2 * Copyright (c) 2016-2018 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
25 #include <dpl/test/test_runner.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
30 #include <ckm-common.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-password.h>
34 #include <ckm/ckm-type.h>
35 #include <ckm/ckm-pkcs12.h>
37 #include <openssl/x509.h>
38 #include <openssl/x509v3.h>
40 #include <tzplatform_config.h>
43 const int USER_APP = 5001;
45 const int USER_APP_2 = 5020;
46 const int USER_APP_3 = 5030;
48 const char * const APP_PASS = "user-pass";
49 const int USER_TEST = 5001;
51 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
52 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
53 } // namespace anonymous
56 * How to numerate tests:
58 * T - test case (always T)
59 * AB - number of test group (always two digits)
60 * C - test number in group (all tests with same TABC must be run in the same time).
63 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
65 RUNNER_TEST(T0011_Control)
68 auto control = CKM::Control::create();
70 control->removeUserData(0);
71 control->removeUserData(USER_APP_2);
72 control->removeUserData(USER_APP);
75 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
76 "Error=" << CKMErrorToString(temp));
79 RUNNER_TEST(T0012_Control)
82 auto control = CKM::Control::create();
84 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
85 "Error=" << CKMErrorToString(temp));
87 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
88 "Error=" << CKMErrorToString(temp));
91 RUNNER_TEST(T0013_Control)
94 auto control = CKM::Control::create();
96 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
97 "Error=" << CKMErrorToString(temp));
100 RUNNER_TEST(T0014_Control)
103 auto control = CKM::Control::create();
105 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
106 "Error=" << CKMErrorToString(temp));
109 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
110 "Error=" << CKMErrorToString(temp));
113 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
114 "Error=" << CKMErrorToString(temp));
117 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
118 "Error=" << CKMErrorToString(temp));
121 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
122 "Error=" << CKMErrorToString(temp));
125 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
126 "Error=" << CKMErrorToString(temp));
129 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
130 "Error=" << CKMErrorToString(temp));
133 RUNNER_TEST(T0015_Control)
136 auto control = CKM::Control::create();
138 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
139 "Error=" << CKMErrorToString(temp));
141 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
142 "Error=" << CKMErrorToString(temp));
144 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
145 "Error=" << CKMErrorToString(temp));
147 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
148 "Error=" << CKMErrorToString(temp));
151 RUNNER_TEST(T0016_Control_negative_wrong_password)
154 auto control = CKM::Control::create();
156 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
157 "Error=" << CKMErrorToString(temp));
159 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
160 "Error=" << CKMErrorToString(temp));
162 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
163 "Error=" << CKMErrorToString(temp));
165 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
166 "Error=" << CKMErrorToString(temp));
168 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
169 "Error=" << CKMErrorToString(temp));
172 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
174 RUNNER_TEST(T1010_init)
176 unlock_user_data(USER_APP, "user-pass");
179 RUNNER_TEST(T1011_key)
182 auto manager = CKM::Manager::create();
184 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
185 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
186 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
187 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
188 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
189 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
190 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
192 "-----END PUBLIC KEY-----";
194 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
195 auto key = CKM::Key::create(buffer, CKM::Password());
197 CKM::Alias alias = "mykey";
200 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
201 "Error=" << CKMErrorToString(temp));
203 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
204 "Error=" << CKMErrorToString(temp));
206 key->getDER() == key2->getDER(),
207 "Key value has been changed by service");
210 RUNNER_TEST(T1012_certificate)
213 auto manager = CKM::Manager::create();
215 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
216 CKM::CertificateShPtr cert2;
217 CKM::Alias alias = "myCert";
220 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
221 "Error=" << CKMErrorToString(temp));
223 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
224 "Error=" << CKMErrorToString(temp));
226 cert->getDER() == cert2->getDER(),
227 "Data has been modified in key manager");
230 RUNNER_TEST(T1014_save_with_label)
233 auto manager = CKM::Manager::create();
235 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
236 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
237 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
238 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
239 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
240 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
241 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
243 "-----END PUBLIC KEY-----";
245 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
246 auto key = CKM::Key::create(buffer, CKM::Password());
247 CKM::KeyShPtr key_name, key_full_addr;
248 CKM::Alias alias = "mykey-2";
249 std::string top_label = getOwnerIdFromSelf();
250 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
253 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
254 "Error=" << CKMErrorToString(temp));
258 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
259 "Error=" << CKMErrorToString(temp));
261 key->getDER() == key_name->getDER(),
262 "Key value has been changed by service");
264 // lookup by full address
266 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
267 "Error=" << CKMErrorToString(temp));
269 key->getDER() == key_full_addr->getDER(),
270 "Key value has been changed by service");
273 RUNNER_TEST(T1015_deinit)
275 remove_user_data(USER_APP);
278 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
280 RUNNER_TEST(T1020_init)
283 auto control = CKM::Control::create();
285 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
286 "Error=" << CKMErrorToString(temp));
289 RUNNER_TEST(T1021_save_keys_get_alias)
292 auto manager = CKM::Manager::create();
294 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
295 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
296 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
297 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
298 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
299 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
300 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
302 "-----END PUBLIC KEY-----";
304 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
305 auto key = CKM::Key::create(buffer, CKM::Password());
306 CKM::AliasVector labelAliasVector;
308 size_t current_aliases_num = count_aliases(ALIAS_KEY);
310 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
311 "Error=" << CKMErrorToString(temp));
313 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
314 "Error=" << CKMErrorToString(temp));
316 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
317 "Error=" << CKMErrorToString(temp));
319 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
320 "Error=" << CKMErrorToString(temp));
322 labelAliasVector.size() == (current_aliases_num+3),
323 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
326 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
329 auto manager = CKM::Manager::create();
331 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
332 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
333 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
334 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
335 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
336 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
337 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
339 "-----END PUBLIC KEY-----";
341 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
342 auto key = CKM::Key::create(buffer, CKM::Password());
343 CKM::AliasVector labelAliasVector;
345 size_t current_aliases_num = count_aliases(ALIAS_KEY);
347 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
348 "Error=" << CKMErrorToString(temp));
350 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
351 "Error=" << CKMErrorToString(temp));
353 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
354 "Error=" << CKMErrorToString(temp));
356 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
357 "Error=" << CKMErrorToString(temp));
359 labelAliasVector.size() == (current_aliases_num+3),
360 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
363 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
366 auto manager = CKM::Manager::create();
368 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
369 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
370 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
371 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
372 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
373 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
374 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
376 "-----END PUBLIC KEY-----";
378 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
379 auto key = CKM::Key::create(buffer, CKM::Password());
380 CKM::AliasVector aliasVector;
381 CKM::Policy notExportable(CKM::Password(), false);
384 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
385 "Error=" << CKMErrorToString(temp));
387 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
388 "Error=" << CKMErrorToString(temp));
390 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
391 "Error=" << CKMErrorToString(temp));
394 RUNNER_TEST(T1029_deinit)
396 remove_user_data(USER_APP);
399 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
400 RUNNER_TEST(T1030_init)
402 reset_user_data(USER_APP, APP_PASS);
405 RUNNER_TEST(T1032_app_user_save_bin_data)
407 ScopedDBUnlock unlock(USER_APP, APP_PASS);
410 auto manager = CKM::Manager::create();
412 std::string binData = "My bin data";
414 CKM::RawBuffer buffer(binData.begin(), binData.end());
416 CKM::AliasVector labelAliasVector;
418 size_t current_aliases_num = count_aliases(ALIAS_DATA);
420 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
421 "Error=" << CKMErrorToString(temp));
423 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
424 "Error=" << CKMErrorToString(temp));
426 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
427 "Error=" << CKMErrorToString(temp));
429 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
430 "Error=" << CKMErrorToString(temp));
432 labelAliasVector.size() == (current_aliases_num+3),
433 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
436 RUNNER_TEST(T1034_app_remove_bin_data)
438 ScopedDBUnlock unlock(USER_APP, APP_PASS);
441 auto manager = CKM::Manager::create();
443 std::string binData2 = "My bin data";
444 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
446 CKM::AliasVector labelAliasVector;
448 size_t current_aliases_num = count_aliases(ALIAS_DATA);
449 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
451 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
452 "Error=" << CKMErrorToString(temp));
454 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
455 "Error=" << CKMErrorToString(temp));
457 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
458 "Error=" << CKMErrorToString(temp));
460 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
461 "Error=" << CKMErrorToString(temp));
463 labelAliasVector.size() == (current_aliases_num-2),
464 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
466 CKM::RawBuffer buffer;
468 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
469 "Error=" << CKMErrorToString(temp));
474 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
475 "Error=" << CKMErrorToString(temp));
478 RUNNER_TEST(T1035_getData_wrong_password)
480 ScopedDBUnlock unlock(USER_APP, APP_PASS);
483 auto manager = CKM::Manager::create();
485 std::string binData1 = "My bin data4";
487 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
490 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
491 "Error=" << CKMErrorToString(temp));
493 CKM::RawBuffer buffer;
495 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
496 "Error=" << CKMErrorToString(temp));
502 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
503 "Error=" << CKMErrorToString(temp));
506 RUNNER_TEST(T1036_deinit)
508 remove_user_data(USER_APP);
511 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
513 RUNNER_TEST(T1040_init)
516 auto control = CKM::Control::create();
519 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
520 "Error=" << CKMErrorToString(temp));
523 RUNNER_TEST(T1041_create_RSA_key)
526 auto manager = CKM::Manager::create();
529 size_t current_aliases_num = count_aliases(ALIAS_KEY);
531 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
532 "Error=" << CKMErrorToString(temp));
534 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
535 "Error=" << CKMErrorToString(temp));
537 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
538 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
541 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
544 auto manager = CKM::Manager::create();
548 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
549 "Error=" << CKMErrorToString(temp));
551 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
552 "Error=" << CKMErrorToString(temp));
555 RUNNER_TEST(T1043_create_DSA_key)
558 auto manager = CKM::Manager::create();
561 size_t current_aliases_num = count_aliases(ALIAS_KEY);
563 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
564 "Error=" << CKMErrorToString(temp));
566 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
567 "Error=" << CKMErrorToString(temp));
569 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
570 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
573 RUNNER_TEST(T1044_create_AES_key)
576 auto manager = CKM::Manager::create();
579 int current_aliases_num = count_aliases(ALIAS_KEY);
581 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
582 "Error=" << CKMErrorToString(temp));
584 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
585 "Error=" << CKMErrorToString(temp));
587 (current_aliases_num+1) == (temp = av.size()),
588 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
591 RUNNER_TEST(T1049_deinit)
593 remove_user_data(USER_APP);
597 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
599 RUNNER_TEST(T1110_init)
601 unlock_user_data(USER_APP, "user-pass");
604 RUNNER_TEST(T1111_CreateKeyPairRSA)
607 auto manager = CKM::Manager::create();
608 CKM::Alias a1 = "rsa-test-1";
609 CKM::Alias a2 = "rsa-test-2";
613 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
614 "Error=" << CKMErrorToString(temp));
616 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
617 "Error=" << CKMErrorToString(temp));
620 RUNNER_TEST(T1112_CreateKeyPairDSA)
623 auto manager = CKM::Manager::create();
624 CKM::Alias a1 = "dsa-test-1";
625 CKM::Alias a2 = "dsa-test-2";
629 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
630 "Error=" << CKMErrorToString(temp));
632 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
633 "Error=" << CKMErrorToString(temp));
636 RUNNER_TEST(T1113_CreateKeyPairECDSA)
639 auto manager = CKM::Manager::create();
640 CKM::Alias a1 = "ecdsa-test-1";
641 CKM::Alias a2 = "ecdsa-test-2";
645 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
646 "Error=" << CKMErrorToString(temp));
649 RUNNER_TEST(T1114_deinit)
651 remove_user_data(USER_APP);
654 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
656 RUNNER_TEST(T12100_init)
658 reset_user_data(USER_APP, APP_PASS);
661 RUNNER_TEST(T12101_key_exist)
663 ScopedDBUnlock unlock(USER_APP, APP_PASS);
666 auto manager = CKM::Manager::create();
668 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
669 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
670 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
671 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
672 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
673 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
674 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
676 "-----END PUBLIC KEY-----";
678 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
679 auto key = CKM::Key::create(buffer);
680 CKM::Alias alias = "rsa-alias-duplication";
683 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
684 "Error=" << CKMErrorToString(ret));
686 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
687 "Error=" << CKMErrorToString(ret));
691 * These test cases tests API when empty parameters are passed to functions
694 RUNNER_TEST(T12102_saveKey_empty_alias)
696 ScopedDBUnlock unlock(USER_APP, APP_PASS);
698 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
699 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
700 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
701 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
702 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
703 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
704 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
705 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
707 "-----END PUBLIC KEY-----";
709 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
710 auto key = CKM::Key::create(buffer);
711 CKM::Alias alias; //alias is not initialized
714 auto manager = CKM::Manager::create();
716 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
717 "Error=" << CKMErrorToString(ret));
720 RUNNER_TEST(T12103_saveKey_foreign_label)
722 ScopedDBUnlock unlock(USER_APP, APP_PASS);
724 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
725 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
726 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
727 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
728 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
729 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
730 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
732 "-----END PUBLIC KEY-----";
734 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
735 auto key = CKM::Key::create(buffer);
736 CKM::Alias alias = "iamsomebodyelse alias";
739 auto manager = CKM::Manager::create();
741 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
742 "Error=" << CKMErrorToString(ret));
745 RUNNER_TEST(T12104_saveKey_empty_key)
747 ScopedDBUnlock unlock(USER_APP, APP_PASS);
749 CKM::KeyShPtr key; //key is not initialized
750 CKM::Alias alias = "empty-key";
753 auto manager = CKM::Manager::create();
755 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
756 "Error=" << CKMErrorToString(ret));
759 RUNNER_TEST(T12105_saveCertificate_empty_alias)
761 ScopedDBUnlock unlock(USER_APP, APP_PASS);
763 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
764 CKM::Alias alias; //alias is not initialized
767 auto manager = CKM::Manager::create();
769 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
770 "Error=" << CKMErrorToString(temp));
773 RUNNER_TEST(T12106_saveCertificate_foreign_label)
775 ScopedDBUnlock unlock(USER_APP, APP_PASS);
777 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
778 CKM::Alias alias = "iamsomebodyelse alias";
781 auto manager = CKM::Manager::create();
783 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
784 "Error=" << CKMErrorToString(temp));
787 RUNNER_TEST(T12107_saveCertificate_empty_cert)
789 ScopedDBUnlock unlock(USER_APP, APP_PASS);
791 CKM::CertificateShPtr cert; //cert is not initialized
792 CKM::Alias alias = "empty-cert";
795 auto manager = CKM::Manager::create();
797 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
798 "Error=" << CKMErrorToString(temp));
801 RUNNER_TEST(T12108_saveData_empty_alias)
803 ScopedDBUnlock unlock(USER_APP, APP_PASS);
805 std::string testData = "test data test data test data";
806 CKM::RawBuffer buffer(testData.begin(), testData.end());
810 auto manager = CKM::Manager::create();
812 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
813 "Error=" << CKMErrorToString(temp));
816 RUNNER_TEST(T12109_saveData_foreign_label)
818 ScopedDBUnlock unlock(USER_APP, APP_PASS);
820 std::string testData = "test data test data test data";
821 CKM::RawBuffer buffer(testData.begin(), testData.end());
822 CKM::Alias alias = "iamsomebodyelse alias";
825 auto manager = CKM::Manager::create();
827 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
828 "Error=" << CKMErrorToString(temp));
831 RUNNER_TEST(T12110_saveData_empty_data)
833 ScopedDBUnlock unlock(USER_APP, APP_PASS);
835 CKM::RawBuffer buffer;
836 CKM::Alias alias = "empty-data";
839 auto manager = CKM::Manager::create();
841 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
842 "Error=" << CKMErrorToString(temp));
846 * These test cases tests API when trying to get data from not existing alias
849 RUNNER_TEST(T12111_getKey_alias_not_exist)
851 ScopedDBUnlock unlock(USER_APP, APP_PASS);
854 CKM::Alias alias = "this-alias-not-exist";
857 auto manager = CKM::Manager::create();
859 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
860 "Error=" << CKMErrorToString(temp));
863 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
865 ScopedDBUnlock unlock(USER_APP, APP_PASS);
867 CKM::CertificateShPtr certificate;
868 CKM::Alias alias = "this-alias-not-exist";
871 auto manager = CKM::Manager::create();
873 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
874 "Error=" << CKMErrorToString(temp));
877 RUNNER_TEST(T12113_getData_alias_not_exist)
879 ScopedDBUnlock unlock(USER_APP, APP_PASS);
882 auto manager = CKM::Manager::create();
883 CKM::RawBuffer buffer;
884 CKM::Alias alias("some alias");
886 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
887 "Error=" << CKMErrorToString(temp));
891 * These test cases tests API when damaged keys are used
893 RUNNER_TEST(T12114_RSA_key_damaged)
895 ScopedDBUnlock unlock(USER_APP, APP_PASS);
898 auto manager = CKM::Manager::create();
900 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
901 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
902 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
903 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
904 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
905 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
906 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
908 "-----END PUBLIC KEY-----";
910 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
911 auto key = CKM::Key::create(buffer);
912 CKM::Alias alias = "damaged-rsa";
915 NULL == key.get(), "Key is broken. It should be empty");
918 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
919 "Error=" << CKMErrorToString(ret));
922 RUNNER_TEST(T12115_RSA_key_too_short)
924 ScopedDBUnlock unlock(USER_APP, APP_PASS);
927 auto manager = CKM::Manager::create();
929 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
930 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
931 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
932 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
933 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
934 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
935 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
937 "-----END PUBLIC KEY-----";
939 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
940 auto key = CKM::Key::create(buffer);
941 CKM::Alias alias = "short-rsa";
944 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
945 "Error=" << CKMErrorToString(ret));
948 RUNNER_TEST(T12116_DSA_key_too_short)
950 ScopedDBUnlock unlock(USER_APP, APP_PASS);
953 auto manager = CKM::Manager::create();
955 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
956 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
957 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
958 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
959 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
960 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
961 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
962 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
963 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
964 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
966 "-----END PUBLIC KEY-----";
968 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
969 auto key = CKM::Key::create(buffer);
970 CKM::Alias alias = "short-dsa";
973 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
974 "Error=" << CKMErrorToString(ret));
977 RUNNER_TEST(T12117_AES_key_too_short)
980 auto manager = CKM::Manager::create();
982 size_t key_size = (128-1);
983 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
985 auto key = CKM::Key::create(key_AES);
986 CKM::Alias alias = "short-AES";
989 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
990 "Error=" << CKMErrorToString(ret));
994 * These test cases tests CKM service if malicious data is provided over the socket.
997 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
999 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1002 auto manager = CKM::Manager::create();
1004 // fake the client - let the service detect the problem
1005 class WrongKeyImpl : public CKM::Key
1008 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1011 virtual bool empty() const {
1015 virtual CKM::KeyType getType() const {
1016 return CKM::KeyType::KEY_RSA_PUBLIC;
1018 virtual int getSize() const {
1021 virtual CKM::ElipticCurve getCurve() const {
1022 return CKM::ElipticCurve::prime192v1;
1024 virtual CKM::RawBuffer getDER() const {
1027 virtual ~WrongKeyImpl() {}
1029 CKM::RawBuffer & m_dummy;
1031 std::string dummyData = "my_cat_Berta\n";
1032 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1033 auto key = std::make_shared<WrongKeyImpl>(buffer);
1034 CKM::Alias alias = "damaged-rsa";
1037 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1038 "Error=" << CKMErrorToString(ret));
1041 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1043 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1045 // fake the client - let the service detect the problem
1046 class WrongCertImpl : public CKM::Certificate
1049 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1050 m_x509 = X509_new();
1053 bool empty() const {
1057 virtual X509 *getX509() const {
1061 virtual CKM::RawBuffer getDER() const {
1065 virtual ~WrongCertImpl() {
1070 CKM::RawBuffer & m_dummy;
1072 std::string dummyData = "my_cat_Stefan\n";
1073 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1074 auto cert = std::make_shared<WrongCertImpl>(buffer);
1075 CKM::Alias alias = "damaged-cert";
1078 auto manager = CKM::Manager::create();
1080 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1081 "Error=" << CKMErrorToString(temp));
1084 RUNNER_TEST(T12120_deinit)
1086 remove_user_data(USER_APP);
1089 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1091 RUNNER_TEST(T1311_init)
1093 remove_user_data(USER_APP);
1094 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1095 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1097 struct hostent* he = gethostbyname("google.com");
1099 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1100 "is not woking on the device. OCSP tests requires network access!");
1103 RUNNER_TEST(T13121_get_chain_no_cert)
1105 CKM::CertificateShPtrVector certChain;
1106 CKM::CertificateShPtr cert;
1108 auto manager = CKM::Manager::create();
1110 int ret = manager->getCertificateChain(cert,
1115 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1116 "Function should fail for empty certificate");
1119 RUNNER_TEST(T13122_get_chain_empty_cert)
1121 CKM::CertificateShPtrVector certChain;
1122 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1123 CKM::DataFormat::FORM_PEM);
1125 auto manager = CKM::Manager::create();
1127 int ret = manager->getCertificateChain(cert,
1132 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1133 "Function should fail for empty certificate");
1136 RUNNER_TEST(T13129_get_chain)
1138 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1139 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1141 CKM::CertificateShPtrVector certVector = {cert1};
1142 CKM::CertificateShPtrVector certChain;
1145 auto manager = CKM::Manager::create();
1147 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1148 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1150 tmp = manager->getCertificateChain(cert,
1155 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1156 "Error=" << CKMErrorToString(tmp));
1159 0 == certChain.size(),
1160 "Wrong size of certificate chain.");
1162 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1163 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1166 3 == certChain.size(),
1167 "Wrong size of certificate chain.");
1170 RUNNER_TEST(T1313_get_chain_with_alias)
1172 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1173 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1175 CKM::CertificateShPtrVector certChain;
1176 CKM::AliasVector aliasVector;
1177 CKM::Alias alias = "imcert";
1180 auto manager = CKM::Manager::create();
1182 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1183 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1185 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1186 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1187 "Error=" << CKMErrorToString(tmp));
1190 0 == certChain.size(),
1191 "Wrong size of certificate chain.");
1194 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1195 "Error=" << CKMErrorToString(tmp));
1197 aliasVector.push_back(alias);
1199 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1200 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1203 3 == certChain.size(),
1204 "Wrong size of certificate chain.");
1207 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1209 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1210 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1211 CKM::CertificateShPtrVector certVector = {cert1};
1212 CKM::CertificateShPtrVector certChain;
1215 auto manager = CKM::Manager::create();
1217 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1218 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1220 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1221 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1222 "Error=" << CKMErrorToString(tmp));
1225 0 == certChain.size(),
1226 "Wrong size of certificate chain.");
1228 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1229 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1232 3 == certChain.size(),
1233 "Wrong size of certificate chain.");
1237 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1238 "Error=" << CKMErrorToString(tmp));
1240 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1243 RUNNER_TEST(T13142_ocsp_check_empty)
1245 CKM::CertificateShPtrVector certVector;
1247 auto manager = CKM::Manager::create();
1252 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1253 "ocspCheck should fail for empty certificate vector");
1256 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1258 CKM::CertificateShPtrVector certVector = {
1259 CKM::CertificateShPtr(),
1260 CKM::CertificateShPtr(),
1261 CKM::CertificateShPtr()};
1263 auto manager = CKM::Manager::create();
1268 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1269 "ocspCheck should fail for empty certificate vector");
1272 RUNNER_TEST(T13144_ocsp_check_root)
1274 auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA);
1275 CKM::CertificateShPtrVector certVector = {root};
1277 auto manager = CKM::Manager::create();
1279 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1284 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1285 "Ocsp should fail for single certificate");
1288 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1290 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1291 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1293 CKM::CertificateShPtrVector certVector = {ca, root};
1295 auto manager = CKM::Manager::create();
1297 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1298 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1303 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1304 "Error=" << CKMErrorToString(tmp));
1306 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1309 RUNNER_TEST(T1315_deinit)
1311 remove_user_data(USER_APP);
1314 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1316 RUNNER_TEST(T1411_init)
1318 remove_user_data(USER_APP);
1321 RUNNER_TEST(T1412_RSA_key_create_verify)
1324 auto manager = CKM::Manager::create();
1326 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1327 "Proc-Type: 4,ENCRYPTED\n"
1328 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1330 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1331 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1332 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1333 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1334 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1335 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1336 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1337 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1338 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1339 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1340 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1341 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1342 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1343 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1344 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1345 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1346 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1347 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1348 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1349 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1350 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1351 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1352 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1353 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1354 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1355 "-----END RSA PRIVATE KEY-----\n";
1357 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1358 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1359 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1360 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1361 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1362 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1363 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1365 "-----END PUBLIC KEY-----\n";
1367 std::string message = "message test";
1369 CKM::Alias aliasPub = "pub1";
1370 CKM::Alias aliasPrv = "prv1";
1371 CKM::Password password = "1234";
1372 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1373 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1374 CKM::RawBuffer signature;
1376 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1377 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1379 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1380 "Key is empty. Failed to import public key.");
1381 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1382 "Key is empty. Failed to import private key.");
1385 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1386 "Error=" << CKMErrorToString(temp));
1388 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1389 "Error=" << CKMErrorToString(temp));
1392 CKM_API_SUCCESS == (temp = manager->createSignature(
1395 CKM::RawBuffer(message.begin(), message.end()),
1399 "Error=" << CKMErrorToString(temp));
1402 CKM_API_SUCCESS == (temp = manager->verifySignature(
1405 CKM::RawBuffer(message.begin(), message.end()),
1409 "Error=" << CKMErrorToString(temp));
1412 RUNNER_TEST(T1413_DSA_key_create_verify)
1415 auto manager = CKM::Manager::create();
1417 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1418 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1419 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1420 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1421 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1422 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1423 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1424 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1425 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1426 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1427 "u1roOuaPY+Hl19BlTE2qdw==\n"
1428 "-----END DSA PRIVATE KEY-----";
1430 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1431 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1432 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1433 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1434 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1435 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1436 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1437 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1438 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1439 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1440 "YMYCBhubtrVaLmc=\n"
1441 "-----END PUBLIC KEY-----";
1443 std::string message = "message test";
1445 CKM::Alias aliasPub = "pub2";
1446 CKM::Alias aliasPrv = "prv2";
1447 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1448 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1449 CKM::RawBuffer signature;
1451 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1452 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1454 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1455 "Key is empty. Failed to import public key.");
1456 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1457 "Key is empty. Failed to import private key.");
1460 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1461 "Error=" << CKMErrorToString(temp));
1463 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1464 "Error=" << CKMErrorToString(temp));
1467 CKM_API_SUCCESS == (temp = manager->createSignature(
1470 CKM::RawBuffer(message.begin(), message.end()),
1474 "Error=" << CKMErrorToString(temp));
1477 CKM_API_SUCCESS == (temp = manager->verifySignature(
1480 CKM::RawBuffer(message.begin(), message.end()),
1484 "Error=" << CKMErrorToString(temp));
1488 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1491 auto manager = CKM::Manager::create();
1493 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1494 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1495 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1496 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1497 "-----END EC PRIVATE KEY-----\n";
1499 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1500 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1501 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1502 "-----END PUBLIC KEY-----\n";
1504 std::string message = "message test";
1506 CKM::Alias aliasPub = "ecpub2";
1507 CKM::Alias aliasPrv = "ecprv2";
1508 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1509 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1510 CKM::RawBuffer signature;
1512 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1513 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1515 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1516 "Key is empty. Failed to import public key.");
1517 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1518 "Key is empty. Failed to import private key.");
1521 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1522 "Error=" << CKMErrorToString(temp));
1524 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1525 "Error=" << CKMErrorToString(temp));
1528 CKM_API_SUCCESS == (temp = manager->createSignature(
1531 CKM::RawBuffer(message.begin(), message.end()),
1535 "Error=" << CKMErrorToString(temp));
1538 CKM_API_SUCCESS == (temp = manager->verifySignature(
1541 CKM::RawBuffer(message.begin(), message.end()),
1545 "Error=" << CKMErrorToString(temp));
1547 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1549 memcpy((void*)signature.data(), "BROKEN", 6);
1552 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1555 CKM::RawBuffer(message.begin(), message.end()),
1559 "Error=" << CKMErrorToString(temp));
1562 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1565 auto manager = CKM::Manager::create();
1566 std::string message = "message asdfaslkdfjlksadjf test";
1568 CKM::Alias aliasPub = "pub1";
1569 CKM::Alias aliasPrv = "prv1";
1571 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1572 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1573 CKM::RawBuffer signature;
1576 CKM_API_SUCCESS == (temp = manager->createSignature(
1579 CKM::RawBuffer(message.begin(), message.end()),
1583 "Error=" << CKMErrorToString(temp));
1586 CKM_API_SUCCESS == (temp = manager->verifySignature(
1589 CKM::RawBuffer(message.begin(), message.end()),
1593 "Error=" << CKMErrorToString(temp));
1595 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1596 memcpy((void*)signature.data(), "BROKEN", 6);
1599 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1602 CKM::RawBuffer(message.begin(), message.end()),
1606 "Error=" << CKMErrorToString(temp));
1609 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1612 auto manager = CKM::Manager::create();
1613 std::string message = "message asdfaslkdfjlksadjf test";
1615 CKM::Alias aliasPub = "pub2";
1616 CKM::Alias aliasPrv = "prv2";
1618 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1619 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1620 CKM::RawBuffer signature;
1623 CKM_API_SUCCESS == (temp = manager->createSignature(
1626 CKM::RawBuffer(message.begin(), message.end()),
1630 "Error=" << CKMErrorToString(temp));
1633 CKM_API_SUCCESS == (temp = manager->verifySignature(
1636 CKM::RawBuffer(message.begin(), message.end()),
1640 "Error=" << CKMErrorToString(temp));
1642 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1643 memcpy((void*)signature.data(), "BROKEN", 6);
1646 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1649 CKM::RawBuffer(message.begin(), message.end()),
1653 "Error=" << CKMErrorToString(temp));
1656 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1659 auto manager = CKM::Manager::create();
1662 "-----BEGIN RSA PRIVATE KEY-----\n"
1663 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1664 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1665 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1666 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1667 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1668 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1669 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1670 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1671 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1672 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1673 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1674 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1675 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1676 "-----END RSA PRIVATE KEY-----\n";
1679 "-----BEGIN CERTIFICATE-----\n"
1680 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1681 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1682 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1683 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1684 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1685 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1686 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1687 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1688 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1689 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1690 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1691 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1692 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1693 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1694 "-----END CERTIFICATE-----\n";
1696 std::string message = "message test";
1698 CKM::Alias aliasPub = "pub1-cert";
1699 CKM::Alias aliasPrv = "prv1-cert";
1700 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1701 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1702 CKM::RawBuffer signature;
1704 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1705 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1707 RUNNER_ASSERT_MSG(NULL != cert.get(),
1708 "Key is empty. Failed to import public key.");
1709 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1710 "Key is empty. Failed to import private key.");
1713 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1714 "Error=" << CKMErrorToString(temp));
1716 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1717 "Error=" << CKMErrorToString(temp));
1720 CKM_API_SUCCESS == (temp = manager->createSignature(
1723 CKM::RawBuffer(message.begin(), message.end()),
1727 "Error=" << CKMErrorToString(temp));
1730 CKM_API_SUCCESS == (temp = manager->verifySignature(
1733 CKM::RawBuffer(message.begin(), message.end()),
1737 "Error=" << CKMErrorToString(temp));
1739 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1741 memcpy((void*)signature.data(), "BROKEN", 6);
1744 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1747 CKM::RawBuffer(message.begin(), message.end()),
1751 "Error=" << CKMErrorToString(temp));
1754 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1757 auto manager = CKM::Manager::create();
1759 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1760 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1761 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1762 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1763 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1764 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1765 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1766 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1767 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1768 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1769 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1770 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1771 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1772 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1773 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1774 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1775 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1776 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1777 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1778 "-----END CERTIFICATE-----\n";
1780 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1781 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1782 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1783 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1784 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1785 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1786 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1787 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1788 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1789 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1790 "vonbjii3BYe4AIdkzOvp\n"
1791 "-----END DSA PRIVATE KEY-----\n";
1793 std::string message = "message test";
1795 CKM::Alias aliasPub = "pub2-cert";
1796 CKM::Alias aliasPrv = "prv2-cert";
1797 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1798 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1799 CKM::RawBuffer signature;
1801 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1802 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1804 RUNNER_ASSERT_MSG(NULL != cert.get(),
1805 "Key is empty. Failed to import public key.");
1806 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1807 "Key is empty. Failed to import private key.");
1810 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1811 "Error=" << CKMErrorToString(temp));
1813 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1814 "Error=" << CKMErrorToString(temp));
1817 CKM_API_SUCCESS == (temp = manager->createSignature(
1820 CKM::RawBuffer(message.begin(), message.end()),
1824 "Error=" << CKMErrorToString(temp));
1827 CKM_API_SUCCESS == (temp = manager->verifySignature(
1830 CKM::RawBuffer(message.begin(), message.end()),
1834 "Error=" << CKMErrorToString(temp));
1836 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1838 memcpy((void*)signature.data(), "BROKEN", 6);
1841 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1844 CKM::RawBuffer(message.begin(), message.end()),
1848 "Error=" << CKMErrorToString(temp));
1851 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
1854 auto manager = CKM::Manager::create();
1857 "-----BEGIN EC PRIVATE KEY-----\n"
1858 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1859 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1860 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1861 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1862 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1863 "ELyhe7yPCAuOoLZlTLgf\n"
1864 "-----END EC PRIVATE KEY-----\n";
1867 "-----BEGIN CERTIFICATE-----\n"
1868 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1869 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1870 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1871 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1872 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1873 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1874 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1875 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1876 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1877 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1878 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1879 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1880 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1881 "Q1oBry6NEc+lLFmWMDesAA==\n"
1882 "-----END CERTIFICATE-----\n";
1884 std::string message = "message test";
1886 CKM::Alias aliasPub = "pub3";
1887 CKM::Alias aliasPrv = "prv3";
1888 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1889 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1890 CKM::RawBuffer signature;
1892 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1893 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1895 RUNNER_ASSERT_MSG(NULL != cert.get(),
1896 "Key is empty. Failed to import public key.");
1897 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1898 "Key is empty. Failed to import private key.");
1901 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1902 "Error=" << CKMErrorToString(temp));
1904 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1905 "Error=" << CKMErrorToString(temp));
1908 CKM_API_SUCCESS == (temp = manager->createSignature(
1911 CKM::RawBuffer(message.begin(), message.end()),
1915 "Error=" << CKMErrorToString(temp));
1918 CKM_API_SUCCESS == (temp = manager->verifySignature(
1921 CKM::RawBuffer(message.begin(), message.end()),
1925 "Error=" << CKMErrorToString(temp));
1927 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1929 memcpy((void*)signature.data(), "BROKEN", 6);
1932 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1935 CKM::RawBuffer(message.begin(), message.end()),
1939 "Error=" << CKMErrorToString(temp));
1942 RUNNER_TEST(T1420_deinit)
1944 remove_user_data(USER_APP);
1947 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
1949 RUNNER_TEST(T14180_init)
1952 remove_user_data(USER_APP);
1954 auto manager = CKM::Manager::create();
1956 // Prepare RSA Key Pair
1957 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1958 "Proc-Type: 4,ENCRYPTED\n"
1959 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1961 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1962 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1963 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1964 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1965 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1966 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1967 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1968 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1969 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1970 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1971 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1972 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1973 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1974 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1975 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1976 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1977 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1978 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1979 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1980 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1981 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1982 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1983 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1984 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1985 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1986 "-----END RSA PRIVATE KEY-----\n";
1988 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1989 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1990 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1991 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1992 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1993 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1994 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1996 "-----END PUBLIC KEY-----\n";
1998 CKM::Alias aliasPub = "pub_nohash1";
1999 CKM::Alias aliasPrv = "prv_nohash1";
2000 CKM::Password password = "1234";
2002 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2003 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2005 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2006 "Key is empty. Failed to import public key.");
2007 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2008 "Key is empty. Failed to import private key.");
2011 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2012 "Error=" << CKMErrorToString(temp));
2014 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2015 "Error=" << CKMErrorToString(temp));
2017 // Prepare ECDSA Key Pair
2018 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2019 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2020 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2021 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2022 "-----END EC PRIVATE KEY-----\n";
2024 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2025 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2026 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2027 "-----END PUBLIC KEY-----\n";
2029 CKM::Alias aliasEcPub = "ecpub_nohash1";
2030 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2032 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2033 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2035 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2036 "Key is empty. Failed to import public key.");
2037 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2038 "Key is empty. Failed to import private key.");
2041 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2042 "Error=" << CKMErrorToString(temp));
2044 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2045 "Error=" << CKMErrorToString(temp));
2049 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2052 auto manager = CKM::Manager::create();
2053 std::string message = "message asdfaslkdfjlksadjf test";
2055 CKM::Alias aliasPub = "pub_nohash1";
2056 CKM::Alias aliasPrv = "prv_nohash1";
2058 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2059 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2060 CKM::RawBuffer signature;
2063 CKM_API_SUCCESS == (temp = manager->createSignature(
2066 CKM::RawBuffer(message.begin(), message.end()),
2070 "Error=" << CKMErrorToString(temp));
2073 CKM_API_SUCCESS == (temp = manager->verifySignature(
2076 CKM::RawBuffer(message.begin(), message.end()),
2080 "Error=" << CKMErrorToString(temp));
2082 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2083 memcpy((void*)signature.data(), "BROKEN", 6);
2086 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2089 CKM::RawBuffer(message.begin(), message.end()),
2093 "Error=" << CKMErrorToString(temp));
2096 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2099 auto manager = CKM::Manager::create();
2100 std::string message = "message asdfaslkdfjlksadjf test";
2102 CKM::Alias aliasPub = "pub_nohash1";
2103 CKM::Alias aliasPrv = "prv_nohash1";
2105 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2106 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2107 CKM::RawBuffer signature;
2110 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2113 CKM::RawBuffer(message.begin(), message.end()),
2117 "Error=" << CKMErrorToString(temp));
2120 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2123 auto manager = CKM::Manager::create();
2124 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2125 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2126 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2127 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2128 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2129 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2130 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2131 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2132 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2133 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2134 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2135 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2136 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2137 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2138 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2139 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2140 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2141 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2142 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2143 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2145 CKM::Alias aliasPub = "pub_nohash1";
2146 CKM::Alias aliasPrv = "prv_nohash1";
2148 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2149 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2150 CKM::RawBuffer signature;
2153 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2156 CKM::RawBuffer(message.begin(), message.end()),
2160 "Error=" << CKMErrorToString(temp));
2164 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2167 auto manager = CKM::Manager::create();
2169 std::string message = "message test";
2171 CKM::Alias aliasPub = "ecpub_nohash1";
2172 CKM::Alias aliasPrv = "ecprv_nohash1";
2173 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2174 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2175 CKM::RawBuffer signature;
2178 CKM_API_SUCCESS == (temp = manager->createSignature(
2181 CKM::RawBuffer(message.begin(), message.end()),
2185 "Error=" << CKMErrorToString(temp));
2188 CKM_API_SUCCESS == (temp = manager->verifySignature(
2191 CKM::RawBuffer(message.begin(), message.end()),
2195 "Error=" << CKMErrorToString(temp));
2197 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2199 memcpy((void*)signature.data(), "BROKEN", 6);
2202 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2205 CKM::RawBuffer(message.begin(), message.end()),
2209 "Error=" << CKMErrorToString(temp));
2212 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2215 auto manager = CKM::Manager::create();
2217 int msgSize = 1024*1024;
2218 char big_msg[msgSize];
2219 for(int i =0; i<msgSize-1; i++) {
2222 big_msg[msgSize-1]=0x00;
2223 std::string message(big_msg);
2225 CKM::Alias aliasPub = "ecpub_nohash1";
2226 CKM::Alias aliasPrv = "ecprv_nohash1";
2227 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2228 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2229 CKM::RawBuffer signature;
2232 CKM_API_SUCCESS == (temp = manager->createSignature(
2235 CKM::RawBuffer(message.begin(), message.end()),
2239 "Error=" << CKMErrorToString(temp));
2243 RUNNER_TEST(T14189_deinit)
2245 remove_user_data(USER_APP);
2249 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2253 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2254 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2255 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2256 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2257 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2260 RUNNER_TEST(T1800_init)
2262 remove_user_data(USER_APP);
2265 RUNNER_TEST(T1801_parse_PKCS12) {
2266 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2267 std::istreambuf_iterator<char> begin(is), end;
2268 std::vector<char> buff(begin, end);
2270 CKM::RawBuffer buffer(buff.size());
2271 memcpy(buffer.data(), buff.data(), buff.size());
2273 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2276 "Error in PKCS12::create()");
2278 auto cert = pkcs->getCertificate();
2281 "Error in PKCS12::getCertificate()");
2283 auto key = pkcs->getKey();
2286 "Error in PKCS12::getKey()");
2288 auto caVector = pkcs->getCaCertificateShPtrVector();
2290 0 == caVector.size(),
2291 "Wrong size of vector");
2294 RUNNER_TEST(T1802_negative_wrong_password) {
2295 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2296 std::istreambuf_iterator<char> begin(is), end;
2297 std::vector<char> buff(begin, end);
2299 CKM::RawBuffer buffer(buff.size());
2300 memcpy(buffer.data(), buff.data(), buff.size());
2302 auto pkcs = CKM::PKCS12::create(buffer, "error");
2305 "Expected error in PKCS12::create()");
2308 RUNNER_TEST(T1803_negative_broken_buffer) {
2309 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2310 std::istreambuf_iterator<char> begin(is), end;
2311 std::vector<char> buff(begin, end);
2313 CKM::RawBuffer buffer(buff.size());
2314 memcpy(buffer.data(), buff.data(), buff.size());
2316 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2319 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2322 "Expected error in PKCS12::create()");
2325 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2327 auto manager = CKM::Manager::create();
2328 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2329 std::istreambuf_iterator<char> begin(is), end;
2330 std::vector<char> buff(begin, end);
2332 CKM::RawBuffer buffer(buff.size());
2333 memcpy(buffer.data(), buff.data(), buff.size());
2335 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2338 "Error in PKCS12::create()");
2341 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2342 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2343 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2344 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2345 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2346 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2347 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2348 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2349 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2350 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2351 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2352 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2353 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2354 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2355 "-----END RSA PRIVATE KEY-----\n";
2357 std::string message = "message test";
2359 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2360 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2361 "Key is empty. Failed to import private key.");
2365 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2366 "Error=" << CKMErrorToString(temp));
2369 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2370 "Error=" << CKMErrorToString(temp));
2373 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2375 auto manager = CKM::Manager::create();
2376 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2377 std::istreambuf_iterator<char> begin(is), end;
2378 std::vector<char> buff(begin, end);
2380 CKM::RawBuffer buffer(buff.size());
2381 memcpy(buffer.data(), buff.data(), buff.size());
2383 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2386 "Error in PKCS12::create()");
2388 auto cert = pkcs->getCertificate();
2391 "Error in PKCS12::getCertificate()");
2393 auto key = pkcs->getKey();
2396 "Error in PKCS12::getKey()");
2398 auto caVector = pkcs->getCaCertificateShPtrVector();
2400 2 == caVector.size(),
2401 "Wrong size of vector");
2405 CKM::Policy exportable;
2406 CKM::Policy notExportable(CKM::Password(), false);
2409 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2410 "Error=" << CKMErrorToString(tmp));
2412 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2413 "Error=" << CKMErrorToString(tmp));
2415 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2416 "Error=" << CKMErrorToString(tmp));
2418 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2419 "Error=" << CKMErrorToString(tmp));
2421 // try to lookup key
2422 CKM::KeyShPtr key_lookup;
2424 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2425 "Error=" << CKMErrorToString(tmp));
2427 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2428 "Error=" << CKMErrorToString(tmp));
2430 // try to lookup certificate
2431 CKM::CertificateShPtr cert_lookup;
2433 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2434 "Error=" << CKMErrorToString(tmp));
2436 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2437 "Error=" << CKMErrorToString(tmp));
2440 RUNNER_TEST(T1806_get_PKCS)
2443 auto manager = CKM::Manager::create();
2445 CKM::PKCS12ShPtr pkcs;
2449 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2450 "Error=" << CKMErrorToString(temp));
2452 // fail - not exportable
2454 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2455 "Error=" << CKMErrorToString(temp));
2457 // success - exportable
2459 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2460 "Error=" << CKMErrorToString(temp));
2462 auto cert = pkcs->getCertificate();
2465 "Error in PKCS12::getCertificate()");
2467 auto key = pkcs->getKey();
2470 "Error in PKCS12::getKey()");
2472 auto caVector = pkcs->getCaCertificateShPtrVector();
2474 2 == caVector.size(),
2475 "Wrong size of vector");
2478 RUNNER_TEST(T1807_create_and_verify_signature)
2481 auto manager = CKM::Manager::create();
2483 std::string message = "message test";
2485 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2486 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2487 CKM::RawBuffer signature;
2490 CKM_API_SUCCESS == (temp = manager->createSignature(
2491 alias_PKCS_exportable,
2493 CKM::RawBuffer(message.begin(), message.end()),
2497 "Error=" << CKMErrorToString(temp));
2500 CKM_API_SUCCESS == (temp = manager->verifySignature(
2501 alias_PKCS_exportable,
2503 CKM::RawBuffer(message.begin(), message.end()),
2507 "Error=" << CKMErrorToString(temp));
2510 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2513 auto manager = CKM::Manager::create();
2515 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2516 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2517 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2518 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2519 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2520 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2521 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2522 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2523 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2524 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2525 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2526 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2527 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2528 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2529 "-----END RSA PRIVATE KEY-----";
2530 std::string message = "message test";
2532 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2533 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2534 "Key is empty. Failed to import private key.");
2537 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2538 "Error=" << CKMErrorToString(temp));
2540 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2541 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2542 CKM::RawBuffer signature;
2545 CKM_API_SUCCESS == (temp = manager->createSignature(
2546 alias_PKCS_priv_key_copy,
2548 CKM::RawBuffer(message.begin(), message.end()),
2552 "Error=" << CKMErrorToString(temp));
2555 CKM_API_SUCCESS == (temp = manager->verifySignature(
2556 alias_PKCS_exportable,
2558 CKM::RawBuffer(message.begin(), message.end()),
2562 "Error=" << CKMErrorToString(temp));
2565 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2568 auto manager = CKM::Manager::create();
2570 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2571 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2572 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2573 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2574 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2575 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2576 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2577 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2578 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2579 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2580 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2581 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2582 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2583 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2584 "-----END RSA PRIVATE KEY-----\n";
2586 std::string message = "message test";
2588 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2589 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2590 "Key is empty. Failed to import private key.");
2593 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2594 "Error=" << CKMErrorToString(temp));
2596 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2597 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2598 CKM::RawBuffer signature;
2601 CKM_API_SUCCESS == (temp = manager->createSignature(
2602 alias_PKCS_priv_key_wrong,
2604 CKM::RawBuffer(message.begin(), message.end()),
2608 "Error=" << CKMErrorToString(temp));
2611 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2612 alias_PKCS_exportable,
2614 CKM::RawBuffer(message.begin(), message.end()),
2618 "Error=" << CKMErrorToString(temp));
2621 RUNNER_TEST(T1810_verify_get_certificate_chain)
2623 // this certificate has been signed using PKCS chain
2625 "-----BEGIN CERTIFICATE-----\n"
2626 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
2627 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
2628 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
2629 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
2630 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
2631 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
2632 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
2633 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
2634 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
2635 "-----END CERTIFICATE-----\n";
2637 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2638 CKM::CertificateShPtrVector certChain;
2639 CKM::AliasVector aliasVector;
2642 auto manager = CKM::Manager::create();
2644 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2646 tmp = manager->getCertificateChain(cert,
2651 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2652 "Error=" << CKMErrorToString(tmp));
2655 0 == certChain.size(),
2656 "Wrong size of certificate chain.");
2658 aliasVector.push_back(alias_PKCS_exportable);
2660 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2661 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
2663 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2665 4 == certChain.size(),
2666 "Wrong size of certificate chain: " << certChain.size());
2669 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2671 auto manager = CKM::Manager::create();
2675 // remove the whole PKCS12 bundles
2677 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2678 "Error=" << CKMErrorToString(tmp));
2680 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2681 "Error=" << CKMErrorToString(tmp));
2683 // expect lookup fails due to unknown alias
2684 // try to lookup key
2685 CKM::KeyShPtr key_lookup;
2687 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2688 "Error=" << CKMErrorToString(tmp));
2690 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2691 "Error=" << CKMErrorToString(tmp));
2693 // try to lookup certificate
2694 CKM::CertificateShPtr cert_lookup;
2696 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2697 "Error=" << CKMErrorToString(tmp));
2699 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2700 "Error=" << CKMErrorToString(tmp));
2703 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2705 CKM::Alias alias = "t1812alias1";
2707 auto manager = CKM::Manager::create();
2708 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2709 std::istreambuf_iterator<char> begin(is), end;
2710 std::vector<char> buff(begin, end);
2712 CKM::PKCS12ShPtr pkcs12;
2713 CKM::Password pass1 = "easypass1";
2714 CKM::Password pass2 = "easypass2";
2716 CKM::RawBuffer buffer(buff.size());
2717 memcpy(buffer.data(), buff.data(), buff.size());
2719 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2722 "Error in PKCS12::create()");
2726 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2727 "Error=" << CKMErrorToString(temp));
2730 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2731 "Error=" << CKMErrorToString(temp));
2734 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2735 "Error=" << CKMErrorToString(temp));
2738 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2739 "Error=" << CKMErrorToString(temp));
2742 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2743 "Error=" << CKMErrorToString(temp));
2746 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2747 "Error=" << CKMErrorToString(temp));
2749 CKM::CertificateShPtr cert;
2751 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2752 "Error=" << CKMErrorToString(temp));
2754 CKM::CertificateShPtrVector certChain;
2755 CKM::AliasVector certVect;
2756 certVect.push_back(alias);
2759 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2760 "Error=" << CKMErrorToString(temp));
2763 RUNNER_TEST(T1813_deinit)
2766 auto control = CKM::Control::create();
2769 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2770 "Error=" << CKMErrorToString(temp));
2773 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2775 const char * const T190_PASSWD = "t190-special-password";
2777 RUNNER_TEST(T1901_init_unlock_key)
2779 reset_user_data(USER_APP, T190_PASSWD);
2782 RUNNER_TEST(T1902_get_data)
2784 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2786 auto manager = CKM::Manager::create();
2789 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2792 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2793 "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
2796 RUNNER_TEST(T1903_lock_database)
2799 auto control = CKM::Control::create();
2801 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2802 "Error=" << CKMErrorToString(tmp));
2805 RUNNER_TEST(T1904_get_data_from_locked_database)
2807 auto manager = CKM::Manager::create();
2810 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2813 CKM_API_ERROR_DB_LOCKED == status1,
2814 "Could not get key from locked database. Error=" << CKMErrorToString(status1));
2817 RUNNER_TEST(T1905_deinit)
2819 remove_user_data(USER_APP);
2822 int main(int argc, char *argv[])
2824 uid_t expected_uid = tzplatform_getuid(TZ_SYS_DEFAULT_USER);
2825 if (expected_uid != geteuid()) {
2826 std::string userStr("owner");
2827 const char* user = tzplatform_getenv(TZ_SYS_DEFAULT_USER);
2831 std::cerr << argv[0] << " should be executed as " << userStr << ". Aborting" << std::endl;
2835 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob