2 * Copyright (c) 2016 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
25 #include <dpl/test/test_runner.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
30 #include <ckm-common.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-password.h>
34 #include <ckm/ckm-type.h>
35 #include <ckm/ckm-pkcs12.h>
37 #include <openssl/x509.h>
38 #include <openssl/x509v3.h>
40 #include <tzplatform_config.h>
43 const int USER_APP = 5001;
45 const int USER_APP_2 = 5020;
46 const int USER_APP_3 = 5030;
48 const char * const APP_PASS = "user-pass";
49 const int USER_TEST = 5001;
51 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
52 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
53 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
54 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
55 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
56 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
57 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
58 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
59 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
61 "-----END PUBLIC KEY-----";
63 } // namespace anonymous
66 * How to numerate tests:
68 * T - test case (always T)
69 * AB - number of test group (always two digits)
70 * C - test number in group (all tests with same TABC must be run in the same time).
73 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
75 RUNNER_TEST(T0011_Control)
78 auto control = CKM::Control::create();
80 control->removeUserData(0);
81 control->removeUserData(USER_APP_2);
82 control->removeUserData(USER_APP);
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
86 "Error=" << CKM::APICodeToString(temp));
89 RUNNER_TEST(T0012_Control)
92 auto control = CKM::Control::create();
94 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
95 "Error=" << CKM::APICodeToString(temp));
97 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
98 "Error=" << CKM::APICodeToString(temp));
101 RUNNER_TEST(T0013_Control)
104 auto control = CKM::Control::create();
106 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
107 "Error=" << CKM::APICodeToString(temp));
110 RUNNER_TEST(T0014_Control)
113 auto control = CKM::Control::create();
115 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
116 "Error=" << CKM::APICodeToString(temp));
119 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
120 "Error=" << CKM::APICodeToString(temp));
123 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
124 "Error=" << CKM::APICodeToString(temp));
127 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
128 "Error=" << CKM::APICodeToString(temp));
131 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
132 "Error=" << CKM::APICodeToString(temp));
135 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
136 "Error=" << CKM::APICodeToString(temp));
139 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
140 "Error=" << CKM::APICodeToString(temp));
143 RUNNER_TEST(T0015_Control)
146 auto control = CKM::Control::create();
148 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
149 "Error=" << CKM::APICodeToString(temp));
151 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
152 "Error=" << CKM::APICodeToString(temp));
154 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
155 "Error=" << CKM::APICodeToString(temp));
157 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
158 "Error=" << CKM::APICodeToString(temp));
161 RUNNER_TEST(T0016_Control_negative_wrong_password)
164 auto control = CKM::Control::create();
166 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
167 "Error=" << CKM::APICodeToString(temp));
169 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
170 "Error=" << CKM::APICodeToString(temp));
172 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
173 "Error=" << CKM::APICodeToString(temp));
175 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
176 "Error=" << CKM::APICodeToString(temp));
178 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
179 "Error=" << CKM::APICodeToString(temp));
182 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
184 RUNNER_TEST(T1010_init)
186 unlock_user_data(USER_APP, "user-pass");
189 RUNNER_TEST(T1011_key)
192 auto manager = CKM::Manager::create();
194 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
195 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
196 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
197 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
198 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
199 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
200 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
202 "-----END PUBLIC KEY-----";
204 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
205 auto key = CKM::Key::create(buffer, CKM::Password());
207 CKM::Alias alias = "mykey";
210 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
211 "Error=" << CKM::APICodeToString(temp));
213 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
214 "Error=" << CKM::APICodeToString(temp));
216 key->getDER() == key2->getDER(),
217 "Key value has been changed by service");
220 RUNNER_TEST(T1012_certificate)
223 auto manager = CKM::Manager::create();
225 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
226 CKM::CertificateShPtr cert2;
227 CKM::Alias alias = "myCert";
230 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
231 "Error=" << CKM::APICodeToString(temp));
233 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
234 "Error=" << CKM::APICodeToString(temp));
236 cert->getDER() == cert2->getDER(),
237 "Data has been modified in key manager");
240 RUNNER_TEST(T1014_save_with_label)
243 auto manager = CKM::Manager::create();
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
255 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
256 auto key = CKM::Key::create(buffer, CKM::Password());
257 CKM::KeyShPtr key_name, key_full_addr;
258 CKM::Alias alias = "mykey-2";
259 std::string top_label = getOwnerIdFromSelf();
260 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
263 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
264 "Error=" << CKM::APICodeToString(temp));
268 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
269 "Error=" << CKM::APICodeToString(temp));
271 key->getDER() == key_name->getDER(),
272 "Key value has been changed by service");
274 // lookup by full address
276 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
277 "Error=" << CKM::APICodeToString(temp));
279 key->getDER() == key_full_addr->getDER(),
280 "Key value has been changed by service");
283 RUNNER_TEST(T1020_save_big_data)
286 const size_t BIG_SIZE = 100000;
287 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
289 const size_t BIG_SIZE = 5000000;
290 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
294 std::vector<char> big_data(BIG_SIZE);
295 std::ifstream is("/dev/urandom", std::ifstream::binary);
297 is.read(big_data.data(), BIG_SIZE);
299 RUNNER_ASSERT_MSG(is,
300 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
302 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
303 CKM::Policy policy(CKM::Password(), true, backend);
304 CKM::RawBuffer returned;
306 auto manager = CKM::Manager::create();
309 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
310 "Error=" << CKM::APICodeToString(temp));
313 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
314 "Error=" << CKM::APICodeToString(temp));
316 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
319 RUNNER_TEST(T1015_deinit)
321 remove_user_data(USER_APP);
324 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
326 RUNNER_TEST(T1020_init)
329 auto control = CKM::Control::create();
331 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
332 "Error=" << CKM::APICodeToString(temp));
335 RUNNER_TEST(T1021_save_keys_get_alias)
338 auto manager = CKM::Manager::create();
340 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
341 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
342 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
343 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
344 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
345 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
346 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
348 "-----END PUBLIC KEY-----";
350 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
351 auto key = CKM::Key::create(buffer, CKM::Password());
352 CKM::AliasVector labelAliasVector;
354 size_t current_aliases_num = count_aliases(ALIAS_KEY);
356 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
357 "Error=" << CKM::APICodeToString(temp));
359 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
360 "Error=" << CKM::APICodeToString(temp));
362 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
363 "Error=" << CKM::APICodeToString(temp));
365 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
366 "Error=" << CKM::APICodeToString(temp));
368 labelAliasVector.size() == (current_aliases_num+3),
369 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
372 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
375 auto manager = CKM::Manager::create();
377 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
378 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
379 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
380 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
381 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
382 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
383 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
385 "-----END PUBLIC KEY-----";
387 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
388 auto key = CKM::Key::create(buffer, CKM::Password());
389 CKM::AliasVector labelAliasVector;
391 size_t current_aliases_num = count_aliases(ALIAS_KEY);
393 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
394 "Error=" << CKM::APICodeToString(temp));
396 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
397 "Error=" << CKM::APICodeToString(temp));
399 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
400 "Error=" << CKM::APICodeToString(temp));
402 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
403 "Error=" << CKM::APICodeToString(temp));
405 labelAliasVector.size() == (current_aliases_num+3),
406 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
409 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
412 auto manager = CKM::Manager::create();
414 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
415 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
416 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
417 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
418 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
419 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
420 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
422 "-----END PUBLIC KEY-----";
424 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
425 auto key = CKM::Key::create(buffer, CKM::Password());
426 CKM::AliasVector aliasVector;
427 CKM::Policy notExportable(CKM::Password(), false);
430 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
431 "Error=" << CKM::APICodeToString(temp));
433 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
434 "Error=" << CKM::APICodeToString(temp));
436 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
437 "Error=" << CKM::APICodeToString(temp));
440 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
442 remove_user_data(USER_APP);
445 const int aliasNameCount = 10;
446 auto manager = CKM::Manager::create();
448 CKM::AliasPwdVector expected;
449 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
450 auto key = CKM::Key::create(buffer, CKM::Password());
451 std::string currentAlias;
453 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
454 // make aliases with & without: password protection, exportable flag
455 for (int it = 0; it < aliasNameCount; ++it)
457 CKM::Policy policy = generate_ckm_policy(it);
458 currentAlias = "T1024_appkey" + std::to_string(it);
459 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
461 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
462 "Error=" << CKM::APICodeToString(exitCode));
465 CKM::AliasPwdVector actual;
468 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasPwdVector(actual)),
469 "Error=" << CKM::APICodeToString(exitCode));
471 actual.size() == (beforeSaveAliasCount + aliasNameCount),
472 "Wrong aliases count: " << actual.size() << " Expected: "
473 << (beforeSaveAliasCount + aliasNameCount));
474 check_alias_info_list_helper(expected, actual, "/User ");
476 remove_user_data(USER_APP);
479 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
481 remove_user_data(USER_APP);
484 const int aliasNameCount = 10;
485 auto manager = CKM::Manager::create();
487 CKM::AliasPwdVector expected;
488 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
489 std::string currentAlias;
491 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
492 for (int it = 0; it < aliasNameCount; ++it)
494 CKM::Policy policy = generate_ckm_policy(it);
495 currentAlias = "T1025_appcert" + std::to_string(it);
496 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
498 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
499 "Error=" << CKM::APICodeToString(exitCode));
502 CKM::AliasPwdVector actual;
504 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasPwdVector(actual)),
505 "Error=" << CKM::APICodeToString(exitCode));
507 actual.size() == (beforeSaveAliasCount + aliasNameCount),
508 "Wrong aliases count: " << actual.size() << " Expected: "
509 << (beforeSaveAliasCount + aliasNameCount));
510 check_alias_info_list_helper(expected, actual, "/User ");
512 remove_user_data(USER_APP);
515 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
517 remove_user_data(USER_APP);
520 const int aliasNameCount = 10;
521 auto manager = CKM::Manager::create();
523 CKM::AliasPwdVector expected;
524 std::string binData = "My bin data";
525 CKM::RawBuffer buffer(binData.begin(), binData.end());
526 std::string currentAlias;
528 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
529 for (int it = 0; it < aliasNameCount; ++it)
531 CKM::Policy policy = generate_ckm_policy(it);
532 currentAlias = "T1026_appdata" + std::to_string(it);
533 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
535 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
536 "Error=" << CKM::APICodeToString(exitCode));
539 CKM::AliasPwdVector actual;
541 CKM_API_SUCCESS == (exitCode = manager->getDataAliasPwdVector(actual)),
542 "Error=" << CKM::APICodeToString(exitCode));
544 actual.size() == (beforeSaveAliasCount + aliasNameCount),
545 "Wrong aliases count: " << actual.size() << " Expected: "
546 << (beforeSaveAliasCount + aliasNameCount));
547 check_alias_info_list_helper(expected, actual, "/User ");
549 remove_user_data(USER_APP);
552 RUNNER_TEST(T1029_deinit)
554 remove_user_data(USER_APP);
557 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
558 RUNNER_TEST(T1030_init)
560 reset_user_data(USER_APP, APP_PASS);
563 RUNNER_TEST(T1032_app_user_save_bin_data)
565 ScopedDBUnlock unlock(USER_APP, APP_PASS);
568 auto manager = CKM::Manager::create();
570 std::string binData = "My bin data";
572 CKM::RawBuffer buffer(binData.begin(), binData.end());
574 CKM::AliasVector labelAliasVector;
576 size_t current_aliases_num = count_aliases(ALIAS_DATA);
578 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
579 "Error=" << CKM::APICodeToString(temp));
581 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
582 "Error=" << CKM::APICodeToString(temp));
584 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
585 "Error=" << CKM::APICodeToString(temp));
587 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
588 "Error=" << CKM::APICodeToString(temp));
590 labelAliasVector.size() == (current_aliases_num+3),
591 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
594 RUNNER_TEST(T1034_app_remove_bin_data)
596 ScopedDBUnlock unlock(USER_APP, APP_PASS);
599 auto manager = CKM::Manager::create();
601 std::string binData2 = "My bin data";
602 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
604 CKM::AliasVector labelAliasVector;
606 size_t current_aliases_num = count_aliases(ALIAS_DATA);
607 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
609 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
610 "Error=" << CKM::APICodeToString(temp));
612 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
613 "Error=" << CKM::APICodeToString(temp));
615 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
616 "Error=" << CKM::APICodeToString(temp));
618 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
619 "Error=" << CKM::APICodeToString(temp));
621 labelAliasVector.size() == (current_aliases_num-2),
622 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
624 CKM::RawBuffer buffer;
626 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
627 "Error=" << CKM::APICodeToString(temp));
632 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
633 "Error=" << CKM::APICodeToString(temp));
636 RUNNER_TEST(T1035_getData_wrong_password)
638 ScopedDBUnlock unlock(USER_APP, APP_PASS);
641 auto manager = CKM::Manager::create();
643 std::string binData1 = "My bin data4";
645 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
648 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
649 "Error=" << CKM::APICodeToString(temp));
651 CKM::RawBuffer buffer;
653 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
654 "Error=" << CKM::APICodeToString(temp));
660 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
661 "Error=" << CKM::APICodeToString(temp));
664 RUNNER_TEST(T1036_deinit)
666 remove_user_data(USER_APP);
669 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
671 RUNNER_TEST(T1040_init)
674 auto control = CKM::Control::create();
677 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
678 "Error=" << CKM::APICodeToString(temp));
681 RUNNER_TEST(T1041_create_RSA_key)
684 auto manager = CKM::Manager::create();
687 size_t current_aliases_num = count_aliases(ALIAS_KEY);
689 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
690 "Error=" << CKM::APICodeToString(temp));
692 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
693 "Error=" << CKM::APICodeToString(temp));
695 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
696 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
699 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
702 auto manager = CKM::Manager::create();
706 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
707 "Error=" << CKM::APICodeToString(temp));
709 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
710 "Error=" << CKM::APICodeToString(temp));
713 RUNNER_TEST(T1043_create_DSA_key)
716 auto manager = CKM::Manager::create();
719 size_t current_aliases_num = count_aliases(ALIAS_KEY);
721 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
722 "Error=" << CKM::APICodeToString(temp));
724 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
725 "Error=" << CKM::APICodeToString(temp));
727 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
728 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
731 RUNNER_TEST(T1044_create_AES_key)
734 auto manager = CKM::Manager::create();
737 int current_aliases_num = count_aliases(ALIAS_KEY);
739 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
740 "Error=" << CKM::APICodeToString(temp));
742 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
743 "Error=" << CKM::APICodeToString(temp));
745 (current_aliases_num+1) == (temp = av.size()),
746 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
749 RUNNER_TEST(T1049_deinit)
751 remove_user_data(USER_APP);
755 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
757 RUNNER_TEST(T1110_init)
759 unlock_user_data(USER_APP, "user-pass");
762 RUNNER_TEST(T1111_CreateKeyPairRSA)
765 auto manager = CKM::Manager::create();
766 CKM::Alias a1 = "rsa-test-1";
767 CKM::Alias a2 = "rsa-test-2";
771 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
772 "Error=" << CKM::APICodeToString(temp));
774 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
775 "Error=" << CKM::APICodeToString(temp));
778 RUNNER_TEST(T1112_CreateKeyPairDSA)
781 auto manager = CKM::Manager::create();
782 CKM::Alias a1 = "dsa-test-1";
783 CKM::Alias a2 = "dsa-test-2";
787 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
788 "Error=" << CKM::APICodeToString(temp));
790 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
791 "Error=" << CKM::APICodeToString(temp));
794 RUNNER_TEST(T1113_CreateKeyPairECDSA)
797 auto manager = CKM::Manager::create();
798 CKM::Alias a1 = "ecdsa-test-1";
799 CKM::Alias a2 = "ecdsa-test-2";
803 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
804 "Error=" << CKM::APICodeToString(temp));
807 RUNNER_TEST(T1114_deinit)
809 remove_user_data(USER_APP);
812 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
814 RUNNER_TEST(T12100_init)
816 reset_user_data(USER_APP, APP_PASS);
819 RUNNER_TEST(T12101_key_exist)
821 ScopedDBUnlock unlock(USER_APP, APP_PASS);
824 auto manager = CKM::Manager::create();
826 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
827 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
828 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
829 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
830 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
831 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
832 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
834 "-----END PUBLIC KEY-----";
836 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
837 auto key = CKM::Key::create(buffer);
838 CKM::Alias alias = "rsa-alias-duplication";
841 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
842 "Error=" << CKM::APICodeToString(ret));
844 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
845 "Error=" << CKM::APICodeToString(ret));
849 * These test cases tests API when empty parameters are passed to functions
852 RUNNER_TEST(T12102_saveKey_empty_alias)
854 ScopedDBUnlock unlock(USER_APP, APP_PASS);
856 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
857 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
858 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
859 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
860 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
861 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
862 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
863 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
865 "-----END PUBLIC KEY-----";
867 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
868 auto key = CKM::Key::create(buffer);
869 CKM::Alias alias; //alias is not initialized
872 auto manager = CKM::Manager::create();
874 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
875 "Error=" << CKM::APICodeToString(ret));
878 RUNNER_TEST(T12103_saveKey_foreign_label)
880 ScopedDBUnlock unlock(USER_APP, APP_PASS);
882 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
883 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
884 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
885 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
886 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
887 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
888 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
890 "-----END PUBLIC KEY-----";
892 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
893 auto key = CKM::Key::create(buffer);
894 CKM::Alias alias = "iamsomebodyelse alias";
897 auto manager = CKM::Manager::create();
899 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
900 "Error=" << CKM::APICodeToString(ret));
903 RUNNER_TEST(T12104_saveKey_empty_key)
905 ScopedDBUnlock unlock(USER_APP, APP_PASS);
907 CKM::KeyShPtr key; //key is not initialized
908 CKM::Alias alias = "empty-key";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::APICodeToString(ret));
917 RUNNER_TEST(T12105_saveCertificate_empty_alias)
919 ScopedDBUnlock unlock(USER_APP, APP_PASS);
921 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
922 CKM::Alias alias; //alias is not initialized
925 auto manager = CKM::Manager::create();
927 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
928 "Error=" << CKM::APICodeToString(temp));
931 RUNNER_TEST(T12106_saveCertificate_foreign_label)
933 ScopedDBUnlock unlock(USER_APP, APP_PASS);
935 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
936 CKM::Alias alias = "iamsomebodyelse alias";
939 auto manager = CKM::Manager::create();
941 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
942 "Error=" << CKM::APICodeToString(temp));
945 RUNNER_TEST(T12107_saveCertificate_empty_cert)
947 ScopedDBUnlock unlock(USER_APP, APP_PASS);
949 CKM::CertificateShPtr cert; //cert is not initialized
950 CKM::Alias alias = "empty-cert";
953 auto manager = CKM::Manager::create();
955 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
956 "Error=" << CKM::APICodeToString(temp));
959 RUNNER_TEST(T12108_saveData_empty_alias)
961 ScopedDBUnlock unlock(USER_APP, APP_PASS);
963 std::string testData = "test data test data test data";
964 CKM::RawBuffer buffer(testData.begin(), testData.end());
968 auto manager = CKM::Manager::create();
970 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
971 "Error=" << CKM::APICodeToString(temp));
974 RUNNER_TEST(T12109_saveData_foreign_label)
976 ScopedDBUnlock unlock(USER_APP, APP_PASS);
978 std::string testData = "test data test data test data";
979 CKM::RawBuffer buffer(testData.begin(), testData.end());
980 CKM::Alias alias = "iamsomebodyelse alias";
983 auto manager = CKM::Manager::create();
985 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
986 "Error=" << CKM::APICodeToString(temp));
989 RUNNER_TEST(T12110_saveData_empty_data)
991 ScopedDBUnlock unlock(USER_APP, APP_PASS);
993 CKM::RawBuffer buffer;
994 CKM::Alias alias = "empty-data";
997 auto manager = CKM::Manager::create();
999 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1000 "Error=" << CKM::APICodeToString(temp));
1004 * These test cases tests API when trying to get data from not existing alias
1007 RUNNER_TEST(T12111_getKey_alias_not_exist)
1009 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1012 CKM::Alias alias = "this-alias-not-exist";
1015 auto manager = CKM::Manager::create();
1017 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1018 "Error=" << CKM::APICodeToString(temp));
1021 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1023 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1025 CKM::CertificateShPtr certificate;
1026 CKM::Alias alias = "this-alias-not-exist";
1029 auto manager = CKM::Manager::create();
1031 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1032 "Error=" << CKM::APICodeToString(temp));
1035 RUNNER_TEST(T12113_getData_alias_not_exist)
1037 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1040 auto manager = CKM::Manager::create();
1041 CKM::RawBuffer buffer;
1042 CKM::Alias alias("some alias");
1044 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1045 "Error=" << CKM::APICodeToString(temp));
1049 * These test cases tests API when damaged keys are used
1051 RUNNER_TEST(T12114_RSA_key_damaged)
1053 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1056 auto manager = CKM::Manager::create();
1058 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1059 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1060 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1061 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1062 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1063 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1064 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1066 "-----END PUBLIC KEY-----";
1068 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1069 auto key = CKM::Key::create(buffer);
1070 CKM::Alias alias = "damaged-rsa";
1073 NULL == key.get(), "Key is broken. It should be empty");
1076 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1077 "Error=" << CKM::APICodeToString(ret));
1080 RUNNER_TEST(T12115_RSA_key_too_short)
1082 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1085 auto manager = CKM::Manager::create();
1087 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1088 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1089 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1090 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1091 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1092 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1093 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1095 "-----END PUBLIC KEY-----";
1097 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1098 auto key = CKM::Key::create(buffer);
1099 CKM::Alias alias = "short-rsa";
1102 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1103 "Error=" << CKM::APICodeToString(ret));
1106 RUNNER_TEST(T12116_DSA_key_too_short)
1108 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1111 auto manager = CKM::Manager::create();
1113 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1114 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1115 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1116 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1117 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1118 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1119 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1120 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1121 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1122 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1123 "YMYCBhubtrVaLmc=\n"
1124 "-----END PUBLIC KEY-----";
1126 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1127 auto key = CKM::Key::create(buffer);
1128 CKM::Alias alias = "short-dsa";
1131 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1132 "Error=" << CKM::APICodeToString(ret));
1135 RUNNER_TEST(T12117_AES_key_too_short)
1138 auto manager = CKM::Manager::create();
1140 size_t key_size = (128-1);
1141 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1143 auto key = CKM::Key::create(key_AES);
1144 CKM::Alias alias = "short-AES";
1147 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1148 "Error=" << CKM::APICodeToString(ret));
1152 * These test cases tests CKM service if malicious data is provided over the socket.
1155 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1157 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1160 auto manager = CKM::Manager::create();
1162 // fake the client - let the service detect the problem
1163 class WrongKeyImpl : public CKM::Key
1166 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1169 virtual bool empty() const {
1173 virtual CKM::KeyType getType() const {
1174 return CKM::KeyType::KEY_RSA_PUBLIC;
1176 virtual int getSize() const {
1179 virtual CKM::ElipticCurve getCurve() const {
1180 return CKM::ElipticCurve::prime192v1;
1182 virtual CKM::RawBuffer getDER() const {
1185 virtual ~WrongKeyImpl() {}
1187 CKM::RawBuffer & m_dummy;
1189 std::string dummyData = "my_cat_Berta\n";
1190 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1191 auto key = std::make_shared<WrongKeyImpl>(buffer);
1192 CKM::Alias alias = "damaged-rsa";
1195 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1196 "Error=" << CKM::APICodeToString(ret));
1199 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1201 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1203 // fake the client - let the service detect the problem
1204 class WrongCertImpl : public CKM::Certificate
1207 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1208 m_x509 = X509_new();
1211 bool empty() const {
1215 virtual X509 *getX509() const {
1219 virtual CKM::RawBuffer getDER() const {
1223 virtual ~WrongCertImpl() {
1228 CKM::RawBuffer & m_dummy;
1230 std::string dummyData = "my_cat_Stefan\n";
1231 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1232 auto cert = std::make_shared<WrongCertImpl>(buffer);
1233 CKM::Alias alias = "damaged-cert";
1236 auto manager = CKM::Manager::create();
1238 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1239 "Error=" << CKM::APICodeToString(temp));
1242 RUNNER_TEST(T12120_deinit)
1244 remove_user_data(USER_APP);
1247 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1249 RUNNER_TEST(T1311_init)
1251 remove_user_data(USER_APP);
1252 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1253 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1255 struct hostent* he = gethostbyname("google.com");
1257 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1258 "is not woking on the device. OCSP tests requires network access!");
1261 RUNNER_TEST(T13121_get_chain_no_cert)
1263 CKM::CertificateShPtrVector certChain;
1264 CKM::CertificateShPtr cert;
1266 auto manager = CKM::Manager::create();
1268 int ret = manager->getCertificateChain(cert,
1273 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1274 "Function should fail for empty certificate");
1277 RUNNER_TEST(T13122_get_chain_empty_cert)
1279 CKM::CertificateShPtrVector certChain;
1280 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1281 CKM::DataFormat::FORM_PEM);
1283 auto manager = CKM::Manager::create();
1285 int ret = manager->getCertificateChain(cert,
1290 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1291 "Function should fail for empty certificate");
1294 RUNNER_TEST(T13129_get_chain)
1296 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1297 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1299 CKM::CertificateShPtrVector certVector = {cert1};
1300 CKM::CertificateShPtrVector certChain;
1303 auto manager = CKM::Manager::create();
1305 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1306 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1308 tmp = manager->getCertificateChain(cert,
1313 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1314 "Error=" << CKM::APICodeToString(tmp));
1317 0 == certChain.size(),
1318 "Wrong size of certificate chain.");
1320 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1321 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1324 3 == certChain.size(),
1325 "Wrong size of certificate chain.");
1328 RUNNER_TEST(T1313_get_chain_with_alias)
1330 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1331 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1333 CKM::CertificateShPtrVector certChain;
1334 CKM::AliasVector aliasVector;
1335 CKM::Alias alias = "imcert";
1338 auto manager = CKM::Manager::create();
1340 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1341 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1343 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1344 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1345 "Error=" << CKM::APICodeToString(tmp));
1348 0 == certChain.size(),
1349 "Wrong size of certificate chain.");
1352 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1353 "Error=" << CKM::APICodeToString(tmp));
1355 aliasVector.push_back(alias);
1357 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1358 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1361 3 == certChain.size(),
1362 "Wrong size of certificate chain.");
1365 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1367 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1368 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1369 CKM::CertificateShPtrVector certVector = {cert1};
1370 CKM::CertificateShPtrVector certChain;
1373 auto manager = CKM::Manager::create();
1375 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1376 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1378 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1379 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1380 "Error=" << CKM::APICodeToString(tmp));
1383 0 == certChain.size(),
1384 "Wrong size of certificate chain.");
1386 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1387 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1390 3 == certChain.size(),
1391 "Wrong size of certificate chain.");
1395 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1396 "Error=" << CKM::APICodeToString(tmp));
1398 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1401 RUNNER_TEST(T13142_ocsp_check_empty)
1403 CKM::CertificateShPtrVector certVector;
1405 auto manager = CKM::Manager::create();
1410 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1411 "ocspCheck should fail for empty certificate vector");
1414 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1416 CKM::CertificateShPtrVector certVector = {
1417 CKM::CertificateShPtr(),
1418 CKM::CertificateShPtr(),
1419 CKM::CertificateShPtr()};
1421 auto manager = CKM::Manager::create();
1426 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1427 "ocspCheck should fail for empty certificate vector");
1430 RUNNER_TEST(T13144_ocsp_check_root)
1432 auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA);
1433 CKM::CertificateShPtrVector certVector = {root};
1435 auto manager = CKM::Manager::create();
1437 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1442 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1443 "Ocsp should fail for single certificate");
1446 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1448 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1449 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1451 CKM::CertificateShPtrVector certVector = {ca, root};
1453 auto manager = CKM::Manager::create();
1455 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1456 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1461 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1462 "Error=" << CKM::APICodeToString(tmp));
1464 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1467 RUNNER_TEST(T1315_deinit)
1469 remove_user_data(USER_APP);
1472 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1474 RUNNER_TEST(T1411_init)
1476 remove_user_data(USER_APP);
1479 RUNNER_TEST(T1412_RSA_key_create_verify)
1482 auto manager = CKM::Manager::create();
1484 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1485 "Proc-Type: 4,ENCRYPTED\n"
1486 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1488 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1489 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1490 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1491 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1492 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1493 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1494 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1495 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1496 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1497 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1498 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1499 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1500 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1501 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1502 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1503 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1504 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1505 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1506 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1507 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1508 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1509 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1510 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1511 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1512 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1513 "-----END RSA PRIVATE KEY-----\n";
1515 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1516 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1517 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1518 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1519 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1520 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1521 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1523 "-----END PUBLIC KEY-----\n";
1525 std::string message = "message test";
1527 CKM::Alias aliasPub = "pub1";
1528 CKM::Alias aliasPrv = "prv1";
1529 CKM::Password password = "1234";
1530 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1531 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1532 CKM::RawBuffer signature;
1534 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1535 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1537 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1538 "Key is empty. Failed to import public key.");
1539 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1540 "Key is empty. Failed to import private key.");
1543 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1544 "Error=" << CKM::APICodeToString(temp));
1546 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1547 "Error=" << CKM::APICodeToString(temp));
1550 CKM_API_SUCCESS == (temp = manager->createSignature(
1553 CKM::RawBuffer(message.begin(), message.end()),
1557 "Error=" << CKM::APICodeToString(temp));
1560 CKM_API_SUCCESS == (temp = manager->verifySignature(
1563 CKM::RawBuffer(message.begin(), message.end()),
1567 "Error=" << CKM::APICodeToString(temp));
1570 RUNNER_TEST(T1413_DSA_key_create_verify)
1573 auto manager = CKM::Manager::create();
1575 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1576 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1577 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1578 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1579 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1580 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1581 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1582 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1583 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1584 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1585 "u1roOuaPY+Hl19BlTE2qdw==\n"
1586 "-----END DSA PRIVATE KEY-----";
1588 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1589 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1590 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1591 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1592 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1593 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1594 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1595 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1596 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1597 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1598 "YMYCBhubtrVaLmc=\n"
1599 "-----END PUBLIC KEY-----";
1601 std::string message = "message test";
1603 CKM::Alias aliasPub = "pub2";
1604 CKM::Alias aliasPrv = "prv2";
1605 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1606 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1607 CKM::RawBuffer signature;
1609 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1610 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1612 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1613 "Key is empty. Failed to import public key.");
1614 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1615 "Key is empty. Failed to import private key.");
1618 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1619 "Error=" << CKM::APICodeToString(temp));
1621 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1622 "Error=" << CKM::APICodeToString(temp));
1625 CKM_API_SUCCESS == (temp = manager->createSignature(
1628 CKM::RawBuffer(message.begin(), message.end()),
1632 "Error=" << CKM::APICodeToString(temp));
1635 CKM_API_SUCCESS == (temp = manager->verifySignature(
1638 CKM::RawBuffer(message.begin(), message.end()),
1642 "Error=" << CKM::APICodeToString(temp));
1646 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1649 auto manager = CKM::Manager::create();
1651 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1652 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1653 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1654 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1655 "-----END EC PRIVATE KEY-----\n";
1657 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1658 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1659 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1660 "-----END PUBLIC KEY-----\n";
1662 std::string message = "message test";
1664 CKM::Alias aliasPub = "ecpub2";
1665 CKM::Alias aliasPrv = "ecprv2";
1666 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1667 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1668 CKM::RawBuffer signature;
1670 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1671 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1673 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1674 "Key is empty. Failed to import public key.");
1675 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1676 "Key is empty. Failed to import private key.");
1679 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1680 "Error=" << CKM::APICodeToString(temp));
1682 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1683 "Error=" << CKM::APICodeToString(temp));
1686 CKM_API_SUCCESS == (temp = manager->createSignature(
1689 CKM::RawBuffer(message.begin(), message.end()),
1693 "Error=" << CKM::APICodeToString(temp));
1696 CKM_API_SUCCESS == (temp = manager->verifySignature(
1699 CKM::RawBuffer(message.begin(), message.end()),
1703 "Error=" << CKM::APICodeToString(temp));
1705 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1707 memcpy((void*)signature.data(), "BROKEN", 6);
1710 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1713 CKM::RawBuffer(message.begin(), message.end()),
1717 "Error=" << CKM::APICodeToString(temp));
1720 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1723 auto manager = CKM::Manager::create();
1724 std::string message = "message asdfaslkdfjlksadjf test";
1726 CKM::Alias aliasPub = "pub1";
1727 CKM::Alias aliasPrv = "prv1";
1729 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1730 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1731 CKM::RawBuffer signature;
1734 CKM_API_SUCCESS == (temp = manager->createSignature(
1737 CKM::RawBuffer(message.begin(), message.end()),
1741 "Error=" << CKM::APICodeToString(temp));
1744 CKM_API_SUCCESS == (temp = manager->verifySignature(
1747 CKM::RawBuffer(message.begin(), message.end()),
1751 "Error=" << CKM::APICodeToString(temp));
1753 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1754 memcpy((void*)signature.data(), "BROKEN", 6);
1757 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1760 CKM::RawBuffer(message.begin(), message.end()),
1764 "Error=" << CKM::APICodeToString(temp));
1767 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1770 auto manager = CKM::Manager::create();
1771 std::string message = "message asdfaslkdfjlksadjf test";
1773 CKM::Alias aliasPub = "pub2";
1774 CKM::Alias aliasPrv = "prv2";
1776 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1777 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1778 CKM::RawBuffer signature;
1781 CKM_API_SUCCESS == (temp = manager->createSignature(
1784 CKM::RawBuffer(message.begin(), message.end()),
1788 "Error=" << CKM::APICodeToString(temp));
1791 CKM_API_SUCCESS == (temp = manager->verifySignature(
1794 CKM::RawBuffer(message.begin(), message.end()),
1798 "Error=" << CKM::APICodeToString(temp));
1800 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1801 memcpy((void*)signature.data(), "BROKEN", 6);
1804 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1807 CKM::RawBuffer(message.begin(), message.end()),
1811 "Error=" << CKM::APICodeToString(temp));
1814 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1817 auto manager = CKM::Manager::create();
1820 "-----BEGIN RSA PRIVATE KEY-----\n"
1821 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1822 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1823 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1824 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1825 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1826 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1827 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1828 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1829 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1830 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1831 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1832 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1833 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1834 "-----END RSA PRIVATE KEY-----\n";
1837 "-----BEGIN CERTIFICATE-----\n"
1838 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1839 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1840 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1841 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1842 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1843 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1844 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1845 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1846 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1847 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1848 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1849 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1850 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1851 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1852 "-----END CERTIFICATE-----\n";
1854 std::string message = "message test";
1856 CKM::Alias aliasPub = "pub1-cert";
1857 CKM::Alias aliasPrv = "prv1-cert";
1858 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1859 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1860 CKM::RawBuffer signature;
1862 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1863 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1865 RUNNER_ASSERT_MSG(NULL != cert.get(),
1866 "Key is empty. Failed to import public key.");
1867 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1868 "Key is empty. Failed to import private key.");
1871 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1872 "Error=" << CKM::APICodeToString(temp));
1874 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1875 "Error=" << CKM::APICodeToString(temp));
1878 CKM_API_SUCCESS == (temp = manager->createSignature(
1881 CKM::RawBuffer(message.begin(), message.end()),
1885 "Error=" << CKM::APICodeToString(temp));
1888 CKM_API_SUCCESS == (temp = manager->verifySignature(
1891 CKM::RawBuffer(message.begin(), message.end()),
1895 "Error=" << CKM::APICodeToString(temp));
1897 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1899 memcpy((void*)signature.data(), "BROKEN", 6);
1902 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1905 CKM::RawBuffer(message.begin(), message.end()),
1909 "Error=" << CKM::APICodeToString(temp));
1912 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1915 auto manager = CKM::Manager::create();
1917 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1918 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1919 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1920 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1921 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1922 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1923 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1924 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1925 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1926 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1927 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1928 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1929 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1930 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1931 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1932 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1933 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1934 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1935 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1936 "-----END CERTIFICATE-----\n";
1938 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1939 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1940 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1941 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1942 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1943 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1944 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1945 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1946 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1947 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1948 "vonbjii3BYe4AIdkzOvp\n"
1949 "-----END DSA PRIVATE KEY-----\n";
1951 std::string message = "message test";
1953 CKM::Alias aliasPub = "pub2-cert";
1954 CKM::Alias aliasPrv = "prv2-cert";
1955 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1956 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1957 CKM::RawBuffer signature;
1959 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1960 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1962 RUNNER_ASSERT_MSG(NULL != cert.get(),
1963 "Key is empty. Failed to import public key.");
1964 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1965 "Key is empty. Failed to import private key.");
1968 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1969 "Error=" << CKM::APICodeToString(temp));
1971 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1972 "Error=" << CKM::APICodeToString(temp));
1975 CKM_API_SUCCESS == (temp = manager->createSignature(
1978 CKM::RawBuffer(message.begin(), message.end()),
1982 "Error=" << CKM::APICodeToString(temp));
1985 CKM_API_SUCCESS == (temp = manager->verifySignature(
1988 CKM::RawBuffer(message.begin(), message.end()),
1992 "Error=" << CKM::APICodeToString(temp));
1994 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1996 memcpy((void*)signature.data(), "BROKEN", 6);
1999 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2002 CKM::RawBuffer(message.begin(), message.end()),
2006 "Error=" << CKM::APICodeToString(temp));
2009 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2012 auto manager = CKM::Manager::create();
2015 "-----BEGIN EC PRIVATE KEY-----\n"
2016 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2017 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2018 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2019 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2020 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2021 "ELyhe7yPCAuOoLZlTLgf\n"
2022 "-----END EC PRIVATE KEY-----\n";
2025 "-----BEGIN CERTIFICATE-----\n"
2026 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2027 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2028 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2029 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2030 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2031 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2032 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2033 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2034 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2035 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2036 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2037 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2038 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2039 "Q1oBry6NEc+lLFmWMDesAA==\n"
2040 "-----END CERTIFICATE-----\n";
2042 std::string message = "message test";
2044 CKM::Alias aliasPub = "pub3";
2045 CKM::Alias aliasPrv = "prv3";
2046 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2047 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2048 CKM::RawBuffer signature;
2050 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2051 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2053 RUNNER_ASSERT_MSG(NULL != cert.get(),
2054 "Key is empty. Failed to import public key.");
2055 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2056 "Key is empty. Failed to import private key.");
2059 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2060 "Error=" << CKM::APICodeToString(temp));
2062 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2063 "Error=" << CKM::APICodeToString(temp));
2066 CKM_API_SUCCESS == (temp = manager->createSignature(
2069 CKM::RawBuffer(message.begin(), message.end()),
2073 "Error=" << CKM::APICodeToString(temp));
2076 CKM_API_SUCCESS == (temp = manager->verifySignature(
2079 CKM::RawBuffer(message.begin(), message.end()),
2083 "Error=" << CKM::APICodeToString(temp));
2085 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2087 memcpy((void*)signature.data(), "BROKEN", 6);
2090 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2093 CKM::RawBuffer(message.begin(), message.end()),
2097 "Error=" << CKM::APICodeToString(temp));
2100 RUNNER_TEST(T1420_deinit)
2102 remove_user_data(USER_APP);
2105 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2107 RUNNER_TEST(T14180_init)
2110 remove_user_data(USER_APP);
2112 auto manager = CKM::Manager::create();
2114 // Prepare RSA Key Pair
2115 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2116 "Proc-Type: 4,ENCRYPTED\n"
2117 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2119 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2120 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2121 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2122 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2123 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2124 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2125 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2126 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2127 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2128 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2129 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2130 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2131 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2132 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2133 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2134 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2135 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2136 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2137 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2138 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2139 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2140 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2141 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2142 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2143 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2144 "-----END RSA PRIVATE KEY-----\n";
2146 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2147 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2148 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2149 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2150 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2151 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2152 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2154 "-----END PUBLIC KEY-----\n";
2156 CKM::Alias aliasPub = "pub_nohash1";
2157 CKM::Alias aliasPrv = "prv_nohash1";
2158 CKM::Password password = "1234";
2160 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2161 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2163 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2164 "Key is empty. Failed to import public key.");
2165 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2166 "Key is empty. Failed to import private key.");
2169 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2170 "Error=" << CKM::APICodeToString(temp));
2172 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2173 "Error=" << CKM::APICodeToString(temp));
2175 // Prepare ECDSA Key Pair
2176 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2177 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2178 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2179 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2180 "-----END EC PRIVATE KEY-----\n";
2182 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2183 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2184 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2185 "-----END PUBLIC KEY-----\n";
2187 CKM::Alias aliasEcPub = "ecpub_nohash1";
2188 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2190 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2191 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2193 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2194 "Key is empty. Failed to import public key.");
2195 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2196 "Key is empty. Failed to import private key.");
2199 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2200 "Error=" << CKM::APICodeToString(temp));
2202 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2203 "Error=" << CKM::APICodeToString(temp));
2207 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2210 auto manager = CKM::Manager::create();
2211 std::string message = "message asdfaslkdfjlksadjf test";
2213 CKM::Alias aliasPub = "pub_nohash1";
2214 CKM::Alias aliasPrv = "prv_nohash1";
2216 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2217 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2218 CKM::RawBuffer signature;
2221 CKM_API_SUCCESS == (temp = manager->createSignature(
2224 CKM::RawBuffer(message.begin(), message.end()),
2228 "Error=" << CKM::APICodeToString(temp));
2231 CKM_API_SUCCESS == (temp = manager->verifySignature(
2234 CKM::RawBuffer(message.begin(), message.end()),
2238 "Error=" << CKM::APICodeToString(temp));
2240 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2241 memcpy((void*)signature.data(), "BROKEN", 6);
2244 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2247 CKM::RawBuffer(message.begin(), message.end()),
2251 "Error=" << CKM::APICodeToString(temp));
2254 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2257 auto manager = CKM::Manager::create();
2258 std::string message = "message asdfaslkdfjlksadjf test";
2260 CKM::Alias aliasPub = "pub_nohash1";
2261 CKM::Alias aliasPrv = "prv_nohash1";
2263 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2264 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2265 CKM::RawBuffer signature;
2268 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2271 CKM::RawBuffer(message.begin(), message.end()),
2275 "Error=" << CKM::APICodeToString(temp));
2278 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2281 auto manager = CKM::Manager::create();
2282 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2283 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2284 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2285 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2286 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2287 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2288 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2289 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2290 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2291 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2292 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2293 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2294 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2295 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2296 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2297 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2298 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2299 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2300 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2301 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2303 CKM::Alias aliasPub = "pub_nohash1";
2304 CKM::Alias aliasPrv = "prv_nohash1";
2306 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2307 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2308 CKM::RawBuffer signature;
2311 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2314 CKM::RawBuffer(message.begin(), message.end()),
2318 "Error=" << CKM::APICodeToString(temp));
2322 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2325 auto manager = CKM::Manager::create();
2327 std::string message = "message test";
2329 CKM::Alias aliasPrv = "ecprv_nohash1";
2330 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2331 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2332 CKM::RawBuffer signature;
2335 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2338 CKM::RawBuffer(message.begin(), message.end()),
2342 "Error=" << CKM::APICodeToString(temp));
2345 RUNNER_TEST(T14189_deinit)
2347 remove_user_data(USER_APP);
2351 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2355 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2356 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2357 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2358 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2359 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2362 RUNNER_TEST(T1800_init)
2364 remove_user_data(USER_APP);
2367 RUNNER_TEST(T1801_parse_PKCS12) {
2368 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2369 std::istreambuf_iterator<char> begin(is), end;
2370 std::vector<char> buff(begin, end);
2372 CKM::RawBuffer buffer(buff.size());
2373 memcpy(buffer.data(), buff.data(), buff.size());
2375 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2378 "Error in PKCS12::create()");
2380 auto cert = pkcs->getCertificate();
2383 "Error in PKCS12::getCertificate()");
2385 auto key = pkcs->getKey();
2388 "Error in PKCS12::getKey()");
2390 auto caVector = pkcs->getCaCertificateShPtrVector();
2392 0 == caVector.size(),
2393 "Wrong size of vector");
2396 RUNNER_TEST(T1802_negative_wrong_password) {
2397 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2398 std::istreambuf_iterator<char> begin(is), end;
2399 std::vector<char> buff(begin, end);
2401 CKM::RawBuffer buffer(buff.size());
2402 memcpy(buffer.data(), buff.data(), buff.size());
2404 auto pkcs = CKM::PKCS12::create(buffer, "error");
2407 "Expected error in PKCS12::create()");
2410 RUNNER_TEST(T1803_negative_broken_buffer) {
2411 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2412 std::istreambuf_iterator<char> begin(is), end;
2413 std::vector<char> buff(begin, end);
2415 CKM::RawBuffer buffer(buff.size());
2416 memcpy(buffer.data(), buff.data(), buff.size());
2418 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2421 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2424 "Expected error in PKCS12::create()");
2427 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2429 auto manager = CKM::Manager::create();
2430 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2431 std::istreambuf_iterator<char> begin(is), end;
2432 std::vector<char> buff(begin, end);
2434 CKM::RawBuffer buffer(buff.size());
2435 memcpy(buffer.data(), buff.data(), buff.size());
2437 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2440 "Error in PKCS12::create()");
2443 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2444 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2445 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2446 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2447 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2448 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2449 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2450 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2451 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2452 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2453 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2454 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2455 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2456 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2457 "-----END RSA PRIVATE KEY-----\n";
2459 std::string message = "message test";
2461 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2462 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2463 "Key is empty. Failed to import private key.");
2467 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2468 "Error=" << CKM::APICodeToString(temp));
2471 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2472 "Error=" << CKM::APICodeToString(temp));
2475 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2477 auto manager = CKM::Manager::create();
2478 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2479 std::istreambuf_iterator<char> begin(is), end;
2480 std::vector<char> buff(begin, end);
2482 CKM::RawBuffer buffer(buff.size());
2483 memcpy(buffer.data(), buff.data(), buff.size());
2485 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2488 "Error in PKCS12::create()");
2490 auto cert = pkcs->getCertificate();
2493 "Error in PKCS12::getCertificate()");
2495 auto key = pkcs->getKey();
2498 "Error in PKCS12::getKey()");
2500 auto caVector = pkcs->getCaCertificateShPtrVector();
2502 2 == caVector.size(),
2503 "Wrong size of vector");
2507 CKM::Policy exportable;
2508 CKM::Policy notExportable(CKM::Password(), false);
2511 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2512 "Error=" << CKM::APICodeToString(tmp));
2514 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2515 "Error=" << CKM::APICodeToString(tmp));
2517 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2518 "Error=" << CKM::APICodeToString(tmp));
2520 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2521 "Error=" << CKM::APICodeToString(tmp));
2523 // try to lookup key
2524 CKM::KeyShPtr key_lookup;
2526 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2527 "Error=" << CKM::APICodeToString(tmp));
2529 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2530 "Error=" << CKM::APICodeToString(tmp));
2532 // try to lookup certificate
2533 CKM::CertificateShPtr cert_lookup;
2535 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2536 "Error=" << CKM::APICodeToString(tmp));
2538 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2539 "Error=" << CKM::APICodeToString(tmp));
2542 RUNNER_TEST(T1806_get_PKCS)
2545 auto manager = CKM::Manager::create();
2547 CKM::PKCS12ShPtr pkcs;
2551 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2552 "Error=" << CKM::APICodeToString(temp));
2554 // fail - not exportable
2556 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2557 "Error=" << CKM::APICodeToString(temp));
2559 // success - exportable
2561 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2562 "Error=" << CKM::APICodeToString(temp));
2564 auto cert = pkcs->getCertificate();
2567 "Error in PKCS12::getCertificate()");
2569 auto key = pkcs->getKey();
2572 "Error in PKCS12::getKey()");
2574 auto caVector = pkcs->getCaCertificateShPtrVector();
2576 2 == caVector.size(),
2577 "Wrong size of vector");
2580 RUNNER_TEST(T1807_create_and_verify_signature)
2583 auto manager = CKM::Manager::create();
2585 std::string message = "message test";
2587 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2588 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2589 CKM::RawBuffer signature;
2592 CKM_API_SUCCESS == (temp = manager->createSignature(
2593 alias_PKCS_exportable,
2595 CKM::RawBuffer(message.begin(), message.end()),
2599 "Error=" << CKM::APICodeToString(temp));
2602 CKM_API_SUCCESS == (temp = manager->verifySignature(
2603 alias_PKCS_exportable,
2605 CKM::RawBuffer(message.begin(), message.end()),
2609 "Error=" << CKM::APICodeToString(temp));
2612 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2615 auto manager = CKM::Manager::create();
2617 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2618 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2619 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2620 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2621 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2622 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2623 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2624 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2625 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2626 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2627 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2628 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2629 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2630 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2631 "-----END RSA PRIVATE KEY-----";
2632 std::string message = "message test";
2634 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2635 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2636 "Key is empty. Failed to import private key.");
2639 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2640 "Error=" << CKM::APICodeToString(temp));
2642 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2643 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2644 CKM::RawBuffer signature;
2647 CKM_API_SUCCESS == (temp = manager->createSignature(
2648 alias_PKCS_priv_key_copy,
2650 CKM::RawBuffer(message.begin(), message.end()),
2654 "Error=" << CKM::APICodeToString(temp));
2657 CKM_API_SUCCESS == (temp = manager->verifySignature(
2658 alias_PKCS_exportable,
2660 CKM::RawBuffer(message.begin(), message.end()),
2664 "Error=" << CKM::APICodeToString(temp));
2667 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2670 auto manager = CKM::Manager::create();
2672 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2673 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2674 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2675 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2676 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2677 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2678 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2679 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2680 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2681 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2682 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2683 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2684 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2685 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2686 "-----END RSA PRIVATE KEY-----\n";
2688 std::string message = "message test";
2690 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2691 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2692 "Key is empty. Failed to import private key.");
2695 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2696 "Error=" << CKM::APICodeToString(temp));
2698 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2699 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2700 CKM::RawBuffer signature;
2703 CKM_API_SUCCESS == (temp = manager->createSignature(
2704 alias_PKCS_priv_key_wrong,
2706 CKM::RawBuffer(message.begin(), message.end()),
2710 "Error=" << CKM::APICodeToString(temp));
2713 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2714 alias_PKCS_exportable,
2716 CKM::RawBuffer(message.begin(), message.end()),
2720 "Error=" << CKM::APICodeToString(temp));
2723 RUNNER_TEST(T1810_verify_get_certificate_chain)
2725 // this certificate has been signed using PKCS chain
2727 "-----BEGIN CERTIFICATE-----\n"
2728 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
2729 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
2730 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
2731 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
2732 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
2733 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
2734 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
2735 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
2736 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
2737 "-----END CERTIFICATE-----\n";
2739 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2740 CKM::CertificateShPtrVector certChain;
2741 CKM::AliasVector aliasVector;
2744 auto manager = CKM::Manager::create();
2746 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2748 tmp = manager->getCertificateChain(cert,
2753 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2754 "Error=" << CKM::APICodeToString(tmp));
2757 0 == certChain.size(),
2758 "Wrong size of certificate chain.");
2760 aliasVector.push_back(alias_PKCS_exportable);
2762 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2763 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2765 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2767 4 == certChain.size(),
2768 "Wrong size of certificate chain: " << certChain.size());
2771 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2773 auto manager = CKM::Manager::create();
2777 // remove the whole PKCS12 bundles
2779 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2780 "Error=" << CKM::APICodeToString(tmp));
2782 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2783 "Error=" << CKM::APICodeToString(tmp));
2785 // expect lookup fails due to unknown alias
2786 // try to lookup key
2787 CKM::KeyShPtr key_lookup;
2789 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2790 "Error=" << CKM::APICodeToString(tmp));
2792 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2793 "Error=" << CKM::APICodeToString(tmp));
2795 // try to lookup certificate
2796 CKM::CertificateShPtr cert_lookup;
2798 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2799 "Error=" << CKM::APICodeToString(tmp));
2801 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2802 "Error=" << CKM::APICodeToString(tmp));
2805 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2807 CKM::Alias alias = "t1812alias1";
2809 auto manager = CKM::Manager::create();
2810 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2811 std::istreambuf_iterator<char> begin(is), end;
2812 std::vector<char> buff(begin, end);
2814 CKM::PKCS12ShPtr pkcs12;
2815 CKM::Password pass1 = "easypass1";
2816 CKM::Password pass2 = "easypass2";
2818 CKM::RawBuffer buffer(buff.size());
2819 memcpy(buffer.data(), buff.data(), buff.size());
2821 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2824 "Error in PKCS12::create()");
2828 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2829 "Error=" << CKM::APICodeToString(temp));
2832 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2833 "Error=" << CKM::APICodeToString(temp));
2836 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2837 "Error=" << CKM::APICodeToString(temp));
2840 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2841 "Error=" << CKM::APICodeToString(temp));
2844 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2845 "Error=" << CKM::APICodeToString(temp));
2848 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2849 "Error=" << CKM::APICodeToString(temp));
2851 CKM::CertificateShPtr cert;
2853 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2854 "Error=" << CKM::APICodeToString(temp));
2856 CKM::CertificateShPtrVector certChain;
2857 CKM::AliasVector certVect;
2858 certVect.push_back(alias);
2861 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2862 "Error=" << CKM::APICodeToString(temp));
2865 RUNNER_TEST(T1813_deinit)
2868 auto control = CKM::Control::create();
2871 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2872 "Error=" << CKM::APICodeToString(temp));
2875 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2877 const char * const T190_PASSWD = "t190-special-password";
2879 RUNNER_TEST(T1901_init_unlock_key)
2881 reset_user_data(USER_APP, T190_PASSWD);
2884 RUNNER_TEST(T1902_get_data)
2886 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2888 auto manager = CKM::Manager::create();
2891 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2894 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2895 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2898 RUNNER_TEST(T1903_lock_database)
2901 auto control = CKM::Control::create();
2903 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2904 "Error=" << CKM::APICodeToString(tmp));
2907 RUNNER_TEST(T1904_get_data_from_locked_database)
2909 auto manager = CKM::Manager::create();
2912 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2915 CKM_API_ERROR_DB_LOCKED == status1,
2916 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2919 RUNNER_TEST(T1905_deinit)
2921 remove_user_data(USER_APP);
2924 int main(int argc, char *argv[])
2926 uid_t expected_uid = tzplatform_getuid(TZ_SYS_DEFAULT_USER);
2927 if (expected_uid != geteuid()) {
2928 std::string userStr("owner");
2929 const char* user = tzplatform_getenv(TZ_SYS_DEFAULT_USER);
2933 std::cerr << argv[0] << " should be executed as " << userStr << ". Aborting" << std::endl;
2937 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);