1 #include <dpl/test/test_runner.h>
2 #include <dpl/test/test_runner_child.h>
4 #include <tests_common.h>
5 #include <test-certs.h>
6 #include <ckm-common.h>
7 #include <access_provider2.h>
9 #include <ckm/ckm-manager.h>
10 #include <ckm/ckm-control.h>
11 #include <ckm/ckm-type.h>
13 #include <ckmc/ckmc-manager.h>
14 #include <ckmc/ckmc-control.h>
15 #include <ckmc/ckmc-type.h>
16 #include <ckmc/ckmc-error.h>
18 #include <ckm-common.h>
26 static const int USER_APP = 5000;
27 static const int GROUP_APP = 5000;
37 const char* USER_PASS = "user-pass";
39 int count_aliases(alias_type_ type, int minimum_initial_element_count = 0)
41 ckmc_alias_list_s *aliasList = NULL;
46 ec = ckmc_get_key_alias_list(&aliasList);
50 ec = ckmc_get_cert_alias_list(&aliasList);
54 ec = ckmc_get_data_alias_list(&aliasList);
57 if(ec == CKMC_ERROR_DB_ALIAS_UNKNOWN)
61 ckmc_alias_list_s *plist = aliasList;
68 ckmc_alias_list_all_free(aliasList);
71 return_count >= minimum_initial_element_count,
72 "Error: alias list failed, current element count: " << return_count <<
73 " while expected minimal count of " << minimum_initial_element_count <<
83 "Error: alias list failed, ec: " << CKMCErrorToString(ec));
89 ckmc_raw_buffer_s prepare_message_buffer(const char * input)
91 ckmc_raw_buffer_s retval;
92 retval.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(input));
93 retval.size = strlen(input);
97 } // namespace anonymous
100 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
102 RUNNER_TEST(T3011_Control_C_API)
106 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
107 CKMCReadableError(temp));
109 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
110 CKMCReadableError(temp));
113 RUNNER_TEST(T3012_Control_C_API)
117 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
118 CKMCReadableError(temp));
119 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
120 CKMCReadableError(temp));
123 RUNNER_TEST(T3013_Control_C_API)
127 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
128 CKMCReadableError(temp));
131 RUNNER_TEST(T3014_Control_C_API)
134 const uid_t UNIQUE_USER = 15;
136 // clean up environment
137 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
138 CKMCReadableError(temp));
139 // unlock with default password
140 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
141 CKMCReadableError(temp));
142 // reset password (NULL, "simple-password")
143 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
144 CKMCReadableError(temp));
145 // get rid of NULL DKEK
146 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
147 CKMCReadableError(temp));
149 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
150 CKMCReadableError(temp));
151 // try to reset password when db locked
152 RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
153 CKMCReadableError(temp));
154 // clean up environment
155 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
156 CKMCReadableError(temp));
159 RUNNER_TEST(T3015_Control_C_API)
164 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(20, "test-pass")),
165 CKMCReadableError(temp));
167 CKMC_ERROR_NONE == (temp = ckmc_change_user_password(20, "test-pass", "new-pass")),
168 CKMCReadableError(temp));
169 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
170 CKMCReadableError(temp));
171 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
172 CKMCReadableError(temp));
175 RUNNER_TEST(T3016_Control_C_API)
180 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
181 CKMCReadableError(temp));
183 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
184 CKMCReadableError(temp));
186 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
187 CKMCReadableError(temp));
189 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
190 CKMCReadableError(temp));
193 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
195 RUNNER_TEST(T3021_init_C_API)
200 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
201 CKMCReadableError(temp));
203 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
204 CKMCReadableError(temp));
207 RUNNER_TEST(T3022_key_C_API)
211 ckmc_key_s test_key, *test_key2;
212 ckmc_policy_s test_policy;
214 char* password = NULL;
215 const char *alias = "mykey";
217 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
218 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
219 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
220 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
221 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
222 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
223 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
225 "-----END PUBLIC KEY-----";
227 char* char_keypem = new char[keyPem.length() + 1];
229 std::strcpy(char_keypem, keyPem.c_str());
230 test_key.raw_key = (unsigned char *)char_keypem;
231 test_key.key_size = keyPem.length();
232 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
233 test_key.password = password;
235 test_policy.password = password;
236 test_policy.extractable = 1;
238 test_key2 = &test_key;
241 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
242 CKMCReadableError(temp));
245 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
246 CKMCReadableError(temp));
249 RUNNER_TEST(T3023_certificate_C_API)
253 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
255 char* password = NULL;
259 const char *alias = "test-cert-1-RSA";
261 ckmc_policy_s test_policy;
262 test_policy.password = password;
263 test_policy.extractable = 1;
265 char* char_certPem = new char[certPem.length() + 1];
266 std::strcpy(char_certPem, certPem.c_str());
267 cert.raw_cert = (unsigned char *)char_certPem;
268 cert.cert_size = certPem.length();
269 cert.data_format = CKMC_FORM_PEM;
272 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
273 CKMCReadableError(temp));
276 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
277 CKMCReadableError(temp));
279 ckmc_cert_free(cert2);
282 RUNNER_TEST(T3024_certificate_remove_C_API)
286 char* password = NULL;
288 const char *alias = "test-cert-1-RSA";
291 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
292 CKMCReadableError(temp));
293 ckmc_cert_free(cert2);
296 CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias)),
297 CKMCReadableError(temp));
300 CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias, password, &cert2)),
301 CKMCReadableError(temp));
304 RUNNER_TEST(T3025_certificate_list_C_API)
308 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
310 char* password = NULL;
313 ckmc_policy_s test_policy;
314 test_policy.password = password;
315 test_policy.extractable = 1;
317 char* char_certPem = new char[certPem.length() + 1];
318 std::strcpy(char_certPem, certPem.c_str());
319 cert.raw_cert = (unsigned char *)char_certPem;
320 cert.cert_size = certPem.length();
321 cert.data_format = CKMC_FORM_PEM;
323 int current_aliases_num = count_aliases(ALIAS_CERT);
326 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
327 CKMCReadableError(temp));
330 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
331 CKMCReadableError(temp));
334 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
335 CKMCReadableError(temp));
338 (current_aliases_num+3) == (temp = count_aliases(ALIAS_CERT)),
339 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
343 RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
345 AccessProvider ap("mylabel");
346 ap.allowAPI("key-manager::api-storage", "rw");
347 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
349 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
350 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
351 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
352 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
353 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
354 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
355 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
357 "-----END PUBLIC KEY-----";
361 ckmc_key_s test_key, *test_key2;
362 ckmc_policy_s test_policy;
364 char* password = NULL;
365 const char *passwordPolicy = "x";
366 const char *alias = "mykey";
367 char* char_keypem = new char[keyPem.length() + 1];
369 std::strcpy(char_keypem, keyPem.c_str());
370 test_key.raw_key = (unsigned char *)char_keypem;
371 test_key.key_size = keyPem.length();
372 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
373 test_key.password = password;
375 test_policy.password = const_cast<char *>(passwordPolicy);
376 test_policy.extractable = 1;
378 test_key2 = &test_key;
382 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
383 CKMCReadableError(temp));
385 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
386 CKMCReadableError(temp));
388 // RUNNER_ASSERT_MSG(
389 // key.getDER() == key2.getDER(), "Key value has been changed by service");
392 RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
394 AccessProvider ap("mylabel");
395 ap.allowAPI("key-manager::api-storage", "rw");
396 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
399 auto manager = CKM::Manager::create();
401 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
402 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
403 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
404 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
405 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
406 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
407 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
409 "-----END PUBLIC KEY-----";
411 ckmc_policy_s test_policy;
412 ckmc_key_s test_key, *test_key2;
413 char* char_keypem = new char[keyPem.length() + 1];
414 char* password = NULL;
416 std::strcpy(char_keypem, keyPem.c_str());
417 test_key.raw_key = (unsigned char *)char_keypem;
418 test_key.key_size = keyPem.length();
419 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
420 test_key.password = password;
422 test_policy.password = password;
423 test_policy.extractable = 0;
426 CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
427 CKMCReadableError(temp));
430 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
431 CKMCReadableError(temp));
435 RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
439 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
441 char* password = NULL;
442 ckmc_cert_s *cert2 = NULL;
445 ckmc_policy_s test_policy;
446 test_policy.password = password;
447 test_policy.extractable = 1;
449 char* char_certPem = new char[certPem.length() + 1];
450 std::strcpy(char_certPem, certPem.c_str());
451 cert.raw_cert = (unsigned char *)char_certPem;
452 cert.cert_size = certPem.length();
453 cert.data_format = CKMC_FORM_PEM;
455 const char *alias = "test-cert-1-DSA";
457 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
458 CKMCReadableError(temp));
461 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
462 CKMCReadableError(temp));
464 ckmc_cert_free(cert2);
467 RUNNER_TEST(T3029_deinit_C_API)
471 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
472 CKMCReadableError(temp));
473 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
474 CKMCReadableError(temp));
476 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
477 CKMCReadableError(temp));
479 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
480 CKMCReadableError(temp));
484 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
486 RUNNER_TEST(T3031_init_C_API)
491 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
492 CKMCReadableError(temp));
494 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
495 CKMCReadableError(temp));
498 RUNNER_TEST(T3032_save_keys_get_alias_C_API)
502 char* password = NULL;
503 ckmc_policy_s test_policy1, test_policy2, test_policy3;
506 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
507 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
508 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
509 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
510 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
511 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
512 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
514 "-----END PUBLIC KEY-----";
516 char* char_keypem = new char[keyPem.length() + 1];
518 std::strcpy(char_keypem, keyPem.c_str());
519 test_key.raw_key = (unsigned char *)char_keypem;
520 test_key.key_size = keyPem.length();
521 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
522 test_key.password = password;
524 test_policy1.password = password;
525 test_policy1.extractable = 1;
527 test_policy2.password = password;
528 test_policy2.extractable = 0;
530 test_policy3.password = password;
531 test_policy3.extractable = 0;
533 int current_aliases_num = count_aliases(ALIAS_KEY);
536 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
537 CKMCReadableError(temp));
540 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
541 CKMCReadableError(temp));
544 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
545 CKMCReadableError(temp));
548 (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
549 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
553 RUNNER_TEST(T3033_remove_key_C_API)
557 char* password = NULL;
559 ckmc_key_s *test_key2;
561 CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
562 CKMCReadableError(temp));
565 CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
566 CKMCReadableError(temp));
569 CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
570 CKMCReadableError(temp));
573 RUNNER_TEST(T3034_deinit_C_API)
577 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
578 CKMCReadableError(temp));
579 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
580 CKMCReadableError(temp));
582 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
583 CKMCReadableError(temp));
585 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
586 CKMCReadableError(temp));
589 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
591 RUNNER_TEST(T3041_init_C_API)
595 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
596 CKMCReadableError(temp));
598 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
599 CKMCReadableError(temp));
602 RUNNER_TEST(T3042_save_get_bin_data_C_API)
606 ckmc_raw_buffer_s testData1, testData2, testData3;
607 char* password = NULL;
609 std::string binData1 = "My bin data1";
610 std::string binData2 = "My bin data2";
611 std::string binData3 = "My bin data3";
612 char* char_binData1 = new char[binData1.length() + 1];
613 char* char_binData2 = new char[binData2.length() + 1];
614 char* char_binData3 = new char[binData3.length() + 1];
615 std::strcpy(char_binData1, binData1.c_str());
616 std::strcpy(char_binData2, binData2.c_str());
617 std::strcpy(char_binData3, binData3.c_str());
618 testData1.data = (unsigned char *) char_binData1;
619 testData2.data = (unsigned char *) char_binData2;
620 testData3.data = (unsigned char *) char_binData3;
621 testData1.size = binData1.length()+1;
622 testData2.size = binData2.length()+1;
623 testData3.size = binData3.length()+1;
625 ckmc_policy_s test_policy1, test_policy2, test_policy3;
627 test_policy1.password = password;
628 test_policy1.extractable = 1;
629 test_policy2.password = password;
630 test_policy2.extractable = 1;
631 test_policy3.password = password;
632 test_policy3.extractable = 0;
634 int current_aliases_num = count_aliases(ALIAS_DATA);
637 CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
638 CKMCReadableError(temp));
641 CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
642 CKMCReadableError(temp));
645 CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
646 CKMCReadableError(temp));
649 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
650 CKMCReadableError(temp));
653 (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
654 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
656 ckmc_raw_buffer_s *testData4;
658 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
659 CKMCReadableError(temp));
662 compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
663 RUNNER_ASSERT_MSG( compareResult == 0,
667 RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
669 AccessProvider ap("mylabel");
670 ap.allowAPI("key-manager::api-storage", "rw");
671 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
674 ckmc_raw_buffer_s testData1;
675 char* password = NULL;
676 std::string binData1 = "My bin data";
677 char* char_binData1 = new char[binData1.length() + 1];
678 std::strcpy(char_binData1, binData1.c_str());
679 testData1.data = (unsigned char *) char_binData1;
680 testData1.size = binData1.length()+1;
682 ckmc_policy_s test_policy1, test_policy2;
684 test_policy1.password = password;
685 test_policy1.extractable = 1;
687 test_policy2.password = password;
688 test_policy2.extractable = 1;
690 std::string binData = "My bin data";
692 int current_aliases_num = count_aliases(ALIAS_DATA);
695 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
696 CKMCReadableError(temp));
698 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
699 CKMCReadableError(temp));
701 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
702 CKMCReadableError(temp));
705 (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
706 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
709 RUNNER_TEST(T3044_remove_bin_data_C_API)
713 int current_aliases_num = count_aliases(ALIAS_DATA, 2);
716 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
717 CKMCReadableError(temp));
719 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
720 CKMCReadableError(temp));
723 (current_aliases_num-2) == (temp = count_aliases(ALIAS_DATA)),
724 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << temp);
726 char* password = NULL;
728 ckmc_raw_buffer_s *testData1, testData2;
730 std::string testStr = "My bin data2";
731 char* char_testData2 = new char[testStr.length() + 1];
732 std::strcpy(char_testData2, testStr.c_str());
733 testData2.data = (unsigned char *) char_testData2;
734 testData2.size = testStr.length()+1;
736 CKM::RawBuffer buffer;
738 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
739 CKMCReadableError(temp));
742 compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
743 RUNNER_ASSERT_MSG( compareResult == 0,
747 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
748 CKMCReadableError(temp));
751 RUNNER_TEST(T3045_deinit_C_API)
756 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
757 CKMCReadableError(temp));
759 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
760 CKMCReadableError(temp));
762 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
763 CKMCReadableError(temp));
765 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
766 CKMCReadableError(temp));
769 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
771 RUNNER_TEST(T3051_CAPI_init)
776 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
777 CKMCReadableError(temp));
780 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
781 CKMCReadableError(temp));
784 RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
788 AccessProvider ap("mylabel");
789 ap.allowAPI("key-manager::api-storage", "rw");
790 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
793 const char *private_key_alias = "RSA-test-1-priv";
794 const char *public_key_alias = "RSA-test-1-pub";
795 ckmc_policy_s policy_private_key;
796 ckmc_policy_s policy_public_key;
798 policy_private_key.password = NULL;
799 policy_private_key.extractable = 1;
801 policy_public_key.password = NULL;
802 policy_public_key.extractable = 1;
805 int current_aliases_num = count_aliases(ALIAS_KEY);
808 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
809 CKMCReadableError(temp));
812 (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
813 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
815 ckmc_key_s *privateKey;
817 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
818 CKMCReadableError(temp));
820 privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
821 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
823 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
824 "Private key is broken.");
826 ckmc_key_s *publicKey;
828 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
829 CKMCReadableError(temp));
831 publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
832 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
834 publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
835 "Public key is broken.");
837 // on next attempt to generate keys with the same alias, expect fail (alias exists)
839 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
840 CKMCReadableError(temp));
843 RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
847 AccessProvider ap("mylabel");
848 ap.allowAPI("key-manager::api-storage", "rw");
849 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
852 const char *private_key_alias = "DSA-test-2-priv";
853 const char *public_key_alias = "DSA-test-2-pub";
854 ckmc_policy_s policy_private_key;
855 ckmc_policy_s policy_public_key;
857 policy_private_key.password = NULL;
858 policy_private_key.extractable = 1;
860 policy_public_key.password = NULL;
861 policy_public_key.extractable = 1;
863 int current_aliases_num = count_aliases(ALIAS_KEY);
866 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
867 CKMCReadableError(temp));
870 (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
871 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
873 ckmc_key_s *privateKey = 0;
875 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
876 CKMCReadableError(temp));
878 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
879 "Private key is broken.");
881 privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
882 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
883 ckmc_key_free(privateKey);
885 ckmc_key_s *pubKey = 0;
887 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
888 CKMCReadableError(temp));
890 pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
891 "Public key is broken.");
893 pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
894 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
895 ckmc_key_free(pubKey);
897 // on next attempt to generate keys with the same alias, expect fail (alias exists)
899 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
900 CKMCReadableError(temp));
904 RUNNER_TEST(T3054_CAPI_deinit)
909 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
910 CKMCReadableError(temp));
912 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
913 CKMCReadableError(temp));
917 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
919 RUNNER_TEST(T3061_CAPI_init)
923 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
924 CKMCReadableError(temp));
926 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
927 CKMCReadableError(temp));
929 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
930 CKMCReadableError(temp));
932 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
933 CKMCReadableError(temp));
936 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
941 const char *private_key_alias = "rsa-test-1";
942 const char *public_key_alias = "rsa-test-2";
943 ckmc_policy_s policy_private_key;
944 ckmc_policy_s policy_public_key;
946 policy_private_key.password = const_cast<char *>("privatepassword");
947 policy_private_key.extractable = 0;
949 policy_public_key.password = NULL;
950 policy_public_key.extractable = 1;
953 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
954 CKMCReadableError(temp));
956 // on next attempt to generate keys with the same alias, expect fail (alias exists)
958 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
959 CKMCReadableError(temp));
962 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
967 const char *private_key_alias = "dsa-test-1";
968 const char *public_key_alias = "dsa-test-2";
969 ckmc_policy_s policy_private_key;
970 ckmc_policy_s policy_public_key;
972 policy_private_key.password = const_cast<char *>("privatepassword");
973 policy_private_key.extractable = 0;
975 policy_public_key.password = NULL;
976 policy_public_key.extractable = 1;
979 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
980 CKMCReadableError(temp));
983 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
987 ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
988 const char *private_key_alias = "ecdsa-test-1";
989 const char *public_key_alias = "ecdsa-test-2";
990 ckmc_policy_s policy_private_key;
991 ckmc_policy_s policy_public_key;
993 policy_private_key.password = const_cast<char *>("privatepassword");
994 policy_private_key.extractable = 0;
996 policy_public_key.password = NULL;
997 policy_public_key.extractable = 1;
1000 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1001 CKMCReadableError(temp));
1004 RUNNER_TEST(T3065_CAPI_deinit)
1009 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1010 CKMCReadableError(temp));
1012 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1013 CKMCReadableError(temp));
1017 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
1021 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
1023 RUNNER_TEST(T3071_CAPI_init)
1027 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1028 CKMCReadableError(temp));
1031 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
1033 std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
1034 std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
1037 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1038 c_cert.cert_size = ee.size();
1039 c_cert.data_format = CKMC_FORM_PEM;
1041 ckmc_cert_s c_cert1;
1042 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1043 c_cert1.cert_size = im.size();
1044 c_cert1.data_format = CKMC_FORM_PEM;
1046 ckmc_cert_list_s untrustedcerts;
1047 untrustedcerts.cert = &c_cert1;
1048 untrustedcerts.next = NULL;
1050 ckmc_cert_list_s *cert_chain_list;
1052 int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
1054 CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1056 RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1058 ckmc_ocsp_status_e ocsp_status;
1059 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1060 RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1063 RUNNER_TEST(T3075_CAPI_deinit)
1068 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1069 CKMCReadableError(temp));
1071 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1072 CKMCReadableError(temp));
1076 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1078 RUNNER_TEST(T3081_CAPI__init)
1083 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1084 CKMCReadableError(temp));
1087 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1088 CKMCReadableError(temp));
1091 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1092 CKMCReadableError(temp));
1095 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1096 CKMCReadableError(temp));
1099 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1103 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1104 "Proc-Type: 4,ENCRYPTED\n"
1105 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1107 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1108 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1109 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1110 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1111 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1112 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1113 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1114 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1115 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1116 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1117 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1118 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1119 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1120 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1121 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1122 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1123 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1124 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1125 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1126 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1127 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1128 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1129 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1130 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1131 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1132 "-----END RSA PRIVATE KEY-----\n";
1134 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1135 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1136 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1137 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1138 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1139 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1140 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1142 "-----END PUBLIC KEY-----\n";
1144 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1146 const char *pub_alias = "pub1";
1147 const char *pri_alias = "prv1";
1148 const char *key_passwd = "1234";
1149 char *pri_passwd = NULL;
1150 char *pub_passwd = NULL;
1151 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1152 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1153 ckmc_raw_buffer_s *signature;
1156 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1157 pubkey.key_size = pub.size();
1158 pubkey.key_type = CKMC_KEY_NONE;
1159 pubkey.password = NULL;
1161 ckmc_policy_s pubpolicy;
1162 pubpolicy.password = pub_passwd;
1163 pubpolicy.extractable = 0;
1165 ckmc_policy_s pripolicy;
1166 pripolicy.password = pri_passwd;
1167 pripolicy.extractable = 1;
1170 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1171 prikey.key_size = prv.size();
1172 prikey.key_type = CKMC_KEY_NONE;
1173 prikey.password = const_cast<char *>(key_passwd);
1177 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1178 CKMCReadableError(temp));
1181 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1182 CKMCReadableError(temp));
1185 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1192 CKMCReadableError(temp));
1195 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1202 CKMCReadableError(temp));
1205 RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
1209 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1210 const char *pub_alias = "pub1";
1211 const char *pri_alias = "prv1";
1212 char *pri_passwd = NULL;
1213 char *pub_passwd = NULL;
1214 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1215 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1216 ckmc_raw_buffer_s *signature;
1219 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1226 CKMCReadableError(temp));
1229 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1236 CKMCReadableError(temp));
1238 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1239 memcpy((void*)signature->data, "BROKEN", 6);
1242 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1249 CKMCReadableError(temp));
1252 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1256 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1257 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1258 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1259 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1260 "-----END EC PRIVATE KEY-----\n";
1262 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1263 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1264 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1265 "-----END PUBLIC KEY-----\n";
1267 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1268 const char *pri_alias = "ecprv2";
1269 const char *pub_alias = "ecpub2";
1270 char *key_passwd = NULL;
1271 char *pri_passwd = NULL;
1272 char *pub_passwd = NULL;
1273 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1274 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1275 ckmc_raw_buffer_s *signature;
1278 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1279 pubkey.key_size = pub.size();
1280 pubkey.key_type = CKMC_KEY_NONE;
1281 pubkey.password = NULL;
1283 ckmc_policy_s pubpolicy;
1284 pubpolicy.password = pub_passwd;
1285 pubpolicy.extractable = 1;
1288 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1289 prikey.key_size = prv.size();
1290 prikey.key_type = CKMC_KEY_NONE;
1291 prikey.password = key_passwd;
1293 ckmc_policy_s pripolicy;
1294 pripolicy.password = pri_passwd;
1295 pripolicy.extractable = 0;
1298 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1299 CKMCReadableError(temp));
1301 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1302 CKMCReadableError(temp));
1305 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1312 CKMCReadableError(temp));
1315 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1322 CKMCReadableError(temp));
1324 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1325 memcpy((void*)signature->data, "BROKEN", 6);
1328 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1335 CKMCReadableError(temp));
1338 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1343 "-----BEGIN RSA PRIVATE KEY-----\n"
1344 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1345 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1346 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1347 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1348 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1349 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1350 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1351 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1352 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1353 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1354 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1355 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1356 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1357 "-----END RSA PRIVATE KEY-----\n";
1360 "-----BEGIN CERTIFICATE-----\n"
1361 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1362 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1363 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1364 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1365 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1366 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1367 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1368 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1369 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1370 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1371 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1372 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1373 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1374 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1375 "-----END CERTIFICATE-----\n";
1377 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1379 const char *pri_alias = "prv3";
1380 const char *pub_alias = "pub3";
1381 char *key_passwd = NULL;
1382 char *pri_passwd = NULL;
1383 char *pub_passwd = NULL;
1384 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1385 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1386 ckmc_raw_buffer_s *signature;
1389 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1390 cert.cert_size = pub.size();
1391 cert.data_format = CKMC_FORM_PEM;
1393 ckmc_policy_s certpolicy;
1394 certpolicy.password = pub_passwd;
1395 certpolicy.extractable = 1;
1398 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1399 prikey.key_size = prv.size();
1400 prikey.key_type = CKMC_KEY_NONE;
1401 prikey.password = key_passwd;
1403 ckmc_policy_s pripolicy;
1404 pripolicy.password = pri_passwd;
1405 pripolicy.extractable = 0;
1408 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
1409 CKMCReadableError(temp));
1411 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1412 CKMCReadableError(temp));
1416 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1423 CKMCReadableError(temp));
1426 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1433 CKMCReadableError(temp));
1435 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1436 memcpy((void*)signature->data, "BROKEN", 6);
1439 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1446 CKMCReadableError(temp));
1449 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1453 const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1454 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1455 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1456 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1457 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1458 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1459 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1460 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1461 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1462 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1463 "YMYCBhubtrVaLmc=\n"
1464 "-----END PUBLIC KEY-----";
1466 const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1467 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1468 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1469 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1470 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1471 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1472 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1473 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1474 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1475 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1476 "u1roOuaPY+Hl19BlTE2qdw==\n"
1477 "-----END DSA PRIVATE KEY-----";
1479 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1481 const char *pub_alias = "dsa-pub1";
1482 const char *pri_alias = "dsa-prv1";
1483 char *pri_passwd = NULL;
1484 char *pub_passwd = NULL;
1485 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1486 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1487 ckmc_raw_buffer_s *signature = NULL;
1490 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1491 pubkey.key_size = pub.size();
1492 pubkey.key_type = CKMC_KEY_NONE;
1493 pubkey.password = NULL;
1495 ckmc_policy_s pubpolicy;
1496 pubpolicy.password = pub_passwd;
1497 pubpolicy.extractable = 0;
1499 ckmc_policy_s pripolicy;
1500 pripolicy.password = pri_passwd;
1501 pripolicy.extractable = 1;
1504 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
1505 prikey.key_size = priv.size();
1506 prikey.key_type = CKMC_KEY_NONE;
1507 prikey.password = NULL;
1511 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1512 CKMCReadableError(temp));
1515 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1516 CKMCReadableError(temp));
1519 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1526 CKMCReadableError(temp));
1530 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1537 CKMCReadableError(temp));
1540 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1542 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1549 CKMCReadableError(temp));
1551 ckmc_buffer_free(signature);
1554 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1559 ckmc_policy_s policy_private_key;
1560 ckmc_policy_s policy_public_key;
1562 policy_private_key.password = NULL;
1563 policy_private_key.extractable = 1;
1565 policy_public_key.password = NULL;
1566 policy_public_key.extractable = 1;
1568 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1570 const char *pub_alias = "dsa-pub2";
1571 const char *pri_alias = "dsa-prv2";
1574 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias, pub_alias, policy_private_key, policy_public_key)),
1577 char *pri_passwd = NULL;
1578 char *pub_passwd = NULL;
1579 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1580 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1581 ckmc_raw_buffer_s *signature;
1583 ckmc_key_s *pubkey = NULL;
1584 ckmc_key_s *prikey = NULL;
1586 CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias, 0, &prikey)),
1587 CKMCReadableError(temp));
1590 CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias, 0, &pubkey)),
1591 CKMCReadableError(temp));
1594 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1601 CKMCReadableError(temp));
1605 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1612 CKMCReadableError(temp));
1615 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1617 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1624 CKMCReadableError(temp));
1626 ckmc_key_free(prikey);
1627 ckmc_key_free(pubkey);
1628 ckmc_buffer_free(signature);
1631 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
1636 "-----BEGIN EC PRIVATE KEY-----\n"
1637 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1638 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1639 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1640 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1641 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1642 "ELyhe7yPCAuOoLZlTLgf\n"
1643 "-----END EC PRIVATE KEY-----\n";
1646 "-----BEGIN CERTIFICATE-----\n"
1647 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1648 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1649 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1650 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1651 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1652 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1653 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1654 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1655 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1656 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1657 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1658 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1659 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1660 "Q1oBry6NEc+lLFmWMDesAA==\n"
1661 "-----END CERTIFICATE-----\n";
1663 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1665 const char *pri_alias = "prv4";
1666 const char *pub_alias = "pub4";
1667 char *key_passwd = NULL;
1668 char *pri_passwd = NULL;
1669 char *pub_passwd = NULL;
1670 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1671 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1672 ckmc_raw_buffer_s *signature;
1675 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1676 cert.cert_size = pub.size();
1677 cert.data_format = CKMC_FORM_PEM;
1679 ckmc_policy_s certpolicy;
1680 certpolicy.password = pub_passwd;
1681 certpolicy.extractable = 1;
1684 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1685 prikey.key_size = prv.size();
1686 prikey.key_type = CKMC_KEY_NONE;
1687 prikey.password = key_passwd;
1689 ckmc_policy_s pripolicy;
1690 pripolicy.password = pri_passwd;
1691 pripolicy.extractable = 0;
1695 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
1696 CKMCReadableError(temp));
1698 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1699 CKMCReadableError(temp));
1702 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1709 CKMCReadableError(temp));
1712 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1719 CKMCReadableError(temp));
1721 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1722 memcpy((void*)signature->data, "BROKEN", 6);
1725 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1732 CKMCReadableError(temp));
1735 RUNNER_TEST(T3089_CAPI__deinit)
1740 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1741 CKMCReadableError(temp));
1743 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1744 CKMCReadableError(temp));
1748 //#######################################################################################
1750 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
1752 RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
1753 RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
1755 if(key->password != NULL && password != NULL) {
1756 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
1757 }else if(key->password == NULL && password == NULL) {
1758 RUNNER_ASSERT_MSG(true, "Password Error" );
1760 RUNNER_ASSERT_MSG(false, "Password Error" );
1763 if(key->raw_key != NULL && raw_key != NULL) {
1764 for(unsigned int i=0; i<key_size; i++) {
1765 RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
1767 }else if(key->raw_key == NULL && raw_key == NULL) {
1768 RUNNER_ASSERT_MSG(true, "Raw Key Error" );
1770 RUNNER_ASSERT_MSG(false, "Raw Key Error" );
1774 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
1776 RUNNER_TEST(T3091_CAPI_TYPE_init)
1780 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1781 CKMCReadableError(temp));
1783 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1784 CKMCReadableError(temp));
1786 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1787 CKMCReadableError(temp));
1789 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1790 CKMCReadableError(temp));
1793 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
1795 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1796 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1797 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1798 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1799 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1800 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1801 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1803 "-----END PUBLIC KEY-----";
1805 unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1806 unsigned int key_size = keyPem.size();
1807 ckmc_key_type_e key_type = CKMC_KEY_NONE;
1808 char *password = const_cast< char *>("");
1811 ckmc_key_new(raw_key, key_size, key_type, password, &key);
1813 _assertKey(key, raw_key, key_size, key_type, password);
1816 char *passwordNull = NULL;
1818 ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
1819 ckmc_key_free(key2);
1822 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
1824 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1825 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1826 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1827 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1828 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1829 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1830 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1832 "-----END PUBLIC KEY-----";
1834 unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
1835 unsigned int size = keyPem.size();
1837 ckmc_raw_buffer_s *buff;
1838 ckmc_buffer_new(data, size, &buff);
1840 RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
1842 if(buff->data != NULL && data != NULL) {
1843 for(unsigned int i=0; i<size; i++) {
1844 RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
1846 }else if(buff->data == NULL && data == NULL) {
1847 RUNNER_ASSERT_MSG(true, "Raw data Error" );
1849 RUNNER_ASSERT_MSG(false, "Raw data Error" );
1852 ckmc_buffer_free(buff);
1855 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
1857 std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
1859 unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
1860 unsigned int size = certPem.size();
1861 ckmc_data_format_e form = CKMC_FORM_PEM;
1863 ckmc_cert_s *ckmCert;
1864 ckmc_cert_new(raw_cert, size, form, &ckmCert);
1866 RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
1868 if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
1869 for(unsigned int i=0; i<size; i++) {
1870 RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
1872 }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
1873 RUNNER_ASSERT_MSG(true, "raw_cert Error" );
1875 RUNNER_ASSERT_MSG(false, "raw_cert Error" );
1878 RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
1880 ckmc_cert_free(ckmCert);
1884 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
1888 std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
1890 const char *file_name = "/tmp/ckmc_test_cert.pem";
1894 cert_file = fopen(file_name, "w");
1895 fprintf(cert_file, "%s",certStr.c_str());
1901 CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
1902 CKMCReadableError(ret));
1905 pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
1907 const char *lcert_alias = "lcert_alias";
1908 ckmc_policy_s policy;
1909 policy.password = NULL;
1910 policy.extractable = 1;
1913 CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias, *pcert, policy)),
1914 CKMCReadableError(ret));
1919 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
1920 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
1921 const char *password = "password";
1925 ckmc_key_s *private_key = NULL;
1926 ckmc_cert_s *cert = NULL;
1927 ckmc_cert_list_s *ca_cert_list = NULL;
1930 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
1931 &private_key, &cert, &ca_cert_list)),
1933 RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
1934 RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
1935 RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
1937 ckmc_policy_s policy;
1938 policy.password = NULL;
1939 policy.extractable = 1;
1942 const char *pkey_alias = "pkey_alias";
1944 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *private_key, policy)),
1945 CKMCReadableError(temp));
1947 const char *cert_alias = "cert_alias";
1949 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *cert, policy)),
1950 CKMCReadableError(temp));
1951 std::string caCertAlias = "ca_cert_alias_";
1952 const char *idx = "0";
1954 ckmc_cert_list_s *tmpList = ca_cert_list;
1955 while(tmpList != NULL) {
1956 caCertAlias.append(idx);
1958 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
1959 CKMCReadableError(temp));
1960 tmpList = tmpList->next;
1964 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
1966 ckmc_key_free(private_key);
1967 ckmc_cert_free(cert);
1968 ckmc_cert_list_all_free(ca_cert_list);
1971 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
1972 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
1973 const char *password = "password";
1977 ckmc_pkcs12_s *ppkcs12 = NULL;
1980 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
1981 CKMCReadableError(temp));
1982 RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
1983 RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
1984 RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
1986 ckmc_policy_s policy;
1987 policy.password = NULL;
1988 policy.extractable = 1;
1991 const char *pkey_alias = "pkey_alias2";
1993 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *(ppkcs12->priv_key), policy)),
1994 CKMCReadableError(temp));
1996 const char *cert_alias = "cert_alias2";
1998 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *(ppkcs12->cert), policy)),
1999 CKMCReadableError(temp));
2000 std::string caCertAlias = "ca_cert_alias_2_";
2001 const char *idx = "0";
2003 ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
2004 while(tmpList != NULL) {
2005 caCertAlias.append(idx);
2007 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2008 CKMCReadableError(temp));
2009 tmpList = tmpList->next;
2013 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2015 ckmc_pkcs12_free(ppkcs12);
2018 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
2022 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2023 CKMCReadableError(temp));
2025 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2026 CKMCReadableError(temp));
2028 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2029 CKMCReadableError(temp));
2031 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2032 CKMCReadableError(temp));
2035 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
2039 const char* alias_PKCS_exportable = "CAPI-test-PKCS-export";
2040 const char* alias_PKCS_not_exportable = "CAPI-test-PKCS-no-export";
2043 RUNNER_TEST(T3101_CAPI_PKCS12_init)
2047 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2048 CKMCReadableError(temp));
2050 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "PKCS-pass")),
2051 CKMCReadableError(temp));
2054 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
2056 const char *wrong_passwd = "wrong";
2057 ckmc_pkcs12_s *ppkcs12 = NULL;
2060 CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
2061 CKMCReadableError(temp));
2064 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
2066 ckmc_pkcs12_s *ppkcs12 = NULL;
2069 CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
2070 CKMCReadableError(temp));
2072 RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
2073 RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
2074 RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
2077 ckmc_policy_s exportable;
2078 exportable.password = NULL;
2079 exportable.extractable = 1;
2080 ckmc_policy_s notExportable;
2081 notExportable.password = NULL;
2082 notExportable.extractable = 0;
2085 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
2086 CKMCReadableError(temp));
2088 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
2089 CKMCReadableError(temp));
2091 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
2092 CKMCReadableError(temp));
2094 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
2095 CKMCReadableError(temp));
2097 // try to lookup key
2098 ckmc_key_s *key_lookup = NULL;
2100 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
2101 CKMCReadableError(temp));
2102 ckmc_key_free(key_lookup);
2105 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable, "", &key_lookup)),
2106 CKMCReadableError(temp));
2107 ckmc_key_free(key_lookup);
2109 // try to lookup certificate
2110 ckmc_cert_s *cert_lookup = NULL;
2112 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
2113 CKMCReadableError(temp));
2114 ckmc_cert_free(cert_lookup);
2117 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
2118 CKMCReadableError(temp));
2119 ckmc_cert_free(cert_lookup);
2122 RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
2125 ckmc_pkcs12_s *pkcs = NULL;
2129 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12("i-do-not-exist", NULL, NULL, &pkcs)),
2130 CKMCReadableError(temp));
2131 ckmc_pkcs12_free(pkcs);
2134 // fail - not exportable
2136 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable, NULL, NULL, &pkcs)),
2137 CKMCReadableError(temp));
2138 ckmc_pkcs12_free(pkcs);
2141 // success - exportable
2143 CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable, NULL, NULL, &pkcs)),
2144 CKMCReadableError(temp));
2146 RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2147 RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2148 RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2150 ckmc_cert_list_s *iter = pkcs->ca_chain;
2155 RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2157 ckmc_pkcs12_free(pkcs);
2160 RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
2162 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2165 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2166 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2167 ckmc_raw_buffer_s *signature = NULL;
2170 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2171 alias_PKCS_exportable,
2177 CKMCReadableError(temp));
2180 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2181 alias_PKCS_exportable,
2187 CKMCReadableError(temp));
2190 RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
2194 // remove the whole PKCS12 bundles
2196 CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_exportable)),
2197 CKMCReadableError(tmp));
2199 CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_not_exportable)),
2200 CKMCReadableError(tmp));
2202 // expect lookup fails due to unknown alias
2203 // try to lookup key
2204 ckmc_key_s *key_lookup = NULL;
2206 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
2207 CKMCReadableError(tmp));
2208 ckmc_key_free(key_lookup);
2211 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable, NULL, &key_lookup)),
2212 CKMCReadableError(tmp));
2213 ckmc_key_free(key_lookup);
2215 // try to lookup certificate
2216 ckmc_cert_s *cert_lookup = NULL;
2218 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
2219 CKMCReadableError(tmp));
2220 ckmc_cert_free(cert_lookup);
2223 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
2224 CKMCReadableError(tmp));
2225 ckmc_cert_free(cert_lookup);
2228 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2231 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2232 CKMCReadableError(temp));
2233 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2234 CKMCReadableError(temp));
2238 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2240 RUNNER_TEST(T3201_CAPI_unlock_database)
2243 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2244 CKMCReadableError(temp));
2245 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2246 CKMCReadableError(temp));
2247 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
2248 CKMCReadableError(temp));
2251 RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
2254 char alias[10] = "mykey";
2255 char *password = NULL;
2256 ckmc_key_s *test_key = NULL;
2259 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias, password, &test_key)),
2262 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2265 RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
2268 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2269 CKMCReadableError(temp));
2272 RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
2275 char alias[10] = "mykey";
2276 char *password = NULL;
2277 ckmc_key_s *test_key = NULL;
2280 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key)),
2281 CKMCReadableError(temp));
2283 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2286 RUNNER_TEST(T3204_deinit)
2289 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2290 CKMCReadableError(temp));
projects / platform / core / test / security-tests.git / blob