3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <access_provider2.h>
9 #include <ckm-common.h>
10 #include <ckm/ckm-manager.h>
11 #include <ckm/ckm-control.h>
12 #include <ckm/ckm-password.h>
13 #include <ckm/ckm-type.h>
14 #include <ckm/ckm-pkcs12.h>
18 #include <openssl/x509.h>
19 #include <openssl/x509v3.h>
21 #include <dpl/log/log.h>
23 static const int USER_APP = 5000;
24 static const int GROUP_APP = 5000;
25 static const int USER_TEST = 5001;
28 * How to numerate tests:
30 * T - test case (always T)
31 * AB - number of test group (always two digits)
32 * C - test number in group (all tests with same TABC must be run in the same time).
36 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
37 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
38 stop_service(MANAGER);
39 start_service(MANAGER);
41 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
42 std::istreambuf_iterator<char> begin(is), end;
43 std::vector<char> buff(begin, end);
45 CKM::RawBuffer buffer(buff.size());
46 memcpy(buffer.data(), buff.data(), buff.size());
48 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
51 "Error in PKCS12::create()");
53 // all further tests will start with newly started service,
54 // OpenSSL on the service side will have to be properly initialized too
55 stop_service(MANAGER);
56 start_service(MANAGER);
59 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
61 RUNNER_TEST(T0011_Control)
64 auto control = CKM::Control::create();
66 control->removeUserData(0);
67 control->removeUserData(20);
68 control->removeUserData(USER_APP);
71 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
72 "Error=" << CKM::ErrorToString(temp));
75 RUNNER_TEST(T0012_Control)
78 auto control = CKM::Control::create();
80 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
81 "Error=" << CKM::ErrorToString(temp));
83 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
84 "Error=" << CKM::ErrorToString(temp));
87 RUNNER_TEST(T0013_Control)
90 auto control = CKM::Control::create();
92 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
93 "Error=" << CKM::ErrorToString(temp));
96 RUNNER_TEST(T0014_Control)
99 auto control = CKM::Control::create();
101 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "simple-password")),
102 "Error=" << CKM::ErrorToString(temp));
105 RUNNER_TEST(T0015_Control)
108 auto control = CKM::Control::create();
110 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
111 "Error=" << CKM::ErrorToString(temp));
113 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
114 "Error=" << CKM::ErrorToString(temp));
116 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
117 "Error=" << CKM::ErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
120 "Error=" << CKM::ErrorToString(temp));
123 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
125 RUNNER_TEST(T1010_init)
128 auto control = CKM::Control::create();
130 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
131 "Error=" << CKM::ErrorToString(temp));
133 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
134 "Error=" << CKM::ErrorToString(temp));
137 RUNNER_TEST(T1011_key)
140 auto manager = CKM::Manager::create();
142 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
143 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
144 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
145 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
146 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
147 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
148 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
150 "-----END PUBLIC KEY-----";
152 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
153 auto key = CKM::Key::create(buffer, CKM::Password());
155 CKM::Alias alias = "mykey";
158 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
159 "Error=" << CKM::ErrorToString(temp));
161 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
162 "Error=" << CKM::ErrorToString(temp));
164 key->getDER() == key2->getDER(),
165 "Key value has been changed by service");
168 RUNNER_TEST(T1012_certificate)
171 auto manager = CKM::Manager::create();
173 std::string certPem =
174 "-----BEGIN CERTIFICATE-----\n"
175 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
176 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
177 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
178 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
179 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
180 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
181 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
182 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
183 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
184 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
185 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
186 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
187 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
188 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
189 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
190 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
191 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
192 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
193 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
194 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
195 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
196 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
197 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
198 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
200 "-----END CERTIFICATE-----\n";
202 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
203 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
204 CKM::CertificateShPtr cert2;
205 CKM::Alias alias = "myCert";
208 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
209 "Error=" << CKM::ErrorToString(temp));
211 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
212 "Error=" << CKM::ErrorToString(temp));
214 cert->getDER() == cert2->getDER(),
215 "Data has been modified in key manager");
218 RUNNER_CHILD_TEST(T1013_user_app_save_key)
220 AccessProvider ap("mylabel");
221 ap.allowAPI("key-manager::api-storage", "rw");
222 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
224 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
225 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
226 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
227 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
228 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
229 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
230 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
232 "-----END PUBLIC KEY-----";
235 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
236 auto key = CKM::Key::create(buffer, CKM::Password());
238 CKM::Alias alias = "mykey";
239 auto manager = CKM::Manager::create();
242 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
243 "Error=" << CKM::ErrorToString(temp));
245 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
246 "Error=" << CKM::ErrorToString(temp));
248 key->getDER() == key2->getDER(), "Key value has been changed by service");
251 RUNNER_TEST(T1014_save_with_label)
254 auto manager = CKM::Manager::create();
256 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
257 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
258 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
259 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
260 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
261 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
262 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
264 "-----END PUBLIC KEY-----";
266 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
267 auto key = CKM::Key::create(buffer, CKM::Password());
268 CKM::KeyShPtr key_name, key_full_addr;
269 CKM::Alias alias = "mykey-2";
270 CharPtr top_label = get_label();
271 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
274 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
275 "Error=" << CKM::ErrorToString(temp));
279 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
280 "Error=" << CKM::ErrorToString(temp));
282 key->getDER() == key_name->getDER(),
283 "Key value has been changed by service");
285 // lookup by full address
287 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
288 "Error=" << CKM::ErrorToString(temp));
290 key->getDER() == key_full_addr->getDER(),
291 "Key value has been changed by service");
294 RUNNER_TEST(T1015_deinit)
297 auto control = CKM::Control::create();
300 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
301 "Error=" << CKM::ErrorToString(temp));
303 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
304 "Error=" << CKM::ErrorToString(temp));
306 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
307 "Error=" << CKM::ErrorToString(temp));
309 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
310 "Error=" << CKM::ErrorToString(temp));
313 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
315 RUNNER_TEST(T1020_init)
318 auto control = CKM::Control::create();
320 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
321 "Error=" << CKM::ErrorToString(temp));
323 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
324 "Error=" << CKM::ErrorToString(temp));
327 RUNNER_TEST(T1021_save_keys_get_alias)
330 auto manager = CKM::Manager::create();
332 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
333 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
334 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
335 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
336 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
337 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
338 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
340 "-----END PUBLIC KEY-----";
342 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
343 auto key = CKM::Key::create(buffer, CKM::Password());
344 CKM::AliasVector labelAliasVector;
347 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
348 "Error=" << CKM::ErrorToString(temp));
350 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
351 "Error=" << CKM::ErrorToString(temp));
353 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
354 "Error=" << CKM::ErrorToString(temp));
356 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
357 "Error=" << CKM::ErrorToString(temp));
359 labelAliasVector.size() == 3,
360 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
363 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
365 AccessProvider ap("mylabel");
366 ap.allowAPI("key-manager::api-storage", "rw");
367 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
370 auto manager = CKM::Manager::create();
372 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
373 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
374 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
375 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
376 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
377 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
378 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
380 "-----END PUBLIC KEY-----";
382 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
383 auto key = CKM::Key::create(buffer, CKM::Password());
384 CKM::AliasVector labelAliasVector;
387 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
388 "Error=" << CKM::ErrorToString(temp));
390 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
391 "Error=" << CKM::ErrorToString(temp));
393 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
394 "Error=" << CKM::ErrorToString(temp));
396 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
397 "Error=" << CKM::ErrorToString(temp));
399 labelAliasVector.size() == 3,
400 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
403 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
405 AccessProvider ap("mylabel");
406 ap.allowAPI("key-manager::api-storage", "rw");
407 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
410 auto manager = CKM::Manager::create();
412 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
413 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
414 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
415 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
416 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
417 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
418 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
420 "-----END PUBLIC KEY-----";
422 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
423 auto key = CKM::Key::create(buffer, CKM::Password());
424 CKM::AliasVector aliasVector;
425 CKM::Policy notExportable(CKM::Password(), false);
428 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
429 "Error=" << CKM::ErrorToString(temp));
431 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
432 "Error=" << CKM::ErrorToString(temp));
434 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
435 "Error=" << CKM::ErrorToString(temp));
438 RUNNER_TEST(T1029_deinit)
441 auto control = CKM::Control::create();
444 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
445 "Error=" << CKM::ErrorToString(temp));
447 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
448 "Error=" << CKM::ErrorToString(temp));
450 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
451 "Error=" << CKM::ErrorToString(temp));
453 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
454 "Error=" << CKM::ErrorToString(temp));
457 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
459 RUNNER_TEST(T1030_init)
462 auto control = CKM::Control::create();
464 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
465 "Error=" << CKM::ErrorToString(temp));
467 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
468 "Error=" << CKM::ErrorToString(temp));
471 RUNNER_TEST(T1031_save_get_bin_data)
474 auto manager = CKM::Manager::create();
476 std::string binData1 = "My bin data1";
477 std::string binData2 = "My bin data2";
478 std::string binData3 = "My bin data3";
480 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
481 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
482 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
484 CKM::AliasVector labelAliasVector;
487 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
488 "Error=" << CKM::ErrorToString(temp));
490 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
491 "Error=" << CKM::ErrorToString(temp));
493 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
494 "Error=" << CKM::ErrorToString(temp));
496 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
497 "Error=" << CKM::ErrorToString(temp));
499 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
500 "Error=" << CKM::ErrorToString(temp));
502 labelAliasVector.size() == 3,
503 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
505 CKM::RawBuffer buffer;
507 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
508 "Error=" << CKM::ErrorToString(temp));
514 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
516 AccessProvider ap("mylabel");
517 ap.allowAPI("key-manager::api-storage", "rw");
518 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
521 auto manager = CKM::Manager::create();
523 std::string binData = "My bin data";
525 CKM::RawBuffer buffer(binData.begin(), binData.end());
527 CKM::AliasVector labelAliasVector;
530 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
531 "Error=" << CKM::ErrorToString(temp));
533 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
534 "Error=" << CKM::ErrorToString(temp));
536 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
537 "Error=" << CKM::ErrorToString(temp));
539 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
540 "Error=" << CKM::ErrorToString(temp));
542 labelAliasVector.size() == 3,
543 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
546 RUNNER_TEST(T1033_remove_bin_data)
549 auto manager = CKM::Manager::create();
551 std::string binData2 = "My bin data2";
552 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
554 CKM::AliasVector labelAliasVector;
556 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
558 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
559 "Error=" << CKM::ErrorToString(temp));
561 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
562 "Error=" << CKM::ErrorToString(temp));
564 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
565 "Error=" << CKM::ErrorToString(temp));
567 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
568 "Error=" << CKM::ErrorToString(temp));
570 labelAliasVector.size() == 1,
571 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
573 CKM::RawBuffer buffer;
575 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
576 "Error=" << CKM::ErrorToString(temp));
581 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
582 "Error=" << CKM::ErrorToString(temp));
585 RUNNER_TEST(T1039_deinit)
588 auto control = CKM::Control::create();
591 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
592 "Error=" << CKM::ErrorToString(temp));
594 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
595 "Error=" << CKM::ErrorToString(temp));
597 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
598 "Error=" << CKM::ErrorToString(temp));
600 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
601 "Error=" << CKM::ErrorToString(temp));
604 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
606 RUNNER_TEST(T1040_init)
609 auto control = CKM::Control::create();
612 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
613 "Error=" << CKM::ErrorToString(temp));
616 RUNNER_CHILD_TEST(T1041_create_rsa_key)
619 auto manager = CKM::Manager::create();
622 AccessProvider ap("mylabel-rsa");
623 ap.allowAPI("key-manager::api-storage", "rw");
624 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
627 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
628 "Error=" << CKM::ErrorToString(temp));
630 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
631 "Error=" << CKM::ErrorToString(temp));
633 2 == (temp = av.size()),
634 "Vector size: " << temp << ". Expected: 2");
637 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
640 auto manager = CKM::Manager::create();
643 AccessProvider ap("mylabel-rsa");
644 ap.allowAPI("key-manager::api-storage", "rw");
645 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
648 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
649 "Error=" << CKM::ErrorToString(temp));
651 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
652 "Error=" << CKM::ErrorToString(temp));
655 RUNNER_CHILD_TEST(T1043_create_dsa_key)
658 auto manager = CKM::Manager::create();
661 AccessProvider ap("mylabel-dsa");
662 ap.allowAPI("key-manager::api-storage", "rw");
663 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
666 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
667 "Error=" << CKM::ErrorToString(temp));
669 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
670 "Error=" << CKM::ErrorToString(temp));
672 2 == (temp = av.size()),
673 "Vector size: " << temp << ". Expected: 2");
676 RUNNER_TEST(T1049_deinit)
679 auto control = CKM::Control::create();
682 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
683 "Error=" << CKM::ErrorToString(temp));
685 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
686 "Error=" << CKM::ErrorToString(temp));
690 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
692 RUNNER_TEST(T1110_init)
695 auto control = CKM::Control::create();
697 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
698 "Error=" << CKM::ErrorToString(temp));
700 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
701 "Error=" << CKM::ErrorToString(temp));
704 RUNNER_TEST(T1111_CreateKeyPairRSA)
707 auto manager = CKM::Manager::create();
708 CKM::Alias a1("rsa-test-1");
709 CKM::Alias a2("rsa-test-2");
713 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
714 "Error=" << CKM::ErrorToString(temp));
716 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
717 "Error=" << CKM::ErrorToString(temp));
720 RUNNER_TEST(T1112_CreateKeyPairDSA)
723 auto manager = CKM::Manager::create();
724 CKM::Alias a1("dsa-test-1");
725 CKM::Alias a2("dsa-test-2");
729 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
730 "Error=" << CKM::ErrorToString(temp));
732 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
733 "Error=" << CKM::ErrorToString(temp));
736 RUNNER_TEST(T1113_CreateKeyPairECDSA)
739 auto manager = CKM::Manager::create();
740 CKM::Alias a1("ecdsa-test-1");
741 CKM::Alias a2("ecdsa-test-2");
745 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
746 "Error=" << CKM::ErrorToString(temp));
749 RUNNER_TEST(T1114_deinit)
752 auto control = CKM::Control::create();
755 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
756 "Error=" << CKM::ErrorToString(temp));
758 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
759 "Error=" << CKM::ErrorToString(temp));
762 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
764 RUNNER_TEST(T12100_init)
767 auto control = CKM::Control::create();
769 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
770 "Error=" << CKM::ErrorToString(temp));
772 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
773 "Error=" << CKM::ErrorToString(temp));
776 RUNNER_TEST(T12101_key_exist)
779 auto manager = CKM::Manager::create();
781 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
782 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
783 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
784 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
785 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
786 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
787 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
789 "-----END PUBLIC KEY-----";
791 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
792 auto key = CKM::Key::create(buffer);
793 CKM::Alias alias = "rsa-alias-duplication";
796 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
797 "Error=" << CKM::ErrorToString(ret));
799 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
800 "Error=" << CKM::ErrorToString(ret));
804 * These test cases tests API when empty parameters are passed to functions
807 RUNNER_TEST(T12102_saveKey_empty_alias)
809 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
810 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
811 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
812 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
813 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
814 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
815 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
816 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
818 "-----END PUBLIC KEY-----";
820 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
821 auto key = CKM::Key::create(buffer);
822 CKM::Alias alias; //alias is not initialized
825 auto manager = CKM::Manager::create();
827 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
828 "Error=" << CKM::ErrorToString(ret));
831 RUNNER_TEST(T12103_saveKey_foreign_label)
833 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
834 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
835 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
836 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
837 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
838 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
839 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
841 "-----END PUBLIC KEY-----";
843 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
844 auto key = CKM::Key::create(buffer);
845 CKM::Alias alias = "iamsomebodyelse alias";
848 auto manager = CKM::Manager::create();
850 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
851 "Error=" << CKM::ErrorToString(ret));
854 RUNNER_TEST(T12104_saveKey_empty_key)
856 CKM::KeyShPtr key; //key is not initialized
857 CKM::Alias alias = "empty-key";
860 auto manager = CKM::Manager::create();
862 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
863 "Error=" << CKM::ErrorToString(ret));
866 RUNNER_TEST(T12105_saveCertificate_empty_alias)
868 std::string certPem =
869 "-----BEGIN CERTIFICATE-----\n"
870 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
871 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
872 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
873 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
874 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
875 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
876 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
877 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
878 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
879 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
880 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
881 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
882 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
883 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
884 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
885 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
886 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
887 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
888 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
889 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
890 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
891 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
892 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
893 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
895 "-----END CERTIFICATE-----\n";
897 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
898 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
899 CKM::Alias alias; //alias is not initialized
902 auto manager = CKM::Manager::create();
904 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
905 "Error=" << CKM::ErrorToString(temp));
908 RUNNER_TEST(T12106_saveCertificate_foreign_label)
910 std::string certPem =
911 "-----BEGIN CERTIFICATE-----\n"
912 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
913 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
914 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
915 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
916 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
917 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
918 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
919 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
920 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
921 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
922 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
923 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
924 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
925 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
926 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
927 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
928 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
929 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
930 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
931 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
932 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
933 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
934 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
935 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
937 "-----END CERTIFICATE-----\n";
939 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
940 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
941 CKM::Alias alias = "iamsomebodyelse alias";
944 auto manager = CKM::Manager::create();
946 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
947 "Error=" << CKM::ErrorToString(temp));
950 RUNNER_TEST(T12107_saveCertificate_empty_cert)
952 CKM::CertificateShPtr cert; //cert is not initialized
953 CKM::Alias alias = "empty-cert";
956 auto manager = CKM::Manager::create();
958 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
959 "Error=" << CKM::ErrorToString(temp));
962 RUNNER_TEST(T12108_saveData_empty_alias)
964 std::string testData = "test data test data test data";
965 CKM::RawBuffer buffer(testData.begin(), testData.end());
969 auto manager = CKM::Manager::create();
971 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
972 "Error=" << CKM::ErrorToString(temp));
975 RUNNER_TEST(T12109_saveData_foreign_label)
977 std::string testData = "test data test data test data";
978 CKM::RawBuffer buffer(testData.begin(), testData.end());
979 CKM::Alias alias = "iamsomebodyelse alias";
982 auto manager = CKM::Manager::create();
984 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
985 "Error=" << CKM::ErrorToString(temp));
988 RUNNER_TEST(T12110_saveData_empty_data)
990 CKM::RawBuffer buffer;
991 CKM::Alias alias = "empty-data";
994 auto manager = CKM::Manager::create();
996 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
997 "Error=" << CKM::ErrorToString(temp));
1001 * These test cases tests API when trying to get data from not existing alias
1004 RUNNER_TEST(T12111_getKey_alias_not_exist)
1007 CKM::Alias alias = "this-alias-not-exist";
1010 auto manager = CKM::Manager::create();
1012 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1013 "Error=" << CKM::ErrorToString(temp));
1016 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1018 CKM::CertificateShPtr certificate;
1019 CKM::Alias alias = "this-alias-not-exist";
1022 auto manager = CKM::Manager::create();
1024 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1025 "Error=" << CKM::ErrorToString(temp));
1028 RUNNER_TEST(T12113_getData_alias_not_exist)
1031 auto manager = CKM::Manager::create();
1032 CKM::RawBuffer buffer;
1033 CKM::Alias alias("some alias");
1035 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1036 "Error=" << CKM::ErrorToString(temp));
1040 * These test cases tests API when damaged keys are used
1042 RUNNER_TEST(T12114_rsa_key_damaged)
1045 auto manager = CKM::Manager::create();
1047 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1048 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1049 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1050 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1051 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1052 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1053 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1055 "-----END PUBLIC KEY-----";
1057 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1058 auto key = CKM::Key::create(buffer);
1059 CKM::Alias alias = "damaged-rsa";
1062 NULL == key.get(), "Key is broken. It should be empty");
1065 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1066 "Error=" << CKM::ErrorToString(ret));
1069 RUNNER_TEST(T12115_rsa_key_too_short)
1072 auto manager = CKM::Manager::create();
1074 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1075 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1076 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1077 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1078 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1079 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1080 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1082 "-----END PUBLIC KEY-----";
1084 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1085 auto key = CKM::Key::create(buffer);
1086 CKM::Alias alias = "short-rsa";
1089 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1090 "Error=" << CKM::ErrorToString(ret));
1093 RUNNER_TEST(T12116_dsa_key_too_short)
1096 auto manager = CKM::Manager::create();
1098 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1099 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1100 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1101 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1102 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1103 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1104 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1105 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1106 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1107 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1108 "YMYCBhubtrVaLmc=\n"
1109 "-----END PUBLIC KEY-----";
1111 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1112 auto key = CKM::Key::create(buffer);
1113 CKM::Alias alias = "short-dsa";
1116 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1117 "Error=" << CKM::ErrorToString(ret));
1122 * These test cases tests CKM service if malicious data is provided over the socket.
1125 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1128 auto manager = CKM::Manager::create();
1130 // fake the client - let the service detect the problem
1131 class WrongKeyImpl : public CKM::Key
1134 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1137 virtual bool empty() const {
1141 virtual CKM::KeyType getType() const {
1142 return CKM::KeyType::KEY_RSA_PUBLIC;
1144 virtual int getSize() const {
1147 virtual CKM::ElipticCurve getCurve() const {
1148 return CKM::ElipticCurve::prime192v1;
1150 virtual CKM::RawBuffer getDER() const {
1153 virtual ~WrongKeyImpl() {}
1155 CKM::RawBuffer & m_dummy;
1157 std::string dummyData = "my_cat_Berta\n";
1158 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1159 auto key = std::make_shared<WrongKeyImpl>(buffer);
1160 CKM::Alias alias = "damaged-rsa";
1163 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1164 "Error=" << CKM::ErrorToString(ret));
1167 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1169 // fake the client - let the service detect the problem
1170 class WrongCertImpl : public CKM::Certificate
1173 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1174 m_x509 = X509_new();
1177 bool empty() const {
1181 virtual X509 *getX509() const {
1185 virtual CKM::RawBuffer getDER() const {
1189 virtual ~WrongCertImpl() {
1194 CKM::RawBuffer & m_dummy;
1196 std::string dummyData = "my_cat_Stefan\n";
1197 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1198 auto cert = std::make_shared<WrongCertImpl>(buffer);
1199 CKM::Alias alias = "damaged-cert";
1202 auto manager = CKM::Manager::create();
1204 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1205 "Error=" << CKM::ErrorToString(temp));
1208 RUNNER_TEST(T12119_deinit)
1211 auto control = CKM::Control::create();
1214 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1215 "Error=" << CKM::ErrorToString(temp));
1217 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1218 "Error=" << CKM::ErrorToString(temp));
1221 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1223 RUNNER_TEST(T1311_init)
1226 auto control = CKM::Control::create();
1228 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1229 "Error=" << CKM::ErrorToString(temp));
1230 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1231 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1233 struct hostent* he = gethostbyname("google.com");
1235 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1236 "is not woking on the device. OCSP tests requires network access!");
1239 RUNNER_TEST(T1312_get_chain)
1241 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1242 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1243 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1244 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1245 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1246 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1247 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1248 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1249 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1250 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1251 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1252 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1253 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1254 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1255 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1256 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1257 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1258 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1259 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1260 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1261 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1262 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1263 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1264 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1265 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1266 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1267 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1268 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1269 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1270 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1271 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1272 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1274 "-----END CERTIFICATE-----\n";
1277 "-----BEGIN CERTIFICATE-----\n"
1278 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1279 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1280 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1281 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1282 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1283 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1284 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1285 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1286 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1287 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1288 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1289 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1290 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1291 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1292 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1293 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1294 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1295 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1296 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1297 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1298 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1299 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1300 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1301 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1302 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1303 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1304 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1305 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1306 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1307 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1308 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1309 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1310 "-----END CERTIFICATE-----\n";
1312 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1313 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1314 CKM::CertificateShPtrVector certVector = {cert1};
1315 CKM::CertificateShPtrVector certChain;
1318 auto manager = CKM::Manager::create();
1320 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1321 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1324 CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
1325 "Error=" << CKM::ErrorToString(tmp));
1328 0 == certChain.size(),
1329 "Wrong size of certificate chain.");
1332 CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
1333 "Error=" << CKM::ErrorToString(tmp));
1336 3 == certChain.size(),
1337 "Wrong size of certificate chain.");
1340 RUNNER_TEST(T1313_get_chain_with_alias)
1342 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1343 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1344 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1345 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1346 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1347 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1348 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1349 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1350 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1351 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1352 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1353 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1354 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1355 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1356 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1357 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1358 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1359 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1360 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1361 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1362 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1363 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1364 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1365 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1366 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1367 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1368 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1369 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1370 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1371 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1372 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1373 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1375 "-----END CERTIFICATE-----\n";
1378 "-----BEGIN CERTIFICATE-----\n"
1379 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1380 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1381 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1382 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1383 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1384 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1385 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1386 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1387 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1388 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1389 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1390 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1391 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1392 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1393 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1394 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1395 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1396 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1397 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1398 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1399 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1400 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1401 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1402 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1403 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1404 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1405 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1406 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1407 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1408 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1409 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1410 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1411 "-----END CERTIFICATE-----\n";
1413 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1414 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1415 CKM::CertificateShPtrVector certChain;
1416 CKM::AliasVector aliasVector;
1417 CKM::Alias alias("imcert");
1418 CharPtr top_label = get_label();
1419 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1422 auto manager = CKM::Manager::create();
1424 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1425 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1428 CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
1429 "Error=" << CKM::ErrorToString(tmp));
1432 0 == certChain.size(),
1433 "Wrong size of certificate chain.");
1436 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1437 "Error=" << CKM::ErrorToString(tmp));
1439 aliasVector.push_back(full_address);
1442 CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
1443 "Error=" << CKM::ErrorToString(tmp));
1446 3 == certChain.size(),
1447 "Wrong size of certificate chain.");
1450 RUNNER_TEST(T1314_ocsp_check)
1452 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1454 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1455 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1456 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1457 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1458 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1459 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1460 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1461 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1462 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1463 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1464 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1465 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1466 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1467 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1468 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1469 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1470 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1471 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1472 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1473 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1474 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1475 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1476 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1477 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1478 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1479 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1480 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1481 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1482 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1483 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1484 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1485 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1487 "-----END CERTIFICATE-----\n";
1490 "-----BEGIN CERTIFICATE-----\n"
1491 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1492 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1493 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1494 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1495 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1496 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1497 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1498 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1499 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1500 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1501 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1502 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1503 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1504 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1505 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1506 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1507 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1508 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1509 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1510 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1511 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1512 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1513 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1514 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1515 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1516 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1517 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1518 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1519 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1520 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1521 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1522 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1523 "-----END CERTIFICATE-----\n";
1525 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1526 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1527 CKM::CertificateShPtrVector certVector = {cert1};
1528 CKM::CertificateShPtrVector certChain;
1531 auto manager = CKM::Manager::create();
1533 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1534 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1537 CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
1538 "Error=" << CKM::ErrorToString(tmp));
1541 0 == certChain.size(),
1542 "Wrong size of certificate chain.");
1545 CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
1546 "Error=" << CKM::ErrorToString(tmp));
1549 3 == certChain.size(),
1550 "Wrong size of certificate chain.");
1554 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1555 "Error=" << CKM::ErrorToString(tmp));
1557 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1560 RUNNER_TEST(T1315_deinit)
1563 auto control = CKM::Control::create();
1566 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1567 "Error=" << CKM::ErrorToString(temp));
1569 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1570 "Error=" << CKM::ErrorToString(temp));
1573 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1575 RUNNER_TEST(T1411_init)
1578 auto control = CKM::Control::create();
1580 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1581 "Error=" << CKM::ErrorToString(temp));
1584 RUNNER_TEST(T1412_rsa_key_create_verify)
1587 auto manager = CKM::Manager::create();
1589 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1590 "Proc-Type: 4,ENCRYPTED\n"
1591 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1593 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1594 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1595 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1596 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1597 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1598 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1599 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1600 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1601 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1602 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1603 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1604 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1605 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1606 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1607 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1608 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1609 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1610 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1611 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1612 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1613 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1614 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1615 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1616 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1617 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1618 "-----END RSA PRIVATE KEY-----\n";
1620 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1621 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1622 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1623 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1624 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1625 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1626 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1628 "-----END PUBLIC KEY-----\n";
1630 std::string message = "message test";
1632 CKM::Alias aliasPub = "pub1";
1633 CKM::Alias aliasPrv = "prv1";
1634 CKM::Password password = "1234";
1635 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1636 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1637 CKM::RawBuffer signature;
1639 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1640 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1642 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1643 "Key is empty. Failed to import public key.");
1644 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1645 "Key is empty. Failed to import private key.");
1648 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1649 "Error=" << CKM::ErrorToString(temp));
1651 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1652 "Error=" << CKM::ErrorToString(temp));
1655 CKM_API_SUCCESS == (temp = manager->createSignature(
1658 CKM::RawBuffer(message.begin(), message.end()),
1662 "Error=" << CKM::ErrorToString(temp));
1665 CKM_API_SUCCESS == (temp = manager->verifySignature(
1668 CKM::RawBuffer(message.begin(), message.end()),
1672 "Error=" << CKM::ErrorToString(temp));
1675 RUNNER_TEST(T1413_dsa_key_create_verify)
1678 auto manager = CKM::Manager::create();
1680 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1681 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1682 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1683 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1684 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1685 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1686 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1687 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1688 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1689 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1690 "u1roOuaPY+Hl19BlTE2qdw==\n"
1691 "-----END DSA PRIVATE KEY-----";
1693 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1694 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1695 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1696 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1697 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1698 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1699 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1700 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1701 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1702 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1703 "YMYCBhubtrVaLmc=\n"
1704 "-----END PUBLIC KEY-----";
1706 std::string message = "message test";
1708 CKM::Alias aliasPub = "pub2";
1709 CKM::Alias aliasPrv = "prv2";
1710 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1711 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1712 CKM::RawBuffer signature;
1714 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1715 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1717 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1718 "Key is empty. Failed to import public key.");
1719 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1720 "Key is empty. Failed to import private key.");
1723 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1724 "Error=" << CKM::ErrorToString(temp));
1726 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1727 "Error=" << CKM::ErrorToString(temp));
1730 CKM_API_SUCCESS == (temp = manager->createSignature(
1733 CKM::RawBuffer(message.begin(), message.end()),
1737 "Error=" << CKM::ErrorToString(temp));
1740 CKM_API_SUCCESS == (temp = manager->verifySignature(
1743 CKM::RawBuffer(message.begin(), message.end()),
1747 "Error=" << CKM::ErrorToString(temp));
1751 RUNNER_TEST(T1414_ec_key_create_verify)
1754 auto manager = CKM::Manager::create();
1756 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1757 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1758 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1759 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1760 "-----END EC PRIVATE KEY-----\n";
1762 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1763 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1764 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1765 "-----END PUBLIC KEY-----\n";
1767 std::string message = "message test";
1769 CKM::Alias aliasPub = "ecpub2";
1770 CKM::Alias aliasPrv = "ecprv2";
1771 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1772 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1773 CKM::RawBuffer signature;
1775 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1776 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1778 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1779 "Key is empty. Failed to import public key.");
1780 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1781 "Key is empty. Failed to import private key.");
1784 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1785 "Error=" << CKM::ErrorToString(temp));
1787 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1788 "Error=" << CKM::ErrorToString(temp));
1791 CKM_API_SUCCESS == (temp = manager->createSignature(
1794 CKM::RawBuffer(message.begin(), message.end()),
1798 "Error=" << CKM::ErrorToString(temp));
1801 CKM_API_SUCCESS == (temp = manager->verifySignature(
1804 CKM::RawBuffer(message.begin(), message.end()),
1808 "Error=" << CKM::ErrorToString(temp));
1810 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1812 memcpy((void*)signature.data(), "BROKEN", 6);
1815 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1818 CKM::RawBuffer(message.begin(), message.end()),
1822 "Error=" << CKM::ErrorToString(temp));
1825 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1828 auto manager = CKM::Manager::create();
1829 std::string message = "message asdfaslkdfjlksadjf test";
1831 CKM::Alias aliasPub = "pub1";
1832 CKM::Alias aliasPrv = "prv1";
1834 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1835 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1836 CKM::RawBuffer signature;
1839 CKM_API_SUCCESS == (temp = manager->createSignature(
1842 CKM::RawBuffer(message.begin(), message.end()),
1846 "Error=" << CKM::ErrorToString(temp));
1849 CKM_API_SUCCESS == (temp = manager->verifySignature(
1852 CKM::RawBuffer(message.begin(), message.end()),
1856 "Error=" << CKM::ErrorToString(temp));
1858 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1859 memcpy((void*)signature.data(), "BROKEN", 6);
1862 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1865 CKM::RawBuffer(message.begin(), message.end()),
1869 "Error=" << CKM::ErrorToString(temp));
1872 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1875 auto manager = CKM::Manager::create();
1876 std::string message = "message asdfaslkdfjlksadjf test";
1878 CKM::Alias aliasPub = "pub2";
1879 CKM::Alias aliasPrv = "prv2";
1881 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1882 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1883 CKM::RawBuffer signature;
1886 CKM_API_SUCCESS == (temp = manager->createSignature(
1889 CKM::RawBuffer(message.begin(), message.end()),
1893 "Error=" << CKM::ErrorToString(temp));
1896 CKM_API_SUCCESS == (temp = manager->verifySignature(
1899 CKM::RawBuffer(message.begin(), message.end()),
1903 "Error=" << CKM::ErrorToString(temp));
1905 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1906 memcpy((void*)signature.data(), "BROKEN", 6);
1909 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1912 CKM::RawBuffer(message.begin(), message.end()),
1916 "Error=" << CKM::ErrorToString(temp));
1919 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1922 auto manager = CKM::Manager::create();
1925 "-----BEGIN RSA PRIVATE KEY-----\n"
1926 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1927 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1928 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1929 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1930 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1931 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1932 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1933 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1934 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1935 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1936 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1937 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1938 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1939 "-----END RSA PRIVATE KEY-----\n";
1942 "-----BEGIN CERTIFICATE-----\n"
1943 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1944 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1945 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1946 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1947 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1948 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1949 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1950 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1951 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1952 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1953 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1954 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1955 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1956 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1957 "-----END CERTIFICATE-----\n";
1959 std::string message = "message test";
1961 CKM::Alias aliasPub = "pub1-cert";
1962 CKM::Alias aliasPrv = "prv1-cert";
1963 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1964 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1965 CKM::RawBuffer signature;
1967 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1968 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1970 RUNNER_ASSERT_MSG(NULL != cert.get(),
1971 "Key is empty. Failed to import public key.");
1972 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1973 "Key is empty. Failed to import private key.");
1976 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1977 "Error=" << CKM::ErrorToString(temp));
1979 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1980 "Error=" << CKM::ErrorToString(temp));
1983 CKM_API_SUCCESS == (temp = manager->createSignature(
1986 CKM::RawBuffer(message.begin(), message.end()),
1990 "Error=" << CKM::ErrorToString(temp));
1993 CKM_API_SUCCESS == (temp = manager->verifySignature(
1996 CKM::RawBuffer(message.begin(), message.end()),
2000 "Error=" << CKM::ErrorToString(temp));
2002 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2004 memcpy((void*)signature.data(), "BROKEN", 6);
2007 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2010 CKM::RawBuffer(message.begin(), message.end()),
2014 "Error=" << CKM::ErrorToString(temp));
2017 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
2020 auto manager = CKM::Manager::create();
2022 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
2023 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
2024 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
2025 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
2026 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
2027 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
2028 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
2029 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
2030 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
2031 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
2032 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
2033 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
2034 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
2035 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
2036 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
2037 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
2038 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
2039 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
2040 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
2041 "-----END CERTIFICATE-----\n";
2043 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
2044 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
2045 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
2046 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
2047 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2048 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2049 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2050 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2051 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2052 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2053 "vonbjii3BYe4AIdkzOvp\n"
2054 "-----END DSA PRIVATE KEY-----\n";
2056 std::string message = "message test";
2058 CKM::Alias aliasPub = "pub2-cert";
2059 CKM::Alias aliasPrv = "prv2-cert";
2060 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2061 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2062 CKM::RawBuffer signature;
2064 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2065 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2067 RUNNER_ASSERT_MSG(NULL != cert.get(),
2068 "Key is empty. Failed to import public key.");
2069 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2070 "Key is empty. Failed to import private key.");
2073 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2074 "Error=" << CKM::ErrorToString(temp));
2076 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2077 "Error=" << CKM::ErrorToString(temp));
2080 CKM_API_SUCCESS == (temp = manager->createSignature(
2083 CKM::RawBuffer(message.begin(), message.end()),
2087 "Error=" << CKM::ErrorToString(temp));
2090 CKM_API_SUCCESS == (temp = manager->verifySignature(
2093 CKM::RawBuffer(message.begin(), message.end()),
2097 "Error=" << CKM::ErrorToString(temp));
2099 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2101 memcpy((void*)signature.data(), "BROKEN", 6);
2104 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2107 CKM::RawBuffer(message.begin(), message.end()),
2111 "Error=" << CKM::ErrorToString(temp));
2114 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
2117 auto manager = CKM::Manager::create();
2120 "-----BEGIN EC PRIVATE KEY-----\n"
2121 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2122 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2123 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2124 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2125 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2126 "ELyhe7yPCAuOoLZlTLgf\n"
2127 "-----END EC PRIVATE KEY-----\n";
2130 "-----BEGIN CERTIFICATE-----\n"
2131 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2132 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2133 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2134 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2135 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2136 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2137 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2138 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2139 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2140 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2141 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2142 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2143 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2144 "Q1oBry6NEc+lLFmWMDesAA==\n"
2145 "-----END CERTIFICATE-----\n";
2147 std::string message = "message test";
2149 CKM::Alias aliasPub = "pub3";
2150 CKM::Alias aliasPrv = "prv3";
2151 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2152 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2153 CKM::RawBuffer signature;
2155 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2156 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2158 RUNNER_ASSERT_MSG(NULL != cert.get(),
2159 "Key is empty. Failed to import public key.");
2160 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2161 "Key is empty. Failed to import private key.");
2164 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2165 "Error=" << CKM::ErrorToString(temp));
2167 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2168 "Error=" << CKM::ErrorToString(temp));
2171 CKM_API_SUCCESS == (temp = manager->createSignature(
2174 CKM::RawBuffer(message.begin(), message.end()),
2178 "Error=" << CKM::ErrorToString(temp));
2181 CKM_API_SUCCESS == (temp = manager->verifySignature(
2184 CKM::RawBuffer(message.begin(), message.end()),
2188 "Error=" << CKM::ErrorToString(temp));
2190 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2192 memcpy((void*)signature.data(), "BROKEN", 6);
2195 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2198 CKM::RawBuffer(message.begin(), message.end()),
2202 "Error=" << CKM::ErrorToString(temp));
2205 RUNNER_TEST(T1420_deinit)
2208 auto control = CKM::Control::create();
2211 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2212 "Error=" << CKM::ErrorToString(temp));
2214 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2215 "Error=" << CKM::ErrorToString(temp));
2218 RUNNER_TEST(T14180_init)
2221 auto control = CKM::Control::create();
2223 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2224 "Error=" << CKM::ErrorToString(temp));
2226 auto manager = CKM::Manager::create();
2228 // Prepare RSA Key Pair
2229 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2230 "Proc-Type: 4,ENCRYPTED\n"
2231 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2233 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2234 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2235 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2236 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2237 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2238 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2239 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2240 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2241 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2242 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2243 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2244 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2245 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2246 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2247 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2248 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2249 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2250 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2251 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2252 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2253 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2254 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2255 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2256 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2257 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2258 "-----END RSA PRIVATE KEY-----\n";
2260 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2261 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2262 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2263 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2264 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2265 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2266 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2268 "-----END PUBLIC KEY-----\n";
2270 CKM::Alias aliasPub = "pub_nohash1";
2271 CKM::Alias aliasPrv = "prv_nohash1";
2272 CKM::Password password = "1234";
2274 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2275 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2277 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2278 "Key is empty. Failed to import public key.");
2279 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2280 "Key is empty. Failed to import private key.");
2283 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2284 "Error=" << CKM::ErrorToString(temp));
2286 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2287 "Error=" << CKM::ErrorToString(temp));
2289 // Prepare ECDSA Key Pair
2290 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2291 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2292 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2293 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2294 "-----END EC PRIVATE KEY-----\n";
2296 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2297 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2298 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2299 "-----END PUBLIC KEY-----\n";
2301 CKM::Alias aliasEcPub = "ecpub_nohash1";
2302 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2304 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2305 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2307 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2308 "Key is empty. Failed to import public key.");
2309 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2310 "Key is empty. Failed to import private key.");
2313 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2314 "Error=" << CKM::ErrorToString(temp));
2316 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2317 "Error=" << CKM::ErrorToString(temp));
2321 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2324 auto manager = CKM::Manager::create();
2325 std::string message = "message asdfaslkdfjlksadjf test";
2327 CKM::Alias aliasPub = "pub_nohash1";
2328 CKM::Alias aliasPrv = "prv_nohash1";
2330 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2331 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2332 CKM::RawBuffer signature;
2335 CKM_API_SUCCESS == (temp = manager->createSignature(
2338 CKM::RawBuffer(message.begin(), message.end()),
2342 "Error=" << CKM::ErrorToString(temp));
2345 CKM_API_SUCCESS == (temp = manager->verifySignature(
2348 CKM::RawBuffer(message.begin(), message.end()),
2352 "Error=" << CKM::ErrorToString(temp));
2354 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2355 memcpy((void*)signature.data(), "BROKEN", 6);
2358 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2361 CKM::RawBuffer(message.begin(), message.end()),
2365 "Error=" << CKM::ErrorToString(temp));
2368 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2371 auto manager = CKM::Manager::create();
2372 std::string message = "message asdfaslkdfjlksadjf test";
2374 CKM::Alias aliasPub = "pub_nohash1";
2375 CKM::Alias aliasPrv = "prv_nohash1";
2377 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2378 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2379 CKM::RawBuffer signature;
2382 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2385 CKM::RawBuffer(message.begin(), message.end()),
2389 "Error=" << CKM::ErrorToString(temp));
2392 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2395 auto manager = CKM::Manager::create();
2396 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2397 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2398 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2399 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2400 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2401 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2402 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2403 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2404 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2405 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2406 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2407 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2408 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2409 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2410 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2411 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2412 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2413 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2414 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2415 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2417 CKM::Alias aliasPub = "pub_nohash1";
2418 CKM::Alias aliasPrv = "prv_nohash1";
2420 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2421 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2422 CKM::RawBuffer signature;
2425 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2428 CKM::RawBuffer(message.begin(), message.end()),
2432 "Error=" << CKM::ErrorToString(temp));
2436 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2439 auto manager = CKM::Manager::create();
2441 std::string message = "message test";
2443 CKM::Alias aliasPub = "ecpub_nohash1";
2444 CKM::Alias aliasPrv = "ecprv_nohash1";
2445 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2446 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2447 CKM::RawBuffer signature;
2450 CKM_API_SUCCESS == (temp = manager->createSignature(
2453 CKM::RawBuffer(message.begin(), message.end()),
2457 "Error=" << CKM::ErrorToString(temp));
2460 CKM_API_SUCCESS == (temp = manager->verifySignature(
2463 CKM::RawBuffer(message.begin(), message.end()),
2467 "Error=" << CKM::ErrorToString(temp));
2469 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2471 memcpy((void*)signature.data(), "BROKEN", 6);
2474 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2477 CKM::RawBuffer(message.begin(), message.end()),
2481 "Error=" << CKM::ErrorToString(temp));
2484 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2487 auto manager = CKM::Manager::create();
2489 int msgSize = 1024*1024;
2490 char big_msg[msgSize];
2491 for(int i =0; i<msgSize-1; i++) {
2494 big_msg[msgSize-1]=0x00;
2495 std::string message(big_msg);
2497 CKM::Alias aliasPub = "ecpub_nohash1";
2498 CKM::Alias aliasPrv = "ecprv_nohash1";
2499 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2500 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2501 CKM::RawBuffer signature;
2504 CKM_API_SUCCESS == (temp = manager->createSignature(
2507 CKM::RawBuffer(message.begin(), message.end()),
2511 "Error=" << CKM::ErrorToString(temp));
2515 RUNNER_TEST(T14189_deinit)
2518 auto control = CKM::Control::create();
2521 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2522 "Error=" << CKM::ErrorToString(temp));
2524 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2525 "Error=" << CKM::ErrorToString(temp));
2529 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2531 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2534 AccessProvider ap("my-label");
2535 ap.allowAPI("key-manager::api-control", "rw");
2536 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2538 auto control = CKM::Control::create();
2540 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2541 "Error=" << CKM::ErrorToString(tmp));
2544 RUNNER_CHILD_TEST(T1511_insert_data)
2546 AccessProvider ap("my-label");
2547 ap.allowAPI("key-manager::api-storage", "rw");
2548 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2550 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2551 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2552 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2553 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2554 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2555 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2556 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2557 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2558 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2559 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2560 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2561 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2562 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2563 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2564 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2565 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2566 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2567 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2568 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2569 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2570 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2571 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2572 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2573 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2574 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2575 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2576 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2577 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2578 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2579 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2580 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2581 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2583 "-----END CERTIFICATE-----\n";
2586 "-----BEGIN CERTIFICATE-----\n"
2587 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
2588 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2589 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
2590 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
2591 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
2592 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
2593 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
2594 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
2595 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
2596 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
2597 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
2598 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
2599 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
2600 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
2601 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
2602 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
2603 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
2604 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
2605 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
2606 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
2607 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
2608 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
2609 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
2610 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
2611 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
2612 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
2613 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
2614 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
2615 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
2616 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
2617 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
2618 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
2619 "-----END CERTIFICATE-----\n";
2621 auto manager = CKM::Manager::create();
2622 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2623 auto certim = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2625 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2626 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2629 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2630 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2633 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2634 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2637 RUNNER_CHILD_TEST(T1519_deinit)
2640 AccessProvider ap("my-label");
2641 ap.allowAPI("key-manager::api-control", "rw");
2642 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2644 auto control = CKM::Control::create();
2646 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2647 "Error=" << CKM::ErrorToString(tmp));
2651 RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
2653 RUNNER_CHILD_TEST(T1610_init_lock_key)
2656 AccessProvider ap("my-label");
2657 ap.allowAPI("key-manager::api-control", "rw");
2658 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2660 auto control = CKM::Control::create();
2662 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
2663 "Error=" << CKM::ErrorToString(tmp));
2665 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2666 "Error=" << CKM::ErrorToString(tmp));
2669 RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
2671 AccessProvider ap("my-label");
2672 ap.allowAPI("key-manager::api-storage", "rw");
2673 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2676 auto manager = CKM::Manager::create();
2678 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2679 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2680 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2681 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2682 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2683 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2684 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2686 "-----END PUBLIC KEY-----";
2688 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2689 auto key = CKM::Key::create(buffer, CKM::Password());
2691 CKM::Alias alias = "mykey_defpasswd";
2694 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
2695 "Error=" << CKM::ErrorToString(temp));
2697 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
2698 "Error=" << CKM::ErrorToString(temp));
2700 key->getDER() == key2->getDER(),
2701 "Key value has been changed by service");
2703 std::string invalid_address = aliasWithLabel("i-do-not-exist", alias.c_str());
2705 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
2706 "Error=" << CKM::ErrorToString(temp));
2708 CKM_API_SUCCESS == (temp = manager->removeAlias(alias)),
2709 "Error=" << CKM::ErrorToString(temp));
2712 RUNNER_CHILD_TEST(T1612_init_change_user_password)
2715 AccessProvider ap("my-label");
2716 ap.allowAPI("key-manager::api-control", "rw");
2717 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2719 auto control = CKM::Control::create();
2721 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
2722 "Error=" << CKM::ErrorToString(tmp));
2723 // confirm changed password
2725 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_APP,"user-pass")),
2726 CKM::ErrorToString(tmp));
2728 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2729 CKM::ErrorToString(tmp));
2732 RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
2734 AccessProvider ap("my-label");
2735 ap.allowAPI("key-manager::api-storage", "rw");
2736 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2739 auto manager = CKM::Manager::create();
2741 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2742 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2743 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2744 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2745 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2746 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2747 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2749 "-----END PUBLIC KEY-----";
2751 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2752 auto key = CKM::Key::create(buffer, CKM::Password());
2754 CKM::Alias alias = "mykey_defpasswd";
2757 CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
2758 "Error=" << CKM::ErrorToString(temp));
2760 CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
2761 "Error=" << CKM::ErrorToString(temp));
2763 CKM_API_ERROR_DB_LOCKED == (temp = manager->removeAlias(alias)),
2764 "Error=" << CKM::ErrorToString(temp));
2767 RUNNER_CHILD_TEST(T1619_deinit)
2769 AccessProvider ap("my-label");
2770 ap.allowAPI("key-manager::api-control", "rw");
2771 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2774 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2776 RUNNER_TEST(T1701_init_unlock_key)
2779 auto control = CKM::Control::create();
2781 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2782 "Error=" << CKM::ErrorToString(tmp));
2785 RUNNER_CHILD_TEST(T1702_insert_data)
2788 AccessProvider ap("t170-special-label");
2789 ap.allowAPI("key-manager::api-storage", "rw");
2790 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2792 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2793 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2794 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2795 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2796 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2797 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2798 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2799 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2800 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2801 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2802 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2803 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2804 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2805 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2806 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2807 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2808 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2809 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2810 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2811 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2812 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2813 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2814 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2815 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2816 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2817 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2818 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2819 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2820 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2821 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2822 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2823 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2825 "-----END CERTIFICATE-----\n";
2827 auto manager = CKM::Manager::create();
2828 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2830 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2833 CKM_API_SUCCESS == status1,
2834 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2836 CKM::AliasVector av;
2838 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2839 "Error=" << CKM::ErrorToString(temp));
2841 1 == (temp = av.size()),
2842 "Vector size: " << temp << ". Expected: 1");
2845 RUNNER_TEST(T1703_removeApplicationData)
2848 auto control = CKM::Control::create();
2850 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2851 "Error=" << CKM::ErrorToString(tmp));
2854 RUNNER_CHILD_TEST(T1704_data_test)
2857 AccessProvider ap("t170-special-label");
2858 ap.allowAPI("key-manager::api-storage", "rw");
2859 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2861 CKM::AliasVector av;
2862 auto manager = CKM::Manager::create();
2865 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2866 "Error=" << CKM::ErrorToString(temp));
2868 0 == (temp = av.size()),
2869 "Vector size: " << temp << ". Expected: 0");
2872 RUNNER_TEST(T1705_deinit)
2876 auto control = CKM::Control::create();
2878 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2879 "Error=" << CKM::ErrorToString(tmp));
2881 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2882 "Error=" << CKM::ErrorToString(tmp));
2885 RUNNER_TEST(T17101_init)
2889 auto control = CKM::Control::create();
2891 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2892 "Error=" << CKM::ErrorToString(tmp));
2894 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2895 "Error=" << CKM::ErrorToString(tmp));
2897 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2898 "Error=" << CKM::ErrorToString(tmp));
2901 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2902 "Error=" << CKM::ErrorToString(tmp));
2904 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2905 "Error=" << CKM::ErrorToString(tmp));
2907 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2908 "Error=" << CKM::ErrorToString(tmp));
2911 RUNNER_CHILD_TEST(T17102_prep_data_01)
2914 AccessProvider ap("t1706-special-label");
2915 ap.allowAPI("key-manager::api-storage", "rw");
2916 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2918 CKM::AliasVector av;
2919 auto manager = CKM::Manager::create();
2921 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2923 CKM::RawBuffer buffer(data.begin(), data.end());
2924 CKM::Policy exportable(CKM::Password(), true);
2927 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2928 "Error=" << CKM::ErrorToString(temp));
2931 RUNNER_CHILD_TEST(T17103_prep_data_02)
2934 AccessProvider ap("t1706-special-label2");
2935 ap.allowAPI("key-manager::api-storage", "rw");
2936 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2938 CKM::AliasVector av;
2939 auto manager = CKM::Manager::create();
2941 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2943 CKM::RawBuffer buffer(data.begin(), data.end());
2944 CKM::Policy exportable(CKM::Password(), true);
2947 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2948 "Error=" << CKM::ErrorToString(temp));
2951 RUNNER_CHILD_TEST(T17104_prep_data_03)
2954 AccessProvider ap("t1706-special-label");
2955 ap.allowAPI("key-manager::api-storage", "rw");
2956 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2958 CKM::AliasVector av;
2959 auto manager = CKM::Manager::create();
2961 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2963 CKM::RawBuffer buffer(data.begin(), data.end());
2964 CKM::Policy exportable(CKM::Password(), true);
2967 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2968 "Error=" << CKM::ErrorToString(temp));
2971 RUNNER_CHILD_TEST(T17105_prep_data_04)
2974 AccessProvider ap("t1706-special-label2");
2975 ap.allowAPI("key-manager::api-storage", "rw");
2976 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2978 CKM::AliasVector av;
2979 auto manager = CKM::Manager::create();
2981 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2983 CKM::RawBuffer buffer(data.begin(), data.end());
2984 CKM::Policy exportable(CKM::Password(), true);
2987 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2988 "Error=" << CKM::ErrorToString(temp));
2991 RUNNER_TEST(T17106_remove_application)
2995 auto control = CKM::Control::create();
2997 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2998 "Error=" << CKM::ErrorToString(tmp));
3000 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
3001 "Error=" << CKM::ErrorToString(tmp));
3004 RUNNER_CHILD_TEST(T17107_check_data_01)
3007 AccessProvider ap("t1706-special-label");
3008 ap.allowAPI("key-manager::api-storage", "rw");
3009 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3011 CKM::AliasVector av;
3012 auto manager = CKM::Manager::create();
3015 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3016 "Error=" << CKM::ErrorToString(temp));
3018 0 == (temp = av.size()),
3019 "Vector size: " << temp << ". Expected: 0");
3022 RUNNER_CHILD_TEST(T17108_check_data_02)
3025 AccessProvider ap("t1706-special-label2");
3026 ap.allowAPI("key-manager::api-storage", "rw");
3027 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3029 CKM::AliasVector av;
3030 auto manager = CKM::Manager::create();
3033 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3034 "Error=" << CKM::ErrorToString(temp));
3036 1 == (temp = av.size()),
3037 "Vector size: " << temp << ". Expected: 1");
3040 RUNNER_TEST(T17109_unlock_user2)
3044 auto control = CKM::Control::create();
3046 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
3047 "Error=" << CKM::ErrorToString(tmp));
3050 RUNNER_CHILD_TEST(T17110_check_data_03)
3053 AccessProvider ap("t1706-special-label");
3054 ap.allowAPI("key-manager::api-storage", "rw");
3055 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3057 CKM::AliasVector av;
3058 auto manager = CKM::Manager::create();
3061 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3062 "Error=" << CKM::ErrorToString(temp));
3064 0 == (temp = av.size()),
3065 "Vector size: " << temp << ". Expected: 0");
3068 RUNNER_CHILD_TEST(T17111_check_data_04)
3071 AccessProvider ap("t1706-special-label2");
3072 ap.allowAPI("key-manager::api-storage", "rw");
3073 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3075 CKM::AliasVector av;
3076 auto manager = CKM::Manager::create();
3079 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3080 "Error=" << CKM::ErrorToString(temp));
3082 1 == (temp = av.size()),
3083 "Vector size: " << temp << ". Expected: 1");
3086 RUNNER_TEST(T17112_deinit)
3090 auto control = CKM::Control::create();
3092 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
3093 "Error=" << CKM::ErrorToString(tmp));
3095 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
3096 "Error=" << CKM::ErrorToString(tmp));
3099 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3100 "Error=" << CKM::ErrorToString(tmp));
3102 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
3103 "Error=" << CKM::ErrorToString(tmp));
3106 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
3110 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
3111 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
3112 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
3113 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
3114 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
3117 RUNNER_TEST(T1800_init) {
3119 auto control = CKM::Control::create();
3121 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
3122 "Error=" << CKM::ErrorToString(temp));
3124 auto manager = CKM::Manager::create();
3125 manager->removeAlias(alias_PKCS_collision);
3126 manager->removeAlias(alias_PKCS_exportable);
3127 manager->removeAlias(alias_PKCS_not_exportable);
3128 manager->removeAlias(alias_PKCS_priv_key_copy);
3129 manager->removeAlias(alias_PKCS_priv_key_wrong);
3132 RUNNER_TEST(T1801_parse_PKCS12) {
3133 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3134 std::istreambuf_iterator<char> begin(is), end;
3135 std::vector<char> buff(begin, end);
3137 CKM::RawBuffer buffer(buff.size());
3138 memcpy(buffer.data(), buff.data(), buff.size());
3140 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3143 "Error in PKCS12::create()");
3145 auto cert = pkcs->getCertificate();
3148 "Error in PKCS12::getCertificate()");
3150 auto key = pkcs->getKey();
3153 "Error in PKCS12::getKey()");
3155 auto caVector = pkcs->getCaCertificateShPtrVector();
3157 0 == caVector.size(),
3158 "Wrong size of vector");
3161 RUNNER_TEST(T1802_negative_wrong_password) {
3162 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3163 std::istreambuf_iterator<char> begin(is), end;
3164 std::vector<char> buff(begin, end);
3166 CKM::RawBuffer buffer(buff.size());
3167 memcpy(buffer.data(), buff.data(), buff.size());
3169 auto pkcs = CKM::PKCS12::create(buffer, "error");
3172 "Expected error in PKCS12::create()");
3175 RUNNER_TEST(T1803_negative_broken_buffer) {
3176 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3177 std::istreambuf_iterator<char> begin(is), end;
3178 std::vector<char> buff(begin, end);
3180 CKM::RawBuffer buffer(buff.size());
3181 memcpy(buffer.data(), buff.data(), buff.size());
3183 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
3186 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3189 "Expected error in PKCS12::create()");
3192 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
3194 auto manager = CKM::Manager::create();
3195 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3196 std::istreambuf_iterator<char> begin(is), end;
3197 std::vector<char> buff(begin, end);
3199 CKM::RawBuffer buffer(buff.size());
3200 memcpy(buffer.data(), buff.data(), buff.size());
3202 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3205 "Error in PKCS12::create()");
3208 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3209 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3210 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3211 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3212 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3213 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3214 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3215 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3216 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3217 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3218 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3219 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3220 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3221 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3222 "-----END RSA PRIVATE KEY-----\n";
3224 std::string message = "message test";
3226 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3227 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3228 "Key is empty. Failed to import private key.");
3232 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
3233 "Error=" << CKM::ErrorToString(temp));
3236 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
3237 "Error=" << CKM::ErrorToString(temp));
3240 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
3242 auto manager = CKM::Manager::create();
3243 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3244 std::istreambuf_iterator<char> begin(is), end;
3245 std::vector<char> buff(begin, end);
3247 CKM::RawBuffer buffer(buff.size());
3248 memcpy(buffer.data(), buff.data(), buff.size());
3250 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3253 "Error in PKCS12::create()");
3255 auto cert = pkcs->getCertificate();
3258 "Error in PKCS12::getCertificate()");
3260 auto key = pkcs->getKey();
3263 "Error in PKCS12::getKey()");
3265 auto caVector = pkcs->getCaCertificateShPtrVector();
3267 2 == caVector.size(),
3268 "Wrong size of vector");
3272 CKM::Policy exportable;
3273 CKM::Policy notExportable(CKM::Password(), false);
3276 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3277 "Error=" << CKM::ErrorToString(tmp));
3279 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3280 "Error=" << CKM::ErrorToString(tmp));
3282 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3283 "Error=" << CKM::ErrorToString(tmp));
3285 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3286 "Error=" << CKM::ErrorToString(tmp));
3288 // try to lookup key
3289 CKM::KeyShPtr key_lookup;
3291 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3292 "Error=" << CKM::ErrorToString(tmp));
3294 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3295 "Error=" << CKM::ErrorToString(tmp));
3297 // try to lookup certificate
3298 CKM::CertificateShPtr cert_lookup;
3300 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3301 "Error=" << CKM::ErrorToString(tmp));
3303 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3304 "Error=" << CKM::ErrorToString(tmp));
3307 RUNNER_TEST(T1806_get_PKCS)
3310 auto manager = CKM::Manager::create();
3312 CKM::PKCS12ShPtr pkcs;
3316 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
3317 "Error=" << CKM::ErrorToString(temp));
3319 // fail - not exportable
3321 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
3322 "Error=" << CKM::ErrorToString(temp));
3324 // success - exportable
3326 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3327 "Error=" << CKM::ErrorToString(temp));
3329 auto cert = pkcs->getCertificate();
3332 "Error in PKCS12::getCertificate()");
3334 auto key = pkcs->getKey();
3337 "Error in PKCS12::getKey()");
3339 auto caVector = pkcs->getCaCertificateShPtrVector();
3341 2 == caVector.size(),
3342 "Wrong size of vector");
3345 RUNNER_TEST(T1807_create_and_verify_signature)
3348 auto manager = CKM::Manager::create();
3350 std::string message = "message test";
3352 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3353 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3354 CKM::RawBuffer signature;
3357 CKM_API_SUCCESS == (temp = manager->createSignature(
3358 alias_PKCS_exportable,
3360 CKM::RawBuffer(message.begin(), message.end()),
3364 "Error=" << CKM::ErrorToString(temp));
3367 CKM_API_SUCCESS == (temp = manager->verifySignature(
3368 alias_PKCS_exportable,
3370 CKM::RawBuffer(message.begin(), message.end()),
3374 "Error=" << CKM::ErrorToString(temp));
3377 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3380 auto manager = CKM::Manager::create();
3382 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3383 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3384 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3385 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3386 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3387 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3388 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3389 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3390 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3391 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3392 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3393 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3394 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3395 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3396 "-----END RSA PRIVATE KEY-----";
3397 std::string message = "message test";
3399 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3400 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3401 "Key is empty. Failed to import private key.");
3404 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3405 "Error=" << CKM::ErrorToString(temp));
3407 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3408 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3409 CKM::RawBuffer signature;
3412 CKM_API_SUCCESS == (temp = manager->createSignature(
3413 alias_PKCS_priv_key_copy,
3415 CKM::RawBuffer(message.begin(), message.end()),
3419 "Error=" << CKM::ErrorToString(temp));
3422 CKM_API_SUCCESS == (temp = manager->verifySignature(
3423 alias_PKCS_exportable,
3425 CKM::RawBuffer(message.begin(), message.end()),
3429 "Error=" << CKM::ErrorToString(temp));
3432 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3435 auto manager = CKM::Manager::create();
3437 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3438 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3439 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3440 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3441 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3442 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3443 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3444 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3445 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3446 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3447 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3448 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3449 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3450 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3451 "-----END RSA PRIVATE KEY-----\n";
3453 std::string message = "message test";
3455 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3456 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3457 "Key is empty. Failed to import private key.");
3460 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3461 "Error=" << CKM::ErrorToString(temp));
3463 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3464 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3465 CKM::RawBuffer signature;
3468 CKM_API_SUCCESS == (temp = manager->createSignature(
3469 alias_PKCS_priv_key_wrong,
3471 CKM::RawBuffer(message.begin(), message.end()),
3475 "Error=" << CKM::ErrorToString(temp));
3478 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3479 alias_PKCS_exportable,
3481 CKM::RawBuffer(message.begin(), message.end()),
3485 "Error=" << CKM::ErrorToString(temp));
3488 // MJK TODO: to be uncommented once custom CA root can be provided to the CKM
3490 RUNNER_TEST(T1810_verify_get_certificate_chain)
3492 // this certificate has been signed using PKCS chain
3493 std::string im = "-----BEGIN CERTIFICATE-----\n"
3494 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3495 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3496 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3497 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3498 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3499 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3500 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3501 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3502 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3504 "-----END CERTIFICATE-----\n";
3506 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3507 CKM::CertificateShPtrVector certChain;
3508 CKM::AliasVector aliasVector;
3511 auto manager = CKM::Manager::create();
3513 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3516 CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
3517 "Error=" << CKM::ErrorToString(tmp));
3520 0 == certChain.size(),
3521 "Wrong size of certificate chain.");
3523 aliasVector.push_back(alias_PKCS_exportable);
3526 CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
3527 "Error=" << CKM::ErrorToString(tmp));
3530 3 == certChain.size(),
3531 "Wrong size of certificate chain.");
3534 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3536 auto manager = CKM::Manager::create();
3540 // remove the whole PKCS12 bundles
3542 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3543 "Error=" << CKM::ErrorToString(tmp));
3545 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3546 "Error=" << CKM::ErrorToString(tmp));
3548 // expect lookup fails due to unknown alias
3549 // try to lookup key
3550 CKM::KeyShPtr key_lookup;
3552 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3553 "Error=" << CKM::ErrorToString(tmp));
3555 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3556 "Error=" << CKM::ErrorToString(tmp));
3558 // try to lookup certificate
3559 CKM::CertificateShPtr cert_lookup;
3561 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3562 "Error=" << CKM::ErrorToString(tmp));
3564 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3565 "Error=" << CKM::ErrorToString(tmp));
3568 RUNNER_TEST(T1812_deinit)
3571 auto control = CKM::Control::create();
3574 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3575 "Error=" << CKM::ErrorToString(temp));
3578 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3580 RUNNER_TEST(T1901_init_unlock_key)
3583 auto control = CKM::Control::create();
3585 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3586 "Error=" << CKM::ErrorToString(tmp));
3588 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3589 "Error=" << CKM::ErrorToString(tmp));
3591 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3592 "Error=" << CKM::ErrorToString(tmp));
3595 RUNNER_TEST(T1902_get_data)
3597 auto manager = CKM::Manager::create();
3600 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3603 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3604 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3607 RUNNER_TEST(T1903_lock_database)
3610 auto control = CKM::Control::create();
3612 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3613 "Error=" << CKM::ErrorToString(tmp));
3616 RUNNER_TEST(T1904_get_data_from_locked_database)
3618 auto manager = CKM::Manager::create();
3621 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3624 CKM_API_ERROR_DB_LOCKED == status1,
3625 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3628 RUNNER_TEST(T1905_deinit)
3631 auto control = CKM::Control::create();
3633 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3634 "Error=" << CKM::ErrorToString(tmp));
3637 int main(int argc, char *argv[])
3639 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3640 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob