--- /dev/null
- #include <dbus_access.h>
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file ckm-common.cpp
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ */
+#include <string>
+
+#include <sys/smack.h>
+#include <ckmc/ckmc-type.h>
+#include <ckm-common.h>
+#include <tests_common.h>
+#include <access_provider2.h>
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-manager.h>
+#include <ckmc/ckmc-control.h>
+#include <ckmc/ckmc-manager.h>
- "/org/freedesktop/systemd1/unit/central_2dkey_2dmanager_2dlistener_2eservice",
- "/org/freedesktop/systemd1/unit/central_2dkey_2dmanager_2eservice" };
++#include <service_manager.h>
+
+const char* SERVICE[] = {
- DBusAccess dbus(SERVICE[idx]);
- dbus.start();
++ "central-key-manager-listener.service",
++ "central-key-manager.service" };
+
+void start_service(ServiceIdx idx)
+{
- DBusAccess dbus(SERVICE[idx]);
- dbus.stop();
++ ServiceManager sm(SERVICE[idx]);
++ sm.startService();
+}
+
+void stop_service(ServiceIdx idx)
+{
++ ServiceManager sm(SERVICE[idx]);
++ sm.stopService();
+}
+
+
+void switch_to_storage_user(const char* label)
+{
+ AccessProvider ap(label);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(APP_UID, APP_GID);
+}
+
+void switch_to_storage_ocsp_user(const char* label)
+{
+ AccessProvider ap(label);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.allowAPI("key-manager::api-ocsp", "rw");
+ ap.applyAndSwithToUser(APP_UID, APP_GID);
+}
+
+DBCleanup::~DBCleanup()
+{
+ // Let it throw. If db can't be cleared further tests are unreliable
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ for(const auto& it:m_aliases)
+ mgr->removeAlias(it);
+ m_aliases.clear();
+}
+
+// returns process label
+CharPtr get_label()
+{
+ int ret;
+ char* my_label = NULL;
+ RUNNER_ASSERT_MSG(0 <= (ret = smack_new_label_from_self(&my_label)),
+ "Failed to get smack label for self. Error: " << ret);
+
+ return CharPtr(my_label, free);
+}
+
+std::string aliasWithLabel(const char *label, const char *alias)
+{
+ if(label)
+ {
+ std::stringstream ss;
+ ss << label << std::string(ckmc_label_name_separator) << alias;
+ return ss.str();
+ }
+ return std::string(alias);
+}
+
+// changes process label
+void change_label(const char* label)
+{
+ int ret = smack_set_label_for_self(label);
+ RUNNER_ASSERT_MSG(0 == ret, "Error in smack_set_label_for_self. Error: " << ret);
+}
+
+ScopedLabel::ScopedLabel(const char* label) : m_original_label(get_label())
+{
+ change_label(label);
+}
+
+ScopedLabel::~ScopedLabel()
+{
+ /*
+ * Let it throw. If we can't restore label then remaining tests results will be
+ * unreliable anyway.
+ */
+ change_label(m_original_label.get());
+}
+
+const char * CKMCErrorToString(int error) {
+#define ERRORDESCRIBE(name) case name: return #name
+ switch(error) {
+ ERRORDESCRIBE(CKMC_ERROR_NONE);
+ ERRORDESCRIBE(CKMC_ERROR_INVALID_PARAMETER);
+ ERRORDESCRIBE(CKMC_ERROR_OUT_OF_MEMORY);
+ ERRORDESCRIBE(CKMC_ERROR_PERMISSION_DENIED);
+ ERRORDESCRIBE(CKMC_ERROR_SOCKET);
+ ERRORDESCRIBE(CKMC_ERROR_BAD_REQUEST);
+ ERRORDESCRIBE(CKMC_ERROR_BAD_RESPONSE);
+ ERRORDESCRIBE(CKMC_ERROR_SEND_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_RECV_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_AUTHENTICATION_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_BUFFER_TOO_SMALL);
+ ERRORDESCRIBE(CKMC_ERROR_SERVER_ERROR);
+ ERRORDESCRIBE(CKMC_ERROR_DB_LOCKED);
+ ERRORDESCRIBE(CKMC_ERROR_DB_ERROR);
+ ERRORDESCRIBE(CKMC_ERROR_DB_ALIAS_EXISTS);
+ ERRORDESCRIBE(CKMC_ERROR_DB_ALIAS_UNKNOWN);
+ ERRORDESCRIBE(CKMC_ERROR_VERIFICATION_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_INVALID_FORMAT);
+ ERRORDESCRIBE(CKMC_ERROR_FILE_ACCESS_DENIED);
+ ERRORDESCRIBE(CKMC_ERROR_NOT_EXPORTABLE);
+ ERRORDESCRIBE(CKMC_ERROR_FILE_SYSTEM);
+ ERRORDESCRIBE(CKMC_ERROR_UNKNOWN);
+ default: return "Error not defined";
+ }
+#undef ERRORDESCRIBE
+}
+
+std::string CKMCReadableError(int error) {
+ std::string output("Error: ");
+ output += std::to_string(error);
+ output += " Description: ";
+ output += CKMCErrorToString(error);
+ return output;
+}
+
+void unlock_user_data(uid_t user_id, const char *passwd)
+{
+ int ret;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (ret = control->unlockUserKey(user_id, passwd)),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+void remove_user_data(uid_t user_id)
+{
+ int ret;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (ret = control->lockUserKey(user_id)),
+ "Error=" << CKM::ErrorToString(ret));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (ret = control->removeUserData(user_id)),
+ "Remove user data failed with error: " << CKM::ErrorToString(ret));
+}
+
+void reset_user_data(uid_t user_id, const char *passwd)
+{
+ remove_user_data(user_id);
+ unlock_user_data(user_id, passwd);
+}
--- /dev/null
- #include <dbus_access.h>
+/*
+ * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ */
+/*
+ * @file security_server_tests_clean_env.cpp
+ * @author Zbigniew Jasinski (z.jasinski@samsung.com)
+ * @version 1.0
+ * @brief Functions to prepare clean env for tests.
+ *
+ */
+
+#include <ftw.h>
+#include <unistd.h>
+
+#include <ckm/ckm-control.h>
+
- DBusAccess dbusAccess("/org/freedesktop/systemd1/unit/security_2dserver_2eservice");
-
- dbusAccess.restart();
++#include <service_manager.h>
+#include <clean-env.h>
+
+int restart_security_server() {
++ ServiceManager sm("security-server.service");
++ sm.restartService();
+
+ return 0;
+}
+
+static int nftw_rmdir_contents(const char *fpath, const struct stat * /*sb*/,
+ int tflag, struct FTW *ftwbuf)
+{
+ if (tflag == FTW_F)
+ unlink(fpath);
+ else if (tflag == FTW_DP && ftwbuf->level != 0)
+ rmdir(fpath);
+
+ return 0;
+}
+
+/**
+ * This function should be called at the begining of every SS test, so all the tests
+ * are independent of each other.
+ */
+int reset_security_server()
+{
+ const char* path = "/opt/data/security-server/";
+ const int max_descriptors = 10; //max number of open file descriptors by nftw function
+
+ // Clear /opt/data/security-server/ directory
+ if (access(path, F_OK) == 0) {
+ if (nftw(path, &nftw_rmdir_contents, max_descriptors, FTW_DEPTH) == -1) {
+ return 1;
+ }
+ sync();
+ }
+
+ restart_security_server();
+ auto control = CKM::Control::create();
+
+ if (!!control) {
+ control->lockUserKey(5000);
+ control->removeUserData(5000);
+ control->unlockUserKey(5000, "");
+ }
+
+ return 0;
+}
+