summaryrefslogtreecommitdiff
path: root/tests/encryption-scheme/scheme-test.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'tests/encryption-scheme/scheme-test.cpp')
-rw-r--r--tests/encryption-scheme/scheme-test.cpp206
1 files changed, 84 insertions, 122 deletions
diff --git a/tests/encryption-scheme/scheme-test.cpp b/tests/encryption-scheme/scheme-test.cpp
index 73cca051..66a9fa01 100644
--- a/tests/encryption-scheme/scheme-test.cpp
+++ b/tests/encryption-scheme/scheme-test.cpp
@@ -18,7 +18,6 @@
* @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
* @version 1.0
*/
-#include <scheme-test.h>
#include <sys/smack.h>
#include <sys/types.h>
@@ -34,10 +33,6 @@
#include <stdexcept>
#include <vector>
-#include <boost/test/unit_test.hpp>
-
-#include <smack-access.h>
-
#include <db-crypto.h>
#include <file-system.h>
#include <key-provider.h>
@@ -45,6 +40,10 @@
#include <crypto-init.h>
#include <dpl/errno_string.h>
+#include <scheme-test.h>
+#include <smack-access.h>
+#include <assert-wrapper.h>
+
using namespace CKM;
using namespace std;
@@ -308,7 +307,7 @@ uid_t getUid(const char *name)
std::vector<char> buf(bufsize, 0);
int ret = getpwnam_r(name, &pwd, buf.data(), bufsize, &result);
- BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getpwnam_r failed");
+ ASSERT_MSG(ret == 0 && result, "getpwnam_r failed");
return pwd.pw_uid;
}
@@ -327,7 +326,7 @@ gid_t getGid(const char *name)
std::vector<char> buf(bufsize, 0);
int ret = getgrnam_r(name, &grp, buf.data(), bufsize, &result);
- BOOST_REQUIRE_MESSAGE(ret == 0 && result, "getgrnam_r failed");
+ ASSERT_MSG(ret == 0 && result, "getgrnam_r failed");
return grp.gr_gid;
}
@@ -343,50 +342,47 @@ void restoreFile(const string &filename)
int sourceFd = TEMP_FAILURE_RETRY(open(sourcePath.c_str(), O_RDONLY));
err = errno;
- BOOST_REQUIRE_MESSAGE(sourceFd > 0,
- "Opening " << sourcePath << " failed: " << GetErrnoString(err));
+ ASSERT_MSG(sourceFd > 0, "Opening " << sourcePath << " failed: " << GetErrnoString(err));
FdPtr sourceFdPtr(&sourceFd);
int targetFd = TEMP_FAILURE_RETRY(creat(targetPath.c_str(), 0644));
err = errno;
- BOOST_REQUIRE_MESSAGE(targetFd > 0,
- "Creating " << targetPath << " failed: " << GetErrnoString(err));
+ ASSERT_MSG(targetFd > 0, "Creating " << targetPath << " failed: " << GetErrnoString(err));
ret = fchown(targetFd, CKM_UID, CKM_GID);
err = errno;
- BOOST_REQUIRE_MESSAGE(ret != -1, "fchown() failed: " << GetErrnoString(err));
+ ASSERT_MSG(ret != -1, "fchown() failed: " << GetErrnoString(err));
FdPtr targetFdPtr(&targetFd);
struct stat sourceStat;
ret = fstat(sourceFd, &sourceStat);
err = errno;
- BOOST_REQUIRE_MESSAGE(ret != -1, "fstat() failed: " << GetErrnoString(err));
+ ASSERT_MSG(ret != -1, "fstat() failed: " << GetErrnoString(err));
ret = sendfile(targetFd, sourceFd, 0, sourceStat.st_size);
err = errno;
- BOOST_REQUIRE_MESSAGE(ret != -1, "sendfile() failed: " << GetErrnoString(err));
+ ASSERT_MSG(ret != -1, "sendfile() failed: " << GetErrnoString(err));
ret = fsync(targetFd);
err = errno;
- BOOST_REQUIRE_MESSAGE(ret != -1, "fsync() failed: " << GetErrnoString(err));
+ ASSERT_MSG(ret != -1, "fsync() failed: " << GetErrnoString(err));
}
void generateRandom(size_t random_bytes, unsigned char *output)
{
if (random_bytes <= 0 || !output)
- throw runtime_error("Invalid param");
+ ASSERT_FAIL("Invalid param");
std::ifstream is("/dev/urandom", std::ifstream::binary);
- if (!is)
- throw runtime_error("Failed to read /dev/urandom");
+ ASSERT_MSG(is, "Failed to read /dev/urandom");
is.read(reinterpret_cast<char *>(output), random_bytes);
- if (static_cast<std::streamsize>(random_bytes) != is.gcount())
- throw runtime_error("Not enough bytes read from /dev/urandom");
+ ASSERT_MSG(static_cast<std::streamsize>(random_bytes) == is.gcount(),
+ "Not enough bytes read from /dev/urandom");
}
RawBuffer createRandomBuffer(size_t random_bytes)
@@ -420,11 +416,9 @@ SchemeTest::~SchemeTest()
void SchemeTest::RemoveUserData()
{
- if (CKM_API_SUCCESS != m_control->lockUserKey(UID))
- throw runtime_error("lockUserKey failed");
+ ASSERT_MSG(m_control->lockUserKey(UID) == CKM_API_SUCCESS, "lockUserKey failed");
- if (CKM_API_SUCCESS != m_control->removeUserData(UID))
- throw runtime_error("removeUserData failed");
+ ASSERT_MSG(m_control->removeUserData(UID) == CKM_API_SUCCESS, "removeUserData failed");
}
void SchemeTest::SwitchToUser()
@@ -432,26 +426,21 @@ void SchemeTest::SwitchToUser()
if (m_userChanged)
return;
- if (CKM_API_SUCCESS != m_control->unlockUserKey(UID, DBPASS))
- throw runtime_error("unlockUserKey failed");
+ ASSERT_MSG(m_control->unlockUserKey(UID, DBPASS) == CKM_API_SUCCESS, "unlockUserKey failed");
// get calling label
char *label = NULL;
- if (smack_new_label_from_self(&label) <= 0)
- throw runtime_error("smack_new_label_from_self failed");
+ ASSERT_MSG(smack_new_label_from_self(&label) > 0, "smack_new_label_from_self failed");
m_origLabel = string(label);
free(label);
- if (0 > smack_set_label_for_self(LABEL))
- throw runtime_error("smack_set_label_for_self failed");
+ ASSERT_MSG(smack_set_label_for_self(LABEL) == 0, "smack_set_label_for_self failed");
- if (0 > setegid(GID))
- throw runtime_error("setegid failed");
+ ASSERT_MSG(setegid(GID) == 0, "setegid failed");
- if (0 > seteuid(UID))
- throw runtime_error("seteuid failed");
+ ASSERT_MSG(seteuid(UID) == 0, "seteuid failed");
m_userChanged = true;
}
@@ -461,17 +450,14 @@ void SchemeTest::SwitchToRoot()
if (!m_userChanged)
return;
- if (0 > seteuid(0))
- throw runtime_error("seteuid failed");
+ ASSERT_MSG(seteuid(0) == 0, "seteuid failed");
- if (0 > setegid(0))
- throw runtime_error("setegid failed");
+ ASSERT_MSG(setegid(0) == 0, "setegid failed");
- if (0 > smack_set_label_for_self(m_origLabel.c_str()))
- throw runtime_error("smack_set_label_for_self failed");
+ ASSERT_MSG(smack_set_label_for_self(m_origLabel.c_str()) == 0,
+ "smack_set_label_for_self failed");
- if (m_control->lockUserKey(UID) != CKM_API_SUCCESS)
- throw runtime_error("lockUserKey failed");
+ ASSERT_MSG(m_control->lockUserKey(UID) == CKM_API_SUCCESS, "lockUserKey failed");
}
void SchemeTest::FillDb()
@@ -479,15 +465,13 @@ void SchemeTest::FillDb()
// pkcs
ifstream is(DB_TEST_DIR "/encryption-scheme.p12");
- if (!is)
- throw runtime_error("Failed to read pkcs");
+ ASSERT_MSG(is, "Failed to read pkcs");
istreambuf_iterator<char> begin(is), end;
RawBuffer pkcsBuffer(begin, end);
auto pkcs = PKCS12::create(pkcsBuffer, Password());
- if (pkcs->empty())
- throw runtime_error("Empty pkcs");
+ ASSERT_MSG(!pkcs->empty(), "Empty pkcs");
SwitchToUser();
@@ -505,42 +489,40 @@ void SchemeTest::FillDb()
for (const auto &g : GROUPS) {
switch (g.type) {
case Group::KEY_PAIR_RSA:
- if (g.items.size() != 2)
- throw runtime_error("Wrong number of keys");
+ ASSERT_MSG(g.items.size() == 2, "Wrong number of keys");
if (g.items[0].type != DataType::KEY_RSA_PRIVATE ||
g.items[1].type != DataType::KEY_RSA_PUBLIC)
- throw runtime_error("Invalid item type");
+ ASSERT_FAIL("Invalid item type");
if (CKM_API_SUCCESS != m_mgr->createKeyPairRSA(1024,
g.items[0].alias,
g.items[1].alias,
g.items[0].policy,
g.items[1].policy))
- throw runtime_error("createKeyPair failed");
+ ASSERT_FAIL("createKeyPair failed");
break;
case Group::CERT_CHAIN:
- if (g.items.size() != CHAIN_SIZE)
- throw runtime_error("Wrong number of certificates");
+ ASSERT_MSG(g.items.size() == CHAIN_SIZE, "Wrong number of certificates");
if (g.items[0].type != DataType::CERTIFICATE ||
g.items[1].type != DataType::CERTIFICATE ||
g.items[2].type != DataType::CERTIFICATE)
- throw runtime_error("Invalid item type");
+ ASSERT_FAIL("Invalid item type");
if (CKM_API_SUCCESS != m_mgr->saveCertificate(g.items[0].alias, rootCa,
g.items[0].policy))
- throw runtime_error("saveCertificate failed");
+ ASSERT_FAIL("saveCertificate failed");
if (CKM_API_SUCCESS != m_mgr->saveCertificate(g.items[1].alias, imCa,
g.items[1].policy))
- throw runtime_error("saveCertificate failed");
+ ASSERT_FAIL("saveCertificate failed");
if (CKM_API_SUCCESS != m_mgr->saveCertificate(g.items[2].alias, leaf,
g.items[2].policy))
- throw runtime_error("saveCertificate failed");
+ ASSERT_FAIL("saveCertificate failed");
break;
@@ -549,24 +531,24 @@ void SchemeTest::FillDb()
switch (i.type) {
case DataType::BINARY_DATA:
if (CKM_API_SUCCESS != m_mgr->saveData(i.alias, TEST_DATA, i.policy))
- throw runtime_error("saveData failed");
+ ASSERT_FAIL("saveData failed");
break;
case DataType::KEY_AES:
if (CKM_API_SUCCESS != m_mgr->createKeyAES(256, i.alias, i.policy))
- throw runtime_error("createKeyAES failed");
+ ASSERT_FAIL("createKeyAES failed");
break;
case DataType::CHAIN_CERT_0: // PKCS
if (CKM_API_SUCCESS != m_mgr->savePKCS12(i.alias, pkcs, i.policy, i.policy))
- throw runtime_error("savePkcs12 failed");
+ ASSERT_FAIL("savePkcs12 failed");
break;
default:
- throw runtime_error("unsupported data type");
+ ASSERT_FAIL("unsupported data type");
}
}
@@ -595,8 +577,8 @@ void SchemeTest::ReadAll(bool useWrongPass)
case DataType::BINARY_DATA: {
RawBuffer receivedData;
ret = m_mgr->getData(i.alias, pass, receivedData);
- BOOST_REQUIRE_MESSAGE(useWrongPass || receivedData == TEST_DATA,
- "Received data is different for " << i.alias);
+ ASSERT_MSG(useWrongPass || receivedData == TEST_DATA,
+ "Received data is different for " << i.alias);
break;
}
@@ -621,20 +603,20 @@ void SchemeTest::ReadAll(bool useWrongPass)
}
default:
- BOOST_FAIL("Unsupported data type " << i.type);
+ ASSERT_FAIL("Unsupported data type " << i.type);
}
if (i.policy.extractable) {
if (useWrongPass)
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_ERROR_AUTHENTICATION_FAILED,
- "Reading item " << i.alias << " should fail with " <<
- CKM_API_ERROR_AUTHENTICATION_FAILED << " got: " << ret);
+ ASSERT_MSG(ret == CKM_API_ERROR_AUTHENTICATION_FAILED,
+ "Reading item " << i.alias << " should fail with " <<
+ CKM_API_ERROR_AUTHENTICATION_FAILED << " got: " << ret);
else
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS, "Reading item " << i.alias <<
- " failed with " << ret);
+ ASSERT_MSG(ret == CKM_API_SUCCESS,
+ "Reading item " << i.alias << " failed with " << ret);
} else {
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_ERROR_NOT_EXPORTABLE, "Item " << i.alias <<
- " should not be exportable");
+ ASSERT_MSG(ret == CKM_API_ERROR_NOT_EXPORTABLE,
+ "Item " << i.alias << " should not be exportable");
}
}
}
@@ -646,9 +628,9 @@ void SchemeTest::SignVerify()
for (const auto &g : GROUPS) {
if (g.type == Group::KEY_PAIR_RSA) {
- BOOST_REQUIRE_MESSAGE(g.items.size() == 2, "Wrong number of keys");
- BOOST_REQUIRE_MESSAGE(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
- g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
+ ASSERT_MSG(g.items.size() == 2, "Wrong number of keys");
+ ASSERT_MSG(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
+ g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
SignVerifyItem(g.items[0], g.items[1]);
} else {
@@ -672,9 +654,9 @@ void SchemeTest::EncryptDecrypt()
for (const auto &g : GROUPS) {
if (g.type == Group::KEY_PAIR_RSA) {
- BOOST_REQUIRE_MESSAGE(g.items.size() == 2, "Wrong number of keys");
- BOOST_REQUIRE_MESSAGE(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
- g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
+ ASSERT_MSG(g.items.size() == 2, "Wrong number of keys");
+ ASSERT_MSG(g.items[0].type == DataType::KEY_RSA_PRIVATE &&
+ g.items[1].type == DataType::KEY_RSA_PUBLIC, "Wrong key");
EncryptDecryptItem(g.items[0], g.items[1]);
} else {
@@ -702,10 +684,10 @@ void SchemeTest::CreateChain()
for (const auto &g : GROUPS) {
if (g.type == Group::CERT_CHAIN) {
- BOOST_REQUIRE_MESSAGE(g.items.size() == CHAIN_SIZE, "Not enough certificates");
+ ASSERT_MSG(g.items.size() == CHAIN_SIZE, "Not enough certificates");
for (const auto &c : g.items)
- BOOST_REQUIRE_MESSAGE(c.type == DataType::CERTIFICATE, "Wrong item type");
+ ASSERT_MSG(c.type == DataType::CERTIFICATE, "Wrong item type");
Items trusted(CHAIN_SIZE - 1);
std::copy(g.items.begin(), g.items.begin() + CHAIN_SIZE - 1, trusted.begin());
@@ -728,8 +710,8 @@ void SchemeTest::RemoveAll()
for (const auto &g : GROUPS) {
for (const auto &i : g.items) {
int ret = m_mgr->removeAlias(i.alias);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "removeAlias() failed with " << ret << " for " << i.alias);
+ ASSERT_MSG(ret == CKM_API_SUCCESS,
+ "removeAlias() failed with " << ret << " for " << i.alias);
}
}
}
@@ -771,13 +753,12 @@ void SchemeTest::CheckSchemeVersion(const ItemFilter &filter, int version)
DB::RowVector rows;
m_db->getRows(i.alias, OWNER, filter.typeFrom, filter.typeTo, rows);
- BOOST_REQUIRE_MESSAGE(rows.size() > 0, "No rows found for " << i.alias);
+ ASSERT_MSG(rows.size() > 0, "No rows found for " << i.alias);
for (const auto &r : rows) {
- BOOST_REQUIRE_MESSAGE(
- (r.encryptionScheme >> ENC_SCHEME_OFFSET) == version,
- "Wrong encryption scheme for " << i.alias << ". Expected " << version <<
- " got: " << (r.encryptionScheme >> ENC_SCHEME_OFFSET));
+ ASSERT_MSG((r.encryptionScheme >> ENC_SCHEME_OFFSET) == version,
+ "Wrong encryption scheme for " << i.alias << ". Expected " << version <<
+ " got: " << (r.encryptionScheme >> ENC_SCHEME_OFFSET));
}
}
}
@@ -814,18 +795,16 @@ void SchemeTest::SignVerifyItem(const Item &itemPrv, const Item &itemPub)
HashAlgorithm::SHA512,
RSAPaddingAlgorithm::X931,
signature);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "createSignature() failed with " << ret <<
- " for " << itemPrv.alias);
+ ASSERT_MSG(ret == CKM_API_SUCCESS,
+ "createSignature() failed with " << ret << " for " << itemPrv.alias);
ret = m_mgr->verifySignature(itemPub.alias,
itemPub.policy.password,
TEST_DATA,
signature,
HashAlgorithm::SHA512,
RSAPaddingAlgorithm::X931);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "verifySignature() failed with " << ret <<
- " for " << itemPub.alias);
+ ASSERT_MSG(ret == CKM_API_SUCCESS,
+ "verifySignature() failed with " << ret << " for " << itemPub.alias);
}
void SchemeTest::EncryptDecryptItem(const Item &item)
@@ -838,20 +817,13 @@ void SchemeTest::EncryptDecryptItem(const Item &item)
algo.setParam(ParamName::ALGO_TYPE, AlgoType::AES_GCM);
algo.setParam(ParamName::ED_IV, iv);
- ret = m_mgr->encrypt(algo, item.alias, item.policy.password, TEST_DATA,
- encrypted);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "encrypt() failed iwth " << ret << " for " <<
- item.alias);
+ ret = m_mgr->encrypt(algo, item.alias, item.policy.password, TEST_DATA, encrypted);
+ ASSERT_MSG(ret == CKM_API_SUCCESS, "encrypt() failed iwth " << ret << " for " << item.alias);
- ret = m_mgr->decrypt(algo, item.alias, item.policy.password, encrypted,
- decrypted);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "decrypt() failed iwth " << ret << " for " <<
- item.alias);
+ ret = m_mgr->decrypt(algo, item.alias, item.policy.password, encrypted, decrypted);
+ ASSERT_MSG(ret == CKM_API_SUCCESS, "decrypt() failed iwth " << ret << " for " << item.alias);
- BOOST_REQUIRE_MESSAGE(decrypted == TEST_DATA,
- "Decrypted data not equal to original");
+ ASSERT_MSG(decrypted == TEST_DATA, "Decrypted data not equal to original");
}
void SchemeTest::EncryptDecryptItem(const Item &itemPrv, const Item &itemPub)
@@ -862,20 +834,13 @@ void SchemeTest::EncryptDecryptItem(const Item &itemPrv, const Item &itemPub)
algo.setParam(ParamName::ALGO_TYPE, AlgoType::RSA_OAEP);
- ret = m_mgr->encrypt(algo, itemPub.alias, itemPub.policy.password, TEST_DATA,
- encrypted);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "encrypt() failed iwth " << ret << " for " <<
- itemPub.alias);
+ ret = m_mgr->encrypt(algo, itemPub.alias, itemPub.policy.password, TEST_DATA, encrypted);
+ ASSERT_MSG(ret == CKM_API_SUCCESS, "encrypt() failed iwth " << ret << " for " << itemPub.alias);
- ret = m_mgr->decrypt(algo, itemPrv.alias, itemPrv.policy.password, encrypted,
- decrypted);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "decrypt() failed iwth " << ret << " for " <<
- itemPrv.alias);
+ ret = m_mgr->decrypt(algo, itemPrv.alias, itemPrv.policy.password, encrypted, decrypted);
+ ASSERT_MSG(ret == CKM_API_SUCCESS, "decrypt() failed iwth " << ret << " for " << itemPrv.alias);
- BOOST_REQUIRE_MESSAGE(decrypted == TEST_DATA,
- "Decrypted data not equal to original");
+ ASSERT_MSG(decrypted == TEST_DATA, "Decrypted data not equal to original");
}
void SchemeTest::CreateChainItem(const Item &leaf, const Items &certs)
@@ -895,13 +860,10 @@ void SchemeTest::CreateChainItem(const Item &leaf, const Items &certs)
CertificateShPtr leafCrt;
int ret = m_mgr->getCertificate(leaf.alias, leaf.policy.password, leafCrt);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "getCertificate failed with " << ret << " for " <<
- leaf.alias);
+ ASSERT_MSG(ret == CKM_API_SUCCESS,
+ "getCertificate failed with " << ret << " for " << leaf.alias);
ret = m_mgr->getCertificateChain(leafCrt, AliasVector(), trusted, false, chain);
- BOOST_REQUIRE_MESSAGE(ret == CKM_API_SUCCESS,
- "getCertificateChain() failed with " << ret);
- BOOST_REQUIRE_MESSAGE(chain.size() == CHAIN_LEN,
- "Wrong chain length: " << chain.size());
+ ASSERT_MSG(ret == CKM_API_SUCCESS, "getCertificateChain() failed with " << ret);
+ ASSERT_MSG(chain.size() == CHAIN_LEN, "Wrong chain length: " << chain.size());
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 08:19:53 +0000