2 * Copyright (c) 2016-2018 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
25 #include <dpl/test/test_runner.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
30 #include <ckm-common.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-password.h>
34 #include <ckm/ckm-type.h>
35 #include <ckm/ckm-pkcs12.h>
37 #include <openssl/x509.h>
38 #include <openssl/x509v3.h>
40 #include <tzplatform_config.h>
43 const int USER_APP = 5001;
45 const int USER_APP_2 = 5020;
46 const int USER_APP_3 = 5030;
48 const char * const APP_PASS = "user-pass";
49 const int USER_TEST = 5001;
51 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
52 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
53 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
54 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
55 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
56 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
57 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
58 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
59 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
61 "-----END PUBLIC KEY-----";
63 } // namespace anonymous
66 * How to numerate tests:
68 * T - test case (always T)
69 * AB - number of test group (always two digits)
70 * C - test number in group (all tests with same TABC must be run in the same time).
73 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
75 RUNNER_TEST(T0011_Control)
78 auto control = CKM::Control::create();
80 control->removeUserData(0);
81 control->removeUserData(USER_APP_2);
82 control->removeUserData(USER_APP);
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
86 "Error=" << CKMErrorToString(temp));
89 RUNNER_TEST(T0012_Control)
92 auto control = CKM::Control::create();
94 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
95 "Error=" << CKMErrorToString(temp));
97 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
98 "Error=" << CKMErrorToString(temp));
101 RUNNER_TEST(T0013_Control)
104 auto control = CKM::Control::create();
106 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
107 "Error=" << CKMErrorToString(temp));
110 RUNNER_TEST(T0014_Control)
113 auto control = CKM::Control::create();
115 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
116 "Error=" << CKMErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
120 "Error=" << CKMErrorToString(temp));
123 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
124 "Error=" << CKMErrorToString(temp));
127 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
128 "Error=" << CKMErrorToString(temp));
131 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
132 "Error=" << CKMErrorToString(temp));
135 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
136 "Error=" << CKMErrorToString(temp));
139 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
140 "Error=" << CKMErrorToString(temp));
143 RUNNER_TEST(T0015_Control)
146 auto control = CKM::Control::create();
148 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
149 "Error=" << CKMErrorToString(temp));
151 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
152 "Error=" << CKMErrorToString(temp));
154 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
155 "Error=" << CKMErrorToString(temp));
157 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
158 "Error=" << CKMErrorToString(temp));
161 RUNNER_TEST(T0016_Control_negative_wrong_password)
164 auto control = CKM::Control::create();
166 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
167 "Error=" << CKMErrorToString(temp));
169 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
170 "Error=" << CKMErrorToString(temp));
172 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
173 "Error=" << CKMErrorToString(temp));
175 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
176 "Error=" << CKMErrorToString(temp));
178 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
179 "Error=" << CKMErrorToString(temp));
182 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
184 RUNNER_TEST(T1010_init)
186 unlock_user_data(USER_APP, "user-pass");
189 RUNNER_TEST(T1011_key)
192 auto manager = CKM::Manager::create();
194 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
195 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
196 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
197 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
198 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
199 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
200 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
202 "-----END PUBLIC KEY-----";
204 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
205 auto key = CKM::Key::create(buffer, CKM::Password());
207 CKM::Alias alias = "mykey";
210 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
211 "Error=" << CKMErrorToString(temp));
213 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
214 "Error=" << CKMErrorToString(temp));
216 key->getDER() == key2->getDER(),
217 "Key value has been changed by service");
220 RUNNER_TEST(T1012_certificate)
223 auto manager = CKM::Manager::create();
225 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
226 CKM::CertificateShPtr cert2;
227 CKM::Alias alias = "myCert";
230 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
231 "Error=" << CKMErrorToString(temp));
233 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
234 "Error=" << CKMErrorToString(temp));
236 cert->getDER() == cert2->getDER(),
237 "Data has been modified in key manager");
240 RUNNER_TEST(T1014_save_with_label)
243 auto manager = CKM::Manager::create();
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
255 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
256 auto key = CKM::Key::create(buffer, CKM::Password());
257 CKM::KeyShPtr key_name, key_full_addr;
258 CKM::Alias alias = "mykey-2";
259 std::string top_label = getOwnerIdFromSelf();
260 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
263 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
264 "Error=" << CKMErrorToString(temp));
268 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
269 "Error=" << CKMErrorToString(temp));
271 key->getDER() == key_name->getDER(),
272 "Key value has been changed by service");
274 // lookup by full address
276 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
277 "Error=" << CKMErrorToString(temp));
279 key->getDER() == key_full_addr->getDER(),
280 "Key value has been changed by service");
283 RUNNER_TEST(T1015_deinit)
285 remove_user_data(USER_APP);
288 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
290 RUNNER_TEST(T1020_init)
293 auto control = CKM::Control::create();
295 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
296 "Error=" << CKMErrorToString(temp));
299 RUNNER_TEST(T1021_save_keys_get_alias)
302 auto manager = CKM::Manager::create();
304 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
305 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
306 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
307 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
308 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
309 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
310 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
312 "-----END PUBLIC KEY-----";
314 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
315 auto key = CKM::Key::create(buffer, CKM::Password());
316 CKM::AliasVector labelAliasVector;
318 size_t current_aliases_num = count_aliases(ALIAS_KEY);
320 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
321 "Error=" << CKMErrorToString(temp));
323 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
324 "Error=" << CKMErrorToString(temp));
326 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
327 "Error=" << CKMErrorToString(temp));
329 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
330 "Error=" << CKMErrorToString(temp));
332 labelAliasVector.size() == (current_aliases_num+3),
333 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
336 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
339 auto manager = CKM::Manager::create();
341 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
342 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
343 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
344 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
345 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
346 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
347 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
349 "-----END PUBLIC KEY-----";
351 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
352 auto key = CKM::Key::create(buffer, CKM::Password());
353 CKM::AliasVector labelAliasVector;
355 size_t current_aliases_num = count_aliases(ALIAS_KEY);
357 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
358 "Error=" << CKMErrorToString(temp));
360 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
361 "Error=" << CKMErrorToString(temp));
363 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
364 "Error=" << CKMErrorToString(temp));
366 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
367 "Error=" << CKMErrorToString(temp));
369 labelAliasVector.size() == (current_aliases_num+3),
370 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
373 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
376 auto manager = CKM::Manager::create();
378 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
379 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
380 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
381 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
382 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
383 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
384 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
386 "-----END PUBLIC KEY-----";
388 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
389 auto key = CKM::Key::create(buffer, CKM::Password());
390 CKM::AliasVector aliasVector;
391 CKM::Policy notExportable(CKM::Password(), false);
394 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
395 "Error=" << CKMErrorToString(temp));
397 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
398 "Error=" << CKMErrorToString(temp));
400 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
401 "Error=" << CKMErrorToString(temp));
404 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
406 remove_user_data(USER_APP);
409 const int aliasNameCount = 10;
410 auto manager = CKM::Manager::create();
412 CKM::AliasPwdVector expected;
413 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
414 auto key = CKM::Key::create(buffer, CKM::Password());
415 std::string currentAlias;
417 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
418 // make aliases with & without: password protection, exportable flag
419 for (int it = 0; it < aliasNameCount; ++it)
421 CKM::Policy policy = generate_ckm_policy(it);
422 currentAlias = "T1024_appkey" + std::to_string(it);
423 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
425 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
426 "Error=" << CKMErrorToString(exitCode));
429 CKM::AliasPwdVector actual;
432 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasPwdVector(actual)),
433 "Error=" << CKMErrorToString(exitCode));
435 actual.size() == (beforeSaveAliasCount + aliasNameCount),
436 "Wrong aliases count: " << actual.size() << " Expected: "
437 << (beforeSaveAliasCount + aliasNameCount));
438 check_alias_info_list_helper(expected, actual, "/User ");
440 remove_user_data(USER_APP);
443 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
445 remove_user_data(USER_APP);
448 const int aliasNameCount = 10;
449 auto manager = CKM::Manager::create();
451 CKM::AliasPwdVector expected;
452 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
453 std::string currentAlias;
455 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
456 for (int it = 0; it < aliasNameCount; ++it)
458 CKM::Policy policy = generate_ckm_policy(it);
459 currentAlias = "T1025_appcert" + std::to_string(it);
460 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
462 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
463 "Error=" << CKMErrorToString(exitCode));
466 CKM::AliasPwdVector actual;
468 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasPwdVector(actual)),
469 "Error=" << CKMErrorToString(exitCode));
471 actual.size() == (beforeSaveAliasCount + aliasNameCount),
472 "Wrong aliases count: " << actual.size() << " Expected: "
473 << (beforeSaveAliasCount + aliasNameCount));
474 check_alias_info_list_helper(expected, actual, "/User ");
476 remove_user_data(USER_APP);
479 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
481 remove_user_data(USER_APP);
484 const int aliasNameCount = 10;
485 auto manager = CKM::Manager::create();
487 CKM::AliasPwdVector expected;
488 std::string binData = "My bin data";
489 CKM::RawBuffer buffer(binData.begin(), binData.end());
490 std::string currentAlias;
492 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
493 for (int it = 0; it < aliasNameCount; ++it)
495 CKM::Policy policy = generate_ckm_policy(it);
496 currentAlias = "T1026_appdata" + std::to_string(it);
497 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
499 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
500 "Error=" << CKMErrorToString(exitCode));
503 CKM::AliasPwdVector actual;
505 CKM_API_SUCCESS == (exitCode = manager->getDataAliasPwdVector(actual)),
506 "Error=" << CKMErrorToString(exitCode));
508 actual.size() == (beforeSaveAliasCount + aliasNameCount),
509 "Wrong aliases count: " << actual.size() << " Expected: "
510 << (beforeSaveAliasCount + aliasNameCount));
511 check_alias_info_list_helper(expected, actual, "/User ");
513 remove_user_data(USER_APP);
516 RUNNER_TEST(T1029_deinit)
518 remove_user_data(USER_APP);
521 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
522 RUNNER_TEST(T1030_init)
524 reset_user_data(USER_APP, APP_PASS);
527 RUNNER_TEST(T1032_app_user_save_bin_data)
529 ScopedDBUnlock unlock(USER_APP, APP_PASS);
532 auto manager = CKM::Manager::create();
534 std::string binData = "My bin data";
536 CKM::RawBuffer buffer(binData.begin(), binData.end());
538 CKM::AliasVector labelAliasVector;
540 size_t current_aliases_num = count_aliases(ALIAS_DATA);
542 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
543 "Error=" << CKMErrorToString(temp));
545 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
546 "Error=" << CKMErrorToString(temp));
548 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
549 "Error=" << CKMErrorToString(temp));
551 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
552 "Error=" << CKMErrorToString(temp));
554 labelAliasVector.size() == (current_aliases_num+3),
555 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
558 RUNNER_TEST(T1034_app_remove_bin_data)
560 ScopedDBUnlock unlock(USER_APP, APP_PASS);
563 auto manager = CKM::Manager::create();
565 std::string binData2 = "My bin data";
566 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
568 CKM::AliasVector labelAliasVector;
570 size_t current_aliases_num = count_aliases(ALIAS_DATA);
571 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
573 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
574 "Error=" << CKMErrorToString(temp));
576 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
577 "Error=" << CKMErrorToString(temp));
579 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
580 "Error=" << CKMErrorToString(temp));
582 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
583 "Error=" << CKMErrorToString(temp));
585 labelAliasVector.size() == (current_aliases_num-2),
586 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
588 CKM::RawBuffer buffer;
590 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
591 "Error=" << CKMErrorToString(temp));
596 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
597 "Error=" << CKMErrorToString(temp));
600 RUNNER_TEST(T1035_getData_wrong_password)
602 ScopedDBUnlock unlock(USER_APP, APP_PASS);
605 auto manager = CKM::Manager::create();
607 std::string binData1 = "My bin data4";
609 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
612 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
613 "Error=" << CKMErrorToString(temp));
615 CKM::RawBuffer buffer;
617 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
618 "Error=" << CKMErrorToString(temp));
624 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
625 "Error=" << CKMErrorToString(temp));
628 RUNNER_TEST(T1036_deinit)
630 remove_user_data(USER_APP);
633 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
635 RUNNER_TEST(T1040_init)
638 auto control = CKM::Control::create();
641 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
642 "Error=" << CKMErrorToString(temp));
645 RUNNER_TEST(T1041_create_RSA_key)
648 auto manager = CKM::Manager::create();
651 size_t current_aliases_num = count_aliases(ALIAS_KEY);
653 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
654 "Error=" << CKMErrorToString(temp));
656 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
657 "Error=" << CKMErrorToString(temp));
659 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
660 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
663 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
666 auto manager = CKM::Manager::create();
670 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
671 "Error=" << CKMErrorToString(temp));
673 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
674 "Error=" << CKMErrorToString(temp));
677 RUNNER_TEST(T1043_create_DSA_key)
680 auto manager = CKM::Manager::create();
683 size_t current_aliases_num = count_aliases(ALIAS_KEY);
685 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
686 "Error=" << CKMErrorToString(temp));
688 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
689 "Error=" << CKMErrorToString(temp));
691 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
692 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
695 RUNNER_TEST(T1044_create_AES_key)
698 auto manager = CKM::Manager::create();
701 int current_aliases_num = count_aliases(ALIAS_KEY);
703 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
704 "Error=" << CKMErrorToString(temp));
706 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
707 "Error=" << CKMErrorToString(temp));
709 (current_aliases_num+1) == (temp = av.size()),
710 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
713 RUNNER_TEST(T1049_deinit)
715 remove_user_data(USER_APP);
719 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
721 RUNNER_TEST(T1110_init)
723 unlock_user_data(USER_APP, "user-pass");
726 RUNNER_TEST(T1111_CreateKeyPairRSA)
729 auto manager = CKM::Manager::create();
730 CKM::Alias a1 = "rsa-test-1";
731 CKM::Alias a2 = "rsa-test-2";
735 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
736 "Error=" << CKMErrorToString(temp));
738 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
739 "Error=" << CKMErrorToString(temp));
742 RUNNER_TEST(T1112_CreateKeyPairDSA)
745 auto manager = CKM::Manager::create();
746 CKM::Alias a1 = "dsa-test-1";
747 CKM::Alias a2 = "dsa-test-2";
751 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
752 "Error=" << CKMErrorToString(temp));
754 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
755 "Error=" << CKMErrorToString(temp));
758 RUNNER_TEST(T1113_CreateKeyPairECDSA)
761 auto manager = CKM::Manager::create();
762 CKM::Alias a1 = "ecdsa-test-1";
763 CKM::Alias a2 = "ecdsa-test-2";
767 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
768 "Error=" << CKMErrorToString(temp));
771 RUNNER_TEST(T1114_deinit)
773 remove_user_data(USER_APP);
776 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
778 RUNNER_TEST(T12100_init)
780 reset_user_data(USER_APP, APP_PASS);
783 RUNNER_TEST(T12101_key_exist)
785 ScopedDBUnlock unlock(USER_APP, APP_PASS);
788 auto manager = CKM::Manager::create();
790 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
791 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
792 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
793 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
794 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
795 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
796 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
798 "-----END PUBLIC KEY-----";
800 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
801 auto key = CKM::Key::create(buffer);
802 CKM::Alias alias = "rsa-alias-duplication";
805 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
806 "Error=" << CKMErrorToString(ret));
808 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
809 "Error=" << CKMErrorToString(ret));
813 * These test cases tests API when empty parameters are passed to functions
816 RUNNER_TEST(T12102_saveKey_empty_alias)
818 ScopedDBUnlock unlock(USER_APP, APP_PASS);
820 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
821 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
822 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
823 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
824 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
825 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
826 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
827 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
829 "-----END PUBLIC KEY-----";
831 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
832 auto key = CKM::Key::create(buffer);
833 CKM::Alias alias; //alias is not initialized
836 auto manager = CKM::Manager::create();
838 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
839 "Error=" << CKMErrorToString(ret));
842 RUNNER_TEST(T12103_saveKey_foreign_label)
844 ScopedDBUnlock unlock(USER_APP, APP_PASS);
846 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
847 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
848 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
849 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
850 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
851 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
852 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
854 "-----END PUBLIC KEY-----";
856 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
857 auto key = CKM::Key::create(buffer);
858 CKM::Alias alias = "iamsomebodyelse alias";
861 auto manager = CKM::Manager::create();
863 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
864 "Error=" << CKMErrorToString(ret));
867 RUNNER_TEST(T12104_saveKey_empty_key)
869 ScopedDBUnlock unlock(USER_APP, APP_PASS);
871 CKM::KeyShPtr key; //key is not initialized
872 CKM::Alias alias = "empty-key";
875 auto manager = CKM::Manager::create();
877 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
878 "Error=" << CKMErrorToString(ret));
881 RUNNER_TEST(T12105_saveCertificate_empty_alias)
883 ScopedDBUnlock unlock(USER_APP, APP_PASS);
885 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
886 CKM::Alias alias; //alias is not initialized
889 auto manager = CKM::Manager::create();
891 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
892 "Error=" << CKMErrorToString(temp));
895 RUNNER_TEST(T12106_saveCertificate_foreign_label)
897 ScopedDBUnlock unlock(USER_APP, APP_PASS);
899 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
900 CKM::Alias alias = "iamsomebodyelse alias";
903 auto manager = CKM::Manager::create();
905 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
906 "Error=" << CKMErrorToString(temp));
909 RUNNER_TEST(T12107_saveCertificate_empty_cert)
911 ScopedDBUnlock unlock(USER_APP, APP_PASS);
913 CKM::CertificateShPtr cert; //cert is not initialized
914 CKM::Alias alias = "empty-cert";
917 auto manager = CKM::Manager::create();
919 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
920 "Error=" << CKMErrorToString(temp));
923 RUNNER_TEST(T12108_saveData_empty_alias)
925 ScopedDBUnlock unlock(USER_APP, APP_PASS);
927 std::string testData = "test data test data test data";
928 CKM::RawBuffer buffer(testData.begin(), testData.end());
932 auto manager = CKM::Manager::create();
934 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
935 "Error=" << CKMErrorToString(temp));
938 RUNNER_TEST(T12109_saveData_foreign_label)
940 ScopedDBUnlock unlock(USER_APP, APP_PASS);
942 std::string testData = "test data test data test data";
943 CKM::RawBuffer buffer(testData.begin(), testData.end());
944 CKM::Alias alias = "iamsomebodyelse alias";
947 auto manager = CKM::Manager::create();
949 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
950 "Error=" << CKMErrorToString(temp));
953 RUNNER_TEST(T12110_saveData_empty_data)
955 ScopedDBUnlock unlock(USER_APP, APP_PASS);
957 CKM::RawBuffer buffer;
958 CKM::Alias alias = "empty-data";
961 auto manager = CKM::Manager::create();
963 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
964 "Error=" << CKMErrorToString(temp));
968 * These test cases tests API when trying to get data from not existing alias
971 RUNNER_TEST(T12111_getKey_alias_not_exist)
973 ScopedDBUnlock unlock(USER_APP, APP_PASS);
976 CKM::Alias alias = "this-alias-not-exist";
979 auto manager = CKM::Manager::create();
981 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
982 "Error=" << CKMErrorToString(temp));
985 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
987 ScopedDBUnlock unlock(USER_APP, APP_PASS);
989 CKM::CertificateShPtr certificate;
990 CKM::Alias alias = "this-alias-not-exist";
993 auto manager = CKM::Manager::create();
995 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
996 "Error=" << CKMErrorToString(temp));
999 RUNNER_TEST(T12113_getData_alias_not_exist)
1001 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1004 auto manager = CKM::Manager::create();
1005 CKM::RawBuffer buffer;
1006 CKM::Alias alias("some alias");
1008 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1009 "Error=" << CKMErrorToString(temp));
1013 * These test cases tests API when damaged keys are used
1015 RUNNER_TEST(T12114_RSA_key_damaged)
1017 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1020 auto manager = CKM::Manager::create();
1022 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1023 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1024 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1025 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1026 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1027 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1028 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1030 "-----END PUBLIC KEY-----";
1032 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1033 auto key = CKM::Key::create(buffer);
1034 CKM::Alias alias = "damaged-rsa";
1037 NULL == key.get(), "Key is broken. It should be empty");
1040 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1041 "Error=" << CKMErrorToString(ret));
1044 RUNNER_TEST(T12115_RSA_key_too_short)
1046 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1049 auto manager = CKM::Manager::create();
1051 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1052 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1053 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1054 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1055 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1056 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1057 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1059 "-----END PUBLIC KEY-----";
1061 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1062 auto key = CKM::Key::create(buffer);
1063 CKM::Alias alias = "short-rsa";
1066 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1067 "Error=" << CKMErrorToString(ret));
1070 RUNNER_TEST(T12116_DSA_key_too_short)
1072 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1075 auto manager = CKM::Manager::create();
1077 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1078 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1079 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1080 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1081 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1082 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1083 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1084 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1085 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1086 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1087 "YMYCBhubtrVaLmc=\n"
1088 "-----END PUBLIC KEY-----";
1090 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1091 auto key = CKM::Key::create(buffer);
1092 CKM::Alias alias = "short-dsa";
1095 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1096 "Error=" << CKMErrorToString(ret));
1099 RUNNER_TEST(T12117_AES_key_too_short)
1102 auto manager = CKM::Manager::create();
1104 size_t key_size = (128-1);
1105 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1107 auto key = CKM::Key::create(key_AES);
1108 CKM::Alias alias = "short-AES";
1111 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1112 "Error=" << CKMErrorToString(ret));
1116 * These test cases tests CKM service if malicious data is provided over the socket.
1119 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1121 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1124 auto manager = CKM::Manager::create();
1126 // fake the client - let the service detect the problem
1127 class WrongKeyImpl : public CKM::Key
1130 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1133 virtual bool empty() const {
1137 virtual CKM::KeyType getType() const {
1138 return CKM::KeyType::KEY_RSA_PUBLIC;
1140 virtual int getSize() const {
1143 virtual CKM::ElipticCurve getCurve() const {
1144 return CKM::ElipticCurve::prime192v1;
1146 virtual CKM::RawBuffer getDER() const {
1149 virtual ~WrongKeyImpl() {}
1151 CKM::RawBuffer & m_dummy;
1153 std::string dummyData = "my_cat_Berta\n";
1154 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1155 auto key = std::make_shared<WrongKeyImpl>(buffer);
1156 CKM::Alias alias = "damaged-rsa";
1159 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1160 "Error=" << CKMErrorToString(ret));
1163 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1165 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1167 // fake the client - let the service detect the problem
1168 class WrongCertImpl : public CKM::Certificate
1171 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1172 m_x509 = X509_new();
1175 bool empty() const {
1179 virtual X509 *getX509() const {
1183 virtual CKM::RawBuffer getDER() const {
1187 virtual ~WrongCertImpl() {
1192 CKM::RawBuffer & m_dummy;
1194 std::string dummyData = "my_cat_Stefan\n";
1195 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1196 auto cert = std::make_shared<WrongCertImpl>(buffer);
1197 CKM::Alias alias = "damaged-cert";
1200 auto manager = CKM::Manager::create();
1202 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1203 "Error=" << CKMErrorToString(temp));
1206 RUNNER_TEST(T12120_deinit)
1208 remove_user_data(USER_APP);
1211 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1213 RUNNER_TEST(T1311_init)
1215 remove_user_data(USER_APP);
1216 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1217 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1219 struct hostent* he = gethostbyname("google.com");
1221 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1222 "is not woking on the device. OCSP tests requires network access!");
1225 RUNNER_TEST(T13121_get_chain_no_cert)
1227 CKM::CertificateShPtrVector certChain;
1228 CKM::CertificateShPtr cert;
1230 auto manager = CKM::Manager::create();
1232 int ret = manager->getCertificateChain(cert,
1237 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1238 "Function should fail for empty certificate");
1241 RUNNER_TEST(T13122_get_chain_empty_cert)
1243 CKM::CertificateShPtrVector certChain;
1244 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1245 CKM::DataFormat::FORM_PEM);
1247 auto manager = CKM::Manager::create();
1249 int ret = manager->getCertificateChain(cert,
1254 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1255 "Function should fail for empty certificate");
1258 RUNNER_TEST(T13129_get_chain)
1260 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1261 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1263 CKM::CertificateShPtrVector certVector = {cert1};
1264 CKM::CertificateShPtrVector certChain;
1267 auto manager = CKM::Manager::create();
1269 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1270 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1272 tmp = manager->getCertificateChain(cert,
1277 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1278 "Error=" << CKMErrorToString(tmp));
1281 0 == certChain.size(),
1282 "Wrong size of certificate chain.");
1284 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1285 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1288 3 == certChain.size(),
1289 "Wrong size of certificate chain.");
1292 RUNNER_TEST(T1313_get_chain_with_alias)
1294 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1295 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1297 CKM::CertificateShPtrVector certChain;
1298 CKM::AliasVector aliasVector;
1299 CKM::Alias alias = "imcert";
1302 auto manager = CKM::Manager::create();
1304 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1305 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1307 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1308 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1309 "Error=" << CKMErrorToString(tmp));
1312 0 == certChain.size(),
1313 "Wrong size of certificate chain.");
1316 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1317 "Error=" << CKMErrorToString(tmp));
1319 aliasVector.push_back(alias);
1321 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1322 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1325 3 == certChain.size(),
1326 "Wrong size of certificate chain.");
1329 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1331 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1332 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1333 CKM::CertificateShPtrVector certVector = {cert1};
1334 CKM::CertificateShPtrVector certChain;
1337 auto manager = CKM::Manager::create();
1339 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1340 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1342 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1343 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1344 "Error=" << CKMErrorToString(tmp));
1347 0 == certChain.size(),
1348 "Wrong size of certificate chain.");
1350 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1351 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1354 3 == certChain.size(),
1355 "Wrong size of certificate chain.");
1359 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1360 "Error=" << CKMErrorToString(tmp));
1362 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1365 RUNNER_TEST(T13142_ocsp_check_empty)
1367 CKM::CertificateShPtrVector certVector;
1369 auto manager = CKM::Manager::create();
1374 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1375 "ocspCheck should fail for empty certificate vector");
1378 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1380 CKM::CertificateShPtrVector certVector = {
1381 CKM::CertificateShPtr(),
1382 CKM::CertificateShPtr(),
1383 CKM::CertificateShPtr()};
1385 auto manager = CKM::Manager::create();
1390 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1391 "ocspCheck should fail for empty certificate vector");
1394 RUNNER_TEST(T13144_ocsp_check_root)
1396 auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA);
1397 CKM::CertificateShPtrVector certVector = {root};
1399 auto manager = CKM::Manager::create();
1401 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1406 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1407 "Ocsp should fail for single certificate");
1410 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1412 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1413 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1415 CKM::CertificateShPtrVector certVector = {ca, root};
1417 auto manager = CKM::Manager::create();
1419 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1420 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1425 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1426 "Error=" << CKMErrorToString(tmp));
1428 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1431 RUNNER_TEST(T1315_deinit)
1433 remove_user_data(USER_APP);
1436 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1438 RUNNER_TEST(T1411_init)
1440 remove_user_data(USER_APP);
1443 RUNNER_TEST(T1412_RSA_key_create_verify)
1446 auto manager = CKM::Manager::create();
1448 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1449 "Proc-Type: 4,ENCRYPTED\n"
1450 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1452 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1453 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1454 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1455 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1456 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1457 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1458 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1459 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1460 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1461 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1462 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1463 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1464 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1465 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1466 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1467 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1468 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1469 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1470 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1471 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1472 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1473 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1474 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1475 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1476 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1477 "-----END RSA PRIVATE KEY-----\n";
1479 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1480 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1481 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1482 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1483 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1484 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1485 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1487 "-----END PUBLIC KEY-----\n";
1489 std::string message = "message test";
1491 CKM::Alias aliasPub = "pub1";
1492 CKM::Alias aliasPrv = "prv1";
1493 CKM::Password password = "1234";
1494 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1495 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1496 CKM::RawBuffer signature;
1498 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1499 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1501 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1502 "Key is empty. Failed to import public key.");
1503 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1504 "Key is empty. Failed to import private key.");
1507 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1508 "Error=" << CKMErrorToString(temp));
1510 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1511 "Error=" << CKMErrorToString(temp));
1514 CKM_API_SUCCESS == (temp = manager->createSignature(
1517 CKM::RawBuffer(message.begin(), message.end()),
1521 "Error=" << CKMErrorToString(temp));
1524 CKM_API_SUCCESS == (temp = manager->verifySignature(
1527 CKM::RawBuffer(message.begin(), message.end()),
1531 "Error=" << CKMErrorToString(temp));
1534 RUNNER_TEST(T1413_DSA_key_create_verify)
1537 auto manager = CKM::Manager::create();
1539 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1540 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1541 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1542 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1543 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1544 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1545 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1546 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1547 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1548 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1549 "u1roOuaPY+Hl19BlTE2qdw==\n"
1550 "-----END DSA PRIVATE KEY-----";
1552 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1553 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1554 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1555 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1556 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1557 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1558 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1559 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1560 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1561 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1562 "YMYCBhubtrVaLmc=\n"
1563 "-----END PUBLIC KEY-----";
1565 std::string message = "message test";
1567 CKM::Alias aliasPub = "pub2";
1568 CKM::Alias aliasPrv = "prv2";
1569 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1570 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1571 CKM::RawBuffer signature;
1573 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1574 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1576 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1577 "Key is empty. Failed to import public key.");
1578 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1579 "Key is empty. Failed to import private key.");
1582 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1583 "Error=" << CKMErrorToString(temp));
1585 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1586 "Error=" << CKMErrorToString(temp));
1589 CKM_API_SUCCESS == (temp = manager->createSignature(
1592 CKM::RawBuffer(message.begin(), message.end()),
1596 "Error=" << CKMErrorToString(temp));
1599 CKM_API_SUCCESS == (temp = manager->verifySignature(
1602 CKM::RawBuffer(message.begin(), message.end()),
1606 "Error=" << CKMErrorToString(temp));
1610 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1613 auto manager = CKM::Manager::create();
1615 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1616 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1617 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1618 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1619 "-----END EC PRIVATE KEY-----\n";
1621 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1622 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1623 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1624 "-----END PUBLIC KEY-----\n";
1626 std::string message = "message test";
1628 CKM::Alias aliasPub = "ecpub2";
1629 CKM::Alias aliasPrv = "ecprv2";
1630 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1631 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1632 CKM::RawBuffer signature;
1634 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1635 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1637 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1638 "Key is empty. Failed to import public key.");
1639 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1640 "Key is empty. Failed to import private key.");
1643 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1644 "Error=" << CKMErrorToString(temp));
1646 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1647 "Error=" << CKMErrorToString(temp));
1650 CKM_API_SUCCESS == (temp = manager->createSignature(
1653 CKM::RawBuffer(message.begin(), message.end()),
1657 "Error=" << CKMErrorToString(temp));
1660 CKM_API_SUCCESS == (temp = manager->verifySignature(
1663 CKM::RawBuffer(message.begin(), message.end()),
1667 "Error=" << CKMErrorToString(temp));
1669 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1671 memcpy((void*)signature.data(), "BROKEN", 6);
1674 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1677 CKM::RawBuffer(message.begin(), message.end()),
1681 "Error=" << CKMErrorToString(temp));
1684 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1687 auto manager = CKM::Manager::create();
1688 std::string message = "message asdfaslkdfjlksadjf test";
1690 CKM::Alias aliasPub = "pub1";
1691 CKM::Alias aliasPrv = "prv1";
1693 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1694 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1695 CKM::RawBuffer signature;
1698 CKM_API_SUCCESS == (temp = manager->createSignature(
1701 CKM::RawBuffer(message.begin(), message.end()),
1705 "Error=" << CKMErrorToString(temp));
1708 CKM_API_SUCCESS == (temp = manager->verifySignature(
1711 CKM::RawBuffer(message.begin(), message.end()),
1715 "Error=" << CKMErrorToString(temp));
1717 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1718 memcpy((void*)signature.data(), "BROKEN", 6);
1721 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1724 CKM::RawBuffer(message.begin(), message.end()),
1728 "Error=" << CKMErrorToString(temp));
1731 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1734 auto manager = CKM::Manager::create();
1735 std::string message = "message asdfaslkdfjlksadjf test";
1737 CKM::Alias aliasPub = "pub2";
1738 CKM::Alias aliasPrv = "prv2";
1740 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1741 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1742 CKM::RawBuffer signature;
1745 CKM_API_SUCCESS == (temp = manager->createSignature(
1748 CKM::RawBuffer(message.begin(), message.end()),
1752 "Error=" << CKMErrorToString(temp));
1755 CKM_API_SUCCESS == (temp = manager->verifySignature(
1758 CKM::RawBuffer(message.begin(), message.end()),
1762 "Error=" << CKMErrorToString(temp));
1764 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1765 memcpy((void*)signature.data(), "BROKEN", 6);
1768 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1771 CKM::RawBuffer(message.begin(), message.end()),
1775 "Error=" << CKMErrorToString(temp));
1778 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1781 auto manager = CKM::Manager::create();
1784 "-----BEGIN RSA PRIVATE KEY-----\n"
1785 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1786 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1787 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1788 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1789 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1790 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1791 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1792 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1793 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1794 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1795 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1796 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1797 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1798 "-----END RSA PRIVATE KEY-----\n";
1801 "-----BEGIN CERTIFICATE-----\n"
1802 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1803 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1804 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1805 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1806 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1807 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1808 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1809 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1810 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1811 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1812 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1813 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1814 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1815 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1816 "-----END CERTIFICATE-----\n";
1818 std::string message = "message test";
1820 CKM::Alias aliasPub = "pub1-cert";
1821 CKM::Alias aliasPrv = "prv1-cert";
1822 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1823 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1824 CKM::RawBuffer signature;
1826 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1827 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1829 RUNNER_ASSERT_MSG(NULL != cert.get(),
1830 "Key is empty. Failed to import public key.");
1831 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1832 "Key is empty. Failed to import private key.");
1835 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1836 "Error=" << CKMErrorToString(temp));
1838 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1839 "Error=" << CKMErrorToString(temp));
1842 CKM_API_SUCCESS == (temp = manager->createSignature(
1845 CKM::RawBuffer(message.begin(), message.end()),
1849 "Error=" << CKMErrorToString(temp));
1852 CKM_API_SUCCESS == (temp = manager->verifySignature(
1855 CKM::RawBuffer(message.begin(), message.end()),
1859 "Error=" << CKMErrorToString(temp));
1861 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1863 memcpy((void*)signature.data(), "BROKEN", 6);
1866 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1869 CKM::RawBuffer(message.begin(), message.end()),
1873 "Error=" << CKMErrorToString(temp));
1876 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1879 auto manager = CKM::Manager::create();
1881 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1882 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1883 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1884 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1885 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1886 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1887 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1888 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1889 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1890 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1891 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1892 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1893 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1894 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1895 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1896 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1897 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1898 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1899 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1900 "-----END CERTIFICATE-----\n";
1902 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1903 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1904 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1905 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1906 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1907 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1908 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1909 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1910 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1911 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1912 "vonbjii3BYe4AIdkzOvp\n"
1913 "-----END DSA PRIVATE KEY-----\n";
1915 std::string message = "message test";
1917 CKM::Alias aliasPub = "pub2-cert";
1918 CKM::Alias aliasPrv = "prv2-cert";
1919 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1920 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1921 CKM::RawBuffer signature;
1923 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1924 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1926 RUNNER_ASSERT_MSG(NULL != cert.get(),
1927 "Key is empty. Failed to import public key.");
1928 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1929 "Key is empty. Failed to import private key.");
1932 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1933 "Error=" << CKMErrorToString(temp));
1935 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1936 "Error=" << CKMErrorToString(temp));
1939 CKM_API_SUCCESS == (temp = manager->createSignature(
1942 CKM::RawBuffer(message.begin(), message.end()),
1946 "Error=" << CKMErrorToString(temp));
1949 CKM_API_SUCCESS == (temp = manager->verifySignature(
1952 CKM::RawBuffer(message.begin(), message.end()),
1956 "Error=" << CKMErrorToString(temp));
1958 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1960 memcpy((void*)signature.data(), "BROKEN", 6);
1963 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1966 CKM::RawBuffer(message.begin(), message.end()),
1970 "Error=" << CKMErrorToString(temp));
1973 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
1976 auto manager = CKM::Manager::create();
1979 "-----BEGIN EC PRIVATE KEY-----\n"
1980 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1981 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1982 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1983 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1984 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1985 "ELyhe7yPCAuOoLZlTLgf\n"
1986 "-----END EC PRIVATE KEY-----\n";
1989 "-----BEGIN CERTIFICATE-----\n"
1990 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1991 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1992 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1993 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1994 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1995 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1996 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1997 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1998 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1999 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2000 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2001 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2002 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2003 "Q1oBry6NEc+lLFmWMDesAA==\n"
2004 "-----END CERTIFICATE-----\n";
2006 std::string message = "message test";
2008 CKM::Alias aliasPub = "pub3";
2009 CKM::Alias aliasPrv = "prv3";
2010 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2011 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2012 CKM::RawBuffer signature;
2014 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2015 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2017 RUNNER_ASSERT_MSG(NULL != cert.get(),
2018 "Key is empty. Failed to import public key.");
2019 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2020 "Key is empty. Failed to import private key.");
2023 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2024 "Error=" << CKMErrorToString(temp));
2026 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2027 "Error=" << CKMErrorToString(temp));
2030 CKM_API_SUCCESS == (temp = manager->createSignature(
2033 CKM::RawBuffer(message.begin(), message.end()),
2037 "Error=" << CKMErrorToString(temp));
2040 CKM_API_SUCCESS == (temp = manager->verifySignature(
2043 CKM::RawBuffer(message.begin(), message.end()),
2047 "Error=" << CKMErrorToString(temp));
2049 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2051 memcpy((void*)signature.data(), "BROKEN", 6);
2054 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2057 CKM::RawBuffer(message.begin(), message.end()),
2061 "Error=" << CKMErrorToString(temp));
2064 RUNNER_TEST(T1420_deinit)
2066 remove_user_data(USER_APP);
2069 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2071 RUNNER_TEST(T14180_init)
2074 remove_user_data(USER_APP);
2076 auto manager = CKM::Manager::create();
2078 // Prepare RSA Key Pair
2079 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2080 "Proc-Type: 4,ENCRYPTED\n"
2081 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2083 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2084 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2085 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2086 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2087 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2088 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2089 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2090 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2091 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2092 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2093 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2094 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2095 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2096 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2097 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2098 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2099 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2100 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2101 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2102 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2103 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2104 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2105 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2106 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2107 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2108 "-----END RSA PRIVATE KEY-----\n";
2110 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2111 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2112 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2113 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2114 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2115 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2116 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2118 "-----END PUBLIC KEY-----\n";
2120 CKM::Alias aliasPub = "pub_nohash1";
2121 CKM::Alias aliasPrv = "prv_nohash1";
2122 CKM::Password password = "1234";
2124 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2125 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2127 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2128 "Key is empty. Failed to import public key.");
2129 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2130 "Key is empty. Failed to import private key.");
2133 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2134 "Error=" << CKMErrorToString(temp));
2136 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2137 "Error=" << CKMErrorToString(temp));
2139 // Prepare ECDSA Key Pair
2140 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2141 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2142 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2143 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2144 "-----END EC PRIVATE KEY-----\n";
2146 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2147 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2148 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2149 "-----END PUBLIC KEY-----\n";
2151 CKM::Alias aliasEcPub = "ecpub_nohash1";
2152 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2154 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2155 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2157 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2158 "Key is empty. Failed to import public key.");
2159 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2160 "Key is empty. Failed to import private key.");
2163 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2164 "Error=" << CKMErrorToString(temp));
2166 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2167 "Error=" << CKMErrorToString(temp));
2171 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2174 auto manager = CKM::Manager::create();
2175 std::string message = "message asdfaslkdfjlksadjf test";
2177 CKM::Alias aliasPub = "pub_nohash1";
2178 CKM::Alias aliasPrv = "prv_nohash1";
2180 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2181 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2182 CKM::RawBuffer signature;
2185 CKM_API_SUCCESS == (temp = manager->createSignature(
2188 CKM::RawBuffer(message.begin(), message.end()),
2192 "Error=" << CKMErrorToString(temp));
2195 CKM_API_SUCCESS == (temp = manager->verifySignature(
2198 CKM::RawBuffer(message.begin(), message.end()),
2202 "Error=" << CKMErrorToString(temp));
2204 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2205 memcpy((void*)signature.data(), "BROKEN", 6);
2208 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2211 CKM::RawBuffer(message.begin(), message.end()),
2215 "Error=" << CKMErrorToString(temp));
2218 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2221 auto manager = CKM::Manager::create();
2222 std::string message = "message asdfaslkdfjlksadjf test";
2224 CKM::Alias aliasPub = "pub_nohash1";
2225 CKM::Alias aliasPrv = "prv_nohash1";
2227 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2228 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2229 CKM::RawBuffer signature;
2232 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2235 CKM::RawBuffer(message.begin(), message.end()),
2239 "Error=" << CKMErrorToString(temp));
2242 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2245 auto manager = CKM::Manager::create();
2246 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2247 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2248 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2249 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2250 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2251 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2252 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2253 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2254 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2255 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2256 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2257 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2258 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2259 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2260 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2261 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2262 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2263 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2264 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2265 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2267 CKM::Alias aliasPub = "pub_nohash1";
2268 CKM::Alias aliasPrv = "prv_nohash1";
2270 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2271 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2272 CKM::RawBuffer signature;
2275 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2278 CKM::RawBuffer(message.begin(), message.end()),
2282 "Error=" << CKMErrorToString(temp));
2286 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2289 auto manager = CKM::Manager::create();
2291 std::string message = "message test";
2293 CKM::Alias aliasPub = "ecpub_nohash1";
2294 CKM::Alias aliasPrv = "ecprv_nohash1";
2295 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2296 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2297 CKM::RawBuffer signature;
2300 CKM_API_SUCCESS == (temp = manager->createSignature(
2303 CKM::RawBuffer(message.begin(), message.end()),
2307 "Error=" << CKMErrorToString(temp));
2310 CKM_API_SUCCESS == (temp = manager->verifySignature(
2313 CKM::RawBuffer(message.begin(), message.end()),
2317 "Error=" << CKMErrorToString(temp));
2319 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2321 memcpy((void*)signature.data(), "BROKEN", 6);
2324 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2327 CKM::RawBuffer(message.begin(), message.end()),
2331 "Error=" << CKMErrorToString(temp));
2334 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2337 auto manager = CKM::Manager::create();
2339 int msgSize = 1024*1024;
2340 char big_msg[msgSize];
2341 for(int i =0; i<msgSize-1; i++) {
2344 big_msg[msgSize-1]=0x00;
2345 std::string message(big_msg);
2347 CKM::Alias aliasPub = "ecpub_nohash1";
2348 CKM::Alias aliasPrv = "ecprv_nohash1";
2349 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2350 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2351 CKM::RawBuffer signature;
2354 CKM_API_SUCCESS == (temp = manager->createSignature(
2357 CKM::RawBuffer(message.begin(), message.end()),
2361 "Error=" << CKMErrorToString(temp));
2365 RUNNER_TEST(T14189_deinit)
2367 remove_user_data(USER_APP);
2371 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2375 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2376 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2377 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2378 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2379 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2382 RUNNER_TEST(T1800_init)
2384 remove_user_data(USER_APP);
2387 RUNNER_TEST(T1801_parse_PKCS12) {
2388 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2389 std::istreambuf_iterator<char> begin(is), end;
2390 std::vector<char> buff(begin, end);
2392 CKM::RawBuffer buffer(buff.size());
2393 memcpy(buffer.data(), buff.data(), buff.size());
2395 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2398 "Error in PKCS12::create()");
2400 auto cert = pkcs->getCertificate();
2403 "Error in PKCS12::getCertificate()");
2405 auto key = pkcs->getKey();
2408 "Error in PKCS12::getKey()");
2410 auto caVector = pkcs->getCaCertificateShPtrVector();
2412 0 == caVector.size(),
2413 "Wrong size of vector");
2416 RUNNER_TEST(T1802_negative_wrong_password) {
2417 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2418 std::istreambuf_iterator<char> begin(is), end;
2419 std::vector<char> buff(begin, end);
2421 CKM::RawBuffer buffer(buff.size());
2422 memcpy(buffer.data(), buff.data(), buff.size());
2424 auto pkcs = CKM::PKCS12::create(buffer, "error");
2427 "Expected error in PKCS12::create()");
2430 RUNNER_TEST(T1803_negative_broken_buffer) {
2431 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2432 std::istreambuf_iterator<char> begin(is), end;
2433 std::vector<char> buff(begin, end);
2435 CKM::RawBuffer buffer(buff.size());
2436 memcpy(buffer.data(), buff.data(), buff.size());
2438 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2441 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2444 "Expected error in PKCS12::create()");
2447 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2449 auto manager = CKM::Manager::create();
2450 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2451 std::istreambuf_iterator<char> begin(is), end;
2452 std::vector<char> buff(begin, end);
2454 CKM::RawBuffer buffer(buff.size());
2455 memcpy(buffer.data(), buff.data(), buff.size());
2457 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2460 "Error in PKCS12::create()");
2463 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2464 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2465 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2466 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2467 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2468 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2469 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2470 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2471 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2472 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2473 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2474 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2475 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2476 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2477 "-----END RSA PRIVATE KEY-----\n";
2479 std::string message = "message test";
2481 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2482 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2483 "Key is empty. Failed to import private key.");
2487 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2488 "Error=" << CKMErrorToString(temp));
2491 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2492 "Error=" << CKMErrorToString(temp));
2495 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2497 auto manager = CKM::Manager::create();
2498 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2499 std::istreambuf_iterator<char> begin(is), end;
2500 std::vector<char> buff(begin, end);
2502 CKM::RawBuffer buffer(buff.size());
2503 memcpy(buffer.data(), buff.data(), buff.size());
2505 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2508 "Error in PKCS12::create()");
2510 auto cert = pkcs->getCertificate();
2513 "Error in PKCS12::getCertificate()");
2515 auto key = pkcs->getKey();
2518 "Error in PKCS12::getKey()");
2520 auto caVector = pkcs->getCaCertificateShPtrVector();
2522 2 == caVector.size(),
2523 "Wrong size of vector");
2527 CKM::Policy exportable;
2528 CKM::Policy notExportable(CKM::Password(), false);
2531 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2532 "Error=" << CKMErrorToString(tmp));
2534 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2535 "Error=" << CKMErrorToString(tmp));
2537 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2538 "Error=" << CKMErrorToString(tmp));
2540 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2541 "Error=" << CKMErrorToString(tmp));
2543 // try to lookup key
2544 CKM::KeyShPtr key_lookup;
2546 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2547 "Error=" << CKMErrorToString(tmp));
2549 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2550 "Error=" << CKMErrorToString(tmp));
2552 // try to lookup certificate
2553 CKM::CertificateShPtr cert_lookup;
2555 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2556 "Error=" << CKMErrorToString(tmp));
2558 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2559 "Error=" << CKMErrorToString(tmp));
2562 RUNNER_TEST(T1806_get_PKCS)
2565 auto manager = CKM::Manager::create();
2567 CKM::PKCS12ShPtr pkcs;
2571 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2572 "Error=" << CKMErrorToString(temp));
2574 // fail - not exportable
2576 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2577 "Error=" << CKMErrorToString(temp));
2579 // success - exportable
2581 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2582 "Error=" << CKMErrorToString(temp));
2584 auto cert = pkcs->getCertificate();
2587 "Error in PKCS12::getCertificate()");
2589 auto key = pkcs->getKey();
2592 "Error in PKCS12::getKey()");
2594 auto caVector = pkcs->getCaCertificateShPtrVector();
2596 2 == caVector.size(),
2597 "Wrong size of vector");
2600 RUNNER_TEST(T1807_create_and_verify_signature)
2603 auto manager = CKM::Manager::create();
2605 std::string message = "message test";
2607 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2608 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2609 CKM::RawBuffer signature;
2612 CKM_API_SUCCESS == (temp = manager->createSignature(
2613 alias_PKCS_exportable,
2615 CKM::RawBuffer(message.begin(), message.end()),
2619 "Error=" << CKMErrorToString(temp));
2622 CKM_API_SUCCESS == (temp = manager->verifySignature(
2623 alias_PKCS_exportable,
2625 CKM::RawBuffer(message.begin(), message.end()),
2629 "Error=" << CKMErrorToString(temp));
2632 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2635 auto manager = CKM::Manager::create();
2637 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2638 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2639 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2640 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2641 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2642 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2643 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2644 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2645 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2646 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2647 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2648 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2649 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2650 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2651 "-----END RSA PRIVATE KEY-----";
2652 std::string message = "message test";
2654 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2655 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2656 "Key is empty. Failed to import private key.");
2659 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2660 "Error=" << CKMErrorToString(temp));
2662 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2663 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2664 CKM::RawBuffer signature;
2667 CKM_API_SUCCESS == (temp = manager->createSignature(
2668 alias_PKCS_priv_key_copy,
2670 CKM::RawBuffer(message.begin(), message.end()),
2674 "Error=" << CKMErrorToString(temp));
2677 CKM_API_SUCCESS == (temp = manager->verifySignature(
2678 alias_PKCS_exportable,
2680 CKM::RawBuffer(message.begin(), message.end()),
2684 "Error=" << CKMErrorToString(temp));
2687 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2690 auto manager = CKM::Manager::create();
2692 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2693 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2694 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2695 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2696 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2697 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2698 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2699 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2700 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2701 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2702 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2703 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2704 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2705 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2706 "-----END RSA PRIVATE KEY-----\n";
2708 std::string message = "message test";
2710 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2711 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2712 "Key is empty. Failed to import private key.");
2715 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2716 "Error=" << CKMErrorToString(temp));
2718 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2719 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2720 CKM::RawBuffer signature;
2723 CKM_API_SUCCESS == (temp = manager->createSignature(
2724 alias_PKCS_priv_key_wrong,
2726 CKM::RawBuffer(message.begin(), message.end()),
2730 "Error=" << CKMErrorToString(temp));
2733 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2734 alias_PKCS_exportable,
2736 CKM::RawBuffer(message.begin(), message.end()),
2740 "Error=" << CKMErrorToString(temp));
2743 RUNNER_TEST(T1810_verify_get_certificate_chain)
2745 // this certificate has been signed using PKCS chain
2747 "-----BEGIN CERTIFICATE-----\n"
2748 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
2749 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
2750 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
2751 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
2752 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
2753 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
2754 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
2755 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
2756 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
2757 "-----END CERTIFICATE-----\n";
2759 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2760 CKM::CertificateShPtrVector certChain;
2761 CKM::AliasVector aliasVector;
2764 auto manager = CKM::Manager::create();
2766 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2768 tmp = manager->getCertificateChain(cert,
2773 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2774 "Error=" << CKMErrorToString(tmp));
2777 0 == certChain.size(),
2778 "Wrong size of certificate chain.");
2780 aliasVector.push_back(alias_PKCS_exportable);
2782 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2783 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
2785 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2787 4 == certChain.size(),
2788 "Wrong size of certificate chain: " << certChain.size());
2791 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2793 auto manager = CKM::Manager::create();
2797 // remove the whole PKCS12 bundles
2799 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2800 "Error=" << CKMErrorToString(tmp));
2802 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2803 "Error=" << CKMErrorToString(tmp));
2805 // expect lookup fails due to unknown alias
2806 // try to lookup key
2807 CKM::KeyShPtr key_lookup;
2809 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2810 "Error=" << CKMErrorToString(tmp));
2812 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2813 "Error=" << CKMErrorToString(tmp));
2815 // try to lookup certificate
2816 CKM::CertificateShPtr cert_lookup;
2818 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2819 "Error=" << CKMErrorToString(tmp));
2821 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2822 "Error=" << CKMErrorToString(tmp));
2825 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2827 CKM::Alias alias = "t1812alias1";
2829 auto manager = CKM::Manager::create();
2830 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2831 std::istreambuf_iterator<char> begin(is), end;
2832 std::vector<char> buff(begin, end);
2834 CKM::PKCS12ShPtr pkcs12;
2835 CKM::Password pass1 = "easypass1";
2836 CKM::Password pass2 = "easypass2";
2838 CKM::RawBuffer buffer(buff.size());
2839 memcpy(buffer.data(), buff.data(), buff.size());
2841 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2844 "Error in PKCS12::create()");
2848 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2849 "Error=" << CKMErrorToString(temp));
2852 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2853 "Error=" << CKMErrorToString(temp));
2856 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2857 "Error=" << CKMErrorToString(temp));
2860 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2861 "Error=" << CKMErrorToString(temp));
2864 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2865 "Error=" << CKMErrorToString(temp));
2868 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2869 "Error=" << CKMErrorToString(temp));
2871 CKM::CertificateShPtr cert;
2873 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2874 "Error=" << CKMErrorToString(temp));
2876 CKM::CertificateShPtrVector certChain;
2877 CKM::AliasVector certVect;
2878 certVect.push_back(alias);
2881 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2882 "Error=" << CKMErrorToString(temp));
2885 RUNNER_TEST(T1813_deinit)
2888 auto control = CKM::Control::create();
2891 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2892 "Error=" << CKMErrorToString(temp));
2895 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2897 const char * const T190_PASSWD = "t190-special-password";
2899 RUNNER_TEST(T1901_init_unlock_key)
2901 reset_user_data(USER_APP, T190_PASSWD);
2904 RUNNER_TEST(T1902_get_data)
2906 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2908 auto manager = CKM::Manager::create();
2911 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2914 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2915 "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
2918 RUNNER_TEST(T1903_lock_database)
2921 auto control = CKM::Control::create();
2923 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2924 "Error=" << CKMErrorToString(tmp));
2927 RUNNER_TEST(T1904_get_data_from_locked_database)
2929 auto manager = CKM::Manager::create();
2932 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2935 CKM_API_ERROR_DB_LOCKED == status1,
2936 "Could not get key from locked database. Error=" << CKMErrorToString(status1));
2939 RUNNER_TEST(T1905_deinit)
2941 remove_user_data(USER_APP);
2944 int main(int argc, char *argv[])
2946 uid_t expected_uid = tzplatform_getuid(TZ_SYS_DEFAULT_USER);
2947 if (expected_uid != geteuid()) {
2948 std::string userStr("owner");
2949 const char* user = tzplatform_getenv(TZ_SYS_DEFAULT_USER);
2953 std::cerr << argv[0] << " should be executed as " << userStr << ". Aborting" << std::endl;
2957 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob