1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/os/persistentdata/persistentstorage/sql/TEST/t_sqlsecurity3.cpp Fri Jun 15 03:10:57 2012 +0200
1.3 @@ -0,0 +1,305 @@
1.4 +// Copyright (c) 2006-2009 Nokia Corporation and/or its subsidiary(-ies).
1.5 +// All rights reserved.
1.6 +// This component and the accompanying materials are made available
1.7 +// under the terms of "Eclipse Public License v1.0"
1.8 +// which accompanies this distribution, and is available
1.9 +// at the URL "http://www.eclipse.org/legal/epl-v10.html".
1.10 +//
1.11 +// Initial Contributors:
1.12 +// Nokia Corporation - initial contribution.
1.13 +//
1.14 +// Contributors:
1.15 +//
1.16 +// Description:
1.17 +// t_sqlsecurity3 application has capabilities allowing write-only access to the test database
1.18 +//
1.19 +//
1.20 +
1.21 +#include <e32test.h>
1.22 +#include <bautils.h>
1.23 +#include <sqldb.h>
1.24 +
1.25 +///////////////////////////////////////////////////////////////////////////////////////
1.26 +//The test database has:
1.27 +// SCHEMA database policy: ECapabilityReadDeviceData, ECapabilityWriteUserData, ECapabilityReadUserData
1.28 +// WRITE database policy: ECapabilityWriteUserData
1.29 +// READ database policy: ECapabilityReadUserData
1.30 +//
1.31 +//Database tables:
1.32 +// TABLE A(F1 INTEGER, B1 BLOB)
1.33 +// TABLE B(F2 INTEGER, F3 TEXT, B2 BLOB)
1.34 +//
1.35 +//Database data:
1.36 +// TABLE A: {1, x'41414141414141414141'}, {2, x'42424242424242424242'}, {3, x'43434343434343434343'}, {4, x'44444444444444444444'}
1.37 +// TABLE B: {2, "ABC", x'45454545454545454545'}, {4, "DEF", x'46464646464646464646'}
1.38 +
1.39 +///////////////////////////////////////////////////////////////////////////////////////
1.40 +
1.41 +#define UNUSED_VAR(a) (a) = (a)
1.42 +
1.43 +RSqlDatabase TheDb;
1.44 +RTest TheTest(_L("t_sqlsecurity3 test"));
1.45 +
1.46 +_LIT(KTestDbName, "c:[21212125]t_ab.db");
1.47 +
1.48 +///////////////////////////////////////////////////////////////////////////////////////
1.49 +//Restore original test database function
1.50 +void RestoreOriginalDb()
1.51 + {
1.52 + TheDb.Close();
1.53 + TheDb.Open(KTestDbName);
1.54 +
1.55 + // Delete and restore the content of table A (unconditional DELETE, no READ operations)
1.56 + TheDb.Exec(_L("DELETE FROM A"));
1.57 + TheDb.Exec(_L("INSERT INTO A(F1,B1) VALUES(1,x'41414141414141414141');INSERT INTO A(F1,B1) VALUES(2,x'42424242424242424242');INSERT INTO A(F1,B1) VALUES(3,x'43434343434343434343');INSERT INTO A(F1,B1) VALUES(4,x'44444444444444444444');"));
1.58 +
1.59 + // Delete and restore the content of table B (unconditional DELETE, no READ operations)
1.60 + TheDb.Exec(_L("DELETE FROM B"));
1.61 + TheDb.Exec(_L("INSERT INTO B(F2,F3,B2) VALUES(2, 'ABC',x'45454545454545454545');INSERT INTO B(F2,F3,B2) VALUES(4,'DEF',x'46464646464646464646');"));
1.62 +
1.63 + TheDb.Close();
1.64 + }
1.65 +
1.66 +///////////////////////////////////////////////////////////////////////////////////////
1.67 +//Test macros and functions
1.68 +void Check1(TInt aValue, TInt aLine)
1.69 + {
1.70 + if(!aValue)
1.71 + {
1.72 + RestoreOriginalDb();
1.73 + RDebug::Print(_L("*** Line %d\r\n"), aLine);
1.74 + TheTest(EFalse, aLine);
1.75 + }
1.76 + }
1.77 +void Check2(TInt aValue, TInt aExpected, TInt aLine)
1.78 + {
1.79 + if(aValue != aExpected)
1.80 + {
1.81 + RestoreOriginalDb();
1.82 + RDebug::Print(_L("*** Line %d, Expected error: %d, got: %d\r\n"), aLine, aExpected, aValue);
1.83 + TheTest(EFalse, aLine);
1.84 + }
1.85 + }
1.86 +#define TEST(arg) ::Check1((arg), __LINE__)
1.87 +#define TEST2(aValue, aExpected) ::Check2(aValue, aExpected, __LINE__)
1.88 +
1.89 +///////////////////////////////////////////////////////////////////////////////////////
1.90 +
1.91 +/**
1.92 +@SYMTestCaseID SYSLIB-SQL-CT-1645
1.93 +@SYMTestCaseDesc Testing database operations on a secure database.
1.94 + The test application's capabilities allow write-only access to the test secure database.
1.95 + Verify that any other kind of a database operation will fail with KErrPermissionDenied error.
1.96 +@SYMTestPriority High
1.97 +@SYMTestActions Testing database operations on a secure database.
1.98 +@SYMTestExpectedResults Test must not fail
1.99 +@SYMREQ REQ5792
1.100 + REQ5793
1.101 +*/
1.102 +void WriteOnlyDatabaseTest()
1.103 + {
1.104 + TInt err = TheDb.Open(KTestDbName);
1.105 + TEST2(err, KErrNone);
1.106 +
1.107 + //Attempt to modify the database schema
1.108 + err = TheDb.Exec(_L("CREATE TABLE C(FFF TEXT)"));
1.109 + TEST2(err, KErrPermissionDenied);
1.110 + err = TheDb.Exec(_L("CREATE TRIGGER upd_a_b1 UPDATE OF B1 ON A BEGIN UPDATE B SET F3 = 'AAAA' WHERE F2 = A.F1; END;"));
1.111 + TEST2(err, KErrPermissionDenied);
1.112 + err = TheDb.Exec(_L("CREATE TEMP TRIGGER upd_a_b1 UPDATE OF B1 ON A BEGIN UPDATE B SET F3 = 'AAAA' WHERE F2 = A.F1; END;"));
1.113 + TEST2(err, KErrPermissionDenied);//Temp trigger which attempts to update one of the tables.
1.114 + err = TheDb.Exec(_L("CREATE VIEW V1 AS SELECT * FROM A"));
1.115 + TEST2(err, KErrPermissionDenied);
1.116 + err = TheDb.Exec(_L("CREATE TEMP VIEW V1 AS SELECT * FROM A"));
1.117 + TEST(err >= 0);
1.118 + err = TheDb.Exec(_L("DROP VIEW V1"));
1.119 + TEST(err >= 0);
1.120 + //Attempt to update the user data (but it includes a READ operation)
1.121 + err = TheDb.Exec(_L("UPDATE A SET F1 = 11 WHERE F1 = 1"));
1.122 + TEST2(err, KErrPermissionDenied);
1.123 + //Attempt to update the user data (unconditional UPDATE, no READ operations)
1.124 + err = TheDb.Exec(_L("UPDATE A SET F1 = 11"));
1.125 + TEST(err >= 0);
1.126 + //Attempt to delete the user data (but it includes a READ operation)
1.127 + err = TheDb.Exec(_L("DELETE FROM B WHERE F2 = 2"));
1.128 + TEST2(err, KErrPermissionDenied);
1.129 + //Attempt to delete the user data (unconditional DELETE, no READ operations)
1.130 + err = TheDb.Exec(_L("DELETE FROM A"));
1.131 + TEST(err >= 0);
1.132 + //Restore the deleted table A
1.133 + err = TheDb.Exec(_L("INSERT INTO A(F1,B1) VALUES(1,x'41414141414141414141');INSERT INTO A(F1,B1) VALUES(2,x'42424242424242424242');INSERT INTO A(F1,B1) VALUES(3,x'43434343434343434343');INSERT INTO A(F1,B1) VALUES(4,x'44444444444444444444');"));
1.134 + TEST(err >= 0);
1.135 + //Attempt to insert new user data
1.136 + err = TheDb.Exec(_L("INSERT INTO B(F2, F3, B2) VALUES(22, 'AAA', x'47474747474747474747')"));
1.137 + TEST2(err, 1);
1.138 + //Attempt to change the isolation level.
1.139 + err = TheDb.SetIsolationLevel(RSqlDatabase::ESerializable);
1.140 + TEST2(err, KErrNone);
1.141 + err = TheDb.SetIsolationLevel(RSqlDatabase::EReadUncommitted);
1.142 + TEST2(err, KErrNone);
1.143 + //Attempt to read the user data
1.144 + RSqlStatement stmt;
1.145 + err = stmt.Prepare(TheDb, _L("SELECT A.F1 FROM B,A WHERE A.F1 = B.F2"));
1.146 + TEST2(err, KErrPermissionDenied);
1.147 + //Attempt to read the system data
1.148 + err = stmt.Prepare(TheDb, _L("SELECT * FROM SQLITE_MASTER"));
1.149 + TEST2(err, KErrNone);
1.150 + err = stmt.Next();
1.151 + TEST2(err, KSqlAtRow);
1.152 + TPtrC p;
1.153 + err = stmt.ColumnText(0, p);
1.154 + TEST2(err, KErrNone);
1.155 + RDebug::Print(_L("Value=%S\r\n"), &p);
1.156 + stmt.Close();
1.157 +
1.158 + TheDb.Close();
1.159 + }
1.160 +
1.161 +/**
1.162 +@SYMTestCaseID SYSLIB-SQL-UT-4096
1.163 +@SYMTestCaseDesc Testing incremental blob writes on a secure database.
1.164 + The test application's capabilities allow write-only access to the blobs.
1.165 + Verify that any attempt to read a blob will fail with KErrPermissionDenied.
1.166 +@SYMTestPriority High
1.167 +@SYMTestActions Testing incremental blob writes on a secure database.
1.168 +@SYMTestExpectedResults Test must not fail
1.169 +@SYMREQ REQ5794
1.170 +*/
1.171 +void WriteOnlyBlobTestL()
1.172 + {
1.173 + TInt err = TheDb.Open(KTestDbName);
1.174 + TEST2(err, KErrNone);
1.175 +
1.176 + // Attempt to write the blobs in tables A and B
1.177 + RSqlBlobWriteStream wrStrm;
1.178 + CleanupClosePushL(wrStrm);
1.179 + TRAP(err, wrStrm.OpenL(TheDb, _L("A"), _L("B1"), 2));
1.180 + TEST2(err, KErrNone);
1.181 + TRAP(err, wrStrm.WriteL(_L8("YYYYYYY")));
1.182 + TEST2(err, KErrNone);
1.183 + wrStrm.Close();
1.184 + TRAP(err, wrStrm.OpenL(TheDb, _L("B"), _L("B2"), 1));
1.185 + TEST2(err, KErrNone);
1.186 + TRAP(err, wrStrm.WriteL(_L8("XXXXXXXXX")));
1.187 + TEST2(err, KErrNone);
1.188 + CleanupStack::PopAndDestroy(&wrStrm);
1.189 +
1.190 + TRAP(err, TSqlBlob::SetL(TheDb, _L("A"), _L("B1"), _L8("UUUUUUUU"), 4));
1.191 + TEST2(err, KErrNone);
1.192 + TRAP(err, TSqlBlob::SetL(TheDb, _L("B"), _L("B2"), _L8("SSS"), 2));
1.193 + TEST2(err, KErrNone);
1.194 +
1.195 + // Attempt to read from the blobs in tables A and B
1.196 + RSqlBlobReadStream rdStrm;
1.197 + CleanupClosePushL(rdStrm);
1.198 + TRAP(err, rdStrm.OpenL(TheDb, _L("A"), _L("B1"), 1));
1.199 + TEST2(err, KErrPermissionDenied);
1.200 + rdStrm.Close();
1.201 + TRAP(err, rdStrm.OpenL(TheDb, _L("B"), _L("B2"), 1));
1.202 + TEST2(err, KErrPermissionDenied);
1.203 + CleanupStack::PopAndDestroy(&rdStrm);
1.204 +
1.205 + HBufC8* wholeBuf = NULL;
1.206 + TRAP(err, wholeBuf = TSqlBlob::GetLC(TheDb, _L("A"), _L("B1"), 1));
1.207 + TEST2(err, KErrPermissionDenied);
1.208 + TRAP(err, wholeBuf = TSqlBlob::GetLC(TheDb, _L("B"), _L("B2"), 1));
1.209 + TEST2(err, KErrPermissionDenied);
1.210 +
1.211 + HBufC8* buf = HBufC8::NewLC(10);
1.212 + TPtr8 bufPtr(buf->Des());
1.213 + err = TSqlBlob::Get(TheDb, _L("A"), _L("B1"), bufPtr, 2);
1.214 + TEST2(err, KErrPermissionDenied);
1.215 + err = TSqlBlob::Get(TheDb, _L("B"), _L("B2"), bufPtr, 1);
1.216 + TEST2(err, KErrPermissionDenied);
1.217 + CleanupStack::PopAndDestroy(buf);
1.218 +
1.219 + // SQLite and system tables
1.220 +
1.221 + // Attempt to read from and write to the SQLite master table -
1.222 + // reads should be permitted because write capability is enough for this,
1.223 + // writes should not be permitted because schema capability is required for this
1.224 + CleanupClosePushL(rdStrm);
1.225 + TRAP(err, rdStrm.OpenL(TheDb, _L("sqlite_master"), _L("tbl_name"), 1)); // TEXT column
1.226 + TEST2(err, KErrNone);
1.227 + TBuf8<20> data;
1.228 + TRAP(err, rdStrm.ReadL(data, 1));
1.229 + TEST2(err, KErrNone);
1.230 + CleanupStack::PopAndDestroy(&rdStrm);
1.231 +
1.232 + wholeBuf = TSqlBlob::GetLC(TheDb, _L("sqlite_master"), _L("tbl_name"), 1);
1.233 + TEST(wholeBuf->Length() > 0);
1.234 + CleanupStack::PopAndDestroy(wholeBuf);
1.235 +
1.236 + buf = HBufC8::NewLC(100);
1.237 + bufPtr.Set(buf->Des());
1.238 + err = TSqlBlob::Get(TheDb, _L("sqlite_master"), _L("tbl_name"), bufPtr, 1);
1.239 + TEST2(err, KErrNone);
1.240 + TEST(bufPtr.Length() > 0);
1.241 + CleanupStack::PopAndDestroy(buf);
1.242 +
1.243 + CleanupClosePushL(wrStrm);
1.244 + TRAP(err, wrStrm.OpenL(TheDb, _L("sqlite_master"), _L("tbl_name"), 1));
1.245 + TEST2(err, KErrPermissionDenied);
1.246 + CleanupStack::PopAndDestroy(&wrStrm);
1.247 +
1.248 + TRAP(err, TSqlBlob::SetL(TheDb, _L("sqlite_master"), _L("tbl_name"), _L8("VVVV"), 1));
1.249 + TEST2(err, KErrPermissionDenied);
1.250 +
1.251 + // Attempt to read from and write to the system tables - neither reads nor writes should be permitted
1.252 + CleanupClosePushL(rdStrm);
1.253 + TRAP(err, rdStrm.OpenL(TheDb, _L("symbian_security"), _L("PolicyData"), 1)); // BLOB column
1.254 + TEST2(err, KErrPermissionDenied);
1.255 + CleanupStack::PopAndDestroy(&rdStrm);
1.256 +
1.257 + TRAP(err, wholeBuf = TSqlBlob::GetLC(TheDb, _L("symbian_security"), _L("PolicyData"), 1));
1.258 + TEST2(err, KErrPermissionDenied);
1.259 +
1.260 + buf = HBufC8::NewLC(100);
1.261 + bufPtr.Set(buf->Des());
1.262 + err = TSqlBlob::Get(TheDb, _L("symbian_security"), _L("PolicyData"), bufPtr, 1);
1.263 + TEST2(err, KErrPermissionDenied);
1.264 + CleanupStack::PopAndDestroy(buf);
1.265 +
1.266 + CleanupClosePushL(wrStrm);
1.267 + TRAP(err, wrStrm.OpenL(TheDb, _L("symbian_security"), _L("PolicyData"), 1));
1.268 + TEST2(err, KErrPermissionDenied);
1.269 + CleanupStack::PopAndDestroy(&wrStrm);
1.270 +
1.271 + TRAP(err, TSqlBlob::SetL(TheDb, _L("symbian_security"), _L("PolicyData"), _L8("VVVV"), 1));
1.272 + TEST2(err, KErrPermissionDenied);
1.273 +
1.274 + TheDb.Close();
1.275 + }
1.276 +
1.277 +void DoTestsL()
1.278 + {
1.279 + TheTest.Start(_L(" @SYMTestCaseID:SYSLIB-SQL-CT-1645 Write-only database access test "));
1.280 + WriteOnlyDatabaseTest();
1.281 +
1.282 + TheTest.Next(_L(" @SYMTestCaseID:SYSLIB-SQL-UT-4096 Write-only blob access test"));
1.283 + WriteOnlyBlobTestL();
1.284 +
1.285 + RestoreOriginalDb(); // the same db is used by the other t_security test exe's
1.286 + }
1.287 +
1.288 +TInt E32Main()
1.289 + {
1.290 + TheTest.Title();
1.291 +
1.292 + CTrapCleanup* tc = CTrapCleanup::New();
1.293 +
1.294 + __UHEAP_MARK;
1.295 +
1.296 + TRAPD(err, DoTestsL());
1.297 + TEST2(err, KErrNone);
1.298 +
1.299 + __UHEAP_MARKEND;
1.300 +
1.301 + TheTest.End();
1.302 + TheTest.Close();
1.303 +
1.304 + delete tc;
1.305 +
1.306 + User::Heap().Check();
1.307 + return KErrNone;
1.308 + }