2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Contact: Bumjin Im <bj.im@samsung.com>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License
20 * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
26 #include <condition_variable>
29 #include <ckmc/ckmc-type.h>
30 #include <ckm/ckm-manager-async.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-raw-buffer.h>
35 #include <dpl/test/test_runner.h>
36 #include <dpl/test/test_runner_child.h>
37 #include <dpl/log/log.h>
39 #include <tests_common.h>
40 #include <ckm-common.h>
47 const char* TEST_LABEL = "test_label";
49 class MyObserver: public ManagerAsync::Observer
53 m_finished(false), m_error(0)
57 void ReceivedError(int error)
59 LogError("Received error: " << error);
65 void ReceivedSaveKey() { Succeeded(); }
66 void ReceivedSaveCertificate() { Succeeded(); }
67 void ReceivedSaveData() { Succeeded(); }
69 void ReceivedRemovedKey() { Succeeded(); }
70 void ReceivedRemovedCertificate() { Succeeded(); }
71 void ReceivedRemovedData() { Succeeded(); }
73 void ReceivedKey(Key &&) { Succeeded(); }
74 void ReceivedCertificate(Certificate &&) { Succeeded(); }
75 void ReceivedData(RawBuffer &&) { Succeeded(); }
77 void ReceivedKeyAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
78 void ReceivedCertificateAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
79 void ReceivedDataAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
81 void ReceivedCreateKeyPairRSA() { Succeeded(); }
82 void ReceivedCreateKeyPairDSA() { Succeeded(); }
83 void ReceivedCreateKeyPairECDSA() { Succeeded(); }
85 void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
86 { m_certChain = move(chain); Succeeded(); }
88 void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
89 void ReceivedVerifySignature() { Succeeded(); }
91 void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
93 void ReceivedAllowAccess() { Succeeded(); }
94 void ReceivedDenyAccess() { Succeeded(); }
96 void WaitForResponse()
98 unique_lock < mutex > lock(m_mutex);
100 m_cv.wait(lock, [this] {return m_finished;});
105 AliasVector m_aliases;
106 CertificateShPtrVector m_certChain;
113 LogDebug("Succeeded");
119 condition_variable m_cv;
122 typedef shared_ptr<MyObserver> MyObserverPtr;
124 const char* TEST_PASS = "test-pass";
134 KeyPair(const std::string& prv_pem, const std::string& pub_pem) {
135 RawBuffer buffer_prv(prv_pem.begin(), prv_pem.end());
136 prv = Key::create(buffer_prv);
139 RawBuffer buffer_pub(pub_pem.begin(), pub_pem.end());
140 pub = Key::create(buffer_pub);
148 typedef map<Type, vector<KeyPair> > KeyMap;
150 std::string format_full_label_alias(const std::string &label, const std::string &alias)
152 std::stringstream ss;
153 ss << label << std::string(ckmc_label_name_separator) << alias;
158 KeyMap initializeKeys()
162 km[RSA].emplace_back(
163 "-----BEGIN RSA PRIVATE KEY-----\n"
164 "MIICXAIBAAKBgQDMP6sKttnQ58BAi27b8X+8KVQtJgpJhhCF0RtWaTVqAhVDG3y4\n"
165 "x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06BCWPYH2+7jOfQIOy/TMlt+W7x\n"
166 "fou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+3Op0tEjy0jpmzeyNiQIDAQAB\n"
167 "AoGBAJRDX1CuvNx1bkwsKvQDkTqwMYd4hp0qcVICIbsPMhPaoT6OdHHZkHOf+HDx\n"
168 "KWhOj1LsXgzu95Q+Tp5k+LURI8ayu2RTsz/gYECgPNUsZ7gXl4co1bK+g5kiC+qr\n"
169 "sgSfkbYpp0OXefnl5x4KaJlZeSpn0UdDqx0kwI1x2E098i1VAkEA5thNY9YZNQdN\n"
170 "p6aopxOF5OmAjbLkq6wu255rDM5YgeepXXro/lmPociobtv8vPzbWKfoYZJL0Zj4\n"
171 "Qzj7Qz7s0wJBAOKBbpeG9PuNP1nR1h8kvyuILW8F89JOcIOUeqwokq4eJVqXdFIj\n"
172 "ct8eSEFmyXNqXD7b9+Tcw6vRIZuddVhNcrMCQAlpaD5ZzE1NLu1W7ilhsmPS4Vrl\n"
173 "oE0fiAmMO/EZuKITP+R/zmAQZrrB45whe/x4krjan67auByjj/utpxDmz+ECQEg/\n"
174 "UK80dN/n5dUYgVvdtLyF6zgGhgcGzgyqR5ayOlcfdnq25Htuoy1X02RJDOirfFDw\n"
175 "iNmPMTqUskuYpd1MltECQBwcy1cpnJWIXwCTQwg3enjkOVw80Tbr3iU9ASjHJTH2\n"
176 "N6FGHC4BQCm1fL6Bo0/0oSra+Ika3/1Vw1WwijUSiO8=\n"
177 "-----END RSA PRIVATE KEY-----",
179 "-----BEGIN PUBLIC KEY-----\n"
180 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMP6sKttnQ58BAi27b8X+8KVQt\n"
181 "JgpJhhCF0RtWaTVqAhVDG3y4x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06B\n"
182 "CWPYH2+7jOfQIOy/TMlt+W7xfou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+\n"
183 "3Op0tEjy0jpmzeyNiQIDAQAB\n"
184 "-----END PUBLIC KEY-----"
186 km[DSA].emplace_back(
187 "-----BEGIN DSA PRIVATE KEY-----\n"
188 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
189 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
190 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
191 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
192 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
193 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
194 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
195 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
196 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
197 "yAKPlW7WQzgV5jLLNUW7\n"
198 "-----END DSA PRIVATE KEY-----",
200 "-----BEGIN DSA PRIVATE KEY-----\n"
201 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
202 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
203 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
204 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
205 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
206 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
207 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
208 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
209 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
210 "yAKPlW7WQzgV5jLLNUW7\n"
211 "-----END DSA PRIVATE KEY-----"
213 km[ECDSA].emplace_back(
214 "-----BEGIN EC PRIVATE KEY-----\n"
215 "MF8CAQEEGF3rz8OuFpcESrlqCm0G96oovr0XbX+DRKAKBggqhkjOPQMBAaE0AzIA\n"
216 "BHiZYByQiRNQ91GWNnTfoBbp9G8DP9oJYc/cDZlk4lKUpmbvm//RWf1U7ag3tOVy\n"
218 "-----END EC PRIVATE KEY-----",
220 "-----BEGIN PUBLIC KEY-----\n"
221 "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEeJlgHJCJE1D3UZY2dN+gFun0bwM/\n"
222 "2glhz9wNmWTiUpSmZu+b/9FZ/VTtqDe05XKx\n"
223 "-----END PUBLIC KEY-----"
228 KeyMap keys = initializeKeys();
230 CertificateShPtr createCert(const std::string& cert) {
231 RawBuffer buffer_cert(cert.begin(), cert.end());
232 CertificateShPtr cptr = Certificate::create(buffer_cert, DataFormat::FORM_PEM);
237 typedef vector<CertificateShPtr> CertVector;
239 CertVector initializeCerts()
242 cv.emplace_back(createCert(
243 "-----BEGIN CERTIFICATE-----\n"
244 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
245 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
246 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
247 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
248 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
249 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
250 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
251 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
252 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
253 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
254 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
255 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
256 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
257 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
258 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
259 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
260 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
261 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
262 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
263 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
264 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
265 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
266 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
267 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
268 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
269 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
270 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
271 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
272 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
273 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
274 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
276 "-----END CERTIFICATE-----\n"
279 cv.emplace_back(createCert(
280 "-----BEGIN CERTIFICATE-----\n"
281 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
282 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
283 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
284 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
285 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
286 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
287 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
288 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
289 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
290 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
291 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
292 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
293 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
294 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
295 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
296 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
297 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
298 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
299 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
300 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
301 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
302 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
303 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
304 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
305 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
306 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
307 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
308 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
309 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
310 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
311 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
312 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
313 "-----END CERTIFICATE-----\n"
318 CertVector certs = initializeCerts();
320 const RawBuffer raw_buffer(const char* buffer)
322 return RawBuffer(buffer, buffer + strlen(buffer));
325 const RawBuffer test_buffer = raw_buffer("test_string");
327 template <typename F, typename... Args>
328 void test_negative(F&& func, int expected, Args... args)
330 MyObserverPtr obs = make_shared<MyObserver>();
333 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
334 obs->WaitForResponse();
336 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
338 obs->m_error == expected,
339 "Expected " << expected << "/" << ErrorToString(expected) <<
340 " got: " << obs->m_error << "/" << ErrorToString(obs->m_error));
343 template <typename F, typename... Args>
344 void test_invalid_param(F&& func, Args... args)
346 test_negative(move(func), CKM_API_ERROR_INPUT_PARAM, args...);
349 template <typename F, typename... Args>
350 void test_no_observer(F&& func, Args... args)
352 ManagerAsync::ObserverPtr obs;
356 (mgr.*func)(obs, args...);
357 RUNNER_ASSERT_MSG(false, "function() should have thrown an exception");
358 } catch (const invalid_argument& e) {
361 RUNNER_ASSERT_MSG(false, "Unexpected exception");
365 template <typename F, typename... Args>
366 MyObserverPtr test_positive(F&& func, Args... args)
368 MyObserverPtr obs = make_shared<MyObserver>();
371 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
372 obs->WaitForResponse();
374 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
375 RUNNER_ASSERT_MSG(obs->m_error == 0,
376 "Request failed " << obs->m_error << "/" << ErrorToString(obs->m_error));
380 template <typename F, typename... Args>
381 void test_check_aliases(F&& func, const AliasVector& expected, Args... args)
383 auto obs = test_positive(move(func), args...);
384 RUNNER_ASSERT_MSG(obs->m_aliases == expected, "Retrieved aliases differ from expected");
387 template <typename F, typename... Args>
388 void test_check_cert_chain(F&& func, size_t expected, Args... args)
390 auto obs = test_positive(move(func), args...);
392 obs->m_certChain.size() == expected,
393 "Expected chain length: " << expected << " got: " << obs->m_certChain.size());
396 typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
397 const CertificateShPtr&,
398 const CertificateShPtrVector&);
400 typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
401 const CertificateShPtr&,
403 } // namespace anonymous
406 RUNNER_TEST_GROUP_INIT(CKM_ASYNC_API);
408 RUNNER_TEST(TA0000_init)
411 ControlShPtr control = Control::create();
412 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(APP_UID, TEST_PASS)),
413 "Error=" << ErrorToString(temp));
414 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
415 "Error=" << ErrorToString(temp));
419 RUNNER_CHILD_TEST(TA0010_save_key_invalid_param)
421 switch_to_storage_user(TEST_LABEL);
423 test_no_observer(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
424 test_invalid_param(&ManagerAsync::saveKey, "", keys[RSA][0].prv, Policy());
425 test_invalid_param(&ManagerAsync::saveKey, "alias", KeyShPtr(), Policy());
428 RUNNER_CHILD_TEST(TA0020_save_key_already_exists)
430 switch_to_storage_user(TEST_LABEL);
433 test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy());
434 test_negative(&ManagerAsync::saveKey,
435 CKM_API_ERROR_DB_ALIAS_EXISTS,
441 RUNNER_CHILD_TEST(TA0050_save_key_positive)
443 switch_to_storage_user(TEST_LABEL);
446 test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy());
451 RUNNER_CHILD_TEST(TA0110_save_cert_invalid_param)
453 switch_to_storage_user(TEST_LABEL);
455 CertificateShPtr cert = Certificate::create(test_buffer, DataFormat::FORM_PEM);
456 test_no_observer(&ManagerAsync::saveCertificate, "", cert, Policy());
457 test_invalid_param(&ManagerAsync::saveCertificate, "", cert, Policy());
458 test_invalid_param(&ManagerAsync::saveCertificate, "alias", CertificateShPtr(), Policy());
461 RUNNER_CHILD_TEST(TA0120_save_cert_already_exists)
463 switch_to_storage_user(TEST_LABEL);
466 test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy());
467 test_negative(&ManagerAsync::saveCertificate,
468 CKM_API_ERROR_DB_ALIAS_EXISTS,
474 RUNNER_CHILD_TEST(TA0150_save_cert_positive)
476 switch_to_storage_user(TEST_LABEL);
479 test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy());
484 RUNNER_CHILD_TEST(TA0210_save_data_invalid_param)
486 switch_to_storage_user(TEST_LABEL);
488 test_no_observer(&ManagerAsync::saveData, "", test_buffer, Policy());
489 test_invalid_param(&ManagerAsync::saveData, "", test_buffer, Policy());
490 test_invalid_param(&ManagerAsync::saveData, "alias", RawBuffer(), Policy());
493 RUNNER_CHILD_TEST(TA0220_save_data_already_exists)
495 switch_to_storage_user(TEST_LABEL);
498 test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
499 test_negative(&ManagerAsync::saveData,
500 CKM_API_ERROR_DB_ALIAS_EXISTS,
506 RUNNER_CHILD_TEST(TA0250_save_data_positive)
508 switch_to_storage_user(TEST_LABEL);
511 test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
516 RUNNER_CHILD_TEST(TA0310_remove_key_invalid_param)
518 switch_to_storage_user(TEST_LABEL);
520 test_no_observer(&ManagerAsync::removeKey, "alias");
521 test_invalid_param(&ManagerAsync::removeKey, "");
524 RUNNER_CHILD_TEST(TA0330_remove_key_unknown_alias)
526 switch_to_storage_user(TEST_LABEL);
528 test_negative(&ManagerAsync::removeKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
531 RUNNER_CHILD_TEST(TA0350_remove_key_positive)
533 switch_to_storage_user(TEST_LABEL);
536 test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy());
537 test_positive(&ManagerAsync::removeKey, dbc.key("alias"));
542 RUNNER_CHILD_TEST(TA0410_remove_cert_invalid_param)
544 switch_to_storage_user(TEST_LABEL);
546 test_no_observer(&ManagerAsync::removeCertificate, "alias");
547 test_invalid_param(&ManagerAsync::removeCertificate, "");
550 RUNNER_CHILD_TEST(TA0430_remove_cert_unknown_alias)
552 switch_to_storage_user(TEST_LABEL);
554 test_negative(&ManagerAsync::removeCertificate,
555 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
556 "non-existing-alias");
559 RUNNER_CHILD_TEST(TA0450_remove_cert_positive)
561 switch_to_storage_user(TEST_LABEL);
564 test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy());
565 test_positive(&ManagerAsync::removeCertificate, dbc.cert("alias"));
570 RUNNER_CHILD_TEST(TA0510_remove_data_invalid_param)
572 switch_to_storage_user(TEST_LABEL);
574 test_no_observer(&ManagerAsync::removeData, "alias");
575 test_invalid_param(&ManagerAsync::removeData, "");
578 RUNNER_CHILD_TEST(TA0530_remove_data_unknown_alias)
580 switch_to_storage_user(TEST_LABEL);
582 test_negative(&ManagerAsync::removeData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
585 RUNNER_CHILD_TEST(TA0550_remove_data_positive)
587 switch_to_storage_user(TEST_LABEL);
590 test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
591 test_positive(&ManagerAsync::removeData, dbc.data("alias"));
596 RUNNER_CHILD_TEST(TA0610_get_key_invalid_param)
598 switch_to_storage_user(TEST_LABEL);
600 test_no_observer(&ManagerAsync::getKey, "alias", "");
601 test_invalid_param(&ManagerAsync::getKey, "", "");
604 RUNNER_CHILD_TEST(TA0630_get_key_unknown_alias)
606 switch_to_storage_user(TEST_LABEL);
608 test_negative(&ManagerAsync::getKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
611 RUNNER_CHILD_TEST(TA0640_get_key_wrong_password)
613 switch_to_storage_user(TEST_LABEL);
616 test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
617 test_negative(&ManagerAsync::getKey,
618 CKM_API_ERROR_SERVER_ERROR,
623 RUNNER_CHILD_TEST(TA0650_get_key_positive)
625 switch_to_storage_user(TEST_LABEL);
628 test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
629 test_positive(&ManagerAsync::getKey, dbc.key("alias"), "password");
634 RUNNER_CHILD_TEST(TA0710_get_cert_invalid_param)
636 switch_to_storage_user(TEST_LABEL);
638 test_no_observer(&ManagerAsync::getCertificate, "alias", "");
639 test_invalid_param(&ManagerAsync::getCertificate, "", "");
642 RUNNER_CHILD_TEST(TA0730_get_cert_unknown_alias)
644 switch_to_storage_user(TEST_LABEL);
646 test_negative(&ManagerAsync::getCertificate,
647 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
648 "non-existing-alias",
652 RUNNER_CHILD_TEST(TA0740_get_cert_wrong_password)
654 switch_to_storage_user(TEST_LABEL);
657 test_positive(&ManagerAsync::saveCertificate,
661 test_negative(&ManagerAsync::getCertificate,
662 CKM_API_ERROR_SERVER_ERROR,
667 RUNNER_CHILD_TEST(TA0750_get_cert_positive)
669 switch_to_storage_user(TEST_LABEL);
672 test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias"), certs[0], Policy("password"));
673 test_positive(&ManagerAsync::getCertificate, dbc.cert("alias"), "password");
678 RUNNER_CHILD_TEST(TA0810_get_data_invalid_param)
680 switch_to_storage_user(TEST_LABEL);
682 test_no_observer(&ManagerAsync::getData, "alias", "");
683 test_invalid_param(&ManagerAsync::getData, "", "");
686 RUNNER_CHILD_TEST(TA0830_get_data_unknown_alias)
688 switch_to_storage_user(TEST_LABEL);
690 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
693 RUNNER_CHILD_TEST(TA0840_get_data_wrong_password)
695 switch_to_storage_user(TEST_LABEL);
698 test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy("password"));
699 test_negative(&ManagerAsync::getData,
700 CKM_API_ERROR_SERVER_ERROR,
705 RUNNER_CHILD_TEST(TA0850_get_data_positive)
707 switch_to_storage_user(TEST_LABEL);
710 test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy("password"));
711 test_positive(&ManagerAsync::getData, dbc.data("alias"), "password");
716 RUNNER_CHILD_TEST(TA0910_get_key_alias_vector_invalid_param)
718 switch_to_storage_user(TEST_LABEL);
720 test_no_observer(&ManagerAsync::getKeyAliasVector);
723 RUNNER_CHILD_TEST(TA0950_get_key_alias_vector_positive)
725 switch_to_storage_user(TEST_LABEL);
728 test_positive(&ManagerAsync::saveKey, dbc.key("alias1"), keys[RSA][0].prv, Policy());
729 test_check_aliases(&ManagerAsync::getKeyAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.key("alias1"))) });
731 test_positive(&ManagerAsync::saveKey, dbc.key("alias2"), keys[DSA][0].prv, Policy());
732 test_check_aliases(&ManagerAsync::getKeyAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.key("alias1"))),
733 format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.key("alias2"))) });
735 test_positive(&ManagerAsync::removeKey, dbc.key("alias1"));
736 test_check_aliases(&ManagerAsync::getKeyAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.key("alias2"))) });
740 // getCertificateAliasVector
741 RUNNER_CHILD_TEST(TA1010_get_cert_alias_vector_invalid_param)
743 switch_to_storage_user(TEST_LABEL);
745 test_no_observer(&ManagerAsync::getCertificateAliasVector);
748 RUNNER_CHILD_TEST(TA1050_get_cert_alias_vector_positive)
750 switch_to_storage_user(TEST_LABEL);
753 test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias1"), certs[0], Policy());
754 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.cert("alias1"))) });
756 test_positive(&ManagerAsync::saveCertificate, dbc.cert("alias2"), certs[1], Policy());
757 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.cert("alias1"))),
758 format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.cert("alias2"))) });
760 test_positive(&ManagerAsync::removeCertificate, dbc.cert("alias1"));
761 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.cert("alias2"))) });
765 // getDataAliasVector
766 RUNNER_CHILD_TEST(TA1110_get_data_alias_vector_invalid_param)
768 switch_to_storage_user(TEST_LABEL);
770 test_no_observer(&ManagerAsync::getDataAliasVector);
773 RUNNER_CHILD_TEST(TA1150_get_data_alias_vector_positive)
775 switch_to_storage_user(TEST_LABEL);
778 test_positive(&ManagerAsync::saveData, dbc.data("alias1"), test_buffer, Policy());
779 test_check_aliases(&ManagerAsync::getDataAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias1"))) });
781 test_positive(&ManagerAsync::saveData, dbc.data("alias2"), test_buffer, Policy());
782 test_check_aliases(&ManagerAsync::getDataAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias1"))),
783 format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias2"))) });
785 test_positive(&ManagerAsync::removeData, dbc.data("alias1"));
786 test_check_aliases(&ManagerAsync::getDataAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias2"))) });
791 RUNNER_CHILD_TEST(TA1210_create_key_pair_rsa_invalid_param)
793 switch_to_storage_user(TEST_LABEL);
795 test_no_observer(&ManagerAsync::createKeyPairRSA,
803 RUNNER_CHILD_TEST(TA1220_create_key_pair_rsa_already_exists)
805 switch_to_storage_user(TEST_LABEL);
808 test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy());
809 test_negative(&ManagerAsync::createKeyPairRSA,
810 CKM_API_ERROR_DB_ALIAS_EXISTS,
812 dbc.key("alias_prv"),
813 dbc.key("alias_pub"),
818 RUNNER_CHILD_TEST(TA1250_create_key_pair_rsa_positive)
820 switch_to_storage_user(TEST_LABEL);
823 test_positive(&ManagerAsync::createKeyPairRSA,
825 dbc.key("alias_prv"),
826 dbc.key("alias_pub"),
830 test_check_aliases(&ManagerAsync::getKeyAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias_prv"))),
831 format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias_pub"))) });
835 RUNNER_CHILD_TEST(TA1270_create_key_pair_dsa_invalid_param)
837 switch_to_storage_user(TEST_LABEL);
839 test_no_observer(&ManagerAsync::createKeyPairDSA,
847 RUNNER_CHILD_TEST(TA1280_create_key_pair_dsa_already_exists)
849 switch_to_storage_user(TEST_LABEL);
852 test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[DSA][0].prv, Policy());
853 test_negative(&ManagerAsync::createKeyPairDSA,
854 CKM_API_ERROR_DB_ALIAS_EXISTS,
856 dbc.key("alias_prv"),
857 dbc.key("alias_pub"),
862 RUNNER_CHILD_TEST(TA1290_create_key_pair_dsa_positive)
864 switch_to_storage_user(TEST_LABEL);
867 test_positive(&ManagerAsync::createKeyPairDSA,
869 dbc.key("alias_prv"),
870 dbc.key("alias_pub"),
874 test_check_aliases(&ManagerAsync::getKeyAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias_prv"))),
875 format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias_pub"))) });
878 // createKeyPairECDSA
879 RUNNER_CHILD_TEST(TA1310_create_key_pair_ecdsa_invalid_param)
881 switch_to_storage_user(TEST_LABEL);
883 test_no_observer(&ManagerAsync::createKeyPairECDSA,
884 ElipticCurve::prime192v1,
891 RUNNER_CHILD_TEST(TA1320_create_key_pair_ecdsa_already_exists)
893 switch_to_storage_user(TEST_LABEL);
896 test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[ECDSA][0].prv, Policy());
897 test_negative(&ManagerAsync::createKeyPairECDSA,
898 CKM_API_ERROR_DB_ALIAS_EXISTS,
899 ElipticCurve::prime192v1,
900 dbc.key("alias_prv"),
901 dbc.key("alias_pub"),
906 RUNNER_CHILD_TEST(TA1350_create_key_pair_ecdsa_positive)
908 switch_to_storage_user(TEST_LABEL);
911 test_positive(&ManagerAsync::createKeyPairECDSA,
912 ElipticCurve::prime192v1,
913 dbc.key("alias_prv"),
914 dbc.key("alias_pub"),
918 test_check_aliases(&ManagerAsync::getKeyAliasVector, { format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias_prv"))),
919 format_full_label_alias(std::string(TEST_LABEL), Alias(dbc.data("alias_pub"))) });
923 // getCertificateChain
924 RUNNER_CHILD_TEST(TA1410_get_certificate_chain_invalid_param)
926 switch_to_storage_user(TEST_LABEL);
928 CertificateShPtr cert = certs[0];
929 CertificateShPtrVector certv = { certs[1] };
930 test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain, cert, certv);
931 test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
934 test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
936 CertificateShPtrVector());
938 Alias alias = "alias";
939 AliasVector aliasv = { alias };
940 test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain, cert, aliasv);
941 test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
944 test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain, cert, AliasVector());
947 RUNNER_CHILD_TEST(TA1420_get_certificate_chain_negative)
949 switch_to_storage_user(TEST_LABEL);
952 CertificateShPtr cert = certs[0];
953 CertificateShPtrVector certv = { certs[0] };
954 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
955 CKM_API_ERROR_VERIFICATION_FAILED,
958 AliasVector aliasv = { dbc.cert("alias") };
959 test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[0], Policy());
960 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
961 CKM_API_ERROR_VERIFICATION_FAILED,
966 RUNNER_CHILD_TEST(TA1450_get_certificate_chain_positive)
968 switch_to_storage_user(TEST_LABEL);
971 CertificateShPtr cert = certs[0];
972 CertificateShPtrVector certv = { certs[1] };
973 test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain, 3, cert, certv);
975 AliasVector aliasv = { dbc.cert("alias") };
976 test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[1], Policy());
977 test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain, 3, cert, aliasv);
982 RUNNER_CHILD_TEST(TA1510_create_signature_invalid_param)
984 switch_to_storage_user(TEST_LABEL);
986 test_no_observer(&ManagerAsync::createSignature,
991 RSAPaddingAlgorithm::PKCS1);
992 test_invalid_param(&ManagerAsync::createSignature,
997 RSAPaddingAlgorithm::PKCS1);
998 test_invalid_param(&ManagerAsync::createSignature,
1002 HashAlgorithm::SHA1,
1003 RSAPaddingAlgorithm::PKCS1);
1006 RUNNER_CHILD_TEST(TA1520_create_signature_invalid_password)
1008 switch_to_storage_user(TEST_LABEL);
1011 test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
1012 test_negative(&ManagerAsync::createSignature,
1013 CKM_API_ERROR_INPUT_PARAM,
1017 HashAlgorithm::SHA1,
1018 RSAPaddingAlgorithm::PKCS1);
1021 RUNNER_CHILD_TEST(TA1550_create_signature_positive)
1023 switch_to_storage_user(TEST_LABEL);
1026 test_positive(&ManagerAsync::saveKey, dbc.key("alias"), keys[RSA][0].prv, Policy("password"));
1027 test_positive(&ManagerAsync::createSignature,
1031 HashAlgorithm::SHA1,
1032 RSAPaddingAlgorithm::PKCS1);
1037 RUNNER_CHILD_TEST(TA1610_verify_signature_invalid_param)
1039 switch_to_storage_user(TEST_LABEL);
1041 test_no_observer(&ManagerAsync::verifySignature,
1046 HashAlgorithm::SHA1,
1047 RSAPaddingAlgorithm::PKCS1);
1048 test_invalid_param(&ManagerAsync::verifySignature,
1053 HashAlgorithm::SHA1,
1054 RSAPaddingAlgorithm::PKCS1);
1057 RUNNER_CHILD_TEST(TA1620_verify_signature_invalid_password)
1059 switch_to_storage_user(TEST_LABEL);
1062 test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
1063 test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
1064 auto obs = test_positive(&ManagerAsync::createSignature,
1065 dbc.key("alias_prv"),
1068 HashAlgorithm::SHA1,
1069 RSAPaddingAlgorithm::PKCS1);
1071 test_negative(&ManagerAsync::verifySignature,
1072 CKM_API_ERROR_SERVER_ERROR,
1073 dbc.key("alias_pub"),
1077 HashAlgorithm::SHA1,
1078 RSAPaddingAlgorithm::PKCS1);
1081 RUNNER_CHILD_TEST(TA1630_verify_signature_invalid_message)
1083 switch_to_storage_user(TEST_LABEL);
1086 test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy(""));
1087 test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy(""));
1089 auto obs = test_positive(&ManagerAsync::createSignature,
1090 dbc.key("alias_prv"),
1093 HashAlgorithm::SHA1,
1094 RSAPaddingAlgorithm::PKCS1);
1096 test_negative(&ManagerAsync::verifySignature,
1097 CKM_API_ERROR_VERIFICATION_FAILED,
1098 dbc.key("alias_pub"),
1100 raw_buffer("invalid-unsigned-mesage"),
1102 HashAlgorithm::SHA1,
1103 RSAPaddingAlgorithm::PKCS1);
1106 RUNNER_CHILD_TEST(TA1640_verify_signature_invalid_signature)
1108 switch_to_storage_user(TEST_LABEL);
1111 test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy(""));
1113 test_negative(&ManagerAsync::verifySignature,
1114 CKM_API_ERROR_VERIFICATION_FAILED,
1115 dbc.key("alias_pub"),
1118 raw_buffer("invalid-signature"),
1119 HashAlgorithm::SHA1,
1120 RSAPaddingAlgorithm::PKCS1);
1123 RUNNER_CHILD_TEST(TA1650_verify_signature_wrong_key)
1125 switch_to_storage_user(TEST_LABEL);
1128 test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy(""));
1129 auto obs = test_positive(&ManagerAsync::createSignature,
1130 dbc.key("alias_prv"),
1133 HashAlgorithm::SHA1,
1134 RSAPaddingAlgorithm::PKCS1);
1136 test_negative(&ManagerAsync::verifySignature,
1137 CKM_API_ERROR_SERVER_ERROR,
1138 dbc.key("alias_prv"),
1142 HashAlgorithm::SHA1,
1143 RSAPaddingAlgorithm::PKCS1);
1146 RUNNER_CHILD_TEST(TA1660_verify_signature_positive)
1148 switch_to_storage_user(TEST_LABEL);
1151 test_positive(&ManagerAsync::saveKey, dbc.key("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
1152 test_positive(&ManagerAsync::saveKey, dbc.key("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
1153 auto obs = test_positive(&ManagerAsync::createSignature,
1154 dbc.key("alias_prv"),
1157 HashAlgorithm::SHA1,
1158 RSAPaddingAlgorithm::PKCS1);
1160 test_positive(&ManagerAsync::verifySignature,
1161 dbc.key("alias_pub"),
1165 HashAlgorithm::SHA1,
1166 RSAPaddingAlgorithm::PKCS1);
1171 RUNNER_CHILD_TEST(TA1710_ocsp_check_invalid_param)
1173 test_no_observer(&ManagerAsync::ocspCheck, CertificateShPtrVector());
1174 test_invalid_param(&ManagerAsync::ocspCheck, CertificateShPtrVector());
1177 RUNNER_CHILD_TEST(TA1720_ocsp_check_negative)
1179 switch_to_storage_ocsp_user(TEST_LABEL);
1182 CertificateShPtrVector certv = { certs[0], certs[0] };
1184 auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
1185 RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
1186 "Verification should fail. Got: " << obs->m_ocspStatus);
1189 RUNNER_CHILD_TEST(TA1750_ocsp_check_positive)
1191 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1192 switch_to_storage_ocsp_user(TEST_LABEL);
1195 CertificateShPtr cert = certs[0];
1196 CertificateShPtrVector certv = { certs[1] };
1197 auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain, cert, certv);
1199 auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
1200 RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
1201 "Verification failed. Error: " << obs->m_ocspStatus);
1205 RUNNER_CHILD_TEST(TA1810_allow_access_invalid_param)
1207 switch_to_storage_user(TEST_LABEL);
1209 test_no_observer(&ManagerAsync::allowAccess, "alias", "accessor", AccessRight::AR_READ_REMOVE);
1210 test_invalid_param(&ManagerAsync::allowAccess, "", "accessor", AccessRight::AR_READ_REMOVE);
1211 test_invalid_param(&ManagerAsync::allowAccess, "alias", "", AccessRight::AR_READ_REMOVE);
1214 RUNNER_TEST(TA1820_allow_access)
1217 CharPtr top_label = get_label();
1218 test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
1219 test_positive(&ManagerAsync::saveData, dbc.data("alias2"), test_buffer, Policy());
1220 test_positive(&ManagerAsync::saveData, dbc.data("alias3"), test_buffer, Policy());
1221 test_positive(&ManagerAsync::allowAccess,
1224 AccessRight::AR_READ);
1225 test_positive(&ManagerAsync::allowAccess,
1228 AccessRight::AR_READ_REMOVE);
1231 ScopedLabel label(TEST_LABEL);
1233 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.data("alias"), "");
1234 test_negative(&ManagerAsync::removeData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.data("alias"));
1236 // test from allowed label, but without properly addressing alias (coming from default label)
1237 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.data("alias2"), "");
1239 // now test with appropriate addressing
1240 std::string full_alias2_address = aliasWithLabel(top_label.get(), dbc.data("alias2"));
1241 test_positive(&ManagerAsync::getData, full_alias2_address, "");
1242 test_negative(&ManagerAsync::removeData, CKM_API_ERROR_ACCESS_DENIED, full_alias2_address);
1244 std::string full_alias3_address = aliasWithLabel(top_label.get(), dbc.data("alias3"));
1245 test_positive(&ManagerAsync::getData, full_alias3_address, "");
1246 test_positive(&ManagerAsync::removeData, full_alias3_address);
1251 RUNNER_CHILD_TEST(TA1910_deny_access_invalid_param)
1253 switch_to_storage_user(TEST_LABEL);
1255 test_no_observer(&ManagerAsync::denyAccess, "alias", "accessor");
1256 test_invalid_param(&ManagerAsync::denyAccess, "", "accessor");
1257 test_invalid_param(&ManagerAsync::denyAccess, "alias", "");
1260 RUNNER_TEST(TA1920_deny_access)
1263 CharPtr top_label = get_label();
1264 test_positive(&ManagerAsync::saveData, dbc.data("alias"), test_buffer, Policy());
1265 test_positive(&ManagerAsync::allowAccess,
1268 AccessRight::AR_READ_REMOVE);
1269 test_positive(&ManagerAsync::denyAccess, dbc.data("alias"), TEST_LABEL);
1272 ScopedLabel label(TEST_LABEL);
1274 std::string full_alias_address = aliasWithLabel(top_label.get(), dbc.data("alias"));
1275 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address, "");
1276 test_negative(&ManagerAsync::removeData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address);
1280 RUNNER_TEST(TA9999_deinit)
1283 ControlShPtr control = Control::create();
1284 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->lockUserKey(APP_UID)),
1285 "Error=" << ErrorToString(temp));
1286 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
1287 "Error=" << ErrorToString(temp));