#include <ckm/ckm-control.h>
#include <ckm/ckm-raw-buffer.h>
+#include <fstream>
+
#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>
#include <dpl/log/log.h>
#include <tests_common.h>
+#include <test-certs.h>
#include <ckm-common.h>
using namespace CKM;
using namespace std;
+using namespace TestData;
namespace {
const char* TEST_LABEL = "test_label";
+const CertificateShPtrVector EMPTY_CERT_VECTOR;
+const AliasVector EMPTY_ALIAS_VECTOR;
class MyObserver: public ManagerAsync::Observer
{
void ReceivedSaveKey() { Succeeded(); }
void ReceivedSaveCertificate() { Succeeded(); }
void ReceivedSaveData() { Succeeded(); }
+ void ReceivedSavePKCS12() { Succeeded(); }
void ReceivedRemovedAlias() { Succeeded(); }
void ReceivedKey(Key &&) { Succeeded(); }
void ReceivedCertificate(Certificate &&) { Succeeded(); }
void ReceivedData(RawBuffer &&) { Succeeded(); }
+ void ReceivedPKCS12(PKCS12ShPtr && pkcs) { m_pkcs = pkcs; Succeeded(); }
void ReceivedKeyAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
void ReceivedCertificateAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
void ReceivedVerifySignature() { Succeeded(); }
+
void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
void ReceivedSetPermission() { Succeeded(); }
-
void WaitForResponse()
{
unique_lock < mutex > lock(m_mutex);
int m_error;
AliasVector m_aliases;
CertificateShPtrVector m_certChain;
+ PKCS12ShPtr m_pkcs;
RawBuffer m_signed;
int m_ocspStatus;
}
KeyMap keys = initializeKeys();
-
-CertificateShPtr createCert(const std::string& cert) {
- RawBuffer buffer_cert(cert.begin(), cert.end());
- CertificateShPtr cptr = Certificate::create(buffer_cert, DataFormat::FORM_PEM);
- assert(cptr);
- return cptr;
-}
-
typedef vector<CertificateShPtr> CertVector;
-CertVector initializeCerts()
-{
- CertVector cv;
- cv.emplace_back(createCert(
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n"
- ));
-
- cv.emplace_back(createCert(
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
- "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
- "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
- "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
- "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
- "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
- "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
- "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
- "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
- "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
- "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
- "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
- "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
- "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
- "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
- "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
- "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
- "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
- "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
- "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
- "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
- "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
- "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
- "-----END CERTIFICATE-----\n"
- ));
- return cv;
-}
-
-CertVector certs = initializeCerts();
-
const RawBuffer raw_buffer(const char* buffer)
{
return RawBuffer(buffer, buffer + strlen(buffer));
typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
const CertificateShPtr&,
- const CertificateShPtrVector&);
+ const CertificateShPtrVector&,
+ const CertificateShPtrVector&,
+ bool);
typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
const CertificateShPtr&,
- const AliasVector&);
+ const AliasVector&,
+ const AliasVector&,
+ bool);
} // namespace anonymous
int temp;
ControlShPtr control = Control::create();
RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
- "Error=" << ErrorToString(temp));
+ "Error=" << ErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(APP_UID, TEST_PASS)),
+ "Error=" << ErrorToString(temp));
}
// saveKey
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
test_negative(&ManagerAsync::saveCertificate,
CKM_API_ERROR_DB_ALIAS_EXISTS,
dbc.alias("alias"),
- certs[0],
+ getTestCertificate(MBANK),
Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
}
DBCleanup dbc;
test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
test_negative(&ManagerAsync::getKey,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias"),
"wrong-password");
}
DBCleanup dbc;
test_positive(&ManagerAsync::saveCertificate,
dbc.alias("alias"),
- certs[0],
+ getTestCertificate(MBANK),
Policy("password"));
test_negative(&ManagerAsync::getCertificate,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias"),
"wrong-password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), certs[0], Policy("password"));
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy("password"));
test_positive(&ManagerAsync::getCertificate, dbc.alias("alias"), "password");
}
DBCleanup dbc;
test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
test_negative(&ManagerAsync::getData,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias"),
"wrong-password");
}
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), getTestCertificate(MBANK), Policy());
test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
- test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), certs[1], Policy());
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), getTestCertificate(SYMANTEC), Policy());
test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
{
switch_to_storage_user(TEST_LABEL);
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[1] };
- test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain, cert, certv);
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
+ test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
CertificateShPtr(),
- certv);
- test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
- cert,
- CertificateShPtrVector());
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
Alias alias = "alias";
AliasVector aliasv = { alias };
- test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain, cert, aliasv);
+ test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
CertificateShPtr(),
- aliasv);
- test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain, cert, AliasVector());
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
}
RUNNER_CHILD_TEST(TA1420_get_certificate_chain_negative)
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[0] };
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(MBANK) };
+ test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true);
test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
- certv);
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
AliasVector aliasv = { dbc.alias("alias") };
- test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[0], Policy());
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(MBANK), Policy());
test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
CKM_API_ERROR_VERIFICATION_FAILED,
cert,
- aliasv);
+ EMPTY_ALIAS_VECTOR,
+ EMPTY_ALIAS_VECTOR,
+ true);
+ test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
}
RUNNER_CHILD_TEST(TA1450_get_certificate_chain_positive)
switch_to_storage_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[1] };
- test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain, 3, cert, certv);
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
+ test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
+ 3,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
AliasVector aliasv = { dbc.alias("alias") };
- test_positive(&ManagerAsync::saveCertificate, aliasv[0], certs[1], Policy());
- test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain, 3, cert, aliasv);
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(SYMANTEC), Policy());
+ test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
+ 3,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
}
RSAPaddingAlgorithm::PKCS1);
test_negative(&ManagerAsync::verifySignature,
- CKM_API_ERROR_SERVER_ERROR,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
dbc.alias("alias_pub"),
"wrong-password",
test_buffer,
// ocspCheck
RUNNER_CHILD_TEST(TA1710_ocsp_check_invalid_param)
{
- test_no_observer(&ManagerAsync::ocspCheck, CertificateShPtrVector());
- test_invalid_param(&ManagerAsync::ocspCheck, CertificateShPtrVector());
+ test_no_observer(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
+ test_invalid_param(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
}
RUNNER_CHILD_TEST(TA1720_ocsp_check_negative)
switch_to_storage_ocsp_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtrVector certv = { certs[0], certs[0] };
+ CertificateShPtrVector certv = { getTestCertificate(MBANK), getTestCertificate(MBANK) };
auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
RUNNER_CHILD_TEST(TA1750_ocsp_check_positive)
{
- RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
switch_to_storage_ocsp_user(TEST_LABEL);
DBCleanup dbc;
- CertificateShPtr cert = certs[0];
- CertificateShPtrVector certv = { certs[1] };
- auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain, cert, certv);
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
+ auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
}
}
+namespace
+{
+CKM::Alias alias_PKCS_exportable = "async-test-PKCS-export";
+CKM::Alias alias_PKCS_not_exportable = "async-test-PKCS-no-export";
+}
+
+RUNNER_TEST(TA2000_PKCS_add_bundle_with_chain_certs)
+{
+ DBCleanup dbc;
+ auto manager = CKM::Manager::create();
+ std::ifstream is("/usr/share/ckm-test/pkcs.p12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ auto cert = pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 2 == caVector.size(),
+ "Wrong size of vector");
+
+ // save to the CKM
+ CKM::Policy exportable;
+ CKM::Policy notExportable(CKM::Password(), false);
+
+ test_positive(&ManagerAsync::savePKCS12,
+ alias_PKCS_exportable,
+ pkcs,
+ exportable,
+ exportable);
+ test_negative(&ManagerAsync::savePKCS12,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ alias_PKCS_exportable,
+ pkcs,
+ exportable,
+ exportable);
+
+ test_positive(&ManagerAsync::savePKCS12,
+ alias_PKCS_not_exportable,
+ pkcs,
+ notExportable,
+ notExportable);
+ test_negative(&ManagerAsync::savePKCS12,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ alias_PKCS_not_exportable,
+ pkcs,
+ notExportable,
+ notExportable);
+}
+
+RUNNER_TEST(TA2010_PKCS_get)
+{
+ DBCleanup dbc;
+ auto manager = CKM::Manager::create();
+
+ // fail - no entry
+ test_negative(&ManagerAsync::getPKCS12,
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN,
+ "i-do-not-exist",
+ CKM::Password(),
+ CKM::Password());
+
+
+ // fail - not exportable
+ test_negative(&ManagerAsync::getPKCS12,
+ CKM_API_ERROR_NOT_EXPORTABLE,
+ dbc.alias(alias_PKCS_not_exportable.c_str()),
+ CKM::Password(),
+ CKM::Password());
+
+ // success - exportable
+ auto obs = test_positive(&ManagerAsync::getPKCS12,
+ dbc.alias(alias_PKCS_exportable.c_str()),
+ CKM::Password(),
+ CKM::Password());
+
+ auto cert = obs->m_pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = obs->m_pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = obs->m_pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 2 == caVector.size(),
+ "Wrong size of vector");
+}
+
RUNNER_TEST(TA9999_deinit)
{
int temp;
projects / platform / core / test / security-tests.git / blobdiff