1 #include <dpl/test/test_runner.h>
2 #include <dpl/test/test_runner_child.h>
4 #include <tests_common.h>
5 #include <test-certs.h>
6 #include <ckm-common.h>
7 #include <access_provider2.h>
9 #include <ckm/ckm-manager.h>
10 #include <ckm/ckm-control.h>
11 #include <ckm/ckm-type.h>
13 #include <ckmc/ckmc-manager.h>
14 #include <ckmc/ckmc-control.h>
15 #include <ckmc/ckmc-type.h>
16 #include <ckmc/ckmc-error.h>
18 #include <ckm-common.h>
28 const int USER_APP = 5000;
29 const int GROUP_APP = 5000;
30 const char* USER_PASS = "user-pass";
31 const char *const TEST_OBJECT1 = "OBJECT1";
32 const std::string TEST_ALIAS1 = aliasWithLabel(TEST_LABEL,TEST_OBJECT1);
33 const char* TEST_SYSTEM_ALIAS = "system-alias-1";
34 const char* TEST_DATA = "ABCD";
35 } // namespace anonymous
38 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
40 RUNNER_TEST(T3010_Control_C_API_service_unlock_DB)
44 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(0)),
45 CKMCReadableError(temp));
46 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
47 CKMCReadableError(temp));
48 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(0, "test-pass")),
49 CKMCReadableError(temp));
51 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(4999)),
52 CKMCReadableError(temp));
53 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(4999)),
54 CKMCReadableError(temp));
55 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(4999, "test-pass")),
56 CKMCReadableError(temp));
58 remove_user_data(5000);
59 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(5000)),
60 CKMCReadableError(temp));
61 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(5000)),
62 CKMCReadableError(temp));
63 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(5000, "test-pass")),
64 CKMCReadableError(temp));
67 RUNNER_TEST(T3011_Control_C_API)
71 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
72 CKMCReadableError(temp));
74 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
75 CKMCReadableError(temp));
78 RUNNER_TEST(T3012_Control_C_API)
82 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
83 CKMCReadableError(temp));
84 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
85 CKMCReadableError(temp));
88 RUNNER_TEST(T3013_Control_C_API)
92 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
93 CKMCReadableError(temp));
96 RUNNER_TEST(T3014_Control_C_API)
99 const uid_t UNIQUE_USER = 6500;
101 // clean up environment
102 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
103 CKMCReadableError(temp));
104 // unlock with empty password
105 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
106 CKMCReadableError(temp));
107 // reset password (NULL, "simple-password")
108 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
109 CKMCReadableError(temp));
110 // get rid of NULL DKEK
111 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
112 CKMCReadableError(temp));
114 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
115 CKMCReadableError(temp));
116 // try to reset password when db locked
117 RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
118 CKMCReadableError(temp));
119 // clean up environment
120 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
121 CKMCReadableError(temp));
124 RUNNER_TEST(T3015_Control_C_API)
129 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
130 CKMCReadableError(temp));
132 CKMC_ERROR_NONE == (temp = ckmc_change_user_password(USER_APP, "simple-password", "new-pass")),
133 CKMCReadableError(temp));
134 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
135 CKMCReadableError(temp));
136 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
137 CKMCReadableError(temp));
140 RUNNER_TEST(T3016_Control_C_API)
145 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
146 CKMCReadableError(temp));
148 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
149 CKMCReadableError(temp));
152 RUNNER_TEST(T3017_Control_C_API_remove_system_DB)
154 save_data(sharedDatabase(TEST_SYSTEM_ALIAS).c_str(), TEST_DATA);
156 // [test] - expect success
157 check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA);
159 // remove user data - expect to map to the system DB
162 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(1234)),
163 CKMCReadableError(temp));
165 // [test] - expect fail
166 check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
169 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
171 RUNNER_TEST(T30201_init_C_API)
177 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
178 CKMCReadableError(temp));
181 RUNNER_TEST(T30202_RSA_key_C_API)
185 ckmc_key_s test_key, *test_key2;
186 ckmc_policy_s test_policy;
188 char* password = NULL;
189 CKM::Alias alias = sharedDatabase("mykey");
191 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
192 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
193 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
194 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
195 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
196 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
197 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
199 "-----END PUBLIC KEY-----";
201 char* char_keypem = new char[keyPem.length() + 1];
203 std::strcpy(char_keypem, keyPem.c_str());
204 test_key.raw_key = (unsigned char *)char_keypem;
205 test_key.key_size = keyPem.length();
206 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
207 test_key.password = password;
209 test_policy.password = password;
210 test_policy.extractable = 1;
212 test_key2 = &test_key;
215 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), test_key, test_policy)),
216 CKMCReadableError(temp));
219 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
220 CKMCReadableError(temp));
223 RUNNER_TEST(T30203_AES_key_C_API)
226 CKM::Alias alias = sharedDatabase("my_AES_key");
227 size_t key_length = 192;
229 ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
230 ckmc_key_s *test_key2;
231 ckmc_policy_s test_policy;
232 test_policy.password = NULL;
233 test_policy.extractable = 1;
236 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
237 CKMCReadableError(temp));
240 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), NULL, &test_key2)),
241 CKMCReadableError(temp));
243 compare_AES_keys(test_key, test_key2);
244 ckmc_key_free(test_key);
245 ckmc_key_free(test_key2);
248 RUNNER_TEST(T30204_certificate_C_API)
252 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
254 char* password = NULL;
258 CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
260 ckmc_policy_s test_policy;
261 test_policy.password = password;
262 test_policy.extractable = 1;
264 char* char_certPem = new char[certPem.length() + 1];
265 std::strcpy(char_certPem, certPem.c_str());
266 cert.raw_cert = (unsigned char *)char_certPem;
267 cert.cert_size = certPem.length();
268 cert.data_format = CKMC_FORM_PEM;
271 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
272 CKMCReadableError(temp));
275 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
276 CKMCReadableError(temp));
278 ckmc_cert_free(cert2);
281 RUNNER_TEST(T30205_certificate_remove_C_API)
285 char* password = NULL;
287 CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
290 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
291 CKMCReadableError(temp));
292 ckmc_cert_free(cert2);
295 CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias.c_str())),
296 CKMCReadableError(temp));
299 CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
300 CKMCReadableError(temp));
303 RUNNER_TEST(T30206_certificate_list_C_API)
307 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
309 char* password = NULL;
312 ckmc_policy_s test_policy;
313 test_policy.password = password;
314 test_policy.extractable = 1;
316 char* char_certPem = new char[certPem.length() + 1];
317 std::strcpy(char_certPem, certPem.c_str());
318 cert.raw_cert = (unsigned char *)char_certPem;
319 cert.cert_size = certPem.length();
320 cert.data_format = CKMC_FORM_PEM;
322 size_t current_aliases_num = count_aliases(ALIAS_CERT);
325 CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test1").c_str(), cert, test_policy)),
326 CKMCReadableError(temp));
329 CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test2").c_str(), cert, test_policy)),
330 CKMCReadableError(temp));
333 CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test3").c_str(), cert, test_policy)),
334 CKMCReadableError(temp));
336 size_t actual_cnt = count_aliases(ALIAS_CERT);
338 (current_aliases_num+3) == actual_cnt,
339 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
343 RUNNER_CHILD_TEST(T30207_user_app_save_RSA_key_C_API)
345 ScopedAccessProvider ap(TEST_LABEL);
346 ap.allowAPI("key-manager::api-storage", "rw");
347 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
349 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
350 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
351 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
352 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
353 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
354 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
355 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
357 "-----END PUBLIC KEY-----";
361 ckmc_key_s test_key, *test_key2;
362 ckmc_policy_s test_policy;
364 char* password = NULL;
365 const char *passwordPolicy = "x";
366 const char *alias = "mykey";
367 char* char_keypem = new char[keyPem.length() + 1];
369 std::strcpy(char_keypem, keyPem.c_str());
370 test_key.raw_key = (unsigned char *)char_keypem;
371 test_key.key_size = keyPem.length();
372 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
373 test_key.password = password;
375 test_policy.password = const_cast<char *>(passwordPolicy);
376 test_policy.extractable = 1;
378 test_key2 = &test_key;
382 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
383 CKMCReadableError(temp));
385 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
386 CKMCReadableError(temp));
388 // RUNNER_ASSERT_MSG(
389 // key.getDER() == key2.getDER(), "Key value has been changed by service");
391 delete [] char_keypem;
394 RUNNER_CHILD_TEST(T30208_user_app_save_AES_key_C_API)
396 AccessProvider ap(TEST_LABEL);
397 ap.allowAPI("key-manager::api-storage", "rw");
398 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
401 const char* password = NULL;
402 size_t key_length = 192;
403 CKM::Alias alias = "my_AES_key";
405 ckmc_key_s *test_key = generate_AES_key(key_length, password);
406 ckmc_key_s *test_key2;
407 ckmc_policy_s test_policy;
408 test_policy.password = const_cast<char *>(password);
409 test_policy.extractable = 1;
412 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
413 CKMCReadableError(temp));
415 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
416 CKMCReadableError(temp));
418 compare_AES_keys(test_key, test_key2);
419 ckmc_key_free(test_key);
420 ckmc_key_free(test_key2);
423 RUNNER_CHILD_TEST(T30209_user_app_save_AES_key_passwd_C_API)
425 AccessProvider ap(TEST_LABEL);
426 ap.allowAPI("key-manager::api-storage", "rw");
427 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
430 const char* password = "x";
431 size_t key_length = 192;
432 CKM::Alias alias = "my_AES_key-2";
434 ckmc_key_s *test_key = generate_AES_key(key_length, password);
435 ckmc_policy_s test_policy;
436 test_policy.password = const_cast<char *>(password);
437 test_policy.extractable = 1;
440 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
441 CKMCReadableError(temp));
442 ckmc_key_free(test_key);
445 RUNNER_CHILD_TEST(T30210_app_user_save_RSA_keys_exportable_flag)
447 ScopedAccessProvider ap(TEST_LABEL);
448 ap.allowAPI("key-manager::api-storage", "rw");
449 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
452 auto manager = CKM::Manager::create();
454 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
455 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
456 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
457 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
458 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
459 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
460 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
462 "-----END PUBLIC KEY-----";
464 ckmc_policy_s test_policy;
465 ckmc_key_s test_key, *test_key2;
466 char* char_keypem = new char[keyPem.length() + 1];
467 char* password = NULL;
469 std::strcpy(char_keypem, keyPem.c_str());
470 test_key.raw_key = (unsigned char *)char_keypem;
471 test_key.key_size = keyPem.length();
472 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
473 test_key.password = NULL;
475 test_policy.password = password;
476 test_policy.extractable = 0;
479 CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
480 CKMCReadableError(temp));
483 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
484 CKMCReadableError(temp));
487 RUNNER_CHILD_TEST(T30211_app_user_save_AES_keys_exportable_flag)
489 AccessProvider ap(TEST_LABEL);
490 ap.allowAPI("key-manager::api-storage", "rw");
491 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
494 const char* password = NULL;
495 size_t key_length = 256;
496 CKM::Alias alias = "my_AES_key-3";
498 ckmc_key_s *test_key = generate_AES_key(key_length, password);
499 ckmc_key_s *test_key2;
500 ckmc_policy_s test_policy;
501 test_policy.password = const_cast<char *>(password);
502 test_policy.extractable = 0;
505 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
506 CKMCReadableError(temp));
507 ckmc_key_free(test_key);
510 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
511 CKMCReadableError(temp));
514 RUNNER_TEST(T30212_certificate_with_DSA_key_C_API)
518 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
520 char* password = NULL;
521 ckmc_cert_s *cert2 = NULL;
524 ckmc_policy_s test_policy;
525 test_policy.password = password;
526 test_policy.extractable = 1;
528 char* char_certPem = new char[certPem.length() + 1];
529 std::strcpy(char_certPem, certPem.c_str());
530 cert.raw_cert = (unsigned char *)char_certPem;
531 cert.cert_size = certPem.length();
532 cert.data_format = CKMC_FORM_PEM;
534 CKM::Alias alias = sharedDatabase("test-cert-1-DSA");
536 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
537 CKMCReadableError(temp));
540 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
541 CKMCReadableError(temp));
543 ckmc_cert_free(cert2);
546 RUNNER_TEST(T30213_deinit_C_API)
552 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
553 CKMCReadableError(temp));
555 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
556 CKMCReadableError(temp));
560 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
562 RUNNER_TEST(T3031_init_C_API)
568 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
569 CKMCReadableError(temp));
572 RUNNER_TEST(T3032_save_asymmetric_keys_get_alias_C_API)
576 char* password = NULL;
577 ckmc_policy_s test_policy1, test_policy2, test_policy3;
580 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
581 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
582 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
583 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
584 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
585 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
586 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
588 "-----END PUBLIC KEY-----";
590 char* char_keypem = new char[keyPem.length() + 1];
592 std::strcpy(char_keypem, keyPem.c_str());
593 test_key.raw_key = (unsigned char *)char_keypem;
594 test_key.key_size = keyPem.length();
595 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
596 test_key.password = password;
598 test_policy1.password = password;
599 test_policy1.extractable = 1;
601 test_policy2.password = password;
602 test_policy2.extractable = 0;
604 test_policy3.password = password;
605 test_policy3.extractable = 0;
607 size_t current_aliases_num = count_aliases(ALIAS_KEY);
610 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey1").c_str(), test_key, test_policy1)),
611 CKMCReadableError(temp));
614 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey2").c_str(), test_key, test_policy2)),
615 CKMCReadableError(temp));
618 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey3").c_str(), test_key, test_policy3)),
619 CKMCReadableError(temp));
621 size_t actual_cnt = count_aliases(ALIAS_KEY);
623 (current_aliases_num+3) == actual_cnt,
624 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
628 RUNNER_TEST(T3033_remove_asymmetric_key_C_API)
632 char* password = NULL;
634 ckmc_key_s *test_key2;
636 CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
637 CKMCReadableError(temp));
640 CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("rootkey1").c_str())),
641 CKMCReadableError(temp));
644 CKMC_ERROR_NONE != (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
645 CKMCReadableError(temp));
648 RUNNER_TEST(T3034_save_symmetric_keys_get_alias_C_API)
651 size_t key_length = 128;
652 ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
653 ckmc_policy_s test_policy1, test_policy2, test_policy3;
654 test_policy1.password = NULL;
655 test_policy1.extractable = 1;
657 test_policy2.password = NULL;
658 test_policy2.extractable = 1;
660 test_policy3.password = NULL;
661 test_policy3.extractable = 1;
663 int current_aliases_num = count_aliases(ALIAS_KEY);
666 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key1").c_str(), *test_key, test_policy1)),
667 CKMCReadableError(temp));
670 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key2").c_str(), *test_key, test_policy2)),
671 CKMCReadableError(temp));
674 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key3").c_str(), *test_key, test_policy3)),
675 CKMCReadableError(temp));
678 (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
679 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
681 ckmc_key_free(test_key);
685 RUNNER_TEST(T3035_remove_symmetric_key_C_API)
689 ckmc_key_s *test_key2;
691 CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key1").c_str(), NULL, &test_key2)),
692 CKMCReadableError(temp));
693 validate_AES_key(test_key2);
694 ckmc_key_free(test_key2);
696 // actual test - remove middle item
698 CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("AES_key2").c_str())),
699 CKMCReadableError(temp));
702 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(sharedDatabase("AES_key2").c_str(), NULL, &test_key2)),
703 CKMCReadableError(temp));
706 CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key3").c_str(), NULL, &test_key2)),
707 CKMCReadableError(temp));
708 validate_AES_key(test_key2);
709 ckmc_key_free(test_key2);
713 RUNNER_TEST(T3036_deinit_C_API)
719 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
720 CKMCReadableError(temp));
722 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
723 CKMCReadableError(temp));
726 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
728 RUNNER_TEST(T3041_init_C_API)
731 reset_user_data(USER_APP, "simple-password");
734 RUNNER_TEST(T3042_save_get_bin_data_C_API)
738 ckmc_raw_buffer_s testData1, testData2, testData3;
739 char* password = NULL;
741 std::string binData1 = "My bin data1";
742 std::string binData2 = "My bin data2";
743 std::string binData3 = "My bin data3";
744 char* char_binData1 = new char[binData1.length() + 1];
745 char* char_binData2 = new char[binData2.length() + 1];
746 char* char_binData3 = new char[binData3.length() + 1];
747 std::strcpy(char_binData1, binData1.c_str());
748 std::strcpy(char_binData2, binData2.c_str());
749 std::strcpy(char_binData3, binData3.c_str());
750 testData1.data = (unsigned char *) char_binData1;
751 testData2.data = (unsigned char *) char_binData2;
752 testData3.data = (unsigned char *) char_binData3;
753 testData1.size = binData1.length()+1;
754 testData2.size = binData2.length()+1;
755 testData3.size = binData3.length()+1;
757 ckmc_policy_s test_policy1, test_policy2, test_policy3;
759 test_policy1.password = password;
760 test_policy1.extractable = 1;
761 test_policy2.password = password;
762 test_policy2.extractable = 1;
763 test_policy3.password = password;
764 test_policy3.extractable = 0;
766 size_t current_aliases_num = count_aliases(ALIAS_DATA);
769 CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data1").c_str(), testData1, test_policy1)), // should change it as null value
770 CKMCReadableError(temp));
773 CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data2").c_str(), testData2, test_policy1)), // should change it as null value
774 CKMCReadableError(temp));
777 CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data3").c_str(), testData3, test_policy2)),
778 CKMCReadableError(temp));
781 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data(sharedDatabase("data4").c_str(), testData3, test_policy3)),
782 CKMCReadableError(temp));
784 size_t actual_cnt = count_aliases(ALIAS_DATA);
786 (current_aliases_num+3) == actual_cnt,
787 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
789 ckmc_raw_buffer_s *testData4;
791 CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData4)),
792 CKMCReadableError(temp));
795 compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
796 RUNNER_ASSERT_MSG( compareResult == 0,
800 RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
802 ScopedAccessProvider ap(TEST_LABEL);
803 ap.allowAPI("key-manager::api-storage", "rw");
804 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
807 ckmc_raw_buffer_s testData1;
808 char* password = NULL;
809 std::string binData1 = "My bin data";
810 char* char_binData1 = new char[binData1.length() + 1];
811 std::strcpy(char_binData1, binData1.c_str());
812 testData1.data = (unsigned char *) char_binData1;
813 testData1.size = binData1.length()+1;
815 ckmc_policy_s test_policy1, test_policy2;
817 test_policy1.password = password;
818 test_policy1.extractable = 1;
820 test_policy2.password = password;
821 test_policy2.extractable = 1;
823 std::string binData = "My bin data";
825 size_t current_aliases_num = count_aliases(ALIAS_DATA);
828 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
829 CKMCReadableError(temp));
831 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
832 CKMCReadableError(temp));
834 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
835 CKMCReadableError(temp));
837 size_t actual_cnt = count_aliases(ALIAS_DATA);
839 (current_aliases_num+3) == actual_cnt,
840 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
843 RUNNER_TEST(T3044_remove_bin_data_C_API)
847 size_t current_aliases_num = count_aliases(ALIAS_DATA, 2);
850 CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data1").c_str())),
851 CKMCReadableError(temp));
853 CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data3").c_str())),
854 CKMCReadableError(temp));
856 size_t actual_cnt = count_aliases(ALIAS_DATA);
858 (current_aliases_num-2) == actual_cnt,
859 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << actual_cnt);
861 char* password = NULL;
863 ckmc_raw_buffer_s *testData1, testData2;
865 std::string testStr = "My bin data2";
866 char* char_testData2 = new char[testStr.length() + 1];
867 std::strcpy(char_testData2, testStr.c_str());
868 testData2.data = (unsigned char *) char_testData2;
869 testData2.size = testStr.length()+1;
871 CKM::RawBuffer buffer;
873 CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData1)),
874 CKMCReadableError(temp));
877 compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
878 RUNNER_ASSERT_MSG( compareResult == 0,
882 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data(sharedDatabase("data3").c_str(), password, &testData1)),
883 CKMCReadableError(temp));
886 RUNNER_TEST(T3045_save_big_data_C_API, RemoveDataEnv<USER_APP>)
888 const size_t BIG_SIZE = 5000000;
889 ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP);
891 std::vector<char> big_data(BIG_SIZE);
892 std::ifstream is("/dev/urandom", std::ifstream::binary);
894 is.read(big_data.data(), BIG_SIZE);
896 RUNNER_ASSERT_MSG(is,
897 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
899 save_data(TEST_ALIAS1.c_str(), big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
900 check_read(TEST_OBJECT1, TEST_LABEL, big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
903 RUNNER_TEST(T3050_deinit_C_API)
909 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
910 CKMCReadableError(temp));
912 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
913 CKMCReadableError(temp));
916 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
918 RUNNER_TEST(T3051_CAPI_init)
923 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
924 CKMCReadableError(temp));
927 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
928 CKMCReadableError(temp));
931 RUNNER_CHILD_TEST(T3052_CAPI_create_RSA_key)
935 ScopedAccessProvider ap(TEST_LABEL);
936 ap.allowAPI("key-manager::api-storage", "rw");
937 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
940 const char *private_key_alias = "RSA-test-1-priv";
941 const char *public_key_alias = "RSA-test-1-pub";
942 ckmc_policy_s policy_private_key;
943 ckmc_policy_s policy_public_key;
945 policy_private_key.password = NULL;
946 policy_private_key.extractable = 1;
948 policy_public_key.password = NULL;
949 policy_public_key.extractable = 1;
952 size_t current_aliases_num = count_aliases(ALIAS_KEY);
955 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
956 CKMCReadableError(temp));
958 size_t actual_cnt = count_aliases(ALIAS_KEY);
960 (current_aliases_num+2) == actual_cnt,
961 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
963 ckmc_key_s *privateKey;
965 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
966 CKMCReadableError(temp));
968 privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
969 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
971 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
972 "Private key is broken.");
974 ckmc_key_s *publicKey;
976 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
977 CKMCReadableError(temp));
979 publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
980 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
982 publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
983 "Public key is broken.");
985 // on next attempt to generate keys with the same alias, expect fail (alias exists)
987 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
988 CKMCReadableError(temp));
991 RUNNER_CHILD_TEST(T3053_CAPI_create_DSA_key)
995 AccessProvider ap(TEST_LABEL);
996 ap.allowAPI("key-manager::api-storage", "rw");
997 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1000 const char *private_key_alias = "DSA-test-2-priv";
1001 const char *public_key_alias = "DSA-test-2-pub";
1002 ckmc_policy_s policy_private_key;
1003 ckmc_policy_s policy_public_key;
1005 policy_private_key.password = NULL;
1006 policy_private_key.extractable = 1;
1008 policy_public_key.password = NULL;
1009 policy_public_key.extractable = 1;
1011 size_t current_aliases_num = count_aliases(ALIAS_KEY);
1014 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1015 CKMCReadableError(temp));
1017 size_t actual_cnt = count_aliases(ALIAS_KEY);
1019 (current_aliases_num+2) == actual_cnt,
1020 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
1022 ckmc_key_s *privateKey = 0;
1024 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
1025 CKMCReadableError(temp));
1027 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
1028 "Private key is broken.");
1030 privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
1031 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
1032 ckmc_key_free(privateKey);
1034 ckmc_key_s *pubKey = 0;
1036 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
1037 CKMCReadableError(temp));
1039 pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
1040 "Public key is broken.");
1042 pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
1043 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
1044 ckmc_key_free(pubKey);
1046 // on next attempt to generate keys with the same alias, expect fail (alias exists)
1048 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1049 CKMCReadableError(temp));
1053 RUNNER_CHILD_TEST(T3054_CAPI_create_AES_key)
1057 CKM::Alias key_alias = sharedDatabase("AES-gen-test-1");
1058 ckmc_policy_s policy_key;
1060 policy_key.password = NULL;
1061 policy_key.extractable = 1;
1063 int current_aliases_num = count_aliases(ALIAS_KEY);
1066 CKMC_ERROR_NONE == (temp = ckmc_create_key_aes(size, key_alias.c_str(), policy_key)),
1067 CKMCReadableError(temp));
1070 (current_aliases_num+1) == (temp = count_aliases(ALIAS_KEY)),
1071 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
1073 ckmc_key_s *get_AES_key = 0;
1075 CKMC_ERROR_NONE == (temp = ckmc_get_key(key_alias.c_str(), policy_key.password, &get_AES_key)),
1076 CKMCReadableError(temp));
1077 validate_AES_key(get_AES_key);
1078 ckmc_key_free(get_AES_key);
1082 RUNNER_TEST(T3055_CAPI_deinit)
1087 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
1088 CKMCReadableError(temp));
1090 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1091 CKMCReadableError(temp));
1095 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
1097 RUNNER_TEST(T3061_CAPI_init)
1099 remove_user_data(0);
1100 reset_user_data(USER_APP, USER_PASS);
1103 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
1108 CKM::Alias private_key_alias = sharedDatabase("rsa-test-1");
1109 CKM::Alias public_key_alias = sharedDatabase("rsa-test-2");
1110 ckmc_policy_s policy_private_key;
1111 ckmc_policy_s policy_public_key;
1113 policy_private_key.password = const_cast<char *>("privatepassword");
1114 policy_private_key.extractable = 0;
1116 policy_public_key.password = NULL;
1117 policy_public_key.extractable = 1;
1120 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1121 CKMCReadableError(temp));
1123 // on next attempt to generate keys with the same alias, expect fail (alias exists)
1125 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1126 CKMCReadableError(temp));
1129 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
1134 CKM::Alias private_key_alias = sharedDatabase("dsa-test-1");
1135 CKM::Alias public_key_alias = sharedDatabase("dsa-test-2");
1136 ckmc_policy_s policy_private_key;
1137 ckmc_policy_s policy_public_key;
1139 policy_private_key.password = const_cast<char *>("privatepassword");
1140 policy_private_key.extractable = 0;
1142 policy_public_key.password = NULL;
1143 policy_public_key.extractable = 1;
1146 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1147 CKMCReadableError(temp));
1150 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
1154 ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
1155 CKM::Alias private_key_alias = sharedDatabase("ecdsa-test-1");
1156 CKM::Alias public_key_alias = sharedDatabase("ecdsa-test-2");
1157 ckmc_policy_s policy_private_key;
1158 ckmc_policy_s policy_public_key;
1160 policy_private_key.password = const_cast<char *>("privatepassword");
1161 policy_private_key.extractable = 0;
1163 policy_public_key.password = NULL;
1164 policy_public_key.extractable = 1;
1167 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1168 CKMCReadableError(temp));
1171 RUNNER_TEST(T3065_CAPI_deinit)
1173 remove_user_data(0);
1177 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
1180 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
1182 RUNNER_TEST(T3071_CAPI_init)
1184 remove_user_data(0);
1187 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
1189 std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
1190 std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
1193 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1194 c_cert.cert_size = ee.size();
1195 c_cert.data_format = CKMC_FORM_PEM;
1197 ckmc_cert_s c_cert1;
1198 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1199 c_cert1.cert_size = im.size();
1200 c_cert1.data_format = CKMC_FORM_PEM;
1202 ckmc_cert_list_s untrustedcerts;
1203 untrustedcerts.cert = &c_cert1;
1204 untrustedcerts.next = NULL;
1206 ckmc_cert_list_s *cert_chain_list;
1208 int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
1210 CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1212 RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1214 ckmc_ocsp_status_e ocsp_status;
1215 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1216 RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1219 RUNNER_TEST(T3075_CAPI_deinit)
1221 remove_user_data(0);
1225 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1227 RUNNER_TEST(T3081_CAPI__init)
1232 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1233 CKMCReadableError(temp));
1236 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1237 CKMCReadableError(temp));
1239 remove_user_data(0);
1242 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1246 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1247 "Proc-Type: 4,ENCRYPTED\n"
1248 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1250 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1251 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1252 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1253 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1254 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1255 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1256 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1257 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1258 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1259 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1260 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1261 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1262 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1263 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1264 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1265 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1266 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1267 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1268 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1269 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1270 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1271 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1272 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1273 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1274 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1275 "-----END RSA PRIVATE KEY-----\n";
1277 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1278 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1279 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1280 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1281 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1282 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1283 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1285 "-----END PUBLIC KEY-----\n";
1287 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1289 CKM::Alias pub_alias = sharedDatabase("pub1");
1290 CKM::Alias pri_alias = sharedDatabase("prv1");
1291 const char *key_passwd = "1234";
1292 char *pri_passwd = NULL;
1293 char *pub_passwd = NULL;
1294 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1295 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1296 ckmc_raw_buffer_s *signature;
1299 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1300 pubkey.key_size = pub.size();
1301 pubkey.key_type = CKMC_KEY_NONE;
1302 pubkey.password = NULL;
1304 ckmc_policy_s pubpolicy;
1305 pubpolicy.password = pub_passwd;
1306 pubpolicy.extractable = 0;
1308 ckmc_policy_s pripolicy;
1309 pripolicy.password = pri_passwd;
1310 pripolicy.extractable = 1;
1313 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1314 prikey.key_size = prv.size();
1315 prikey.key_type = CKMC_KEY_NONE;
1316 prikey.password = const_cast<char *>(key_passwd);
1320 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1321 CKMCReadableError(temp));
1324 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1325 CKMCReadableError(temp));
1328 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1335 CKMCReadableError(temp));
1338 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1345 CKMCReadableError(temp));
1348 RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
1352 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1353 CKM::Alias pub_alias = sharedDatabase("pub1");
1354 CKM::Alias pri_alias = sharedDatabase("prv1");
1355 char *pri_passwd = NULL;
1356 char *pub_passwd = NULL;
1357 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1358 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1359 ckmc_raw_buffer_s *signature;
1362 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1369 CKMCReadableError(temp));
1372 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1379 CKMCReadableError(temp));
1381 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1382 memcpy((void*)signature->data, "BROKEN", 6);
1385 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1392 CKMCReadableError(temp));
1395 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1399 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1400 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1401 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1402 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1403 "-----END EC PRIVATE KEY-----\n";
1405 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1406 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1407 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1408 "-----END PUBLIC KEY-----\n";
1410 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1411 CKM::Alias pri_alias = sharedDatabase("ecprv2");
1412 CKM::Alias pub_alias = sharedDatabase("ecpub2");
1413 char *key_passwd = NULL;
1414 char *pri_passwd = NULL;
1415 char *pub_passwd = NULL;
1416 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1417 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1418 ckmc_raw_buffer_s *signature;
1421 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1422 pubkey.key_size = pub.size();
1423 pubkey.key_type = CKMC_KEY_NONE;
1424 pubkey.password = NULL;
1426 ckmc_policy_s pubpolicy;
1427 pubpolicy.password = pub_passwd;
1428 pubpolicy.extractable = 1;
1431 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1432 prikey.key_size = prv.size();
1433 prikey.key_type = CKMC_KEY_NONE;
1434 prikey.password = key_passwd;
1436 ckmc_policy_s pripolicy;
1437 pripolicy.password = pri_passwd;
1438 pripolicy.extractable = 0;
1441 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1442 CKMCReadableError(temp));
1444 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1445 CKMCReadableError(temp));
1448 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1455 CKMCReadableError(temp));
1458 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1465 CKMCReadableError(temp));
1467 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1468 memcpy((void*)signature->data, "BROKEN", 6);
1471 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1478 CKMCReadableError(temp));
1481 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1486 "-----BEGIN RSA PRIVATE KEY-----\n"
1487 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1488 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1489 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1490 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1491 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1492 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1493 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1494 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1495 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1496 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1497 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1498 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1499 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1500 "-----END RSA PRIVATE KEY-----\n";
1503 "-----BEGIN CERTIFICATE-----\n"
1504 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1505 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1506 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1507 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1508 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1509 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1510 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1511 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1512 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1513 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1514 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1515 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1516 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1517 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1518 "-----END CERTIFICATE-----\n";
1520 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1522 CKM::Alias pri_alias = sharedDatabase("prv3");
1523 CKM::Alias pub_alias = sharedDatabase("pub3");
1524 char *key_passwd = NULL;
1525 char *pri_passwd = NULL;
1526 char *pub_passwd = NULL;
1527 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1528 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1529 ckmc_raw_buffer_s *signature;
1532 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1533 cert.cert_size = pub.size();
1534 cert.data_format = CKMC_FORM_PEM;
1536 ckmc_policy_s certpolicy;
1537 certpolicy.password = pub_passwd;
1538 certpolicy.extractable = 1;
1541 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1542 prikey.key_size = prv.size();
1543 prikey.key_type = CKMC_KEY_NONE;
1544 prikey.password = key_passwd;
1546 ckmc_policy_s pripolicy;
1547 pripolicy.password = pri_passwd;
1548 pripolicy.extractable = 0;
1551 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1552 CKMCReadableError(temp));
1554 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1555 CKMCReadableError(temp));
1559 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1566 CKMCReadableError(temp));
1569 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1576 CKMCReadableError(temp));
1578 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1579 memcpy((void*)signature->data, "BROKEN", 6);
1582 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1589 CKMCReadableError(temp));
1592 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1596 const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1597 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1598 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1599 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1600 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1601 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1602 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1603 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1604 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1605 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1606 "YMYCBhubtrVaLmc=\n"
1607 "-----END PUBLIC KEY-----";
1609 const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1610 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1611 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1612 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1613 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1614 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1615 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1616 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1617 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1618 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1619 "u1roOuaPY+Hl19BlTE2qdw==\n"
1620 "-----END DSA PRIVATE KEY-----";
1622 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1624 CKM::Alias pub_alias = sharedDatabase("dsa-pub1");
1625 CKM::Alias pri_alias = sharedDatabase("dsa-prv1");
1626 char *pri_passwd = NULL;
1627 char *pub_passwd = NULL;
1628 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1629 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1630 ckmc_raw_buffer_s *signature = NULL;
1633 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1634 pubkey.key_size = pub.size();
1635 pubkey.key_type = CKMC_KEY_NONE;
1636 pubkey.password = NULL;
1638 ckmc_policy_s pubpolicy;
1639 pubpolicy.password = pub_passwd;
1640 pubpolicy.extractable = 0;
1642 ckmc_policy_s pripolicy;
1643 pripolicy.password = pri_passwd;
1644 pripolicy.extractable = 1;
1647 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
1648 prikey.key_size = priv.size();
1649 prikey.key_type = CKMC_KEY_NONE;
1650 prikey.password = NULL;
1654 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1655 CKMCReadableError(temp));
1658 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1659 CKMCReadableError(temp));
1662 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1669 CKMCReadableError(temp));
1673 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1680 CKMCReadableError(temp));
1683 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1685 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1692 CKMCReadableError(temp));
1694 ckmc_buffer_free(signature);
1697 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1702 ckmc_policy_s policy_private_key;
1703 ckmc_policy_s policy_public_key;
1705 policy_private_key.password = NULL;
1706 policy_private_key.extractable = 1;
1708 policy_public_key.password = NULL;
1709 policy_public_key.extractable = 1;
1711 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1713 CKM::Alias pub_alias = sharedDatabase("dsa-pub2");
1714 CKM::Alias pri_alias = sharedDatabase("dsa-prv2");
1717 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias.c_str(), pub_alias.c_str(), policy_private_key, policy_public_key)),
1720 char *pri_passwd = NULL;
1721 char *pub_passwd = NULL;
1722 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1723 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1724 ckmc_raw_buffer_s *signature;
1726 ckmc_key_s *pubkey = NULL;
1727 ckmc_key_s *prikey = NULL;
1729 CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias.c_str(), 0, &prikey)),
1730 CKMCReadableError(temp));
1733 CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias.c_str(), 0, &pubkey)),
1734 CKMCReadableError(temp));
1737 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1744 CKMCReadableError(temp));
1748 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1755 CKMCReadableError(temp));
1758 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1760 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1767 CKMCReadableError(temp));
1769 ckmc_key_free(prikey);
1770 ckmc_key_free(pubkey);
1771 ckmc_buffer_free(signature);
1774 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
1779 "-----BEGIN EC PRIVATE KEY-----\n"
1780 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1781 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1782 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1783 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1784 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1785 "ELyhe7yPCAuOoLZlTLgf\n"
1786 "-----END EC PRIVATE KEY-----\n";
1789 "-----BEGIN CERTIFICATE-----\n"
1790 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1791 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1792 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1793 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1794 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1795 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1796 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1797 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1798 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1799 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1800 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1801 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1802 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1803 "Q1oBry6NEc+lLFmWMDesAA==\n"
1804 "-----END CERTIFICATE-----\n";
1806 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1808 CKM::Alias pri_alias = sharedDatabase("prv4");
1809 CKM::Alias pub_alias = sharedDatabase("pub4");
1810 char *key_passwd = NULL;
1811 char *pri_passwd = NULL;
1812 char *pub_passwd = NULL;
1813 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1814 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1815 ckmc_raw_buffer_s *signature;
1818 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1819 cert.cert_size = pub.size();
1820 cert.data_format = CKMC_FORM_PEM;
1822 ckmc_policy_s certpolicy;
1823 certpolicy.password = pub_passwd;
1824 certpolicy.extractable = 1;
1827 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1828 prikey.key_size = prv.size();
1829 prikey.key_type = CKMC_KEY_NONE;
1830 prikey.password = key_passwd;
1832 ckmc_policy_s pripolicy;
1833 pripolicy.password = pri_passwd;
1834 pripolicy.extractable = 0;
1838 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1839 CKMCReadableError(temp));
1841 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1842 CKMCReadableError(temp));
1845 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1852 CKMCReadableError(temp));
1855 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1862 CKMCReadableError(temp));
1864 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1865 memcpy((void*)signature->data, "BROKEN", 6);
1868 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1875 CKMCReadableError(temp));
1878 RUNNER_TEST(T3089_CAPI__deinit)
1880 remove_user_data(0);
1884 //#######################################################################################
1886 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
1888 RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
1889 RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
1891 if(key->password != NULL && password != NULL) {
1892 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
1893 }else if(key->password == NULL && password == NULL) {
1894 RUNNER_ASSERT_MSG(true, "Password Error" );
1896 RUNNER_ASSERT_MSG(false, "Password Error" );
1899 if(key->raw_key != NULL && raw_key != NULL) {
1900 for(unsigned int i=0; i<key_size; i++) {
1901 RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
1903 }else if(key->raw_key == NULL && raw_key == NULL) {
1904 RUNNER_ASSERT_MSG(true, "Raw Key Error" );
1906 RUNNER_ASSERT_MSG(false, "Raw Key Error" );
1910 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
1912 RUNNER_TEST(T3091_CAPI_TYPE_init)
1914 remove_user_data(0);
1915 reset_user_data(USER_APP, USER_PASS);
1918 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
1920 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1921 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1922 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1923 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1924 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1925 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1926 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1928 "-----END PUBLIC KEY-----";
1930 unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1931 unsigned int key_size = keyPem.size();
1932 ckmc_key_type_e key_type = CKMC_KEY_NONE;
1933 char *password = const_cast< char *>("");
1936 ckmc_key_new(raw_key, key_size, key_type, password, &key);
1938 _assertKey(key, raw_key, key_size, key_type, password);
1941 char *passwordNull = NULL;
1943 ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
1944 ckmc_key_free(key2);
1947 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
1949 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1950 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1951 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1952 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1953 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1954 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1955 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1957 "-----END PUBLIC KEY-----";
1959 unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1960 unsigned int size = keyPem.size();
1962 ckmc_raw_buffer_s *buff;
1963 ckmc_buffer_new(data, size, &buff);
1965 RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
1967 if(buff->data != NULL && data != NULL) {
1968 for(unsigned int i=0; i<size; i++) {
1969 RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
1971 }else if(buff->data == NULL && data == NULL) {
1972 RUNNER_ASSERT_MSG(true, "Raw data Error" );
1974 RUNNER_ASSERT_MSG(false, "Raw data Error" );
1977 ckmc_buffer_free(buff);
1980 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
1982 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
1984 unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
1985 unsigned int size = certPem.size();
1986 ckmc_data_format_e form = CKMC_FORM_PEM;
1988 ckmc_cert_s *ckmCert;
1989 ckmc_cert_new(raw_cert, size, form, &ckmCert);
1991 RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
1993 if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
1994 for(unsigned int i=0; i<size; i++) {
1995 RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
1997 }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
1998 RUNNER_ASSERT_MSG(true, "raw_cert Error" );
2000 RUNNER_ASSERT_MSG(false, "raw_cert Error" );
2003 RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
2005 ckmc_cert_free(ckmCert);
2009 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
2013 std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
2015 const char *file_name = "/tmp/ckmc_test_cert.pem";
2019 cert_file = fopen(file_name, "w");
2020 fprintf(cert_file, "%s",certStr.c_str());
2026 CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
2027 CKMCReadableError(ret));
2030 pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
2032 CKM::Alias lcert_alias = sharedDatabase("lcert_alias");
2033 ckmc_policy_s policy;
2034 policy.password = NULL;
2035 policy.extractable = 1;
2038 CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias.c_str(), *pcert, policy)),
2039 CKMCReadableError(ret));
2044 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
2045 const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
2046 const char *password = "password";
2050 ckmc_key_s *private_key = NULL;
2051 ckmc_cert_s *cert = NULL;
2052 ckmc_cert_list_s *ca_cert_list = NULL;
2055 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
2056 &private_key, &cert, &ca_cert_list)),
2058 RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
2059 RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
2060 RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
2062 ckmc_policy_s policy;
2063 policy.password = NULL;
2064 policy.extractable = 1;
2067 CKM::Alias pkey_alias = sharedDatabase("pkey_alias");
2069 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *private_key, policy)),
2070 CKMCReadableError(temp));
2072 CKM::Alias cert_alias = sharedDatabase("cert_alias");
2074 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *cert, policy)),
2075 CKMCReadableError(temp));
2076 std::string caCertAlias = sharedDatabase("ca_cert_alias_");
2077 const char *idx = "0";
2079 ckmc_cert_list_s *tmpList = ca_cert_list;
2080 while(tmpList != NULL) {
2081 caCertAlias.append(idx);
2083 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2084 CKMCReadableError(temp));
2085 tmpList = tmpList->next;
2089 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2091 ckmc_key_free(private_key);
2092 ckmc_cert_free(cert);
2093 ckmc_cert_list_all_free(ca_cert_list);
2096 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
2097 const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
2098 const char *password = "password";
2102 ckmc_pkcs12_s *ppkcs12 = NULL;
2105 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
2106 CKMCReadableError(temp));
2107 RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
2108 RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
2109 RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
2111 ckmc_policy_s policy;
2112 policy.password = NULL;
2113 policy.extractable = 1;
2116 CKM::Alias pkey_alias = sharedDatabase("pkey_alias2");
2118 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *(ppkcs12->priv_key), policy)),
2119 CKMCReadableError(temp));
2121 CKM::Alias cert_alias = sharedDatabase("cert_alias2");
2123 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *(ppkcs12->cert), policy)),
2124 CKMCReadableError(temp));
2125 std::string caCertAlias = sharedDatabase("ca_cert_alias_2_");
2126 const char *idx = "0";
2128 ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
2129 while(tmpList != NULL) {
2130 caCertAlias.append(idx);
2132 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2133 CKMCReadableError(temp));
2134 tmpList = tmpList->next;
2138 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2140 ckmc_pkcs12_free(ppkcs12);
2143 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
2146 remove_user_data(0);
2148 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2149 CKMCReadableError(temp));
2151 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2152 CKMCReadableError(temp));
2155 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
2159 CKM::Alias alias_PKCS_exportable = sharedDatabase("CAPI-test-PKCS-export");
2160 CKM::Alias alias_PKCS_not_exportable = sharedDatabase("CAPI-test-PKCS-no-export");
2163 RUNNER_TEST(T3101_CAPI_PKCS12_init)
2165 remove_user_data(0);
2168 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
2170 const char *wrong_passwd = "wrong";
2171 ckmc_pkcs12_s *ppkcs12 = NULL;
2174 CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/test1801.pkcs12", wrong_passwd, &ppkcs12)),
2175 CKMCReadableError(temp));
2178 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
2180 ckmc_pkcs12_s *ppkcs12 = NULL;
2183 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/pkcs.p12", NULL, &ppkcs12)),
2184 CKMCReadableError(temp));
2186 RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
2187 RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
2188 RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
2191 ckmc_policy_s exportable;
2192 exportable.password = NULL;
2193 exportable.extractable = 1;
2194 ckmc_policy_s notExportable;
2195 notExportable.password = NULL;
2196 notExportable.extractable = 0;
2199 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2200 CKMCReadableError(temp));
2202 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2203 CKMCReadableError(temp));
2205 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2206 CKMCReadableError(temp));
2208 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2209 CKMCReadableError(temp));
2211 // try to lookup key
2212 ckmc_key_s *key_lookup = NULL;
2214 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2215 CKMCReadableError(temp));
2216 ckmc_key_free(key_lookup);
2219 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), "", &key_lookup)),
2220 CKMCReadableError(temp));
2221 ckmc_key_free(key_lookup);
2223 // try to lookup certificate
2224 ckmc_cert_s *cert_lookup = NULL;
2226 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2227 CKMCReadableError(temp));
2228 ckmc_cert_free(cert_lookup);
2231 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2232 CKMCReadableError(temp));
2233 ckmc_cert_free(cert_lookup);
2236 RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
2239 ckmc_pkcs12_s *pkcs = NULL;
2243 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12(sharedDatabase("i-do-not-exist").c_str(), NULL, NULL, &pkcs)),
2244 CKMCReadableError(temp));
2245 ckmc_pkcs12_free(pkcs);
2248 // fail - not exportable
2250 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable.c_str(), NULL, NULL, &pkcs)),
2251 CKMCReadableError(temp));
2252 ckmc_pkcs12_free(pkcs);
2255 // success - exportable
2257 CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable.c_str(), NULL, NULL, &pkcs)),
2258 CKMCReadableError(temp));
2260 RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2261 RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2262 RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2264 ckmc_cert_list_s *iter = pkcs->ca_chain;
2269 RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2271 ckmc_pkcs12_free(pkcs);
2274 RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
2276 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2279 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2280 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2281 ckmc_raw_buffer_s *signature = NULL;
2284 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2285 alias_PKCS_exportable.c_str(),
2291 CKMCReadableError(temp));
2294 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2295 alias_PKCS_exportable.c_str(),
2301 CKMCReadableError(temp));
2304 RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
2308 // remove the whole PKCS12 bundles
2310 CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_exportable.c_str())),
2311 CKMCReadableError(tmp));
2313 CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_not_exportable.c_str())),
2314 CKMCReadableError(tmp));
2316 // expect lookup fails due to unknown alias
2317 // try to lookup key
2318 ckmc_key_s *key_lookup = NULL;
2320 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2321 CKMCReadableError(tmp));
2322 ckmc_key_free(key_lookup);
2325 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), NULL, &key_lookup)),
2326 CKMCReadableError(tmp));
2327 ckmc_key_free(key_lookup);
2329 // try to lookup certificate
2330 ckmc_cert_s *cert_lookup = NULL;
2332 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2333 CKMCReadableError(tmp));
2334 ckmc_cert_free(cert_lookup);
2337 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2338 CKMCReadableError(tmp));
2339 ckmc_cert_free(cert_lookup);
2342 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2344 remove_user_data(0);
2348 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2350 RUNNER_TEST(T3201_CAPI_unlock_database)
2352 reset_user_data(USER_APP, USER_PASS);
2355 RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
2357 ScopedDBUnlock unlock(USER_APP, USER_PASS);
2358 ScopedAccessProvider ap(TEST_LABEL);
2359 ap.allowAPI("key-manager::api-storage", "rw");
2360 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2363 CKM::Alias alias = "mykey";
2364 char *password = NULL;
2365 ckmc_key_s *test_key = NULL;
2368 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2371 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2374 RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
2376 ScopedDBUnlock unlock(USER_APP, USER_PASS);
2379 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2380 CKMCReadableError(temp));
2383 RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
2385 ScopedAccessProvider ap(TEST_LABEL);
2386 ap.allowAPI("key-manager::api-storage", "rw");
2387 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2390 CKM::Alias alias = "mykey";
2391 char *password = NULL;
2392 ckmc_key_s *test_key = NULL;
2395 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2396 CKMCReadableError(temp));
2398 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2401 RUNNER_TEST(T3204_deinit)
2403 remove_user_data(USER_APP);