Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-certificate-manager / 13bf74e4486df30fb70b9dbb040277bcdf50e0ec / . / test / certs_manager_test.cpp
blob: 7b318d7754878942595e62746814e11c047bc1ec [file] [log] [blame]
Marri Devender Rao13bf74e2019-03-26 01:52:17 -0500[diff] [blame^]1#include "config.h"
2
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]3#include "certificate.hpp"
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]4#include "certs_manager.hpp"
5
6#include <algorithm>
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]7#include <filesystem>
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]8#include <fstream>
9#include <iterator>
10#include <string>
Marri Devender Rao13bf74e2019-03-26 01:52:17 -0500[diff] [blame^]11#include <xyz/openbmc_project/Certs/error.hpp>
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]12#include <xyz/openbmc_project/Common/error.hpp>
13
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]14#include <gtest/gtest.h>
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]15namespace fs = std::filesystem;
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]16using InternalFailure =
17 sdbusplus::xyz::openbmc_project::Common::Error::InternalFailure;
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]18using InvalidCertificate =
Marri Devender Rao13bf74e2019-03-26 01:52:17 -0500[diff] [blame^]19 sdbusplus::xyz::openbmc_project::Certs::Error::InvalidCertificate;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]20using namespace phosphor::certs;
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]21
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]22/**
23 * Class to generate certificate file and test verification of certificate file
24 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]25class TestCertificates : public ::testing::Test
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]26{
27 public:
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]28 TestCertificates() : bus(sdbusplus::bus::new_default())
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]29 {
30 }
31 void SetUp() override
32 {
33 char dirTemplate[] = "/tmp/FakeCerts.XXXXXX";
34 auto dirPtr = mkdtemp(dirTemplate);
35 if (dirPtr == NULL)
36 {
37 throw std::bad_alloc();
38 }
39 certDir = dirPtr;
40 certificateFile = "cert.pem";
41 std::string cmd = "openssl req -x509 -sha256 -newkey rsa:2048 ";
42 cmd += "-keyout cert.pem -out cert.pem -days 3650 ";
43 cmd += "-subj "
44 "/O=openbmc-project.xyz/CN=localhost"
45 " -nodes";
46 auto val = std::system(cmd.c_str());
47 if (val)
48 {
49 std::cout << "COMMAND Error: " << val << std::endl;
50 }
51 }
52 void TearDown() override
53 {
54 fs::remove_all(certDir);
55 fs::remove(certificateFile);
56 }
57
58 bool compareFiles(const std::string& file1, const std::string& file2)
59 {
60 std::ifstream f1(file1, std::ifstream::binary | std::ifstream::ate);
61 std::ifstream f2(file2, std::ifstream::binary | std::ifstream::ate);
62
63 if (f1.fail() || f2.fail())
64 {
65 return false; // file problem
66 }
67
68 if (f1.tellg() != f2.tellg())
69 {
70 return false; // size mismatch
71 }
72
73 // seek back to beginning and use std::equal to compare contents
74 f1.seekg(0, std::ifstream::beg);
75 f2.seekg(0, std::ifstream::beg);
76 return std::equal(std::istreambuf_iterator<char>(f1.rdbuf()),
77 std::istreambuf_iterator<char>(),
78 std::istreambuf_iterator<char>(f2.rdbuf()));
79 }
80
81 protected:
82 sdbusplus::bus::bus bus;
83 std::string certificateFile;
84
85 std::string certDir;
86};
87
88class MainApp
89{
90 public:
91 MainApp(phosphor::certs::Manager* manager) : manager(manager)
92 {
93 }
94 void install(std::string& path)
95 {
96 manager->install(path);
97 }
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]98 void delete_()
99 {
100 manager->delete_();
101 }
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]102 phosphor::certs::Manager* manager;
103};
104
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]105/** @brief Check if server install routine is invoked for server setup
106 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]107TEST_F(TestCertificates, InvokeServerInstall)
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]108{
109 std::string endpoint("https");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]110 std::string unit("");
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]111 std::string type("server");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]112 std::string installPath(certDir + "/" + certificateFile);
113 std::string verifyPath(installPath);
114 UnitsToRestart verifyUnit(unit);
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]115 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]116 Certificate certificate(bus, objPath, type, unit, installPath,
117 certificateFile);
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]118 EXPECT_TRUE(fs::exists(verifyPath));
119}
120
121/** @brief Check if client install routine is invoked for client setup
122 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]123TEST_F(TestCertificates, InvokeClientInstall)
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]124{
125 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]126 std::string unit("");
127 std::string type("server");
128 std::string installPath(certDir + "/" + certificateFile);
129 std::string verifyPath(installPath);
130 UnitsToRestart verifyUnit(unit);
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]131 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]132 Certificate certificate(bus, objPath, type, unit, installPath,
133 certificateFile);
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]134 EXPECT_TRUE(fs::exists(verifyPath));
135}
136
137/** @brief Check if authority install routine is invoked for authority setup
138 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]139TEST_F(TestCertificates, InvokeAuthorityInstall)
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]140{
141 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]142 std::string unit("");
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]143 std::string type("authority");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]144 std::string installPath(certDir + "/" + certificateFile);
145 std::string verifyPath(installPath);
146 UnitsToRestart verifyUnit(unit);
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]147 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]148 Certificate certificate(bus, objPath, type, unit, installPath,
149 certificateFile);
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]150 EXPECT_TRUE(fs::exists(verifyPath));
151}
152
153/** @brief Compare the installed certificate with the copied certificate
154 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]155TEST_F(TestCertificates, CompareInstalledCertificate)
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]156{
157 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]158 std::string unit("");
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]159 std::string type("client");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]160 std::string installPath(certDir + "/" + certificateFile);
161 std::string verifyPath(installPath);
162 UnitsToRestart verifyUnit(unit);
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]163 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]164 Certificate certificate(bus, objPath, type, unit, installPath,
165 certificateFile);
Marri Devender Rao947258d2018-09-25 10:52:24 -0500[diff] [blame]166 EXPECT_TRUE(fs::exists(verifyPath));
167 EXPECT_TRUE(compareFiles(verifyPath, certificateFile));
168}
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]169
170/** @brief Check if install fails if certificate file is not found
171 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]172TEST_F(TestCertificates, TestNoCertificateFile)
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]173{
174 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]175 std::string unit("");
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]176 std::string type("client");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]177 std::string installPath(certDir + "/" + certificateFile);
178 std::string verifyPath(installPath);
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]179 std::string verifyUnit(unit);
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]180 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]181 std::string uploadFile = "nofile.pem";
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]182 EXPECT_THROW(
183 {
184 try
185 {
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]186 Certificate certificate(bus, objPath, type, unit, installPath,
187 uploadFile);
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]188 }
189 catch (const InternalFailure& e)
190 {
191 throw;
192 }
193 },
194 InternalFailure);
195 EXPECT_FALSE(fs::exists(verifyPath));
196}
197
198/** @brief Check if install fails if certificate file is empty
199 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]200TEST_F(TestCertificates, TestEmptyCertificateFile)
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]201{
202 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]203 std::string unit("");
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]204 std::string type("client");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]205 std::string installPath(certDir + "/" + certificateFile);
206 std::string verifyPath(installPath);
207 std::string verifyUnit(unit);
208 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]209 std::string emptyFile("emptycert.pem");
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]210 std::ofstream ofs;
211 ofs.open(emptyFile, std::ofstream::out);
212 ofs.close();
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]213 EXPECT_THROW(
214 {
215 try
216 {
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]217 Certificate certificate(bus, objPath, type, unit, installPath,
218 emptyFile);
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]219 }
220 catch (const InvalidCertificate& e)
221 {
222 throw;
223 }
224 },
225 InvalidCertificate);
226 EXPECT_FALSE(fs::exists(verifyPath));
227 fs::remove(emptyFile);
228}
229
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]230/** @brief Check if install fails if certificate file is corrupted
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]231 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]232TEST_F(TestCertificates, TestInvalidCertificateFile)
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]233{
234 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]235 std::string unit("");
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]236 std::string type("client");
237
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]238 std::ofstream ofs;
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]239 ofs.open(certificateFile, std::ofstream::out);
240 ofs << "-----BEGIN CERTIFICATE-----";
241 ofs << "ADD_SOME_INVALID_DATA_INTO_FILE";
242 ofs << "-----END CERTIFICATE-----";
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]243 ofs.close();
244
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]245 std::string installPath(certDir + "/" + certificateFile);
246 std::string verifyPath(installPath);
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]247 std::string verifyUnit(unit);
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]248 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]249 EXPECT_THROW(
250 {
251 try
252 {
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]253 Certificate certificate(bus, objPath, type, unit, installPath,
254 certificateFile);
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]255 }
256 catch (const InvalidCertificate& e)
257 {
258 throw;
259 }
260 },
261 InvalidCertificate);
262 EXPECT_FALSE(fs::exists(verifyPath));
Marri Devender Raoe6597c52018-10-01 06:36:55 -0500[diff] [blame]263}
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]264
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]265/** @brief check certificate delete at manager level
266 */
267TEST_F(TestCertificates, TestCertManagerDelete)
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]268{
269 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]270 std::string unit("");
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]271 std::string type("client");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]272 std::string installPath(certDir + "/" + certificateFile);
273 std::string verifyPath(installPath);
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]274 std::string verifyUnit(unit);
275 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]276 Manager manager(bus, objPath.c_str(), type, std::move(unit),
277 std::move(installPath));
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]278 MainApp mainApp(&manager);
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]279 // delete certificate file and verify file is deleted
280 mainApp.delete_();
281 EXPECT_FALSE(fs::exists(verifyPath));
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]282}
283
284/** @brief check certificate install at manager level
285 */
286TEST_F(TestCertificates, TestCertManagerInstall)
287{
288 std::string endpoint("ldap");
289 std::string unit("");
290 std::string type("client");
291 std::string installPath(certDir + "/" + certificateFile);
292 std::string verifyPath(installPath);
293 std::string verifyUnit(unit);
294 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
295 Manager manager(bus, objPath.c_str(), type, std::move(unit),
296 std::move(installPath));
297 MainApp mainApp(&manager);
298 mainApp.install(certificateFile);
299 EXPECT_TRUE(fs::exists(verifyPath));
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]300}
301
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]302/**
303 * Class to generate private and certificate only file and test verification
304 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]305class TestInvalidCertificate : public ::testing::Test
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]306{
307 public:
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]308 TestInvalidCertificate() : bus(sdbusplus::bus::new_default())
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]309 {
310 }
311 void SetUp() override
312 {
313 char dirTemplate[] = "/tmp/FakeCerts.XXXXXX";
314 auto dirPtr = mkdtemp(dirTemplate);
315 if (dirPtr == NULL)
316 {
317 throw std::bad_alloc();
318 }
319 certDir = dirPtr;
320 certificateFile = "cert.pem";
321 keyFile = "key.pem";
322 std::string cmd = "openssl req -x509 -sha256 -newkey rsa:2048 ";
323 cmd += "-keyout key.pem -out cert.pem -days 3650 ";
324 cmd += "-subj "
325 "/O=openbmc-project.xyz/CN=localhost"
326 " -nodes";
327
328 auto val = std::system(cmd.c_str());
329 if (val)
330 {
331 std::cout << "command Error: " << val << std::endl;
332 }
333 }
334 void TearDown() override
335 {
336 fs::remove_all(certDir);
337 fs::remove(certificateFile);
338 fs::remove(keyFile);
339 }
340
341 protected:
342 sdbusplus::bus::bus bus;
343 std::string certificateFile;
344 std::string keyFile;
345 std::string certDir;
346};
347
348/** @brief Check install fails if private key is missing in certificate file
349 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]350TEST_F(TestInvalidCertificate, TestMissingPrivateKey)
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]351{
352 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]353 std::string unit("");
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]354 std::string type("client");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]355 std::string installPath(certDir + "/" + certificateFile);
356 std::string verifyPath(installPath);
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]357 std::string verifyUnit(unit);
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]358 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]359 EXPECT_THROW(
360 {
361 try
362 {
363 Certificate certificate(bus, objPath, type, unit, installPath,
364 certificateFile);
365 }
366 catch (const InvalidCertificate& e)
367 {
368 throw;
369 }
370 },
371 InvalidCertificate);
372 EXPECT_FALSE(fs::exists(verifyPath));
373}
374
375/** @brief Check install fails if ceritificate is missing in certificate file
376 */
377TEST_F(TestInvalidCertificate, TestMissingCeritificate)
378{
379 std::string endpoint("ldap");
380 std::string unit("");
381 std::string type("client");
382 std::string installPath(certDir + "/" + keyFile);
383 std::string verifyPath(installPath);
384 std::string verifyUnit(unit);
385
386 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
387 EXPECT_THROW(
388 {
389 try
390 {
391 Certificate certificate(bus, objPath, type, unit, installPath,
392 keyFile);
393 }
394 catch (const InvalidCertificate& e)
395 {
396 throw;
397 }
398 },
399 InvalidCertificate);
400 EXPECT_FALSE(fs::exists(verifyPath));
401}
402
403/** @brief Check if Manager install method fails for invalid certificate file
404 */
405TEST_F(TestInvalidCertificate, TestCertManagerInstall)
406{
407 std::string endpoint("ldap");
408 std::string unit("");
409 std::string type("client");
410 std::string installPath(certDir + "/" + certificateFile);
411 std::string verifyPath(installPath);
412 std::string verifyUnit(unit);
413 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
414 Manager manager(bus, objPath.c_str(), type, std::move(unit),
415 std::move(installPath));
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]416 MainApp mainApp(&manager);
417 EXPECT_THROW(
418 {
419 try
420 {
421 mainApp.install(certificateFile);
422 }
423 catch (const InvalidCertificate& e)
424 {
425 throw;
426 }
427 },
428 InvalidCertificate);
429 EXPECT_FALSE(fs::exists(verifyPath));
430}
431
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]432/** @brief Check if error is thrown when multiple certificates are installed
433 * At present only one certificate per service is allowed
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]434 */
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]435TEST_F(TestCertificates, TestCertInstallNotAllowed)
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]436{
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]437 using NotAllowed =
438 sdbusplus::xyz::openbmc_project::Common::Error::NotAllowed;
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]439 std::string endpoint("ldap");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]440 std::string unit("");
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]441 std::string type("client");
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]442 std::string installPath(certDir + "/" + certificateFile);
443 std::string verifyPath(installPath);
Jayanth Othayothb50789c2018-10-09 07:13:54 -0500[diff] [blame]444 std::string verifyUnit(unit);
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]445 auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]446 Manager manager(bus, objPath.c_str(), type, std::move(unit),
447 std::move(installPath));
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]448 MainApp mainApp(&manager);
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]449 mainApp.install(certificateFile);
450 EXPECT_TRUE(fs::exists(verifyPath));
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]451 EXPECT_THROW(
452 {
453 try
454 {
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]455 // install second certificate
456 mainApp.install(certificateFile);
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]457 }
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]458 catch (const NotAllowed& e)
Marri Devender Raoddf64862018-10-03 07:11:02 -0500[diff] [blame]459 {
460 throw;
461 }
462 },
Marri Devender Rao8841dbd2019-03-04 05:43:55 -0600[diff] [blame]463 NotAllowed);
Marri Devender Rao9abfae82018-10-03 08:10:35 -0500[diff] [blame]464}