#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include <dpl/log/log.h>
-
namespace {
const int USER_APP = 5000;
const int GROUP_APP = 5000;
auto key = CKM::Key::create(buffer, CKM::Password());
CKM::KeyShPtr key_name, key_full_addr;
CKM::Alias alias = "mykey-2";
- CharPtr top_label = get_label();
- std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
+ std::string top_label = getOwnerIdFromSelf();
+ std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int temp;
auto manager = CKM::Manager::create();
RUNNER_TEST(T1034_app_remove_bin_data)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_CHILD_TEST(T1041_create_rsa_key)
+RUNNER_CHILD_TEST(T1041_create_RSA_key)
{
int temp;
auto manager = CKM::Manager::create();
"Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
}
-RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
+RUNNER_CHILD_TEST(T1042_create_RSA_key_foreign_label)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_CHILD_TEST(T1043_create_dsa_key)
+RUNNER_CHILD_TEST(T1043_create_DSA_key)
{
int temp;
auto manager = CKM::Manager::create();
"Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
}
+RUNNER_CHILD_TEST(T1044_create_AES_key)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::AliasVector av;
+
+ AccessProvider ap("mylabel-aes");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int current_aliases_num = count_aliases(ALIAS_KEY);
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+1) == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
+}
+
RUNNER_TEST(T1049_deinit)
{
remove_user_data(USER_APP);
RUNNER_TEST(T12101_key_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int ret;
auto manager = CKM::Manager::create();
RUNNER_TEST(T12102_saveKey_empty_alias)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
RUNNER_TEST(T12103_saveKey_foreign_label)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
RUNNER_TEST(T12104_saveKey_empty_key)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
CKM::KeyShPtr key; //key is not initialized
CKM::Alias alias = "empty-key";
RUNNER_TEST(T12105_saveCertificate_empty_alias)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
auto cert = TestData::getTestCertificate(TestData::GIAG2);
CKM::Alias alias; //alias is not initialized
RUNNER_TEST(T12106_saveCertificate_foreign_label)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
auto cert = TestData::getTestCertificate(TestData::GIAG2);
CKM::Alias alias = "iamsomebodyelse alias";
RUNNER_TEST(T12107_saveCertificate_empty_cert)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
CKM::CertificateShPtr cert; //cert is not initialized
CKM::Alias alias = "empty-cert";
RUNNER_TEST(T12108_saveData_empty_alias)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
std::string testData = "test data test data test data";
CKM::RawBuffer buffer(testData.begin(), testData.end());
RUNNER_TEST(T12109_saveData_foreign_label)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
std::string testData = "test data test data test data";
CKM::RawBuffer buffer(testData.begin(), testData.end());
RUNNER_TEST(T12110_saveData_empty_data)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
CKM::RawBuffer buffer;
CKM::Alias alias = "empty-data";
RUNNER_TEST(T12111_getKey_alias_not_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
CKM::KeyShPtr key;
CKM::Alias alias = "this-alias-not-exist";
RUNNER_TEST(T12112_getCertificate_alias_not_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
CKM::CertificateShPtr certificate;
CKM::Alias alias = "this-alias-not-exist";
RUNNER_TEST(T12113_getData_alias_not_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int temp;
auto manager = CKM::Manager::create();
/*
* These test cases tests API when damaged keys are used
*/
-RUNNER_TEST(T12114_rsa_key_damaged)
+RUNNER_TEST(T12114_RSA_key_damaged)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
-RUNNER_TEST(T12115_rsa_key_too_short)
+RUNNER_TEST(T12115_RSA_key_too_short)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
-RUNNER_TEST(T12116_dsa_key_too_short)
+RUNNER_TEST(T12116_DSA_key_too_short)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
+RUNNER_TEST(T12117_AES_key_too_short)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ size_t key_size = (128-1);
+ CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
+
+ auto key = CKM::Key::create(key_AES);
+ CKM::Alias alias = "short-AES";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
/*
* These test cases tests CKM service if malicious data is provided over the socket.
*/
-RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
+RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
-RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
+RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, APP_PASS);
// fake the client - let the service detect the problem
class WrongCertImpl : public CKM::Certificate
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T12119_deinit)
+RUNNER_TEST(T12120_deinit)
{
remove_user_data(USER_APP);
}
"is not woking on the device. OCSP tests requires network access!");
}
-RUNNER_TEST(T1312_get_chain)
+RUNNER_TEST(T13121_get_chain_no_cert)
+{
+ CKM::CertificateShPtrVector certChain;
+ CKM::CertificateShPtr cert;
+
+ auto manager = CKM::Manager::create();
+
+ int ret = manager->getCertificateChain(cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
+ "Function should fail for empty certificate");
+}
+
+RUNNER_TEST(T13122_get_chain_empty_cert)
+{
+ CKM::CertificateShPtrVector certChain;
+ CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
+ CKM::DataFormat::FORM_PEM);
+
+ auto manager = CKM::Manager::create();
+
+ int ret = manager->getCertificateChain(cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
+ "Function should fail for empty certificate");
+}
+
+RUNNER_TEST(T13129_get_chain)
{
auto cert = TestData::getTestCertificate(TestData::MBANK);
auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
"Wrong size of certificate chain.");
}
-RUNNER_TEST(T1314_ocsp_check)
+RUNNER_TEST(T13141_ocsp_check_valid_chain)
{
- RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
-
auto cert = TestData::getTestCertificate(TestData::MBANK);
auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
CKM::CertificateShPtrVector certVector = {cert1};
RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
}
+RUNNER_TEST(T13142_ocsp_check_empty)
+{
+ CKM::CertificateShPtrVector certVector;
+
+ auto manager = CKM::Manager::create();
+
+ int tmp;
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
+ "ocspCheck should fail for empty certificate vector");
+}
+
+RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
+{
+ CKM::CertificateShPtrVector certVector = {
+ CKM::CertificateShPtr(),
+ CKM::CertificateShPtr(),
+ CKM::CertificateShPtr()};
+
+ auto manager = CKM::Manager::create();
+
+ int tmp;
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
+ "ocspCheck should fail for empty certificate vector");
+}
+
+RUNNER_TEST(T13144_ocsp_check_root)
+{
+ auto root = TestData::getTestCertificate(TestData::EQUIFAX);
+ CKM::CertificateShPtrVector certVector = {root};
+
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
+
+ int tmp;
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
+ "Ocsp should fail for single certificate");
+}
+
+RUNNER_TEST(T13145_ocsp_check_no_ocsp)
+{
+ auto root = TestData::getTestCertificate(TestData::EQUIFAX);
+ auto ca2 = TestData::getTestCertificate(TestData::GEOTRUST);
+ auto ca1 = TestData::getTestCertificate(TestData::GIAG2);
+
+ CKM::CertificateShPtrVector certVector = {ca1, ca2, root};
+
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != ca2.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != ca1.get(), "Certificate should not be empty");
+
+ int tmp;
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
+}
+
RUNNER_TEST(T1315_deinit)
{
remove_user_data(0);
remove_user_data(0);
}
-RUNNER_TEST(T1412_rsa_key_create_verify)
+RUNNER_TEST(T1412_RSA_key_create_verify)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1413_dsa_key_create_verify)
+RUNNER_TEST(T1413_DSA_key_create_verify)
{
int temp;
auto manager = CKM::Manager::create();
}
-RUNNER_TEST(T1414_ec_key_create_verify)
+RUNNER_TEST(T1414_ECDSA_key_create_verify)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1415_rsa_key_create_verify_negative)
+RUNNER_TEST(T1415_RSA_key_create_verify_negative)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1416_dsa_key_create_verify_negative)
+RUNNER_TEST(T1416_DSA_key_create_verify_negative)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
+RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
+RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
+RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
{
int temp;
auto manager = CKM::Manager::create();
}
-RUNNER_TEST(T14181_rsa_create_signatue_nohash)
+RUNNER_TEST(T14181_RSA_create_signatue_nohash)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
+RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
+RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
{
int temp;
auto manager = CKM::Manager::create();
}
-RUNNER_TEST(T14184_ec_create_signatue_nohash)
+RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
{
int temp;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
+RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
{
int temp;
auto manager = CKM::Manager::create();
RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
-RUNNER_CHILD_TEST(T1510_init_unlock_key)
+RUNNER_TEST(T1510_init_unlock_key)
{
- ScopedAccessProvider ap("my-label");
- ap.allowAPI("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
-
- unlock_user_data(USER_TEST, "strong-password");
+ reset_user_data(USER_TEST, APP_PASS);
}
-RUNNER_CHILD_TEST(T1511_insert_data)
+RUNNER_TEST(T1511_insert_data)
{
- ScopedAccessProvider ap("my-label");
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
-
auto certee = TestData::getTestCertificate(TestData::MBANK);
auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
+ CKM::Alias certeeAlias("CertEE");
+ CKM::Alias certimAlias("CertIM");
+ {
+ ScopedDBUnlock unlock(USER_TEST, APP_PASS);
+ ScopedAccessProvider ap("my-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
+ RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
+ }
- auto manager = CKM::Manager::create();
- int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
- int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
- "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
+ // restart CKM
+ stop_service(MANAGER);
+ start_service(MANAGER);
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
- "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
+ // actual test
+ {
+ ScopedDBUnlock unlock(USER_TEST, APP_PASS);
+ ScopedAccessProvider ap("my-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ auto manager = CKM::Manager::create();
+ int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
+ int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
+ }
}
-RUNNER_CHILD_TEST(T1519_deinit)
+RUNNER_TEST(T1519_deinit)
{
- int tmp;
- ScopedAccessProvider ap("my-label");
- ap.allowAPI("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
- "Error=" << CKM::ErrorToString(tmp));
+ remove_user_data(USER_TEST);
}
-
RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
RUNNER_TEST(T1701_init_unlock_key)
{
+ unlock_user_data(USER_TEST+1, "t170-special-password");
+
ScopedAccessProvider ap("t170-special-label");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
-
- unlock_user_data(USER_TEST+1, "t170-special-password");
}
RUNNER_CHILD_TEST(T1702_insert_data)
RUNNER_TEST(T1810_verify_get_certificate_chain)
{
// this certificate has been signed using PKCS chain
- std::string im = "-----BEGIN CERTIFICATE-----\n"
- "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
- "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
- "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
- "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
- "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
- "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
- "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
- "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
- "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
- "Qw==\n"
+ std::string im =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
+ "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
+ "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
+ "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
+ "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
+ "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
+ "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
+ "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
+ "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
"-----END CERTIFICATE-----\n";
auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
RUNNER_TEST(T1902_get_data)
{
+ ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
ScopedAccessProvider ap(TEST_LABEL);
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
- ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
auto manager = CKM::Manager::create();
CKM::KeyShPtr ptr;
int main(int argc, char *argv[])
{
- DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
}
projects / platform / core / test / security-tests.git / blobdiff