2 * Copyright (c) 2016 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
25 #include <dpl/test/test_runner.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
30 #include <ckm-common.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-password.h>
34 #include <ckm/ckm-type.h>
35 #include <ckm/ckm-pkcs12.h>
37 #include <openssl/x509.h>
38 #include <openssl/x509v3.h>
40 #include <tzplatform_config.h>
43 const int USER_APP = 5001;
45 const int USER_APP_2 = 5020;
46 const int USER_APP_3 = 5030;
48 const char * const APP_PASS = "user-pass";
49 const int USER_TEST = 5001;
51 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
52 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
53 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
54 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
55 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
56 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
57 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
58 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
59 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
61 "-----END PUBLIC KEY-----";
63 } // namespace anonymous
66 * How to numerate tests:
68 * T - test case (always T)
69 * AB - number of test group (always two digits)
70 * C - test number in group (all tests with same TABC must be run in the same time).
73 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
75 RUNNER_TEST(T0011_Control)
78 auto control = CKM::Control::create();
80 control->removeUserData(0);
81 control->removeUserData(USER_APP_2);
82 control->removeUserData(USER_APP);
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
86 "Error=" << CKM::APICodeToString(temp));
89 RUNNER_TEST(T0012_Control)
92 auto control = CKM::Control::create();
94 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
95 "Error=" << CKM::APICodeToString(temp));
97 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
98 "Error=" << CKM::APICodeToString(temp));
101 RUNNER_TEST(T0013_Control)
104 auto control = CKM::Control::create();
106 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
107 "Error=" << CKM::APICodeToString(temp));
110 RUNNER_TEST(T0014_Control)
113 auto control = CKM::Control::create();
115 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
116 "Error=" << CKM::APICodeToString(temp));
119 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
120 "Error=" << CKM::APICodeToString(temp));
123 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
124 "Error=" << CKM::APICodeToString(temp));
127 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
128 "Error=" << CKM::APICodeToString(temp));
131 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
132 "Error=" << CKM::APICodeToString(temp));
135 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
136 "Error=" << CKM::APICodeToString(temp));
139 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
140 "Error=" << CKM::APICodeToString(temp));
143 RUNNER_TEST(T0015_Control)
146 auto control = CKM::Control::create();
148 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
149 "Error=" << CKM::APICodeToString(temp));
151 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
152 "Error=" << CKM::APICodeToString(temp));
154 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
155 "Error=" << CKM::APICodeToString(temp));
157 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
158 "Error=" << CKM::APICodeToString(temp));
161 RUNNER_TEST(T0016_Control_negative_wrong_password)
164 auto control = CKM::Control::create();
166 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
167 "Error=" << CKM::APICodeToString(temp));
169 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
170 "Error=" << CKM::APICodeToString(temp));
172 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
173 "Error=" << CKM::APICodeToString(temp));
175 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
176 "Error=" << CKM::APICodeToString(temp));
178 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
179 "Error=" << CKM::APICodeToString(temp));
182 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
184 RUNNER_TEST(T1010_init)
186 unlock_user_data(USER_APP, "user-pass");
189 RUNNER_TEST(T1011_key)
192 auto manager = CKM::Manager::create();
194 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
195 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
196 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
197 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
198 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
199 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
200 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
202 "-----END PUBLIC KEY-----";
204 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
205 auto key = CKM::Key::create(buffer, CKM::Password());
207 CKM::Alias alias = "mykey";
210 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
211 "Error=" << CKM::APICodeToString(temp));
213 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
214 "Error=" << CKM::APICodeToString(temp));
216 key->getDER() == key2->getDER(),
217 "Key value has been changed by service");
220 RUNNER_TEST(T1012_certificate)
223 auto manager = CKM::Manager::create();
225 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
226 CKM::CertificateShPtr cert2;
227 CKM::Alias alias = "myCert";
230 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
231 "Error=" << CKM::APICodeToString(temp));
233 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
234 "Error=" << CKM::APICodeToString(temp));
236 cert->getDER() == cert2->getDER(),
237 "Data has been modified in key manager");
240 RUNNER_TEST(T1014_save_with_label)
243 auto manager = CKM::Manager::create();
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
255 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
256 auto key = CKM::Key::create(buffer, CKM::Password());
257 CKM::KeyShPtr key_name, key_full_addr;
258 CKM::Alias alias = "mykey-2";
259 std::string top_label = getOwnerIdFromSelf();
260 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
263 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
264 "Error=" << CKM::APICodeToString(temp));
268 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
269 "Error=" << CKM::APICodeToString(temp));
271 key->getDER() == key_name->getDER(),
272 "Key value has been changed by service");
274 // lookup by full address
276 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
277 "Error=" << CKM::APICodeToString(temp));
279 key->getDER() == key_full_addr->getDER(),
280 "Key value has been changed by service");
283 RUNNER_TEST(T1020_save_big_data)
286 const size_t BIG_SIZE = 100000;
287 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
289 const size_t BIG_SIZE = 5000000;
290 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
294 std::vector<char> big_data(BIG_SIZE);
295 std::ifstream is("/dev/urandom", std::ifstream::binary);
297 is.read(big_data.data(), BIG_SIZE);
299 RUNNER_ASSERT_MSG(is,
300 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
302 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
303 CKM::Policy policy(CKM::Password(), true, backend);
304 CKM::RawBuffer returned;
306 auto manager = CKM::Manager::create();
309 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
310 "Error=" << CKM::APICodeToString(temp));
313 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
314 "Error=" << CKM::APICodeToString(temp));
316 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
319 RUNNER_TEST(T1015_deinit)
321 remove_user_data(USER_APP);
324 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
326 RUNNER_TEST(T1020_init)
329 auto control = CKM::Control::create();
331 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
332 "Error=" << CKM::APICodeToString(temp));
335 RUNNER_TEST(T1021_save_keys_get_alias)
338 auto manager = CKM::Manager::create();
340 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
341 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
342 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
343 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
344 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
345 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
346 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
348 "-----END PUBLIC KEY-----";
350 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
351 auto key = CKM::Key::create(buffer, CKM::Password());
352 CKM::AliasVector labelAliasVector;
354 size_t current_aliases_num = count_aliases(ALIAS_KEY);
356 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
357 "Error=" << CKM::APICodeToString(temp));
359 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
360 "Error=" << CKM::APICodeToString(temp));
362 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
363 "Error=" << CKM::APICodeToString(temp));
365 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
366 "Error=" << CKM::APICodeToString(temp));
368 labelAliasVector.size() == (current_aliases_num+3),
369 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
372 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
375 auto manager = CKM::Manager::create();
377 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
378 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
379 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
380 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
381 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
382 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
383 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
385 "-----END PUBLIC KEY-----";
387 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
388 auto key = CKM::Key::create(buffer, CKM::Password());
389 CKM::AliasVector labelAliasVector;
391 size_t current_aliases_num = count_aliases(ALIAS_KEY);
393 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
394 "Error=" << CKM::APICodeToString(temp));
396 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
397 "Error=" << CKM::APICodeToString(temp));
399 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
400 "Error=" << CKM::APICodeToString(temp));
402 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
403 "Error=" << CKM::APICodeToString(temp));
405 labelAliasVector.size() == (current_aliases_num+3),
406 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
409 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
412 auto manager = CKM::Manager::create();
414 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
415 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
416 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
417 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
418 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
419 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
420 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
422 "-----END PUBLIC KEY-----";
424 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
425 auto key = CKM::Key::create(buffer, CKM::Password());
426 CKM::AliasVector aliasVector;
427 CKM::Policy notExportable(CKM::Password(), false);
430 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
431 "Error=" << CKM::APICodeToString(temp));
433 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
434 "Error=" << CKM::APICodeToString(temp));
436 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
437 "Error=" << CKM::APICodeToString(temp));
440 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
442 remove_user_data(USER_APP);
445 const int aliasNameCount = 10;
446 auto manager = CKM::Manager::create();
448 CKM::AliasPwdVector expected;
449 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
450 auto key = CKM::Key::create(buffer, CKM::Password());
451 std::string currentAlias;
453 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
454 // make aliases with & without: password protection, exportable flag
455 for (int it = 0; it < aliasNameCount; ++it)
457 CKM::Policy policy = generate_ckm_policy(it);
458 currentAlias = "T1024_appkey" + std::to_string(it);
459 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
461 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
462 "Error=" << CKM::APICodeToString(exitCode));
465 CKM::AliasPwdVector actual;
468 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasPwdVector(actual)),
469 "Error=" << CKM::APICodeToString(exitCode));
471 actual.size() == (beforeSaveAliasCount + aliasNameCount),
472 "Wrong aliases count: " << actual.size() << " Expected: "
473 << (beforeSaveAliasCount + aliasNameCount));
474 check_alias_info_list_helper(expected, actual, "/User ");
476 remove_user_data(USER_APP);
479 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
481 remove_user_data(USER_APP);
484 const int aliasNameCount = 10;
485 auto manager = CKM::Manager::create();
487 CKM::AliasPwdVector expected;
488 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
489 std::string currentAlias;
491 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
492 for (int it = 0; it < aliasNameCount; ++it)
494 CKM::Policy policy = generate_ckm_policy(it);
495 currentAlias = "T1025_appcert" + std::to_string(it);
496 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
498 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
499 "Error=" << CKM::APICodeToString(exitCode));
502 CKM::AliasPwdVector actual;
504 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasPwdVector(actual)),
505 "Error=" << CKM::APICodeToString(exitCode));
507 actual.size() == (beforeSaveAliasCount + aliasNameCount),
508 "Wrong aliases count: " << actual.size() << " Expected: "
509 << (beforeSaveAliasCount + aliasNameCount));
510 check_alias_info_list_helper(expected, actual, "/User ");
512 remove_user_data(USER_APP);
515 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
517 remove_user_data(USER_APP);
520 const int aliasNameCount = 10;
521 auto manager = CKM::Manager::create();
523 CKM::AliasPwdVector expected;
524 std::string binData = "My bin data";
525 CKM::RawBuffer buffer(binData.begin(), binData.end());
526 std::string currentAlias;
528 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
529 for (int it = 0; it < aliasNameCount; ++it)
531 CKM::Policy policy = generate_ckm_policy(it);
532 currentAlias = "T1026_appdata" + std::to_string(it);
533 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
535 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
536 "Error=" << CKM::APICodeToString(exitCode));
539 CKM::AliasPwdVector actual;
541 CKM_API_SUCCESS == (exitCode = manager->getDataAliasPwdVector(actual)),
542 "Error=" << CKM::APICodeToString(exitCode));
544 actual.size() == (beforeSaveAliasCount + aliasNameCount),
545 "Wrong aliases count: " << actual.size() << " Expected: "
546 << (beforeSaveAliasCount + aliasNameCount));
547 check_alias_info_list_helper(expected, actual, "/User ");
549 remove_user_data(USER_APP);
552 RUNNER_TEST(T1029_deinit)
554 remove_user_data(USER_APP);
557 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
558 RUNNER_TEST(T1030_init)
560 reset_user_data(USER_APP, APP_PASS);
563 RUNNER_TEST(T1032_app_user_save_bin_data)
565 ScopedDBUnlock unlock(USER_APP, APP_PASS);
568 auto manager = CKM::Manager::create();
570 std::string binData = "My bin data";
572 CKM::RawBuffer buffer(binData.begin(), binData.end());
574 CKM::AliasVector labelAliasVector;
576 size_t current_aliases_num = count_aliases(ALIAS_DATA);
578 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
579 "Error=" << CKM::APICodeToString(temp));
581 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
582 "Error=" << CKM::APICodeToString(temp));
584 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
585 "Error=" << CKM::APICodeToString(temp));
587 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
588 "Error=" << CKM::APICodeToString(temp));
590 labelAliasVector.size() == (current_aliases_num+3),
591 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
594 RUNNER_TEST(T1034_app_remove_bin_data)
596 ScopedDBUnlock unlock(USER_APP, APP_PASS);
599 auto manager = CKM::Manager::create();
601 std::string binData2 = "My bin data";
602 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
604 CKM::AliasVector labelAliasVector;
606 size_t current_aliases_num = count_aliases(ALIAS_DATA);
607 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
609 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
610 "Error=" << CKM::APICodeToString(temp));
612 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
613 "Error=" << CKM::APICodeToString(temp));
615 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
616 "Error=" << CKM::APICodeToString(temp));
618 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
619 "Error=" << CKM::APICodeToString(temp));
621 labelAliasVector.size() == (current_aliases_num-2),
622 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
624 CKM::RawBuffer buffer;
626 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
627 "Error=" << CKM::APICodeToString(temp));
632 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
633 "Error=" << CKM::APICodeToString(temp));
636 RUNNER_TEST(T1035_getData_wrong_password)
638 ScopedDBUnlock unlock(USER_APP, APP_PASS);
641 auto manager = CKM::Manager::create();
643 std::string binData1 = "My bin data4";
645 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
648 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
649 "Error=" << CKM::APICodeToString(temp));
651 CKM::RawBuffer buffer;
653 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
654 "Error=" << CKM::APICodeToString(temp));
660 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
661 "Error=" << CKM::APICodeToString(temp));
664 RUNNER_TEST(T1036_deinit)
666 remove_user_data(USER_APP);
669 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
671 RUNNER_TEST(T1040_init)
674 auto control = CKM::Control::create();
677 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
678 "Error=" << CKM::APICodeToString(temp));
681 RUNNER_TEST(T1041_create_RSA_key)
684 auto manager = CKM::Manager::create();
687 size_t current_aliases_num = count_aliases(ALIAS_KEY);
689 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
690 "Error=" << CKM::APICodeToString(temp));
692 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
693 "Error=" << CKM::APICodeToString(temp));
695 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
696 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
699 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
702 auto manager = CKM::Manager::create();
706 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
707 "Error=" << CKM::APICodeToString(temp));
709 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
710 "Error=" << CKM::APICodeToString(temp));
713 RUNNER_TEST(T1043_create_DSA_key)
716 auto manager = CKM::Manager::create();
719 size_t current_aliases_num = count_aliases(ALIAS_KEY);
721 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
722 "Error=" << CKM::APICodeToString(temp));
724 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
725 "Error=" << CKM::APICodeToString(temp));
727 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
728 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
731 RUNNER_TEST(T1044_create_AES_key)
734 auto manager = CKM::Manager::create();
737 int current_aliases_num = count_aliases(ALIAS_KEY);
739 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
740 "Error=" << CKM::APICodeToString(temp));
742 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
743 "Error=" << CKM::APICodeToString(temp));
745 (current_aliases_num+1) == (temp = av.size()),
746 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
749 RUNNER_TEST(T1049_deinit)
751 remove_user_data(USER_APP);
755 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
757 RUNNER_TEST(T1110_init)
759 unlock_user_data(USER_APP, "user-pass");
762 RUNNER_TEST(T1111_CreateKeyPairRSA)
765 auto manager = CKM::Manager::create();
766 CKM::Alias a1 = "rsa-test-1";
767 CKM::Alias a2 = "rsa-test-2";
771 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
772 "Error=" << CKM::APICodeToString(temp));
774 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
775 "Error=" << CKM::APICodeToString(temp));
778 RUNNER_TEST(T1112_CreateKeyPairDSA)
781 auto manager = CKM::Manager::create();
782 CKM::Alias a1 = "dsa-test-1";
783 CKM::Alias a2 = "dsa-test-2";
787 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
788 "Error=" << CKM::APICodeToString(temp));
790 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
791 "Error=" << CKM::APICodeToString(temp));
794 RUNNER_TEST(T1113_CreateKeyPairECDSA)
797 auto manager = CKM::Manager::create();
798 CKM::Alias a1 = "ecdsa-test-1";
799 CKM::Alias a2 = "ecdsa-test-2";
803 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
804 "Error=" << CKM::APICodeToString(temp));
807 RUNNER_TEST(T1114_deinit)
809 remove_user_data(USER_APP);
812 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
814 RUNNER_TEST(T12100_init)
816 reset_user_data(USER_APP, APP_PASS);
819 RUNNER_TEST(T12101_key_exist)
821 ScopedDBUnlock unlock(USER_APP, APP_PASS);
824 auto manager = CKM::Manager::create();
826 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
827 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
828 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
829 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
830 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
831 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
832 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
834 "-----END PUBLIC KEY-----";
836 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
837 auto key = CKM::Key::create(buffer);
838 CKM::Alias alias = "rsa-alias-duplication";
841 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
842 "Error=" << CKM::APICodeToString(ret));
844 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
845 "Error=" << CKM::APICodeToString(ret));
849 * These test cases tests API when empty parameters are passed to functions
852 RUNNER_TEST(T12102_saveKey_empty_alias)
854 ScopedDBUnlock unlock(USER_APP, APP_PASS);
856 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
857 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
858 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
859 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
860 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
861 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
862 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
863 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
865 "-----END PUBLIC KEY-----";
867 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
868 auto key = CKM::Key::create(buffer);
869 CKM::Alias alias; //alias is not initialized
872 auto manager = CKM::Manager::create();
874 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
875 "Error=" << CKM::APICodeToString(ret));
878 RUNNER_TEST(T12103_saveKey_foreign_label)
880 ScopedDBUnlock unlock(USER_APP, APP_PASS);
882 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
883 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
884 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
885 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
886 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
887 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
888 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
890 "-----END PUBLIC KEY-----";
892 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
893 auto key = CKM::Key::create(buffer);
894 CKM::Alias alias = "iamsomebodyelse alias";
897 auto manager = CKM::Manager::create();
899 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
900 "Error=" << CKM::APICodeToString(ret));
903 RUNNER_TEST(T12104_saveKey_empty_key)
905 ScopedDBUnlock unlock(USER_APP, APP_PASS);
907 CKM::KeyShPtr key; //key is not initialized
908 CKM::Alias alias = "empty-key";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::APICodeToString(ret));
917 RUNNER_TEST(T12105_saveCertificate_empty_alias)
919 ScopedDBUnlock unlock(USER_APP, APP_PASS);
921 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
922 CKM::Alias alias; //alias is not initialized
925 auto manager = CKM::Manager::create();
927 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
928 "Error=" << CKM::APICodeToString(temp));
931 RUNNER_TEST(T12106_saveCertificate_foreign_label)
933 ScopedDBUnlock unlock(USER_APP, APP_PASS);
935 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
936 CKM::Alias alias = "iamsomebodyelse alias";
939 auto manager = CKM::Manager::create();
941 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
942 "Error=" << CKM::APICodeToString(temp));
945 RUNNER_TEST(T12107_saveCertificate_empty_cert)
947 ScopedDBUnlock unlock(USER_APP, APP_PASS);
949 CKM::CertificateShPtr cert; //cert is not initialized
950 CKM::Alias alias = "empty-cert";
953 auto manager = CKM::Manager::create();
955 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
956 "Error=" << CKM::APICodeToString(temp));
959 RUNNER_TEST(T12108_saveData_empty_alias)
961 ScopedDBUnlock unlock(USER_APP, APP_PASS);
963 std::string testData = "test data test data test data";
964 CKM::RawBuffer buffer(testData.begin(), testData.end());
968 auto manager = CKM::Manager::create();
970 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
971 "Error=" << CKM::APICodeToString(temp));
974 RUNNER_TEST(T12109_saveData_foreign_label)
976 ScopedDBUnlock unlock(USER_APP, APP_PASS);
978 std::string testData = "test data test data test data";
979 CKM::RawBuffer buffer(testData.begin(), testData.end());
980 CKM::Alias alias = "iamsomebodyelse alias";
983 auto manager = CKM::Manager::create();
985 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
986 "Error=" << CKM::APICodeToString(temp));
989 RUNNER_TEST(T12110_saveData_empty_data)
991 ScopedDBUnlock unlock(USER_APP, APP_PASS);
993 CKM::RawBuffer buffer;
994 CKM::Alias alias = "empty-data";
997 auto manager = CKM::Manager::create();
999 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1000 "Error=" << CKM::APICodeToString(temp));
1004 * These test cases tests API when trying to get data from not existing alias
1007 RUNNER_TEST(T12111_getKey_alias_not_exist)
1009 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1012 CKM::Alias alias = "this-alias-not-exist";
1015 auto manager = CKM::Manager::create();
1017 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1018 "Error=" << CKM::APICodeToString(temp));
1021 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1023 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1025 CKM::CertificateShPtr certificate;
1026 CKM::Alias alias = "this-alias-not-exist";
1029 auto manager = CKM::Manager::create();
1031 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1032 "Error=" << CKM::APICodeToString(temp));
1035 RUNNER_TEST(T12113_getData_alias_not_exist)
1037 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1040 auto manager = CKM::Manager::create();
1041 CKM::RawBuffer buffer;
1042 CKM::Alias alias("some alias");
1044 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1045 "Error=" << CKM::APICodeToString(temp));
1049 * These test cases tests API when damaged keys are used
1051 RUNNER_TEST(T12114_RSA_key_damaged)
1053 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1056 auto manager = CKM::Manager::create();
1058 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1059 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1060 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1061 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1062 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1063 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1064 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1066 "-----END PUBLIC KEY-----";
1068 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1069 auto key = CKM::Key::create(buffer);
1070 CKM::Alias alias = "damaged-rsa";
1073 NULL == key.get(), "Key is broken. It should be empty");
1076 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1077 "Error=" << CKM::APICodeToString(ret));
1080 RUNNER_TEST(T12115_RSA_key_too_short)
1082 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1085 auto manager = CKM::Manager::create();
1087 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1088 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1089 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1090 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1091 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1092 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1093 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1095 "-----END PUBLIC KEY-----";
1097 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1098 auto key = CKM::Key::create(buffer);
1099 CKM::Alias alias = "short-rsa";
1102 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1103 "Error=" << CKM::APICodeToString(ret));
1106 RUNNER_TEST(T12116_DSA_key_too_short)
1108 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1111 auto manager = CKM::Manager::create();
1113 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1114 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1115 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1116 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1117 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1118 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1119 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1120 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1121 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1122 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1123 "YMYCBhubtrVaLmc=\n"
1124 "-----END PUBLIC KEY-----";
1126 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1127 auto key = CKM::Key::create(buffer);
1128 CKM::Alias alias = "short-dsa";
1131 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1132 "Error=" << CKM::APICodeToString(ret));
1135 RUNNER_TEST(T12117_AES_key_too_short)
1138 auto manager = CKM::Manager::create();
1140 size_t key_size = (128-1);
1141 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1143 auto key = CKM::Key::create(key_AES);
1144 CKM::Alias alias = "short-AES";
1147 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1148 "Error=" << CKM::APICodeToString(ret));
1152 * These test cases tests CKM service if malicious data is provided over the socket.
1155 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1157 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1160 auto manager = CKM::Manager::create();
1162 // fake the client - let the service detect the problem
1163 class WrongKeyImpl : public CKM::Key
1166 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1169 virtual bool empty() const {
1173 virtual CKM::KeyType getType() const {
1174 return CKM::KeyType::KEY_RSA_PUBLIC;
1176 virtual int getSize() const {
1179 virtual CKM::ElipticCurve getCurve() const {
1180 return CKM::ElipticCurve::prime192v1;
1182 virtual CKM::RawBuffer getDER() const {
1185 virtual ~WrongKeyImpl() {}
1187 CKM::RawBuffer & m_dummy;
1189 std::string dummyData = "my_cat_Berta\n";
1190 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1191 auto key = std::make_shared<WrongKeyImpl>(buffer);
1192 CKM::Alias alias = "damaged-rsa";
1195 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1196 "Error=" << CKM::APICodeToString(ret));
1199 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1201 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1203 // fake the client - let the service detect the problem
1204 class WrongCertImpl : public CKM::Certificate
1207 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1208 m_x509 = X509_new();
1211 bool empty() const {
1215 virtual X509 *getX509() const {
1219 virtual CKM::RawBuffer getDER() const {
1223 virtual ~WrongCertImpl() {
1228 CKM::RawBuffer & m_dummy;
1230 std::string dummyData = "my_cat_Stefan\n";
1231 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1232 auto cert = std::make_shared<WrongCertImpl>(buffer);
1233 CKM::Alias alias = "damaged-cert";
1236 auto manager = CKM::Manager::create();
1238 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1239 "Error=" << CKM::APICodeToString(temp));
1242 RUNNER_TEST(T12120_deinit)
1244 remove_user_data(USER_APP);
1247 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1249 RUNNER_TEST(T1311_init)
1251 remove_user_data(USER_APP);
1252 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1253 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1255 struct hostent* he = gethostbyname("google.com");
1257 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1258 "is not woking on the device. OCSP tests requires network access!");
1261 RUNNER_TEST(T13121_get_chain_no_cert)
1263 CKM::CertificateShPtrVector certChain;
1264 CKM::CertificateShPtr cert;
1266 auto manager = CKM::Manager::create();
1268 int ret = manager->getCertificateChain(cert,
1273 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1274 "Function should fail for empty certificate");
1277 RUNNER_TEST(T13122_get_chain_empty_cert)
1279 CKM::CertificateShPtrVector certChain;
1280 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1281 CKM::DataFormat::FORM_PEM);
1283 auto manager = CKM::Manager::create();
1285 int ret = manager->getCertificateChain(cert,
1290 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1291 "Function should fail for empty certificate");
1294 RUNNER_TEST(T13129_get_chain)
1296 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1297 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1299 CKM::CertificateShPtrVector certVector = {cert1};
1300 CKM::CertificateShPtrVector certChain;
1303 auto manager = CKM::Manager::create();
1305 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1306 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1308 tmp = manager->getCertificateChain(cert,
1313 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1314 "Error=" << CKM::APICodeToString(tmp));
1317 0 == certChain.size(),
1318 "Wrong size of certificate chain.");
1320 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1321 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1324 3 == certChain.size(),
1325 "Wrong size of certificate chain.");
1328 RUNNER_TEST(T1313_get_chain_with_alias)
1330 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1331 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1333 CKM::CertificateShPtrVector certChain;
1334 CKM::AliasVector aliasVector;
1335 CKM::Alias alias = "imcert";
1338 auto manager = CKM::Manager::create();
1340 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1341 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1343 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1344 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1345 "Error=" << CKM::APICodeToString(tmp));
1348 0 == certChain.size(),
1349 "Wrong size of certificate chain.");
1352 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1353 "Error=" << CKM::APICodeToString(tmp));
1355 aliasVector.push_back(alias);
1357 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1358 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1361 3 == certChain.size(),
1362 "Wrong size of certificate chain.");
1365 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1367 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1368 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1369 CKM::CertificateShPtrVector certVector = {cert1};
1370 CKM::CertificateShPtrVector certChain;
1373 auto manager = CKM::Manager::create();
1375 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1376 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1378 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1379 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1380 "Error=" << CKM::APICodeToString(tmp));
1383 0 == certChain.size(),
1384 "Wrong size of certificate chain.");
1386 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1387 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1390 3 == certChain.size(),
1391 "Wrong size of certificate chain.");
1395 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1396 "Error=" << CKM::APICodeToString(tmp));
1398 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1401 RUNNER_TEST(T13142_ocsp_check_empty)
1403 CKM::CertificateShPtrVector certVector;
1405 auto manager = CKM::Manager::create();
1410 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1411 "ocspCheck should fail for empty certificate vector");
1414 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1416 CKM::CertificateShPtrVector certVector = {
1417 CKM::CertificateShPtr(),
1418 CKM::CertificateShPtr(),
1419 CKM::CertificateShPtr()};
1421 auto manager = CKM::Manager::create();
1426 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1427 "ocspCheck should fail for empty certificate vector");
1430 RUNNER_TEST(T13144_ocsp_check_root)
1432 auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA);
1433 CKM::CertificateShPtrVector certVector = {root};
1435 auto manager = CKM::Manager::create();
1437 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1442 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1443 "Ocsp should fail for single certificate");
1446 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1448 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1449 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1451 CKM::CertificateShPtrVector certVector = {ca, root};
1453 auto manager = CKM::Manager::create();
1455 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1456 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1461 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1462 "Error=" << CKM::APICodeToString(tmp));
1464 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1467 RUNNER_TEST(T1315_deinit)
1469 remove_user_data(USER_APP);
1472 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1474 RUNNER_TEST(T1411_init)
1476 remove_user_data(USER_APP);
1479 RUNNER_TEST(T1412_RSA_key_create_verify)
1482 auto manager = CKM::Manager::create();
1484 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1485 "Proc-Type: 4,ENCRYPTED\n"
1486 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1488 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1489 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1490 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1491 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1492 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1493 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1494 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1495 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1496 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1497 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1498 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1499 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1500 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1501 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1502 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1503 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1504 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1505 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1506 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1507 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1508 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1509 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1510 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1511 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1512 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1513 "-----END RSA PRIVATE KEY-----\n";
1515 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1516 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1517 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1518 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1519 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1520 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1521 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1523 "-----END PUBLIC KEY-----\n";
1525 std::string message = "message test";
1527 CKM::Alias aliasPub = "pub1";
1528 CKM::Alias aliasPrv = "prv1";
1529 CKM::Password password = "1234";
1530 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1531 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1532 CKM::RawBuffer signature;
1534 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1535 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1537 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1538 "Key is empty. Failed to import public key.");
1539 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1540 "Key is empty. Failed to import private key.");
1543 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1544 "Error=" << CKM::APICodeToString(temp));
1546 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1547 "Error=" << CKM::APICodeToString(temp));
1550 CKM_API_SUCCESS == (temp = manager->createSignature(
1553 CKM::RawBuffer(message.begin(), message.end()),
1557 "Error=" << CKM::APICodeToString(temp));
1560 CKM_API_SUCCESS == (temp = manager->verifySignature(
1563 CKM::RawBuffer(message.begin(), message.end()),
1567 "Error=" << CKM::APICodeToString(temp));
1570 RUNNER_TEST(T1413_DSA_key_create_verify)
1573 auto manager = CKM::Manager::create();
1575 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1576 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1577 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1578 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1579 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1580 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1581 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1582 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1583 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1584 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1585 "u1roOuaPY+Hl19BlTE2qdw==\n"
1586 "-----END DSA PRIVATE KEY-----";
1588 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1589 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1590 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1591 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1592 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1593 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1594 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1595 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1596 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1597 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1598 "YMYCBhubtrVaLmc=\n"
1599 "-----END PUBLIC KEY-----";
1601 std::string message = "message test";
1603 CKM::Alias aliasPub = "pub2";
1604 CKM::Alias aliasPrv = "prv2";
1605 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1606 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1607 CKM::RawBuffer signature;
1609 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1610 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1612 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1613 "Key is empty. Failed to import public key.");
1614 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1615 "Key is empty. Failed to import private key.");
1618 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1619 "Error=" << CKM::APICodeToString(temp));
1621 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1622 "Error=" << CKM::APICodeToString(temp));
1625 CKM_API_SUCCESS == (temp = manager->createSignature(
1628 CKM::RawBuffer(message.begin(), message.end()),
1632 "Error=" << CKM::APICodeToString(temp));
1635 CKM_API_SUCCESS == (temp = manager->verifySignature(
1638 CKM::RawBuffer(message.begin(), message.end()),
1642 "Error=" << CKM::APICodeToString(temp));
1646 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1649 auto manager = CKM::Manager::create();
1651 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1652 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1653 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1654 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1655 "-----END EC PRIVATE KEY-----\n";
1657 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1658 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1659 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1660 "-----END PUBLIC KEY-----\n";
1662 std::string message = "message test";
1664 CKM::Alias aliasPub = "ecpub2";
1665 CKM::Alias aliasPrv = "ecprv2";
1666 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1667 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1668 CKM::RawBuffer signature;
1670 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1671 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1673 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1674 "Key is empty. Failed to import public key.");
1675 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1676 "Key is empty. Failed to import private key.");
1679 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1680 "Error=" << CKM::APICodeToString(temp));
1682 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1683 "Error=" << CKM::APICodeToString(temp));
1686 CKM_API_SUCCESS == (temp = manager->createSignature(
1689 CKM::RawBuffer(message.begin(), message.end()),
1693 "Error=" << CKM::APICodeToString(temp));
1696 CKM_API_SUCCESS == (temp = manager->verifySignature(
1699 CKM::RawBuffer(message.begin(), message.end()),
1703 "Error=" << CKM::APICodeToString(temp));
1705 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1707 memcpy((void*)signature.data(), "BROKEN", 6);
1710 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1713 CKM::RawBuffer(message.begin(), message.end()),
1717 "Error=" << CKM::APICodeToString(temp));
1720 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1723 auto manager = CKM::Manager::create();
1724 std::string message = "message asdfaslkdfjlksadjf test";
1726 CKM::Alias aliasPub = "pub1";
1727 CKM::Alias aliasPrv = "prv1";
1729 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1730 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1731 CKM::RawBuffer signature;
1734 CKM_API_SUCCESS == (temp = manager->createSignature(
1737 CKM::RawBuffer(message.begin(), message.end()),
1741 "Error=" << CKM::APICodeToString(temp));
1744 CKM_API_SUCCESS == (temp = manager->verifySignature(
1747 CKM::RawBuffer(message.begin(), message.end()),
1751 "Error=" << CKM::APICodeToString(temp));
1753 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1754 memcpy((void*)signature.data(), "BROKEN", 6);
1757 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1760 CKM::RawBuffer(message.begin(), message.end()),
1764 "Error=" << CKM::APICodeToString(temp));
1767 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1770 auto manager = CKM::Manager::create();
1771 std::string message = "message asdfaslkdfjlksadjf test";
1773 CKM::Alias aliasPub = "pub2";
1774 CKM::Alias aliasPrv = "prv2";
1776 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1777 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1778 CKM::RawBuffer signature;
1781 CKM_API_SUCCESS == (temp = manager->createSignature(
1784 CKM::RawBuffer(message.begin(), message.end()),
1788 "Error=" << CKM::APICodeToString(temp));
1791 CKM_API_SUCCESS == (temp = manager->verifySignature(
1794 CKM::RawBuffer(message.begin(), message.end()),
1798 "Error=" << CKM::APICodeToString(temp));
1800 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1801 memcpy((void*)signature.data(), "BROKEN", 6);
1804 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1807 CKM::RawBuffer(message.begin(), message.end()),
1811 "Error=" << CKM::APICodeToString(temp));
1814 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1817 auto manager = CKM::Manager::create();
1820 "-----BEGIN RSA PRIVATE KEY-----\n"
1821 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1822 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1823 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1824 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1825 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1826 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1827 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1828 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1829 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1830 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1831 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1832 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1833 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1834 "-----END RSA PRIVATE KEY-----\n";
1837 "-----BEGIN CERTIFICATE-----\n"
1838 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1839 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1840 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1841 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1842 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1843 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1844 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1845 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1846 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1847 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1848 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1849 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1850 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1851 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1852 "-----END CERTIFICATE-----\n";
1854 std::string message = "message test";
1856 CKM::Alias aliasPub = "pub1-cert";
1857 CKM::Alias aliasPrv = "prv1-cert";
1858 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1859 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1860 CKM::RawBuffer signature;
1862 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1863 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1865 RUNNER_ASSERT_MSG(NULL != cert.get(),
1866 "Key is empty. Failed to import public key.");
1867 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1868 "Key is empty. Failed to import private key.");
1871 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1872 "Error=" << CKM::APICodeToString(temp));
1874 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1875 "Error=" << CKM::APICodeToString(temp));
1878 CKM_API_SUCCESS == (temp = manager->createSignature(
1881 CKM::RawBuffer(message.begin(), message.end()),
1885 "Error=" << CKM::APICodeToString(temp));
1888 CKM_API_SUCCESS == (temp = manager->verifySignature(
1891 CKM::RawBuffer(message.begin(), message.end()),
1895 "Error=" << CKM::APICodeToString(temp));
1897 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1899 memcpy((void*)signature.data(), "BROKEN", 6);
1902 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1905 CKM::RawBuffer(message.begin(), message.end()),
1909 "Error=" << CKM::APICodeToString(temp));
1912 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1915 auto manager = CKM::Manager::create();
1917 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1918 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1919 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1920 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1921 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1922 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1923 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1924 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1925 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1926 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1927 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1928 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1929 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1930 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1931 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1932 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1933 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1934 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1935 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1936 "-----END CERTIFICATE-----\n";
1938 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1939 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1940 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1941 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1942 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1943 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1944 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1945 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1946 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1947 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1948 "vonbjii3BYe4AIdkzOvp\n"
1949 "-----END DSA PRIVATE KEY-----\n";
1951 std::string message = "message test";
1953 CKM::Alias aliasPub = "pub2-cert";
1954 CKM::Alias aliasPrv = "prv2-cert";
1955 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1956 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1957 CKM::RawBuffer signature;
1959 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1960 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1962 RUNNER_ASSERT_MSG(NULL != cert.get(),
1963 "Key is empty. Failed to import public key.");
1964 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1965 "Key is empty. Failed to import private key.");
1968 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1969 "Error=" << CKM::APICodeToString(temp));
1971 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1972 "Error=" << CKM::APICodeToString(temp));
1975 CKM_API_SUCCESS == (temp = manager->createSignature(
1978 CKM::RawBuffer(message.begin(), message.end()),
1982 "Error=" << CKM::APICodeToString(temp));
1985 CKM_API_SUCCESS == (temp = manager->verifySignature(
1988 CKM::RawBuffer(message.begin(), message.end()),
1992 "Error=" << CKM::APICodeToString(temp));
1994 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1996 memcpy((void*)signature.data(), "BROKEN", 6);
1999 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2002 CKM::RawBuffer(message.begin(), message.end()),
2006 "Error=" << CKM::APICodeToString(temp));
2009 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2012 auto manager = CKM::Manager::create();
2015 "-----BEGIN EC PRIVATE KEY-----\n"
2016 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2017 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2018 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2019 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2020 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2021 "ELyhe7yPCAuOoLZlTLgf\n"
2022 "-----END EC PRIVATE KEY-----\n";
2025 "-----BEGIN CERTIFICATE-----\n"
2026 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2027 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2028 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2029 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2030 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2031 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2032 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2033 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2034 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2035 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2036 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2037 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2038 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2039 "Q1oBry6NEc+lLFmWMDesAA==\n"
2040 "-----END CERTIFICATE-----\n";
2042 std::string message = "message test";
2044 CKM::Alias aliasPub = "pub3";
2045 CKM::Alias aliasPrv = "prv3";
2046 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2047 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2048 CKM::RawBuffer signature;
2050 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2051 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2053 RUNNER_ASSERT_MSG(NULL != cert.get(),
2054 "Key is empty. Failed to import public key.");
2055 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2056 "Key is empty. Failed to import private key.");
2059 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2060 "Error=" << CKM::APICodeToString(temp));
2062 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2063 "Error=" << CKM::APICodeToString(temp));
2066 CKM_API_SUCCESS == (temp = manager->createSignature(
2069 CKM::RawBuffer(message.begin(), message.end()),
2073 "Error=" << CKM::APICodeToString(temp));
2076 CKM_API_SUCCESS == (temp = manager->verifySignature(
2079 CKM::RawBuffer(message.begin(), message.end()),
2083 "Error=" << CKM::APICodeToString(temp));
2085 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2087 memcpy((void*)signature.data(), "BROKEN", 6);
2090 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2093 CKM::RawBuffer(message.begin(), message.end()),
2097 "Error=" << CKM::APICodeToString(temp));
2100 RUNNER_TEST(T1420_deinit)
2102 remove_user_data(USER_APP);
2105 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2107 RUNNER_TEST(T14180_init)
2110 remove_user_data(USER_APP);
2112 auto manager = CKM::Manager::create();
2114 // Prepare RSA Key Pair
2115 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2116 "Proc-Type: 4,ENCRYPTED\n"
2117 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2119 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2120 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2121 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2122 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2123 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2124 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2125 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2126 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2127 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2128 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2129 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2130 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2131 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2132 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2133 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2134 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2135 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2136 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2137 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2138 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2139 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2140 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2141 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2142 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2143 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2144 "-----END RSA PRIVATE KEY-----\n";
2146 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2147 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2148 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2149 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2150 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2151 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2152 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2154 "-----END PUBLIC KEY-----\n";
2156 CKM::Alias aliasPub = "pub_nohash1";
2157 CKM::Alias aliasPrv = "prv_nohash1";
2158 CKM::Password password = "1234";
2160 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2161 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2163 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2164 "Key is empty. Failed to import public key.");
2165 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2166 "Key is empty. Failed to import private key.");
2169 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2170 "Error=" << CKM::APICodeToString(temp));
2172 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2173 "Error=" << CKM::APICodeToString(temp));
2175 // Prepare ECDSA Key Pair
2176 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2177 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2178 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2179 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2180 "-----END EC PRIVATE KEY-----\n";
2182 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2183 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2184 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2185 "-----END PUBLIC KEY-----\n";
2187 CKM::Alias aliasEcPub = "ecpub_nohash1";
2188 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2190 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2191 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2193 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2194 "Key is empty. Failed to import public key.");
2195 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2196 "Key is empty. Failed to import private key.");
2199 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2200 "Error=" << CKM::APICodeToString(temp));
2202 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2203 "Error=" << CKM::APICodeToString(temp));
2207 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2210 auto manager = CKM::Manager::create();
2211 std::string message = "message asdfaslkdfjlksadjf test";
2213 CKM::Alias aliasPub = "pub_nohash1";
2214 CKM::Alias aliasPrv = "prv_nohash1";
2216 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2217 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2218 CKM::RawBuffer signature;
2221 CKM_API_SUCCESS == (temp = manager->createSignature(
2224 CKM::RawBuffer(message.begin(), message.end()),
2228 "Error=" << CKM::APICodeToString(temp));
2231 CKM_API_SUCCESS == (temp = manager->verifySignature(
2234 CKM::RawBuffer(message.begin(), message.end()),
2238 "Error=" << CKM::APICodeToString(temp));
2240 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2241 memcpy((void*)signature.data(), "BROKEN", 6);
2244 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2247 CKM::RawBuffer(message.begin(), message.end()),
2251 "Error=" << CKM::APICodeToString(temp));
2254 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2257 auto manager = CKM::Manager::create();
2258 std::string message = "message asdfaslkdfjlksadjf test";
2260 CKM::Alias aliasPub = "pub_nohash1";
2261 CKM::Alias aliasPrv = "prv_nohash1";
2263 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2264 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2265 CKM::RawBuffer signature;
2268 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2271 CKM::RawBuffer(message.begin(), message.end()),
2275 "Error=" << CKM::APICodeToString(temp));
2278 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2281 auto manager = CKM::Manager::create();
2282 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2283 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2284 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2285 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2286 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2287 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2288 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2289 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2290 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2291 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2292 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2293 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2294 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2295 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2296 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2297 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2298 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2299 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2300 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2301 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2303 CKM::Alias aliasPub = "pub_nohash1";
2304 CKM::Alias aliasPrv = "prv_nohash1";
2306 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2307 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2308 CKM::RawBuffer signature;
2311 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2314 CKM::RawBuffer(message.begin(), message.end()),
2318 "Error=" << CKM::APICodeToString(temp));
2322 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2325 auto manager = CKM::Manager::create();
2327 std::string message = "message test";
2329 CKM::Alias aliasPub = "ecpub_nohash1";
2330 CKM::Alias aliasPrv = "ecprv_nohash1";
2331 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2332 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2333 CKM::RawBuffer signature;
2336 CKM_API_SUCCESS == (temp = manager->createSignature(
2339 CKM::RawBuffer(message.begin(), message.end()),
2343 "Error=" << CKM::APICodeToString(temp));
2346 CKM_API_SUCCESS == (temp = manager->verifySignature(
2349 CKM::RawBuffer(message.begin(), message.end()),
2353 "Error=" << CKM::APICodeToString(temp));
2355 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2357 memcpy((void*)signature.data(), "BROKEN", 6);
2360 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2363 CKM::RawBuffer(message.begin(), message.end()),
2367 "Error=" << CKM::APICodeToString(temp));
2370 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2373 auto manager = CKM::Manager::create();
2375 int msgSize = 1024*1024;
2376 char big_msg[msgSize];
2377 for(int i =0; i<msgSize-1; i++) {
2380 big_msg[msgSize-1]=0x00;
2381 std::string message(big_msg);
2383 CKM::Alias aliasPub = "ecpub_nohash1";
2384 CKM::Alias aliasPrv = "ecprv_nohash1";
2385 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2386 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2387 CKM::RawBuffer signature;
2390 CKM_API_SUCCESS == (temp = manager->createSignature(
2393 CKM::RawBuffer(message.begin(), message.end()),
2397 "Error=" << CKM::APICodeToString(temp));
2401 RUNNER_TEST(T14189_deinit)
2403 remove_user_data(USER_APP);
2407 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2411 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2412 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2413 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2414 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2415 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2418 RUNNER_TEST(T1800_init)
2420 remove_user_data(USER_APP);
2423 RUNNER_TEST(T1801_parse_PKCS12) {
2424 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2425 std::istreambuf_iterator<char> begin(is), end;
2426 std::vector<char> buff(begin, end);
2428 CKM::RawBuffer buffer(buff.size());
2429 memcpy(buffer.data(), buff.data(), buff.size());
2431 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2434 "Error in PKCS12::create()");
2436 auto cert = pkcs->getCertificate();
2439 "Error in PKCS12::getCertificate()");
2441 auto key = pkcs->getKey();
2444 "Error in PKCS12::getKey()");
2446 auto caVector = pkcs->getCaCertificateShPtrVector();
2448 0 == caVector.size(),
2449 "Wrong size of vector");
2452 RUNNER_TEST(T1802_negative_wrong_password) {
2453 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2454 std::istreambuf_iterator<char> begin(is), end;
2455 std::vector<char> buff(begin, end);
2457 CKM::RawBuffer buffer(buff.size());
2458 memcpy(buffer.data(), buff.data(), buff.size());
2460 auto pkcs = CKM::PKCS12::create(buffer, "error");
2463 "Expected error in PKCS12::create()");
2466 RUNNER_TEST(T1803_negative_broken_buffer) {
2467 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2468 std::istreambuf_iterator<char> begin(is), end;
2469 std::vector<char> buff(begin, end);
2471 CKM::RawBuffer buffer(buff.size());
2472 memcpy(buffer.data(), buff.data(), buff.size());
2474 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2477 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2480 "Expected error in PKCS12::create()");
2483 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2485 auto manager = CKM::Manager::create();
2486 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2487 std::istreambuf_iterator<char> begin(is), end;
2488 std::vector<char> buff(begin, end);
2490 CKM::RawBuffer buffer(buff.size());
2491 memcpy(buffer.data(), buff.data(), buff.size());
2493 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2496 "Error in PKCS12::create()");
2499 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2500 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2501 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2502 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2503 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2504 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2505 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2506 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2507 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2508 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2509 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2510 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2511 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2512 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2513 "-----END RSA PRIVATE KEY-----\n";
2515 std::string message = "message test";
2517 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2518 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2519 "Key is empty. Failed to import private key.");
2523 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2524 "Error=" << CKM::APICodeToString(temp));
2527 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2528 "Error=" << CKM::APICodeToString(temp));
2531 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2533 auto manager = CKM::Manager::create();
2534 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2535 std::istreambuf_iterator<char> begin(is), end;
2536 std::vector<char> buff(begin, end);
2538 CKM::RawBuffer buffer(buff.size());
2539 memcpy(buffer.data(), buff.data(), buff.size());
2541 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2544 "Error in PKCS12::create()");
2546 auto cert = pkcs->getCertificate();
2549 "Error in PKCS12::getCertificate()");
2551 auto key = pkcs->getKey();
2554 "Error in PKCS12::getKey()");
2556 auto caVector = pkcs->getCaCertificateShPtrVector();
2558 2 == caVector.size(),
2559 "Wrong size of vector");
2563 CKM::Policy exportable;
2564 CKM::Policy notExportable(CKM::Password(), false);
2567 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2568 "Error=" << CKM::APICodeToString(tmp));
2570 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2571 "Error=" << CKM::APICodeToString(tmp));
2573 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2574 "Error=" << CKM::APICodeToString(tmp));
2576 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2577 "Error=" << CKM::APICodeToString(tmp));
2579 // try to lookup key
2580 CKM::KeyShPtr key_lookup;
2582 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2583 "Error=" << CKM::APICodeToString(tmp));
2585 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2586 "Error=" << CKM::APICodeToString(tmp));
2588 // try to lookup certificate
2589 CKM::CertificateShPtr cert_lookup;
2591 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2592 "Error=" << CKM::APICodeToString(tmp));
2594 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2595 "Error=" << CKM::APICodeToString(tmp));
2598 RUNNER_TEST(T1806_get_PKCS)
2601 auto manager = CKM::Manager::create();
2603 CKM::PKCS12ShPtr pkcs;
2607 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2608 "Error=" << CKM::APICodeToString(temp));
2610 // fail - not exportable
2612 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2613 "Error=" << CKM::APICodeToString(temp));
2615 // success - exportable
2617 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2618 "Error=" << CKM::APICodeToString(temp));
2620 auto cert = pkcs->getCertificate();
2623 "Error in PKCS12::getCertificate()");
2625 auto key = pkcs->getKey();
2628 "Error in PKCS12::getKey()");
2630 auto caVector = pkcs->getCaCertificateShPtrVector();
2632 2 == caVector.size(),
2633 "Wrong size of vector");
2636 RUNNER_TEST(T1807_create_and_verify_signature)
2639 auto manager = CKM::Manager::create();
2641 std::string message = "message test";
2643 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2644 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2645 CKM::RawBuffer signature;
2648 CKM_API_SUCCESS == (temp = manager->createSignature(
2649 alias_PKCS_exportable,
2651 CKM::RawBuffer(message.begin(), message.end()),
2655 "Error=" << CKM::APICodeToString(temp));
2658 CKM_API_SUCCESS == (temp = manager->verifySignature(
2659 alias_PKCS_exportable,
2661 CKM::RawBuffer(message.begin(), message.end()),
2665 "Error=" << CKM::APICodeToString(temp));
2668 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2671 auto manager = CKM::Manager::create();
2673 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2674 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2675 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2676 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2677 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2678 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2679 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2680 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2681 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2682 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2683 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2684 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2685 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2686 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2687 "-----END RSA PRIVATE KEY-----";
2688 std::string message = "message test";
2690 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2691 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2692 "Key is empty. Failed to import private key.");
2695 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2696 "Error=" << CKM::APICodeToString(temp));
2698 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2699 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2700 CKM::RawBuffer signature;
2703 CKM_API_SUCCESS == (temp = manager->createSignature(
2704 alias_PKCS_priv_key_copy,
2706 CKM::RawBuffer(message.begin(), message.end()),
2710 "Error=" << CKM::APICodeToString(temp));
2713 CKM_API_SUCCESS == (temp = manager->verifySignature(
2714 alias_PKCS_exportable,
2716 CKM::RawBuffer(message.begin(), message.end()),
2720 "Error=" << CKM::APICodeToString(temp));
2723 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2726 auto manager = CKM::Manager::create();
2728 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2729 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2730 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2731 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2732 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2733 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2734 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2735 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2736 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2737 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2738 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2739 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2740 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2741 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2742 "-----END RSA PRIVATE KEY-----\n";
2744 std::string message = "message test";
2746 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2747 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2748 "Key is empty. Failed to import private key.");
2751 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2752 "Error=" << CKM::APICodeToString(temp));
2754 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2755 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2756 CKM::RawBuffer signature;
2759 CKM_API_SUCCESS == (temp = manager->createSignature(
2760 alias_PKCS_priv_key_wrong,
2762 CKM::RawBuffer(message.begin(), message.end()),
2766 "Error=" << CKM::APICodeToString(temp));
2769 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2770 alias_PKCS_exportable,
2772 CKM::RawBuffer(message.begin(), message.end()),
2776 "Error=" << CKM::APICodeToString(temp));
2779 RUNNER_TEST(T1810_verify_get_certificate_chain)
2781 // this certificate has been signed using PKCS chain
2783 "-----BEGIN CERTIFICATE-----\n"
2784 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
2785 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
2786 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
2787 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
2788 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
2789 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
2790 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
2791 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
2792 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
2793 "-----END CERTIFICATE-----\n";
2795 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2796 CKM::CertificateShPtrVector certChain;
2797 CKM::AliasVector aliasVector;
2800 auto manager = CKM::Manager::create();
2802 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2804 tmp = manager->getCertificateChain(cert,
2809 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2810 "Error=" << CKM::APICodeToString(tmp));
2813 0 == certChain.size(),
2814 "Wrong size of certificate chain.");
2816 aliasVector.push_back(alias_PKCS_exportable);
2818 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2819 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2821 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2823 4 == certChain.size(),
2824 "Wrong size of certificate chain: " << certChain.size());
2827 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2829 auto manager = CKM::Manager::create();
2833 // remove the whole PKCS12 bundles
2835 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2836 "Error=" << CKM::APICodeToString(tmp));
2838 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2839 "Error=" << CKM::APICodeToString(tmp));
2841 // expect lookup fails due to unknown alias
2842 // try to lookup key
2843 CKM::KeyShPtr key_lookup;
2845 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2846 "Error=" << CKM::APICodeToString(tmp));
2848 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2849 "Error=" << CKM::APICodeToString(tmp));
2851 // try to lookup certificate
2852 CKM::CertificateShPtr cert_lookup;
2854 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2855 "Error=" << CKM::APICodeToString(tmp));
2857 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2858 "Error=" << CKM::APICodeToString(tmp));
2861 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2863 CKM::Alias alias = "t1812alias1";
2865 auto manager = CKM::Manager::create();
2866 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2867 std::istreambuf_iterator<char> begin(is), end;
2868 std::vector<char> buff(begin, end);
2870 CKM::PKCS12ShPtr pkcs12;
2871 CKM::Password pass1 = "easypass1";
2872 CKM::Password pass2 = "easypass2";
2874 CKM::RawBuffer buffer(buff.size());
2875 memcpy(buffer.data(), buff.data(), buff.size());
2877 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2880 "Error in PKCS12::create()");
2884 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2885 "Error=" << CKM::APICodeToString(temp));
2888 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2889 "Error=" << CKM::APICodeToString(temp));
2892 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2893 "Error=" << CKM::APICodeToString(temp));
2896 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2897 "Error=" << CKM::APICodeToString(temp));
2900 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2901 "Error=" << CKM::APICodeToString(temp));
2904 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2905 "Error=" << CKM::APICodeToString(temp));
2907 CKM::CertificateShPtr cert;
2909 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2910 "Error=" << CKM::APICodeToString(temp));
2912 CKM::CertificateShPtrVector certChain;
2913 CKM::AliasVector certVect;
2914 certVect.push_back(alias);
2917 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2918 "Error=" << CKM::APICodeToString(temp));
2921 RUNNER_TEST(T1813_deinit)
2924 auto control = CKM::Control::create();
2927 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2928 "Error=" << CKM::APICodeToString(temp));
2931 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2933 const char * const T190_PASSWD = "t190-special-password";
2935 RUNNER_TEST(T1901_init_unlock_key)
2937 reset_user_data(USER_APP, T190_PASSWD);
2940 RUNNER_TEST(T1902_get_data)
2942 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2944 auto manager = CKM::Manager::create();
2947 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2950 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2951 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2954 RUNNER_TEST(T1903_lock_database)
2957 auto control = CKM::Control::create();
2959 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2960 "Error=" << CKM::APICodeToString(tmp));
2963 RUNNER_TEST(T1904_get_data_from_locked_database)
2965 auto manager = CKM::Manager::create();
2968 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2971 CKM_API_ERROR_DB_LOCKED == status1,
2972 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2975 RUNNER_TEST(T1905_deinit)
2977 remove_user_data(USER_APP);
2980 int main(int argc, char *argv[])
2982 uid_t expected_uid = tzplatform_getuid(TZ_SYS_DEFAULT_USER);
2983 if (expected_uid != geteuid()) {
2984 std::string userStr("owner");
2985 const char* user = tzplatform_getenv(TZ_SYS_DEFAULT_USER);
2989 std::cerr << argv[0] << " should be executed as " << userStr << ". Aborting" << std::endl;
2993 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob