--- /dev/null
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+
+#include <tests_common.h>
+#include <access_provider.h>
+
+#include <ckm/ckm-manager.h>
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-type.h>
+
+#include <ckmc/ckmc-manager.h>
+#include <ckmc/ckmc-control.h>
+#include <ckmc/ckmc-type.h>
+#include <ckmc/ckmc-error.h>
+
+#include <string>
+#include <string.h>
+#include <stdio.h>
+#include <stddef.h>
+#include <stdlib.h>
+
+static const int USER_APP = 5000;
+static const int GROUP_APP = 5000;
+
+RUNNER_TEST_GROUP_INIT (T201_CKMC_CONTROL_C_API);
+
+RUNNER_TEST(T2011_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2012_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2013_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2014_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(14, "simple-password")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2015_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(20, "test-pass")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_change_user_password(20, "test-pass", "new-pass")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(TT2016_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST_GROUP_INIT (T202_CKMC_QUICK_SET_GET_TESTS_C_API);
+
+RUNNER_TEST(T2021_init_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2022_key_C_API)
+{
+ int temp;
+
+ ckmc_key_s test_key, *test_key2;
+ ckmc_policy_s test_policy;
+
+ char* password = NULL;
+ char alias[10] = "mykey";
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ test_key2 = &test_key;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
+ "Error=" << temp);
+
+ // int compareResult;
+ // compareResult = (strcmp((const char *)test_key.raw_key, (const char *)test_key2->raw_key));
+ // printf("compare !! %s \n compare 2 !! = %s\n",test_key.raw_key, test_key2->raw_key);
+ //
+ // RUNNER_ASSERT_MSG(
+ // compareResult == 0,
+ // "Key modified");
+}
+
+RUNNER_TEST(T2023_certificate_C_API)
+{
+ int temp;
+
+ std::string certPem = "-----BEGIN CERTIFICATE-----\n"
+ "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
+ "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
+ "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
+ "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
+ "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
+ "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
+ "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
+ "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
+ "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
+ "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
+ "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
+ "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
+ "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
+ "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
+ "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
+ "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
+ "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
+ "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
+ "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
+ "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
+ "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
+ "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
+ "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
+ "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
+ "rHva8A==\n"
+ "-----END CERTIFICATE-----\n";
+
+ char* password = NULL;
+ ckmc_cert_s *cert2;
+ ckmc_cert_s cert;
+
+ ckmc_policy_s test_policy;
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ char* char_certPem = new char[certPem.length() + 1];
+ std::strcpy(char_certPem, certPem.c_str());
+ cert.raw_cert = (unsigned char *)char_certPem;
+ cert.cert_size = certPem.length();
+ cert.data_format = CKMC_FORM_PEM;
+
+ char alias[10] = "myCert";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ "Error=" << temp);
+
+ // int compareResult;
+ // printf("compare !! %s \n compare 2 !!\n\n %s",cert.raw_cert, cert2->raw_cert);
+ // compareResult = (strcmp((const char *)cert.raw_cert, (const char *)cert2->raw_cert));
+ //
+ // RUNNER_ASSERT_MSG(
+ // compareResult == 0,
+ // "Cert modified");
+}
+
+RUNNER_TEST(T2024_certificate_remove_C_API)
+{
+ int temp;
+
+ char* password = NULL;
+ ckmc_cert_s *cert2;
+ char alias[10] = "myCert";
+
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias, password, &cert2)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2025_certificate_list_C_API)
+{
+ int temp;
+
+ std::string certPem = "-----BEGIN CERTIFICATE-----\n"
+ "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
+ "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
+ "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
+ "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
+ "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
+ "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
+ "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
+ "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
+ "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
+ "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
+ "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
+ "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
+ "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
+ "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
+ "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
+ "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
+ "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
+ "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
+ "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
+ "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
+ "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
+ "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
+ "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
+ "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
+ "rHva8A==\n"
+ "-----END CERTIFICATE-----\n";
+
+ char* password = NULL;
+ ckmc_cert_s cert;
+
+ ckmc_policy_s test_policy;
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ char* char_certPem = new char[certPem.length() + 1];
+ std::strcpy(char_certPem, certPem.c_str());
+ cert.raw_cert = (unsigned char *)char_certPem;
+ cert.cert_size = certPem.length();
+ cert.data_format = CKMC_FORM_PEM;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
+ "Error=" << temp);
+
+ ckmc_alias_list_s *aliasList;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert_alias_list(&aliasList)),
+ "Error=" << temp);
+
+ ckmc_alias_list_s *plist = aliasList;
+ int count_list;
+ count_list = 1;
+
+ while(plist && plist->next!=NULL) {
+ plist = plist->next;
+ count_list +=1;
+ }
+
+ RUNNER_ASSERT_MSG( count_list == 3,
+ "Wrong size of list: " << count_list << " Expected: 3");
+}
+
+
+RUNNER_CHILD_TEST(T2026_user_app_save_key_C_API)
+{
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ int temp;
+
+ ckmc_key_s test_key, *test_key2;
+ ckmc_policy_s test_policy;
+
+ char* password = NULL;
+ char passwordPolicy[3] = "x";
+ char alias[10] = "mykey";
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = passwordPolicy;
+ test_policy.extractable = 1;
+
+ test_key2 = &test_key;
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
+ "Error=" << temp);
+
+ // RUNNER_ASSERT_MSG(
+ // key.getDER() == key2.getDER(), "Key value has been changed by service");
+}
+
+RUNNER_CHILD_TEST(T2027_app_user_save_keys_exportable_flag)
+{
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ ckmc_policy_s test_policy;
+ ckmc_key_s test_key, *test_key2;
+ char* char_keypem = new char[keyPem.length() + 1];
+ char* password = NULL;
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = password;
+ test_policy.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2028_deinit_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+}
+
+
+RUNNER_TEST_GROUP_INIT (T2030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
+
+RUNNER_TEST(T2031_init_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2032_save_keys_get_alias_C_API)
+{
+ int temp;
+
+ char* password = NULL;
+ ckmc_policy_s test_policy1, test_policy2, test_policy3;
+ ckmc_key_s test_key;
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+ ckmc_alias_list_s *aliasList;
+
+ test_policy1.password = password;
+ test_policy1.extractable = 1;
+
+ test_policy2.password = password;
+ test_policy2.extractable = 0;
+
+ test_policy3.password = password;
+ test_policy3.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key_alias_list(&aliasList)),
+ "Error=" << temp);
+
+ ckmc_alias_list_s *plist = aliasList;
+ int count_list;
+ count_list = 1;
+
+ while(plist && plist->next!=NULL) {
+ plist = plist->next;
+ count_list +=1;
+ }
+
+ RUNNER_ASSERT_MSG( count_list == 3,
+ "Wrong size of list: " << count_list << " Expected: 3");
+}
+
+
+RUNNER_TEST(T2033_remove_key_C_API)
+{
+ int temp;
+
+ char* password = NULL;
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ ckmc_key_s *test_key2;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2034_deinit_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST_GROUP_INIT (T2040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
+
+RUNNER_TEST(T2041_init_C_API)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2042_save_get_bin_data_C_API)
+{
+ int temp;
+
+ ckmc_raw_buffer_s testData1, testData2, testData3;
+ char* password = NULL;
+
+ std::string binData1 = "My bin data1";
+ std::string binData2 = "My bin data2";
+ std::string binData3 = "My bin data3";
+ char* char_binData1 = new char[binData1.length() + 1];
+ char* char_binData2 = new char[binData2.length() + 1];
+ char* char_binData3 = new char[binData3.length() + 1];
+ std::strcpy(char_binData1, binData1.c_str());
+ std::strcpy(char_binData2, binData2.c_str());
+ std::strcpy(char_binData3, binData3.c_str());
+ testData1.data = (unsigned char *) char_binData1;
+ testData2.data = (unsigned char *) char_binData2;
+ testData3.data = (unsigned char *) char_binData3;
+ testData1.size = binData1.length()+1;
+ testData2.size = binData2.length()+1;
+ testData3.size = binData3.length()+1;
+
+ ckmc_policy_s test_policy1, test_policy2, test_policy3;
+
+ test_policy1.password = password;
+ test_policy1.extractable = 1;
+ test_policy2.password = password;
+ test_policy2.extractable = 1;
+ test_policy3.password = password;
+ test_policy3.extractable = 0;
+
+ ckmc_alias_list_s *aliasList;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_data_alias_list(&aliasList)),
+ "Error=" << temp);
+
+ ckmc_alias_list_s *plist = aliasList;
+ int count_list;
+ count_list = 1;
+
+ while(plist && plist->next!=NULL) {
+ plist = plist->next;
+ count_list +=1;
+ }
+
+ RUNNER_ASSERT_MSG( count_list == 3,
+ "Wrong size of list: " << count_list << " Expected: 3");
+
+ ckmc_raw_buffer_s *testData4;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
+ "Error=" << temp);
+
+ int compareResult;
+ compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
+ RUNNER_ASSERT_MSG( compareResult == 0,
+ "Data corrupted");
+}
+
+RUNNER_CHILD_TEST(T2043_app_user_save_bin_data_C_API)
+{
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ ckmc_raw_buffer_s testData1;
+ char* password = NULL;
+ std::string binData1 = "My bin data";
+ char* char_binData1 = new char[binData1.length() + 1];
+ std::strcpy(char_binData1, binData1.c_str());
+ testData1.data = (unsigned char *) char_binData1;
+ testData1.size = binData1.length()+1;
+
+ ckmc_policy_s test_policy1, test_policy2;
+
+ test_policy1.password = password;
+ test_policy1.extractable = 1;
+
+ test_policy2.password = password;
+ test_policy2.extractable = 1;
+
+ std::string binData = "My bin data";
+
+ ckmc_alias_list_s *aliasList;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_data_alias_list(&aliasList)),
+ "Error=" << temp);
+
+ ckmc_alias_list_s *plist = aliasList;
+
+ int count_list;
+ count_list = 1;
+
+ while(plist && plist->next!=NULL) {
+ plist = plist->next;
+ count_list +=1;
+ }
+
+ RUNNER_ASSERT_MSG( count_list == 3,
+ "Wrong size of list: " << count_list << " Expected: 3");
+}
+
+RUNNER_TEST(T2044_remove_bin_data_C_API)
+{
+ int temp;
+
+ ckmc_alias_list_s *aliasList;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_data_alias_list(&aliasList)),
+ "Error=" << temp);
+
+ ckmc_alias_list_s *plist = aliasList;
+ int count_list;
+ count_list = 1;
+
+ while(plist && plist->next!=NULL) {
+ plist = plist->next;
+ count_list +=1;
+ }
+
+ RUNNER_ASSERT_MSG(
+ count_list == 1,
+ "Wrong size of list: " << count_list << " Expected: 1");
+ char* password = NULL;
+
+ ckmc_raw_buffer_s *testData1, testData2;
+
+ std::string testStr = "My bin data2";
+ char* char_testData2 = new char[testStr.length() + 1];
+ std::strcpy(char_testData2, testStr.c_str());
+ testData2.data = (unsigned char *) char_testData2;
+ testData2.size = testStr.length()+1;
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
+ "Error=" << temp);
+
+ int compareResult;
+ compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
+ RUNNER_ASSERT_MSG( compareResult == 0,
+ "Data corrupted");
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2045_deinit_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST_GROUP_INIT(T205_CKMC_QUICK_CREATE_PAIR_CAPI);
+
+RUNNER_TEST(T2051_CAPI_init)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
+ "Error=" << temp);
+}
+
+RUNNER_CHILD_TEST(T2052_CAPI_create_rsa_key)
+{
+ int temp;
+
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ size_t size = 2048;
+ const char *private_key_alias = "PRV_KEY1";
+ const char *public_key_alias = "PUB_KEY1";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = NULL;
+ policy_private_key.extractable = 1;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ "Error=" << temp);
+
+ ckmc_key_s *privateKey;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
+ "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
+ RUNNER_ASSERT_MSG(
+ privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
+ "Error=" << temp);
+
+ ckmc_key_s *publicKey;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
+ "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
+ RUNNER_ASSERT_MSG(
+ publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
+ "Error=" << temp);
+
+ ckmc_alias_list_s *alias_list;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key_alias_list(&alias_list)),
+ "Error=" << temp);
+ int cnt = 0;
+ ckmc_alias_list_s *current;
+ ckmc_alias_list_s *next =alias_list;
+ do{
+ current = next;
+ next = current->next;
+ cnt ++;
+ }while(next != NULL);
+ RUNNER_ASSERT_MSG(cnt == 2, "Error=Invalid Key Number");
+}
+
+RUNNER_TEST(T2053_CAPI_deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+}
+
+
+RUNNER_TEST_GROUP_INIT(T206_CKMC_CAPI_CreateKeyPairRSA);
+
+RUNNER_TEST(T2061_CAPI_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2062_CAPI_CreateKeyPairRSA)
+{
+ int temp;
+
+ size_t size = 1024;
+ const char *private_key_alias = "rsa-test-1";
+ const char *public_key_alias = "rsa-test-2";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = const_cast<char *>("privatepassword");
+ policy_private_key.extractable = 0;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ "Error=" << temp);
+
+ sleep(1);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ "Error=" << temp << ", ret=" << temp);
+}
+
+RUNNER_TEST(T2063_CAPI_CreateKeyPairECDSA)
+{
+ int temp;
+
+ ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
+ const char *private_key_alias = "ecdsa-test-1";
+ const char *public_key_alias = "ecdsa-test-2";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = const_cast<char *>("privatepassword");
+ policy_private_key.extractable = 0;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2064_CAPI_deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+}
+
+// TODO
+//RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
+
+
+
+RUNNER_TEST_GROUP_INIT(T207_CKMC_CAPI_QUICK_SET_GET_TESTS);
+
+RUNNER_TEST(T2071_CAPI_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2072_CAPI_get_chain)
+{
+ std::string ee =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
+ "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
+ "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
+ "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
+ "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
+ "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
+ "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
+ "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
+ "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
+ "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
+ "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
+ "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
+ "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
+ "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
+ "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
+ "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
+ "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
+ "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
+ "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
+ "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
+ "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
+ "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
+ "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
+ "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
+ "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
+ "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
+ "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
+ "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
+ "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
+ "oFXtrg0=\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string im =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
+ "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
+ "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
+ "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
+ "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
+ "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
+ "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
+ "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
+ "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
+ "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
+ "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
+ "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
+ "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
+ "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
+ "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
+ "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
+ "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
+ "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
+ "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
+ "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
+ "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
+ "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
+ "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
+ "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
+ "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
+ "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
+ "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
+ "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
+ "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
+ "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
+ "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
+ "-----END CERTIFICATE-----\n";
+
+ ckmc_cert_s c_cert;
+ c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
+ c_cert.cert_size = ee.size();
+ c_cert.data_format = CKMC_FORM_PEM;
+
+ ckmc_cert_s c_cert1;
+ c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
+ c_cert1.cert_size = im.size();
+ c_cert1.data_format = CKMC_FORM_PEM;
+
+ ckmc_cert_list_s untrustedcerts;
+ untrustedcerts.cert = &c_cert1;
+ untrustedcerts.next = NULL;
+
+ ckmc_cert_list_s *cert_chain_list;
+
+ int tmp;
+
+ tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == tmp, "Error=" << CKM::ErrorToString(tmp));
+
+ int cnt = 0;
+ ckmc_cert_list_s *current;
+ ckmc_cert_list_s *next =cert_chain_list;
+ do{
+ current = next;
+ next = current->next;
+ cnt ++;
+ }while(next != NULL);
+ RUNNER_ASSERT_MSG(cnt == 3, "Wrong size of certificate chain.");
+
+ ckmc_cert_list_s *cert_chain_list2 = NULL;
+ ckmc_cert_list_s *untrustedcerts2 = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (tmp = ckmc_get_cert_chain(&c_cert, untrustedcerts2, &cert_chain_list2)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ cert_chain_list2 == NULL,
+ "Wrong size of certificate chain.");
+}
+
+RUNNER_TEST(T2073_CAPI_deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+}
+
+
+RUNNER_TEST_GROUP_INIT(T208_CAPI_CREATE_AND_VERIFY_SIGNATURE);
+
+RUNNER_TEST(T2081_CAPI__init)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2082_CAPI__rsa_key_create_verify)
+{
+ int temp;
+
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "Proc-Type: 4,ENCRYPTED\n"
+ "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
+ "\n"
+ "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
+ "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
+ "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
+ "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
+ "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
+ "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
+ "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
+ "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
+ "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
+ "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
+ "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
+ "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
+ "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
+ "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
+ "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
+ "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
+ "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
+ "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
+ "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
+ "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
+ "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
+ "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
+ "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
+ "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
+ "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----\n";
+
+ std::string message = "message test";
+ ckmc_raw_buffer_s msg_buff;
+ msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
+ msg_buff.size = message.size();
+
+ const char *pub_alias = "pub1";
+ const char *pri_alias = "prv1";
+ char *key_passwd = (char *) "1234";
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_key_s pubkey;
+ pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ pubkey.key_size = pub.size();
+ pubkey.key_type = CKMC_KEY_NONE;
+ pubkey.password = NULL;
+
+ ckmc_policy_s pubpolicy;
+ pubpolicy.password = pub_passwd;
+ pubpolicy.extractable = 0;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = key_passwd;
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+
+}
+
+RUNNER_TEST(T2083_CAPI__rsa_key_create_verify_negative)
+{
+ int temp;
+ std::string message = "message asdfaslkdfjlksadjf test";
+
+ ckmc_raw_buffer_s msg_buff;
+ msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
+ msg_buff.size = message.size();
+
+ const char *pub_alias = "pub1";
+ const char *pri_alias = "prv1";
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2084_CAPI__ec_key_create_verify)
+{
+ int temp;
+
+ std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
+ "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
+ "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
+ "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
+ "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END PUBLIC KEY-----\n";
+
+ std::string message = "message test";
+
+ ckmc_raw_buffer_s msg_buff;
+ msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
+ msg_buff.size = message.size();
+
+ const char *pri_alias = "ecprv2";
+ const char *pub_alias = "ecpub2";
+ char *key_passwd = NULL;
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_key_s pubkey;
+ pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ pubkey.key_size = pub.size();
+ pubkey.key_type = CKMC_KEY_NONE;
+ pubkey.password = NULL;
+
+ ckmc_policy_s pubpolicy;
+ pubpolicy.password = pub_passwd;
+ pubpolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = key_passwd;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = (char *)pri_passwd;
+ pripolicy.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2085_CAPI__rsa_cert_create_verify_signature)
+{
+ int temp;
+
+ std::string prv =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
+ "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
+ "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
+ "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
+ "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
+ "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
+ "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
+ "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
+ "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
+ "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
+ "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
+ "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
+ "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
+ "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
+ "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
+ "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
+ "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
+ "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
+ "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
+ "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
+ "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
+ "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
+ "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
+ "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
+ "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
+ "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string message = "message test";
+
+ ckmc_raw_buffer_s msg_buff;
+ msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
+ msg_buff.size = message.size();
+
+ const char *pri_alias = "prv3";
+ const char *pub_alias = "pub3";
+ char *key_passwd = NULL;
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_cert_s cert;
+ cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ cert.cert_size = pub.size();
+ cert.data_format = CKMC_FORM_PEM;
+
+ ckmc_policy_s certpolicy;
+ certpolicy.password = pub_passwd;
+ certpolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = key_passwd;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ "Error=" << temp);
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2086_CAPI__ecdsa_cert_create_verify_signature)
+{
+ int temp;
+
+ std::string prv =
+ "-----BEGIN EC PRIVATE KEY-----\n"
+ "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
+ "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
+ "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
+ "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
+ "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
+ "ELyhe7yPCAuOoLZlTLgf\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
+ "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
+ "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
+ "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
+ "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
+ "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
+ "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
+ "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
+ "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
+ "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
+ "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
+ "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
+ "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
+ "Q1oBry6NEc+lLFmWMDesAA==\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string message = "message test";
+
+
+ ckmc_raw_buffer_s msg_buff;
+ msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
+ msg_buff.size = message.size();
+
+ const char *pri_alias = "prv4";
+ const char *pub_alias = "pub4";
+ char *key_passwd = NULL;
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_cert_s cert;
+ cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ cert.cert_size = pub.size();
+ cert.data_format = CKMC_FORM_PEM;
+
+ ckmc_policy_s certpolicy;
+ certpolicy.password = pub_passwd;
+ certpolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = key_passwd;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 0;
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2087_CAPI__deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+}
+
+
+//#######################################################################################
+
+void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
+{
+ RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
+ RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
+
+ if(key->password != NULL && password != NULL) {
+ RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
+ }else if(key->password == NULL && password == NULL) {
+ RUNNER_ASSERT_MSG(true, "Password Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "Password Error" );
+ }
+
+ if(key->raw_key != NULL && raw_key != NULL) {
+ for(unsigned int i=0; i<key_size; i++) {
+ RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
+ }
+ }else if(key->raw_key == NULL && raw_key == NULL) {
+ RUNNER_ASSERT_MSG(true, "Raw Key Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "Raw Key Error" );
+ }
+}
+
+RUNNER_TEST_GROUP_INIT(T209_CKMC_CAPI_TYPES);
+
+RUNNER_TEST(T2091_CAPI_TYPE_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
+ "Error=" << temp);
+}
+
+RUNNER_TEST(T2092_CAPI_TYPE_KEY)
+{
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
+ unsigned int key_size = keyPem.size();
+ ckmc_key_type_e key_type = CKMC_KEY_NONE;
+ char *password = const_cast< char *>("");
+
+ ckmc_key_s *key;
+ ckmc_key_new(raw_key, key_size, key_type, password, &key);
+
+ _assertKey(key, raw_key, key_size, key_type, password);
+ ckmc_key_free(key);
+
+ char *passwordNull = NULL;
+ ckmc_key_s *key2;
+ ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
+ ckmc_key_free(key2);
+}
+
+RUNNER_TEST(T2093_CAPI_TYPE_BUFFER)
+{
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
+ unsigned int size = keyPem.size();
+
+ ckmc_raw_buffer_s *buff;
+ ckmc_buffer_new(data, size, &buff);
+
+ RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
+
+ if(buff->data != NULL && data != NULL) {
+ for(unsigned int i=0; i<size; i++) {
+ RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
+ }
+ }else if(buff->data == NULL && data == NULL) {
+ RUNNER_ASSERT_MSG(true, "Raw data Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "Raw data Error" );
+ }
+
+ ckmc_buffer_free(buff);
+}
+
+RUNNER_TEST(T2094_CAPI_TYPE_CERT)
+{
+ std::string certPem =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
+ "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
+ "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
+ "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
+ "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
+ "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
+ "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
+ "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
+ "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
+ "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
+ "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
+ "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
+ "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
+ "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
+ "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
+ "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
+ "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
+ "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
+ "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
+ "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
+ "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
+ "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
+ "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
+ "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
+ "rHva8A==\n"
+ "-----END CERTIFICATE-----\n";
+
+ unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
+ unsigned int size = certPem.size();
+ ckmc_data_format_e form = CKMC_FORM_PEM;
+
+ ckmc_cert_s *ckmCert;
+ ckmc_cert_new(raw_cert, size, form, &ckmCert);
+
+ RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
+
+ if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
+ for(unsigned int i=0; i<size; i++) {
+ RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
+ }
+ }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
+ RUNNER_ASSERT_MSG(true, "raw_cert Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "raw_cert Error" );
+ }
+
+ RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
+
+ ckmc_cert_free(ckmCert);
+}
+
+
+RUNNER_TEST(T2095_CAPI_TYPE_load_cert_file)
+{
+ int ret;
+
+ std::string certStr =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
+ "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
+ "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
+ "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
+ "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
+ "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
+ "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
+ "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
+ "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
+ "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
+ "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
+ "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
+ "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
+ "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
+ "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
+ "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
+ "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
+ "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
+ "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
+ "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
+ "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
+ "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
+ "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
+ "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
+ "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
+ "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
+ "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
+ "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
+ "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
+ "oFXtrg0=\n"
+ "-----END CERTIFICATE-----\n";
+
+ const char *file_name = "/tmp/ckmc_test_cert.pem";
+ remove(file_name);
+
+ FILE* cert_file;
+ cert_file = fopen(file_name, "w");
+ fprintf(cert_file, "%s",certStr.c_str());
+ fclose(cert_file);
+
+ ckmc_cert_s *pcert;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
+ "Error=" << CKM::ErrorToString(ret));
+
+ RUNNER_ASSERT_MSG(
+ pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
+
+ const char *lcert_alias = "lcert_alias";
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias, *pcert, policy)),
+ "Error=" << CKM::ErrorToString(ret));
+
+ remove(file_name);
+}
+
+RUNNER_TEST(T2096_CAPI_TYPE_load_p12_file) {
+ std::string p12Base64 =
+ "MIINaQIBAzCCDS8GCSqGSIb3DQEHAaCCDSAEgg0cMIINGDCCChcGCSqGSIb3DQEH\n"
+ "BqCCCggwggoEAgEAMIIJ/QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIvO01\n"
+ "D2ODdkYCAggAgIIJ0NscvWq3hmXai5DQcleOgELPbu2c97d+KJnRGCK7K3eRb0/v\n"
+ "4F3f3LFSFFT9OAK0/OS1ZYCiO+IuZ6Rpc8Baqe89xVcOHrQ0dQ7sIvbq10dnp5nY\n"
+ "fEcrt7qPXcRa3IdOX4PFo4aCOFq5bHv5M3quHldKRh4itosjsAGuF/xtnVnO6lU5\n"
+ "UlPhtAdr2Mpr4SHh+oBbJknLvyd6n/4xZ2elEA8ui4Qt5GfiHwWs2J7KO3Z8M1vW\n"
+ "yukuyVTaZ6RNkj8dkq/RttvVinlgATYLoosjCsH7VVcd+/z9JqD37QQ89pzdjvJg\n"
+ "CtXFVbqsOIbjPMkQMYtMdaPsLDDzw6l+q7BJreGIoJmTHbhTtNOJo03XPEnlVXUq\n"
+ "Q+224ibNKzLAvpSWOo8BUHK7ZDc1oaLODDZ+WAA6jfgHkuhhWYr9dxce6UdhMghJ\n"
+ "M7ixWwa350psdACREdGxNQzxmucmueprbDumVPAnnJfnKfgRXdKpTDFWS4TaYRc/\n"
+ "TE4lKSBZpFFduy/gdpLGCHdklTs33aWZ/mEVZJnk2PggKyvSKH9oL3DxkZIFkGdQ\n"
+ "wcy8gAuLBirdWB/q4JWqW7sH8kMfEwXACEm1z4SzCik8afamQNJEbovA3Pvrhw/P\n"
+ "1HE5KPNvKMaIr9kk5rTnGGTSNrSMqUCnBl4MjVS4HacrZvvt60y0D3RFB8IqlFMt\n"
+ "od2FagxojPyO/wP8jDERnySo2Irz0x0WUjWARtcLLH2FOK7ROkX1/WjRZmDV0jtv\n"
+ "yL8r97XZf/NddVU13Jt13dBJCjxZRvfJZgNI8RybkPQ3Y9J5LIOLVFPU3ZKIi7W7\n"
+ "KtCw/FCUfEdNarLQMWG0Z9bux7vu/eK1+KpF9pfzD3Q1V0sj2M158Q5W2gy9q/u0\n"
+ "gOOuybiZB2AL9kxBv0rqb8h7SF5ZIRoy85PrwtnX7w4Xq+4I7RA68bcEGyqgTWWb\n"
+ "XZxcY65F2slqekXddKeDSTizQk/APgWva/TwgaUeXR9YBCO4o71pla//FNqJ6pRm\n"
+ "tZjEY9ALBCc083gsImc7+LAeubEcYzjhhgRPQwGJfJTMqgC/NOa9wFhvNO4QcFjf\n"
+ "XQxxIFxlQJ64qU316FyeuyxLYGd02uakrLLgYtAGG7nPZCYNkUKvCwICKJYI+wAg\n"
+ "CX0FVwXsR1f33kVuV6sd4YConz80Lk9ayvNJVeCzEOBvhthbMcP3mIn22X+GT3jU\n"
+ "O5Z0bkXAU0C8XTfLQMk2m6Ag3mctrn4iJBPwQ7j12GnlSLko+e7IssRd4Qj4vBZd\n"
+ "KXUIoRcOsXqWoQgXJAtdLJEHVo0SUyxVojXsXqUZ3yYOkVUykvXZUcBnS6xwtaUt\n"
+ "EzdFsEO3NQSLOju5Tpp12lKbrgIToV75zyA3CULEdimEUWD/wA+pDaIS39shNyeE\n"
+ "edtAp3WF3mDkHQFyKG52IVx7hJU8jXXunvY21tshTAx/Gda0X1CtgSU7Q00ROr+L\n"
+ "TaehRiKsSgxQa6/jyJY5KY1hIDzwaem5Y7gDnxotmQuPhIX8MeD5Qdv6AVovfScN\n"
+ "07QuWyUBgFsZzbp79AsnPRLzoiAMQljMn7TXDDLq+uF922OU47BQkzlPfKAuHbyu\n"
+ "R+uZwtDfMD71FqWjCAHMPyENinsnUehCwX2pVxa6KSs61IsTfb3oUPY1TRxfZnfd\n"
+ "8SAUfPjKVss9Eyahuv+kzenPUDZn5LV9E0G0DGNxIf493A5Z29scNkQcCBjTJJvx\n"
+ "4BBJCES6SgkTQl7eFoBGOIqqytpYP9QZW5jy7ramgz/gF2kMKjAfikhbd5vB4Fwd\n"
+ "QlExMlbW+wL/ffr4AGlwenlDzXBFKQM0mYZNKLuB9LrRzw35fVFZ9XY06VCxhbMa\n"
+ "wI9gN4rKA3bNG3DCWTsr1TZ6CvrqFJjlfK4KF/+eNfnkIY8uVYxnPlRRkmPw4dpE\n"
+ "KdaXUiu5WJvZupeYqqNsWdxs+v2KS1E/PcM9BgUFKFD4lW84WbWUHPxvxXoZhSCs\n"
+ "nQ0hsPd53NKBBdEOao5HAAf+T5yFnJzZ3rVkYBEC67gHyWgXB1Zy283yAIihvUXw\n"
+ "DOEVppNHnIqAjQpncQcDpV0/zYCvqOEfU+JPpmepgo737Tq2MlUKLTByhg1mQhKm\n"
+ "2pI63BFiw2/2igImFbmhzJjilWkaM4kwM1uGKOKgjacXI/VSVEajuYAfo37quBxF\n"
+ "ZWyWJoFXBvQ7jolTKXUVbCqnSSaItosZrS3vcDdGUegRm0rf6IzCRPdSIsfCDdZG\n"
+ "9UeChoznNezoLENgmqQJTV3wDo3uSZbztlctoERvZpn457MLZEn8hXEwMLPXx2Ur\n"
+ "HQ5fYAdTBzBpoLiy8ujzFxFJDzW9ytnb7aFF7YVivfj42eVGnCANvVcwkp2/E3MW\n"
+ "Img0OyqKRQHaGGI7iGNO5KYpTk0CdSyErQarH52ZRvr0t2CK6J6vDgrhJnzd5Ayr\n"
+ "6t+coAZBw8eIJqiM5WzAm4mlZRSHL+JcaKkrqoYOo+kewj7wgW2Kk/7S8re38RvP\n"
+ "+V9nqpfr18gIV72G2yZ60C21eRqOFPgl1CYbmWHqYKXatuT4o+kgBmJpez5uvIHz\n"
+ "LSd88An02ow+WQ+KP8YGV38ZtuA6D4FPA3fsMdhNOqjtwWiPei+ILaXD5PsOfDGH\n"
+ "2fZgOWXivFYqq9Cm3B3ffFX/oD/7sFMs+/AWeZOh8XqU8ro73L1HNRXx4HdyRUY/\n"
+ "pInwA0mWaFNGgBRPbNW0A6cZ2dY0Hn8sRRsF+5tIs0hOelpT1y/ZEVyGImTQgEbK\n"
+ "KeggQGT9h9rhrrUK+hE27MorcRi6tVteKlNyGQsCJko0ZoqqctM4o7wT5ce4nWtb\n"
+ "ixzp5xDkDmcP6eldHiVm8TsZn0hkmNDu0xpgIVtb4VDRmWP687EOaGHYhjOBw6X1\n"
+ "GD1d1yyg/VxlUr0lKmbsFVC2mDiWbnWd49+FGsrySc2RO8DlC9xkXLaG+ubjmLpK\n"
+ "lwagiI2P1MzkHuZiz7WlIjFefuYh0yrYvDA5UDiQTDdoZWFuR5r93QWdsUcHlvdF\n"
+ "rYmhQ93F6I4gaT9HSVEDJfisIjIUmIwhh20tdGnf3FC5VyqBYS5GQObq3VnC8stU\n"
+ "b7byCEMlKr5bWslEem6gRGTB9xektKgrsFgS7nb3Geegq9K+mWIBC/iBOInVqFYx\n"
+ "Uw8+s6ywApXPLPEIrVZumkwo7Rl8lJfCTDNni/68XHhhVHY70N0PSdfnCAvV9G41\n"
+ "3wuTZHqLOeQG3Sm8I1JJXkWSuuk0QI7DVKZpmz+x4aFBd+rncfvWOEbN9G0ZqbUT\n"
+ "lGkfxtUWY6pWX/XJpyBzOlv2+fCPi/Yd0csb45IEuFHNG1svgqGMJw5BmFu5v0Qs\n"
+ "0i1zKBrNA/Acd6+uL0UqDZStB6lyPn6+uifh3sMwggL5BgkqhkiG9w0BBwGgggLq\n"
+ "BIIC5jCCAuIwggLeBgsqhkiG9w0BDAoBAqCCAqYwggKiMBwGCiqGSIb3DQEMAQMw\n"
+ "DgQIBJuBj07uHGACAggABIICgJBfOlC99JJjEUBibYLXIJPe53Cy7eDXCtVaPbhX\n"
+ "VHPCsBrUd7+6Ul7Vh/JHMlJL1VA3WvGnX93f0p5FICgZZA3sIZjpxBoeVkZ0Zx6r\n"
+ "ZMnBPIN4GaHYufCGPyAlPXgEGjlBr3g6Sxr8j50vsWtfspwiILsyte+nQ3kE1nV4\n"
+ "TjNBnayXmCMnEkf4kKu+dlLFbd1OY/fQJbiT+f9YtMfcfp2IR+7bXb23UIv8Wt1I\n"
+ "XyqsYTcUjIvnByKSDrvVu941x1EN5DF1964qQbAZb/z5ueTl8tCpaCFlGbZcXz7X\n"
+ "7L3k0YWdymx1J+szd6heQJrzqMjcHK3XWC7YlDytWB59j0eNMx42XEFP0pAO+gt9\n"
+ "Iny2XL+sxJC/xzf6apYMmmGwEXrZkkudsSVMgLCtYyin4zM7PFzLAPK9ryEhsxaP\n"
+ "g077MJ/aIaZ7PLi7cABz/g+gQ1dSXakNOof6EjRUADHpav9UKeKwWdR8ycB/8AQV\n"
+ "XxQTpEsFJ7izdNZDNC/ZeOhc/ohnei169rfH0shVeeckjf++c8zlh/Y5UWIi3V6i\n"
+ "5c7RlIJLMtHrvpB5UxRpZgWSdXvCuTCBEzlZAeWJ11I4DAeioqJ1V3h2KcUjNKf1\n"
+ "z8mTJrzAycuhm8npaC0Gj6JU7jiYPZLvj+cK/e/gjadWggHFYsjAKhACDbAtG64N\n"
+ "Gu9PWJszvhSO8ga7TOVEzdbe2jm4oWtqPe3gb6eYl2Ma6GTfj/PUEDpNAOnr99qV\n"
+ "g3uKIXMBp2115bfUf5sbfPdMbnH12XILXR9Va+JjeQHexa64QWlsiRgtXEAXxoEb\n"
+ "D2aTlfdsJpgilyj31Y45xOdN7FI+Ltfhudxt1kABPdmKwRMxJTAjBgkqhkiG9w0B\n"
+ "CRUxFgQUMvxYuPi3XpEeXbzAkXaNbAw7P5gwMTAhMAkGBSsOAwIaBQAEFOBC4ppE\n"
+ "AXO+xdzSBKimvjBBTLbEBAjlaWiC5IVtmAICCAA=\n";
+
+ // write file
+ const char *p12base64file = "/tmp/ckmc_test_p12.p12.b64";
+ const char *p12file = "/tmp/ckmc_test_p12.p12";
+ const char *password = "password";
+
+ remove(p12base64file);
+ remove(p12file);
+
+ FILE* b64_file;
+ b64_file = fopen(p12base64file, "w");
+ fprintf(b64_file, "%s",p12Base64.c_str());
+ fclose(b64_file);
+
+ std::string cmd("openssl base64 -d -in ");
+ cmd.append(p12base64file);
+ cmd.append(" -out ");
+ cmd.append(p12file);
+ system(cmd.c_str());
+
+ int temp;
+
+ ckmc_key_s *private_key = NULL;
+ ckmc_cert_s *cert = NULL;
+ ckmc_cert_list_s *ca_cert_list = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
+ &private_key, &cert, &ca_cert_list)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
+ RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
+ RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
+
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = 1;
+
+
+ const char *pkey_alias = "pkey_alias";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *private_key, policy)),
+ "Error=" << temp);
+
+ const char *cert_alias = "cert_alias";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *cert, policy)),
+ "Error=" << temp);
+ std::string caCertAlias = "ca_cert_alias_";
+ const char *idx = "0";
+ int cnt = 0;
+ ckmc_cert_list_s *tmpList = ca_cert_list;
+ while(tmpList != NULL) {
+ caCertAlias.append(idx);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
+ "Error=" << temp);
+ tmpList = tmpList->next;
+ cnt ++;
+ }
+
+ RUNNER_ASSERT_MSG(cnt == 2,"Invalid CA Cert Count");
+
+ ckmc_key_free(private_key);
+ ckmc_cert_free(cert);
+ ckmc_cert_list_all_free(ca_cert_list);
+
+ remove(p12base64file);
+ remove(p12file);
+}
+
+
+RUNNER_TEST(T2098_CAPI_TYPE_deinit)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ "Error=" << temp);
+}
+
+
+RUNNER_TEST_GROUP_INIT(T2000_CAPI_LOCKTYPE_TESTS);
+
+RUNNER_CHILD_TEST(T2101_CAPI_init_lock_key)
+{
+ int tmp;
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ char *null_password = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_change_user_password(USER_APP,"user-pass",null_password)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_lock_user_key(USER_APP)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T2102_CAPI_unlock_default_passwd)
+{
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+
+ ckmc_key_s test_key, *test_key2;
+ ckmc_policy_s test_policy;
+
+ char* password = NULL;
+ char alias[20] = "mykey_defpasswd";
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ test_key2 = &test_key;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_key(alias)),
+ "Error=" << temp);
+}
+
+RUNNER_CHILD_TEST(T2103_CAPI_init_change_user_password)
+{
+ int tmp;
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ char *null_password = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_change_user_password(USER_APP,null_password,"user-pass")),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_lock_user_key(USER_APP)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T2104_CAPI_unlock_default_passwd_negative)
+{
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+
+ ckmc_key_s test_key, *test_key2;
+ ckmc_policy_s test_policy;
+
+ char* password = NULL;
+ char alias[20] = "mykey_defpasswd";
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ test_key2 = &test_key;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_LOCKED == (temp = ckmc_save_key(alias, test_key, test_policy)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key2)),
+ "Error=" << temp);
+}
+
+RUNNER_CHILD_TEST(T2109_CAPI_deinit)
+{
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+}
+
+RUNNER_TEST_GROUP_INIT(T220_CAPI_EMPTY_DATABASE);
+
+RUNNER_TEST(T2201_CAPI_unlock_database)
+{
+ int temp;
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ "Error=" << temp);
+}
+
+RUNNER_CHILD_TEST(T2202_CAPI_get_data_from_empty_database)
+{
+ int temp;
+ char alias[10] = "mykey";
+ char *password = NULL;
+ ckmc_key_s *test_key = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias, password, &test_key)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
+}
+
+RUNNER_CHILD_TEST(T2203_CAPI_deinit_lock_database)
+{
+ int temp;
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ "Error=" << temp);
+}
+
+RUNNER_CHILD_TEST(T2204_CAPI_get_data_from_locked_database)
+{
+ int temp;
+ char alias[10] = "mykey";
+ char *password = NULL;
+ ckmc_key_s *test_key = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
+}
--- /dev/null
+#include <netdb.h>
+
+#include <dpl/log/log.h>
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+
+#include <tests_common.h>
+#include <access_provider.h>
+
+#include <ckm/ckm-manager.h>
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-password.h>
+#include <ckm/ckm-type.h>
+#include <ckm/ckm-pkcs12.h>
+
+#include <fstream>
+
+static const int USER_APP = 5000;
+static const int GROUP_APP = 5000;
+static const int USER_TEST = 5001;
+
+/*
+ * How to numerate tests:
+ * TABCD_NAME
+ * T - test case (always T)
+ * AB - number of test group (always two digits)
+ * C - test number in group (all tests with same TABC must be run in the same time).
+ * D - subtest.
+ */
+
+
+RUNNER_TEST_GROUP_INIT(T0000_CKM_CONTROL);
+
+RUNNER_TEST(T0010_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ control->removeUserData(0);
+ control->removeUserData(20);
+ control->removeUserData(USER_APP);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0020_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0030_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0040_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0050_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(20)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
+
+RUNNER_TEST(T1010_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1011_key)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::KeyShPtr key2;
+ CKM::Alias alias = "mykey";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ key->getDER() == key2->getDER(),
+ "Key value has been changed by service");
+}
+
+RUNNER_TEST(T1012_certificate)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string certPem =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
+ "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
+ "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
+ "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
+ "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
+ "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
+ "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
+ "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
+ "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
+ "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
+ "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
+ "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
+ "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
+ "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
+ "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
+ "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
+ "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
+ "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
+ "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
+ "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
+ "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
+ "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
+ "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
+ "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
+ "rHva8A==\n"
+ "-----END CERTIFICATE-----\n";
+
+ CKM::RawBuffer buffer(certPem.begin(), certPem.end());
+ auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
+ CKM::CertificateShPtr cert2;
+ CKM::Alias alias = "myCert";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ cert->getDER() == cert2->getDER(),
+ "Data has been modified in key manager");
+}
+
+RUNNER_CHILD_TEST(T1013_user_app_save_key)
+{
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ int temp;
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::KeyShPtr key2;
+ CKM::Alias alias = "mykey";
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ key->getDER() == key2->getDER(), "Key value has been changed by service");
+}
+
+
+RUNNER_TEST(T1014_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
+
+RUNNER_TEST(T1020_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1021_save_keys_get_alias)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::AliasVector aliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(aliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ aliasVector.size() == 3,
+ "Wrong size of list: " << aliasVector.size() << " Expected: 3");
+}
+
+RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
+{
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::AliasVector aliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(aliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ aliasVector.size() == 3,
+ "Wrong size of list: " << aliasVector.size() << " Expected: 3");
+}
+
+RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
+{
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::AliasVector aliasVector;
+ CKM::Policy notExportable(CKM::Password(), false);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1029_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
+
+RUNNER_TEST(T1030_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1031_save_get_bin_data)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData1 = "My bin data1";
+ std::string binData2 = "My bin data2";
+ std::string binData3 = "My bin data3";
+
+ CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
+ CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
+ CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
+
+ CKM::AliasVector aliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(aliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ aliasVector.size() == 3,
+ "Wrong size of list: " << aliasVector.size() << " Expected: 3");
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ buffer == buffer2,
+ "Data corrupted");
+}
+
+RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
+{
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData = "My bin data";
+
+ CKM::RawBuffer buffer(binData.begin(), binData.end());
+
+ CKM::AliasVector aliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(aliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ aliasVector.size() == 3,
+ "Wrong size of list: " << aliasVector.size() << " Expected: 3");
+}
+
+RUNNER_TEST(T1033_remove_bin_data)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData2 = "My bin data2";
+ CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
+
+ CKM::AliasVector aliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->removeData("data1")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->removeData("data3")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(aliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ aliasVector.size() == 1,
+ "Wrong size of list: " << aliasVector.size() << " Expected: 1");
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ buffer == buffer2,
+ "Data corrupted");
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1039_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
+
+RUNNER_TEST(T1040_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T1041_create_rsa_key)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::AliasVector av;
+
+ SecurityServer::AccessProvider ap("mylabel");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1"), CKM::Alias("PUB_KEY1"), CKM::Policy(), CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 2 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 2");
+}
+
+RUNNER_TEST(T1049_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPairRSA);
+
+RUNNER_TEST(T1110_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1111_CreateKeyPairRSA)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::Alias a1("rsa-test-1");
+ CKM::Alias a2("rsa-test-2");
+ CKM::Policy p1;
+ CKM::Policy p2;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1112_CreateKeyPairECDSA)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::Alias a1("ecdsa-test-1");
+ CKM::Alias a2("ecdsa-test-2");
+ CKM::Policy p1;
+ CKM::Policy p2;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1113_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
+
+RUNNER_TEST(T12100_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12101_key_exist)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "rsa-alias-duplication";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+/*
+ * These test cases tests API when empty parameters are passed to functions
+ */
+
+RUNNER_TEST(T12102_saveKey_empty_alias)
+{
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias; //alias is not initialized
+
+ int ret;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12103_saveKey_empty_key)
+{
+ CKM::KeyShPtr key; //key is not initialized
+ CKM::Alias alias = "empty-key";
+
+ int ret;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12104_saveCertificate_empty_alias)
+{
+ std::string certPem =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
+ "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
+ "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
+ "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
+ "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
+ "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
+ "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
+ "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
+ "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
+ "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
+ "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
+ "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
+ "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
+ "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
+ "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
+ "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
+ "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
+ "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
+ "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
+ "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
+ "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
+ "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
+ "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
+ "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
+ "rHva8A==\n"
+ "-----END CERTIFICATE-----\n";
+
+ CKM::RawBuffer buffer(certPem.begin(), certPem.end());
+ auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
+ CKM::Alias alias; //alias is not initialized
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12105_saveCertificate_empty_cert)
+{
+ CKM::CertificateShPtr cert; //cert is not initialized
+ CKM::Alias alias = "empty-cert";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12106_saveData_empty_alias)
+{
+ std::string testData = "test data test data test data";
+ CKM::RawBuffer buffer(testData.begin(), testData.end());
+ CKM::Alias alias;
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12107_saveData_empty_data)
+{
+ CKM::RawBuffer buffer;
+ CKM::Alias alias = "empty-data";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+/*
+ * These test cases tests API when trying to get data from not existing alias
+ */
+
+RUNNER_TEST(T12108_getKey_alias_not_exist)
+{
+ CKM::KeyShPtr key;
+ CKM::Alias alias = "this-alias-not-exist";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12109_getCertificate_alias_not_exist)
+{
+ CKM::CertificateShPtr certificate;
+ CKM::Alias alias = "this-alias-not-exist";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12110_getData_alias_not_exist)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::RawBuffer buffer;
+ CKM::Alias alias("some alias");
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+/*
+ * These test cases tests API when damaged keys are used
+ */
+RUNNER_TEST(T12111_rsa_key_damaged)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "damaged-rsa";
+
+ RUNNER_ASSERT_MSG(
+ NULL == key.get(), "Key is broken. It should be empty");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12112_rsa_key_too_short)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "short-rsa";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12113_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
+
+RUNNER_TEST(T1311_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(time(0) > 1405343457,
+ "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
+
+ struct hostent* he = gethostbyname("google.com");
+
+ RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
+ "is not woking on the device. OCSP tests requires network access!");
+}
+
+RUNNER_TEST(T1312_get_chain)
+{
+ std::string ee = "-----BEGIN CERTIFICATE-----\n"
+ "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
+ "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
+ "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
+ "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
+ "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
+ "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
+ "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
+ "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
+ "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
+ "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
+ "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
+ "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
+ "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
+ "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
+ "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
+ "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
+ "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
+ "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
+ "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
+ "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
+ "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
+ "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
+ "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
+ "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
+ "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
+ "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
+ "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
+ "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
+ "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
+ "oFXtrg0=\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string im =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
+ "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
+ "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
+ "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
+ "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
+ "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
+ "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
+ "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
+ "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
+ "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
+ "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
+ "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
+ "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
+ "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
+ "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
+ "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
+ "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
+ "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
+ "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
+ "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
+ "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
+ "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
+ "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
+ "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
+ "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
+ "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
+ "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
+ "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
+ "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
+ "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
+ "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
+ "-----END CERTIFICATE-----\n";
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
+ auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
+ CKM::CertificateShPtrVector certVector = {cert1};
+ CKM::CertificateShPtrVector certChain;
+
+ int tmp;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 0 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 3 == certChain.size(),
+ "Wrong size of certificate chain.");
+}
+
+RUNNER_TEST(T1313_get_chain_with_alias)
+{
+ std::string ee = "-----BEGIN CERTIFICATE-----\n"
+ "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
+ "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
+ "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
+ "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
+ "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
+ "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
+ "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
+ "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
+ "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
+ "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
+ "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
+ "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
+ "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
+ "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
+ "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
+ "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
+ "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
+ "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
+ "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
+ "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
+ "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
+ "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
+ "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
+ "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
+ "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
+ "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
+ "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
+ "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
+ "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
+ "oFXtrg0=\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string im =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
+ "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
+ "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
+ "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
+ "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
+ "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
+ "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
+ "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
+ "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
+ "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
+ "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
+ "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
+ "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
+ "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
+ "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
+ "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
+ "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
+ "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
+ "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
+ "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
+ "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
+ "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
+ "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
+ "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
+ "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
+ "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
+ "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
+ "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
+ "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
+ "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
+ "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
+ "-----END CERTIFICATE-----\n";
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
+ auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
+ CKM::CertificateShPtrVector certChain;
+ CKM::AliasVector aliasVector;
+ CKM::Alias alias("imcert");
+
+ int tmp;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 0 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ aliasVector.push_back(alias);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 3 == certChain.size(),
+ "Wrong size of certificate chain.");
+}
+
+RUNNER_TEST(T1314_ocsp_check)
+{
+ std::string ee = "-----BEGIN CERTIFICATE-----\n"
+ "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
+ "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
+ "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
+ "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
+ "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
+ "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
+ "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
+ "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
+ "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
+ "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
+ "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
+ "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
+ "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
+ "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
+ "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
+ "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
+ "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
+ "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
+ "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
+ "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
+ "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
+ "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
+ "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
+ "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
+ "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
+ "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
+ "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
+ "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
+ "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
+ "oFXtrg0=\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string im =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
+ "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
+ "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
+ "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
+ "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
+ "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
+ "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
+ "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
+ "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
+ "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
+ "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
+ "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
+ "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
+ "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
+ "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
+ "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
+ "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
+ "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
+ "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
+ "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
+ "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
+ "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
+ "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
+ "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
+ "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
+ "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
+ "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
+ "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
+ "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
+ "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
+ "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
+ "-----END CERTIFICATE-----\n";
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
+ auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
+ CKM::CertificateShPtrVector certVector = {cert1};
+ CKM::CertificateShPtrVector certChain;
+
+ int tmp;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 0 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 3 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
+}
+
+RUNNER_TEST(T1315_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
+
+RUNNER_TEST(T1411_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1412_rsa_key_create_verify)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "Proc-Type: 4,ENCRYPTED\n"
+ "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
+ "\n"
+ "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
+ "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
+ "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
+ "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
+ "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
+ "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
+ "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
+ "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
+ "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
+ "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
+ "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
+ "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
+ "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
+ "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
+ "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
+ "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
+ "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
+ "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
+ "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
+ "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
+ "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
+ "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
+ "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
+ "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
+ "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub1";
+ CKM::Alias aliasPrv = "prv1";
+ CKM::Password password = "1234";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
+
+ RUNNER_ASSERT_MSG(NULL != keyPub.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1413_rsa_key_create_verify_negative)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ std::string message = "message asdfaslkdfjlksadjf test";
+
+ CKM::Alias aliasPub = "pub1";
+ CKM::Alias aliasPrv = "prv1";
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1414_ec_key_create_verify)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
+ "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
+ "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
+ "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
+ "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END PUBLIC KEY-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "ecpub2";
+ CKM::Alias aliasPrv = "ecprv2";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != keyPub.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1415_rsa_cert_create_verify_signature)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
+ "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
+ "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
+ "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
+ "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
+ "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
+ "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
+ "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
+ "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
+ "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
+ "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
+ "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
+ "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
+ "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
+ "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
+ "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
+ "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
+ "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
+ "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
+ "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
+ "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
+ "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
+ "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
+ "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
+ "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
+ "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub3";
+ CKM::Alias aliasPrv = "prv3";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1416_ecdsa_cert_create_verify_signature)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv =
+ "-----BEGIN EC PRIVATE KEY-----\n"
+ "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
+ "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
+ "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
+ "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
+ "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
+ "ELyhe7yPCAuOoLZlTLgf\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
+ "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
+ "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
+ "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
+ "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
+ "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
+ "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
+ "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
+ "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
+ "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
+ "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
+ "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
+ "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
+ "Q1oBry6NEc+lLFmWMDesAA==\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub4";
+ CKM::Alias aliasPrv = "prv4";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1417_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
+
+RUNNER_CHILD_TEST(T1510_init_unlock_key)
+{
+ int tmp;
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1511_init_insert_data)
+{
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ std::string ee = "-----BEGIN CERTIFICATE-----\n"
+ "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
+ "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
+ "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
+ "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
+ "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
+ "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
+ "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
+ "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
+ "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
+ "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
+ "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
+ "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
+ "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
+ "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
+ "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
+ "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
+ "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
+ "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
+ "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
+ "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
+ "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
+ "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
+ "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
+ "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
+ "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
+ "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
+ "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
+ "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
+ "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
+ "oFXtrg0=\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string im =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
+ "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
+ "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
+ "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
+ "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
+ "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
+ "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
+ "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
+ "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
+ "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
+ "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
+ "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
+ "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
+ "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
+ "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
+ "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
+ "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
+ "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
+ "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
+ "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
+ "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
+ "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
+ "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
+ "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
+ "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
+ "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
+ "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
+ "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
+ "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
+ "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
+ "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
+ "-----END CERTIFICATE-----\n";
+
+ auto manager = CKM::Manager::create();
+ auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
+ auto certim = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
+
+ int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
+ int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
+}
+
+RUNNER_CHILD_TEST(T1519_deinit)
+{
+ int tmp;
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
+
+RUNNER_CHILD_TEST(T1610_init_lock_key)
+{
+ int tmp;
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
+{
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::KeyShPtr key2;
+ CKM::Alias alias = "mykey_defpasswd";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ key->getDER() == key2->getDER(),
+ "Key value has been changed by service");
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->removeKey(alias)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T1612_init_change_user_password)
+{
+ int tmp;
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
+{
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::KeyShPtr key2;
+ CKM::Alias alias = "mykey_defpasswd";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_LOCKED == (temp = manager->removeKey(alias)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T1619_deinit)
+{
+ SecurityServer::AccessProvider ap("my-label");
+ ap.addObjectRule("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+}
+
+RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
+
+RUNNER_TEST(T1701_init_unlock_key)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1702_init_insert_data)
+{
+ int temp;
+ SecurityServer::AccessProvider ap("t170-special-label");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
+
+ std::string ee = "-----BEGIN CERTIFICATE-----\n"
+ "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
+ "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
+ "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
+ "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
+ "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
+ "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
+ "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
+ "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
+ "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
+ "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
+ "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
+ "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
+ "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
+ "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
+ "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
+ "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
+ "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
+ "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
+ "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
+ "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
+ "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
+ "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
+ "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
+ "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
+ "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
+ "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
+ "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
+ "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
+ "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
+ "oFXtrg0=\n"
+ "-----END CERTIFICATE-----\n";
+
+ auto manager = CKM::Manager::create();
+ auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
+
+ int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == status1,
+ "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
+
+ CKM::AliasVector av;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 1 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 1");
+}
+
+RUNNER_TEST(T1703_removeApplicationData)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1704_data_test)
+{
+ int temp;
+ SecurityServer::AccessProvider ap("t170-special-label");
+ ap.addObjectRule("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 0 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 0");
+}
+
+RUNNER_TEST(T1705_deinit)
+{
+ int tmp;
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST_GROUP_INIT(T180_PKCS12);
+
+RUNNER_TEST(T1801) {
+ std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, "secret");
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ auto cert = pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 0 == caVector.size(),
+ "Wrong size of vector");
+}
+
+RUNNER_TEST(T1802_negative_wrong_password) {
+ std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, "error");
+ RUNNER_ASSERT_MSG(
+ NULL == pkcs.get(),
+ "Expected error in PKCS12::create()");
+}
+
+RUNNER_TEST(T1803_negative_broken_buffer) {
+ std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
+ buffer[4]=0;
+
+ auto pkcs = CKM::PKCS12::create(buffer, "secret");
+ RUNNER_ASSERT_MSG(
+ NULL == pkcs.get(),
+ "Expected error in PKCS12::create()");
+}
+
+RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
+
+RUNNER_TEST(T1901_init_unlock_key)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST(T1902_get_data)
+{
+ auto manager = CKM::Manager::create();
+ CKM::KeyShPtr ptr;
+
+ int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
+ "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
+}
+
+RUNNER_TEST(T1903_deinit)
+{
+ int tmp;
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST(T1904_get_data_from_locked_database)
+{
+ auto manager = CKM::Manager::create();
+ CKM::KeyShPtr ptr;
+
+ int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_LOCKED == status1,
+ "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
+}
+
+int main(int argc, char *argv[])
+{
+ DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
+ return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+}
projects / platform / core / test / security-tests.git / commitdiff