Fix internal scheme tests

author Krzysztof Jackiewicz <k.jackiewicz@samsung.com>

Wed, 17 Oct 2018 15:02:10 +0000 (17:02 +0200)

committer Krzysztof Jackiewicz <k.jackiewicz@samsung.com>

Fri, 19 Oct 2018 12:31:50 +0000 (14:31 +0200)
author Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
Wed, 17 Oct 2018 15:02:10 +0000 (17:02 +0200)
committer Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
Fri, 19 Oct 2018 12:31:50 +0000 (14:31 +0200)
diff --git a/packaging/key-manager-tests.manifest.in b/packaging/key-manager-tests.manifest.in

index 2442a89..d302dcc 100644 (file)
--- a/packaging/key-manager-tests.manifest.in
+++ b/packaging/key-manager-tests.manifest.in
@@ -3,8 +3,8 @@
                 <domain name="_" />
         </request>
         <assign>
-               <filesystem path="@BIN_DIR@/ckm-tests-internal" exec_label="@SMACK_DOMAIN_NAME@" />
+               <filesystem path="@BIN_DIR@/ckm-tests-internal" exec_label="System::Privileged" />
                 <filesystem path="@BIN_DIR@/ckm_db_tool" exec_label="@SMACK_DOMAIN_NAME@" />
-               <filesystem path="@BIN_DIR@/ckm_generate_db" exec_label="@SMACK_DOMAIN_NAME@" />
+               <filesystem path="@BIN_DIR@/ckm_generate_db" exec_label="System::Privileged" />
         </assign>
  </manifest>
diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt

index 34fb165..ba5153e 100644 (file)
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -15,7 +15,66 @@ ADD_DEFINITIONS("-DSS_TEST_DIR=\"${SS_TEST_DIR}\"")
  SET(KEY_MANAGER_SRC_PATH ${PROJECT_SOURCE_DIR}/src)
  SET(KEY_MANAGER_PATH ${PROJECT_SOURCE_DIR}/src/manager)
  
-SET(TARGET_ENCRYPTION_SCHEME_COMMON encryption-scheme-common)
+# encryption scheme tests #####################################################
+
+PKG_CHECK_MODULES(ENCRYPTION_SCHEME_DEP
+    REQUIRED
+    openssl
+    libsmack)
+
+SET(ENCRYPTION_SCHEME_SOURCES
+    ${CMAKE_CURRENT_SOURCE_DIR}/encryption-scheme/smack-access.cpp
+    ${CMAKE_CURRENT_SOURCE_DIR}/encryption-scheme/scheme-test.cpp
+
+    ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp
+    ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp
+    ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp
+    ${KEY_MANAGER_PATH}/service/db-crypto.cpp
+    ${KEY_MANAGER_PATH}/service/file-lock.cpp
+    ${KEY_MANAGER_PATH}/service/file-system.cpp
+    ${KEY_MANAGER_PATH}/service/for-each-file.cpp
+    ${KEY_MANAGER_PATH}/service/key-provider.cpp
+    ${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c
+)
+
+INCLUDE_DIRECTORIES(SYSTEM ${ENCRYPTION_SCHEME_DEP_INCLUDE_DIRS})
+INCLUDE_DIRECTORIES(
+    ${CMAKE_CURRENT_SOURCE_DIR}
+
+    ${KEY_MANAGER_PATH}/common
+    ${KEY_MANAGER_PATH}/dpl/core/include
+    ${KEY_MANAGER_PATH}/dpl/log/include
+    ${KEY_MANAGER_PATH}/dpl/db/include
+    ${KEY_MANAGER_PATH}/sqlcipher
+    ${KEY_MANAGER_PATH}/service
+    ${KEY_MANAGER_PATH}/crypto
+)
+
+LINK_DIRECTORIES(${ENCRYPTION_SCHEME_DEP_LIBRARY_DIRS})
+
+# binary for filling db for testing
+SET(TARGET_CKM_GENERATOR "ckm_generate_db")
+
+SET(GENERATOR_SOURCES
+    ${CMAKE_CURRENT_SOURCE_DIR}/encryption-scheme/generate-db.cpp
+)
+
+ADD_EXECUTABLE(${TARGET_CKM_GENERATOR} ${GENERATOR_SOURCES} ${ENCRYPTION_SCHEME_SOURCES})
+
+TARGET_COMPILE_DEFINITIONS(${TARGET_CKM_GENERATOR} PRIVATE NO_BOOST)
+
+SET(SCHEME_TEST_LIBRARIES
+    ${ENCRYPTION_SCHEME_DEP_LIBRARIES}
+    ${TARGET_KEY_MANAGER_CLIENT}
+    ${TARGET_KEY_MANAGER_CONTROL_CLIENT}
+    ${CMAKE_THREAD_LIBS_INIT}
+    -ldl
+    ) 
+
+TARGET_LINK_LIBRARIES(${TARGET_CKM_GENERATOR} ${SCHEME_TEST_LIBRARIES}
+)
+
+INSTALL(TARGETS ${TARGET_CKM_GENERATOR} DESTINATION bin)
  
  ################################################################################
  
@@ -111,7 +170,7 @@ ENDIF()
  
  LINK_DIRECTORIES(${KEY_MANAGER_DEP_LIBRARY_DIRS})
  
-ADD_EXECUTABLE(${TARGET_TEST_MERGED} ${TEST_MERGED_SOURCES})
+ADD_EXECUTABLE(${TARGET_TEST_MERGED} ${TEST_MERGED_SOURCES} ${ENCRYPTION_SCHEME_SOURCES})
  
  
  IF(TZ_BACKEND_ENABLED)
@@ -123,13 +182,10 @@ SET(TEST_LINK_EXTRA_DEPS
  ENDIF()
  
  TARGET_LINK_LIBRARIES(${TARGET_TEST_MERGED}
-    ${TARGET_KEY_MANAGER_COMMON}
-    ${CMAKE_THREAD_LIBS_INIT}
      ${KEY_MANAGER_DEP_LIBRARIES}
-    ${TARGET_ENCRYPTION_SCHEME_COMMON}
      ${TEST_LINK_EXTRA_DEPS}
+    ${SCHEME_TEST_LIBRARIES}
      boost_unit_test_framework
-    -ldl
      )
  
  INSTALL(TARGETS ${TARGET_TEST_MERGED} DESTINATION bin)
@@ -156,5 +212,3 @@ INSTALL(
  
  INSTALL(DIRECTORY resources/traverse DESTINATION ${DB_TEST_DIR})
  INSTALL(DIRECTORY secure-storage-old-data/ DESTINATION ${SS_TEST_DIR})
-
-ADD_SUBDIRECTORY(encryption-scheme)
diff --git a/tests/encryption-scheme/CMakeLists.txt b/tests/encryption-scheme/CMakeLists.txt

deleted file mode 100644 (file)

index d9f3529..0000000
--- a/tests/encryption-scheme/CMakeLists.txt
+++ /dev/null
@@ -1,88 +0,0 @@
-# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
-#
-# @file        CMakeLists.txt
-# @author      Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
-# @brief
-#
-
-INCLUDE(FindPkgConfig)
-
-# common encryption scheme library
-PKG_CHECK_MODULES(ENCRYPTION_SCHEME_DEP
-    REQUIRED
-    openssl
-    libsmack)
-
-FIND_PACKAGE(Threads REQUIRED)
-
-SET(ENCRYPTION_SCHEME_SOURCES
-    ${CMAKE_CURRENT_SOURCE_DIR}/smack-access.cpp
-    ${CMAKE_CURRENT_SOURCE_DIR}/scheme-test.cpp
-
-    ${KEY_MANAGER_PATH}/dpl/core/src/assert.cpp
-    ${KEY_MANAGER_PATH}/dpl/db/src/naive_synchronization_object.cpp
-    ${KEY_MANAGER_PATH}/dpl/db/src/sql_connection.cpp
-    ${KEY_MANAGER_PATH}/service/db-crypto.cpp
-    ${KEY_MANAGER_PATH}/service/file-lock.cpp
-    ${KEY_MANAGER_PATH}/service/file-system.cpp
-    ${KEY_MANAGER_PATH}/service/for-each-file.cpp
-    ${KEY_MANAGER_PATH}/service/key-provider.cpp
-    ${KEY_MANAGER_PATH}/sqlcipher/sqlcipher.c
-)
-
-INCLUDE_DIRECTORIES(SYSTEM ${ENCRYPTION_SCHEME_DEP_INCLUDE_DIRS})
-INCLUDE_DIRECTORIES(
-    ${CMAKE_CURRENT_SOURCE_DIR}
-
-    ${KEY_MANAGER_PATH}/common
-    ${KEY_MANAGER_PATH}/dpl/core/include
-    ${KEY_MANAGER_PATH}/dpl/log/include
-    ${KEY_MANAGER_PATH}/dpl/db/include
-    ${KEY_MANAGER_PATH}/sqlcipher
-    ${KEY_MANAGER_PATH}/service
-    ${KEY_MANAGER_PATH}/crypto
-)
-
-LINK_DIRECTORIES(${ENCRYPTION_SCHEME_DEP_LIBRARY_DIRS})
-
-ADD_LIBRARY(${TARGET_ENCRYPTION_SCHEME_COMMON} STATIC ${ENCRYPTION_SCHEME_SOURCES})
-
-TARGET_LINK_LIBRARIES(${TARGET_ENCRYPTION_SCHEME_COMMON}
-    ${ENCRYPTION_SCHEME_DEP_LIBRARIES}
-    ${TARGET_KEY_MANAGER_CLIENT}
-    ${TARGET_KEY_MANAGER_CONTROL_CLIENT}
-    ${CMAKE_THREAD_LIBS_INIT}
-    boost_unit_test_framework
-    -ldl
-)
-
-INSTALL(TARGETS ${TARGET_ENCRYPTION_SCHEME_COMMON} DESTINATION ${LIB_INSTALL_DIR})
-
-
-
-# binary for filling db
-SET(TARGET_CKM_GENERATOR "ckm_generate_db")
-
-SET(GENERATOR_SOURCES
-    ${CMAKE_CURRENT_SOURCE_DIR}/generate-db.cpp
-)
-
-ADD_EXECUTABLE(${TARGET_CKM_GENERATOR} ${GENERATOR_SOURCES})
-
-TARGET_LINK_LIBRARIES(${TARGET_CKM_GENERATOR}
-    ${TARGET_ENCRYPTION_SCHEME_COMMON}
-)
-
-INSTALL(TARGETS ${TARGET_CKM_GENERATOR} DESTINATION bin)
diff --git a/tests/encryption-scheme/assert-wrapper.h b/tests/encryption-scheme/assert-wrapper.h

new file mode 100644 (file)

index 0000000..7ec5b0c
--- /dev/null
+++ b/tests/encryption-scheme/assert-wrapper.h
@@ -0,0 +1,47 @@
+/*
+ *  Copyright (c) 2018 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License
+ */
+/*
+ * @file       assert-wrapper.h
+ * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version    1.0
+ * @brief
+ */
+
+#pragma once
+
+#ifdef NO_BOOST
+       #include <stdexcept>
+       #include <sstream>
+
+       #define ASSERT_MSG(cond, msg)                \
+       do {                                         \
+               if (!(cond)) {                           \
+                       std::ostringstream oss;              \
+                       oss << msg;                          \
+                       throw std::runtime_error(oss.str()); \
+               }                                        \
+       } while (0)
+
+       #define ASSERT_FAIL(msg) ASSERT_MSG(false, msg)
+
+#else
+       #include <boost/test/unit_test.hpp>
+
+       #define ASSERT_MSG(cond, msg) BOOST_REQUIRE_MESSAGE(cond, msg)
+
+       #define ASSERT_FAIL(msg) BOOST_FAIL(msg)
+
+#endif
diff --git a/tests/encryption-scheme/scheme-test.cpp b/tests/encryption-scheme/scheme-test.cpp

index 73cca05..66a9fa0 100644 (file)
--- a/tests/encryption-scheme/scheme-test.cpp
+++ b/tests/encryption-scheme/scheme-test.cpp
@@ -18,7 +18,6 @@
   * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
   * @version    1.0
   */
-#include <scheme-test.h>
  
  #include <sys/smack.h>
  #include <sys/types.h>
@@ -34,10 +33,6 @@
  #include <stdexcept>
  #include <vector>
  
-#include <boost/test/unit_test.hpp>
-
-#include <smack-access.h>
-
  #include <db-crypto.h>
  #include <file-system.h>
  #include <key-provider.h>
@@ -45,6 +40,10 @@
  #include <crypto-init.h>
  #include <dpl/errno_string.h>
  
+#include <scheme-test.h>
+#include <smack-access.h>
+#include <assert-wrapper.h>
+
  using namespace CKM;
  using namespace std;
  
@@ -308,7 +307,7 @@ uid_t getUid(const char *name)
         std::vector<char> buf(bufsize, 0);
  
         int ret = getpwnam_r(name, &pwd, buf.data(), bufsize, &result);
-       BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getpwnam_r failed");
+       ASSERT_MSG(ret == 0 && result, "getpwnam_r failed");
  
         return pwd.pw_uid;
  }
@@ -327,7 +326,7 @@ gid_t getGid(const char *name)
         std::vector<char> buf(bufsize, 0);
  
         int ret = getgrnam_r(name, &grp, buf.data(), bufsize, &result);
-       BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getgrnam_r failed");
+       ASSERT_MSG(ret == 0 && result, "getgrnam_r failed");
  
         return grp.gr_gid;
  }
@@ -343,50 +342,47 @@ void restoreFile(const string &filename)
  
         int sourceFd = TEMP_FAILURE_RETRY(open(sourcePath.c_str(), O_RDONLY));
         err = errno;
-       BOOST_REQUIRE_MESSAGE(sourceFd > 0,
-                                                 "Opening " << sourcePath << " failed: " << GetErrnoString(err));
+       ASSERT_MSG(sourceFd > 0, "Opening " << sourcePath << " failed: " << GetErrnoString(err));
  
         FdPtr sourceFdPtr(&sourceFd);
  
         int targetFd = TEMP_FAILURE_RETRY(creat(targetPath.c_str(), 0644));
         err = errno;
-       BOOST_REQUIRE_MESSAGE(targetFd > 0,
-                                                 "Creating " << targetPath << " failed: " << GetErrnoString(err));
+       ASSERT_MSG(targetFd > 0, "Creating " << targetPath << " failed: " << GetErrnoString(err));
  
         ret = fchown(targetFd, CKM_UID, CKM_GID);
         err = errno;
-       BOOST_REQUIRE_MESSAGE(ret != -1, "fchown() failed: " << GetErrnoString(err));
+       ASSERT_MSG(ret != -1, "fchown() failed: " << GetErrnoString(err));
  
         FdPtr targetFdPtr(&targetFd);
  
         struct stat sourceStat;
         ret = fstat(sourceFd, &sourceStat);
         err = errno;
-       BOOST_REQUIRE_MESSAGE(ret != -1, "fstat() failed: " << GetErrnoString(err));
+       ASSERT_MSG(ret != -1, "fstat() failed: " << GetErrnoString(err));
  
         ret = sendfile(targetFd, sourceFd, 0, sourceStat.st_size);
         err = errno;
-       BOOST_REQUIRE_MESSAGE(ret != -1, "sendfile() failed: " << GetErrnoString(err));
+       ASSERT_MSG(ret != -1, "sendfile() failed: " << GetErrnoString(err));
  
         ret = fsync(targetFd);
         err = errno;
-       BOOST_REQUIRE_MESSAGE(ret != -1, "fsync() failed: " << GetErrnoString(err));
+       ASSERT_MSG(ret != -1, "fsync() failed: " << GetErrnoString(err));
  }
  
  void generateRandom(size_t random_bytes, unsigned char *output)
  {
         if (random_bytes <= 0 || !output)
-               throw runtime_error("Invalid param");
+               ASSERT_FAIL("Invalid param");
  
         std::ifstream is("/dev/urandom", std::ifstream::binary);
  
-       if (!is)
-               throw runtime_error("Failed to read /dev/urandom");
+       ASSERT_MSG(is, "Failed to read /dev/urandom");
  
         is.read(reinterpret_cast<char *>(output), random_bytes);
  
-       if (static_cast<std::streamsize>(random_bytes) != is.gcount())
-               throw runtime_error("Not enough bytes read from /dev/urandom");
+       ASSERT_MSG(static_cast<std::streamsize>(random_bytes) == is.gcount(),
+                  "Not enough bytes read from /dev/urandom");
  }
  
  RawBuffer createRandomBuffer(size_t random_bytes)
@@ -420,11 +416,9 @@ SchemeTest::~SchemeTest()
  
  void SchemeTest::RemoveUserData()
  {
-       if (CKM_API_SUCCESS != m_control->lockUserKey(UID))
-               throw runtime_error("lockUserKey failed");
+       ASSERT_MSG(m_control->lockUserKey(UID) == CKM_API_SUCCESS, "lockUserKey failed");
  
-       if (CKM_API_SUCCESS != m_control->removeUserData(UID))
-               throw runtime_error("removeUserData failed");
+       ASSERT_MSG(m_control->removeUserData(UID) == CKM_API_SUCCESS, "removeUserData failed");
  }
  
  void SchemeTest::SwitchToUser()
@@ -432,26 +426,21 @@ void SchemeTest::SwitchToUser()
         if (m_userChanged)
                 return;
  
-       if (CKM_API_SUCCESS != m_control->unlockUserKey(UID, DBPASS))
-               throw runtime_error("unlockUserKey failed");
+       ASSERT_MSG(m_control->unlockUserKey(UID, DBPASS) == CKM_API_SUCCESS, "unlockUserKey failed");
  
         // get calling label
         char *label = NULL;
  
-       if (smack_new_label_from_self(&label) <= 0)
-               throw runtime_error("smack_new_label_from_self failed");
+       ASSERT_MSG(smack_new_label_from_self(&label) > 0, "smack_new_label_from_self failed");
  
         m_origLabel = string(label);
         free(label);
  
-       if (0 > smack_set_label_for_self(LABEL))
-               throw runtime_error("smack_set_label_for_self failed");
+       ASSERT_MSG(smack_set_label_for_self(LABEL) == 0, "smack_set_label_for_self failed");
  
-       if (0 > setegid(GID))
-               throw runtime_error("setegid failed");
+       ASSERT_MSG(setegid(GID) == 0, "setegid failed");
  
-       if (0 > seteuid(UID))
-               throw runtime_error("seteuid failed");
+       ASSERT_MSG(seteuid(UID) == 0, "seteuid failed");
  
         m_userChanged = true;
  }
@@ -461,17 +450,14 @@ void SchemeTest::SwitchToRoot()
         if (!m_userChanged)
                 return;
  
-       if (0 > seteuid(0))
-               throw runtime_error("seteuid failed");
+       ASSERT_MSG(seteuid(0) == 0, "seteuid failed");
  
-       if (0 > setegid(0))
-               throw runtime_error("setegid failed");
+       ASSERT_MSG(setegid(0) == 0, "setegid failed");
  
-       if (0 > smack_set_label_for_self(m_origLabel.c_str()))
-               throw runtime_error("smack_set_label_for_self failed");
+       ASSERT_MSG(smack_set_label_for_self(m_origLabel.c_str()) == 0,
+                  "smack_set_label_for_self failed");
  
-       if (m_control->lockUserKey(UID) != CKM_API_SUCCESS)
-               throw runtime_error("lockUserKey failed");
+       ASSERT_MSG(m_control->lockUserKey(UID) == CKM_API_SUCCESS, "lockUserKey failed");
  }
  
  void SchemeTest::FillDb()
@@ -479,15 +465,13 @@ void SchemeTest::FillDb()
         // pkcs
         ifstream is(DB_TEST_DIR "/encryption-scheme.p12");
  
-       if (!is)
-               throw runtime_error("Failed to read pkcs");
+       ASSERT_MSG(is, "Failed to read pkcs");
  
         istreambuf_iterator<char> begin(is), end;
         RawBuffer pkcsBuffer(begin, end);
         auto pkcs = PKCS12::create(pkcsBuffer, Password());
  
-       if (pkcs->empty())
-               throw runtime_error("Empty pkcs");
+       ASSERT_MSG(!pkcs->empty(), "Empty pkcs");
  
         SwitchToUser();
  
@@ -505,42 +489,40 @@ void SchemeTest::FillDb()
         for (const auto &g : GROUPS) {
                 switch (g.type) {
                 case Group::KEY_PAIR_RSA:
-                       if (g.items.size() != 2)
-                               throw runtime_error("Wrong number of keys");
+                       ASSERT_MSG(g.items.size() == 2, "Wrong number of keys");
  
                         if (g.items[0].type != DataType::KEY_RSA_PRIVATE ||
                                         g.items[1].type != DataType::KEY_RSA_PUBLIC)
-                               throw runtime_error("Invalid item type");
+                               ASSERT_FAIL("Invalid item type");
  
                         if (CKM_API_SUCCESS != m_mgr->createKeyPairRSA(1024,
                                         g.items[0].alias,
                                         g.items[1].alias,
                                         g.items[0].policy,
                                         g.items[1].policy))
-                               throw runtime_error("createKeyPair failed");
+                               ASSERT_FAIL("createKeyPair failed");
  
                         break;
  
                 case Group::CERT_CHAIN:
-                       if (g.items.size() != CHAIN_SIZE)
-                               throw runtime_error("Wrong number of certificates");
+                       ASSERT_MSG(g.items.size() == CHAIN_SIZE, "Wrong number of certificates");
  
                         if (g.items[0].type != DataType::CERTIFICATE ||
                                         g.items[1].type != DataType::CERTIFICATE ||
                                         g.items[2].type != DataType::CERTIFICATE)
-                               throw runtime_error("Invalid item type");
+                               ASSERT_FAIL("Invalid item type");
  
                         if (CKM_API_SUCCESS != m_mgr->saveCertificate(g.items[0].alias, rootCa,
                                         g.items[0].policy))
-                               throw runtime_error("saveCertificate failed");
+                               ASSERT_FAIL("saveCertificate failed");
  
                         if (CKM_API_SUCCESS != m_mgr->saveCertificate(g.items[1].alias, imCa,
                                         g.items[1].policy))
-                               throw runtime_error("saveCertificate failed");
+                               ASSERT_FAIL("saveCertificate failed");
  
                         if (CKM_API_SUCCESS != m_mgr->saveCertificate(g.items[2].alias, leaf,
                                         g.items[2].policy))
-                               throw runtime_error("saveCertificate failed");
+                               ASSERT_FAIL("saveCertificate failed");
  
                         break;
  
@@ -549,24 +531,24 @@ void SchemeTest::FillDb()
                                 switch (i.type) {
                                 case DataType::BINARY_DATA:
                                         if (CKM_API_SUCCESS != m_mgr->saveData(i.alias, TEST_DATA, i.policy))
-                                               throw runtime_error("saveData failed");
+                                               ASSERT_FAIL("saveData failed");
  
                                         break;
  
                                 case DataType::KEY_AES:
                                         if (CKM_API_SUCCESS != m_mgr->createKeyAES(256, i.alias, i.policy))
-                                               throw runtime_error("createKeyAES failed");
+                                               ASSERT_FAIL("createKeyAES failed");
  
                                         break;
  
                                 case DataType::CHAIN_CERT_0:    // PKCS
                                         if (CKM_API_SUCCESS != m_mgr->savePKCS12(i.alias, pkcs, i.policy, i.policy))
-                                               throw runtime_error("savePkcs12 failed");
+                                               ASSERT_FAIL("savePkcs12 failed");
  
                                         break;
  
                                 default:
-                                       throw runtime_error("unsupported data type");
+                                       ASSERT_FAIL("unsupported data type");
                                 }
                         }
  
@@ -595,8 +577,8 @@ void SchemeTest::ReadAll(bool useWrongPass)
                         case DataType::BINARY_DATA: {
                                 RawBuffer receivedData;
                                 ret = m_mgr->getData(i.alias, pass, receivedData);
-                               BOOST_REQUIRE_MESSAGE(useWrongPass || receivedData == TEST_DATA,
-                                                                         "Received data is different for " << i.alias);
+                               ASSERT_MSG(useWrongPass || receivedData == TEST_DATA,
+                                          "Received data is different for " << i.alias);
                                 break;
                         }
  
@@ -621,20 +603,20 @@ void SchemeTest::ReadAll(bool useWrongPass)
                         }
  
                         default:
-                               BOOST_FAIL("Unsupported data type " << i.type);
+                               ASSERT_FAIL("Unsupported data type " << i.type);
                         }
  
                         if (i.policy.extractable) {
                                 if (useWrongPass)
-                                       BOOST_REQUIRE_MESSAGE(ret == CKM_API_ERROR_AUTHENTICATION_FAILED,
-                                                                                 "Reading item " << i.alias << " should fail with " <<
-                                                                                 CKM_API_ERROR_AUTHENTICATION_FAILED << " got: " << ret);
+                                       ASSERT_MSG(ret == CKM_API_ERROR_AUTHENTICATION_FAILED,
+                                                  "Reading item " << i.alias << " should fail with " <<
+                                                  CKM_API_ERROR_AUTHENTICATION_FAILED << " got: " << ret);
                                 else
-                                       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS, "Reading item " << i.alias <<
-                                                                                 " failed with " << ret);
+                                       ASSERT_MSG(ret == CKM_API_SUCCESS,
+                                                 "Reading item " << i.alias << " failed with " << ret);
                         } else {
-                               BOOST_REQUIRE_MESSAGE(ret == CKM_API_ERROR_NOT_EXPORTABLE, "Item " << i.alias <<
-                                                                         " should not be exportable");
+                               ASSERT_MSG(ret == CKM_API_ERROR_NOT_EXPORTABLE,
+                                          "Item " << i.alias << " should not be exportable");
                         }
                 }
         }
@@ -646,9 +628,9 @@ void SchemeTest::SignVerify()
  
         for (const auto &g : GROUPS) {
                 if (g.type == Group::KEY_PAIR_RSA) {
-                       BOOST_REQUIRE_MESSAGE(g.items.size() == 2, "Wrong number of keys");
-                       BOOST_REQUIRE_MESSAGE(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
-                                                                 g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
+                       ASSERT_MSG(g.items.size() == 2, "Wrong number of keys");
+                       ASSERT_MSG(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
+                                  g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
  
                         SignVerifyItem(g.items[0], g.items[1]);
                 } else {
@@ -672,9 +654,9 @@ void SchemeTest::EncryptDecrypt()
  
         for (const auto &g : GROUPS) {
                 if (g.type == Group::KEY_PAIR_RSA) {
-                       BOOST_REQUIRE_MESSAGE(g.items.size() == 2, "Wrong number of keys");
-                       BOOST_REQUIRE_MESSAGE(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
-                                                                 g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
+                       ASSERT_MSG(g.items.size() == 2, "Wrong number of keys");
+                       ASSERT_MSG(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
+                                  g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
  
                         EncryptDecryptItem(g.items[0], g.items[1]);
                 } else {
@@ -702,10 +684,10 @@ void SchemeTest::CreateChain()
  
         for (const auto &g : GROUPS) {
                 if (g.type == Group::CERT_CHAIN) {
-                       BOOST_REQUIRE_MESSAGE(g.items.size() == CHAIN_SIZE, "Not enough certificates");
+                       ASSERT_MSG(g.items.size() == CHAIN_SIZE, "Not enough certificates");
  
                         for (const auto &c : g.items)
-                               BOOST_REQUIRE_MESSAGE(c.type == DataType::CERTIFICATE, "Wrong item type");
+                               ASSERT_MSG(c.type == DataType::CERTIFICATE, "Wrong item type");
  
                         Items trusted(CHAIN_SIZE - 1);
                         std::copy(g.items.begin(), g.items.begin() + CHAIN_SIZE - 1, trusted.begin());
@@ -728,8 +710,8 @@ void SchemeTest::RemoveAll()
         for (const auto &g : GROUPS) {
                 for (const auto &i : g.items) {
                         int ret = m_mgr->removeAlias(i.alias);
-                       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                                 "removeAlias() failed with " << ret << " for " << i.alias);
+                       ASSERT_MSG(ret == CKM_API_SUCCESS,
+                                  "removeAlias() failed with " << ret << " for " << i.alias);
                 }
         }
  }
@@ -771,13 +753,12 @@ void SchemeTest::CheckSchemeVersion(const ItemFilter &filter, int version)
  
                         DB::RowVector rows;
                         m_db->getRows(i.alias, OWNER, filter.typeFrom, filter.typeTo, rows);
-                       BOOST_REQUIRE_MESSAGE(rows.size() > 0, "No rows found for " << i.alias);
+                       ASSERT_MSG(rows.size() > 0, "No rows found for " << i.alias);
  
                         for (const auto &r : rows) {
-                               BOOST_REQUIRE_MESSAGE(
-                                       (r.encryptionScheme >> ENC_SCHEME_OFFSET) == version,
-                                       "Wrong encryption scheme for " << i.alias << ". Expected " << version <<
-                                       " got: " << (r.encryptionScheme >> ENC_SCHEME_OFFSET));
+                               ASSERT_MSG((r.encryptionScheme >> ENC_SCHEME_OFFSET) == version,
+                                          "Wrong encryption scheme for " << i.alias << ". Expected " << version <<
+                                          " got: " << (r.encryptionScheme >> ENC_SCHEME_OFFSET));
                         }
                 }
         }
@@ -814,18 +795,16 @@ void SchemeTest::SignVerifyItem(const Item &itemPrv, const Item &itemPub)
                                                                  HashAlgorithm::SHA512,
                                                                  RSAPaddingAlgorithm::X931,
                                                                  signature);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "createSignature() failed with " << ret <<
-                                                 " for " << itemPrv.alias);
+       ASSERT_MSG(ret == CKM_API_SUCCESS,
+                  "createSignature() failed with " << ret << " for " << itemPrv.alias);
         ret = m_mgr->verifySignature(itemPub.alias,
                                                                  itemPub.policy.password,
                                                                  TEST_DATA,
                                                                  signature,
                                                                  HashAlgorithm::SHA512,
                                                                  RSAPaddingAlgorithm::X931);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "verifySignature() failed with " << ret <<
-                                                 " for " << itemPub.alias);
+       ASSERT_MSG(ret == CKM_API_SUCCESS,
+                  "verifySignature() failed with " << ret << " for " << itemPub.alias);
  }
  
  void SchemeTest::EncryptDecryptItem(const Item &item)
@@ -838,20 +817,13 @@ void SchemeTest::EncryptDecryptItem(const Item &item)
         algo.setParam(ParamName::ALGO_TYPE, AlgoType::AES_GCM);
         algo.setParam(ParamName::ED_IV, iv);
  
-       ret = m_mgr->encrypt(algo, item.alias, item.policy.password, TEST_DATA,
-                                                encrypted);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "encrypt() failed iwth " << ret << " for " <<
-                                                 item.alias);
+       ret = m_mgr->encrypt(algo, item.alias, item.policy.password, TEST_DATA, encrypted);
+       ASSERT_MSG(ret == CKM_API_SUCCESS, "encrypt() failed iwth " << ret << " for " << item.alias);
  
-       ret = m_mgr->decrypt(algo, item.alias, item.policy.password, encrypted,
-                                                decrypted);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "decrypt() failed iwth " << ret << " for " <<
-                                                 item.alias);
+       ret = m_mgr->decrypt(algo, item.alias, item.policy.password, encrypted, decrypted);
+       ASSERT_MSG(ret == CKM_API_SUCCESS, "decrypt() failed iwth " << ret << " for " << item.alias);
  
-       BOOST_REQUIRE_MESSAGE(decrypted == TEST_DATA,
-                                                 "Decrypted data not equal to original");
+       ASSERT_MSG(decrypted == TEST_DATA, "Decrypted data not equal to original");
  }
  
  void SchemeTest::EncryptDecryptItem(const Item &itemPrv, const Item &itemPub)
@@ -862,20 +834,13 @@ void SchemeTest::EncryptDecryptItem(const Item &itemPrv, const Item &itemPub)
  
         algo.setParam(ParamName::ALGO_TYPE, AlgoType::RSA_OAEP);
  
-       ret = m_mgr->encrypt(algo, itemPub.alias, itemPub.policy.password, TEST_DATA,
-                                                encrypted);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "encrypt() failed iwth " << ret << " for " <<
-                                                 itemPub.alias);
+       ret = m_mgr->encrypt(algo, itemPub.alias, itemPub.policy.password, TEST_DATA, encrypted);
+       ASSERT_MSG(ret == CKM_API_SUCCESS, "encrypt() failed iwth " << ret << " for " << itemPub.alias);
  
-       ret = m_mgr->decrypt(algo, itemPrv.alias, itemPrv.policy.password, encrypted,
-                                                decrypted);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "decrypt() failed iwth " << ret << " for " <<
-                                                 itemPrv.alias);
+       ret = m_mgr->decrypt(algo, itemPrv.alias, itemPrv.policy.password, encrypted, decrypted);
+       ASSERT_MSG(ret == CKM_API_SUCCESS, "decrypt() failed iwth " << ret << " for " << itemPrv.alias);
  
-       BOOST_REQUIRE_MESSAGE(decrypted == TEST_DATA,
-                                                 "Decrypted data not equal to original");
+       ASSERT_MSG(decrypted == TEST_DATA, "Decrypted data not equal to original");
  }
  
  void SchemeTest::CreateChainItem(const Item &leaf, const Items &certs)
@@ -895,13 +860,10 @@ void SchemeTest::CreateChainItem(const Item &leaf, const Items &certs)
  
         CertificateShPtr leafCrt;
         int ret = m_mgr->getCertificate(leaf.alias, leaf.policy.password, leafCrt);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "getCertificate failed with " << ret << " for " <<
-                                                 leaf.alias);
+       ASSERT_MSG(ret == CKM_API_SUCCESS,
+                  "getCertificate failed with " << ret << " for " << leaf.alias);
  
         ret = m_mgr->getCertificateChain(leafCrt, AliasVector(), trusted, false, chain);
-       BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
-                                                 "getCertificateChain() failed with " << ret);
-       BOOST_REQUIRE_MESSAGE(chain.size() == CHAIN_LEN,
-                                                 "Wrong chain length: " << chain.size());
+       ASSERT_MSG(ret == CKM_API_SUCCESS, "getCertificateChain() failed with " << ret);
+       ASSERT_MSG(chain.size() == CHAIN_LEN, "Wrong chain length: " << chain.size());
  }
diff --git a/tests/encryption-scheme/smack-access.cpp b/tests/encryption-scheme/smack-access.cpp

index 8115e64..960ea12 100644 (file)
--- a/tests/encryption-scheme/smack-access.cpp
+++ b/tests/encryption-scheme/smack-access.cpp
@@ -20,16 +20,14 @@
   * @version    1.0
   */
  
-#include <stdexcept>
+#include <sys/smack.h>
  
+#include <assert-wrapper.h>
  #include <smack-access.h>
  
-#include <sys/smack.h>
-
  SmackAccess::SmackAccess() : m_handle(nullptr)
  {
-       if (0 != smack_accesses_new(&m_handle))
-               throw std::runtime_error("smack_accesses_new failed");
+       ASSERT_MSG(smack_accesses_new(&m_handle) == 0, "smack_accesses_new failed");
  }
  
  void SmackAccess::add(
@@ -37,15 +35,13 @@ void SmackAccess::add(
         const std::string &object,
         const std::string &rights)
  {
-       if (0 != smack_accesses_add(m_handle, subject.c_str(), object.c_str(),
-                                                               rights.c_str()))
-               throw std::runtime_error("smack_accesses_add failed");
+       ASSERT_MSG(smack_accesses_add(m_handle, subject.c_str(), object.c_str(), rights.c_str()) == 0,
+                  "smack_accesses_add failed");
  }
  
  void SmackAccess::apply()
  {
-       if (0 != smack_accesses_apply(m_handle))
-               throw std::runtime_error("smack_accesses_apply failed");
+       ASSERT_MSG(smack_accesses_apply(m_handle) == 0, "smack_accesses_apply failed");
  }
  
  SmackAccess::~SmackAccess()
diff --git a/tests/test_encryption-scheme.cpp b/tests/test_encryption-scheme.cpp

index dc2e3bd..ac552f5 100644 (file)
--- a/tests/test_encryption-scheme.cpp
+++ b/tests/test_encryption-scheme.cpp
@@ -19,6 +19,9 @@
   * @version    1.0
   */
  
+#include <fstream>
+#include <string>
+
  #include <boost/test/unit_test.hpp>
  #include <boost/test/results_reporter.hpp>
  
@@ -30,10 +33,35 @@ namespace {
  // this is done to limit the amount of code included in binary
  const int OLD_ENC_SCHEME  = 0;
  const int NEW_ENC_SCHEME  = 1;
-} // namespace anonymous
  
+const char* const ONLYCAP = "/sys/fs/smackfs/onlycap";
+
+class OnlycapFixture {
+public:
+       OnlycapFixture() {
+               std::fstream file(ONLYCAP);
+               std::string tmp;
+               while(file >> tmp) {
+                       m_oldOnlycap += tmp;
+                       m_oldOnlycap += " ";
+               }
+               file.clear();
+               file << " ";
+       };
+
+       ~OnlycapFixture() {
+               try {
+                       std::ofstream file(ONLYCAP);
+                       file << m_oldOnlycap;
+               } catch(...) {}
+       };
+private:
+       std::string m_oldOnlycap;
+};
+
+} // namespace anonymous
  
-BOOST_AUTO_TEST_SUITE(ENCRYPTION_SCHEME_TEST)
+BOOST_FIXTURE_TEST_SUITE(ENCRYPTION_SCHEME_TEST, OnlycapFixture)
  
  // Test database should have the old scheme
  BOOST_AUTO_TEST_CASE(T010_Check_old_scheme)
author	Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
	Wed, 17 Oct 2018 15:02:10 +0000 (17:02 +0200)
committer	Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
	Fri, 19 Oct 2018 12:31:50 +0000 (14:31 +0200)
packaging/key-manager-tests.manifest.in		patch \| blob \| history
tests/CMakeLists.txt		patch \| blob \| history
tests/encryption-scheme/CMakeLists.txt	[deleted file]	patch \| blob \| history
tests/encryption-scheme/assert-wrapper.h	[new file with mode: 0644]	patch \| blob
tests/encryption-scheme/scheme-test.cpp		patch \| blob \| history
tests/encryption-scheme/smack-access.cpp		patch \| blob \| history
tests/test_encryption-scheme.cpp		patch \| blob \| history