projects / platform / core / test / security-tests.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
CKM: re-factoring tests after adding system-DB support.
[platform/core/test/security-tests.git] / src / ckm / capi-testcases.cpp
1 #include <dpl/test/test_runner.h>
2 #include <dpl/test/test_runner_child.h>
3
4 #include <tests_common.h>
5 #include <test-certs.h>
6 #include <ckm-common.h>
7 #include <access_provider2.h>
8
9 #include <ckm/ckm-manager.h>
10 #include <ckm/ckm-control.h>
11 #include <ckm/ckm-type.h>
12
13 #include <ckmc/ckmc-manager.h>
14 #include <ckmc/ckmc-control.h>
15 #include <ckmc/ckmc-type.h>
16 #include <ckmc/ckmc-error.h>
17
18 #include <ckm-common.h>
19
20 #include <string>
21 #include <string.h>
22 #include <stdio.h>
23 #include <stddef.h>
24 #include <stdlib.h>
25
26 namespace {
27 const int USER_APP = 5000;
28 const int GROUP_APP = 5000;
29 const char* USER_PASS = "user-pass";
30 const char* TEST_LABEL = "test_label";
31 const char* TEST_SYSTEM_ALIAS = "system-alias-1";
32 const char* TEST_DATA = "ABCD";
33 } // namespace anonymous
34
35
36 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
37
38 RUNNER_TEST(T3010_Control_C_API_service_unlock_DB)
39 {
40         int temp;
41
42         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(0)),
43                         CKMCReadableError(temp));
44         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
45                         CKMCReadableError(temp));
46         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(0, "test-pass")),
47                         CKMCReadableError(temp));
48
49         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(4999)),
50                         CKMCReadableError(temp));
51         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(4999)),
52                         CKMCReadableError(temp));
53         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(4999, "test-pass")),
54                         CKMCReadableError(temp));
55
56         remove_user_data(5000);
57         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(5000)),
58                         CKMCReadableError(temp));
59         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(5000)),
60                         CKMCReadableError(temp));
61         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(5000, "test-pass")),
62                         CKMCReadableError(temp));
63 }
64
65 RUNNER_TEST(T3011_Control_C_API)
66 {
67         int temp;
68
69         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
70                         CKMCReadableError(temp));
71
72         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
73                         CKMCReadableError(temp));
74 }
75
76 RUNNER_TEST(T3012_Control_C_API)
77 {
78         int temp;
79
80         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
81                         CKMCReadableError(temp));
82         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
83                         CKMCReadableError(temp));
84 }
85
86 RUNNER_TEST(T3013_Control_C_API)
87 {
88         int temp;
89
90         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
91                         CKMCReadableError(temp));
92 }
93
94 RUNNER_TEST(T3014_Control_C_API)
95 {
96         int temp;
97         const uid_t UNIQUE_USER = 6500;
98
99         // clean up environment
100         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
101                         CKMCReadableError(temp));
102         // unlock with empty password
103         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
104                         CKMCReadableError(temp));
105         // reset password (NULL, "simple-password")
106         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
107                         CKMCReadableError(temp));
108         // get rid of NULL DKEK
109         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
110                         CKMCReadableError(temp));
111         // lock db
112         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
113                         CKMCReadableError(temp));
114         // try to reset password when db locked
115         RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
116                         CKMCReadableError(temp));
117         // clean up environment
118         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
119                         CKMCReadableError(temp));
120 }
121
122 RUNNER_TEST(T3015_Control_C_API)
123 {
124         int temp;
125
126         RUNNER_ASSERT_MSG(
127                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
128                         CKMCReadableError(temp));
129         RUNNER_ASSERT_MSG(
130                         CKMC_ERROR_NONE == (temp = ckmc_change_user_password(USER_APP, "simple-password", "new-pass")),
131                         CKMCReadableError(temp));
132         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
133                         CKMCReadableError(temp));
134         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
135                         CKMCReadableError(temp));
136 }
137
138 RUNNER_TEST(T3016_Control_C_API)
139 {
140         int temp;
141
142         RUNNER_ASSERT_MSG(
143                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
144                         CKMCReadableError(temp));
145         RUNNER_ASSERT_MSG(
146                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
147                         CKMCReadableError(temp));
148 }
149
150 RUNNER_TEST(T3017_Control_C_API_remove_system_DB)
151 {
152         save_data(sharedDatabase(TEST_SYSTEM_ALIAS).c_str(), TEST_DATA);
153
154         // [test] - expect success
155         check_read(TEST_SYSTEM_ALIAS, ckmc_label_shared_owner, TEST_DATA);
156
157         // remove user data - expect to map to the system DB
158         int temp;
159         RUNNER_ASSERT_MSG(
160                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(1234)),
161                         CKMCReadableError(temp));
162
163         // [test] - expect fail
164         check_read(TEST_SYSTEM_ALIAS, ckmc_label_shared_owner, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
165 }
166
167 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
168
169 RUNNER_TEST(T3021_init_C_API)
170 {
171         int temp;
172
173         remove_user_data(0);
174         RUNNER_ASSERT_MSG(
175                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
176                         CKMCReadableError(temp));
177 }
178
179 RUNNER_TEST(T3022_key_C_API)
180 {
181         int temp;
182
183         ckmc_key_s test_key, *test_key2;
184         ckmc_policy_s test_policy;
185
186         char* password = NULL;
187         CKM::Alias alias = sharedDatabase("mykey");
188
189         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
190                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
191                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
192                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
193                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
194                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
195                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
196                 "zQIDAQAB\n"
197                 "-----END PUBLIC KEY-----";
198
199         char* char_keypem = new char[keyPem.length() + 1];
200
201         std::strcpy(char_keypem, keyPem.c_str());
202         test_key.raw_key =  (unsigned char *)char_keypem;
203         test_key.key_size = keyPem.length();
204         test_key.key_type = CKMC_KEY_RSA_PUBLIC;
205         test_key.password = password;
206
207         test_policy.password = password;
208         test_policy.extractable = 1;
209
210         test_key2 = &test_key;
211
212         RUNNER_ASSERT_MSG(
213                         CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), test_key, test_policy)),
214                         CKMCReadableError(temp));
215
216         RUNNER_ASSERT_MSG(
217                         CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
218                         CKMCReadableError(temp));
219 }
220
221 RUNNER_TEST(T3023_certificate_C_API)
222 {
223         int temp;
224
225         std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
226
227         char* password = NULL;
228         ckmc_cert_s *cert2;
229         ckmc_cert_s cert;
230
231         CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
232
233         ckmc_policy_s test_policy;
234         test_policy.password = password;
235         test_policy.extractable = 1;
236
237         char* char_certPem = new char[certPem.length() + 1];
238         std::strcpy(char_certPem, certPem.c_str());
239         cert.raw_cert =  (unsigned char *)char_certPem;
240         cert.cert_size = certPem.length();
241         cert.data_format = CKMC_FORM_PEM;
242
243         RUNNER_ASSERT_MSG(
244                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
245                         CKMCReadableError(temp));
246
247         RUNNER_ASSERT_MSG(
248                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
249                         CKMCReadableError(temp));
250
251         ckmc_cert_free(cert2);
252 }
253
254 RUNNER_TEST(T3024_certificate_remove_C_API)
255 {
256         int temp;
257
258         char* password = NULL;
259         ckmc_cert_s *cert2;
260         CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
261
262         RUNNER_ASSERT_MSG(
263                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
264                         CKMCReadableError(temp));
265         ckmc_cert_free(cert2);
266
267         RUNNER_ASSERT_MSG(
268                         CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias.c_str())),
269                         CKMCReadableError(temp));
270
271         RUNNER_ASSERT_MSG(
272                         CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
273                         CKMCReadableError(temp));
274 }
275
276 RUNNER_TEST(T3025_certificate_list_C_API)
277 {
278         int temp;
279
280         std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
281
282         char* password = NULL;
283         ckmc_cert_s cert;
284
285         ckmc_policy_s test_policy;
286         test_policy.password = password;
287         test_policy.extractable = 1;
288
289         char* char_certPem = new char[certPem.length() + 1];
290         std::strcpy(char_certPem, certPem.c_str());
291         cert.raw_cert =  (unsigned char *)char_certPem;
292         cert.cert_size = certPem.length();
293         cert.data_format = CKMC_FORM_PEM;
294
295         size_t current_aliases_num = count_aliases(ALIAS_CERT);
296
297         RUNNER_ASSERT_MSG(
298                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test1").c_str(), cert, test_policy)),
299                         CKMCReadableError(temp));
300
301         RUNNER_ASSERT_MSG(
302                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test2").c_str(), cert, test_policy)),
303                         CKMCReadableError(temp));
304
305         RUNNER_ASSERT_MSG(
306                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test3").c_str(), cert, test_policy)),
307                         CKMCReadableError(temp));
308
309         size_t actual_cnt = count_aliases(ALIAS_CERT);
310         RUNNER_ASSERT_MSG(
311                         (current_aliases_num+3) == actual_cnt,
312                         "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
313 }
314
315
316 RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
317 {
318         ScopedAccessProvider ap("mylabel");
319         ap.allowAPI("key-manager::api-storage", "rw");
320         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
321
322         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
323                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
324                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
325                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
326                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
327                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
328                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
329                 "zQIDAQAB\n"
330                 "-----END PUBLIC KEY-----";
331
332         int temp;
333
334         ckmc_key_s test_key, *test_key2;
335         ckmc_policy_s test_policy;
336
337         char* password = NULL;
338         const char *passwordPolicy = "x";
339         const char *alias = "mykey";
340         char* char_keypem = new char[keyPem.length() + 1];
341
342         std::strcpy(char_keypem, keyPem.c_str());
343         test_key.raw_key =  (unsigned char *)char_keypem;
344         test_key.key_size = keyPem.length();
345         test_key.key_type = CKMC_KEY_RSA_PUBLIC;
346         test_key.password = password;
347
348         test_policy.password = const_cast<char *>(passwordPolicy);
349         test_policy.extractable = 1;
350
351         test_key2 = &test_key;
352
353
354         RUNNER_ASSERT_MSG(
355                         CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
356                         CKMCReadableError(temp));
357         RUNNER_ASSERT_MSG(
358                         CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
359                         CKMCReadableError(temp));
360
361         //       RUNNER_ASSERT_MSG(
362         //                       key.getDER() == key2.getDER(), "Key value has been changed by service");
363 }
364
365 RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
366 {
367         ScopedAccessProvider ap("mylabel");
368         ap.allowAPI("key-manager::api-storage", "rw");
369         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
370
371         int temp;
372         auto manager = CKM::Manager::create();
373
374         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
375                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
376                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
377                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
378                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
379                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
380                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
381                 "zQIDAQAB\n"
382                 "-----END PUBLIC KEY-----";
383
384         ckmc_policy_s test_policy;
385         ckmc_key_s test_key, *test_key2;
386         char* char_keypem = new char[keyPem.length() + 1];
387         char* password = NULL;
388
389         std::strcpy(char_keypem, keyPem.c_str());
390         test_key.raw_key = (unsigned char *)char_keypem;
391         test_key.key_size = keyPem.length();
392         test_key.key_type = CKMC_KEY_RSA_PUBLIC;
393         test_key.password = password;
394
395         test_policy.password = password;
396         test_policy.extractable = 0;
397
398         RUNNER_ASSERT_MSG(
399                         CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
400                         CKMCReadableError(temp));
401
402         RUNNER_ASSERT_MSG(
403                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
404                         CKMCReadableError(temp));
405 }
406
407
408 RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
409 {
410         int temp;
411
412         std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
413
414         char* password = NULL;
415         ckmc_cert_s *cert2 = NULL;
416         ckmc_cert_s cert;
417
418         ckmc_policy_s test_policy;
419         test_policy.password = password;
420         test_policy.extractable = 1;
421
422         char* char_certPem = new char[certPem.length() + 1];
423         std::strcpy(char_certPem, certPem.c_str());
424         cert.raw_cert =  (unsigned char *)char_certPem;
425         cert.cert_size = certPem.length();
426         cert.data_format = CKMC_FORM_PEM;
427
428         CKM::Alias alias = sharedDatabase("test-cert-1-DSA");
429         RUNNER_ASSERT_MSG(
430                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
431                         CKMCReadableError(temp));
432
433         RUNNER_ASSERT_MSG(
434                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
435                         CKMCReadableError(temp));
436
437         ckmc_cert_free(cert2);
438 }
439
440 RUNNER_TEST(T3029_deinit_C_API)
441 {
442         int temp;
443
444         remove_user_data(0);
445         RUNNER_ASSERT_MSG(
446                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
447                         CKMCReadableError(temp));
448         RUNNER_ASSERT_MSG(
449                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
450                         CKMCReadableError(temp));
451 }
452
453
454 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
455
456 RUNNER_TEST(T3031_init_C_API)
457 {
458         int temp;
459
460         remove_user_data(0);
461         RUNNER_ASSERT_MSG(
462                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
463                         CKMCReadableError(temp));
464 }
465
466 RUNNER_TEST(T3032_save_keys_get_alias_C_API)
467 {
468         int temp;
469
470         char* password = NULL;
471         ckmc_policy_s test_policy1, test_policy2, test_policy3;
472         ckmc_key_s test_key;
473
474         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
475                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
476                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
477                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
478                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
479                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
480                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
481                 "zQIDAQAB\n"
482                 "-----END PUBLIC KEY-----";
483
484         char* char_keypem = new char[keyPem.length() + 1];
485
486         std::strcpy(char_keypem, keyPem.c_str());
487         test_key.raw_key = (unsigned char *)char_keypem;
488         test_key.key_size = keyPem.length();
489         test_key.key_type = CKMC_KEY_RSA_PUBLIC;
490         test_key.password = password;
491
492         test_policy1.password = password;
493         test_policy1.extractable = 1;
494
495         test_policy2.password = password;
496         test_policy2.extractable = 0;
497
498         test_policy3.password = password;
499         test_policy3.extractable = 0;
500
501         size_t current_aliases_num = count_aliases(ALIAS_KEY);
502
503         RUNNER_ASSERT_MSG(
504                         CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey1").c_str(), test_key, test_policy1)),
505                         CKMCReadableError(temp));
506
507         RUNNER_ASSERT_MSG(
508                         CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey2").c_str(), test_key, test_policy2)),
509                         CKMCReadableError(temp));
510
511         RUNNER_ASSERT_MSG(
512                         CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey3").c_str(), test_key, test_policy3)),
513                         CKMCReadableError(temp));
514
515         size_t actual_cnt = count_aliases(ALIAS_KEY);
516         RUNNER_ASSERT_MSG(
517                         (current_aliases_num+3) == actual_cnt,
518                         "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
519 }
520
521
522 RUNNER_TEST(T3033_remove_key_C_API)
523 {
524         int temp;
525
526         char* password = NULL;
527
528         ckmc_key_s *test_key2;
529         RUNNER_ASSERT_MSG(
530                         CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
531                         CKMCReadableError(temp));
532
533         RUNNER_ASSERT_MSG(
534                         CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("rootkey1").c_str())),
535                         CKMCReadableError(temp));
536
537         RUNNER_ASSERT_MSG(
538                         CKMC_ERROR_NONE != (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
539                         CKMCReadableError(temp));
540 }
541
542 RUNNER_TEST(T3034_deinit_C_API)
543 {
544         int temp;
545
546         remove_user_data(0);
547         RUNNER_ASSERT_MSG(
548                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
549                         CKMCReadableError(temp));
550         RUNNER_ASSERT_MSG(
551                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
552                         CKMCReadableError(temp));
553 }
554
555 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
556
557 RUNNER_TEST(T3041_init_C_API)
558 {
559         int temp;
560         remove_user_data(0);
561         RUNNER_ASSERT_MSG(
562                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
563                         CKMCReadableError(temp));
564 }
565
566 RUNNER_TEST(T3042_save_get_bin_data_C_API)
567 {
568         int temp;
569
570         ckmc_raw_buffer_s testData1, testData2, testData3;
571         char* password = NULL;
572
573         std::string binData1 = "My bin data1";
574         std::string binData2 = "My bin data2";
575         std::string binData3 = "My bin data3";
576         char* char_binData1 = new char[binData1.length() + 1];
577         char* char_binData2 = new char[binData2.length() + 1];
578         char* char_binData3 = new char[binData3.length() + 1];
579         std::strcpy(char_binData1, binData1.c_str());
580         std::strcpy(char_binData2, binData2.c_str());
581         std::strcpy(char_binData3, binData3.c_str());
582         testData1.data = (unsigned char *) char_binData1;
583         testData2.data = (unsigned char *) char_binData2;
584         testData3.data = (unsigned char *) char_binData3;
585         testData1.size = binData1.length()+1;
586         testData2.size = binData2.length()+1;
587         testData3.size = binData3.length()+1;
588
589         ckmc_policy_s test_policy1, test_policy2, test_policy3;
590
591         test_policy1.password = password;
592         test_policy1.extractable = 1;
593         test_policy2.password = password;
594         test_policy2.extractable = 1;
595         test_policy3.password = password;
596         test_policy3.extractable = 0;
597
598         size_t current_aliases_num = count_aliases(ALIAS_DATA);
599
600         RUNNER_ASSERT_MSG(
601                         CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data1").c_str(), testData1, test_policy1)), // should change it as null value
602                         CKMCReadableError(temp));
603
604         RUNNER_ASSERT_MSG(
605                         CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data2").c_str(), testData2, test_policy1)), // should change it as null value
606                         CKMCReadableError(temp));
607
608         RUNNER_ASSERT_MSG(
609                         CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data3").c_str(), testData3, test_policy2)),
610                         CKMCReadableError(temp));
611
612         RUNNER_ASSERT_MSG(
613                         CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data(sharedDatabase("data4").c_str(), testData3, test_policy3)),
614                         CKMCReadableError(temp));
615
616         size_t actual_cnt = count_aliases(ALIAS_DATA);
617         RUNNER_ASSERT_MSG(
618                         (current_aliases_num+3) == actual_cnt,
619                         "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
620
621         ckmc_raw_buffer_s *testData4;
622         RUNNER_ASSERT_MSG(
623                         CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData4)),
624                         CKMCReadableError(temp));
625
626         int compareResult;
627         compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
628         RUNNER_ASSERT_MSG( compareResult == 0,
629                         "Data corrupted");
630 }
631
632 RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
633 {
634         ScopedAccessProvider ap("mylabel");
635         ap.allowAPI("key-manager::api-storage", "rw");
636         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
637
638         int temp;
639         ckmc_raw_buffer_s testData1;
640         char* password = NULL;
641         std::string binData1 = "My bin data";
642         char* char_binData1 = new char[binData1.length() + 1];
643         std::strcpy(char_binData1, binData1.c_str());
644         testData1.data = (unsigned char *) char_binData1;
645         testData1.size = binData1.length()+1;
646
647         ckmc_policy_s test_policy1, test_policy2;
648
649         test_policy1.password = password;
650         test_policy1.extractable = 1;
651
652         test_policy2.password = password;
653         test_policy2.extractable = 1;
654
655         std::string binData = "My bin data";
656
657         size_t current_aliases_num = count_aliases(ALIAS_DATA);
658
659         RUNNER_ASSERT_MSG(
660                         CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
661                         CKMCReadableError(temp));
662         RUNNER_ASSERT_MSG(
663                         CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
664                         CKMCReadableError(temp));
665         RUNNER_ASSERT_MSG(
666                         CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
667                         CKMCReadableError(temp));
668
669         size_t actual_cnt = count_aliases(ALIAS_DATA);
670         RUNNER_ASSERT_MSG(
671                                 (current_aliases_num+3) == actual_cnt,
672                                 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
673 }
674
675 RUNNER_TEST(T3044_remove_bin_data_C_API)
676 {
677         int temp;
678
679         size_t current_aliases_num = count_aliases(ALIAS_DATA, 2);
680
681         RUNNER_ASSERT_MSG(
682                         CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data1").c_str())),
683                         CKMCReadableError(temp));
684         RUNNER_ASSERT_MSG(
685                         CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data3").c_str())),
686                         CKMCReadableError(temp));
687
688         size_t actual_cnt = count_aliases(ALIAS_DATA);
689         RUNNER_ASSERT_MSG(
690                                 (current_aliases_num-2) == actual_cnt,
691                                 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << actual_cnt);
692
693         char* password = NULL;
694
695         ckmc_raw_buffer_s *testData1, testData2;
696
697         std::string testStr = "My bin data2";
698         char* char_testData2 = new char[testStr.length() + 1];
699         std::strcpy(char_testData2, testStr.c_str());
700         testData2.data = (unsigned char *) char_testData2;
701         testData2.size = testStr.length()+1;
702
703         CKM::RawBuffer buffer;
704         RUNNER_ASSERT_MSG(
705                         CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData1)),
706                         CKMCReadableError(temp));
707
708         int compareResult;
709         compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
710         RUNNER_ASSERT_MSG( compareResult == 0,
711                         "Data corrupted");
712
713         RUNNER_ASSERT_MSG(
714                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data(sharedDatabase("data3").c_str(), password, &testData1)),
715                         CKMCReadableError(temp));
716 }
717
718 RUNNER_TEST(T3045_deinit_C_API)
719 {
720         int temp;
721
722         remove_user_data(0);
723         RUNNER_ASSERT_MSG(
724                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
725                         CKMCReadableError(temp));
726         RUNNER_ASSERT_MSG(
727                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
728                         CKMCReadableError(temp));
729 }
730
731 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
732
733 RUNNER_TEST(T3051_CAPI_init)
734 {
735         int temp;
736
737         RUNNER_ASSERT_MSG(
738                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
739                         CKMCReadableError(temp));
740
741         RUNNER_ASSERT_MSG(
742                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
743                         CKMCReadableError(temp));
744 }
745
746 RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
747 {
748         int temp;
749
750         ScopedAccessProvider ap("mylabel");
751         ap.allowAPI("key-manager::api-storage", "rw");
752         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
753
754         size_t size = 1024;
755         const char *private_key_alias = "RSA-test-1-priv";
756         const char *public_key_alias = "RSA-test-1-pub";
757         ckmc_policy_s policy_private_key;
758         ckmc_policy_s policy_public_key;
759
760         policy_private_key.password = NULL;
761         policy_private_key.extractable = 1;
762
763         policy_public_key.password = NULL;
764         policy_public_key.extractable = 1;
765
766
767         size_t current_aliases_num = count_aliases(ALIAS_KEY);
768
769         RUNNER_ASSERT_MSG(
770                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
771                         CKMCReadableError(temp));
772
773         size_t actual_cnt = count_aliases(ALIAS_KEY);
774         RUNNER_ASSERT_MSG(
775                         (current_aliases_num+2) == actual_cnt,
776                         "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
777
778         ckmc_key_s *privateKey;
779         RUNNER_ASSERT_MSG(
780                         CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
781                         CKMCReadableError(temp));
782         RUNNER_ASSERT_MSG(
783                         privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
784                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
785         RUNNER_ASSERT_MSG(
786                         privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
787                         "Private key is broken.");
788
789         ckmc_key_s *publicKey;
790         RUNNER_ASSERT_MSG(
791                         CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
792                         CKMCReadableError(temp));
793         RUNNER_ASSERT_MSG(
794                         publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
795                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
796         RUNNER_ASSERT_MSG(
797                         publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
798                         "Public key is broken.");
799
800         // on next attempt to generate keys with the same alias, expect fail (alias exists)
801         RUNNER_ASSERT_MSG(
802                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
803                         CKMCReadableError(temp));
804 }
805
806 RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
807 {
808         int temp;
809
810         AccessProvider ap("mylabel");
811         ap.allowAPI("key-manager::api-storage", "rw");
812         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
813
814         size_t size = 1024;
815         const char *private_key_alias = "DSA-test-2-priv";
816         const char *public_key_alias = "DSA-test-2-pub";
817         ckmc_policy_s policy_private_key;
818         ckmc_policy_s policy_public_key;
819
820         policy_private_key.password = NULL;
821         policy_private_key.extractable = 1;
822
823         policy_public_key.password = NULL;
824         policy_public_key.extractable = 1;
825
826         size_t current_aliases_num = count_aliases(ALIAS_KEY);
827
828         RUNNER_ASSERT_MSG(
829                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
830                         CKMCReadableError(temp));
831
832         size_t actual_cnt = count_aliases(ALIAS_KEY);
833         RUNNER_ASSERT_MSG(
834                         (current_aliases_num+2) == actual_cnt,
835                         "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
836
837         ckmc_key_s *privateKey = 0;
838         RUNNER_ASSERT_MSG(
839                         CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
840                         CKMCReadableError(temp));
841         RUNNER_ASSERT_MSG(
842                         privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
843                         "Private key is broken.");
844         RUNNER_ASSERT_MSG(
845                         privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
846                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
847         ckmc_key_free(privateKey);
848
849         ckmc_key_s *pubKey = 0;
850         RUNNER_ASSERT_MSG(
851                         CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
852                         CKMCReadableError(temp));
853         RUNNER_ASSERT_MSG(
854                         pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
855                         "Public key is broken.");
856         RUNNER_ASSERT_MSG(
857                         pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
858                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
859         ckmc_key_free(pubKey);
860
861         // on next attempt to generate keys with the same alias, expect fail (alias exists)
862         RUNNER_ASSERT_MSG(
863                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
864                         CKMCReadableError(temp));
865 }
866
867
868 RUNNER_TEST(T3054_CAPI_deinit)
869 {
870         int temp;
871
872         RUNNER_ASSERT_MSG(
873                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
874                         CKMCReadableError(temp));
875         RUNNER_ASSERT_MSG(
876                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
877                         CKMCReadableError(temp));
878 }
879
880
881 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
882
883 RUNNER_TEST(T3061_CAPI_init)
884 {
885         remove_user_data(0);
886         reset_user_data(USER_APP, USER_PASS);
887 }
888
889 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
890 {
891         int temp;
892
893         size_t size = 1024;
894         CKM::Alias private_key_alias = sharedDatabase("rsa-test-1");
895         CKM::Alias public_key_alias = sharedDatabase("rsa-test-2");
896         ckmc_policy_s policy_private_key;
897         ckmc_policy_s policy_public_key;
898
899         policy_private_key.password = const_cast<char *>("privatepassword");
900         policy_private_key.extractable = 0;
901
902         policy_public_key.password = NULL;
903         policy_public_key.extractable = 1;
904
905         RUNNER_ASSERT_MSG(
906                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
907                         CKMCReadableError(temp));
908
909         // on next attempt to generate keys with the same alias, expect fail (alias exists)
910         RUNNER_ASSERT_MSG(
911                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
912                         CKMCReadableError(temp));
913 }
914
915 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
916 {
917         int temp;
918
919         size_t size = 1024;
920         CKM::Alias private_key_alias = sharedDatabase("dsa-test-1");
921         CKM::Alias public_key_alias = sharedDatabase("dsa-test-2");
922         ckmc_policy_s policy_private_key;
923         ckmc_policy_s policy_public_key;
924
925         policy_private_key.password = const_cast<char *>("privatepassword");
926         policy_private_key.extractable = 0;
927
928         policy_public_key.password = NULL;
929         policy_public_key.extractable = 1;
930
931         RUNNER_ASSERT_MSG(
932                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
933                         CKMCReadableError(temp));
934 }
935
936 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
937 {
938         int temp;
939
940         ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
941         CKM::Alias private_key_alias = sharedDatabase("ecdsa-test-1");
942         CKM::Alias public_key_alias = sharedDatabase("ecdsa-test-2");
943         ckmc_policy_s policy_private_key;
944         ckmc_policy_s policy_public_key;
945
946         policy_private_key.password = const_cast<char *>("privatepassword");
947         policy_private_key.extractable = 0;
948
949         policy_public_key.password = NULL;
950         policy_public_key.extractable = 1;
951
952         RUNNER_ASSERT_MSG(
953                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
954                         CKMCReadableError(temp));
955 }
956
957 RUNNER_TEST(T3065_CAPI_deinit)
958 {
959         remove_user_data(0);
960 }
961
962 // TODO
963 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
964
965
966
967 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
968
969 RUNNER_TEST(T3071_CAPI_init)
970 {
971         remove_user_data(0);
972 }
973
974 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
975 {
976         std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
977         std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
978
979         ckmc_cert_s c_cert;
980         c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
981         c_cert.cert_size = ee.size();
982         c_cert.data_format = CKMC_FORM_PEM;
983
984         ckmc_cert_s c_cert1;
985         c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
986         c_cert1.cert_size = im.size();
987         c_cert1.data_format = CKMC_FORM_PEM;
988
989         ckmc_cert_list_s untrustedcerts;
990         untrustedcerts.cert = &c_cert1;
991         untrustedcerts.next = NULL;
992
993         ckmc_cert_list_s *cert_chain_list;
994
995         int     tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
996         RUNNER_ASSERT_MSG(
997                         CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
998
999         RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1000
1001         ckmc_ocsp_status_e ocsp_status;
1002         RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1003         RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1004 }
1005
1006 RUNNER_TEST(T3075_CAPI_deinit)
1007 {
1008         remove_user_data(0);
1009 }
1010
1011
1012 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1013
1014 RUNNER_TEST(T3081_CAPI__init)
1015 {
1016         int temp;
1017
1018         RUNNER_ASSERT_MSG(
1019                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1020                         CKMCReadableError(temp));
1021
1022         RUNNER_ASSERT_MSG(
1023                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1024                         CKMCReadableError(temp));
1025
1026         remove_user_data(0);
1027 }
1028
1029 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1030 {
1031         int temp;
1032
1033         std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1034                 "Proc-Type: 4,ENCRYPTED\n"
1035                 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1036                 "\n"
1037                 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1038                 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1039                 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1040                 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1041                 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1042                 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1043                 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1044                 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1045                 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1046                 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1047                 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1048                 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1049                 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1050                 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1051                 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1052                 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1053                 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1054                 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1055                 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1056                 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1057                 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1058                 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1059                 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1060                 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1061                 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1062                 "-----END RSA PRIVATE KEY-----\n";
1063
1064         std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1065                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1066                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1067                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1068                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1069                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1070                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1071                 "zQIDAQAB\n"
1072                 "-----END PUBLIC KEY-----\n";
1073
1074         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1075
1076         CKM::Alias pub_alias = sharedDatabase("pub1");
1077         CKM::Alias pri_alias = sharedDatabase("prv1");
1078         const char *key_passwd = "1234";
1079         char *pri_passwd = NULL;
1080         char *pub_passwd = NULL;
1081         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1082         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1083         ckmc_raw_buffer_s *signature;
1084
1085         ckmc_key_s pubkey;
1086         pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1087         pubkey.key_size = pub.size();
1088         pubkey.key_type = CKMC_KEY_NONE;
1089         pubkey.password = NULL;
1090
1091         ckmc_policy_s pubpolicy;
1092         pubpolicy.password = pub_passwd;
1093         pubpolicy.extractable = 0;
1094
1095         ckmc_policy_s pripolicy;
1096         pripolicy.password = pri_passwd;
1097         pripolicy.extractable = 1;
1098
1099         ckmc_key_s prikey;
1100         prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1101         prikey.key_size = prv.size();
1102         prikey.key_type = CKMC_KEY_NONE;
1103         prikey.password = const_cast<char *>(key_passwd);
1104
1105
1106         RUNNER_ASSERT_MSG(
1107                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1108                         CKMCReadableError(temp));
1109
1110         RUNNER_ASSERT_MSG(
1111                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1112                         CKMCReadableError(temp));
1113
1114         RUNNER_ASSERT_MSG(
1115                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1116                                         pri_alias.c_str(),
1117                                         pri_passwd,
1118                                         msg_buff,
1119                                         hash_algo,
1120                                         pad_algo,
1121                                         &signature)),
1122                         CKMCReadableError(temp));
1123
1124         RUNNER_ASSERT_MSG(
1125                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1126                                         pub_alias.c_str(),
1127                                         pub_passwd,
1128                                         msg_buff,
1129                                         *signature,
1130                                         hash_algo,
1131                                         pad_algo)),
1132                         CKMCReadableError(temp));
1133 }
1134
1135 RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
1136 {
1137         int temp;
1138
1139         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1140         CKM::Alias pub_alias = sharedDatabase("pub1");
1141         CKM::Alias pri_alias = sharedDatabase("prv1");
1142         char *pri_passwd = NULL;
1143         char *pub_passwd = NULL;
1144         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1145         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1146         ckmc_raw_buffer_s *signature;
1147
1148         RUNNER_ASSERT_MSG(
1149                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1150                                         pri_alias.c_str(),
1151                                         pri_passwd,
1152                                         msg_buff,
1153                                         hash_algo,
1154                                         pad_algo,
1155                                         &signature)),
1156                         CKMCReadableError(temp));
1157
1158         RUNNER_ASSERT_MSG(
1159                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1160                                         pub_alias.c_str(),
1161                                         pub_passwd,
1162                                         msg_buff,
1163                                         *signature,
1164                                         hash_algo,
1165                                         pad_algo)),
1166                         CKMCReadableError(temp));
1167
1168         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1169         memcpy((void*)signature->data, "BROKEN", 6);
1170
1171         RUNNER_ASSERT_MSG(
1172                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1173                                         pub_alias.c_str(),
1174                                         pub_passwd,
1175                                         msg_buff,
1176                                         *signature,
1177                                         hash_algo,
1178                                         pad_algo)),
1179                         CKMCReadableError(temp));
1180 }
1181
1182 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1183 {
1184         int temp;
1185
1186         std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1187                 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1188                 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1189                 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1190                 "-----END EC PRIVATE KEY-----\n";
1191
1192         std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1193                 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1194                 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1195                 "-----END PUBLIC KEY-----\n";
1196
1197         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1198         CKM::Alias pri_alias = sharedDatabase("ecprv2");
1199         CKM::Alias pub_alias = sharedDatabase("ecpub2");
1200         char *key_passwd = NULL;
1201         char *pri_passwd = NULL;
1202         char *pub_passwd = NULL;
1203         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1204         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1205         ckmc_raw_buffer_s *signature;
1206
1207         ckmc_key_s pubkey;
1208         pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1209         pubkey.key_size = pub.size();
1210         pubkey.key_type = CKMC_KEY_NONE;
1211         pubkey.password = NULL;
1212
1213         ckmc_policy_s pubpolicy;
1214         pubpolicy.password = pub_passwd;
1215         pubpolicy.extractable = 1;
1216
1217         ckmc_key_s prikey;
1218         prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1219         prikey.key_size = prv.size();
1220         prikey.key_type = CKMC_KEY_NONE;
1221         prikey.password = key_passwd;
1222
1223         ckmc_policy_s pripolicy;
1224         pripolicy.password = pri_passwd;
1225         pripolicy.extractable = 0;
1226
1227         RUNNER_ASSERT_MSG(
1228                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1229                         CKMCReadableError(temp));
1230         RUNNER_ASSERT_MSG(
1231                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1232                         CKMCReadableError(temp));
1233
1234         RUNNER_ASSERT_MSG(
1235                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1236                                         pri_alias.c_str(),
1237                                         pri_passwd,
1238                                         msg_buff,
1239                                         hash_algo,
1240                                         pad_algo,
1241                                         &signature)),
1242                         CKMCReadableError(temp));
1243
1244         RUNNER_ASSERT_MSG(
1245                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1246                                         pub_alias.c_str(),
1247                                         pub_passwd,
1248                                         msg_buff,
1249                                         *signature,
1250                                         hash_algo,
1251                                         pad_algo)),
1252                         CKMCReadableError(temp));
1253
1254         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1255         memcpy((void*)signature->data, "BROKEN", 6);
1256
1257         RUNNER_ASSERT_MSG(
1258                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1259                                         pub_alias.c_str(),
1260                                         pub_passwd,
1261                                         msg_buff,
1262                                         *signature,
1263                                         hash_algo,
1264                                         pad_algo)),
1265                         CKMCReadableError(temp));
1266 }
1267
1268 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1269 {
1270         int temp;
1271
1272         std::string prv =
1273                 "-----BEGIN RSA PRIVATE KEY-----\n"
1274                 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1275                 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1276                 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1277                 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1278                 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1279                 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1280                 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1281                 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1282                 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1283                 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1284                 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1285                 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1286                 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1287                 "-----END RSA PRIVATE KEY-----\n";
1288
1289         std::string pub =
1290                 "-----BEGIN CERTIFICATE-----\n"
1291                 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1292                 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1293                 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1294                 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1295                 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1296                 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1297                 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1298                 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1299                 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1300                 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1301                 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1302                 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1303                 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1304                 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1305                 "-----END CERTIFICATE-----\n";
1306
1307         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1308
1309         CKM::Alias pri_alias = sharedDatabase("prv3");
1310         CKM::Alias pub_alias = sharedDatabase("pub3");
1311         char *key_passwd = NULL;
1312         char *pri_passwd = NULL;
1313         char *pub_passwd = NULL;
1314         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1315         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1316         ckmc_raw_buffer_s *signature;
1317
1318         ckmc_cert_s cert;
1319         cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1320         cert.cert_size = pub.size();
1321         cert.data_format = CKMC_FORM_PEM;
1322
1323         ckmc_policy_s certpolicy;
1324         certpolicy.password = pub_passwd;
1325         certpolicy.extractable = 1;
1326
1327         ckmc_key_s prikey;
1328         prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1329         prikey.key_size = prv.size();
1330         prikey.key_type = CKMC_KEY_NONE;
1331         prikey.password = key_passwd;
1332
1333         ckmc_policy_s pripolicy;
1334         pripolicy.password = pri_passwd;
1335         pripolicy.extractable = 0;
1336
1337         RUNNER_ASSERT_MSG(
1338                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1339                         CKMCReadableError(temp));
1340         RUNNER_ASSERT_MSG(
1341                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1342                         CKMCReadableError(temp));
1343
1344
1345         RUNNER_ASSERT_MSG(
1346                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1347                                         pri_alias.c_str(),
1348                                         pri_passwd,
1349                                         msg_buff,
1350                                         hash_algo,
1351                                         pad_algo,
1352                                         &signature)),
1353                         CKMCReadableError(temp));
1354
1355         RUNNER_ASSERT_MSG(
1356                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1357                                         pub_alias.c_str(),
1358                                         pub_passwd,
1359                                         msg_buff,
1360                                         *signature,
1361                                         hash_algo,
1362                                         pad_algo)),
1363                         CKMCReadableError(temp));
1364
1365         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1366         memcpy((void*)signature->data, "BROKEN", 6);
1367
1368         RUNNER_ASSERT_MSG(
1369                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1370                                         pub_alias.c_str(),
1371                                         pub_passwd,
1372                                         msg_buff,
1373                                         *signature,
1374                                         hash_algo,
1375                                         pad_algo)),
1376                         CKMCReadableError(temp));
1377 }
1378
1379 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1380 {
1381         int temp;
1382
1383         const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1384                 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1385                 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1386                 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1387                 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1388                 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1389                 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1390                 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1391                 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1392                 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1393                 "YMYCBhubtrVaLmc=\n"
1394                 "-----END PUBLIC KEY-----";
1395
1396         const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1397                 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1398                 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1399                 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1400                 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1401                 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1402                 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1403                 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1404                 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1405                 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1406                 "u1roOuaPY+Hl19BlTE2qdw==\n"
1407                 "-----END DSA PRIVATE KEY-----";
1408
1409         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1410
1411         CKM::Alias pub_alias = sharedDatabase("dsa-pub1");
1412         CKM::Alias pri_alias = sharedDatabase("dsa-prv1");
1413         char *pri_passwd = NULL;
1414         char *pub_passwd = NULL;
1415         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1416         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1417         ckmc_raw_buffer_s *signature = NULL;
1418
1419         ckmc_key_s pubkey;
1420         pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1421         pubkey.key_size = pub.size();
1422         pubkey.key_type = CKMC_KEY_NONE;
1423         pubkey.password = NULL;
1424
1425         ckmc_policy_s pubpolicy;
1426         pubpolicy.password = pub_passwd;
1427         pubpolicy.extractable = 0;
1428
1429         ckmc_policy_s pripolicy;
1430         pripolicy.password = pri_passwd;
1431         pripolicy.extractable = 1;
1432
1433         ckmc_key_s prikey;
1434         prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
1435         prikey.key_size = priv.size();
1436         prikey.key_type = CKMC_KEY_NONE;
1437         prikey.password = NULL;
1438
1439
1440         RUNNER_ASSERT_MSG(
1441                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1442                         CKMCReadableError(temp));
1443
1444         RUNNER_ASSERT_MSG(
1445                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1446                         CKMCReadableError(temp));
1447
1448         RUNNER_ASSERT_MSG(
1449                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1450                                         pri_alias.c_str(),
1451                                         pri_passwd,
1452                                         msg_buff,
1453                                         hash_algo,
1454                                         pad_algo,
1455                                         &signature)),
1456                         CKMCReadableError(temp));
1457
1458         // positive test
1459         RUNNER_ASSERT_MSG(
1460                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1461                                         pub_alias.c_str(),
1462                                         pub_passwd,
1463                                         msg_buff,
1464                                         *signature,
1465                                         hash_algo,
1466                                         pad_algo)),
1467                         CKMCReadableError(temp));
1468
1469         // negative test
1470         ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1471         RUNNER_ASSERT_MSG(
1472                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1473                                         pub_alias.c_str(),
1474                                         pub_passwd,
1475                                         invalid_msg_buff,
1476                                         *signature,
1477                                         hash_algo,
1478                                         pad_algo)),
1479                         CKMCReadableError(temp));
1480
1481         ckmc_buffer_free(signature);
1482 }
1483
1484 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1485 {
1486         int temp;
1487
1488         size_t size = 1024;
1489         ckmc_policy_s policy_private_key;
1490         ckmc_policy_s policy_public_key;
1491
1492         policy_private_key.password = NULL;
1493         policy_private_key.extractable = 1;
1494
1495         policy_public_key.password = NULL;
1496         policy_public_key.extractable = 1;
1497
1498         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1499
1500         CKM::Alias pub_alias = sharedDatabase("dsa-pub2");
1501         CKM::Alias pri_alias = sharedDatabase("dsa-prv2");
1502
1503         RUNNER_ASSERT_MSG(
1504                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias.c_str(), pub_alias.c_str(), policy_private_key, policy_public_key)),
1505                         "Error=" << temp);
1506
1507         char *pri_passwd = NULL;
1508         char *pub_passwd = NULL;
1509         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1510         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1511         ckmc_raw_buffer_s *signature;
1512
1513         ckmc_key_s *pubkey = NULL;
1514         ckmc_key_s *prikey = NULL;
1515         RUNNER_ASSERT_MSG(
1516                         CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias.c_str(), 0, &prikey)),
1517                         CKMCReadableError(temp));
1518
1519         RUNNER_ASSERT_MSG(
1520                         CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias.c_str(), 0, &pubkey)),
1521                         CKMCReadableError(temp));
1522
1523         RUNNER_ASSERT_MSG(
1524                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1525                                         pri_alias.c_str(),
1526                                         pri_passwd,
1527                                         msg_buff,
1528                                         hash_algo,
1529                                         pad_algo,
1530                                         &signature)),
1531                         CKMCReadableError(temp));
1532
1533         // positive test
1534         RUNNER_ASSERT_MSG(
1535                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1536                                         pub_alias.c_str(),
1537                                         pub_passwd,
1538                                         msg_buff,
1539                                         *signature,
1540                                         hash_algo,
1541                                         pad_algo)),
1542                         CKMCReadableError(temp));
1543
1544         // negative test
1545         ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1546         RUNNER_ASSERT_MSG(
1547                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1548                                         pub_alias.c_str(),
1549                                         pub_passwd,
1550                                         invalid_msg_buff,
1551                                         *signature,
1552                                         hash_algo,
1553                                         pad_algo)),
1554                         CKMCReadableError(temp));
1555
1556         ckmc_key_free(prikey);
1557         ckmc_key_free(pubkey);
1558         ckmc_buffer_free(signature);
1559 }
1560
1561 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
1562 {
1563         int temp;
1564
1565         std::string prv =
1566                 "-----BEGIN EC PRIVATE KEY-----\n"
1567                 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1568                 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1569                 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1570                 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1571                 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1572                 "ELyhe7yPCAuOoLZlTLgf\n"
1573                 "-----END EC PRIVATE KEY-----\n";
1574
1575         std::string pub =
1576                 "-----BEGIN CERTIFICATE-----\n"
1577                 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1578                 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1579                 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1580                 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1581                 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1582                 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1583                 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1584                 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1585                 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1586                 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1587                 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1588                 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1589                 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1590                 "Q1oBry6NEc+lLFmWMDesAA==\n"
1591                 "-----END CERTIFICATE-----\n";
1592
1593         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1594
1595         CKM::Alias pri_alias = sharedDatabase("prv4");
1596         CKM::Alias pub_alias = sharedDatabase("pub4");
1597         char *key_passwd = NULL;
1598         char *pri_passwd = NULL;
1599         char *pub_passwd = NULL;
1600         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1601         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1602         ckmc_raw_buffer_s *signature;
1603
1604         ckmc_cert_s cert;
1605         cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1606         cert.cert_size = pub.size();
1607         cert.data_format = CKMC_FORM_PEM;
1608
1609         ckmc_policy_s certpolicy;
1610         certpolicy.password = pub_passwd;
1611         certpolicy.extractable = 1;
1612
1613         ckmc_key_s prikey;
1614         prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1615         prikey.key_size = prv.size();
1616         prikey.key_type = CKMC_KEY_NONE;
1617         prikey.password = key_passwd;
1618
1619         ckmc_policy_s pripolicy;
1620         pripolicy.password = pri_passwd;
1621         pripolicy.extractable = 0;
1622
1623
1624         RUNNER_ASSERT_MSG(
1625                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1626                         CKMCReadableError(temp));
1627         RUNNER_ASSERT_MSG(
1628                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1629                         CKMCReadableError(temp));
1630
1631         RUNNER_ASSERT_MSG(
1632                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1633                                         pri_alias.c_str(),
1634                                         pri_passwd,
1635                                         msg_buff,
1636                                         hash_algo,
1637                                         pad_algo,
1638                                         &signature)),
1639                         CKMCReadableError(temp));
1640
1641         RUNNER_ASSERT_MSG(
1642                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1643                                         pub_alias.c_str(),
1644                                         pub_passwd,
1645                                         msg_buff,
1646                                         *signature,
1647                                         hash_algo,
1648                                         pad_algo)),
1649                         CKMCReadableError(temp));
1650
1651         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1652         memcpy((void*)signature->data, "BROKEN", 6);
1653
1654         RUNNER_ASSERT_MSG(
1655                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1656                                         pub_alias.c_str(),
1657                                         pub_passwd,
1658                                         msg_buff,
1659                                         *signature,
1660                                         hash_algo,
1661                                         pad_algo)),
1662                         CKMCReadableError(temp));
1663 }
1664
1665 RUNNER_TEST(T3089_CAPI__deinit)
1666 {
1667         remove_user_data(0);
1668 }
1669
1670
1671 //#######################################################################################
1672
1673 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
1674 {
1675         RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
1676         RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
1677
1678         if(key->password != NULL && password != NULL) {
1679                 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
1680         }else if(key->password == NULL && password == NULL) {
1681                 RUNNER_ASSERT_MSG(true, "Password Error" );
1682         }else {
1683                 RUNNER_ASSERT_MSG(false, "Password Error" );
1684         }
1685
1686         if(key->raw_key != NULL && raw_key != NULL) {
1687                 for(unsigned int i=0; i<key_size; i++) {
1688                         RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i],  "Raw Key Error" );
1689                 }
1690         }else if(key->raw_key == NULL && raw_key == NULL) {
1691                 RUNNER_ASSERT_MSG(true,  "Raw Key Error" );
1692         }else {
1693                 RUNNER_ASSERT_MSG(false,  "Raw Key Error" );
1694         }
1695 }
1696
1697 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
1698
1699 RUNNER_TEST(T3091_CAPI_TYPE_init)
1700 {
1701         remove_user_data(0);
1702         reset_user_data(USER_APP, USER_PASS);
1703 }
1704
1705 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
1706 {
1707         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1708                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1709                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1710                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1711                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1712                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1713                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1714                 "zQIDAQAB\n"
1715                 "-----END PUBLIC KEY-----";
1716
1717         unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1718         unsigned int key_size = keyPem.size();
1719         ckmc_key_type_e key_type = CKMC_KEY_NONE;
1720         char *password = const_cast< char *>("");
1721
1722         ckmc_key_s *key;
1723         ckmc_key_new(raw_key, key_size, key_type, password, &key);
1724
1725         _assertKey(key, raw_key, key_size, key_type, password);
1726         ckmc_key_free(key);
1727
1728         char *passwordNull = NULL;
1729         ckmc_key_s *key2;
1730         ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
1731         ckmc_key_free(key2);
1732 }
1733
1734 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
1735 {
1736         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1737                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1738                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1739                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1740                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1741                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1742                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1743                 "zQIDAQAB\n"
1744                 "-----END PUBLIC KEY-----";
1745
1746         unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1747         unsigned int size = keyPem.size();
1748
1749         ckmc_raw_buffer_s *buff;
1750         ckmc_buffer_new(data, size, &buff);
1751
1752         RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
1753
1754         if(buff->data != NULL && data != NULL) {
1755                 for(unsigned int i=0; i<size; i++) {
1756                         RUNNER_ASSERT_MSG((buff->data)[i] == data[i],  "Raw data Error" );
1757                 }
1758         }else if(buff->data == NULL && data == NULL) {
1759                 RUNNER_ASSERT_MSG(true,  "Raw data Error" );
1760         }else {
1761                 RUNNER_ASSERT_MSG(false,  "Raw data Error" );
1762         }
1763
1764         ckmc_buffer_free(buff);
1765 }
1766
1767 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
1768 {
1769         std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
1770
1771         unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
1772         unsigned int size = certPem.size();
1773         ckmc_data_format_e form = CKMC_FORM_PEM;
1774
1775         ckmc_cert_s *ckmCert;
1776         ckmc_cert_new(raw_cert, size, form, &ckmCert);
1777
1778         RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
1779
1780         if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
1781                 for(unsigned int i=0; i<size; i++) {
1782                         RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i],  "Raw data Error" );
1783                 }
1784         }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
1785                 RUNNER_ASSERT_MSG(true,  "raw_cert Error" );
1786         }else {
1787                 RUNNER_ASSERT_MSG(false,  "raw_cert Error" );
1788         }
1789
1790         RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
1791
1792         ckmc_cert_free(ckmCert);
1793 }
1794
1795
1796 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
1797 {
1798         int ret;
1799
1800         std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
1801
1802         const char *file_name = "/tmp/ckmc_test_cert.pem";
1803         remove(file_name);
1804
1805         FILE* cert_file;
1806         cert_file = fopen(file_name, "w");
1807         fprintf(cert_file, "%s",certStr.c_str());
1808         fclose(cert_file);
1809
1810         ckmc_cert_s *pcert;
1811
1812         RUNNER_ASSERT_MSG(
1813                         CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
1814                         CKMCReadableError(ret));
1815
1816         RUNNER_ASSERT_MSG(
1817                         pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
1818
1819         CKM::Alias lcert_alias = sharedDatabase("lcert_alias");
1820         ckmc_policy_s policy;
1821         policy.password = NULL;
1822         policy.extractable = 1;
1823
1824         RUNNER_ASSERT_MSG(
1825                         CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias.c_str(), *pcert, policy)),
1826                         CKMCReadableError(ret));
1827
1828         remove(file_name);
1829 }
1830
1831 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
1832         const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
1833         const char *password = "password";
1834
1835         int temp;
1836
1837         ckmc_key_s *private_key = NULL;
1838         ckmc_cert_s *cert = NULL;
1839         ckmc_cert_list_s *ca_cert_list = NULL;
1840
1841         RUNNER_ASSERT_MSG(
1842                         CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
1843                                         &private_key, &cert, &ca_cert_list)),
1844                         "Error=" << temp);
1845         RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
1846         RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
1847         RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
1848
1849         ckmc_policy_s policy;
1850         policy.password = NULL;
1851         policy.extractable = 1;
1852
1853
1854         CKM::Alias pkey_alias = sharedDatabase("pkey_alias");
1855         RUNNER_ASSERT_MSG(
1856                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *private_key, policy)),
1857                         CKMCReadableError(temp));
1858
1859         CKM::Alias cert_alias = sharedDatabase("cert_alias");
1860         RUNNER_ASSERT_MSG(
1861                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *cert, policy)),
1862                         CKMCReadableError(temp));
1863         std::string caCertAlias = sharedDatabase("ca_cert_alias_");
1864         const char *idx = "0";
1865         int cnt = 0;
1866         ckmc_cert_list_s *tmpList = ca_cert_list;
1867         while(tmpList != NULL) {
1868                 caCertAlias.append(idx);
1869                 RUNNER_ASSERT_MSG(
1870                                 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
1871                                 CKMCReadableError(temp));
1872                 tmpList = tmpList->next;
1873                 cnt ++;
1874         }
1875
1876         RUNNER_ASSERT_MSG(cnt ==  2, "Invalid CA Cert Count");
1877
1878         ckmc_key_free(private_key);
1879         ckmc_cert_free(cert);
1880         ckmc_cert_list_all_free(ca_cert_list);
1881 }
1882
1883 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
1884         const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
1885         const char *password = "password";
1886
1887         int temp;
1888
1889         ckmc_pkcs12_s *ppkcs12 = NULL;
1890
1891         RUNNER_ASSERT_MSG(
1892                         CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
1893                         CKMCReadableError(temp));
1894         RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
1895         RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
1896         RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
1897
1898         ckmc_policy_s policy;
1899         policy.password = NULL;
1900         policy.extractable = 1;
1901
1902
1903         CKM::Alias pkey_alias = sharedDatabase("pkey_alias2");
1904         RUNNER_ASSERT_MSG(
1905                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *(ppkcs12->priv_key), policy)),
1906                         CKMCReadableError(temp));
1907
1908         CKM::Alias cert_alias = sharedDatabase("cert_alias2");
1909         RUNNER_ASSERT_MSG(
1910                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *(ppkcs12->cert), policy)),
1911                         CKMCReadableError(temp));
1912         std::string caCertAlias = sharedDatabase("ca_cert_alias_2_");
1913         const char *idx = "0";
1914         int cnt = 0;
1915         ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
1916         while(tmpList != NULL) {
1917                 caCertAlias.append(idx);
1918                 RUNNER_ASSERT_MSG(
1919                                 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
1920                                 CKMCReadableError(temp));
1921                 tmpList = tmpList->next;
1922                 cnt ++;
1923         }
1924
1925         RUNNER_ASSERT_MSG(cnt ==  2, "Invalid CA Cert Count");
1926
1927         ckmc_pkcs12_free(ppkcs12);
1928 }
1929
1930 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
1931 {
1932         int temp;
1933         remove_user_data(0);
1934         RUNNER_ASSERT_MSG(
1935                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
1936                         CKMCReadableError(temp));
1937         RUNNER_ASSERT_MSG(
1938                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1939                         CKMCReadableError(temp));
1940 }
1941
1942 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
1943
1944 namespace
1945 {
1946 CKM::Alias alias_PKCS_exportable = sharedDatabase("CAPI-test-PKCS-export");
1947 CKM::Alias alias_PKCS_not_exportable = sharedDatabase("CAPI-test-PKCS-no-export");
1948 }
1949
1950 RUNNER_TEST(T3101_CAPI_PKCS12_init)
1951 {
1952         remove_user_data(0);
1953 }
1954
1955 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
1956 {
1957         const char *wrong_passwd = "wrong";
1958         ckmc_pkcs12_s *ppkcs12 = NULL;
1959         int temp;
1960         RUNNER_ASSERT_MSG(
1961                         CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
1962                         CKMCReadableError(temp));
1963 }
1964
1965 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
1966 {
1967         ckmc_pkcs12_s *ppkcs12 = NULL;
1968         int temp;
1969         RUNNER_ASSERT_MSG(
1970                         CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
1971                         CKMCReadableError(temp));
1972
1973         RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
1974         RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
1975         RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
1976
1977         // save to the CKM
1978         ckmc_policy_s exportable;
1979         exportable.password = NULL;
1980         exportable.extractable = 1;
1981         ckmc_policy_s notExportable;
1982         notExportable.password = NULL;
1983         notExportable.extractable = 0;
1984
1985         RUNNER_ASSERT_MSG(
1986                         CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
1987                         CKMCReadableError(temp));
1988         RUNNER_ASSERT_MSG(
1989                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
1990                         CKMCReadableError(temp));
1991         RUNNER_ASSERT_MSG(
1992                         CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
1993                         CKMCReadableError(temp));
1994         RUNNER_ASSERT_MSG(
1995                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
1996                         CKMCReadableError(temp));
1997
1998         // try to lookup key
1999         ckmc_key_s *key_lookup = NULL;
2000         RUNNER_ASSERT_MSG(
2001                         CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2002                         CKMCReadableError(temp));
2003         ckmc_key_free(key_lookup);
2004         key_lookup = NULL;
2005         RUNNER_ASSERT_MSG(
2006                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), "", &key_lookup)),
2007                         CKMCReadableError(temp));
2008         ckmc_key_free(key_lookup);
2009
2010         // try to lookup certificate
2011         ckmc_cert_s *cert_lookup = NULL;
2012         RUNNER_ASSERT_MSG(
2013                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2014                         CKMCReadableError(temp));
2015         ckmc_cert_free(cert_lookup);
2016         cert_lookup = NULL;
2017         RUNNER_ASSERT_MSG(
2018                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2019                         CKMCReadableError(temp));
2020         ckmc_cert_free(cert_lookup);
2021 }
2022
2023 RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
2024 {
2025         int temp;
2026         ckmc_pkcs12_s *pkcs = NULL;
2027
2028         // fail - no entry
2029         RUNNER_ASSERT_MSG(
2030                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12(sharedDatabase("i-do-not-exist").c_str(), NULL, NULL, &pkcs)),
2031                         CKMCReadableError(temp));
2032         ckmc_pkcs12_free(pkcs);
2033         pkcs = NULL;
2034
2035         // fail - not exportable
2036         RUNNER_ASSERT_MSG(
2037                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable.c_str(), NULL, NULL, &pkcs)),
2038                         CKMCReadableError(temp));
2039         ckmc_pkcs12_free(pkcs);
2040         pkcs = NULL;
2041
2042         // success - exportable
2043         RUNNER_ASSERT_MSG(
2044                         CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable.c_str(), NULL, NULL, &pkcs)),
2045                         CKMCReadableError(temp));
2046
2047         RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2048         RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2049         RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2050         size_t cntr = 0;
2051         ckmc_cert_list_s *iter = pkcs->ca_chain;
2052         do {
2053                 cntr ++;
2054                 iter = iter->next;
2055         } while(iter);
2056         RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2057
2058         ckmc_pkcs12_free(pkcs);
2059 }
2060
2061 RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
2062 {
2063         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2064
2065         int temp;
2066         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2067         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2068         ckmc_raw_buffer_s *signature = NULL;
2069
2070         RUNNER_ASSERT_MSG(
2071                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2072                                         alias_PKCS_exportable.c_str(),
2073                                         NULL,
2074                                         msg_buff,
2075                                         hash_algo,
2076                                         pad_algo,
2077                                         &signature)),
2078                         CKMCReadableError(temp));
2079
2080         RUNNER_ASSERT_MSG(
2081                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2082                                         alias_PKCS_exportable.c_str(),
2083                                         NULL,
2084                                         msg_buff,
2085                                         *signature,
2086                                         hash_algo,
2087                                         pad_algo)),
2088                         CKMCReadableError(temp));
2089 }
2090
2091 RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
2092 {
2093         int tmp;
2094
2095         // remove the whole PKCS12 bundles
2096         RUNNER_ASSERT_MSG(
2097                         CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_exportable.c_str())),
2098                         CKMCReadableError(tmp));
2099         RUNNER_ASSERT_MSG(
2100                         CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_not_exportable.c_str())),
2101                         CKMCReadableError(tmp));
2102
2103         // expect lookup fails due to unknown alias
2104         // try to lookup key
2105         ckmc_key_s *key_lookup = NULL;
2106         RUNNER_ASSERT_MSG(
2107                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2108                         CKMCReadableError(tmp));
2109         ckmc_key_free(key_lookup);
2110         key_lookup = NULL;
2111         RUNNER_ASSERT_MSG(
2112                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), NULL, &key_lookup)),
2113                         CKMCReadableError(tmp));
2114         ckmc_key_free(key_lookup);
2115
2116         // try to lookup certificate
2117         ckmc_cert_s *cert_lookup = NULL;
2118         RUNNER_ASSERT_MSG(
2119                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2120                         CKMCReadableError(tmp));
2121         ckmc_cert_free(cert_lookup);
2122         cert_lookup = NULL;
2123         RUNNER_ASSERT_MSG(
2124                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2125                         CKMCReadableError(tmp));
2126         ckmc_cert_free(cert_lookup);
2127 }
2128
2129 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2130 {
2131         remove_user_data(0);
2132 }
2133
2134
2135 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2136
2137 RUNNER_TEST(T3201_CAPI_unlock_database)
2138 {
2139         reset_user_data(USER_APP, USER_PASS);
2140 }
2141
2142 RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
2143 {
2144         ScopedAccessProvider ap(TEST_LABEL);
2145         ap.allowAPI("key-manager::api-storage", "rw");
2146         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2147         ScopedDBUnlock unlock(USER_APP, USER_PASS);
2148
2149         int temp;
2150         CKM::Alias alias = "mykey";
2151         char *password = NULL;
2152         ckmc_key_s *test_key = NULL;
2153
2154         RUNNER_ASSERT_MSG(
2155                 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2156                 "Error=" << temp);
2157
2158         RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2159 }
2160
2161 RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
2162 {
2163         ScopedAccessProvider ap(TEST_LABEL);
2164         ap.allowAPI("key-manager::api-storage", "rw");
2165         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2166         ScopedDBUnlock unlock(USER_APP, USER_PASS);
2167
2168         int temp;
2169         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2170                 CKMCReadableError(temp));
2171 }
2172
2173 RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
2174 {
2175         ScopedAccessProvider ap(TEST_LABEL);
2176         ap.allowAPI("key-manager::api-storage", "rw");
2177         ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2178
2179         int temp;
2180         CKM::Alias alias = "mykey";
2181         char *password = NULL;
2182         ckmc_key_s *test_key = NULL;
2183
2184         RUNNER_ASSERT_MSG(
2185                 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2186                 CKMCReadableError(temp));
2187
2188         RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2189 }
2190
2191 RUNNER_TEST(T3204_deinit)
2192 {
2193         remove_user_data(USER_APP);
2194 }
2195
Domain: Security / Uncategorized;