3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
23 const int USER_APP = 5000;
24 const int GROUP_APP = 5000;
26 const int USER_APP_2 = 5020;
27 const int USER_APP_3 = 5030;
29 const char * const APP_PASS = "user-pass";
30 const int USER_TEST = 5001;
31 const char* TEST_LABEL = "test_label";
33 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
34 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
35 } // namespace anonymous
38 * How to numerate tests:
40 * T - test case (always T)
41 * AB - number of test group (always two digits)
42 * C - test number in group (all tests with same TABC must be run in the same time).
46 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
47 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
48 stop_service(MANAGER);
49 start_service(MANAGER);
51 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
52 std::istreambuf_iterator<char> begin(is), end;
53 std::vector<char> buff(begin, end);
55 CKM::RawBuffer buffer(buff.size());
56 memcpy(buffer.data(), buff.data(), buff.size());
58 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
61 "Error in PKCS12::create()");
63 // all further tests will start with newly started service,
64 // OpenSSL on the service side will have to be properly initialized too
65 stop_service(MANAGER);
66 start_service(MANAGER);
69 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
71 RUNNER_TEST(T0011_Control)
74 auto control = CKM::Control::create();
76 control->removeUserData(0);
77 control->removeUserData(USER_APP_2);
78 control->removeUserData(USER_APP);
81 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
82 "Error=" << CKM::ErrorToString(temp));
85 RUNNER_TEST(T0012_Control)
88 auto control = CKM::Control::create();
90 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
91 "Error=" << CKM::ErrorToString(temp));
93 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
94 "Error=" << CKM::ErrorToString(temp));
97 RUNNER_TEST(T0013_Control)
100 auto control = CKM::Control::create();
102 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
103 "Error=" << CKM::ErrorToString(temp));
106 RUNNER_TEST(T0014_Control)
109 auto control = CKM::Control::create();
111 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
112 "Error=" << CKM::ErrorToString(temp));
115 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
116 "Error=" << CKM::ErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
120 "Error=" << CKM::ErrorToString(temp));
123 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
124 "Error=" << CKM::ErrorToString(temp));
127 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
128 "Error=" << CKM::ErrorToString(temp));
131 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
132 "Error=" << CKM::ErrorToString(temp));
135 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
136 "Error=" << CKM::ErrorToString(temp));
139 RUNNER_TEST(T0015_Control)
142 auto control = CKM::Control::create();
144 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
145 "Error=" << CKM::ErrorToString(temp));
147 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
148 "Error=" << CKM::ErrorToString(temp));
150 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
151 "Error=" << CKM::ErrorToString(temp));
153 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
154 "Error=" << CKM::ErrorToString(temp));
157 RUNNER_TEST(T0016_Control_negative_wrong_password)
160 auto control = CKM::Control::create();
162 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
163 "Error=" << CKM::ErrorToString(temp));
165 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
166 "Error=" << CKM::ErrorToString(temp));
168 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
169 "Error=" << CKM::ErrorToString(temp));
171 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
172 "Error=" << CKM::ErrorToString(temp));
174 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
175 "Error=" << CKM::ErrorToString(temp));
178 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
180 RUNNER_TEST(T1010_init)
182 unlock_user_data(USER_APP, "user-pass");
185 RUNNER_TEST(T1011_key)
188 auto manager = CKM::Manager::create();
190 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
191 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
192 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
193 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
194 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
195 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
196 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
198 "-----END PUBLIC KEY-----";
200 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
201 auto key = CKM::Key::create(buffer, CKM::Password());
203 CKM::Alias alias = sharedDatabase("mykey");
206 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
207 "Error=" << CKM::ErrorToString(temp));
209 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
210 "Error=" << CKM::ErrorToString(temp));
212 key->getDER() == key2->getDER(),
213 "Key value has been changed by service");
216 RUNNER_TEST(T1012_certificate)
219 auto manager = CKM::Manager::create();
221 auto cert = TestData::getTestCertificate(TestData::GIAG2);
222 CKM::CertificateShPtr cert2;
223 CKM::Alias alias = sharedDatabase("myCert");
226 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
227 "Error=" << CKM::ErrorToString(temp));
229 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
230 "Error=" << CKM::ErrorToString(temp));
232 cert->getDER() == cert2->getDER(),
233 "Data has been modified in key manager");
236 RUNNER_CHILD_TEST(T1013_user_app_save_key)
238 ScopedAccessProvider ap("mylabel");
239 ap.allowAPI("key-manager::api-storage", "rw");
240 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
242 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
243 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
244 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
245 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
246 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
247 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
248 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
250 "-----END PUBLIC KEY-----";
253 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
254 auto key = CKM::Key::create(buffer, CKM::Password());
256 CKM::Alias alias = "mykey";
257 auto manager = CKM::Manager::create();
260 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
261 "Error=" << CKM::ErrorToString(temp));
263 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
264 "Error=" << CKM::ErrorToString(temp));
266 key->getDER() == key2->getDER(), "Key value has been changed by service");
269 RUNNER_TEST(T1014_save_with_label)
271 ScopedAccessProvider ap("mylabel");
272 ap.allowAPI("key-manager::api-storage", "rw");
273 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
276 auto manager = CKM::Manager::create();
278 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
279 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
280 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
281 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
282 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
283 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
284 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
286 "-----END PUBLIC KEY-----";
288 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
289 auto key = CKM::Key::create(buffer, CKM::Password());
290 CKM::KeyShPtr key_name, key_full_addr;
291 CKM::Alias alias = "mykey-2";
292 std::string top_label = getOwnerIdFromSelf();
293 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
296 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
297 "Error=" << CKM::ErrorToString(temp));
301 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
302 "Error=" << CKM::ErrorToString(temp));
304 key->getDER() == key_name->getDER(),
305 "Key value has been changed by service");
307 // lookup by full address
309 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
310 "Error=" << CKM::ErrorToString(temp));
312 key->getDER() == key_full_addr->getDER(),
313 "Key value has been changed by service");
316 RUNNER_TEST(T1015_deinit)
319 remove_user_data(USER_APP);
322 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
324 RUNNER_TEST(T1020_init)
327 auto control = CKM::Control::create();
329 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
330 "Error=" << CKM::ErrorToString(temp));
333 RUNNER_TEST(T1021_save_keys_get_alias)
336 auto manager = CKM::Manager::create();
338 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
339 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
340 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
341 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
342 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
343 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
344 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
346 "-----END PUBLIC KEY-----";
348 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
349 auto key = CKM::Key::create(buffer, CKM::Password());
350 CKM::AliasVector labelAliasVector;
352 size_t current_aliases_num = count_aliases(ALIAS_KEY);
354 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey1").c_str(), key, CKM::Policy())),
355 "Error=" << CKM::ErrorToString(temp));
357 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey2").c_str(), key, CKM::Policy())),
358 "Error=" << CKM::ErrorToString(temp));
360 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey3").c_str(), key, CKM::Policy(CKM::Password(), false))),
361 "Error=" << CKM::ErrorToString(temp));
363 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
364 "Error=" << CKM::ErrorToString(temp));
366 labelAliasVector.size() == (current_aliases_num+3),
367 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
370 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
372 ScopedAccessProvider ap("mylabel");
373 ap.allowAPI("key-manager::api-storage", "rw");
374 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
377 auto manager = CKM::Manager::create();
379 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
380 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
381 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
382 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
383 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
384 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
385 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
387 "-----END PUBLIC KEY-----";
389 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
390 auto key = CKM::Key::create(buffer, CKM::Password());
391 CKM::AliasVector labelAliasVector;
393 size_t current_aliases_num = count_aliases(ALIAS_KEY);
395 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
396 "Error=" << CKM::ErrorToString(temp));
398 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
399 "Error=" << CKM::ErrorToString(temp));
401 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
402 "Error=" << CKM::ErrorToString(temp));
404 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
405 "Error=" << CKM::ErrorToString(temp));
407 labelAliasVector.size() == (current_aliases_num+3),
408 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
411 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
413 ScopedAccessProvider ap("mylabel");
414 ap.allowAPI("key-manager::api-storage", "rw");
415 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
418 auto manager = CKM::Manager::create();
420 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
421 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
422 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
423 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
424 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
425 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
426 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
428 "-----END PUBLIC KEY-----";
430 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
431 auto key = CKM::Key::create(buffer, CKM::Password());
432 CKM::AliasVector aliasVector;
433 CKM::Policy notExportable(CKM::Password(), false);
436 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
437 "Error=" << CKM::ErrorToString(temp));
439 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
440 "Error=" << CKM::ErrorToString(temp));
442 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
443 "Error=" << CKM::ErrorToString(temp));
446 RUNNER_TEST(T1029_deinit)
449 remove_user_data(USER_APP);
452 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
453 RUNNER_TEST(T1030_init)
456 reset_user_data(USER_APP, APP_PASS);
459 RUNNER_TEST(T1031_save_get_bin_data)
462 auto manager = CKM::Manager::create();
464 std::string binData1 = "My bin data1";
465 std::string binData2 = "My bin data2";
466 std::string binData3 = "My bin data3";
468 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
469 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
470 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
472 CKM::AliasVector labelAliasVector;
474 size_t current_aliases_num = count_aliases(ALIAS_DATA);
476 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data1").c_str(), buffer1, CKM::Policy())),
477 "Error=" << CKM::ErrorToString(temp));
479 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data2").c_str(), buffer2, CKM::Policy())),
480 "Error=" << CKM::ErrorToString(temp));
482 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data3").c_str(), buffer3, CKM::Policy(CKM::Password(), true))),
483 "Error=" << CKM::ErrorToString(temp));
485 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer3, CKM::Policy(CKM::Password(), false))),
486 "Error=" << CKM::ErrorToString(temp));
488 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
489 "Error=" << CKM::ErrorToString(temp));
491 labelAliasVector.size() == (current_aliases_num+3),
492 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
494 CKM::RawBuffer buffer;
496 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
497 "Error=" << CKM::ErrorToString(temp));
503 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password("Password"), buffer)),
504 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
507 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
509 ScopedDBUnlock unlock(USER_APP, APP_PASS);
510 ScopedAccessProvider ap("mylabel");
511 ap.allowAPI("key-manager::api-storage", "rw");
512 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
515 auto manager = CKM::Manager::create();
517 std::string binData = "My bin data";
519 CKM::RawBuffer buffer(binData.begin(), binData.end());
521 CKM::AliasVector labelAliasVector;
523 size_t current_aliases_num = count_aliases(ALIAS_DATA);
525 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
526 "Error=" << CKM::ErrorToString(temp));
528 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
529 "Error=" << CKM::ErrorToString(temp));
531 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
532 "Error=" << CKM::ErrorToString(temp));
534 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
535 "Error=" << CKM::ErrorToString(temp));
537 labelAliasVector.size() == (current_aliases_num+3),
538 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
541 RUNNER_TEST(T1033_remove_bin_data)
544 auto manager = CKM::Manager::create();
546 std::string binData2 = "My bin data2";
547 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
549 CKM::AliasVector labelAliasVector;
551 size_t current_aliases_num = count_aliases(ALIAS_DATA);
552 std::string invalid_address = sharedDatabase("i-do-not-exist");
554 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
555 "Error=" << CKM::ErrorToString(temp));
557 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data1").c_str())),
558 "Error=" << CKM::ErrorToString(temp));
560 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data3").c_str())),
561 "Error=" << CKM::ErrorToString(temp));
563 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
564 "Error=" << CKM::ErrorToString(temp));
566 labelAliasVector.size() == (current_aliases_num-2),
567 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
569 CKM::RawBuffer buffer;
571 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
572 "Error=" << CKM::ErrorToString(temp));
577 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(sharedDatabase("data3").c_str(), CKM::Password(), buffer)),
578 "Error=" << CKM::ErrorToString(temp));
581 RUNNER_TEST(T1034_app_remove_bin_data)
583 ScopedDBUnlock unlock(USER_APP, APP_PASS);
584 ScopedAccessProvider ap("mylabel");
585 ap.allowAPI("key-manager::api-storage", "rw");
586 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
589 auto manager = CKM::Manager::create();
591 std::string binData2 = "My bin data";
592 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
594 CKM::AliasVector labelAliasVector;
596 size_t current_aliases_num = count_aliases(ALIAS_DATA);
597 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
599 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
600 "Error=" << CKM::ErrorToString(temp));
602 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
603 "Error=" << CKM::ErrorToString(temp));
605 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
606 "Error=" << CKM::ErrorToString(temp));
608 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
609 "Error=" << CKM::ErrorToString(temp));
611 labelAliasVector.size() == (current_aliases_num-2),
612 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
614 CKM::RawBuffer buffer;
616 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
617 "Error=" << CKM::ErrorToString(temp));
622 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
623 "Error=" << CKM::ErrorToString(temp));
626 RUNNER_TEST(T1035_getData_wrong_password)
629 auto manager = CKM::Manager::create();
631 std::string binData1 = "My bin data4";
633 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
636 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer1, CKM::Policy("CorrectPassword"))),
637 "Error=" << CKM::ErrorToString(temp));
639 CKM::RawBuffer buffer;
641 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("CorrectPassword"), buffer)),
642 "Error=" << CKM::ErrorToString(temp));
648 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("WrongPassword"), buffer)),
649 "Error=" << CKM::ErrorToString(temp));
652 RUNNER_TEST(T1036_deinit)
655 remove_user_data(USER_APP);
658 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
660 RUNNER_TEST(T1040_init)
663 auto control = CKM::Control::create();
666 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
667 "Error=" << CKM::ErrorToString(temp));
670 RUNNER_CHILD_TEST(T1041_create_RSA_key)
673 auto manager = CKM::Manager::create();
676 ScopedAccessProvider ap("mylabel-rsa");
677 ap.allowAPI("key-manager::api-storage", "rw");
678 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
680 size_t current_aliases_num = count_aliases(ALIAS_KEY);
682 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
683 "Error=" << CKM::ErrorToString(temp));
685 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
686 "Error=" << CKM::ErrorToString(temp));
688 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
689 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
692 RUNNER_CHILD_TEST(T1042_create_RSA_key_foreign_label)
695 auto manager = CKM::Manager::create();
698 ScopedAccessProvider ap("mylabel-rsa");
699 ap.allowAPI("key-manager::api-storage", "rw");
700 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
703 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
704 "Error=" << CKM::ErrorToString(temp));
706 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
707 "Error=" << CKM::ErrorToString(temp));
710 RUNNER_CHILD_TEST(T1043_create_DSA_key)
713 auto manager = CKM::Manager::create();
716 ScopedAccessProvider ap("mylabel-dsa");
717 ap.allowAPI("key-manager::api-storage", "rw");
718 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
720 size_t current_aliases_num = count_aliases(ALIAS_KEY);
722 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
723 "Error=" << CKM::ErrorToString(temp));
725 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
726 "Error=" << CKM::ErrorToString(temp));
728 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
729 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
732 RUNNER_CHILD_TEST(T1044_create_AES_key)
735 auto manager = CKM::Manager::create();
738 AccessProvider ap("mylabel-aes");
739 ap.allowAPI("key-manager::api-storage", "rw");
740 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
742 int current_aliases_num = count_aliases(ALIAS_KEY);
744 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
745 "Error=" << CKM::ErrorToString(temp));
747 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
748 "Error=" << CKM::ErrorToString(temp));
750 (current_aliases_num+1) == (temp = av.size()),
751 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
754 RUNNER_TEST(T1049_deinit)
756 remove_user_data(USER_APP);
760 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
762 RUNNER_TEST(T1110_init)
764 unlock_user_data(USER_APP, "user-pass");
767 RUNNER_TEST(T1111_CreateKeyPairRSA)
770 auto manager = CKM::Manager::create();
771 CKM::Alias a1 = sharedDatabase("rsa-test-1");
772 CKM::Alias a2 = sharedDatabase("rsa-test-2");
776 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
777 "Error=" << CKM::ErrorToString(temp));
779 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
780 "Error=" << CKM::ErrorToString(temp));
783 RUNNER_TEST(T1112_CreateKeyPairDSA)
786 auto manager = CKM::Manager::create();
787 CKM::Alias a1 = sharedDatabase("dsa-test-1");
788 CKM::Alias a2 = sharedDatabase("dsa-test-2");
792 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
793 "Error=" << CKM::ErrorToString(temp));
795 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
796 "Error=" << CKM::ErrorToString(temp));
799 RUNNER_TEST(T1113_CreateKeyPairECDSA)
802 auto manager = CKM::Manager::create();
803 CKM::Alias a1 = sharedDatabase("ecdsa-test-1");
804 CKM::Alias a2 = sharedDatabase("ecdsa-test-2");
808 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
809 "Error=" << CKM::ErrorToString(temp));
812 RUNNER_TEST(T1114_deinit)
817 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
819 RUNNER_TEST(T12100_init)
821 reset_user_data(USER_APP, APP_PASS);
824 RUNNER_TEST(T12101_key_exist)
826 ScopedDBUnlock unlock(USER_APP, APP_PASS);
827 ScopedAccessProvider ap("mylabel");
828 ap.allowAPI("key-manager::api-storage", "rw");
829 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
832 auto manager = CKM::Manager::create();
834 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
835 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
836 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
837 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
838 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
839 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
840 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
842 "-----END PUBLIC KEY-----";
844 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
845 auto key = CKM::Key::create(buffer);
846 CKM::Alias alias = "rsa-alias-duplication";
849 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
850 "Error=" << CKM::ErrorToString(ret));
852 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
853 "Error=" << CKM::ErrorToString(ret));
857 * These test cases tests API when empty parameters are passed to functions
860 RUNNER_TEST(T12102_saveKey_empty_alias)
862 ScopedDBUnlock unlock(USER_APP, APP_PASS);
863 ScopedAccessProvider ap("mylabel");
864 ap.allowAPI("key-manager::api-storage", "rw");
865 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
867 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
868 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
869 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
870 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
871 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
872 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
873 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
874 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
876 "-----END PUBLIC KEY-----";
878 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
879 auto key = CKM::Key::create(buffer);
880 CKM::Alias alias; //alias is not initialized
883 auto manager = CKM::Manager::create();
885 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
886 "Error=" << CKM::ErrorToString(ret));
889 RUNNER_TEST(T12103_saveKey_foreign_label)
891 ScopedDBUnlock unlock(USER_APP, APP_PASS);
892 ScopedAccessProvider ap("mylabel");
893 ap.allowAPI("key-manager::api-storage", "rw");
894 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
896 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
897 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
898 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
899 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
900 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
901 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
902 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
904 "-----END PUBLIC KEY-----";
906 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
907 auto key = CKM::Key::create(buffer);
908 CKM::Alias alias = "iamsomebodyelse alias";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::ErrorToString(ret));
917 RUNNER_TEST(T12104_saveKey_empty_key)
919 ScopedDBUnlock unlock(USER_APP, APP_PASS);
920 ScopedAccessProvider ap("mylabel");
921 ap.allowAPI("key-manager::api-storage", "rw");
922 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
924 CKM::KeyShPtr key; //key is not initialized
925 CKM::Alias alias = "empty-key";
928 auto manager = CKM::Manager::create();
930 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
931 "Error=" << CKM::ErrorToString(ret));
934 RUNNER_TEST(T12105_saveCertificate_empty_alias)
936 ScopedDBUnlock unlock(USER_APP, APP_PASS);
937 ScopedAccessProvider ap("mylabel");
938 ap.allowAPI("key-manager::api-storage", "rw");
939 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
941 auto cert = TestData::getTestCertificate(TestData::GIAG2);
942 CKM::Alias alias; //alias is not initialized
945 auto manager = CKM::Manager::create();
947 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
948 "Error=" << CKM::ErrorToString(temp));
951 RUNNER_TEST(T12106_saveCertificate_foreign_label)
953 ScopedDBUnlock unlock(USER_APP, APP_PASS);
954 ScopedAccessProvider ap("mylabel");
955 ap.allowAPI("key-manager::api-storage", "rw");
956 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
958 auto cert = TestData::getTestCertificate(TestData::GIAG2);
959 CKM::Alias alias = "iamsomebodyelse alias";
962 auto manager = CKM::Manager::create();
964 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
965 "Error=" << CKM::ErrorToString(temp));
968 RUNNER_TEST(T12107_saveCertificate_empty_cert)
970 ScopedDBUnlock unlock(USER_APP, APP_PASS);
971 ScopedAccessProvider ap("mylabel");
972 ap.allowAPI("key-manager::api-storage", "rw");
973 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
975 CKM::CertificateShPtr cert; //cert is not initialized
976 CKM::Alias alias = "empty-cert";
979 auto manager = CKM::Manager::create();
981 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
982 "Error=" << CKM::ErrorToString(temp));
985 RUNNER_TEST(T12108_saveData_empty_alias)
987 ScopedDBUnlock unlock(USER_APP, APP_PASS);
988 ScopedAccessProvider ap("mylabel");
989 ap.allowAPI("key-manager::api-storage", "rw");
990 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
992 std::string testData = "test data test data test data";
993 CKM::RawBuffer buffer(testData.begin(), testData.end());
997 auto manager = CKM::Manager::create();
999 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1000 "Error=" << CKM::ErrorToString(temp));
1003 RUNNER_TEST(T12109_saveData_foreign_label)
1005 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1006 ScopedAccessProvider ap("mylabel");
1007 ap.allowAPI("key-manager::api-storage", "rw");
1008 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1010 std::string testData = "test data test data test data";
1011 CKM::RawBuffer buffer(testData.begin(), testData.end());
1012 CKM::Alias alias = "iamsomebodyelse alias";
1015 auto manager = CKM::Manager::create();
1017 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1018 "Error=" << CKM::ErrorToString(temp));
1021 RUNNER_TEST(T12110_saveData_empty_data)
1023 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1024 ScopedAccessProvider ap("mylabel");
1025 ap.allowAPI("key-manager::api-storage", "rw");
1026 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1028 CKM::RawBuffer buffer;
1029 CKM::Alias alias = "empty-data";
1032 auto manager = CKM::Manager::create();
1034 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1035 "Error=" << CKM::ErrorToString(temp));
1039 * These test cases tests API when trying to get data from not existing alias
1042 RUNNER_TEST(T12111_getKey_alias_not_exist)
1044 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1045 ScopedAccessProvider ap("mylabel");
1046 ap.allowAPI("key-manager::api-storage", "rw");
1047 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1050 CKM::Alias alias = "this-alias-not-exist";
1053 auto manager = CKM::Manager::create();
1055 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1056 "Error=" << CKM::ErrorToString(temp));
1059 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1061 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1062 ScopedAccessProvider ap("mylabel");
1063 ap.allowAPI("key-manager::api-storage", "rw");
1064 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1066 CKM::CertificateShPtr certificate;
1067 CKM::Alias alias = "this-alias-not-exist";
1070 auto manager = CKM::Manager::create();
1072 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1073 "Error=" << CKM::ErrorToString(temp));
1076 RUNNER_TEST(T12113_getData_alias_not_exist)
1078 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1079 ScopedAccessProvider ap("mylabel");
1080 ap.allowAPI("key-manager::api-storage", "rw");
1081 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1084 auto manager = CKM::Manager::create();
1085 CKM::RawBuffer buffer;
1086 CKM::Alias alias("some alias");
1088 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1089 "Error=" << CKM::ErrorToString(temp));
1093 * These test cases tests API when damaged keys are used
1095 RUNNER_TEST(T12114_RSA_key_damaged)
1097 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1098 ScopedAccessProvider ap("mylabel");
1099 ap.allowAPI("key-manager::api-storage", "rw");
1100 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1103 auto manager = CKM::Manager::create();
1105 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1106 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1107 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1108 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1109 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1110 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1111 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1113 "-----END PUBLIC KEY-----";
1115 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1116 auto key = CKM::Key::create(buffer);
1117 CKM::Alias alias = "damaged-rsa";
1120 NULL == key.get(), "Key is broken. It should be empty");
1123 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1124 "Error=" << CKM::ErrorToString(ret));
1127 RUNNER_TEST(T12115_RSA_key_too_short)
1129 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1130 ScopedAccessProvider ap("mylabel");
1131 ap.allowAPI("key-manager::api-storage", "rw");
1132 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1135 auto manager = CKM::Manager::create();
1137 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1138 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1139 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1140 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1141 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1142 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1143 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1145 "-----END PUBLIC KEY-----";
1147 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1148 auto key = CKM::Key::create(buffer);
1149 CKM::Alias alias = "short-rsa";
1152 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1153 "Error=" << CKM::ErrorToString(ret));
1156 RUNNER_TEST(T12116_DSA_key_too_short)
1158 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1159 ScopedAccessProvider ap("mylabel");
1160 ap.allowAPI("key-manager::api-storage", "rw");
1161 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1164 auto manager = CKM::Manager::create();
1166 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1167 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1168 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1169 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1170 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1171 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1172 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1173 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1174 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1175 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1176 "YMYCBhubtrVaLmc=\n"
1177 "-----END PUBLIC KEY-----";
1179 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1180 auto key = CKM::Key::create(buffer);
1181 CKM::Alias alias = "short-dsa";
1184 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1185 "Error=" << CKM::ErrorToString(ret));
1188 RUNNER_TEST(T12117_AES_key_too_short)
1191 auto manager = CKM::Manager::create();
1193 size_t key_size = (128-1);
1194 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1196 auto key = CKM::Key::create(key_AES);
1197 CKM::Alias alias = "short-AES";
1200 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1201 "Error=" << CKM::ErrorToString(ret));
1205 * These test cases tests CKM service if malicious data is provided over the socket.
1208 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1210 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1211 ScopedAccessProvider ap("mylabel");
1212 ap.allowAPI("key-manager::api-storage", "rw");
1213 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1216 auto manager = CKM::Manager::create();
1218 // fake the client - let the service detect the problem
1219 class WrongKeyImpl : public CKM::Key
1222 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1225 virtual bool empty() const {
1229 virtual CKM::KeyType getType() const {
1230 return CKM::KeyType::KEY_RSA_PUBLIC;
1232 virtual int getSize() const {
1235 virtual CKM::ElipticCurve getCurve() const {
1236 return CKM::ElipticCurve::prime192v1;
1238 virtual CKM::RawBuffer getDER() const {
1241 virtual ~WrongKeyImpl() {}
1243 CKM::RawBuffer & m_dummy;
1245 std::string dummyData = "my_cat_Berta\n";
1246 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1247 auto key = std::make_shared<WrongKeyImpl>(buffer);
1248 CKM::Alias alias = "damaged-rsa";
1251 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1252 "Error=" << CKM::ErrorToString(ret));
1255 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1257 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1258 ScopedAccessProvider ap("mylabel");
1259 ap.allowAPI("key-manager::api-storage", "rw");
1260 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1262 // fake the client - let the service detect the problem
1263 class WrongCertImpl : public CKM::Certificate
1266 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1267 m_x509 = X509_new();
1270 bool empty() const {
1274 virtual X509 *getX509() const {
1278 virtual CKM::RawBuffer getDER() const {
1282 virtual ~WrongCertImpl() {
1287 CKM::RawBuffer & m_dummy;
1289 std::string dummyData = "my_cat_Stefan\n";
1290 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1291 auto cert = std::make_shared<WrongCertImpl>(buffer);
1292 CKM::Alias alias = "damaged-cert";
1295 auto manager = CKM::Manager::create();
1297 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1298 "Error=" << CKM::ErrorToString(temp));
1301 RUNNER_TEST(T12120_deinit)
1303 remove_user_data(USER_APP);
1306 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1308 RUNNER_TEST(T1311_init)
1310 remove_user_data(0);
1311 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1312 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1314 ScopedLabel sl("System");
1315 struct hostent* he = gethostbyname("google.com");
1317 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1318 "is not woking on the device. OCSP tests requires network access!");
1321 RUNNER_TEST(T13121_get_chain_no_cert)
1323 CKM::CertificateShPtrVector certChain;
1324 CKM::CertificateShPtr cert;
1326 auto manager = CKM::Manager::create();
1328 int ret = manager->getCertificateChain(cert,
1333 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1334 "Function should fail for empty certificate");
1337 RUNNER_TEST(T13122_get_chain_empty_cert)
1339 CKM::CertificateShPtrVector certChain;
1340 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1341 CKM::DataFormat::FORM_PEM);
1343 auto manager = CKM::Manager::create();
1345 int ret = manager->getCertificateChain(cert,
1350 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1351 "Function should fail for empty certificate");
1354 RUNNER_TEST(T13129_get_chain)
1356 auto cert = TestData::getTestCertificate(TestData::MBANK);
1357 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1359 CKM::CertificateShPtrVector certVector = {cert1};
1360 CKM::CertificateShPtrVector certChain;
1363 auto manager = CKM::Manager::create();
1365 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1366 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1368 tmp = manager->getCertificateChain(cert,
1373 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1374 "Error=" << CKM::ErrorToString(tmp));
1377 0 == certChain.size(),
1378 "Wrong size of certificate chain.");
1380 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1381 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1384 3 == certChain.size(),
1385 "Wrong size of certificate chain.");
1388 RUNNER_TEST(T1313_get_chain_with_alias)
1390 auto cert = TestData::getTestCertificate(TestData::MBANK);
1391 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1393 CKM::CertificateShPtrVector certChain;
1394 CKM::AliasVector aliasVector;
1395 CKM::Alias alias = sharedDatabase("imcert");
1398 auto manager = CKM::Manager::create();
1400 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1401 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1403 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1404 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1405 "Error=" << CKM::ErrorToString(tmp));
1408 0 == certChain.size(),
1409 "Wrong size of certificate chain.");
1412 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1413 "Error=" << CKM::ErrorToString(tmp));
1415 aliasVector.push_back(alias);
1417 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1418 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1421 3 == certChain.size(),
1422 "Wrong size of certificate chain.");
1425 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1427 auto cert = TestData::getTestCertificate(TestData::MBANK);
1428 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1429 CKM::CertificateShPtrVector certVector = {cert1};
1430 CKM::CertificateShPtrVector certChain;
1433 auto manager = CKM::Manager::create();
1435 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1436 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1438 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1439 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1440 "Error=" << CKM::ErrorToString(tmp));
1443 0 == certChain.size(),
1444 "Wrong size of certificate chain.");
1446 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1447 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1450 3 == certChain.size(),
1451 "Wrong size of certificate chain.");
1455 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1456 "Error=" << CKM::ErrorToString(tmp));
1458 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1461 RUNNER_TEST(T13142_ocsp_check_empty)
1463 CKM::CertificateShPtrVector certVector;
1465 auto manager = CKM::Manager::create();
1470 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1471 "ocspCheck should fail for empty certificate vector");
1474 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1476 CKM::CertificateShPtrVector certVector = {
1477 CKM::CertificateShPtr(),
1478 CKM::CertificateShPtr(),
1479 CKM::CertificateShPtr()};
1481 auto manager = CKM::Manager::create();
1486 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1487 "ocspCheck should fail for empty certificate vector");
1490 RUNNER_TEST(T13144_ocsp_check_root)
1492 auto root = TestData::getTestCertificate(TestData::EQUIFAX);
1493 CKM::CertificateShPtrVector certVector = {root};
1495 auto manager = CKM::Manager::create();
1497 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1502 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1503 "Ocsp should fail for single certificate");
1506 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1508 auto root = TestData::getTestCertificate(TestData::EQUIFAX);
1509 auto ca2 = TestData::getTestCertificate(TestData::GEOTRUST);
1510 auto ca1 = TestData::getTestCertificate(TestData::GIAG2);
1512 CKM::CertificateShPtrVector certVector = {ca1, ca2, root};
1514 auto manager = CKM::Manager::create();
1516 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1517 RUNNER_ASSERT_MSG(NULL != ca2.get(), "Certificate should not be empty");
1518 RUNNER_ASSERT_MSG(NULL != ca1.get(), "Certificate should not be empty");
1523 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1524 "Error=" << CKM::ErrorToString(tmp));
1526 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1529 RUNNER_TEST(T1315_deinit)
1531 remove_user_data(0);
1534 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1536 RUNNER_TEST(T1411_init)
1538 remove_user_data(0);
1541 RUNNER_TEST(T1412_RSA_key_create_verify)
1544 auto manager = CKM::Manager::create();
1546 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1547 "Proc-Type: 4,ENCRYPTED\n"
1548 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1550 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1551 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1552 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1553 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1554 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1555 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1556 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1557 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1558 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1559 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1560 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1561 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1562 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1563 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1564 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1565 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1566 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1567 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1568 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1569 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1570 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1571 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1572 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1573 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1574 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1575 "-----END RSA PRIVATE KEY-----\n";
1577 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1578 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1579 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1580 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1581 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1582 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1583 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1585 "-----END PUBLIC KEY-----\n";
1587 std::string message = "message test";
1589 CKM::Alias aliasPub = sharedDatabase("pub1");
1590 CKM::Alias aliasPrv = sharedDatabase("prv1");
1591 CKM::Password password = "1234";
1592 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1593 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1594 CKM::RawBuffer signature;
1596 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1597 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1599 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1600 "Key is empty. Failed to import public key.");
1601 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1602 "Key is empty. Failed to import private key.");
1605 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1606 "Error=" << CKM::ErrorToString(temp));
1608 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1609 "Error=" << CKM::ErrorToString(temp));
1612 CKM_API_SUCCESS == (temp = manager->createSignature(
1615 CKM::RawBuffer(message.begin(), message.end()),
1619 "Error=" << CKM::ErrorToString(temp));
1622 CKM_API_SUCCESS == (temp = manager->verifySignature(
1625 CKM::RawBuffer(message.begin(), message.end()),
1629 "Error=" << CKM::ErrorToString(temp));
1632 RUNNER_TEST(T1413_DSA_key_create_verify)
1635 auto manager = CKM::Manager::create();
1637 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1638 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1639 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1640 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1641 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1642 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1643 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1644 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1645 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1646 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1647 "u1roOuaPY+Hl19BlTE2qdw==\n"
1648 "-----END DSA PRIVATE KEY-----";
1650 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1651 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1652 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1653 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1654 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1655 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1656 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1657 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1658 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1659 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1660 "YMYCBhubtrVaLmc=\n"
1661 "-----END PUBLIC KEY-----";
1663 std::string message = "message test";
1665 CKM::Alias aliasPub = sharedDatabase("pub2");
1666 CKM::Alias aliasPrv = sharedDatabase("prv2");
1667 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1668 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1669 CKM::RawBuffer signature;
1671 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1672 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1674 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1675 "Key is empty. Failed to import public key.");
1676 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1677 "Key is empty. Failed to import private key.");
1680 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1681 "Error=" << CKM::ErrorToString(temp));
1683 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1684 "Error=" << CKM::ErrorToString(temp));
1687 CKM_API_SUCCESS == (temp = manager->createSignature(
1690 CKM::RawBuffer(message.begin(), message.end()),
1694 "Error=" << CKM::ErrorToString(temp));
1697 CKM_API_SUCCESS == (temp = manager->verifySignature(
1700 CKM::RawBuffer(message.begin(), message.end()),
1704 "Error=" << CKM::ErrorToString(temp));
1708 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1711 auto manager = CKM::Manager::create();
1713 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1714 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1715 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1716 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1717 "-----END EC PRIVATE KEY-----\n";
1719 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1720 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1721 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1722 "-----END PUBLIC KEY-----\n";
1724 std::string message = "message test";
1726 CKM::Alias aliasPub = sharedDatabase("ecpub2");
1727 CKM::Alias aliasPrv = sharedDatabase("ecprv2");
1728 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1729 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1730 CKM::RawBuffer signature;
1732 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1733 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1735 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1736 "Key is empty. Failed to import public key.");
1737 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1738 "Key is empty. Failed to import private key.");
1741 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1742 "Error=" << CKM::ErrorToString(temp));
1744 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1745 "Error=" << CKM::ErrorToString(temp));
1748 CKM_API_SUCCESS == (temp = manager->createSignature(
1751 CKM::RawBuffer(message.begin(), message.end()),
1755 "Error=" << CKM::ErrorToString(temp));
1758 CKM_API_SUCCESS == (temp = manager->verifySignature(
1761 CKM::RawBuffer(message.begin(), message.end()),
1765 "Error=" << CKM::ErrorToString(temp));
1767 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1769 memcpy((void*)signature.data(), "BROKEN", 6);
1772 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1775 CKM::RawBuffer(message.begin(), message.end()),
1779 "Error=" << CKM::ErrorToString(temp));
1782 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1785 auto manager = CKM::Manager::create();
1786 std::string message = "message asdfaslkdfjlksadjf test";
1788 CKM::Alias aliasPub = sharedDatabase("pub1");
1789 CKM::Alias aliasPrv = sharedDatabase("prv1");
1791 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1792 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1793 CKM::RawBuffer signature;
1796 CKM_API_SUCCESS == (temp = manager->createSignature(
1799 CKM::RawBuffer(message.begin(), message.end()),
1803 "Error=" << CKM::ErrorToString(temp));
1806 CKM_API_SUCCESS == (temp = manager->verifySignature(
1809 CKM::RawBuffer(message.begin(), message.end()),
1813 "Error=" << CKM::ErrorToString(temp));
1815 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1816 memcpy((void*)signature.data(), "BROKEN", 6);
1819 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1822 CKM::RawBuffer(message.begin(), message.end()),
1826 "Error=" << CKM::ErrorToString(temp));
1829 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1832 auto manager = CKM::Manager::create();
1833 std::string message = "message asdfaslkdfjlksadjf test";
1835 CKM::Alias aliasPub = sharedDatabase("pub2");
1836 CKM::Alias aliasPrv = sharedDatabase("prv2");
1838 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1839 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1840 CKM::RawBuffer signature;
1843 CKM_API_SUCCESS == (temp = manager->createSignature(
1846 CKM::RawBuffer(message.begin(), message.end()),
1850 "Error=" << CKM::ErrorToString(temp));
1853 CKM_API_SUCCESS == (temp = manager->verifySignature(
1856 CKM::RawBuffer(message.begin(), message.end()),
1860 "Error=" << CKM::ErrorToString(temp));
1862 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1863 memcpy((void*)signature.data(), "BROKEN", 6);
1866 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1869 CKM::RawBuffer(message.begin(), message.end()),
1873 "Error=" << CKM::ErrorToString(temp));
1876 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1879 auto manager = CKM::Manager::create();
1882 "-----BEGIN RSA PRIVATE KEY-----\n"
1883 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1884 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1885 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1886 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1887 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1888 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1889 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1890 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1891 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1892 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1893 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1894 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1895 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1896 "-----END RSA PRIVATE KEY-----\n";
1899 "-----BEGIN CERTIFICATE-----\n"
1900 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1901 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1902 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1903 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1904 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1905 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1906 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1907 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1908 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1909 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1910 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1911 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1912 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1913 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1914 "-----END CERTIFICATE-----\n";
1916 std::string message = "message test";
1918 CKM::Alias aliasPub = sharedDatabase("pub1-cert");
1919 CKM::Alias aliasPrv = sharedDatabase("prv1-cert");
1920 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1921 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1922 CKM::RawBuffer signature;
1924 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1925 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1927 RUNNER_ASSERT_MSG(NULL != cert.get(),
1928 "Key is empty. Failed to import public key.");
1929 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1930 "Key is empty. Failed to import private key.");
1933 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1934 "Error=" << CKM::ErrorToString(temp));
1936 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1937 "Error=" << CKM::ErrorToString(temp));
1940 CKM_API_SUCCESS == (temp = manager->createSignature(
1943 CKM::RawBuffer(message.begin(), message.end()),
1947 "Error=" << CKM::ErrorToString(temp));
1950 CKM_API_SUCCESS == (temp = manager->verifySignature(
1953 CKM::RawBuffer(message.begin(), message.end()),
1957 "Error=" << CKM::ErrorToString(temp));
1959 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1961 memcpy((void*)signature.data(), "BROKEN", 6);
1964 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1967 CKM::RawBuffer(message.begin(), message.end()),
1971 "Error=" << CKM::ErrorToString(temp));
1974 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1977 auto manager = CKM::Manager::create();
1979 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1980 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1981 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1982 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1983 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1984 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1985 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1986 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1987 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1988 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1989 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1990 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1991 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1992 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1993 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1994 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1995 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1996 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1997 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1998 "-----END CERTIFICATE-----\n";
2000 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
2001 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
2002 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
2003 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
2004 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2005 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2006 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2007 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2008 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2009 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2010 "vonbjii3BYe4AIdkzOvp\n"
2011 "-----END DSA PRIVATE KEY-----\n";
2013 std::string message = "message test";
2015 CKM::Alias aliasPub = sharedDatabase("pub2-cert");
2016 CKM::Alias aliasPrv = sharedDatabase("prv2-cert");
2017 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2018 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2019 CKM::RawBuffer signature;
2021 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2022 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2024 RUNNER_ASSERT_MSG(NULL != cert.get(),
2025 "Key is empty. Failed to import public key.");
2026 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2027 "Key is empty. Failed to import private key.");
2030 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2031 "Error=" << CKM::ErrorToString(temp));
2033 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2034 "Error=" << CKM::ErrorToString(temp));
2037 CKM_API_SUCCESS == (temp = manager->createSignature(
2040 CKM::RawBuffer(message.begin(), message.end()),
2044 "Error=" << CKM::ErrorToString(temp));
2047 CKM_API_SUCCESS == (temp = manager->verifySignature(
2050 CKM::RawBuffer(message.begin(), message.end()),
2054 "Error=" << CKM::ErrorToString(temp));
2056 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2058 memcpy((void*)signature.data(), "BROKEN", 6);
2061 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2064 CKM::RawBuffer(message.begin(), message.end()),
2068 "Error=" << CKM::ErrorToString(temp));
2071 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2074 auto manager = CKM::Manager::create();
2077 "-----BEGIN EC PRIVATE KEY-----\n"
2078 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2079 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2080 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2081 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2082 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2083 "ELyhe7yPCAuOoLZlTLgf\n"
2084 "-----END EC PRIVATE KEY-----\n";
2087 "-----BEGIN CERTIFICATE-----\n"
2088 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2089 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2090 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2091 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2092 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2093 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2094 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2095 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2096 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2097 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2098 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2099 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2100 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2101 "Q1oBry6NEc+lLFmWMDesAA==\n"
2102 "-----END CERTIFICATE-----\n";
2104 std::string message = "message test";
2106 CKM::Alias aliasPub = sharedDatabase("pub3");
2107 CKM::Alias aliasPrv = sharedDatabase("prv3");
2108 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2109 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2110 CKM::RawBuffer signature;
2112 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2113 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2115 RUNNER_ASSERT_MSG(NULL != cert.get(),
2116 "Key is empty. Failed to import public key.");
2117 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2118 "Key is empty. Failed to import private key.");
2121 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2122 "Error=" << CKM::ErrorToString(temp));
2124 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2125 "Error=" << CKM::ErrorToString(temp));
2128 CKM_API_SUCCESS == (temp = manager->createSignature(
2131 CKM::RawBuffer(message.begin(), message.end()),
2135 "Error=" << CKM::ErrorToString(temp));
2138 CKM_API_SUCCESS == (temp = manager->verifySignature(
2141 CKM::RawBuffer(message.begin(), message.end()),
2145 "Error=" << CKM::ErrorToString(temp));
2147 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2149 memcpy((void*)signature.data(), "BROKEN", 6);
2152 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2155 CKM::RawBuffer(message.begin(), message.end()),
2159 "Error=" << CKM::ErrorToString(temp));
2162 RUNNER_TEST(T1420_deinit)
2164 remove_user_data(0);
2167 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2169 RUNNER_TEST(T14180_init)
2172 remove_user_data(0);
2174 auto manager = CKM::Manager::create();
2176 // Prepare RSA Key Pair
2177 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2178 "Proc-Type: 4,ENCRYPTED\n"
2179 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2181 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2182 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2183 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2184 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2185 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2186 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2187 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2188 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2189 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2190 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2191 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2192 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2193 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2194 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2195 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2196 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2197 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2198 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2199 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2200 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2201 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2202 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2203 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2204 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2205 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2206 "-----END RSA PRIVATE KEY-----\n";
2208 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2209 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2210 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2211 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2212 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2213 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2214 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2216 "-----END PUBLIC KEY-----\n";
2218 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2219 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2220 CKM::Password password = "1234";
2222 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2223 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2225 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2226 "Key is empty. Failed to import public key.");
2227 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2228 "Key is empty. Failed to import private key.");
2231 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2232 "Error=" << CKM::ErrorToString(temp));
2234 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2235 "Error=" << CKM::ErrorToString(temp));
2237 // Prepare ECDSA Key Pair
2238 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2239 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2240 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2241 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2242 "-----END EC PRIVATE KEY-----\n";
2244 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2245 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2246 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2247 "-----END PUBLIC KEY-----\n";
2249 CKM::Alias aliasEcPub = sharedDatabase("ecpub_nohash1");
2250 CKM::Alias aliasEcPrv = sharedDatabase("ecprv_nohash1");
2252 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2253 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2255 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2256 "Key is empty. Failed to import public key.");
2257 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2258 "Key is empty. Failed to import private key.");
2261 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2262 "Error=" << CKM::ErrorToString(temp));
2264 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2265 "Error=" << CKM::ErrorToString(temp));
2269 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2272 auto manager = CKM::Manager::create();
2273 std::string message = "message asdfaslkdfjlksadjf test";
2275 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2276 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2278 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2279 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2280 CKM::RawBuffer signature;
2283 CKM_API_SUCCESS == (temp = manager->createSignature(
2286 CKM::RawBuffer(message.begin(), message.end()),
2290 "Error=" << CKM::ErrorToString(temp));
2293 CKM_API_SUCCESS == (temp = manager->verifySignature(
2296 CKM::RawBuffer(message.begin(), message.end()),
2300 "Error=" << CKM::ErrorToString(temp));
2302 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2303 memcpy((void*)signature.data(), "BROKEN", 6);
2306 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2309 CKM::RawBuffer(message.begin(), message.end()),
2313 "Error=" << CKM::ErrorToString(temp));
2316 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2319 auto manager = CKM::Manager::create();
2320 std::string message = "message asdfaslkdfjlksadjf test";
2322 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2323 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2325 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2326 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2327 CKM::RawBuffer signature;
2330 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2333 CKM::RawBuffer(message.begin(), message.end()),
2337 "Error=" << CKM::ErrorToString(temp));
2340 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2343 auto manager = CKM::Manager::create();
2344 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2345 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2346 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2347 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2348 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2349 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2350 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2351 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2352 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2353 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2354 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2355 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2356 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2357 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2358 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2359 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2360 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2361 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2362 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2363 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2365 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2366 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2368 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2369 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2370 CKM::RawBuffer signature;
2373 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2376 CKM::RawBuffer(message.begin(), message.end()),
2380 "Error=" << CKM::ErrorToString(temp));
2384 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2387 auto manager = CKM::Manager::create();
2389 std::string message = "message test";
2391 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2392 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2393 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2394 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2395 CKM::RawBuffer signature;
2398 CKM_API_SUCCESS == (temp = manager->createSignature(
2401 CKM::RawBuffer(message.begin(), message.end()),
2405 "Error=" << CKM::ErrorToString(temp));
2408 CKM_API_SUCCESS == (temp = manager->verifySignature(
2411 CKM::RawBuffer(message.begin(), message.end()),
2415 "Error=" << CKM::ErrorToString(temp));
2417 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2419 memcpy((void*)signature.data(), "BROKEN", 6);
2422 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2425 CKM::RawBuffer(message.begin(), message.end()),
2429 "Error=" << CKM::ErrorToString(temp));
2432 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2435 auto manager = CKM::Manager::create();
2437 int msgSize = 1024*1024;
2438 char big_msg[msgSize];
2439 for(int i =0; i<msgSize-1; i++) {
2442 big_msg[msgSize-1]=0x00;
2443 std::string message(big_msg);
2445 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2446 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2447 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2448 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2449 CKM::RawBuffer signature;
2452 CKM_API_SUCCESS == (temp = manager->createSignature(
2455 CKM::RawBuffer(message.begin(), message.end()),
2459 "Error=" << CKM::ErrorToString(temp));
2463 RUNNER_TEST(T14189_deinit)
2465 remove_user_data(0);
2469 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2471 RUNNER_TEST(T1510_init_unlock_key)
2473 reset_user_data(USER_TEST, APP_PASS);
2476 RUNNER_TEST(T1511_insert_data)
2478 auto certee = TestData::getTestCertificate(TestData::MBANK);
2479 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2480 CKM::Alias certeeAlias("CertEE");
2481 CKM::Alias certimAlias("CertIM");
2483 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2484 ScopedAccessProvider ap("my-label");
2485 ap.allowAPI("key-manager::api-storage", "rw");
2486 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2488 auto manager = CKM::Manager::create();
2489 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
2490 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
2494 stop_service(MANAGER);
2495 start_service(MANAGER);
2499 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2500 ScopedAccessProvider ap("my-label");
2501 ap.allowAPI("key-manager::api-storage", "rw");
2502 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2504 auto manager = CKM::Manager::create();
2505 int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
2506 int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
2508 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2509 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2511 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2512 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2516 RUNNER_TEST(T1519_deinit)
2518 remove_user_data(USER_TEST);
2521 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2523 RUNNER_TEST(T1701_init_unlock_key)
2525 unlock_user_data(USER_TEST+1, "t170-special-password");
2527 ScopedAccessProvider ap("t170-special-label");
2528 ap.allowAPI("key-manager::api-storage", "rw");
2529 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2532 RUNNER_CHILD_TEST(T1702_insert_data)
2535 ScopedAccessProvider ap("t170-special-label");
2536 ap.allowAPI("key-manager::api-storage", "rw");
2537 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2539 auto certee = TestData::getTestCertificate(TestData::MBANK);
2541 auto manager = CKM::Manager::create();
2542 size_t current_aliases_num = count_aliases(ALIAS_CERT);
2543 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2546 CKM_API_SUCCESS == status1,
2547 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2549 CKM::AliasVector av;
2551 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2552 "Error=" << CKM::ErrorToString(temp));
2554 (current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
2555 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
2558 RUNNER_TEST(T1703_removeApplicationData)
2561 auto control = CKM::Control::create();
2563 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2564 "Error=" << CKM::ErrorToString(tmp));
2567 RUNNER_CHILD_TEST(T1704_data_test)
2570 ScopedAccessProvider ap("t170-special-label");
2571 ap.allowAPI("key-manager::api-storage", "rw");
2572 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2574 CKM::AliasVector av;
2575 auto manager = CKM::Manager::create();
2578 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2579 "Error=" << CKM::ErrorToString(temp));
2581 0 == (temp = av.size()),
2582 "Vector size: " << temp << ". Expected: 0");
2585 RUNNER_TEST(T1705_deinit)
2587 remove_user_data(USER_TEST+1);
2590 RUNNER_TEST(T17101_init)
2594 auto control = CKM::Control::create();
2596 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2597 "Error=" << CKM::ErrorToString(tmp));
2599 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2600 "Error=" << CKM::ErrorToString(tmp));
2602 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2603 "Error=" << CKM::ErrorToString(tmp));
2606 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2607 "Error=" << CKM::ErrorToString(tmp));
2609 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2610 "Error=" << CKM::ErrorToString(tmp));
2612 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2613 "Error=" << CKM::ErrorToString(tmp));
2616 RUNNER_CHILD_TEST(T17102_prep_data_01)
2619 ScopedAccessProvider ap("t1706-special-label");
2620 ap.allowAPI("key-manager::api-storage", "rw");
2621 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2623 CKM::AliasVector av;
2624 auto manager = CKM::Manager::create();
2626 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2628 CKM::RawBuffer buffer(data.begin(), data.end());
2629 CKM::Policy exportable(CKM::Password(), true);
2632 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2633 "Error=" << CKM::ErrorToString(temp));
2636 RUNNER_CHILD_TEST(T17103_prep_data_02)
2639 ScopedAccessProvider ap("t1706-special-label2");
2640 ap.allowAPI("key-manager::api-storage", "rw");
2641 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2643 CKM::AliasVector av;
2644 auto manager = CKM::Manager::create();
2646 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2648 CKM::RawBuffer buffer(data.begin(), data.end());
2649 CKM::Policy exportable(CKM::Password(), true);
2652 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2653 "Error=" << CKM::ErrorToString(temp));
2656 RUNNER_CHILD_TEST(T17104_prep_data_03)
2659 ScopedAccessProvider ap("t1706-special-label");
2660 ap.allowAPI("key-manager::api-storage", "rw");
2661 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2663 CKM::AliasVector av;
2664 auto manager = CKM::Manager::create();
2666 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2668 CKM::RawBuffer buffer(data.begin(), data.end());
2669 CKM::Policy exportable(CKM::Password(), true);
2672 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2673 "Error=" << CKM::ErrorToString(temp));
2676 RUNNER_CHILD_TEST(T17105_prep_data_04)
2679 ScopedAccessProvider ap("t1706-special-label2");
2680 ap.allowAPI("key-manager::api-storage", "rw");
2681 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2683 CKM::AliasVector av;
2684 auto manager = CKM::Manager::create();
2686 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2688 CKM::RawBuffer buffer(data.begin(), data.end());
2689 CKM::Policy exportable(CKM::Password(), true);
2692 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2693 "Error=" << CKM::ErrorToString(temp));
2696 RUNNER_TEST(T17106_remove_application)
2700 auto control = CKM::Control::create();
2702 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2703 "Error=" << CKM::ErrorToString(tmp));
2705 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
2706 "Error=" << CKM::ErrorToString(tmp));
2709 RUNNER_CHILD_TEST(T17107_check_data_01)
2712 ScopedAccessProvider ap("t1706-special-label");
2713 ap.allowAPI("key-manager::api-storage", "rw");
2714 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2716 CKM::AliasVector av;
2717 auto manager = CKM::Manager::create();
2720 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2721 "Error=" << CKM::ErrorToString(temp));
2723 0 == (temp = av.size()),
2724 "Vector size: " << temp << ". Expected: 0");
2727 RUNNER_CHILD_TEST(T17108_check_data_02)
2730 ScopedAccessProvider ap("t1706-special-label2");
2731 ap.allowAPI("key-manager::api-storage", "rw");
2732 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2734 CKM::AliasVector av;
2735 auto manager = CKM::Manager::create();
2738 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2739 "Error=" << CKM::ErrorToString(temp));
2741 1 == (temp = av.size()),
2742 "Vector size: " << temp << ". Expected: 1");
2745 RUNNER_TEST(T17109_unlock_user2)
2749 auto control = CKM::Control::create();
2751 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2752 "Error=" << CKM::ErrorToString(tmp));
2755 RUNNER_CHILD_TEST(T17110_check_data_03)
2758 ScopedAccessProvider ap("t1706-special-label");
2759 ap.allowAPI("key-manager::api-storage", "rw");
2760 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2762 CKM::AliasVector av;
2763 auto manager = CKM::Manager::create();
2766 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2767 "Error=" << CKM::ErrorToString(temp));
2769 0 == (temp = av.size()),
2770 "Vector size: " << temp << ". Expected: 0");
2773 RUNNER_CHILD_TEST(T17111_check_data_04)
2776 ScopedAccessProvider ap("t1706-special-label2");
2777 ap.allowAPI("key-manager::api-storage", "rw");
2778 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2780 CKM::AliasVector av;
2781 auto manager = CKM::Manager::create();
2784 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2785 "Error=" << CKM::ErrorToString(temp));
2787 1 == (temp = av.size()),
2788 "Vector size: " << temp << ". Expected: 1");
2791 RUNNER_TEST(T17112_deinit)
2793 remove_user_data(USER_TEST+2);
2794 remove_user_data(USER_TEST+3);
2797 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2801 CKM::Alias alias_PKCS_collision = sharedDatabase("test-PKCS-collision");
2802 CKM::Alias alias_PKCS_exportable = sharedDatabase("test-PKCS-export");
2803 CKM::Alias alias_PKCS_not_exportable = sharedDatabase("test-PKCS-no-export");
2804 CKM::Alias alias_PKCS_priv_key_copy = sharedDatabase("test-PKCS-private-key-copy");
2805 CKM::Alias alias_PKCS_priv_key_wrong = sharedDatabase("test-PKCS-private-key-wrong");
2808 RUNNER_TEST(T1800_init)
2810 remove_user_data(0);
2813 RUNNER_TEST(T1801_parse_PKCS12) {
2814 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2815 std::istreambuf_iterator<char> begin(is), end;
2816 std::vector<char> buff(begin, end);
2818 CKM::RawBuffer buffer(buff.size());
2819 memcpy(buffer.data(), buff.data(), buff.size());
2821 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2824 "Error in PKCS12::create()");
2826 auto cert = pkcs->getCertificate();
2829 "Error in PKCS12::getCertificate()");
2831 auto key = pkcs->getKey();
2834 "Error in PKCS12::getKey()");
2836 auto caVector = pkcs->getCaCertificateShPtrVector();
2838 0 == caVector.size(),
2839 "Wrong size of vector");
2842 RUNNER_TEST(T1802_negative_wrong_password) {
2843 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2844 std::istreambuf_iterator<char> begin(is), end;
2845 std::vector<char> buff(begin, end);
2847 CKM::RawBuffer buffer(buff.size());
2848 memcpy(buffer.data(), buff.data(), buff.size());
2850 auto pkcs = CKM::PKCS12::create(buffer, "error");
2853 "Expected error in PKCS12::create()");
2856 RUNNER_TEST(T1803_negative_broken_buffer) {
2857 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2858 std::istreambuf_iterator<char> begin(is), end;
2859 std::vector<char> buff(begin, end);
2861 CKM::RawBuffer buffer(buff.size());
2862 memcpy(buffer.data(), buff.data(), buff.size());
2864 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2867 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2870 "Expected error in PKCS12::create()");
2873 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2875 auto manager = CKM::Manager::create();
2876 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2877 std::istreambuf_iterator<char> begin(is), end;
2878 std::vector<char> buff(begin, end);
2880 CKM::RawBuffer buffer(buff.size());
2881 memcpy(buffer.data(), buff.data(), buff.size());
2883 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2886 "Error in PKCS12::create()");
2889 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2890 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2891 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2892 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2893 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2894 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2895 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2896 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2897 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2898 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2899 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2900 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2901 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2902 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2903 "-----END RSA PRIVATE KEY-----\n";
2905 std::string message = "message test";
2907 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2908 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2909 "Key is empty. Failed to import private key.");
2913 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2914 "Error=" << CKM::ErrorToString(temp));
2917 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2918 "Error=" << CKM::ErrorToString(temp));
2921 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2923 auto manager = CKM::Manager::create();
2924 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2925 std::istreambuf_iterator<char> begin(is), end;
2926 std::vector<char> buff(begin, end);
2928 CKM::RawBuffer buffer(buff.size());
2929 memcpy(buffer.data(), buff.data(), buff.size());
2931 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2934 "Error in PKCS12::create()");
2936 auto cert = pkcs->getCertificate();
2939 "Error in PKCS12::getCertificate()");
2941 auto key = pkcs->getKey();
2944 "Error in PKCS12::getKey()");
2946 auto caVector = pkcs->getCaCertificateShPtrVector();
2948 2 == caVector.size(),
2949 "Wrong size of vector");
2953 CKM::Policy exportable;
2954 CKM::Policy notExportable(CKM::Password(), false);
2957 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2958 "Error=" << CKM::ErrorToString(tmp));
2960 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2961 "Error=" << CKM::ErrorToString(tmp));
2963 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2964 "Error=" << CKM::ErrorToString(tmp));
2966 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2967 "Error=" << CKM::ErrorToString(tmp));
2969 // try to lookup key
2970 CKM::KeyShPtr key_lookup;
2972 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2973 "Error=" << CKM::ErrorToString(tmp));
2975 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2976 "Error=" << CKM::ErrorToString(tmp));
2978 // try to lookup certificate
2979 CKM::CertificateShPtr cert_lookup;
2981 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2982 "Error=" << CKM::ErrorToString(tmp));
2984 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2985 "Error=" << CKM::ErrorToString(tmp));
2988 RUNNER_TEST(T1806_get_PKCS)
2991 auto manager = CKM::Manager::create();
2993 CKM::PKCS12ShPtr pkcs;
2997 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12(sharedDatabase("i-do-not-exist").c_str(), pkcs)),
2998 "Error=" << CKM::ErrorToString(temp));
3000 // fail - not exportable
3002 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
3003 "Error=" << CKM::ErrorToString(temp));
3005 // success - exportable
3007 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3008 "Error=" << CKM::ErrorToString(temp));
3010 auto cert = pkcs->getCertificate();
3013 "Error in PKCS12::getCertificate()");
3015 auto key = pkcs->getKey();
3018 "Error in PKCS12::getKey()");
3020 auto caVector = pkcs->getCaCertificateShPtrVector();
3022 2 == caVector.size(),
3023 "Wrong size of vector");
3026 RUNNER_TEST(T1807_create_and_verify_signature)
3029 auto manager = CKM::Manager::create();
3031 std::string message = "message test";
3033 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3034 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3035 CKM::RawBuffer signature;
3038 CKM_API_SUCCESS == (temp = manager->createSignature(
3039 alias_PKCS_exportable,
3041 CKM::RawBuffer(message.begin(), message.end()),
3045 "Error=" << CKM::ErrorToString(temp));
3048 CKM_API_SUCCESS == (temp = manager->verifySignature(
3049 alias_PKCS_exportable,
3051 CKM::RawBuffer(message.begin(), message.end()),
3055 "Error=" << CKM::ErrorToString(temp));
3058 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3061 auto manager = CKM::Manager::create();
3063 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3064 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3065 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3066 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3067 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3068 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3069 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3070 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3071 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3072 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3073 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3074 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3075 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3076 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3077 "-----END RSA PRIVATE KEY-----";
3078 std::string message = "message test";
3080 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3081 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3082 "Key is empty. Failed to import private key.");
3085 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3086 "Error=" << CKM::ErrorToString(temp));
3088 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3089 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3090 CKM::RawBuffer signature;
3093 CKM_API_SUCCESS == (temp = manager->createSignature(
3094 alias_PKCS_priv_key_copy,
3096 CKM::RawBuffer(message.begin(), message.end()),
3100 "Error=" << CKM::ErrorToString(temp));
3103 CKM_API_SUCCESS == (temp = manager->verifySignature(
3104 alias_PKCS_exportable,
3106 CKM::RawBuffer(message.begin(), message.end()),
3110 "Error=" << CKM::ErrorToString(temp));
3113 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3116 auto manager = CKM::Manager::create();
3118 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3119 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3120 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3121 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3122 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3123 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3124 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3125 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3126 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3127 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3128 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3129 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3130 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3131 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3132 "-----END RSA PRIVATE KEY-----\n";
3134 std::string message = "message test";
3136 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3137 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3138 "Key is empty. Failed to import private key.");
3141 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3142 "Error=" << CKM::ErrorToString(temp));
3144 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3145 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3146 CKM::RawBuffer signature;
3149 CKM_API_SUCCESS == (temp = manager->createSignature(
3150 alias_PKCS_priv_key_wrong,
3152 CKM::RawBuffer(message.begin(), message.end()),
3156 "Error=" << CKM::ErrorToString(temp));
3159 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3160 alias_PKCS_exportable,
3162 CKM::RawBuffer(message.begin(), message.end()),
3166 "Error=" << CKM::ErrorToString(temp));
3169 RUNNER_TEST(T1810_verify_get_certificate_chain)
3171 // this certificate has been signed using PKCS chain
3173 "-----BEGIN CERTIFICATE-----\n"
3174 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3175 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
3176 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
3177 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
3178 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
3179 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
3180 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
3181 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
3182 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
3183 "-----END CERTIFICATE-----\n";
3185 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3186 CKM::CertificateShPtrVector certChain;
3187 CKM::AliasVector aliasVector;
3190 auto manager = CKM::Manager::create();
3192 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3194 tmp = manager->getCertificateChain(cert,
3199 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3200 "Error=" << CKM::ErrorToString(tmp));
3203 0 == certChain.size(),
3204 "Wrong size of certificate chain.");
3206 aliasVector.push_back(alias_PKCS_exportable);
3208 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3209 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3211 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3213 4 == certChain.size(),
3214 "Wrong size of certificate chain: " << certChain.size());
3217 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3219 auto manager = CKM::Manager::create();
3223 // remove the whole PKCS12 bundles
3225 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3226 "Error=" << CKM::ErrorToString(tmp));
3228 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3229 "Error=" << CKM::ErrorToString(tmp));
3231 // expect lookup fails due to unknown alias
3232 // try to lookup key
3233 CKM::KeyShPtr key_lookup;
3235 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3236 "Error=" << CKM::ErrorToString(tmp));
3238 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3239 "Error=" << CKM::ErrorToString(tmp));
3241 // try to lookup certificate
3242 CKM::CertificateShPtr cert_lookup;
3244 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3245 "Error=" << CKM::ErrorToString(tmp));
3247 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3248 "Error=" << CKM::ErrorToString(tmp));
3251 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3253 CKM::Alias alias = sharedDatabase("t1812alias1");
3255 auto manager = CKM::Manager::create();
3256 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3257 std::istreambuf_iterator<char> begin(is), end;
3258 std::vector<char> buff(begin, end);
3260 CKM::PKCS12ShPtr pkcs12;
3261 CKM::Password pass1 = "easypass1";
3262 CKM::Password pass2 = "easypass2";
3264 CKM::RawBuffer buffer(buff.size());
3265 memcpy(buffer.data(), buff.data(), buff.size());
3267 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3270 "Error in PKCS12::create()");
3274 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3275 "Error=" << CKM::ErrorToString(temp));
3278 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3279 "Error=" << CKM::ErrorToString(temp));
3282 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3283 "Error=" << CKM::ErrorToString(temp));
3286 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3287 "Error=" << CKM::ErrorToString(temp));
3290 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3291 "Error=" << CKM::ErrorToString(temp));
3294 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3295 "Error=" << CKM::ErrorToString(temp));
3297 CKM::CertificateShPtr cert;
3299 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3300 "Error=" << CKM::ErrorToString(temp));
3302 CKM::CertificateShPtrVector certChain;
3303 CKM::AliasVector certVect;
3304 certVect.push_back(alias);
3307 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3308 "Error=" << CKM::ErrorToString(temp));
3311 RUNNER_TEST(T1813_deinit)
3314 auto control = CKM::Control::create();
3317 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3318 "Error=" << CKM::ErrorToString(temp));
3321 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3323 const char * const T190_PASSWD = "t190-special-password";
3325 RUNNER_TEST(T1901_init_unlock_key)
3327 reset_user_data(USER_APP, T190_PASSWD);
3330 RUNNER_TEST(T1902_get_data)
3332 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
3333 ScopedAccessProvider ap(TEST_LABEL);
3334 ap.allowAPI("key-manager::api-storage", "rw");
3335 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3337 auto manager = CKM::Manager::create();
3340 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3343 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3344 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3347 RUNNER_TEST(T1903_lock_database)
3350 auto control = CKM::Control::create();
3352 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
3353 "Error=" << CKM::ErrorToString(tmp));
3356 RUNNER_TEST(T1904_get_data_from_locked_database)
3358 ScopedAccessProvider ap(TEST_LABEL);
3359 ap.allowAPI("key-manager::api-storage", "rw");
3360 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3362 auto manager = CKM::Manager::create();
3365 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3368 CKM_API_ERROR_DB_LOCKED == status1,
3369 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3372 RUNNER_TEST(T1905_deinit)
3374 remove_user_data(USER_APP);
3377 int main(int argc, char *argv[])
3379 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob