Adjust app defined privileges tests to license-manager changes

author Dariusz Michaluk <d.michaluk@samsung.com>

Mon, 22 May 2017 15:29:33 +0000 (17:29 +0200)

committer Dariusz Michaluk <d.michaluk@samsung.com>

Mon, 12 Jun 2017 11:41:28 +0000 (13:41 +0200)
author Dariusz Michaluk <d.michaluk@samsung.com>
Mon, 22 May 2017 15:29:33 +0000 (17:29 +0200)
committer Dariusz Michaluk <d.michaluk@samsung.com>
Mon, 12 Jun 2017 11:41:28 +0000 (13:41 +0200)
diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec

index f981779..f815452 100644 (file)
--- a/packaging/security-tests.spec
+++ b/packaging/security-tests.spec
@@ -59,7 +59,8 @@ cmake . -DCMAKE_INSTALL_PREFIX=%{_prefix} \
          -DAPP_USER="security_test_user" \
          -DCKM_TEST_DIR=%{ckm_test_dir} \
          -DCKM_RW_DATA_DIR=%{ckm_rw_data_dir} \
-        -DGLOBAL_APP_DIR=%{TZ_SYS_RW_APP}
+        -DGLOBAL_APP_DIR=%{TZ_SYS_RW_APP} \
+        -DLOCAL_APP_DIR="%{TZ_SYS_HOME}/security_test_user/apps_rw"
  make %{?jobs:-j%jobs}
  
  %install
@@ -93,6 +94,7 @@ echo "security-tests postinst done ..."
  /etc/smack/test_smack_rules
  /etc/smack/test_smack_rules_lnk
  %{TZ_SYS_RW_APP}*
+%{TZ_SYS_HOME}/security_test_user/apps_rw/*
  /usr/bin/cynara-test
  /usr/bin/ckm-tests
  /usr/bin/ckm-integration-tests
diff --git a/src/security-manager-tests/CMakeLists.txt b/src/security-manager-tests/CMakeLists.txt

index b986d9a..c5badf9 100644 (file)
--- a/src/security-manager-tests/CMakeLists.txt
+++ b/src/security-manager-tests/CMakeLists.txt
@@ -101,3 +101,8 @@ INSTALL(DIRECTORY
      ${PROJECT_SOURCE_DIR}/src/security-manager-tests/app_files/
      DESTINATION ${GLOBAL_APP_DIR}
  )
+
+INSTALL(DIRECTORY
+    ${PROJECT_SOURCE_DIR}/src/security-manager-tests/app_files/
+    DESTINATION ${LOCAL_APP_DIR}
+)
+\ No newline at end of file
diff --git a/src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/futuremind.der b/src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/futuremind.der

new file mode 100644 (file)

index 0000000..939977f

Binary files /dev/null and b/src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/futuremind.der differ
diff --git a/src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/softwaremind.pem b/src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/softwaremind.pem

new file mode 100644 (file)

index 0000000..3656f1c
--- /dev/null
+++ b/src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/softwaremind.pem
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGKzCCBBOgAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMCUEwx
+ETAPBgNVBAcMCFdhcnN6YXdhMRUwEwYDVQQKDAxBQkMgU29mdHdhcmUxNzA1BgNV
+BAMMLmh0dHA6Ly90aXplbi5vcmcvbGljZW5zZWQvYWJjc29mdHdhcmUvY2FsZW5k
+YXIxJzAlBgkqhkiG9w0BCQEWGGRldmVsb3BlckBhYmNzb2Z0d2FyZS5wbDAeFw0x
+NzA1MjIxMDQ1NDBaFw0yNzA1MjAxMDQ1NDBaMIGaMQswCQYDVQQGEwJQTDERMA8G
+A1UEBwwIV2Fyc3phd2ExFTATBgNVBAoMDFNvZnR3YXJlTWluZDE3MDUGA1UEAwwu
+aHR0cDovL3RpemVuLm9yZy9saWNlbnNlZC9hYmNzb2Z0d2FyZS9jYWxlbmRhcjEo
+MCYGCSqGSIb3DQEJARYZZGV2ZWxvcGVyQHNvZnR3YXJlbWluZC5wbDCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKrQPv8BIr9nf1/vTy20NUUGlr9znzml
+204IY9Ai9/TS2/MJ6QFECic8ZncY08vyioz6Kdq2SnRumDACcmOX3567Jz656+rH
+SSuE8TWdl5BiuPZEyOFatn+QanvrBPnBYc4YVxfLosBlGkPWxO3XefbS4aXlSppk
+uiNES0L41u0Do2UTmcKnWMuHPg8gh8eegpDSEettTlS91+LWIYnPFcnC9vivmKY3
+0nWuGpf5SqCj7ohILxQnUpdGJ9Cp/OptFSbLaPZUtPgIQZoUSQLEmeHo1na3s/8Q
+9pnQPH9y/+fdv+O8IGEpaFZHtrLwWgZlfpvrFvz1dj3h+8M8GVlyazbeoDKMHuRo
+GJlz/DccjEOmMcFDS4+eDCPw15gbivoxi79Dlisx9vwcdVVUfohBAuvPAEVH4EtF
+SK0BIJvRhy9y1awTvRH2tZIPtDW6c4DVaYRzuJdjd/SyVN6l62NrHNecQ8DIS1e0
+uKcqy0BMPken7W7K6qPnG+vSxL8dow1SdlQIvOG05n8JJyNKVe1SVZzpzY54bWK1
+qsYyFcfLB89kCXMzOSYCQqCvurvZCV72tYCqPLCzI4rjTj/3RF5FJ8gRrcKKZ2C+
+C7ocxtyps5VScOTe9JFiKltPsIMfzqD0noz2nCqXsqSD1eYtUmSqdJHGhKsJ3Ys6
+HDGFdNJmpM8rAgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9w
+ZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBRMmXV0qvxE2pWY
+6eyKGANG67Tj9DAfBgNVHSMEGDAWgBRTIMeLiV3E5mZu1sfsWox9Iw1bZDANBgkq
+hkiG9w0BAQsFAAOCAgEAgyhlvdFM7ZN9u7V0GKJMNSbKZ6Etk2LT+VZjIKtv28lw
+Vchtp4LR5p3fCB17BTYgSno6PJmulx/Vku09r2LgN6eUxfzW41IQhMnngDi0QHOK
+i9VdgC8e4CqJlDUBTpodDcAlDRJ0oDWW/sPJbHsuQ00kmiIYun4uxiiLY0gAMbF+
+Vk2bTlsr5NxBunNv5OCj6jf1dFFz45R31xyeDrUyQkjl3rWrDLRHfSFT2NHrszL5
+pueBbLY07qlbatMYF1Mv905YqFJtMVl0cHoqbk5r9rIRBph8DiH6HB5Hs2bk7wDO
+7yN3ZOjkYwjqc3nCv/ijSGdZJKPWGGNClpYwoSCi1BTNRLDWpc5o1TrPc5y8rSJV
+PIdt9JAiUSpB3n2zpyPZyU1pZuBCUbU75GflfJsv2B2hj04bfTEo092/dn7geaQs
+b57UALs5t2CrBrc5Y6HHlwTG9ui99YFLe2n8nk7YTpz31ApvhI1a6L2/rH0jCXdx
+pEqirQ4PWJlk/xVUddOR29a6QV9nDlL4la58qPImjRyfDsZhnSsF8jkWAa1J2wHM
+fEiT0SVQr7Zalmkd8zAiOTI+wn59pfmrKK+KmQXgRvf0UidGoNKa+zlLOTME2qbS
+1GSU+c6QAxP4W5Q7M7akjxx2FOV3UiXX31CoU0Zf0agidinNcTLn3V4Tkz3gvyA=
+-----END CERTIFICATE-----
diff --git a/src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/abcsoftware.pem b/src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/abcsoftware.pem

new file mode 100644 (file)

index 0000000..261c43a
--- /dev/null
+++ b/src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/abcsoftware.pem
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGBzCCA++gAwIBAgIJAIKqRu4TspIQMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
+VQQGEwJQTDERMA8GA1UEBwwIV2Fyc3phd2ExFTATBgNVBAoMDEFCQyBTb2Z0d2Fy
+ZTE3MDUGA1UEAwwuaHR0cDovL3RpemVuLm9yZy9saWNlbnNlZC9hYmNzb2Z0d2Fy
+ZS9jYWxlbmRhcjEnMCUGCSqGSIb3DQEJARYYZGV2ZWxvcGVyQGFiY3NvZnR3YXJl
+LnBsMB4XDTE3MDUyMjEwMzc1NFoXDTI3MDUyMDEwMzc1NFowgZkxCzAJBgNVBAYT
+AlBMMREwDwYDVQQHDAhXYXJzemF3YTEVMBMGA1UECgwMQUJDIFNvZnR3YXJlMTcw
+NQYDVQQDDC5odHRwOi8vdGl6ZW4ub3JnL2xpY2Vuc2VkL2FiY3NvZnR3YXJlL2Nh
+bGVuZGFyMScwJQYJKoZIhvcNAQkBFhhkZXZlbG9wZXJAYWJjc29mdHdhcmUucGww
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC3Tr3uFl1xC84/8JNRVPbh
+w+tj8oC5BQ0Tg+bKf42nsBKOKJocvoyrNY6z3WhFDHbrlMDnbv3sy7/5n+mop8de
+BACEFU0X1SHE84+GiVi1k4b16btdoDONDmkWP40wrMdPMEvF8nIvAgiU9dsjGHlC
+vP1jRlI1bVuz3xbsChZ3s+XLyd7/fvPsun3cEdr9OA5qMSyi6YPRlXPjlxSu6gDt
+hdR7K8dsUceq7xbNBZnXgBAEbrK+A39/qGcFZo9qqnxGARVlJHwCOUl7dbgqe2Il
+RmeZ4EuUnrFHO/eFTTkwQYDfrMLkbYqClpLoP75snEiPkzmTH+GdlqDOoUH7CTFF
+IVKTDjoj+//KEfSTp8TJoORKQgE23CALZMpxmOMCqx84EKwmjW+d0WXVt/7yJdi2
+u8aLVXD8GJPKbjJTYU+otkCTVyNtRdyg6bv+D1mIHCpTKE4LUnP52Xvca31KTg5j
+sCzyu+7JmYWNMrt7uenpMCG8F9pKLWBcZ+5srOC47MKMRKcd25JA2NXj3f7YMY08
+G+DQLoqbx3PUzxoSK1fB1S/qFVe1z/9QFX92dIweoU23MJZbMxjCT9triwW8lWrW
+palLiuJASST+neYve6tNMRsrz1yuZzYbjmIzAoKPxl+L4lMY/4xInC/h8R1u2bPA
+GMrZElXoWgVlEB9GvOgbPwIDAQABo1AwTjAdBgNVHQ4EFgQUUyDHi4ldxOZmbtbH
+7FqMfSMNW2QwHwYDVR0jBBgwFoAUUyDHi4ldxOZmbtbH7FqMfSMNW2QwDAYDVR0T
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAMoO7zVSwyKa6uvKpXPsdN9zfbAZj
+62p+BG1qwM16YUCT6Df8efgeX+s5+pJN1dEbrKedQoRJv1+WxiupwNs8BwTapc0D
+sy8Yap3iwxdQPHgn9z19xOnGdMQxszGlUjNY6zsoc9Cr7c29Oz/a6ZmrJiJ+lVNN
+YZxhcm8p654BtPbQzZp1vlCTAZv30EQzSplhZTN/ifxihFGAgGKDu8mQEKlj1WMr
+gD++SyJCWV6hfseNLxfwd8pSvc+OpiTgTNel0SNXW1mpXyN648RqpwFk9SbvjxE3
+7d5uq3THraMj4/2DG4bMUqkFe5oiB2NHHeIE13dqk0vKkoztPwYWf6WfedS9h68e
+4ZY8xxvBct/EtM939npkPdQzzMab2D/bT3T1fW3iHG2CuUPj4MgI+lsSkbEontNE
+OYMCFCasXpOOUKLlVqnOC5saaZS9bE7CVeCWffBvP6sSuWweOpnOfuDSRzHgtFIu
+r91r5WuRM8jtIBTIza2OqaVpUHoRWGWsMaAi7ZfZWImo3ipAmpCi2lTkK8Ima5lu
+m6i5OoP3c/fgNLIbG45tEeylq+6qmr571rBSU6GUjQKCmNb3eLeiX4wdGVAwnwM1
+f9hXxpsGOeTQLxpfvJ23yzLo8YszPfs4yF0DRrCKU3aUnx8x7yqMdyT17koxtmwv
+FvrHx6xiu0jNt+o=
+-----END CERTIFICATE-----
diff --git a/src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/xyzsoftware.der b/src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/xyzsoftware.der

new file mode 100644 (file)

index 0000000..43592a2

Binary files /dev/null and b/src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/xyzsoftware.der differ
diff --git a/src/security-manager-tests/app_files/app_def_provider_02_pkg_id/cert/xyzsoftware.pem b/src/security-manager-tests/app_files/app_def_provider_02_pkg_id/cert/xyzsoftware.pem

new file mode 100644 (file)

index 0000000..dac26ce
--- /dev/null
+++ b/src/security-manager-tests/app_files/app_def_provider_02_pkg_id/cert/xyzsoftware.pem
@@ -0,0 +1,35 @@
+-----BEGIN CERTIFICATE-----
+MIIGAzCCA+ugAwIBAgIJAMW2m1NESRlDMA0GCSqGSIb3DQEBCwUAMIGXMQswCQYD
+VQQGEwJQTDERMA8GA1UEBwwIV2Fyc3phd2ExFTATBgNVBAoMDFhZWiBTb2Z0d2Fy
+ZTE1MDMGA1UEAwwsaHR0cDovL3RpemVuLm9yZy9saWNlbnNlZC94eXpzb2Z0d2Fy
+ZS9jYW1lcmExJzAlBgkqhkiG9w0BCQEWGGRldmVsb3BlckB4eXpzb2Z0d2FyZS5w
+bDAeFw0xNzA1MjIxMDM5NTZaFw0yNzA1MjAxMDM5NTZaMIGXMQswCQYDVQQGEwJQ
+TDERMA8GA1UEBwwIV2Fyc3phd2ExFTATBgNVBAoMDFhZWiBTb2Z0d2FyZTE1MDMG
+A1UEAwwsaHR0cDovL3RpemVuLm9yZy9saWNlbnNlZC94eXpzb2Z0d2FyZS9jYW1l
+cmExJzAlBgkqhkiG9w0BCQEWGGRldmVsb3BlckB4eXpzb2Z0d2FyZS5wbDCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANM4GnuC3K+PfvgLEMorjNbagbsD
+ldcs2boeI40Dh62yZcZs0/UnbhPGZsqqYqksAuSgKi+E8biViimE7ocUdTv9zO/8
+C/JpOJ+yFmjS5rp+XW7rQfvT3MTAQhCioQzIgCZ2mSGjS7EecBHBJ6RslLJ5xK0K
+M5IVg6o5R+wBmQ8t+vnLZlFByzbOSIJQiV+DIk6wkBrVDBVlN3CxotxH63+LRpYG
+G688phYaSOh45X+OT61+YZlET72wqovt38sMfUfVk6e8LhSUgZ01JAw+2wj1FiAL
+mlwS9YjpRBhikChiuqM8MygMZWxiG9hMYaKiAdUnxewFn9uft2VgumlDsoNXa7rv
+3NZuwFpA4Rn5BAYXzug+qYEwQBgaUdjaTA6eZX0lIgqTlAD4KrO4VlvqeHpHhsxz
+djKbUZUJ4C2ipY69uqljgkcNGR5G1jxKcu36N8UbQuqbLpeD/hBercIDvZxxNTFq
+PM0GOoy5vxnw+D8S/+Zhmz0gVfYOwsgKHj8qqeLzLuv7am41oj3JJXTwZ+a5rsLL
+dVJRKv0cuQHNLczTkHvUxT9r8IFAHbW4TrNSfFyuL24ZBGugosZphL2w/DH8+Vl5
+rUzB2697B2EiyNFbXvb+om0bRvP/kfrV29PXNfuh2ON7gOJ1LechSbYSXBzPcxb0
+QlLUxUUK7JXZ1EUDAgMBAAGjUDBOMB0GA1UdDgQWBBQTkNCAM9/lC6vAN3IRb6ix
+tETxJzAfBgNVHSMEGDAWgBQTkNCAM9/lC6vAN3IRb6ixtETxJzAMBgNVHRMEBTAD
+AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCWx5LuvRjS8LSUcVd08J1zfxoPo+uoDsQ6
+N3Y6Il/v4vo/L2BZGcsL/hL9XC25JXc4n3AePigEqvOuLytydRnbQsTtInSChWdC
+wsiVFDL+3nh4wQI6oNAejB4/he5kRNToL8Jzj5FF63OIDhirOO4IDQLROXpJACpW
+e1tyR6RmoSSR2/H29dFac33sXsd7ear9qVNYk7taKfRgYcW08ihTRJB30VZ5w8t+
+w35OWq3Uviz7LTfnRlf78OuPtR9COaSGuNvptJiPc8UenK0aFN16u42gCGStRxNh
+BYOvBxwLlZw2c6waQak5hMka5DDqw4AQQV+SW6iVglAOs4uUh0TSSvH3ENpcAS6k
+ceeQT1PpJ5pVjHWMY9yFGIDU+neVPJSRJrhAv4apsGKvAsI4kBUbdhN3A1trNx74
+VztboL8fNIzaZgHAy1N78sSRKfvY4B8SZkBmoUKD6zSsVvrWX4awkZ9KxP0LXDaI
+1PpMTEB7JpcwPIc4tOVeo7u3KpDBWoxAhfJwEuta72zKteC+G5+pBOH3nPZmjpVV
+aELnXNDOegA270vSrXDOibvuhTWN0XJhzSAsh1PHH82mIg/goXSky2uiS4y19GDW
+WUW2Mj1V9+DSd7htYBLJLGgcQg4uJDtoLjOzv7W0ajeLy/P8oHpGJjjMt/I/PDTF
+f0AFDypwwg==
+-----END CERTIFICATE-----
diff --git a/src/security-manager-tests/test_cases_app_defined_privilege.cpp b/src/security-manager-tests/test_cases_app_defined_privilege.cpp

index 0de22f9..ee78b50 100644 (file)
--- a/src/security-manager-tests/test_cases_app_defined_privilege.cpp
+++ b/src/security-manager-tests/test_cases_app_defined_privilege.cpp
@@ -36,228 +36,258 @@ using namespace SecurityManagerTest;
  
  RUNNER_CHILD_TEST(app_defined_01_global_install_untrusted)
  {
-    const Privilege privilege("http://tizen.org/applicationDefinedPrivilege/app_defined_01",
-                              Privilege::UNTRUSTED);
-    const std::string providerAppId = "app_def_01_provider_appid";
-    const std::string consumerAppId = "app_def_01_client_appid";
+    const Privilege privilege(
+        "http://tizen.org/untrusted/devstudio/statistic",
+        Privilege::UNTRUSTED);
+    const std::string providerAppId = "app_def_01_provider";
+    const std::string clientAppId = "app_def_01_client";
      const std::string ownerId = "5001";
      const std::string session = "S0M3S3SSI0N";
  
      AppInstallHelper provider(providerAppId);
-    AppInstallHelper consumer(consumerAppId);
+    AppInstallHelper client(clientAppId);
  
-    std::string consumerLabel = consumer.generateAppLabel();
+    std::string clientLabel = client.generateAppLabel();
  
      provider.addAppDefinedPrivilege(privilege);
-    consumer.addPrivilege(privilege);
+    client.addPrivilege(privilege);
  
      ScopedInstaller req1(provider);
-    ScopedInstaller req2(consumer);
+    ScopedInstaller req2(client);
  
      CynaraTestClient::Client cynara;
-    cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
  
      // uninstall provider
      req1.uninstallApp();
  
-    cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
  }
  
  RUNNER_CHILD_TEST(app_defined_02_global_install_licensed)
  {
-    const Privilege privilege("http://tizen.org/licensedPrivilege/app_defined_02",
-                              "/opt/data/app_defined_02/res/license");
-    const std::string providerAppId = "app_def_02_provider_appid";
-    const std::string consumerAppId = "app_def_02_client_appid";
+    const Privilege providerPrivilegeLicense(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+    const Privilege clientPrivilegeLicense(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+    const std::string providerAppId = "app_def_provider_01";
+    const std::string clientAppId = "app_def_client_01";
      const std::string ownerId = "5001";
      const std::string session = "S0M33S3SSI0N";
  
      AppInstallHelper provider(providerAppId);
-    AppInstallHelper consumer(consumerAppId);
+    AppInstallHelper client(clientAppId);
  
-    std::string consumerLabel = consumer.generateAppLabel();
+    std::string clientLabel = client.generateAppLabel();
  
-    provider.addAppDefinedPrivilege(privilege);
-    consumer.addPrivilege(privilege);
+    provider.addAppDefinedPrivilege(providerPrivilegeLicense);
+    client.addPrivilege(clientPrivilegeLicense);
  
      ScopedInstaller req1(provider);
-    ScopedInstaller req2(consumer);
+    ScopedInstaller req2(client);
  
      CynaraTestClient::Client cynara;
-    cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_ALLOWED);
  
      // uninstall provider
      req1.uninstallApp();
  
-    cynara.check(consumerLabel, session, ownerId, privilege, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
  }
  
  RUNNER_CHILD_TEST(app_defined_03_database_update)
  {
-    // Because of a bug in implementation during installation of
-    // providerB privileges of providerA were deleted from cynara
-    // database. This test should check if bug was fixed.
-    Privilege privilegeA("http://tizen.org/licensedPrivilege/app_defined_03a",
-                         "/opt/data/app_defined_03a/res/license");
-    Privilege privilegeB("http://tizen.org/licensedPrivilege/app_defined_03b",
-                         "/opt/data/app_defined_03b/res/license");
-    const std::string providerAppIdA = "app_def_03a_provider_appid";
-    const std::string providerAppIdB = "app_def_03b_provider_appid";
-    const std::string consumerAppId = "app_def_03_client_appid";
+    const Privilege providerPrivilegeLicenseA(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+    const Privilege clientPrivilegeLicenseA(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+    const Privilege providerPrivilegeLicenseB(
+        "http://tizen.org/licensed/xyzsoftware/camera",
+        "/opt/usr/globalapps/app_def_provider_02_pkg_id/cert/xyzsoftware.pem");
+    const Privilege clientPrivilegeLicenseB(
+        "http://tizen.org/licensed/xyzsoftware/camera",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+
+    const std::string providerAppIdA = "app_def_provider_01";
+    const std::string providerAppIdB = "app_def_provider_02";
+    const std::string clientAppId = "app_def_client_01";
      const std::string ownerId = "5001";
      const std::string session = "S0M33S3SSI0N";
  
      AppInstallHelper providerA(providerAppIdA);
      AppInstallHelper providerB(providerAppIdB);
-    AppInstallHelper consumer(consumerAppId);
-
-    std::string consumerLabel = consumer.generateAppLabel();
+    AppInstallHelper client(clientAppId);
+    client.setHybrid();
+    std::string clientLabel = client.generateAppLabel();
  
-    providerA.addAppDefinedPrivilege(privilegeA);
-    providerB.addAppDefinedPrivilege(privilegeB);
-    consumer.addPrivilege(privilegeA);
-    consumer.addPrivilege(privilegeB);
+    providerA.addAppDefinedPrivilege(providerPrivilegeLicenseA);
+    providerB.addAppDefinedPrivilege(providerPrivilegeLicenseB);
+    client.addPrivilege(clientPrivilegeLicenseA);
+    client.addPrivilege(clientPrivilegeLicenseB);
  
      ScopedInstaller req1(providerA);
      ScopedInstaller req2(providerB);
-    ScopedInstaller req3(consumer);
+    ScopedInstaller req3(client);
  
      CynaraTestClient::Client cynara;
-    cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
  
      // uninstall providerA
      req1.uninstallApp();
  
-    cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
  
      // uninstall providerB
      req2.uninstallApp();
  
-    cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
  }
  
  RUNNER_CHILD_TEST(app_defined_04_app_update)
  {
-    const Privilege privilegeA("http://tizen.org/licensedPrivilege/app_defined_04a",
-                               "/opt/data/app_defined_04a/res/license");
-    const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_04b",
-                               Privilege::UNTRUSTED);
-    const Privilege privilegeC("http://tizen.org/licensedPrivilege/app_defined_04c",
-                               "/opt/data/app_defined_04c/res/license");
-    const std::string providerAppId = "app_def_04_provider_appid";
-    const std::string consumerAppId = "app_def_04_client_appid";
+    const Privilege providerPrivilegeLicenseA(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+    const Privilege clientPrivilegeLicenseA(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+    const Privilege privilegeB(
+        "http://tizen.org/untrusted/devstudio/statistic",
+        Privilege::UNTRUSTED);
+    const Privilege providerPrivilegeLicenseC(
+        "http://tizen.org/licensed/xyzsoftware/camera",
+        "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/xyzsoftware.der");
+    const Privilege clientPrivilegeLicenseC(
+        "http://tizen.org/licensed/xyzsoftware/camera",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+
+    const std::string providerAppId = "app_def_provider_01";
+    const std::string clientAppId = "app_def_client_01";
      const std::string ownerId = "5001";
      const std::string session = "S0M33S3SSI0N";
  
      AppInstallHelper providerV1(providerAppId);
      AppInstallHelper providerV2(providerAppId);
-    AppInstallHelper consumer(consumerAppId);
+    AppInstallHelper client(clientAppId);
  
-    std::string consumerLabel = consumer.generateAppLabel();
+    std::string clientLabel = client.generateAppLabel();
  
-    providerV1.addAppDefinedPrivilege(privilegeA);
+    providerV1.addAppDefinedPrivilege(providerPrivilegeLicenseA);
      providerV1.addAppDefinedPrivilege(privilegeB);
-    consumer.addPrivilege(privilegeA);
-    consumer.addPrivilege(privilegeB);
-    consumer.addPrivilege(privilegeC);
+    client.addPrivilege(clientPrivilegeLicenseA);
+    client.addPrivilege(privilegeB);
+    client.addPrivilege(clientPrivilegeLicenseC);
  
      ScopedInstaller req1(providerV1);
-    ScopedInstaller req2(consumer);
+    ScopedInstaller req2(client);
  
      CynaraTestClient::Client cynara;
-    cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_DENIED);
  
      // update provider version, remove privilegeA, add privilegeC
      providerV2.addAppDefinedPrivilege(privilegeB);
-    providerV2.addAppDefinedPrivilege(privilegeC);
+    providerV2.addAppDefinedPrivilege(providerPrivilegeLicenseC);
  
      ScopedInstaller req3(providerV2);
  
-    cynara.check(consumerLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicenseC, CYNARA_API_ACCESS_ALLOWED);
  }
  
  RUNNER_CHILD_TEST(app_defined_05_global_local_install)
  {
-    const Privilege privilegeA("http://tizen.org/licensedPrivilege/app_defined_05a",
-                               Privilege::UNTRUSTED);
-    const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_05b",
-                               "/opt/data/app_defined_05b/res/license");
-    const Privilege privilegeC("http://tizen.org/applicationDefinedPrivilege/app_defined_05c",
-                               Privilege::UNTRUSTED);
-    const std::string providerAppId = "app_def_05_provider_appid";
-    const std::string consumerAppId = "app_def_05_client_appid";
+    const Privilege privilegeA(
+        "http://tizen.org/untrusted/devstudio/statistic",
+        Privilege::UNTRUSTED);
+    const Privilege providerLocalPrivilegeLicenseB(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/home/security_test_user/apps_rw/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+    const Privilege clientGlobalPrivilegeLicenseB(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/softwaremind.pem");
+    const Privilege clientLocalPrivilegeLicenseB(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/home/security_test_user/apps_rw/app_def_client_01_pkg_id/cert/softwaremind.pem");
+    const Privilege privilegeC(
+        "http://tizen.org/untrusted/gamestudio/football",
+        Privilege::UNTRUSTED);
+
+    const std::string providerAppId = "app_def_provider_01";
+    const std::string clientAppId = "app_def_client_01";
      const std::string ownerId = "5001";
      const std::string bobId = "5002";
      const std::string session = "S0M33S3SSI0N";
  
      AppInstallHelper providerGlobal(providerAppId);
      AppInstallHelper providerLocal(providerAppId, 5002);
-    AppInstallHelper consumerGlobal(consumerAppId);
-    AppInstallHelper consumerLocal(consumerAppId, 5002);
+    AppInstallHelper clientGlobal(clientAppId);
+    AppInstallHelper clientLocal(clientAppId, 5002);
  
-    std::string consumerGlobalLabel = consumerGlobal.generateAppLabel();
-    std::string consumerLocalLabel = consumerLocal.generateAppLabel();
+    std::string clientGlobalLabel = clientGlobal.generateAppLabel();
+    std::string clientLocalLabel = clientLocal.generateAppLabel();
  
      providerGlobal.addAppDefinedPrivilege(privilegeA);
      providerGlobal.addAppDefinedPrivilege(privilegeC);
      providerLocal.addAppDefinedPrivilege(privilegeA);
-    providerLocal.addAppDefinedPrivilege(privilegeB);
+    providerLocal.addAppDefinedPrivilege(providerLocalPrivilegeLicenseB);
  
-    consumerGlobal.addPrivilege(privilegeA);
-    consumerGlobal.addPrivilege(privilegeB);
-    consumerGlobal.addPrivilege(privilegeC);
-
-    consumerLocal.addPrivilege(privilegeB);
-    consumerLocal.addPrivilege(privilegeC);
+    clientGlobal.addPrivilege(privilegeA);
+    clientGlobal.addPrivilege(clientGlobalPrivilegeLicenseB);
+    clientGlobal.addPrivilege(privilegeC);
+    clientLocal.addPrivilege(clientLocalPrivilegeLicenseB);
+    clientLocal.addPrivilege(privilegeC);
  
      CynaraTestClient::Client cynara;
  
      // local provider only and global consumer only
      ScopedInstaller req1(providerLocal);
-    ScopedInstaller req2(consumerGlobal);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerGlobalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+    ScopedInstaller req2(clientGlobal);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientGlobalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientGlobalLabel, session, bobId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientGlobalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
  
      // local provider only and global/local consumer
-    ScopedInstaller req3(consumerLocal);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+    ScopedInstaller req3(clientLocal);
+    cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
  
      // global/local provider and global/local consumer
      ScopedInstaller req4(providerGlobal);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_ALLOWED);
-    //cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_ALLOWED);
+    //cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_DENIED);
  
      // global provider only and global/local consumer
      req1.uninstallApp();
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeB, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientLocalLabel, session, bobId, privilegeA, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLocalLabel, session, bobId, clientLocalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientLocalLabel, session, bobId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
  
      // global provider only and global consumer only
      req3.uninstallApp();
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeB, CYNARA_API_ACCESS_DENIED);
-    cynara.check(consumerGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeA, CYNARA_API_ACCESS_ALLOWED);
+    cynara.check(clientGlobalLabel, session, ownerId, clientGlobalPrivilegeLicenseB, CYNARA_API_ACCESS_DENIED);
+    cynara.check(clientGlobalLabel, session, ownerId, privilegeC, CYNARA_API_ACCESS_ALLOWED);
  }
  
  RUNNER_CHILD_TEST(app_defined_06_get_provider)
@@ -265,15 +295,17 @@ RUNNER_CHILD_TEST(app_defined_06_get_provider)
      int result;
      char *pkgId = nullptr;
      char *appId = nullptr;
-    const Privilege privilegeA("http://tizen.org/applicationDefinedPrivilege/app_defined_06a",
-                               Privilege::UNTRUSTED);
-    const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_06b",
-                               Privilege::UNTRUSTED);
-    const std::string providerId = "app_def_06_provider";
+    const Privilege privilegeA(
+        "http://tizen.org/untrusted/devstudio/statistic",
+        Privilege::UNTRUSTED);
+    const Privilege privilegeB(
+        "http://tizen.org/untrusted/gamestudio/running",
+        Privilege::UNTRUSTED);
+    const std::string providerAppId = "app_def_06_provider";
      uid_t uid = 5001;
  
-    AppInstallHelper providerGlobal(providerId);
-    AppInstallHelper providerLocal(providerId, uid);
+    AppInstallHelper providerGlobal(providerAppId);
+    AppInstallHelper providerLocal(providerAppId, uid);
      providerGlobal.addAppDefinedPrivilege(privilegeB);
      providerLocal.addAppDefinedPrivilege(privilegeA);
      ScopedInstaller req1(providerGlobal);
@@ -334,22 +366,23 @@ RUNNER_CHILD_TEST(app_defined_07_get_provider_license)
  {
      int result;
      char *license = nullptr;
-    const Privilege privilegeA("http://tizen.org/applicationDefinedPrivilege/app_defined_07a",
-                               "/opt/data/app_defined_07a/res/license");
-    const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_07b",
-                               "/opt/data/app_defined_07b/res/license");
-    const Privilege privilegeC("http://tizen.org/applicationDefinedPrivilege/app_defined_07c",
-                               "/opt/data/app_defined_07c/res/license");
-    const Privilege privilegeCuntrusted(privilegeC.getName(), Privilege::UNTRUSTED);
-    const std::string providerId = "app_def_07_provider";
-    uid_t uid = 5001;
+    const Privilege providerLocalPrivilegeLicenseA(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/home/security_test_user/apps_rw/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+    const Privilege providerGlobalPrivilegeLicenseB(
+        "http://tizen.org/licensed/xyzsoftware/camera",
+        "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/xyzsoftware.der");
+    const Privilege privilegeBuntrusted(
+        providerGlobalPrivilegeLicenseB.getName(), Privilege::UNTRUSTED);
+
+    const std::string providerAppId = "app_def_provider_01";
+    uid_t uid = 5002;
  
-    AppInstallHelper providerGlobal(providerId);
-    AppInstallHelper providerLocal(providerId, uid);
-    providerGlobal.addAppDefinedPrivilege(privilegeB);
-    providerGlobal.addAppDefinedPrivilege(privilegeC);
-    providerLocal.addAppDefinedPrivilege(privilegeA);
-    providerLocal.addAppDefinedPrivilege(privilegeCuntrusted);
+    AppInstallHelper providerGlobal(providerAppId);
+    AppInstallHelper providerLocal(providerAppId, uid);
+    providerGlobal.addAppDefinedPrivilege(providerGlobalPrivilegeLicenseB);
+    providerLocal.addAppDefinedPrivilege(providerLocalPrivilegeLicenseA);
+    providerLocal.addAppDefinedPrivilege(privilegeBuntrusted);
  
      ScopedInstaller req1(providerGlobal);
      ScopedInstaller req2(providerLocal);
@@ -358,37 +391,31 @@ RUNNER_CHILD_TEST(app_defined_07_get_provider_license)
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_app_defined_privilege_license(privilegeA, uid, nullptr);
+    result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid, nullptr);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
  
      result = security_manager_get_app_defined_privilege_license("noExistingPrivilege", uid, &license);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_app_defined_privilege_license(privilegeC, uid, &license);
+    result = security_manager_get_app_defined_privilege_license(privilegeBuntrusted, uid, &license);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_app_defined_privilege_license(privilegeA, uid+1, &license);
+    result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid+1, &license);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_app_defined_privilege_license(privilegeB, uid, &license);
-    RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
-    RUNNER_ASSERT(license && privilegeB.getLicense() == license);
-    free(license);
-    license = nullptr;
-
-    result = security_manager_get_app_defined_privilege_license(privilegeA, uid, &license);
+    result = security_manager_get_app_defined_privilege_license(providerLocalPrivilegeLicenseA, uid, &license);
      RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
-    RUNNER_ASSERT(license && privilegeA.getLicense() == license);
+    RUNNER_ASSERT(license && providerLocalPrivilegeLicenseA.getLicense() == license);
      free(license);
      license = nullptr;
  
      req2.uninstallApp();
-    result = security_manager_get_app_defined_privilege_license(privilegeC, uid, &license);
+    result = security_manager_get_app_defined_privilege_license(providerGlobalPrivilegeLicenseB, uid, &license);
      RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege provider license failed");
-    RUNNER_ASSERT(license && privilegeC.getLicense() == license);
+    RUNNER_ASSERT(license && providerGlobalPrivilegeLicenseB.getLicense() == license);
      free(license);
      license = nullptr;
  }
@@ -397,24 +424,23 @@ RUNNER_CHILD_TEST(app_defined_08_add_get_client_license)
  {
      int result;
      char *license = nullptr;
-
-    const Privilege privilegeA("http://tizen.org/applicationDefinedPrivilege/app_defined_08a",
-                               "/opt/data/app_defined_08a/res/license");
-    const Privilege privilegeB("http://tizen.org/applicationDefinedPrivilege/app_defined_08b",
-                               "/opt/data/app_defined_08b/res/license");
-    const Privilege privilegeC("http://tizen.org/applicationDefinedPrivilege/app_defined_08c",
-                               "/opt/data/app_defined_08c/res/license");
-    const Privilege privilegeCunset(privilegeC.getName(), Privilege::UNTRUSTED);
-
-    const std::string clientId = "app_def_08_client";
-    uid_t uid = 5001;
-
-    AppInstallHelper clientGlobal(clientId);
-    AppInstallHelper clientLocal(clientId, uid);
-    clientGlobal.addPrivilege(privilegeB);
-    clientGlobal.addPrivilege(privilegeC);
-    clientLocal.addPrivilege(privilegeA);
-    clientLocal.addPrivilege(privilegeCunset);
+    const Privilege clientLocalPrivilegeLicenseA(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/home/security_test_user/apps_rw/app_def_client_01_pkg_id/cert/softwaremind.pem");
+    const Privilege clientGlobalPrivilegeLicenseB(
+        "http://tizen.org/licensed/xyzsoftware/camera",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+    const Privilege privilegeBuntrusted(
+        clientGlobalPrivilegeLicenseB.getName(), Privilege::UNTRUSTED);
+
+    const std::string clientAppId = "app_def_client_01";
+    uid_t uid = 5002;
+
+    AppInstallHelper clientGlobal(clientAppId);
+    AppInstallHelper clientLocal(clientAppId, uid);
+    clientGlobal.addPrivilege(clientGlobalPrivilegeLicenseB);
+    clientLocal.addPrivilege(clientLocalPrivilegeLicenseA);
+    clientLocal.addPrivilege(privilegeBuntrusted);
      ScopedInstaller req1(clientGlobal);
      ScopedInstaller req2(clientLocal);
  
@@ -424,12 +450,12 @@ RUNNER_CHILD_TEST(app_defined_08_add_get_client_license)
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_client_privilege_license(privilegeA, nullptr,
+    result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA, nullptr,
                                                             uid, &license);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_client_privilege_license(privilegeA,
+    result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
                                                             clientLocal.getAppId().c_str(),
                                                             uid, nullptr);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_INPUT_PARAM);
@@ -440,50 +466,78 @@ RUNNER_CHILD_TEST(app_defined_08_add_get_client_license)
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_client_privilege_license(privilegeA, "noExistingApp",
+    result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA, "noExistingApp",
                                                             uid, &license);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_client_privilege_license(privilegeC,
+    result = security_manager_get_client_privilege_license(privilegeBuntrusted,
                                                             clientLocal.getAppId().c_str(),
                                                             uid, &license);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_client_privilege_license(privilegeA,
+    result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
                                                             clientLocal.getAppId().c_str(),
                                                             uid+1, &license);
      RUNNER_ASSERT(result == SECURITY_MANAGER_ERROR_NO_SUCH_OBJECT);
      RUNNER_ASSERT(license == nullptr);
  
-    result = security_manager_get_client_privilege_license(privilegeA,
+    result = security_manager_get_client_privilege_license(clientLocalPrivilegeLicenseA,
                                                             clientLocal.getAppId().c_str(),
                                                             uid, &license);
      RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege license failed");
-    RUNNER_ASSERT(license && privilegeA.getLicense() == license);
+    RUNNER_ASSERT(license && clientLocalPrivilegeLicenseA.getLicense() == license);
      free(license);
      license = nullptr;
  
      req2.uninstallApp();
-    result = security_manager_get_client_privilege_license(privilegeB,
+    result = security_manager_get_client_privilege_license(clientGlobalPrivilegeLicenseB,
                                                             clientGlobal.getAppId().c_str(),
                                                             uid, &license);
      RUNNER_ASSERT_MSG(result == SECURITY_MANAGER_SUCCESS, "getting privilege license failed");
-    RUNNER_ASSERT(license && privilegeB.getLicense() == license);
+    RUNNER_ASSERT(license && clientGlobalPrivilegeLicenseB.getLicense() == license);
      free(license);
      license = nullptr;
  }
  
  RUNNER_CHILD_TEST(app_defined_09_check_system_privileges)
  {
-    const std::string providerId = "app_def_09_provider";
+    const std::string providerAppId = "app_def_09_provider";
      const Privilege privilege("http://tizen.org/privilege/internet", Privilege::UNTRUSTED);
  
      InstallRequest requestInst;
-    requestInst.setAppId(providerId);
-    requestInst.setPkgId(providerId);
+    requestInst.setAppId(providerAppId);
+    requestInst.setPkgId(providerAppId);
      requestInst.addAppDefinedPrivilege(privilege);
      Api::install(requestInst, SECURITY_MANAGER_ERROR_INPUT_PARAM);
      Api::uninstall(requestInst);
+}
+
+RUNNER_CHILD_TEST(app_defined_10_invalid_license)
+{
+    const Privilege providerPrivilegeLicense(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_provider_01_pkg_id/cert/abcsoftware.pem");
+    const Privilege clientPrivilegeLicense(
+        "http://tizen.org/licensed/abcsoftware/calendar",
+        "/opt/usr/globalapps/app_def_client_01_pkg_id/cert/futuremind.der");
+    const std::string providerAppId = "app_def_provider_01";
+    const std::string clientAppId = "app_def_client_01";
+    const std::string ownerId = "5001";
+    const std::string session = "S0M33S3SSI0N";
+
+    AppInstallHelper provider(providerAppId);
+    AppInstallHelper client(clientAppId);
+    client.setHybrid();
+    std::string clientLabel = client.generateAppLabel();
+
+    provider.addAppDefinedPrivilege(providerPrivilegeLicense);
+    client.addPrivilege(clientPrivilegeLicense);
+
+    ScopedInstaller req1(provider);
+    ScopedInstaller req2(client);
+
+    CynaraTestClient::Client cynara;
+    cynara.check(clientLabel, session, ownerId, clientPrivilegeLicense, CYNARA_API_ACCESS_DENIED);
  }
 \ No newline at end of file
author	Dariusz Michaluk <d.michaluk@samsung.com>
	Mon, 22 May 2017 15:29:33 +0000 (17:29 +0200)
committer	Dariusz Michaluk <d.michaluk@samsung.com>
	Mon, 12 Jun 2017 11:41:28 +0000 (13:41 +0200)
packaging/security-tests.spec		patch \| blob \| history
src/security-manager-tests/CMakeLists.txt		patch \| blob \| history
src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/futuremind.der	[new file with mode: 0644]	patch \| blob
src/security-manager-tests/app_files/app_def_client_01_pkg_id/cert/softwaremind.pem	[new file with mode: 0644]	patch \| blob
src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/abcsoftware.pem	[new file with mode: 0644]	patch \| blob
src/security-manager-tests/app_files/app_def_provider_01_pkg_id/cert/xyzsoftware.der	[new file with mode: 0644]	patch \| blob
src/security-manager-tests/app_files/app_def_provider_02_pkg_id/cert/xyzsoftware.pem	[new file with mode: 0644]	patch \| blob
src/security-manager-tests/test_cases_app_defined_privilege.cpp		patch \| blob \| history