3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <access_provider2.h>
9 #include <ckm-common.h>
10 #include <ckm/ckm-manager.h>
11 #include <ckm/ckm-control.h>
12 #include <ckm/ckm-password.h>
13 #include <ckm/ckm-type.h>
14 #include <ckm/ckm-pkcs12.h>
18 #include <openssl/x509.h>
19 #include <openssl/x509v3.h>
21 #include <dpl/log/log.h>
24 const int USER_APP = 5000;
25 const int GROUP_APP = 5000;
26 const int USER_TEST = 5001;
28 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
29 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
30 } // namespace anonymous
33 * How to numerate tests:
35 * T - test case (always T)
36 * AB - number of test group (always two digits)
37 * C - test number in group (all tests with same TABC must be run in the same time).
41 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
42 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
43 stop_service(MANAGER);
44 start_service(MANAGER);
46 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
47 std::istreambuf_iterator<char> begin(is), end;
48 std::vector<char> buff(begin, end);
50 CKM::RawBuffer buffer(buff.size());
51 memcpy(buffer.data(), buff.data(), buff.size());
53 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
56 "Error in PKCS12::create()");
58 // all further tests will start with newly started service,
59 // OpenSSL on the service side will have to be properly initialized too
60 stop_service(MANAGER);
61 start_service(MANAGER);
64 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
66 RUNNER_TEST(T0011_Control)
69 auto control = CKM::Control::create();
71 control->removeUserData(0);
72 control->removeUserData(20);
73 control->removeUserData(USER_APP);
76 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
77 "Error=" << CKM::ErrorToString(temp));
80 RUNNER_TEST(T0012_Control)
83 auto control = CKM::Control::create();
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
86 "Error=" << CKM::ErrorToString(temp));
88 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
89 "Error=" << CKM::ErrorToString(temp));
92 RUNNER_TEST(T0013_Control)
95 auto control = CKM::Control::create();
97 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
98 "Error=" << CKM::ErrorToString(temp));
101 RUNNER_TEST(T0014_Control)
104 auto control = CKM::Control::create();
106 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "simple-password")),
107 "Error=" << CKM::ErrorToString(temp));
110 RUNNER_TEST(T0015_Control)
113 auto control = CKM::Control::create();
115 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
116 "Error=" << CKM::ErrorToString(temp));
118 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
119 "Error=" << CKM::ErrorToString(temp));
121 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
122 "Error=" << CKM::ErrorToString(temp));
124 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
125 "Error=" << CKM::ErrorToString(temp));
128 RUNNER_TEST(T0016_Control_negative_wrong_password)
131 auto control = CKM::Control::create();
132 RUNNER_ASSERT_MSG_BT(
133 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
134 "Error=" << CKM::ErrorToString(temp));
135 RUNNER_ASSERT_MSG_BT(
136 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
137 "Error=" << CKM::ErrorToString(temp));
138 RUNNER_ASSERT_MSG_BT(
139 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
140 "Error=" << CKM::ErrorToString(temp));
141 RUNNER_ASSERT_MSG_BT(
142 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
143 "Error=" << CKM::ErrorToString(temp));
144 RUNNER_ASSERT_MSG_BT(
145 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
146 "Error=" << CKM::ErrorToString(temp));
149 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
151 RUNNER_TEST(T1010_init)
154 auto control = CKM::Control::create();
156 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
157 "Error=" << CKM::ErrorToString(temp));
159 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
160 "Error=" << CKM::ErrorToString(temp));
163 RUNNER_TEST(T1011_key)
166 auto manager = CKM::Manager::create();
168 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
169 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
170 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
171 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
172 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
173 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
174 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
176 "-----END PUBLIC KEY-----";
178 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
179 auto key = CKM::Key::create(buffer, CKM::Password());
181 CKM::Alias alias = "mykey";
184 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
185 "Error=" << CKM::ErrorToString(temp));
187 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
188 "Error=" << CKM::ErrorToString(temp));
190 key->getDER() == key2->getDER(),
191 "Key value has been changed by service");
194 RUNNER_TEST(T1012_certificate)
197 auto manager = CKM::Manager::create();
199 std::string certPem =
200 "-----BEGIN CERTIFICATE-----\n"
201 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
202 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
203 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
204 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
205 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
206 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
207 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
208 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
209 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
210 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
211 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
212 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
213 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
214 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
215 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
216 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
217 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
218 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
219 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
220 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
221 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
222 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
223 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
224 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
226 "-----END CERTIFICATE-----\n";
228 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
229 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
230 CKM::CertificateShPtr cert2;
231 CKM::Alias alias = "myCert";
234 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
235 "Error=" << CKM::ErrorToString(temp));
237 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
238 "Error=" << CKM::ErrorToString(temp));
240 cert->getDER() == cert2->getDER(),
241 "Data has been modified in key manager");
244 RUNNER_CHILD_TEST(T1013_user_app_save_key)
246 AccessProvider ap("mylabel");
247 ap.allowAPI("key-manager::api-storage", "rw");
248 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
250 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
251 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
252 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
253 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
254 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
255 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
256 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
258 "-----END PUBLIC KEY-----";
261 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
262 auto key = CKM::Key::create(buffer, CKM::Password());
264 CKM::Alias alias = "mykey";
265 auto manager = CKM::Manager::create();
268 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
269 "Error=" << CKM::ErrorToString(temp));
271 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
272 "Error=" << CKM::ErrorToString(temp));
274 key->getDER() == key2->getDER(), "Key value has been changed by service");
277 RUNNER_TEST(T1014_save_with_label)
280 auto manager = CKM::Manager::create();
282 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
283 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
284 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
285 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
286 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
287 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
288 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
290 "-----END PUBLIC KEY-----";
292 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
293 auto key = CKM::Key::create(buffer, CKM::Password());
294 CKM::KeyShPtr key_name, key_full_addr;
295 CKM::Alias alias = "mykey-2";
296 CharPtr top_label = get_label();
297 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
300 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
301 "Error=" << CKM::ErrorToString(temp));
305 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
306 "Error=" << CKM::ErrorToString(temp));
308 key->getDER() == key_name->getDER(),
309 "Key value has been changed by service");
311 // lookup by full address
313 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
314 "Error=" << CKM::ErrorToString(temp));
316 key->getDER() == key_full_addr->getDER(),
317 "Key value has been changed by service");
320 RUNNER_TEST(T1015_deinit)
323 auto control = CKM::Control::create();
326 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
327 "Error=" << CKM::ErrorToString(temp));
329 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
330 "Error=" << CKM::ErrorToString(temp));
332 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
333 "Error=" << CKM::ErrorToString(temp));
335 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
336 "Error=" << CKM::ErrorToString(temp));
339 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
341 RUNNER_TEST(T1020_init)
344 auto control = CKM::Control::create();
346 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
347 "Error=" << CKM::ErrorToString(temp));
349 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
350 "Error=" << CKM::ErrorToString(temp));
353 RUNNER_TEST(T1021_save_keys_get_alias)
356 auto manager = CKM::Manager::create();
358 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
359 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
360 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
361 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
362 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
363 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
364 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
366 "-----END PUBLIC KEY-----";
368 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
369 auto key = CKM::Key::create(buffer, CKM::Password());
370 CKM::AliasVector labelAliasVector;
373 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
374 "Error=" << CKM::ErrorToString(temp));
376 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
377 "Error=" << CKM::ErrorToString(temp));
379 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
380 "Error=" << CKM::ErrorToString(temp));
382 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
383 "Error=" << CKM::ErrorToString(temp));
385 labelAliasVector.size() == 3,
386 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
389 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
391 AccessProvider ap("mylabel");
392 ap.allowAPI("key-manager::api-storage", "rw");
393 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
396 auto manager = CKM::Manager::create();
398 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
399 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
400 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
401 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
402 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
403 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
404 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
406 "-----END PUBLIC KEY-----";
408 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
409 auto key = CKM::Key::create(buffer, CKM::Password());
410 CKM::AliasVector labelAliasVector;
413 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
414 "Error=" << CKM::ErrorToString(temp));
416 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
417 "Error=" << CKM::ErrorToString(temp));
419 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
420 "Error=" << CKM::ErrorToString(temp));
422 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
423 "Error=" << CKM::ErrorToString(temp));
425 labelAliasVector.size() == 3,
426 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
429 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
431 AccessProvider ap("mylabel");
432 ap.allowAPI("key-manager::api-storage", "rw");
433 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
436 auto manager = CKM::Manager::create();
438 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
439 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
440 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
441 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
442 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
443 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
444 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
446 "-----END PUBLIC KEY-----";
448 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
449 auto key = CKM::Key::create(buffer, CKM::Password());
450 CKM::AliasVector aliasVector;
451 CKM::Policy notExportable(CKM::Password(), false);
454 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
455 "Error=" << CKM::ErrorToString(temp));
457 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
458 "Error=" << CKM::ErrorToString(temp));
460 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
461 "Error=" << CKM::ErrorToString(temp));
464 RUNNER_TEST(T1029_deinit)
467 auto control = CKM::Control::create();
470 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
471 "Error=" << CKM::ErrorToString(temp));
473 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
474 "Error=" << CKM::ErrorToString(temp));
476 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
477 "Error=" << CKM::ErrorToString(temp));
479 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
480 "Error=" << CKM::ErrorToString(temp));
483 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
485 RUNNER_TEST(T1030_init)
488 auto control = CKM::Control::create();
490 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
491 "Error=" << CKM::ErrorToString(temp));
493 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
494 "Error=" << CKM::ErrorToString(temp));
497 RUNNER_TEST(T1031_save_get_bin_data)
500 auto manager = CKM::Manager::create();
502 std::string binData1 = "My bin data1";
503 std::string binData2 = "My bin data2";
504 std::string binData3 = "My bin data3";
506 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
507 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
508 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
510 CKM::AliasVector labelAliasVector;
513 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
514 "Error=" << CKM::ErrorToString(temp));
516 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
517 "Error=" << CKM::ErrorToString(temp));
519 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
520 "Error=" << CKM::ErrorToString(temp));
522 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
523 "Error=" << CKM::ErrorToString(temp));
525 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
526 "Error=" << CKM::ErrorToString(temp));
528 labelAliasVector.size() == 3,
529 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
531 CKM::RawBuffer buffer;
533 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
534 "Error=" << CKM::ErrorToString(temp));
540 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
542 AccessProvider ap("mylabel");
543 ap.allowAPI("key-manager::api-storage", "rw");
544 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
547 auto manager = CKM::Manager::create();
549 std::string binData = "My bin data";
551 CKM::RawBuffer buffer(binData.begin(), binData.end());
553 CKM::AliasVector labelAliasVector;
556 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
557 "Error=" << CKM::ErrorToString(temp));
559 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
560 "Error=" << CKM::ErrorToString(temp));
562 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
563 "Error=" << CKM::ErrorToString(temp));
565 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
566 "Error=" << CKM::ErrorToString(temp));
568 labelAliasVector.size() == 3,
569 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
572 RUNNER_TEST(T1033_remove_bin_data)
575 auto manager = CKM::Manager::create();
577 std::string binData2 = "My bin data2";
578 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
580 CKM::AliasVector labelAliasVector;
582 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
584 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
585 "Error=" << CKM::ErrorToString(temp));
587 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
588 "Error=" << CKM::ErrorToString(temp));
590 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
591 "Error=" << CKM::ErrorToString(temp));
593 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
594 "Error=" << CKM::ErrorToString(temp));
596 labelAliasVector.size() == 1,
597 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
599 CKM::RawBuffer buffer;
601 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
602 "Error=" << CKM::ErrorToString(temp));
607 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
608 "Error=" << CKM::ErrorToString(temp));
611 RUNNER_TEST(T1039_deinit)
614 auto control = CKM::Control::create();
617 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
618 "Error=" << CKM::ErrorToString(temp));
620 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
621 "Error=" << CKM::ErrorToString(temp));
623 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
624 "Error=" << CKM::ErrorToString(temp));
626 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
627 "Error=" << CKM::ErrorToString(temp));
630 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
632 RUNNER_TEST(T1040_init)
635 auto control = CKM::Control::create();
638 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
639 "Error=" << CKM::ErrorToString(temp));
642 RUNNER_CHILD_TEST(T1041_create_rsa_key)
645 auto manager = CKM::Manager::create();
648 AccessProvider ap("mylabel-rsa");
649 ap.allowAPI("key-manager::api-storage", "rw");
650 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
653 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
654 "Error=" << CKM::ErrorToString(temp));
656 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
657 "Error=" << CKM::ErrorToString(temp));
659 2 == (temp = av.size()),
660 "Vector size: " << temp << ". Expected: 2");
663 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
666 auto manager = CKM::Manager::create();
669 AccessProvider ap("mylabel-rsa");
670 ap.allowAPI("key-manager::api-storage", "rw");
671 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
674 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
675 "Error=" << CKM::ErrorToString(temp));
677 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
678 "Error=" << CKM::ErrorToString(temp));
681 RUNNER_CHILD_TEST(T1043_create_dsa_key)
684 auto manager = CKM::Manager::create();
687 AccessProvider ap("mylabel-dsa");
688 ap.allowAPI("key-manager::api-storage", "rw");
689 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
692 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
693 "Error=" << CKM::ErrorToString(temp));
695 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
696 "Error=" << CKM::ErrorToString(temp));
698 2 == (temp = av.size()),
699 "Vector size: " << temp << ". Expected: 2");
702 RUNNER_TEST(T1049_deinit)
705 auto control = CKM::Control::create();
708 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
709 "Error=" << CKM::ErrorToString(temp));
711 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
712 "Error=" << CKM::ErrorToString(temp));
716 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
718 RUNNER_TEST(T1110_init)
721 auto control = CKM::Control::create();
723 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
724 "Error=" << CKM::ErrorToString(temp));
726 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
727 "Error=" << CKM::ErrorToString(temp));
730 RUNNER_TEST(T1111_CreateKeyPairRSA)
733 auto manager = CKM::Manager::create();
734 CKM::Alias a1("rsa-test-1");
735 CKM::Alias a2("rsa-test-2");
739 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
740 "Error=" << CKM::ErrorToString(temp));
742 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
743 "Error=" << CKM::ErrorToString(temp));
746 RUNNER_TEST(T1112_CreateKeyPairDSA)
749 auto manager = CKM::Manager::create();
750 CKM::Alias a1("dsa-test-1");
751 CKM::Alias a2("dsa-test-2");
755 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
756 "Error=" << CKM::ErrorToString(temp));
758 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
759 "Error=" << CKM::ErrorToString(temp));
762 RUNNER_TEST(T1113_CreateKeyPairECDSA)
765 auto manager = CKM::Manager::create();
766 CKM::Alias a1("ecdsa-test-1");
767 CKM::Alias a2("ecdsa-test-2");
771 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
772 "Error=" << CKM::ErrorToString(temp));
775 RUNNER_TEST(T1114_deinit)
778 auto control = CKM::Control::create();
781 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
782 "Error=" << CKM::ErrorToString(temp));
784 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
785 "Error=" << CKM::ErrorToString(temp));
788 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
790 RUNNER_TEST(T12100_init)
793 auto control = CKM::Control::create();
795 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
796 "Error=" << CKM::ErrorToString(temp));
798 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
799 "Error=" << CKM::ErrorToString(temp));
802 RUNNER_TEST(T12101_key_exist)
805 auto manager = CKM::Manager::create();
807 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
808 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
809 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
810 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
811 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
812 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
813 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
815 "-----END PUBLIC KEY-----";
817 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
818 auto key = CKM::Key::create(buffer);
819 CKM::Alias alias = "rsa-alias-duplication";
822 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
823 "Error=" << CKM::ErrorToString(ret));
825 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
826 "Error=" << CKM::ErrorToString(ret));
830 * These test cases tests API when empty parameters are passed to functions
833 RUNNER_TEST(T12102_saveKey_empty_alias)
835 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
836 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
837 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
838 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
839 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
840 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
841 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
842 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
844 "-----END PUBLIC KEY-----";
846 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
847 auto key = CKM::Key::create(buffer);
848 CKM::Alias alias; //alias is not initialized
851 auto manager = CKM::Manager::create();
853 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
854 "Error=" << CKM::ErrorToString(ret));
857 RUNNER_TEST(T12103_saveKey_foreign_label)
859 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
860 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
861 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
862 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
863 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
864 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
865 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
867 "-----END PUBLIC KEY-----";
869 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
870 auto key = CKM::Key::create(buffer);
871 CKM::Alias alias = "iamsomebodyelse alias";
874 auto manager = CKM::Manager::create();
876 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
877 "Error=" << CKM::ErrorToString(ret));
880 RUNNER_TEST(T12104_saveKey_empty_key)
882 CKM::KeyShPtr key; //key is not initialized
883 CKM::Alias alias = "empty-key";
886 auto manager = CKM::Manager::create();
888 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
889 "Error=" << CKM::ErrorToString(ret));
892 RUNNER_TEST(T12105_saveCertificate_empty_alias)
894 std::string certPem =
895 "-----BEGIN CERTIFICATE-----\n"
896 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
897 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
898 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
899 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
900 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
901 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
902 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
903 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
904 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
905 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
906 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
907 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
908 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
909 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
910 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
911 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
912 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
913 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
914 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
915 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
916 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
917 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
918 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
919 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
921 "-----END CERTIFICATE-----\n";
923 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
924 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
925 CKM::Alias alias; //alias is not initialized
928 auto manager = CKM::Manager::create();
930 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
931 "Error=" << CKM::ErrorToString(temp));
934 RUNNER_TEST(T12106_saveCertificate_foreign_label)
936 std::string certPem =
937 "-----BEGIN CERTIFICATE-----\n"
938 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
939 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
940 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
941 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
942 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
943 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
944 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
945 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
946 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
947 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
948 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
949 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
950 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
951 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
952 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
953 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
954 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
955 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
956 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
957 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
958 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
959 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
960 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
961 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
963 "-----END CERTIFICATE-----\n";
965 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
966 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
967 CKM::Alias alias = "iamsomebodyelse alias";
970 auto manager = CKM::Manager::create();
972 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
973 "Error=" << CKM::ErrorToString(temp));
976 RUNNER_TEST(T12107_saveCertificate_empty_cert)
978 CKM::CertificateShPtr cert; //cert is not initialized
979 CKM::Alias alias = "empty-cert";
982 auto manager = CKM::Manager::create();
984 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
985 "Error=" << CKM::ErrorToString(temp));
988 RUNNER_TEST(T12108_saveData_empty_alias)
990 std::string testData = "test data test data test data";
991 CKM::RawBuffer buffer(testData.begin(), testData.end());
995 auto manager = CKM::Manager::create();
997 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
998 "Error=" << CKM::ErrorToString(temp));
1001 RUNNER_TEST(T12109_saveData_foreign_label)
1003 std::string testData = "test data test data test data";
1004 CKM::RawBuffer buffer(testData.begin(), testData.end());
1005 CKM::Alias alias = "iamsomebodyelse alias";
1008 auto manager = CKM::Manager::create();
1010 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1011 "Error=" << CKM::ErrorToString(temp));
1014 RUNNER_TEST(T12110_saveData_empty_data)
1016 CKM::RawBuffer buffer;
1017 CKM::Alias alias = "empty-data";
1020 auto manager = CKM::Manager::create();
1022 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1023 "Error=" << CKM::ErrorToString(temp));
1027 * These test cases tests API when trying to get data from not existing alias
1030 RUNNER_TEST(T12111_getKey_alias_not_exist)
1033 CKM::Alias alias = "this-alias-not-exist";
1036 auto manager = CKM::Manager::create();
1038 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1039 "Error=" << CKM::ErrorToString(temp));
1042 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1044 CKM::CertificateShPtr certificate;
1045 CKM::Alias alias = "this-alias-not-exist";
1048 auto manager = CKM::Manager::create();
1050 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1051 "Error=" << CKM::ErrorToString(temp));
1054 RUNNER_TEST(T12113_getData_alias_not_exist)
1057 auto manager = CKM::Manager::create();
1058 CKM::RawBuffer buffer;
1059 CKM::Alias alias("some alias");
1061 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1062 "Error=" << CKM::ErrorToString(temp));
1066 * These test cases tests API when damaged keys are used
1068 RUNNER_TEST(T12114_rsa_key_damaged)
1071 auto manager = CKM::Manager::create();
1073 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1074 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1075 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1076 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1077 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1078 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1079 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1081 "-----END PUBLIC KEY-----";
1083 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1084 auto key = CKM::Key::create(buffer);
1085 CKM::Alias alias = "damaged-rsa";
1088 NULL == key.get(), "Key is broken. It should be empty");
1091 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1092 "Error=" << CKM::ErrorToString(ret));
1095 RUNNER_TEST(T12115_rsa_key_too_short)
1098 auto manager = CKM::Manager::create();
1100 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1101 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1102 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1103 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1104 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1105 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1106 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1108 "-----END PUBLIC KEY-----";
1110 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1111 auto key = CKM::Key::create(buffer);
1112 CKM::Alias alias = "short-rsa";
1115 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1116 "Error=" << CKM::ErrorToString(ret));
1119 RUNNER_TEST(T12116_dsa_key_too_short)
1122 auto manager = CKM::Manager::create();
1124 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1125 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1126 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1127 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1128 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1129 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1130 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1131 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1132 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1133 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1134 "YMYCBhubtrVaLmc=\n"
1135 "-----END PUBLIC KEY-----";
1137 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1138 auto key = CKM::Key::create(buffer);
1139 CKM::Alias alias = "short-dsa";
1142 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1143 "Error=" << CKM::ErrorToString(ret));
1148 * These test cases tests CKM service if malicious data is provided over the socket.
1151 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1154 auto manager = CKM::Manager::create();
1156 // fake the client - let the service detect the problem
1157 class WrongKeyImpl : public CKM::Key
1160 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1163 virtual bool empty() const {
1167 virtual CKM::KeyType getType() const {
1168 return CKM::KeyType::KEY_RSA_PUBLIC;
1170 virtual int getSize() const {
1173 virtual CKM::ElipticCurve getCurve() const {
1174 return CKM::ElipticCurve::prime192v1;
1176 virtual CKM::RawBuffer getDER() const {
1179 virtual ~WrongKeyImpl() {}
1181 CKM::RawBuffer & m_dummy;
1183 std::string dummyData = "my_cat_Berta\n";
1184 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1185 auto key = std::make_shared<WrongKeyImpl>(buffer);
1186 CKM::Alias alias = "damaged-rsa";
1189 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1190 "Error=" << CKM::ErrorToString(ret));
1193 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1195 // fake the client - let the service detect the problem
1196 class WrongCertImpl : public CKM::Certificate
1199 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1200 m_x509 = X509_new();
1203 bool empty() const {
1207 virtual X509 *getX509() const {
1211 virtual CKM::RawBuffer getDER() const {
1215 virtual ~WrongCertImpl() {
1220 CKM::RawBuffer & m_dummy;
1222 std::string dummyData = "my_cat_Stefan\n";
1223 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1224 auto cert = std::make_shared<WrongCertImpl>(buffer);
1225 CKM::Alias alias = "damaged-cert";
1228 auto manager = CKM::Manager::create();
1230 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1231 "Error=" << CKM::ErrorToString(temp));
1234 RUNNER_TEST(T12119_deinit)
1237 auto control = CKM::Control::create();
1240 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1241 "Error=" << CKM::ErrorToString(temp));
1243 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1244 "Error=" << CKM::ErrorToString(temp));
1247 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1249 RUNNER_TEST(T1311_init)
1252 auto control = CKM::Control::create();
1254 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1255 "Error=" << CKM::ErrorToString(temp));
1256 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1257 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1259 struct hostent* he = gethostbyname("google.com");
1261 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1262 "is not woking on the device. OCSP tests requires network access!");
1265 RUNNER_TEST(T1312_get_chain)
1267 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1268 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1269 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1270 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1271 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1272 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1273 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1274 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1275 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1276 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1277 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1278 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1279 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1280 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1281 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1282 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1283 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1284 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1285 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1286 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1287 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1288 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1289 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1290 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1291 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1292 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1293 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1294 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1295 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1296 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1297 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1298 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1300 "-----END CERTIFICATE-----\n";
1303 "-----BEGIN CERTIFICATE-----\n"
1304 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1305 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1306 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1307 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1308 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1309 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1310 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1311 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1312 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1313 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1314 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1315 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1316 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1317 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1318 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1319 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1320 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1321 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1322 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1323 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1324 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1325 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1326 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1327 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1328 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1329 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1330 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1331 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1332 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1333 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1334 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1335 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1336 "-----END CERTIFICATE-----\n";
1338 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1339 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1340 CKM::CertificateShPtrVector certVector = {cert1};
1341 CKM::CertificateShPtrVector certChain;
1344 auto manager = CKM::Manager::create();
1346 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1347 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1349 tmp = manager->getCertificateChain(cert,
1354 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1355 "Error=" << CKM::ErrorToString(tmp));
1358 0 == certChain.size(),
1359 "Wrong size of certificate chain.");
1361 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1362 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1365 3 == certChain.size(),
1366 "Wrong size of certificate chain.");
1369 RUNNER_TEST(T1313_get_chain_with_alias)
1371 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1372 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1373 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1374 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1375 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1376 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1377 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1378 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1379 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1380 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1381 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1382 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1383 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1384 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1385 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1386 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1387 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1388 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1389 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1390 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1391 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1392 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1393 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1394 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1395 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1396 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1397 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1398 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1399 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1400 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1401 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1402 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1404 "-----END CERTIFICATE-----\n";
1407 "-----BEGIN CERTIFICATE-----\n"
1408 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1409 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1410 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1411 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1412 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1413 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1414 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1415 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1416 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1417 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1418 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1419 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1420 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1421 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1422 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1423 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1424 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1425 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1426 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1427 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1428 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1429 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1430 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1431 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1432 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1433 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1434 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1435 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1436 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1437 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1438 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1439 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1440 "-----END CERTIFICATE-----\n";
1442 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1443 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1444 CKM::CertificateShPtrVector certChain;
1445 CKM::AliasVector aliasVector;
1446 CKM::Alias alias("imcert");
1447 CharPtr top_label = get_label();
1448 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1451 auto manager = CKM::Manager::create();
1453 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1454 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1456 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1457 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1458 "Error=" << CKM::ErrorToString(tmp));
1461 0 == certChain.size(),
1462 "Wrong size of certificate chain.");
1465 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1466 "Error=" << CKM::ErrorToString(tmp));
1468 aliasVector.push_back(full_address);
1470 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1471 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1473 RUNNER_ASSERT_MSG_BT(
1474 3 == certChain.size(),
1475 "Wrong size of certificate chain.");
1478 RUNNER_TEST(T1314_ocsp_check)
1480 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1482 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1483 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1484 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1485 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1486 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1487 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1488 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1489 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1490 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1491 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1492 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1493 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1494 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1495 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1496 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1497 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1498 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1499 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1500 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1501 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1502 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1503 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1504 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1505 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1506 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1507 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1508 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1509 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1510 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1511 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1512 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1513 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1515 "-----END CERTIFICATE-----\n";
1518 "-----BEGIN CERTIFICATE-----\n"
1519 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1520 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1521 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1522 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1523 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1524 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1525 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1526 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1527 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1528 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1529 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1530 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1531 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1532 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1533 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1534 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1535 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1536 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1537 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1538 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1539 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1540 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1541 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1542 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1543 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1544 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1545 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1546 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1547 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1548 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1549 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1550 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1551 "-----END CERTIFICATE-----\n";
1553 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1554 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1555 CKM::CertificateShPtrVector certVector = {cert1};
1556 CKM::CertificateShPtrVector certChain;
1559 auto manager = CKM::Manager::create();
1561 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1562 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1564 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1565 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1566 "Error=" << CKM::ErrorToString(tmp));
1569 0 == certChain.size(),
1570 "Wrong size of certificate chain.");
1572 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1573 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1575 RUNNER_ASSERT_MSG_BT(
1576 3 == certChain.size(),
1577 "Wrong size of certificate chain.");
1581 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1582 "Error=" << CKM::ErrorToString(tmp));
1584 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1587 RUNNER_TEST(T1315_deinit)
1590 auto control = CKM::Control::create();
1593 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1594 "Error=" << CKM::ErrorToString(temp));
1596 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1597 "Error=" << CKM::ErrorToString(temp));
1600 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1602 RUNNER_TEST(T1411_init)
1605 auto control = CKM::Control::create();
1607 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1608 "Error=" << CKM::ErrorToString(temp));
1611 RUNNER_TEST(T1412_rsa_key_create_verify)
1614 auto manager = CKM::Manager::create();
1616 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1617 "Proc-Type: 4,ENCRYPTED\n"
1618 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1620 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1621 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1622 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1623 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1624 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1625 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1626 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1627 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1628 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1629 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1630 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1631 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1632 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1633 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1634 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1635 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1636 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1637 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1638 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1639 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1640 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1641 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1642 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1643 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1644 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1645 "-----END RSA PRIVATE KEY-----\n";
1647 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1648 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1649 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1650 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1651 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1652 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1653 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1655 "-----END PUBLIC KEY-----\n";
1657 std::string message = "message test";
1659 CKM::Alias aliasPub = "pub1";
1660 CKM::Alias aliasPrv = "prv1";
1661 CKM::Password password = "1234";
1662 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1663 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1664 CKM::RawBuffer signature;
1666 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1667 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1669 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1670 "Key is empty. Failed to import public key.");
1671 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1672 "Key is empty. Failed to import private key.");
1675 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1676 "Error=" << CKM::ErrorToString(temp));
1678 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1679 "Error=" << CKM::ErrorToString(temp));
1682 CKM_API_SUCCESS == (temp = manager->createSignature(
1685 CKM::RawBuffer(message.begin(), message.end()),
1689 "Error=" << CKM::ErrorToString(temp));
1692 CKM_API_SUCCESS == (temp = manager->verifySignature(
1695 CKM::RawBuffer(message.begin(), message.end()),
1699 "Error=" << CKM::ErrorToString(temp));
1702 RUNNER_TEST(T1413_dsa_key_create_verify)
1705 auto manager = CKM::Manager::create();
1707 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1708 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1709 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1710 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1711 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1712 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1713 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1714 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1715 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1716 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1717 "u1roOuaPY+Hl19BlTE2qdw==\n"
1718 "-----END DSA PRIVATE KEY-----";
1720 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1721 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1722 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1723 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1724 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1725 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1726 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1727 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1728 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1729 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1730 "YMYCBhubtrVaLmc=\n"
1731 "-----END PUBLIC KEY-----";
1733 std::string message = "message test";
1735 CKM::Alias aliasPub = "pub2";
1736 CKM::Alias aliasPrv = "prv2";
1737 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1738 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1739 CKM::RawBuffer signature;
1741 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1742 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1744 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1745 "Key is empty. Failed to import public key.");
1746 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1747 "Key is empty. Failed to import private key.");
1750 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1751 "Error=" << CKM::ErrorToString(temp));
1753 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1754 "Error=" << CKM::ErrorToString(temp));
1757 CKM_API_SUCCESS == (temp = manager->createSignature(
1760 CKM::RawBuffer(message.begin(), message.end()),
1764 "Error=" << CKM::ErrorToString(temp));
1767 CKM_API_SUCCESS == (temp = manager->verifySignature(
1770 CKM::RawBuffer(message.begin(), message.end()),
1774 "Error=" << CKM::ErrorToString(temp));
1778 RUNNER_TEST(T1414_ec_key_create_verify)
1781 auto manager = CKM::Manager::create();
1783 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1784 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1785 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1786 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1787 "-----END EC PRIVATE KEY-----\n";
1789 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1790 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1791 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1792 "-----END PUBLIC KEY-----\n";
1794 std::string message = "message test";
1796 CKM::Alias aliasPub = "ecpub2";
1797 CKM::Alias aliasPrv = "ecprv2";
1798 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1799 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1800 CKM::RawBuffer signature;
1802 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1803 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1805 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1806 "Key is empty. Failed to import public key.");
1807 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1808 "Key is empty. Failed to import private key.");
1811 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1812 "Error=" << CKM::ErrorToString(temp));
1814 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1815 "Error=" << CKM::ErrorToString(temp));
1818 CKM_API_SUCCESS == (temp = manager->createSignature(
1821 CKM::RawBuffer(message.begin(), message.end()),
1825 "Error=" << CKM::ErrorToString(temp));
1828 CKM_API_SUCCESS == (temp = manager->verifySignature(
1831 CKM::RawBuffer(message.begin(), message.end()),
1835 "Error=" << CKM::ErrorToString(temp));
1837 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1839 memcpy((void*)signature.data(), "BROKEN", 6);
1842 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1845 CKM::RawBuffer(message.begin(), message.end()),
1849 "Error=" << CKM::ErrorToString(temp));
1852 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1855 auto manager = CKM::Manager::create();
1856 std::string message = "message asdfaslkdfjlksadjf test";
1858 CKM::Alias aliasPub = "pub1";
1859 CKM::Alias aliasPrv = "prv1";
1861 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1862 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1863 CKM::RawBuffer signature;
1866 CKM_API_SUCCESS == (temp = manager->createSignature(
1869 CKM::RawBuffer(message.begin(), message.end()),
1873 "Error=" << CKM::ErrorToString(temp));
1876 CKM_API_SUCCESS == (temp = manager->verifySignature(
1879 CKM::RawBuffer(message.begin(), message.end()),
1883 "Error=" << CKM::ErrorToString(temp));
1885 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1886 memcpy((void*)signature.data(), "BROKEN", 6);
1889 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1892 CKM::RawBuffer(message.begin(), message.end()),
1896 "Error=" << CKM::ErrorToString(temp));
1899 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1902 auto manager = CKM::Manager::create();
1903 std::string message = "message asdfaslkdfjlksadjf test";
1905 CKM::Alias aliasPub = "pub2";
1906 CKM::Alias aliasPrv = "prv2";
1908 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1909 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1910 CKM::RawBuffer signature;
1913 CKM_API_SUCCESS == (temp = manager->createSignature(
1916 CKM::RawBuffer(message.begin(), message.end()),
1920 "Error=" << CKM::ErrorToString(temp));
1923 CKM_API_SUCCESS == (temp = manager->verifySignature(
1926 CKM::RawBuffer(message.begin(), message.end()),
1930 "Error=" << CKM::ErrorToString(temp));
1932 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1933 memcpy((void*)signature.data(), "BROKEN", 6);
1936 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1939 CKM::RawBuffer(message.begin(), message.end()),
1943 "Error=" << CKM::ErrorToString(temp));
1946 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1949 auto manager = CKM::Manager::create();
1952 "-----BEGIN RSA PRIVATE KEY-----\n"
1953 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1954 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1955 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1956 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1957 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1958 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1959 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1960 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1961 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1962 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1963 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1964 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1965 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1966 "-----END RSA PRIVATE KEY-----\n";
1969 "-----BEGIN CERTIFICATE-----\n"
1970 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1971 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1972 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1973 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1974 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1975 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1976 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1977 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1978 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1979 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1980 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1981 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1982 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1983 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1984 "-----END CERTIFICATE-----\n";
1986 std::string message = "message test";
1988 CKM::Alias aliasPub = "pub1-cert";
1989 CKM::Alias aliasPrv = "prv1-cert";
1990 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1991 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1992 CKM::RawBuffer signature;
1994 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1995 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1997 RUNNER_ASSERT_MSG(NULL != cert.get(),
1998 "Key is empty. Failed to import public key.");
1999 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2000 "Key is empty. Failed to import private key.");
2003 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2004 "Error=" << CKM::ErrorToString(temp));
2006 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2007 "Error=" << CKM::ErrorToString(temp));
2010 CKM_API_SUCCESS == (temp = manager->createSignature(
2013 CKM::RawBuffer(message.begin(), message.end()),
2017 "Error=" << CKM::ErrorToString(temp));
2020 CKM_API_SUCCESS == (temp = manager->verifySignature(
2023 CKM::RawBuffer(message.begin(), message.end()),
2027 "Error=" << CKM::ErrorToString(temp));
2029 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2031 memcpy((void*)signature.data(), "BROKEN", 6);
2034 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2037 CKM::RawBuffer(message.begin(), message.end()),
2041 "Error=" << CKM::ErrorToString(temp));
2044 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
2047 auto manager = CKM::Manager::create();
2049 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
2050 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
2051 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
2052 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
2053 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
2054 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
2055 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
2056 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
2057 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
2058 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
2059 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
2060 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
2061 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
2062 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
2063 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
2064 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
2065 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
2066 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
2067 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
2068 "-----END CERTIFICATE-----\n";
2070 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
2071 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
2072 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
2073 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
2074 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2075 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2076 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2077 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2078 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2079 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2080 "vonbjii3BYe4AIdkzOvp\n"
2081 "-----END DSA PRIVATE KEY-----\n";
2083 std::string message = "message test";
2085 CKM::Alias aliasPub = "pub2-cert";
2086 CKM::Alias aliasPrv = "prv2-cert";
2087 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2088 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2089 CKM::RawBuffer signature;
2091 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2092 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2094 RUNNER_ASSERT_MSG(NULL != cert.get(),
2095 "Key is empty. Failed to import public key.");
2096 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2097 "Key is empty. Failed to import private key.");
2100 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2101 "Error=" << CKM::ErrorToString(temp));
2103 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2104 "Error=" << CKM::ErrorToString(temp));
2107 CKM_API_SUCCESS == (temp = manager->createSignature(
2110 CKM::RawBuffer(message.begin(), message.end()),
2114 "Error=" << CKM::ErrorToString(temp));
2117 CKM_API_SUCCESS == (temp = manager->verifySignature(
2120 CKM::RawBuffer(message.begin(), message.end()),
2124 "Error=" << CKM::ErrorToString(temp));
2126 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2128 memcpy((void*)signature.data(), "BROKEN", 6);
2131 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2134 CKM::RawBuffer(message.begin(), message.end()),
2138 "Error=" << CKM::ErrorToString(temp));
2141 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
2144 auto manager = CKM::Manager::create();
2147 "-----BEGIN EC PRIVATE KEY-----\n"
2148 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2149 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2150 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2151 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2152 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2153 "ELyhe7yPCAuOoLZlTLgf\n"
2154 "-----END EC PRIVATE KEY-----\n";
2157 "-----BEGIN CERTIFICATE-----\n"
2158 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2159 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2160 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2161 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2162 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2163 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2164 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2165 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2166 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2167 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2168 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2169 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2170 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2171 "Q1oBry6NEc+lLFmWMDesAA==\n"
2172 "-----END CERTIFICATE-----\n";
2174 std::string message = "message test";
2176 CKM::Alias aliasPub = "pub3";
2177 CKM::Alias aliasPrv = "prv3";
2178 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2179 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2180 CKM::RawBuffer signature;
2182 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2183 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2185 RUNNER_ASSERT_MSG(NULL != cert.get(),
2186 "Key is empty. Failed to import public key.");
2187 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2188 "Key is empty. Failed to import private key.");
2191 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2192 "Error=" << CKM::ErrorToString(temp));
2194 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2195 "Error=" << CKM::ErrorToString(temp));
2198 CKM_API_SUCCESS == (temp = manager->createSignature(
2201 CKM::RawBuffer(message.begin(), message.end()),
2205 "Error=" << CKM::ErrorToString(temp));
2208 CKM_API_SUCCESS == (temp = manager->verifySignature(
2211 CKM::RawBuffer(message.begin(), message.end()),
2215 "Error=" << CKM::ErrorToString(temp));
2217 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2219 memcpy((void*)signature.data(), "BROKEN", 6);
2222 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2225 CKM::RawBuffer(message.begin(), message.end()),
2229 "Error=" << CKM::ErrorToString(temp));
2232 RUNNER_TEST(T1420_deinit)
2235 auto control = CKM::Control::create();
2238 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2239 "Error=" << CKM::ErrorToString(temp));
2241 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2242 "Error=" << CKM::ErrorToString(temp));
2245 RUNNER_TEST(T14180_init)
2248 auto control = CKM::Control::create();
2250 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2251 "Error=" << CKM::ErrorToString(temp));
2253 auto manager = CKM::Manager::create();
2255 // Prepare RSA Key Pair
2256 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2257 "Proc-Type: 4,ENCRYPTED\n"
2258 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2260 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2261 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2262 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2263 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2264 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2265 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2266 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2267 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2268 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2269 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2270 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2271 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2272 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2273 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2274 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2275 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2276 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2277 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2278 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2279 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2280 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2281 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2282 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2283 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2284 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2285 "-----END RSA PRIVATE KEY-----\n";
2287 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2288 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2289 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2290 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2291 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2292 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2293 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2295 "-----END PUBLIC KEY-----\n";
2297 CKM::Alias aliasPub = "pub_nohash1";
2298 CKM::Alias aliasPrv = "prv_nohash1";
2299 CKM::Password password = "1234";
2301 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2302 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2304 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2305 "Key is empty. Failed to import public key.");
2306 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2307 "Key is empty. Failed to import private key.");
2310 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2311 "Error=" << CKM::ErrorToString(temp));
2313 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2314 "Error=" << CKM::ErrorToString(temp));
2316 // Prepare ECDSA Key Pair
2317 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2318 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2319 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2320 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2321 "-----END EC PRIVATE KEY-----\n";
2323 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2324 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2325 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2326 "-----END PUBLIC KEY-----\n";
2328 CKM::Alias aliasEcPub = "ecpub_nohash1";
2329 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2331 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2332 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2334 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2335 "Key is empty. Failed to import public key.");
2336 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2337 "Key is empty. Failed to import private key.");
2340 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2341 "Error=" << CKM::ErrorToString(temp));
2343 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2344 "Error=" << CKM::ErrorToString(temp));
2348 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2351 auto manager = CKM::Manager::create();
2352 std::string message = "message asdfaslkdfjlksadjf test";
2354 CKM::Alias aliasPub = "pub_nohash1";
2355 CKM::Alias aliasPrv = "prv_nohash1";
2357 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2358 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2359 CKM::RawBuffer signature;
2362 CKM_API_SUCCESS == (temp = manager->createSignature(
2365 CKM::RawBuffer(message.begin(), message.end()),
2369 "Error=" << CKM::ErrorToString(temp));
2372 CKM_API_SUCCESS == (temp = manager->verifySignature(
2375 CKM::RawBuffer(message.begin(), message.end()),
2379 "Error=" << CKM::ErrorToString(temp));
2381 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2382 memcpy((void*)signature.data(), "BROKEN", 6);
2385 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2388 CKM::RawBuffer(message.begin(), message.end()),
2392 "Error=" << CKM::ErrorToString(temp));
2395 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2398 auto manager = CKM::Manager::create();
2399 std::string message = "message asdfaslkdfjlksadjf test";
2401 CKM::Alias aliasPub = "pub_nohash1";
2402 CKM::Alias aliasPrv = "prv_nohash1";
2404 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2405 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2406 CKM::RawBuffer signature;
2409 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2412 CKM::RawBuffer(message.begin(), message.end()),
2416 "Error=" << CKM::ErrorToString(temp));
2419 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2422 auto manager = CKM::Manager::create();
2423 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2424 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2425 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2426 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2427 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2428 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2429 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2430 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2431 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2432 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2433 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2434 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2435 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2436 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2437 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2438 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2439 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2440 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2441 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2442 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2444 CKM::Alias aliasPub = "pub_nohash1";
2445 CKM::Alias aliasPrv = "prv_nohash1";
2447 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2448 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2449 CKM::RawBuffer signature;
2452 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2455 CKM::RawBuffer(message.begin(), message.end()),
2459 "Error=" << CKM::ErrorToString(temp));
2463 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2466 auto manager = CKM::Manager::create();
2468 std::string message = "message test";
2470 CKM::Alias aliasPub = "ecpub_nohash1";
2471 CKM::Alias aliasPrv = "ecprv_nohash1";
2472 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2473 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2474 CKM::RawBuffer signature;
2477 CKM_API_SUCCESS == (temp = manager->createSignature(
2480 CKM::RawBuffer(message.begin(), message.end()),
2484 "Error=" << CKM::ErrorToString(temp));
2487 CKM_API_SUCCESS == (temp = manager->verifySignature(
2490 CKM::RawBuffer(message.begin(), message.end()),
2494 "Error=" << CKM::ErrorToString(temp));
2496 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2498 memcpy((void*)signature.data(), "BROKEN", 6);
2501 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2504 CKM::RawBuffer(message.begin(), message.end()),
2508 "Error=" << CKM::ErrorToString(temp));
2511 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2514 auto manager = CKM::Manager::create();
2516 int msgSize = 1024*1024;
2517 char big_msg[msgSize];
2518 for(int i =0; i<msgSize-1; i++) {
2521 big_msg[msgSize-1]=0x00;
2522 std::string message(big_msg);
2524 CKM::Alias aliasPub = "ecpub_nohash1";
2525 CKM::Alias aliasPrv = "ecprv_nohash1";
2526 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2527 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2528 CKM::RawBuffer signature;
2531 CKM_API_SUCCESS == (temp = manager->createSignature(
2534 CKM::RawBuffer(message.begin(), message.end()),
2538 "Error=" << CKM::ErrorToString(temp));
2542 RUNNER_TEST(T14189_deinit)
2545 auto control = CKM::Control::create();
2548 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2549 "Error=" << CKM::ErrorToString(temp));
2551 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2552 "Error=" << CKM::ErrorToString(temp));
2556 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2558 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2561 AccessProvider ap("my-label");
2562 ap.allowAPI("key-manager::api-control", "rw");
2563 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2565 auto control = CKM::Control::create();
2567 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2568 "Error=" << CKM::ErrorToString(tmp));
2571 RUNNER_CHILD_TEST(T1511_insert_data)
2573 AccessProvider ap("my-label");
2574 ap.allowAPI("key-manager::api-storage", "rw");
2575 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2577 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2578 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2579 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2580 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2581 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2582 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2583 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2584 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2585 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2586 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2587 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2588 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2589 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2590 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2591 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2592 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2593 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2594 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2595 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2596 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2597 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2598 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2599 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2600 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2601 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2602 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2603 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2604 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2605 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2606 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2607 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2608 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2610 "-----END CERTIFICATE-----\n";
2613 "-----BEGIN CERTIFICATE-----\n"
2614 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
2615 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2616 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
2617 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
2618 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
2619 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
2620 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
2621 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
2622 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
2623 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
2624 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
2625 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
2626 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
2627 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
2628 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
2629 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
2630 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
2631 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
2632 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
2633 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
2634 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
2635 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
2636 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
2637 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
2638 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
2639 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
2640 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
2641 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
2642 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
2643 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
2644 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
2645 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
2646 "-----END CERTIFICATE-----\n";
2648 auto manager = CKM::Manager::create();
2649 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2650 auto certim = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2652 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2653 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2656 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2657 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2660 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2661 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2664 RUNNER_CHILD_TEST(T1519_deinit)
2667 AccessProvider ap("my-label");
2668 ap.allowAPI("key-manager::api-control", "rw");
2669 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2671 auto control = CKM::Control::create();
2673 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2674 "Error=" << CKM::ErrorToString(tmp));
2678 RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
2680 RUNNER_CHILD_TEST(T1610_init_lock_key)
2683 AccessProvider ap("my-label");
2684 ap.allowAPI("key-manager::api-control", "rw");
2685 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2687 auto control = CKM::Control::create();
2689 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
2690 "Error=" << CKM::ErrorToString(tmp));
2692 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2693 "Error=" << CKM::ErrorToString(tmp));
2696 RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
2698 AccessProvider ap("my-label");
2699 ap.allowAPI("key-manager::api-storage", "rw");
2700 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2703 auto manager = CKM::Manager::create();
2705 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2706 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2707 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2708 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2709 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2710 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2711 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2713 "-----END PUBLIC KEY-----";
2715 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2716 auto key = CKM::Key::create(buffer, CKM::Password());
2718 CKM::Alias alias = "mykey_defpasswd";
2721 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
2722 "Error=" << CKM::ErrorToString(temp));
2724 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
2725 "Error=" << CKM::ErrorToString(temp));
2727 key->getDER() == key2->getDER(),
2728 "Key value has been changed by service");
2730 std::string invalid_address = aliasWithLabel("i-do-not-exist", alias.c_str());
2732 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
2733 "Error=" << CKM::ErrorToString(temp));
2735 CKM_API_SUCCESS == (temp = manager->removeAlias(alias)),
2736 "Error=" << CKM::ErrorToString(temp));
2739 RUNNER_CHILD_TEST(T1612_init_change_user_password)
2742 AccessProvider ap("my-label");
2743 ap.allowAPI("key-manager::api-control", "rw");
2744 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2746 auto control = CKM::Control::create();
2748 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
2749 "Error=" << CKM::ErrorToString(tmp));
2750 // confirm changed password
2752 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_APP,"user-pass")),
2753 CKM::ErrorToString(tmp));
2755 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2756 CKM::ErrorToString(tmp));
2759 RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
2761 AccessProvider ap("my-label");
2762 ap.allowAPI("key-manager::api-storage", "rw");
2763 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2766 auto manager = CKM::Manager::create();
2768 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2769 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2770 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2771 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2772 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2773 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2774 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2776 "-----END PUBLIC KEY-----";
2778 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2779 auto key = CKM::Key::create(buffer, CKM::Password());
2781 CKM::Alias alias = "mykey_defpasswd";
2784 CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
2785 "Error=" << CKM::ErrorToString(temp));
2787 CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
2788 "Error=" << CKM::ErrorToString(temp));
2790 CKM_API_ERROR_DB_LOCKED == (temp = manager->removeAlias(alias)),
2791 "Error=" << CKM::ErrorToString(temp));
2794 RUNNER_CHILD_TEST(T1619_deinit)
2796 AccessProvider ap("my-label");
2797 ap.allowAPI("key-manager::api-control", "rw");
2798 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2801 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2803 RUNNER_TEST(T1701_init_unlock_key)
2806 auto control = CKM::Control::create();
2808 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2809 "Error=" << CKM::ErrorToString(tmp));
2812 RUNNER_CHILD_TEST(T1702_insert_data)
2815 AccessProvider ap("t170-special-label");
2816 ap.allowAPI("key-manager::api-storage", "rw");
2817 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2819 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2820 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2821 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2822 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2823 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2824 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2825 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2826 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2827 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2828 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2829 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2830 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2831 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2832 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2833 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2834 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2835 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2836 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2837 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2838 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2839 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2840 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2841 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2842 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2843 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2844 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2845 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2846 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2847 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2848 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2849 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2850 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2852 "-----END CERTIFICATE-----\n";
2854 auto manager = CKM::Manager::create();
2855 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2857 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2860 CKM_API_SUCCESS == status1,
2861 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2863 CKM::AliasVector av;
2865 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2866 "Error=" << CKM::ErrorToString(temp));
2868 1 == (temp = av.size()),
2869 "Vector size: " << temp << ". Expected: 1");
2872 RUNNER_TEST(T1703_removeApplicationData)
2875 auto control = CKM::Control::create();
2877 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2878 "Error=" << CKM::ErrorToString(tmp));
2881 RUNNER_CHILD_TEST(T1704_data_test)
2884 AccessProvider ap("t170-special-label");
2885 ap.allowAPI("key-manager::api-storage", "rw");
2886 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2888 CKM::AliasVector av;
2889 auto manager = CKM::Manager::create();
2892 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2893 "Error=" << CKM::ErrorToString(temp));
2895 0 == (temp = av.size()),
2896 "Vector size: " << temp << ". Expected: 0");
2899 RUNNER_TEST(T1705_deinit)
2903 auto control = CKM::Control::create();
2905 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2906 "Error=" << CKM::ErrorToString(tmp));
2908 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2909 "Error=" << CKM::ErrorToString(tmp));
2912 RUNNER_TEST(T17101_init)
2916 auto control = CKM::Control::create();
2918 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2919 "Error=" << CKM::ErrorToString(tmp));
2921 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2922 "Error=" << CKM::ErrorToString(tmp));
2924 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2925 "Error=" << CKM::ErrorToString(tmp));
2928 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2929 "Error=" << CKM::ErrorToString(tmp));
2931 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2932 "Error=" << CKM::ErrorToString(tmp));
2934 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2935 "Error=" << CKM::ErrorToString(tmp));
2938 RUNNER_CHILD_TEST(T17102_prep_data_01)
2941 AccessProvider ap("t1706-special-label");
2942 ap.allowAPI("key-manager::api-storage", "rw");
2943 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2945 CKM::AliasVector av;
2946 auto manager = CKM::Manager::create();
2948 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2950 CKM::RawBuffer buffer(data.begin(), data.end());
2951 CKM::Policy exportable(CKM::Password(), true);
2954 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2955 "Error=" << CKM::ErrorToString(temp));
2958 RUNNER_CHILD_TEST(T17103_prep_data_02)
2961 AccessProvider ap("t1706-special-label2");
2962 ap.allowAPI("key-manager::api-storage", "rw");
2963 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2965 CKM::AliasVector av;
2966 auto manager = CKM::Manager::create();
2968 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2970 CKM::RawBuffer buffer(data.begin(), data.end());
2971 CKM::Policy exportable(CKM::Password(), true);
2974 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2975 "Error=" << CKM::ErrorToString(temp));
2978 RUNNER_CHILD_TEST(T17104_prep_data_03)
2981 AccessProvider ap("t1706-special-label");
2982 ap.allowAPI("key-manager::api-storage", "rw");
2983 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2985 CKM::AliasVector av;
2986 auto manager = CKM::Manager::create();
2988 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2990 CKM::RawBuffer buffer(data.begin(), data.end());
2991 CKM::Policy exportable(CKM::Password(), true);
2994 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2995 "Error=" << CKM::ErrorToString(temp));
2998 RUNNER_CHILD_TEST(T17105_prep_data_04)
3001 AccessProvider ap("t1706-special-label2");
3002 ap.allowAPI("key-manager::api-storage", "rw");
3003 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3005 CKM::AliasVector av;
3006 auto manager = CKM::Manager::create();
3008 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3010 CKM::RawBuffer buffer(data.begin(), data.end());
3011 CKM::Policy exportable(CKM::Password(), true);
3014 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
3015 "Error=" << CKM::ErrorToString(temp));
3018 RUNNER_TEST(T17106_remove_application)
3022 auto control = CKM::Control::create();
3024 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3025 "Error=" << CKM::ErrorToString(tmp));
3027 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
3028 "Error=" << CKM::ErrorToString(tmp));
3031 RUNNER_CHILD_TEST(T17107_check_data_01)
3034 AccessProvider ap("t1706-special-label");
3035 ap.allowAPI("key-manager::api-storage", "rw");
3036 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3038 CKM::AliasVector av;
3039 auto manager = CKM::Manager::create();
3042 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3043 "Error=" << CKM::ErrorToString(temp));
3045 0 == (temp = av.size()),
3046 "Vector size: " << temp << ". Expected: 0");
3049 RUNNER_CHILD_TEST(T17108_check_data_02)
3052 AccessProvider ap("t1706-special-label2");
3053 ap.allowAPI("key-manager::api-storage", "rw");
3054 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3056 CKM::AliasVector av;
3057 auto manager = CKM::Manager::create();
3060 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3061 "Error=" << CKM::ErrorToString(temp));
3063 1 == (temp = av.size()),
3064 "Vector size: " << temp << ". Expected: 1");
3067 RUNNER_TEST(T17109_unlock_user2)
3071 auto control = CKM::Control::create();
3073 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
3074 "Error=" << CKM::ErrorToString(tmp));
3077 RUNNER_CHILD_TEST(T17110_check_data_03)
3080 AccessProvider ap("t1706-special-label");
3081 ap.allowAPI("key-manager::api-storage", "rw");
3082 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3084 CKM::AliasVector av;
3085 auto manager = CKM::Manager::create();
3088 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3089 "Error=" << CKM::ErrorToString(temp));
3091 0 == (temp = av.size()),
3092 "Vector size: " << temp << ". Expected: 0");
3095 RUNNER_CHILD_TEST(T17111_check_data_04)
3098 AccessProvider ap("t1706-special-label2");
3099 ap.allowAPI("key-manager::api-storage", "rw");
3100 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3102 CKM::AliasVector av;
3103 auto manager = CKM::Manager::create();
3106 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3107 "Error=" << CKM::ErrorToString(temp));
3109 1 == (temp = av.size()),
3110 "Vector size: " << temp << ". Expected: 1");
3113 RUNNER_TEST(T17112_deinit)
3117 auto control = CKM::Control::create();
3119 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
3120 "Error=" << CKM::ErrorToString(tmp));
3122 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
3123 "Error=" << CKM::ErrorToString(tmp));
3126 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3127 "Error=" << CKM::ErrorToString(tmp));
3129 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
3130 "Error=" << CKM::ErrorToString(tmp));
3133 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
3137 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
3138 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
3139 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
3140 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
3141 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
3144 RUNNER_TEST(T1800_init) {
3146 auto control = CKM::Control::create();
3148 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
3149 "Error=" << CKM::ErrorToString(temp));
3151 auto manager = CKM::Manager::create();
3152 manager->removeAlias(alias_PKCS_collision);
3153 manager->removeAlias(alias_PKCS_exportable);
3154 manager->removeAlias(alias_PKCS_not_exportable);
3155 manager->removeAlias(alias_PKCS_priv_key_copy);
3156 manager->removeAlias(alias_PKCS_priv_key_wrong);
3159 RUNNER_TEST(T1801_parse_PKCS12) {
3160 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3161 std::istreambuf_iterator<char> begin(is), end;
3162 std::vector<char> buff(begin, end);
3164 CKM::RawBuffer buffer(buff.size());
3165 memcpy(buffer.data(), buff.data(), buff.size());
3167 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3170 "Error in PKCS12::create()");
3172 auto cert = pkcs->getCertificate();
3175 "Error in PKCS12::getCertificate()");
3177 auto key = pkcs->getKey();
3180 "Error in PKCS12::getKey()");
3182 auto caVector = pkcs->getCaCertificateShPtrVector();
3184 0 == caVector.size(),
3185 "Wrong size of vector");
3188 RUNNER_TEST(T1802_negative_wrong_password) {
3189 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3190 std::istreambuf_iterator<char> begin(is), end;
3191 std::vector<char> buff(begin, end);
3193 CKM::RawBuffer buffer(buff.size());
3194 memcpy(buffer.data(), buff.data(), buff.size());
3196 auto pkcs = CKM::PKCS12::create(buffer, "error");
3199 "Expected error in PKCS12::create()");
3202 RUNNER_TEST(T1803_negative_broken_buffer) {
3203 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3204 std::istreambuf_iterator<char> begin(is), end;
3205 std::vector<char> buff(begin, end);
3207 CKM::RawBuffer buffer(buff.size());
3208 memcpy(buffer.data(), buff.data(), buff.size());
3210 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
3213 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3216 "Expected error in PKCS12::create()");
3219 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
3221 auto manager = CKM::Manager::create();
3222 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3223 std::istreambuf_iterator<char> begin(is), end;
3224 std::vector<char> buff(begin, end);
3226 CKM::RawBuffer buffer(buff.size());
3227 memcpy(buffer.data(), buff.data(), buff.size());
3229 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3232 "Error in PKCS12::create()");
3235 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3236 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3237 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3238 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3239 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3240 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3241 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3242 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3243 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3244 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3245 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3246 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3247 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3248 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3249 "-----END RSA PRIVATE KEY-----\n";
3251 std::string message = "message test";
3253 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3254 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3255 "Key is empty. Failed to import private key.");
3259 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
3260 "Error=" << CKM::ErrorToString(temp));
3263 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
3264 "Error=" << CKM::ErrorToString(temp));
3267 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
3269 auto manager = CKM::Manager::create();
3270 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3271 std::istreambuf_iterator<char> begin(is), end;
3272 std::vector<char> buff(begin, end);
3274 CKM::RawBuffer buffer(buff.size());
3275 memcpy(buffer.data(), buff.data(), buff.size());
3277 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3280 "Error in PKCS12::create()");
3282 auto cert = pkcs->getCertificate();
3285 "Error in PKCS12::getCertificate()");
3287 auto key = pkcs->getKey();
3290 "Error in PKCS12::getKey()");
3292 auto caVector = pkcs->getCaCertificateShPtrVector();
3294 2 == caVector.size(),
3295 "Wrong size of vector");
3299 CKM::Policy exportable;
3300 CKM::Policy notExportable(CKM::Password(), false);
3303 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3304 "Error=" << CKM::ErrorToString(tmp));
3306 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3307 "Error=" << CKM::ErrorToString(tmp));
3309 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3310 "Error=" << CKM::ErrorToString(tmp));
3312 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3313 "Error=" << CKM::ErrorToString(tmp));
3315 // try to lookup key
3316 CKM::KeyShPtr key_lookup;
3318 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3319 "Error=" << CKM::ErrorToString(tmp));
3321 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3322 "Error=" << CKM::ErrorToString(tmp));
3324 // try to lookup certificate
3325 CKM::CertificateShPtr cert_lookup;
3327 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3328 "Error=" << CKM::ErrorToString(tmp));
3330 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3331 "Error=" << CKM::ErrorToString(tmp));
3334 RUNNER_TEST(T1806_get_PKCS)
3337 auto manager = CKM::Manager::create();
3339 CKM::PKCS12ShPtr pkcs;
3343 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
3344 "Error=" << CKM::ErrorToString(temp));
3346 // fail - not exportable
3348 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
3349 "Error=" << CKM::ErrorToString(temp));
3351 // success - exportable
3353 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3354 "Error=" << CKM::ErrorToString(temp));
3356 auto cert = pkcs->getCertificate();
3359 "Error in PKCS12::getCertificate()");
3361 auto key = pkcs->getKey();
3364 "Error in PKCS12::getKey()");
3366 auto caVector = pkcs->getCaCertificateShPtrVector();
3368 2 == caVector.size(),
3369 "Wrong size of vector");
3372 RUNNER_TEST(T1807_create_and_verify_signature)
3375 auto manager = CKM::Manager::create();
3377 std::string message = "message test";
3379 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3380 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3381 CKM::RawBuffer signature;
3384 CKM_API_SUCCESS == (temp = manager->createSignature(
3385 alias_PKCS_exportable,
3387 CKM::RawBuffer(message.begin(), message.end()),
3391 "Error=" << CKM::ErrorToString(temp));
3394 CKM_API_SUCCESS == (temp = manager->verifySignature(
3395 alias_PKCS_exportable,
3397 CKM::RawBuffer(message.begin(), message.end()),
3401 "Error=" << CKM::ErrorToString(temp));
3404 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3407 auto manager = CKM::Manager::create();
3409 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3410 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3411 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3412 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3413 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3414 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3415 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3416 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3417 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3418 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3419 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3420 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3421 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3422 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3423 "-----END RSA PRIVATE KEY-----";
3424 std::string message = "message test";
3426 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3427 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3428 "Key is empty. Failed to import private key.");
3431 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3432 "Error=" << CKM::ErrorToString(temp));
3434 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3435 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3436 CKM::RawBuffer signature;
3439 CKM_API_SUCCESS == (temp = manager->createSignature(
3440 alias_PKCS_priv_key_copy,
3442 CKM::RawBuffer(message.begin(), message.end()),
3446 "Error=" << CKM::ErrorToString(temp));
3449 CKM_API_SUCCESS == (temp = manager->verifySignature(
3450 alias_PKCS_exportable,
3452 CKM::RawBuffer(message.begin(), message.end()),
3456 "Error=" << CKM::ErrorToString(temp));
3459 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3462 auto manager = CKM::Manager::create();
3464 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3465 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3466 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3467 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3468 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3469 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3470 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3471 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3472 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3473 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3474 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3475 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3476 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3477 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3478 "-----END RSA PRIVATE KEY-----\n";
3480 std::string message = "message test";
3482 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3483 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3484 "Key is empty. Failed to import private key.");
3487 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3488 "Error=" << CKM::ErrorToString(temp));
3490 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3491 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3492 CKM::RawBuffer signature;
3495 CKM_API_SUCCESS == (temp = manager->createSignature(
3496 alias_PKCS_priv_key_wrong,
3498 CKM::RawBuffer(message.begin(), message.end()),
3502 "Error=" << CKM::ErrorToString(temp));
3505 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3506 alias_PKCS_exportable,
3508 CKM::RawBuffer(message.begin(), message.end()),
3512 "Error=" << CKM::ErrorToString(temp));
3515 RUNNER_TEST(T1810_verify_get_certificate_chain)
3517 // this certificate has been signed using PKCS chain
3518 std::string im = "-----BEGIN CERTIFICATE-----\n"
3519 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3520 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3521 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3522 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3523 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3524 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3525 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3526 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3527 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3529 "-----END CERTIFICATE-----\n";
3531 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3532 CKM::CertificateShPtrVector certChain;
3533 CKM::AliasVector aliasVector;
3536 auto manager = CKM::Manager::create();
3538 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3540 tmp = manager->getCertificateChain(cert,
3545 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3546 "Error=" << CKM::ErrorToString(tmp));
3549 0 == certChain.size(),
3550 "Wrong size of certificate chain.");
3552 aliasVector.push_back(alias_PKCS_exportable);
3554 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3555 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3557 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3558 RUNNER_ASSERT_MSG_BT(
3559 4 == certChain.size(),
3560 "Wrong size of certificate chain: " << certChain.size());
3563 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3565 auto manager = CKM::Manager::create();
3569 // remove the whole PKCS12 bundles
3571 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3572 "Error=" << CKM::ErrorToString(tmp));
3574 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3575 "Error=" << CKM::ErrorToString(tmp));
3577 // expect lookup fails due to unknown alias
3578 // try to lookup key
3579 CKM::KeyShPtr key_lookup;
3581 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3582 "Error=" << CKM::ErrorToString(tmp));
3584 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3585 "Error=" << CKM::ErrorToString(tmp));
3587 // try to lookup certificate
3588 CKM::CertificateShPtr cert_lookup;
3590 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3591 "Error=" << CKM::ErrorToString(tmp));
3593 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3594 "Error=" << CKM::ErrorToString(tmp));
3597 RUNNER_TEST(T1812_negative_get_pkcs12_wrong_password)
3599 CKM::Alias alias = "t1812alias1";
3601 auto manager = CKM::Manager::create();
3602 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3603 std::istreambuf_iterator<char> begin(is), end;
3604 std::vector<char> buff(begin, end);
3606 CKM::PKCS12ShPtr pkcs12;
3608 CKM::RawBuffer buffer(buff.size());
3609 memcpy(buffer.data(), buff.data(), buff.size());
3611 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3612 RUNNER_ASSERT_MSG_BT(
3614 "Error in PKCS12::create()");
3617 RUNNER_ASSERT_MSG_BT(
3618 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy("easypass"), CKM::Policy("easypass"))),
3619 "Error=" << CKM::ErrorToString(temp));
3621 RUNNER_ASSERT_MSG_BT(
3622 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3623 "Error=" << CKM::ErrorToString(temp));
3626 RUNNER_TEST(T1813_deinit)
3629 auto control = CKM::Control::create();
3632 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3633 "Error=" << CKM::ErrorToString(temp));
3636 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3638 RUNNER_TEST(T1901_init_unlock_key)
3641 auto control = CKM::Control::create();
3643 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3644 "Error=" << CKM::ErrorToString(tmp));
3646 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3647 "Error=" << CKM::ErrorToString(tmp));
3649 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3650 "Error=" << CKM::ErrorToString(tmp));
3653 RUNNER_TEST(T1902_get_data)
3655 auto manager = CKM::Manager::create();
3658 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3661 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3662 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3665 RUNNER_TEST(T1903_lock_database)
3668 auto control = CKM::Control::create();
3670 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3671 "Error=" << CKM::ErrorToString(tmp));
3674 RUNNER_TEST(T1904_get_data_from_locked_database)
3676 auto manager = CKM::Manager::create();
3679 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3682 CKM_API_ERROR_DB_LOCKED == status1,
3683 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3686 RUNNER_TEST(T1905_deinit)
3689 auto control = CKM::Control::create();
3691 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3692 "Error=" << CKM::ErrorToString(tmp));
3695 int main(int argc, char *argv[])
3697 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3698 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob