 (17:10 +0200)]
Fix T9050_yaca_rsa_encryption_paddings test
Change-Id: I2ae963ff203bff72e49a7d1c167695dbeb50ec19
Krzysztof Jackiewicz [Fri, 28 Jun 2019 16:00:22 +0000 (18:00 +0200)]
Stop ode.socket together with ode.service
Oded became socket activated. To test the connection refusal the
socket has to be put down as well.
Change-Id: Ifec50d1198ceeee7e5ac131715cbd8ca642427e5
Krzysztof Jackiewicz [Wed, 17 Jul 2019 08:52:17 +0000 (10:52 +0200)]
Merge branch 'tizen' into 'ode'
Change-Id: Ia15ecf4c082ffcf5dae47586fda10f7f48bab99c
Krzysztof Jackiewicz [Fri, 12 Jul 2019 14:45:54 +0000 (16:45 +0200)]
Start sockets before starting the service
Change-Id: I154c3e208bac37aec7d80156a3623909c00ac891
Krzysztof Jackiewicz [Wed, 3 Jul 2019 08:06:58 +0000 (10:06 +0200)]
CKM: Handle onlycap even if trailing space is missing
Change-Id: I45ee1a7f244662f80ec8eeaaf8141e1b4a52ad2c
Krzysztof Jackiewicz [Thu, 11 Jul 2019 16:10:40 +0000 (18:10 +0200)]
CKM: Update certificates for OCSP tests
Change-Id: I1328e86de02a351f4c6f588685212dd1bb429bc1
Konrad Lipinski [Wed, 29 May 2019 14:02:36 +0000 (16:02 +0200)]
Migrate to openssl 1.1
Change-Id: I5f63e3dfda3d5d4f007dd27d0faf41f3976aaebe
Krzysztof Jackiewicz [Fri, 28 Jun 2019 10:22:39 +0000 (12:22 +0200)]
CKM: Add buildtime requirement for openssl
Openssl is needed to perform buildtime encryption for TZ.
Change-Id: If5bdefa32dfd0ed26ea9f9e2318d8dc18a43677c
Krzysztof Jackiewicz [Fri, 28 Jun 2019 10:15:15 +0000 (12:15 +0200)]
CKM: Return proper error code from EIV encryption script
The encryption script did not report an error if one of pipelined
commands failed.
Add few bash options that will make the script fail with proper error
code in such cases.
Change-Id: I47a9739af93f07d2cb0e20f22087a2c182de6835
Krzysztof Jackiewicz [Fri, 28 Jun 2019 09:39:32 +0000 (11:39 +0200)]
CKM: Handle the empty onlycap case properly
In case of empty onlycap the original process label was not restored
properly leading to failures in following tests.
Change-Id: I9e4cdce234b425887da07892773f21465087c4a6
Krzysztof Jackiewicz [Thu, 13 Jun 2019 14:45:15 +0000 (16:45 +0200)]
CKM: Adjust T1810_verify_get_certificate_chain to openssl1.1
Since openssl1.1 all certificates in the chain (including trusted
ones) must include a 'basicConstrains' extension with 'CA' field set
to 'true'. Without that the verification will fail with
X509_V_ERR_INVALID_CA.
This commit recreates the chain of certificates used in T1810 with the
required extension included and updates related tests.
Change-Id: I6d2e9348a2ae6618103749d83e46a433608e65c3
Dariusz Michaluk [Thu, 6 Jun 2019 11:33:21 +0000 (13:33 +0200)]
Merge branch 'tizen' into ode
Change-Id: Ic562abbef0de256d5f0f0697709de296d7d8c986