2 * Copyright (c) 2016 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
24 #include <dpl/test/test_runner.h>
25 #include <dpl/test/test_runner_child.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
29 #include <access_provider2.h>
30 #include <ckm-common.h>
31 #include <ckm-privileged-common.h>
33 #include <ckm/ckm-manager.h>
34 #include <ckm/ckm-control.h>
35 #include <ckm/ckm-password.h>
36 #include <ckm/ckm-type.h>
37 #include <ckm/ckm-pkcs12.h>
39 #include <openssl/x509.h>
40 #include <openssl/x509v3.h>
43 const int USER_APP = 5000;
44 const int GROUP_APP = 5000;
46 const int USER_APP_2 = 5020;
47 const int USER_APP_3 = 5030;
49 const char * const APP_PASS = "user-pass";
50 const int USER_TEST = 5001;
52 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
53 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
54 } // namespace anonymous
57 * How to numerate tests:
59 * T - test case (always T)
60 * AB - number of test group (always two digits)
61 * C - test number in group (all tests with same TABC must be run in the same time).
65 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
67 RUNNER_TEST(T1510_init_unlock_key)
69 reset_user_data(USER_TEST, APP_PASS);
72 RUNNER_TEST(T1511_insert_data)
74 auto certee = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
75 auto certim = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
76 CKM::Alias certeeAlias("CertEE");
77 CKM::Alias certimAlias("CertIM");
79 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
80 ScopedAccessProvider ap(TEST_LABEL);
81 ap.allowAPI("key-manager::api-storage", "rw");
82 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
84 auto manager = CKM::Manager::create();
85 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
86 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
90 stop_service(MANAGER);
91 start_service(MANAGER);
95 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
96 ScopedAccessProvider ap(TEST_LABEL);
97 ap.allowAPI("key-manager::api-storage", "rw");
98 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
100 auto manager = CKM::Manager::create();
101 int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
102 int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
104 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
105 "Certificate should be in database already. Error=" << CKM::APICodeToString(status1));
107 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
108 "Certificate should be in database already. Error=" << CKM::APICodeToString(status2));
112 RUNNER_TEST(T1519_deinit)
114 remove_user_data(USER_TEST);
117 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
119 RUNNER_TEST(T1701_init_unlock_key)
121 unlock_user_data(USER_TEST+1, "t170-special-password");
123 ScopedAccessProvider ap(TEST_LABEL);
124 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
127 RUNNER_CHILD_TEST(T1702_insert_data)
130 ScopedAccessProvider ap(TEST_LABEL);
131 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
133 auto certee = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
135 auto manager = CKM::Manager::create();
136 size_t current_aliases_num = count_aliases(ALIAS_CERT);
137 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
140 CKM_API_SUCCESS == status1,
141 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
145 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
146 "Error=" << CKM::APICodeToString(temp));
148 (current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
149 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
152 RUNNER_TEST(T1703_removeApplicationData)
155 auto control = CKM::Control::create();
157 CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL)),
158 "Error=" << CKM::APICodeToString(tmp));
161 RUNNER_CHILD_TEST(T1704_data_test)
164 ScopedAccessProvider ap(TEST_LABEL);
165 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
168 auto manager = CKM::Manager::create();
171 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
172 "Error=" << CKM::APICodeToString(temp));
174 0 == (temp = av.size()),
175 "Vector size: " << temp << ". Expected: 0");
178 RUNNER_TEST(T1705_deinit)
180 remove_user_data(USER_TEST+1);
183 RUNNER_TEST(T17101_init)
187 auto control = CKM::Control::create();
189 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
190 "Error=" << CKM::APICodeToString(tmp));
192 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
193 "Error=" << CKM::APICodeToString(tmp));
195 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
196 "Error=" << CKM::APICodeToString(tmp));
199 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
200 "Error=" << CKM::APICodeToString(tmp));
202 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
203 "Error=" << CKM::APICodeToString(tmp));
205 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
206 "Error=" << CKM::APICodeToString(tmp));
209 RUNNER_CHILD_TEST(T17102_prep_data_01)
212 ScopedAccessProvider ap(TEST_LABEL);
213 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
216 auto manager = CKM::Manager::create();
218 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
220 CKM::RawBuffer buffer(data.begin(), data.end());
221 CKM::Policy exportable(CKM::Password(), true);
224 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
225 "Error=" << CKM::APICodeToString(temp));
228 RUNNER_CHILD_TEST(T17103_prep_data_02)
231 ScopedAccessProvider ap(TEST_LABEL_2);
232 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
235 auto manager = CKM::Manager::create();
237 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
239 CKM::RawBuffer buffer(data.begin(), data.end());
240 CKM::Policy exportable(CKM::Password(), true);
243 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
244 "Error=" << CKM::APICodeToString(temp));
247 RUNNER_CHILD_TEST(T17104_prep_data_03)
250 ScopedAccessProvider ap(TEST_LABEL);
251 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
254 auto manager = CKM::Manager::create();
256 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
258 CKM::RawBuffer buffer(data.begin(), data.end());
259 CKM::Policy exportable(CKM::Password(), true);
262 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
263 "Error=" << CKM::APICodeToString(temp));
266 RUNNER_CHILD_TEST(T17105_prep_data_04)
269 ScopedAccessProvider ap(TEST_LABEL_2);
270 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
273 auto manager = CKM::Manager::create();
275 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
277 CKM::RawBuffer buffer(data.begin(), data.end());
278 CKM::Policy exportable(CKM::Password(), true);
281 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
282 "Error=" << CKM::APICodeToString(temp));
285 RUNNER_TEST(T17106_remove_application)
289 auto control = CKM::Control::create();
291 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
292 "Error=" << CKM::APICodeToString(tmp));
294 CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL)),
295 "Error=" << CKM::APICodeToString(tmp));
298 RUNNER_CHILD_TEST(T17107_check_data_01)
301 ScopedAccessProvider ap(TEST_LABEL);
302 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
305 auto manager = CKM::Manager::create();
308 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
309 "Error=" << CKM::APICodeToString(temp));
311 0 == (temp = av.size()),
312 "Vector size: " << temp << ". Expected: 0");
315 RUNNER_CHILD_TEST(T17108_check_data_02)
318 ScopedAccessProvider ap(TEST_LABEL_2);
319 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
322 auto manager = CKM::Manager::create();
325 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
326 "Error=" << CKM::APICodeToString(temp));
328 1 == (temp = av.size()),
329 "Vector size: " << temp << ". Expected: 1");
332 RUNNER_TEST(T17109_unlock_user2)
336 auto control = CKM::Control::create();
338 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
339 "Error=" << CKM::APICodeToString(tmp));
342 RUNNER_CHILD_TEST(T17110_check_data_03)
345 ScopedAccessProvider ap(TEST_LABEL);
346 ap.allowAPI("key-manager::api-storage", "rw");
347 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
350 auto manager = CKM::Manager::create();
353 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
354 "Error=" << CKM::APICodeToString(temp));
356 0 == (temp = av.size()),
357 "Vector size: " << temp << ". Expected: 0");
360 RUNNER_CHILD_TEST(T17111_check_data_04)
363 ScopedAccessProvider ap(TEST_LABEL_2);
364 ap.allowAPI("key-manager::api-storage", "rw");
365 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
368 auto manager = CKM::Manager::create();
371 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
372 "Error=" << CKM::APICodeToString(temp));
374 1 == (temp = av.size()),
375 "Vector size: " << temp << ". Expected: 1");
378 RUNNER_TEST(T17112_deinit)
380 remove_user_data(USER_TEST+2);
381 remove_user_data(USER_TEST+3);
384 int main(int argc, char *argv[])
388 std::cerr << argv[0] << " should be executed as root. Aborting" << std::endl;
391 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);