#include <openssl/x509.h>
#include <openssl/x509v3.h>
-#include <dpl/log/log.h>
-
namespace {
const int USER_APP = 5000;
const int GROUP_APP = 5000;
+
+const int USER_APP_2 = 5020;
+const int USER_APP_3 = 5030;
+
+const char * const APP_PASS = "user-pass";
const int USER_TEST = 5001;
+const char* TEST_LABEL = "test_label";
const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
const CKM::AliasVector EMPTY_ALIAS_VECTOR;
auto control = CKM::Control::create();
control->removeUserData(0);
- control->removeUserData(20);
+ control->removeUserData(USER_APP_2);
control->removeUserData(USER_APP);
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
"Error=" << CKM::ErrorToString(temp));
}
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
"Error=" << CKM::ErrorToString(temp));
}
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
"Error=" << CKM::ErrorToString(temp));
}
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(14)),
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
+ CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
+ CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
+ CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(14)),
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
"Error=" << CKM::ErrorToString(temp));
}
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
+ CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(20)),
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
"Error=" << CKM::ErrorToString(temp));
}
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
+ CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(20)),
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
"Error=" << CKM::ErrorToString(temp));
}
RUNNER_TEST(T1010_init)
{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
+ unlock_user_data(USER_APP, "user-pass");
}
RUNNER_TEST(T1011_key)
CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
auto key = CKM::Key::create(buffer, CKM::Password());
CKM::KeyShPtr key2;
- CKM::Alias alias = "mykey";
+ CKM::Alias alias = sharedDatabase("mykey");
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
auto cert = TestData::getTestCertificate(TestData::GIAG2);
CKM::CertificateShPtr cert2;
- CKM::Alias alias = "myCert";
+ CKM::Alias alias = sharedDatabase("myCert");
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
RUNNER_CHILD_TEST(T1013_user_app_save_key)
{
- AccessProvider ap("mylabel");
+ ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
RUNNER_TEST(T1014_save_with_label)
{
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int temp;
auto manager = CKM::Manager::create();
auto key = CKM::Key::create(buffer, CKM::Password());
CKM::KeyShPtr key_name, key_full_addr;
CKM::Alias alias = "mykey-2";
- CharPtr top_label = get_label();
- std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
+ std::string top_label = getOwnerIdFromSelf();
+ std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
RUNNER_TEST(T1015_deinit)
{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
+ remove_user_data(USER_APP);
}
RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
"Error=" << CKM::ErrorToString(temp));
}
auto key = CKM::Key::create(buffer, CKM::Password());
CKM::AliasVector labelAliasVector;
+ size_t current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
+ CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey1").c_str(), key, CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
+ CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey2").c_str(), key, CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
+ CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey3").c_str(), key, CKM::Policy(CKM::Password(), false))),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- labelAliasVector.size() == 3,
- "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+ labelAliasVector.size() == (current_aliases_num+3),
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
}
RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
{
- AccessProvider ap("mylabel");
+ ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
auto key = CKM::Key::create(buffer, CKM::Password());
CKM::AliasVector labelAliasVector;
+ size_t current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- labelAliasVector.size() == 3,
- "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+ labelAliasVector.size() == (current_aliases_num+3),
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
}
RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
{
- AccessProvider ap("mylabel");
+ ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
RUNNER_TEST(T1029_deinit)
{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
+ remove_user_data(USER_APP);
}
RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
-
RUNNER_TEST(T1030_init)
{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
+ reset_user_data(USER_APP, APP_PASS);
}
RUNNER_TEST(T1031_save_get_bin_data)
CKM::AliasVector labelAliasVector;
+ size_t current_aliases_num = count_aliases(ALIAS_DATA);
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
+ CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data1").c_str(), buffer1, CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
+ CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data2").c_str(), buffer2, CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
+ CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data3").c_str(), buffer3, CKM::Policy(CKM::Password(), true))),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer3, CKM::Policy(CKM::Password(), false))),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- labelAliasVector.size() == 3,
- "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+ labelAliasVector.size() == (current_aliases_num+3),
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
CKM::RawBuffer buffer;
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
+ CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
buffer == buffer2,
"Data corrupted");
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
+ CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password("Password"), buffer)),
"The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
}
RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
{
- AccessProvider ap("mylabel");
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
CKM::AliasVector labelAliasVector;
+ size_t current_aliases_num = count_aliases(ALIAS_DATA);
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- labelAliasVector.size() == 3,
- "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+ labelAliasVector.size() == (current_aliases_num+3),
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
}
RUNNER_TEST(T1033_remove_bin_data)
CKM::AliasVector labelAliasVector;
- std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
+ size_t current_aliases_num = count_aliases(ALIAS_DATA);
+ std::string invalid_address = sharedDatabase("i-do-not-exist");
RUNNER_ASSERT_MSG(
CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
+ CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data1").c_str())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
+ CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data3").c_str())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- labelAliasVector.size() == 1,
- "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
+ labelAliasVector.size() == (current_aliases_num-2),
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
CKM::RawBuffer buffer;
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
+ CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
buffer == buffer2,
"Data corrupted");
RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(sharedDatabase("data3").c_str(), CKM::Password(), buffer)),
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1034_getData_wrong_password)
+RUNNER_TEST(T1034_app_remove_bin_data)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int temp;
auto manager = CKM::Manager::create();
- std::string binData1 = "My bin data4";
+ std::string binData2 = "My bin data";
+ CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
- CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
+ CKM::AliasVector labelAliasVector;
+ size_t current_aliases_num = count_aliases(ALIAS_DATA);
+ std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
"Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ labelAliasVector.size() == (current_aliases_num-2),
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
CKM::RawBuffer buffer;
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
+ CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- buffer == buffer1,
+ buffer == buffer2,
"Data corrupted");
-
RUNNER_ASSERT_MSG(
- CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1035_deinit)
+RUNNER_TEST(T1035_getData_wrong_password)
{
int temp;
- auto control = CKM::Control::create();
+ auto manager = CKM::Manager::create();
+
+ std::string binData1 = "My bin data4";
+
+ CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer1, CKM::Policy("CorrectPassword"))),
"Error=" << CKM::ErrorToString(temp));
+
+ CKM::RawBuffer buffer;
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("CorrectPassword"), buffer)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
+ buffer == buffer1,
+ "Data corrupted");
+
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("WrongPassword"), buffer)),
"Error=" << CKM::ErrorToString(temp));
}
+RUNNER_TEST(T1036_deinit)
+{
+ remove_user_data(0);
+ remove_user_data(USER_APP);
+}
+
RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
RUNNER_TEST(T1040_init)
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_CHILD_TEST(T1041_create_rsa_key)
+RUNNER_CHILD_TEST(T1041_create_RSA_key)
{
int temp;
auto manager = CKM::Manager::create();
CKM::AliasVector av;
- AccessProvider ap("mylabel-rsa");
+ ScopedAccessProvider ap("mylabel-rsa");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ size_t current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- 2 == (temp = av.size()),
- "Vector size: " << temp << ". Expected: 2");
+ (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
+ "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
}
-RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
+RUNNER_CHILD_TEST(T1042_create_RSA_key_foreign_label)
{
int temp;
auto manager = CKM::Manager::create();
CKM::AliasVector av;
- AccessProvider ap("mylabel-rsa");
+ ScopedAccessProvider ap("mylabel-rsa");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_CHILD_TEST(T1043_create_dsa_key)
+RUNNER_CHILD_TEST(T1043_create_DSA_key)
{
int temp;
auto manager = CKM::Manager::create();
CKM::AliasVector av;
- AccessProvider ap("mylabel-dsa");
+ ScopedAccessProvider ap("mylabel-dsa");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ size_t current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- 2 == (temp = av.size()),
- "Vector size: " << temp << ". Expected: 2");
+ (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
+ "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
}
-RUNNER_TEST(T1049_deinit)
+RUNNER_CHILD_TEST(T1044_create_AES_key)
{
int temp;
- auto control = CKM::Control::create();
+ auto manager = CKM::Manager::create();
+ CKM::AliasVector av;
+ AccessProvider ap("mylabel-aes");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int current_aliases_num = count_aliases(ALIAS_KEY);
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
"Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+1) == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
+}
+
+RUNNER_TEST(T1049_deinit)
+{
+ remove_user_data(USER_APP);
}
RUNNER_TEST(T1110_init)
{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
+ unlock_user_data(USER_APP, "user-pass");
}
RUNNER_TEST(T1111_CreateKeyPairRSA)
{
int temp;
auto manager = CKM::Manager::create();
- CKM::Alias a1("rsa-test-1");
- CKM::Alias a2("rsa-test-2");
+ CKM::Alias a1 = sharedDatabase("rsa-test-1");
+ CKM::Alias a2 = sharedDatabase("rsa-test-2");
CKM::Policy p1;
CKM::Policy p2;
RUNNER_ASSERT_MSG(
{
int temp;
auto manager = CKM::Manager::create();
- CKM::Alias a1("dsa-test-1");
- CKM::Alias a2("dsa-test-2");
+ CKM::Alias a1 = sharedDatabase("dsa-test-1");
+ CKM::Alias a2 = sharedDatabase("dsa-test-2");
CKM::Policy p1;
CKM::Policy p2;
RUNNER_ASSERT_MSG(
{
int temp;
auto manager = CKM::Manager::create();
- CKM::Alias a1("ecdsa-test-1");
- CKM::Alias a2("ecdsa-test-2");
+ CKM::Alias a1 = sharedDatabase("ecdsa-test-1");
+ CKM::Alias a2 = sharedDatabase("ecdsa-test-2");
CKM::Policy p1;
CKM::Policy p2;
RUNNER_ASSERT_MSG(
RUNNER_TEST(T1114_deinit)
{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
}
RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
RUNNER_TEST(T12100_init)
{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
+ reset_user_data(USER_APP, APP_PASS);
}
RUNNER_TEST(T12101_key_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int ret;
auto manager = CKM::Manager::create();
RUNNER_TEST(T12102_saveKey_empty_alias)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
RUNNER_TEST(T12103_saveKey_foreign_label)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
RUNNER_TEST(T12104_saveKey_empty_key)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
CKM::KeyShPtr key; //key is not initialized
CKM::Alias alias = "empty-key";
RUNNER_TEST(T12105_saveCertificate_empty_alias)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
auto cert = TestData::getTestCertificate(TestData::GIAG2);
CKM::Alias alias; //alias is not initialized
RUNNER_TEST(T12106_saveCertificate_foreign_label)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
auto cert = TestData::getTestCertificate(TestData::GIAG2);
CKM::Alias alias = "iamsomebodyelse alias";
RUNNER_TEST(T12107_saveCertificate_empty_cert)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
CKM::CertificateShPtr cert; //cert is not initialized
CKM::Alias alias = "empty-cert";
RUNNER_TEST(T12108_saveData_empty_alias)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
std::string testData = "test data test data test data";
CKM::RawBuffer buffer(testData.begin(), testData.end());
CKM::Alias alias;
RUNNER_TEST(T12109_saveData_foreign_label)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
std::string testData = "test data test data test data";
CKM::RawBuffer buffer(testData.begin(), testData.end());
CKM::Alias alias = "iamsomebodyelse alias";
RUNNER_TEST(T12110_saveData_empty_data)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
CKM::RawBuffer buffer;
CKM::Alias alias = "empty-data";
RUNNER_TEST(T12111_getKey_alias_not_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
CKM::KeyShPtr key;
CKM::Alias alias = "this-alias-not-exist";
RUNNER_TEST(T12112_getCertificate_alias_not_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
CKM::CertificateShPtr certificate;
CKM::Alias alias = "this-alias-not-exist";
RUNNER_TEST(T12113_getData_alias_not_exist)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int temp;
auto manager = CKM::Manager::create();
CKM::RawBuffer buffer;
/*
* These test cases tests API when damaged keys are used
*/
-RUNNER_TEST(T12114_rsa_key_damaged)
+RUNNER_TEST(T12114_RSA_key_damaged)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
-RUNNER_TEST(T12115_rsa_key_too_short)
+RUNNER_TEST(T12115_RSA_key_too_short)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
-RUNNER_TEST(T12116_dsa_key_too_short)
+RUNNER_TEST(T12116_DSA_key_too_short)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
+RUNNER_TEST(T12117_AES_key_too_short)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ size_t key_size = (128-1);
+ CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
+
+ auto key = CKM::Key::create(key_AES);
+ CKM::Alias alias = "short-AES";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
/*
* These test cases tests CKM service if malicious data is provided over the socket.
*/
-RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
+RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
int ret;
auto manager = CKM::Manager::create();
"Error=" << CKM::ErrorToString(ret));
}
-RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
+RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
{
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+ ScopedAccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
// fake the client - let the service detect the problem
class WrongCertImpl : public CKM::Certificate
{
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T12119_deinit)
+RUNNER_TEST(T12120_deinit)
{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(USER_APP);
}
RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
RUNNER_TEST(T1311_init)
{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
RUNNER_ASSERT_MSG(time(0) > 1405343457,
"Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
"is not woking on the device. OCSP tests requires network access!");
}
-RUNNER_TEST(T1312_get_chain)
+RUNNER_TEST(T13121_get_chain_no_cert)
+{
+ CKM::CertificateShPtrVector certChain;
+ CKM::CertificateShPtr cert;
+
+ auto manager = CKM::Manager::create();
+
+ int ret = manager->getCertificateChain(cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
+ "Function should fail for empty certificate");
+}
+
+RUNNER_TEST(T13122_get_chain_empty_cert)
+{
+ CKM::CertificateShPtrVector certChain;
+ CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
+ CKM::DataFormat::FORM_PEM);
+
+ auto manager = CKM::Manager::create();
+
+ int ret = manager->getCertificateChain(cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
+ "Function should fail for empty certificate");
+}
+
+RUNNER_TEST(T13129_get_chain)
{
auto cert = TestData::getTestCertificate(TestData::MBANK);
auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
CKM::CertificateShPtrVector certChain;
CKM::AliasVector aliasVector;
- CKM::Alias alias("imcert");
- CharPtr top_label = get_label();
- std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
+ CKM::Alias alias = sharedDatabase("imcert");
int tmp;
auto manager = CKM::Manager::create();
CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
"Error=" << CKM::ErrorToString(tmp));
- aliasVector.push_back(full_address);
+ aliasVector.push_back(alias);
tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
"Wrong size of certificate chain.");
}
-RUNNER_TEST(T1314_ocsp_check)
+RUNNER_TEST(T13141_ocsp_check_valid_chain)
{
- RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
-
auto cert = TestData::getTestCertificate(TestData::MBANK);
auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
CKM::CertificateShPtrVector certVector = {cert1};
RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
}
-RUNNER_TEST(T1315_deinit)
+RUNNER_TEST(T13142_ocsp_check_empty)
{
- int temp;
- auto control = CKM::Control::create();
+ CKM::CertificateShPtrVector certVector;
+ auto manager = CKM::Manager::create();
+
+ int tmp;
+ int status;
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
+ CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
+ "ocspCheck should fail for empty certificate vector");
+}
+
+RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
+{
+ CKM::CertificateShPtrVector certVector = {
+ CKM::CertificateShPtr(),
+ CKM::CertificateShPtr(),
+ CKM::CertificateShPtr()};
+
+ auto manager = CKM::Manager::create();
+
+ int tmp;
+ int status;
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
+ CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
+ "ocspCheck should fail for empty certificate vector");
+}
+
+RUNNER_TEST(T13144_ocsp_check_root)
+{
+ auto root = TestData::getTestCertificate(TestData::EQUIFAX);
+ CKM::CertificateShPtrVector certVector = {root};
+
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
+
+ int tmp;
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
+ "Ocsp should fail for single certificate");
+}
+
+RUNNER_TEST(T13145_ocsp_check_no_ocsp)
+{
+ auto root = TestData::getTestCertificate(TestData::EQUIFAX);
+ auto ca2 = TestData::getTestCertificate(TestData::GEOTRUST);
+ auto ca1 = TestData::getTestCertificate(TestData::GIAG2);
+
+ CKM::CertificateShPtrVector certVector = {ca1, ca2, root};
+
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != ca2.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != ca1.get(), "Certificate should not be empty");
+
+ int tmp;
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
+}
+
+RUNNER_TEST(T1315_deinit)
+{
+ remove_user_data(0);
}
RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
RUNNER_TEST(T1411_init)
{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
}
-RUNNER_TEST(T1412_rsa_key_create_verify)
+RUNNER_TEST(T1412_RSA_key_create_verify)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message test";
- CKM::Alias aliasPub = "pub1";
- CKM::Alias aliasPrv = "prv1";
+ CKM::Alias aliasPub = sharedDatabase("pub1");
+ CKM::Alias aliasPrv = sharedDatabase("prv1");
CKM::Password password = "1234";
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1413_dsa_key_create_verify)
+RUNNER_TEST(T1413_DSA_key_create_verify)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message test";
- CKM::Alias aliasPub = "pub2";
- CKM::Alias aliasPrv = "prv2";
+ CKM::Alias aliasPub = sharedDatabase("pub2");
+ CKM::Alias aliasPrv = sharedDatabase("prv2");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
CKM::RawBuffer signature;
}
-RUNNER_TEST(T1414_ec_key_create_verify)
+RUNNER_TEST(T1414_ECDSA_key_create_verify)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message test";
- CKM::Alias aliasPub = "ecpub2";
- CKM::Alias aliasPrv = "ecprv2";
+ CKM::Alias aliasPub = sharedDatabase("ecpub2");
+ CKM::Alias aliasPrv = sharedDatabase("ecprv2");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
CKM::RawBuffer signature;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1415_rsa_key_create_verify_negative)
+RUNNER_TEST(T1415_RSA_key_create_verify_negative)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message asdfaslkdfjlksadjf test";
- CKM::Alias aliasPub = "pub1";
- CKM::Alias aliasPrv = "prv1";
+ CKM::Alias aliasPub = sharedDatabase("pub1");
+ CKM::Alias aliasPrv = sharedDatabase("prv1");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1416_dsa_key_create_verify_negative)
+RUNNER_TEST(T1416_DSA_key_create_verify_negative)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message asdfaslkdfjlksadjf test";
- CKM::Alias aliasPub = "pub2";
- CKM::Alias aliasPrv = "prv2";
+ CKM::Alias aliasPub = sharedDatabase("pub2");
+ CKM::Alias aliasPrv = sharedDatabase("prv2");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
+RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message test";
- CKM::Alias aliasPub = "pub1-cert";
- CKM::Alias aliasPrv = "prv1-cert";
+ CKM::Alias aliasPub = sharedDatabase("pub1-cert");
+ CKM::Alias aliasPrv = sharedDatabase("prv1-cert");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
CKM::RawBuffer signature;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
+RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message test";
- CKM::Alias aliasPub = "pub2-cert";
- CKM::Alias aliasPrv = "prv2-cert";
+ CKM::Alias aliasPub = sharedDatabase("pub2-cert");
+ CKM::Alias aliasPrv = sharedDatabase("prv2-cert");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
CKM::RawBuffer signature;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
+RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message test";
- CKM::Alias aliasPub = "pub3";
- CKM::Alias aliasPrv = "prv3";
+ CKM::Alias aliasPub = sharedDatabase("pub3");
+ CKM::Alias aliasPrv = sharedDatabase("prv3");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
CKM::RawBuffer signature;
RUNNER_TEST(T1420_deinit)
{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
}
RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
RUNNER_TEST(T14180_init)
{
int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
auto manager = CKM::Manager::create();
"zQIDAQAB\n"
"-----END PUBLIC KEY-----\n";
- CKM::Alias aliasPub = "pub_nohash1";
- CKM::Alias aliasPrv = "prv_nohash1";
+ CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
+ CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
CKM::Password password = "1234";
auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
"05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
"-----END PUBLIC KEY-----\n";
- CKM::Alias aliasEcPub = "ecpub_nohash1";
- CKM::Alias aliasEcPrv = "ecprv_nohash1";
+ CKM::Alias aliasEcPub = sharedDatabase("ecpub_nohash1");
+ CKM::Alias aliasEcPrv = sharedDatabase("ecprv_nohash1");
auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
}
-RUNNER_TEST(T14181_rsa_create_signatue_nohash)
+RUNNER_TEST(T14181_RSA_create_signatue_nohash)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message asdfaslkdfjlksadjf test";
- CKM::Alias aliasPub = "pub_nohash1";
- CKM::Alias aliasPrv = "prv_nohash1";
+ CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
+ CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
+RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message asdfaslkdfjlksadjf test";
- CKM::Alias aliasPub = "pub_nohash1";
- CKM::Alias aliasPrv = "prv_nohash1";
+ CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
+ CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
+RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
{
int temp;
auto manager = CKM::Manager::create();
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
- CKM::Alias aliasPub = "pub_nohash1";
- CKM::Alias aliasPrv = "prv_nohash1";
+ CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
+ CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
}
-RUNNER_TEST(T14184_ec_create_signatue_nohash)
+RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
{
int temp;
auto manager = CKM::Manager::create();
std::string message = "message test";
- CKM::Alias aliasPub = "ecpub_nohash1";
- CKM::Alias aliasPrv = "ecprv_nohash1";
+ CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
+ CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
CKM::RawBuffer signature;
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
+RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
{
int temp;
auto manager = CKM::Manager::create();
int msgSize = 1024*1024;
char big_msg[msgSize];
for(int i =0; i<msgSize-1; i++) {
- big_msg[i] = 'a';
+ big_msg[i] = 'a';
}
big_msg[msgSize-1]=0x00;
std::string message(big_msg);
- CKM::Alias aliasPub = "ecpub_nohash1";
- CKM::Alias aliasPrv = "ecprv_nohash1";
+ CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
+ CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
CKM::RawBuffer signature;
RUNNER_TEST(T14189_deinit)
{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
+ remove_user_data(0);
}
RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
-namespace {
-CKM::Alias certeeAlias("CertEE");
-CKM::Alias certimAlias("CertIM");
-}
-RUNNER_CHILD_TEST(T1510_init_unlock_key)
+RUNNER_TEST(T1510_init_unlock_key)
{
- reset_user_data(USER_TEST, "strong-password");
-
- // initial DB feed
- AccessProvider ap("my-label");
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+ reset_user_data(USER_TEST, APP_PASS);
+}
- auto manager = CKM::Manager::create();
+RUNNER_TEST(T1511_insert_data)
+{
auto certee = TestData::getTestCertificate(TestData::MBANK);
auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
- RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
- RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
-}
+ CKM::Alias certeeAlias("CertEE");
+ CKM::Alias certimAlias("CertIM");
+ {
+ ScopedDBUnlock unlock(USER_TEST, APP_PASS);
+ ScopedAccessProvider ap("my-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
+ RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
+ }
-RUNNER_TEST(T1511_restart_CKM)
-{
// restart CKM
stop_service(MANAGER);
start_service(MANAGER);
- unlock_user_data(USER_TEST, "strong-password");
-}
-RUNNER_CHILD_TEST(T1512_check_data_exists)
-{
// actual test
- AccessProvider ap("my-label");
- ap.allowAPI("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
-
- auto manager = CKM::Manager::create();
- auto certee = TestData::getTestCertificate(TestData::MBANK);
- auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
- int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
- int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
- "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
- "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
+ {
+ ScopedDBUnlock unlock(USER_TEST, APP_PASS);
+ ScopedAccessProvider ap("my-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ auto manager = CKM::Manager::create();
+ int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
+ int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
+ }
}
RUNNER_TEST(T1519_deinit)
remove_user_data(USER_TEST);
}
-
RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
RUNNER_TEST(T1701_init_unlock_key)
{
- int tmp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
- "Error=" << CKM::ErrorToString(tmp));
+ unlock_user_data(USER_TEST+1, "t170-special-password");
+
+ ScopedAccessProvider ap("t170-special-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
}
RUNNER_CHILD_TEST(T1702_insert_data)
{
int temp;
- AccessProvider ap("t170-special-label");
+ ScopedAccessProvider ap("t170-special-label");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
auto certee = TestData::getTestCertificate(TestData::MBANK);
auto manager = CKM::Manager::create();
+ size_t current_aliases_num = count_aliases(ALIAS_CERT);
int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
"Error=" << CKM::ErrorToString(temp));
RUNNER_ASSERT_MSG(
- 1 == (temp = av.size()),
- "Vector size: " << temp << ". Expected: 1");
+ (current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
+ "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
}
RUNNER_TEST(T1703_removeApplicationData)
RUNNER_CHILD_TEST(T1704_data_test)
{
int temp;
- AccessProvider ap("t170-special-label");
+ ScopedAccessProvider ap("t170-special-label");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
RUNNER_TEST(T1705_deinit)
{
- int tmp;
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
- "Error=" << CKM::ErrorToString(tmp));
+ remove_user_data(USER_TEST+1);
}
RUNNER_TEST(T17101_init)
RUNNER_CHILD_TEST(T17102_prep_data_01)
{
int temp;
- AccessProvider ap("t1706-special-label");
+ ScopedAccessProvider ap("t1706-special-label");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
RUNNER_CHILD_TEST(T17103_prep_data_02)
{
int temp;
- AccessProvider ap("t1706-special-label2");
+ ScopedAccessProvider ap("t1706-special-label2");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
RUNNER_CHILD_TEST(T17104_prep_data_03)
{
int temp;
- AccessProvider ap("t1706-special-label");
+ ScopedAccessProvider ap("t1706-special-label");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
RUNNER_CHILD_TEST(T17105_prep_data_04)
{
int temp;
- AccessProvider ap("t1706-special-label2");
+ ScopedAccessProvider ap("t1706-special-label2");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
RUNNER_CHILD_TEST(T17107_check_data_01)
{
int temp;
- AccessProvider ap("t1706-special-label");
+ ScopedAccessProvider ap("t1706-special-label");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
RUNNER_CHILD_TEST(T17108_check_data_02)
{
int temp;
- AccessProvider ap("t1706-special-label2");
+ ScopedAccessProvider ap("t1706-special-label2");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
RUNNER_CHILD_TEST(T17110_check_data_03)
{
int temp;
- AccessProvider ap("t1706-special-label");
+ ScopedAccessProvider ap("t1706-special-label");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
RUNNER_CHILD_TEST(T17111_check_data_04)
{
int temp;
- AccessProvider ap("t1706-special-label2");
+ ScopedAccessProvider ap("t1706-special-label2");
ap.allowAPI("key-manager::api-storage", "rw");
ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
RUNNER_TEST(T17112_deinit)
{
- int tmp;
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
- "Error=" << CKM::ErrorToString(tmp));
+ remove_user_data(USER_TEST+2);
+ remove_user_data(USER_TEST+3);
}
RUNNER_TEST_GROUP_INIT(T180_PKCS12);
namespace
{
-CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
-CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
-CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
-CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
-CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
-const char *PKCS_PASSWD = "PKCS-pass";
+CKM::Alias alias_PKCS_collision = sharedDatabase("test-PKCS-collision");
+CKM::Alias alias_PKCS_exportable = sharedDatabase("test-PKCS-export");
+CKM::Alias alias_PKCS_not_exportable = sharedDatabase("test-PKCS-no-export");
+CKM::Alias alias_PKCS_priv_key_copy = sharedDatabase("test-PKCS-private-key-copy");
+CKM::Alias alias_PKCS_priv_key_wrong = sharedDatabase("test-PKCS-private-key-wrong");
}
RUNNER_TEST(T1800_init)
{
- reset_user_data(0, PKCS_PASSWD);
+ remove_user_data(0);
}
RUNNER_TEST(T1801_parse_PKCS12) {
// fail - no entry
RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12(sharedDatabase("i-do-not-exist").c_str(), pkcs)),
"Error=" << CKM::ErrorToString(temp));
// fail - not exportable
RUNNER_TEST(T1810_verify_get_certificate_chain)
{
// this certificate has been signed using PKCS chain
- std::string im = "-----BEGIN CERTIFICATE-----\n"
- "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
- "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
- "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
- "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
- "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
- "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
- "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
- "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
- "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
- "Qw==\n"
+ std::string im =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
+ "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
+ "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
+ "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
+ "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
+ "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
+ "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
+ "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
+ "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
"-----END CERTIFICATE-----\n";
auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
RUNNER_TEST(T1812_get_pkcs12_password_tests)
{
- CKM::Alias alias = "t1812alias1";
+ CKM::Alias alias = sharedDatabase("t1812alias1");
auto manager = CKM::Manager::create();
std::ifstream is("/usr/share/ckm-test/pkcs.p12");
}
RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
-
+namespace {
+const char * const T190_PASSWD = "t190-special-password";
+}
RUNNER_TEST(T1901_init_unlock_key)
{
- int tmp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
- "Error=" << CKM::ErrorToString(tmp));
+ reset_user_data(USER_APP, T190_PASSWD);
}
RUNNER_TEST(T1902_get_data)
{
+ ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
+ ScopedAccessProvider ap(TEST_LABEL);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
auto manager = CKM::Manager::create();
CKM::KeyShPtr ptr;
int tmp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
"Error=" << CKM::ErrorToString(tmp));
}
RUNNER_TEST(T1904_get_data_from_locked_database)
{
+ ScopedAccessProvider ap(TEST_LABEL);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
auto manager = CKM::Manager::create();
CKM::KeyShPtr ptr;
RUNNER_TEST(T1905_deinit)
{
- int tmp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(tmp));
+ remove_user_data(USER_APP);
}
int main(int argc, char *argv[])
{
- DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
}