1 #include <dpl/test/test_runner.h>
3 #include <tests_common.h>
4 #include <test-certs.h>
5 #include <ckm-common.h>
7 #include <ckm/ckm-manager.h>
8 #include <ckm/ckm-control.h>
9 #include <ckm/ckm-type.h>
11 #include <ckmc/ckmc-manager.h>
12 #include <ckmc/ckmc-control.h>
13 #include <ckmc/ckmc-type.h>
14 #include <ckmc/ckmc-error.h>
16 #include <ckm-common.h>
26 const int USER_APP = 5001;
27 const char* USER_PASS = "user-pass";
28 const char *const TEST_OBJECT1 = "OBJECT1";
29 } // namespace anonymous
32 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
34 RUNNER_TEST(T3010_Control_C_API_service_unlock_DB)
38 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(0)),
39 CKMCReadableError(temp));
40 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
41 CKMCReadableError(temp));
42 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(0, "test-pass")),
43 CKMCReadableError(temp));
45 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(4999)),
46 CKMCReadableError(temp));
47 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(4999)),
48 CKMCReadableError(temp));
49 RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(4999, "test-pass")),
50 CKMCReadableError(temp));
52 remove_user_data(5000);
53 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(5000)),
54 CKMCReadableError(temp));
55 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(5000)),
56 CKMCReadableError(temp));
57 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(5000, "test-pass")),
58 CKMCReadableError(temp));
61 RUNNER_TEST(T3011_Control_C_API)
65 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
66 CKMCReadableError(temp));
68 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
69 CKMCReadableError(temp));
72 RUNNER_TEST(T3012_Control_C_API)
76 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
77 CKMCReadableError(temp));
78 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
79 CKMCReadableError(temp));
82 RUNNER_TEST(T3013_Control_C_API)
86 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
87 CKMCReadableError(temp));
90 RUNNER_TEST(T3014_Control_C_API)
93 const uid_t UNIQUE_USER = 6500;
95 // clean up environment
96 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
97 CKMCReadableError(temp));
98 // unlock with empty password
99 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
100 CKMCReadableError(temp));
101 // reset password (NULL, "simple-password")
102 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
103 CKMCReadableError(temp));
104 // get rid of NULL DKEK
105 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
106 CKMCReadableError(temp));
108 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
109 CKMCReadableError(temp));
110 // try to reset password when db locked
111 RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
112 CKMCReadableError(temp));
113 // clean up environment
114 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
115 CKMCReadableError(temp));
118 RUNNER_TEST(T3015_Control_C_API)
123 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
124 CKMCReadableError(temp));
126 CKMC_ERROR_NONE == (temp = ckmc_change_user_password(USER_APP, "simple-password", "new-pass")),
127 CKMCReadableError(temp));
128 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
129 CKMCReadableError(temp));
130 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
131 CKMCReadableError(temp));
134 RUNNER_TEST(T3016_Control_C_API)
139 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
140 CKMCReadableError(temp));
142 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
143 CKMCReadableError(temp));
147 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
149 RUNNER_TEST(T30201_init_C_API)
153 remove_user_data(USER_APP);
155 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
156 CKMCReadableError(temp));
159 RUNNER_TEST(T30202_RSA_key_C_API)
163 ckmc_key_s test_key, *test_key2;
164 ckmc_policy_s test_policy;
166 char* password = NULL;
167 CKM::Alias alias = "mykey";
169 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
170 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
171 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
172 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
173 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
174 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
175 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
177 "-----END PUBLIC KEY-----";
179 char* char_keypem = new char[keyPem.length() + 1];
181 std::strcpy(char_keypem, keyPem.c_str());
182 test_key.raw_key = (unsigned char *)char_keypem;
183 test_key.key_size = keyPem.length();
184 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
185 test_key.password = password;
187 test_policy.password = password;
188 test_policy.extractable = 1;
190 test_key2 = &test_key;
193 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), test_key, test_policy)),
194 CKMCReadableError(temp));
197 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
198 CKMCReadableError(temp));
201 RUNNER_TEST(T30203_AES_key_C_API)
204 CKM::Alias alias = "my_AES_key";
205 size_t key_length = 192;
207 ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
208 ckmc_key_s *test_key2;
209 ckmc_policy_s test_policy;
210 test_policy.password = NULL;
211 test_policy.extractable = 1;
214 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
215 CKMCReadableError(temp));
218 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), NULL, &test_key2)),
219 CKMCReadableError(temp));
221 compare_AES_keys(test_key, test_key2);
222 ckmc_key_free(test_key);
223 ckmc_key_free(test_key2);
226 RUNNER_TEST(T30204_certificate_C_API)
230 std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF);
232 char* password = NULL;
236 CKM::Alias alias = "test-cert-1-RSA";
238 ckmc_policy_s test_policy;
239 test_policy.password = password;
240 test_policy.extractable = 1;
242 char* char_certPem = new char[certPem.length() + 1];
243 std::strcpy(char_certPem, certPem.c_str());
244 cert.raw_cert = (unsigned char *)char_certPem;
245 cert.cert_size = certPem.length();
246 cert.data_format = CKMC_FORM_PEM;
249 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
250 CKMCReadableError(temp));
253 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
254 CKMCReadableError(temp));
256 ckmc_cert_free(cert2);
259 RUNNER_TEST(T30205_certificate_remove_C_API)
263 char* password = NULL;
265 CKM::Alias alias = "test-cert-1-RSA";
268 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
269 CKMCReadableError(temp));
270 ckmc_cert_free(cert2);
273 CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias.c_str())),
274 CKMCReadableError(temp));
277 CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
278 CKMCReadableError(temp));
281 RUNNER_TEST(T30206_certificate_list_C_API)
285 std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF);
287 char* password = NULL;
290 ckmc_policy_s test_policy;
291 test_policy.password = password;
292 test_policy.extractable = 1;
294 char* char_certPem = new char[certPem.length() + 1];
295 std::strcpy(char_certPem, certPem.c_str());
296 cert.raw_cert = (unsigned char *)char_certPem;
297 cert.cert_size = certPem.length();
298 cert.data_format = CKMC_FORM_PEM;
300 size_t current_aliases_num = count_aliases(ALIAS_CERT);
303 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
304 CKMCReadableError(temp));
307 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
308 CKMCReadableError(temp));
311 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
312 CKMCReadableError(temp));
314 size_t actual_cnt = count_aliases(ALIAS_CERT);
316 (current_aliases_num+3) == actual_cnt,
317 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
320 RUNNER_TEST(T30207_save_AES_key_passwd_C_API)
323 const char* password = "x";
324 size_t key_length = 192;
325 CKM::Alias alias = "my_AES_key-2";
327 ckmc_key_s *test_key = generate_AES_key(key_length, password);
328 ckmc_policy_s test_policy;
329 test_policy.password = const_cast<char *>(password);
330 test_policy.extractable = 1;
333 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
334 CKMCReadableError(temp));
335 ckmc_key_free(test_key);
338 RUNNER_TEST(T30208_save_RSA_keys_exportable_flag)
341 auto manager = CKM::Manager::create();
343 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
344 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
345 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
346 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
347 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
348 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
349 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
351 "-----END PUBLIC KEY-----";
353 ckmc_policy_s test_policy;
354 ckmc_key_s test_key, *test_key2;
355 char* char_keypem = new char[keyPem.length() + 1];
356 char* password = NULL;
358 std::strcpy(char_keypem, keyPem.c_str());
359 test_key.raw_key = (unsigned char *)char_keypem;
360 test_key.key_size = keyPem.length();
361 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
362 test_key.password = NULL;
364 test_policy.password = password;
365 test_policy.extractable = 0;
368 CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
369 CKMCReadableError(temp));
372 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
373 CKMCReadableError(temp));
376 RUNNER_TEST(T30209_save_AES_keys_exportable_flag)
379 const char* password = NULL;
380 size_t key_length = 256;
381 CKM::Alias alias = "my_AES_key-3";
383 ckmc_key_s *test_key = generate_AES_key(key_length, password);
384 ckmc_key_s *test_key2;
385 ckmc_policy_s test_policy;
386 test_policy.password = const_cast<char *>(password);
387 test_policy.extractable = 0;
390 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
391 CKMCReadableError(temp));
392 ckmc_key_free(test_key);
395 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
396 CKMCReadableError(temp));
399 RUNNER_TEST(T30210_certificate_with_DSA_key_C_API)
403 std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF);
405 char* password = NULL;
406 ckmc_cert_s *cert2 = NULL;
409 ckmc_policy_s test_policy;
410 test_policy.password = password;
411 test_policy.extractable = 1;
413 char* char_certPem = new char[certPem.length() + 1];
414 std::strcpy(char_certPem, certPem.c_str());
415 cert.raw_cert = (unsigned char *)char_certPem;
416 cert.cert_size = certPem.length();
417 cert.data_format = CKMC_FORM_PEM;
419 CKM::Alias alias = "test-cert-1-DSA";
421 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
422 CKMCReadableError(temp));
425 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
426 CKMCReadableError(temp));
428 ckmc_cert_free(cert2);
431 RUNNER_TEST(T30211_deinit_C_API)
436 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
437 CKMCReadableError(temp));
439 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
440 CKMCReadableError(temp));
444 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
446 RUNNER_TEST(T3031_init_C_API)
450 remove_user_data(USER_APP);
452 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
453 CKMCReadableError(temp));
456 RUNNER_TEST(T3032_save_asymmetric_keys_get_alias_C_API)
460 char* password = NULL;
461 ckmc_policy_s test_policy1, test_policy2, test_policy3;
464 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
465 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
466 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
467 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
468 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
469 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
470 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
472 "-----END PUBLIC KEY-----";
474 char* char_keypem = new char[keyPem.length() + 1];
476 std::strcpy(char_keypem, keyPem.c_str());
477 test_key.raw_key = (unsigned char *)char_keypem;
478 test_key.key_size = keyPem.length();
479 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
480 test_key.password = password;
482 test_policy1.password = password;
483 test_policy1.extractable = 1;
485 test_policy2.password = password;
486 test_policy2.extractable = 0;
488 test_policy3.password = password;
489 test_policy3.extractable = 0;
491 size_t current_aliases_num = count_aliases(ALIAS_KEY);
494 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
495 CKMCReadableError(temp));
498 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
499 CKMCReadableError(temp));
502 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
503 CKMCReadableError(temp));
505 size_t actual_cnt = count_aliases(ALIAS_KEY);
507 (current_aliases_num+3) == actual_cnt,
508 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
512 RUNNER_TEST(T3033_remove_asymmetric_key_C_API)
516 char* password = NULL;
518 ckmc_key_s *test_key2;
520 CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
521 CKMCReadableError(temp));
524 CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
525 CKMCReadableError(temp));
528 CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
529 CKMCReadableError(temp));
532 RUNNER_TEST(T3034_save_symmetric_keys_get_alias_C_API)
535 size_t key_length = 128;
536 ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
537 ckmc_policy_s test_policy1, test_policy2, test_policy3;
538 test_policy1.password = NULL;
539 test_policy1.extractable = 1;
541 test_policy2.password = NULL;
542 test_policy2.extractable = 1;
544 test_policy3.password = NULL;
545 test_policy3.extractable = 1;
547 int current_aliases_num = count_aliases(ALIAS_KEY);
550 CKMC_ERROR_NONE == (temp = ckmc_save_key("AES_key1", *test_key, test_policy1)),
551 CKMCReadableError(temp));
554 CKMC_ERROR_NONE == (temp = ckmc_save_key("AES_key2", *test_key, test_policy2)),
555 CKMCReadableError(temp));
558 CKMC_ERROR_NONE == (temp = ckmc_save_key("AES_key3", *test_key, test_policy3)),
559 CKMCReadableError(temp));
562 (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
563 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
565 ckmc_key_free(test_key);
569 RUNNER_TEST(T3035_remove_symmetric_key_C_API)
573 ckmc_key_s *test_key2;
575 CKMC_ERROR_NONE == (temp = ckmc_get_key("AES_key1", NULL, &test_key2)),
576 CKMCReadableError(temp));
577 validate_AES_key(test_key2);
578 ckmc_key_free(test_key2);
580 // actual test - remove middle item
582 CKMC_ERROR_NONE == (temp = ckmc_remove_key("AES_key2")),
583 CKMCReadableError(temp));
586 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key("AES_key2", NULL, &test_key2)),
587 CKMCReadableError(temp));
590 CKMC_ERROR_NONE == (temp = ckmc_get_key("AES_key3", NULL, &test_key2)),
591 CKMCReadableError(temp));
592 validate_AES_key(test_key2);
593 ckmc_key_free(test_key2);
597 RUNNER_TEST(T3036_alias_new_C_API)
599 char *full_alias = NULL;
600 std::string owner_id = "iocma412ovyc";
601 std::string alias = "fvyuweq27c";
603 std::string full_alias_str = owner_id + ckmc_owner_id_separator + alias;
605 int temp = ckmc_alias_new(owner_id.c_str(), alias.c_str(), &full_alias);
606 std::unique_ptr<char, void(*)(void *)> p(full_alias, ::free);
607 RUNNER_ASSERT_MSG(temp == CKMC_ERROR_NONE, CKMCReadableError(temp));
608 RUNNER_ASSERT_MSG(full_alias_str == full_alias,
609 "Invalid full alias. expected(" << full_alias_str <<
610 ") actual(" << full_alias << ")");
613 RUNNER_TEST(T3037_deinit_C_API)
618 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
619 CKMCReadableError(temp));
621 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
622 CKMCReadableError(temp));
625 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
627 RUNNER_TEST(T3041_init_C_API)
629 reset_user_data(USER_APP, "simple-password");
632 RUNNER_TEST(T3042_save_get_bin_data_C_API)
636 ckmc_raw_buffer_s testData1, testData2, testData3;
637 char* password = NULL;
639 std::string binData1 = "My bin data1";
640 std::string binData2 = "My bin data2";
641 std::string binData3 = "My bin data3";
642 char* char_binData1 = new char[binData1.length() + 1];
643 char* char_binData2 = new char[binData2.length() + 1];
644 char* char_binData3 = new char[binData3.length() + 1];
645 std::strcpy(char_binData1, binData1.c_str());
646 std::strcpy(char_binData2, binData2.c_str());
647 std::strcpy(char_binData3, binData3.c_str());
648 testData1.data = (unsigned char *) char_binData1;
649 testData2.data = (unsigned char *) char_binData2;
650 testData3.data = (unsigned char *) char_binData3;
651 testData1.size = binData1.length()+1;
652 testData2.size = binData2.length()+1;
653 testData3.size = binData3.length()+1;
655 ckmc_policy_s test_policy1, test_policy2, test_policy3;
657 test_policy1.password = password;
658 test_policy1.extractable = 1;
659 test_policy2.password = password;
660 test_policy2.extractable = 1;
661 test_policy3.password = password;
662 test_policy3.extractable = 0;
664 size_t current_aliases_num = count_aliases(ALIAS_DATA);
667 CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
668 CKMCReadableError(temp));
671 CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
672 CKMCReadableError(temp));
675 CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
676 CKMCReadableError(temp));
679 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
680 CKMCReadableError(temp));
682 size_t actual_cnt = count_aliases(ALIAS_DATA);
684 (current_aliases_num+3) == actual_cnt,
685 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
687 ckmc_raw_buffer_s *testData4;
689 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
690 CKMCReadableError(temp));
693 compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
694 RUNNER_ASSERT_MSG( compareResult == 0,
698 RUNNER_TEST(T3043_app_user_save_bin_data_C_API)
701 ckmc_raw_buffer_s testData1;
702 char* password = NULL;
703 std::string binData1 = "My bin data";
704 char* char_binData1 = new char[binData1.length() + 1];
705 std::strcpy(char_binData1, binData1.c_str());
706 testData1.data = (unsigned char *) char_binData1;
707 testData1.size = binData1.length()+1;
709 ckmc_policy_s test_policy1, test_policy2;
711 test_policy1.password = password;
712 test_policy1.extractable = 1;
714 test_policy2.password = password;
715 test_policy2.extractable = 1;
717 std::string binData = "My bin data";
719 size_t current_aliases_num = count_aliases(ALIAS_DATA);
722 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
723 CKMCReadableError(temp));
725 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
726 CKMCReadableError(temp));
728 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
729 CKMCReadableError(temp));
731 size_t actual_cnt = count_aliases(ALIAS_DATA);
733 (current_aliases_num+3) == actual_cnt,
734 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
737 RUNNER_TEST(T3044_remove_bin_data_C_API)
741 size_t current_aliases_num = count_aliases(ALIAS_DATA, 2);
744 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
745 CKMCReadableError(temp));
747 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
748 CKMCReadableError(temp));
750 size_t actual_cnt = count_aliases(ALIAS_DATA);
752 (current_aliases_num-2) == actual_cnt,
753 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << actual_cnt);
755 char* password = NULL;
757 ckmc_raw_buffer_s *testData1, testData2;
759 std::string testStr = "My bin data2";
760 char* char_testData2 = new char[testStr.length() + 1];
761 std::strcpy(char_testData2, testStr.c_str());
762 testData2.data = (unsigned char *) char_testData2;
763 testData2.size = testStr.length()+1;
765 CKM::RawBuffer buffer;
767 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
768 CKMCReadableError(temp));
771 compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
772 RUNNER_ASSERT_MSG( compareResult == 0,
776 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
777 CKMCReadableError(temp));
780 RUNNER_TEST(T3045_save_big_data_C_API, RemoveDataEnv<USER_APP>)
782 // We don't know which backend will be used
783 const size_t BIG_SIZE = 100000;
785 std::vector<char> big_data(BIG_SIZE);
786 std::ifstream is("/dev/urandom", std::ifstream::binary);
788 is.read(big_data.data(), BIG_SIZE);
790 RUNNER_ASSERT_MSG(is,
791 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
793 save_data(TEST_OBJECT1, big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
794 auto self_label = getOwnerIdFromSelf();
795 check_read(TEST_OBJECT1, self_label.c_str(), big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
798 RUNNER_TEST(T3046_save_get_password_protected_data)
800 const char *alias = "T3046_data_alias";
801 const char *password = "test-password";
802 std::vector<unsigned char> data = { 0x28, 0x34, 0x5a, 0xf3 };
804 ckmc_raw_buffer_s raw_buffer;
805 raw_buffer.data = data.data();
806 raw_buffer.size = data.size();
808 ckmc_policy_s policy;
809 policy.password = const_cast<char *>(password);
810 policy.extractable = 1;
815 CKMC_ERROR_NONE == (temp = ckmc_save_data(alias, raw_buffer, policy)),
816 CKMCReadableError(temp));
818 ckmc_raw_buffer_s *raw_buffer_stored = nullptr;
820 // test negative case first
821 temp = ckmc_get_data(alias, "invalid_password", &raw_buffer_stored);
823 // make scoped buffer for in case of success
824 std::unique_ptr<ckmc_raw_buffer_s, void(*)(ckmc_raw_buffer_s *)> scoped_buffer(
825 raw_buffer_stored, ckmc_buffer_free);
827 RUNNER_ASSERT_MSG(temp == CKMC_ERROR_AUTHENTICATION_FAILED,
828 "expected(" << CKMCErrorToString(CKMC_ERROR_AUTHENTICATION_FAILED)
829 << ") but ret(" << CKMCErrorToString(temp) << ")");
831 temp = ckmc_get_data(alias, password, &raw_buffer_stored);
832 // reset buffer with raw buffer of positive case
833 scoped_buffer.reset(raw_buffer_stored);
834 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == temp, CKMCReadableError(temp));
837 raw_buffer_stored->size == raw_buffer.size,
838 "stored raw buffer size(" << raw_buffer_stored->size
839 << ") is differ to original raw buffer size(" << raw_buffer.size << ")");
840 for (size_t i = 0; i < raw_buffer_stored->size; ++i)
842 raw_buffer_stored->data[i] == raw_buffer.data[i],
843 "stored raw buffer data[" << i << "](" << raw_buffer_stored->data[i]
844 << ") is differ to original raw buffer data["
845 << i << "](" << raw_buffer.data[i] << ")");
848 CKMC_ERROR_NONE == (temp = ckmc_remove_alias(alias)),
849 CKMCReadableError(temp));
852 RUNNER_TEST(T3050_deinit_C_API)
857 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
858 CKMCReadableError(temp));
860 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
861 CKMCReadableError(temp));
864 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
866 RUNNER_TEST(T3051_CAPI_init)
871 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
872 CKMCReadableError(temp));
875 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
876 CKMCReadableError(temp));
879 RUNNER_TEST(T3052_CAPI_create_RSA_key)
883 const char *private_key_alias = "RSA-test-1-priv";
884 const char *public_key_alias = "RSA-test-1-pub";
885 ckmc_policy_s policy_private_key;
886 ckmc_policy_s policy_public_key;
888 policy_private_key.password = NULL;
889 policy_private_key.extractable = 1;
891 policy_public_key.password = NULL;
892 policy_public_key.extractable = 1;
895 size_t current_aliases_num = count_aliases(ALIAS_KEY);
898 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
899 CKMCReadableError(temp));
901 size_t actual_cnt = count_aliases(ALIAS_KEY);
903 (current_aliases_num+2) == actual_cnt,
904 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
906 ckmc_key_s *privateKey;
908 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
909 CKMCReadableError(temp));
911 privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
912 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
914 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
915 "Private key is broken.");
917 ckmc_key_s *publicKey;
919 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
920 CKMCReadableError(temp));
922 publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
923 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
925 publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
926 "Public key is broken.");
928 // on next attempt to generate keys with the same alias, expect fail (alias exists)
930 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
931 CKMCReadableError(temp));
934 RUNNER_TEST(T3053_CAPI_create_DSA_key)
938 const char *private_key_alias = "DSA-test-2-priv";
939 const char *public_key_alias = "DSA-test-2-pub";
940 ckmc_policy_s policy_private_key;
941 ckmc_policy_s policy_public_key;
943 policy_private_key.password = NULL;
944 policy_private_key.extractable = 1;
946 policy_public_key.password = NULL;
947 policy_public_key.extractable = 1;
949 size_t current_aliases_num = count_aliases(ALIAS_KEY);
952 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
953 CKMCReadableError(temp));
955 size_t actual_cnt = count_aliases(ALIAS_KEY);
957 (current_aliases_num+2) == actual_cnt,
958 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
960 ckmc_key_s *privateKey = 0;
962 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
963 CKMCReadableError(temp));
965 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
966 "Private key is broken.");
968 privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
969 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
970 ckmc_key_free(privateKey);
972 ckmc_key_s *pubKey = 0;
974 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
975 CKMCReadableError(temp));
977 pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
978 "Public key is broken.");
980 pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
981 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
982 ckmc_key_free(pubKey);
984 // on next attempt to generate keys with the same alias, expect fail (alias exists)
986 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
987 CKMCReadableError(temp));
991 RUNNER_TEST(T3054_CAPI_create_AES_key)
995 CKM::Alias key_alias = "AES-gen-test-1";
996 ckmc_policy_s policy_key;
998 policy_key.password = NULL;
999 policy_key.extractable = 1;
1001 int current_aliases_num = count_aliases(ALIAS_KEY);
1004 CKMC_ERROR_NONE == (temp = ckmc_create_key_aes(size, key_alias.c_str(), policy_key)),
1005 CKMCReadableError(temp));
1008 (current_aliases_num+1) == (temp = count_aliases(ALIAS_KEY)),
1009 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
1011 ckmc_key_s *get_AES_key = 0;
1013 CKMC_ERROR_NONE == (temp = ckmc_get_key(key_alias.c_str(), policy_key.password, &get_AES_key)),
1014 CKMCReadableError(temp));
1015 validate_AES_key(get_AES_key);
1016 ckmc_key_free(get_AES_key);
1020 RUNNER_TEST(T3055_CAPI_deinit)
1025 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
1026 CKMCReadableError(temp));
1028 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1029 CKMCReadableError(temp));
1033 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
1035 RUNNER_TEST(T3061_CAPI_init)
1037 reset_user_data(USER_APP, USER_PASS);
1040 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
1045 CKM::Alias private_key_alias = "rsa-test-1";
1046 CKM::Alias public_key_alias = "rsa-test-2";
1047 ckmc_policy_s policy_private_key;
1048 ckmc_policy_s policy_public_key;
1050 policy_private_key.password = const_cast<char *>("privatepassword");
1051 policy_private_key.extractable = 0;
1053 policy_public_key.password = NULL;
1054 policy_public_key.extractable = 1;
1057 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1058 CKMCReadableError(temp));
1060 // on next attempt to generate keys with the same alias, expect fail (alias exists)
1062 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1063 CKMCReadableError(temp));
1066 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
1071 CKM::Alias private_key_alias = "dsa-test-1";
1072 CKM::Alias public_key_alias = "dsa-test-2";
1073 ckmc_policy_s policy_private_key;
1074 ckmc_policy_s policy_public_key;
1076 policy_private_key.password = const_cast<char *>("privatepassword");
1077 policy_private_key.extractable = 0;
1079 policy_public_key.password = NULL;
1080 policy_public_key.extractable = 1;
1083 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1084 CKMCReadableError(temp));
1087 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
1091 ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
1092 CKM::Alias private_key_alias = "ecdsa-test-1";
1093 CKM::Alias public_key_alias = "ecdsa-test-2";
1094 ckmc_policy_s policy_private_key;
1095 ckmc_policy_s policy_public_key;
1097 policy_private_key.password = const_cast<char *>("privatepassword");
1098 policy_private_key.extractable = 0;
1100 policy_public_key.password = NULL;
1101 policy_public_key.extractable = 1;
1104 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1105 CKMCReadableError(temp));
1108 RUNNER_TEST(T3065_CAPI_deinit)
1110 remove_user_data(USER_APP);
1114 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
1117 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
1119 RUNNER_TEST(T3071_CAPI_init)
1121 remove_user_data(USER_APP);
1124 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
1126 std::string ee = TestData::getTestCertificateBase64(TestData::OCSP_AVAILABLE_LEAF);
1127 std::string im = TestData::getTestCertificateBase64(TestData::OCSP_AVAILABLE_IM);
1130 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1131 c_cert.cert_size = ee.size();
1132 c_cert.data_format = CKMC_FORM_PEM;
1134 ckmc_cert_s c_cert1;
1135 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1136 c_cert1.cert_size = im.size();
1137 c_cert1.data_format = CKMC_FORM_PEM;
1139 ckmc_cert_list_s untrustedcerts;
1140 untrustedcerts.cert = &c_cert1;
1141 untrustedcerts.next = NULL;
1143 ckmc_cert_list_s *cert_chain_list;
1145 int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
1147 CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1149 RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1151 ckmc_ocsp_status_e ocsp_status;
1152 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1153 RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1156 RUNNER_TEST(T3075_CAPI_deinit)
1158 remove_user_data(USER_APP);
1162 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1164 RUNNER_TEST(T3081_CAPI__init)
1169 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1170 CKMCReadableError(temp));
1173 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1174 CKMCReadableError(temp));
1177 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1181 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1182 "Proc-Type: 4,ENCRYPTED\n"
1183 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1185 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1186 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1187 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1188 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1189 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1190 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1191 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1192 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1193 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1194 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1195 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1196 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1197 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1198 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1199 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1200 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1201 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1202 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1203 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1204 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1205 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1206 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1207 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1208 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1209 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1210 "-----END RSA PRIVATE KEY-----\n";
1212 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1213 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1214 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1215 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1216 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1217 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1218 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1220 "-----END PUBLIC KEY-----\n";
1222 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1224 CKM::Alias pub_alias = "pub1";
1225 CKM::Alias pri_alias = "prv1";
1226 const char *key_passwd = "1234";
1227 char *pri_passwd = NULL;
1228 char *pub_passwd = NULL;
1229 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1230 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1231 ckmc_raw_buffer_s *signature;
1234 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1235 pubkey.key_size = pub.size();
1236 pubkey.key_type = CKMC_KEY_NONE;
1237 pubkey.password = NULL;
1239 ckmc_policy_s pubpolicy;
1240 pubpolicy.password = pub_passwd;
1241 pubpolicy.extractable = 0;
1243 ckmc_policy_s pripolicy;
1244 pripolicy.password = pri_passwd;
1245 pripolicy.extractable = 1;
1248 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1249 prikey.key_size = prv.size();
1250 prikey.key_type = CKMC_KEY_NONE;
1251 prikey.password = const_cast<char *>(key_passwd);
1255 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1256 CKMCReadableError(temp));
1259 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1260 CKMCReadableError(temp));
1263 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1270 CKMCReadableError(temp));
1273 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1280 CKMCReadableError(temp));
1283 RUNNER_TEST(T3083a_CAPI__rsa_key_create_verify_negative)
1287 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1288 CKM::Alias pub_alias = "pub1";
1289 CKM::Alias pri_alias = "prv1";
1290 char *pri_passwd = NULL;
1291 char *pub_passwd = NULL;
1292 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1293 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1294 ckmc_raw_buffer_s *signature;
1297 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1304 CKMCReadableError(temp));
1307 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1314 CKMCReadableError(temp));
1316 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1317 memcpy((void*)signature->data, "BROKEN", 6);
1320 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1327 CKMCReadableError(temp));
1330 RUNNER_TEST(T3083b_CAPI__rsa_key_create_verify_hash_and_padding)
1334 unsigned char hashed_msg[256] = {}; // shouldn't need padding (2048-bit key)
1335 ckmc_raw_buffer_s msg_buff;
1336 msg_buff.data = hashed_msg;
1337 msg_buff.size = sizeof(hashed_msg);
1338 ckmc_raw_buffer_s short_data = prepare_message_buffer("length not equal to key size");
1339 CKM::Alias pub_alias = "pub1";
1340 CKM::Alias pri_alias = "prv1";
1341 char *pri_passwd = NULL;
1342 char *pub_passwd = NULL;
1343 ckmc_raw_buffer_s *signature;
1345 // sign: no padding + hash
1347 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_create_signature(
1354 CKMCReadableError(temp));
1356 // sign: no padding + no hash + short data
1358 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_create_signature(
1365 CKMCReadableError(temp));
1367 // sign: no padding + no hash + correct length
1369 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1376 CKMCReadableError(temp));
1378 // verify: no padding + no hash
1380 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1386 CKMC_NONE_PADDING)),
1387 CKMCReadableError(temp));
1389 // verify: padding + no hash
1391 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1397 CKMC_PKCS1_PADDING)),
1398 CKMCReadableError(temp));
1400 // verify: no padding + hash
1402 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_verify_signature(
1408 CKMC_NONE_PADDING)),
1409 CKMCReadableError(temp));
1411 ckmc_buffer_free(signature);
1413 // sign: padding + no hash + short data
1415 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1422 CKMCReadableError(temp));
1424 // verify: padding + no hash
1426 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1432 CKMC_PKCS1_PADDING)),
1433 CKMCReadableError(temp));
1435 // verify: no padding + no hash
1437 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1443 CKMC_NONE_PADDING)),
1444 CKMCReadableError(temp));
1446 // verify: no padding + hash
1448 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_verify_signature(
1454 CKMC_NONE_PADDING)),
1455 CKMCReadableError(temp));
1457 ckmc_buffer_free(signature);
1461 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1465 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1466 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1467 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1468 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1469 "-----END EC PRIVATE KEY-----\n";
1471 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1472 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1473 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1474 "-----END PUBLIC KEY-----\n";
1476 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1477 CKM::Alias pri_alias = "ecprv2";
1478 CKM::Alias pub_alias = "ecpub2";
1479 char *key_passwd = NULL;
1480 char *pri_passwd = NULL;
1481 char *pub_passwd = NULL;
1482 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1483 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1484 ckmc_raw_buffer_s *signature;
1487 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1488 pubkey.key_size = pub.size();
1489 pubkey.key_type = CKMC_KEY_NONE;
1490 pubkey.password = NULL;
1492 ckmc_policy_s pubpolicy;
1493 pubpolicy.password = pub_passwd;
1494 pubpolicy.extractable = 1;
1497 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1498 prikey.key_size = prv.size();
1499 prikey.key_type = CKMC_KEY_NONE;
1500 prikey.password = key_passwd;
1502 ckmc_policy_s pripolicy;
1503 pripolicy.password = pri_passwd;
1504 pripolicy.extractable = 0;
1507 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1508 CKMCReadableError(temp));
1510 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1511 CKMCReadableError(temp));
1514 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1521 CKMCReadableError(temp));
1524 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1531 CKMCReadableError(temp));
1533 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1534 memcpy((void*)signature->data, "BROKEN", 6);
1537 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1544 CKMCReadableError(temp));
1547 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1552 "-----BEGIN RSA PRIVATE KEY-----\n"
1553 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1554 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1555 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1556 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1557 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1558 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1559 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1560 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1561 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1562 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1563 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1564 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1565 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1566 "-----END RSA PRIVATE KEY-----\n";
1569 "-----BEGIN CERTIFICATE-----\n"
1570 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1571 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1572 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1573 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1574 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1575 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1576 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1577 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1578 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1579 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1580 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1581 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1582 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1583 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1584 "-----END CERTIFICATE-----\n";
1586 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1588 CKM::Alias pri_alias = "prv3";
1589 CKM::Alias pub_alias = "pub3";
1590 char *key_passwd = NULL;
1591 char *pri_passwd = NULL;
1592 char *pub_passwd = NULL;
1593 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1594 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1595 ckmc_raw_buffer_s *signature;
1598 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1599 cert.cert_size = pub.size();
1600 cert.data_format = CKMC_FORM_PEM;
1602 ckmc_policy_s certpolicy;
1603 certpolicy.password = pub_passwd;
1604 certpolicy.extractable = 1;
1607 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1608 prikey.key_size = prv.size();
1609 prikey.key_type = CKMC_KEY_NONE;
1610 prikey.password = key_passwd;
1612 ckmc_policy_s pripolicy;
1613 pripolicy.password = pri_passwd;
1614 pripolicy.extractable = 0;
1617 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1618 CKMCReadableError(temp));
1620 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1621 CKMCReadableError(temp));
1625 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1632 CKMCReadableError(temp));
1635 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1642 CKMCReadableError(temp));
1644 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1645 memcpy((void*)signature->data, "BROKEN", 6);
1648 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1655 CKMCReadableError(temp));
1658 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1662 const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1663 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1664 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1665 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1666 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1667 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1668 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1669 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1670 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1671 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1672 "YMYCBhubtrVaLmc=\n"
1673 "-----END PUBLIC KEY-----";
1675 const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1676 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1677 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1678 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1679 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1680 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1681 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1682 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1683 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1684 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1685 "u1roOuaPY+Hl19BlTE2qdw==\n"
1686 "-----END DSA PRIVATE KEY-----";
1688 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1690 CKM::Alias pub_alias = "dsa-pub1";
1691 CKM::Alias pri_alias = "dsa-prv1";
1692 char *pri_passwd = NULL;
1693 char *pub_passwd = NULL;
1694 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1695 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1696 ckmc_raw_buffer_s *signature = NULL;
1699 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1700 pubkey.key_size = pub.size();
1701 pubkey.key_type = CKMC_KEY_NONE;
1702 pubkey.password = NULL;
1704 ckmc_policy_s pubpolicy;
1705 pubpolicy.password = pub_passwd;
1706 pubpolicy.extractable = 0;
1708 ckmc_policy_s pripolicy;
1709 pripolicy.password = pri_passwd;
1710 pripolicy.extractable = 1;
1713 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
1714 prikey.key_size = priv.size();
1715 prikey.key_type = CKMC_KEY_NONE;
1716 prikey.password = NULL;
1720 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1721 CKMCReadableError(temp));
1724 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1725 CKMCReadableError(temp));
1728 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1735 CKMCReadableError(temp));
1739 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1746 CKMCReadableError(temp));
1749 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1751 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1758 CKMCReadableError(temp));
1760 ckmc_buffer_free(signature);
1763 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1768 ckmc_policy_s policy_private_key;
1769 ckmc_policy_s policy_public_key;
1771 policy_private_key.password = NULL;
1772 policy_private_key.extractable = 1;
1774 policy_public_key.password = NULL;
1775 policy_public_key.extractable = 1;
1777 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1779 CKM::Alias pub_alias = "dsa-pub2";
1780 CKM::Alias pri_alias = "dsa-prv2";
1783 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias.c_str(), pub_alias.c_str(), policy_private_key, policy_public_key)),
1786 char *pri_passwd = NULL;
1787 char *pub_passwd = NULL;
1788 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1789 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1790 ckmc_raw_buffer_s *signature;
1792 ckmc_key_s *pubkey = NULL;
1793 ckmc_key_s *prikey = NULL;
1795 CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias.c_str(), 0, &prikey)),
1796 CKMCReadableError(temp));
1799 CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias.c_str(), 0, &pubkey)),
1800 CKMCReadableError(temp));
1803 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1810 CKMCReadableError(temp));
1814 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1821 CKMCReadableError(temp));
1824 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1826 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1833 CKMCReadableError(temp));
1835 ckmc_key_free(prikey);
1836 ckmc_key_free(pubkey);
1837 ckmc_buffer_free(signature);
1840 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
1845 "-----BEGIN EC PRIVATE KEY-----\n"
1846 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1847 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1848 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1849 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1850 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1851 "ELyhe7yPCAuOoLZlTLgf\n"
1852 "-----END EC PRIVATE KEY-----\n";
1855 "-----BEGIN CERTIFICATE-----\n"
1856 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1857 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1858 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1859 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1860 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1861 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1862 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1863 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1864 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1865 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1866 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1867 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1868 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1869 "Q1oBry6NEc+lLFmWMDesAA==\n"
1870 "-----END CERTIFICATE-----\n";
1872 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1874 CKM::Alias pri_alias = "prv4";
1875 CKM::Alias pub_alias = "pub4";
1876 char *key_passwd = NULL;
1877 char *pri_passwd = NULL;
1878 char *pub_passwd = NULL;
1879 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1880 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1881 ckmc_raw_buffer_s *signature;
1884 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1885 cert.cert_size = pub.size();
1886 cert.data_format = CKMC_FORM_PEM;
1888 ckmc_policy_s certpolicy;
1889 certpolicy.password = pub_passwd;
1890 certpolicy.extractable = 1;
1893 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1894 prikey.key_size = prv.size();
1895 prikey.key_type = CKMC_KEY_NONE;
1896 prikey.password = key_passwd;
1898 ckmc_policy_s pripolicy;
1899 pripolicy.password = pri_passwd;
1900 pripolicy.extractable = 0;
1904 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1905 CKMCReadableError(temp));
1907 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1908 CKMCReadableError(temp));
1911 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1918 CKMCReadableError(temp));
1921 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1928 CKMCReadableError(temp));
1930 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1931 memcpy((void*)signature->data, "BROKEN", 6);
1934 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1941 CKMCReadableError(temp));
1944 RUNNER_TEST(T3089_CAPI_deinit)
1946 remove_user_data(USER_APP);
1950 //#######################################################################################
1952 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
1954 RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
1955 RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
1957 if(key->password != NULL && password != NULL) {
1958 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
1959 }else if(key->password == NULL && password == NULL) {
1960 RUNNER_ASSERT_MSG(true, "Password Error" );
1962 RUNNER_ASSERT_MSG(false, "Password Error" );
1965 if(key->raw_key != NULL && raw_key != NULL) {
1966 for(unsigned int i=0; i<key_size; i++) {
1967 RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
1969 }else if(key->raw_key == NULL && raw_key == NULL) {
1970 RUNNER_ASSERT_MSG(true, "Raw Key Error" );
1972 RUNNER_ASSERT_MSG(false, "Raw Key Error" );
1976 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
1978 RUNNER_TEST(T3091_CAPI_TYPE_init)
1980 reset_user_data(USER_APP, USER_PASS);
1983 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
1985 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1986 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1987 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1988 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1989 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1990 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1991 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1993 "-----END PUBLIC KEY-----";
1995 unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1996 unsigned int key_size = keyPem.size();
1997 ckmc_key_type_e key_type = CKMC_KEY_NONE;
1998 char *password = const_cast< char *>("");
2001 ckmc_key_new(raw_key, key_size, key_type, password, &key);
2003 _assertKey(key, raw_key, key_size, key_type, password);
2006 char *passwordNull = NULL;
2008 ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
2009 ckmc_key_free(key2);
2012 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
2014 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2015 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2016 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2017 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2018 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2019 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2020 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2022 "-----END PUBLIC KEY-----";
2024 unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
2025 unsigned int size = keyPem.size();
2027 ckmc_raw_buffer_s *buff;
2028 ckmc_buffer_new(data, size, &buff);
2030 RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
2032 if(buff->data != NULL && data != NULL) {
2033 for(unsigned int i=0; i<size; i++) {
2034 RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
2036 }else if(buff->data == NULL && data == NULL) {
2037 RUNNER_ASSERT_MSG(true, "Raw data Error" );
2039 RUNNER_ASSERT_MSG(false, "Raw data Error" );
2042 ckmc_buffer_free(buff);
2045 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
2047 std::string certPem = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF);
2049 unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
2050 unsigned int size = certPem.size();
2051 ckmc_data_format_e form = CKMC_FORM_PEM;
2053 ckmc_cert_s *ckmCert;
2054 ckmc_cert_new(raw_cert, size, form, &ckmCert);
2056 RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
2058 if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
2059 for(unsigned int i=0; i<size; i++) {
2060 RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
2062 }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
2063 RUNNER_ASSERT_MSG(true, "raw_cert Error" );
2065 RUNNER_ASSERT_MSG(false, "raw_cert Error" );
2068 RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
2070 ckmc_cert_free(ckmCert);
2074 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
2078 std::string certStr = TestData::getTestCertificateBase64(TestData::THIRD_PARTY_LEAF);
2080 const char *file_name = "/tmp/ckmc_test_cert.pem";
2084 cert_file = fopen(file_name, "w");
2085 fprintf(cert_file, "%s",certStr.c_str());
2091 CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
2092 CKMCReadableError(ret));
2095 pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
2097 CKM::Alias lcert_alias = "lcert_alias";
2098 ckmc_policy_s policy;
2099 policy.password = NULL;
2100 policy.extractable = 1;
2103 CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias.c_str(), *pcert, policy)),
2104 CKMCReadableError(ret));
2109 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
2110 const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
2111 const char *password = "password";
2115 ckmc_key_s *private_key = NULL;
2116 ckmc_cert_s *cert = NULL;
2117 ckmc_cert_list_s *ca_cert_list = NULL;
2120 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
2121 &private_key, &cert, &ca_cert_list)),
2123 RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
2124 RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
2125 RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
2127 ckmc_policy_s policy;
2128 policy.password = NULL;
2129 policy.extractable = 1;
2132 CKM::Alias pkey_alias = "pkey_alias";
2134 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *private_key, policy)),
2135 CKMCReadableError(temp));
2137 CKM::Alias cert_alias = "cert_alias";
2139 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *cert, policy)),
2140 CKMCReadableError(temp));
2141 std::string caCertAlias = "ca_cert_alias_";
2142 const char *idx = "0";
2144 ckmc_cert_list_s *tmpList = ca_cert_list;
2145 while(tmpList != NULL) {
2146 caCertAlias.append(idx);
2148 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2149 CKMCReadableError(temp));
2150 tmpList = tmpList->next;
2154 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2156 ckmc_key_free(private_key);
2157 ckmc_cert_free(cert);
2158 ckmc_cert_list_all_free(ca_cert_list);
2161 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
2162 const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
2163 const char *password = "password";
2167 ckmc_pkcs12_s *ppkcs12 = NULL;
2170 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
2171 CKMCReadableError(temp));
2172 RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
2173 RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
2174 RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
2176 ckmc_policy_s policy;
2177 policy.password = NULL;
2178 policy.extractable = 1;
2181 CKM::Alias pkey_alias = "pkey_alias2";
2183 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *(ppkcs12->priv_key), policy)),
2184 CKMCReadableError(temp));
2186 CKM::Alias cert_alias = "cert_alias2";
2188 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *(ppkcs12->cert), policy)),
2189 CKMCReadableError(temp));
2190 std::string caCertAlias = "ca_cert_alias_2_";
2191 const char *idx = "0";
2193 ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
2194 while(tmpList != NULL) {
2195 caCertAlias.append(idx);
2197 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2198 CKMCReadableError(temp));
2199 tmpList = tmpList->next;
2203 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2205 ckmc_pkcs12_free(ppkcs12);
2208 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
2212 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2213 CKMCReadableError(temp));
2215 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2216 CKMCReadableError(temp));
2219 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
2223 CKM::Alias alias_PKCS_exportable = "CAPI-test-PKCS-export";
2224 CKM::Alias alias_PKCS_not_exportable = "CAPI-test-PKCS-no-export";
2225 CKM::Alias alias_PKCS_key_not_exportable = "CAPI-test-PKCS-no-key-export";
2228 RUNNER_TEST(T3101_CAPI_PKCS12_init)
2230 remove_user_data(USER_APP);
2233 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
2235 const char *wrong_passwd = "wrong";
2236 ckmc_pkcs12_s *ppkcs12 = NULL;
2239 CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/test1801.pkcs12", wrong_passwd, &ppkcs12)),
2240 CKMCReadableError(temp));
2243 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
2245 ckmc_pkcs12_s *ppkcs12 = NULL;
2248 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/pkcs.p12", NULL, &ppkcs12)),
2249 CKMCReadableError(temp));
2251 RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
2252 RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
2253 RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
2256 ckmc_policy_s exportable;
2257 exportable.password = NULL;
2258 exportable.extractable = 1;
2259 ckmc_policy_s notExportable;
2260 notExportable.password = NULL;
2261 notExportable.extractable = 0;
2264 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2265 CKMCReadableError(temp));
2267 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2268 CKMCReadableError(temp));
2270 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2271 CKMCReadableError(temp));
2273 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2274 CKMCReadableError(temp));
2276 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_key_not_exportable.c_str(), ppkcs12, notExportable, exportable)),
2277 CKMCReadableError(temp));
2278 RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_key_not_exportable.c_str(), ppkcs12, notExportable, exportable)),
2279 CKMCReadableError(temp));
2281 // try to lookup key
2282 ckmc_key_s *key_lookup = NULL;
2284 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2285 CKMCReadableError(temp));
2286 ckmc_key_free(key_lookup);
2289 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), "", &key_lookup)),
2290 CKMCReadableError(temp));
2291 ckmc_key_free(key_lookup);
2293 RUNNER_ASSERT_MSG(CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_key_not_exportable.c_str(), "", &key_lookup)),
2294 CKMCReadableError(temp));
2295 ckmc_key_free(key_lookup);
2297 // try to lookup certificate
2298 ckmc_cert_s *cert_lookup = NULL;
2300 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2301 CKMCReadableError(temp));
2302 ckmc_cert_free(cert_lookup);
2305 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2306 CKMCReadableError(temp));
2307 ckmc_cert_free(cert_lookup);
2310 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_key_not_exportable.c_str(), NULL, &cert_lookup)),
2311 CKMCReadableError(temp));
2312 ckmc_cert_free(cert_lookup);
2315 RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
2318 ckmc_pkcs12_s *pkcs = NULL;
2322 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12("i-do-not-exist", NULL, NULL, &pkcs)),
2323 CKMCReadableError(temp));
2324 ckmc_pkcs12_free(pkcs);
2327 // fail - not exportable
2329 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable.c_str(), NULL, NULL, &pkcs)),
2330 CKMCReadableError(temp));
2331 ckmc_pkcs12_free(pkcs);
2334 // success - partially exportable
2336 CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_key_not_exportable.c_str(), NULL, NULL, &pkcs)),
2337 CKMCReadableError(temp));
2339 RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2340 RUNNER_ASSERT_MSG(NULL == pkcs->priv_key, "there should be no private key in PKCS12");
2341 RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2343 ckmc_cert_list_s *iter = pkcs->ca_chain;
2348 RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2350 ckmc_pkcs12_free(pkcs);
2353 // success - exportable
2355 CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable.c_str(), NULL, NULL, &pkcs)),
2356 CKMCReadableError(temp));
2358 RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2359 RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2360 RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2362 iter = pkcs->ca_chain;
2367 RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2369 ckmc_pkcs12_free(pkcs);
2372 RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
2374 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2377 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2378 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2379 ckmc_raw_buffer_s *signature = NULL;
2382 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2383 alias_PKCS_exportable.c_str(),
2389 CKMCReadableError(temp));
2392 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2393 alias_PKCS_exportable.c_str(),
2399 CKMCReadableError(temp));
2402 RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
2406 // remove the whole PKCS12 bundles
2408 CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_exportable.c_str())),
2409 CKMCReadableError(tmp));
2411 CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_not_exportable.c_str())),
2412 CKMCReadableError(tmp));
2414 CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_key_not_exportable.c_str())),
2415 CKMCReadableError(tmp));
2417 // expect lookup fails due to unknown alias
2418 // try to lookup key
2419 ckmc_key_s *key_lookup = NULL;
2421 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2422 CKMCReadableError(tmp));
2423 ckmc_key_free(key_lookup);
2426 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), NULL, &key_lookup)),
2427 CKMCReadableError(tmp));
2428 ckmc_key_free(key_lookup);
2431 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_key_not_exportable.c_str(), NULL, &key_lookup)),
2432 CKMCReadableError(tmp));
2433 ckmc_key_free(key_lookup);
2435 // try to lookup certificate
2436 ckmc_cert_s *cert_lookup = NULL;
2438 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2439 CKMCReadableError(tmp));
2440 ckmc_cert_free(cert_lookup);
2443 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2444 CKMCReadableError(tmp));
2445 ckmc_cert_free(cert_lookup);
2448 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_key_not_exportable.c_str(), NULL, &cert_lookup)),
2449 CKMCReadableError(tmp));
2450 ckmc_cert_free(cert_lookup);
2453 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2455 remove_user_data(USER_APP);
2459 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2461 RUNNER_TEST(T3201_CAPI_unlock_database)
2463 reset_user_data(USER_APP, USER_PASS);
2466 RUNNER_TEST(T3202_CAPI_get_data_from_empty_database)
2468 ScopedDBUnlock unlock(USER_APP, USER_PASS);
2471 CKM::Alias alias = "mykey";
2472 char *password = NULL;
2473 ckmc_key_s *test_key = NULL;
2476 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2479 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2482 RUNNER_TEST(T3203_CAPI_lock_database)
2484 ScopedDBUnlock unlock(USER_APP, USER_PASS);
2487 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2488 CKMCReadableError(temp));
2491 RUNNER_TEST(T3204_CAPI_get_data_from_locked_database)
2494 CKM::Alias alias = "mykey";
2495 char *password = NULL;
2496 ckmc_key_s *test_key = NULL;
2499 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2500 CKMCReadableError(temp));
2502 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2505 RUNNER_TEST(T3204_deinit)
2507 remove_user_data(USER_APP);