1 #include <dpl/test/test_runner.h>
2 #include <dpl/test/test_runner_child.h>
4 #include <tests_common.h>
5 #include <test-certs.h>
6 #include <ckm-common.h>
7 #include <access_provider2.h>
9 #include <ckm/ckm-manager.h>
10 #include <ckm/ckm-control.h>
11 #include <ckm/ckm-type.h>
13 #include <ckmc/ckmc-manager.h>
14 #include <ckmc/ckmc-control.h>
15 #include <ckmc/ckmc-type.h>
16 #include <ckmc/ckmc-error.h>
18 #include <ckm-common.h>
28 const int USER_APP = 5000;
29 const int GROUP_APP = 5000;
30 const char* USER_PASS = "user-pass";
31 const char* TEST_LABEL = "test_label";
32 const char *const TEST_OBJECT1 = "OBJECT1";
33 const std::string TEST_ALIAS1 = aliasWithLabel(TEST_LABEL,TEST_OBJECT1);
34 const char* TEST_SYSTEM_ALIAS = "system-alias-1";
35 const char* TEST_DATA = "ABCD";
36 } // namespace anonymous
39 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
41 RUNNER_TEST(T3010_Control_C_API_service_unlock_DB)
45 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(0)),
46 CKMCReadableError(temp));
47 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
48 CKMCReadableError(temp));
49 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(0, "test-pass")),
50 CKMCReadableError(temp));
52 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(4999)),
53 CKMCReadableError(temp));
54 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(4999)),
55 CKMCReadableError(temp));
56 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(4999, "test-pass")),
57 CKMCReadableError(temp));
59 remove_user_data(5000);
60 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(5000)),
61 CKMCReadableError(temp));
62 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(5000)),
63 CKMCReadableError(temp));
64 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(5000, "test-pass")),
65 CKMCReadableError(temp));
68 RUNNER_TEST(T3011_Control_C_API)
72 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
73 CKMCReadableError(temp));
75 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
76 CKMCReadableError(temp));
79 RUNNER_TEST(T3012_Control_C_API)
83 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
84 CKMCReadableError(temp));
85 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
86 CKMCReadableError(temp));
89 RUNNER_TEST(T3013_Control_C_API)
93 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
94 CKMCReadableError(temp));
97 RUNNER_TEST(T3014_Control_C_API)
100 const uid_t UNIQUE_USER = 6500;
102 // clean up environment
103 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
104 CKMCReadableError(temp));
105 // unlock with empty password
106 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
107 CKMCReadableError(temp));
108 // reset password (NULL, "simple-password")
109 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
110 CKMCReadableError(temp));
111 // get rid of NULL DKEK
112 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
113 CKMCReadableError(temp));
115 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
116 CKMCReadableError(temp));
117 // try to reset password when db locked
118 RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
119 CKMCReadableError(temp));
120 // clean up environment
121 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
122 CKMCReadableError(temp));
125 RUNNER_TEST(T3015_Control_C_API)
130 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
131 CKMCReadableError(temp));
133 CKMC_ERROR_NONE == (temp = ckmc_change_user_password(USER_APP, "simple-password", "new-pass")),
134 CKMCReadableError(temp));
135 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
136 CKMCReadableError(temp));
137 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
138 CKMCReadableError(temp));
141 RUNNER_TEST(T3016_Control_C_API)
146 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
147 CKMCReadableError(temp));
149 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
150 CKMCReadableError(temp));
153 RUNNER_TEST(T3017_Control_C_API_remove_system_DB)
155 save_data(sharedDatabase(TEST_SYSTEM_ALIAS).c_str(), TEST_DATA);
157 // [test] - expect success
158 check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA);
160 // remove user data - expect to map to the system DB
163 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(1234)),
164 CKMCReadableError(temp));
166 // [test] - expect fail
167 check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
170 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
172 RUNNER_TEST(T30201_init_C_API)
178 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
179 CKMCReadableError(temp));
182 RUNNER_TEST(T30202_RSA_key_C_API)
186 ckmc_key_s test_key, *test_key2;
187 ckmc_policy_s test_policy;
189 char* password = NULL;
190 CKM::Alias alias = sharedDatabase("mykey");
192 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
193 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
194 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
195 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
196 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
197 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
198 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
200 "-----END PUBLIC KEY-----";
202 char* char_keypem = new char[keyPem.length() + 1];
204 std::strcpy(char_keypem, keyPem.c_str());
205 test_key.raw_key = (unsigned char *)char_keypem;
206 test_key.key_size = keyPem.length();
207 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
208 test_key.password = password;
210 test_policy.password = password;
211 test_policy.extractable = 1;
213 test_key2 = &test_key;
216 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), test_key, test_policy)),
217 CKMCReadableError(temp));
220 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
221 CKMCReadableError(temp));
224 RUNNER_TEST(T30203_AES_key_C_API)
227 CKM::Alias alias = sharedDatabase("my_AES_key");
228 size_t key_length = 192;
230 ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
231 ckmc_key_s *test_key2;
232 ckmc_policy_s test_policy;
233 test_policy.password = NULL;
234 test_policy.extractable = 1;
237 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
238 CKMCReadableError(temp));
241 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), NULL, &test_key2)),
242 CKMCReadableError(temp));
244 compare_AES_keys(test_key, test_key2);
245 ckmc_key_free(test_key);
246 ckmc_key_free(test_key2);
249 RUNNER_TEST(T30204_certificate_C_API)
253 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
255 char* password = NULL;
259 CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
261 ckmc_policy_s test_policy;
262 test_policy.password = password;
263 test_policy.extractable = 1;
265 char* char_certPem = new char[certPem.length() + 1];
266 std::strcpy(char_certPem, certPem.c_str());
267 cert.raw_cert = (unsigned char *)char_certPem;
268 cert.cert_size = certPem.length();
269 cert.data_format = CKMC_FORM_PEM;
272 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
273 CKMCReadableError(temp));
276 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
277 CKMCReadableError(temp));
279 ckmc_cert_free(cert2);
282 RUNNER_TEST(T30205_certificate_remove_C_API)
286 char* password = NULL;
288 CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
291 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
292 CKMCReadableError(temp));
293 ckmc_cert_free(cert2);
296 CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias.c_str())),
297 CKMCReadableError(temp));
300 CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
301 CKMCReadableError(temp));
304 RUNNER_TEST(T30206_certificate_list_C_API)
308 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
310 char* password = NULL;
313 ckmc_policy_s test_policy;
314 test_policy.password = password;
315 test_policy.extractable = 1;
317 char* char_certPem = new char[certPem.length() + 1];
318 std::strcpy(char_certPem, certPem.c_str());
319 cert.raw_cert = (unsigned char *)char_certPem;
320 cert.cert_size = certPem.length();
321 cert.data_format = CKMC_FORM_PEM;
323 size_t current_aliases_num = count_aliases(ALIAS_CERT);
326 CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test1").c_str(), cert, test_policy)),
327 CKMCReadableError(temp));
330 CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test2").c_str(), cert, test_policy)),
331 CKMCReadableError(temp));
334 CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test3").c_str(), cert, test_policy)),
335 CKMCReadableError(temp));
337 size_t actual_cnt = count_aliases(ALIAS_CERT);
339 (current_aliases_num+3) == actual_cnt,
340 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
344 RUNNER_CHILD_TEST(T30207_user_app_save_RSA_key_C_API)
346 ScopedAccessProvider ap("mylabel");
347 ap.allowAPI("key-manager::api-storage", "rw");
348 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
350 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
351 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
352 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
353 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
354 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
355 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
356 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
358 "-----END PUBLIC KEY-----";
362 ckmc_key_s test_key, *test_key2;
363 ckmc_policy_s test_policy;
365 char* password = NULL;
366 const char *passwordPolicy = "x";
367 const char *alias = "mykey";
368 char* char_keypem = new char[keyPem.length() + 1];
370 std::strcpy(char_keypem, keyPem.c_str());
371 test_key.raw_key = (unsigned char *)char_keypem;
372 test_key.key_size = keyPem.length();
373 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
374 test_key.password = password;
376 test_policy.password = const_cast<char *>(passwordPolicy);
377 test_policy.extractable = 1;
379 test_key2 = &test_key;
383 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
384 CKMCReadableError(temp));
386 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
387 CKMCReadableError(temp));
389 // RUNNER_ASSERT_MSG(
390 // key.getDER() == key2.getDER(), "Key value has been changed by service");
392 delete [] char_keypem;
395 RUNNER_CHILD_TEST(T30208_user_app_save_AES_key_C_API)
397 AccessProvider ap("mylabel");
398 ap.allowAPI("key-manager::api-storage", "rw");
399 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
402 const char* password = NULL;
403 size_t key_length = 192;
404 CKM::Alias alias = "my_AES_key";
406 ckmc_key_s *test_key = generate_AES_key(key_length, password);
407 ckmc_key_s *test_key2;
408 ckmc_policy_s test_policy;
409 test_policy.password = const_cast<char *>(password);
410 test_policy.extractable = 1;
413 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
414 CKMCReadableError(temp));
416 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
417 CKMCReadableError(temp));
419 compare_AES_keys(test_key, test_key2);
420 ckmc_key_free(test_key);
421 ckmc_key_free(test_key2);
424 RUNNER_CHILD_TEST(T30209_user_app_save_AES_key_passwd_C_API)
426 AccessProvider ap("mylabel");
427 ap.allowAPI("key-manager::api-storage", "rw");
428 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
431 const char* password = "x";
432 size_t key_length = 192;
433 CKM::Alias alias = "my_AES_key-2";
435 ckmc_key_s *test_key = generate_AES_key(key_length, password);
436 ckmc_policy_s test_policy;
437 test_policy.password = const_cast<char *>(password);
438 test_policy.extractable = 1;
441 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
442 CKMCReadableError(temp));
443 ckmc_key_free(test_key);
446 RUNNER_CHILD_TEST(T30210_app_user_save_RSA_keys_exportable_flag)
448 ScopedAccessProvider ap("mylabel");
449 ap.allowAPI("key-manager::api-storage", "rw");
450 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
453 auto manager = CKM::Manager::create();
455 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
456 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
457 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
458 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
459 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
460 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
461 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
463 "-----END PUBLIC KEY-----";
465 ckmc_policy_s test_policy;
466 ckmc_key_s test_key, *test_key2;
467 char* char_keypem = new char[keyPem.length() + 1];
468 char* password = NULL;
470 std::strcpy(char_keypem, keyPem.c_str());
471 test_key.raw_key = (unsigned char *)char_keypem;
472 test_key.key_size = keyPem.length();
473 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
474 test_key.password = NULL;
476 test_policy.password = password;
477 test_policy.extractable = 0;
480 CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
481 CKMCReadableError(temp));
484 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
485 CKMCReadableError(temp));
488 RUNNER_CHILD_TEST(T30211_app_user_save_AES_keys_exportable_flag)
490 AccessProvider ap("mylabel");
491 ap.allowAPI("key-manager::api-storage", "rw");
492 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
495 const char* password = NULL;
496 size_t key_length = 256;
497 CKM::Alias alias = "my_AES_key-3";
499 ckmc_key_s *test_key = generate_AES_key(key_length, password);
500 ckmc_key_s *test_key2;
501 ckmc_policy_s test_policy;
502 test_policy.password = const_cast<char *>(password);
503 test_policy.extractable = 0;
506 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
507 CKMCReadableError(temp));
508 ckmc_key_free(test_key);
511 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
512 CKMCReadableError(temp));
515 RUNNER_TEST(T30212_certificate_with_DSA_key_C_API)
519 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
521 char* password = NULL;
522 ckmc_cert_s *cert2 = NULL;
525 ckmc_policy_s test_policy;
526 test_policy.password = password;
527 test_policy.extractable = 1;
529 char* char_certPem = new char[certPem.length() + 1];
530 std::strcpy(char_certPem, certPem.c_str());
531 cert.raw_cert = (unsigned char *)char_certPem;
532 cert.cert_size = certPem.length();
533 cert.data_format = CKMC_FORM_PEM;
535 CKM::Alias alias = sharedDatabase("test-cert-1-DSA");
537 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
538 CKMCReadableError(temp));
541 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
542 CKMCReadableError(temp));
544 ckmc_cert_free(cert2);
547 RUNNER_TEST(T30213_deinit_C_API)
553 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
554 CKMCReadableError(temp));
556 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
557 CKMCReadableError(temp));
561 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
563 RUNNER_TEST(T3031_init_C_API)
569 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
570 CKMCReadableError(temp));
573 RUNNER_TEST(T3032_save_asymmetric_keys_get_alias_C_API)
577 char* password = NULL;
578 ckmc_policy_s test_policy1, test_policy2, test_policy3;
581 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
582 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
583 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
584 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
585 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
586 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
587 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
589 "-----END PUBLIC KEY-----";
591 char* char_keypem = new char[keyPem.length() + 1];
593 std::strcpy(char_keypem, keyPem.c_str());
594 test_key.raw_key = (unsigned char *)char_keypem;
595 test_key.key_size = keyPem.length();
596 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
597 test_key.password = password;
599 test_policy1.password = password;
600 test_policy1.extractable = 1;
602 test_policy2.password = password;
603 test_policy2.extractable = 0;
605 test_policy3.password = password;
606 test_policy3.extractable = 0;
608 size_t current_aliases_num = count_aliases(ALIAS_KEY);
611 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey1").c_str(), test_key, test_policy1)),
612 CKMCReadableError(temp));
615 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey2").c_str(), test_key, test_policy2)),
616 CKMCReadableError(temp));
619 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey3").c_str(), test_key, test_policy3)),
620 CKMCReadableError(temp));
622 size_t actual_cnt = count_aliases(ALIAS_KEY);
624 (current_aliases_num+3) == actual_cnt,
625 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
629 RUNNER_TEST(T3033_remove_asymmetric_key_C_API)
633 char* password = NULL;
635 ckmc_key_s *test_key2;
637 CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
638 CKMCReadableError(temp));
641 CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("rootkey1").c_str())),
642 CKMCReadableError(temp));
645 CKMC_ERROR_NONE != (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
646 CKMCReadableError(temp));
649 RUNNER_TEST(T3034_save_symmetric_keys_get_alias_C_API)
652 size_t key_length = 128;
653 ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
654 ckmc_policy_s test_policy1, test_policy2, test_policy3;
655 test_policy1.password = NULL;
656 test_policy1.extractable = 1;
658 test_policy2.password = NULL;
659 test_policy2.extractable = 1;
661 test_policy3.password = NULL;
662 test_policy3.extractable = 1;
664 int current_aliases_num = count_aliases(ALIAS_KEY);
667 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key1").c_str(), *test_key, test_policy1)),
668 CKMCReadableError(temp));
671 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key2").c_str(), *test_key, test_policy2)),
672 CKMCReadableError(temp));
675 CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key3").c_str(), *test_key, test_policy3)),
676 CKMCReadableError(temp));
679 (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
680 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
682 ckmc_key_free(test_key);
686 RUNNER_TEST(T3035_remove_symmetric_key_C_API)
690 ckmc_key_s *test_key2;
692 CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key1").c_str(), NULL, &test_key2)),
693 CKMCReadableError(temp));
694 validate_AES_key(test_key2);
695 ckmc_key_free(test_key2);
697 // actual test - remove middle item
699 CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("AES_key2").c_str())),
700 CKMCReadableError(temp));
703 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(sharedDatabase("AES_key2").c_str(), NULL, &test_key2)),
704 CKMCReadableError(temp));
707 CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key3").c_str(), NULL, &test_key2)),
708 CKMCReadableError(temp));
709 validate_AES_key(test_key2);
710 ckmc_key_free(test_key2);
714 RUNNER_TEST(T3036_deinit_C_API)
720 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
721 CKMCReadableError(temp));
723 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
724 CKMCReadableError(temp));
727 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
729 RUNNER_TEST(T3041_init_C_API)
732 reset_user_data(USER_APP, "simple-password");
735 RUNNER_TEST(T3042_save_get_bin_data_C_API)
739 ckmc_raw_buffer_s testData1, testData2, testData3;
740 char* password = NULL;
742 std::string binData1 = "My bin data1";
743 std::string binData2 = "My bin data2";
744 std::string binData3 = "My bin data3";
745 char* char_binData1 = new char[binData1.length() + 1];
746 char* char_binData2 = new char[binData2.length() + 1];
747 char* char_binData3 = new char[binData3.length() + 1];
748 std::strcpy(char_binData1, binData1.c_str());
749 std::strcpy(char_binData2, binData2.c_str());
750 std::strcpy(char_binData3, binData3.c_str());
751 testData1.data = (unsigned char *) char_binData1;
752 testData2.data = (unsigned char *) char_binData2;
753 testData3.data = (unsigned char *) char_binData3;
754 testData1.size = binData1.length()+1;
755 testData2.size = binData2.length()+1;
756 testData3.size = binData3.length()+1;
758 ckmc_policy_s test_policy1, test_policy2, test_policy3;
760 test_policy1.password = password;
761 test_policy1.extractable = 1;
762 test_policy2.password = password;
763 test_policy2.extractable = 1;
764 test_policy3.password = password;
765 test_policy3.extractable = 0;
767 size_t current_aliases_num = count_aliases(ALIAS_DATA);
770 CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data1").c_str(), testData1, test_policy1)), // should change it as null value
771 CKMCReadableError(temp));
774 CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data2").c_str(), testData2, test_policy1)), // should change it as null value
775 CKMCReadableError(temp));
778 CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data3").c_str(), testData3, test_policy2)),
779 CKMCReadableError(temp));
782 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data(sharedDatabase("data4").c_str(), testData3, test_policy3)),
783 CKMCReadableError(temp));
785 size_t actual_cnt = count_aliases(ALIAS_DATA);
787 (current_aliases_num+3) == actual_cnt,
788 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
790 ckmc_raw_buffer_s *testData4;
792 CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData4)),
793 CKMCReadableError(temp));
796 compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
797 RUNNER_ASSERT_MSG( compareResult == 0,
801 RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
803 ScopedAccessProvider ap("mylabel");
804 ap.allowAPI("key-manager::api-storage", "rw");
805 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
808 ckmc_raw_buffer_s testData1;
809 char* password = NULL;
810 std::string binData1 = "My bin data";
811 char* char_binData1 = new char[binData1.length() + 1];
812 std::strcpy(char_binData1, binData1.c_str());
813 testData1.data = (unsigned char *) char_binData1;
814 testData1.size = binData1.length()+1;
816 ckmc_policy_s test_policy1, test_policy2;
818 test_policy1.password = password;
819 test_policy1.extractable = 1;
821 test_policy2.password = password;
822 test_policy2.extractable = 1;
824 std::string binData = "My bin data";
826 size_t current_aliases_num = count_aliases(ALIAS_DATA);
829 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
830 CKMCReadableError(temp));
832 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
833 CKMCReadableError(temp));
835 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
836 CKMCReadableError(temp));
838 size_t actual_cnt = count_aliases(ALIAS_DATA);
840 (current_aliases_num+3) == actual_cnt,
841 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
844 RUNNER_TEST(T3044_remove_bin_data_C_API)
848 size_t current_aliases_num = count_aliases(ALIAS_DATA, 2);
851 CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data1").c_str())),
852 CKMCReadableError(temp));
854 CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data3").c_str())),
855 CKMCReadableError(temp));
857 size_t actual_cnt = count_aliases(ALIAS_DATA);
859 (current_aliases_num-2) == actual_cnt,
860 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << actual_cnt);
862 char* password = NULL;
864 ckmc_raw_buffer_s *testData1, testData2;
866 std::string testStr = "My bin data2";
867 char* char_testData2 = new char[testStr.length() + 1];
868 std::strcpy(char_testData2, testStr.c_str());
869 testData2.data = (unsigned char *) char_testData2;
870 testData2.size = testStr.length()+1;
872 CKM::RawBuffer buffer;
874 CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData1)),
875 CKMCReadableError(temp));
878 compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
879 RUNNER_ASSERT_MSG( compareResult == 0,
883 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data(sharedDatabase("data3").c_str(), password, &testData1)),
884 CKMCReadableError(temp));
887 RUNNER_TEST(T3045_save_big_data_C_API, RemoveDataEnv<USER_APP>)
889 const size_t BIG_SIZE = 5000000;
890 ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP);
892 std::vector<char> big_data(BIG_SIZE);
893 std::ifstream is("/dev/urandom", std::ifstream::binary);
895 is.read(big_data.data(), BIG_SIZE);
897 RUNNER_ASSERT_MSG(is,
898 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
900 save_data(TEST_ALIAS1.c_str(), big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
901 check_read(TEST_OBJECT1, TEST_LABEL, big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
904 RUNNER_TEST(T3050_deinit_C_API)
910 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
911 CKMCReadableError(temp));
913 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
914 CKMCReadableError(temp));
917 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
919 RUNNER_TEST(T3051_CAPI_init)
924 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
925 CKMCReadableError(temp));
928 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
929 CKMCReadableError(temp));
932 RUNNER_CHILD_TEST(T3052_CAPI_create_RSA_key)
936 ScopedAccessProvider ap("mylabel");
937 ap.allowAPI("key-manager::api-storage", "rw");
938 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
941 const char *private_key_alias = "RSA-test-1-priv";
942 const char *public_key_alias = "RSA-test-1-pub";
943 ckmc_policy_s policy_private_key;
944 ckmc_policy_s policy_public_key;
946 policy_private_key.password = NULL;
947 policy_private_key.extractable = 1;
949 policy_public_key.password = NULL;
950 policy_public_key.extractable = 1;
953 size_t current_aliases_num = count_aliases(ALIAS_KEY);
956 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
957 CKMCReadableError(temp));
959 size_t actual_cnt = count_aliases(ALIAS_KEY);
961 (current_aliases_num+2) == actual_cnt,
962 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
964 ckmc_key_s *privateKey;
966 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
967 CKMCReadableError(temp));
969 privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
970 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
972 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
973 "Private key is broken.");
975 ckmc_key_s *publicKey;
977 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
978 CKMCReadableError(temp));
980 publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
981 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
983 publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
984 "Public key is broken.");
986 // on next attempt to generate keys with the same alias, expect fail (alias exists)
988 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
989 CKMCReadableError(temp));
992 RUNNER_CHILD_TEST(T3053_CAPI_create_DSA_key)
996 AccessProvider ap("mylabel");
997 ap.allowAPI("key-manager::api-storage", "rw");
998 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1001 const char *private_key_alias = "DSA-test-2-priv";
1002 const char *public_key_alias = "DSA-test-2-pub";
1003 ckmc_policy_s policy_private_key;
1004 ckmc_policy_s policy_public_key;
1006 policy_private_key.password = NULL;
1007 policy_private_key.extractable = 1;
1009 policy_public_key.password = NULL;
1010 policy_public_key.extractable = 1;
1012 size_t current_aliases_num = count_aliases(ALIAS_KEY);
1015 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1016 CKMCReadableError(temp));
1018 size_t actual_cnt = count_aliases(ALIAS_KEY);
1020 (current_aliases_num+2) == actual_cnt,
1021 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
1023 ckmc_key_s *privateKey = 0;
1025 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
1026 CKMCReadableError(temp));
1028 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
1029 "Private key is broken.");
1031 privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
1032 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
1033 ckmc_key_free(privateKey);
1035 ckmc_key_s *pubKey = 0;
1037 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
1038 CKMCReadableError(temp));
1040 pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
1041 "Public key is broken.");
1043 pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
1044 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
1045 ckmc_key_free(pubKey);
1047 // on next attempt to generate keys with the same alias, expect fail (alias exists)
1049 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1050 CKMCReadableError(temp));
1054 RUNNER_CHILD_TEST(T3054_CAPI_create_AES_key)
1058 CKM::Alias key_alias = sharedDatabase("AES-gen-test-1");
1059 ckmc_policy_s policy_key;
1061 policy_key.password = NULL;
1062 policy_key.extractable = 1;
1064 int current_aliases_num = count_aliases(ALIAS_KEY);
1067 CKMC_ERROR_NONE == (temp = ckmc_create_key_aes(size, key_alias.c_str(), policy_key)),
1068 CKMCReadableError(temp));
1071 (current_aliases_num+1) == (temp = count_aliases(ALIAS_KEY)),
1072 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
1074 ckmc_key_s *get_AES_key = 0;
1076 CKMC_ERROR_NONE == (temp = ckmc_get_key(key_alias.c_str(), policy_key.password, &get_AES_key)),
1077 CKMCReadableError(temp));
1078 validate_AES_key(get_AES_key);
1079 ckmc_key_free(get_AES_key);
1083 RUNNER_TEST(T3055_CAPI_deinit)
1088 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
1089 CKMCReadableError(temp));
1091 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1092 CKMCReadableError(temp));
1096 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
1098 RUNNER_TEST(T3061_CAPI_init)
1100 remove_user_data(0);
1101 reset_user_data(USER_APP, USER_PASS);
1104 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
1109 CKM::Alias private_key_alias = sharedDatabase("rsa-test-1");
1110 CKM::Alias public_key_alias = sharedDatabase("rsa-test-2");
1111 ckmc_policy_s policy_private_key;
1112 ckmc_policy_s policy_public_key;
1114 policy_private_key.password = const_cast<char *>("privatepassword");
1115 policy_private_key.extractable = 0;
1117 policy_public_key.password = NULL;
1118 policy_public_key.extractable = 1;
1121 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1122 CKMCReadableError(temp));
1124 // on next attempt to generate keys with the same alias, expect fail (alias exists)
1126 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1127 CKMCReadableError(temp));
1130 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
1135 CKM::Alias private_key_alias = sharedDatabase("dsa-test-1");
1136 CKM::Alias public_key_alias = sharedDatabase("dsa-test-2");
1137 ckmc_policy_s policy_private_key;
1138 ckmc_policy_s policy_public_key;
1140 policy_private_key.password = const_cast<char *>("privatepassword");
1141 policy_private_key.extractable = 0;
1143 policy_public_key.password = NULL;
1144 policy_public_key.extractable = 1;
1147 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1148 CKMCReadableError(temp));
1151 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
1155 ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
1156 CKM::Alias private_key_alias = sharedDatabase("ecdsa-test-1");
1157 CKM::Alias public_key_alias = sharedDatabase("ecdsa-test-2");
1158 ckmc_policy_s policy_private_key;
1159 ckmc_policy_s policy_public_key;
1161 policy_private_key.password = const_cast<char *>("privatepassword");
1162 policy_private_key.extractable = 0;
1164 policy_public_key.password = NULL;
1165 policy_public_key.extractable = 1;
1168 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1169 CKMCReadableError(temp));
1172 RUNNER_TEST(T3065_CAPI_deinit)
1174 remove_user_data(0);
1178 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
1182 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
1184 RUNNER_TEST(T3071_CAPI_init)
1186 remove_user_data(0);
1189 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
1191 RUNNER_IGNORED_MSG("Temporary turned off. Require network feature.");
1192 std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
1193 std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
1196 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1197 c_cert.cert_size = ee.size();
1198 c_cert.data_format = CKMC_FORM_PEM;
1200 ckmc_cert_s c_cert1;
1201 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1202 c_cert1.cert_size = im.size();
1203 c_cert1.data_format = CKMC_FORM_PEM;
1205 ckmc_cert_list_s untrustedcerts;
1206 untrustedcerts.cert = &c_cert1;
1207 untrustedcerts.next = NULL;
1209 ckmc_cert_list_s *cert_chain_list;
1211 int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
1213 CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1215 RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1217 ckmc_ocsp_status_e ocsp_status;
1218 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1219 RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1222 RUNNER_TEST(T3075_CAPI_deinit)
1224 remove_user_data(0);
1228 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1230 RUNNER_TEST(T3081_CAPI__init)
1235 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1236 CKMCReadableError(temp));
1239 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1240 CKMCReadableError(temp));
1242 remove_user_data(0);
1245 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1249 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1250 "Proc-Type: 4,ENCRYPTED\n"
1251 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1253 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1254 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1255 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1256 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1257 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1258 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1259 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1260 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1261 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1262 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1263 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1264 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1265 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1266 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1267 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1268 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1269 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1270 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1271 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1272 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1273 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1274 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1275 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1276 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1277 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1278 "-----END RSA PRIVATE KEY-----\n";
1280 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1281 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1282 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1283 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1284 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1285 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1286 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1288 "-----END PUBLIC KEY-----\n";
1290 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1292 CKM::Alias pub_alias = sharedDatabase("pub1");
1293 CKM::Alias pri_alias = sharedDatabase("prv1");
1294 const char *key_passwd = "1234";
1295 char *pri_passwd = NULL;
1296 char *pub_passwd = NULL;
1297 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1298 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1299 ckmc_raw_buffer_s *signature;
1302 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1303 pubkey.key_size = pub.size();
1304 pubkey.key_type = CKMC_KEY_NONE;
1305 pubkey.password = NULL;
1307 ckmc_policy_s pubpolicy;
1308 pubpolicy.password = pub_passwd;
1309 pubpolicy.extractable = 0;
1311 ckmc_policy_s pripolicy;
1312 pripolicy.password = pri_passwd;
1313 pripolicy.extractable = 1;
1316 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1317 prikey.key_size = prv.size();
1318 prikey.key_type = CKMC_KEY_NONE;
1319 prikey.password = const_cast<char *>(key_passwd);
1323 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1324 CKMCReadableError(temp));
1327 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1328 CKMCReadableError(temp));
1331 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1338 CKMCReadableError(temp));
1341 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1348 CKMCReadableError(temp));
1351 RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
1355 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1356 CKM::Alias pub_alias = sharedDatabase("pub1");
1357 CKM::Alias pri_alias = sharedDatabase("prv1");
1358 char *pri_passwd = NULL;
1359 char *pub_passwd = NULL;
1360 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1361 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1362 ckmc_raw_buffer_s *signature;
1365 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1372 CKMCReadableError(temp));
1375 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1382 CKMCReadableError(temp));
1384 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1385 memcpy((void*)signature->data, "BROKEN", 6);
1388 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1395 CKMCReadableError(temp));
1398 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1402 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1403 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1404 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1405 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1406 "-----END EC PRIVATE KEY-----\n";
1408 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1409 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1410 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1411 "-----END PUBLIC KEY-----\n";
1413 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1414 CKM::Alias pri_alias = sharedDatabase("ecprv2");
1415 CKM::Alias pub_alias = sharedDatabase("ecpub2");
1416 char *key_passwd = NULL;
1417 char *pri_passwd = NULL;
1418 char *pub_passwd = NULL;
1419 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1420 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1421 ckmc_raw_buffer_s *signature;
1424 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1425 pubkey.key_size = pub.size();
1426 pubkey.key_type = CKMC_KEY_NONE;
1427 pubkey.password = NULL;
1429 ckmc_policy_s pubpolicy;
1430 pubpolicy.password = pub_passwd;
1431 pubpolicy.extractable = 1;
1434 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1435 prikey.key_size = prv.size();
1436 prikey.key_type = CKMC_KEY_NONE;
1437 prikey.password = key_passwd;
1439 ckmc_policy_s pripolicy;
1440 pripolicy.password = pri_passwd;
1441 pripolicy.extractable = 0;
1444 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1445 CKMCReadableError(temp));
1447 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1448 CKMCReadableError(temp));
1451 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1458 CKMCReadableError(temp));
1461 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1468 CKMCReadableError(temp));
1470 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1471 memcpy((void*)signature->data, "BROKEN", 6);
1474 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1481 CKMCReadableError(temp));
1484 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1489 "-----BEGIN RSA PRIVATE KEY-----\n"
1490 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1491 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1492 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1493 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1494 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1495 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1496 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1497 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1498 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1499 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1500 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1501 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1502 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1503 "-----END RSA PRIVATE KEY-----\n";
1506 "-----BEGIN CERTIFICATE-----\n"
1507 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1508 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1509 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1510 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1511 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1512 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1513 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1514 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1515 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1516 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1517 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1518 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1519 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1520 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1521 "-----END CERTIFICATE-----\n";
1523 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1525 CKM::Alias pri_alias = sharedDatabase("prv3");
1526 CKM::Alias pub_alias = sharedDatabase("pub3");
1527 char *key_passwd = NULL;
1528 char *pri_passwd = NULL;
1529 char *pub_passwd = NULL;
1530 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1531 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1532 ckmc_raw_buffer_s *signature;
1535 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1536 cert.cert_size = pub.size();
1537 cert.data_format = CKMC_FORM_PEM;
1539 ckmc_policy_s certpolicy;
1540 certpolicy.password = pub_passwd;
1541 certpolicy.extractable = 1;
1544 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1545 prikey.key_size = prv.size();
1546 prikey.key_type = CKMC_KEY_NONE;
1547 prikey.password = key_passwd;
1549 ckmc_policy_s pripolicy;
1550 pripolicy.password = pri_passwd;
1551 pripolicy.extractable = 0;
1554 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1555 CKMCReadableError(temp));
1557 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1558 CKMCReadableError(temp));
1562 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1569 CKMCReadableError(temp));
1572 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1579 CKMCReadableError(temp));
1581 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1582 memcpy((void*)signature->data, "BROKEN", 6);
1585 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1592 CKMCReadableError(temp));
1595 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1599 const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1600 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1601 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1602 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1603 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1604 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1605 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1606 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1607 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1608 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1609 "YMYCBhubtrVaLmc=\n"
1610 "-----END PUBLIC KEY-----";
1612 const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1613 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1614 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1615 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1616 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1617 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1618 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1619 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1620 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1621 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1622 "u1roOuaPY+Hl19BlTE2qdw==\n"
1623 "-----END DSA PRIVATE KEY-----";
1625 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1627 CKM::Alias pub_alias = sharedDatabase("dsa-pub1");
1628 CKM::Alias pri_alias = sharedDatabase("dsa-prv1");
1629 char *pri_passwd = NULL;
1630 char *pub_passwd = NULL;
1631 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1632 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1633 ckmc_raw_buffer_s *signature = NULL;
1636 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1637 pubkey.key_size = pub.size();
1638 pubkey.key_type = CKMC_KEY_NONE;
1639 pubkey.password = NULL;
1641 ckmc_policy_s pubpolicy;
1642 pubpolicy.password = pub_passwd;
1643 pubpolicy.extractable = 0;
1645 ckmc_policy_s pripolicy;
1646 pripolicy.password = pri_passwd;
1647 pripolicy.extractable = 1;
1650 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
1651 prikey.key_size = priv.size();
1652 prikey.key_type = CKMC_KEY_NONE;
1653 prikey.password = NULL;
1657 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1658 CKMCReadableError(temp));
1661 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1662 CKMCReadableError(temp));
1665 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1672 CKMCReadableError(temp));
1676 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1683 CKMCReadableError(temp));
1686 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1688 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1695 CKMCReadableError(temp));
1697 ckmc_buffer_free(signature);
1700 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1705 ckmc_policy_s policy_private_key;
1706 ckmc_policy_s policy_public_key;
1708 policy_private_key.password = NULL;
1709 policy_private_key.extractable = 1;
1711 policy_public_key.password = NULL;
1712 policy_public_key.extractable = 1;
1714 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1716 CKM::Alias pub_alias = sharedDatabase("dsa-pub2");
1717 CKM::Alias pri_alias = sharedDatabase("dsa-prv2");
1720 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias.c_str(), pub_alias.c_str(), policy_private_key, policy_public_key)),
1723 char *pri_passwd = NULL;
1724 char *pub_passwd = NULL;
1725 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1726 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1727 ckmc_raw_buffer_s *signature;
1729 ckmc_key_s *pubkey = NULL;
1730 ckmc_key_s *prikey = NULL;
1732 CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias.c_str(), 0, &prikey)),
1733 CKMCReadableError(temp));
1736 CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias.c_str(), 0, &pubkey)),
1737 CKMCReadableError(temp));
1740 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1747 CKMCReadableError(temp));
1751 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1758 CKMCReadableError(temp));
1761 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1763 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1770 CKMCReadableError(temp));
1772 ckmc_key_free(prikey);
1773 ckmc_key_free(pubkey);
1774 ckmc_buffer_free(signature);
1777 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
1782 "-----BEGIN EC PRIVATE KEY-----\n"
1783 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1784 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1785 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1786 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1787 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1788 "ELyhe7yPCAuOoLZlTLgf\n"
1789 "-----END EC PRIVATE KEY-----\n";
1792 "-----BEGIN CERTIFICATE-----\n"
1793 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1794 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1795 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1796 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1797 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1798 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1799 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1800 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1801 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1802 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1803 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1804 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1805 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1806 "Q1oBry6NEc+lLFmWMDesAA==\n"
1807 "-----END CERTIFICATE-----\n";
1809 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1811 CKM::Alias pri_alias = sharedDatabase("prv4");
1812 CKM::Alias pub_alias = sharedDatabase("pub4");
1813 char *key_passwd = NULL;
1814 char *pri_passwd = NULL;
1815 char *pub_passwd = NULL;
1816 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1817 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1818 ckmc_raw_buffer_s *signature;
1821 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1822 cert.cert_size = pub.size();
1823 cert.data_format = CKMC_FORM_PEM;
1825 ckmc_policy_s certpolicy;
1826 certpolicy.password = pub_passwd;
1827 certpolicy.extractable = 1;
1830 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1831 prikey.key_size = prv.size();
1832 prikey.key_type = CKMC_KEY_NONE;
1833 prikey.password = key_passwd;
1835 ckmc_policy_s pripolicy;
1836 pripolicy.password = pri_passwd;
1837 pripolicy.extractable = 0;
1841 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1842 CKMCReadableError(temp));
1844 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1845 CKMCReadableError(temp));
1848 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1855 CKMCReadableError(temp));
1858 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1865 CKMCReadableError(temp));
1867 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1868 memcpy((void*)signature->data, "BROKEN", 6);
1871 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1878 CKMCReadableError(temp));
1881 RUNNER_TEST(T3089_CAPI__deinit)
1883 remove_user_data(0);
1887 //#######################################################################################
1889 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
1891 RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
1892 RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
1894 if(key->password != NULL && password != NULL) {
1895 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
1896 }else if(key->password == NULL && password == NULL) {
1897 RUNNER_ASSERT_MSG(true, "Password Error" );
1899 RUNNER_ASSERT_MSG(false, "Password Error" );
1902 if(key->raw_key != NULL && raw_key != NULL) {
1903 for(unsigned int i=0; i<key_size; i++) {
1904 RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
1906 }else if(key->raw_key == NULL && raw_key == NULL) {
1907 RUNNER_ASSERT_MSG(true, "Raw Key Error" );
1909 RUNNER_ASSERT_MSG(false, "Raw Key Error" );
1913 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
1915 RUNNER_TEST(T3091_CAPI_TYPE_init)
1917 remove_user_data(0);
1918 reset_user_data(USER_APP, USER_PASS);
1921 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
1923 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1924 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1925 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1926 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1927 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1928 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1929 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1931 "-----END PUBLIC KEY-----";
1933 unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1934 unsigned int key_size = keyPem.size();
1935 ckmc_key_type_e key_type = CKMC_KEY_NONE;
1936 char *password = const_cast< char *>("");
1939 ckmc_key_new(raw_key, key_size, key_type, password, &key);
1941 _assertKey(key, raw_key, key_size, key_type, password);
1944 char *passwordNull = NULL;
1946 ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
1947 ckmc_key_free(key2);
1950 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
1952 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1953 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1954 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1955 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1956 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1957 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1958 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1960 "-----END PUBLIC KEY-----";
1962 unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1963 unsigned int size = keyPem.size();
1965 ckmc_raw_buffer_s *buff;
1966 ckmc_buffer_new(data, size, &buff);
1968 RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
1970 if(buff->data != NULL && data != NULL) {
1971 for(unsigned int i=0; i<size; i++) {
1972 RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
1974 }else if(buff->data == NULL && data == NULL) {
1975 RUNNER_ASSERT_MSG(true, "Raw data Error" );
1977 RUNNER_ASSERT_MSG(false, "Raw data Error" );
1980 ckmc_buffer_free(buff);
1983 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
1985 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
1987 unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
1988 unsigned int size = certPem.size();
1989 ckmc_data_format_e form = CKMC_FORM_PEM;
1991 ckmc_cert_s *ckmCert;
1992 ckmc_cert_new(raw_cert, size, form, &ckmCert);
1994 RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
1996 if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
1997 for(unsigned int i=0; i<size; i++) {
1998 RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
2000 }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
2001 RUNNER_ASSERT_MSG(true, "raw_cert Error" );
2003 RUNNER_ASSERT_MSG(false, "raw_cert Error" );
2006 RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
2008 ckmc_cert_free(ckmCert);
2012 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
2016 std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
2018 const char *file_name = "/tmp/ckmc_test_cert.pem";
2022 cert_file = fopen(file_name, "w");
2023 fprintf(cert_file, "%s",certStr.c_str());
2029 CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
2030 CKMCReadableError(ret));
2033 pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
2035 CKM::Alias lcert_alias = sharedDatabase("lcert_alias");
2036 ckmc_policy_s policy;
2037 policy.password = NULL;
2038 policy.extractable = 1;
2041 CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias.c_str(), *pcert, policy)),
2042 CKMCReadableError(ret));
2047 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
2048 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
2049 const char *password = "password";
2053 ckmc_key_s *private_key = NULL;
2054 ckmc_cert_s *cert = NULL;
2055 ckmc_cert_list_s *ca_cert_list = NULL;
2058 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
2059 &private_key, &cert, &ca_cert_list)),
2061 RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
2062 RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
2063 RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
2065 ckmc_policy_s policy;
2066 policy.password = NULL;
2067 policy.extractable = 1;
2070 CKM::Alias pkey_alias = sharedDatabase("pkey_alias");
2072 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *private_key, policy)),
2073 CKMCReadableError(temp));
2075 CKM::Alias cert_alias = sharedDatabase("cert_alias");
2077 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *cert, policy)),
2078 CKMCReadableError(temp));
2079 std::string caCertAlias = sharedDatabase("ca_cert_alias_");
2080 const char *idx = "0";
2082 ckmc_cert_list_s *tmpList = ca_cert_list;
2083 while(tmpList != NULL) {
2084 caCertAlias.append(idx);
2086 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2087 CKMCReadableError(temp));
2088 tmpList = tmpList->next;
2092 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2094 ckmc_key_free(private_key);
2095 ckmc_cert_free(cert);
2096 ckmc_cert_list_all_free(ca_cert_list);
2099 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
2100 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
2101 const char *password = "password";
2105 ckmc_pkcs12_s *ppkcs12 = NULL;
2108 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
2109 CKMCReadableError(temp));
2110 RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
2111 RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
2112 RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
2114 ckmc_policy_s policy;
2115 policy.password = NULL;
2116 policy.extractable = 1;
2119 CKM::Alias pkey_alias = sharedDatabase("pkey_alias2");
2121 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *(ppkcs12->priv_key), policy)),
2122 CKMCReadableError(temp));
2124 CKM::Alias cert_alias = sharedDatabase("cert_alias2");
2126 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *(ppkcs12->cert), policy)),
2127 CKMCReadableError(temp));
2128 std::string caCertAlias = sharedDatabase("ca_cert_alias_2_");
2129 const char *idx = "0";
2131 ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
2132 while(tmpList != NULL) {
2133 caCertAlias.append(idx);
2135 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2136 CKMCReadableError(temp));
2137 tmpList = tmpList->next;
2141 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2143 ckmc_pkcs12_free(ppkcs12);
2146 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
2149 remove_user_data(0);
2151 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2152 CKMCReadableError(temp));
2154 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2155 CKMCReadableError(temp));
2158 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
2162 CKM::Alias alias_PKCS_exportable = sharedDatabase("CAPI-test-PKCS-export");
2163 CKM::Alias alias_PKCS_not_exportable = sharedDatabase("CAPI-test-PKCS-no-export");
2166 RUNNER_TEST(T3101_CAPI_PKCS12_init)
2168 remove_user_data(0);
2171 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
2173 const char *wrong_passwd = "wrong";
2174 ckmc_pkcs12_s *ppkcs12 = NULL;
2177 CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
2178 CKMCReadableError(temp));
2181 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
2183 ckmc_pkcs12_s *ppkcs12 = NULL;
2186 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
2187 CKMCReadableError(temp));
2189 RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
2190 RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
2191 RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
2194 ckmc_policy_s exportable;
2195 exportable.password = NULL;
2196 exportable.extractable = 1;
2197 ckmc_policy_s notExportable;
2198 notExportable.password = NULL;
2199 notExportable.extractable = 0;
2202 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2203 CKMCReadableError(temp));
2205 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2206 CKMCReadableError(temp));
2208 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2209 CKMCReadableError(temp));
2211 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2212 CKMCReadableError(temp));
2214 // try to lookup key
2215 ckmc_key_s *key_lookup = NULL;
2217 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2218 CKMCReadableError(temp));
2219 ckmc_key_free(key_lookup);
2222 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), "", &key_lookup)),
2223 CKMCReadableError(temp));
2224 ckmc_key_free(key_lookup);
2226 // try to lookup certificate
2227 ckmc_cert_s *cert_lookup = NULL;
2229 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2230 CKMCReadableError(temp));
2231 ckmc_cert_free(cert_lookup);
2234 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2235 CKMCReadableError(temp));
2236 ckmc_cert_free(cert_lookup);
2239 RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
2242 ckmc_pkcs12_s *pkcs = NULL;
2246 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12(sharedDatabase("i-do-not-exist").c_str(), NULL, NULL, &pkcs)),
2247 CKMCReadableError(temp));
2248 ckmc_pkcs12_free(pkcs);
2251 // fail - not exportable
2253 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable.c_str(), NULL, NULL, &pkcs)),
2254 CKMCReadableError(temp));
2255 ckmc_pkcs12_free(pkcs);
2258 // success - exportable
2260 CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable.c_str(), NULL, NULL, &pkcs)),
2261 CKMCReadableError(temp));
2263 RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2264 RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2265 RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2267 ckmc_cert_list_s *iter = pkcs->ca_chain;
2272 RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2274 ckmc_pkcs12_free(pkcs);
2277 RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
2279 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2282 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2283 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2284 ckmc_raw_buffer_s *signature = NULL;
2287 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2288 alias_PKCS_exportable.c_str(),
2294 CKMCReadableError(temp));
2297 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2298 alias_PKCS_exportable.c_str(),
2304 CKMCReadableError(temp));
2307 RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
2311 // remove the whole PKCS12 bundles
2313 CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_exportable.c_str())),
2314 CKMCReadableError(tmp));
2316 CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_not_exportable.c_str())),
2317 CKMCReadableError(tmp));
2319 // expect lookup fails due to unknown alias
2320 // try to lookup key
2321 ckmc_key_s *key_lookup = NULL;
2323 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2324 CKMCReadableError(tmp));
2325 ckmc_key_free(key_lookup);
2328 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), NULL, &key_lookup)),
2329 CKMCReadableError(tmp));
2330 ckmc_key_free(key_lookup);
2332 // try to lookup certificate
2333 ckmc_cert_s *cert_lookup = NULL;
2335 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2336 CKMCReadableError(tmp));
2337 ckmc_cert_free(cert_lookup);
2340 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2341 CKMCReadableError(tmp));
2342 ckmc_cert_free(cert_lookup);
2345 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2347 remove_user_data(0);
2351 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2353 RUNNER_TEST(T3201_CAPI_unlock_database)
2355 reset_user_data(USER_APP, USER_PASS);
2358 RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
2360 ScopedDBUnlock unlock(USER_APP, USER_PASS);
2361 ScopedAccessProvider ap(TEST_LABEL);
2362 ap.allowAPI("key-manager::api-storage", "rw");
2363 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2366 CKM::Alias alias = "mykey";
2367 char *password = NULL;
2368 ckmc_key_s *test_key = NULL;
2371 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2374 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2377 RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
2379 RUNNER_IGNORED_MSG("Temporary turned off. The default password for database must be turn off for this test.");
2380 ScopedDBUnlock unlock(USER_APP, USER_PASS);
2381 ScopedAccessProvider ap(TEST_LABEL);
2382 ap.allowAPI("key-manager::api-storage", "rw");
2383 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2386 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2387 CKMCReadableError(temp));
2390 RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
2392 RUNNER_IGNORED_MSG("Temporary turned off. The default password for database must be turn off for this test.");
2393 ScopedAccessProvider ap(TEST_LABEL);
2394 ap.allowAPI("key-manager::api-storage", "rw");
2395 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2398 CKM::Alias alias = "mykey";
2399 char *password = NULL;
2400 ckmc_key_s *test_key = NULL;
2402 #ifndef PASSWORD_PROTECTION_DISABLE
2404 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2405 CKMCReadableError(temp));
2407 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2410 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2411 CKMCReadableError(temp));
2415 RUNNER_TEST(T3204_deinit)
2417 remove_user_data(USER_APP);
projects / platform / core / test / security-tests.git / blob