diff options
Diffstat (limited to 'tests/internals.cpp')
-rw-r--r-- | tests/internals.cpp | 103 |
1 files changed, 87 insertions, 16 deletions
diff --git a/tests/internals.cpp b/tests/internals.cpp index 1fa9aff..7a13df7 100644 --- a/tests/internals.cpp +++ b/tests/internals.cpp @@ -24,7 +24,12 @@ #include <string> #include <cstring> +#include <functional> +#include <memory> +#include <fstream> #include <unistd.h> +#include <sys/stat.h> +#include <dirent.h> #include <boost/test/unit_test.hpp> @@ -32,6 +37,7 @@ #include "crypto_service.h" #include "test-common.h" +#include "test-helper.h" namespace { @@ -76,7 +82,7 @@ crypto_element_s *_create_ce(void) return ce; } -} +} // namespace anonymous BOOST_AUTO_TEST_SUITE(SYSTEM) @@ -261,6 +267,15 @@ BOOST_AUTO_TEST_CASE(read_write_encrypted_app_dek) BOOST_REQUIRE(dek != nullptr); BOOST_REQUIRE(_get_random(dek) == WAE_ERROR_NONE); + // precondition + // dek store is removed after preloaded app deks loaded so dek store + // does not exists as default. To test write/read app dek test(they're working on + // dek store), dek store directory should be made + Wae::Test::restore_dek_store(); + // make unique_ptr to remove directory automatically + std::unique_ptr<void, std::function<void(void *)>> scoped_store( + reinterpret_cast<void *>(1), [](void *) { Wae::Test::remove_dek_store(); }); + int ret = _write_encrypted_app_dek_to_file(pkg_id, dek); BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to write_encrypted_app_dek_to_file. ec: " << ret); @@ -276,7 +291,7 @@ BOOST_AUTO_TEST_CASE(read_write_encrypted_app_dek) "readed(" << Wae::Test::bytes_to_hex(readed) << ")"); } -BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1) +BOOST_AUTO_TEST_CASE(cache_create_preloaded_app_dek) { const char *pkg_id = "TEST_PKG_ID_FOR_CREATE"; @@ -287,7 +302,22 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1) "preloaded app ce to create is already exist. ec: " << ret); const crypto_element_s *ce = nullptr; - ret = create_preloaded_app_ce(pkg_id, &ce); + + { + // precondition: + // for create_preloaded_app_ce, public key(kek) is needed + Wae::Test::restore_dummy_preloaded_app_dek_keks(); + // postcondition: + // get_preloaded_app_ce retrieves app ce from cache which is created on + // create_preloaded_app_ce so private key in dek store shouldn't be needed + // make unique_ptr to remove directory automatically + std::unique_ptr<void, std::function<void(void *)>> scoped_store( + reinterpret_cast<void *>(1), [](void *) { Wae::Test::remove_dek_store(); }); + + // created preloaded app ce is just written in file, not into key-manager repo so + // no need to call remove_app_ce. + ret = create_preloaded_app_ce(pkg_id, &ce); + } BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to create_preloaded_app_ce. ec: " << ret); @@ -299,22 +329,21 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1) BOOST_REQUIRE_MESSAGE(readed == ce, "cached ce address and actual is different!"); } -BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2) +BOOST_AUTO_TEST_CASE(load_preloaded_app_dek) { + // steps + // 1) restore KEKs : restore_dummy_preloaded_app_dek_keks + // 2) create app deks based on KEK (public key) : create_preloaded_app_ce + // -> originally this step runs in image server so result(adek) is written to file + // 3) load preloaded app deks (.adek) in file : load_preloaded_app_deks + // -> After load, pri/pub key pair and adek in file is no longer needed so they're + // automatically cleared by load_preloaded_app_deks() + // 4) clear app deks from key-manager for remove it (associated to TEST_PKG_ID_*) + Wae::Test::restore_dummy_preloaded_app_dek_keks(); + const char *pkg_id1 = "TEST_PKGID_1"; const char *pkg_id2 = "TEST_PKGID_2"; - char path1[MAX_PATH_LEN] = {0, }; - char path2[MAX_PATH_LEN] = {0, }; - _get_preloaded_app_dek_file_path(pkg_id1, sizeof(path1), path1); - _get_preloaded_app_dek_file_path(pkg_id2, sizeof(path2), path2); - - // remove old test data - remove_app_ce(0, pkg_id1, WAE_PRELOADED_APP); - remove_app_ce(0, pkg_id2, WAE_PRELOADED_APP); - unlink(path1); - unlink(path2); - // create 2 ces for preloaded app const crypto_element_s *ce1 = nullptr; int ret = create_preloaded_app_ce(pkg_id1, &ce1); @@ -326,7 +355,7 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2) BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to create_preloaded_app_ce. ec: " << ret); - ret = load_preloaded_app_deks(true); + ret = load_preloaded_app_deks(); BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to load_preloaded_app_deks. ec: " << ret); @@ -348,6 +377,48 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2) BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed remove app ce. ec: " << ret); } +BOOST_AUTO_TEST_CASE(load_preloaded_app_dek_tolerances) +{ + std::function<bool()> does_dek_store_exist = []() { + if (DIR *dir = opendir(_get_dek_store_path())) { + closedir(dir); + return true; + } else if (errno != ENOENT) { + return true; + } else { + return false; + } + }; + + // without dek store directory + BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_NONE); + BOOST_REQUIRE(does_dek_store_exist() == false); + + // without kek(private key) + Wae::Test::restore_dek_store(); + BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_FILE); + BOOST_REQUIRE(does_dek_store_exist() == false); + + // with invalid file in dek store + Wae::Test::restore_dummy_preloaded_app_dek_keks(); + std::ofstream dst; + dst.exceptions(std::ofstream::failbit | std::ofstream::badbit); + dst.open(std::string(_get_dek_store_path()) + "/invalids", std::ofstream::binary); + dst << "touch invalid file to dek store"; + // std::ofstream destructor will call close automatically so no need to handle + // close in the exception cases + dst.close(); + BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_FILE); + BOOST_REQUIRE(does_dek_store_exist() == false); + + // with invalid directory in dek store + Wae::Test::restore_dummy_preloaded_app_dek_keks(); + std::string invalid_dir = std::string(_get_dek_store_path()) + "/invalid_dir"; + mkdir(invalid_dir.c_str(), S_IRUSR | S_IWUSR | S_IXUSR); + BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_FILE); + BOOST_REQUIRE(does_dek_store_exist() == false); +} + BOOST_AUTO_TEST_SUITE_END() // INTERNALS BOOST_AUTO_TEST_SUITE_END() // SYSTEM |