1 #include <dpl/test/test_runner.h>
2 #include <dpl/test/test_runner_child.h>
4 #include <tests_common.h>
5 #include <test-certs.h>
6 #include <ckm-common.h>
7 #include <access_provider2.h>
9 #include <ckm/ckm-manager.h>
10 #include <ckm/ckm-control.h>
11 #include <ckm/ckm-type.h>
13 #include <ckmc/ckmc-manager.h>
14 #include <ckmc/ckmc-control.h>
15 #include <ckmc/ckmc-type.h>
16 #include <ckmc/ckmc-error.h>
18 #include <ckm-common.h>
26 static const int USER_APP = 5000;
27 static const int GROUP_APP = 5000;
37 const char* USER_PASS = "user-pass";
39 int count_aliases(alias_type_ type, int minimum_initial_element_count = 0)
41 ckmc_alias_list_s *aliasList = NULL;
46 ec = ckmc_get_key_alias_list(&aliasList);
50 ec = ckmc_get_cert_alias_list(&aliasList);
54 ec = ckmc_get_data_alias_list(&aliasList);
57 if(ec == CKMC_ERROR_DB_ALIAS_UNKNOWN)
61 ckmc_alias_list_s *plist = aliasList;
68 ckmc_alias_list_all_free(aliasList);
71 return_count >= minimum_initial_element_count,
72 "Error: alias list failed, current element count: " << return_count <<
73 " while expected minimal count of " << minimum_initial_element_count <<
83 "Error: alias list failed, ec: " << CKMCErrorToString(ec));
89 } // namespace anonymous
92 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
94 RUNNER_TEST(T3011_Control_C_API)
98 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
99 CKMCReadableError(temp));
101 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
102 CKMCReadableError(temp));
105 RUNNER_TEST(T3012_Control_C_API)
109 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
110 CKMCReadableError(temp));
111 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
112 CKMCReadableError(temp));
115 RUNNER_TEST(T3013_Control_C_API)
119 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
120 CKMCReadableError(temp));
123 RUNNER_TEST(T3014_Control_C_API)
126 const uid_t UNIQUE_USER = 15;
128 // clean up environment
129 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
130 CKMCReadableError(temp));
131 // unlock with default password
132 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
133 CKMCReadableError(temp));
134 // reset password (NULL, "simple-password")
135 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
136 CKMCReadableError(temp));
137 // get rid of NULL DKEK
138 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
139 CKMCReadableError(temp));
141 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
142 CKMCReadableError(temp));
143 // try to reset password when db locked
144 RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
145 CKMCReadableError(temp));
146 // clean up environment
147 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
148 CKMCReadableError(temp));
151 RUNNER_TEST(T3015_Control_C_API)
156 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(20, "test-pass")),
157 CKMCReadableError(temp));
159 CKMC_ERROR_NONE == (temp = ckmc_change_user_password(20, "test-pass", "new-pass")),
160 CKMCReadableError(temp));
161 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
162 CKMCReadableError(temp));
163 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
164 CKMCReadableError(temp));
167 RUNNER_TEST(T3016_Control_C_API)
172 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
173 CKMCReadableError(temp));
175 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
176 CKMCReadableError(temp));
178 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
179 CKMCReadableError(temp));
181 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
182 CKMCReadableError(temp));
185 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
187 RUNNER_TEST(T3021_init_C_API)
192 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
193 CKMCReadableError(temp));
195 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
196 CKMCReadableError(temp));
199 RUNNER_TEST(T3022_key_C_API)
203 ckmc_key_s test_key, *test_key2;
204 ckmc_policy_s test_policy;
206 char* password = NULL;
207 const char *alias = "mykey";
209 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
210 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
211 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
212 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
213 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
214 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
215 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
217 "-----END PUBLIC KEY-----";
219 char* char_keypem = new char[keyPem.length() + 1];
221 std::strcpy(char_keypem, keyPem.c_str());
222 test_key.raw_key = (unsigned char *)char_keypem;
223 test_key.key_size = keyPem.length();
224 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
225 test_key.password = password;
227 test_policy.password = password;
228 test_policy.extractable = 1;
230 test_key2 = &test_key;
233 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
234 CKMCReadableError(temp));
237 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
238 CKMCReadableError(temp));
241 RUNNER_TEST(T3023_certificate_C_API)
245 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
247 char* password = NULL;
251 const char *alias = "test-cert-1-RSA";
253 ckmc_policy_s test_policy;
254 test_policy.password = password;
255 test_policy.extractable = 1;
257 char* char_certPem = new char[certPem.length() + 1];
258 std::strcpy(char_certPem, certPem.c_str());
259 cert.raw_cert = (unsigned char *)char_certPem;
260 cert.cert_size = certPem.length();
261 cert.data_format = CKMC_FORM_PEM;
264 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
265 CKMCReadableError(temp));
268 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
269 CKMCReadableError(temp));
271 ckmc_cert_free(cert2);
274 RUNNER_TEST(T3024_certificate_remove_C_API)
278 char* password = NULL;
280 const char *alias = "test-cert-1-RSA";
283 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
284 CKMCReadableError(temp));
285 ckmc_cert_free(cert2);
288 CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias)),
289 CKMCReadableError(temp));
292 CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias, password, &cert2)),
293 CKMCReadableError(temp));
296 RUNNER_TEST(T3025_certificate_list_C_API)
300 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
302 char* password = NULL;
305 ckmc_policy_s test_policy;
306 test_policy.password = password;
307 test_policy.extractable = 1;
309 char* char_certPem = new char[certPem.length() + 1];
310 std::strcpy(char_certPem, certPem.c_str());
311 cert.raw_cert = (unsigned char *)char_certPem;
312 cert.cert_size = certPem.length();
313 cert.data_format = CKMC_FORM_PEM;
315 int current_aliases_num = count_aliases(ALIAS_CERT);
318 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
319 CKMCReadableError(temp));
322 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
323 CKMCReadableError(temp));
326 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
327 CKMCReadableError(temp));
330 (current_aliases_num+3) == (temp = count_aliases(ALIAS_CERT)),
331 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
335 RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
337 ScopedAccessProvider ap("mylabel");
338 ap.allowAPI("key-manager::api-storage", "rw");
339 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
341 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
342 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
343 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
344 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
345 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
346 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
347 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
349 "-----END PUBLIC KEY-----";
353 ckmc_key_s test_key, *test_key2;
354 ckmc_policy_s test_policy;
356 char* password = NULL;
357 const char *passwordPolicy = "x";
358 const char *alias = "mykey";
359 char* char_keypem = new char[keyPem.length() + 1];
361 std::strcpy(char_keypem, keyPem.c_str());
362 test_key.raw_key = (unsigned char *)char_keypem;
363 test_key.key_size = keyPem.length();
364 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
365 test_key.password = password;
367 test_policy.password = const_cast<char *>(passwordPolicy);
368 test_policy.extractable = 1;
370 test_key2 = &test_key;
374 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
375 CKMCReadableError(temp));
377 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
378 CKMCReadableError(temp));
380 // RUNNER_ASSERT_MSG(
381 // key.getDER() == key2.getDER(), "Key value has been changed by service");
384 RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
386 ScopedAccessProvider ap("mylabel");
387 ap.allowAPI("key-manager::api-storage", "rw");
388 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
391 auto manager = CKM::Manager::create();
393 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
394 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
395 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
396 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
397 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
398 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
399 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
401 "-----END PUBLIC KEY-----";
403 ckmc_policy_s test_policy;
404 ckmc_key_s test_key, *test_key2;
405 char* char_keypem = new char[keyPem.length() + 1];
406 char* password = NULL;
408 std::strcpy(char_keypem, keyPem.c_str());
409 test_key.raw_key = (unsigned char *)char_keypem;
410 test_key.key_size = keyPem.length();
411 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
412 test_key.password = password;
414 test_policy.password = password;
415 test_policy.extractable = 0;
418 CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
419 CKMCReadableError(temp));
422 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
423 CKMCReadableError(temp));
427 RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
431 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
433 char* password = NULL;
434 ckmc_cert_s *cert2 = NULL;
437 ckmc_policy_s test_policy;
438 test_policy.password = password;
439 test_policy.extractable = 1;
441 char* char_certPem = new char[certPem.length() + 1];
442 std::strcpy(char_certPem, certPem.c_str());
443 cert.raw_cert = (unsigned char *)char_certPem;
444 cert.cert_size = certPem.length();
445 cert.data_format = CKMC_FORM_PEM;
447 const char *alias = "test-cert-1-DSA";
449 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
450 CKMCReadableError(temp));
453 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
454 CKMCReadableError(temp));
456 ckmc_cert_free(cert2);
459 RUNNER_TEST(T3029_deinit_C_API)
463 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
464 CKMCReadableError(temp));
465 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
466 CKMCReadableError(temp));
468 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
469 CKMCReadableError(temp));
471 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
472 CKMCReadableError(temp));
476 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
478 RUNNER_TEST(T3031_init_C_API)
483 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
484 CKMCReadableError(temp));
486 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
487 CKMCReadableError(temp));
490 RUNNER_TEST(T3032_save_keys_get_alias_C_API)
494 char* password = NULL;
495 ckmc_policy_s test_policy1, test_policy2, test_policy3;
498 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
499 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
500 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
501 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
502 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
503 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
504 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
506 "-----END PUBLIC KEY-----";
508 char* char_keypem = new char[keyPem.length() + 1];
510 std::strcpy(char_keypem, keyPem.c_str());
511 test_key.raw_key = (unsigned char *)char_keypem;
512 test_key.key_size = keyPem.length();
513 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
514 test_key.password = password;
516 test_policy1.password = password;
517 test_policy1.extractable = 1;
519 test_policy2.password = password;
520 test_policy2.extractable = 0;
522 test_policy3.password = password;
523 test_policy3.extractable = 0;
525 int current_aliases_num = count_aliases(ALIAS_KEY);
528 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
529 CKMCReadableError(temp));
532 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
533 CKMCReadableError(temp));
536 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
537 CKMCReadableError(temp));
540 (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
541 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
545 RUNNER_TEST(T3033_remove_key_C_API)
549 char* password = NULL;
551 ckmc_key_s *test_key2;
553 CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
554 CKMCReadableError(temp));
557 CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
558 CKMCReadableError(temp));
561 CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
562 CKMCReadableError(temp));
565 RUNNER_TEST(T3034_deinit_C_API)
569 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
570 CKMCReadableError(temp));
571 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
572 CKMCReadableError(temp));
574 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
575 CKMCReadableError(temp));
577 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
578 CKMCReadableError(temp));
581 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
583 RUNNER_TEST(T3041_init_C_API)
587 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
588 CKMCReadableError(temp));
590 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
591 CKMCReadableError(temp));
594 RUNNER_TEST(T3042_save_get_bin_data_C_API)
598 ckmc_raw_buffer_s testData1, testData2, testData3;
599 char* password = NULL;
601 std::string binData1 = "My bin data1";
602 std::string binData2 = "My bin data2";
603 std::string binData3 = "My bin data3";
604 char* char_binData1 = new char[binData1.length() + 1];
605 char* char_binData2 = new char[binData2.length() + 1];
606 char* char_binData3 = new char[binData3.length() + 1];
607 std::strcpy(char_binData1, binData1.c_str());
608 std::strcpy(char_binData2, binData2.c_str());
609 std::strcpy(char_binData3, binData3.c_str());
610 testData1.data = (unsigned char *) char_binData1;
611 testData2.data = (unsigned char *) char_binData2;
612 testData3.data = (unsigned char *) char_binData3;
613 testData1.size = binData1.length()+1;
614 testData2.size = binData2.length()+1;
615 testData3.size = binData3.length()+1;
617 ckmc_policy_s test_policy1, test_policy2, test_policy3;
619 test_policy1.password = password;
620 test_policy1.extractable = 1;
621 test_policy2.password = password;
622 test_policy2.extractable = 1;
623 test_policy3.password = password;
624 test_policy3.extractable = 0;
626 int current_aliases_num = count_aliases(ALIAS_DATA);
629 CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
630 CKMCReadableError(temp));
633 CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
634 CKMCReadableError(temp));
637 CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
638 CKMCReadableError(temp));
641 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
642 CKMCReadableError(temp));
645 (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
646 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
648 ckmc_raw_buffer_s *testData4;
650 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
651 CKMCReadableError(temp));
654 compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
655 RUNNER_ASSERT_MSG( compareResult == 0,
659 RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
661 ScopedAccessProvider ap("mylabel");
662 ap.allowAPI("key-manager::api-storage", "rw");
663 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
666 ckmc_raw_buffer_s testData1;
667 char* password = NULL;
668 std::string binData1 = "My bin data";
669 char* char_binData1 = new char[binData1.length() + 1];
670 std::strcpy(char_binData1, binData1.c_str());
671 testData1.data = (unsigned char *) char_binData1;
672 testData1.size = binData1.length()+1;
674 ckmc_policy_s test_policy1, test_policy2;
676 test_policy1.password = password;
677 test_policy1.extractable = 1;
679 test_policy2.password = password;
680 test_policy2.extractable = 1;
682 std::string binData = "My bin data";
684 int current_aliases_num = count_aliases(ALIAS_DATA);
687 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
688 CKMCReadableError(temp));
690 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
691 CKMCReadableError(temp));
693 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
694 CKMCReadableError(temp));
697 (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
698 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
701 RUNNER_TEST(T3044_remove_bin_data_C_API)
705 int current_aliases_num = count_aliases(ALIAS_DATA, 2);
708 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
709 CKMCReadableError(temp));
711 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
712 CKMCReadableError(temp));
715 (current_aliases_num-2) == (temp = count_aliases(ALIAS_DATA)),
716 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << temp);
718 char* password = NULL;
720 ckmc_raw_buffer_s *testData1, testData2;
722 std::string testStr = "My bin data2";
723 char* char_testData2 = new char[testStr.length() + 1];
724 std::strcpy(char_testData2, testStr.c_str());
725 testData2.data = (unsigned char *) char_testData2;
726 testData2.size = testStr.length()+1;
728 CKM::RawBuffer buffer;
730 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
731 CKMCReadableError(temp));
734 compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
735 RUNNER_ASSERT_MSG( compareResult == 0,
739 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
740 CKMCReadableError(temp));
743 RUNNER_TEST(T3045_deinit_C_API)
748 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
749 CKMCReadableError(temp));
751 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
752 CKMCReadableError(temp));
754 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
755 CKMCReadableError(temp));
757 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
758 CKMCReadableError(temp));
761 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
763 RUNNER_TEST(T3051_CAPI_init)
768 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
769 CKMCReadableError(temp));
772 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
773 CKMCReadableError(temp));
776 RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
780 ScopedAccessProvider ap("mylabel");
781 ap.allowAPI("key-manager::api-storage", "rw");
782 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
785 const char *private_key_alias = "RSA-test-1-priv";
786 const char *public_key_alias = "RSA-test-1-pub";
787 ckmc_policy_s policy_private_key;
788 ckmc_policy_s policy_public_key;
790 policy_private_key.password = NULL;
791 policy_private_key.extractable = 1;
793 policy_public_key.password = NULL;
794 policy_public_key.extractable = 1;
797 int current_aliases_num = count_aliases(ALIAS_KEY);
800 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
801 CKMCReadableError(temp));
804 (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
805 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
807 ckmc_key_s *privateKey;
809 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
810 CKMCReadableError(temp));
812 privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
813 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
815 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
816 "Private key is broken.");
818 ckmc_key_s *publicKey;
820 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
821 CKMCReadableError(temp));
823 publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
824 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
826 publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
827 "Public key is broken.");
829 // on next attempt to generate keys with the same alias, expect fail (alias exists)
831 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
832 CKMCReadableError(temp));
835 RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
839 AccessProvider ap("mylabel");
840 ap.allowAPI("key-manager::api-storage", "rw");
841 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
844 const char *private_key_alias = "DSA-test-2-priv";
845 const char *public_key_alias = "DSA-test-2-pub";
846 ckmc_policy_s policy_private_key;
847 ckmc_policy_s policy_public_key;
849 policy_private_key.password = NULL;
850 policy_private_key.extractable = 1;
852 policy_public_key.password = NULL;
853 policy_public_key.extractable = 1;
855 int current_aliases_num = count_aliases(ALIAS_KEY);
858 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
859 CKMCReadableError(temp));
862 (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
863 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
865 ckmc_key_s *privateKey = 0;
867 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
868 CKMCReadableError(temp));
870 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
871 "Private key is broken.");
873 privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
874 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
875 ckmc_key_free(privateKey);
877 ckmc_key_s *pubKey = 0;
879 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
880 CKMCReadableError(temp));
882 pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
883 "Public key is broken.");
885 pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
886 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
887 ckmc_key_free(pubKey);
889 // on next attempt to generate keys with the same alias, expect fail (alias exists)
891 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
892 CKMCReadableError(temp));
896 RUNNER_TEST(T3054_CAPI_deinit)
901 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
902 CKMCReadableError(temp));
904 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
905 CKMCReadableError(temp));
909 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
911 RUNNER_TEST(T3061_CAPI_init)
915 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
916 CKMCReadableError(temp));
918 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
919 CKMCReadableError(temp));
921 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
922 CKMCReadableError(temp));
924 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
925 CKMCReadableError(temp));
928 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
933 const char *private_key_alias = "rsa-test-1";
934 const char *public_key_alias = "rsa-test-2";
935 ckmc_policy_s policy_private_key;
936 ckmc_policy_s policy_public_key;
938 policy_private_key.password = const_cast<char *>("privatepassword");
939 policy_private_key.extractable = 0;
941 policy_public_key.password = NULL;
942 policy_public_key.extractable = 1;
945 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
946 CKMCReadableError(temp));
948 // on next attempt to generate keys with the same alias, expect fail (alias exists)
950 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
951 CKMCReadableError(temp));
954 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
959 const char *private_key_alias = "dsa-test-1";
960 const char *public_key_alias = "dsa-test-2";
961 ckmc_policy_s policy_private_key;
962 ckmc_policy_s policy_public_key;
964 policy_private_key.password = const_cast<char *>("privatepassword");
965 policy_private_key.extractable = 0;
967 policy_public_key.password = NULL;
968 policy_public_key.extractable = 1;
971 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
972 CKMCReadableError(temp));
975 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
979 ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
980 const char *private_key_alias = "ecdsa-test-1";
981 const char *public_key_alias = "ecdsa-test-2";
982 ckmc_policy_s policy_private_key;
983 ckmc_policy_s policy_public_key;
985 policy_private_key.password = const_cast<char *>("privatepassword");
986 policy_private_key.extractable = 0;
988 policy_public_key.password = NULL;
989 policy_public_key.extractable = 1;
992 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
993 CKMCReadableError(temp));
996 RUNNER_TEST(T3065_CAPI_deinit)
1001 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1002 CKMCReadableError(temp));
1004 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1005 CKMCReadableError(temp));
1009 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
1013 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
1015 RUNNER_TEST(T3071_CAPI_init)
1019 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1020 CKMCReadableError(temp));
1023 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
1025 std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
1026 std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
1029 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1030 c_cert.cert_size = ee.size();
1031 c_cert.data_format = CKMC_FORM_PEM;
1033 ckmc_cert_s c_cert1;
1034 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1035 c_cert1.cert_size = im.size();
1036 c_cert1.data_format = CKMC_FORM_PEM;
1038 ckmc_cert_list_s untrustedcerts;
1039 untrustedcerts.cert = &c_cert1;
1040 untrustedcerts.next = NULL;
1042 ckmc_cert_list_s *cert_chain_list;
1044 int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
1046 CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1048 RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1050 ckmc_ocsp_status_e ocsp_status;
1051 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1052 RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1055 RUNNER_TEST(T3075_CAPI_deinit)
1060 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1061 CKMCReadableError(temp));
1063 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1064 CKMCReadableError(temp));
1068 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1070 RUNNER_TEST(T3081_CAPI__init)
1075 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1076 CKMCReadableError(temp));
1079 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1080 CKMCReadableError(temp));
1083 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1084 CKMCReadableError(temp));
1087 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1088 CKMCReadableError(temp));
1091 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1095 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1096 "Proc-Type: 4,ENCRYPTED\n"
1097 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1099 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1100 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1101 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1102 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1103 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1104 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1105 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1106 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1107 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1108 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1109 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1110 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1111 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1112 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1113 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1114 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1115 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1116 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1117 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1118 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1119 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1120 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1121 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1122 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1123 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1124 "-----END RSA PRIVATE KEY-----\n";
1126 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1127 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1128 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1129 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1130 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1131 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1132 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1134 "-----END PUBLIC KEY-----\n";
1136 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1138 const char *pub_alias = "pub1";
1139 const char *pri_alias = "prv1";
1140 const char *key_passwd = "1234";
1141 char *pri_passwd = NULL;
1142 char *pub_passwd = NULL;
1143 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1144 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1145 ckmc_raw_buffer_s *signature;
1148 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1149 pubkey.key_size = pub.size();
1150 pubkey.key_type = CKMC_KEY_NONE;
1151 pubkey.password = NULL;
1153 ckmc_policy_s pubpolicy;
1154 pubpolicy.password = pub_passwd;
1155 pubpolicy.extractable = 0;
1157 ckmc_policy_s pripolicy;
1158 pripolicy.password = pri_passwd;
1159 pripolicy.extractable = 1;
1162 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1163 prikey.key_size = prv.size();
1164 prikey.key_type = CKMC_KEY_NONE;
1165 prikey.password = const_cast<char *>(key_passwd);
1169 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1170 CKMCReadableError(temp));
1173 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1174 CKMCReadableError(temp));
1177 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1184 CKMCReadableError(temp));
1187 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1194 CKMCReadableError(temp));
1197 RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
1201 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1202 const char *pub_alias = "pub1";
1203 const char *pri_alias = "prv1";
1204 char *pri_passwd = NULL;
1205 char *pub_passwd = NULL;
1206 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1207 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1208 ckmc_raw_buffer_s *signature;
1211 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1218 CKMCReadableError(temp));
1221 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1228 CKMCReadableError(temp));
1230 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1231 memcpy((void*)signature->data, "BROKEN", 6);
1234 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1241 CKMCReadableError(temp));
1244 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1248 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1249 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1250 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1251 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1252 "-----END EC PRIVATE KEY-----\n";
1254 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1255 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1256 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1257 "-----END PUBLIC KEY-----\n";
1259 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1260 const char *pri_alias = "ecprv2";
1261 const char *pub_alias = "ecpub2";
1262 char *key_passwd = NULL;
1263 char *pri_passwd = NULL;
1264 char *pub_passwd = NULL;
1265 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1266 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1267 ckmc_raw_buffer_s *signature;
1270 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1271 pubkey.key_size = pub.size();
1272 pubkey.key_type = CKMC_KEY_NONE;
1273 pubkey.password = NULL;
1275 ckmc_policy_s pubpolicy;
1276 pubpolicy.password = pub_passwd;
1277 pubpolicy.extractable = 1;
1280 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1281 prikey.key_size = prv.size();
1282 prikey.key_type = CKMC_KEY_NONE;
1283 prikey.password = key_passwd;
1285 ckmc_policy_s pripolicy;
1286 pripolicy.password = pri_passwd;
1287 pripolicy.extractable = 0;
1290 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1291 CKMCReadableError(temp));
1293 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1294 CKMCReadableError(temp));
1297 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1304 CKMCReadableError(temp));
1307 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1314 CKMCReadableError(temp));
1316 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1317 memcpy((void*)signature->data, "BROKEN", 6);
1320 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1327 CKMCReadableError(temp));
1330 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1335 "-----BEGIN RSA PRIVATE KEY-----\n"
1336 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1337 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1338 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1339 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1340 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1341 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1342 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1343 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1344 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1345 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1346 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1347 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1348 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1349 "-----END RSA PRIVATE KEY-----\n";
1352 "-----BEGIN CERTIFICATE-----\n"
1353 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1354 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1355 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1356 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1357 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1358 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1359 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1360 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1361 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1362 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1363 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1364 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1365 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1366 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1367 "-----END CERTIFICATE-----\n";
1369 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1371 const char *pri_alias = "prv3";
1372 const char *pub_alias = "pub3";
1373 char *key_passwd = NULL;
1374 char *pri_passwd = NULL;
1375 char *pub_passwd = NULL;
1376 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1377 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1378 ckmc_raw_buffer_s *signature;
1381 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1382 cert.cert_size = pub.size();
1383 cert.data_format = CKMC_FORM_PEM;
1385 ckmc_policy_s certpolicy;
1386 certpolicy.password = pub_passwd;
1387 certpolicy.extractable = 1;
1390 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1391 prikey.key_size = prv.size();
1392 prikey.key_type = CKMC_KEY_NONE;
1393 prikey.password = key_passwd;
1395 ckmc_policy_s pripolicy;
1396 pripolicy.password = pri_passwd;
1397 pripolicy.extractable = 0;
1400 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
1401 CKMCReadableError(temp));
1403 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1404 CKMCReadableError(temp));
1408 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1415 CKMCReadableError(temp));
1418 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1425 CKMCReadableError(temp));
1427 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1428 memcpy((void*)signature->data, "BROKEN", 6);
1431 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1438 CKMCReadableError(temp));
1441 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1445 const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1446 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1447 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1448 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1449 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1450 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1451 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1452 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1453 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1454 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1455 "YMYCBhubtrVaLmc=\n"
1456 "-----END PUBLIC KEY-----";
1458 const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1459 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1460 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1461 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1462 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1463 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1464 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1465 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1466 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1467 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1468 "u1roOuaPY+Hl19BlTE2qdw==\n"
1469 "-----END DSA PRIVATE KEY-----";
1471 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1473 const char *pub_alias = "dsa-pub1";
1474 const char *pri_alias = "dsa-prv1";
1475 char *pri_passwd = NULL;
1476 char *pub_passwd = NULL;
1477 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1478 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1479 ckmc_raw_buffer_s *signature = NULL;
1482 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1483 pubkey.key_size = pub.size();
1484 pubkey.key_type = CKMC_KEY_NONE;
1485 pubkey.password = NULL;
1487 ckmc_policy_s pubpolicy;
1488 pubpolicy.password = pub_passwd;
1489 pubpolicy.extractable = 0;
1491 ckmc_policy_s pripolicy;
1492 pripolicy.password = pri_passwd;
1493 pripolicy.extractable = 1;
1496 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
1497 prikey.key_size = priv.size();
1498 prikey.key_type = CKMC_KEY_NONE;
1499 prikey.password = NULL;
1503 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1504 CKMCReadableError(temp));
1507 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1508 CKMCReadableError(temp));
1511 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1518 CKMCReadableError(temp));
1522 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1529 CKMCReadableError(temp));
1532 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1534 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1541 CKMCReadableError(temp));
1543 ckmc_buffer_free(signature);
1546 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1551 ckmc_policy_s policy_private_key;
1552 ckmc_policy_s policy_public_key;
1554 policy_private_key.password = NULL;
1555 policy_private_key.extractable = 1;
1557 policy_public_key.password = NULL;
1558 policy_public_key.extractable = 1;
1560 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1562 const char *pub_alias = "dsa-pub2";
1563 const char *pri_alias = "dsa-prv2";
1566 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias, pub_alias, policy_private_key, policy_public_key)),
1569 char *pri_passwd = NULL;
1570 char *pub_passwd = NULL;
1571 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1572 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1573 ckmc_raw_buffer_s *signature;
1575 ckmc_key_s *pubkey = NULL;
1576 ckmc_key_s *prikey = NULL;
1578 CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias, 0, &prikey)),
1579 CKMCReadableError(temp));
1582 CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias, 0, &pubkey)),
1583 CKMCReadableError(temp));
1586 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1593 CKMCReadableError(temp));
1597 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1604 CKMCReadableError(temp));
1607 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1609 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1616 CKMCReadableError(temp));
1618 ckmc_key_free(prikey);
1619 ckmc_key_free(pubkey);
1620 ckmc_buffer_free(signature);
1623 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
1628 "-----BEGIN EC PRIVATE KEY-----\n"
1629 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1630 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1631 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1632 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1633 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1634 "ELyhe7yPCAuOoLZlTLgf\n"
1635 "-----END EC PRIVATE KEY-----\n";
1638 "-----BEGIN CERTIFICATE-----\n"
1639 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1640 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1641 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1642 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1643 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1644 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1645 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1646 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1647 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1648 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1649 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1650 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1651 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1652 "Q1oBry6NEc+lLFmWMDesAA==\n"
1653 "-----END CERTIFICATE-----\n";
1655 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1657 const char *pri_alias = "prv4";
1658 const char *pub_alias = "pub4";
1659 char *key_passwd = NULL;
1660 char *pri_passwd = NULL;
1661 char *pub_passwd = NULL;
1662 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1663 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1664 ckmc_raw_buffer_s *signature;
1667 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1668 cert.cert_size = pub.size();
1669 cert.data_format = CKMC_FORM_PEM;
1671 ckmc_policy_s certpolicy;
1672 certpolicy.password = pub_passwd;
1673 certpolicy.extractable = 1;
1676 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1677 prikey.key_size = prv.size();
1678 prikey.key_type = CKMC_KEY_NONE;
1679 prikey.password = key_passwd;
1681 ckmc_policy_s pripolicy;
1682 pripolicy.password = pri_passwd;
1683 pripolicy.extractable = 0;
1687 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
1688 CKMCReadableError(temp));
1690 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1691 CKMCReadableError(temp));
1694 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1701 CKMCReadableError(temp));
1704 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1711 CKMCReadableError(temp));
1713 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1714 memcpy((void*)signature->data, "BROKEN", 6);
1717 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1724 CKMCReadableError(temp));
1727 RUNNER_TEST(T3089_CAPI__deinit)
1732 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1733 CKMCReadableError(temp));
1735 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1736 CKMCReadableError(temp));
1740 //#######################################################################################
1742 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
1744 RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
1745 RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
1747 if(key->password != NULL && password != NULL) {
1748 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
1749 }else if(key->password == NULL && password == NULL) {
1750 RUNNER_ASSERT_MSG(true, "Password Error" );
1752 RUNNER_ASSERT_MSG(false, "Password Error" );
1755 if(key->raw_key != NULL && raw_key != NULL) {
1756 for(unsigned int i=0; i<key_size; i++) {
1757 RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
1759 }else if(key->raw_key == NULL && raw_key == NULL) {
1760 RUNNER_ASSERT_MSG(true, "Raw Key Error" );
1762 RUNNER_ASSERT_MSG(false, "Raw Key Error" );
1766 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
1768 RUNNER_TEST(T3091_CAPI_TYPE_init)
1772 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1773 CKMCReadableError(temp));
1775 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1776 CKMCReadableError(temp));
1778 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1779 CKMCReadableError(temp));
1781 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1782 CKMCReadableError(temp));
1785 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
1787 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1788 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1789 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1790 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1791 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1792 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1793 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1795 "-----END PUBLIC KEY-----";
1797 unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1798 unsigned int key_size = keyPem.size();
1799 ckmc_key_type_e key_type = CKMC_KEY_NONE;
1800 char *password = const_cast< char *>("");
1803 ckmc_key_new(raw_key, key_size, key_type, password, &key);
1805 _assertKey(key, raw_key, key_size, key_type, password);
1808 char *passwordNull = NULL;
1810 ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
1811 ckmc_key_free(key2);
1814 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
1816 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1817 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1818 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1819 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1820 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1821 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1822 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1824 "-----END PUBLIC KEY-----";
1826 unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1827 unsigned int size = keyPem.size();
1829 ckmc_raw_buffer_s *buff;
1830 ckmc_buffer_new(data, size, &buff);
1832 RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
1834 if(buff->data != NULL && data != NULL) {
1835 for(unsigned int i=0; i<size; i++) {
1836 RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
1838 }else if(buff->data == NULL && data == NULL) {
1839 RUNNER_ASSERT_MSG(true, "Raw data Error" );
1841 RUNNER_ASSERT_MSG(false, "Raw data Error" );
1844 ckmc_buffer_free(buff);
1847 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
1849 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
1851 unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
1852 unsigned int size = certPem.size();
1853 ckmc_data_format_e form = CKMC_FORM_PEM;
1855 ckmc_cert_s *ckmCert;
1856 ckmc_cert_new(raw_cert, size, form, &ckmCert);
1858 RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
1860 if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
1861 for(unsigned int i=0; i<size; i++) {
1862 RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
1864 }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
1865 RUNNER_ASSERT_MSG(true, "raw_cert Error" );
1867 RUNNER_ASSERT_MSG(false, "raw_cert Error" );
1870 RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
1872 ckmc_cert_free(ckmCert);
1876 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
1880 std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
1882 const char *file_name = "/tmp/ckmc_test_cert.pem";
1886 cert_file = fopen(file_name, "w");
1887 fprintf(cert_file, "%s",certStr.c_str());
1893 CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
1894 CKMCReadableError(ret));
1897 pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
1899 const char *lcert_alias = "lcert_alias";
1900 ckmc_policy_s policy;
1901 policy.password = NULL;
1902 policy.extractable = 1;
1905 CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias, *pcert, policy)),
1906 CKMCReadableError(ret));
1911 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
1912 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
1913 const char *password = "password";
1917 ckmc_key_s *private_key = NULL;
1918 ckmc_cert_s *cert = NULL;
1919 ckmc_cert_list_s *ca_cert_list = NULL;
1922 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
1923 &private_key, &cert, &ca_cert_list)),
1925 RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
1926 RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
1927 RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
1929 ckmc_policy_s policy;
1930 policy.password = NULL;
1931 policy.extractable = 1;
1934 const char *pkey_alias = "pkey_alias";
1936 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *private_key, policy)),
1937 CKMCReadableError(temp));
1939 const char *cert_alias = "cert_alias";
1941 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *cert, policy)),
1942 CKMCReadableError(temp));
1943 std::string caCertAlias = "ca_cert_alias_";
1944 const char *idx = "0";
1946 ckmc_cert_list_s *tmpList = ca_cert_list;
1947 while(tmpList != NULL) {
1948 caCertAlias.append(idx);
1950 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
1951 CKMCReadableError(temp));
1952 tmpList = tmpList->next;
1956 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
1958 ckmc_key_free(private_key);
1959 ckmc_cert_free(cert);
1960 ckmc_cert_list_all_free(ca_cert_list);
1963 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
1964 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
1965 const char *password = "password";
1969 ckmc_pkcs12_s *ppkcs12 = NULL;
1972 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
1973 CKMCReadableError(temp));
1974 RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
1975 RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
1976 RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
1978 ckmc_policy_s policy;
1979 policy.password = NULL;
1980 policy.extractable = 1;
1983 const char *pkey_alias = "pkey_alias2";
1985 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *(ppkcs12->priv_key), policy)),
1986 CKMCReadableError(temp));
1988 const char *cert_alias = "cert_alias2";
1990 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *(ppkcs12->cert), policy)),
1991 CKMCReadableError(temp));
1992 std::string caCertAlias = "ca_cert_alias_2_";
1993 const char *idx = "0";
1995 ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
1996 while(tmpList != NULL) {
1997 caCertAlias.append(idx);
1999 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2000 CKMCReadableError(temp));
2001 tmpList = tmpList->next;
2005 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2007 ckmc_pkcs12_free(ppkcs12);
2010 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
2014 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2015 CKMCReadableError(temp));
2017 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2018 CKMCReadableError(temp));
2020 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2021 CKMCReadableError(temp));
2023 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2024 CKMCReadableError(temp));
2027 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
2031 const char* alias_PKCS_exportable = "CAPI-test-PKCS-export";
2032 const char* alias_PKCS_not_exportable = "CAPI-test-PKCS-no-export";
2035 RUNNER_TEST(T3101_CAPI_PKCS12_init)
2039 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2040 CKMCReadableError(temp));
2042 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "PKCS-pass")),
2043 CKMCReadableError(temp));
2046 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
2048 const char *wrong_passwd = "wrong";
2049 ckmc_pkcs12_s *ppkcs12 = NULL;
2052 CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
2053 CKMCReadableError(temp));
2056 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
2058 ckmc_pkcs12_s *ppkcs12 = NULL;
2061 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
2062 CKMCReadableError(temp));
2064 RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
2065 RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
2066 RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
2069 ckmc_policy_s exportable;
2070 exportable.password = NULL;
2071 exportable.extractable = 1;
2072 ckmc_policy_s notExportable;
2073 notExportable.password = NULL;
2074 notExportable.extractable = 0;
2077 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
2078 CKMCReadableError(temp));
2080 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
2081 CKMCReadableError(temp));
2083 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
2084 CKMCReadableError(temp));
2086 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
2087 CKMCReadableError(temp));
2089 // try to lookup key
2090 ckmc_key_s *key_lookup = NULL;
2092 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
2093 CKMCReadableError(temp));
2094 ckmc_key_free(key_lookup);
2097 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable, "", &key_lookup)),
2098 CKMCReadableError(temp));
2099 ckmc_key_free(key_lookup);
2101 // try to lookup certificate
2102 ckmc_cert_s *cert_lookup = NULL;
2104 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
2105 CKMCReadableError(temp));
2106 ckmc_cert_free(cert_lookup);
2109 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
2110 CKMCReadableError(temp));
2111 ckmc_cert_free(cert_lookup);
2114 RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
2117 ckmc_pkcs12_s *pkcs = NULL;
2121 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12("i-do-not-exist", NULL, NULL, &pkcs)),
2122 CKMCReadableError(temp));
2123 ckmc_pkcs12_free(pkcs);
2126 // fail - not exportable
2128 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable, NULL, NULL, &pkcs)),
2129 CKMCReadableError(temp));
2130 ckmc_pkcs12_free(pkcs);
2133 // success - exportable
2135 CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable, NULL, NULL, &pkcs)),
2136 CKMCReadableError(temp));
2138 RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2139 RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2140 RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2142 ckmc_cert_list_s *iter = pkcs->ca_chain;
2147 RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2149 ckmc_pkcs12_free(pkcs);
2152 RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
2154 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2157 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2158 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2159 ckmc_raw_buffer_s *signature = NULL;
2162 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2163 alias_PKCS_exportable,
2169 CKMCReadableError(temp));
2172 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2173 alias_PKCS_exportable,
2179 CKMCReadableError(temp));
2182 RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
2186 // remove the whole PKCS12 bundles
2188 CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_exportable)),
2189 CKMCReadableError(tmp));
2191 CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_not_exportable)),
2192 CKMCReadableError(tmp));
2194 // expect lookup fails due to unknown alias
2195 // try to lookup key
2196 ckmc_key_s *key_lookup = NULL;
2198 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
2199 CKMCReadableError(tmp));
2200 ckmc_key_free(key_lookup);
2203 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable, NULL, &key_lookup)),
2204 CKMCReadableError(tmp));
2205 ckmc_key_free(key_lookup);
2207 // try to lookup certificate
2208 ckmc_cert_s *cert_lookup = NULL;
2210 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
2211 CKMCReadableError(tmp));
2212 ckmc_cert_free(cert_lookup);
2215 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
2216 CKMCReadableError(tmp));
2217 ckmc_cert_free(cert_lookup);
2220 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2223 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2224 CKMCReadableError(temp));
2225 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2226 CKMCReadableError(temp));
2230 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2232 RUNNER_TEST(T3201_CAPI_unlock_database)
2235 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2236 CKMCReadableError(temp));
2237 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2238 CKMCReadableError(temp));
2239 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
2240 CKMCReadableError(temp));
2243 RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
2246 char alias[10] = "mykey";
2247 char *password = NULL;
2248 ckmc_key_s *test_key = NULL;
2251 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias, password, &test_key)),
2254 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2257 RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
2260 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2261 CKMCReadableError(temp));
2264 RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
2267 char alias[10] = "mykey";
2268 char *password = NULL;
2269 ckmc_key_s *test_key = NULL;
2272 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key)),
2273 CKMCReadableError(temp));
2275 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2278 RUNNER_TEST(T3204_deinit)
2281 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2282 CKMCReadableError(temp));
projects / platform / core / test / security-tests.git / blob