3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
22 #include <dpl/log/log.h>
25 const int USER_APP = 5000;
26 const int GROUP_APP = 5000;
28 const int USER_APP_2 = 5020;
29 const int USER_APP_3 = 5030;
31 const char * const APP_PASS = "user-pass";
32 const int USER_TEST = 5001;
33 const char* TEST_LABEL = "test_label";
35 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
36 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
37 } // namespace anonymous
40 * How to numerate tests:
42 * T - test case (always T)
43 * AB - number of test group (always two digits)
44 * C - test number in group (all tests with same TABC must be run in the same time).
48 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
49 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
50 stop_service(MANAGER);
51 start_service(MANAGER);
53 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
54 std::istreambuf_iterator<char> begin(is), end;
55 std::vector<char> buff(begin, end);
57 CKM::RawBuffer buffer(buff.size());
58 memcpy(buffer.data(), buff.data(), buff.size());
60 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
63 "Error in PKCS12::create()");
65 // all further tests will start with newly started service,
66 // OpenSSL on the service side will have to be properly initialized too
67 stop_service(MANAGER);
68 start_service(MANAGER);
71 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
73 RUNNER_TEST(T0011_Control)
76 auto control = CKM::Control::create();
78 control->removeUserData(0);
79 control->removeUserData(USER_APP_2);
80 control->removeUserData(USER_APP);
83 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
84 "Error=" << CKM::ErrorToString(temp));
87 RUNNER_TEST(T0012_Control)
90 auto control = CKM::Control::create();
92 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
93 "Error=" << CKM::ErrorToString(temp));
95 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
96 "Error=" << CKM::ErrorToString(temp));
99 RUNNER_TEST(T0013_Control)
102 auto control = CKM::Control::create();
104 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
105 "Error=" << CKM::ErrorToString(temp));
108 RUNNER_TEST(T0014_Control)
111 auto control = CKM::Control::create();
113 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
114 "Error=" << CKM::ErrorToString(temp));
117 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
118 "Error=" << CKM::ErrorToString(temp));
121 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
122 "Error=" << CKM::ErrorToString(temp));
125 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
126 "Error=" << CKM::ErrorToString(temp));
129 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
130 "Error=" << CKM::ErrorToString(temp));
133 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
134 "Error=" << CKM::ErrorToString(temp));
137 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
138 "Error=" << CKM::ErrorToString(temp));
141 RUNNER_TEST(T0015_Control)
144 auto control = CKM::Control::create();
146 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
147 "Error=" << CKM::ErrorToString(temp));
149 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
150 "Error=" << CKM::ErrorToString(temp));
152 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
153 "Error=" << CKM::ErrorToString(temp));
155 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
156 "Error=" << CKM::ErrorToString(temp));
159 RUNNER_TEST(T0016_Control_negative_wrong_password)
162 auto control = CKM::Control::create();
164 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
165 "Error=" << CKM::ErrorToString(temp));
167 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
168 "Error=" << CKM::ErrorToString(temp));
170 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
171 "Error=" << CKM::ErrorToString(temp));
173 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
174 "Error=" << CKM::ErrorToString(temp));
176 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
177 "Error=" << CKM::ErrorToString(temp));
180 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
182 RUNNER_TEST(T1010_init)
184 unlock_user_data(USER_APP, "user-pass");
187 RUNNER_TEST(T1011_key)
190 auto manager = CKM::Manager::create();
192 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
193 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
194 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
195 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
196 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
197 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
198 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
200 "-----END PUBLIC KEY-----";
202 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
203 auto key = CKM::Key::create(buffer, CKM::Password());
205 CKM::Alias alias = sharedDatabase("mykey");
208 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
209 "Error=" << CKM::ErrorToString(temp));
211 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
212 "Error=" << CKM::ErrorToString(temp));
214 key->getDER() == key2->getDER(),
215 "Key value has been changed by service");
218 RUNNER_TEST(T1012_certificate)
221 auto manager = CKM::Manager::create();
223 auto cert = TestData::getTestCertificate(TestData::GIAG2);
224 CKM::CertificateShPtr cert2;
225 CKM::Alias alias = sharedDatabase("myCert");
228 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
229 "Error=" << CKM::ErrorToString(temp));
231 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
232 "Error=" << CKM::ErrorToString(temp));
234 cert->getDER() == cert2->getDER(),
235 "Data has been modified in key manager");
238 RUNNER_CHILD_TEST(T1013_user_app_save_key)
240 ScopedAccessProvider ap("mylabel");
241 ap.allowAPI("key-manager::api-storage", "rw");
242 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
244 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
245 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
246 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
247 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
248 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
249 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
250 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
252 "-----END PUBLIC KEY-----";
255 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
256 auto key = CKM::Key::create(buffer, CKM::Password());
258 CKM::Alias alias = "mykey";
259 auto manager = CKM::Manager::create();
262 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
263 "Error=" << CKM::ErrorToString(temp));
265 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
266 "Error=" << CKM::ErrorToString(temp));
268 key->getDER() == key2->getDER(), "Key value has been changed by service");
271 RUNNER_TEST(T1014_save_with_label)
273 ScopedAccessProvider ap("mylabel");
274 ap.allowAPI("key-manager::api-storage", "rw");
275 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
278 auto manager = CKM::Manager::create();
280 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
281 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
282 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
283 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
284 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
285 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
286 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
288 "-----END PUBLIC KEY-----";
290 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
291 auto key = CKM::Key::create(buffer, CKM::Password());
292 CKM::KeyShPtr key_name, key_full_addr;
293 CKM::Alias alias = "mykey-2";
294 CharPtr top_label = get_label();
295 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
298 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
299 "Error=" << CKM::ErrorToString(temp));
303 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
304 "Error=" << CKM::ErrorToString(temp));
306 key->getDER() == key_name->getDER(),
307 "Key value has been changed by service");
309 // lookup by full address
311 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
312 "Error=" << CKM::ErrorToString(temp));
314 key->getDER() == key_full_addr->getDER(),
315 "Key value has been changed by service");
318 RUNNER_TEST(T1015_deinit)
321 remove_user_data(USER_APP);
324 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
326 RUNNER_TEST(T1020_init)
329 auto control = CKM::Control::create();
331 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
332 "Error=" << CKM::ErrorToString(temp));
335 RUNNER_TEST(T1021_save_keys_get_alias)
338 auto manager = CKM::Manager::create();
340 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
341 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
342 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
343 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
344 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
345 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
346 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
348 "-----END PUBLIC KEY-----";
350 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
351 auto key = CKM::Key::create(buffer, CKM::Password());
352 CKM::AliasVector labelAliasVector;
354 size_t current_aliases_num = count_aliases(ALIAS_KEY);
356 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey1").c_str(), key, CKM::Policy())),
357 "Error=" << CKM::ErrorToString(temp));
359 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey2").c_str(), key, CKM::Policy())),
360 "Error=" << CKM::ErrorToString(temp));
362 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey3").c_str(), key, CKM::Policy(CKM::Password(), false))),
363 "Error=" << CKM::ErrorToString(temp));
365 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
366 "Error=" << CKM::ErrorToString(temp));
368 labelAliasVector.size() == (current_aliases_num+3),
369 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
372 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
374 ScopedAccessProvider ap("mylabel");
375 ap.allowAPI("key-manager::api-storage", "rw");
376 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
379 auto manager = CKM::Manager::create();
381 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
382 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
383 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
384 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
385 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
386 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
387 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
389 "-----END PUBLIC KEY-----";
391 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
392 auto key = CKM::Key::create(buffer, CKM::Password());
393 CKM::AliasVector labelAliasVector;
395 size_t current_aliases_num = count_aliases(ALIAS_KEY);
397 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
398 "Error=" << CKM::ErrorToString(temp));
400 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
401 "Error=" << CKM::ErrorToString(temp));
403 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
404 "Error=" << CKM::ErrorToString(temp));
406 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
407 "Error=" << CKM::ErrorToString(temp));
409 labelAliasVector.size() == (current_aliases_num+3),
410 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
413 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
415 ScopedAccessProvider ap("mylabel");
416 ap.allowAPI("key-manager::api-storage", "rw");
417 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
420 auto manager = CKM::Manager::create();
422 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
423 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
424 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
425 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
426 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
427 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
428 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
430 "-----END PUBLIC KEY-----";
432 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
433 auto key = CKM::Key::create(buffer, CKM::Password());
434 CKM::AliasVector aliasVector;
435 CKM::Policy notExportable(CKM::Password(), false);
438 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
439 "Error=" << CKM::ErrorToString(temp));
441 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
442 "Error=" << CKM::ErrorToString(temp));
444 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
445 "Error=" << CKM::ErrorToString(temp));
448 RUNNER_TEST(T1029_deinit)
451 remove_user_data(USER_APP);
454 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
455 RUNNER_TEST(T1030_init)
458 reset_user_data(USER_APP, APP_PASS);
461 RUNNER_TEST(T1031_save_get_bin_data)
464 auto manager = CKM::Manager::create();
466 std::string binData1 = "My bin data1";
467 std::string binData2 = "My bin data2";
468 std::string binData3 = "My bin data3";
470 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
471 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
472 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
474 CKM::AliasVector labelAliasVector;
476 size_t current_aliases_num = count_aliases(ALIAS_DATA);
478 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data1").c_str(), buffer1, CKM::Policy())),
479 "Error=" << CKM::ErrorToString(temp));
481 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data2").c_str(), buffer2, CKM::Policy())),
482 "Error=" << CKM::ErrorToString(temp));
484 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data3").c_str(), buffer3, CKM::Policy(CKM::Password(), true))),
485 "Error=" << CKM::ErrorToString(temp));
487 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer3, CKM::Policy(CKM::Password(), false))),
488 "Error=" << CKM::ErrorToString(temp));
490 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
491 "Error=" << CKM::ErrorToString(temp));
493 labelAliasVector.size() == (current_aliases_num+3),
494 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
496 CKM::RawBuffer buffer;
498 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
499 "Error=" << CKM::ErrorToString(temp));
505 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password("Password"), buffer)),
506 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
509 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
511 ScopedAccessProvider ap("mylabel");
512 ap.allowAPI("key-manager::api-storage", "rw");
513 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
514 ScopedDBUnlock unlock(USER_APP, APP_PASS);
517 auto manager = CKM::Manager::create();
519 std::string binData = "My bin data";
521 CKM::RawBuffer buffer(binData.begin(), binData.end());
523 CKM::AliasVector labelAliasVector;
525 size_t current_aliases_num = count_aliases(ALIAS_DATA);
527 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
528 "Error=" << CKM::ErrorToString(temp));
530 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
531 "Error=" << CKM::ErrorToString(temp));
533 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
534 "Error=" << CKM::ErrorToString(temp));
536 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
537 "Error=" << CKM::ErrorToString(temp));
539 labelAliasVector.size() == (current_aliases_num+3),
540 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
543 RUNNER_TEST(T1033_remove_bin_data)
546 auto manager = CKM::Manager::create();
548 std::string binData2 = "My bin data2";
549 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
551 CKM::AliasVector labelAliasVector;
553 size_t current_aliases_num = count_aliases(ALIAS_DATA);
554 std::string invalid_address = sharedDatabase("i-do-not-exist");
556 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
557 "Error=" << CKM::ErrorToString(temp));
559 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data1").c_str())),
560 "Error=" << CKM::ErrorToString(temp));
562 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data3").c_str())),
563 "Error=" << CKM::ErrorToString(temp));
565 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
566 "Error=" << CKM::ErrorToString(temp));
568 labelAliasVector.size() == (current_aliases_num-2),
569 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
571 CKM::RawBuffer buffer;
573 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
574 "Error=" << CKM::ErrorToString(temp));
579 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(sharedDatabase("data3").c_str(), CKM::Password(), buffer)),
580 "Error=" << CKM::ErrorToString(temp));
583 RUNNER_TEST(T1034_app_remove_bin_data)
585 ScopedAccessProvider ap("mylabel");
586 ap.allowAPI("key-manager::api-storage", "rw");
587 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
588 ScopedDBUnlock unlock(USER_APP, APP_PASS);
591 auto manager = CKM::Manager::create();
593 std::string binData2 = "My bin data";
594 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
596 CKM::AliasVector labelAliasVector;
598 size_t current_aliases_num = count_aliases(ALIAS_DATA);
599 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
601 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
602 "Error=" << CKM::ErrorToString(temp));
604 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
605 "Error=" << CKM::ErrorToString(temp));
607 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
608 "Error=" << CKM::ErrorToString(temp));
610 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
611 "Error=" << CKM::ErrorToString(temp));
613 labelAliasVector.size() == (current_aliases_num-2),
614 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
616 CKM::RawBuffer buffer;
618 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
619 "Error=" << CKM::ErrorToString(temp));
624 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
625 "Error=" << CKM::ErrorToString(temp));
628 RUNNER_TEST(T1035_getData_wrong_password)
631 auto manager = CKM::Manager::create();
633 std::string binData1 = "My bin data4";
635 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
638 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer1, CKM::Policy("CorrectPassword"))),
639 "Error=" << CKM::ErrorToString(temp));
641 CKM::RawBuffer buffer;
643 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("CorrectPassword"), buffer)),
644 "Error=" << CKM::ErrorToString(temp));
650 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("WrongPassword"), buffer)),
651 "Error=" << CKM::ErrorToString(temp));
654 RUNNER_TEST(T1036_deinit)
657 remove_user_data(USER_APP);
660 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
662 RUNNER_TEST(T1040_init)
665 auto control = CKM::Control::create();
668 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
669 "Error=" << CKM::ErrorToString(temp));
672 RUNNER_CHILD_TEST(T1041_create_rsa_key)
675 auto manager = CKM::Manager::create();
678 ScopedAccessProvider ap("mylabel-rsa");
679 ap.allowAPI("key-manager::api-storage", "rw");
680 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
682 size_t current_aliases_num = count_aliases(ALIAS_KEY);
684 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
685 "Error=" << CKM::ErrorToString(temp));
687 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
688 "Error=" << CKM::ErrorToString(temp));
690 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
691 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
694 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
697 auto manager = CKM::Manager::create();
700 ScopedAccessProvider ap("mylabel-rsa");
701 ap.allowAPI("key-manager::api-storage", "rw");
702 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
705 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
706 "Error=" << CKM::ErrorToString(temp));
708 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
709 "Error=" << CKM::ErrorToString(temp));
712 RUNNER_CHILD_TEST(T1043_create_dsa_key)
715 auto manager = CKM::Manager::create();
718 ScopedAccessProvider ap("mylabel-dsa");
719 ap.allowAPI("key-manager::api-storage", "rw");
720 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
722 size_t current_aliases_num = count_aliases(ALIAS_KEY);
724 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
725 "Error=" << CKM::ErrorToString(temp));
727 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
728 "Error=" << CKM::ErrorToString(temp));
730 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
731 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
734 RUNNER_TEST(T1049_deinit)
736 remove_user_data(USER_APP);
740 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
742 RUNNER_TEST(T1110_init)
744 unlock_user_data(USER_APP, "user-pass");
747 RUNNER_TEST(T1111_CreateKeyPairRSA)
750 auto manager = CKM::Manager::create();
751 CKM::Alias a1 = sharedDatabase("rsa-test-1");
752 CKM::Alias a2 = sharedDatabase("rsa-test-2");
756 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
757 "Error=" << CKM::ErrorToString(temp));
759 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
760 "Error=" << CKM::ErrorToString(temp));
763 RUNNER_TEST(T1112_CreateKeyPairDSA)
766 auto manager = CKM::Manager::create();
767 CKM::Alias a1 = sharedDatabase("dsa-test-1");
768 CKM::Alias a2 = sharedDatabase("dsa-test-2");
772 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
773 "Error=" << CKM::ErrorToString(temp));
775 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
776 "Error=" << CKM::ErrorToString(temp));
779 RUNNER_TEST(T1113_CreateKeyPairECDSA)
782 auto manager = CKM::Manager::create();
783 CKM::Alias a1 = sharedDatabase("ecdsa-test-1");
784 CKM::Alias a2 = sharedDatabase("ecdsa-test-2");
788 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
789 "Error=" << CKM::ErrorToString(temp));
792 RUNNER_TEST(T1114_deinit)
797 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
799 RUNNER_TEST(T12100_init)
801 reset_user_data(USER_APP, APP_PASS);
804 RUNNER_TEST(T12101_key_exist)
806 ScopedAccessProvider ap("mylabel");
807 ap.allowAPI("key-manager::api-storage", "rw");
808 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
809 ScopedDBUnlock unlock(USER_APP, APP_PASS);
812 auto manager = CKM::Manager::create();
814 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
815 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
816 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
817 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
818 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
819 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
820 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
822 "-----END PUBLIC KEY-----";
824 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
825 auto key = CKM::Key::create(buffer);
826 CKM::Alias alias = "rsa-alias-duplication";
829 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
830 "Error=" << CKM::ErrorToString(ret));
832 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
833 "Error=" << CKM::ErrorToString(ret));
837 * These test cases tests API when empty parameters are passed to functions
840 RUNNER_TEST(T12102_saveKey_empty_alias)
842 ScopedAccessProvider ap("mylabel");
843 ap.allowAPI("key-manager::api-storage", "rw");
844 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
845 ScopedDBUnlock unlock(USER_APP, APP_PASS);
847 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
848 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
849 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
850 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
851 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
852 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
853 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
854 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
856 "-----END PUBLIC KEY-----";
858 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
859 auto key = CKM::Key::create(buffer);
860 CKM::Alias alias; //alias is not initialized
863 auto manager = CKM::Manager::create();
865 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
866 "Error=" << CKM::ErrorToString(ret));
869 RUNNER_TEST(T12103_saveKey_foreign_label)
871 ScopedAccessProvider ap("mylabel");
872 ap.allowAPI("key-manager::api-storage", "rw");
873 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
874 ScopedDBUnlock unlock(USER_APP, APP_PASS);
876 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
877 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
878 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
879 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
880 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
881 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
882 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
884 "-----END PUBLIC KEY-----";
886 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
887 auto key = CKM::Key::create(buffer);
888 CKM::Alias alias = "iamsomebodyelse alias";
891 auto manager = CKM::Manager::create();
893 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
894 "Error=" << CKM::ErrorToString(ret));
897 RUNNER_TEST(T12104_saveKey_empty_key)
899 ScopedAccessProvider ap("mylabel");
900 ap.allowAPI("key-manager::api-storage", "rw");
901 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
902 ScopedDBUnlock unlock(USER_APP, APP_PASS);
904 CKM::KeyShPtr key; //key is not initialized
905 CKM::Alias alias = "empty-key";
908 auto manager = CKM::Manager::create();
910 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
911 "Error=" << CKM::ErrorToString(ret));
914 RUNNER_TEST(T12105_saveCertificate_empty_alias)
916 ScopedAccessProvider ap("mylabel");
917 ap.allowAPI("key-manager::api-storage", "rw");
918 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
919 ScopedDBUnlock unlock(USER_APP, APP_PASS);
921 auto cert = TestData::getTestCertificate(TestData::GIAG2);
922 CKM::Alias alias; //alias is not initialized
925 auto manager = CKM::Manager::create();
927 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
928 "Error=" << CKM::ErrorToString(temp));
931 RUNNER_TEST(T12106_saveCertificate_foreign_label)
933 ScopedAccessProvider ap("mylabel");
934 ap.allowAPI("key-manager::api-storage", "rw");
935 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
936 ScopedDBUnlock unlock(USER_APP, APP_PASS);
938 auto cert = TestData::getTestCertificate(TestData::GIAG2);
939 CKM::Alias alias = "iamsomebodyelse alias";
942 auto manager = CKM::Manager::create();
944 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
945 "Error=" << CKM::ErrorToString(temp));
948 RUNNER_TEST(T12107_saveCertificate_empty_cert)
950 ScopedAccessProvider ap("mylabel");
951 ap.allowAPI("key-manager::api-storage", "rw");
952 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
953 ScopedDBUnlock unlock(USER_APP, APP_PASS);
955 CKM::CertificateShPtr cert; //cert is not initialized
956 CKM::Alias alias = "empty-cert";
959 auto manager = CKM::Manager::create();
961 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
962 "Error=" << CKM::ErrorToString(temp));
965 RUNNER_TEST(T12108_saveData_empty_alias)
967 ScopedAccessProvider ap("mylabel");
968 ap.allowAPI("key-manager::api-storage", "rw");
969 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
970 ScopedDBUnlock unlock(USER_APP, APP_PASS);
972 std::string testData = "test data test data test data";
973 CKM::RawBuffer buffer(testData.begin(), testData.end());
977 auto manager = CKM::Manager::create();
979 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
980 "Error=" << CKM::ErrorToString(temp));
983 RUNNER_TEST(T12109_saveData_foreign_label)
985 ScopedAccessProvider ap("mylabel");
986 ap.allowAPI("key-manager::api-storage", "rw");
987 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
988 ScopedDBUnlock unlock(USER_APP, APP_PASS);
990 std::string testData = "test data test data test data";
991 CKM::RawBuffer buffer(testData.begin(), testData.end());
992 CKM::Alias alias = "iamsomebodyelse alias";
995 auto manager = CKM::Manager::create();
997 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
998 "Error=" << CKM::ErrorToString(temp));
1001 RUNNER_TEST(T12110_saveData_empty_data)
1003 ScopedAccessProvider ap("mylabel");
1004 ap.allowAPI("key-manager::api-storage", "rw");
1005 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1006 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1008 CKM::RawBuffer buffer;
1009 CKM::Alias alias = "empty-data";
1012 auto manager = CKM::Manager::create();
1014 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1015 "Error=" << CKM::ErrorToString(temp));
1019 * These test cases tests API when trying to get data from not existing alias
1022 RUNNER_TEST(T12111_getKey_alias_not_exist)
1024 ScopedAccessProvider ap("mylabel");
1025 ap.allowAPI("key-manager::api-storage", "rw");
1026 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1027 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1030 CKM::Alias alias = "this-alias-not-exist";
1033 auto manager = CKM::Manager::create();
1035 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1036 "Error=" << CKM::ErrorToString(temp));
1039 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1041 ScopedAccessProvider ap("mylabel");
1042 ap.allowAPI("key-manager::api-storage", "rw");
1043 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1044 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1046 CKM::CertificateShPtr certificate;
1047 CKM::Alias alias = "this-alias-not-exist";
1050 auto manager = CKM::Manager::create();
1052 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1053 "Error=" << CKM::ErrorToString(temp));
1056 RUNNER_TEST(T12113_getData_alias_not_exist)
1058 ScopedAccessProvider ap("mylabel");
1059 ap.allowAPI("key-manager::api-storage", "rw");
1060 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1061 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1064 auto manager = CKM::Manager::create();
1065 CKM::RawBuffer buffer;
1066 CKM::Alias alias("some alias");
1068 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1069 "Error=" << CKM::ErrorToString(temp));
1073 * These test cases tests API when damaged keys are used
1075 RUNNER_TEST(T12114_rsa_key_damaged)
1077 ScopedAccessProvider ap("mylabel");
1078 ap.allowAPI("key-manager::api-storage", "rw");
1079 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1080 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1083 auto manager = CKM::Manager::create();
1085 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1086 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1087 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1088 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1089 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1090 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1091 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1093 "-----END PUBLIC KEY-----";
1095 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1096 auto key = CKM::Key::create(buffer);
1097 CKM::Alias alias = "damaged-rsa";
1100 NULL == key.get(), "Key is broken. It should be empty");
1103 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1104 "Error=" << CKM::ErrorToString(ret));
1107 RUNNER_TEST(T12115_rsa_key_too_short)
1109 ScopedAccessProvider ap("mylabel");
1110 ap.allowAPI("key-manager::api-storage", "rw");
1111 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1112 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1115 auto manager = CKM::Manager::create();
1117 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1118 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1119 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1120 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1121 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1122 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1123 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1125 "-----END PUBLIC KEY-----";
1127 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1128 auto key = CKM::Key::create(buffer);
1129 CKM::Alias alias = "short-rsa";
1132 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1133 "Error=" << CKM::ErrorToString(ret));
1136 RUNNER_TEST(T12116_dsa_key_too_short)
1138 ScopedAccessProvider ap("mylabel");
1139 ap.allowAPI("key-manager::api-storage", "rw");
1140 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1141 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1144 auto manager = CKM::Manager::create();
1146 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1147 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1148 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1149 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1150 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1151 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1152 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1153 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1154 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1155 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1156 "YMYCBhubtrVaLmc=\n"
1157 "-----END PUBLIC KEY-----";
1159 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1160 auto key = CKM::Key::create(buffer);
1161 CKM::Alias alias = "short-dsa";
1164 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1165 "Error=" << CKM::ErrorToString(ret));
1170 * These test cases tests CKM service if malicious data is provided over the socket.
1173 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1175 ScopedAccessProvider ap("mylabel");
1176 ap.allowAPI("key-manager::api-storage", "rw");
1177 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1178 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1181 auto manager = CKM::Manager::create();
1183 // fake the client - let the service detect the problem
1184 class WrongKeyImpl : public CKM::Key
1187 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1190 virtual bool empty() const {
1194 virtual CKM::KeyType getType() const {
1195 return CKM::KeyType::KEY_RSA_PUBLIC;
1197 virtual int getSize() const {
1200 virtual CKM::ElipticCurve getCurve() const {
1201 return CKM::ElipticCurve::prime192v1;
1203 virtual CKM::RawBuffer getDER() const {
1206 virtual ~WrongKeyImpl() {}
1208 CKM::RawBuffer & m_dummy;
1210 std::string dummyData = "my_cat_Berta\n";
1211 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1212 auto key = std::make_shared<WrongKeyImpl>(buffer);
1213 CKM::Alias alias = "damaged-rsa";
1216 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1217 "Error=" << CKM::ErrorToString(ret));
1220 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1222 ScopedAccessProvider ap("mylabel");
1223 ap.allowAPI("key-manager::api-storage", "rw");
1224 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1225 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1227 // fake the client - let the service detect the problem
1228 class WrongCertImpl : public CKM::Certificate
1231 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1232 m_x509 = X509_new();
1235 bool empty() const {
1239 virtual X509 *getX509() const {
1243 virtual CKM::RawBuffer getDER() const {
1247 virtual ~WrongCertImpl() {
1252 CKM::RawBuffer & m_dummy;
1254 std::string dummyData = "my_cat_Stefan\n";
1255 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1256 auto cert = std::make_shared<WrongCertImpl>(buffer);
1257 CKM::Alias alias = "damaged-cert";
1260 auto manager = CKM::Manager::create();
1262 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1263 "Error=" << CKM::ErrorToString(temp));
1266 RUNNER_TEST(T12119_deinit)
1268 remove_user_data(USER_APP);
1271 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1273 RUNNER_TEST(T1311_init)
1275 remove_user_data(0);
1276 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1277 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1279 ScopedLabel sl("System");
1280 struct hostent* he = gethostbyname("google.com");
1282 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1283 "is not woking on the device. OCSP tests requires network access!");
1286 RUNNER_TEST(T1312_get_chain)
1288 auto cert = TestData::getTestCertificate(TestData::MBANK);
1289 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1291 CKM::CertificateShPtrVector certVector = {cert1};
1292 CKM::CertificateShPtrVector certChain;
1295 auto manager = CKM::Manager::create();
1297 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1298 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1300 tmp = manager->getCertificateChain(cert,
1305 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1306 "Error=" << CKM::ErrorToString(tmp));
1309 0 == certChain.size(),
1310 "Wrong size of certificate chain.");
1312 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1313 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1316 3 == certChain.size(),
1317 "Wrong size of certificate chain.");
1320 RUNNER_TEST(T1313_get_chain_with_alias)
1322 auto cert = TestData::getTestCertificate(TestData::MBANK);
1323 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1325 CKM::CertificateShPtrVector certChain;
1326 CKM::AliasVector aliasVector;
1327 CKM::Alias alias = sharedDatabase("imcert");
1330 auto manager = CKM::Manager::create();
1332 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1333 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1335 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1336 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1337 "Error=" << CKM::ErrorToString(tmp));
1340 0 == certChain.size(),
1341 "Wrong size of certificate chain.");
1344 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1345 "Error=" << CKM::ErrorToString(tmp));
1347 aliasVector.push_back(alias);
1349 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1350 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1353 3 == certChain.size(),
1354 "Wrong size of certificate chain.");
1357 RUNNER_TEST(T1314_ocsp_check)
1359 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1361 auto cert = TestData::getTestCertificate(TestData::MBANK);
1362 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1363 CKM::CertificateShPtrVector certVector = {cert1};
1364 CKM::CertificateShPtrVector certChain;
1367 auto manager = CKM::Manager::create();
1369 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1370 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1372 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1373 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1374 "Error=" << CKM::ErrorToString(tmp));
1377 0 == certChain.size(),
1378 "Wrong size of certificate chain.");
1380 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1381 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1384 3 == certChain.size(),
1385 "Wrong size of certificate chain.");
1389 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1390 "Error=" << CKM::ErrorToString(tmp));
1392 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1395 RUNNER_TEST(T1315_deinit)
1397 remove_user_data(0);
1400 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1402 RUNNER_TEST(T1411_init)
1404 remove_user_data(0);
1407 RUNNER_TEST(T1412_rsa_key_create_verify)
1410 auto manager = CKM::Manager::create();
1412 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1413 "Proc-Type: 4,ENCRYPTED\n"
1414 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1416 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1417 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1418 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1419 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1420 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1421 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1422 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1423 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1424 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1425 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1426 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1427 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1428 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1429 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1430 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1431 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1432 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1433 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1434 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1435 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1436 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1437 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1438 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1439 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1440 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1441 "-----END RSA PRIVATE KEY-----\n";
1443 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1444 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1445 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1446 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1447 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1448 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1449 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1451 "-----END PUBLIC KEY-----\n";
1453 std::string message = "message test";
1455 CKM::Alias aliasPub = sharedDatabase("pub1");
1456 CKM::Alias aliasPrv = sharedDatabase("prv1");
1457 CKM::Password password = "1234";
1458 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1459 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1460 CKM::RawBuffer signature;
1462 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1463 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1465 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1466 "Key is empty. Failed to import public key.");
1467 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1468 "Key is empty. Failed to import private key.");
1471 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1472 "Error=" << CKM::ErrorToString(temp));
1474 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1475 "Error=" << CKM::ErrorToString(temp));
1478 CKM_API_SUCCESS == (temp = manager->createSignature(
1481 CKM::RawBuffer(message.begin(), message.end()),
1485 "Error=" << CKM::ErrorToString(temp));
1488 CKM_API_SUCCESS == (temp = manager->verifySignature(
1491 CKM::RawBuffer(message.begin(), message.end()),
1495 "Error=" << CKM::ErrorToString(temp));
1498 RUNNER_TEST(T1413_dsa_key_create_verify)
1501 auto manager = CKM::Manager::create();
1503 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1504 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1505 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1506 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1507 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1508 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1509 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1510 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1511 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1512 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1513 "u1roOuaPY+Hl19BlTE2qdw==\n"
1514 "-----END DSA PRIVATE KEY-----";
1516 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1517 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1518 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1519 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1520 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1521 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1522 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1523 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1524 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1525 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1526 "YMYCBhubtrVaLmc=\n"
1527 "-----END PUBLIC KEY-----";
1529 std::string message = "message test";
1531 CKM::Alias aliasPub = sharedDatabase("pub2");
1532 CKM::Alias aliasPrv = sharedDatabase("prv2");
1533 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1534 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1535 CKM::RawBuffer signature;
1537 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1538 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1540 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1541 "Key is empty. Failed to import public key.");
1542 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1543 "Key is empty. Failed to import private key.");
1546 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1547 "Error=" << CKM::ErrorToString(temp));
1549 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1550 "Error=" << CKM::ErrorToString(temp));
1553 CKM_API_SUCCESS == (temp = manager->createSignature(
1556 CKM::RawBuffer(message.begin(), message.end()),
1560 "Error=" << CKM::ErrorToString(temp));
1563 CKM_API_SUCCESS == (temp = manager->verifySignature(
1566 CKM::RawBuffer(message.begin(), message.end()),
1570 "Error=" << CKM::ErrorToString(temp));
1574 RUNNER_TEST(T1414_ec_key_create_verify)
1577 auto manager = CKM::Manager::create();
1579 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1580 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1581 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1582 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1583 "-----END EC PRIVATE KEY-----\n";
1585 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1586 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1587 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1588 "-----END PUBLIC KEY-----\n";
1590 std::string message = "message test";
1592 CKM::Alias aliasPub = sharedDatabase("ecpub2");
1593 CKM::Alias aliasPrv = sharedDatabase("ecprv2");
1594 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1595 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1596 CKM::RawBuffer signature;
1598 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1599 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1601 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1602 "Key is empty. Failed to import public key.");
1603 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1604 "Key is empty. Failed to import private key.");
1607 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1608 "Error=" << CKM::ErrorToString(temp));
1610 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1611 "Error=" << CKM::ErrorToString(temp));
1614 CKM_API_SUCCESS == (temp = manager->createSignature(
1617 CKM::RawBuffer(message.begin(), message.end()),
1621 "Error=" << CKM::ErrorToString(temp));
1624 CKM_API_SUCCESS == (temp = manager->verifySignature(
1627 CKM::RawBuffer(message.begin(), message.end()),
1631 "Error=" << CKM::ErrorToString(temp));
1633 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1635 memcpy((void*)signature.data(), "BROKEN", 6);
1638 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1641 CKM::RawBuffer(message.begin(), message.end()),
1645 "Error=" << CKM::ErrorToString(temp));
1648 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1651 auto manager = CKM::Manager::create();
1652 std::string message = "message asdfaslkdfjlksadjf test";
1654 CKM::Alias aliasPub = sharedDatabase("pub1");
1655 CKM::Alias aliasPrv = sharedDatabase("prv1");
1657 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1658 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1659 CKM::RawBuffer signature;
1662 CKM_API_SUCCESS == (temp = manager->createSignature(
1665 CKM::RawBuffer(message.begin(), message.end()),
1669 "Error=" << CKM::ErrorToString(temp));
1672 CKM_API_SUCCESS == (temp = manager->verifySignature(
1675 CKM::RawBuffer(message.begin(), message.end()),
1679 "Error=" << CKM::ErrorToString(temp));
1681 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1682 memcpy((void*)signature.data(), "BROKEN", 6);
1685 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1688 CKM::RawBuffer(message.begin(), message.end()),
1692 "Error=" << CKM::ErrorToString(temp));
1695 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1698 auto manager = CKM::Manager::create();
1699 std::string message = "message asdfaslkdfjlksadjf test";
1701 CKM::Alias aliasPub = sharedDatabase("pub2");
1702 CKM::Alias aliasPrv = sharedDatabase("prv2");
1704 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1705 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1706 CKM::RawBuffer signature;
1709 CKM_API_SUCCESS == (temp = manager->createSignature(
1712 CKM::RawBuffer(message.begin(), message.end()),
1716 "Error=" << CKM::ErrorToString(temp));
1719 CKM_API_SUCCESS == (temp = manager->verifySignature(
1722 CKM::RawBuffer(message.begin(), message.end()),
1726 "Error=" << CKM::ErrorToString(temp));
1728 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1729 memcpy((void*)signature.data(), "BROKEN", 6);
1732 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1735 CKM::RawBuffer(message.begin(), message.end()),
1739 "Error=" << CKM::ErrorToString(temp));
1742 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1745 auto manager = CKM::Manager::create();
1748 "-----BEGIN RSA PRIVATE KEY-----\n"
1749 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1750 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1751 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1752 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1753 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1754 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1755 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1756 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1757 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1758 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1759 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1760 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1761 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1762 "-----END RSA PRIVATE KEY-----\n";
1765 "-----BEGIN CERTIFICATE-----\n"
1766 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1767 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1768 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1769 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1770 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1771 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1772 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1773 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1774 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1775 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1776 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1777 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1778 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1779 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1780 "-----END CERTIFICATE-----\n";
1782 std::string message = "message test";
1784 CKM::Alias aliasPub = sharedDatabase("pub1-cert");
1785 CKM::Alias aliasPrv = sharedDatabase("prv1-cert");
1786 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1787 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1788 CKM::RawBuffer signature;
1790 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1791 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1793 RUNNER_ASSERT_MSG(NULL != cert.get(),
1794 "Key is empty. Failed to import public key.");
1795 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1796 "Key is empty. Failed to import private key.");
1799 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1800 "Error=" << CKM::ErrorToString(temp));
1802 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1803 "Error=" << CKM::ErrorToString(temp));
1806 CKM_API_SUCCESS == (temp = manager->createSignature(
1809 CKM::RawBuffer(message.begin(), message.end()),
1813 "Error=" << CKM::ErrorToString(temp));
1816 CKM_API_SUCCESS == (temp = manager->verifySignature(
1819 CKM::RawBuffer(message.begin(), message.end()),
1823 "Error=" << CKM::ErrorToString(temp));
1825 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1827 memcpy((void*)signature.data(), "BROKEN", 6);
1830 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1833 CKM::RawBuffer(message.begin(), message.end()),
1837 "Error=" << CKM::ErrorToString(temp));
1840 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
1843 auto manager = CKM::Manager::create();
1845 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1846 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1847 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1848 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1849 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1850 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1851 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1852 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1853 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1854 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1855 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1856 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1857 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1858 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1859 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1860 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1861 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1862 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1863 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1864 "-----END CERTIFICATE-----\n";
1866 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1867 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1868 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1869 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1870 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1871 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1872 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1873 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1874 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1875 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1876 "vonbjii3BYe4AIdkzOvp\n"
1877 "-----END DSA PRIVATE KEY-----\n";
1879 std::string message = "message test";
1881 CKM::Alias aliasPub = sharedDatabase("pub2-cert");
1882 CKM::Alias aliasPrv = sharedDatabase("prv2-cert");
1883 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1884 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1885 CKM::RawBuffer signature;
1887 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1888 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1890 RUNNER_ASSERT_MSG(NULL != cert.get(),
1891 "Key is empty. Failed to import public key.");
1892 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1893 "Key is empty. Failed to import private key.");
1896 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1897 "Error=" << CKM::ErrorToString(temp));
1899 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1900 "Error=" << CKM::ErrorToString(temp));
1903 CKM_API_SUCCESS == (temp = manager->createSignature(
1906 CKM::RawBuffer(message.begin(), message.end()),
1910 "Error=" << CKM::ErrorToString(temp));
1913 CKM_API_SUCCESS == (temp = manager->verifySignature(
1916 CKM::RawBuffer(message.begin(), message.end()),
1920 "Error=" << CKM::ErrorToString(temp));
1922 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1924 memcpy((void*)signature.data(), "BROKEN", 6);
1927 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1930 CKM::RawBuffer(message.begin(), message.end()),
1934 "Error=" << CKM::ErrorToString(temp));
1937 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
1940 auto manager = CKM::Manager::create();
1943 "-----BEGIN EC PRIVATE KEY-----\n"
1944 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1945 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1946 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1947 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1948 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1949 "ELyhe7yPCAuOoLZlTLgf\n"
1950 "-----END EC PRIVATE KEY-----\n";
1953 "-----BEGIN CERTIFICATE-----\n"
1954 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1955 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1956 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1957 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1958 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1959 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1960 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1961 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1962 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1963 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1964 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1965 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1966 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1967 "Q1oBry6NEc+lLFmWMDesAA==\n"
1968 "-----END CERTIFICATE-----\n";
1970 std::string message = "message test";
1972 CKM::Alias aliasPub = sharedDatabase("pub3");
1973 CKM::Alias aliasPrv = sharedDatabase("prv3");
1974 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1975 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1976 CKM::RawBuffer signature;
1978 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1979 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1981 RUNNER_ASSERT_MSG(NULL != cert.get(),
1982 "Key is empty. Failed to import public key.");
1983 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1984 "Key is empty. Failed to import private key.");
1987 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1988 "Error=" << CKM::ErrorToString(temp));
1990 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1991 "Error=" << CKM::ErrorToString(temp));
1994 CKM_API_SUCCESS == (temp = manager->createSignature(
1997 CKM::RawBuffer(message.begin(), message.end()),
2001 "Error=" << CKM::ErrorToString(temp));
2004 CKM_API_SUCCESS == (temp = manager->verifySignature(
2007 CKM::RawBuffer(message.begin(), message.end()),
2011 "Error=" << CKM::ErrorToString(temp));
2013 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2015 memcpy((void*)signature.data(), "BROKEN", 6);
2018 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2021 CKM::RawBuffer(message.begin(), message.end()),
2025 "Error=" << CKM::ErrorToString(temp));
2028 RUNNER_TEST(T1420_deinit)
2030 remove_user_data(0);
2033 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2035 RUNNER_TEST(T14180_init)
2038 remove_user_data(0);
2040 auto manager = CKM::Manager::create();
2042 // Prepare RSA Key Pair
2043 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2044 "Proc-Type: 4,ENCRYPTED\n"
2045 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2047 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2048 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2049 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2050 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2051 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2052 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2053 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2054 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2055 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2056 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2057 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2058 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2059 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2060 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2061 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2062 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2063 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2064 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2065 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2066 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2067 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2068 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2069 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2070 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2071 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2072 "-----END RSA PRIVATE KEY-----\n";
2074 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2075 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2076 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2077 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2078 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2079 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2080 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2082 "-----END PUBLIC KEY-----\n";
2084 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2085 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2086 CKM::Password password = "1234";
2088 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2089 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2091 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2092 "Key is empty. Failed to import public key.");
2093 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2094 "Key is empty. Failed to import private key.");
2097 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2098 "Error=" << CKM::ErrorToString(temp));
2100 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2101 "Error=" << CKM::ErrorToString(temp));
2103 // Prepare ECDSA Key Pair
2104 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2105 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2106 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2107 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2108 "-----END EC PRIVATE KEY-----\n";
2110 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2111 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2112 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2113 "-----END PUBLIC KEY-----\n";
2115 CKM::Alias aliasEcPub = sharedDatabase("ecpub_nohash1");
2116 CKM::Alias aliasEcPrv = sharedDatabase("ecprv_nohash1");
2118 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2119 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2121 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2122 "Key is empty. Failed to import public key.");
2123 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2124 "Key is empty. Failed to import private key.");
2127 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2128 "Error=" << CKM::ErrorToString(temp));
2130 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2131 "Error=" << CKM::ErrorToString(temp));
2135 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2138 auto manager = CKM::Manager::create();
2139 std::string message = "message asdfaslkdfjlksadjf test";
2141 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2142 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2144 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2145 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2146 CKM::RawBuffer signature;
2149 CKM_API_SUCCESS == (temp = manager->createSignature(
2152 CKM::RawBuffer(message.begin(), message.end()),
2156 "Error=" << CKM::ErrorToString(temp));
2159 CKM_API_SUCCESS == (temp = manager->verifySignature(
2162 CKM::RawBuffer(message.begin(), message.end()),
2166 "Error=" << CKM::ErrorToString(temp));
2168 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2169 memcpy((void*)signature.data(), "BROKEN", 6);
2172 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2175 CKM::RawBuffer(message.begin(), message.end()),
2179 "Error=" << CKM::ErrorToString(temp));
2182 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2185 auto manager = CKM::Manager::create();
2186 std::string message = "message asdfaslkdfjlksadjf test";
2188 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2189 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2191 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2192 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2193 CKM::RawBuffer signature;
2196 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2199 CKM::RawBuffer(message.begin(), message.end()),
2203 "Error=" << CKM::ErrorToString(temp));
2206 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2209 auto manager = CKM::Manager::create();
2210 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2211 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2212 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2213 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2214 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2215 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2216 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2217 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2218 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2219 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2220 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2221 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2222 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2223 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2224 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2225 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2226 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2227 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2228 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2229 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2231 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2232 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2234 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2235 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2236 CKM::RawBuffer signature;
2239 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2242 CKM::RawBuffer(message.begin(), message.end()),
2246 "Error=" << CKM::ErrorToString(temp));
2250 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2253 auto manager = CKM::Manager::create();
2255 std::string message = "message test";
2257 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2258 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2259 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2260 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2261 CKM::RawBuffer signature;
2264 CKM_API_SUCCESS == (temp = manager->createSignature(
2267 CKM::RawBuffer(message.begin(), message.end()),
2271 "Error=" << CKM::ErrorToString(temp));
2274 CKM_API_SUCCESS == (temp = manager->verifySignature(
2277 CKM::RawBuffer(message.begin(), message.end()),
2281 "Error=" << CKM::ErrorToString(temp));
2283 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2285 memcpy((void*)signature.data(), "BROKEN", 6);
2288 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2291 CKM::RawBuffer(message.begin(), message.end()),
2295 "Error=" << CKM::ErrorToString(temp));
2298 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2301 auto manager = CKM::Manager::create();
2303 int msgSize = 1024*1024;
2304 char big_msg[msgSize];
2305 for(int i =0; i<msgSize-1; i++) {
2308 big_msg[msgSize-1]=0x00;
2309 std::string message(big_msg);
2311 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2312 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2313 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2314 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2315 CKM::RawBuffer signature;
2318 CKM_API_SUCCESS == (temp = manager->createSignature(
2321 CKM::RawBuffer(message.begin(), message.end()),
2325 "Error=" << CKM::ErrorToString(temp));
2329 RUNNER_TEST(T14189_deinit)
2331 remove_user_data(0);
2335 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2337 RUNNER_TEST(T1510_init_unlock_key)
2339 reset_user_data(USER_TEST, APP_PASS);
2342 RUNNER_TEST(T1511_insert_data)
2344 auto certee = TestData::getTestCertificate(TestData::MBANK);
2345 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2346 CKM::Alias certeeAlias("CertEE");
2347 CKM::Alias certimAlias("CertIM");
2349 ScopedAccessProvider ap("my-label");
2350 ap.allowAPI("key-manager::api-storage", "rw");
2351 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2352 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2354 auto manager = CKM::Manager::create();
2355 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
2356 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
2360 stop_service(MANAGER);
2361 start_service(MANAGER);
2365 ScopedAccessProvider ap("my-label");
2366 ap.allowAPI("key-manager::api-storage", "rw");
2367 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2368 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2370 auto manager = CKM::Manager::create();
2371 int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
2372 int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
2374 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2375 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2377 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2378 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2382 RUNNER_TEST(T1519_deinit)
2384 remove_user_data(USER_TEST);
2387 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2389 RUNNER_TEST(T1701_init_unlock_key)
2391 ScopedAccessProvider ap("t170-special-label");
2392 ap.allowAPI("key-manager::api-storage", "rw");
2393 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2395 unlock_user_data(USER_TEST+1, "t170-special-password");
2398 RUNNER_CHILD_TEST(T1702_insert_data)
2401 ScopedAccessProvider ap("t170-special-label");
2402 ap.allowAPI("key-manager::api-storage", "rw");
2403 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2405 auto certee = TestData::getTestCertificate(TestData::MBANK);
2407 auto manager = CKM::Manager::create();
2408 size_t current_aliases_num = count_aliases(ALIAS_CERT);
2409 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2412 CKM_API_SUCCESS == status1,
2413 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2415 CKM::AliasVector av;
2417 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2418 "Error=" << CKM::ErrorToString(temp));
2420 (current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
2421 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
2424 RUNNER_TEST(T1703_removeApplicationData)
2427 auto control = CKM::Control::create();
2429 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2430 "Error=" << CKM::ErrorToString(tmp));
2433 RUNNER_CHILD_TEST(T1704_data_test)
2436 ScopedAccessProvider ap("t170-special-label");
2437 ap.allowAPI("key-manager::api-storage", "rw");
2438 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2440 CKM::AliasVector av;
2441 auto manager = CKM::Manager::create();
2444 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2445 "Error=" << CKM::ErrorToString(temp));
2447 0 == (temp = av.size()),
2448 "Vector size: " << temp << ". Expected: 0");
2451 RUNNER_TEST(T1705_deinit)
2453 remove_user_data(USER_TEST+1);
2456 RUNNER_TEST(T17101_init)
2460 auto control = CKM::Control::create();
2462 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2463 "Error=" << CKM::ErrorToString(tmp));
2465 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2466 "Error=" << CKM::ErrorToString(tmp));
2468 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2469 "Error=" << CKM::ErrorToString(tmp));
2472 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2473 "Error=" << CKM::ErrorToString(tmp));
2475 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2476 "Error=" << CKM::ErrorToString(tmp));
2478 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2479 "Error=" << CKM::ErrorToString(tmp));
2482 RUNNER_CHILD_TEST(T17102_prep_data_01)
2485 ScopedAccessProvider ap("t1706-special-label");
2486 ap.allowAPI("key-manager::api-storage", "rw");
2487 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2489 CKM::AliasVector av;
2490 auto manager = CKM::Manager::create();
2492 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2494 CKM::RawBuffer buffer(data.begin(), data.end());
2495 CKM::Policy exportable(CKM::Password(), true);
2498 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2499 "Error=" << CKM::ErrorToString(temp));
2502 RUNNER_CHILD_TEST(T17103_prep_data_02)
2505 ScopedAccessProvider ap("t1706-special-label2");
2506 ap.allowAPI("key-manager::api-storage", "rw");
2507 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2509 CKM::AliasVector av;
2510 auto manager = CKM::Manager::create();
2512 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2514 CKM::RawBuffer buffer(data.begin(), data.end());
2515 CKM::Policy exportable(CKM::Password(), true);
2518 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2519 "Error=" << CKM::ErrorToString(temp));
2522 RUNNER_CHILD_TEST(T17104_prep_data_03)
2525 ScopedAccessProvider ap("t1706-special-label");
2526 ap.allowAPI("key-manager::api-storage", "rw");
2527 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2529 CKM::AliasVector av;
2530 auto manager = CKM::Manager::create();
2532 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2534 CKM::RawBuffer buffer(data.begin(), data.end());
2535 CKM::Policy exportable(CKM::Password(), true);
2538 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2539 "Error=" << CKM::ErrorToString(temp));
2542 RUNNER_CHILD_TEST(T17105_prep_data_04)
2545 ScopedAccessProvider ap("t1706-special-label2");
2546 ap.allowAPI("key-manager::api-storage", "rw");
2547 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2549 CKM::AliasVector av;
2550 auto manager = CKM::Manager::create();
2552 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2554 CKM::RawBuffer buffer(data.begin(), data.end());
2555 CKM::Policy exportable(CKM::Password(), true);
2558 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2559 "Error=" << CKM::ErrorToString(temp));
2562 RUNNER_TEST(T17106_remove_application)
2566 auto control = CKM::Control::create();
2568 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2569 "Error=" << CKM::ErrorToString(tmp));
2571 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
2572 "Error=" << CKM::ErrorToString(tmp));
2575 RUNNER_CHILD_TEST(T17107_check_data_01)
2578 ScopedAccessProvider ap("t1706-special-label");
2579 ap.allowAPI("key-manager::api-storage", "rw");
2580 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2582 CKM::AliasVector av;
2583 auto manager = CKM::Manager::create();
2586 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2587 "Error=" << CKM::ErrorToString(temp));
2589 0 == (temp = av.size()),
2590 "Vector size: " << temp << ". Expected: 0");
2593 RUNNER_CHILD_TEST(T17108_check_data_02)
2596 ScopedAccessProvider ap("t1706-special-label2");
2597 ap.allowAPI("key-manager::api-storage", "rw");
2598 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2600 CKM::AliasVector av;
2601 auto manager = CKM::Manager::create();
2604 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2605 "Error=" << CKM::ErrorToString(temp));
2607 1 == (temp = av.size()),
2608 "Vector size: " << temp << ". Expected: 1");
2611 RUNNER_TEST(T17109_unlock_user2)
2615 auto control = CKM::Control::create();
2617 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2618 "Error=" << CKM::ErrorToString(tmp));
2621 RUNNER_CHILD_TEST(T17110_check_data_03)
2624 ScopedAccessProvider ap("t1706-special-label");
2625 ap.allowAPI("key-manager::api-storage", "rw");
2626 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2628 CKM::AliasVector av;
2629 auto manager = CKM::Manager::create();
2632 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2633 "Error=" << CKM::ErrorToString(temp));
2635 0 == (temp = av.size()),
2636 "Vector size: " << temp << ". Expected: 0");
2639 RUNNER_CHILD_TEST(T17111_check_data_04)
2642 ScopedAccessProvider ap("t1706-special-label2");
2643 ap.allowAPI("key-manager::api-storage", "rw");
2644 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2646 CKM::AliasVector av;
2647 auto manager = CKM::Manager::create();
2650 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2651 "Error=" << CKM::ErrorToString(temp));
2653 1 == (temp = av.size()),
2654 "Vector size: " << temp << ". Expected: 1");
2657 RUNNER_TEST(T17112_deinit)
2659 remove_user_data(USER_TEST+2);
2660 remove_user_data(USER_TEST+3);
2663 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2667 CKM::Alias alias_PKCS_collision = sharedDatabase("test-PKCS-collision");
2668 CKM::Alias alias_PKCS_exportable = sharedDatabase("test-PKCS-export");
2669 CKM::Alias alias_PKCS_not_exportable = sharedDatabase("test-PKCS-no-export");
2670 CKM::Alias alias_PKCS_priv_key_copy = sharedDatabase("test-PKCS-private-key-copy");
2671 CKM::Alias alias_PKCS_priv_key_wrong = sharedDatabase("test-PKCS-private-key-wrong");
2674 RUNNER_TEST(T1800_init)
2676 remove_user_data(0);
2679 RUNNER_TEST(T1801_parse_PKCS12) {
2680 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2681 std::istreambuf_iterator<char> begin(is), end;
2682 std::vector<char> buff(begin, end);
2684 CKM::RawBuffer buffer(buff.size());
2685 memcpy(buffer.data(), buff.data(), buff.size());
2687 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2690 "Error in PKCS12::create()");
2692 auto cert = pkcs->getCertificate();
2695 "Error in PKCS12::getCertificate()");
2697 auto key = pkcs->getKey();
2700 "Error in PKCS12::getKey()");
2702 auto caVector = pkcs->getCaCertificateShPtrVector();
2704 0 == caVector.size(),
2705 "Wrong size of vector");
2708 RUNNER_TEST(T1802_negative_wrong_password) {
2709 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2710 std::istreambuf_iterator<char> begin(is), end;
2711 std::vector<char> buff(begin, end);
2713 CKM::RawBuffer buffer(buff.size());
2714 memcpy(buffer.data(), buff.data(), buff.size());
2716 auto pkcs = CKM::PKCS12::create(buffer, "error");
2719 "Expected error in PKCS12::create()");
2722 RUNNER_TEST(T1803_negative_broken_buffer) {
2723 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2724 std::istreambuf_iterator<char> begin(is), end;
2725 std::vector<char> buff(begin, end);
2727 CKM::RawBuffer buffer(buff.size());
2728 memcpy(buffer.data(), buff.data(), buff.size());
2730 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2733 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2736 "Expected error in PKCS12::create()");
2739 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2741 auto manager = CKM::Manager::create();
2742 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2743 std::istreambuf_iterator<char> begin(is), end;
2744 std::vector<char> buff(begin, end);
2746 CKM::RawBuffer buffer(buff.size());
2747 memcpy(buffer.data(), buff.data(), buff.size());
2749 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2752 "Error in PKCS12::create()");
2755 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2756 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2757 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2758 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2759 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2760 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2761 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2762 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2763 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2764 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2765 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2766 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2767 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2768 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2769 "-----END RSA PRIVATE KEY-----\n";
2771 std::string message = "message test";
2773 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2774 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2775 "Key is empty. Failed to import private key.");
2779 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2780 "Error=" << CKM::ErrorToString(temp));
2783 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2784 "Error=" << CKM::ErrorToString(temp));
2787 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2789 auto manager = CKM::Manager::create();
2790 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2791 std::istreambuf_iterator<char> begin(is), end;
2792 std::vector<char> buff(begin, end);
2794 CKM::RawBuffer buffer(buff.size());
2795 memcpy(buffer.data(), buff.data(), buff.size());
2797 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2800 "Error in PKCS12::create()");
2802 auto cert = pkcs->getCertificate();
2805 "Error in PKCS12::getCertificate()");
2807 auto key = pkcs->getKey();
2810 "Error in PKCS12::getKey()");
2812 auto caVector = pkcs->getCaCertificateShPtrVector();
2814 2 == caVector.size(),
2815 "Wrong size of vector");
2819 CKM::Policy exportable;
2820 CKM::Policy notExportable(CKM::Password(), false);
2823 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2824 "Error=" << CKM::ErrorToString(tmp));
2826 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2827 "Error=" << CKM::ErrorToString(tmp));
2829 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2830 "Error=" << CKM::ErrorToString(tmp));
2832 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2833 "Error=" << CKM::ErrorToString(tmp));
2835 // try to lookup key
2836 CKM::KeyShPtr key_lookup;
2838 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2839 "Error=" << CKM::ErrorToString(tmp));
2841 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2842 "Error=" << CKM::ErrorToString(tmp));
2844 // try to lookup certificate
2845 CKM::CertificateShPtr cert_lookup;
2847 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2848 "Error=" << CKM::ErrorToString(tmp));
2850 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2851 "Error=" << CKM::ErrorToString(tmp));
2854 RUNNER_TEST(T1806_get_PKCS)
2857 auto manager = CKM::Manager::create();
2859 CKM::PKCS12ShPtr pkcs;
2863 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12(sharedDatabase("i-do-not-exist").c_str(), pkcs)),
2864 "Error=" << CKM::ErrorToString(temp));
2866 // fail - not exportable
2868 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2869 "Error=" << CKM::ErrorToString(temp));
2871 // success - exportable
2873 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2874 "Error=" << CKM::ErrorToString(temp));
2876 auto cert = pkcs->getCertificate();
2879 "Error in PKCS12::getCertificate()");
2881 auto key = pkcs->getKey();
2884 "Error in PKCS12::getKey()");
2886 auto caVector = pkcs->getCaCertificateShPtrVector();
2888 2 == caVector.size(),
2889 "Wrong size of vector");
2892 RUNNER_TEST(T1807_create_and_verify_signature)
2895 auto manager = CKM::Manager::create();
2897 std::string message = "message test";
2899 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2900 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2901 CKM::RawBuffer signature;
2904 CKM_API_SUCCESS == (temp = manager->createSignature(
2905 alias_PKCS_exportable,
2907 CKM::RawBuffer(message.begin(), message.end()),
2911 "Error=" << CKM::ErrorToString(temp));
2914 CKM_API_SUCCESS == (temp = manager->verifySignature(
2915 alias_PKCS_exportable,
2917 CKM::RawBuffer(message.begin(), message.end()),
2921 "Error=" << CKM::ErrorToString(temp));
2924 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2927 auto manager = CKM::Manager::create();
2929 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2930 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2931 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2932 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2933 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2934 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2935 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2936 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2937 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2938 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2939 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2940 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2941 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2942 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2943 "-----END RSA PRIVATE KEY-----";
2944 std::string message = "message test";
2946 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2947 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2948 "Key is empty. Failed to import private key.");
2951 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2952 "Error=" << CKM::ErrorToString(temp));
2954 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2955 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2956 CKM::RawBuffer signature;
2959 CKM_API_SUCCESS == (temp = manager->createSignature(
2960 alias_PKCS_priv_key_copy,
2962 CKM::RawBuffer(message.begin(), message.end()),
2966 "Error=" << CKM::ErrorToString(temp));
2969 CKM_API_SUCCESS == (temp = manager->verifySignature(
2970 alias_PKCS_exportable,
2972 CKM::RawBuffer(message.begin(), message.end()),
2976 "Error=" << CKM::ErrorToString(temp));
2979 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2982 auto manager = CKM::Manager::create();
2984 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2985 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2986 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2987 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2988 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2989 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2990 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2991 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2992 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2993 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2994 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2995 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2996 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2997 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2998 "-----END RSA PRIVATE KEY-----\n";
3000 std::string message = "message test";
3002 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3003 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3004 "Key is empty. Failed to import private key.");
3007 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3008 "Error=" << CKM::ErrorToString(temp));
3010 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3011 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3012 CKM::RawBuffer signature;
3015 CKM_API_SUCCESS == (temp = manager->createSignature(
3016 alias_PKCS_priv_key_wrong,
3018 CKM::RawBuffer(message.begin(), message.end()),
3022 "Error=" << CKM::ErrorToString(temp));
3025 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3026 alias_PKCS_exportable,
3028 CKM::RawBuffer(message.begin(), message.end()),
3032 "Error=" << CKM::ErrorToString(temp));
3035 RUNNER_TEST(T1810_verify_get_certificate_chain)
3037 // this certificate has been signed using PKCS chain
3038 std::string im = "-----BEGIN CERTIFICATE-----\n"
3039 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3040 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3041 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3042 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3043 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3044 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3045 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3046 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3047 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3049 "-----END CERTIFICATE-----\n";
3051 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3052 CKM::CertificateShPtrVector certChain;
3053 CKM::AliasVector aliasVector;
3056 auto manager = CKM::Manager::create();
3058 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3060 tmp = manager->getCertificateChain(cert,
3065 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3066 "Error=" << CKM::ErrorToString(tmp));
3069 0 == certChain.size(),
3070 "Wrong size of certificate chain.");
3072 aliasVector.push_back(alias_PKCS_exportable);
3074 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3075 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3077 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3079 4 == certChain.size(),
3080 "Wrong size of certificate chain: " << certChain.size());
3083 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3085 auto manager = CKM::Manager::create();
3089 // remove the whole PKCS12 bundles
3091 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3092 "Error=" << CKM::ErrorToString(tmp));
3094 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3095 "Error=" << CKM::ErrorToString(tmp));
3097 // expect lookup fails due to unknown alias
3098 // try to lookup key
3099 CKM::KeyShPtr key_lookup;
3101 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3102 "Error=" << CKM::ErrorToString(tmp));
3104 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3105 "Error=" << CKM::ErrorToString(tmp));
3107 // try to lookup certificate
3108 CKM::CertificateShPtr cert_lookup;
3110 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3111 "Error=" << CKM::ErrorToString(tmp));
3113 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3114 "Error=" << CKM::ErrorToString(tmp));
3117 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3119 CKM::Alias alias = sharedDatabase("t1812alias1");
3121 auto manager = CKM::Manager::create();
3122 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3123 std::istreambuf_iterator<char> begin(is), end;
3124 std::vector<char> buff(begin, end);
3126 CKM::PKCS12ShPtr pkcs12;
3127 CKM::Password pass1 = "easypass1";
3128 CKM::Password pass2 = "easypass2";
3130 CKM::RawBuffer buffer(buff.size());
3131 memcpy(buffer.data(), buff.data(), buff.size());
3133 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3136 "Error in PKCS12::create()");
3140 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3141 "Error=" << CKM::ErrorToString(temp));
3144 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3145 "Error=" << CKM::ErrorToString(temp));
3148 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3149 "Error=" << CKM::ErrorToString(temp));
3152 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3153 "Error=" << CKM::ErrorToString(temp));
3156 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3157 "Error=" << CKM::ErrorToString(temp));
3160 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3161 "Error=" << CKM::ErrorToString(temp));
3163 CKM::CertificateShPtr cert;
3165 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3166 "Error=" << CKM::ErrorToString(temp));
3168 CKM::CertificateShPtrVector certChain;
3169 CKM::AliasVector certVect;
3170 certVect.push_back(alias);
3173 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3174 "Error=" << CKM::ErrorToString(temp));
3177 RUNNER_TEST(T1813_deinit)
3180 auto control = CKM::Control::create();
3183 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3184 "Error=" << CKM::ErrorToString(temp));
3187 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3189 const char * const T190_PASSWD = "t190-special-password";
3191 RUNNER_TEST(T1901_init_unlock_key)
3193 reset_user_data(USER_APP, T190_PASSWD);
3196 RUNNER_TEST(T1902_get_data)
3198 ScopedAccessProvider ap(TEST_LABEL);
3199 ap.allowAPI("key-manager::api-storage", "rw");
3200 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3201 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
3203 auto manager = CKM::Manager::create();
3206 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3209 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3210 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3213 RUNNER_TEST(T1903_lock_database)
3216 auto control = CKM::Control::create();
3218 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
3219 "Error=" << CKM::ErrorToString(tmp));
3222 RUNNER_TEST(T1904_get_data_from_locked_database)
3224 ScopedAccessProvider ap(TEST_LABEL);
3225 ap.allowAPI("key-manager::api-storage", "rw");
3226 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3228 auto manager = CKM::Manager::create();
3231 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3234 CKM_API_ERROR_DB_LOCKED == status1,
3235 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3238 RUNNER_TEST(T1905_deinit)
3240 remove_user_data(USER_APP);
3243 int main(int argc, char *argv[])
3245 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3246 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob