#include <dpl/log/log.h>
-static const int USER_APP = 5000;
-static const int GROUP_APP = 5000;
-static const int USER_TEST = 5001;
+namespace {
+const int USER_APP = 5000;
+const int GROUP_APP = 5000;
+const int USER_TEST = 5001;
+
+const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
+const CKM::AliasVector EMPTY_ALIAS_VECTOR;
+} // namespace anonymous
/*
* How to numerate tests:
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(
- CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "simple-password")),
+ CKM_API_SUCCESS == (temp = control->removeUserData(14)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(14)),
"Error=" << CKM::ErrorToString(temp));
}
"Error=" << CKM::ErrorToString(temp));
}
+RUNNER_TEST(T0016_Control_negative_wrong_password)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(20)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
RUNNER_TEST(T1010_init)
RUNNER_ASSERT_MSG(
buffer == buffer2,
"Data corrupted");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
+ "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
}
RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
"Error=" << CKM::ErrorToString(temp));
}
-RUNNER_TEST(T1039_deinit)
+RUNNER_TEST(T1034_getData_wrong_password)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData1 = "My bin data4";
+
+ CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ buffer == buffer1,
+ "Data corrupted");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1035_deinit)
{
int temp;
auto control = CKM::Control::create();
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
"Wrong size of certificate chain.");
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
3 == certChain.size(),
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
aliasVector.push_back(full_address);
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
3 == certChain.size(),
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
"Wrong size of certificate chain.");
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
3 == certChain.size(),
"Error=" << CKM::ErrorToString(temp));
}
+RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
+
RUNNER_TEST(T14180_init)
{
int temp;
"Error=" << CKM::ErrorToString(temp));
}
-// MJK TODO: to be uncommented once custom CA root can be provided to the CKM
-/*
RUNNER_TEST(T1810_verify_get_certificate_chain)
{
// this certificate has been signed using PKCS chain
RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert,
+ EMPTY_ALIAS_VECTOR,
+ EMPTY_ALIAS_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
RUNNER_ASSERT_MSG(
0 == certChain.size(),
aliasVector.push_back(alias_PKCS_exportable);
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
+ tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
+ // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
RUNNER_ASSERT_MSG(
- 3 == certChain.size(),
- "Wrong size of certificate chain.");
-}*/
+ 4 == certChain.size(),
+ "Wrong size of certificate chain: " << certChain.size());
+}
RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
{
"Error=" << CKM::ErrorToString(tmp));
}
-RUNNER_TEST(T1812_deinit)
+RUNNER_TEST(T1812_get_pkcs12_password_tests)
+{
+ CKM::Alias alias = "t1812alias1";
+
+ auto manager = CKM::Manager::create();
+ std::ifstream is("/usr/share/ckm-test/pkcs.p12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::PKCS12ShPtr pkcs12;
+ CKM::Password pass1 = "easypass1";
+ CKM::Password pass2 = "easypass2";
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::CertificateShPtr cert;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::CertificateShPtrVector certChain;
+ CKM::AliasVector certVect;
+ certVect.push_back(alias);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1813_deinit)
{
int temp;
auto control = CKM::Control::create();
projects / platform / core / test / security-tests.git / blobdiff