/*
- * Copyright (c) 2000 - 2019 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Contact: Bumjin Im <bj.im@samsung.com>
+ * Copyright (c) 2016 - 2021 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
{
public:
MyObserver() :
- m_finished(false), m_error(0)
+ m_finished(false), m_error(0), m_ocspStatus(0)
{
}
m_cv.notify_one();
}
- void ReceivedSaveKey() { Succeeded(); }
- void ReceivedSaveCertificate() { Succeeded(); }
- void ReceivedSaveData() { Succeeded(); }
- void ReceivedSavePKCS12() { Succeeded(); }
-
- void ReceivedRemovedAlias() { Succeeded(); }
-
- void ReceivedKey(Key &&) { Succeeded(); }
- void ReceivedCertificate(Certificate &&) { Succeeded(); }
- void ReceivedData(RawBuffer &&) { Succeeded(); }
- void ReceivedPKCS12(PKCS12ShPtr && pkcs) { m_pkcs = pkcs; Succeeded(); }
-
- void ReceivedKeyAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
- void ReceivedCertificateAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
- void ReceivedDataAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
+ void ReceivedSaveKey()
+ {
+ Succeeded();
+ }
+ void ReceivedSaveCertificate()
+ {
+ Succeeded();
+ }
+ void ReceivedSaveData()
+ {
+ Succeeded();
+ }
+ void ReceivedSavePKCS12()
+ {
+ Succeeded();
+ }
+ void ReceivedRemovedAlias()
+ {
+ Succeeded();
+ }
+ void ReceivedKey(Key && key)
+ {
+ m_data = move(key.getDER());
+ Succeeded();
+ }
+ void ReceivedCertificate(Certificate && cert)
+ {
+ m_data = move(cert.getDER());
+ Succeeded();
+ }
+ void ReceivedData(RawBuffer && data)
+ {
+ m_data = move(data);
+ Succeeded();
+ }
+ void ReceivedPKCS12(PKCS12ShPtr && pkcs)
+ {
+ m_pkcs = move(pkcs);
+ Succeeded();
+ }
+ void ReceivedKeyAliasVector(AliasVector && av)
+ {
+ m_aliases = move(av);
+ Succeeded();
+ }
+ void ReceivedCertificateAliasVector(AliasVector && av)
+ {
+ m_aliases = move(av);
+ Succeeded();
+ }
+ void ReceivedDataAliasVector(AliasVector && av)
+ {
+ m_aliases = move(av);
+ Succeeded();
+ }
+ void ReceivedCreateKeyAES()
+ {
+ Succeeded();
+ }
+ void ReceivedCreateKeyPair()
+ {
+ Succeeded();
+ }
+ void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
+ {
+ m_certChain = move(chain);
+ Succeeded();
+ }
+ void ReceivedCreateSignature(RawBuffer && buffer)
+ {
+ m_signed = move(buffer);
+ Succeeded();
+ }
+ void ReceivedVerifySignature()
+ {
+ Succeeded();
+ }
+ void ReceivedOCSPCheck(int status)
+ {
+ m_ocspStatus = status;
+ Succeeded();
+ }
+ void ReceivedSetPermission()
+ {
+ Succeeded();
+ }
- void ReceivedCreateKeyAES() { Succeeded(); }
- void ReceivedCreateKeyPair() { Succeeded(); }
+ void WaitForResponse()
+ {
+ unique_lock < mutex > lock(m_mutex);
- void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
- { m_certChain = move(chain); Succeeded(); }
+ m_cv.wait(lock, [this] {return m_finished;});
- void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
- void ReceivedVerifySignature() { Succeeded(); }
+ RUNNER_ASSERT_MSG(m_finished, "Request is not finished!");
+ m_finished = false;
+ }
- void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
+ void WaitForSuccess()
+ {
+ WaitForResponse();
- void ReceivedSetPermission() { Succeeded(); }
+ RUNNER_ASSERT_MSG(m_error == 0,
+ "Request failed " << m_error << "/" << APICodeToString(m_error));
+ }
- void WaitForResponse()
+ void WaitFor(int expected)
{
- unique_lock < mutex > lock(m_mutex);
+ WaitForResponse();
- m_cv.wait(lock, [this] {return m_finished;});
+ RUNNER_ASSERT_MSG(m_error == expected,
+ "Expected " << expected << "/" << APICodeToString(expected) <<
+ " got: " << m_error << "/" << APICodeToString(m_error));
}
bool m_finished;
PKCS12ShPtr m_pkcs;
RawBuffer m_signed;
int m_ocspStatus;
+ RawBuffer m_data;
protected:
void Succeeded()
ManagerAsync mgr;
(mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
- obs->WaitForResponse();
-
- RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
- RUNNER_ASSERT_MSG(
- obs->m_error == expected,
- "Expected " << expected << "/" << APICodeToString(expected) <<
- " got: " << obs->m_error << "/" << APICodeToString(obs->m_error));
+ obs->WaitFor(expected);
}
template <typename F, typename... Args>
ManagerAsync mgr;
(mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
- obs->WaitForResponse();
-
- RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
- RUNNER_ASSERT_MSG(obs->m_error == 0,
- "Request failed " << obs->m_error << "/" << APICodeToString(obs->m_error));
+ obs->WaitForSuccess();
return obs;
}
RUNNER_TEST(TA0120_save_cert_already_exists, UserEnv)
{
- test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
+ test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(TEST_LEAF), Policy());
test_negative(&ManagerAsync::saveCertificate,
CKM_API_ERROR_DB_ALIAS_EXISTS,
"alias",
- getTestCertificate(OCSP_AVAILABLE_LEAF),
+ getTestCertificate(TEST_LEAF),
Policy());
}
RUNNER_TEST(TA0150_save_cert_positive, UserEnv)
{
- test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
+ test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(TEST_LEAF), Policy());
}
RUNNER_TEST(TA0450_remove_cert_positive, UserEnv)
{
- test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
+ test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(TEST_LEAF), Policy());
test_positive(&ManagerAsync::removeAlias, "alias");
}
RUNNER_TEST(TA0650_get_key_positive, UserEnv)
{
- test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy("password"));
- test_positive(&ManagerAsync::getKey, "alias_RSA", "password");
- test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy("password"));
- test_positive(&ManagerAsync::getKey, "alias_DSA", "password");
- test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy("password"));
- test_positive(&ManagerAsync::getKey, "alias_AES", "password");
+ MyObserverPtr obs = make_shared<MyObserver>();
+ ManagerAsync mgr;
+
+ auto saveGetKey = [&](const string& alias, const KeyShPtr& key){
+ static constexpr char PASS[] = "password";
+ mgr.saveKey(obs, alias, key, Policy(PASS));
+ obs->WaitForSuccess();
+ mgr.getKey(obs, alias, PASS);
+ obs->WaitForSuccess();
+ RUNNER_ASSERT_MSG(obs->m_data == key->getDER(), "Received key does not match");
+ };
+
+ saveGetKey("alias_RSA_prv", keys[RSA][0].prv);
+ saveGetKey("alias_RSA_pub", keys[RSA][0].pub);
+ saveGetKey("alias_DSA_prv", keys[DSA][0].prv);
+ saveGetKey("alias_DSA_pub", keys[DSA][0].pub);
+ saveGetKey("alias_ECDSA_prv", keys[ECDSA][0].prv);
+ saveGetKey("alias_ECDSA_pub", keys[ECDSA][0].pub);
+ saveGetKey("alias_AES", keys[AES][0].prv);
}
{
test_positive(&ManagerAsync::saveCertificate,
"alias",
- getTestCertificate(OCSP_AVAILABLE_LEAF),
+ getTestCertificate(TEST_LEAF),
Policy("password"));
test_negative(&ManagerAsync::getCertificate,
CKM_API_ERROR_AUTHENTICATION_FAILED,
RUNNER_TEST(TA0750_get_cert_positive, UserEnv)
{
- test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy("password"));
- test_positive(&ManagerAsync::getCertificate, "alias", "password");
+ MyObserverPtr obs = make_shared<MyObserver>();
+ ManagerAsync mgr;
+
+ static constexpr char PASS[] = "password";
+ static constexpr char ALIAS[] = "alias";
+
+ const auto cert = getTestCertificate(TEST_LEAF);
+
+ mgr.saveCertificate(obs, ALIAS, cert, Policy(PASS));
+ obs->WaitForSuccess();
+ mgr.getCertificate(obs, ALIAS, PASS);
+ obs->WaitForSuccess();
+ RUNNER_ASSERT_MSG(obs->m_data == cert->getDER(), "Received cert does not match");
}
RUNNER_TEST(TA0850_get_data_positive, UserEnv)
{
- test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy("password"));
- test_positive(&ManagerAsync::getData, "alias", "password");
+ MyObserverPtr obs = make_shared<MyObserver>();
+ ManagerAsync mgr;
+
+ static constexpr char PASS[] = "password";
+ static constexpr char ALIAS[] = "alias";
+
+ mgr.saveData(obs, ALIAS, test_buffer, Policy(PASS));
+ obs->WaitForSuccess();
+ mgr.getData(obs, ALIAS, PASS);
+ obs->WaitForSuccess();
+ RUNNER_ASSERT_MSG(obs->m_data == test_buffer, "Received data does not match");
}
RUNNER_TEST(TA1050_get_cert_alias_vector_positive, UserEnv)
{
- test_positive(&ManagerAsync::saveCertificate, "alias1", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
+ test_positive(&ManagerAsync::saveCertificate, "alias1", getTestCertificate(TEST_LEAF), Policy());
test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabelFromSelf("alias1") });
- test_positive(&ManagerAsync::saveCertificate, "alias2", getTestCertificate(OCSP_AVAILABLE_IM), Policy());
+ test_positive(&ManagerAsync::saveCertificate, "alias2", getTestCertificate(TEST_IM_CA), Policy());
test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabelFromSelf("alias1"),
aliasWithLabelFromSelf("alias2") });
// getCertificateChain
RUNNER_TEST(TA1410_get_certificate_chain_invalid_param, UserEnv)
{
- CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
- CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) };
+ CertificateShPtr cert = getTestCertificate(TEST_LEAF);
+ CertificateShPtrVector certv = { getTestCertificate(TEST_IM_CA) };
test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
cert,
certv,
RUNNER_TEST(TA1420_get_certificate_chain_negative, UserEnv)
{
- CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
- CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_LEAF) };
+ CertificateShPtr cert = getTestCertificate(TEST_LEAF);
+ CertificateShPtrVector certv = { getTestCertificate(TEST_LEAF) };
+ CertificateShPtrVector trustedv = { getTestCertificate(TEST_ROOT_CA) };
test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
EMPTY_CERT_VECTOR,
- EMPTY_CERT_VECTOR,
+ trustedv,
true);
test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
certv,
- EMPTY_CERT_VECTOR,
+ trustedv,
true);
AliasVector aliasv = { "alias" };
- test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], certv[0], Policy());
+ AliasVector trusted_aliasv = { "trusted" };
+ test_positive(&ManagerAsync::saveCertificate, trusted_aliasv[0], trustedv[0], Policy());
test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
EMPTY_ALIAS_VECTOR,
- EMPTY_ALIAS_VECTOR,
+ trusted_aliasv,
true);
test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
aliasv,
- EMPTY_ALIAS_VECTOR,
+ trusted_aliasv,
true);
}
RUNNER_TEST(TA1450_get_certificate_chain_positive, UserEnv)
{
- CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
- CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) };
+ CertificateShPtr cert = getTestCertificate(TEST_LEAF);
+ CertificateShPtrVector certv = { getTestCertificate(TEST_IM_CA) };
+ CertificateShPtrVector trustedv = { getTestCertificate(TEST_ROOT_CA) };
test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
3,
cert,
certv,
- EMPTY_CERT_VECTOR,
- true);
+ trustedv,
+ false);
AliasVector aliasv = { "alias" };
- test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(OCSP_AVAILABLE_IM), Policy());
+ AliasVector trusted_aliasv = { "trusted" };
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], certv[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, trusted_aliasv[0], trustedv[0], Policy());
test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
3,
cert,
aliasv,
- EMPTY_ALIAS_VECTOR,
- true);
+ trusted_aliasv,
+ false);
}
RUNNER_TEST(TA1720_ocsp_check_negative, UserEnv)
{
- CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_LEAF), getTestCertificate(OCSP_AVAILABLE_LEAF) };
+ CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM), getTestCertificate(OCSP_AVAILABLE_IM) };
auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
RUNNER_TEST(TA1750_ocsp_check_positive, UserEnv)
{
- CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
- CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) };
+ CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_IM);
+ CertificateShPtrVector certv;
auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
cert,
certv,
auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
- "Verification failed. Error: " << obs->m_ocspStatus);
+ "Verification failed. Error: " << obs2->m_ocspStatus);
}
// setPermission
projects / platform / core / test / security-tests.git / blobdiff