#include <dpl/log/log.h>
#include <tests_common.h>
+#include <test-certs.h>
#include <ckm-common.h>
using namespace CKM;
using namespace std;
+using namespace TestData;
namespace {
}
KeyMap keys = initializeKeys();
-
-CertificateShPtr createCert(const std::string& cert) {
- RawBuffer buffer_cert(cert.begin(), cert.end());
- CertificateShPtr cptr = Certificate::create(buffer_cert, DataFormat::FORM_PEM);
- assert(cptr);
- return cptr;
-}
-
typedef vector<CertificateShPtr> CertVector;
-CertVector initializeCerts()
-{
- CertVector cv;
- cv.emplace_back(createCert(
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n"
- ));
-
- cv.emplace_back(createCert(
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
- "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
- "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
- "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
- "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
- "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
- "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
- "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
- "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
- "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
- "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
- "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
- "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
- "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
- "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
- "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
- "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
- "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
- "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
- "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
- "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
- "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
- "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
- "-----END CERTIFICATE-----\n"
- ));
- return cv;
-}
-
-CertVector certs = initializeCerts();
-
const RawBuffer raw_buffer(const char* buffer)
{
return RawBuffer(buffer, buffer + strlen(buffer));
int temp;
ControlShPtr control = Control::create();
RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
- "Error=" << ErrorToString(temp));
+ "Error=" << ErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(APP_UID, TEST_PASS)),
+ "Error=" << ErrorToString(temp));
}
// saveKey
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
test_negative(&ManagerAsync::saveCertificate,
CKM_API_ERROR_DB_ALIAS_EXISTS,
dbc.alias("alias"),
- certs[0],
+ getTestCertificate(MBANK),
Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
}
DBCleanup dbc;
test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
test_negative(&ManagerAsync::getKey,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias"),
"wrong-password");
}
DBCleanup dbc;
test_positive(&ManagerAsync::saveCertificate,
dbc.alias("alias"),
- certs[0],
+ getTestCertificate(MBANK),
Policy("password"));
test_negative(&ManagerAsync::getCertificate,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias"),
"wrong-password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy("password"));
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy("password"));
test_positive(&ManagerAsync::getCertificate, dbc.alias("alias"), "password");
}
DBCleanup dbc;
test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
test_negative(&ManagerAsync::getData,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias"),
"wrong-password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), getTestCertificate(MBANK), Policy());
test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), certs[1], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), getTestCertificate(SYMANTEC), Policy());
test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
{
switch_to_storage_user(TEST_LABEL);
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[1] };
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
cert,
certv,
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[0] };
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(MBANK) };
test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
EMPTY_CERT_VECTOR,
true);
AliasVector aliasv = { dbc.alias("alias") };
- test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(MBANK), Policy());
test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[1] };
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
3,
cert,
true);
AliasVector aliasv = { dbc.alias("alias") };
- test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[1], Policy());
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(SYMANTEC), Policy());
test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
3,
cert,
RSAPaddingAlgorithm::PKCS1);
test_negative(&ManagerAsync::verifySignature,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias_pub"),
"wrong-password",
test_buffer,
switch_to_storage_ocsp_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtrVector certv = { certs[0], certs[0] };
+ CertificateShPtrVector certv = { getTestCertificate(MBANK), getTestCertificate(MBANK) };
auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
RUNNER_CHILD_TEST(TA1750_ocsp_check_positive)
{
- RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
switch_to_storage_ocsp_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[1] };
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
cert,
certv,
memcpy(buffer.data(), buff.data(), buff.size());
auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
- RUNNER_ASSERT_MSG_BT(
+ RUNNER_ASSERT_MSG(
NULL != pkcs.get(),
"Error in PKCS12::create()");
auto cert = pkcs->getCertificate();
- RUNNER_ASSERT_MSG_BT(
+ RUNNER_ASSERT_MSG(
NULL != cert.get(),
"Error in PKCS12::getCertificate()");
auto key = pkcs->getKey();
- RUNNER_ASSERT_MSG_BT(
+ RUNNER_ASSERT_MSG(
NULL != key.get(),
"Error in PKCS12::getKey()");
auto caVector = pkcs->getCaCertificateShPtrVector();
- RUNNER_ASSERT_MSG_BT(
+ RUNNER_ASSERT_MSG(
2 == caVector.size(),
"Wrong size of vector");
// save to the CKM
- int tmp;
CKM::Policy exportable;
CKM::Policy notExportable(CKM::Password(), false);
RUNNER_TEST(TA2010_PKCS_get)
{
DBCleanup dbc;
- int temp;
auto manager = CKM::Manager::create();
// fail - no entry
test_negative(&ManagerAsync::getPKCS12,
CKM_API_ERROR_DB_ALIAS_UNKNOWN,
- "i-do-not-exist");
+ "i-do-not-exist",
+ CKM::Password(),
+ CKM::Password());
// fail - not exportable
test_negative(&ManagerAsync::getPKCS12,
CKM_API_ERROR_NOT_EXPORTABLE,
- dbc.alias(alias_PKCS_not_exportable.c_str()));
+ dbc.alias(alias_PKCS_not_exportable.c_str()),
+ CKM::Password(),
+ CKM::Password());
// success - exportable
auto obs = test_positive(&ManagerAsync::getPKCS12,
- dbc.alias(alias_PKCS_exportable.c_str()));
+ dbc.alias(alias_PKCS_exportable.c_str()),
+ CKM::Password(),
+ CKM::Password());
auto cert = obs->m_pkcs->getCertificate();
- RUNNER_ASSERT_MSG_BT(
+ RUNNER_ASSERT_MSG(
NULL != cert.get(),
"Error in PKCS12::getCertificate()");
auto key = obs->m_pkcs->getKey();
- RUNNER_ASSERT_MSG_BT(
+ RUNNER_ASSERT_MSG(
NULL != key.get(),
"Error in PKCS12::getKey()");
auto caVector = obs->m_pkcs->getCaCertificateShPtrVector();
- RUNNER_ASSERT_MSG_BT(
+ RUNNER_ASSERT_MSG(
2 == caVector.size(),
"Wrong size of vector");
}
projects / platform / core / test / security-tests.git / blobdiff