2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Contact: Bumjin Im <bj.im@samsung.com>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License
20 * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
26 #include <condition_variable>
29 #include <ckmc/ckmc-type.h>
30 #include <ckm/ckm-manager-async.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-raw-buffer.h>
37 #include <dpl/test/test_runner.h>
38 #include <dpl/test/test_runner_child.h>
39 #include <dpl/log/log.h>
41 #include <tests_common.h>
42 #include <ckm-common.h>
49 const char* TEST_LABEL = "test_label";
50 const CertificateShPtrVector EMPTY_CERT_VECTOR;
51 const AliasVector EMPTY_ALIAS_VECTOR;
53 class MyObserver: public ManagerAsync::Observer
57 m_finished(false), m_error(0)
61 void ReceivedError(int error)
63 LogError("Received error: " << error);
69 void ReceivedSaveKey() { Succeeded(); }
70 void ReceivedSaveCertificate() { Succeeded(); }
71 void ReceivedSaveData() { Succeeded(); }
72 void ReceivedSavePKCS12() { Succeeded(); }
74 void ReceivedRemovedAlias() { Succeeded(); }
76 void ReceivedKey(Key &&) { Succeeded(); }
77 void ReceivedCertificate(Certificate &&) { Succeeded(); }
78 void ReceivedData(RawBuffer &&) { Succeeded(); }
79 void ReceivedPKCS12(PKCS12ShPtr && pkcs) { m_pkcs = pkcs; Succeeded(); }
81 void ReceivedKeyAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
82 void ReceivedCertificateAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
83 void ReceivedDataAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
85 void ReceivedCreateKeyPairRSA() { Succeeded(); }
86 void ReceivedCreateKeyPairDSA() { Succeeded(); }
87 void ReceivedCreateKeyPairECDSA() { Succeeded(); }
89 void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
90 { m_certChain = move(chain); Succeeded(); }
92 void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
93 void ReceivedVerifySignature() { Succeeded(); }
95 void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
97 void ReceivedSetPermission() { Succeeded(); }
99 void WaitForResponse()
101 unique_lock < mutex > lock(m_mutex);
103 m_cv.wait(lock, [this] {return m_finished;});
108 AliasVector m_aliases;
109 CertificateShPtrVector m_certChain;
117 LogDebug("Succeeded");
123 condition_variable m_cv;
126 typedef shared_ptr<MyObserver> MyObserverPtr;
128 const char* TEST_PASS = "test-pass";
138 KeyPair(const std::string& prv_pem, const std::string& pub_pem) {
139 RawBuffer buffer_prv(prv_pem.begin(), prv_pem.end());
140 prv = Key::create(buffer_prv);
143 RawBuffer buffer_pub(pub_pem.begin(), pub_pem.end());
144 pub = Key::create(buffer_pub);
152 typedef map<Type, vector<KeyPair> > KeyMap;
155 KeyMap initializeKeys()
159 km[RSA].emplace_back(
160 "-----BEGIN RSA PRIVATE KEY-----\n"
161 "MIICXAIBAAKBgQDMP6sKttnQ58BAi27b8X+8KVQtJgpJhhCF0RtWaTVqAhVDG3y4\n"
162 "x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06BCWPYH2+7jOfQIOy/TMlt+W7x\n"
163 "fou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+3Op0tEjy0jpmzeyNiQIDAQAB\n"
164 "AoGBAJRDX1CuvNx1bkwsKvQDkTqwMYd4hp0qcVICIbsPMhPaoT6OdHHZkHOf+HDx\n"
165 "KWhOj1LsXgzu95Q+Tp5k+LURI8ayu2RTsz/gYECgPNUsZ7gXl4co1bK+g5kiC+qr\n"
166 "sgSfkbYpp0OXefnl5x4KaJlZeSpn0UdDqx0kwI1x2E098i1VAkEA5thNY9YZNQdN\n"
167 "p6aopxOF5OmAjbLkq6wu255rDM5YgeepXXro/lmPociobtv8vPzbWKfoYZJL0Zj4\n"
168 "Qzj7Qz7s0wJBAOKBbpeG9PuNP1nR1h8kvyuILW8F89JOcIOUeqwokq4eJVqXdFIj\n"
169 "ct8eSEFmyXNqXD7b9+Tcw6vRIZuddVhNcrMCQAlpaD5ZzE1NLu1W7ilhsmPS4Vrl\n"
170 "oE0fiAmMO/EZuKITP+R/zmAQZrrB45whe/x4krjan67auByjj/utpxDmz+ECQEg/\n"
171 "UK80dN/n5dUYgVvdtLyF6zgGhgcGzgyqR5ayOlcfdnq25Htuoy1X02RJDOirfFDw\n"
172 "iNmPMTqUskuYpd1MltECQBwcy1cpnJWIXwCTQwg3enjkOVw80Tbr3iU9ASjHJTH2\n"
173 "N6FGHC4BQCm1fL6Bo0/0oSra+Ika3/1Vw1WwijUSiO8=\n"
174 "-----END RSA PRIVATE KEY-----",
176 "-----BEGIN PUBLIC KEY-----\n"
177 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMP6sKttnQ58BAi27b8X+8KVQt\n"
178 "JgpJhhCF0RtWaTVqAhVDG3y4x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06B\n"
179 "CWPYH2+7jOfQIOy/TMlt+W7xfou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+\n"
180 "3Op0tEjy0jpmzeyNiQIDAQAB\n"
181 "-----END PUBLIC KEY-----"
183 km[DSA].emplace_back(
184 "-----BEGIN DSA PRIVATE KEY-----\n"
185 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
186 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
187 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
188 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
189 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
190 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
191 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
192 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
193 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
194 "yAKPlW7WQzgV5jLLNUW7\n"
195 "-----END DSA PRIVATE KEY-----",
197 "-----BEGIN DSA PRIVATE KEY-----\n"
198 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
199 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
200 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
201 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
202 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
203 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
204 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
205 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
206 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
207 "yAKPlW7WQzgV5jLLNUW7\n"
208 "-----END DSA PRIVATE KEY-----"
210 km[ECDSA].emplace_back(
211 "-----BEGIN EC PRIVATE KEY-----\n"
212 "MF8CAQEEGF3rz8OuFpcESrlqCm0G96oovr0XbX+DRKAKBggqhkjOPQMBAaE0AzIA\n"
213 "BHiZYByQiRNQ91GWNnTfoBbp9G8DP9oJYc/cDZlk4lKUpmbvm//RWf1U7ag3tOVy\n"
215 "-----END EC PRIVATE KEY-----",
217 "-----BEGIN PUBLIC KEY-----\n"
218 "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEeJlgHJCJE1D3UZY2dN+gFun0bwM/\n"
219 "2glhz9wNmWTiUpSmZu+b/9FZ/VTtqDe05XKx\n"
220 "-----END PUBLIC KEY-----"
225 KeyMap keys = initializeKeys();
227 CertificateShPtr createCert(const std::string& cert) {
228 RawBuffer buffer_cert(cert.begin(), cert.end());
229 CertificateShPtr cptr = Certificate::create(buffer_cert, DataFormat::FORM_PEM);
234 typedef vector<CertificateShPtr> CertVector;
236 CertVector initializeCerts()
239 cv.emplace_back(createCert(
240 "-----BEGIN CERTIFICATE-----\n"
241 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
242 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
243 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
244 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
245 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
246 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
247 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
248 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
249 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
250 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
251 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
252 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
253 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
254 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
255 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
256 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
257 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
258 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
259 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
260 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
261 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
262 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
263 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
264 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
265 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
266 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
267 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
268 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
269 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
270 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
271 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
273 "-----END CERTIFICATE-----\n"
276 cv.emplace_back(createCert(
277 "-----BEGIN CERTIFICATE-----\n"
278 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
279 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
280 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
281 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
282 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
283 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
284 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
285 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
286 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
287 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
288 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
289 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
290 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
291 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
292 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
293 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
294 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
295 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
296 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
297 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
298 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
299 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
300 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
301 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
302 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
303 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
304 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
305 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
306 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
307 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
308 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
309 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
310 "-----END CERTIFICATE-----\n"
315 CertVector certs = initializeCerts();
317 const RawBuffer raw_buffer(const char* buffer)
319 return RawBuffer(buffer, buffer + strlen(buffer));
322 const RawBuffer test_buffer = raw_buffer("test_string");
324 template <typename F, typename... Args>
325 void test_negative(F&& func, int expected, Args... args)
327 MyObserverPtr obs = make_shared<MyObserver>();
330 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
331 obs->WaitForResponse();
333 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
335 obs->m_error == expected,
336 "Expected " << expected << "/" << ErrorToString(expected) <<
337 " got: " << obs->m_error << "/" << ErrorToString(obs->m_error));
340 template <typename F, typename... Args>
341 void test_invalid_param(F&& func, Args... args)
343 test_negative(move(func), CKM_API_ERROR_INPUT_PARAM, args...);
346 template <typename F, typename... Args>
347 void test_no_observer(F&& func, Args... args)
349 ManagerAsync::ObserverPtr obs;
353 (mgr.*func)(obs, args...);
354 RUNNER_ASSERT_MSG(false, "function() should have thrown an exception");
355 } catch (const invalid_argument& e) {
358 RUNNER_ASSERT_MSG(false, "Unexpected exception");
362 template <typename F, typename... Args>
363 MyObserverPtr test_positive(F&& func, Args... args)
365 MyObserverPtr obs = make_shared<MyObserver>();
368 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
369 obs->WaitForResponse();
371 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
372 RUNNER_ASSERT_MSG(obs->m_error == 0,
373 "Request failed " << obs->m_error << "/" << ErrorToString(obs->m_error));
377 template <typename F, typename... Args>
378 void test_check_aliases(F&& func, const AliasVector& expected, Args... args)
380 auto obs = test_positive(move(func), args...);
381 RUNNER_ASSERT_MSG(obs->m_aliases == expected, "Retrieved aliases differ from expected");
384 template <typename F, typename... Args>
385 void test_check_cert_chain(F&& func, size_t expected, Args... args)
387 auto obs = test_positive(move(func), args...);
389 obs->m_certChain.size() == expected,
390 "Expected chain length: " << expected << " got: " << obs->m_certChain.size());
393 typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
394 const CertificateShPtr&,
395 const CertificateShPtrVector&,
396 const CertificateShPtrVector&,
399 typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
400 const CertificateShPtr&,
404 } // namespace anonymous
407 RUNNER_TEST_GROUP_INIT(CKM_ASYNC_API);
409 RUNNER_TEST(TA0000_init)
412 ControlShPtr control = Control::create();
413 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
414 "Error=" << ErrorToString(temp));
415 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(APP_UID, TEST_PASS)),
416 "Error=" << ErrorToString(temp));
420 RUNNER_CHILD_TEST(TA0010_save_key_invalid_param)
422 switch_to_storage_user(TEST_LABEL);
424 test_no_observer(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
425 test_invalid_param(&ManagerAsync::saveKey, "", keys[RSA][0].prv, Policy());
426 test_invalid_param(&ManagerAsync::saveKey, "alias", KeyShPtr(), Policy());
429 RUNNER_CHILD_TEST(TA0020_save_key_already_exists)
431 switch_to_storage_user(TEST_LABEL);
434 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
435 test_negative(&ManagerAsync::saveKey,
436 CKM_API_ERROR_DB_ALIAS_EXISTS,
442 RUNNER_CHILD_TEST(TA0050_save_key_positive)
444 switch_to_storage_user(TEST_LABEL);
447 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
452 RUNNER_CHILD_TEST(TA0110_save_cert_invalid_param)
454 switch_to_storage_user(TEST_LABEL);
456 CertificateShPtr cert = Certificate::create(test_buffer, DataFormat::FORM_PEM);
457 test_no_observer(&ManagerAsync::saveCertificate, "", cert, Policy());
458 test_invalid_param(&ManagerAsync::saveCertificate, "", cert, Policy());
459 test_invalid_param(&ManagerAsync::saveCertificate, "alias", CertificateShPtr(), Policy());
462 RUNNER_CHILD_TEST(TA0120_save_cert_already_exists)
464 switch_to_storage_user(TEST_LABEL);
467 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
468 test_negative(&ManagerAsync::saveCertificate,
469 CKM_API_ERROR_DB_ALIAS_EXISTS,
475 RUNNER_CHILD_TEST(TA0150_save_cert_positive)
477 switch_to_storage_user(TEST_LABEL);
480 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
485 RUNNER_CHILD_TEST(TA0210_save_data_invalid_param)
487 switch_to_storage_user(TEST_LABEL);
489 test_no_observer(&ManagerAsync::saveData, "", test_buffer, Policy());
490 test_invalid_param(&ManagerAsync::saveData, "", test_buffer, Policy());
491 test_invalid_param(&ManagerAsync::saveData, "alias", RawBuffer(), Policy());
494 RUNNER_CHILD_TEST(TA0220_save_data_already_exists)
496 switch_to_storage_user(TEST_LABEL);
499 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
500 test_negative(&ManagerAsync::saveData,
501 CKM_API_ERROR_DB_ALIAS_EXISTS,
507 RUNNER_CHILD_TEST(TA0250_save_data_positive)
509 switch_to_storage_user(TEST_LABEL);
512 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
517 RUNNER_CHILD_TEST(TA0310_remove_alias_invalid_param)
519 switch_to_storage_user(TEST_LABEL);
521 test_no_observer(&ManagerAsync::removeAlias, "alias");
522 test_invalid_param(&ManagerAsync::removeAlias, "");
525 RUNNER_CHILD_TEST(TA0330_remove_alias_unknown_alias)
527 switch_to_storage_user(TEST_LABEL);
529 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
532 RUNNER_CHILD_TEST(TA0350_remove_key_positive)
534 switch_to_storage_user(TEST_LABEL);
537 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
538 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
542 RUNNER_CHILD_TEST(TA0450_remove_cert_positive)
544 switch_to_storage_user(TEST_LABEL);
547 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
548 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
552 RUNNER_CHILD_TEST(TA0550_remove_data_positive)
554 switch_to_storage_user(TEST_LABEL);
557 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
558 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
563 RUNNER_CHILD_TEST(TA0610_get_key_invalid_param)
565 switch_to_storage_user(TEST_LABEL);
567 test_no_observer(&ManagerAsync::getKey, "alias", "");
568 test_invalid_param(&ManagerAsync::getKey, "", "");
571 RUNNER_CHILD_TEST(TA0630_get_key_unknown_alias)
573 switch_to_storage_user(TEST_LABEL);
575 test_negative(&ManagerAsync::getKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
578 RUNNER_CHILD_TEST(TA0640_get_key_wrong_password)
580 switch_to_storage_user(TEST_LABEL);
583 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
584 test_negative(&ManagerAsync::getKey,
585 CKM_API_ERROR_AUTHENTICATION_FAILED,
590 RUNNER_CHILD_TEST(TA0650_get_key_positive)
592 switch_to_storage_user(TEST_LABEL);
595 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
596 test_positive(&ManagerAsync::getKey, dbc.alias("alias"), "password");
601 RUNNER_CHILD_TEST(TA0710_get_cert_invalid_param)
603 switch_to_storage_user(TEST_LABEL);
605 test_no_observer(&ManagerAsync::getCertificate, "alias", "");
606 test_invalid_param(&ManagerAsync::getCertificate, "", "");
609 RUNNER_CHILD_TEST(TA0730_get_cert_unknown_alias)
611 switch_to_storage_user(TEST_LABEL);
613 test_negative(&ManagerAsync::getCertificate,
614 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
615 "non-existing-alias",
619 RUNNER_CHILD_TEST(TA0740_get_cert_wrong_password)
621 switch_to_storage_user(TEST_LABEL);
624 test_positive(&ManagerAsync::saveCertificate,
628 test_negative(&ManagerAsync::getCertificate,
629 CKM_API_ERROR_AUTHENTICATION_FAILED,
634 RUNNER_CHILD_TEST(TA0750_get_cert_positive)
636 switch_to_storage_user(TEST_LABEL);
639 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy("password"));
640 test_positive(&ManagerAsync::getCertificate, dbc.alias("alias"), "password");
645 RUNNER_CHILD_TEST(TA0810_get_data_invalid_param)
647 switch_to_storage_user(TEST_LABEL);
649 test_no_observer(&ManagerAsync::getData, "alias", "");
650 test_invalid_param(&ManagerAsync::getData, "", "");
653 RUNNER_CHILD_TEST(TA0830_get_data_unknown_alias)
655 switch_to_storage_user(TEST_LABEL);
657 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
660 RUNNER_CHILD_TEST(TA0840_get_data_wrong_password)
662 switch_to_storage_user(TEST_LABEL);
665 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
666 test_negative(&ManagerAsync::getData,
667 CKM_API_ERROR_AUTHENTICATION_FAILED,
672 RUNNER_CHILD_TEST(TA0850_get_data_positive)
674 switch_to_storage_user(TEST_LABEL);
677 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
678 test_positive(&ManagerAsync::getData, dbc.alias("alias"), "password");
683 RUNNER_CHILD_TEST(TA0910_get_key_alias_vector_invalid_param)
685 switch_to_storage_user(TEST_LABEL);
687 test_no_observer(&ManagerAsync::getKeyAliasVector);
690 RUNNER_CHILD_TEST(TA0950_get_key_alias_vector_positive)
692 switch_to_storage_user(TEST_LABEL);
695 test_positive(&ManagerAsync::saveKey, dbc.alias("alias1"), keys[RSA][0].prv, Policy());
696 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
698 test_positive(&ManagerAsync::saveKey, dbc.alias("alias2"), keys[DSA][0].prv, Policy());
699 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
700 aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
702 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
703 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
707 // getCertificateAliasVector
708 RUNNER_CHILD_TEST(TA1010_get_cert_alias_vector_invalid_param)
710 switch_to_storage_user(TEST_LABEL);
712 test_no_observer(&ManagerAsync::getCertificateAliasVector);
715 RUNNER_CHILD_TEST(TA1050_get_cert_alias_vector_positive)
717 switch_to_storage_user(TEST_LABEL);
720 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), certs[0], Policy());
721 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
723 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), certs[1], Policy());
724 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
725 aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
727 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
728 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
732 // getDataAliasVector
733 RUNNER_CHILD_TEST(TA1110_get_data_alias_vector_invalid_param)
735 switch_to_storage_user(TEST_LABEL);
737 test_no_observer(&ManagerAsync::getDataAliasVector);
740 RUNNER_CHILD_TEST(TA1150_get_data_alias_vector_positive)
742 switch_to_storage_user(TEST_LABEL);
745 test_positive(&ManagerAsync::saveData, dbc.alias("alias1"), test_buffer, Policy());
746 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
748 test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
749 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
750 aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
752 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
753 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
758 RUNNER_CHILD_TEST(TA1210_create_key_pair_rsa_invalid_param)
760 switch_to_storage_user(TEST_LABEL);
762 test_no_observer(&ManagerAsync::createKeyPairRSA,
770 RUNNER_CHILD_TEST(TA1220_create_key_pair_rsa_already_exists)
772 switch_to_storage_user(TEST_LABEL);
775 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy());
776 test_negative(&ManagerAsync::createKeyPairRSA,
777 CKM_API_ERROR_DB_ALIAS_EXISTS,
779 dbc.alias("alias_prv"),
780 dbc.alias("alias_pub"),
785 RUNNER_CHILD_TEST(TA1250_create_key_pair_rsa_positive)
787 switch_to_storage_user(TEST_LABEL);
790 test_positive(&ManagerAsync::createKeyPairRSA,
792 dbc.alias("alias_prv"),
793 dbc.alias("alias_pub"),
797 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
798 aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
802 RUNNER_CHILD_TEST(TA1270_create_key_pair_dsa_invalid_param)
804 switch_to_storage_user(TEST_LABEL);
806 test_no_observer(&ManagerAsync::createKeyPairDSA,
814 RUNNER_CHILD_TEST(TA1280_create_key_pair_dsa_already_exists)
816 switch_to_storage_user(TEST_LABEL);
819 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[DSA][0].prv, Policy());
820 test_negative(&ManagerAsync::createKeyPairDSA,
821 CKM_API_ERROR_DB_ALIAS_EXISTS,
823 dbc.alias("alias_prv"),
824 dbc.alias("alias_pub"),
829 RUNNER_CHILD_TEST(TA1290_create_key_pair_dsa_positive)
831 switch_to_storage_user(TEST_LABEL);
834 test_positive(&ManagerAsync::createKeyPairDSA,
836 dbc.alias("alias_prv"),
837 dbc.alias("alias_pub"),
841 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
842 aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
845 // createKeyPairECDSA
846 RUNNER_CHILD_TEST(TA1310_create_key_pair_ecdsa_invalid_param)
848 switch_to_storage_user(TEST_LABEL);
850 test_no_observer(&ManagerAsync::createKeyPairECDSA,
851 ElipticCurve::prime192v1,
858 RUNNER_CHILD_TEST(TA1320_create_key_pair_ecdsa_already_exists)
860 switch_to_storage_user(TEST_LABEL);
863 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[ECDSA][0].prv, Policy());
864 test_negative(&ManagerAsync::createKeyPairECDSA,
865 CKM_API_ERROR_DB_ALIAS_EXISTS,
866 ElipticCurve::prime192v1,
867 dbc.alias("alias_prv"),
868 dbc.alias("alias_pub"),
873 RUNNER_CHILD_TEST(TA1350_create_key_pair_ecdsa_positive)
875 switch_to_storage_user(TEST_LABEL);
878 test_positive(&ManagerAsync::createKeyPairECDSA,
879 ElipticCurve::prime192v1,
880 dbc.alias("alias_prv"),
881 dbc.alias("alias_pub"),
885 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
886 aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
890 // getCertificateChain
891 RUNNER_CHILD_TEST(TA1410_get_certificate_chain_invalid_param)
893 switch_to_storage_user(TEST_LABEL);
895 CertificateShPtr cert = certs[0];
896 CertificateShPtrVector certv = { certs[1] };
897 test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
902 test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
908 Alias alias = "alias";
909 AliasVector aliasv = { alias };
910 test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain,
915 test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
922 RUNNER_CHILD_TEST(TA1420_get_certificate_chain_negative)
924 switch_to_storage_user(TEST_LABEL);
927 CertificateShPtr cert = certs[0];
928 CertificateShPtrVector certv = { certs[0] };
929 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
930 CKM_API_ERROR_VERIFICATION_FAILED,
935 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
936 CKM_API_ERROR_VERIFICATION_FAILED,
941 AliasVector aliasv = { dbc.alias("alias") };
942 test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[0], Policy());
943 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
944 CKM_API_ERROR_VERIFICATION_FAILED,
949 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
950 CKM_API_ERROR_VERIFICATION_FAILED,
957 RUNNER_CHILD_TEST(TA1450_get_certificate_chain_positive)
959 switch_to_storage_user(TEST_LABEL);
962 CertificateShPtr cert = certs[0];
963 CertificateShPtrVector certv = { certs[1] };
964 test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
971 AliasVector aliasv = { dbc.alias("alias") };
972 test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[1], Policy());
973 test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
983 RUNNER_CHILD_TEST(TA1510_create_signature_invalid_param)
985 switch_to_storage_user(TEST_LABEL);
987 test_no_observer(&ManagerAsync::createSignature,
992 RSAPaddingAlgorithm::PKCS1);
993 test_invalid_param(&ManagerAsync::createSignature,
998 RSAPaddingAlgorithm::PKCS1);
999 test_invalid_param(&ManagerAsync::createSignature,
1003 HashAlgorithm::SHA1,
1004 RSAPaddingAlgorithm::PKCS1);
1007 RUNNER_CHILD_TEST(TA1520_create_signature_invalid_password)
1009 switch_to_storage_user(TEST_LABEL);
1012 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
1013 test_negative(&ManagerAsync::createSignature,
1014 CKM_API_ERROR_INPUT_PARAM,
1018 HashAlgorithm::SHA1,
1019 RSAPaddingAlgorithm::PKCS1);
1022 RUNNER_CHILD_TEST(TA1550_create_signature_positive)
1024 switch_to_storage_user(TEST_LABEL);
1027 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
1028 test_positive(&ManagerAsync::createSignature,
1032 HashAlgorithm::SHA1,
1033 RSAPaddingAlgorithm::PKCS1);
1038 RUNNER_CHILD_TEST(TA1610_verify_signature_invalid_param)
1040 switch_to_storage_user(TEST_LABEL);
1042 test_no_observer(&ManagerAsync::verifySignature,
1047 HashAlgorithm::SHA1,
1048 RSAPaddingAlgorithm::PKCS1);
1049 test_invalid_param(&ManagerAsync::verifySignature,
1054 HashAlgorithm::SHA1,
1055 RSAPaddingAlgorithm::PKCS1);
1058 RUNNER_CHILD_TEST(TA1620_verify_signature_invalid_password)
1060 switch_to_storage_user(TEST_LABEL);
1063 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
1064 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
1065 auto obs = test_positive(&ManagerAsync::createSignature,
1066 dbc.alias("alias_prv"),
1069 HashAlgorithm::SHA1,
1070 RSAPaddingAlgorithm::PKCS1);
1072 test_negative(&ManagerAsync::verifySignature,
1073 CKM_API_ERROR_AUTHENTICATION_FAILED,
1074 dbc.alias("alias_pub"),
1078 HashAlgorithm::SHA1,
1079 RSAPaddingAlgorithm::PKCS1);
1082 RUNNER_CHILD_TEST(TA1630_verify_signature_invalid_message)
1084 switch_to_storage_user(TEST_LABEL);
1087 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
1088 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
1090 auto obs = test_positive(&ManagerAsync::createSignature,
1091 dbc.alias("alias_prv"),
1094 HashAlgorithm::SHA1,
1095 RSAPaddingAlgorithm::PKCS1);
1097 test_negative(&ManagerAsync::verifySignature,
1098 CKM_API_ERROR_VERIFICATION_FAILED,
1099 dbc.alias("alias_pub"),
1101 raw_buffer("invalid-unsigned-mesage"),
1103 HashAlgorithm::SHA1,
1104 RSAPaddingAlgorithm::PKCS1);
1107 RUNNER_CHILD_TEST(TA1640_verify_signature_invalid_signature)
1109 switch_to_storage_user(TEST_LABEL);
1112 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
1114 test_negative(&ManagerAsync::verifySignature,
1115 CKM_API_ERROR_VERIFICATION_FAILED,
1116 dbc.alias("alias_pub"),
1119 raw_buffer("invalid-signature"),
1120 HashAlgorithm::SHA1,
1121 RSAPaddingAlgorithm::PKCS1);
1124 RUNNER_CHILD_TEST(TA1650_verify_signature_wrong_key)
1126 switch_to_storage_user(TEST_LABEL);
1129 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
1130 auto obs = test_positive(&ManagerAsync::createSignature,
1131 dbc.alias("alias_prv"),
1134 HashAlgorithm::SHA1,
1135 RSAPaddingAlgorithm::PKCS1);
1137 test_negative(&ManagerAsync::verifySignature,
1138 CKM_API_ERROR_SERVER_ERROR,
1139 dbc.alias("alias_prv"),
1143 HashAlgorithm::SHA1,
1144 RSAPaddingAlgorithm::PKCS1);
1147 RUNNER_CHILD_TEST(TA1660_verify_signature_positive)
1149 switch_to_storage_user(TEST_LABEL);
1152 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
1153 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
1154 auto obs = test_positive(&ManagerAsync::createSignature,
1155 dbc.alias("alias_prv"),
1158 HashAlgorithm::SHA1,
1159 RSAPaddingAlgorithm::PKCS1);
1161 test_positive(&ManagerAsync::verifySignature,
1162 dbc.alias("alias_pub"),
1166 HashAlgorithm::SHA1,
1167 RSAPaddingAlgorithm::PKCS1);
1172 RUNNER_CHILD_TEST(TA1710_ocsp_check_invalid_param)
1174 test_no_observer(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1175 test_invalid_param(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1178 RUNNER_CHILD_TEST(TA1720_ocsp_check_negative)
1180 switch_to_storage_ocsp_user(TEST_LABEL);
1183 CertificateShPtrVector certv = { certs[0], certs[0] };
1185 auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
1186 RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
1187 "Verification should fail. Got: " << obs->m_ocspStatus);
1190 RUNNER_CHILD_TEST(TA1750_ocsp_check_positive)
1192 switch_to_storage_ocsp_user(TEST_LABEL);
1195 CertificateShPtr cert = certs[0];
1196 CertificateShPtrVector certv = { certs[1] };
1197 auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
1203 auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
1204 RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
1205 "Verification failed. Error: " << obs->m_ocspStatus);
1209 RUNNER_CHILD_TEST(TA1810_allow_access_invalid_param)
1211 switch_to_storage_user(TEST_LABEL);
1213 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1214 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1215 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::READ | CKM::Permission::REMOVE);
1218 RUNNER_TEST(TA1820_allow_access)
1221 CharPtr top_label = get_label();
1222 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
1223 test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
1224 test_positive(&ManagerAsync::saveData, dbc.alias("alias3"), test_buffer, Policy());
1225 test_positive(&ManagerAsync::setPermission,
1226 dbc.alias("alias2"),
1228 CKM::Permission::READ);
1229 test_positive(&ManagerAsync::setPermission,
1230 dbc.alias("alias3"),
1232 CKM::Permission::READ | CKM::Permission::REMOVE);
1235 ScopedLabel label(TEST_LABEL);
1237 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"), "");
1238 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"));
1240 // test from allowed label, but without properly addressing alias (coming from default label)
1241 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias2"), "");
1243 // now test with appropriate addressing
1244 std::string full_alias2_address = aliasWithLabel(top_label.get(), dbc.alias("alias2"));
1245 test_positive(&ManagerAsync::getData, full_alias2_address, "");
1246 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_ACCESS_DENIED, full_alias2_address);
1248 std::string full_alias3_address = aliasWithLabel(top_label.get(), dbc.alias("alias3"));
1249 test_positive(&ManagerAsync::getData, full_alias3_address, "");
1250 test_positive(&ManagerAsync::removeAlias, full_alias3_address);
1255 RUNNER_CHILD_TEST(TA1910_deny_access_invalid_param)
1257 switch_to_storage_user(TEST_LABEL);
1259 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::NONE);
1260 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::NONE);
1261 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::NONE);
1264 RUNNER_TEST(TA1920_deny_access)
1267 CharPtr top_label = get_label();
1268 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
1269 test_positive(&ManagerAsync::setPermission,
1272 CKM::Permission::READ | CKM::Permission::REMOVE);
1273 test_positive(&ManagerAsync::setPermission, dbc.alias("alias"), TEST_LABEL, CKM::Permission::NONE);
1276 ScopedLabel label(TEST_LABEL);
1278 std::string full_alias_address = aliasWithLabel(top_label.get(), dbc.alias("alias"));
1279 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address, "");
1280 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address);
1286 CKM::Alias alias_PKCS_exportable = "async-test-PKCS-export";
1287 CKM::Alias alias_PKCS_not_exportable = "async-test-PKCS-no-export";
1290 RUNNER_TEST(TA2000_PKCS_add_bundle_with_chain_certs)
1293 auto manager = CKM::Manager::create();
1294 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
1295 std::istreambuf_iterator<char> begin(is), end;
1296 std::vector<char> buff(begin, end);
1298 CKM::RawBuffer buffer(buff.size());
1299 memcpy(buffer.data(), buff.data(), buff.size());
1301 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
1304 "Error in PKCS12::create()");
1306 auto cert = pkcs->getCertificate();
1309 "Error in PKCS12::getCertificate()");
1311 auto key = pkcs->getKey();
1314 "Error in PKCS12::getKey()");
1316 auto caVector = pkcs->getCaCertificateShPtrVector();
1318 2 == caVector.size(),
1319 "Wrong size of vector");
1322 CKM::Policy exportable;
1323 CKM::Policy notExportable(CKM::Password(), false);
1325 test_positive(&ManagerAsync::savePKCS12,
1326 alias_PKCS_exportable,
1330 test_negative(&ManagerAsync::savePKCS12,
1331 CKM_API_ERROR_DB_ALIAS_EXISTS,
1332 alias_PKCS_exportable,
1337 test_positive(&ManagerAsync::savePKCS12,
1338 alias_PKCS_not_exportable,
1342 test_negative(&ManagerAsync::savePKCS12,
1343 CKM_API_ERROR_DB_ALIAS_EXISTS,
1344 alias_PKCS_not_exportable,
1350 RUNNER_TEST(TA2010_PKCS_get)
1353 auto manager = CKM::Manager::create();
1356 test_negative(&ManagerAsync::getPKCS12,
1357 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
1363 // fail - not exportable
1364 test_negative(&ManagerAsync::getPKCS12,
1365 CKM_API_ERROR_NOT_EXPORTABLE,
1366 dbc.alias(alias_PKCS_not_exportable.c_str()),
1370 // success - exportable
1371 auto obs = test_positive(&ManagerAsync::getPKCS12,
1372 dbc.alias(alias_PKCS_exportable.c_str()),
1376 auto cert = obs->m_pkcs->getCertificate();
1379 "Error in PKCS12::getCertificate()");
1381 auto key = obs->m_pkcs->getKey();
1384 "Error in PKCS12::getKey()");
1386 auto caVector = obs->m_pkcs->getCaCertificateShPtrVector();
1388 2 == caVector.size(),
1389 "Wrong size of vector");
1392 RUNNER_TEST(TA9999_deinit)
1395 ControlShPtr control = Control::create();
1396 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->lockUserKey(APP_UID)),
1397 "Error=" << ErrorToString(temp));
1398 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
1399 "Error=" << ErrorToString(temp));
projects / platform / core / test / security-tests.git / blob