#include <ckm-common.h>
#include <string>
+#include <fstream>
#include <string.h>
#include <stdio.h>
#include <stddef.h>
#include <stdlib.h>
-static const int USER_APP = 5000;
-static const int GROUP_APP = 5000;
-
namespace {
-
-typedef enum {
- ALIAS_KEY,
- ALIAS_CERT,
- ALIAS_DATA
-} alias_type_;
-
+const int USER_APP = 5000;
+const int GROUP_APP = 5000;
const char* USER_PASS = "user-pass";
+const char *const TEST_OBJECT1 = "OBJECT1";
+const std::string TEST_ALIAS1 = aliasWithLabel(TEST_LABEL,TEST_OBJECT1);
+const char* TEST_SYSTEM_ALIAS = "system-alias-1";
+const char* TEST_DATA = "ABCD";
+} // namespace anonymous
-int count_aliases(alias_type_ type, int minimum_initial_element_count = 0)
-{
- ckmc_alias_list_s *aliasList = NULL;
- int ec;
- switch(type)
- {
- case ALIAS_KEY:
- ec = ckmc_get_key_alias_list(&aliasList);
- break;
- case ALIAS_CERT:
- ec = ckmc_get_cert_alias_list(&aliasList);
- break;
+RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
- case ALIAS_DATA:
- ec = ckmc_get_data_alias_list(&aliasList);
- break;
- }
- if(ec == CKMC_ERROR_DB_ALIAS_UNKNOWN)
- return 0;
- else if(ec==0)
- {
- ckmc_alias_list_s *plist = aliasList;
- int return_count = 0;
- while(plist)
- {
- plist = plist->next;
- return_count ++;
- }
- ckmc_alias_list_all_free(aliasList);
+RUNNER_TEST(T3010_Control_C_API_service_unlock_DB)
+{
+ int temp;
- RUNNER_ASSERT_MSG(
- return_count >= minimum_initial_element_count,
- "Error: alias list failed, current element count: " << return_count <<
- " while expected minimal count of " << minimum_initial_element_count <<
- " elements");
+ RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ CKMCReadableError(temp));
- return return_count;
- }
- else
- {
- // error - fail
- RUNNER_ASSERT_MSG(
- ec >= 0,
- "Error: alias list failed, ec: " << CKMCErrorToString(ec));
- }
+ RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(4999)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(4999)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(4999, "test-pass")),
+ CKMCReadableError(temp));
- return ec;
+ remove_user_data(5000);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(5000)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(5000)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(5000, "test-pass")),
+ CKMCReadableError(temp));
}
-} // namespace anonymous
-
-
-RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
-
RUNNER_TEST(T3011_Control_C_API)
{
int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
CKMCReadableError(temp));
}
{
int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
}
{
int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
CKMCReadableError(temp));
}
RUNNER_TEST(T3014_Control_C_API)
{
int temp;
- const uid_t UNIQUE_USER = 15;
-
- // clean up environment
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
- CKMCReadableError(temp));
- // unlock with default password
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
- CKMCReadableError(temp));
+ const uid_t UNIQUE_USER = 6500;
+
+ // clean up environment
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
+ CKMCReadableError(temp));
+ // unlock with empty password
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
+ CKMCReadableError(temp));
// reset password (NULL, "simple-password")
RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
CKMCReadableError(temp));
// try to reset password when db locked
RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
CKMCReadableError(temp));
- // clean up environment
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
- CKMCReadableError(temp));
+ // clean up environment
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
+ CKMCReadableError(temp));
}
RUNNER_TEST(T3015_Control_C_API)
int temp;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(20, "test-pass")),
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_change_user_password(20, "test-pass", "new-pass")),
+ CKMC_ERROR_NONE == (temp = ckmc_change_user_password(USER_APP, "simple-password", "new-pass")),
CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
CKMCReadableError(temp));
}
int temp;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3017_Control_C_API_remove_system_DB)
+{
+ save_data(sharedDatabase(TEST_SYSTEM_ALIAS).c_str(), TEST_DATA);
+
+ // [test] - expect success
+ check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA);
+
+ // remove user data - expect to map to the system DB
+ int temp;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(1234)),
CKMCReadableError(temp));
+
+ // [test] - expect fail
+ check_read(TEST_SYSTEM_ALIAS, ckmc_owner_id_system, TEST_DATA, CKMC_ERROR_DB_ALIAS_UNKNOWN);
}
RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
-RUNNER_TEST(T3021_init_C_API)
+RUNNER_TEST(T30201_init_C_API)
{
int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- CKMCReadableError(temp));
+ remove_user_data(0);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
CKMCReadableError(temp));
}
-RUNNER_TEST(T3022_key_C_API)
+RUNNER_TEST(T30202_RSA_key_C_API)
{
int temp;
ckmc_policy_s test_policy;
char* password = NULL;
- const char *alias = "mykey";
+ CKM::Alias alias = sharedDatabase("mykey");
std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
test_key2 = &test_key;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), test_key, test_policy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
CKMCReadableError(temp));
}
-RUNNER_TEST(T3023_certificate_C_API)
+RUNNER_TEST(T30203_AES_key_C_API)
+{
+ int temp;
+ CKM::Alias alias = sharedDatabase("my_AES_key");
+ size_t key_length = 192;
+
+ ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
+ ckmc_key_s *test_key2;
+ ckmc_policy_s test_policy;
+ test_policy.password = NULL;
+ test_policy.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), NULL, &test_key2)),
+ CKMCReadableError(temp));
+
+ compare_AES_keys(test_key, test_key2);
+ ckmc_key_free(test_key);
+ ckmc_key_free(test_key2);
+}
+
+RUNNER_TEST(T30204_certificate_C_API)
{
int temp;
ckmc_cert_s *cert2;
ckmc_cert_s cert;
- const char *alias = "test-cert-1-RSA";
+ CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
ckmc_policy_s test_policy;
test_policy.password = password;
cert.data_format = CKMC_FORM_PEM;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
CKMCReadableError(temp));
ckmc_cert_free(cert2);
}
-RUNNER_TEST(T3024_certificate_remove_C_API)
+RUNNER_TEST(T30205_certificate_remove_C_API)
{
int temp;
char* password = NULL;
ckmc_cert_s *cert2;
- const char *alias = "test-cert-1-RSA";
+ CKM::Alias alias = sharedDatabase("test-cert-1-RSA");
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
CKMCReadableError(temp));
ckmc_cert_free(cert2);
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias)),
+ CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias.c_str())),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
CKMCReadableError(temp));
}
-RUNNER_TEST(T3025_certificate_list_C_API)
+RUNNER_TEST(T30206_certificate_list_C_API)
{
int temp;
cert.cert_size = certPem.length();
cert.data_format = CKMC_FORM_PEM;
- int current_aliases_num = count_aliases(ALIAS_CERT);
+ size_t current_aliases_num = count_aliases(ALIAS_CERT);
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test1").c_str(), cert, test_policy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test2").c_str(), cert, test_policy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(sharedDatabase("cert_test3").c_str(), cert, test_policy)),
CKMCReadableError(temp));
+ size_t actual_cnt = count_aliases(ALIAS_CERT);
RUNNER_ASSERT_MSG(
- (current_aliases_num+3) == (temp = count_aliases(ALIAS_CERT)),
- "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+ (current_aliases_num+3) == actual_cnt,
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
}
-RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
+RUNNER_CHILD_TEST(T30207_user_app_save_RSA_key_C_API)
{
- ScopedAccessProvider ap("mylabel");
+ ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
// RUNNER_ASSERT_MSG(
// key.getDER() == key2.getDER(), "Key value has been changed by service");
+
+ delete [] char_keypem;
+}
+
+RUNNER_CHILD_TEST(T30208_user_app_save_AES_key_C_API)
+{
+ AccessProvider ap(TEST_LABEL);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ const char* password = NULL;
+ size_t key_length = 192;
+ CKM::Alias alias = "my_AES_key";
+
+ ckmc_key_s *test_key = generate_AES_key(key_length, password);
+ ckmc_key_s *test_key2;
+ ckmc_policy_s test_policy;
+ test_policy.password = const_cast<char *>(password);
+ test_policy.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
+ CKMCReadableError(temp));
+
+ compare_AES_keys(test_key, test_key2);
+ ckmc_key_free(test_key);
+ ckmc_key_free(test_key2);
}
-RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
+RUNNER_CHILD_TEST(T30209_user_app_save_AES_key_passwd_C_API)
{
- ScopedAccessProvider ap("mylabel");
+ AccessProvider ap(TEST_LABEL);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ const char* password = "x";
+ size_t key_length = 192;
+ CKM::Alias alias = "my_AES_key-2";
+
+ ckmc_key_s *test_key = generate_AES_key(key_length, password);
+ ckmc_policy_s test_policy;
+ test_policy.password = const_cast<char *>(password);
+ test_policy.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+ CKMCReadableError(temp));
+ ckmc_key_free(test_key);
+}
+
+RUNNER_CHILD_TEST(T30210_app_user_save_RSA_keys_exportable_flag)
+{
+ ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
test_key.raw_key = (unsigned char *)char_keypem;
test_key.key_size = keyPem.length();
test_key.key_type = CKMC_KEY_RSA_PUBLIC;
- test_key.password = password;
+ test_key.password = NULL;
test_policy.password = password;
test_policy.extractable = 0;
CKMCReadableError(temp));
}
+RUNNER_CHILD_TEST(T30211_app_user_save_AES_keys_exportable_flag)
+{
+ AccessProvider ap(TEST_LABEL);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
+ int temp;
+ const char* password = NULL;
+ size_t key_length = 256;
+ CKM::Alias alias = "my_AES_key-3";
+
+ ckmc_key_s *test_key = generate_AES_key(key_length, password);
+ ckmc_key_s *test_key2;
+ ckmc_policy_s test_policy;
+ test_policy.password = const_cast<char *>(password);
+ test_policy.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
+ CKMCReadableError(temp));
+ ckmc_key_free(test_key);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T30212_certificate_with_DSA_key_C_API)
{
int temp;
cert.cert_size = certPem.length();
cert.data_format = CKMC_FORM_PEM;
- const char *alias = "test-cert-1-DSA";
+ CKM::Alias alias = sharedDatabase("test-cert-1-DSA");
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
CKMCReadableError(temp));
ckmc_cert_free(cert2);
}
-RUNNER_TEST(T3029_deinit_C_API)
+RUNNER_TEST(T30213_deinit_C_API)
{
int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
+ remove_user_data(0);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
{
int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
- CKMCReadableError(temp));
+ remove_user_data(0);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
CKMCReadableError(temp));
}
-RUNNER_TEST(T3032_save_keys_get_alias_C_API)
+RUNNER_TEST(T3032_save_asymmetric_keys_get_alias_C_API)
{
int temp;
test_policy3.password = password;
test_policy3.extractable = 0;
- int current_aliases_num = count_aliases(ALIAS_KEY);
+ size_t current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey1").c_str(), test_key, test_policy1)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey2").c_str(), test_key, test_policy2)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("rootkey3").c_str(), test_key, test_policy3)),
CKMCReadableError(temp));
+ size_t actual_cnt = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
- (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
- "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+ (current_aliases_num+3) == actual_cnt,
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
}
-RUNNER_TEST(T3033_remove_key_C_API)
+RUNNER_TEST(T3033_remove_asymmetric_key_C_API)
{
int temp;
ckmc_key_s *test_key2;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
+ CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("rootkey1").c_str())),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
+ CKMC_ERROR_NONE != (temp = ckmc_get_key(sharedDatabase("rootkey1").c_str(), password, &test_key2)),
CKMCReadableError(temp));
}
-RUNNER_TEST(T3034_deinit_C_API)
+RUNNER_TEST(T3034_save_symmetric_keys_get_alias_C_API)
{
int temp;
+ size_t key_length = 128;
+ ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
+ ckmc_policy_s test_policy1, test_policy2, test_policy3;
+ test_policy1.password = NULL;
+ test_policy1.extractable = 1;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ test_policy2.password = NULL;
+ test_policy2.extractable = 1;
+
+ test_policy3.password = NULL;
+ test_policy3.extractable = 1;
+
+ int current_aliases_num = count_aliases(ALIAS_KEY);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key1").c_str(), *test_key, test_policy1)),
CKMCReadableError(temp));
+
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key2").c_str(), *test_key, test_policy2)),
CKMCReadableError(temp));
+
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(sharedDatabase("AES_key3").c_str(), *test_key, test_policy3)),
CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+
+ ckmc_key_free(test_key);
}
-RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
-RUNNER_TEST(T3041_init_C_API)
+RUNNER_TEST(T3035_remove_symmetric_key_C_API)
{
int temp;
+
+ ckmc_key_s *test_key2;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key1").c_str(), NULL, &test_key2)),
CKMCReadableError(temp));
+ validate_AES_key(test_key2);
+ ckmc_key_free(test_key2);
+
+ // actual test - remove middle item
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
+ CKMC_ERROR_NONE == (temp = ckmc_remove_key(sharedDatabase("AES_key2").c_str())),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(sharedDatabase("AES_key2").c_str(), NULL, &test_key2)),
CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(sharedDatabase("AES_key3").c_str(), NULL, &test_key2)),
+ CKMCReadableError(temp));
+ validate_AES_key(test_key2);
+ ckmc_key_free(test_key2);
+
+}
+
+RUNNER_TEST(T3036_deinit_C_API)
+{
+ int temp;
+
+ remove_user_data(0);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
+
+RUNNER_TEST(T3041_init_C_API)
+{
+ remove_user_data(0);
+ reset_user_data(USER_APP, "simple-password");
}
RUNNER_TEST(T3042_save_get_bin_data_C_API)
test_policy3.password = password;
test_policy3.extractable = 0;
- int current_aliases_num = count_aliases(ALIAS_DATA);
+ size_t current_aliases_num = count_aliases(ALIAS_DATA);
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
+ CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data1").c_str(), testData1, test_policy1)), // should change it as null value
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
+ CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data2").c_str(), testData2, test_policy1)), // should change it as null value
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_data(sharedDatabase("data3").c_str(), testData3, test_policy2)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
+ CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data(sharedDatabase("data4").c_str(), testData3, test_policy3)),
CKMCReadableError(temp));
+ size_t actual_cnt = count_aliases(ALIAS_DATA);
RUNNER_ASSERT_MSG(
- (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
- "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+ (current_aliases_num+3) == actual_cnt,
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
ckmc_raw_buffer_s *testData4;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData4)),
CKMCReadableError(temp));
int compareResult;
RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
{
- ScopedAccessProvider ap("mylabel");
+ ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
std::string binData = "My bin data";
- int current_aliases_num = count_aliases(ALIAS_DATA);
+ size_t current_aliases_num = count_aliases(ALIAS_DATA);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
CKMCReadableError(temp));
+ size_t actual_cnt = count_aliases(ALIAS_DATA);
RUNNER_ASSERT_MSG(
- (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
- "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+ (current_aliases_num+3) == actual_cnt,
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
}
RUNNER_TEST(T3044_remove_bin_data_C_API)
{
int temp;
- int current_aliases_num = count_aliases(ALIAS_DATA, 2);
+ size_t current_aliases_num = count_aliases(ALIAS_DATA, 2);
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
+ CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data1").c_str())),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
+ CKMC_ERROR_NONE == (temp = ckmc_remove_data(sharedDatabase("data3").c_str())),
CKMCReadableError(temp));
+ size_t actual_cnt = count_aliases(ALIAS_DATA);
RUNNER_ASSERT_MSG(
- (current_aliases_num-2) == (temp = count_aliases(ALIAS_DATA)),
- "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << temp);
+ (current_aliases_num-2) == actual_cnt,
+ "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << actual_cnt);
char* password = NULL;
CKM::RawBuffer buffer;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_data(sharedDatabase("data2").c_str(), password, &testData1)),
CKMCReadableError(temp));
int compareResult;
"Data corrupted");
RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data(sharedDatabase("data3").c_str(), password, &testData1)),
CKMCReadableError(temp));
}
-RUNNER_TEST(T3045_deinit_C_API)
+RUNNER_TEST(T3045_save_big_data_C_API, RemoveDataEnv<USER_APP>)
+{
+ const size_t BIG_SIZE = 5000000;
+ ScopedAccessProvider ap(TEST_LABEL, USER_APP, GROUP_APP);
+
+ std::vector<char> big_data(BIG_SIZE);
+ std::ifstream is("/dev/urandom", std::ifstream::binary);
+ if(is)
+ is.read(big_data.data(), BIG_SIZE);
+
+ RUNNER_ASSERT_MSG(is,
+ "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
+
+ save_data(TEST_ALIAS1.c_str(), big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
+ check_read(TEST_OBJECT1, TEST_LABEL, big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
+}
+
+RUNNER_TEST(T3050_deinit_C_API)
{
int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
+ remove_user_data(0);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
CKMCReadableError(temp));
}
-RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
+RUNNER_CHILD_TEST(T3052_CAPI_create_RSA_key)
{
int temp;
- ScopedAccessProvider ap("mylabel");
+ ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
policy_public_key.extractable = 1;
- int current_aliases_num = count_aliases(ALIAS_KEY);
+ size_t current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
CKMCReadableError(temp));
+ size_t actual_cnt = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
- (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
- "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
+ (current_aliases_num+2) == actual_cnt,
+ "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
ckmc_key_s *privateKey;
RUNNER_ASSERT_MSG(
CKMCReadableError(temp));
}
-RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
+RUNNER_CHILD_TEST(T3053_CAPI_create_DSA_key)
{
int temp;
- AccessProvider ap("mylabel");
+ AccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
policy_public_key.password = NULL;
policy_public_key.extractable = 1;
- int current_aliases_num = count_aliases(ALIAS_KEY);
+ size_t current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
CKMCReadableError(temp));
+ size_t actual_cnt = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
- (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
- "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
+ (current_aliases_num+2) == actual_cnt,
+ "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
ckmc_key_s *privateKey = 0;
RUNNER_ASSERT_MSG(
}
-RUNNER_TEST(T3054_CAPI_deinit)
+RUNNER_CHILD_TEST(T3054_CAPI_create_AES_key)
{
int temp;
+ size_t size = 128;
+ CKM::Alias key_alias = sharedDatabase("AES-gen-test-1");
+ ckmc_policy_s policy_key;
+
+ policy_key.password = NULL;
+ policy_key.extractable = 1;
+
+ int current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_aes(size, key_alias.c_str(), policy_key)),
CKMCReadableError(temp));
+
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ (current_aliases_num+1) == (temp = count_aliases(ALIAS_KEY)),
+ "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
+
+ ckmc_key_s *get_AES_key = 0;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(key_alias.c_str(), policy_key.password, &get_AES_key)),
CKMCReadableError(temp));
+ validate_AES_key(get_AES_key);
+ ckmc_key_free(get_AES_key);
}
-RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
-
-RUNNER_TEST(T3061_CAPI_init)
+RUNNER_TEST(T3055_CAPI_deinit)
{
int temp;
+
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
- CKMCReadableError(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
+
+RUNNER_TEST(T3061_CAPI_init)
+{
+ remove_user_data(0);
+ reset_user_data(USER_APP, USER_PASS);
}
RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
int temp;
size_t size = 1024;
- const char *private_key_alias = "rsa-test-1";
- const char *public_key_alias = "rsa-test-2";
+ CKM::Alias private_key_alias = sharedDatabase("rsa-test-1");
+ CKM::Alias public_key_alias = sharedDatabase("rsa-test-2");
ckmc_policy_s policy_private_key;
ckmc_policy_s policy_public_key;
policy_public_key.extractable = 1;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
CKMCReadableError(temp));
// on next attempt to generate keys with the same alias, expect fail (alias exists)
RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
CKMCReadableError(temp));
}
int temp;
size_t size = 1024;
- const char *private_key_alias = "dsa-test-1";
- const char *public_key_alias = "dsa-test-2";
+ CKM::Alias private_key_alias = sharedDatabase("dsa-test-1");
+ CKM::Alias public_key_alias = sharedDatabase("dsa-test-2");
ckmc_policy_s policy_private_key;
ckmc_policy_s policy_public_key;
policy_public_key.extractable = 1;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
CKMCReadableError(temp));
}
int temp;
ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
- const char *private_key_alias = "ecdsa-test-1";
- const char *public_key_alias = "ecdsa-test-2";
+ CKM::Alias private_key_alias = sharedDatabase("ecdsa-test-1");
+ CKM::Alias public_key_alias = sharedDatabase("ecdsa-test-2");
ckmc_policy_s policy_private_key;
ckmc_policy_s policy_public_key;
policy_public_key.extractable = 1;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
CKMCReadableError(temp));
}
RUNNER_TEST(T3065_CAPI_deinit)
{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
+ remove_user_data(0);
}
// TODO
//RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
-
RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
RUNNER_TEST(T3071_CAPI_init)
{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- CKMCReadableError(temp));
+ remove_user_data(0);
}
RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
{
- std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
- std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
+ std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
+ std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
ckmc_cert_s c_cert;
c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
ckmc_cert_list_s *cert_chain_list;
- int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
+ int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
- ckmc_ocsp_status_e ocsp_status;
- RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
- RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
+ ckmc_ocsp_status_e ocsp_status;
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
+ RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
}
RUNNER_TEST(T3075_CAPI_deinit)
{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
+ remove_user_data(0);
}
CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- CKMCReadableError(temp));
+ remove_user_data(0);
}
RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
- const char *pub_alias = "pub1";
- const char *pri_alias = "prv1";
+ CKM::Alias pub_alias = sharedDatabase("pub1");
+ CKM::Alias pri_alias = sharedDatabase("prv1");
const char *key_passwd = "1234";
char *pri_passwd = NULL;
char *pub_passwd = NULL;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
+ pri_alias.c_str(),
pri_passwd,
msg_buff,
hash_algo,
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
int temp;
ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
- const char *pub_alias = "pub1";
- const char *pri_alias = "prv1";
+ CKM::Alias pub_alias = sharedDatabase("pub1");
+ CKM::Alias pri_alias = sharedDatabase("prv1");
char *pri_passwd = NULL;
char *pub_passwd = NULL;
ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
+ pri_alias.c_str(),
pri_passwd,
msg_buff,
hash_algo,
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
RUNNER_ASSERT_MSG(
CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
"-----END PUBLIC KEY-----\n";
ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
- const char *pri_alias = "ecprv2";
- const char *pub_alias = "ecpub2";
+ CKM::Alias pri_alias = sharedDatabase("ecprv2");
+ CKM::Alias pub_alias = sharedDatabase("ecpub2");
char *key_passwd = NULL;
char *pri_passwd = NULL;
char *pub_passwd = NULL;
pripolicy.extractable = 0;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
+ pri_alias.c_str(),
pri_passwd,
msg_buff,
hash_algo,
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
RUNNER_ASSERT_MSG(
CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
- const char *pri_alias = "prv3";
- const char *pub_alias = "pub3";
+ CKM::Alias pri_alias = sharedDatabase("prv3");
+ CKM::Alias pub_alias = sharedDatabase("pub3");
char *key_passwd = NULL;
char *pri_passwd = NULL;
char *pub_passwd = NULL;
pripolicy.extractable = 0;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
+ pri_alias.c_str(),
pri_passwd,
msg_buff,
hash_algo,
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
RUNNER_ASSERT_MSG(
CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
- const char *pub_alias = "dsa-pub1";
- const char *pri_alias = "dsa-prv1";
+ CKM::Alias pub_alias = sharedDatabase("dsa-pub1");
+ CKM::Alias pri_alias = sharedDatabase("dsa-prv1");
char *pri_passwd = NULL;
char *pub_passwd = NULL;
ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
+ pri_alias.c_str(),
pri_passwd,
msg_buff,
hash_algo,
// positive test
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
RUNNER_ASSERT_MSG(
CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
invalid_msg_buff,
*signature,
ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
- const char *pub_alias = "dsa-pub2";
- const char *pri_alias = "dsa-prv2";
+ CKM::Alias pub_alias = sharedDatabase("dsa-pub2");
+ CKM::Alias pri_alias = sharedDatabase("dsa-prv2");
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias, pub_alias, policy_private_key, policy_public_key)),
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias.c_str(), pub_alias.c_str(), policy_private_key, policy_public_key)),
"Error=" << temp);
char *pri_passwd = NULL;
ckmc_key_s *pubkey = NULL;
ckmc_key_s *prikey = NULL;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias, 0, &prikey)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias.c_str(), 0, &prikey)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias, 0, &pubkey)),
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias.c_str(), 0, &pubkey)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
+ pri_alias.c_str(),
pri_passwd,
msg_buff,
hash_algo,
// positive test
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
RUNNER_ASSERT_MSG(
CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
invalid_msg_buff,
*signature,
ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
- const char *pri_alias = "prv4";
- const char *pub_alias = "pub4";
+ CKM::Alias pri_alias = sharedDatabase("prv4");
+ CKM::Alias pub_alias = sharedDatabase("pub4");
char *key_passwd = NULL;
char *pri_passwd = NULL;
char *pub_passwd = NULL;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
+ pri_alias.c_str(),
pri_passwd,
msg_buff,
hash_algo,
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
RUNNER_ASSERT_MSG(
CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
+ pub_alias.c_str(),
pub_passwd,
msg_buff,
*signature,
RUNNER_TEST(T3089_CAPI__deinit)
{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
+ remove_user_data(0);
}
RUNNER_TEST(T3091_CAPI_TYPE_init)
{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
- CKMCReadableError(temp));
+ remove_user_data(0);
+ reset_user_data(USER_APP, USER_PASS);
}
RUNNER_TEST(T3092_CAPI_TYPE_KEY)
RUNNER_TEST(T3094_CAPI_TYPE_CERT)
{
- std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
+ std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
unsigned int size = certPem.size();
{
int ret;
- std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
+ std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
const char *file_name = "/tmp/ckmc_test_cert.pem";
remove(file_name);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
- CKMCReadableError(ret));
+ CKMCReadableError(ret));
RUNNER_ASSERT_MSG(
pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
- const char *lcert_alias = "lcert_alias";
+ CKM::Alias lcert_alias = sharedDatabase("lcert_alias");
ckmc_policy_s policy;
policy.password = NULL;
policy.extractable = 1;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias, *pcert, policy)),
+ CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias.c_str(), *pcert, policy)),
CKMCReadableError(ret));
remove(file_name);
}
RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
- const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
+ const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
const char *password = "password";
int temp;
policy.extractable = 1;
- const char *pkey_alias = "pkey_alias";
+ CKM::Alias pkey_alias = sharedDatabase("pkey_alias");
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *private_key, policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *private_key, policy)),
CKMCReadableError(temp));
- const char *cert_alias = "cert_alias";
+ CKM::Alias cert_alias = sharedDatabase("cert_alias");
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *cert, policy)),
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *cert, policy)),
CKMCReadableError(temp));
- std::string caCertAlias = "ca_cert_alias_";
+ std::string caCertAlias = sharedDatabase("ca_cert_alias_");
const char *idx = "0";
int cnt = 0;
ckmc_cert_list_s *tmpList = ca_cert_list;
}
RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
- const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
- const char *password = "password";
+ const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
+ const char *password = "password";
- int temp;
+ int temp;
- ckmc_pkcs12_s *ppkcs12 = NULL;
+ ckmc_pkcs12_s *ppkcs12 = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
- RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
- RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
+ RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
+ RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
- ckmc_policy_s policy;
- policy.password = NULL;
- policy.extractable = 1;
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = 1;
- const char *pkey_alias = "pkey_alias2";
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *(ppkcs12->priv_key), policy)),
- CKMCReadableError(temp));
+ CKM::Alias pkey_alias = sharedDatabase("pkey_alias2");
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *(ppkcs12->priv_key), policy)),
+ CKMCReadableError(temp));
- const char *cert_alias = "cert_alias2";
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *(ppkcs12->cert), policy)),
- CKMCReadableError(temp));
- std::string caCertAlias = "ca_cert_alias_2_";
- const char *idx = "0";
- int cnt = 0;
- ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
- while(tmpList != NULL) {
- caCertAlias.append(idx);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
- CKMCReadableError(temp));
- tmpList = tmpList->next;
- cnt ++;
- }
+ CKM::Alias cert_alias = sharedDatabase("cert_alias2");
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *(ppkcs12->cert), policy)),
+ CKMCReadableError(temp));
+ std::string caCertAlias = sharedDatabase("ca_cert_alias_2_");
+ const char *idx = "0";
+ int cnt = 0;
+ ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
+ while(tmpList != NULL) {
+ caCertAlias.append(idx);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
+ CKMCReadableError(temp));
+ tmpList = tmpList->next;
+ cnt ++;
+ }
- RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
+ RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
- ckmc_pkcs12_free(ppkcs12);
+ ckmc_pkcs12_free(ppkcs12);
}
RUNNER_TEST(T3098_CAPI_TYPE_deinit)
{
int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
+ remove_user_data(0);
RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
CKMCReadableError(temp));
}
namespace
{
-const char* alias_PKCS_exportable = "CAPI-test-PKCS-export";
-const char* alias_PKCS_not_exportable = "CAPI-test-PKCS-no-export";
+CKM::Alias alias_PKCS_exportable = sharedDatabase("CAPI-test-PKCS-export");
+CKM::Alias alias_PKCS_not_exportable = sharedDatabase("CAPI-test-PKCS-no-export");
}
RUNNER_TEST(T3101_CAPI_PKCS12_init)
{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "PKCS-pass")),
- CKMCReadableError(temp));
+ remove_user_data(0);
}
RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
{
- const char *wrong_passwd = "wrong";
- ckmc_pkcs12_s *ppkcs12 = NULL;
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
- CKMCReadableError(temp));
+ const char *wrong_passwd = "wrong";
+ ckmc_pkcs12_s *ppkcs12 = NULL;
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/test1801.pkcs12", wrong_passwd, &ppkcs12)),
+ CKMCReadableError(temp));
}
RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
{
- ckmc_pkcs12_s *ppkcs12 = NULL;
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
- CKMCReadableError(temp));
-
- RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
- RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
- RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
-
- // save to the CKM
- ckmc_policy_s exportable;
- exportable.password = NULL;
- exportable.extractable = 1;
- ckmc_policy_s notExportable;
- notExportable.password = NULL;
- notExportable.extractable = 0;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
- CKMCReadableError(temp));
-
- // try to lookup key
- ckmc_key_s *key_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
- CKMCReadableError(temp));
- ckmc_key_free(key_lookup);
- key_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable, "", &key_lookup)),
- CKMCReadableError(temp));
- ckmc_key_free(key_lookup);
-
- // try to lookup certificate
- ckmc_cert_s *cert_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
- CKMCReadableError(temp));
- ckmc_cert_free(cert_lookup);
- cert_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
- CKMCReadableError(temp));
- ckmc_cert_free(cert_lookup);
+ ckmc_pkcs12_s *ppkcs12 = NULL;
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/pkcs.p12", NULL, &ppkcs12)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
+
+ // save to the CKM
+ ckmc_policy_s exportable;
+ exportable.password = NULL;
+ exportable.extractable = 1;
+ ckmc_policy_s notExportable;
+ notExportable.password = NULL;
+ notExportable.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
+ CKMCReadableError(temp));
+
+ // try to lookup key
+ ckmc_key_s *key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
+ CKMCReadableError(temp));
+ ckmc_key_free(key_lookup);
+ key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), "", &key_lookup)),
+ CKMCReadableError(temp));
+ ckmc_key_free(key_lookup);
+
+ // try to lookup certificate
+ ckmc_cert_s *cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
+ CKMCReadableError(temp));
+ ckmc_cert_free(cert_lookup);
+ cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
+ CKMCReadableError(temp));
+ ckmc_cert_free(cert_lookup);
}
RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
{
- int temp;
- ckmc_pkcs12_s *pkcs = NULL;
-
- // fail - no entry
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12("i-do-not-exist", NULL, NULL, &pkcs)),
- CKMCReadableError(temp));
- ckmc_pkcs12_free(pkcs);
- pkcs = NULL;
-
- // fail - not exportable
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable, NULL, NULL, &pkcs)),
- CKMCReadableError(temp));
- ckmc_pkcs12_free(pkcs);
- pkcs = NULL;
-
- // success - exportable
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable, NULL, NULL, &pkcs)),
- CKMCReadableError(temp));
-
- RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
- RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
- RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
- size_t cntr = 0;
- ckmc_cert_list_s *iter = pkcs->ca_chain;
- do {
- cntr ++;
- iter = iter->next;
- } while(iter);
- RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
-
- ckmc_pkcs12_free(pkcs);
+ int temp;
+ ckmc_pkcs12_s *pkcs = NULL;
+
+ // fail - no entry
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12(sharedDatabase("i-do-not-exist").c_str(), NULL, NULL, &pkcs)),
+ CKMCReadableError(temp));
+ ckmc_pkcs12_free(pkcs);
+ pkcs = NULL;
+
+ // fail - not exportable
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable.c_str(), NULL, NULL, &pkcs)),
+ CKMCReadableError(temp));
+ ckmc_pkcs12_free(pkcs);
+ pkcs = NULL;
+
+ // success - exportable
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable.c_str(), NULL, NULL, &pkcs)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
+ size_t cntr = 0;
+ ckmc_cert_list_s *iter = pkcs->ca_chain;
+ do {
+ cntr ++;
+ iter = iter->next;
+ } while(iter);
+ RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
+
+ ckmc_pkcs12_free(pkcs);
}
RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
{
- ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
-
- int temp;
- ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
- ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
- ckmc_raw_buffer_s *signature = NULL;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- alias_PKCS_exportable,
- NULL,
- msg_buff,
- hash_algo,
- pad_algo,
- &signature)),
- CKMCReadableError(temp));
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- alias_PKCS_exportable,
- NULL,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- CKMCReadableError(temp));
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+
+ int temp;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ alias_PKCS_exportable.c_str(),
+ NULL,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ alias_PKCS_exportable.c_str(),
+ NULL,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
}
RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
{
- int tmp;
-
- // remove the whole PKCS12 bundles
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_exportable)),
- CKMCReadableError(tmp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_not_exportable)),
- CKMCReadableError(tmp));
-
- // expect lookup fails due to unknown alias
- // try to lookup key
- ckmc_key_s *key_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
- CKMCReadableError(tmp));
- ckmc_key_free(key_lookup);
- key_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable, NULL, &key_lookup)),
- CKMCReadableError(tmp));
- ckmc_key_free(key_lookup);
-
- // try to lookup certificate
- ckmc_cert_s *cert_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
- CKMCReadableError(tmp));
- ckmc_cert_free(cert_lookup);
- cert_lookup = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
- CKMCReadableError(tmp));
- ckmc_cert_free(cert_lookup);
+ int tmp;
+
+ // remove the whole PKCS12 bundles
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_exportable.c_str())),
+ CKMCReadableError(tmp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_not_exportable.c_str())),
+ CKMCReadableError(tmp));
+
+ // expect lookup fails due to unknown alias
+ // try to lookup key
+ ckmc_key_s *key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_key_free(key_lookup);
+ key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), NULL, &key_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_key_free(key_lookup);
+
+ // try to lookup certificate
+ ckmc_cert_s *cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_cert_free(cert_lookup);
+ cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_cert_free(cert_lookup);
}
RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
{
- int temp;
- RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
+ remove_user_data(0);
}
RUNNER_TEST(T3201_CAPI_unlock_database)
{
- int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
- CKMCReadableError(temp));
+ reset_user_data(USER_APP, USER_PASS);
}
RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
{
+ ScopedDBUnlock unlock(USER_APP, USER_PASS);
+ ScopedAccessProvider ap(TEST_LABEL);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int temp;
- char alias[10] = "mykey";
+ CKM::Alias alias = "mykey";
char *password = NULL;
ckmc_key_s *test_key = NULL;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias, password, &test_key)),
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
"Error=" << temp);
RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
{
+ ScopedDBUnlock unlock(USER_APP, USER_PASS);
+
int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
CKMCReadableError(temp));
}
RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
{
+ ScopedAccessProvider ap(TEST_LABEL);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int temp;
- char alias[10] = "mykey";
+ CKM::Alias alias = "mykey";
char *password = NULL;
ckmc_key_s *test_key = NULL;
RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key)),
+ CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
CKMCReadableError(temp));
RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
RUNNER_TEST(T3204_deinit)
{
- int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- CKMCReadableError(temp));
+ remove_user_data(USER_APP);
}
projects / platform / core / test / security-tests.git / blobdiff