summaryrefslogtreecommitdiff
path: root/tests/internals.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'tests/internals.cpp')
-rw-r--r--tests/internals.cpp103
1 files changed, 87 insertions, 16 deletions
diff --git a/tests/internals.cpp b/tests/internals.cpp
index 1fa9aff..7a13df7 100644
--- a/tests/internals.cpp
+++ b/tests/internals.cpp
@@ -24,7 +24,12 @@
#include <string>
#include <cstring>
+#include <functional>
+#include <memory>
+#include <fstream>
#include <unistd.h>
+#include <sys/stat.h>
+#include <dirent.h>
#include <boost/test/unit_test.hpp>
@@ -32,6 +37,7 @@
#include "crypto_service.h"
#include "test-common.h"
+#include "test-helper.h"
namespace {
@@ -76,7 +82,7 @@ crypto_element_s *_create_ce(void)
return ce;
}
-}
+} // namespace anonymous
BOOST_AUTO_TEST_SUITE(SYSTEM)
@@ -261,6 +267,15 @@ BOOST_AUTO_TEST_CASE(read_write_encrypted_app_dek)
BOOST_REQUIRE(dek != nullptr);
BOOST_REQUIRE(_get_random(dek) == WAE_ERROR_NONE);
+ // precondition
+ // dek store is removed after preloaded app deks loaded so dek store
+ // does not exists as default. To test write/read app dek test(they're working on
+ // dek store), dek store directory should be made
+ Wae::Test::restore_dek_store();
+ // make unique_ptr to remove directory automatically
+ std::unique_ptr<void, std::function<void(void *)>> scoped_store(
+ reinterpret_cast<void *>(1), [](void *) { Wae::Test::remove_dek_store(); });
+
int ret = _write_encrypted_app_dek_to_file(pkg_id, dek);
BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed to write_encrypted_app_dek_to_file. ec: " << ret);
@@ -276,7 +291,7 @@ BOOST_AUTO_TEST_CASE(read_write_encrypted_app_dek)
"readed(" << Wae::Test::bytes_to_hex(readed) << ")");
}
-BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1)
+BOOST_AUTO_TEST_CASE(cache_create_preloaded_app_dek)
{
const char *pkg_id = "TEST_PKG_ID_FOR_CREATE";
@@ -287,7 +302,22 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1)
"preloaded app ce to create is already exist. ec: " << ret);
const crypto_element_s *ce = nullptr;
- ret = create_preloaded_app_ce(pkg_id, &ce);
+
+ {
+ // precondition:
+ // for create_preloaded_app_ce, public key(kek) is needed
+ Wae::Test::restore_dummy_preloaded_app_dek_keks();
+ // postcondition:
+ // get_preloaded_app_ce retrieves app ce from cache which is created on
+ // create_preloaded_app_ce so private key in dek store shouldn't be needed
+ // make unique_ptr to remove directory automatically
+ std::unique_ptr<void, std::function<void(void *)>> scoped_store(
+ reinterpret_cast<void *>(1), [](void *) { Wae::Test::remove_dek_store(); });
+
+ // created preloaded app ce is just written in file, not into key-manager repo so
+ // no need to call remove_app_ce.
+ ret = create_preloaded_app_ce(pkg_id, &ce);
+ }
BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
"Failed to create_preloaded_app_ce. ec: " << ret);
@@ -299,22 +329,21 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_1)
BOOST_REQUIRE_MESSAGE(readed == ce, "cached ce address and actual is different!");
}
-BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2)
+BOOST_AUTO_TEST_CASE(load_preloaded_app_dek)
{
+ // steps
+ // 1) restore KEKs : restore_dummy_preloaded_app_dek_keks
+ // 2) create app deks based on KEK (public key) : create_preloaded_app_ce
+ // -> originally this step runs in image server so result(adek) is written to file
+ // 3) load preloaded app deks (.adek) in file : load_preloaded_app_deks
+ // -> After load, pri/pub key pair and adek in file is no longer needed so they're
+ // automatically cleared by load_preloaded_app_deks()
+ // 4) clear app deks from key-manager for remove it (associated to TEST_PKG_ID_*)
+ Wae::Test::restore_dummy_preloaded_app_dek_keks();
+
const char *pkg_id1 = "TEST_PKGID_1";
const char *pkg_id2 = "TEST_PKGID_2";
- char path1[MAX_PATH_LEN] = {0, };
- char path2[MAX_PATH_LEN] = {0, };
- _get_preloaded_app_dek_file_path(pkg_id1, sizeof(path1), path1);
- _get_preloaded_app_dek_file_path(pkg_id2, sizeof(path2), path2);
-
- // remove old test data
- remove_app_ce(0, pkg_id1, WAE_PRELOADED_APP);
- remove_app_ce(0, pkg_id2, WAE_PRELOADED_APP);
- unlink(path1);
- unlink(path2);
-
// create 2 ces for preloaded app
const crypto_element_s *ce1 = nullptr;
int ret = create_preloaded_app_ce(pkg_id1, &ce1);
@@ -326,7 +355,7 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2)
BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
"Failed to create_preloaded_app_ce. ec: " << ret);
- ret = load_preloaded_app_deks(true);
+ ret = load_preloaded_app_deks();
BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE,
"Failed to load_preloaded_app_deks. ec: " << ret);
@@ -348,6 +377,48 @@ BOOST_AUTO_TEST_CASE(get_create_preloaded_app_dek_2)
BOOST_REQUIRE_MESSAGE(ret == WAE_ERROR_NONE, "Failed remove app ce. ec: " << ret);
}
+BOOST_AUTO_TEST_CASE(load_preloaded_app_dek_tolerances)
+{
+ std::function<bool()> does_dek_store_exist = []() {
+ if (DIR *dir = opendir(_get_dek_store_path())) {
+ closedir(dir);
+ return true;
+ } else if (errno != ENOENT) {
+ return true;
+ } else {
+ return false;
+ }
+ };
+
+ // without dek store directory
+ BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_NONE);
+ BOOST_REQUIRE(does_dek_store_exist() == false);
+
+ // without kek(private key)
+ Wae::Test::restore_dek_store();
+ BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_FILE);
+ BOOST_REQUIRE(does_dek_store_exist() == false);
+
+ // with invalid file in dek store
+ Wae::Test::restore_dummy_preloaded_app_dek_keks();
+ std::ofstream dst;
+ dst.exceptions(std::ofstream::failbit | std::ofstream::badbit);
+ dst.open(std::string(_get_dek_store_path()) + "/invalids", std::ofstream::binary);
+ dst << "touch invalid file to dek store";
+ // std::ofstream destructor will call close automatically so no need to handle
+ // close in the exception cases
+ dst.close();
+ BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_FILE);
+ BOOST_REQUIRE(does_dek_store_exist() == false);
+
+ // with invalid directory in dek store
+ Wae::Test::restore_dummy_preloaded_app_dek_keks();
+ std::string invalid_dir = std::string(_get_dek_store_path()) + "/invalid_dir";
+ mkdir(invalid_dir.c_str(), S_IRUSR | S_IWUSR | S_IXUSR);
+ BOOST_REQUIRE(load_preloaded_app_deks() == WAE_ERROR_FILE);
+ BOOST_REQUIRE(does_dek_store_exist() == false);
+}
+
BOOST_AUTO_TEST_SUITE_END() // INTERNALS
BOOST_AUTO_TEST_SUITE_END() // SYSTEM