3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
23 const int USER_APP = 5000;
24 const int GROUP_APP = 5000;
26 const int USER_APP_2 = 5020;
27 const int USER_APP_3 = 5030;
29 const char * const APP_PASS = "user-pass";
30 const int USER_TEST = 5001;
31 const char* TEST_LABEL = "test_label";
33 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
34 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
35 } // namespace anonymous
38 * How to numerate tests:
40 * T - test case (always T)
41 * AB - number of test group (always two digits)
42 * C - test number in group (all tests with same TABC must be run in the same time).
46 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
47 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
48 stop_service(MANAGER);
49 start_service(MANAGER);
51 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
52 std::istreambuf_iterator<char> begin(is), end;
53 std::vector<char> buff(begin, end);
55 CKM::RawBuffer buffer(buff.size());
56 memcpy(buffer.data(), buff.data(), buff.size());
58 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
61 "Error in PKCS12::create()");
63 // all further tests will start with newly started service,
64 // OpenSSL on the service side will have to be properly initialized too
65 stop_service(MANAGER);
66 start_service(MANAGER);
69 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
71 RUNNER_TEST(T0011_Control)
74 auto control = CKM::Control::create();
76 control->removeUserData(0);
77 control->removeUserData(USER_APP_2);
78 control->removeUserData(USER_APP);
81 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
82 "Error=" << CKM::ErrorToString(temp));
85 RUNNER_TEST(T0012_Control)
88 auto control = CKM::Control::create();
90 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
91 "Error=" << CKM::ErrorToString(temp));
93 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
94 "Error=" << CKM::ErrorToString(temp));
97 RUNNER_TEST(T0013_Control)
100 auto control = CKM::Control::create();
102 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
103 "Error=" << CKM::ErrorToString(temp));
106 RUNNER_TEST(T0014_Control)
109 auto control = CKM::Control::create();
111 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
112 "Error=" << CKM::ErrorToString(temp));
115 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
116 "Error=" << CKM::ErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
120 "Error=" << CKM::ErrorToString(temp));
123 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
124 "Error=" << CKM::ErrorToString(temp));
127 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
128 "Error=" << CKM::ErrorToString(temp));
131 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
132 "Error=" << CKM::ErrorToString(temp));
135 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
136 "Error=" << CKM::ErrorToString(temp));
139 RUNNER_TEST(T0015_Control)
142 auto control = CKM::Control::create();
144 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
145 "Error=" << CKM::ErrorToString(temp));
147 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
148 "Error=" << CKM::ErrorToString(temp));
150 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
151 "Error=" << CKM::ErrorToString(temp));
153 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
154 "Error=" << CKM::ErrorToString(temp));
157 RUNNER_TEST(T0016_Control_negative_wrong_password)
160 auto control = CKM::Control::create();
162 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
163 "Error=" << CKM::ErrorToString(temp));
165 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
166 "Error=" << CKM::ErrorToString(temp));
168 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
169 "Error=" << CKM::ErrorToString(temp));
171 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
172 "Error=" << CKM::ErrorToString(temp));
174 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
175 "Error=" << CKM::ErrorToString(temp));
178 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
180 RUNNER_TEST(T1010_init)
182 unlock_user_data(USER_APP, "user-pass");
185 RUNNER_TEST(T1011_key)
188 auto manager = CKM::Manager::create();
190 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
191 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
192 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
193 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
194 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
195 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
196 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
198 "-----END PUBLIC KEY-----";
200 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
201 auto key = CKM::Key::create(buffer, CKM::Password());
203 CKM::Alias alias = sharedDatabase("mykey");
206 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
207 "Error=" << CKM::ErrorToString(temp));
209 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
210 "Error=" << CKM::ErrorToString(temp));
212 key->getDER() == key2->getDER(),
213 "Key value has been changed by service");
216 RUNNER_TEST(T1012_certificate)
219 auto manager = CKM::Manager::create();
221 auto cert = TestData::getTestCertificate(TestData::GIAG2);
222 CKM::CertificateShPtr cert2;
223 CKM::Alias alias = sharedDatabase("myCert");
226 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
227 "Error=" << CKM::ErrorToString(temp));
229 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
230 "Error=" << CKM::ErrorToString(temp));
232 cert->getDER() == cert2->getDER(),
233 "Data has been modified in key manager");
236 RUNNER_CHILD_TEST(T1013_user_app_save_key)
238 ScopedAccessProvider ap("mylabel");
239 ap.allowAPI("key-manager::api-storage", "rw");
240 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
242 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
243 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
244 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
245 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
246 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
247 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
248 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
250 "-----END PUBLIC KEY-----";
253 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
254 auto key = CKM::Key::create(buffer, CKM::Password());
256 CKM::Alias alias = "mykey";
257 auto manager = CKM::Manager::create();
260 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
261 "Error=" << CKM::ErrorToString(temp));
263 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
264 "Error=" << CKM::ErrorToString(temp));
266 key->getDER() == key2->getDER(), "Key value has been changed by service");
269 RUNNER_TEST(T1014_save_with_label)
271 ScopedAccessProvider ap("mylabel");
272 ap.allowAPI("key-manager::api-storage", "rw");
273 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
276 auto manager = CKM::Manager::create();
278 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
279 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
280 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
281 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
282 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
283 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
284 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
286 "-----END PUBLIC KEY-----";
288 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
289 auto key = CKM::Key::create(buffer, CKM::Password());
290 CKM::KeyShPtr key_name, key_full_addr;
291 CKM::Alias alias = "mykey-2";
292 CharPtr top_label = get_label();
293 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
296 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
297 "Error=" << CKM::ErrorToString(temp));
301 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
302 "Error=" << CKM::ErrorToString(temp));
304 key->getDER() == key_name->getDER(),
305 "Key value has been changed by service");
307 // lookup by full address
309 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
310 "Error=" << CKM::ErrorToString(temp));
312 key->getDER() == key_full_addr->getDER(),
313 "Key value has been changed by service");
316 RUNNER_TEST(T1015_deinit)
319 remove_user_data(USER_APP);
322 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
324 RUNNER_TEST(T1020_init)
327 auto control = CKM::Control::create();
329 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
330 "Error=" << CKM::ErrorToString(temp));
333 RUNNER_TEST(T1021_save_keys_get_alias)
336 auto manager = CKM::Manager::create();
338 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
339 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
340 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
341 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
342 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
343 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
344 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
346 "-----END PUBLIC KEY-----";
348 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
349 auto key = CKM::Key::create(buffer, CKM::Password());
350 CKM::AliasVector labelAliasVector;
352 size_t current_aliases_num = count_aliases(ALIAS_KEY);
354 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey1").c_str(), key, CKM::Policy())),
355 "Error=" << CKM::ErrorToString(temp));
357 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey2").c_str(), key, CKM::Policy())),
358 "Error=" << CKM::ErrorToString(temp));
360 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey3").c_str(), key, CKM::Policy(CKM::Password(), false))),
361 "Error=" << CKM::ErrorToString(temp));
363 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
364 "Error=" << CKM::ErrorToString(temp));
366 labelAliasVector.size() == (current_aliases_num+3),
367 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
370 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
372 ScopedAccessProvider ap("mylabel");
373 ap.allowAPI("key-manager::api-storage", "rw");
374 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
377 auto manager = CKM::Manager::create();
379 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
380 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
381 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
382 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
383 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
384 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
385 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
387 "-----END PUBLIC KEY-----";
389 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
390 auto key = CKM::Key::create(buffer, CKM::Password());
391 CKM::AliasVector labelAliasVector;
393 size_t current_aliases_num = count_aliases(ALIAS_KEY);
395 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
396 "Error=" << CKM::ErrorToString(temp));
398 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
399 "Error=" << CKM::ErrorToString(temp));
401 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
402 "Error=" << CKM::ErrorToString(temp));
404 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
405 "Error=" << CKM::ErrorToString(temp));
407 labelAliasVector.size() == (current_aliases_num+3),
408 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
411 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
413 ScopedAccessProvider ap("mylabel");
414 ap.allowAPI("key-manager::api-storage", "rw");
415 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
418 auto manager = CKM::Manager::create();
420 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
421 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
422 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
423 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
424 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
425 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
426 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
428 "-----END PUBLIC KEY-----";
430 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
431 auto key = CKM::Key::create(buffer, CKM::Password());
432 CKM::AliasVector aliasVector;
433 CKM::Policy notExportable(CKM::Password(), false);
436 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
437 "Error=" << CKM::ErrorToString(temp));
439 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
440 "Error=" << CKM::ErrorToString(temp));
442 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
443 "Error=" << CKM::ErrorToString(temp));
446 RUNNER_TEST(T1029_deinit)
449 remove_user_data(USER_APP);
452 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
453 RUNNER_TEST(T1030_init)
456 reset_user_data(USER_APP, APP_PASS);
459 RUNNER_TEST(T1031_save_get_bin_data)
462 auto manager = CKM::Manager::create();
464 std::string binData1 = "My bin data1";
465 std::string binData2 = "My bin data2";
466 std::string binData3 = "My bin data3";
468 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
469 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
470 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
472 CKM::AliasVector labelAliasVector;
474 size_t current_aliases_num = count_aliases(ALIAS_DATA);
476 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data1").c_str(), buffer1, CKM::Policy())),
477 "Error=" << CKM::ErrorToString(temp));
479 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data2").c_str(), buffer2, CKM::Policy())),
480 "Error=" << CKM::ErrorToString(temp));
482 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data3").c_str(), buffer3, CKM::Policy(CKM::Password(), true))),
483 "Error=" << CKM::ErrorToString(temp));
485 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer3, CKM::Policy(CKM::Password(), false))),
486 "Error=" << CKM::ErrorToString(temp));
488 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
489 "Error=" << CKM::ErrorToString(temp));
491 labelAliasVector.size() == (current_aliases_num+3),
492 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
494 CKM::RawBuffer buffer;
496 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
497 "Error=" << CKM::ErrorToString(temp));
503 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password("Password"), buffer)),
504 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
507 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
509 ScopedAccessProvider ap("mylabel");
510 ap.allowAPI("key-manager::api-storage", "rw");
511 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
512 ScopedDBUnlock unlock(USER_APP, APP_PASS);
515 auto manager = CKM::Manager::create();
517 std::string binData = "My bin data";
519 CKM::RawBuffer buffer(binData.begin(), binData.end());
521 CKM::AliasVector labelAliasVector;
523 size_t current_aliases_num = count_aliases(ALIAS_DATA);
525 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
526 "Error=" << CKM::ErrorToString(temp));
528 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
529 "Error=" << CKM::ErrorToString(temp));
531 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
532 "Error=" << CKM::ErrorToString(temp));
534 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
535 "Error=" << CKM::ErrorToString(temp));
537 labelAliasVector.size() == (current_aliases_num+3),
538 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
541 RUNNER_TEST(T1033_remove_bin_data)
544 auto manager = CKM::Manager::create();
546 std::string binData2 = "My bin data2";
547 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
549 CKM::AliasVector labelAliasVector;
551 size_t current_aliases_num = count_aliases(ALIAS_DATA);
552 std::string invalid_address = sharedDatabase("i-do-not-exist");
554 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
555 "Error=" << CKM::ErrorToString(temp));
557 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data1").c_str())),
558 "Error=" << CKM::ErrorToString(temp));
560 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data3").c_str())),
561 "Error=" << CKM::ErrorToString(temp));
563 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
564 "Error=" << CKM::ErrorToString(temp));
566 labelAliasVector.size() == (current_aliases_num-2),
567 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
569 CKM::RawBuffer buffer;
571 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
572 "Error=" << CKM::ErrorToString(temp));
577 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(sharedDatabase("data3").c_str(), CKM::Password(), buffer)),
578 "Error=" << CKM::ErrorToString(temp));
581 RUNNER_TEST(T1034_app_remove_bin_data)
583 ScopedAccessProvider ap("mylabel");
584 ap.allowAPI("key-manager::api-storage", "rw");
585 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
586 ScopedDBUnlock unlock(USER_APP, APP_PASS);
589 auto manager = CKM::Manager::create();
591 std::string binData2 = "My bin data";
592 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
594 CKM::AliasVector labelAliasVector;
596 size_t current_aliases_num = count_aliases(ALIAS_DATA);
597 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
599 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
600 "Error=" << CKM::ErrorToString(temp));
602 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
603 "Error=" << CKM::ErrorToString(temp));
605 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
606 "Error=" << CKM::ErrorToString(temp));
608 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
609 "Error=" << CKM::ErrorToString(temp));
611 labelAliasVector.size() == (current_aliases_num-2),
612 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
614 CKM::RawBuffer buffer;
616 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
617 "Error=" << CKM::ErrorToString(temp));
622 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
623 "Error=" << CKM::ErrorToString(temp));
626 RUNNER_TEST(T1035_getData_wrong_password)
629 auto manager = CKM::Manager::create();
631 std::string binData1 = "My bin data4";
633 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
636 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer1, CKM::Policy("CorrectPassword"))),
637 "Error=" << CKM::ErrorToString(temp));
639 CKM::RawBuffer buffer;
641 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("CorrectPassword"), buffer)),
642 "Error=" << CKM::ErrorToString(temp));
648 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("WrongPassword"), buffer)),
649 "Error=" << CKM::ErrorToString(temp));
652 RUNNER_TEST(T1036_deinit)
655 remove_user_data(USER_APP);
658 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
660 RUNNER_TEST(T1040_init)
663 auto control = CKM::Control::create();
666 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
667 "Error=" << CKM::ErrorToString(temp));
670 RUNNER_CHILD_TEST(T1041_create_RSA_key)
673 auto manager = CKM::Manager::create();
676 ScopedAccessProvider ap("mylabel-rsa");
677 ap.allowAPI("key-manager::api-storage", "rw");
678 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
680 size_t current_aliases_num = count_aliases(ALIAS_KEY);
682 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
683 "Error=" << CKM::ErrorToString(temp));
685 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
686 "Error=" << CKM::ErrorToString(temp));
688 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
689 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
692 RUNNER_CHILD_TEST(T1042_create_RSA_key_foreign_label)
695 auto manager = CKM::Manager::create();
698 ScopedAccessProvider ap("mylabel-rsa");
699 ap.allowAPI("key-manager::api-storage", "rw");
700 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
703 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
704 "Error=" << CKM::ErrorToString(temp));
706 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
707 "Error=" << CKM::ErrorToString(temp));
710 RUNNER_CHILD_TEST(T1043_create_DSA_key)
713 auto manager = CKM::Manager::create();
716 ScopedAccessProvider ap("mylabel-dsa");
717 ap.allowAPI("key-manager::api-storage", "rw");
718 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
720 size_t current_aliases_num = count_aliases(ALIAS_KEY);
722 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
723 "Error=" << CKM::ErrorToString(temp));
725 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
726 "Error=" << CKM::ErrorToString(temp));
728 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
729 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
732 RUNNER_CHILD_TEST(T1044_create_AES_key)
735 auto manager = CKM::Manager::create();
738 AccessProvider ap("mylabel-aes");
739 ap.allowAPI("key-manager::api-storage", "rw");
740 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
742 int current_aliases_num = count_aliases(ALIAS_KEY);
744 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
745 "Error=" << CKM::ErrorToString(temp));
747 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
748 "Error=" << CKM::ErrorToString(temp));
750 (current_aliases_num+1) == (temp = av.size()),
751 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
754 RUNNER_TEST(T1049_deinit)
756 remove_user_data(USER_APP);
760 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
762 RUNNER_TEST(T1110_init)
764 unlock_user_data(USER_APP, "user-pass");
767 RUNNER_TEST(T1111_CreateKeyPairRSA)
770 auto manager = CKM::Manager::create();
771 CKM::Alias a1 = sharedDatabase("rsa-test-1");
772 CKM::Alias a2 = sharedDatabase("rsa-test-2");
776 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
777 "Error=" << CKM::ErrorToString(temp));
779 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
780 "Error=" << CKM::ErrorToString(temp));
783 RUNNER_TEST(T1112_CreateKeyPairDSA)
786 auto manager = CKM::Manager::create();
787 CKM::Alias a1 = sharedDatabase("dsa-test-1");
788 CKM::Alias a2 = sharedDatabase("dsa-test-2");
792 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
793 "Error=" << CKM::ErrorToString(temp));
795 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
796 "Error=" << CKM::ErrorToString(temp));
799 RUNNER_TEST(T1113_CreateKeyPairECDSA)
802 auto manager = CKM::Manager::create();
803 CKM::Alias a1 = sharedDatabase("ecdsa-test-1");
804 CKM::Alias a2 = sharedDatabase("ecdsa-test-2");
808 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
809 "Error=" << CKM::ErrorToString(temp));
812 RUNNER_TEST(T1114_deinit)
817 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
819 RUNNER_TEST(T12100_init)
821 reset_user_data(USER_APP, APP_PASS);
824 RUNNER_TEST(T12101_key_exist)
826 ScopedAccessProvider ap("mylabel");
827 ap.allowAPI("key-manager::api-storage", "rw");
828 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
829 ScopedDBUnlock unlock(USER_APP, APP_PASS);
832 auto manager = CKM::Manager::create();
834 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
835 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
836 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
837 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
838 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
839 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
840 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
842 "-----END PUBLIC KEY-----";
844 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
845 auto key = CKM::Key::create(buffer);
846 CKM::Alias alias = "rsa-alias-duplication";
849 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
850 "Error=" << CKM::ErrorToString(ret));
852 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
853 "Error=" << CKM::ErrorToString(ret));
857 * These test cases tests API when empty parameters are passed to functions
860 RUNNER_TEST(T12102_saveKey_empty_alias)
862 ScopedAccessProvider ap("mylabel");
863 ap.allowAPI("key-manager::api-storage", "rw");
864 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
865 ScopedDBUnlock unlock(USER_APP, APP_PASS);
867 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
868 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
869 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
870 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
871 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
872 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
873 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
874 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
876 "-----END PUBLIC KEY-----";
878 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
879 auto key = CKM::Key::create(buffer);
880 CKM::Alias alias; //alias is not initialized
883 auto manager = CKM::Manager::create();
885 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
886 "Error=" << CKM::ErrorToString(ret));
889 RUNNER_TEST(T12103_saveKey_foreign_label)
891 ScopedAccessProvider ap("mylabel");
892 ap.allowAPI("key-manager::api-storage", "rw");
893 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
894 ScopedDBUnlock unlock(USER_APP, APP_PASS);
896 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
897 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
898 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
899 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
900 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
901 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
902 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
904 "-----END PUBLIC KEY-----";
906 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
907 auto key = CKM::Key::create(buffer);
908 CKM::Alias alias = "iamsomebodyelse alias";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::ErrorToString(ret));
917 RUNNER_TEST(T12104_saveKey_empty_key)
919 ScopedAccessProvider ap("mylabel");
920 ap.allowAPI("key-manager::api-storage", "rw");
921 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
922 ScopedDBUnlock unlock(USER_APP, APP_PASS);
924 CKM::KeyShPtr key; //key is not initialized
925 CKM::Alias alias = "empty-key";
928 auto manager = CKM::Manager::create();
930 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
931 "Error=" << CKM::ErrorToString(ret));
934 RUNNER_TEST(T12105_saveCertificate_empty_alias)
936 ScopedAccessProvider ap("mylabel");
937 ap.allowAPI("key-manager::api-storage", "rw");
938 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
939 ScopedDBUnlock unlock(USER_APP, APP_PASS);
941 auto cert = TestData::getTestCertificate(TestData::GIAG2);
942 CKM::Alias alias; //alias is not initialized
945 auto manager = CKM::Manager::create();
947 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
948 "Error=" << CKM::ErrorToString(temp));
951 RUNNER_TEST(T12106_saveCertificate_foreign_label)
953 ScopedAccessProvider ap("mylabel");
954 ap.allowAPI("key-manager::api-storage", "rw");
955 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
956 ScopedDBUnlock unlock(USER_APP, APP_PASS);
958 auto cert = TestData::getTestCertificate(TestData::GIAG2);
959 CKM::Alias alias = "iamsomebodyelse alias";
962 auto manager = CKM::Manager::create();
964 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
965 "Error=" << CKM::ErrorToString(temp));
968 RUNNER_TEST(T12107_saveCertificate_empty_cert)
970 ScopedAccessProvider ap("mylabel");
971 ap.allowAPI("key-manager::api-storage", "rw");
972 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
973 ScopedDBUnlock unlock(USER_APP, APP_PASS);
975 CKM::CertificateShPtr cert; //cert is not initialized
976 CKM::Alias alias = "empty-cert";
979 auto manager = CKM::Manager::create();
981 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
982 "Error=" << CKM::ErrorToString(temp));
985 RUNNER_TEST(T12108_saveData_empty_alias)
987 ScopedAccessProvider ap("mylabel");
988 ap.allowAPI("key-manager::api-storage", "rw");
989 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
990 ScopedDBUnlock unlock(USER_APP, APP_PASS);
992 std::string testData = "test data test data test data";
993 CKM::RawBuffer buffer(testData.begin(), testData.end());
997 auto manager = CKM::Manager::create();
999 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1000 "Error=" << CKM::ErrorToString(temp));
1003 RUNNER_TEST(T12109_saveData_foreign_label)
1005 ScopedAccessProvider ap("mylabel");
1006 ap.allowAPI("key-manager::api-storage", "rw");
1007 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1008 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1010 std::string testData = "test data test data test data";
1011 CKM::RawBuffer buffer(testData.begin(), testData.end());
1012 CKM::Alias alias = "iamsomebodyelse alias";
1015 auto manager = CKM::Manager::create();
1017 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1018 "Error=" << CKM::ErrorToString(temp));
1021 RUNNER_TEST(T12110_saveData_empty_data)
1023 ScopedAccessProvider ap("mylabel");
1024 ap.allowAPI("key-manager::api-storage", "rw");
1025 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1026 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1028 CKM::RawBuffer buffer;
1029 CKM::Alias alias = "empty-data";
1032 auto manager = CKM::Manager::create();
1034 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1035 "Error=" << CKM::ErrorToString(temp));
1039 * These test cases tests API when trying to get data from not existing alias
1042 RUNNER_TEST(T12111_getKey_alias_not_exist)
1044 ScopedAccessProvider ap("mylabel");
1045 ap.allowAPI("key-manager::api-storage", "rw");
1046 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1047 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1050 CKM::Alias alias = "this-alias-not-exist";
1053 auto manager = CKM::Manager::create();
1055 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1056 "Error=" << CKM::ErrorToString(temp));
1059 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1061 ScopedAccessProvider ap("mylabel");
1062 ap.allowAPI("key-manager::api-storage", "rw");
1063 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1064 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1066 CKM::CertificateShPtr certificate;
1067 CKM::Alias alias = "this-alias-not-exist";
1070 auto manager = CKM::Manager::create();
1072 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1073 "Error=" << CKM::ErrorToString(temp));
1076 RUNNER_TEST(T12113_getData_alias_not_exist)
1078 ScopedAccessProvider ap("mylabel");
1079 ap.allowAPI("key-manager::api-storage", "rw");
1080 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1081 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1084 auto manager = CKM::Manager::create();
1085 CKM::RawBuffer buffer;
1086 CKM::Alias alias("some alias");
1088 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1089 "Error=" << CKM::ErrorToString(temp));
1093 * These test cases tests API when damaged keys are used
1095 RUNNER_TEST(T12114_RSA_key_damaged)
1097 ScopedAccessProvider ap("mylabel");
1098 ap.allowAPI("key-manager::api-storage", "rw");
1099 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1100 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1103 auto manager = CKM::Manager::create();
1105 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1106 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1107 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1108 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1109 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1110 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1111 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1113 "-----END PUBLIC KEY-----";
1115 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1116 auto key = CKM::Key::create(buffer);
1117 CKM::Alias alias = "damaged-rsa";
1120 NULL == key.get(), "Key is broken. It should be empty");
1123 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1124 "Error=" << CKM::ErrorToString(ret));
1127 RUNNER_TEST(T12115_RSA_key_too_short)
1129 ScopedAccessProvider ap("mylabel");
1130 ap.allowAPI("key-manager::api-storage", "rw");
1131 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1132 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1135 auto manager = CKM::Manager::create();
1137 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1138 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1139 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1140 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1141 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1142 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1143 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1145 "-----END PUBLIC KEY-----";
1147 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1148 auto key = CKM::Key::create(buffer);
1149 CKM::Alias alias = "short-rsa";
1152 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1153 "Error=" << CKM::ErrorToString(ret));
1156 RUNNER_TEST(T12116_DSA_key_too_short)
1158 ScopedAccessProvider ap("mylabel");
1159 ap.allowAPI("key-manager::api-storage", "rw");
1160 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1161 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1164 auto manager = CKM::Manager::create();
1166 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1167 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1168 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1169 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1170 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1171 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1172 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1173 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1174 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1175 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1176 "YMYCBhubtrVaLmc=\n"
1177 "-----END PUBLIC KEY-----";
1179 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1180 auto key = CKM::Key::create(buffer);
1181 CKM::Alias alias = "short-dsa";
1184 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1185 "Error=" << CKM::ErrorToString(ret));
1188 RUNNER_TEST(T12117_AES_key_too_short)
1191 auto manager = CKM::Manager::create();
1193 size_t key_size = (128-1);
1194 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1196 auto key = CKM::Key::create(key_AES);
1197 CKM::Alias alias = "short-AES";
1200 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1201 "Error=" << CKM::ErrorToString(ret));
1205 * These test cases tests CKM service if malicious data is provided over the socket.
1208 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1210 ScopedAccessProvider ap("mylabel");
1211 ap.allowAPI("key-manager::api-storage", "rw");
1212 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1213 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1216 auto manager = CKM::Manager::create();
1218 // fake the client - let the service detect the problem
1219 class WrongKeyImpl : public CKM::Key
1222 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1225 virtual bool empty() const {
1229 virtual CKM::KeyType getType() const {
1230 return CKM::KeyType::KEY_RSA_PUBLIC;
1232 virtual int getSize() const {
1235 virtual CKM::ElipticCurve getCurve() const {
1236 return CKM::ElipticCurve::prime192v1;
1238 virtual CKM::RawBuffer getDER() const {
1241 virtual ~WrongKeyImpl() {}
1243 CKM::RawBuffer & m_dummy;
1245 std::string dummyData = "my_cat_Berta\n";
1246 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1247 auto key = std::make_shared<WrongKeyImpl>(buffer);
1248 CKM::Alias alias = "damaged-rsa";
1251 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1252 "Error=" << CKM::ErrorToString(ret));
1255 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1257 ScopedAccessProvider ap("mylabel");
1258 ap.allowAPI("key-manager::api-storage", "rw");
1259 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1260 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1262 // fake the client - let the service detect the problem
1263 class WrongCertImpl : public CKM::Certificate
1266 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1267 m_x509 = X509_new();
1270 bool empty() const {
1274 virtual X509 *getX509() const {
1278 virtual CKM::RawBuffer getDER() const {
1282 virtual ~WrongCertImpl() {
1287 CKM::RawBuffer & m_dummy;
1289 std::string dummyData = "my_cat_Stefan\n";
1290 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1291 auto cert = std::make_shared<WrongCertImpl>(buffer);
1292 CKM::Alias alias = "damaged-cert";
1295 auto manager = CKM::Manager::create();
1297 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1298 "Error=" << CKM::ErrorToString(temp));
1301 RUNNER_TEST(T12120_deinit)
1303 remove_user_data(USER_APP);
1306 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1308 RUNNER_TEST(T1311_init)
1310 remove_user_data(0);
1311 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1312 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1314 ScopedLabel sl("System");
1315 struct hostent* he = gethostbyname("google.com");
1317 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1318 "is not woking on the device. OCSP tests requires network access!");
1321 RUNNER_TEST(T1312_get_chain)
1323 auto cert = TestData::getTestCertificate(TestData::MBANK);
1324 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1326 CKM::CertificateShPtrVector certVector = {cert1};
1327 CKM::CertificateShPtrVector certChain;
1330 auto manager = CKM::Manager::create();
1332 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1333 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1335 tmp = manager->getCertificateChain(cert,
1340 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1341 "Error=" << CKM::ErrorToString(tmp));
1344 0 == certChain.size(),
1345 "Wrong size of certificate chain.");
1347 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1348 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1351 3 == certChain.size(),
1352 "Wrong size of certificate chain.");
1355 RUNNER_TEST(T1313_get_chain_with_alias)
1357 auto cert = TestData::getTestCertificate(TestData::MBANK);
1358 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1360 CKM::CertificateShPtrVector certChain;
1361 CKM::AliasVector aliasVector;
1362 CKM::Alias alias = sharedDatabase("imcert");
1365 auto manager = CKM::Manager::create();
1367 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1368 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1370 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1371 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1372 "Error=" << CKM::ErrorToString(tmp));
1375 0 == certChain.size(),
1376 "Wrong size of certificate chain.");
1379 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1380 "Error=" << CKM::ErrorToString(tmp));
1382 aliasVector.push_back(alias);
1384 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1385 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1388 3 == certChain.size(),
1389 "Wrong size of certificate chain.");
1392 RUNNER_TEST(T1314_ocsp_check)
1394 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1396 auto cert = TestData::getTestCertificate(TestData::MBANK);
1397 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1398 CKM::CertificateShPtrVector certVector = {cert1};
1399 CKM::CertificateShPtrVector certChain;
1402 auto manager = CKM::Manager::create();
1404 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1405 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1407 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1408 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1409 "Error=" << CKM::ErrorToString(tmp));
1412 0 == certChain.size(),
1413 "Wrong size of certificate chain.");
1415 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1416 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1419 3 == certChain.size(),
1420 "Wrong size of certificate chain.");
1424 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1425 "Error=" << CKM::ErrorToString(tmp));
1427 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1430 RUNNER_TEST(T1315_deinit)
1432 remove_user_data(0);
1435 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1437 RUNNER_TEST(T1411_init)
1439 remove_user_data(0);
1442 RUNNER_TEST(T1412_RSA_key_create_verify)
1445 auto manager = CKM::Manager::create();
1447 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1448 "Proc-Type: 4,ENCRYPTED\n"
1449 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1451 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1452 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1453 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1454 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1455 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1456 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1457 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1458 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1459 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1460 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1461 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1462 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1463 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1464 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1465 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1466 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1467 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1468 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1469 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1470 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1471 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1472 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1473 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1474 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1475 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1476 "-----END RSA PRIVATE KEY-----\n";
1478 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1479 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1480 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1481 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1482 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1483 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1484 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1486 "-----END PUBLIC KEY-----\n";
1488 std::string message = "message test";
1490 CKM::Alias aliasPub = sharedDatabase("pub1");
1491 CKM::Alias aliasPrv = sharedDatabase("prv1");
1492 CKM::Password password = "1234";
1493 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1494 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1495 CKM::RawBuffer signature;
1497 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1498 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1500 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1501 "Key is empty. Failed to import public key.");
1502 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1503 "Key is empty. Failed to import private key.");
1506 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1507 "Error=" << CKM::ErrorToString(temp));
1509 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1510 "Error=" << CKM::ErrorToString(temp));
1513 CKM_API_SUCCESS == (temp = manager->createSignature(
1516 CKM::RawBuffer(message.begin(), message.end()),
1520 "Error=" << CKM::ErrorToString(temp));
1523 CKM_API_SUCCESS == (temp = manager->verifySignature(
1526 CKM::RawBuffer(message.begin(), message.end()),
1530 "Error=" << CKM::ErrorToString(temp));
1533 RUNNER_TEST(T1413_DSA_key_create_verify)
1536 auto manager = CKM::Manager::create();
1538 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1539 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1540 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1541 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1542 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1543 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1544 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1545 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1546 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1547 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1548 "u1roOuaPY+Hl19BlTE2qdw==\n"
1549 "-----END DSA PRIVATE KEY-----";
1551 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1552 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1553 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1554 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1555 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1556 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1557 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1558 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1559 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1560 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1561 "YMYCBhubtrVaLmc=\n"
1562 "-----END PUBLIC KEY-----";
1564 std::string message = "message test";
1566 CKM::Alias aliasPub = sharedDatabase("pub2");
1567 CKM::Alias aliasPrv = sharedDatabase("prv2");
1568 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1569 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1570 CKM::RawBuffer signature;
1572 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1573 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1575 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1576 "Key is empty. Failed to import public key.");
1577 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1578 "Key is empty. Failed to import private key.");
1581 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1582 "Error=" << CKM::ErrorToString(temp));
1584 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1585 "Error=" << CKM::ErrorToString(temp));
1588 CKM_API_SUCCESS == (temp = manager->createSignature(
1591 CKM::RawBuffer(message.begin(), message.end()),
1595 "Error=" << CKM::ErrorToString(temp));
1598 CKM_API_SUCCESS == (temp = manager->verifySignature(
1601 CKM::RawBuffer(message.begin(), message.end()),
1605 "Error=" << CKM::ErrorToString(temp));
1609 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1612 auto manager = CKM::Manager::create();
1614 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1615 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1616 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1617 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1618 "-----END EC PRIVATE KEY-----\n";
1620 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1621 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1622 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1623 "-----END PUBLIC KEY-----\n";
1625 std::string message = "message test";
1627 CKM::Alias aliasPub = sharedDatabase("ecpub2");
1628 CKM::Alias aliasPrv = sharedDatabase("ecprv2");
1629 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1630 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1631 CKM::RawBuffer signature;
1633 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1634 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1636 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1637 "Key is empty. Failed to import public key.");
1638 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1639 "Key is empty. Failed to import private key.");
1642 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1643 "Error=" << CKM::ErrorToString(temp));
1645 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1646 "Error=" << CKM::ErrorToString(temp));
1649 CKM_API_SUCCESS == (temp = manager->createSignature(
1652 CKM::RawBuffer(message.begin(), message.end()),
1656 "Error=" << CKM::ErrorToString(temp));
1659 CKM_API_SUCCESS == (temp = manager->verifySignature(
1662 CKM::RawBuffer(message.begin(), message.end()),
1666 "Error=" << CKM::ErrorToString(temp));
1668 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1670 memcpy((void*)signature.data(), "BROKEN", 6);
1673 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1676 CKM::RawBuffer(message.begin(), message.end()),
1680 "Error=" << CKM::ErrorToString(temp));
1683 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1686 auto manager = CKM::Manager::create();
1687 std::string message = "message asdfaslkdfjlksadjf test";
1689 CKM::Alias aliasPub = sharedDatabase("pub1");
1690 CKM::Alias aliasPrv = sharedDatabase("prv1");
1692 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1693 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1694 CKM::RawBuffer signature;
1697 CKM_API_SUCCESS == (temp = manager->createSignature(
1700 CKM::RawBuffer(message.begin(), message.end()),
1704 "Error=" << CKM::ErrorToString(temp));
1707 CKM_API_SUCCESS == (temp = manager->verifySignature(
1710 CKM::RawBuffer(message.begin(), message.end()),
1714 "Error=" << CKM::ErrorToString(temp));
1716 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1717 memcpy((void*)signature.data(), "BROKEN", 6);
1720 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1723 CKM::RawBuffer(message.begin(), message.end()),
1727 "Error=" << CKM::ErrorToString(temp));
1730 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1733 auto manager = CKM::Manager::create();
1734 std::string message = "message asdfaslkdfjlksadjf test";
1736 CKM::Alias aliasPub = sharedDatabase("pub2");
1737 CKM::Alias aliasPrv = sharedDatabase("prv2");
1739 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1740 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1741 CKM::RawBuffer signature;
1744 CKM_API_SUCCESS == (temp = manager->createSignature(
1747 CKM::RawBuffer(message.begin(), message.end()),
1751 "Error=" << CKM::ErrorToString(temp));
1754 CKM_API_SUCCESS == (temp = manager->verifySignature(
1757 CKM::RawBuffer(message.begin(), message.end()),
1761 "Error=" << CKM::ErrorToString(temp));
1763 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1764 memcpy((void*)signature.data(), "BROKEN", 6);
1767 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1770 CKM::RawBuffer(message.begin(), message.end()),
1774 "Error=" << CKM::ErrorToString(temp));
1777 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1780 auto manager = CKM::Manager::create();
1783 "-----BEGIN RSA PRIVATE KEY-----\n"
1784 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1785 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1786 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1787 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1788 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1789 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1790 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1791 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1792 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1793 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1794 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1795 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1796 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1797 "-----END RSA PRIVATE KEY-----\n";
1800 "-----BEGIN CERTIFICATE-----\n"
1801 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1802 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1803 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1804 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1805 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1806 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1807 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1808 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1809 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1810 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1811 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1812 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1813 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1814 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1815 "-----END CERTIFICATE-----\n";
1817 std::string message = "message test";
1819 CKM::Alias aliasPub = sharedDatabase("pub1-cert");
1820 CKM::Alias aliasPrv = sharedDatabase("prv1-cert");
1821 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1822 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1823 CKM::RawBuffer signature;
1825 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1826 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1828 RUNNER_ASSERT_MSG(NULL != cert.get(),
1829 "Key is empty. Failed to import public key.");
1830 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1831 "Key is empty. Failed to import private key.");
1834 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1835 "Error=" << CKM::ErrorToString(temp));
1837 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1838 "Error=" << CKM::ErrorToString(temp));
1841 CKM_API_SUCCESS == (temp = manager->createSignature(
1844 CKM::RawBuffer(message.begin(), message.end()),
1848 "Error=" << CKM::ErrorToString(temp));
1851 CKM_API_SUCCESS == (temp = manager->verifySignature(
1854 CKM::RawBuffer(message.begin(), message.end()),
1858 "Error=" << CKM::ErrorToString(temp));
1860 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1862 memcpy((void*)signature.data(), "BROKEN", 6);
1865 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1868 CKM::RawBuffer(message.begin(), message.end()),
1872 "Error=" << CKM::ErrorToString(temp));
1875 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1878 auto manager = CKM::Manager::create();
1880 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1881 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1882 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1883 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1884 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1885 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1886 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1887 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1888 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1889 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1890 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1891 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1892 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1893 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1894 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1895 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1896 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1897 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1898 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1899 "-----END CERTIFICATE-----\n";
1901 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1902 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1903 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1904 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1905 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1906 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1907 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1908 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1909 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1910 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1911 "vonbjii3BYe4AIdkzOvp\n"
1912 "-----END DSA PRIVATE KEY-----\n";
1914 std::string message = "message test";
1916 CKM::Alias aliasPub = sharedDatabase("pub2-cert");
1917 CKM::Alias aliasPrv = sharedDatabase("prv2-cert");
1918 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1919 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1920 CKM::RawBuffer signature;
1922 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1923 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1925 RUNNER_ASSERT_MSG(NULL != cert.get(),
1926 "Key is empty. Failed to import public key.");
1927 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1928 "Key is empty. Failed to import private key.");
1931 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1932 "Error=" << CKM::ErrorToString(temp));
1934 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1935 "Error=" << CKM::ErrorToString(temp));
1938 CKM_API_SUCCESS == (temp = manager->createSignature(
1941 CKM::RawBuffer(message.begin(), message.end()),
1945 "Error=" << CKM::ErrorToString(temp));
1948 CKM_API_SUCCESS == (temp = manager->verifySignature(
1951 CKM::RawBuffer(message.begin(), message.end()),
1955 "Error=" << CKM::ErrorToString(temp));
1957 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1959 memcpy((void*)signature.data(), "BROKEN", 6);
1962 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1965 CKM::RawBuffer(message.begin(), message.end()),
1969 "Error=" << CKM::ErrorToString(temp));
1972 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
1975 auto manager = CKM::Manager::create();
1978 "-----BEGIN EC PRIVATE KEY-----\n"
1979 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1980 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1981 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1982 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1983 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1984 "ELyhe7yPCAuOoLZlTLgf\n"
1985 "-----END EC PRIVATE KEY-----\n";
1988 "-----BEGIN CERTIFICATE-----\n"
1989 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1990 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1991 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1992 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1993 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1994 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1995 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1996 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1997 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1998 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1999 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2000 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2001 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2002 "Q1oBry6NEc+lLFmWMDesAA==\n"
2003 "-----END CERTIFICATE-----\n";
2005 std::string message = "message test";
2007 CKM::Alias aliasPub = sharedDatabase("pub3");
2008 CKM::Alias aliasPrv = sharedDatabase("prv3");
2009 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2010 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2011 CKM::RawBuffer signature;
2013 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2014 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2016 RUNNER_ASSERT_MSG(NULL != cert.get(),
2017 "Key is empty. Failed to import public key.");
2018 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2019 "Key is empty. Failed to import private key.");
2022 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2023 "Error=" << CKM::ErrorToString(temp));
2025 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2026 "Error=" << CKM::ErrorToString(temp));
2029 CKM_API_SUCCESS == (temp = manager->createSignature(
2032 CKM::RawBuffer(message.begin(), message.end()),
2036 "Error=" << CKM::ErrorToString(temp));
2039 CKM_API_SUCCESS == (temp = manager->verifySignature(
2042 CKM::RawBuffer(message.begin(), message.end()),
2046 "Error=" << CKM::ErrorToString(temp));
2048 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2050 memcpy((void*)signature.data(), "BROKEN", 6);
2053 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2056 CKM::RawBuffer(message.begin(), message.end()),
2060 "Error=" << CKM::ErrorToString(temp));
2063 RUNNER_TEST(T1420_deinit)
2065 remove_user_data(0);
2068 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2070 RUNNER_TEST(T14180_init)
2073 remove_user_data(0);
2075 auto manager = CKM::Manager::create();
2077 // Prepare RSA Key Pair
2078 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2079 "Proc-Type: 4,ENCRYPTED\n"
2080 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2082 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2083 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2084 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2085 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2086 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2087 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2088 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2089 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2090 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2091 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2092 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2093 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2094 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2095 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2096 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2097 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2098 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2099 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2100 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2101 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2102 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2103 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2104 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2105 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2106 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2107 "-----END RSA PRIVATE KEY-----\n";
2109 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2110 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2111 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2112 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2113 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2114 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2115 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2117 "-----END PUBLIC KEY-----\n";
2119 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2120 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2121 CKM::Password password = "1234";
2123 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2124 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2126 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2127 "Key is empty. Failed to import public key.");
2128 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2129 "Key is empty. Failed to import private key.");
2132 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2133 "Error=" << CKM::ErrorToString(temp));
2135 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2136 "Error=" << CKM::ErrorToString(temp));
2138 // Prepare ECDSA Key Pair
2139 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2140 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2141 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2142 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2143 "-----END EC PRIVATE KEY-----\n";
2145 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2146 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2147 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2148 "-----END PUBLIC KEY-----\n";
2150 CKM::Alias aliasEcPub = sharedDatabase("ecpub_nohash1");
2151 CKM::Alias aliasEcPrv = sharedDatabase("ecprv_nohash1");
2153 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2154 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2156 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2157 "Key is empty. Failed to import public key.");
2158 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2159 "Key is empty. Failed to import private key.");
2162 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2163 "Error=" << CKM::ErrorToString(temp));
2165 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2166 "Error=" << CKM::ErrorToString(temp));
2170 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2173 auto manager = CKM::Manager::create();
2174 std::string message = "message asdfaslkdfjlksadjf test";
2176 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2177 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2179 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2180 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2181 CKM::RawBuffer signature;
2184 CKM_API_SUCCESS == (temp = manager->createSignature(
2187 CKM::RawBuffer(message.begin(), message.end()),
2191 "Error=" << CKM::ErrorToString(temp));
2194 CKM_API_SUCCESS == (temp = manager->verifySignature(
2197 CKM::RawBuffer(message.begin(), message.end()),
2201 "Error=" << CKM::ErrorToString(temp));
2203 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2204 memcpy((void*)signature.data(), "BROKEN", 6);
2207 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2210 CKM::RawBuffer(message.begin(), message.end()),
2214 "Error=" << CKM::ErrorToString(temp));
2217 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2220 auto manager = CKM::Manager::create();
2221 std::string message = "message asdfaslkdfjlksadjf test";
2223 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2224 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2226 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2227 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2228 CKM::RawBuffer signature;
2231 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2234 CKM::RawBuffer(message.begin(), message.end()),
2238 "Error=" << CKM::ErrorToString(temp));
2241 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2244 auto manager = CKM::Manager::create();
2245 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2246 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2247 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2248 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2249 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2250 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2251 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2252 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2253 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2254 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2255 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2256 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2257 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2258 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2259 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2260 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2261 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2262 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2263 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2264 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2266 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2267 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2269 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2270 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2271 CKM::RawBuffer signature;
2274 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2277 CKM::RawBuffer(message.begin(), message.end()),
2281 "Error=" << CKM::ErrorToString(temp));
2285 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2288 auto manager = CKM::Manager::create();
2290 std::string message = "message test";
2292 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2293 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2294 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2295 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2296 CKM::RawBuffer signature;
2299 CKM_API_SUCCESS == (temp = manager->createSignature(
2302 CKM::RawBuffer(message.begin(), message.end()),
2306 "Error=" << CKM::ErrorToString(temp));
2309 CKM_API_SUCCESS == (temp = manager->verifySignature(
2312 CKM::RawBuffer(message.begin(), message.end()),
2316 "Error=" << CKM::ErrorToString(temp));
2318 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2320 memcpy((void*)signature.data(), "BROKEN", 6);
2323 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2326 CKM::RawBuffer(message.begin(), message.end()),
2330 "Error=" << CKM::ErrorToString(temp));
2333 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2336 auto manager = CKM::Manager::create();
2338 int msgSize = 1024*1024;
2339 char big_msg[msgSize];
2340 for(int i =0; i<msgSize-1; i++) {
2343 big_msg[msgSize-1]=0x00;
2344 std::string message(big_msg);
2346 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2347 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2348 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2349 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2350 CKM::RawBuffer signature;
2353 CKM_API_SUCCESS == (temp = manager->createSignature(
2356 CKM::RawBuffer(message.begin(), message.end()),
2360 "Error=" << CKM::ErrorToString(temp));
2364 RUNNER_TEST(T14189_deinit)
2366 remove_user_data(0);
2370 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2372 RUNNER_TEST(T1510_init_unlock_key)
2374 reset_user_data(USER_TEST, APP_PASS);
2377 RUNNER_TEST(T1511_insert_data)
2379 auto certee = TestData::getTestCertificate(TestData::MBANK);
2380 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2381 CKM::Alias certeeAlias("CertEE");
2382 CKM::Alias certimAlias("CertIM");
2384 ScopedAccessProvider ap("my-label");
2385 ap.allowAPI("key-manager::api-storage", "rw");
2386 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2387 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2389 auto manager = CKM::Manager::create();
2390 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
2391 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
2395 stop_service(MANAGER);
2396 start_service(MANAGER);
2400 ScopedAccessProvider ap("my-label");
2401 ap.allowAPI("key-manager::api-storage", "rw");
2402 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2403 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2405 auto manager = CKM::Manager::create();
2406 int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
2407 int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
2409 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2410 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2412 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2413 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2417 RUNNER_TEST(T1519_deinit)
2419 remove_user_data(USER_TEST);
2422 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2424 RUNNER_TEST(T1701_init_unlock_key)
2426 ScopedAccessProvider ap("t170-special-label");
2427 ap.allowAPI("key-manager::api-storage", "rw");
2428 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2430 unlock_user_data(USER_TEST+1, "t170-special-password");
2433 RUNNER_CHILD_TEST(T1702_insert_data)
2436 ScopedAccessProvider ap("t170-special-label");
2437 ap.allowAPI("key-manager::api-storage", "rw");
2438 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2440 auto certee = TestData::getTestCertificate(TestData::MBANK);
2442 auto manager = CKM::Manager::create();
2443 size_t current_aliases_num = count_aliases(ALIAS_CERT);
2444 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2447 CKM_API_SUCCESS == status1,
2448 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2450 CKM::AliasVector av;
2452 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2453 "Error=" << CKM::ErrorToString(temp));
2455 (current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
2456 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
2459 RUNNER_TEST(T1703_removeApplicationData)
2462 auto control = CKM::Control::create();
2464 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2465 "Error=" << CKM::ErrorToString(tmp));
2468 RUNNER_CHILD_TEST(T1704_data_test)
2471 ScopedAccessProvider ap("t170-special-label");
2472 ap.allowAPI("key-manager::api-storage", "rw");
2473 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2475 CKM::AliasVector av;
2476 auto manager = CKM::Manager::create();
2479 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2480 "Error=" << CKM::ErrorToString(temp));
2482 0 == (temp = av.size()),
2483 "Vector size: " << temp << ". Expected: 0");
2486 RUNNER_TEST(T1705_deinit)
2488 remove_user_data(USER_TEST+1);
2491 RUNNER_TEST(T17101_init)
2495 auto control = CKM::Control::create();
2497 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2498 "Error=" << CKM::ErrorToString(tmp));
2500 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2501 "Error=" << CKM::ErrorToString(tmp));
2503 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2504 "Error=" << CKM::ErrorToString(tmp));
2507 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2508 "Error=" << CKM::ErrorToString(tmp));
2510 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2511 "Error=" << CKM::ErrorToString(tmp));
2513 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2514 "Error=" << CKM::ErrorToString(tmp));
2517 RUNNER_CHILD_TEST(T17102_prep_data_01)
2520 ScopedAccessProvider ap("t1706-special-label");
2521 ap.allowAPI("key-manager::api-storage", "rw");
2522 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2524 CKM::AliasVector av;
2525 auto manager = CKM::Manager::create();
2527 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2529 CKM::RawBuffer buffer(data.begin(), data.end());
2530 CKM::Policy exportable(CKM::Password(), true);
2533 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2534 "Error=" << CKM::ErrorToString(temp));
2537 RUNNER_CHILD_TEST(T17103_prep_data_02)
2540 ScopedAccessProvider ap("t1706-special-label2");
2541 ap.allowAPI("key-manager::api-storage", "rw");
2542 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2544 CKM::AliasVector av;
2545 auto manager = CKM::Manager::create();
2547 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2549 CKM::RawBuffer buffer(data.begin(), data.end());
2550 CKM::Policy exportable(CKM::Password(), true);
2553 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2554 "Error=" << CKM::ErrorToString(temp));
2557 RUNNER_CHILD_TEST(T17104_prep_data_03)
2560 ScopedAccessProvider ap("t1706-special-label");
2561 ap.allowAPI("key-manager::api-storage", "rw");
2562 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2564 CKM::AliasVector av;
2565 auto manager = CKM::Manager::create();
2567 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2569 CKM::RawBuffer buffer(data.begin(), data.end());
2570 CKM::Policy exportable(CKM::Password(), true);
2573 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2574 "Error=" << CKM::ErrorToString(temp));
2577 RUNNER_CHILD_TEST(T17105_prep_data_04)
2580 ScopedAccessProvider ap("t1706-special-label2");
2581 ap.allowAPI("key-manager::api-storage", "rw");
2582 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2584 CKM::AliasVector av;
2585 auto manager = CKM::Manager::create();
2587 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2589 CKM::RawBuffer buffer(data.begin(), data.end());
2590 CKM::Policy exportable(CKM::Password(), true);
2593 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2594 "Error=" << CKM::ErrorToString(temp));
2597 RUNNER_TEST(T17106_remove_application)
2601 auto control = CKM::Control::create();
2603 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2604 "Error=" << CKM::ErrorToString(tmp));
2606 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
2607 "Error=" << CKM::ErrorToString(tmp));
2610 RUNNER_CHILD_TEST(T17107_check_data_01)
2613 ScopedAccessProvider ap("t1706-special-label");
2614 ap.allowAPI("key-manager::api-storage", "rw");
2615 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2617 CKM::AliasVector av;
2618 auto manager = CKM::Manager::create();
2621 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2622 "Error=" << CKM::ErrorToString(temp));
2624 0 == (temp = av.size()),
2625 "Vector size: " << temp << ". Expected: 0");
2628 RUNNER_CHILD_TEST(T17108_check_data_02)
2631 ScopedAccessProvider ap("t1706-special-label2");
2632 ap.allowAPI("key-manager::api-storage", "rw");
2633 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2635 CKM::AliasVector av;
2636 auto manager = CKM::Manager::create();
2639 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2640 "Error=" << CKM::ErrorToString(temp));
2642 1 == (temp = av.size()),
2643 "Vector size: " << temp << ". Expected: 1");
2646 RUNNER_TEST(T17109_unlock_user2)
2650 auto control = CKM::Control::create();
2652 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2653 "Error=" << CKM::ErrorToString(tmp));
2656 RUNNER_CHILD_TEST(T17110_check_data_03)
2659 ScopedAccessProvider ap("t1706-special-label");
2660 ap.allowAPI("key-manager::api-storage", "rw");
2661 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2663 CKM::AliasVector av;
2664 auto manager = CKM::Manager::create();
2667 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2668 "Error=" << CKM::ErrorToString(temp));
2670 0 == (temp = av.size()),
2671 "Vector size: " << temp << ". Expected: 0");
2674 RUNNER_CHILD_TEST(T17111_check_data_04)
2677 ScopedAccessProvider ap("t1706-special-label2");
2678 ap.allowAPI("key-manager::api-storage", "rw");
2679 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2681 CKM::AliasVector av;
2682 auto manager = CKM::Manager::create();
2685 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2686 "Error=" << CKM::ErrorToString(temp));
2688 1 == (temp = av.size()),
2689 "Vector size: " << temp << ". Expected: 1");
2692 RUNNER_TEST(T17112_deinit)
2694 remove_user_data(USER_TEST+2);
2695 remove_user_data(USER_TEST+3);
2698 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2702 CKM::Alias alias_PKCS_collision = sharedDatabase("test-PKCS-collision");
2703 CKM::Alias alias_PKCS_exportable = sharedDatabase("test-PKCS-export");
2704 CKM::Alias alias_PKCS_not_exportable = sharedDatabase("test-PKCS-no-export");
2705 CKM::Alias alias_PKCS_priv_key_copy = sharedDatabase("test-PKCS-private-key-copy");
2706 CKM::Alias alias_PKCS_priv_key_wrong = sharedDatabase("test-PKCS-private-key-wrong");
2709 RUNNER_TEST(T1800_init)
2711 remove_user_data(0);
2714 RUNNER_TEST(T1801_parse_PKCS12) {
2715 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2716 std::istreambuf_iterator<char> begin(is), end;
2717 std::vector<char> buff(begin, end);
2719 CKM::RawBuffer buffer(buff.size());
2720 memcpy(buffer.data(), buff.data(), buff.size());
2722 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2725 "Error in PKCS12::create()");
2727 auto cert = pkcs->getCertificate();
2730 "Error in PKCS12::getCertificate()");
2732 auto key = pkcs->getKey();
2735 "Error in PKCS12::getKey()");
2737 auto caVector = pkcs->getCaCertificateShPtrVector();
2739 0 == caVector.size(),
2740 "Wrong size of vector");
2743 RUNNER_TEST(T1802_negative_wrong_password) {
2744 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2745 std::istreambuf_iterator<char> begin(is), end;
2746 std::vector<char> buff(begin, end);
2748 CKM::RawBuffer buffer(buff.size());
2749 memcpy(buffer.data(), buff.data(), buff.size());
2751 auto pkcs = CKM::PKCS12::create(buffer, "error");
2754 "Expected error in PKCS12::create()");
2757 RUNNER_TEST(T1803_negative_broken_buffer) {
2758 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2759 std::istreambuf_iterator<char> begin(is), end;
2760 std::vector<char> buff(begin, end);
2762 CKM::RawBuffer buffer(buff.size());
2763 memcpy(buffer.data(), buff.data(), buff.size());
2765 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2768 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2771 "Expected error in PKCS12::create()");
2774 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2776 auto manager = CKM::Manager::create();
2777 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2778 std::istreambuf_iterator<char> begin(is), end;
2779 std::vector<char> buff(begin, end);
2781 CKM::RawBuffer buffer(buff.size());
2782 memcpy(buffer.data(), buff.data(), buff.size());
2784 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2787 "Error in PKCS12::create()");
2790 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2791 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2792 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2793 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2794 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2795 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2796 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2797 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2798 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2799 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2800 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2801 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2802 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2803 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2804 "-----END RSA PRIVATE KEY-----\n";
2806 std::string message = "message test";
2808 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2809 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2810 "Key is empty. Failed to import private key.");
2814 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2815 "Error=" << CKM::ErrorToString(temp));
2818 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2819 "Error=" << CKM::ErrorToString(temp));
2822 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2824 auto manager = CKM::Manager::create();
2825 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2826 std::istreambuf_iterator<char> begin(is), end;
2827 std::vector<char> buff(begin, end);
2829 CKM::RawBuffer buffer(buff.size());
2830 memcpy(buffer.data(), buff.data(), buff.size());
2832 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2835 "Error in PKCS12::create()");
2837 auto cert = pkcs->getCertificate();
2840 "Error in PKCS12::getCertificate()");
2842 auto key = pkcs->getKey();
2845 "Error in PKCS12::getKey()");
2847 auto caVector = pkcs->getCaCertificateShPtrVector();
2849 2 == caVector.size(),
2850 "Wrong size of vector");
2854 CKM::Policy exportable;
2855 CKM::Policy notExportable(CKM::Password(), false);
2858 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2859 "Error=" << CKM::ErrorToString(tmp));
2861 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2862 "Error=" << CKM::ErrorToString(tmp));
2864 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2865 "Error=" << CKM::ErrorToString(tmp));
2867 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2868 "Error=" << CKM::ErrorToString(tmp));
2870 // try to lookup key
2871 CKM::KeyShPtr key_lookup;
2873 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2874 "Error=" << CKM::ErrorToString(tmp));
2876 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2877 "Error=" << CKM::ErrorToString(tmp));
2879 // try to lookup certificate
2880 CKM::CertificateShPtr cert_lookup;
2882 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2883 "Error=" << CKM::ErrorToString(tmp));
2885 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2886 "Error=" << CKM::ErrorToString(tmp));
2889 RUNNER_TEST(T1806_get_PKCS)
2892 auto manager = CKM::Manager::create();
2894 CKM::PKCS12ShPtr pkcs;
2898 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12(sharedDatabase("i-do-not-exist").c_str(), pkcs)),
2899 "Error=" << CKM::ErrorToString(temp));
2901 // fail - not exportable
2903 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2904 "Error=" << CKM::ErrorToString(temp));
2906 // success - exportable
2908 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2909 "Error=" << CKM::ErrorToString(temp));
2911 auto cert = pkcs->getCertificate();
2914 "Error in PKCS12::getCertificate()");
2916 auto key = pkcs->getKey();
2919 "Error in PKCS12::getKey()");
2921 auto caVector = pkcs->getCaCertificateShPtrVector();
2923 2 == caVector.size(),
2924 "Wrong size of vector");
2927 RUNNER_TEST(T1807_create_and_verify_signature)
2930 auto manager = CKM::Manager::create();
2932 std::string message = "message test";
2934 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2935 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2936 CKM::RawBuffer signature;
2939 CKM_API_SUCCESS == (temp = manager->createSignature(
2940 alias_PKCS_exportable,
2942 CKM::RawBuffer(message.begin(), message.end()),
2946 "Error=" << CKM::ErrorToString(temp));
2949 CKM_API_SUCCESS == (temp = manager->verifySignature(
2950 alias_PKCS_exportable,
2952 CKM::RawBuffer(message.begin(), message.end()),
2956 "Error=" << CKM::ErrorToString(temp));
2959 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2962 auto manager = CKM::Manager::create();
2964 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2965 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2966 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2967 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2968 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2969 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2970 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2971 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2972 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2973 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2974 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2975 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2976 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2977 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2978 "-----END RSA PRIVATE KEY-----";
2979 std::string message = "message test";
2981 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2982 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2983 "Key is empty. Failed to import private key.");
2986 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2987 "Error=" << CKM::ErrorToString(temp));
2989 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2990 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2991 CKM::RawBuffer signature;
2994 CKM_API_SUCCESS == (temp = manager->createSignature(
2995 alias_PKCS_priv_key_copy,
2997 CKM::RawBuffer(message.begin(), message.end()),
3001 "Error=" << CKM::ErrorToString(temp));
3004 CKM_API_SUCCESS == (temp = manager->verifySignature(
3005 alias_PKCS_exportable,
3007 CKM::RawBuffer(message.begin(), message.end()),
3011 "Error=" << CKM::ErrorToString(temp));
3014 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3017 auto manager = CKM::Manager::create();
3019 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3020 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3021 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3022 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3023 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3024 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3025 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3026 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3027 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3028 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3029 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3030 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3031 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3032 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3033 "-----END RSA PRIVATE KEY-----\n";
3035 std::string message = "message test";
3037 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3038 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3039 "Key is empty. Failed to import private key.");
3042 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3043 "Error=" << CKM::ErrorToString(temp));
3045 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3046 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3047 CKM::RawBuffer signature;
3050 CKM_API_SUCCESS == (temp = manager->createSignature(
3051 alias_PKCS_priv_key_wrong,
3053 CKM::RawBuffer(message.begin(), message.end()),
3057 "Error=" << CKM::ErrorToString(temp));
3060 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3061 alias_PKCS_exportable,
3063 CKM::RawBuffer(message.begin(), message.end()),
3067 "Error=" << CKM::ErrorToString(temp));
3070 RUNNER_TEST(T1810_verify_get_certificate_chain)
3072 // this certificate has been signed using PKCS chain
3073 std::string im = "-----BEGIN CERTIFICATE-----\n"
3074 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3075 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3076 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3077 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3078 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3079 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3080 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3081 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3082 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3084 "-----END CERTIFICATE-----\n";
3086 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3087 CKM::CertificateShPtrVector certChain;
3088 CKM::AliasVector aliasVector;
3091 auto manager = CKM::Manager::create();
3093 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3095 tmp = manager->getCertificateChain(cert,
3100 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3101 "Error=" << CKM::ErrorToString(tmp));
3104 0 == certChain.size(),
3105 "Wrong size of certificate chain.");
3107 aliasVector.push_back(alias_PKCS_exportable);
3109 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3110 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3112 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3114 4 == certChain.size(),
3115 "Wrong size of certificate chain: " << certChain.size());
3118 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3120 auto manager = CKM::Manager::create();
3124 // remove the whole PKCS12 bundles
3126 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3127 "Error=" << CKM::ErrorToString(tmp));
3129 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3130 "Error=" << CKM::ErrorToString(tmp));
3132 // expect lookup fails due to unknown alias
3133 // try to lookup key
3134 CKM::KeyShPtr key_lookup;
3136 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3137 "Error=" << CKM::ErrorToString(tmp));
3139 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3140 "Error=" << CKM::ErrorToString(tmp));
3142 // try to lookup certificate
3143 CKM::CertificateShPtr cert_lookup;
3145 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3146 "Error=" << CKM::ErrorToString(tmp));
3148 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3149 "Error=" << CKM::ErrorToString(tmp));
3152 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3154 CKM::Alias alias = sharedDatabase("t1812alias1");
3156 auto manager = CKM::Manager::create();
3157 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3158 std::istreambuf_iterator<char> begin(is), end;
3159 std::vector<char> buff(begin, end);
3161 CKM::PKCS12ShPtr pkcs12;
3162 CKM::Password pass1 = "easypass1";
3163 CKM::Password pass2 = "easypass2";
3165 CKM::RawBuffer buffer(buff.size());
3166 memcpy(buffer.data(), buff.data(), buff.size());
3168 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3171 "Error in PKCS12::create()");
3175 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3176 "Error=" << CKM::ErrorToString(temp));
3179 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3180 "Error=" << CKM::ErrorToString(temp));
3183 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3184 "Error=" << CKM::ErrorToString(temp));
3187 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3188 "Error=" << CKM::ErrorToString(temp));
3191 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3192 "Error=" << CKM::ErrorToString(temp));
3195 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3196 "Error=" << CKM::ErrorToString(temp));
3198 CKM::CertificateShPtr cert;
3200 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3201 "Error=" << CKM::ErrorToString(temp));
3203 CKM::CertificateShPtrVector certChain;
3204 CKM::AliasVector certVect;
3205 certVect.push_back(alias);
3208 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3209 "Error=" << CKM::ErrorToString(temp));
3212 RUNNER_TEST(T1813_deinit)
3215 auto control = CKM::Control::create();
3218 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3219 "Error=" << CKM::ErrorToString(temp));
3222 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3224 const char * const T190_PASSWD = "t190-special-password";
3226 RUNNER_TEST(T1901_init_unlock_key)
3228 reset_user_data(USER_APP, T190_PASSWD);
3231 RUNNER_TEST(T1902_get_data)
3233 ScopedAccessProvider ap(TEST_LABEL);
3234 ap.allowAPI("key-manager::api-storage", "rw");
3235 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3236 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
3238 auto manager = CKM::Manager::create();
3241 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3244 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3245 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3248 RUNNER_TEST(T1903_lock_database)
3251 auto control = CKM::Control::create();
3253 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
3254 "Error=" << CKM::ErrorToString(tmp));
3257 RUNNER_TEST(T1904_get_data_from_locked_database)
3259 ScopedAccessProvider ap(TEST_LABEL);
3260 ap.allowAPI("key-manager::api-storage", "rw");
3261 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3263 auto manager = CKM::Manager::create();
3266 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3269 CKM_API_ERROR_DB_LOCKED == status1,
3270 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3273 RUNNER_TEST(T1905_deinit)
3275 remove_user_data(USER_APP);
3278 int main(int argc, char *argv[])
3280 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob