3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
22 #include <dpl/log/log.h>
25 const int USER_APP = 5000;
26 const int GROUP_APP = 5000;
27 const int USER_TEST = 5001;
29 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
30 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
31 } // namespace anonymous
34 * How to numerate tests:
36 * T - test case (always T)
37 * AB - number of test group (always two digits)
38 * C - test number in group (all tests with same TABC must be run in the same time).
42 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
43 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
44 stop_service(MANAGER);
45 start_service(MANAGER);
47 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
48 std::istreambuf_iterator<char> begin(is), end;
49 std::vector<char> buff(begin, end);
51 CKM::RawBuffer buffer(buff.size());
52 memcpy(buffer.data(), buff.data(), buff.size());
54 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
57 "Error in PKCS12::create()");
59 // all further tests will start with newly started service,
60 // OpenSSL on the service side will have to be properly initialized too
61 stop_service(MANAGER);
62 start_service(MANAGER);
65 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
67 RUNNER_TEST(T0011_Control)
70 auto control = CKM::Control::create();
72 control->removeUserData(0);
73 control->removeUserData(20);
74 control->removeUserData(USER_APP);
77 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
78 "Error=" << CKM::ErrorToString(temp));
81 RUNNER_TEST(T0012_Control)
84 auto control = CKM::Control::create();
86 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
87 "Error=" << CKM::ErrorToString(temp));
89 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
90 "Error=" << CKM::ErrorToString(temp));
93 RUNNER_TEST(T0013_Control)
96 auto control = CKM::Control::create();
98 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
99 "Error=" << CKM::ErrorToString(temp));
102 RUNNER_TEST(T0014_Control)
105 auto control = CKM::Control::create();
107 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
108 "Error=" << CKM::ErrorToString(temp));
111 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
112 "Error=" << CKM::ErrorToString(temp));
115 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
116 "Error=" << CKM::ErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
120 "Error=" << CKM::ErrorToString(temp));
123 CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
124 "Error=" << CKM::ErrorToString(temp));
127 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
128 "Error=" << CKM::ErrorToString(temp));
131 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
132 "Error=" << CKM::ErrorToString(temp));
135 RUNNER_TEST(T0015_Control)
138 auto control = CKM::Control::create();
140 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
141 "Error=" << CKM::ErrorToString(temp));
143 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
144 "Error=" << CKM::ErrorToString(temp));
146 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
147 "Error=" << CKM::ErrorToString(temp));
149 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
150 "Error=" << CKM::ErrorToString(temp));
153 RUNNER_TEST(T0016_Control_negative_wrong_password)
156 auto control = CKM::Control::create();
158 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
159 "Error=" << CKM::ErrorToString(temp));
161 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
162 "Error=" << CKM::ErrorToString(temp));
164 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
165 "Error=" << CKM::ErrorToString(temp));
167 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
168 "Error=" << CKM::ErrorToString(temp));
170 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
171 "Error=" << CKM::ErrorToString(temp));
174 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
176 RUNNER_TEST(T1010_init)
179 auto control = CKM::Control::create();
181 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
182 "Error=" << CKM::ErrorToString(temp));
184 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
185 "Error=" << CKM::ErrorToString(temp));
188 RUNNER_TEST(T1011_key)
191 auto manager = CKM::Manager::create();
193 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
194 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
195 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
196 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
197 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
198 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
199 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
201 "-----END PUBLIC KEY-----";
203 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
204 auto key = CKM::Key::create(buffer, CKM::Password());
206 CKM::Alias alias = "mykey";
209 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
210 "Error=" << CKM::ErrorToString(temp));
212 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
213 "Error=" << CKM::ErrorToString(temp));
215 key->getDER() == key2->getDER(),
216 "Key value has been changed by service");
219 RUNNER_TEST(T1012_certificate)
222 auto manager = CKM::Manager::create();
224 auto cert = TestData::getTestCertificate(TestData::GIAG2);
225 CKM::CertificateShPtr cert2;
226 CKM::Alias alias = "myCert";
229 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
230 "Error=" << CKM::ErrorToString(temp));
232 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
233 "Error=" << CKM::ErrorToString(temp));
235 cert->getDER() == cert2->getDER(),
236 "Data has been modified in key manager");
239 RUNNER_CHILD_TEST(T1013_user_app_save_key)
241 AccessProvider ap("mylabel");
242 ap.allowAPI("key-manager::api-storage", "rw");
243 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
256 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
257 auto key = CKM::Key::create(buffer, CKM::Password());
259 CKM::Alias alias = "mykey";
260 auto manager = CKM::Manager::create();
263 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
264 "Error=" << CKM::ErrorToString(temp));
266 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
267 "Error=" << CKM::ErrorToString(temp));
269 key->getDER() == key2->getDER(), "Key value has been changed by service");
272 RUNNER_TEST(T1014_save_with_label)
275 auto manager = CKM::Manager::create();
277 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
278 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
279 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
280 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
281 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
282 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
283 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
285 "-----END PUBLIC KEY-----";
287 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
288 auto key = CKM::Key::create(buffer, CKM::Password());
289 CKM::KeyShPtr key_name, key_full_addr;
290 CKM::Alias alias = "mykey-2";
291 CharPtr top_label = get_label();
292 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
295 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
296 "Error=" << CKM::ErrorToString(temp));
300 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
301 "Error=" << CKM::ErrorToString(temp));
303 key->getDER() == key_name->getDER(),
304 "Key value has been changed by service");
306 // lookup by full address
308 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
309 "Error=" << CKM::ErrorToString(temp));
311 key->getDER() == key_full_addr->getDER(),
312 "Key value has been changed by service");
315 RUNNER_TEST(T1015_deinit)
318 auto control = CKM::Control::create();
321 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
322 "Error=" << CKM::ErrorToString(temp));
324 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
325 "Error=" << CKM::ErrorToString(temp));
327 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
328 "Error=" << CKM::ErrorToString(temp));
330 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
331 "Error=" << CKM::ErrorToString(temp));
334 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
336 RUNNER_TEST(T1020_init)
339 auto control = CKM::Control::create();
341 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
342 "Error=" << CKM::ErrorToString(temp));
344 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
345 "Error=" << CKM::ErrorToString(temp));
348 RUNNER_TEST(T1021_save_keys_get_alias)
351 auto manager = CKM::Manager::create();
353 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
354 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
355 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
356 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
357 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
358 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
359 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
361 "-----END PUBLIC KEY-----";
363 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
364 auto key = CKM::Key::create(buffer, CKM::Password());
365 CKM::AliasVector labelAliasVector;
368 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
369 "Error=" << CKM::ErrorToString(temp));
371 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
372 "Error=" << CKM::ErrorToString(temp));
374 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
375 "Error=" << CKM::ErrorToString(temp));
377 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
378 "Error=" << CKM::ErrorToString(temp));
380 labelAliasVector.size() == 3,
381 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
384 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
386 AccessProvider ap("mylabel");
387 ap.allowAPI("key-manager::api-storage", "rw");
388 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
391 auto manager = CKM::Manager::create();
393 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
394 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
395 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
396 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
397 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
398 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
399 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
401 "-----END PUBLIC KEY-----";
403 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
404 auto key = CKM::Key::create(buffer, CKM::Password());
405 CKM::AliasVector labelAliasVector;
408 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
409 "Error=" << CKM::ErrorToString(temp));
411 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
412 "Error=" << CKM::ErrorToString(temp));
414 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
415 "Error=" << CKM::ErrorToString(temp));
417 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
418 "Error=" << CKM::ErrorToString(temp));
420 labelAliasVector.size() == 3,
421 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
424 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
426 AccessProvider ap("mylabel");
427 ap.allowAPI("key-manager::api-storage", "rw");
428 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
431 auto manager = CKM::Manager::create();
433 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
434 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
435 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
436 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
437 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
438 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
439 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
441 "-----END PUBLIC KEY-----";
443 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
444 auto key = CKM::Key::create(buffer, CKM::Password());
445 CKM::AliasVector aliasVector;
446 CKM::Policy notExportable(CKM::Password(), false);
449 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
450 "Error=" << CKM::ErrorToString(temp));
452 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
453 "Error=" << CKM::ErrorToString(temp));
455 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
456 "Error=" << CKM::ErrorToString(temp));
459 RUNNER_TEST(T1029_deinit)
462 auto control = CKM::Control::create();
465 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
466 "Error=" << CKM::ErrorToString(temp));
468 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
469 "Error=" << CKM::ErrorToString(temp));
471 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
472 "Error=" << CKM::ErrorToString(temp));
474 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
475 "Error=" << CKM::ErrorToString(temp));
478 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
480 RUNNER_TEST(T1030_init)
483 auto control = CKM::Control::create();
485 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
486 "Error=" << CKM::ErrorToString(temp));
488 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
489 "Error=" << CKM::ErrorToString(temp));
492 RUNNER_TEST(T1031_save_get_bin_data)
495 auto manager = CKM::Manager::create();
497 std::string binData1 = "My bin data1";
498 std::string binData2 = "My bin data2";
499 std::string binData3 = "My bin data3";
501 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
502 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
503 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
505 CKM::AliasVector labelAliasVector;
508 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
509 "Error=" << CKM::ErrorToString(temp));
511 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
512 "Error=" << CKM::ErrorToString(temp));
514 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
515 "Error=" << CKM::ErrorToString(temp));
517 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
518 "Error=" << CKM::ErrorToString(temp));
520 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
521 "Error=" << CKM::ErrorToString(temp));
523 labelAliasVector.size() == 3,
524 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
526 CKM::RawBuffer buffer;
528 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
529 "Error=" << CKM::ErrorToString(temp));
535 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
536 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
539 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
541 AccessProvider ap("mylabel");
542 ap.allowAPI("key-manager::api-storage", "rw");
543 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
546 auto manager = CKM::Manager::create();
548 std::string binData = "My bin data";
550 CKM::RawBuffer buffer(binData.begin(), binData.end());
552 CKM::AliasVector labelAliasVector;
555 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
556 "Error=" << CKM::ErrorToString(temp));
558 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
559 "Error=" << CKM::ErrorToString(temp));
561 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
562 "Error=" << CKM::ErrorToString(temp));
564 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
565 "Error=" << CKM::ErrorToString(temp));
567 labelAliasVector.size() == 3,
568 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
571 RUNNER_TEST(T1033_remove_bin_data)
574 auto manager = CKM::Manager::create();
576 std::string binData2 = "My bin data2";
577 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
579 CKM::AliasVector labelAliasVector;
581 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
583 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
584 "Error=" << CKM::ErrorToString(temp));
586 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
587 "Error=" << CKM::ErrorToString(temp));
589 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
590 "Error=" << CKM::ErrorToString(temp));
592 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
593 "Error=" << CKM::ErrorToString(temp));
595 labelAliasVector.size() == 1,
596 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
598 CKM::RawBuffer buffer;
600 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
601 "Error=" << CKM::ErrorToString(temp));
606 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
607 "Error=" << CKM::ErrorToString(temp));
610 RUNNER_TEST(T1034_getData_wrong_password)
613 auto manager = CKM::Manager::create();
615 std::string binData1 = "My bin data4";
617 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
620 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
621 "Error=" << CKM::ErrorToString(temp));
623 CKM::RawBuffer buffer;
625 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
626 "Error=" << CKM::ErrorToString(temp));
632 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
633 "Error=" << CKM::ErrorToString(temp));
636 RUNNER_TEST(T1035_deinit)
639 auto control = CKM::Control::create();
642 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
643 "Error=" << CKM::ErrorToString(temp));
645 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
646 "Error=" << CKM::ErrorToString(temp));
648 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
649 "Error=" << CKM::ErrorToString(temp));
651 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
652 "Error=" << CKM::ErrorToString(temp));
655 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
657 RUNNER_TEST(T1040_init)
660 auto control = CKM::Control::create();
663 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
664 "Error=" << CKM::ErrorToString(temp));
667 RUNNER_CHILD_TEST(T1041_create_rsa_key)
670 auto manager = CKM::Manager::create();
673 AccessProvider ap("mylabel-rsa");
674 ap.allowAPI("key-manager::api-storage", "rw");
675 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
678 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
679 "Error=" << CKM::ErrorToString(temp));
681 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
682 "Error=" << CKM::ErrorToString(temp));
684 2 == (temp = av.size()),
685 "Vector size: " << temp << ". Expected: 2");
688 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
691 auto manager = CKM::Manager::create();
694 AccessProvider ap("mylabel-rsa");
695 ap.allowAPI("key-manager::api-storage", "rw");
696 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
699 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
700 "Error=" << CKM::ErrorToString(temp));
702 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
703 "Error=" << CKM::ErrorToString(temp));
706 RUNNER_CHILD_TEST(T1043_create_dsa_key)
709 auto manager = CKM::Manager::create();
712 AccessProvider ap("mylabel-dsa");
713 ap.allowAPI("key-manager::api-storage", "rw");
714 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
717 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
718 "Error=" << CKM::ErrorToString(temp));
720 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
721 "Error=" << CKM::ErrorToString(temp));
723 2 == (temp = av.size()),
724 "Vector size: " << temp << ". Expected: 2");
727 RUNNER_TEST(T1049_deinit)
730 auto control = CKM::Control::create();
733 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
734 "Error=" << CKM::ErrorToString(temp));
736 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
737 "Error=" << CKM::ErrorToString(temp));
741 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
743 RUNNER_TEST(T1110_init)
746 auto control = CKM::Control::create();
748 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
749 "Error=" << CKM::ErrorToString(temp));
751 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
752 "Error=" << CKM::ErrorToString(temp));
755 RUNNER_TEST(T1111_CreateKeyPairRSA)
758 auto manager = CKM::Manager::create();
759 CKM::Alias a1("rsa-test-1");
760 CKM::Alias a2("rsa-test-2");
764 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
765 "Error=" << CKM::ErrorToString(temp));
767 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
768 "Error=" << CKM::ErrorToString(temp));
771 RUNNER_TEST(T1112_CreateKeyPairDSA)
774 auto manager = CKM::Manager::create();
775 CKM::Alias a1("dsa-test-1");
776 CKM::Alias a2("dsa-test-2");
780 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
781 "Error=" << CKM::ErrorToString(temp));
783 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
784 "Error=" << CKM::ErrorToString(temp));
787 RUNNER_TEST(T1113_CreateKeyPairECDSA)
790 auto manager = CKM::Manager::create();
791 CKM::Alias a1("ecdsa-test-1");
792 CKM::Alias a2("ecdsa-test-2");
796 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
797 "Error=" << CKM::ErrorToString(temp));
800 RUNNER_TEST(T1114_deinit)
803 auto control = CKM::Control::create();
806 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
807 "Error=" << CKM::ErrorToString(temp));
809 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
810 "Error=" << CKM::ErrorToString(temp));
813 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
815 RUNNER_TEST(T12100_init)
818 auto control = CKM::Control::create();
820 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
821 "Error=" << CKM::ErrorToString(temp));
823 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
824 "Error=" << CKM::ErrorToString(temp));
827 RUNNER_TEST(T12101_key_exist)
830 auto manager = CKM::Manager::create();
832 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
833 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
834 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
835 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
836 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
837 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
838 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
840 "-----END PUBLIC KEY-----";
842 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
843 auto key = CKM::Key::create(buffer);
844 CKM::Alias alias = "rsa-alias-duplication";
847 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
848 "Error=" << CKM::ErrorToString(ret));
850 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
851 "Error=" << CKM::ErrorToString(ret));
855 * These test cases tests API when empty parameters are passed to functions
858 RUNNER_TEST(T12102_saveKey_empty_alias)
860 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
861 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
862 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
863 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
864 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
865 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
866 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
867 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
869 "-----END PUBLIC KEY-----";
871 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
872 auto key = CKM::Key::create(buffer);
873 CKM::Alias alias; //alias is not initialized
876 auto manager = CKM::Manager::create();
878 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
879 "Error=" << CKM::ErrorToString(ret));
882 RUNNER_TEST(T12103_saveKey_foreign_label)
884 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
885 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
886 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
887 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
888 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
889 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
890 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
892 "-----END PUBLIC KEY-----";
894 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
895 auto key = CKM::Key::create(buffer);
896 CKM::Alias alias = "iamsomebodyelse alias";
899 auto manager = CKM::Manager::create();
901 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
902 "Error=" << CKM::ErrorToString(ret));
905 RUNNER_TEST(T12104_saveKey_empty_key)
907 CKM::KeyShPtr key; //key is not initialized
908 CKM::Alias alias = "empty-key";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::ErrorToString(ret));
917 RUNNER_TEST(T12105_saveCertificate_empty_alias)
919 auto cert = TestData::getTestCertificate(TestData::GIAG2);
920 CKM::Alias alias; //alias is not initialized
923 auto manager = CKM::Manager::create();
925 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
926 "Error=" << CKM::ErrorToString(temp));
929 RUNNER_TEST(T12106_saveCertificate_foreign_label)
931 auto cert = TestData::getTestCertificate(TestData::GIAG2);
932 CKM::Alias alias = "iamsomebodyelse alias";
935 auto manager = CKM::Manager::create();
937 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
938 "Error=" << CKM::ErrorToString(temp));
941 RUNNER_TEST(T12107_saveCertificate_empty_cert)
943 CKM::CertificateShPtr cert; //cert is not initialized
944 CKM::Alias alias = "empty-cert";
947 auto manager = CKM::Manager::create();
949 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
950 "Error=" << CKM::ErrorToString(temp));
953 RUNNER_TEST(T12108_saveData_empty_alias)
955 std::string testData = "test data test data test data";
956 CKM::RawBuffer buffer(testData.begin(), testData.end());
960 auto manager = CKM::Manager::create();
962 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
963 "Error=" << CKM::ErrorToString(temp));
966 RUNNER_TEST(T12109_saveData_foreign_label)
968 std::string testData = "test data test data test data";
969 CKM::RawBuffer buffer(testData.begin(), testData.end());
970 CKM::Alias alias = "iamsomebodyelse alias";
973 auto manager = CKM::Manager::create();
975 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
976 "Error=" << CKM::ErrorToString(temp));
979 RUNNER_TEST(T12110_saveData_empty_data)
981 CKM::RawBuffer buffer;
982 CKM::Alias alias = "empty-data";
985 auto manager = CKM::Manager::create();
987 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
988 "Error=" << CKM::ErrorToString(temp));
992 * These test cases tests API when trying to get data from not existing alias
995 RUNNER_TEST(T12111_getKey_alias_not_exist)
998 CKM::Alias alias = "this-alias-not-exist";
1001 auto manager = CKM::Manager::create();
1003 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1004 "Error=" << CKM::ErrorToString(temp));
1007 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1009 CKM::CertificateShPtr certificate;
1010 CKM::Alias alias = "this-alias-not-exist";
1013 auto manager = CKM::Manager::create();
1015 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1016 "Error=" << CKM::ErrorToString(temp));
1019 RUNNER_TEST(T12113_getData_alias_not_exist)
1022 auto manager = CKM::Manager::create();
1023 CKM::RawBuffer buffer;
1024 CKM::Alias alias("some alias");
1026 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1027 "Error=" << CKM::ErrorToString(temp));
1031 * These test cases tests API when damaged keys are used
1033 RUNNER_TEST(T12114_rsa_key_damaged)
1036 auto manager = CKM::Manager::create();
1038 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1039 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1040 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1041 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1042 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1043 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1044 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1046 "-----END PUBLIC KEY-----";
1048 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1049 auto key = CKM::Key::create(buffer);
1050 CKM::Alias alias = "damaged-rsa";
1053 NULL == key.get(), "Key is broken. It should be empty");
1056 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1057 "Error=" << CKM::ErrorToString(ret));
1060 RUNNER_TEST(T12115_rsa_key_too_short)
1063 auto manager = CKM::Manager::create();
1065 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1066 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1067 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1068 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1069 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1070 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1071 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1073 "-----END PUBLIC KEY-----";
1075 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1076 auto key = CKM::Key::create(buffer);
1077 CKM::Alias alias = "short-rsa";
1080 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1081 "Error=" << CKM::ErrorToString(ret));
1084 RUNNER_TEST(T12116_dsa_key_too_short)
1087 auto manager = CKM::Manager::create();
1089 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1090 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1091 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1092 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1093 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1094 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1095 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1096 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1097 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1098 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1099 "YMYCBhubtrVaLmc=\n"
1100 "-----END PUBLIC KEY-----";
1102 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1103 auto key = CKM::Key::create(buffer);
1104 CKM::Alias alias = "short-dsa";
1107 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1108 "Error=" << CKM::ErrorToString(ret));
1113 * These test cases tests CKM service if malicious data is provided over the socket.
1116 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1119 auto manager = CKM::Manager::create();
1121 // fake the client - let the service detect the problem
1122 class WrongKeyImpl : public CKM::Key
1125 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1128 virtual bool empty() const {
1132 virtual CKM::KeyType getType() const {
1133 return CKM::KeyType::KEY_RSA_PUBLIC;
1135 virtual int getSize() const {
1138 virtual CKM::ElipticCurve getCurve() const {
1139 return CKM::ElipticCurve::prime192v1;
1141 virtual CKM::RawBuffer getDER() const {
1144 virtual ~WrongKeyImpl() {}
1146 CKM::RawBuffer & m_dummy;
1148 std::string dummyData = "my_cat_Berta\n";
1149 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1150 auto key = std::make_shared<WrongKeyImpl>(buffer);
1151 CKM::Alias alias = "damaged-rsa";
1154 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1155 "Error=" << CKM::ErrorToString(ret));
1158 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1160 // fake the client - let the service detect the problem
1161 class WrongCertImpl : public CKM::Certificate
1164 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1165 m_x509 = X509_new();
1168 bool empty() const {
1172 virtual X509 *getX509() const {
1176 virtual CKM::RawBuffer getDER() const {
1180 virtual ~WrongCertImpl() {
1185 CKM::RawBuffer & m_dummy;
1187 std::string dummyData = "my_cat_Stefan\n";
1188 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1189 auto cert = std::make_shared<WrongCertImpl>(buffer);
1190 CKM::Alias alias = "damaged-cert";
1193 auto manager = CKM::Manager::create();
1195 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1196 "Error=" << CKM::ErrorToString(temp));
1199 RUNNER_TEST(T12119_deinit)
1202 auto control = CKM::Control::create();
1205 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1206 "Error=" << CKM::ErrorToString(temp));
1208 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1209 "Error=" << CKM::ErrorToString(temp));
1212 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1214 RUNNER_TEST(T1311_init)
1217 auto control = CKM::Control::create();
1219 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1220 "Error=" << CKM::ErrorToString(temp));
1221 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1222 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1224 struct hostent* he = gethostbyname("google.com");
1226 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1227 "is not woking on the device. OCSP tests requires network access!");
1230 RUNNER_TEST(T1312_get_chain)
1232 auto cert = TestData::getTestCertificate(TestData::MBANK);
1233 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1235 CKM::CertificateShPtrVector certVector = {cert1};
1236 CKM::CertificateShPtrVector certChain;
1239 auto manager = CKM::Manager::create();
1241 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1242 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1244 tmp = manager->getCertificateChain(cert,
1249 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1250 "Error=" << CKM::ErrorToString(tmp));
1253 0 == certChain.size(),
1254 "Wrong size of certificate chain.");
1256 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1257 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1260 3 == certChain.size(),
1261 "Wrong size of certificate chain.");
1264 RUNNER_TEST(T1313_get_chain_with_alias)
1266 auto cert = TestData::getTestCertificate(TestData::MBANK);
1267 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1269 CKM::CertificateShPtrVector certChain;
1270 CKM::AliasVector aliasVector;
1271 CKM::Alias alias("imcert");
1272 CharPtr top_label = get_label();
1273 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1276 auto manager = CKM::Manager::create();
1278 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1279 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1281 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1282 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1283 "Error=" << CKM::ErrorToString(tmp));
1286 0 == certChain.size(),
1287 "Wrong size of certificate chain.");
1290 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1291 "Error=" << CKM::ErrorToString(tmp));
1293 aliasVector.push_back(full_address);
1295 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1296 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1299 3 == certChain.size(),
1300 "Wrong size of certificate chain.");
1303 RUNNER_TEST(T1314_ocsp_check)
1305 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1307 auto cert = TestData::getTestCertificate(TestData::MBANK);
1308 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1309 CKM::CertificateShPtrVector certVector = {cert1};
1310 CKM::CertificateShPtrVector certChain;
1313 auto manager = CKM::Manager::create();
1315 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1316 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1318 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1319 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1320 "Error=" << CKM::ErrorToString(tmp));
1323 0 == certChain.size(),
1324 "Wrong size of certificate chain.");
1326 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1327 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1330 3 == certChain.size(),
1331 "Wrong size of certificate chain.");
1335 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1336 "Error=" << CKM::ErrorToString(tmp));
1338 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1341 RUNNER_TEST(T1315_deinit)
1344 auto control = CKM::Control::create();
1347 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1348 "Error=" << CKM::ErrorToString(temp));
1350 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1351 "Error=" << CKM::ErrorToString(temp));
1354 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1356 RUNNER_TEST(T1411_init)
1359 auto control = CKM::Control::create();
1361 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1362 "Error=" << CKM::ErrorToString(temp));
1365 RUNNER_TEST(T1412_rsa_key_create_verify)
1368 auto manager = CKM::Manager::create();
1370 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1371 "Proc-Type: 4,ENCRYPTED\n"
1372 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1374 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1375 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1376 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1377 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1378 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1379 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1380 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1381 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1382 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1383 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1384 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1385 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1386 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1387 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1388 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1389 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1390 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1391 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1392 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1393 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1394 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1395 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1396 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1397 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1398 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1399 "-----END RSA PRIVATE KEY-----\n";
1401 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1402 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1403 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1404 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1405 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1406 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1407 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1409 "-----END PUBLIC KEY-----\n";
1411 std::string message = "message test";
1413 CKM::Alias aliasPub = "pub1";
1414 CKM::Alias aliasPrv = "prv1";
1415 CKM::Password password = "1234";
1416 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1417 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1418 CKM::RawBuffer signature;
1420 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1421 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1423 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1424 "Key is empty. Failed to import public key.");
1425 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1426 "Key is empty. Failed to import private key.");
1429 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1430 "Error=" << CKM::ErrorToString(temp));
1432 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1433 "Error=" << CKM::ErrorToString(temp));
1436 CKM_API_SUCCESS == (temp = manager->createSignature(
1439 CKM::RawBuffer(message.begin(), message.end()),
1443 "Error=" << CKM::ErrorToString(temp));
1446 CKM_API_SUCCESS == (temp = manager->verifySignature(
1449 CKM::RawBuffer(message.begin(), message.end()),
1453 "Error=" << CKM::ErrorToString(temp));
1456 RUNNER_TEST(T1413_dsa_key_create_verify)
1459 auto manager = CKM::Manager::create();
1461 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1462 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1463 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1464 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1465 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1466 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1467 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1468 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1469 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1470 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1471 "u1roOuaPY+Hl19BlTE2qdw==\n"
1472 "-----END DSA PRIVATE KEY-----";
1474 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1475 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1476 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1477 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1478 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1479 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1480 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1481 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1482 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1483 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1484 "YMYCBhubtrVaLmc=\n"
1485 "-----END PUBLIC KEY-----";
1487 std::string message = "message test";
1489 CKM::Alias aliasPub = "pub2";
1490 CKM::Alias aliasPrv = "prv2";
1491 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1492 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1493 CKM::RawBuffer signature;
1495 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1496 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1498 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1499 "Key is empty. Failed to import public key.");
1500 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1501 "Key is empty. Failed to import private key.");
1504 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1505 "Error=" << CKM::ErrorToString(temp));
1507 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1508 "Error=" << CKM::ErrorToString(temp));
1511 CKM_API_SUCCESS == (temp = manager->createSignature(
1514 CKM::RawBuffer(message.begin(), message.end()),
1518 "Error=" << CKM::ErrorToString(temp));
1521 CKM_API_SUCCESS == (temp = manager->verifySignature(
1524 CKM::RawBuffer(message.begin(), message.end()),
1528 "Error=" << CKM::ErrorToString(temp));
1532 RUNNER_TEST(T1414_ec_key_create_verify)
1535 auto manager = CKM::Manager::create();
1537 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1538 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1539 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1540 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1541 "-----END EC PRIVATE KEY-----\n";
1543 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1544 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1545 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1546 "-----END PUBLIC KEY-----\n";
1548 std::string message = "message test";
1550 CKM::Alias aliasPub = "ecpub2";
1551 CKM::Alias aliasPrv = "ecprv2";
1552 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1553 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1554 CKM::RawBuffer signature;
1556 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1557 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1559 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1560 "Key is empty. Failed to import public key.");
1561 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1562 "Key is empty. Failed to import private key.");
1565 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1566 "Error=" << CKM::ErrorToString(temp));
1568 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1569 "Error=" << CKM::ErrorToString(temp));
1572 CKM_API_SUCCESS == (temp = manager->createSignature(
1575 CKM::RawBuffer(message.begin(), message.end()),
1579 "Error=" << CKM::ErrorToString(temp));
1582 CKM_API_SUCCESS == (temp = manager->verifySignature(
1585 CKM::RawBuffer(message.begin(), message.end()),
1589 "Error=" << CKM::ErrorToString(temp));
1591 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1593 memcpy((void*)signature.data(), "BROKEN", 6);
1596 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1599 CKM::RawBuffer(message.begin(), message.end()),
1603 "Error=" << CKM::ErrorToString(temp));
1606 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1609 auto manager = CKM::Manager::create();
1610 std::string message = "message asdfaslkdfjlksadjf test";
1612 CKM::Alias aliasPub = "pub1";
1613 CKM::Alias aliasPrv = "prv1";
1615 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1616 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1617 CKM::RawBuffer signature;
1620 CKM_API_SUCCESS == (temp = manager->createSignature(
1623 CKM::RawBuffer(message.begin(), message.end()),
1627 "Error=" << CKM::ErrorToString(temp));
1630 CKM_API_SUCCESS == (temp = manager->verifySignature(
1633 CKM::RawBuffer(message.begin(), message.end()),
1637 "Error=" << CKM::ErrorToString(temp));
1639 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1640 memcpy((void*)signature.data(), "BROKEN", 6);
1643 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1646 CKM::RawBuffer(message.begin(), message.end()),
1650 "Error=" << CKM::ErrorToString(temp));
1653 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1656 auto manager = CKM::Manager::create();
1657 std::string message = "message asdfaslkdfjlksadjf test";
1659 CKM::Alias aliasPub = "pub2";
1660 CKM::Alias aliasPrv = "prv2";
1662 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1663 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1664 CKM::RawBuffer signature;
1667 CKM_API_SUCCESS == (temp = manager->createSignature(
1670 CKM::RawBuffer(message.begin(), message.end()),
1674 "Error=" << CKM::ErrorToString(temp));
1677 CKM_API_SUCCESS == (temp = manager->verifySignature(
1680 CKM::RawBuffer(message.begin(), message.end()),
1684 "Error=" << CKM::ErrorToString(temp));
1686 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1687 memcpy((void*)signature.data(), "BROKEN", 6);
1690 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1693 CKM::RawBuffer(message.begin(), message.end()),
1697 "Error=" << CKM::ErrorToString(temp));
1700 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1703 auto manager = CKM::Manager::create();
1706 "-----BEGIN RSA PRIVATE KEY-----\n"
1707 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1708 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1709 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1710 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1711 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1712 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1713 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1714 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1715 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1716 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1717 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1718 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1719 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1720 "-----END RSA PRIVATE KEY-----\n";
1723 "-----BEGIN CERTIFICATE-----\n"
1724 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1725 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1726 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1727 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1728 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1729 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1730 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1731 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1732 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1733 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1734 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1735 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1736 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1737 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1738 "-----END CERTIFICATE-----\n";
1740 std::string message = "message test";
1742 CKM::Alias aliasPub = "pub1-cert";
1743 CKM::Alias aliasPrv = "prv1-cert";
1744 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1745 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1746 CKM::RawBuffer signature;
1748 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1749 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1751 RUNNER_ASSERT_MSG(NULL != cert.get(),
1752 "Key is empty. Failed to import public key.");
1753 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1754 "Key is empty. Failed to import private key.");
1757 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1758 "Error=" << CKM::ErrorToString(temp));
1760 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1761 "Error=" << CKM::ErrorToString(temp));
1764 CKM_API_SUCCESS == (temp = manager->createSignature(
1767 CKM::RawBuffer(message.begin(), message.end()),
1771 "Error=" << CKM::ErrorToString(temp));
1774 CKM_API_SUCCESS == (temp = manager->verifySignature(
1777 CKM::RawBuffer(message.begin(), message.end()),
1781 "Error=" << CKM::ErrorToString(temp));
1783 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1785 memcpy((void*)signature.data(), "BROKEN", 6);
1788 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1791 CKM::RawBuffer(message.begin(), message.end()),
1795 "Error=" << CKM::ErrorToString(temp));
1798 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
1801 auto manager = CKM::Manager::create();
1803 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1804 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1805 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1806 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1807 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1808 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1809 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1810 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1811 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1812 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1813 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1814 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1815 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1816 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1817 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1818 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1819 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1820 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1821 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1822 "-----END CERTIFICATE-----\n";
1824 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1825 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1826 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1827 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1828 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1829 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1830 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1831 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1832 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1833 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1834 "vonbjii3BYe4AIdkzOvp\n"
1835 "-----END DSA PRIVATE KEY-----\n";
1837 std::string message = "message test";
1839 CKM::Alias aliasPub = "pub2-cert";
1840 CKM::Alias aliasPrv = "prv2-cert";
1841 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1842 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1843 CKM::RawBuffer signature;
1845 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1846 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1848 RUNNER_ASSERT_MSG(NULL != cert.get(),
1849 "Key is empty. Failed to import public key.");
1850 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1851 "Key is empty. Failed to import private key.");
1854 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1855 "Error=" << CKM::ErrorToString(temp));
1857 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1858 "Error=" << CKM::ErrorToString(temp));
1861 CKM_API_SUCCESS == (temp = manager->createSignature(
1864 CKM::RawBuffer(message.begin(), message.end()),
1868 "Error=" << CKM::ErrorToString(temp));
1871 CKM_API_SUCCESS == (temp = manager->verifySignature(
1874 CKM::RawBuffer(message.begin(), message.end()),
1878 "Error=" << CKM::ErrorToString(temp));
1880 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1882 memcpy((void*)signature.data(), "BROKEN", 6);
1885 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1888 CKM::RawBuffer(message.begin(), message.end()),
1892 "Error=" << CKM::ErrorToString(temp));
1895 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
1898 auto manager = CKM::Manager::create();
1901 "-----BEGIN EC PRIVATE KEY-----\n"
1902 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1903 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1904 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1905 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1906 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1907 "ELyhe7yPCAuOoLZlTLgf\n"
1908 "-----END EC PRIVATE KEY-----\n";
1911 "-----BEGIN CERTIFICATE-----\n"
1912 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1913 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1914 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1915 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1916 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1917 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1918 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1919 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1920 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1921 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1922 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1923 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1924 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1925 "Q1oBry6NEc+lLFmWMDesAA==\n"
1926 "-----END CERTIFICATE-----\n";
1928 std::string message = "message test";
1930 CKM::Alias aliasPub = "pub3";
1931 CKM::Alias aliasPrv = "prv3";
1932 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1933 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1934 CKM::RawBuffer signature;
1936 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1937 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1939 RUNNER_ASSERT_MSG(NULL != cert.get(),
1940 "Key is empty. Failed to import public key.");
1941 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1942 "Key is empty. Failed to import private key.");
1945 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1946 "Error=" << CKM::ErrorToString(temp));
1948 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1949 "Error=" << CKM::ErrorToString(temp));
1952 CKM_API_SUCCESS == (temp = manager->createSignature(
1955 CKM::RawBuffer(message.begin(), message.end()),
1959 "Error=" << CKM::ErrorToString(temp));
1962 CKM_API_SUCCESS == (temp = manager->verifySignature(
1965 CKM::RawBuffer(message.begin(), message.end()),
1969 "Error=" << CKM::ErrorToString(temp));
1971 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1973 memcpy((void*)signature.data(), "BROKEN", 6);
1976 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1979 CKM::RawBuffer(message.begin(), message.end()),
1983 "Error=" << CKM::ErrorToString(temp));
1986 RUNNER_TEST(T1420_deinit)
1989 auto control = CKM::Control::create();
1992 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1993 "Error=" << CKM::ErrorToString(temp));
1995 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1996 "Error=" << CKM::ErrorToString(temp));
1999 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2001 RUNNER_TEST(T14180_init)
2004 auto control = CKM::Control::create();
2006 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2007 "Error=" << CKM::ErrorToString(temp));
2009 auto manager = CKM::Manager::create();
2011 // Prepare RSA Key Pair
2012 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2013 "Proc-Type: 4,ENCRYPTED\n"
2014 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2016 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2017 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2018 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2019 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2020 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2021 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2022 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2023 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2024 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2025 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2026 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2027 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2028 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2029 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2030 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2031 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2032 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2033 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2034 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2035 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2036 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2037 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2038 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2039 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2040 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2041 "-----END RSA PRIVATE KEY-----\n";
2043 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2044 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2045 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2046 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2047 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2048 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2049 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2051 "-----END PUBLIC KEY-----\n";
2053 CKM::Alias aliasPub = "pub_nohash1";
2054 CKM::Alias aliasPrv = "prv_nohash1";
2055 CKM::Password password = "1234";
2057 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2058 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2060 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2061 "Key is empty. Failed to import public key.");
2062 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2063 "Key is empty. Failed to import private key.");
2066 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2067 "Error=" << CKM::ErrorToString(temp));
2069 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2070 "Error=" << CKM::ErrorToString(temp));
2072 // Prepare ECDSA Key Pair
2073 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2074 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2075 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2076 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2077 "-----END EC PRIVATE KEY-----\n";
2079 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2080 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2081 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2082 "-----END PUBLIC KEY-----\n";
2084 CKM::Alias aliasEcPub = "ecpub_nohash1";
2085 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2087 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2088 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2090 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2091 "Key is empty. Failed to import public key.");
2092 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2093 "Key is empty. Failed to import private key.");
2096 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2097 "Error=" << CKM::ErrorToString(temp));
2099 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2100 "Error=" << CKM::ErrorToString(temp));
2104 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2107 auto manager = CKM::Manager::create();
2108 std::string message = "message asdfaslkdfjlksadjf test";
2110 CKM::Alias aliasPub = "pub_nohash1";
2111 CKM::Alias aliasPrv = "prv_nohash1";
2113 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2114 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2115 CKM::RawBuffer signature;
2118 CKM_API_SUCCESS == (temp = manager->createSignature(
2121 CKM::RawBuffer(message.begin(), message.end()),
2125 "Error=" << CKM::ErrorToString(temp));
2128 CKM_API_SUCCESS == (temp = manager->verifySignature(
2131 CKM::RawBuffer(message.begin(), message.end()),
2135 "Error=" << CKM::ErrorToString(temp));
2137 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2138 memcpy((void*)signature.data(), "BROKEN", 6);
2141 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2144 CKM::RawBuffer(message.begin(), message.end()),
2148 "Error=" << CKM::ErrorToString(temp));
2151 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2154 auto manager = CKM::Manager::create();
2155 std::string message = "message asdfaslkdfjlksadjf test";
2157 CKM::Alias aliasPub = "pub_nohash1";
2158 CKM::Alias aliasPrv = "prv_nohash1";
2160 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2161 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2162 CKM::RawBuffer signature;
2165 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2168 CKM::RawBuffer(message.begin(), message.end()),
2172 "Error=" << CKM::ErrorToString(temp));
2175 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2178 auto manager = CKM::Manager::create();
2179 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2180 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2181 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2182 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2183 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2184 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2185 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2186 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2187 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2188 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2189 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2190 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2191 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2192 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2193 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2194 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2195 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2196 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2197 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2198 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2200 CKM::Alias aliasPub = "pub_nohash1";
2201 CKM::Alias aliasPrv = "prv_nohash1";
2203 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2204 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2205 CKM::RawBuffer signature;
2208 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2211 CKM::RawBuffer(message.begin(), message.end()),
2215 "Error=" << CKM::ErrorToString(temp));
2219 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2222 auto manager = CKM::Manager::create();
2224 std::string message = "message test";
2226 CKM::Alias aliasPub = "ecpub_nohash1";
2227 CKM::Alias aliasPrv = "ecprv_nohash1";
2228 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2229 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2230 CKM::RawBuffer signature;
2233 CKM_API_SUCCESS == (temp = manager->createSignature(
2236 CKM::RawBuffer(message.begin(), message.end()),
2240 "Error=" << CKM::ErrorToString(temp));
2243 CKM_API_SUCCESS == (temp = manager->verifySignature(
2246 CKM::RawBuffer(message.begin(), message.end()),
2250 "Error=" << CKM::ErrorToString(temp));
2252 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2254 memcpy((void*)signature.data(), "BROKEN", 6);
2257 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2260 CKM::RawBuffer(message.begin(), message.end()),
2264 "Error=" << CKM::ErrorToString(temp));
2267 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2270 auto manager = CKM::Manager::create();
2272 int msgSize = 1024*1024;
2273 char big_msg[msgSize];
2274 for(int i =0; i<msgSize-1; i++) {
2277 big_msg[msgSize-1]=0x00;
2278 std::string message(big_msg);
2280 CKM::Alias aliasPub = "ecpub_nohash1";
2281 CKM::Alias aliasPrv = "ecprv_nohash1";
2282 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2283 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2284 CKM::RawBuffer signature;
2287 CKM_API_SUCCESS == (temp = manager->createSignature(
2290 CKM::RawBuffer(message.begin(), message.end()),
2294 "Error=" << CKM::ErrorToString(temp));
2298 RUNNER_TEST(T14189_deinit)
2301 auto control = CKM::Control::create();
2304 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2305 "Error=" << CKM::ErrorToString(temp));
2307 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2308 "Error=" << CKM::ErrorToString(temp));
2312 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2314 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2317 AccessProvider ap("my-label");
2318 ap.allowAPI("key-manager::api-control", "rw");
2319 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2321 auto control = CKM::Control::create();
2323 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2324 "Error=" << CKM::ErrorToString(tmp));
2327 RUNNER_CHILD_TEST(T1511_insert_data)
2329 AccessProvider ap("my-label");
2330 ap.allowAPI("key-manager::api-storage", "rw");
2331 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2333 auto certee = TestData::getTestCertificate(TestData::MBANK);
2334 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2336 auto manager = CKM::Manager::create();
2337 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2338 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2341 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2342 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2345 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2346 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2349 RUNNER_CHILD_TEST(T1519_deinit)
2352 AccessProvider ap("my-label");
2353 ap.allowAPI("key-manager::api-control", "rw");
2354 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2356 auto control = CKM::Control::create();
2358 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2359 "Error=" << CKM::ErrorToString(tmp));
2363 RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
2365 RUNNER_CHILD_TEST(T1610_init_lock_key)
2368 AccessProvider ap("my-label");
2369 ap.allowAPI("key-manager::api-control", "rw");
2370 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2372 auto control = CKM::Control::create();
2374 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
2375 "Error=" << CKM::ErrorToString(tmp));
2377 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2378 "Error=" << CKM::ErrorToString(tmp));
2381 RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
2383 AccessProvider ap("my-label");
2384 ap.allowAPI("key-manager::api-storage", "rw");
2385 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2388 auto manager = CKM::Manager::create();
2390 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2391 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2392 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2393 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2394 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2395 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2396 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2398 "-----END PUBLIC KEY-----";
2400 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2401 auto key = CKM::Key::create(buffer, CKM::Password());
2403 CKM::Alias alias = "mykey_defpasswd";
2406 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
2407 "Error=" << CKM::ErrorToString(temp));
2409 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
2410 "Error=" << CKM::ErrorToString(temp));
2412 key->getDER() == key2->getDER(),
2413 "Key value has been changed by service");
2415 std::string invalid_address = aliasWithLabel("i-do-not-exist", alias.c_str());
2417 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
2418 "Error=" << CKM::ErrorToString(temp));
2420 CKM_API_SUCCESS == (temp = manager->removeAlias(alias)),
2421 "Error=" << CKM::ErrorToString(temp));
2424 RUNNER_CHILD_TEST(T1612_init_change_user_password)
2427 AccessProvider ap("my-label");
2428 ap.allowAPI("key-manager::api-control", "rw");
2429 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2431 auto control = CKM::Control::create();
2433 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
2434 "Error=" << CKM::ErrorToString(tmp));
2435 // confirm changed password
2437 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_APP,"user-pass")),
2438 CKM::ErrorToString(tmp));
2440 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2441 CKM::ErrorToString(tmp));
2444 RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
2446 AccessProvider ap("my-label");
2447 ap.allowAPI("key-manager::api-storage", "rw");
2448 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2451 auto manager = CKM::Manager::create();
2453 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2454 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2455 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2456 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2457 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2458 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2459 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2461 "-----END PUBLIC KEY-----";
2463 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2464 auto key = CKM::Key::create(buffer, CKM::Password());
2466 CKM::Alias alias = "mykey_defpasswd";
2469 CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
2470 "Error=" << CKM::ErrorToString(temp));
2472 CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
2473 "Error=" << CKM::ErrorToString(temp));
2475 CKM_API_ERROR_DB_LOCKED == (temp = manager->removeAlias(alias)),
2476 "Error=" << CKM::ErrorToString(temp));
2479 RUNNER_CHILD_TEST(T1619_deinit)
2481 AccessProvider ap("my-label");
2482 ap.allowAPI("key-manager::api-control", "rw");
2483 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2486 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2488 RUNNER_TEST(T1701_init_unlock_key)
2491 auto control = CKM::Control::create();
2493 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2494 "Error=" << CKM::ErrorToString(tmp));
2497 RUNNER_CHILD_TEST(T1702_insert_data)
2500 AccessProvider ap("t170-special-label");
2501 ap.allowAPI("key-manager::api-storage", "rw");
2502 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2504 auto certee = TestData::getTestCertificate(TestData::MBANK);
2506 auto manager = CKM::Manager::create();
2507 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2510 CKM_API_SUCCESS == status1,
2511 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2513 CKM::AliasVector av;
2515 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2516 "Error=" << CKM::ErrorToString(temp));
2518 1 == (temp = av.size()),
2519 "Vector size: " << temp << ". Expected: 1");
2522 RUNNER_TEST(T1703_removeApplicationData)
2525 auto control = CKM::Control::create();
2527 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2528 "Error=" << CKM::ErrorToString(tmp));
2531 RUNNER_CHILD_TEST(T1704_data_test)
2534 AccessProvider ap("t170-special-label");
2535 ap.allowAPI("key-manager::api-storage", "rw");
2536 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2538 CKM::AliasVector av;
2539 auto manager = CKM::Manager::create();
2542 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2543 "Error=" << CKM::ErrorToString(temp));
2545 0 == (temp = av.size()),
2546 "Vector size: " << temp << ". Expected: 0");
2549 RUNNER_TEST(T1705_deinit)
2553 auto control = CKM::Control::create();
2555 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2556 "Error=" << CKM::ErrorToString(tmp));
2558 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2559 "Error=" << CKM::ErrorToString(tmp));
2562 RUNNER_TEST(T17101_init)
2566 auto control = CKM::Control::create();
2568 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2569 "Error=" << CKM::ErrorToString(tmp));
2571 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2572 "Error=" << CKM::ErrorToString(tmp));
2574 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2575 "Error=" << CKM::ErrorToString(tmp));
2578 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2579 "Error=" << CKM::ErrorToString(tmp));
2581 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2582 "Error=" << CKM::ErrorToString(tmp));
2584 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2585 "Error=" << CKM::ErrorToString(tmp));
2588 RUNNER_CHILD_TEST(T17102_prep_data_01)
2591 AccessProvider ap("t1706-special-label");
2592 ap.allowAPI("key-manager::api-storage", "rw");
2593 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2595 CKM::AliasVector av;
2596 auto manager = CKM::Manager::create();
2598 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2600 CKM::RawBuffer buffer(data.begin(), data.end());
2601 CKM::Policy exportable(CKM::Password(), true);
2604 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2605 "Error=" << CKM::ErrorToString(temp));
2608 RUNNER_CHILD_TEST(T17103_prep_data_02)
2611 AccessProvider ap("t1706-special-label2");
2612 ap.allowAPI("key-manager::api-storage", "rw");
2613 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2615 CKM::AliasVector av;
2616 auto manager = CKM::Manager::create();
2618 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2620 CKM::RawBuffer buffer(data.begin(), data.end());
2621 CKM::Policy exportable(CKM::Password(), true);
2624 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2625 "Error=" << CKM::ErrorToString(temp));
2628 RUNNER_CHILD_TEST(T17104_prep_data_03)
2631 AccessProvider ap("t1706-special-label");
2632 ap.allowAPI("key-manager::api-storage", "rw");
2633 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2635 CKM::AliasVector av;
2636 auto manager = CKM::Manager::create();
2638 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2640 CKM::RawBuffer buffer(data.begin(), data.end());
2641 CKM::Policy exportable(CKM::Password(), true);
2644 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2645 "Error=" << CKM::ErrorToString(temp));
2648 RUNNER_CHILD_TEST(T17105_prep_data_04)
2651 AccessProvider ap("t1706-special-label2");
2652 ap.allowAPI("key-manager::api-storage", "rw");
2653 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2655 CKM::AliasVector av;
2656 auto manager = CKM::Manager::create();
2658 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2660 CKM::RawBuffer buffer(data.begin(), data.end());
2661 CKM::Policy exportable(CKM::Password(), true);
2664 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2665 "Error=" << CKM::ErrorToString(temp));
2668 RUNNER_TEST(T17106_remove_application)
2672 auto control = CKM::Control::create();
2674 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2675 "Error=" << CKM::ErrorToString(tmp));
2677 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
2678 "Error=" << CKM::ErrorToString(tmp));
2681 RUNNER_CHILD_TEST(T17107_check_data_01)
2684 AccessProvider ap("t1706-special-label");
2685 ap.allowAPI("key-manager::api-storage", "rw");
2686 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2688 CKM::AliasVector av;
2689 auto manager = CKM::Manager::create();
2692 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2693 "Error=" << CKM::ErrorToString(temp));
2695 0 == (temp = av.size()),
2696 "Vector size: " << temp << ". Expected: 0");
2699 RUNNER_CHILD_TEST(T17108_check_data_02)
2702 AccessProvider ap("t1706-special-label2");
2703 ap.allowAPI("key-manager::api-storage", "rw");
2704 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2706 CKM::AliasVector av;
2707 auto manager = CKM::Manager::create();
2710 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2711 "Error=" << CKM::ErrorToString(temp));
2713 1 == (temp = av.size()),
2714 "Vector size: " << temp << ". Expected: 1");
2717 RUNNER_TEST(T17109_unlock_user2)
2721 auto control = CKM::Control::create();
2723 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2724 "Error=" << CKM::ErrorToString(tmp));
2727 RUNNER_CHILD_TEST(T17110_check_data_03)
2730 AccessProvider ap("t1706-special-label");
2731 ap.allowAPI("key-manager::api-storage", "rw");
2732 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2734 CKM::AliasVector av;
2735 auto manager = CKM::Manager::create();
2738 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2739 "Error=" << CKM::ErrorToString(temp));
2741 0 == (temp = av.size()),
2742 "Vector size: " << temp << ". Expected: 0");
2745 RUNNER_CHILD_TEST(T17111_check_data_04)
2748 AccessProvider ap("t1706-special-label2");
2749 ap.allowAPI("key-manager::api-storage", "rw");
2750 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2752 CKM::AliasVector av;
2753 auto manager = CKM::Manager::create();
2756 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2757 "Error=" << CKM::ErrorToString(temp));
2759 1 == (temp = av.size()),
2760 "Vector size: " << temp << ". Expected: 1");
2763 RUNNER_TEST(T17112_deinit)
2767 auto control = CKM::Control::create();
2769 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2770 "Error=" << CKM::ErrorToString(tmp));
2772 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2773 "Error=" << CKM::ErrorToString(tmp));
2776 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2777 "Error=" << CKM::ErrorToString(tmp));
2779 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2780 "Error=" << CKM::ErrorToString(tmp));
2783 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2787 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2788 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2789 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2790 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2791 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2794 RUNNER_TEST(T1800_init) {
2796 auto control = CKM::Control::create();
2798 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
2799 "Error=" << CKM::ErrorToString(temp));
2801 auto manager = CKM::Manager::create();
2802 manager->removeAlias(alias_PKCS_collision);
2803 manager->removeAlias(alias_PKCS_exportable);
2804 manager->removeAlias(alias_PKCS_not_exportable);
2805 manager->removeAlias(alias_PKCS_priv_key_copy);
2806 manager->removeAlias(alias_PKCS_priv_key_wrong);
2809 RUNNER_TEST(T1801_parse_PKCS12) {
2810 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2811 std::istreambuf_iterator<char> begin(is), end;
2812 std::vector<char> buff(begin, end);
2814 CKM::RawBuffer buffer(buff.size());
2815 memcpy(buffer.data(), buff.data(), buff.size());
2817 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2820 "Error in PKCS12::create()");
2822 auto cert = pkcs->getCertificate();
2825 "Error in PKCS12::getCertificate()");
2827 auto key = pkcs->getKey();
2830 "Error in PKCS12::getKey()");
2832 auto caVector = pkcs->getCaCertificateShPtrVector();
2834 0 == caVector.size(),
2835 "Wrong size of vector");
2838 RUNNER_TEST(T1802_negative_wrong_password) {
2839 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2840 std::istreambuf_iterator<char> begin(is), end;
2841 std::vector<char> buff(begin, end);
2843 CKM::RawBuffer buffer(buff.size());
2844 memcpy(buffer.data(), buff.data(), buff.size());
2846 auto pkcs = CKM::PKCS12::create(buffer, "error");
2849 "Expected error in PKCS12::create()");
2852 RUNNER_TEST(T1803_negative_broken_buffer) {
2853 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2854 std::istreambuf_iterator<char> begin(is), end;
2855 std::vector<char> buff(begin, end);
2857 CKM::RawBuffer buffer(buff.size());
2858 memcpy(buffer.data(), buff.data(), buff.size());
2860 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2863 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2866 "Expected error in PKCS12::create()");
2869 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2871 auto manager = CKM::Manager::create();
2872 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2873 std::istreambuf_iterator<char> begin(is), end;
2874 std::vector<char> buff(begin, end);
2876 CKM::RawBuffer buffer(buff.size());
2877 memcpy(buffer.data(), buff.data(), buff.size());
2879 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2882 "Error in PKCS12::create()");
2885 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2886 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2887 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2888 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2889 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2890 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2891 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2892 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2893 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2894 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2895 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2896 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2897 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2898 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2899 "-----END RSA PRIVATE KEY-----\n";
2901 std::string message = "message test";
2903 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2904 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2905 "Key is empty. Failed to import private key.");
2909 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2910 "Error=" << CKM::ErrorToString(temp));
2913 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2914 "Error=" << CKM::ErrorToString(temp));
2917 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2919 auto manager = CKM::Manager::create();
2920 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2921 std::istreambuf_iterator<char> begin(is), end;
2922 std::vector<char> buff(begin, end);
2924 CKM::RawBuffer buffer(buff.size());
2925 memcpy(buffer.data(), buff.data(), buff.size());
2927 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2930 "Error in PKCS12::create()");
2932 auto cert = pkcs->getCertificate();
2935 "Error in PKCS12::getCertificate()");
2937 auto key = pkcs->getKey();
2940 "Error in PKCS12::getKey()");
2942 auto caVector = pkcs->getCaCertificateShPtrVector();
2944 2 == caVector.size(),
2945 "Wrong size of vector");
2949 CKM::Policy exportable;
2950 CKM::Policy notExportable(CKM::Password(), false);
2953 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2954 "Error=" << CKM::ErrorToString(tmp));
2956 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2957 "Error=" << CKM::ErrorToString(tmp));
2959 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2960 "Error=" << CKM::ErrorToString(tmp));
2962 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2963 "Error=" << CKM::ErrorToString(tmp));
2965 // try to lookup key
2966 CKM::KeyShPtr key_lookup;
2968 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2969 "Error=" << CKM::ErrorToString(tmp));
2971 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2972 "Error=" << CKM::ErrorToString(tmp));
2974 // try to lookup certificate
2975 CKM::CertificateShPtr cert_lookup;
2977 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2978 "Error=" << CKM::ErrorToString(tmp));
2980 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2981 "Error=" << CKM::ErrorToString(tmp));
2984 RUNNER_TEST(T1806_get_PKCS)
2987 auto manager = CKM::Manager::create();
2989 CKM::PKCS12ShPtr pkcs;
2993 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2994 "Error=" << CKM::ErrorToString(temp));
2996 // fail - not exportable
2998 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2999 "Error=" << CKM::ErrorToString(temp));
3001 // success - exportable
3003 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3004 "Error=" << CKM::ErrorToString(temp));
3006 auto cert = pkcs->getCertificate();
3009 "Error in PKCS12::getCertificate()");
3011 auto key = pkcs->getKey();
3014 "Error in PKCS12::getKey()");
3016 auto caVector = pkcs->getCaCertificateShPtrVector();
3018 2 == caVector.size(),
3019 "Wrong size of vector");
3022 RUNNER_TEST(T1807_create_and_verify_signature)
3025 auto manager = CKM::Manager::create();
3027 std::string message = "message test";
3029 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3030 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3031 CKM::RawBuffer signature;
3034 CKM_API_SUCCESS == (temp = manager->createSignature(
3035 alias_PKCS_exportable,
3037 CKM::RawBuffer(message.begin(), message.end()),
3041 "Error=" << CKM::ErrorToString(temp));
3044 CKM_API_SUCCESS == (temp = manager->verifySignature(
3045 alias_PKCS_exportable,
3047 CKM::RawBuffer(message.begin(), message.end()),
3051 "Error=" << CKM::ErrorToString(temp));
3054 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3057 auto manager = CKM::Manager::create();
3059 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3060 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3061 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3062 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3063 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3064 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3065 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3066 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3067 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3068 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3069 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3070 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3071 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3072 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3073 "-----END RSA PRIVATE KEY-----";
3074 std::string message = "message test";
3076 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3077 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3078 "Key is empty. Failed to import private key.");
3081 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3082 "Error=" << CKM::ErrorToString(temp));
3084 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3085 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3086 CKM::RawBuffer signature;
3089 CKM_API_SUCCESS == (temp = manager->createSignature(
3090 alias_PKCS_priv_key_copy,
3092 CKM::RawBuffer(message.begin(), message.end()),
3096 "Error=" << CKM::ErrorToString(temp));
3099 CKM_API_SUCCESS == (temp = manager->verifySignature(
3100 alias_PKCS_exportable,
3102 CKM::RawBuffer(message.begin(), message.end()),
3106 "Error=" << CKM::ErrorToString(temp));
3109 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3112 auto manager = CKM::Manager::create();
3114 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3115 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3116 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3117 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3118 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3119 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3120 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3121 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3122 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3123 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3124 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3125 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3126 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3127 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3128 "-----END RSA PRIVATE KEY-----\n";
3130 std::string message = "message test";
3132 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3133 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3134 "Key is empty. Failed to import private key.");
3137 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3138 "Error=" << CKM::ErrorToString(temp));
3140 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3141 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3142 CKM::RawBuffer signature;
3145 CKM_API_SUCCESS == (temp = manager->createSignature(
3146 alias_PKCS_priv_key_wrong,
3148 CKM::RawBuffer(message.begin(), message.end()),
3152 "Error=" << CKM::ErrorToString(temp));
3155 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3156 alias_PKCS_exportable,
3158 CKM::RawBuffer(message.begin(), message.end()),
3162 "Error=" << CKM::ErrorToString(temp));
3165 RUNNER_TEST(T1810_verify_get_certificate_chain)
3167 // this certificate has been signed using PKCS chain
3168 std::string im = "-----BEGIN CERTIFICATE-----\n"
3169 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3170 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3171 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3172 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3173 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3174 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3175 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3176 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3177 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3179 "-----END CERTIFICATE-----\n";
3181 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3182 CKM::CertificateShPtrVector certChain;
3183 CKM::AliasVector aliasVector;
3186 auto manager = CKM::Manager::create();
3188 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3190 tmp = manager->getCertificateChain(cert,
3195 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3196 "Error=" << CKM::ErrorToString(tmp));
3199 0 == certChain.size(),
3200 "Wrong size of certificate chain.");
3202 aliasVector.push_back(alias_PKCS_exportable);
3204 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3205 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3207 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3209 4 == certChain.size(),
3210 "Wrong size of certificate chain: " << certChain.size());
3213 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3215 auto manager = CKM::Manager::create();
3219 // remove the whole PKCS12 bundles
3221 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3222 "Error=" << CKM::ErrorToString(tmp));
3224 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3225 "Error=" << CKM::ErrorToString(tmp));
3227 // expect lookup fails due to unknown alias
3228 // try to lookup key
3229 CKM::KeyShPtr key_lookup;
3231 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3232 "Error=" << CKM::ErrorToString(tmp));
3234 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3235 "Error=" << CKM::ErrorToString(tmp));
3237 // try to lookup certificate
3238 CKM::CertificateShPtr cert_lookup;
3240 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3241 "Error=" << CKM::ErrorToString(tmp));
3243 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3244 "Error=" << CKM::ErrorToString(tmp));
3247 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3249 CKM::Alias alias = "t1812alias1";
3251 auto manager = CKM::Manager::create();
3252 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3253 std::istreambuf_iterator<char> begin(is), end;
3254 std::vector<char> buff(begin, end);
3256 CKM::PKCS12ShPtr pkcs12;
3257 CKM::Password pass1 = "easypass1";
3258 CKM::Password pass2 = "easypass2";
3260 CKM::RawBuffer buffer(buff.size());
3261 memcpy(buffer.data(), buff.data(), buff.size());
3263 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3266 "Error in PKCS12::create()");
3270 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3271 "Error=" << CKM::ErrorToString(temp));
3274 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3275 "Error=" << CKM::ErrorToString(temp));
3278 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3279 "Error=" << CKM::ErrorToString(temp));
3282 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3283 "Error=" << CKM::ErrorToString(temp));
3286 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3287 "Error=" << CKM::ErrorToString(temp));
3290 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3291 "Error=" << CKM::ErrorToString(temp));
3293 CKM::CertificateShPtr cert;
3295 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3296 "Error=" << CKM::ErrorToString(temp));
3298 CKM::CertificateShPtrVector certChain;
3299 CKM::AliasVector certVect;
3300 certVect.push_back(alias);
3303 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3304 "Error=" << CKM::ErrorToString(temp));
3307 RUNNER_TEST(T1813_deinit)
3310 auto control = CKM::Control::create();
3313 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3314 "Error=" << CKM::ErrorToString(temp));
3317 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3319 RUNNER_TEST(T1901_init_unlock_key)
3322 auto control = CKM::Control::create();
3324 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3325 "Error=" << CKM::ErrorToString(tmp));
3327 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3328 "Error=" << CKM::ErrorToString(tmp));
3330 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3331 "Error=" << CKM::ErrorToString(tmp));
3334 RUNNER_TEST(T1902_get_data)
3336 auto manager = CKM::Manager::create();
3339 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3342 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3343 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3346 RUNNER_TEST(T1903_lock_database)
3349 auto control = CKM::Control::create();
3351 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3352 "Error=" << CKM::ErrorToString(tmp));
3355 RUNNER_TEST(T1904_get_data_from_locked_database)
3357 auto manager = CKM::Manager::create();
3360 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3363 CKM_API_ERROR_DB_LOCKED == status1,
3364 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3367 RUNNER_TEST(T1905_deinit)
3370 auto control = CKM::Control::create();
3372 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3373 "Error=" << CKM::ErrorToString(tmp));
3376 int main(int argc, char *argv[])
3378 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3379 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);