3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <access_provider2.h>
9 #include <ckm-common.h>
10 #include <ckm/ckm-manager.h>
11 #include <ckm/ckm-control.h>
12 #include <ckm/ckm-password.h>
13 #include <ckm/ckm-type.h>
14 #include <ckm/ckm-pkcs12.h>
18 #include <openssl/x509.h>
19 #include <openssl/x509v3.h>
21 #include <dpl/log/log.h>
24 const int USER_APP = 5000;
25 const int GROUP_APP = 5000;
26 const int USER_TEST = 5001;
28 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
29 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
30 } // namespace anonymous
33 * How to numerate tests:
35 * T - test case (always T)
36 * AB - number of test group (always two digits)
37 * C - test number in group (all tests with same TABC must be run in the same time).
41 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
42 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
43 stop_service(MANAGER);
44 start_service(MANAGER);
46 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
47 std::istreambuf_iterator<char> begin(is), end;
48 std::vector<char> buff(begin, end);
50 CKM::RawBuffer buffer(buff.size());
51 memcpy(buffer.data(), buff.data(), buff.size());
53 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
56 "Error in PKCS12::create()");
58 // all further tests will start with newly started service,
59 // OpenSSL on the service side will have to be properly initialized too
60 stop_service(MANAGER);
61 start_service(MANAGER);
64 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
66 RUNNER_TEST(T0011_Control)
69 auto control = CKM::Control::create();
71 control->removeUserData(0);
72 control->removeUserData(20);
73 control->removeUserData(USER_APP);
76 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
77 "Error=" << CKM::ErrorToString(temp));
80 RUNNER_TEST(T0012_Control)
83 auto control = CKM::Control::create();
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
86 "Error=" << CKM::ErrorToString(temp));
88 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
89 "Error=" << CKM::ErrorToString(temp));
92 RUNNER_TEST(T0013_Control)
95 auto control = CKM::Control::create();
97 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
98 "Error=" << CKM::ErrorToString(temp));
101 RUNNER_TEST(T0014_Control)
104 auto control = CKM::Control::create();
106 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "simple-password")),
107 "Error=" << CKM::ErrorToString(temp));
110 RUNNER_TEST(T0015_Control)
113 auto control = CKM::Control::create();
115 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
116 "Error=" << CKM::ErrorToString(temp));
118 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
119 "Error=" << CKM::ErrorToString(temp));
121 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
122 "Error=" << CKM::ErrorToString(temp));
124 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
125 "Error=" << CKM::ErrorToString(temp));
128 RUNNER_TEST(T0016_Control_negative_wrong_password)
131 auto control = CKM::Control::create();
132 RUNNER_ASSERT_MSG_BT(
133 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
134 "Error=" << CKM::ErrorToString(temp));
135 RUNNER_ASSERT_MSG_BT(
136 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
137 "Error=" << CKM::ErrorToString(temp));
138 RUNNER_ASSERT_MSG_BT(
139 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
140 "Error=" << CKM::ErrorToString(temp));
141 RUNNER_ASSERT_MSG_BT(
142 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
143 "Error=" << CKM::ErrorToString(temp));
144 RUNNER_ASSERT_MSG_BT(
145 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
146 "Error=" << CKM::ErrorToString(temp));
149 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
151 RUNNER_TEST(T1010_init)
154 auto control = CKM::Control::create();
156 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
157 "Error=" << CKM::ErrorToString(temp));
159 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
160 "Error=" << CKM::ErrorToString(temp));
163 RUNNER_TEST(T1011_key)
166 auto manager = CKM::Manager::create();
168 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
169 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
170 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
171 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
172 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
173 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
174 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
176 "-----END PUBLIC KEY-----";
178 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
179 auto key = CKM::Key::create(buffer, CKM::Password());
181 CKM::Alias alias = "mykey";
184 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
185 "Error=" << CKM::ErrorToString(temp));
187 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
188 "Error=" << CKM::ErrorToString(temp));
190 key->getDER() == key2->getDER(),
191 "Key value has been changed by service");
194 RUNNER_TEST(T1012_certificate)
197 auto manager = CKM::Manager::create();
199 std::string certPem =
200 "-----BEGIN CERTIFICATE-----\n"
201 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
202 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
203 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
204 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
205 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
206 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
207 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
208 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
209 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
210 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
211 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
212 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
213 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
214 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
215 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
216 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
217 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
218 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
219 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
220 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
221 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
222 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
223 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
224 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
226 "-----END CERTIFICATE-----\n";
228 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
229 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
230 CKM::CertificateShPtr cert2;
231 CKM::Alias alias = "myCert";
234 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
235 "Error=" << CKM::ErrorToString(temp));
237 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
238 "Error=" << CKM::ErrorToString(temp));
240 cert->getDER() == cert2->getDER(),
241 "Data has been modified in key manager");
244 RUNNER_CHILD_TEST(T1013_user_app_save_key)
246 AccessProvider ap("mylabel");
247 ap.allowAPI("key-manager::api-storage", "rw");
248 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
250 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
251 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
252 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
253 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
254 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
255 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
256 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
258 "-----END PUBLIC KEY-----";
261 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
262 auto key = CKM::Key::create(buffer, CKM::Password());
264 CKM::Alias alias = "mykey";
265 auto manager = CKM::Manager::create();
268 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
269 "Error=" << CKM::ErrorToString(temp));
271 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
272 "Error=" << CKM::ErrorToString(temp));
274 key->getDER() == key2->getDER(), "Key value has been changed by service");
277 RUNNER_TEST(T1014_save_with_label)
280 auto manager = CKM::Manager::create();
282 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
283 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
284 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
285 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
286 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
287 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
288 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
290 "-----END PUBLIC KEY-----";
292 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
293 auto key = CKM::Key::create(buffer, CKM::Password());
294 CKM::KeyShPtr key_name, key_full_addr;
295 CKM::Alias alias = "mykey-2";
296 CharPtr top_label = get_label();
297 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
300 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
301 "Error=" << CKM::ErrorToString(temp));
305 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
306 "Error=" << CKM::ErrorToString(temp));
308 key->getDER() == key_name->getDER(),
309 "Key value has been changed by service");
311 // lookup by full address
313 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
314 "Error=" << CKM::ErrorToString(temp));
316 key->getDER() == key_full_addr->getDER(),
317 "Key value has been changed by service");
320 RUNNER_TEST(T1015_deinit)
323 auto control = CKM::Control::create();
326 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
327 "Error=" << CKM::ErrorToString(temp));
329 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
330 "Error=" << CKM::ErrorToString(temp));
332 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
333 "Error=" << CKM::ErrorToString(temp));
335 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
336 "Error=" << CKM::ErrorToString(temp));
339 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
341 RUNNER_TEST(T1020_init)
344 auto control = CKM::Control::create();
346 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
347 "Error=" << CKM::ErrorToString(temp));
349 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
350 "Error=" << CKM::ErrorToString(temp));
353 RUNNER_TEST(T1021_save_keys_get_alias)
356 auto manager = CKM::Manager::create();
358 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
359 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
360 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
361 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
362 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
363 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
364 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
366 "-----END PUBLIC KEY-----";
368 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
369 auto key = CKM::Key::create(buffer, CKM::Password());
370 CKM::AliasVector labelAliasVector;
373 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
374 "Error=" << CKM::ErrorToString(temp));
376 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
377 "Error=" << CKM::ErrorToString(temp));
379 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
380 "Error=" << CKM::ErrorToString(temp));
382 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
383 "Error=" << CKM::ErrorToString(temp));
385 labelAliasVector.size() == 3,
386 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
389 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
391 AccessProvider ap("mylabel");
392 ap.allowAPI("key-manager::api-storage", "rw");
393 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
396 auto manager = CKM::Manager::create();
398 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
399 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
400 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
401 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
402 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
403 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
404 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
406 "-----END PUBLIC KEY-----";
408 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
409 auto key = CKM::Key::create(buffer, CKM::Password());
410 CKM::AliasVector labelAliasVector;
413 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
414 "Error=" << CKM::ErrorToString(temp));
416 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
417 "Error=" << CKM::ErrorToString(temp));
419 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
420 "Error=" << CKM::ErrorToString(temp));
422 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
423 "Error=" << CKM::ErrorToString(temp));
425 labelAliasVector.size() == 3,
426 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
429 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
431 AccessProvider ap("mylabel");
432 ap.allowAPI("key-manager::api-storage", "rw");
433 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
436 auto manager = CKM::Manager::create();
438 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
439 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
440 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
441 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
442 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
443 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
444 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
446 "-----END PUBLIC KEY-----";
448 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
449 auto key = CKM::Key::create(buffer, CKM::Password());
450 CKM::AliasVector aliasVector;
451 CKM::Policy notExportable(CKM::Password(), false);
454 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
455 "Error=" << CKM::ErrorToString(temp));
457 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
458 "Error=" << CKM::ErrorToString(temp));
460 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
461 "Error=" << CKM::ErrorToString(temp));
464 RUNNER_TEST(T1029_deinit)
467 auto control = CKM::Control::create();
470 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
471 "Error=" << CKM::ErrorToString(temp));
473 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
474 "Error=" << CKM::ErrorToString(temp));
476 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
477 "Error=" << CKM::ErrorToString(temp));
479 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
480 "Error=" << CKM::ErrorToString(temp));
483 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
485 RUNNER_TEST(T1030_init)
488 auto control = CKM::Control::create();
490 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
491 "Error=" << CKM::ErrorToString(temp));
493 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
494 "Error=" << CKM::ErrorToString(temp));
497 RUNNER_TEST(T1031_save_get_bin_data)
500 auto manager = CKM::Manager::create();
502 std::string binData1 = "My bin data1";
503 std::string binData2 = "My bin data2";
504 std::string binData3 = "My bin data3";
506 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
507 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
508 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
510 CKM::AliasVector labelAliasVector;
513 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
514 "Error=" << CKM::ErrorToString(temp));
516 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
517 "Error=" << CKM::ErrorToString(temp));
519 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
520 "Error=" << CKM::ErrorToString(temp));
522 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
523 "Error=" << CKM::ErrorToString(temp));
525 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
526 "Error=" << CKM::ErrorToString(temp));
528 labelAliasVector.size() == 3,
529 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
531 CKM::RawBuffer buffer;
533 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
534 "Error=" << CKM::ErrorToString(temp));
539 RUNNER_ASSERT_MSG_BT(
540 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
541 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
544 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
546 AccessProvider ap("mylabel");
547 ap.allowAPI("key-manager::api-storage", "rw");
548 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
551 auto manager = CKM::Manager::create();
553 std::string binData = "My bin data";
555 CKM::RawBuffer buffer(binData.begin(), binData.end());
557 CKM::AliasVector labelAliasVector;
560 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
561 "Error=" << CKM::ErrorToString(temp));
563 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
564 "Error=" << CKM::ErrorToString(temp));
566 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
567 "Error=" << CKM::ErrorToString(temp));
569 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
570 "Error=" << CKM::ErrorToString(temp));
572 labelAliasVector.size() == 3,
573 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
576 RUNNER_TEST(T1033_remove_bin_data)
579 auto manager = CKM::Manager::create();
581 std::string binData2 = "My bin data2";
582 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
584 CKM::AliasVector labelAliasVector;
586 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
588 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
589 "Error=" << CKM::ErrorToString(temp));
591 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
592 "Error=" << CKM::ErrorToString(temp));
594 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
595 "Error=" << CKM::ErrorToString(temp));
597 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
598 "Error=" << CKM::ErrorToString(temp));
600 labelAliasVector.size() == 1,
601 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
603 CKM::RawBuffer buffer;
605 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
606 "Error=" << CKM::ErrorToString(temp));
611 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
612 "Error=" << CKM::ErrorToString(temp));
615 RUNNER_TEST(T1034_getData_wrong_password)
618 auto manager = CKM::Manager::create();
620 std::string binData1 = "My bin data4";
622 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
624 RUNNER_ASSERT_MSG_BT(
625 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
626 "Error=" << CKM::ErrorToString(temp));
628 CKM::RawBuffer buffer;
629 RUNNER_ASSERT_MSG_BT(
630 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
631 "Error=" << CKM::ErrorToString(temp));
632 RUNNER_ASSERT_MSG_BT(
636 RUNNER_ASSERT_MSG_BT(
637 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
638 "Error=" << CKM::ErrorToString(temp));
641 RUNNER_TEST(T1035_deinit)
644 auto control = CKM::Control::create();
647 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
648 "Error=" << CKM::ErrorToString(temp));
650 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
651 "Error=" << CKM::ErrorToString(temp));
653 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
654 "Error=" << CKM::ErrorToString(temp));
656 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
657 "Error=" << CKM::ErrorToString(temp));
660 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
662 RUNNER_TEST(T1040_init)
665 auto control = CKM::Control::create();
668 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
669 "Error=" << CKM::ErrorToString(temp));
672 RUNNER_CHILD_TEST(T1041_create_rsa_key)
675 auto manager = CKM::Manager::create();
678 AccessProvider ap("mylabel-rsa");
679 ap.allowAPI("key-manager::api-storage", "rw");
680 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
683 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
684 "Error=" << CKM::ErrorToString(temp));
686 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
687 "Error=" << CKM::ErrorToString(temp));
689 2 == (temp = av.size()),
690 "Vector size: " << temp << ". Expected: 2");
693 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
696 auto manager = CKM::Manager::create();
699 AccessProvider ap("mylabel-rsa");
700 ap.allowAPI("key-manager::api-storage", "rw");
701 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
704 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
705 "Error=" << CKM::ErrorToString(temp));
707 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
708 "Error=" << CKM::ErrorToString(temp));
711 RUNNER_CHILD_TEST(T1043_create_dsa_key)
714 auto manager = CKM::Manager::create();
717 AccessProvider ap("mylabel-dsa");
718 ap.allowAPI("key-manager::api-storage", "rw");
719 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
722 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
723 "Error=" << CKM::ErrorToString(temp));
725 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
726 "Error=" << CKM::ErrorToString(temp));
728 2 == (temp = av.size()),
729 "Vector size: " << temp << ". Expected: 2");
732 RUNNER_TEST(T1049_deinit)
735 auto control = CKM::Control::create();
738 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
739 "Error=" << CKM::ErrorToString(temp));
741 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
742 "Error=" << CKM::ErrorToString(temp));
746 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
748 RUNNER_TEST(T1110_init)
751 auto control = CKM::Control::create();
753 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
754 "Error=" << CKM::ErrorToString(temp));
756 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
757 "Error=" << CKM::ErrorToString(temp));
760 RUNNER_TEST(T1111_CreateKeyPairRSA)
763 auto manager = CKM::Manager::create();
764 CKM::Alias a1("rsa-test-1");
765 CKM::Alias a2("rsa-test-2");
769 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
770 "Error=" << CKM::ErrorToString(temp));
772 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
773 "Error=" << CKM::ErrorToString(temp));
776 RUNNER_TEST(T1112_CreateKeyPairDSA)
779 auto manager = CKM::Manager::create();
780 CKM::Alias a1("dsa-test-1");
781 CKM::Alias a2("dsa-test-2");
785 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
786 "Error=" << CKM::ErrorToString(temp));
788 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
789 "Error=" << CKM::ErrorToString(temp));
792 RUNNER_TEST(T1113_CreateKeyPairECDSA)
795 auto manager = CKM::Manager::create();
796 CKM::Alias a1("ecdsa-test-1");
797 CKM::Alias a2("ecdsa-test-2");
801 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
802 "Error=" << CKM::ErrorToString(temp));
805 RUNNER_TEST(T1114_deinit)
808 auto control = CKM::Control::create();
811 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
812 "Error=" << CKM::ErrorToString(temp));
814 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
815 "Error=" << CKM::ErrorToString(temp));
818 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
820 RUNNER_TEST(T12100_init)
823 auto control = CKM::Control::create();
825 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
826 "Error=" << CKM::ErrorToString(temp));
828 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
829 "Error=" << CKM::ErrorToString(temp));
832 RUNNER_TEST(T12101_key_exist)
835 auto manager = CKM::Manager::create();
837 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
838 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
839 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
840 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
841 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
842 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
843 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
845 "-----END PUBLIC KEY-----";
847 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
848 auto key = CKM::Key::create(buffer);
849 CKM::Alias alias = "rsa-alias-duplication";
852 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
853 "Error=" << CKM::ErrorToString(ret));
855 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
856 "Error=" << CKM::ErrorToString(ret));
860 * These test cases tests API when empty parameters are passed to functions
863 RUNNER_TEST(T12102_saveKey_empty_alias)
865 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
866 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
867 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
868 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
869 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
870 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
871 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
872 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
874 "-----END PUBLIC KEY-----";
876 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
877 auto key = CKM::Key::create(buffer);
878 CKM::Alias alias; //alias is not initialized
881 auto manager = CKM::Manager::create();
883 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
884 "Error=" << CKM::ErrorToString(ret));
887 RUNNER_TEST(T12103_saveKey_foreign_label)
889 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
890 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
891 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
892 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
893 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
894 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
895 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
897 "-----END PUBLIC KEY-----";
899 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
900 auto key = CKM::Key::create(buffer);
901 CKM::Alias alias = "iamsomebodyelse alias";
904 auto manager = CKM::Manager::create();
906 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
907 "Error=" << CKM::ErrorToString(ret));
910 RUNNER_TEST(T12104_saveKey_empty_key)
912 CKM::KeyShPtr key; //key is not initialized
913 CKM::Alias alias = "empty-key";
916 auto manager = CKM::Manager::create();
918 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
919 "Error=" << CKM::ErrorToString(ret));
922 RUNNER_TEST(T12105_saveCertificate_empty_alias)
924 std::string certPem =
925 "-----BEGIN CERTIFICATE-----\n"
926 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
927 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
928 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
929 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
930 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
931 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
932 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
933 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
934 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
935 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
936 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
937 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
938 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
939 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
940 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
941 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
942 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
943 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
944 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
945 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
946 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
947 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
948 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
949 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
951 "-----END CERTIFICATE-----\n";
953 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
954 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
955 CKM::Alias alias; //alias is not initialized
958 auto manager = CKM::Manager::create();
960 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
961 "Error=" << CKM::ErrorToString(temp));
964 RUNNER_TEST(T12106_saveCertificate_foreign_label)
966 std::string certPem =
967 "-----BEGIN CERTIFICATE-----\n"
968 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
969 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
970 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
971 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
972 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
973 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
974 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
975 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
976 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
977 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
978 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
979 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
980 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
981 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
982 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
983 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
984 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
985 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
986 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
987 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
988 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
989 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
990 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
991 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
993 "-----END CERTIFICATE-----\n";
995 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
996 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
997 CKM::Alias alias = "iamsomebodyelse alias";
1000 auto manager = CKM::Manager::create();
1002 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1003 "Error=" << CKM::ErrorToString(temp));
1006 RUNNER_TEST(T12107_saveCertificate_empty_cert)
1008 CKM::CertificateShPtr cert; //cert is not initialized
1009 CKM::Alias alias = "empty-cert";
1012 auto manager = CKM::Manager::create();
1014 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1015 "Error=" << CKM::ErrorToString(temp));
1018 RUNNER_TEST(T12108_saveData_empty_alias)
1020 std::string testData = "test data test data test data";
1021 CKM::RawBuffer buffer(testData.begin(), testData.end());
1025 auto manager = CKM::Manager::create();
1027 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1028 "Error=" << CKM::ErrorToString(temp));
1031 RUNNER_TEST(T12109_saveData_foreign_label)
1033 std::string testData = "test data test data test data";
1034 CKM::RawBuffer buffer(testData.begin(), testData.end());
1035 CKM::Alias alias = "iamsomebodyelse alias";
1038 auto manager = CKM::Manager::create();
1040 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1041 "Error=" << CKM::ErrorToString(temp));
1044 RUNNER_TEST(T12110_saveData_empty_data)
1046 CKM::RawBuffer buffer;
1047 CKM::Alias alias = "empty-data";
1050 auto manager = CKM::Manager::create();
1052 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1053 "Error=" << CKM::ErrorToString(temp));
1057 * These test cases tests API when trying to get data from not existing alias
1060 RUNNER_TEST(T12111_getKey_alias_not_exist)
1063 CKM::Alias alias = "this-alias-not-exist";
1066 auto manager = CKM::Manager::create();
1068 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1069 "Error=" << CKM::ErrorToString(temp));
1072 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1074 CKM::CertificateShPtr certificate;
1075 CKM::Alias alias = "this-alias-not-exist";
1078 auto manager = CKM::Manager::create();
1080 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1081 "Error=" << CKM::ErrorToString(temp));
1084 RUNNER_TEST(T12113_getData_alias_not_exist)
1087 auto manager = CKM::Manager::create();
1088 CKM::RawBuffer buffer;
1089 CKM::Alias alias("some alias");
1091 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1092 "Error=" << CKM::ErrorToString(temp));
1096 * These test cases tests API when damaged keys are used
1098 RUNNER_TEST(T12114_rsa_key_damaged)
1101 auto manager = CKM::Manager::create();
1103 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1104 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1105 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1106 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1107 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1108 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1109 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1111 "-----END PUBLIC KEY-----";
1113 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1114 auto key = CKM::Key::create(buffer);
1115 CKM::Alias alias = "damaged-rsa";
1118 NULL == key.get(), "Key is broken. It should be empty");
1121 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1122 "Error=" << CKM::ErrorToString(ret));
1125 RUNNER_TEST(T12115_rsa_key_too_short)
1128 auto manager = CKM::Manager::create();
1130 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1131 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1132 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1133 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1134 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1135 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1136 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1138 "-----END PUBLIC KEY-----";
1140 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1141 auto key = CKM::Key::create(buffer);
1142 CKM::Alias alias = "short-rsa";
1145 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1146 "Error=" << CKM::ErrorToString(ret));
1149 RUNNER_TEST(T12116_dsa_key_too_short)
1152 auto manager = CKM::Manager::create();
1154 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1155 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1156 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1157 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1158 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1159 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1160 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1161 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1162 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1163 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1164 "YMYCBhubtrVaLmc=\n"
1165 "-----END PUBLIC KEY-----";
1167 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1168 auto key = CKM::Key::create(buffer);
1169 CKM::Alias alias = "short-dsa";
1172 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1173 "Error=" << CKM::ErrorToString(ret));
1178 * These test cases tests CKM service if malicious data is provided over the socket.
1181 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1184 auto manager = CKM::Manager::create();
1186 // fake the client - let the service detect the problem
1187 class WrongKeyImpl : public CKM::Key
1190 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1193 virtual bool empty() const {
1197 virtual CKM::KeyType getType() const {
1198 return CKM::KeyType::KEY_RSA_PUBLIC;
1200 virtual int getSize() const {
1203 virtual CKM::ElipticCurve getCurve() const {
1204 return CKM::ElipticCurve::prime192v1;
1206 virtual CKM::RawBuffer getDER() const {
1209 virtual ~WrongKeyImpl() {}
1211 CKM::RawBuffer & m_dummy;
1213 std::string dummyData = "my_cat_Berta\n";
1214 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1215 auto key = std::make_shared<WrongKeyImpl>(buffer);
1216 CKM::Alias alias = "damaged-rsa";
1219 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1220 "Error=" << CKM::ErrorToString(ret));
1223 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1225 // fake the client - let the service detect the problem
1226 class WrongCertImpl : public CKM::Certificate
1229 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1230 m_x509 = X509_new();
1233 bool empty() const {
1237 virtual X509 *getX509() const {
1241 virtual CKM::RawBuffer getDER() const {
1245 virtual ~WrongCertImpl() {
1250 CKM::RawBuffer & m_dummy;
1252 std::string dummyData = "my_cat_Stefan\n";
1253 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1254 auto cert = std::make_shared<WrongCertImpl>(buffer);
1255 CKM::Alias alias = "damaged-cert";
1258 auto manager = CKM::Manager::create();
1260 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1261 "Error=" << CKM::ErrorToString(temp));
1264 RUNNER_TEST(T12119_deinit)
1267 auto control = CKM::Control::create();
1270 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1271 "Error=" << CKM::ErrorToString(temp));
1273 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1274 "Error=" << CKM::ErrorToString(temp));
1277 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1279 RUNNER_TEST(T1311_init)
1282 auto control = CKM::Control::create();
1284 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1285 "Error=" << CKM::ErrorToString(temp));
1286 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1287 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1289 struct hostent* he = gethostbyname("google.com");
1291 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1292 "is not woking on the device. OCSP tests requires network access!");
1295 RUNNER_TEST(T1312_get_chain)
1297 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1298 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1299 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1300 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1301 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1302 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1303 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1304 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1305 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1306 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1307 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1308 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1309 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1310 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1311 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1312 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1313 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1314 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1315 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1316 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1317 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1318 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1319 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1320 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1321 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1322 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1323 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1324 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1325 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1326 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1327 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1328 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1330 "-----END CERTIFICATE-----\n";
1333 "-----BEGIN CERTIFICATE-----\n"
1334 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1335 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1336 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1337 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1338 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1339 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1340 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1341 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1342 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1343 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1344 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1345 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1346 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1347 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1348 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1349 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1350 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1351 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1352 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1353 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1354 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1355 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1356 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1357 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1358 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1359 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1360 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1361 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1362 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1363 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1364 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1365 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1366 "-----END CERTIFICATE-----\n";
1368 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1369 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1370 CKM::CertificateShPtrVector certVector = {cert1};
1371 CKM::CertificateShPtrVector certChain;
1374 auto manager = CKM::Manager::create();
1376 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1377 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1379 tmp = manager->getCertificateChain(cert,
1384 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1385 "Error=" << CKM::ErrorToString(tmp));
1388 0 == certChain.size(),
1389 "Wrong size of certificate chain.");
1391 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1392 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1395 3 == certChain.size(),
1396 "Wrong size of certificate chain.");
1399 RUNNER_TEST(T1313_get_chain_with_alias)
1401 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1402 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1403 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1404 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1405 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1406 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1407 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1408 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1409 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1410 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1411 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1412 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1413 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1414 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1415 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1416 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1417 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1418 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1419 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1420 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1421 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1422 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1423 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1424 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1425 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1426 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1427 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1428 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1429 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1430 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1431 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1432 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1434 "-----END CERTIFICATE-----\n";
1437 "-----BEGIN CERTIFICATE-----\n"
1438 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1439 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1440 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1441 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1442 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1443 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1444 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1445 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1446 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1447 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1448 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1449 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1450 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1451 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1452 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1453 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1454 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1455 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1456 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1457 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1458 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1459 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1460 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1461 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1462 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1463 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1464 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1465 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1466 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1467 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1468 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1469 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1470 "-----END CERTIFICATE-----\n";
1472 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1473 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1474 CKM::CertificateShPtrVector certChain;
1475 CKM::AliasVector aliasVector;
1476 CKM::Alias alias("imcert");
1477 CharPtr top_label = get_label();
1478 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1481 auto manager = CKM::Manager::create();
1483 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1484 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1486 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1487 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1488 "Error=" << CKM::ErrorToString(tmp));
1491 0 == certChain.size(),
1492 "Wrong size of certificate chain.");
1495 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1496 "Error=" << CKM::ErrorToString(tmp));
1498 aliasVector.push_back(full_address);
1500 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1501 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1503 RUNNER_ASSERT_MSG_BT(
1504 3 == certChain.size(),
1505 "Wrong size of certificate chain.");
1508 RUNNER_TEST(T1314_ocsp_check)
1510 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1512 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1513 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1514 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1515 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1516 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1517 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1518 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1519 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1520 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1521 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1522 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1523 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1524 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1525 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1526 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1527 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1528 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1529 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1530 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1531 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1532 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1533 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1534 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1535 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1536 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1537 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1538 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1539 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1540 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1541 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1542 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1543 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1545 "-----END CERTIFICATE-----\n";
1548 "-----BEGIN CERTIFICATE-----\n"
1549 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1550 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1551 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1552 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1553 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1554 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1555 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1556 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1557 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1558 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1559 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1560 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1561 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1562 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1563 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1564 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1565 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1566 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1567 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1568 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1569 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1570 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1571 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1572 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1573 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1574 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1575 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1576 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1577 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1578 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1579 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1580 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1581 "-----END CERTIFICATE-----\n";
1583 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1584 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1585 CKM::CertificateShPtrVector certVector = {cert1};
1586 CKM::CertificateShPtrVector certChain;
1589 auto manager = CKM::Manager::create();
1591 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1592 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1594 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1595 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1596 "Error=" << CKM::ErrorToString(tmp));
1599 0 == certChain.size(),
1600 "Wrong size of certificate chain.");
1602 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1603 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1605 RUNNER_ASSERT_MSG_BT(
1606 3 == certChain.size(),
1607 "Wrong size of certificate chain.");
1611 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1612 "Error=" << CKM::ErrorToString(tmp));
1614 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1617 RUNNER_TEST(T1315_deinit)
1620 auto control = CKM::Control::create();
1623 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1624 "Error=" << CKM::ErrorToString(temp));
1626 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1627 "Error=" << CKM::ErrorToString(temp));
1630 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1632 RUNNER_TEST(T1411_init)
1635 auto control = CKM::Control::create();
1637 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1638 "Error=" << CKM::ErrorToString(temp));
1641 RUNNER_TEST(T1412_rsa_key_create_verify)
1644 auto manager = CKM::Manager::create();
1646 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1647 "Proc-Type: 4,ENCRYPTED\n"
1648 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1650 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1651 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1652 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1653 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1654 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1655 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1656 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1657 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1658 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1659 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1660 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1661 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1662 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1663 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1664 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1665 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1666 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1667 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1668 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1669 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1670 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1671 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1672 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1673 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1674 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1675 "-----END RSA PRIVATE KEY-----\n";
1677 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1678 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1679 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1680 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1681 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1682 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1683 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1685 "-----END PUBLIC KEY-----\n";
1687 std::string message = "message test";
1689 CKM::Alias aliasPub = "pub1";
1690 CKM::Alias aliasPrv = "prv1";
1691 CKM::Password password = "1234";
1692 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1693 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1694 CKM::RawBuffer signature;
1696 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1697 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1699 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1700 "Key is empty. Failed to import public key.");
1701 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1702 "Key is empty. Failed to import private key.");
1705 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1706 "Error=" << CKM::ErrorToString(temp));
1708 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1709 "Error=" << CKM::ErrorToString(temp));
1712 CKM_API_SUCCESS == (temp = manager->createSignature(
1715 CKM::RawBuffer(message.begin(), message.end()),
1719 "Error=" << CKM::ErrorToString(temp));
1722 CKM_API_SUCCESS == (temp = manager->verifySignature(
1725 CKM::RawBuffer(message.begin(), message.end()),
1729 "Error=" << CKM::ErrorToString(temp));
1732 RUNNER_TEST(T1413_dsa_key_create_verify)
1735 auto manager = CKM::Manager::create();
1737 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1738 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1739 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1740 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1741 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1742 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1743 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1744 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1745 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1746 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1747 "u1roOuaPY+Hl19BlTE2qdw==\n"
1748 "-----END DSA PRIVATE KEY-----";
1750 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1751 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1752 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1753 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1754 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1755 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1756 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1757 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1758 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1759 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1760 "YMYCBhubtrVaLmc=\n"
1761 "-----END PUBLIC KEY-----";
1763 std::string message = "message test";
1765 CKM::Alias aliasPub = "pub2";
1766 CKM::Alias aliasPrv = "prv2";
1767 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1768 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1769 CKM::RawBuffer signature;
1771 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1772 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1774 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1775 "Key is empty. Failed to import public key.");
1776 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1777 "Key is empty. Failed to import private key.");
1780 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1781 "Error=" << CKM::ErrorToString(temp));
1783 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1784 "Error=" << CKM::ErrorToString(temp));
1787 CKM_API_SUCCESS == (temp = manager->createSignature(
1790 CKM::RawBuffer(message.begin(), message.end()),
1794 "Error=" << CKM::ErrorToString(temp));
1797 CKM_API_SUCCESS == (temp = manager->verifySignature(
1800 CKM::RawBuffer(message.begin(), message.end()),
1804 "Error=" << CKM::ErrorToString(temp));
1808 RUNNER_TEST(T1414_ec_key_create_verify)
1811 auto manager = CKM::Manager::create();
1813 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1814 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1815 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1816 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1817 "-----END EC PRIVATE KEY-----\n";
1819 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1820 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1821 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1822 "-----END PUBLIC KEY-----\n";
1824 std::string message = "message test";
1826 CKM::Alias aliasPub = "ecpub2";
1827 CKM::Alias aliasPrv = "ecprv2";
1828 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1829 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1830 CKM::RawBuffer signature;
1832 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1833 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1835 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1836 "Key is empty. Failed to import public key.");
1837 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1838 "Key is empty. Failed to import private key.");
1841 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1842 "Error=" << CKM::ErrorToString(temp));
1844 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1845 "Error=" << CKM::ErrorToString(temp));
1848 CKM_API_SUCCESS == (temp = manager->createSignature(
1851 CKM::RawBuffer(message.begin(), message.end()),
1855 "Error=" << CKM::ErrorToString(temp));
1858 CKM_API_SUCCESS == (temp = manager->verifySignature(
1861 CKM::RawBuffer(message.begin(), message.end()),
1865 "Error=" << CKM::ErrorToString(temp));
1867 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1869 memcpy((void*)signature.data(), "BROKEN", 6);
1872 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1875 CKM::RawBuffer(message.begin(), message.end()),
1879 "Error=" << CKM::ErrorToString(temp));
1882 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1885 auto manager = CKM::Manager::create();
1886 std::string message = "message asdfaslkdfjlksadjf test";
1888 CKM::Alias aliasPub = "pub1";
1889 CKM::Alias aliasPrv = "prv1";
1891 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1892 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1893 CKM::RawBuffer signature;
1896 CKM_API_SUCCESS == (temp = manager->createSignature(
1899 CKM::RawBuffer(message.begin(), message.end()),
1903 "Error=" << CKM::ErrorToString(temp));
1906 CKM_API_SUCCESS == (temp = manager->verifySignature(
1909 CKM::RawBuffer(message.begin(), message.end()),
1913 "Error=" << CKM::ErrorToString(temp));
1915 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1916 memcpy((void*)signature.data(), "BROKEN", 6);
1919 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1922 CKM::RawBuffer(message.begin(), message.end()),
1926 "Error=" << CKM::ErrorToString(temp));
1929 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1932 auto manager = CKM::Manager::create();
1933 std::string message = "message asdfaslkdfjlksadjf test";
1935 CKM::Alias aliasPub = "pub2";
1936 CKM::Alias aliasPrv = "prv2";
1938 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1939 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1940 CKM::RawBuffer signature;
1943 CKM_API_SUCCESS == (temp = manager->createSignature(
1946 CKM::RawBuffer(message.begin(), message.end()),
1950 "Error=" << CKM::ErrorToString(temp));
1953 CKM_API_SUCCESS == (temp = manager->verifySignature(
1956 CKM::RawBuffer(message.begin(), message.end()),
1960 "Error=" << CKM::ErrorToString(temp));
1962 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1963 memcpy((void*)signature.data(), "BROKEN", 6);
1966 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1969 CKM::RawBuffer(message.begin(), message.end()),
1973 "Error=" << CKM::ErrorToString(temp));
1976 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1979 auto manager = CKM::Manager::create();
1982 "-----BEGIN RSA PRIVATE KEY-----\n"
1983 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1984 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1985 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1986 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1987 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1988 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1989 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1990 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1991 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1992 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1993 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1994 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1995 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1996 "-----END RSA PRIVATE KEY-----\n";
1999 "-----BEGIN CERTIFICATE-----\n"
2000 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
2001 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
2002 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
2003 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
2004 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
2005 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
2006 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
2007 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
2008 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
2009 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
2010 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
2011 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
2012 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
2013 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
2014 "-----END CERTIFICATE-----\n";
2016 std::string message = "message test";
2018 CKM::Alias aliasPub = "pub1-cert";
2019 CKM::Alias aliasPrv = "prv1-cert";
2020 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2021 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2022 CKM::RawBuffer signature;
2024 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2025 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2027 RUNNER_ASSERT_MSG(NULL != cert.get(),
2028 "Key is empty. Failed to import public key.");
2029 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2030 "Key is empty. Failed to import private key.");
2033 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2034 "Error=" << CKM::ErrorToString(temp));
2036 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2037 "Error=" << CKM::ErrorToString(temp));
2040 CKM_API_SUCCESS == (temp = manager->createSignature(
2043 CKM::RawBuffer(message.begin(), message.end()),
2047 "Error=" << CKM::ErrorToString(temp));
2050 CKM_API_SUCCESS == (temp = manager->verifySignature(
2053 CKM::RawBuffer(message.begin(), message.end()),
2057 "Error=" << CKM::ErrorToString(temp));
2059 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2061 memcpy((void*)signature.data(), "BROKEN", 6);
2064 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2067 CKM::RawBuffer(message.begin(), message.end()),
2071 "Error=" << CKM::ErrorToString(temp));
2074 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
2077 auto manager = CKM::Manager::create();
2079 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
2080 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
2081 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
2082 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
2083 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
2084 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
2085 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
2086 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
2087 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
2088 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
2089 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
2090 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
2091 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
2092 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
2093 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
2094 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
2095 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
2096 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
2097 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
2098 "-----END CERTIFICATE-----\n";
2100 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
2101 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
2102 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
2103 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
2104 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2105 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2106 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2107 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2108 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2109 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2110 "vonbjii3BYe4AIdkzOvp\n"
2111 "-----END DSA PRIVATE KEY-----\n";
2113 std::string message = "message test";
2115 CKM::Alias aliasPub = "pub2-cert";
2116 CKM::Alias aliasPrv = "prv2-cert";
2117 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2118 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2119 CKM::RawBuffer signature;
2121 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2122 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2124 RUNNER_ASSERT_MSG(NULL != cert.get(),
2125 "Key is empty. Failed to import public key.");
2126 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2127 "Key is empty. Failed to import private key.");
2130 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2131 "Error=" << CKM::ErrorToString(temp));
2133 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2134 "Error=" << CKM::ErrorToString(temp));
2137 CKM_API_SUCCESS == (temp = manager->createSignature(
2140 CKM::RawBuffer(message.begin(), message.end()),
2144 "Error=" << CKM::ErrorToString(temp));
2147 CKM_API_SUCCESS == (temp = manager->verifySignature(
2150 CKM::RawBuffer(message.begin(), message.end()),
2154 "Error=" << CKM::ErrorToString(temp));
2156 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2158 memcpy((void*)signature.data(), "BROKEN", 6);
2161 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2164 CKM::RawBuffer(message.begin(), message.end()),
2168 "Error=" << CKM::ErrorToString(temp));
2171 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
2174 auto manager = CKM::Manager::create();
2177 "-----BEGIN EC PRIVATE KEY-----\n"
2178 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2179 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2180 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2181 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2182 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2183 "ELyhe7yPCAuOoLZlTLgf\n"
2184 "-----END EC PRIVATE KEY-----\n";
2187 "-----BEGIN CERTIFICATE-----\n"
2188 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2189 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2190 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2191 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2192 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2193 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2194 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2195 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2196 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2197 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2198 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2199 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2200 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2201 "Q1oBry6NEc+lLFmWMDesAA==\n"
2202 "-----END CERTIFICATE-----\n";
2204 std::string message = "message test";
2206 CKM::Alias aliasPub = "pub3";
2207 CKM::Alias aliasPrv = "prv3";
2208 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2209 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2210 CKM::RawBuffer signature;
2212 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2213 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2215 RUNNER_ASSERT_MSG(NULL != cert.get(),
2216 "Key is empty. Failed to import public key.");
2217 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2218 "Key is empty. Failed to import private key.");
2221 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2222 "Error=" << CKM::ErrorToString(temp));
2224 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2225 "Error=" << CKM::ErrorToString(temp));
2228 CKM_API_SUCCESS == (temp = manager->createSignature(
2231 CKM::RawBuffer(message.begin(), message.end()),
2235 "Error=" << CKM::ErrorToString(temp));
2238 CKM_API_SUCCESS == (temp = manager->verifySignature(
2241 CKM::RawBuffer(message.begin(), message.end()),
2245 "Error=" << CKM::ErrorToString(temp));
2247 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2249 memcpy((void*)signature.data(), "BROKEN", 6);
2252 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2255 CKM::RawBuffer(message.begin(), message.end()),
2259 "Error=" << CKM::ErrorToString(temp));
2262 RUNNER_TEST(T1420_deinit)
2265 auto control = CKM::Control::create();
2268 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2269 "Error=" << CKM::ErrorToString(temp));
2271 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2272 "Error=" << CKM::ErrorToString(temp));
2275 RUNNER_TEST(T14180_init)
2278 auto control = CKM::Control::create();
2280 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2281 "Error=" << CKM::ErrorToString(temp));
2283 auto manager = CKM::Manager::create();
2285 // Prepare RSA Key Pair
2286 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2287 "Proc-Type: 4,ENCRYPTED\n"
2288 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2290 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2291 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2292 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2293 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2294 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2295 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2296 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2297 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2298 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2299 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2300 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2301 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2302 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2303 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2304 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2305 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2306 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2307 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2308 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2309 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2310 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2311 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2312 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2313 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2314 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2315 "-----END RSA PRIVATE KEY-----\n";
2317 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2318 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2319 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2320 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2321 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2322 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2323 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2325 "-----END PUBLIC KEY-----\n";
2327 CKM::Alias aliasPub = "pub_nohash1";
2328 CKM::Alias aliasPrv = "prv_nohash1";
2329 CKM::Password password = "1234";
2331 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2332 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2334 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2335 "Key is empty. Failed to import public key.");
2336 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2337 "Key is empty. Failed to import private key.");
2340 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2341 "Error=" << CKM::ErrorToString(temp));
2343 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2344 "Error=" << CKM::ErrorToString(temp));
2346 // Prepare ECDSA Key Pair
2347 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2348 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2349 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2350 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2351 "-----END EC PRIVATE KEY-----\n";
2353 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2354 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2355 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2356 "-----END PUBLIC KEY-----\n";
2358 CKM::Alias aliasEcPub = "ecpub_nohash1";
2359 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2361 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2362 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2364 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2365 "Key is empty. Failed to import public key.");
2366 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2367 "Key is empty. Failed to import private key.");
2370 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2371 "Error=" << CKM::ErrorToString(temp));
2373 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2374 "Error=" << CKM::ErrorToString(temp));
2378 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2381 auto manager = CKM::Manager::create();
2382 std::string message = "message asdfaslkdfjlksadjf test";
2384 CKM::Alias aliasPub = "pub_nohash1";
2385 CKM::Alias aliasPrv = "prv_nohash1";
2387 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2388 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2389 CKM::RawBuffer signature;
2392 CKM_API_SUCCESS == (temp = manager->createSignature(
2395 CKM::RawBuffer(message.begin(), message.end()),
2399 "Error=" << CKM::ErrorToString(temp));
2402 CKM_API_SUCCESS == (temp = manager->verifySignature(
2405 CKM::RawBuffer(message.begin(), message.end()),
2409 "Error=" << CKM::ErrorToString(temp));
2411 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2412 memcpy((void*)signature.data(), "BROKEN", 6);
2415 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2418 CKM::RawBuffer(message.begin(), message.end()),
2422 "Error=" << CKM::ErrorToString(temp));
2425 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2428 auto manager = CKM::Manager::create();
2429 std::string message = "message asdfaslkdfjlksadjf test";
2431 CKM::Alias aliasPub = "pub_nohash1";
2432 CKM::Alias aliasPrv = "prv_nohash1";
2434 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2435 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2436 CKM::RawBuffer signature;
2439 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2442 CKM::RawBuffer(message.begin(), message.end()),
2446 "Error=" << CKM::ErrorToString(temp));
2449 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2452 auto manager = CKM::Manager::create();
2453 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2454 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2455 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2456 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2457 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2458 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2459 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2460 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2461 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2462 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2463 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2464 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2465 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2466 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2467 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2468 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2469 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2470 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2471 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2472 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2474 CKM::Alias aliasPub = "pub_nohash1";
2475 CKM::Alias aliasPrv = "prv_nohash1";
2477 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2478 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2479 CKM::RawBuffer signature;
2482 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2485 CKM::RawBuffer(message.begin(), message.end()),
2489 "Error=" << CKM::ErrorToString(temp));
2493 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2496 auto manager = CKM::Manager::create();
2498 std::string message = "message test";
2500 CKM::Alias aliasPub = "ecpub_nohash1";
2501 CKM::Alias aliasPrv = "ecprv_nohash1";
2502 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2503 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2504 CKM::RawBuffer signature;
2507 CKM_API_SUCCESS == (temp = manager->createSignature(
2510 CKM::RawBuffer(message.begin(), message.end()),
2514 "Error=" << CKM::ErrorToString(temp));
2517 CKM_API_SUCCESS == (temp = manager->verifySignature(
2520 CKM::RawBuffer(message.begin(), message.end()),
2524 "Error=" << CKM::ErrorToString(temp));
2526 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2528 memcpy((void*)signature.data(), "BROKEN", 6);
2531 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2534 CKM::RawBuffer(message.begin(), message.end()),
2538 "Error=" << CKM::ErrorToString(temp));
2541 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2544 auto manager = CKM::Manager::create();
2546 int msgSize = 1024*1024;
2547 char big_msg[msgSize];
2548 for(int i =0; i<msgSize-1; i++) {
2551 big_msg[msgSize-1]=0x00;
2552 std::string message(big_msg);
2554 CKM::Alias aliasPub = "ecpub_nohash1";
2555 CKM::Alias aliasPrv = "ecprv_nohash1";
2556 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2557 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2558 CKM::RawBuffer signature;
2561 CKM_API_SUCCESS == (temp = manager->createSignature(
2564 CKM::RawBuffer(message.begin(), message.end()),
2568 "Error=" << CKM::ErrorToString(temp));
2572 RUNNER_TEST(T14189_deinit)
2575 auto control = CKM::Control::create();
2578 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2579 "Error=" << CKM::ErrorToString(temp));
2581 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2582 "Error=" << CKM::ErrorToString(temp));
2586 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2588 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2591 AccessProvider ap("my-label");
2592 ap.allowAPI("key-manager::api-control", "rw");
2593 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2595 auto control = CKM::Control::create();
2597 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2598 "Error=" << CKM::ErrorToString(tmp));
2601 RUNNER_CHILD_TEST(T1511_insert_data)
2603 AccessProvider ap("my-label");
2604 ap.allowAPI("key-manager::api-storage", "rw");
2605 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2607 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2608 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2609 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2610 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2611 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2612 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2613 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2614 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2615 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2616 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2617 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2618 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2619 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2620 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2621 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2622 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2623 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2624 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2625 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2626 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2627 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2628 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2629 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2630 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2631 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2632 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2633 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2634 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2635 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2636 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2637 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2638 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2640 "-----END CERTIFICATE-----\n";
2643 "-----BEGIN CERTIFICATE-----\n"
2644 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
2645 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2646 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
2647 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
2648 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
2649 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
2650 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
2651 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
2652 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
2653 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
2654 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
2655 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
2656 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
2657 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
2658 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
2659 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
2660 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
2661 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
2662 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
2663 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
2664 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
2665 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
2666 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
2667 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
2668 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
2669 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
2670 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
2671 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
2672 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
2673 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
2674 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
2675 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
2676 "-----END CERTIFICATE-----\n";
2678 auto manager = CKM::Manager::create();
2679 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2680 auto certim = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2682 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2683 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2686 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2687 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2690 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2691 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2694 RUNNER_CHILD_TEST(T1519_deinit)
2697 AccessProvider ap("my-label");
2698 ap.allowAPI("key-manager::api-control", "rw");
2699 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2701 auto control = CKM::Control::create();
2703 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2704 "Error=" << CKM::ErrorToString(tmp));
2708 RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
2710 RUNNER_CHILD_TEST(T1610_init_lock_key)
2713 AccessProvider ap("my-label");
2714 ap.allowAPI("key-manager::api-control", "rw");
2715 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2717 auto control = CKM::Control::create();
2719 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
2720 "Error=" << CKM::ErrorToString(tmp));
2722 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2723 "Error=" << CKM::ErrorToString(tmp));
2726 RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
2728 AccessProvider ap("my-label");
2729 ap.allowAPI("key-manager::api-storage", "rw");
2730 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2733 auto manager = CKM::Manager::create();
2735 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2736 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2737 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2738 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2739 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2740 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2741 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2743 "-----END PUBLIC KEY-----";
2745 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2746 auto key = CKM::Key::create(buffer, CKM::Password());
2748 CKM::Alias alias = "mykey_defpasswd";
2751 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
2752 "Error=" << CKM::ErrorToString(temp));
2754 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
2755 "Error=" << CKM::ErrorToString(temp));
2757 key->getDER() == key2->getDER(),
2758 "Key value has been changed by service");
2760 std::string invalid_address = aliasWithLabel("i-do-not-exist", alias.c_str());
2762 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
2763 "Error=" << CKM::ErrorToString(temp));
2765 CKM_API_SUCCESS == (temp = manager->removeAlias(alias)),
2766 "Error=" << CKM::ErrorToString(temp));
2769 RUNNER_CHILD_TEST(T1612_init_change_user_password)
2772 AccessProvider ap("my-label");
2773 ap.allowAPI("key-manager::api-control", "rw");
2774 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2776 auto control = CKM::Control::create();
2778 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
2779 "Error=" << CKM::ErrorToString(tmp));
2780 // confirm changed password
2782 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_APP,"user-pass")),
2783 CKM::ErrorToString(tmp));
2785 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2786 CKM::ErrorToString(tmp));
2789 RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
2791 AccessProvider ap("my-label");
2792 ap.allowAPI("key-manager::api-storage", "rw");
2793 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2796 auto manager = CKM::Manager::create();
2798 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2799 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2800 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2801 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2802 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2803 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2804 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2806 "-----END PUBLIC KEY-----";
2808 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2809 auto key = CKM::Key::create(buffer, CKM::Password());
2811 CKM::Alias alias = "mykey_defpasswd";
2814 CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
2815 "Error=" << CKM::ErrorToString(temp));
2817 CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
2818 "Error=" << CKM::ErrorToString(temp));
2820 CKM_API_ERROR_DB_LOCKED == (temp = manager->removeAlias(alias)),
2821 "Error=" << CKM::ErrorToString(temp));
2824 RUNNER_CHILD_TEST(T1619_deinit)
2826 AccessProvider ap("my-label");
2827 ap.allowAPI("key-manager::api-control", "rw");
2828 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2831 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2833 RUNNER_TEST(T1701_init_unlock_key)
2836 auto control = CKM::Control::create();
2838 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2839 "Error=" << CKM::ErrorToString(tmp));
2842 RUNNER_CHILD_TEST(T1702_insert_data)
2845 AccessProvider ap("t170-special-label");
2846 ap.allowAPI("key-manager::api-storage", "rw");
2847 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2849 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2850 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2851 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2852 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2853 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2854 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2855 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2856 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2857 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2858 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2859 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2860 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2861 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2862 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2863 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2864 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2865 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2866 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2867 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2868 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2869 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2870 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2871 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2872 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2873 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2874 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2875 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2876 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2877 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2878 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2879 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2880 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2882 "-----END CERTIFICATE-----\n";
2884 auto manager = CKM::Manager::create();
2885 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2887 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2890 CKM_API_SUCCESS == status1,
2891 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2893 CKM::AliasVector av;
2895 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2896 "Error=" << CKM::ErrorToString(temp));
2898 1 == (temp = av.size()),
2899 "Vector size: " << temp << ". Expected: 1");
2902 RUNNER_TEST(T1703_removeApplicationData)
2905 auto control = CKM::Control::create();
2907 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2908 "Error=" << CKM::ErrorToString(tmp));
2911 RUNNER_CHILD_TEST(T1704_data_test)
2914 AccessProvider ap("t170-special-label");
2915 ap.allowAPI("key-manager::api-storage", "rw");
2916 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2918 CKM::AliasVector av;
2919 auto manager = CKM::Manager::create();
2922 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2923 "Error=" << CKM::ErrorToString(temp));
2925 0 == (temp = av.size()),
2926 "Vector size: " << temp << ". Expected: 0");
2929 RUNNER_TEST(T1705_deinit)
2933 auto control = CKM::Control::create();
2935 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2936 "Error=" << CKM::ErrorToString(tmp));
2938 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2939 "Error=" << CKM::ErrorToString(tmp));
2942 RUNNER_TEST(T17101_init)
2946 auto control = CKM::Control::create();
2948 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2949 "Error=" << CKM::ErrorToString(tmp));
2951 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2952 "Error=" << CKM::ErrorToString(tmp));
2954 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2955 "Error=" << CKM::ErrorToString(tmp));
2958 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2959 "Error=" << CKM::ErrorToString(tmp));
2961 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2962 "Error=" << CKM::ErrorToString(tmp));
2964 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2965 "Error=" << CKM::ErrorToString(tmp));
2968 RUNNER_CHILD_TEST(T17102_prep_data_01)
2971 AccessProvider ap("t1706-special-label");
2972 ap.allowAPI("key-manager::api-storage", "rw");
2973 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2975 CKM::AliasVector av;
2976 auto manager = CKM::Manager::create();
2978 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2980 CKM::RawBuffer buffer(data.begin(), data.end());
2981 CKM::Policy exportable(CKM::Password(), true);
2984 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2985 "Error=" << CKM::ErrorToString(temp));
2988 RUNNER_CHILD_TEST(T17103_prep_data_02)
2991 AccessProvider ap("t1706-special-label2");
2992 ap.allowAPI("key-manager::api-storage", "rw");
2993 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2995 CKM::AliasVector av;
2996 auto manager = CKM::Manager::create();
2998 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3000 CKM::RawBuffer buffer(data.begin(), data.end());
3001 CKM::Policy exportable(CKM::Password(), true);
3004 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
3005 "Error=" << CKM::ErrorToString(temp));
3008 RUNNER_CHILD_TEST(T17104_prep_data_03)
3011 AccessProvider ap("t1706-special-label");
3012 ap.allowAPI("key-manager::api-storage", "rw");
3013 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3015 CKM::AliasVector av;
3016 auto manager = CKM::Manager::create();
3018 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3020 CKM::RawBuffer buffer(data.begin(), data.end());
3021 CKM::Policy exportable(CKM::Password(), true);
3024 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
3025 "Error=" << CKM::ErrorToString(temp));
3028 RUNNER_CHILD_TEST(T17105_prep_data_04)
3031 AccessProvider ap("t1706-special-label2");
3032 ap.allowAPI("key-manager::api-storage", "rw");
3033 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3035 CKM::AliasVector av;
3036 auto manager = CKM::Manager::create();
3038 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3040 CKM::RawBuffer buffer(data.begin(), data.end());
3041 CKM::Policy exportable(CKM::Password(), true);
3044 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
3045 "Error=" << CKM::ErrorToString(temp));
3048 RUNNER_TEST(T17106_remove_application)
3052 auto control = CKM::Control::create();
3054 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3055 "Error=" << CKM::ErrorToString(tmp));
3057 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
3058 "Error=" << CKM::ErrorToString(tmp));
3061 RUNNER_CHILD_TEST(T17107_check_data_01)
3064 AccessProvider ap("t1706-special-label");
3065 ap.allowAPI("key-manager::api-storage", "rw");
3066 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3068 CKM::AliasVector av;
3069 auto manager = CKM::Manager::create();
3072 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3073 "Error=" << CKM::ErrorToString(temp));
3075 0 == (temp = av.size()),
3076 "Vector size: " << temp << ". Expected: 0");
3079 RUNNER_CHILD_TEST(T17108_check_data_02)
3082 AccessProvider ap("t1706-special-label2");
3083 ap.allowAPI("key-manager::api-storage", "rw");
3084 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3086 CKM::AliasVector av;
3087 auto manager = CKM::Manager::create();
3090 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3091 "Error=" << CKM::ErrorToString(temp));
3093 1 == (temp = av.size()),
3094 "Vector size: " << temp << ". Expected: 1");
3097 RUNNER_TEST(T17109_unlock_user2)
3101 auto control = CKM::Control::create();
3103 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
3104 "Error=" << CKM::ErrorToString(tmp));
3107 RUNNER_CHILD_TEST(T17110_check_data_03)
3110 AccessProvider ap("t1706-special-label");
3111 ap.allowAPI("key-manager::api-storage", "rw");
3112 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3114 CKM::AliasVector av;
3115 auto manager = CKM::Manager::create();
3118 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3119 "Error=" << CKM::ErrorToString(temp));
3121 0 == (temp = av.size()),
3122 "Vector size: " << temp << ". Expected: 0");
3125 RUNNER_CHILD_TEST(T17111_check_data_04)
3128 AccessProvider ap("t1706-special-label2");
3129 ap.allowAPI("key-manager::api-storage", "rw");
3130 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3132 CKM::AliasVector av;
3133 auto manager = CKM::Manager::create();
3136 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3137 "Error=" << CKM::ErrorToString(temp));
3139 1 == (temp = av.size()),
3140 "Vector size: " << temp << ". Expected: 1");
3143 RUNNER_TEST(T17112_deinit)
3147 auto control = CKM::Control::create();
3149 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
3150 "Error=" << CKM::ErrorToString(tmp));
3152 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
3153 "Error=" << CKM::ErrorToString(tmp));
3156 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3157 "Error=" << CKM::ErrorToString(tmp));
3159 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
3160 "Error=" << CKM::ErrorToString(tmp));
3163 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
3167 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
3168 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
3169 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
3170 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
3171 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
3174 RUNNER_TEST(T1800_init) {
3176 auto control = CKM::Control::create();
3178 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
3179 "Error=" << CKM::ErrorToString(temp));
3181 auto manager = CKM::Manager::create();
3182 manager->removeAlias(alias_PKCS_collision);
3183 manager->removeAlias(alias_PKCS_exportable);
3184 manager->removeAlias(alias_PKCS_not_exportable);
3185 manager->removeAlias(alias_PKCS_priv_key_copy);
3186 manager->removeAlias(alias_PKCS_priv_key_wrong);
3189 RUNNER_TEST(T1801_parse_PKCS12) {
3190 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3191 std::istreambuf_iterator<char> begin(is), end;
3192 std::vector<char> buff(begin, end);
3194 CKM::RawBuffer buffer(buff.size());
3195 memcpy(buffer.data(), buff.data(), buff.size());
3197 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3200 "Error in PKCS12::create()");
3202 auto cert = pkcs->getCertificate();
3205 "Error in PKCS12::getCertificate()");
3207 auto key = pkcs->getKey();
3210 "Error in PKCS12::getKey()");
3212 auto caVector = pkcs->getCaCertificateShPtrVector();
3214 0 == caVector.size(),
3215 "Wrong size of vector");
3218 RUNNER_TEST(T1802_negative_wrong_password) {
3219 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3220 std::istreambuf_iterator<char> begin(is), end;
3221 std::vector<char> buff(begin, end);
3223 CKM::RawBuffer buffer(buff.size());
3224 memcpy(buffer.data(), buff.data(), buff.size());
3226 auto pkcs = CKM::PKCS12::create(buffer, "error");
3229 "Expected error in PKCS12::create()");
3232 RUNNER_TEST(T1803_negative_broken_buffer) {
3233 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3234 std::istreambuf_iterator<char> begin(is), end;
3235 std::vector<char> buff(begin, end);
3237 CKM::RawBuffer buffer(buff.size());
3238 memcpy(buffer.data(), buff.data(), buff.size());
3240 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
3243 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3246 "Expected error in PKCS12::create()");
3249 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
3251 auto manager = CKM::Manager::create();
3252 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3253 std::istreambuf_iterator<char> begin(is), end;
3254 std::vector<char> buff(begin, end);
3256 CKM::RawBuffer buffer(buff.size());
3257 memcpy(buffer.data(), buff.data(), buff.size());
3259 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3262 "Error in PKCS12::create()");
3265 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3266 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3267 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3268 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3269 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3270 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3271 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3272 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3273 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3274 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3275 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3276 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3277 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3278 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3279 "-----END RSA PRIVATE KEY-----\n";
3281 std::string message = "message test";
3283 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3284 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3285 "Key is empty. Failed to import private key.");
3289 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
3290 "Error=" << CKM::ErrorToString(temp));
3293 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
3294 "Error=" << CKM::ErrorToString(temp));
3297 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
3299 auto manager = CKM::Manager::create();
3300 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3301 std::istreambuf_iterator<char> begin(is), end;
3302 std::vector<char> buff(begin, end);
3304 CKM::RawBuffer buffer(buff.size());
3305 memcpy(buffer.data(), buff.data(), buff.size());
3307 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3310 "Error in PKCS12::create()");
3312 auto cert = pkcs->getCertificate();
3315 "Error in PKCS12::getCertificate()");
3317 auto key = pkcs->getKey();
3320 "Error in PKCS12::getKey()");
3322 auto caVector = pkcs->getCaCertificateShPtrVector();
3324 2 == caVector.size(),
3325 "Wrong size of vector");
3329 CKM::Policy exportable;
3330 CKM::Policy notExportable(CKM::Password(), false);
3333 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3334 "Error=" << CKM::ErrorToString(tmp));
3336 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3337 "Error=" << CKM::ErrorToString(tmp));
3339 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3340 "Error=" << CKM::ErrorToString(tmp));
3342 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3343 "Error=" << CKM::ErrorToString(tmp));
3345 // try to lookup key
3346 CKM::KeyShPtr key_lookup;
3348 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3349 "Error=" << CKM::ErrorToString(tmp));
3351 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3352 "Error=" << CKM::ErrorToString(tmp));
3354 // try to lookup certificate
3355 CKM::CertificateShPtr cert_lookup;
3357 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3358 "Error=" << CKM::ErrorToString(tmp));
3360 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3361 "Error=" << CKM::ErrorToString(tmp));
3364 RUNNER_TEST(T1806_get_PKCS)
3367 auto manager = CKM::Manager::create();
3369 CKM::PKCS12ShPtr pkcs;
3373 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
3374 "Error=" << CKM::ErrorToString(temp));
3376 // fail - not exportable
3378 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
3379 "Error=" << CKM::ErrorToString(temp));
3381 // success - exportable
3383 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3384 "Error=" << CKM::ErrorToString(temp));
3386 auto cert = pkcs->getCertificate();
3389 "Error in PKCS12::getCertificate()");
3391 auto key = pkcs->getKey();
3394 "Error in PKCS12::getKey()");
3396 auto caVector = pkcs->getCaCertificateShPtrVector();
3398 2 == caVector.size(),
3399 "Wrong size of vector");
3402 RUNNER_TEST(T1807_create_and_verify_signature)
3405 auto manager = CKM::Manager::create();
3407 std::string message = "message test";
3409 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3410 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3411 CKM::RawBuffer signature;
3414 CKM_API_SUCCESS == (temp = manager->createSignature(
3415 alias_PKCS_exportable,
3417 CKM::RawBuffer(message.begin(), message.end()),
3421 "Error=" << CKM::ErrorToString(temp));
3424 CKM_API_SUCCESS == (temp = manager->verifySignature(
3425 alias_PKCS_exportable,
3427 CKM::RawBuffer(message.begin(), message.end()),
3431 "Error=" << CKM::ErrorToString(temp));
3434 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3437 auto manager = CKM::Manager::create();
3439 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3440 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3441 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3442 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3443 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3444 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3445 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3446 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3447 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3448 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3449 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3450 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3451 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3452 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3453 "-----END RSA PRIVATE KEY-----";
3454 std::string message = "message test";
3456 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3457 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3458 "Key is empty. Failed to import private key.");
3461 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3462 "Error=" << CKM::ErrorToString(temp));
3464 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3465 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3466 CKM::RawBuffer signature;
3469 CKM_API_SUCCESS == (temp = manager->createSignature(
3470 alias_PKCS_priv_key_copy,
3472 CKM::RawBuffer(message.begin(), message.end()),
3476 "Error=" << CKM::ErrorToString(temp));
3479 CKM_API_SUCCESS == (temp = manager->verifySignature(
3480 alias_PKCS_exportable,
3482 CKM::RawBuffer(message.begin(), message.end()),
3486 "Error=" << CKM::ErrorToString(temp));
3489 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3492 auto manager = CKM::Manager::create();
3494 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3495 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3496 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3497 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3498 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3499 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3500 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3501 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3502 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3503 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3504 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3505 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3506 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3507 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3508 "-----END RSA PRIVATE KEY-----\n";
3510 std::string message = "message test";
3512 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3513 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3514 "Key is empty. Failed to import private key.");
3517 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3518 "Error=" << CKM::ErrorToString(temp));
3520 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3521 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3522 CKM::RawBuffer signature;
3525 CKM_API_SUCCESS == (temp = manager->createSignature(
3526 alias_PKCS_priv_key_wrong,
3528 CKM::RawBuffer(message.begin(), message.end()),
3532 "Error=" << CKM::ErrorToString(temp));
3535 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3536 alias_PKCS_exportable,
3538 CKM::RawBuffer(message.begin(), message.end()),
3542 "Error=" << CKM::ErrorToString(temp));
3545 RUNNER_TEST(T1810_verify_get_certificate_chain)
3547 // this certificate has been signed using PKCS chain
3548 std::string im = "-----BEGIN CERTIFICATE-----\n"
3549 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3550 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3551 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3552 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3553 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3554 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3555 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3556 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3557 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3559 "-----END CERTIFICATE-----\n";
3561 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3562 CKM::CertificateShPtrVector certChain;
3563 CKM::AliasVector aliasVector;
3566 auto manager = CKM::Manager::create();
3568 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3570 tmp = manager->getCertificateChain(cert,
3575 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3576 "Error=" << CKM::ErrorToString(tmp));
3579 0 == certChain.size(),
3580 "Wrong size of certificate chain.");
3582 aliasVector.push_back(alias_PKCS_exportable);
3584 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3585 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3587 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3588 RUNNER_ASSERT_MSG_BT(
3589 4 == certChain.size(),
3590 "Wrong size of certificate chain: " << certChain.size());
3593 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3595 auto manager = CKM::Manager::create();
3599 // remove the whole PKCS12 bundles
3601 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3602 "Error=" << CKM::ErrorToString(tmp));
3604 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3605 "Error=" << CKM::ErrorToString(tmp));
3607 // expect lookup fails due to unknown alias
3608 // try to lookup key
3609 CKM::KeyShPtr key_lookup;
3611 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3612 "Error=" << CKM::ErrorToString(tmp));
3614 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3615 "Error=" << CKM::ErrorToString(tmp));
3617 // try to lookup certificate
3618 CKM::CertificateShPtr cert_lookup;
3620 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3621 "Error=" << CKM::ErrorToString(tmp));
3623 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3624 "Error=" << CKM::ErrorToString(tmp));
3627 RUNNER_TEST(T1812_negative_get_pkcs12_wrong_password)
3629 CKM::Alias alias = "t1812alias1";
3631 auto manager = CKM::Manager::create();
3632 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3633 std::istreambuf_iterator<char> begin(is), end;
3634 std::vector<char> buff(begin, end);
3636 CKM::PKCS12ShPtr pkcs12;
3638 CKM::RawBuffer buffer(buff.size());
3639 memcpy(buffer.data(), buff.data(), buff.size());
3641 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3642 RUNNER_ASSERT_MSG_BT(
3644 "Error in PKCS12::create()");
3647 RUNNER_ASSERT_MSG_BT(
3648 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy("easypass"), CKM::Policy("easypass"))),
3649 "Error=" << CKM::ErrorToString(temp));
3651 RUNNER_ASSERT_MSG_BT(
3652 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3653 "Error=" << CKM::ErrorToString(temp));
3656 RUNNER_TEST(T1813_deinit)
3659 auto control = CKM::Control::create();
3662 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3663 "Error=" << CKM::ErrorToString(temp));
3666 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3668 RUNNER_TEST(T1901_init_unlock_key)
3671 auto control = CKM::Control::create();
3673 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3674 "Error=" << CKM::ErrorToString(tmp));
3676 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3677 "Error=" << CKM::ErrorToString(tmp));
3679 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3680 "Error=" << CKM::ErrorToString(tmp));
3683 RUNNER_TEST(T1902_get_data)
3685 auto manager = CKM::Manager::create();
3688 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3691 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3692 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3695 RUNNER_TEST(T1903_lock_database)
3698 auto control = CKM::Control::create();
3700 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3701 "Error=" << CKM::ErrorToString(tmp));
3704 RUNNER_TEST(T1904_get_data_from_locked_database)
3706 auto manager = CKM::Manager::create();
3709 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3712 CKM_API_ERROR_DB_LOCKED == status1,
3713 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3716 RUNNER_TEST(T1905_deinit)
3719 auto control = CKM::Control::create();
3721 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3722 "Error=" << CKM::ErrorToString(tmp));
3725 int main(int argc, char *argv[])
3727 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3728 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob