3 #include <dpl/test/test_runner.h>
5 #include <tests_common.h>
6 #include <test-certs.h>
8 #include <ckm-common.h>
9 #include <ckm/ckm-manager.h>
10 #include <ckm/ckm-control.h>
11 #include <ckm/ckm-password.h>
12 #include <ckm/ckm-type.h>
13 #include <ckm/ckm-pkcs12.h>
17 #include <openssl/x509.h>
18 #include <openssl/x509v3.h>
21 const int USER_APP = 5001;
23 const int USER_APP_2 = 5020;
24 const int USER_APP_3 = 5030;
26 const char * const APP_PASS = "user-pass";
27 const int USER_TEST = 5001;
29 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
30 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
31 } // namespace anonymous
34 * How to numerate tests:
36 * T - test case (always T)
37 * AB - number of test group (always two digits)
38 * C - test number in group (all tests with same TABC must be run in the same time).
41 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
43 RUNNER_TEST(T0011_Control)
46 auto control = CKM::Control::create();
48 control->removeUserData(0);
49 control->removeUserData(USER_APP_2);
50 control->removeUserData(USER_APP);
53 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
54 "Error=" << CKMErrorToString(temp));
57 RUNNER_TEST(T0012_Control)
60 auto control = CKM::Control::create();
62 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
63 "Error=" << CKMErrorToString(temp));
65 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
66 "Error=" << CKMErrorToString(temp));
69 RUNNER_TEST(T0013_Control)
72 auto control = CKM::Control::create();
74 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
75 "Error=" << CKMErrorToString(temp));
78 RUNNER_TEST(T0014_Control)
81 auto control = CKM::Control::create();
83 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
84 "Error=" << CKMErrorToString(temp));
87 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
88 "Error=" << CKMErrorToString(temp));
91 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
92 "Error=" << CKMErrorToString(temp));
95 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
96 "Error=" << CKMErrorToString(temp));
99 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
100 "Error=" << CKMErrorToString(temp));
103 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
104 "Error=" << CKMErrorToString(temp));
107 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
108 "Error=" << CKMErrorToString(temp));
111 RUNNER_TEST(T0015_Control)
114 auto control = CKM::Control::create();
116 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
117 "Error=" << CKMErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
120 "Error=" << CKMErrorToString(temp));
122 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
123 "Error=" << CKMErrorToString(temp));
125 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
126 "Error=" << CKMErrorToString(temp));
129 RUNNER_TEST(T0016_Control_negative_wrong_password)
132 auto control = CKM::Control::create();
134 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
135 "Error=" << CKMErrorToString(temp));
137 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
138 "Error=" << CKMErrorToString(temp));
140 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
141 "Error=" << CKMErrorToString(temp));
143 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
144 "Error=" << CKMErrorToString(temp));
146 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
147 "Error=" << CKMErrorToString(temp));
150 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
152 RUNNER_TEST(T1010_init)
154 unlock_user_data(USER_APP, "user-pass");
157 RUNNER_TEST(T1011_key)
160 auto manager = CKM::Manager::create();
162 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
163 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
164 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
165 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
166 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
167 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
168 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
170 "-----END PUBLIC KEY-----";
172 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
173 auto key = CKM::Key::create(buffer, CKM::Password());
175 CKM::Alias alias = "mykey";
178 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
179 "Error=" << CKMErrorToString(temp));
181 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
182 "Error=" << CKMErrorToString(temp));
184 key->getDER() == key2->getDER(),
185 "Key value has been changed by service");
188 RUNNER_TEST(T1012_certificate)
191 auto manager = CKM::Manager::create();
193 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
194 CKM::CertificateShPtr cert2;
195 CKM::Alias alias = "myCert";
198 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
199 "Error=" << CKMErrorToString(temp));
201 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
202 "Error=" << CKMErrorToString(temp));
204 cert->getDER() == cert2->getDER(),
205 "Data has been modified in key manager");
208 RUNNER_TEST(T1014_save_with_label)
211 auto manager = CKM::Manager::create();
213 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
214 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
215 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
216 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
217 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
218 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
219 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
221 "-----END PUBLIC KEY-----";
223 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
224 auto key = CKM::Key::create(buffer, CKM::Password());
225 CKM::KeyShPtr key_name, key_full_addr;
226 CKM::Alias alias = "mykey-2";
227 std::string top_label = getOwnerIdFromSelf();
228 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
231 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
232 "Error=" << CKMErrorToString(temp));
236 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
237 "Error=" << CKMErrorToString(temp));
239 key->getDER() == key_name->getDER(),
240 "Key value has been changed by service");
242 // lookup by full address
244 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
245 "Error=" << CKMErrorToString(temp));
247 key->getDER() == key_full_addr->getDER(),
248 "Key value has been changed by service");
251 RUNNER_TEST(T1015_deinit)
253 remove_user_data(USER_APP);
256 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
258 RUNNER_TEST(T1020_init)
261 auto control = CKM::Control::create();
263 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
264 "Error=" << CKMErrorToString(temp));
267 RUNNER_TEST(T1021_save_keys_get_alias)
270 auto manager = CKM::Manager::create();
272 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
273 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
274 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
275 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
276 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
277 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
278 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
280 "-----END PUBLIC KEY-----";
282 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
283 auto key = CKM::Key::create(buffer, CKM::Password());
284 CKM::AliasVector labelAliasVector;
286 size_t current_aliases_num = count_aliases(ALIAS_KEY);
288 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
289 "Error=" << CKMErrorToString(temp));
291 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
292 "Error=" << CKMErrorToString(temp));
294 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
295 "Error=" << CKMErrorToString(temp));
297 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
298 "Error=" << CKMErrorToString(temp));
300 labelAliasVector.size() == (current_aliases_num+3),
301 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
304 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
307 auto manager = CKM::Manager::create();
309 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
310 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
311 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
312 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
313 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
314 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
315 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
317 "-----END PUBLIC KEY-----";
319 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
320 auto key = CKM::Key::create(buffer, CKM::Password());
321 CKM::AliasVector labelAliasVector;
323 size_t current_aliases_num = count_aliases(ALIAS_KEY);
325 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
326 "Error=" << CKMErrorToString(temp));
328 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
329 "Error=" << CKMErrorToString(temp));
331 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
332 "Error=" << CKMErrorToString(temp));
334 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
335 "Error=" << CKMErrorToString(temp));
337 labelAliasVector.size() == (current_aliases_num+3),
338 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
341 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
344 auto manager = CKM::Manager::create();
346 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
347 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
348 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
349 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
350 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
351 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
352 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
354 "-----END PUBLIC KEY-----";
356 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
357 auto key = CKM::Key::create(buffer, CKM::Password());
358 CKM::AliasVector aliasVector;
359 CKM::Policy notExportable(CKM::Password(), false);
362 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
363 "Error=" << CKMErrorToString(temp));
365 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
366 "Error=" << CKMErrorToString(temp));
368 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
369 "Error=" << CKMErrorToString(temp));
372 RUNNER_TEST(T1029_deinit)
374 remove_user_data(USER_APP);
377 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
378 RUNNER_TEST(T1030_init)
380 reset_user_data(USER_APP, APP_PASS);
383 RUNNER_TEST(T1032_app_user_save_bin_data)
385 ScopedDBUnlock unlock(USER_APP, APP_PASS);
388 auto manager = CKM::Manager::create();
390 std::string binData = "My bin data";
392 CKM::RawBuffer buffer(binData.begin(), binData.end());
394 CKM::AliasVector labelAliasVector;
396 size_t current_aliases_num = count_aliases(ALIAS_DATA);
398 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
399 "Error=" << CKMErrorToString(temp));
401 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
402 "Error=" << CKMErrorToString(temp));
404 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
405 "Error=" << CKMErrorToString(temp));
407 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
408 "Error=" << CKMErrorToString(temp));
410 labelAliasVector.size() == (current_aliases_num+3),
411 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
414 RUNNER_TEST(T1034_app_remove_bin_data)
416 ScopedDBUnlock unlock(USER_APP, APP_PASS);
419 auto manager = CKM::Manager::create();
421 std::string binData2 = "My bin data";
422 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
424 CKM::AliasVector labelAliasVector;
426 size_t current_aliases_num = count_aliases(ALIAS_DATA);
427 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
429 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
430 "Error=" << CKMErrorToString(temp));
432 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
433 "Error=" << CKMErrorToString(temp));
435 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
436 "Error=" << CKMErrorToString(temp));
438 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
439 "Error=" << CKMErrorToString(temp));
441 labelAliasVector.size() == (current_aliases_num-2),
442 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
444 CKM::RawBuffer buffer;
446 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
447 "Error=" << CKMErrorToString(temp));
452 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
453 "Error=" << CKMErrorToString(temp));
456 RUNNER_TEST(T1035_getData_wrong_password)
458 ScopedDBUnlock unlock(USER_APP, APP_PASS);
461 auto manager = CKM::Manager::create();
463 std::string binData1 = "My bin data4";
465 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
468 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
469 "Error=" << CKMErrorToString(temp));
471 CKM::RawBuffer buffer;
473 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
474 "Error=" << CKMErrorToString(temp));
480 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
481 "Error=" << CKMErrorToString(temp));
484 RUNNER_TEST(T1036_deinit)
486 remove_user_data(USER_APP);
489 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
491 RUNNER_TEST(T1040_init)
494 auto control = CKM::Control::create();
497 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
498 "Error=" << CKMErrorToString(temp));
501 RUNNER_TEST(T1041_create_RSA_key)
504 auto manager = CKM::Manager::create();
507 size_t current_aliases_num = count_aliases(ALIAS_KEY);
509 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
510 "Error=" << CKMErrorToString(temp));
512 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
513 "Error=" << CKMErrorToString(temp));
515 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
516 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
519 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
522 auto manager = CKM::Manager::create();
526 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
527 "Error=" << CKMErrorToString(temp));
529 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
530 "Error=" << CKMErrorToString(temp));
533 RUNNER_TEST(T1043_create_DSA_key)
536 auto manager = CKM::Manager::create();
539 size_t current_aliases_num = count_aliases(ALIAS_KEY);
541 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
542 "Error=" << CKMErrorToString(temp));
544 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
545 "Error=" << CKMErrorToString(temp));
547 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
548 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
551 RUNNER_TEST(T1044_create_AES_key)
554 auto manager = CKM::Manager::create();
557 int current_aliases_num = count_aliases(ALIAS_KEY);
559 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
560 "Error=" << CKMErrorToString(temp));
562 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
563 "Error=" << CKMErrorToString(temp));
565 (current_aliases_num+1) == (temp = av.size()),
566 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
569 RUNNER_TEST(T1049_deinit)
571 remove_user_data(USER_APP);
575 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
577 RUNNER_TEST(T1110_init)
579 unlock_user_data(USER_APP, "user-pass");
582 RUNNER_TEST(T1111_CreateKeyPairRSA)
585 auto manager = CKM::Manager::create();
586 CKM::Alias a1 = "rsa-test-1";
587 CKM::Alias a2 = "rsa-test-2";
591 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
592 "Error=" << CKMErrorToString(temp));
594 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
595 "Error=" << CKMErrorToString(temp));
598 RUNNER_TEST(T1112_CreateKeyPairDSA)
601 auto manager = CKM::Manager::create();
602 CKM::Alias a1 = "dsa-test-1";
603 CKM::Alias a2 = "dsa-test-2";
607 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
608 "Error=" << CKMErrorToString(temp));
610 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
611 "Error=" << CKMErrorToString(temp));
614 RUNNER_TEST(T1113_CreateKeyPairECDSA)
617 auto manager = CKM::Manager::create();
618 CKM::Alias a1 = "ecdsa-test-1";
619 CKM::Alias a2 = "ecdsa-test-2";
623 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
624 "Error=" << CKMErrorToString(temp));
627 RUNNER_TEST(T1114_deinit)
629 remove_user_data(USER_APP);
632 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
634 RUNNER_TEST(T12100_init)
636 reset_user_data(USER_APP, APP_PASS);
639 RUNNER_TEST(T12101_key_exist)
641 ScopedDBUnlock unlock(USER_APP, APP_PASS);
644 auto manager = CKM::Manager::create();
646 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
647 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
648 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
649 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
650 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
651 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
652 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
654 "-----END PUBLIC KEY-----";
656 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
657 auto key = CKM::Key::create(buffer);
658 CKM::Alias alias = "rsa-alias-duplication";
661 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
662 "Error=" << CKMErrorToString(ret));
664 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
665 "Error=" << CKMErrorToString(ret));
669 * These test cases tests API when empty parameters are passed to functions
672 RUNNER_TEST(T12102_saveKey_empty_alias)
674 ScopedDBUnlock unlock(USER_APP, APP_PASS);
676 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
677 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
678 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
679 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
680 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
681 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
682 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
683 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
685 "-----END PUBLIC KEY-----";
687 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
688 auto key = CKM::Key::create(buffer);
689 CKM::Alias alias; //alias is not initialized
692 auto manager = CKM::Manager::create();
694 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
695 "Error=" << CKMErrorToString(ret));
698 RUNNER_TEST(T12103_saveKey_foreign_label)
700 ScopedDBUnlock unlock(USER_APP, APP_PASS);
702 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
703 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
704 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
705 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
706 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
707 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
708 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
710 "-----END PUBLIC KEY-----";
712 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
713 auto key = CKM::Key::create(buffer);
714 CKM::Alias alias = "iamsomebodyelse alias";
717 auto manager = CKM::Manager::create();
719 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
720 "Error=" << CKMErrorToString(ret));
723 RUNNER_TEST(T12104_saveKey_empty_key)
725 ScopedDBUnlock unlock(USER_APP, APP_PASS);
727 CKM::KeyShPtr key; //key is not initialized
728 CKM::Alias alias = "empty-key";
731 auto manager = CKM::Manager::create();
733 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
734 "Error=" << CKMErrorToString(ret));
737 RUNNER_TEST(T12105_saveCertificate_empty_alias)
739 ScopedDBUnlock unlock(USER_APP, APP_PASS);
741 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
742 CKM::Alias alias; //alias is not initialized
745 auto manager = CKM::Manager::create();
747 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
748 "Error=" << CKMErrorToString(temp));
751 RUNNER_TEST(T12106_saveCertificate_foreign_label)
753 ScopedDBUnlock unlock(USER_APP, APP_PASS);
755 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
756 CKM::Alias alias = "iamsomebodyelse alias";
759 auto manager = CKM::Manager::create();
761 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
762 "Error=" << CKMErrorToString(temp));
765 RUNNER_TEST(T12107_saveCertificate_empty_cert)
767 ScopedDBUnlock unlock(USER_APP, APP_PASS);
769 CKM::CertificateShPtr cert; //cert is not initialized
770 CKM::Alias alias = "empty-cert";
773 auto manager = CKM::Manager::create();
775 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
776 "Error=" << CKMErrorToString(temp));
779 RUNNER_TEST(T12108_saveData_empty_alias)
781 ScopedDBUnlock unlock(USER_APP, APP_PASS);
783 std::string testData = "test data test data test data";
784 CKM::RawBuffer buffer(testData.begin(), testData.end());
788 auto manager = CKM::Manager::create();
790 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
791 "Error=" << CKMErrorToString(temp));
794 RUNNER_TEST(T12109_saveData_foreign_label)
796 ScopedDBUnlock unlock(USER_APP, APP_PASS);
798 std::string testData = "test data test data test data";
799 CKM::RawBuffer buffer(testData.begin(), testData.end());
800 CKM::Alias alias = "iamsomebodyelse alias";
803 auto manager = CKM::Manager::create();
805 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
806 "Error=" << CKMErrorToString(temp));
809 RUNNER_TEST(T12110_saveData_empty_data)
811 ScopedDBUnlock unlock(USER_APP, APP_PASS);
813 CKM::RawBuffer buffer;
814 CKM::Alias alias = "empty-data";
817 auto manager = CKM::Manager::create();
819 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
820 "Error=" << CKMErrorToString(temp));
824 * These test cases tests API when trying to get data from not existing alias
827 RUNNER_TEST(T12111_getKey_alias_not_exist)
829 ScopedDBUnlock unlock(USER_APP, APP_PASS);
832 CKM::Alias alias = "this-alias-not-exist";
835 auto manager = CKM::Manager::create();
837 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
838 "Error=" << CKMErrorToString(temp));
841 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
843 ScopedDBUnlock unlock(USER_APP, APP_PASS);
845 CKM::CertificateShPtr certificate;
846 CKM::Alias alias = "this-alias-not-exist";
849 auto manager = CKM::Manager::create();
851 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
852 "Error=" << CKMErrorToString(temp));
855 RUNNER_TEST(T12113_getData_alias_not_exist)
857 ScopedDBUnlock unlock(USER_APP, APP_PASS);
860 auto manager = CKM::Manager::create();
861 CKM::RawBuffer buffer;
862 CKM::Alias alias("some alias");
864 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
865 "Error=" << CKMErrorToString(temp));
869 * These test cases tests API when damaged keys are used
871 RUNNER_TEST(T12114_RSA_key_damaged)
873 ScopedDBUnlock unlock(USER_APP, APP_PASS);
876 auto manager = CKM::Manager::create();
878 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
879 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
880 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
881 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
882 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
883 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
884 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
886 "-----END PUBLIC KEY-----";
888 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
889 auto key = CKM::Key::create(buffer);
890 CKM::Alias alias = "damaged-rsa";
893 NULL == key.get(), "Key is broken. It should be empty");
896 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
897 "Error=" << CKMErrorToString(ret));
900 RUNNER_TEST(T12115_RSA_key_too_short)
902 ScopedDBUnlock unlock(USER_APP, APP_PASS);
905 auto manager = CKM::Manager::create();
907 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
908 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
909 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
910 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
911 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
912 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
913 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
915 "-----END PUBLIC KEY-----";
917 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
918 auto key = CKM::Key::create(buffer);
919 CKM::Alias alias = "short-rsa";
922 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
923 "Error=" << CKMErrorToString(ret));
926 RUNNER_TEST(T12116_DSA_key_too_short)
928 ScopedDBUnlock unlock(USER_APP, APP_PASS);
931 auto manager = CKM::Manager::create();
933 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
934 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
935 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
936 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
937 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
938 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
939 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
940 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
941 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
942 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
944 "-----END PUBLIC KEY-----";
946 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
947 auto key = CKM::Key::create(buffer);
948 CKM::Alias alias = "short-dsa";
951 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
952 "Error=" << CKMErrorToString(ret));
955 RUNNER_TEST(T12117_AES_key_too_short)
958 auto manager = CKM::Manager::create();
960 size_t key_size = (128-1);
961 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
963 auto key = CKM::Key::create(key_AES);
964 CKM::Alias alias = "short-AES";
967 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
968 "Error=" << CKMErrorToString(ret));
972 * These test cases tests CKM service if malicious data is provided over the socket.
975 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
977 ScopedDBUnlock unlock(USER_APP, APP_PASS);
980 auto manager = CKM::Manager::create();
982 // fake the client - let the service detect the problem
983 class WrongKeyImpl : public CKM::Key
986 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
989 virtual bool empty() const {
993 virtual CKM::KeyType getType() const {
994 return CKM::KeyType::KEY_RSA_PUBLIC;
996 virtual int getSize() const {
999 virtual CKM::ElipticCurve getCurve() const {
1000 return CKM::ElipticCurve::prime192v1;
1002 virtual CKM::RawBuffer getDER() const {
1005 virtual ~WrongKeyImpl() {}
1007 CKM::RawBuffer & m_dummy;
1009 std::string dummyData = "my_cat_Berta\n";
1010 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1011 auto key = std::make_shared<WrongKeyImpl>(buffer);
1012 CKM::Alias alias = "damaged-rsa";
1015 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1016 "Error=" << CKMErrorToString(ret));
1019 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1021 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1023 // fake the client - let the service detect the problem
1024 class WrongCertImpl : public CKM::Certificate
1027 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1028 m_x509 = X509_new();
1031 bool empty() const {
1035 virtual X509 *getX509() const {
1039 virtual CKM::RawBuffer getDER() const {
1043 virtual ~WrongCertImpl() {
1048 CKM::RawBuffer & m_dummy;
1050 std::string dummyData = "my_cat_Stefan\n";
1051 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1052 auto cert = std::make_shared<WrongCertImpl>(buffer);
1053 CKM::Alias alias = "damaged-cert";
1056 auto manager = CKM::Manager::create();
1058 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1059 "Error=" << CKMErrorToString(temp));
1062 RUNNER_TEST(T12120_deinit)
1064 remove_user_data(USER_APP);
1067 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1069 RUNNER_TEST(T1311_init)
1071 remove_user_data(USER_APP);
1072 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1073 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1075 struct hostent* he = gethostbyname("google.com");
1077 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1078 "is not woking on the device. OCSP tests requires network access!");
1081 RUNNER_TEST(T13121_get_chain_no_cert)
1083 CKM::CertificateShPtrVector certChain;
1084 CKM::CertificateShPtr cert;
1086 auto manager = CKM::Manager::create();
1088 int ret = manager->getCertificateChain(cert,
1093 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1094 "Function should fail for empty certificate");
1097 RUNNER_TEST(T13122_get_chain_empty_cert)
1099 CKM::CertificateShPtrVector certChain;
1100 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1101 CKM::DataFormat::FORM_PEM);
1103 auto manager = CKM::Manager::create();
1105 int ret = manager->getCertificateChain(cert,
1110 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1111 "Function should fail for empty certificate");
1114 RUNNER_TEST(T13129_get_chain)
1116 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1117 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1119 CKM::CertificateShPtrVector certVector = {cert1};
1120 CKM::CertificateShPtrVector certChain;
1123 auto manager = CKM::Manager::create();
1125 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1126 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1128 tmp = manager->getCertificateChain(cert,
1133 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1134 "Error=" << CKMErrorToString(tmp));
1137 0 == certChain.size(),
1138 "Wrong size of certificate chain.");
1140 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1141 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1144 3 == certChain.size(),
1145 "Wrong size of certificate chain.");
1148 RUNNER_TEST(T1313_get_chain_with_alias)
1150 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1151 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1153 CKM::CertificateShPtrVector certChain;
1154 CKM::AliasVector aliasVector;
1155 CKM::Alias alias = "imcert";
1158 auto manager = CKM::Manager::create();
1160 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1161 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1163 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1164 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1165 "Error=" << CKMErrorToString(tmp));
1168 0 == certChain.size(),
1169 "Wrong size of certificate chain.");
1172 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1173 "Error=" << CKMErrorToString(tmp));
1175 aliasVector.push_back(alias);
1177 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1178 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1181 3 == certChain.size(),
1182 "Wrong size of certificate chain.");
1185 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1187 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1188 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1189 CKM::CertificateShPtrVector certVector = {cert1};
1190 CKM::CertificateShPtrVector certChain;
1193 auto manager = CKM::Manager::create();
1195 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1196 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1198 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1199 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1200 "Error=" << CKMErrorToString(tmp));
1203 0 == certChain.size(),
1204 "Wrong size of certificate chain.");
1206 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1207 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1210 3 == certChain.size(),
1211 "Wrong size of certificate chain.");
1215 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1216 "Error=" << CKMErrorToString(tmp));
1218 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1221 RUNNER_TEST(T13142_ocsp_check_empty)
1223 CKM::CertificateShPtrVector certVector;
1225 auto manager = CKM::Manager::create();
1230 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1231 "ocspCheck should fail for empty certificate vector");
1234 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1236 CKM::CertificateShPtrVector certVector = {
1237 CKM::CertificateShPtr(),
1238 CKM::CertificateShPtr(),
1239 CKM::CertificateShPtr()};
1241 auto manager = CKM::Manager::create();
1246 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1247 "ocspCheck should fail for empty certificate vector");
1250 RUNNER_TEST(T13144_ocsp_check_root)
1252 auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA);
1253 CKM::CertificateShPtrVector certVector = {root};
1255 auto manager = CKM::Manager::create();
1257 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1262 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1263 "Ocsp should fail for single certificate");
1266 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1268 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1269 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1271 CKM::CertificateShPtrVector certVector = {ca, root};
1273 auto manager = CKM::Manager::create();
1275 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1276 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1281 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1282 "Error=" << CKMErrorToString(tmp));
1284 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1287 RUNNER_TEST(T1315_deinit)
1289 remove_user_data(USER_APP);
1292 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1294 RUNNER_TEST(T1411_init)
1296 remove_user_data(USER_APP);
1299 RUNNER_TEST(T1412_RSA_key_create_verify)
1302 auto manager = CKM::Manager::create();
1304 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1305 "Proc-Type: 4,ENCRYPTED\n"
1306 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1308 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1309 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1310 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1311 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1312 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1313 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1314 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1315 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1316 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1317 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1318 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1319 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1320 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1321 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1322 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1323 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1324 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1325 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1326 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1327 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1328 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1329 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1330 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1331 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1332 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1333 "-----END RSA PRIVATE KEY-----\n";
1335 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1336 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1337 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1338 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1339 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1340 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1341 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1343 "-----END PUBLIC KEY-----\n";
1345 std::string message = "message test";
1347 CKM::Alias aliasPub = "pub1";
1348 CKM::Alias aliasPrv = "prv1";
1349 CKM::Password password = "1234";
1350 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1351 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1352 CKM::RawBuffer signature;
1354 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1355 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1357 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1358 "Key is empty. Failed to import public key.");
1359 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1360 "Key is empty. Failed to import private key.");
1363 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1364 "Error=" << CKMErrorToString(temp));
1366 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1367 "Error=" << CKMErrorToString(temp));
1370 CKM_API_SUCCESS == (temp = manager->createSignature(
1373 CKM::RawBuffer(message.begin(), message.end()),
1377 "Error=" << CKMErrorToString(temp));
1380 CKM_API_SUCCESS == (temp = manager->verifySignature(
1383 CKM::RawBuffer(message.begin(), message.end()),
1387 "Error=" << CKMErrorToString(temp));
1390 RUNNER_TEST(T1413_DSA_key_create_verify)
1393 auto manager = CKM::Manager::create();
1395 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1396 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1397 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1398 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1399 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1400 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1401 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1402 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1403 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1404 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1405 "u1roOuaPY+Hl19BlTE2qdw==\n"
1406 "-----END DSA PRIVATE KEY-----";
1408 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1409 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1410 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1411 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1412 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1413 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1414 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1415 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1416 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1417 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1418 "YMYCBhubtrVaLmc=\n"
1419 "-----END PUBLIC KEY-----";
1421 std::string message = "message test";
1423 CKM::Alias aliasPub = "pub2";
1424 CKM::Alias aliasPrv = "prv2";
1425 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1426 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1427 CKM::RawBuffer signature;
1429 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1430 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1432 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1433 "Key is empty. Failed to import public key.");
1434 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1435 "Key is empty. Failed to import private key.");
1438 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1439 "Error=" << CKMErrorToString(temp));
1441 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1442 "Error=" << CKMErrorToString(temp));
1445 CKM_API_SUCCESS == (temp = manager->createSignature(
1448 CKM::RawBuffer(message.begin(), message.end()),
1452 "Error=" << CKMErrorToString(temp));
1455 CKM_API_SUCCESS == (temp = manager->verifySignature(
1458 CKM::RawBuffer(message.begin(), message.end()),
1462 "Error=" << CKMErrorToString(temp));
1466 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1469 auto manager = CKM::Manager::create();
1471 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1472 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1473 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1474 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1475 "-----END EC PRIVATE KEY-----\n";
1477 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1478 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1479 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1480 "-----END PUBLIC KEY-----\n";
1482 std::string message = "message test";
1484 CKM::Alias aliasPub = "ecpub2";
1485 CKM::Alias aliasPrv = "ecprv2";
1486 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1487 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1488 CKM::RawBuffer signature;
1490 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1491 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1493 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1494 "Key is empty. Failed to import public key.");
1495 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1496 "Key is empty. Failed to import private key.");
1499 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1500 "Error=" << CKMErrorToString(temp));
1502 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1503 "Error=" << CKMErrorToString(temp));
1506 CKM_API_SUCCESS == (temp = manager->createSignature(
1509 CKM::RawBuffer(message.begin(), message.end()),
1513 "Error=" << CKMErrorToString(temp));
1516 CKM_API_SUCCESS == (temp = manager->verifySignature(
1519 CKM::RawBuffer(message.begin(), message.end()),
1523 "Error=" << CKMErrorToString(temp));
1525 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1527 memcpy((void*)signature.data(), "BROKEN", 6);
1530 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1533 CKM::RawBuffer(message.begin(), message.end()),
1537 "Error=" << CKMErrorToString(temp));
1540 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1543 auto manager = CKM::Manager::create();
1544 std::string message = "message asdfaslkdfjlksadjf test";
1546 CKM::Alias aliasPub = "pub1";
1547 CKM::Alias aliasPrv = "prv1";
1549 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1550 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1551 CKM::RawBuffer signature;
1554 CKM_API_SUCCESS == (temp = manager->createSignature(
1557 CKM::RawBuffer(message.begin(), message.end()),
1561 "Error=" << CKMErrorToString(temp));
1564 CKM_API_SUCCESS == (temp = manager->verifySignature(
1567 CKM::RawBuffer(message.begin(), message.end()),
1571 "Error=" << CKMErrorToString(temp));
1573 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1574 memcpy((void*)signature.data(), "BROKEN", 6);
1577 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1580 CKM::RawBuffer(message.begin(), message.end()),
1584 "Error=" << CKMErrorToString(temp));
1587 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1590 auto manager = CKM::Manager::create();
1591 std::string message = "message asdfaslkdfjlksadjf test";
1593 CKM::Alias aliasPub = "pub2";
1594 CKM::Alias aliasPrv = "prv2";
1596 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1597 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1598 CKM::RawBuffer signature;
1601 CKM_API_SUCCESS == (temp = manager->createSignature(
1604 CKM::RawBuffer(message.begin(), message.end()),
1608 "Error=" << CKMErrorToString(temp));
1611 CKM_API_SUCCESS == (temp = manager->verifySignature(
1614 CKM::RawBuffer(message.begin(), message.end()),
1618 "Error=" << CKMErrorToString(temp));
1620 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1621 memcpy((void*)signature.data(), "BROKEN", 6);
1624 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1627 CKM::RawBuffer(message.begin(), message.end()),
1631 "Error=" << CKMErrorToString(temp));
1634 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1637 auto manager = CKM::Manager::create();
1640 "-----BEGIN RSA PRIVATE KEY-----\n"
1641 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1642 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1643 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1644 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1645 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1646 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1647 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1648 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1649 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1650 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1651 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1652 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1653 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1654 "-----END RSA PRIVATE KEY-----\n";
1657 "-----BEGIN CERTIFICATE-----\n"
1658 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1659 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1660 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1661 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1662 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1663 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1664 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1665 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1666 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1667 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1668 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1669 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1670 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1671 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1672 "-----END CERTIFICATE-----\n";
1674 std::string message = "message test";
1676 CKM::Alias aliasPub = "pub1-cert";
1677 CKM::Alias aliasPrv = "prv1-cert";
1678 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1679 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1680 CKM::RawBuffer signature;
1682 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1683 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1685 RUNNER_ASSERT_MSG(NULL != cert.get(),
1686 "Key is empty. Failed to import public key.");
1687 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1688 "Key is empty. Failed to import private key.");
1691 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1692 "Error=" << CKMErrorToString(temp));
1694 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1695 "Error=" << CKMErrorToString(temp));
1698 CKM_API_SUCCESS == (temp = manager->createSignature(
1701 CKM::RawBuffer(message.begin(), message.end()),
1705 "Error=" << CKMErrorToString(temp));
1708 CKM_API_SUCCESS == (temp = manager->verifySignature(
1711 CKM::RawBuffer(message.begin(), message.end()),
1715 "Error=" << CKMErrorToString(temp));
1717 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1719 memcpy((void*)signature.data(), "BROKEN", 6);
1722 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1725 CKM::RawBuffer(message.begin(), message.end()),
1729 "Error=" << CKMErrorToString(temp));
1732 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1735 auto manager = CKM::Manager::create();
1737 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1738 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1739 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1740 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1741 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1742 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1743 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1744 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1745 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1746 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1747 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1748 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1749 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1750 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1751 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1752 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1753 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1754 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1755 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1756 "-----END CERTIFICATE-----\n";
1758 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1759 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1760 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1761 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1762 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1763 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1764 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1765 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1766 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1767 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1768 "vonbjii3BYe4AIdkzOvp\n"
1769 "-----END DSA PRIVATE KEY-----\n";
1771 std::string message = "message test";
1773 CKM::Alias aliasPub = "pub2-cert";
1774 CKM::Alias aliasPrv = "prv2-cert";
1775 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1776 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1777 CKM::RawBuffer signature;
1779 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1780 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1782 RUNNER_ASSERT_MSG(NULL != cert.get(),
1783 "Key is empty. Failed to import public key.");
1784 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1785 "Key is empty. Failed to import private key.");
1788 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1789 "Error=" << CKMErrorToString(temp));
1791 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1792 "Error=" << CKMErrorToString(temp));
1795 CKM_API_SUCCESS == (temp = manager->createSignature(
1798 CKM::RawBuffer(message.begin(), message.end()),
1802 "Error=" << CKMErrorToString(temp));
1805 CKM_API_SUCCESS == (temp = manager->verifySignature(
1808 CKM::RawBuffer(message.begin(), message.end()),
1812 "Error=" << CKMErrorToString(temp));
1814 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1816 memcpy((void*)signature.data(), "BROKEN", 6);
1819 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1822 CKM::RawBuffer(message.begin(), message.end()),
1826 "Error=" << CKMErrorToString(temp));
1829 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
1832 auto manager = CKM::Manager::create();
1835 "-----BEGIN EC PRIVATE KEY-----\n"
1836 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1837 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1838 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1839 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1840 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1841 "ELyhe7yPCAuOoLZlTLgf\n"
1842 "-----END EC PRIVATE KEY-----\n";
1845 "-----BEGIN CERTIFICATE-----\n"
1846 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1847 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1848 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1849 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1850 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1851 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1852 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1853 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1854 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1855 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1856 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1857 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1858 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1859 "Q1oBry6NEc+lLFmWMDesAA==\n"
1860 "-----END CERTIFICATE-----\n";
1862 std::string message = "message test";
1864 CKM::Alias aliasPub = "pub3";
1865 CKM::Alias aliasPrv = "prv3";
1866 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1867 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1868 CKM::RawBuffer signature;
1870 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1871 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1873 RUNNER_ASSERT_MSG(NULL != cert.get(),
1874 "Key is empty. Failed to import public key.");
1875 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1876 "Key is empty. Failed to import private key.");
1879 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1880 "Error=" << CKMErrorToString(temp));
1882 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1883 "Error=" << CKMErrorToString(temp));
1886 CKM_API_SUCCESS == (temp = manager->createSignature(
1889 CKM::RawBuffer(message.begin(), message.end()),
1893 "Error=" << CKMErrorToString(temp));
1896 CKM_API_SUCCESS == (temp = manager->verifySignature(
1899 CKM::RawBuffer(message.begin(), message.end()),
1903 "Error=" << CKMErrorToString(temp));
1905 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1907 memcpy((void*)signature.data(), "BROKEN", 6);
1910 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1913 CKM::RawBuffer(message.begin(), message.end()),
1917 "Error=" << CKMErrorToString(temp));
1920 RUNNER_TEST(T1420_deinit)
1922 remove_user_data(USER_APP);
1925 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
1927 RUNNER_TEST(T14180_init)
1930 remove_user_data(USER_APP);
1932 auto manager = CKM::Manager::create();
1934 // Prepare RSA Key Pair
1935 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1936 "Proc-Type: 4,ENCRYPTED\n"
1937 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1939 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1940 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1941 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1942 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1943 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1944 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1945 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1946 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1947 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1948 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1949 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1950 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1951 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1952 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1953 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1954 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1955 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1956 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1957 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1958 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1959 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1960 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1961 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1962 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1963 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1964 "-----END RSA PRIVATE KEY-----\n";
1966 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1967 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1968 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1969 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1970 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1971 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1972 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1974 "-----END PUBLIC KEY-----\n";
1976 CKM::Alias aliasPub = "pub_nohash1";
1977 CKM::Alias aliasPrv = "prv_nohash1";
1978 CKM::Password password = "1234";
1980 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1981 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1983 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1984 "Key is empty. Failed to import public key.");
1985 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1986 "Key is empty. Failed to import private key.");
1989 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1990 "Error=" << CKMErrorToString(temp));
1992 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1993 "Error=" << CKMErrorToString(temp));
1995 // Prepare ECDSA Key Pair
1996 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
1997 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1998 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1999 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2000 "-----END EC PRIVATE KEY-----\n";
2002 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2003 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2004 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2005 "-----END PUBLIC KEY-----\n";
2007 CKM::Alias aliasEcPub = "ecpub_nohash1";
2008 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2010 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2011 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2013 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2014 "Key is empty. Failed to import public key.");
2015 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2016 "Key is empty. Failed to import private key.");
2019 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2020 "Error=" << CKMErrorToString(temp));
2022 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2023 "Error=" << CKMErrorToString(temp));
2027 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2030 auto manager = CKM::Manager::create();
2031 std::string message = "message asdfaslkdfjlksadjf test";
2033 CKM::Alias aliasPub = "pub_nohash1";
2034 CKM::Alias aliasPrv = "prv_nohash1";
2036 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2037 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2038 CKM::RawBuffer signature;
2041 CKM_API_SUCCESS == (temp = manager->createSignature(
2044 CKM::RawBuffer(message.begin(), message.end()),
2048 "Error=" << CKMErrorToString(temp));
2051 CKM_API_SUCCESS == (temp = manager->verifySignature(
2054 CKM::RawBuffer(message.begin(), message.end()),
2058 "Error=" << CKMErrorToString(temp));
2060 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2061 memcpy((void*)signature.data(), "BROKEN", 6);
2064 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2067 CKM::RawBuffer(message.begin(), message.end()),
2071 "Error=" << CKMErrorToString(temp));
2074 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2077 auto manager = CKM::Manager::create();
2078 std::string message = "message asdfaslkdfjlksadjf test";
2080 CKM::Alias aliasPub = "pub_nohash1";
2081 CKM::Alias aliasPrv = "prv_nohash1";
2083 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2084 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2085 CKM::RawBuffer signature;
2088 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2091 CKM::RawBuffer(message.begin(), message.end()),
2095 "Error=" << CKMErrorToString(temp));
2098 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2101 auto manager = CKM::Manager::create();
2102 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2103 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2104 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2105 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2106 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2107 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2108 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2109 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2110 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2111 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2112 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2113 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2114 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2115 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2116 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2117 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2118 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2119 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2120 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2121 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2123 CKM::Alias aliasPub = "pub_nohash1";
2124 CKM::Alias aliasPrv = "prv_nohash1";
2126 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2127 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2128 CKM::RawBuffer signature;
2131 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2134 CKM::RawBuffer(message.begin(), message.end()),
2138 "Error=" << CKMErrorToString(temp));
2142 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2145 auto manager = CKM::Manager::create();
2147 std::string message = "message test";
2149 CKM::Alias aliasPub = "ecpub_nohash1";
2150 CKM::Alias aliasPrv = "ecprv_nohash1";
2151 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2152 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2153 CKM::RawBuffer signature;
2156 CKM_API_SUCCESS == (temp = manager->createSignature(
2159 CKM::RawBuffer(message.begin(), message.end()),
2163 "Error=" << CKMErrorToString(temp));
2166 CKM_API_SUCCESS == (temp = manager->verifySignature(
2169 CKM::RawBuffer(message.begin(), message.end()),
2173 "Error=" << CKMErrorToString(temp));
2175 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2177 memcpy((void*)signature.data(), "BROKEN", 6);
2180 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2183 CKM::RawBuffer(message.begin(), message.end()),
2187 "Error=" << CKMErrorToString(temp));
2190 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2193 auto manager = CKM::Manager::create();
2195 int msgSize = 1024*1024;
2196 char big_msg[msgSize];
2197 for(int i =0; i<msgSize-1; i++) {
2200 big_msg[msgSize-1]=0x00;
2201 std::string message(big_msg);
2203 CKM::Alias aliasPub = "ecpub_nohash1";
2204 CKM::Alias aliasPrv = "ecprv_nohash1";
2205 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2206 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2207 CKM::RawBuffer signature;
2210 CKM_API_SUCCESS == (temp = manager->createSignature(
2213 CKM::RawBuffer(message.begin(), message.end()),
2217 "Error=" << CKMErrorToString(temp));
2221 RUNNER_TEST(T14189_deinit)
2223 remove_user_data(USER_APP);
2227 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2231 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2232 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2233 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2234 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2235 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2238 RUNNER_TEST(T1800_init)
2240 remove_user_data(USER_APP);
2243 RUNNER_TEST(T1801_parse_PKCS12) {
2244 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2245 std::istreambuf_iterator<char> begin(is), end;
2246 std::vector<char> buff(begin, end);
2248 CKM::RawBuffer buffer(buff.size());
2249 memcpy(buffer.data(), buff.data(), buff.size());
2251 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2254 "Error in PKCS12::create()");
2256 auto cert = pkcs->getCertificate();
2259 "Error in PKCS12::getCertificate()");
2261 auto key = pkcs->getKey();
2264 "Error in PKCS12::getKey()");
2266 auto caVector = pkcs->getCaCertificateShPtrVector();
2268 0 == caVector.size(),
2269 "Wrong size of vector");
2272 RUNNER_TEST(T1802_negative_wrong_password) {
2273 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2274 std::istreambuf_iterator<char> begin(is), end;
2275 std::vector<char> buff(begin, end);
2277 CKM::RawBuffer buffer(buff.size());
2278 memcpy(buffer.data(), buff.data(), buff.size());
2280 auto pkcs = CKM::PKCS12::create(buffer, "error");
2283 "Expected error in PKCS12::create()");
2286 RUNNER_TEST(T1803_negative_broken_buffer) {
2287 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2288 std::istreambuf_iterator<char> begin(is), end;
2289 std::vector<char> buff(begin, end);
2291 CKM::RawBuffer buffer(buff.size());
2292 memcpy(buffer.data(), buff.data(), buff.size());
2294 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2297 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2300 "Expected error in PKCS12::create()");
2303 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2305 auto manager = CKM::Manager::create();
2306 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2307 std::istreambuf_iterator<char> begin(is), end;
2308 std::vector<char> buff(begin, end);
2310 CKM::RawBuffer buffer(buff.size());
2311 memcpy(buffer.data(), buff.data(), buff.size());
2313 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2316 "Error in PKCS12::create()");
2319 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2320 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2321 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2322 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2323 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2324 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2325 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2326 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2327 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2328 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2329 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2330 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2331 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2332 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2333 "-----END RSA PRIVATE KEY-----\n";
2335 std::string message = "message test";
2337 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2338 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2339 "Key is empty. Failed to import private key.");
2343 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2344 "Error=" << CKMErrorToString(temp));
2347 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2348 "Error=" << CKMErrorToString(temp));
2351 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2353 auto manager = CKM::Manager::create();
2354 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2355 std::istreambuf_iterator<char> begin(is), end;
2356 std::vector<char> buff(begin, end);
2358 CKM::RawBuffer buffer(buff.size());
2359 memcpy(buffer.data(), buff.data(), buff.size());
2361 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2364 "Error in PKCS12::create()");
2366 auto cert = pkcs->getCertificate();
2369 "Error in PKCS12::getCertificate()");
2371 auto key = pkcs->getKey();
2374 "Error in PKCS12::getKey()");
2376 auto caVector = pkcs->getCaCertificateShPtrVector();
2378 2 == caVector.size(),
2379 "Wrong size of vector");
2383 CKM::Policy exportable;
2384 CKM::Policy notExportable(CKM::Password(), false);
2387 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2388 "Error=" << CKMErrorToString(tmp));
2390 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2391 "Error=" << CKMErrorToString(tmp));
2393 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2394 "Error=" << CKMErrorToString(tmp));
2396 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2397 "Error=" << CKMErrorToString(tmp));
2399 // try to lookup key
2400 CKM::KeyShPtr key_lookup;
2402 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2403 "Error=" << CKMErrorToString(tmp));
2405 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2406 "Error=" << CKMErrorToString(tmp));
2408 // try to lookup certificate
2409 CKM::CertificateShPtr cert_lookup;
2411 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2412 "Error=" << CKMErrorToString(tmp));
2414 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2415 "Error=" << CKMErrorToString(tmp));
2418 RUNNER_TEST(T1806_get_PKCS)
2421 auto manager = CKM::Manager::create();
2423 CKM::PKCS12ShPtr pkcs;
2427 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2428 "Error=" << CKMErrorToString(temp));
2430 // fail - not exportable
2432 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2433 "Error=" << CKMErrorToString(temp));
2435 // success - exportable
2437 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2438 "Error=" << CKMErrorToString(temp));
2440 auto cert = pkcs->getCertificate();
2443 "Error in PKCS12::getCertificate()");
2445 auto key = pkcs->getKey();
2448 "Error in PKCS12::getKey()");
2450 auto caVector = pkcs->getCaCertificateShPtrVector();
2452 2 == caVector.size(),
2453 "Wrong size of vector");
2456 RUNNER_TEST(T1807_create_and_verify_signature)
2459 auto manager = CKM::Manager::create();
2461 std::string message = "message test";
2463 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2464 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2465 CKM::RawBuffer signature;
2468 CKM_API_SUCCESS == (temp = manager->createSignature(
2469 alias_PKCS_exportable,
2471 CKM::RawBuffer(message.begin(), message.end()),
2475 "Error=" << CKMErrorToString(temp));
2478 CKM_API_SUCCESS == (temp = manager->verifySignature(
2479 alias_PKCS_exportable,
2481 CKM::RawBuffer(message.begin(), message.end()),
2485 "Error=" << CKMErrorToString(temp));
2488 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2491 auto manager = CKM::Manager::create();
2493 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2494 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2495 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2496 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2497 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2498 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2499 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2500 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2501 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2502 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2503 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2504 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2505 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2506 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2507 "-----END RSA PRIVATE KEY-----";
2508 std::string message = "message test";
2510 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2511 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2512 "Key is empty. Failed to import private key.");
2515 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2516 "Error=" << CKMErrorToString(temp));
2518 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2519 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2520 CKM::RawBuffer signature;
2523 CKM_API_SUCCESS == (temp = manager->createSignature(
2524 alias_PKCS_priv_key_copy,
2526 CKM::RawBuffer(message.begin(), message.end()),
2530 "Error=" << CKMErrorToString(temp));
2533 CKM_API_SUCCESS == (temp = manager->verifySignature(
2534 alias_PKCS_exportable,
2536 CKM::RawBuffer(message.begin(), message.end()),
2540 "Error=" << CKMErrorToString(temp));
2543 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2546 auto manager = CKM::Manager::create();
2548 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2549 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2550 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2551 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2552 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2553 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2554 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2555 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2556 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2557 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2558 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2559 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2560 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2561 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2562 "-----END RSA PRIVATE KEY-----\n";
2564 std::string message = "message test";
2566 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2567 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2568 "Key is empty. Failed to import private key.");
2571 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2572 "Error=" << CKMErrorToString(temp));
2574 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2575 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2576 CKM::RawBuffer signature;
2579 CKM_API_SUCCESS == (temp = manager->createSignature(
2580 alias_PKCS_priv_key_wrong,
2582 CKM::RawBuffer(message.begin(), message.end()),
2586 "Error=" << CKMErrorToString(temp));
2589 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2590 alias_PKCS_exportable,
2592 CKM::RawBuffer(message.begin(), message.end()),
2596 "Error=" << CKMErrorToString(temp));
2599 RUNNER_TEST(T1810_verify_get_certificate_chain)
2601 // this certificate has been signed using PKCS chain
2603 "-----BEGIN CERTIFICATE-----\n"
2604 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
2605 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
2606 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
2607 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
2608 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
2609 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
2610 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
2611 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
2612 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
2613 "-----END CERTIFICATE-----\n";
2615 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2616 CKM::CertificateShPtrVector certChain;
2617 CKM::AliasVector aliasVector;
2620 auto manager = CKM::Manager::create();
2622 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2624 tmp = manager->getCertificateChain(cert,
2629 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2630 "Error=" << CKMErrorToString(tmp));
2633 0 == certChain.size(),
2634 "Wrong size of certificate chain.");
2636 aliasVector.push_back(alias_PKCS_exportable);
2638 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2639 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
2641 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2643 4 == certChain.size(),
2644 "Wrong size of certificate chain: " << certChain.size());
2647 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2649 auto manager = CKM::Manager::create();
2653 // remove the whole PKCS12 bundles
2655 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2656 "Error=" << CKMErrorToString(tmp));
2658 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2659 "Error=" << CKMErrorToString(tmp));
2661 // expect lookup fails due to unknown alias
2662 // try to lookup key
2663 CKM::KeyShPtr key_lookup;
2665 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2666 "Error=" << CKMErrorToString(tmp));
2668 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2669 "Error=" << CKMErrorToString(tmp));
2671 // try to lookup certificate
2672 CKM::CertificateShPtr cert_lookup;
2674 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2675 "Error=" << CKMErrorToString(tmp));
2677 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2678 "Error=" << CKMErrorToString(tmp));
2681 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2683 CKM::Alias alias = "t1812alias1";
2685 auto manager = CKM::Manager::create();
2686 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2687 std::istreambuf_iterator<char> begin(is), end;
2688 std::vector<char> buff(begin, end);
2690 CKM::PKCS12ShPtr pkcs12;
2691 CKM::Password pass1 = "easypass1";
2692 CKM::Password pass2 = "easypass2";
2694 CKM::RawBuffer buffer(buff.size());
2695 memcpy(buffer.data(), buff.data(), buff.size());
2697 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2700 "Error in PKCS12::create()");
2704 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2705 "Error=" << CKMErrorToString(temp));
2708 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2709 "Error=" << CKMErrorToString(temp));
2712 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2713 "Error=" << CKMErrorToString(temp));
2716 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2717 "Error=" << CKMErrorToString(temp));
2720 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2721 "Error=" << CKMErrorToString(temp));
2724 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2725 "Error=" << CKMErrorToString(temp));
2727 CKM::CertificateShPtr cert;
2729 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2730 "Error=" << CKMErrorToString(temp));
2732 CKM::CertificateShPtrVector certChain;
2733 CKM::AliasVector certVect;
2734 certVect.push_back(alias);
2737 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2738 "Error=" << CKMErrorToString(temp));
2741 RUNNER_TEST(T1813_deinit)
2744 auto control = CKM::Control::create();
2747 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2748 "Error=" << CKMErrorToString(temp));
2751 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2753 const char * const T190_PASSWD = "t190-special-password";
2755 RUNNER_TEST(T1901_init_unlock_key)
2757 reset_user_data(USER_APP, T190_PASSWD);
2760 RUNNER_TEST(T1902_get_data)
2762 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2764 auto manager = CKM::Manager::create();
2767 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2770 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2771 "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
2774 RUNNER_TEST(T1903_lock_database)
2777 auto control = CKM::Control::create();
2779 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2780 "Error=" << CKMErrorToString(tmp));
2783 RUNNER_TEST(T1904_get_data_from_locked_database)
2785 auto manager = CKM::Manager::create();
2788 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2791 CKM_API_ERROR_DB_LOCKED == status1,
2792 "Could not get key from locked database. Error=" << CKMErrorToString(status1));
2795 RUNNER_TEST(T1905_deinit)
2797 remove_user_data(USER_APP);
2800 int main(int argc, char *argv[])
2802 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob