2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Contact: Bumjin Im <bj.im@samsung.com>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License
20 * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
26 #include <condition_variable>
29 #include <ckmc/ckmc-type.h>
30 #include <ckm/ckm-manager-async.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-raw-buffer.h>
37 #include <dpl/test/test_runner.h>
38 #include <dpl/test/test_runner_child.h>
40 #include <tests_common.h>
41 #include <test-certs.h>
42 #include <ckm-common.h>
43 #include <access_provider2.h>
48 using namespace TestData;
52 const char* TEST_LABEL = "test_label";
53 const char* TEST_LABEL_2 = "test_label-2";
55 const char* TEST_DATA = "dsflsdkghkslhglrtghierhgilrehgidsafasdffsgfdgdgfdgfdgfdgfdggf";
57 const char* TEST_PASS = "test-pass";
59 const CertificateShPtrVector EMPTY_CERT_VECTOR;
60 const CertificateShPtrVector NULL_PTR_VECTOR = {
65 const AliasVector EMPTY_ALIAS_VECTOR;
66 const Alias alias_PKCS_exportable = "async-test-PKCS-export";
67 const Alias alias_PKCS_not_exportable = "async-test-PKCS-no-export";
69 class MyObserver: public ManagerAsync::Observer
73 m_finished(false), m_error(0)
77 void ReceivedError(int error)
84 void ReceivedSaveKey() { Succeeded(); }
85 void ReceivedSaveCertificate() { Succeeded(); }
86 void ReceivedSaveData() { Succeeded(); }
87 void ReceivedSavePKCS12() { Succeeded(); }
89 void ReceivedRemovedAlias() { Succeeded(); }
91 void ReceivedKey(Key &&) { Succeeded(); }
92 void ReceivedCertificate(Certificate &&) { Succeeded(); }
93 void ReceivedData(RawBuffer &&) { Succeeded(); }
94 void ReceivedPKCS12(PKCS12ShPtr && pkcs) { m_pkcs = pkcs; Succeeded(); }
96 void ReceivedKeyAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
97 void ReceivedCertificateAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
98 void ReceivedDataAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
100 void ReceivedCreateKeyAES() { Succeeded(); }
101 void ReceivedCreateKeyPair() { Succeeded(); }
103 void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
104 { m_certChain = move(chain); Succeeded(); }
106 void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
107 void ReceivedVerifySignature() { Succeeded(); }
109 void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
111 void ReceivedSetPermission() { Succeeded(); }
113 void WaitForResponse()
115 unique_lock < mutex > lock(m_mutex);
117 m_cv.wait(lock, [this] {return m_finished;});
122 AliasVector m_aliases;
123 CertificateShPtrVector m_certChain;
136 condition_variable m_cv;
139 typedef shared_ptr<MyObserver> MyObserverPtr;
151 KeyContainer(const std::string& prv_pem, const std::string& pub_pem) {
152 RawBuffer buffer_prv(prv_pem.begin(), prv_pem.end());
153 prv = Key::create(buffer_prv);
156 RawBuffer buffer_pub(pub_pem.begin(), pub_pem.end());
157 pub = Key::create(buffer_pub);
162 KeyContainer(const RawBuffer& key_raw) {
163 prv = pub = Key::createAES(key_raw);
172 typedef map<Type, vector<KeyContainer> > KeyMap;
175 KeyMap initializeKeys()
179 km[RSA].emplace_back(
180 "-----BEGIN RSA PRIVATE KEY-----\n"
181 "MIICXAIBAAKBgQDMP6sKttnQ58BAi27b8X+8KVQtJgpJhhCF0RtWaTVqAhVDG3y4\n"
182 "x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06BCWPYH2+7jOfQIOy/TMlt+W7x\n"
183 "fou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+3Op0tEjy0jpmzeyNiQIDAQAB\n"
184 "AoGBAJRDX1CuvNx1bkwsKvQDkTqwMYd4hp0qcVICIbsPMhPaoT6OdHHZkHOf+HDx\n"
185 "KWhOj1LsXgzu95Q+Tp5k+LURI8ayu2RTsz/gYECgPNUsZ7gXl4co1bK+g5kiC+qr\n"
186 "sgSfkbYpp0OXefnl5x4KaJlZeSpn0UdDqx0kwI1x2E098i1VAkEA5thNY9YZNQdN\n"
187 "p6aopxOF5OmAjbLkq6wu255rDM5YgeepXXro/lmPociobtv8vPzbWKfoYZJL0Zj4\n"
188 "Qzj7Qz7s0wJBAOKBbpeG9PuNP1nR1h8kvyuILW8F89JOcIOUeqwokq4eJVqXdFIj\n"
189 "ct8eSEFmyXNqXD7b9+Tcw6vRIZuddVhNcrMCQAlpaD5ZzE1NLu1W7ilhsmPS4Vrl\n"
190 "oE0fiAmMO/EZuKITP+R/zmAQZrrB45whe/x4krjan67auByjj/utpxDmz+ECQEg/\n"
191 "UK80dN/n5dUYgVvdtLyF6zgGhgcGzgyqR5ayOlcfdnq25Htuoy1X02RJDOirfFDw\n"
192 "iNmPMTqUskuYpd1MltECQBwcy1cpnJWIXwCTQwg3enjkOVw80Tbr3iU9ASjHJTH2\n"
193 "N6FGHC4BQCm1fL6Bo0/0oSra+Ika3/1Vw1WwijUSiO8=\n"
194 "-----END RSA PRIVATE KEY-----",
196 "-----BEGIN PUBLIC KEY-----\n"
197 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMP6sKttnQ58BAi27b8X+8KVQt\n"
198 "JgpJhhCF0RtWaTVqAhVDG3y4x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06B\n"
199 "CWPYH2+7jOfQIOy/TMlt+W7xfou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+\n"
200 "3Op0tEjy0jpmzeyNiQIDAQAB\n"
201 "-----END PUBLIC KEY-----"
204 km[RSA].emplace_back(
205 "-----BEGIN RSA PRIVATE KEY-----\n"
206 "MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6\n"
207 "YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6T\n"
208 "AQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7m\n"
209 "Tus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2QNv3kBPuYdQQrXhoxCcIVtSIl8pU\n"
210 "fI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8SGjA6mSpmrp7lPlKE\n"
211 "9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWpxOzb\n"
212 "lliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37J\n"
213 "IudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4\n"
214 "V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDes\n"
215 "NBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ4rsmBqOwuglHFW52dIZEG9u/20ta\n"
216 "QMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLiBLx0Yr/RXKf6gJUCAwEA\n"
217 "AQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh18pva5Kzh\n"
218 "EU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh\n"
219 "9u236vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXN\n"
220 "GF5JjNcCOQxO1Em8pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG\n"
221 "5DPb19r9XjQhUPjbcq3/4qmLwtLT9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+\n"
222 "fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK6wX2IQ+7vJoWQyg2w6DbpSRq\n"
223 "cyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxeeRpNqFU9OCw0B\n"
224 "d3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O\n"
225 "bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBW\n"
226 "gUyLSdxR5RoEjBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbP\n"
227 "ggFZ8JnuwgtNo0soVKsWGATH65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX8\n"
228 "0jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H1TYDjwA1iBFku/O/xx7Jag7Y0A2l\n"
229 "1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MOGFTs5r9QyM//sm5D\n"
230 "2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDOUCx6\n"
231 "xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0\n"
232 "/zX4MFMD/Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWd\n"
233 "kKpm9xcFddATlT0CggEBAOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvE\n"
234 "qgKHOgZO9ztD6/UgX41uc+3rKfvmY5AsldGZgd0ov/DyeF0N834LeBVayG1fdcEt\n"
235 "amqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9TwoUWS2xmldc+nehCdHs\n"
236 "WQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+ETjKemdK\n"
237 "HQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5\n"
238 "ZB7ev8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FW\n"
239 "Nqvwp9PQzxwTv8wuxBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o\n"
240 "1Rad6jtb1SiV9KcPk83wIeoUk/xp0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7L\n"
241 "qpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8eTEywu5yrMGeAjVpLFfKlmGI\n"
242 "pYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk2kuGLYXISfUG\n"
243 "j0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a\n"
244 "xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8W\n"
245 "X4+ZEW7S4heLsUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/a\n"
246 "W22I0REV5UU8bS1F7taV93EwWmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVy\n"
247 "FjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4igfJpPcUFYOazZ3Y7q53RdCgIPKKy\n"
248 "iVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GHW93TUDTKWlTXyUFm\n"
249 "C2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltYG08t\n"
250 "fEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL6\n"
251 "06qeBC8xoVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQ\n"
252 "pyVWfB+F2ppBOYtKvNubyKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+I\n"
253 "Qj8I06c1T31kzfJ71Vx1DUWZW/65xmFD4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rq\n"
254 "uPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+Vx676FQrM4EzjSSqgA==\n"
255 "-----END RSA PRIVATE KEY-----\n",
256 "-----BEGIN PUBLIC KEY-----\n"
257 "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3\n"
258 "+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui\n"
259 "tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB\n"
260 "x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2\n"
261 "QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8\n"
262 "9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4\n"
263 "m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA\n"
264 "+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp\n"
265 "f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4\n"
266 "+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ\n"
267 "4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+\n"
268 "8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ==\n"
269 "-----END PUBLIC KEY-----");
270 km[DSA].emplace_back(
271 "-----BEGIN DSA PRIVATE KEY-----\n"
272 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
273 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
274 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
275 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
276 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
277 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
278 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
279 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
280 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
281 "yAKPlW7WQzgV5jLLNUW7\n"
282 "-----END DSA PRIVATE KEY-----\n",
283 "-----BEGIN PUBLIC KEY-----\n"
284 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBAMixBFiCdTiablWszLKSk03N4dNAA7wT\n"
285 "aEkBw7A08Gt2izxqZqStwmfIFo2HnpmyVy5c0Qom7GIOzLhUz0pRHx8dOpOIXmz7\n"
286 "g0CvN2t3A1CkpaMCok1+CkJ1otkfD2jznt+VxDh3Jg2cDPX9I0ae/TcObwRhE1EU\n"
287 "1oU3DvME+PJXAhUA3KPuKMt+sJsNkOLqid3k2nU2zSECgYEAhxLVx5a3DoMAaZjD\n"
288 "Dbuv/WUu2qOuryPTDRoXovL6ln/L5ZPD0pPXx5Eo+ZWCu5VKfdVVUl43TRdqgq98\n"
289 "9IeRNEgTmuujZkQieGneDRVqTsRclZ7sooFFepIw0WSd2Mq/WfI0p5ZISr1eqXpI\n"
290 "+fwnxN+ZvJSk9IiCVlG8nYMfAckDgYQAAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkB\n"
291 "eukXzeZGqNWEjgzLAjMZEVYMDLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23\n"
292 "ToR8fQuiBu+KvtAP/QuCOJ/LS0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6\n"
294 "-----END PUBLIC KEY-----\n"
296 km[ECDSA].emplace_back(
297 "-----BEGIN EC PRIVATE KEY-----\n"
298 "MF8CAQEEGF3rz8OuFpcESrlqCm0G96oovr0XbX+DRKAKBggqhkjOPQMBAaE0AzIA\n"
299 "BHiZYByQiRNQ91GWNnTfoBbp9G8DP9oJYc/cDZlk4lKUpmbvm//RWf1U7ag3tOVy\n"
301 "-----END EC PRIVATE KEY-----",
303 "-----BEGIN PUBLIC KEY-----\n"
304 "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEeJlgHJCJE1D3UZY2dN+gFun0bwM/\n"
305 "2glhz9wNmWTiUpSmZu+b/9FZ/VTtqDe05XKx\n"
306 "-----END PUBLIC KEY-----"
309 CKM::RawBuffer AES_key = createRandomBuffer(256/8);
310 km[AES].emplace_back(AES_key);
315 KeyMap keys = initializeKeys();
316 typedef vector<CertificateShPtr> CertVector;
318 const RawBuffer raw_buffer(const char* buffer)
320 return RawBuffer(buffer, buffer + strlen(buffer));
323 const RawBuffer test_buffer = raw_buffer("test_string");
325 template <typename F, typename... Args>
326 void test_negative(F&& func, int expected, Args... args)
328 MyObserverPtr obs = make_shared<MyObserver>();
331 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
332 obs->WaitForResponse();
334 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
336 obs->m_error == expected,
337 "Expected " << expected << "/" << ErrorToString(expected) <<
338 " got: " << obs->m_error << "/" << ErrorToString(obs->m_error));
341 template <typename F, typename... Args>
342 void test_invalid_param(F&& func, Args... args)
344 test_negative(move(func), CKM_API_ERROR_INPUT_PARAM, args...);
347 template <typename F, typename... Args>
348 MyObserverPtr test_positive(F&& func, Args... args)
350 MyObserverPtr obs = make_shared<MyObserver>();
353 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
354 obs->WaitForResponse();
356 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
357 RUNNER_ASSERT_MSG(obs->m_error == 0,
358 "Request failed " << obs->m_error << "/" << ErrorToString(obs->m_error));
362 template <typename F, typename... Args>
363 void test_check_aliases(F&& func, const AliasVector& expected, Args... args)
365 auto obs = test_positive(move(func), args...);
366 RUNNER_ASSERT_MSG(obs->m_aliases == expected, "Retrieved aliases differ from expected");
369 template <typename F, typename... Args>
370 void test_check_cert_chain(F&& func, size_t expected, Args... args)
372 auto obs = test_positive(move(func), args...);
374 obs->m_certChain.size() == expected,
375 "Expected chain length: " << expected << " got: " << obs->m_certChain.size());
378 typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
379 const CertificateShPtr&,
380 const CertificateShPtrVector&,
381 const CertificateShPtrVector&,
384 typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
385 const CertificateShPtr&,
390 class UserEnv : public RemoveDataEnv<APP_UID>
393 void init(const std::string & str) {
394 RemoveDataEnv<APP_UID>::init(str);
395 unlock_user_data(APP_UID, TEST_PASS);
396 m_ap.reset(new ScopedAccessProvider(TEST_LABEL, APP_UID, APP_GID));
400 // lock is performed by remove_user_data() in RemoveDataEnv
401 RemoveDataEnv<APP_UID>::finish();
403 std::unique_ptr<ScopedAccessProvider> m_ap;
406 CKM::PKCS12ShPtr loadPkcs()
408 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
409 std::istreambuf_iterator<char> begin(is), end;
410 std::vector<char> buff(begin, end);
412 CKM::RawBuffer buffer(buff.size());
413 memcpy(buffer.data(), buff.data(), buff.size());
415 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
418 "Error in PKCS12::create()");
420 auto cert = pkcs->getCertificate();
423 "Error in PKCS12::getCertificate()");
425 auto key = pkcs->getKey();
428 "Error in PKCS12::getKey()");
430 auto caVector = pkcs->getCaCertificateShPtrVector();
432 2 == caVector.size(),
433 "Wrong size of vector");
438 } // namespace anonymous
440 RUNNER_TEST_GROUP_INIT(CKM_ASYNC_API);
443 RUNNER_TEST(TA0010_save_key_invalid_param, UserEnv)
445 test_no_observer(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
446 test_invalid_param(&ManagerAsync::saveKey, "", keys[RSA][0].prv, Policy());
447 test_invalid_param(&ManagerAsync::saveKey, "alias", KeyShPtr(), Policy());
450 RUNNER_TEST(TA0020_save_key_already_exists, UserEnv)
452 test_positive(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
453 test_negative(&ManagerAsync::saveKey,
454 CKM_API_ERROR_DB_ALIAS_EXISTS,
460 RUNNER_TEST(TA0050_save_key_positive, UserEnv)
462 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy());
463 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy());
464 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
469 RUNNER_TEST(TA0110_save_cert_invalid_param, UserEnv)
471 CertificateShPtr cert = Certificate::create(test_buffer, DataFormat::FORM_PEM);
472 test_no_observer(&ManagerAsync::saveCertificate, "", cert, Policy());
473 test_invalid_param(&ManagerAsync::saveCertificate, "", cert, Policy());
474 test_invalid_param(&ManagerAsync::saveCertificate, "alias", CertificateShPtr(), Policy());
477 RUNNER_TEST(TA0120_save_cert_already_exists, UserEnv)
479 test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy());
480 test_negative(&ManagerAsync::saveCertificate,
481 CKM_API_ERROR_DB_ALIAS_EXISTS,
483 getTestCertificate(MBANK),
487 RUNNER_TEST(TA0150_save_cert_positive, UserEnv)
489 test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy());
494 RUNNER_TEST(TA0210_save_data_invalid_param, UserEnv)
496 test_no_observer(&ManagerAsync::saveData, "", test_buffer, Policy());
497 test_invalid_param(&ManagerAsync::saveData, "", test_buffer, Policy());
498 test_invalid_param(&ManagerAsync::saveData, "alias", RawBuffer(), Policy());
501 RUNNER_TEST(TA0220_save_data_already_exists, UserEnv)
503 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy());
504 test_negative(&ManagerAsync::saveData,
505 CKM_API_ERROR_DB_ALIAS_EXISTS,
511 RUNNER_TEST(TA0250_save_data_positive, UserEnv)
513 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy());
518 RUNNER_TEST(TA0310_remove_alias_invalid_param, UserEnv)
520 test_no_observer(&ManagerAsync::removeAlias, "alias");
521 test_invalid_param(&ManagerAsync::removeAlias, "");
524 RUNNER_TEST(TA0330_remove_alias_unknown_alias, UserEnv)
526 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
529 RUNNER_TEST(TA0350_remove_key_positive, UserEnv)
531 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy());
532 test_positive(&ManagerAsync::removeAlias, "alias_RSA");
533 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy());
534 test_positive(&ManagerAsync::removeAlias, "alias_DSA");
535 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
536 test_positive(&ManagerAsync::removeAlias, "alias_AES");
541 RUNNER_TEST(TA0450_remove_cert_positive, UserEnv)
543 test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy());
544 test_positive(&ManagerAsync::removeAlias, "alias");
548 RUNNER_TEST(TA0550_remove_data_positive, UserEnv)
550 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy());
551 test_positive(&ManagerAsync::removeAlias, "alias");
556 RUNNER_TEST(TA0610_get_key_invalid_param, UserEnv)
558 test_no_observer(&ManagerAsync::getKey, "alias", "");
559 test_invalid_param(&ManagerAsync::getKey, "", "");
562 RUNNER_TEST(TA0630_get_key_unknown_alias, UserEnv)
564 test_negative(&ManagerAsync::getKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
567 RUNNER_TEST(TA0640_get_key_wrong_password, UserEnv)
569 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy("password"));
570 test_negative(&ManagerAsync::getKey,
571 CKM_API_ERROR_AUTHENTICATION_FAILED,
574 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy("password"));
575 test_negative(&ManagerAsync::getKey,
576 CKM_API_ERROR_AUTHENTICATION_FAILED,
579 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy("password"));
580 test_negative(&ManagerAsync::getKey,
581 CKM_API_ERROR_AUTHENTICATION_FAILED,
586 RUNNER_TEST(TA0650_get_key_positive, UserEnv)
588 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy("password"));
589 test_positive(&ManagerAsync::getKey, "alias_RSA", "password");
590 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy("password"));
591 test_positive(&ManagerAsync::getKey, "alias_DSA", "password");
592 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy("password"));
593 test_positive(&ManagerAsync::getKey, "alias_AES", "password");
598 RUNNER_TEST(TA0710_get_cert_invalid_param, UserEnv)
600 test_no_observer(&ManagerAsync::getCertificate, "alias", "");
601 test_invalid_param(&ManagerAsync::getCertificate, "", "");
604 RUNNER_TEST(TA0730_get_cert_unknown_alias, UserEnv)
606 test_negative(&ManagerAsync::getCertificate,
607 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
608 "non-existing-alias",
612 RUNNER_TEST(TA0740_get_cert_wrong_password, UserEnv)
614 test_positive(&ManagerAsync::saveCertificate,
616 getTestCertificate(MBANK),
618 test_negative(&ManagerAsync::getCertificate,
619 CKM_API_ERROR_AUTHENTICATION_FAILED,
624 RUNNER_TEST(TA0750_get_cert_positive, UserEnv)
626 test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(MBANK), Policy("password"));
627 test_positive(&ManagerAsync::getCertificate, "alias", "password");
632 RUNNER_TEST(TA0810_get_data_invalid_param, UserEnv)
634 test_no_observer(&ManagerAsync::getData, "alias", "");
635 test_invalid_param(&ManagerAsync::getData, "", "");
638 RUNNER_TEST(TA0830_get_data_unknown_alias, UserEnv)
640 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
643 RUNNER_TEST(TA0840_get_data_wrong_password, UserEnv)
645 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy("password"));
646 test_negative(&ManagerAsync::getData,
647 CKM_API_ERROR_AUTHENTICATION_FAILED,
652 RUNNER_TEST(TA0850_get_data_positive, UserEnv)
654 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy("password"));
655 test_positive(&ManagerAsync::getData, "alias", "password");
660 RUNNER_TEST(TA0910_get_key_alias_vector_invalid_param, UserEnv)
662 test_no_observer(&ManagerAsync::getKeyAliasVector);
665 RUNNER_TEST(TA0950_get_key_alias_vector_positive, UserEnv)
667 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy());
668 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_RSA") });
670 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy());
671 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_RSA"),
672 aliasWithLabel(TEST_LABEL, "alias_DSA") });
674 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
675 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_RSA"),
676 aliasWithLabel(TEST_LABEL, "alias_DSA"),
677 aliasWithLabel(TEST_LABEL, "alias_AES") });
680 test_positive(&ManagerAsync::removeAlias, "alias_DSA");
681 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_RSA"),
682 aliasWithLabel(TEST_LABEL, "alias_AES")});
686 // getCertificateAliasVector
687 RUNNER_TEST(TA1010_get_cert_alias_vector_invalid_param, UserEnv)
689 test_no_observer(&ManagerAsync::getCertificateAliasVector);
692 RUNNER_TEST(TA1050_get_cert_alias_vector_positive, UserEnv)
694 test_positive(&ManagerAsync::saveCertificate, "alias1", getTestCertificate(MBANK), Policy());
695 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, "alias1") });
697 test_positive(&ManagerAsync::saveCertificate, "alias2", getTestCertificate(SYMANTEC), Policy());
698 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, "alias1"),
699 aliasWithLabel(TEST_LABEL, "alias2") });
701 test_positive(&ManagerAsync::removeAlias, "alias1");
702 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, "alias2") });
706 // getDataAliasVector
707 RUNNER_TEST(TA1110_get_data_alias_vector_invalid_param, UserEnv)
709 test_no_observer(&ManagerAsync::getDataAliasVector);
712 RUNNER_TEST(TA1150_get_data_alias_vector_positive, UserEnv)
714 test_positive(&ManagerAsync::saveData, "alias1", test_buffer, Policy());
715 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, "alias1") });
717 test_positive(&ManagerAsync::saveData, "alias2", test_buffer, Policy());
718 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, "alias1"),
719 aliasWithLabel(TEST_LABEL, "alias2") });
721 test_positive(&ManagerAsync::removeAlias, "alias1");
722 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, "alias2") });
727 RUNNER_TEST(TA1210_create_key_pair_RSA_invalid_param, UserEnv)
729 test_no_observer(&ManagerAsync::createKeyPairRSA,
737 RUNNER_TEST(TA1220_create_key_pair_RSA_already_exists, UserEnv)
739 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy());
740 test_negative(&ManagerAsync::createKeyPairRSA,
741 CKM_API_ERROR_DB_ALIAS_EXISTS,
749 RUNNER_TEST(TA1250_create_key_pair_RSA_positive, UserEnv)
751 test_positive(&ManagerAsync::createKeyPairRSA,
758 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_prv"),
759 aliasWithLabel(TEST_LABEL, "alias_pub") });
763 RUNNER_TEST(TA1270_create_key_pair_DSA_invalid_param, UserEnv)
765 test_no_observer(&ManagerAsync::createKeyPairDSA,
773 RUNNER_TEST(TA1280_create_key_pair_DSA_already_exists, UserEnv)
775 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[DSA][0].prv, Policy());
776 test_negative(&ManagerAsync::createKeyPairDSA,
777 CKM_API_ERROR_DB_ALIAS_EXISTS,
785 RUNNER_TEST(TA1290_create_key_pair_DSA_positive, UserEnv)
787 test_positive(&ManagerAsync::createKeyPairDSA,
794 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_prv"),
795 aliasWithLabel(TEST_LABEL, "alias_pub") });
798 // createKeyPairECDSA
799 RUNNER_TEST(TA1310_create_key_pair_ECDSA_invalid_param, UserEnv)
801 test_no_observer(&ManagerAsync::createKeyPairECDSA,
802 ElipticCurve::prime192v1,
809 RUNNER_TEST(TA1320_create_key_pair_ECDSA_already_exists, UserEnv)
811 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[ECDSA][0].prv, Policy());
812 test_negative(&ManagerAsync::createKeyPairECDSA,
813 CKM_API_ERROR_DB_ALIAS_EXISTS,
814 ElipticCurve::prime192v1,
821 RUNNER_TEST(TA1350_create_key_pair_ECDSA_positive, UserEnv)
823 test_positive(&ManagerAsync::createKeyPairECDSA,
824 ElipticCurve::prime192v1,
830 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_prv"),
831 aliasWithLabel(TEST_LABEL, "alias_pub") });
835 RUNNER_TEST(TA1360_create_key_AES_invalid_param, UserEnv)
837 test_invalid_param(&ManagerAsync::createKeyAES,
843 RUNNER_TEST(TA1370_create_key_AES_already_exists, UserEnv)
845 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
846 test_negative(&ManagerAsync::createKeyAES,
847 CKM_API_ERROR_DB_ALIAS_EXISTS,
853 RUNNER_TEST(TA1380_create_key_AES_positive, UserEnv)
855 test_positive(&ManagerAsync::createKeyAES,
860 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, "alias_AES")});
863 // getCertificateChain
864 RUNNER_TEST(TA1410_get_certificate_chain_invalid_param, UserEnv)
866 CertificateShPtr cert = getTestCertificate(MBANK);
867 CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
868 test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
873 test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
879 Alias alias = "alias";
880 AliasVector aliasv = { alias };
881 test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain,
886 test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
893 RUNNER_TEST(TA1420_get_certificate_chain_negative, UserEnv)
895 CertificateShPtr cert = getTestCertificate(MBANK);
896 CertificateShPtrVector certv = { getTestCertificate(MBANK) };
897 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
898 CKM_API_ERROR_VERIFICATION_FAILED,
903 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
904 CKM_API_ERROR_VERIFICATION_FAILED,
909 AliasVector aliasv = { "alias" };
910 test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(MBANK), Policy());
911 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
912 CKM_API_ERROR_VERIFICATION_FAILED,
917 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
918 CKM_API_ERROR_VERIFICATION_FAILED,
925 RUNNER_TEST(TA1450_get_certificate_chain_positive, UserEnv)
927 CertificateShPtr cert = getTestCertificate(MBANK);
928 CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
929 test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
936 AliasVector aliasv = { "alias" };
937 test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(SYMANTEC), Policy());
938 test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
948 RUNNER_TEST(TA1510_create_signature_invalid_param, UserEnv)
950 test_no_observer(&ManagerAsync::createSignature,
955 RSAPaddingAlgorithm::PKCS1);
956 test_invalid_param(&ManagerAsync::createSignature,
961 RSAPaddingAlgorithm::PKCS1);
962 test_invalid_param(&ManagerAsync::createSignature,
967 RSAPaddingAlgorithm::PKCS1);
970 RUNNER_TEST(TA1520_create_signature_invalid_password, UserEnv)
972 test_positive(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy("password"));
973 test_negative(&ManagerAsync::createSignature,
974 CKM_API_ERROR_INPUT_PARAM,
979 RSAPaddingAlgorithm::PKCS1);
982 RUNNER_TEST(TA1550_create_signature_positive, UserEnv)
984 test_positive(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy("password"));
985 test_positive(&ManagerAsync::createSignature,
990 RSAPaddingAlgorithm::PKCS1);
995 RUNNER_TEST(TA1610_verify_signature_invalid_param, UserEnv)
997 test_no_observer(&ManagerAsync::verifySignature,
1002 HashAlgorithm::SHA1,
1003 RSAPaddingAlgorithm::PKCS1);
1004 test_invalid_param(&ManagerAsync::verifySignature,
1009 HashAlgorithm::SHA1,
1010 RSAPaddingAlgorithm::PKCS1);
1013 RUNNER_TEST(TA1620_verify_signature_invalid_password, UserEnv)
1015 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy("pass1"));
1016 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy("pass2"));
1017 auto obs = test_positive(&ManagerAsync::createSignature,
1021 HashAlgorithm::SHA1,
1022 RSAPaddingAlgorithm::PKCS1);
1024 test_negative(&ManagerAsync::verifySignature,
1025 CKM_API_ERROR_AUTHENTICATION_FAILED,
1030 HashAlgorithm::SHA1,
1031 RSAPaddingAlgorithm::PKCS1);
1034 RUNNER_TEST(TA1630_verify_signature_invalid_message, UserEnv)
1036 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy(""));
1037 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy(""));
1039 auto obs = test_positive(&ManagerAsync::createSignature,
1043 HashAlgorithm::SHA1,
1044 RSAPaddingAlgorithm::PKCS1);
1046 test_negative(&ManagerAsync::verifySignature,
1047 CKM_API_ERROR_VERIFICATION_FAILED,
1050 raw_buffer("invalid-unsigned-mesage"),
1052 HashAlgorithm::SHA1,
1053 RSAPaddingAlgorithm::PKCS1);
1056 RUNNER_TEST(TA1640_verify_signature_invalid_signature, UserEnv)
1058 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy(""));
1060 test_negative(&ManagerAsync::verifySignature,
1061 CKM_API_ERROR_VERIFICATION_FAILED,
1065 raw_buffer("invalid-signature"),
1066 HashAlgorithm::SHA1,
1067 RSAPaddingAlgorithm::PKCS1);
1070 RUNNER_TEST(TA1650_verify_signature_wrong_key, UserEnv)
1072 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy(""));
1073 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy(""));
1074 test_positive(&ManagerAsync::saveKey, "alias_pub2", keys[RSA][1].pub, Policy(""));
1075 test_positive(&ManagerAsync::saveKey, "alias_pub3", keys[DSA][0].prv, Policy(""));
1076 auto obs = test_positive(&ManagerAsync::createSignature,
1080 HashAlgorithm::SHA1,
1081 RSAPaddingAlgorithm::PKCS1);
1083 test_positive(&ManagerAsync::verifySignature,
1088 HashAlgorithm::SHA1,
1089 RSAPaddingAlgorithm::PKCS1);
1091 test_positive(&ManagerAsync::verifySignature,
1096 HashAlgorithm::SHA1,
1097 RSAPaddingAlgorithm::PKCS1);
1099 test_negative(&ManagerAsync::verifySignature,
1100 CKM_API_ERROR_VERIFICATION_FAILED,
1105 HashAlgorithm::SHA1,
1106 RSAPaddingAlgorithm::PKCS1);
1108 test_negative(&ManagerAsync::verifySignature,
1109 CKM_API_ERROR_VERIFICATION_FAILED,
1114 HashAlgorithm::SHA1,
1115 RSAPaddingAlgorithm::PKCS1);
1118 RUNNER_TEST(TA1660_verify_signature_positive, UserEnv)
1120 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy("pass1"));
1121 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy("pass2"));
1122 auto obs = test_positive(&ManagerAsync::createSignature,
1126 HashAlgorithm::SHA1,
1127 RSAPaddingAlgorithm::PKCS1);
1129 test_positive(&ManagerAsync::verifySignature,
1134 HashAlgorithm::SHA1,
1135 RSAPaddingAlgorithm::PKCS1);
1140 RUNNER_TEST(TA1710_ocsp_check_invalid_param, UserEnv)
1142 test_no_observer(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1143 test_invalid_param(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1144 test_invalid_param(&ManagerAsync::ocspCheck, NULL_PTR_VECTOR);
1147 RUNNER_TEST(TA1720_ocsp_check_negative, UserEnv)
1149 CertificateShPtrVector certv = { getTestCertificate(MBANK), getTestCertificate(MBANK) };
1151 auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
1152 RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
1153 "Verification should fail. Got: " << obs->m_ocspStatus);
1156 RUNNER_TEST(TA1750_ocsp_check_positive, UserEnv)
1158 CertificateShPtr cert = getTestCertificate(MBANK);
1159 CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
1160 auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
1166 auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
1167 RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
1168 "Verification failed. Error: " << obs->m_ocspStatus);
1172 RUNNER_TEST(TA1810_allow_access_invalid_param, UserEnv)
1174 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1175 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1176 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::READ | CKM::Permission::REMOVE);
1179 RUNNER_TEST(TA1820_allow_access, RemoveDataEnv<APP_UID>)
1181 ScopedDBUnlock dbu(APP_UID, TEST_PASS);
1183 // prepare: add data
1184 std::string alias1 = aliasWithLabel(TEST_LABEL, "alias-1");
1185 std::string alias2 = aliasWithLabel(TEST_LABEL, "alias-2");
1186 std::string alias3 = aliasWithLabel(TEST_LABEL, "alias-3");
1188 ScopedAccessProvider ap(TEST_LABEL, APP_UID, APP_GID);
1189 save_data(alias1.c_str(), TEST_DATA);
1190 save_data(alias2.c_str(), TEST_DATA);
1191 save_data(alias3.c_str(), TEST_DATA);
1193 test_positive(&ManagerAsync::setPermission,
1196 CKM::Permission::READ);
1197 test_positive(&ManagerAsync::setPermission,
1200 CKM::Permission::READ | CKM::Permission::REMOVE);
1204 ScopedAccessProvider ap(TEST_LABEL_2, APP_UID, APP_GID);
1206 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1, "");
1207 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1);
1209 // test from allowed label, but without properly addressing alias (coming from default label)
1210 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "alias-2", "");
1212 // now test with appropriate addressing
1213 test_positive(&ManagerAsync::getData, alias2, "");
1214 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_ACCESS_DENIED, alias2);
1216 test_positive(&ManagerAsync::getData, alias3, "");
1217 test_positive(&ManagerAsync::removeAlias, alias3);
1222 RUNNER_TEST(TA1910_deny_access_invalid_param, UserEnv)
1224 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::NONE);
1225 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::NONE);
1226 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::NONE);
1229 RUNNER_TEST(TA1920_deny_access, RemoveDataEnv<APP_UID>)
1231 ScopedDBUnlock dbu(APP_UID, TEST_PASS);
1233 // prepare: add data
1234 std::string alias1 = aliasWithLabel(TEST_LABEL, "alias-1");
1236 ScopedAccessProvider ap(TEST_LABEL, APP_UID, APP_GID);
1237 save_data(alias1.c_str(), TEST_DATA);
1239 test_positive(&ManagerAsync::setPermission,
1242 CKM::Permission::READ | CKM::Permission::REMOVE);
1243 test_positive(&ManagerAsync::setPermission,
1246 CKM::Permission::NONE);
1250 ScopedAccessProvider ap(TEST_LABEL_2, APP_UID, APP_GID);
1252 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1, "");
1253 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, alias1);
1257 RUNNER_TEST(TA2000_PKCS_add_bundle_with_chain_certs, RemoveDataEnv<0>)
1259 auto pkcs = loadPkcs();
1262 CKM::Policy exportable;
1263 CKM::Policy notExportable(CKM::Password(), false);
1265 test_positive(&ManagerAsync::savePKCS12,
1266 sharedDatabase(alias_PKCS_exportable),
1270 test_negative(&ManagerAsync::savePKCS12,
1271 CKM_API_ERROR_DB_ALIAS_EXISTS,
1272 sharedDatabase(alias_PKCS_exportable),
1277 test_positive(&ManagerAsync::savePKCS12,
1278 sharedDatabase(alias_PKCS_not_exportable),
1282 test_negative(&ManagerAsync::savePKCS12,
1283 CKM_API_ERROR_DB_ALIAS_EXISTS,
1284 sharedDatabase(alias_PKCS_not_exportable),
1290 RUNNER_TEST(TA2010_PKCS_get, RemoveDataEnv<0>)
1292 auto pkcs = loadPkcs();
1295 CKM::Policy exportable;
1296 CKM::Policy notExportable(CKM::Password(), false);
1298 test_positive(&ManagerAsync::savePKCS12,
1299 sharedDatabase(alias_PKCS_exportable),
1303 test_positive(&ManagerAsync::savePKCS12,
1304 sharedDatabase(alias_PKCS_not_exportable),
1310 test_negative(&ManagerAsync::getPKCS12,
1311 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
1312 sharedDatabase("i-do-not-exist").c_str(),
1317 // fail - not exportable
1318 test_negative(&ManagerAsync::getPKCS12,
1319 CKM_API_ERROR_NOT_EXPORTABLE,
1320 sharedDatabase(alias_PKCS_not_exportable),
1324 // success - exportable
1325 auto obs = test_positive(&ManagerAsync::getPKCS12,
1326 sharedDatabase(alias_PKCS_exportable),
1330 auto cert = obs->m_pkcs->getCertificate();
1333 "Error in PKCS12::getCertificate()");
1335 auto key = obs->m_pkcs->getKey();
1338 "Error in PKCS12::getKey()");
1340 auto caVector = obs->m_pkcs->getCaCertificateShPtrVector();
1342 2 == caVector.size(),
1343 "Wrong size of vector");