3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
22 #include <dpl/log/log.h>
25 const int USER_APP = 5000;
26 const int GROUP_APP = 5000;
27 const int USER_TEST = 5001;
29 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
30 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
31 } // namespace anonymous
34 * How to numerate tests:
36 * T - test case (always T)
37 * AB - number of test group (always two digits)
38 * C - test number in group (all tests with same TABC must be run in the same time).
42 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
43 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
44 stop_service(MANAGER);
45 start_service(MANAGER);
47 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
48 std::istreambuf_iterator<char> begin(is), end;
49 std::vector<char> buff(begin, end);
51 CKM::RawBuffer buffer(buff.size());
52 memcpy(buffer.data(), buff.data(), buff.size());
54 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
57 "Error in PKCS12::create()");
59 // all further tests will start with newly started service,
60 // OpenSSL on the service side will have to be properly initialized too
61 stop_service(MANAGER);
62 start_service(MANAGER);
65 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
67 RUNNER_TEST(T0011_Control)
70 auto control = CKM::Control::create();
72 control->removeUserData(0);
73 control->removeUserData(20);
74 control->removeUserData(USER_APP);
77 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
78 "Error=" << CKM::ErrorToString(temp));
81 RUNNER_TEST(T0012_Control)
84 auto control = CKM::Control::create();
86 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
87 "Error=" << CKM::ErrorToString(temp));
89 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
90 "Error=" << CKM::ErrorToString(temp));
93 RUNNER_TEST(T0013_Control)
96 auto control = CKM::Control::create();
98 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
99 "Error=" << CKM::ErrorToString(temp));
102 RUNNER_TEST(T0014_Control)
105 auto control = CKM::Control::create();
107 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
108 "Error=" << CKM::ErrorToString(temp));
111 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
112 "Error=" << CKM::ErrorToString(temp));
115 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
116 "Error=" << CKM::ErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
120 "Error=" << CKM::ErrorToString(temp));
123 CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
124 "Error=" << CKM::ErrorToString(temp));
127 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
128 "Error=" << CKM::ErrorToString(temp));
131 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
132 "Error=" << CKM::ErrorToString(temp));
135 RUNNER_TEST(T0015_Control)
138 auto control = CKM::Control::create();
140 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
141 "Error=" << CKM::ErrorToString(temp));
143 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
144 "Error=" << CKM::ErrorToString(temp));
146 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
147 "Error=" << CKM::ErrorToString(temp));
149 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
150 "Error=" << CKM::ErrorToString(temp));
153 RUNNER_TEST(T0016_Control_negative_wrong_password)
156 auto control = CKM::Control::create();
158 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
159 "Error=" << CKM::ErrorToString(temp));
161 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
162 "Error=" << CKM::ErrorToString(temp));
164 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
165 "Error=" << CKM::ErrorToString(temp));
167 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
168 "Error=" << CKM::ErrorToString(temp));
170 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
171 "Error=" << CKM::ErrorToString(temp));
174 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
176 RUNNER_TEST(T1010_init)
179 auto control = CKM::Control::create();
181 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
182 "Error=" << CKM::ErrorToString(temp));
184 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
185 "Error=" << CKM::ErrorToString(temp));
188 RUNNER_TEST(T1011_key)
191 auto manager = CKM::Manager::create();
193 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
194 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
195 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
196 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
197 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
198 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
199 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
201 "-----END PUBLIC KEY-----";
203 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
204 auto key = CKM::Key::create(buffer, CKM::Password());
206 CKM::Alias alias = "mykey";
209 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
210 "Error=" << CKM::ErrorToString(temp));
212 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
213 "Error=" << CKM::ErrorToString(temp));
215 key->getDER() == key2->getDER(),
216 "Key value has been changed by service");
219 RUNNER_TEST(T1012_certificate)
222 auto manager = CKM::Manager::create();
224 auto cert = TestData::getTestCertificate(TestData::GIAG2);
225 CKM::CertificateShPtr cert2;
226 CKM::Alias alias = "myCert";
229 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
230 "Error=" << CKM::ErrorToString(temp));
232 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
233 "Error=" << CKM::ErrorToString(temp));
235 cert->getDER() == cert2->getDER(),
236 "Data has been modified in key manager");
239 RUNNER_CHILD_TEST(T1013_user_app_save_key)
241 AccessProvider ap("mylabel");
242 ap.allowAPI("key-manager::api-storage", "rw");
243 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
256 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
257 auto key = CKM::Key::create(buffer, CKM::Password());
259 CKM::Alias alias = "mykey";
260 auto manager = CKM::Manager::create();
263 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
264 "Error=" << CKM::ErrorToString(temp));
266 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
267 "Error=" << CKM::ErrorToString(temp));
269 key->getDER() == key2->getDER(), "Key value has been changed by service");
272 RUNNER_TEST(T1014_save_with_label)
275 auto manager = CKM::Manager::create();
277 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
278 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
279 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
280 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
281 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
282 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
283 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
285 "-----END PUBLIC KEY-----";
287 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
288 auto key = CKM::Key::create(buffer, CKM::Password());
289 CKM::KeyShPtr key_name, key_full_addr;
290 CKM::Alias alias = "mykey-2";
291 CharPtr top_label = get_label();
292 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
295 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
296 "Error=" << CKM::ErrorToString(temp));
300 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
301 "Error=" << CKM::ErrorToString(temp));
303 key->getDER() == key_name->getDER(),
304 "Key value has been changed by service");
306 // lookup by full address
308 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
309 "Error=" << CKM::ErrorToString(temp));
311 key->getDER() == key_full_addr->getDER(),
312 "Key value has been changed by service");
315 RUNNER_TEST(T1015_deinit)
318 auto control = CKM::Control::create();
321 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
322 "Error=" << CKM::ErrorToString(temp));
324 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
325 "Error=" << CKM::ErrorToString(temp));
327 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
328 "Error=" << CKM::ErrorToString(temp));
330 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
331 "Error=" << CKM::ErrorToString(temp));
334 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
336 RUNNER_TEST(T1020_init)
339 auto control = CKM::Control::create();
341 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
342 "Error=" << CKM::ErrorToString(temp));
344 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
345 "Error=" << CKM::ErrorToString(temp));
348 RUNNER_TEST(T1021_save_keys_get_alias)
351 auto manager = CKM::Manager::create();
353 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
354 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
355 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
356 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
357 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
358 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
359 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
361 "-----END PUBLIC KEY-----";
363 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
364 auto key = CKM::Key::create(buffer, CKM::Password());
365 CKM::AliasVector labelAliasVector;
368 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
369 "Error=" << CKM::ErrorToString(temp));
371 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
372 "Error=" << CKM::ErrorToString(temp));
374 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
375 "Error=" << CKM::ErrorToString(temp));
377 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
378 "Error=" << CKM::ErrorToString(temp));
380 labelAliasVector.size() == 3,
381 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
384 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
386 AccessProvider ap("mylabel");
387 ap.allowAPI("key-manager::api-storage", "rw");
388 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
391 auto manager = CKM::Manager::create();
393 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
394 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
395 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
396 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
397 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
398 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
399 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
401 "-----END PUBLIC KEY-----";
403 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
404 auto key = CKM::Key::create(buffer, CKM::Password());
405 CKM::AliasVector labelAliasVector;
408 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
409 "Error=" << CKM::ErrorToString(temp));
411 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
412 "Error=" << CKM::ErrorToString(temp));
414 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
415 "Error=" << CKM::ErrorToString(temp));
417 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
418 "Error=" << CKM::ErrorToString(temp));
420 labelAliasVector.size() == 3,
421 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
424 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
426 AccessProvider ap("mylabel");
427 ap.allowAPI("key-manager::api-storage", "rw");
428 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
431 auto manager = CKM::Manager::create();
433 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
434 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
435 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
436 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
437 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
438 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
439 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
441 "-----END PUBLIC KEY-----";
443 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
444 auto key = CKM::Key::create(buffer, CKM::Password());
445 CKM::AliasVector aliasVector;
446 CKM::Policy notExportable(CKM::Password(), false);
449 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
450 "Error=" << CKM::ErrorToString(temp));
452 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
453 "Error=" << CKM::ErrorToString(temp));
455 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
456 "Error=" << CKM::ErrorToString(temp));
459 RUNNER_TEST(T1029_deinit)
462 auto control = CKM::Control::create();
465 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
466 "Error=" << CKM::ErrorToString(temp));
468 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
469 "Error=" << CKM::ErrorToString(temp));
471 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
472 "Error=" << CKM::ErrorToString(temp));
474 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
475 "Error=" << CKM::ErrorToString(temp));
478 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
480 RUNNER_TEST(T1030_init)
483 auto control = CKM::Control::create();
485 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
486 "Error=" << CKM::ErrorToString(temp));
488 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
489 "Error=" << CKM::ErrorToString(temp));
492 RUNNER_TEST(T1031_save_get_bin_data)
495 auto manager = CKM::Manager::create();
497 std::string binData1 = "My bin data1";
498 std::string binData2 = "My bin data2";
499 std::string binData3 = "My bin data3";
501 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
502 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
503 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
505 CKM::AliasVector labelAliasVector;
508 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
509 "Error=" << CKM::ErrorToString(temp));
511 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
512 "Error=" << CKM::ErrorToString(temp));
514 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
515 "Error=" << CKM::ErrorToString(temp));
517 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
518 "Error=" << CKM::ErrorToString(temp));
520 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
521 "Error=" << CKM::ErrorToString(temp));
523 labelAliasVector.size() == 3,
524 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
526 CKM::RawBuffer buffer;
528 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
529 "Error=" << CKM::ErrorToString(temp));
535 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
536 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
539 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
541 AccessProvider ap("mylabel");
542 ap.allowAPI("key-manager::api-storage", "rw");
543 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
546 auto manager = CKM::Manager::create();
548 std::string binData = "My bin data";
550 CKM::RawBuffer buffer(binData.begin(), binData.end());
552 CKM::AliasVector labelAliasVector;
555 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
556 "Error=" << CKM::ErrorToString(temp));
558 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
559 "Error=" << CKM::ErrorToString(temp));
561 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
562 "Error=" << CKM::ErrorToString(temp));
564 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
565 "Error=" << CKM::ErrorToString(temp));
567 labelAliasVector.size() == 3,
568 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
571 RUNNER_TEST(T1033_remove_bin_data)
574 auto manager = CKM::Manager::create();
576 std::string binData2 = "My bin data2";
577 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
579 CKM::AliasVector labelAliasVector;
581 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
583 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
584 "Error=" << CKM::ErrorToString(temp));
586 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
587 "Error=" << CKM::ErrorToString(temp));
589 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
590 "Error=" << CKM::ErrorToString(temp));
592 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
593 "Error=" << CKM::ErrorToString(temp));
595 labelAliasVector.size() == 1,
596 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
598 CKM::RawBuffer buffer;
600 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
601 "Error=" << CKM::ErrorToString(temp));
606 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
607 "Error=" << CKM::ErrorToString(temp));
610 RUNNER_TEST(T1034_getData_wrong_password)
613 auto manager = CKM::Manager::create();
615 std::string binData1 = "My bin data4";
617 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
620 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
621 "Error=" << CKM::ErrorToString(temp));
623 CKM::RawBuffer buffer;
625 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
626 "Error=" << CKM::ErrorToString(temp));
632 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
633 "Error=" << CKM::ErrorToString(temp));
636 RUNNER_TEST(T1035_deinit)
639 auto control = CKM::Control::create();
642 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
643 "Error=" << CKM::ErrorToString(temp));
645 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
646 "Error=" << CKM::ErrorToString(temp));
648 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
649 "Error=" << CKM::ErrorToString(temp));
651 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
652 "Error=" << CKM::ErrorToString(temp));
655 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
657 RUNNER_TEST(T1040_init)
660 auto control = CKM::Control::create();
663 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
664 "Error=" << CKM::ErrorToString(temp));
667 RUNNER_CHILD_TEST(T1041_create_rsa_key)
670 auto manager = CKM::Manager::create();
673 AccessProvider ap("mylabel-rsa");
674 ap.allowAPI("key-manager::api-storage", "rw");
675 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
678 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
679 "Error=" << CKM::ErrorToString(temp));
681 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
682 "Error=" << CKM::ErrorToString(temp));
684 2 == (temp = av.size()),
685 "Vector size: " << temp << ". Expected: 2");
688 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
691 auto manager = CKM::Manager::create();
694 AccessProvider ap("mylabel-rsa");
695 ap.allowAPI("key-manager::api-storage", "rw");
696 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
699 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
700 "Error=" << CKM::ErrorToString(temp));
702 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
703 "Error=" << CKM::ErrorToString(temp));
706 RUNNER_CHILD_TEST(T1043_create_dsa_key)
709 auto manager = CKM::Manager::create();
712 AccessProvider ap("mylabel-dsa");
713 ap.allowAPI("key-manager::api-storage", "rw");
714 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
717 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
718 "Error=" << CKM::ErrorToString(temp));
720 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
721 "Error=" << CKM::ErrorToString(temp));
723 2 == (temp = av.size()),
724 "Vector size: " << temp << ". Expected: 2");
727 RUNNER_TEST(T1049_deinit)
730 auto control = CKM::Control::create();
733 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
734 "Error=" << CKM::ErrorToString(temp));
736 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
737 "Error=" << CKM::ErrorToString(temp));
741 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
743 RUNNER_TEST(T1110_init)
746 auto control = CKM::Control::create();
748 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
749 "Error=" << CKM::ErrorToString(temp));
751 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
752 "Error=" << CKM::ErrorToString(temp));
755 RUNNER_TEST(T1111_CreateKeyPairRSA)
758 auto manager = CKM::Manager::create();
759 CKM::Alias a1("rsa-test-1");
760 CKM::Alias a2("rsa-test-2");
764 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
765 "Error=" << CKM::ErrorToString(temp));
767 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
768 "Error=" << CKM::ErrorToString(temp));
771 RUNNER_TEST(T1112_CreateKeyPairDSA)
774 auto manager = CKM::Manager::create();
775 CKM::Alias a1("dsa-test-1");
776 CKM::Alias a2("dsa-test-2");
780 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
781 "Error=" << CKM::ErrorToString(temp));
783 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
784 "Error=" << CKM::ErrorToString(temp));
787 RUNNER_TEST(T1113_CreateKeyPairECDSA)
790 auto manager = CKM::Manager::create();
791 CKM::Alias a1("ecdsa-test-1");
792 CKM::Alias a2("ecdsa-test-2");
796 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
797 "Error=" << CKM::ErrorToString(temp));
800 RUNNER_TEST(T1114_deinit)
803 auto control = CKM::Control::create();
806 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
807 "Error=" << CKM::ErrorToString(temp));
809 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
810 "Error=" << CKM::ErrorToString(temp));
813 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
815 RUNNER_TEST(T12100_init)
818 auto control = CKM::Control::create();
820 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
821 "Error=" << CKM::ErrorToString(temp));
823 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
824 "Error=" << CKM::ErrorToString(temp));
827 RUNNER_TEST(T12101_key_exist)
830 auto manager = CKM::Manager::create();
832 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
833 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
834 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
835 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
836 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
837 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
838 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
840 "-----END PUBLIC KEY-----";
842 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
843 auto key = CKM::Key::create(buffer);
844 CKM::Alias alias = "rsa-alias-duplication";
847 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
848 "Error=" << CKM::ErrorToString(ret));
850 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
851 "Error=" << CKM::ErrorToString(ret));
855 * These test cases tests API when empty parameters are passed to functions
858 RUNNER_TEST(T12102_saveKey_empty_alias)
860 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
861 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
862 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
863 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
864 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
865 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
866 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
867 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
869 "-----END PUBLIC KEY-----";
871 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
872 auto key = CKM::Key::create(buffer);
873 CKM::Alias alias; //alias is not initialized
876 auto manager = CKM::Manager::create();
878 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
879 "Error=" << CKM::ErrorToString(ret));
882 RUNNER_TEST(T12103_saveKey_foreign_label)
884 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
885 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
886 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
887 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
888 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
889 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
890 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
892 "-----END PUBLIC KEY-----";
894 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
895 auto key = CKM::Key::create(buffer);
896 CKM::Alias alias = "iamsomebodyelse alias";
899 auto manager = CKM::Manager::create();
901 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
902 "Error=" << CKM::ErrorToString(ret));
905 RUNNER_TEST(T12104_saveKey_empty_key)
907 CKM::KeyShPtr key; //key is not initialized
908 CKM::Alias alias = "empty-key";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::ErrorToString(ret));
917 RUNNER_TEST(T12105_saveCertificate_empty_alias)
919 auto cert = TestData::getTestCertificate(TestData::GIAG2);
920 CKM::Alias alias; //alias is not initialized
923 auto manager = CKM::Manager::create();
925 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
926 "Error=" << CKM::ErrorToString(temp));
929 RUNNER_TEST(T12106_saveCertificate_foreign_label)
931 auto cert = TestData::getTestCertificate(TestData::GIAG2);
932 CKM::Alias alias = "iamsomebodyelse alias";
935 auto manager = CKM::Manager::create();
937 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
938 "Error=" << CKM::ErrorToString(temp));
941 RUNNER_TEST(T12107_saveCertificate_empty_cert)
943 CKM::CertificateShPtr cert; //cert is not initialized
944 CKM::Alias alias = "empty-cert";
947 auto manager = CKM::Manager::create();
949 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
950 "Error=" << CKM::ErrorToString(temp));
953 RUNNER_TEST(T12108_saveData_empty_alias)
955 std::string testData = "test data test data test data";
956 CKM::RawBuffer buffer(testData.begin(), testData.end());
960 auto manager = CKM::Manager::create();
962 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
963 "Error=" << CKM::ErrorToString(temp));
966 RUNNER_TEST(T12109_saveData_foreign_label)
968 std::string testData = "test data test data test data";
969 CKM::RawBuffer buffer(testData.begin(), testData.end());
970 CKM::Alias alias = "iamsomebodyelse alias";
973 auto manager = CKM::Manager::create();
975 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
976 "Error=" << CKM::ErrorToString(temp));
979 RUNNER_TEST(T12110_saveData_empty_data)
981 CKM::RawBuffer buffer;
982 CKM::Alias alias = "empty-data";
985 auto manager = CKM::Manager::create();
987 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
988 "Error=" << CKM::ErrorToString(temp));
992 * These test cases tests API when trying to get data from not existing alias
995 RUNNER_TEST(T12111_getKey_alias_not_exist)
998 CKM::Alias alias = "this-alias-not-exist";
1001 auto manager = CKM::Manager::create();
1003 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1004 "Error=" << CKM::ErrorToString(temp));
1007 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1009 CKM::CertificateShPtr certificate;
1010 CKM::Alias alias = "this-alias-not-exist";
1013 auto manager = CKM::Manager::create();
1015 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1016 "Error=" << CKM::ErrorToString(temp));
1019 RUNNER_TEST(T12113_getData_alias_not_exist)
1022 auto manager = CKM::Manager::create();
1023 CKM::RawBuffer buffer;
1024 CKM::Alias alias("some alias");
1026 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1027 "Error=" << CKM::ErrorToString(temp));
1031 * These test cases tests API when damaged keys are used
1033 RUNNER_TEST(T12114_rsa_key_damaged)
1036 auto manager = CKM::Manager::create();
1038 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1039 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1040 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1041 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1042 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1043 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1044 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1046 "-----END PUBLIC KEY-----";
1048 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1049 auto key = CKM::Key::create(buffer);
1050 CKM::Alias alias = "damaged-rsa";
1053 NULL == key.get(), "Key is broken. It should be empty");
1056 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1057 "Error=" << CKM::ErrorToString(ret));
1060 RUNNER_TEST(T12115_rsa_key_too_short)
1063 auto manager = CKM::Manager::create();
1065 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1066 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1067 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1068 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1069 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1070 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1071 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1073 "-----END PUBLIC KEY-----";
1075 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1076 auto key = CKM::Key::create(buffer);
1077 CKM::Alias alias = "short-rsa";
1080 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1081 "Error=" << CKM::ErrorToString(ret));
1084 RUNNER_TEST(T12116_dsa_key_too_short)
1087 auto manager = CKM::Manager::create();
1089 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1090 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1091 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1092 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1093 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1094 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1095 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1096 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1097 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1098 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1099 "YMYCBhubtrVaLmc=\n"
1100 "-----END PUBLIC KEY-----";
1102 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1103 auto key = CKM::Key::create(buffer);
1104 CKM::Alias alias = "short-dsa";
1107 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1108 "Error=" << CKM::ErrorToString(ret));
1113 * These test cases tests CKM service if malicious data is provided over the socket.
1116 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1119 auto manager = CKM::Manager::create();
1121 // fake the client - let the service detect the problem
1122 class WrongKeyImpl : public CKM::Key
1125 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1128 virtual bool empty() const {
1132 virtual CKM::KeyType getType() const {
1133 return CKM::KeyType::KEY_RSA_PUBLIC;
1135 virtual int getSize() const {
1138 virtual CKM::ElipticCurve getCurve() const {
1139 return CKM::ElipticCurve::prime192v1;
1141 virtual CKM::RawBuffer getDER() const {
1144 virtual ~WrongKeyImpl() {}
1146 CKM::RawBuffer & m_dummy;
1148 std::string dummyData = "my_cat_Berta\n";
1149 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1150 auto key = std::make_shared<WrongKeyImpl>(buffer);
1151 CKM::Alias alias = "damaged-rsa";
1154 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1155 "Error=" << CKM::ErrorToString(ret));
1158 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1160 // fake the client - let the service detect the problem
1161 class WrongCertImpl : public CKM::Certificate
1164 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1165 m_x509 = X509_new();
1168 bool empty() const {
1172 virtual X509 *getX509() const {
1176 virtual CKM::RawBuffer getDER() const {
1180 virtual ~WrongCertImpl() {
1185 CKM::RawBuffer & m_dummy;
1187 std::string dummyData = "my_cat_Stefan\n";
1188 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1189 auto cert = std::make_shared<WrongCertImpl>(buffer);
1190 CKM::Alias alias = "damaged-cert";
1193 auto manager = CKM::Manager::create();
1195 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1196 "Error=" << CKM::ErrorToString(temp));
1199 RUNNER_TEST(T12119_deinit)
1202 auto control = CKM::Control::create();
1205 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1206 "Error=" << CKM::ErrorToString(temp));
1208 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1209 "Error=" << CKM::ErrorToString(temp));
1212 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1214 RUNNER_TEST(T1311_init)
1217 auto control = CKM::Control::create();
1219 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1220 "Error=" << CKM::ErrorToString(temp));
1221 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1222 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1224 struct hostent* he = gethostbyname("google.com");
1226 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1227 "is not woking on the device. OCSP tests requires network access!");
1230 RUNNER_TEST(T1312_get_chain)
1232 auto cert = TestData::getTestCertificate(TestData::MBANK);
1233 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1235 CKM::CertificateShPtrVector certVector = {cert1};
1236 CKM::CertificateShPtrVector certChain;
1239 auto manager = CKM::Manager::create();
1241 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1242 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1244 tmp = manager->getCertificateChain(cert,
1249 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1250 "Error=" << CKM::ErrorToString(tmp));
1253 0 == certChain.size(),
1254 "Wrong size of certificate chain.");
1256 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1257 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1260 3 == certChain.size(),
1261 "Wrong size of certificate chain.");
1264 RUNNER_TEST(T1313_get_chain_with_alias)
1266 auto cert = TestData::getTestCertificate(TestData::MBANK);
1267 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1269 CKM::CertificateShPtrVector certChain;
1270 CKM::AliasVector aliasVector;
1271 CKM::Alias alias("imcert");
1272 CharPtr top_label = get_label();
1273 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1276 auto manager = CKM::Manager::create();
1278 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1279 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1281 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1282 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1283 "Error=" << CKM::ErrorToString(tmp));
1286 0 == certChain.size(),
1287 "Wrong size of certificate chain.");
1290 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1291 "Error=" << CKM::ErrorToString(tmp));
1293 aliasVector.push_back(full_address);
1295 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1296 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1299 3 == certChain.size(),
1300 "Wrong size of certificate chain.");
1303 RUNNER_TEST(T1314_ocsp_check)
1305 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1307 auto cert = TestData::getTestCertificate(TestData::MBANK);
1308 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1309 CKM::CertificateShPtrVector certVector = {cert1};
1310 CKM::CertificateShPtrVector certChain;
1313 auto manager = CKM::Manager::create();
1315 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1316 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1318 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1319 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1320 "Error=" << CKM::ErrorToString(tmp));
1323 0 == certChain.size(),
1324 "Wrong size of certificate chain.");
1326 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1327 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1330 3 == certChain.size(),
1331 "Wrong size of certificate chain.");
1335 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1336 "Error=" << CKM::ErrorToString(tmp));
1338 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1341 RUNNER_TEST(T1315_deinit)
1344 auto control = CKM::Control::create();
1347 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1348 "Error=" << CKM::ErrorToString(temp));
1350 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1351 "Error=" << CKM::ErrorToString(temp));
1354 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1356 RUNNER_TEST(T1411_init)
1359 auto control = CKM::Control::create();
1361 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1362 "Error=" << CKM::ErrorToString(temp));
1365 RUNNER_TEST(T1412_rsa_key_create_verify)
1368 auto manager = CKM::Manager::create();
1370 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1371 "Proc-Type: 4,ENCRYPTED\n"
1372 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1374 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1375 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1376 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1377 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1378 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1379 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1380 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1381 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1382 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1383 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1384 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1385 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1386 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1387 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1388 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1389 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1390 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1391 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1392 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1393 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1394 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1395 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1396 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1397 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1398 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1399 "-----END RSA PRIVATE KEY-----\n";
1401 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1402 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1403 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1404 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1405 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1406 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1407 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1409 "-----END PUBLIC KEY-----\n";
1411 std::string message = "message test";
1413 CKM::Alias aliasPub = "pub1";
1414 CKM::Alias aliasPrv = "prv1";
1415 CKM::Password password = "1234";
1416 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1417 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1418 CKM::RawBuffer signature;
1420 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1421 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1423 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1424 "Key is empty. Failed to import public key.");
1425 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1426 "Key is empty. Failed to import private key.");
1429 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1430 "Error=" << CKM::ErrorToString(temp));
1432 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1433 "Error=" << CKM::ErrorToString(temp));
1436 CKM_API_SUCCESS == (temp = manager->createSignature(
1439 CKM::RawBuffer(message.begin(), message.end()),
1443 "Error=" << CKM::ErrorToString(temp));
1446 CKM_API_SUCCESS == (temp = manager->verifySignature(
1449 CKM::RawBuffer(message.begin(), message.end()),
1453 "Error=" << CKM::ErrorToString(temp));
1456 RUNNER_TEST(T1413_dsa_key_create_verify)
1459 auto manager = CKM::Manager::create();
1461 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1462 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1463 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1464 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1465 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1466 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1467 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1468 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1469 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1470 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1471 "u1roOuaPY+Hl19BlTE2qdw==\n"
1472 "-----END DSA PRIVATE KEY-----";
1474 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1475 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1476 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1477 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1478 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1479 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1480 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1481 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1482 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1483 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1484 "YMYCBhubtrVaLmc=\n"
1485 "-----END PUBLIC KEY-----";
1487 std::string message = "message test";
1489 CKM::Alias aliasPub = "pub2";
1490 CKM::Alias aliasPrv = "prv2";
1491 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1492 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1493 CKM::RawBuffer signature;
1495 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1496 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1498 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1499 "Key is empty. Failed to import public key.");
1500 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1501 "Key is empty. Failed to import private key.");
1504 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1505 "Error=" << CKM::ErrorToString(temp));
1507 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1508 "Error=" << CKM::ErrorToString(temp));
1511 CKM_API_SUCCESS == (temp = manager->createSignature(
1514 CKM::RawBuffer(message.begin(), message.end()),
1518 "Error=" << CKM::ErrorToString(temp));
1521 CKM_API_SUCCESS == (temp = manager->verifySignature(
1524 CKM::RawBuffer(message.begin(), message.end()),
1528 "Error=" << CKM::ErrorToString(temp));
1532 RUNNER_TEST(T1414_ec_key_create_verify)
1535 auto manager = CKM::Manager::create();
1537 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1538 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1539 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1540 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1541 "-----END EC PRIVATE KEY-----\n";
1543 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1544 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1545 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1546 "-----END PUBLIC KEY-----\n";
1548 std::string message = "message test";
1550 CKM::Alias aliasPub = "ecpub2";
1551 CKM::Alias aliasPrv = "ecprv2";
1552 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1553 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1554 CKM::RawBuffer signature;
1556 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1557 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1559 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1560 "Key is empty. Failed to import public key.");
1561 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1562 "Key is empty. Failed to import private key.");
1565 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1566 "Error=" << CKM::ErrorToString(temp));
1568 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1569 "Error=" << CKM::ErrorToString(temp));
1572 CKM_API_SUCCESS == (temp = manager->createSignature(
1575 CKM::RawBuffer(message.begin(), message.end()),
1579 "Error=" << CKM::ErrorToString(temp));
1582 CKM_API_SUCCESS == (temp = manager->verifySignature(
1585 CKM::RawBuffer(message.begin(), message.end()),
1589 "Error=" << CKM::ErrorToString(temp));
1591 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1593 memcpy((void*)signature.data(), "BROKEN", 6);
1596 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1599 CKM::RawBuffer(message.begin(), message.end()),
1603 "Error=" << CKM::ErrorToString(temp));
1606 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1609 auto manager = CKM::Manager::create();
1610 std::string message = "message asdfaslkdfjlksadjf test";
1612 CKM::Alias aliasPub = "pub1";
1613 CKM::Alias aliasPrv = "prv1";
1615 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1616 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1617 CKM::RawBuffer signature;
1620 CKM_API_SUCCESS == (temp = manager->createSignature(
1623 CKM::RawBuffer(message.begin(), message.end()),
1627 "Error=" << CKM::ErrorToString(temp));
1630 CKM_API_SUCCESS == (temp = manager->verifySignature(
1633 CKM::RawBuffer(message.begin(), message.end()),
1637 "Error=" << CKM::ErrorToString(temp));
1639 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1640 memcpy((void*)signature.data(), "BROKEN", 6);
1643 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1646 CKM::RawBuffer(message.begin(), message.end()),
1650 "Error=" << CKM::ErrorToString(temp));
1653 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1656 auto manager = CKM::Manager::create();
1657 std::string message = "message asdfaslkdfjlksadjf test";
1659 CKM::Alias aliasPub = "pub2";
1660 CKM::Alias aliasPrv = "prv2";
1662 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1663 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1664 CKM::RawBuffer signature;
1667 CKM_API_SUCCESS == (temp = manager->createSignature(
1670 CKM::RawBuffer(message.begin(), message.end()),
1674 "Error=" << CKM::ErrorToString(temp));
1677 CKM_API_SUCCESS == (temp = manager->verifySignature(
1680 CKM::RawBuffer(message.begin(), message.end()),
1684 "Error=" << CKM::ErrorToString(temp));
1686 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1687 memcpy((void*)signature.data(), "BROKEN", 6);
1690 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1693 CKM::RawBuffer(message.begin(), message.end()),
1697 "Error=" << CKM::ErrorToString(temp));
1700 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1703 auto manager = CKM::Manager::create();
1706 "-----BEGIN RSA PRIVATE KEY-----\n"
1707 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1708 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1709 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1710 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1711 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1712 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1713 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1714 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1715 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1716 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1717 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1718 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1719 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1720 "-----END RSA PRIVATE KEY-----\n";
1723 "-----BEGIN CERTIFICATE-----\n"
1724 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1725 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1726 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1727 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1728 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1729 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1730 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1731 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1732 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1733 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1734 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1735 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1736 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1737 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1738 "-----END CERTIFICATE-----\n";
1740 std::string message = "message test";
1742 CKM::Alias aliasPub = "pub1-cert";
1743 CKM::Alias aliasPrv = "prv1-cert";
1744 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1745 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1746 CKM::RawBuffer signature;
1748 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1749 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1751 RUNNER_ASSERT_MSG(NULL != cert.get(),
1752 "Key is empty. Failed to import public key.");
1753 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1754 "Key is empty. Failed to import private key.");
1757 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1758 "Error=" << CKM::ErrorToString(temp));
1760 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1761 "Error=" << CKM::ErrorToString(temp));
1764 CKM_API_SUCCESS == (temp = manager->createSignature(
1767 CKM::RawBuffer(message.begin(), message.end()),
1771 "Error=" << CKM::ErrorToString(temp));
1774 CKM_API_SUCCESS == (temp = manager->verifySignature(
1777 CKM::RawBuffer(message.begin(), message.end()),
1781 "Error=" << CKM::ErrorToString(temp));
1783 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1785 memcpy((void*)signature.data(), "BROKEN", 6);
1788 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1791 CKM::RawBuffer(message.begin(), message.end()),
1795 "Error=" << CKM::ErrorToString(temp));
1798 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
1801 auto manager = CKM::Manager::create();
1803 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1804 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1805 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1806 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1807 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1808 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1809 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1810 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1811 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1812 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1813 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1814 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1815 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1816 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1817 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1818 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1819 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1820 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1821 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1822 "-----END CERTIFICATE-----\n";
1824 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1825 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1826 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1827 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1828 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1829 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1830 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1831 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1832 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1833 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1834 "vonbjii3BYe4AIdkzOvp\n"
1835 "-----END DSA PRIVATE KEY-----\n";
1837 std::string message = "message test";
1839 CKM::Alias aliasPub = "pub2-cert";
1840 CKM::Alias aliasPrv = "prv2-cert";
1841 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1842 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1843 CKM::RawBuffer signature;
1845 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1846 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1848 RUNNER_ASSERT_MSG(NULL != cert.get(),
1849 "Key is empty. Failed to import public key.");
1850 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1851 "Key is empty. Failed to import private key.");
1854 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1855 "Error=" << CKM::ErrorToString(temp));
1857 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1858 "Error=" << CKM::ErrorToString(temp));
1861 CKM_API_SUCCESS == (temp = manager->createSignature(
1864 CKM::RawBuffer(message.begin(), message.end()),
1868 "Error=" << CKM::ErrorToString(temp));
1871 CKM_API_SUCCESS == (temp = manager->verifySignature(
1874 CKM::RawBuffer(message.begin(), message.end()),
1878 "Error=" << CKM::ErrorToString(temp));
1880 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1882 memcpy((void*)signature.data(), "BROKEN", 6);
1885 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1888 CKM::RawBuffer(message.begin(), message.end()),
1892 "Error=" << CKM::ErrorToString(temp));
1895 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
1898 auto manager = CKM::Manager::create();
1901 "-----BEGIN EC PRIVATE KEY-----\n"
1902 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1903 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1904 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1905 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1906 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1907 "ELyhe7yPCAuOoLZlTLgf\n"
1908 "-----END EC PRIVATE KEY-----\n";
1911 "-----BEGIN CERTIFICATE-----\n"
1912 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1913 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1914 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1915 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1916 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1917 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1918 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1919 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1920 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1921 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1922 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1923 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1924 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1925 "Q1oBry6NEc+lLFmWMDesAA==\n"
1926 "-----END CERTIFICATE-----\n";
1928 std::string message = "message test";
1930 CKM::Alias aliasPub = "pub3";
1931 CKM::Alias aliasPrv = "prv3";
1932 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1933 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1934 CKM::RawBuffer signature;
1936 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1937 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1939 RUNNER_ASSERT_MSG(NULL != cert.get(),
1940 "Key is empty. Failed to import public key.");
1941 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1942 "Key is empty. Failed to import private key.");
1945 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1946 "Error=" << CKM::ErrorToString(temp));
1948 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1949 "Error=" << CKM::ErrorToString(temp));
1952 CKM_API_SUCCESS == (temp = manager->createSignature(
1955 CKM::RawBuffer(message.begin(), message.end()),
1959 "Error=" << CKM::ErrorToString(temp));
1962 CKM_API_SUCCESS == (temp = manager->verifySignature(
1965 CKM::RawBuffer(message.begin(), message.end()),
1969 "Error=" << CKM::ErrorToString(temp));
1971 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1973 memcpy((void*)signature.data(), "BROKEN", 6);
1976 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1979 CKM::RawBuffer(message.begin(), message.end()),
1983 "Error=" << CKM::ErrorToString(temp));
1986 RUNNER_TEST(T1420_deinit)
1989 auto control = CKM::Control::create();
1992 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1993 "Error=" << CKM::ErrorToString(temp));
1995 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1996 "Error=" << CKM::ErrorToString(temp));
1999 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2001 RUNNER_TEST(T14180_init)
2004 auto control = CKM::Control::create();
2006 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2007 "Error=" << CKM::ErrorToString(temp));
2009 auto manager = CKM::Manager::create();
2011 // Prepare RSA Key Pair
2012 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2013 "Proc-Type: 4,ENCRYPTED\n"
2014 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2016 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2017 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2018 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2019 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2020 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2021 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2022 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2023 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2024 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2025 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2026 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2027 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2028 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2029 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2030 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2031 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2032 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2033 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2034 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2035 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2036 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2037 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2038 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2039 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2040 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2041 "-----END RSA PRIVATE KEY-----\n";
2043 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2044 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2045 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2046 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2047 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2048 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2049 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2051 "-----END PUBLIC KEY-----\n";
2053 CKM::Alias aliasPub = "pub_nohash1";
2054 CKM::Alias aliasPrv = "prv_nohash1";
2055 CKM::Password password = "1234";
2057 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2058 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2060 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2061 "Key is empty. Failed to import public key.");
2062 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2063 "Key is empty. Failed to import private key.");
2066 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2067 "Error=" << CKM::ErrorToString(temp));
2069 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2070 "Error=" << CKM::ErrorToString(temp));
2072 // Prepare ECDSA Key Pair
2073 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2074 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2075 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2076 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2077 "-----END EC PRIVATE KEY-----\n";
2079 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2080 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2081 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2082 "-----END PUBLIC KEY-----\n";
2084 CKM::Alias aliasEcPub = "ecpub_nohash1";
2085 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2087 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2088 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2090 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2091 "Key is empty. Failed to import public key.");
2092 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2093 "Key is empty. Failed to import private key.");
2096 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2097 "Error=" << CKM::ErrorToString(temp));
2099 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2100 "Error=" << CKM::ErrorToString(temp));
2104 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2107 auto manager = CKM::Manager::create();
2108 std::string message = "message asdfaslkdfjlksadjf test";
2110 CKM::Alias aliasPub = "pub_nohash1";
2111 CKM::Alias aliasPrv = "prv_nohash1";
2113 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2114 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2115 CKM::RawBuffer signature;
2118 CKM_API_SUCCESS == (temp = manager->createSignature(
2121 CKM::RawBuffer(message.begin(), message.end()),
2125 "Error=" << CKM::ErrorToString(temp));
2128 CKM_API_SUCCESS == (temp = manager->verifySignature(
2131 CKM::RawBuffer(message.begin(), message.end()),
2135 "Error=" << CKM::ErrorToString(temp));
2137 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2138 memcpy((void*)signature.data(), "BROKEN", 6);
2141 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2144 CKM::RawBuffer(message.begin(), message.end()),
2148 "Error=" << CKM::ErrorToString(temp));
2151 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2154 auto manager = CKM::Manager::create();
2155 std::string message = "message asdfaslkdfjlksadjf test";
2157 CKM::Alias aliasPub = "pub_nohash1";
2158 CKM::Alias aliasPrv = "prv_nohash1";
2160 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2161 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2162 CKM::RawBuffer signature;
2165 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2168 CKM::RawBuffer(message.begin(), message.end()),
2172 "Error=" << CKM::ErrorToString(temp));
2175 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2178 auto manager = CKM::Manager::create();
2179 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2180 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2181 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2182 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2183 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2184 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2185 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2186 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2187 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2188 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2189 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2190 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2191 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2192 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2193 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2194 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2195 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2196 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2197 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2198 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2200 CKM::Alias aliasPub = "pub_nohash1";
2201 CKM::Alias aliasPrv = "prv_nohash1";
2203 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2204 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2205 CKM::RawBuffer signature;
2208 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2211 CKM::RawBuffer(message.begin(), message.end()),
2215 "Error=" << CKM::ErrorToString(temp));
2219 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2222 auto manager = CKM::Manager::create();
2224 std::string message = "message test";
2226 CKM::Alias aliasPub = "ecpub_nohash1";
2227 CKM::Alias aliasPrv = "ecprv_nohash1";
2228 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2229 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2230 CKM::RawBuffer signature;
2233 CKM_API_SUCCESS == (temp = manager->createSignature(
2236 CKM::RawBuffer(message.begin(), message.end()),
2240 "Error=" << CKM::ErrorToString(temp));
2243 CKM_API_SUCCESS == (temp = manager->verifySignature(
2246 CKM::RawBuffer(message.begin(), message.end()),
2250 "Error=" << CKM::ErrorToString(temp));
2252 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2254 memcpy((void*)signature.data(), "BROKEN", 6);
2257 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2260 CKM::RawBuffer(message.begin(), message.end()),
2264 "Error=" << CKM::ErrorToString(temp));
2267 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2270 auto manager = CKM::Manager::create();
2272 int msgSize = 1024*1024;
2273 char big_msg[msgSize];
2274 for(int i =0; i<msgSize-1; i++) {
2277 big_msg[msgSize-1]=0x00;
2278 std::string message(big_msg);
2280 CKM::Alias aliasPub = "ecpub_nohash1";
2281 CKM::Alias aliasPrv = "ecprv_nohash1";
2282 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2283 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2284 CKM::RawBuffer signature;
2287 CKM_API_SUCCESS == (temp = manager->createSignature(
2290 CKM::RawBuffer(message.begin(), message.end()),
2294 "Error=" << CKM::ErrorToString(temp));
2298 RUNNER_TEST(T14189_deinit)
2301 auto control = CKM::Control::create();
2304 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2305 "Error=" << CKM::ErrorToString(temp));
2307 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2308 "Error=" << CKM::ErrorToString(temp));
2312 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2314 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2317 AccessProvider ap("my-label");
2318 ap.allowAPI("key-manager::api-control", "rw");
2319 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2321 auto control = CKM::Control::create();
2323 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2324 "Error=" << CKM::ErrorToString(tmp));
2327 RUNNER_CHILD_TEST(T1511_insert_data)
2329 AccessProvider ap("my-label");
2330 ap.allowAPI("key-manager::api-storage", "rw");
2331 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2333 auto certee = TestData::getTestCertificate(TestData::MBANK);
2334 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2336 auto manager = CKM::Manager::create();
2337 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2338 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2341 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2342 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2345 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2346 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2349 RUNNER_CHILD_TEST(T1519_deinit)
2352 AccessProvider ap("my-label");
2353 ap.allowAPI("key-manager::api-control", "rw");
2354 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2356 auto control = CKM::Control::create();
2358 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2359 "Error=" << CKM::ErrorToString(tmp));
2363 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2365 RUNNER_TEST(T1701_init_unlock_key)
2368 auto control = CKM::Control::create();
2370 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2371 "Error=" << CKM::ErrorToString(tmp));
2374 RUNNER_CHILD_TEST(T1702_insert_data)
2377 AccessProvider ap("t170-special-label");
2378 ap.allowAPI("key-manager::api-storage", "rw");
2379 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2381 auto certee = TestData::getTestCertificate(TestData::MBANK);
2383 auto manager = CKM::Manager::create();
2384 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2387 CKM_API_SUCCESS == status1,
2388 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2390 CKM::AliasVector av;
2392 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2393 "Error=" << CKM::ErrorToString(temp));
2395 1 == (temp = av.size()),
2396 "Vector size: " << temp << ". Expected: 1");
2399 RUNNER_TEST(T1703_removeApplicationData)
2402 auto control = CKM::Control::create();
2404 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2405 "Error=" << CKM::ErrorToString(tmp));
2408 RUNNER_CHILD_TEST(T1704_data_test)
2411 AccessProvider ap("t170-special-label");
2412 ap.allowAPI("key-manager::api-storage", "rw");
2413 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2415 CKM::AliasVector av;
2416 auto manager = CKM::Manager::create();
2419 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2420 "Error=" << CKM::ErrorToString(temp));
2422 0 == (temp = av.size()),
2423 "Vector size: " << temp << ". Expected: 0");
2426 RUNNER_TEST(T1705_deinit)
2430 auto control = CKM::Control::create();
2432 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2433 "Error=" << CKM::ErrorToString(tmp));
2435 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2436 "Error=" << CKM::ErrorToString(tmp));
2439 RUNNER_TEST(T17101_init)
2443 auto control = CKM::Control::create();
2445 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2446 "Error=" << CKM::ErrorToString(tmp));
2448 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2449 "Error=" << CKM::ErrorToString(tmp));
2451 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2452 "Error=" << CKM::ErrorToString(tmp));
2455 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2456 "Error=" << CKM::ErrorToString(tmp));
2458 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2459 "Error=" << CKM::ErrorToString(tmp));
2461 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2462 "Error=" << CKM::ErrorToString(tmp));
2465 RUNNER_CHILD_TEST(T17102_prep_data_01)
2468 AccessProvider ap("t1706-special-label");
2469 ap.allowAPI("key-manager::api-storage", "rw");
2470 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2472 CKM::AliasVector av;
2473 auto manager = CKM::Manager::create();
2475 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2477 CKM::RawBuffer buffer(data.begin(), data.end());
2478 CKM::Policy exportable(CKM::Password(), true);
2481 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2482 "Error=" << CKM::ErrorToString(temp));
2485 RUNNER_CHILD_TEST(T17103_prep_data_02)
2488 AccessProvider ap("t1706-special-label2");
2489 ap.allowAPI("key-manager::api-storage", "rw");
2490 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2492 CKM::AliasVector av;
2493 auto manager = CKM::Manager::create();
2495 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2497 CKM::RawBuffer buffer(data.begin(), data.end());
2498 CKM::Policy exportable(CKM::Password(), true);
2501 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2502 "Error=" << CKM::ErrorToString(temp));
2505 RUNNER_CHILD_TEST(T17104_prep_data_03)
2508 AccessProvider ap("t1706-special-label");
2509 ap.allowAPI("key-manager::api-storage", "rw");
2510 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2512 CKM::AliasVector av;
2513 auto manager = CKM::Manager::create();
2515 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2517 CKM::RawBuffer buffer(data.begin(), data.end());
2518 CKM::Policy exportable(CKM::Password(), true);
2521 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2522 "Error=" << CKM::ErrorToString(temp));
2525 RUNNER_CHILD_TEST(T17105_prep_data_04)
2528 AccessProvider ap("t1706-special-label2");
2529 ap.allowAPI("key-manager::api-storage", "rw");
2530 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2532 CKM::AliasVector av;
2533 auto manager = CKM::Manager::create();
2535 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2537 CKM::RawBuffer buffer(data.begin(), data.end());
2538 CKM::Policy exportable(CKM::Password(), true);
2541 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2542 "Error=" << CKM::ErrorToString(temp));
2545 RUNNER_TEST(T17106_remove_application)
2549 auto control = CKM::Control::create();
2551 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2552 "Error=" << CKM::ErrorToString(tmp));
2554 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
2555 "Error=" << CKM::ErrorToString(tmp));
2558 RUNNER_CHILD_TEST(T17107_check_data_01)
2561 AccessProvider ap("t1706-special-label");
2562 ap.allowAPI("key-manager::api-storage", "rw");
2563 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2565 CKM::AliasVector av;
2566 auto manager = CKM::Manager::create();
2569 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2570 "Error=" << CKM::ErrorToString(temp));
2572 0 == (temp = av.size()),
2573 "Vector size: " << temp << ". Expected: 0");
2576 RUNNER_CHILD_TEST(T17108_check_data_02)
2579 AccessProvider ap("t1706-special-label2");
2580 ap.allowAPI("key-manager::api-storage", "rw");
2581 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2583 CKM::AliasVector av;
2584 auto manager = CKM::Manager::create();
2587 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2588 "Error=" << CKM::ErrorToString(temp));
2590 1 == (temp = av.size()),
2591 "Vector size: " << temp << ". Expected: 1");
2594 RUNNER_TEST(T17109_unlock_user2)
2598 auto control = CKM::Control::create();
2600 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2601 "Error=" << CKM::ErrorToString(tmp));
2604 RUNNER_CHILD_TEST(T17110_check_data_03)
2607 AccessProvider ap("t1706-special-label");
2608 ap.allowAPI("key-manager::api-storage", "rw");
2609 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2611 CKM::AliasVector av;
2612 auto manager = CKM::Manager::create();
2615 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2616 "Error=" << CKM::ErrorToString(temp));
2618 0 == (temp = av.size()),
2619 "Vector size: " << temp << ". Expected: 0");
2622 RUNNER_CHILD_TEST(T17111_check_data_04)
2625 AccessProvider ap("t1706-special-label2");
2626 ap.allowAPI("key-manager::api-storage", "rw");
2627 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2629 CKM::AliasVector av;
2630 auto manager = CKM::Manager::create();
2633 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2634 "Error=" << CKM::ErrorToString(temp));
2636 1 == (temp = av.size()),
2637 "Vector size: " << temp << ". Expected: 1");
2640 RUNNER_TEST(T17112_deinit)
2644 auto control = CKM::Control::create();
2646 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2647 "Error=" << CKM::ErrorToString(tmp));
2649 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2650 "Error=" << CKM::ErrorToString(tmp));
2653 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2654 "Error=" << CKM::ErrorToString(tmp));
2656 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2657 "Error=" << CKM::ErrorToString(tmp));
2660 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2664 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2665 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2666 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2667 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2668 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2669 const char *PKCS_PASSWD = "PKCS-pass";
2672 RUNNER_TEST(T1800_init)
2674 reset_user_data(0, PKCS_PASSWD);
2677 RUNNER_TEST(T1801_parse_PKCS12) {
2678 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2679 std::istreambuf_iterator<char> begin(is), end;
2680 std::vector<char> buff(begin, end);
2682 CKM::RawBuffer buffer(buff.size());
2683 memcpy(buffer.data(), buff.data(), buff.size());
2685 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2688 "Error in PKCS12::create()");
2690 auto cert = pkcs->getCertificate();
2693 "Error in PKCS12::getCertificate()");
2695 auto key = pkcs->getKey();
2698 "Error in PKCS12::getKey()");
2700 auto caVector = pkcs->getCaCertificateShPtrVector();
2702 0 == caVector.size(),
2703 "Wrong size of vector");
2706 RUNNER_TEST(T1802_negative_wrong_password) {
2707 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2708 std::istreambuf_iterator<char> begin(is), end;
2709 std::vector<char> buff(begin, end);
2711 CKM::RawBuffer buffer(buff.size());
2712 memcpy(buffer.data(), buff.data(), buff.size());
2714 auto pkcs = CKM::PKCS12::create(buffer, "error");
2717 "Expected error in PKCS12::create()");
2720 RUNNER_TEST(T1803_negative_broken_buffer) {
2721 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2722 std::istreambuf_iterator<char> begin(is), end;
2723 std::vector<char> buff(begin, end);
2725 CKM::RawBuffer buffer(buff.size());
2726 memcpy(buffer.data(), buff.data(), buff.size());
2728 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2731 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2734 "Expected error in PKCS12::create()");
2737 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2739 auto manager = CKM::Manager::create();
2740 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2741 std::istreambuf_iterator<char> begin(is), end;
2742 std::vector<char> buff(begin, end);
2744 CKM::RawBuffer buffer(buff.size());
2745 memcpy(buffer.data(), buff.data(), buff.size());
2747 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2750 "Error in PKCS12::create()");
2753 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2754 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2755 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2756 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2757 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2758 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2759 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2760 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2761 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2762 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2763 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2764 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2765 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2766 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2767 "-----END RSA PRIVATE KEY-----\n";
2769 std::string message = "message test";
2771 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2772 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2773 "Key is empty. Failed to import private key.");
2777 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2778 "Error=" << CKM::ErrorToString(temp));
2781 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2782 "Error=" << CKM::ErrorToString(temp));
2785 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2787 auto manager = CKM::Manager::create();
2788 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2789 std::istreambuf_iterator<char> begin(is), end;
2790 std::vector<char> buff(begin, end);
2792 CKM::RawBuffer buffer(buff.size());
2793 memcpy(buffer.data(), buff.data(), buff.size());
2795 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2798 "Error in PKCS12::create()");
2800 auto cert = pkcs->getCertificate();
2803 "Error in PKCS12::getCertificate()");
2805 auto key = pkcs->getKey();
2808 "Error in PKCS12::getKey()");
2810 auto caVector = pkcs->getCaCertificateShPtrVector();
2812 2 == caVector.size(),
2813 "Wrong size of vector");
2817 CKM::Policy exportable;
2818 CKM::Policy notExportable(CKM::Password(), false);
2821 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2822 "Error=" << CKM::ErrorToString(tmp));
2824 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2825 "Error=" << CKM::ErrorToString(tmp));
2827 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2828 "Error=" << CKM::ErrorToString(tmp));
2830 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2831 "Error=" << CKM::ErrorToString(tmp));
2833 // try to lookup key
2834 CKM::KeyShPtr key_lookup;
2836 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2837 "Error=" << CKM::ErrorToString(tmp));
2839 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2840 "Error=" << CKM::ErrorToString(tmp));
2842 // try to lookup certificate
2843 CKM::CertificateShPtr cert_lookup;
2845 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2846 "Error=" << CKM::ErrorToString(tmp));
2848 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2849 "Error=" << CKM::ErrorToString(tmp));
2852 RUNNER_TEST(T1806_get_PKCS)
2855 auto manager = CKM::Manager::create();
2857 CKM::PKCS12ShPtr pkcs;
2861 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2862 "Error=" << CKM::ErrorToString(temp));
2864 // fail - not exportable
2866 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2867 "Error=" << CKM::ErrorToString(temp));
2869 // success - exportable
2871 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2872 "Error=" << CKM::ErrorToString(temp));
2874 auto cert = pkcs->getCertificate();
2877 "Error in PKCS12::getCertificate()");
2879 auto key = pkcs->getKey();
2882 "Error in PKCS12::getKey()");
2884 auto caVector = pkcs->getCaCertificateShPtrVector();
2886 2 == caVector.size(),
2887 "Wrong size of vector");
2890 RUNNER_TEST(T1807_create_and_verify_signature)
2893 auto manager = CKM::Manager::create();
2895 std::string message = "message test";
2897 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2898 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2899 CKM::RawBuffer signature;
2902 CKM_API_SUCCESS == (temp = manager->createSignature(
2903 alias_PKCS_exportable,
2905 CKM::RawBuffer(message.begin(), message.end()),
2909 "Error=" << CKM::ErrorToString(temp));
2912 CKM_API_SUCCESS == (temp = manager->verifySignature(
2913 alias_PKCS_exportable,
2915 CKM::RawBuffer(message.begin(), message.end()),
2919 "Error=" << CKM::ErrorToString(temp));
2922 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2925 auto manager = CKM::Manager::create();
2927 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2928 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2929 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2930 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2931 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2932 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2933 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2934 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2935 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2936 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2937 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2938 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2939 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2940 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2941 "-----END RSA PRIVATE KEY-----";
2942 std::string message = "message test";
2944 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2945 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2946 "Key is empty. Failed to import private key.");
2949 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2950 "Error=" << CKM::ErrorToString(temp));
2952 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2953 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2954 CKM::RawBuffer signature;
2957 CKM_API_SUCCESS == (temp = manager->createSignature(
2958 alias_PKCS_priv_key_copy,
2960 CKM::RawBuffer(message.begin(), message.end()),
2964 "Error=" << CKM::ErrorToString(temp));
2967 CKM_API_SUCCESS == (temp = manager->verifySignature(
2968 alias_PKCS_exportable,
2970 CKM::RawBuffer(message.begin(), message.end()),
2974 "Error=" << CKM::ErrorToString(temp));
2977 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2980 auto manager = CKM::Manager::create();
2982 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2983 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2984 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2985 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2986 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2987 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2988 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2989 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2990 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2991 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2992 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2993 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2994 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2995 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2996 "-----END RSA PRIVATE KEY-----\n";
2998 std::string message = "message test";
3000 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3001 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3002 "Key is empty. Failed to import private key.");
3005 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3006 "Error=" << CKM::ErrorToString(temp));
3008 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3009 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3010 CKM::RawBuffer signature;
3013 CKM_API_SUCCESS == (temp = manager->createSignature(
3014 alias_PKCS_priv_key_wrong,
3016 CKM::RawBuffer(message.begin(), message.end()),
3020 "Error=" << CKM::ErrorToString(temp));
3023 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3024 alias_PKCS_exportable,
3026 CKM::RawBuffer(message.begin(), message.end()),
3030 "Error=" << CKM::ErrorToString(temp));
3033 RUNNER_TEST(T1810_verify_get_certificate_chain)
3035 // this certificate has been signed using PKCS chain
3036 std::string im = "-----BEGIN CERTIFICATE-----\n"
3037 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3038 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3039 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3040 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3041 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3042 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3043 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3044 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3045 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3047 "-----END CERTIFICATE-----\n";
3049 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3050 CKM::CertificateShPtrVector certChain;
3051 CKM::AliasVector aliasVector;
3054 auto manager = CKM::Manager::create();
3056 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3058 tmp = manager->getCertificateChain(cert,
3063 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3064 "Error=" << CKM::ErrorToString(tmp));
3067 0 == certChain.size(),
3068 "Wrong size of certificate chain.");
3070 aliasVector.push_back(alias_PKCS_exportable);
3072 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3073 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3075 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3077 4 == certChain.size(),
3078 "Wrong size of certificate chain: " << certChain.size());
3081 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3083 auto manager = CKM::Manager::create();
3087 // remove the whole PKCS12 bundles
3089 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3090 "Error=" << CKM::ErrorToString(tmp));
3092 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3093 "Error=" << CKM::ErrorToString(tmp));
3095 // expect lookup fails due to unknown alias
3096 // try to lookup key
3097 CKM::KeyShPtr key_lookup;
3099 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3100 "Error=" << CKM::ErrorToString(tmp));
3102 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3103 "Error=" << CKM::ErrorToString(tmp));
3105 // try to lookup certificate
3106 CKM::CertificateShPtr cert_lookup;
3108 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3109 "Error=" << CKM::ErrorToString(tmp));
3111 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3112 "Error=" << CKM::ErrorToString(tmp));
3115 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3117 CKM::Alias alias = "t1812alias1";
3119 auto manager = CKM::Manager::create();
3120 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3121 std::istreambuf_iterator<char> begin(is), end;
3122 std::vector<char> buff(begin, end);
3124 CKM::PKCS12ShPtr pkcs12;
3125 CKM::Password pass1 = "easypass1";
3126 CKM::Password pass2 = "easypass2";
3128 CKM::RawBuffer buffer(buff.size());
3129 memcpy(buffer.data(), buff.data(), buff.size());
3131 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3134 "Error in PKCS12::create()");
3138 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3139 "Error=" << CKM::ErrorToString(temp));
3142 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3143 "Error=" << CKM::ErrorToString(temp));
3146 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3147 "Error=" << CKM::ErrorToString(temp));
3150 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3151 "Error=" << CKM::ErrorToString(temp));
3154 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3155 "Error=" << CKM::ErrorToString(temp));
3158 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3159 "Error=" << CKM::ErrorToString(temp));
3161 CKM::CertificateShPtr cert;
3163 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3164 "Error=" << CKM::ErrorToString(temp));
3166 CKM::CertificateShPtrVector certChain;
3167 CKM::AliasVector certVect;
3168 certVect.push_back(alias);
3171 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3172 "Error=" << CKM::ErrorToString(temp));
3175 RUNNER_TEST(T1813_deinit)
3178 auto control = CKM::Control::create();
3181 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3182 "Error=" << CKM::ErrorToString(temp));
3185 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3187 RUNNER_TEST(T1901_init_unlock_key)
3190 auto control = CKM::Control::create();
3192 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3193 "Error=" << CKM::ErrorToString(tmp));
3195 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3196 "Error=" << CKM::ErrorToString(tmp));
3198 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3199 "Error=" << CKM::ErrorToString(tmp));
3202 RUNNER_TEST(T1902_get_data)
3204 auto manager = CKM::Manager::create();
3207 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3210 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3211 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3214 RUNNER_TEST(T1903_lock_database)
3217 auto control = CKM::Control::create();
3219 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3220 "Error=" << CKM::ErrorToString(tmp));
3223 RUNNER_TEST(T1904_get_data_from_locked_database)
3225 auto manager = CKM::Manager::create();
3228 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3231 CKM_API_ERROR_DB_LOCKED == status1,
3232 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3235 RUNNER_TEST(T1905_deinit)
3238 auto control = CKM::Control::create();
3240 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3241 "Error=" << CKM::ErrorToString(tmp));
3244 int main(int argc, char *argv[])
3246 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3247 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);