#include <yaca_error.h>
#include "yaca-test-common.h"
+#include "yaca-test-vector.h"
namespace {
"Non-empty key returned from a function that failed");
}
+void import_key_wrong_password(yaca_key_type_e key_type,
+ const std::string &password,
+ const char *data,
+ size_t data_len)
+{
+ yaca_key_h key = YACA_KEY_NULL;
+ std::string password_wrong = password + "!";
+
+ if (password.size() > 0) {
+ YACA_RESULT(YACA_ERROR_INVALID_PASSWORD,
+ yaca_key_import(key_type, "", data, data_len, &key));
+
+ YACA_ASSERT_MSG(key == YACA_KEY_NULL,
+ "Non-empty key returned from a function that failed");
+
+ YACA_RESULT(YACA_ERROR_INVALID_PASSWORD,
+ yaca_key_import(key_type, nullptr, data, data_len, &key));
+
+ YACA_ASSERT_MSG(key == YACA_KEY_NULL,
+ "Non-empty key returned from a function that failed");
+ }
+
+ YACA_RESULT(YACA_ERROR_INVALID_PASSWORD,
+ yaca_key_import(key_type, password_wrong.c_str(), data, data_len, &key));
+
+ YACA_ASSERT_MSG(key == YACA_KEY_NULL,
+ "Non-empty key returned from a function that failed");
+}
+
+void assert_keys_equal(const KeyPtr &key1,
+ const KeyPtr &key2)
+{
+ yaca_key_format_e key_fmt = YACA_KEY_FORMAT_DEFAULT;
+ yaca_key_file_format_e key_file_fmt;
+ yaca_key_type_e key1_type;
+ yaca_key_type_e key2_type;
+
+ YACA_SUCCESS(yaca_key_get_type(key1.get(), &key1_type));
+ YACA_SUCCESS(yaca_key_get_type(key2.get(), &key2_type));
+
+ YACA_ASSERT_MSG(key1_type == key2_type, "Key types are not equal");
+
+ switch(key1_type) {
+ case YACA_KEY_TYPE_SYMMETRIC:
+ case YACA_KEY_TYPE_DES:
+ case YACA_KEY_TYPE_IV:
+ key_file_fmt = YACA_KEY_FILE_FORMAT_RAW;
+ break;
+ case YACA_KEY_TYPE_RSA_PUB:
+ case YACA_KEY_TYPE_RSA_PRIV:
+ case YACA_KEY_TYPE_DSA_PUB:
+ case YACA_KEY_TYPE_DSA_PRIV:
+ key_file_fmt = YACA_KEY_FILE_FORMAT_DER;
+ break;
+ default:
+ RUNNER_FAIL_MSG("Wrong key_type passed");
+ }
+
+ size_t key1_len;
+ ChrPtr key1_data = export_key(key1, key_fmt, key_file_fmt, nullptr, &key1_len);
+
+ size_t key2_len;
+ ChrPtr key2_data = export_key(key2, key_fmt, key_file_fmt, nullptr, &key2_len);
+
+ YACA_ASSERT_MSG(key1_len == key2_len, "Compared keys are not of equal length");
+ YACA_SUCCESS(yaca_memcmp(key1_data.get(), key2_data.get(), key1_len));
+}
+
} // anonymous namespace
RUNNER_TEST_GROUP_INIT(T4000_YACA_KEY);
{
KeyPtr key_sym = generate_key(YACA_KEY_TYPE_SYMMETRIC, 1024);
KeyPtr key_rsa = generate_key(YACA_KEY_TYPE_RSA_PRIV, 1024);
+ KeyPtr key_rsa_pub = extract_public_key(key_rsa);
char *data;
size_t data_len;
YACA_KEY_FORMAT_DEFAULT,
YACA_KEY_FILE_FORMAT_RAW,
nullptr, &data, &data_len));
+
+ YACA_INVALID_PARAM(yaca_key_export(key_rsa_pub.get(),
+ YACA_KEY_FORMAT_PKCS8,
+ YACA_KEY_FILE_FORMAT_PEM,
+ nullptr, &data, &data_len));
+
+ /* passing password with a key/format that doesn't support it */
+ YACA_INVALID_PARAM(yaca_key_export(key_rsa.get(),
+ YACA_KEY_FORMAT_DEFAULT,
+ YACA_KEY_FILE_FORMAT_DER,
+ "pass", &data, &data_len));
+ YACA_INVALID_PARAM(yaca_key_export(key_rsa_pub.get(),
+ YACA_KEY_FORMAT_DEFAULT,
+ YACA_KEY_FILE_FORMAT_PEM,
+ "pass", &data, &data_len));
+
+ /* not passing a password with a format that requires it */
+ YACA_INVALID_PARAM(yaca_key_export(key_rsa.get(),
+ YACA_KEY_FORMAT_PKCS8,
+ YACA_KEY_FILE_FORMAT_PEM,
+ nullptr, &data, &data_len));
+ YACA_INVALID_PARAM(yaca_key_export(key_rsa.get(),
+ YACA_KEY_FORMAT_PKCS8,
+ YACA_KEY_FILE_FORMAT_PEM,
+ "", &data, &data_len));
}
-RUNNER_TEST(T4220_yaca_key_import_invalid_param, YacaTest)
+RUNNER_TEST(T4230_yaca_key_import_invalid_param, YacaTest)
{
KeyPtr key_sym = generate_key(YACA_KEY_TYPE_SYMMETRIC, YACA_KEY_LENGTH_256BIT);
size_t key_sym_data_len;
YACA_KEY_FILE_FORMAT_DER,
nullptr, &key_rsa_data_len);
+ KeyPtr key_rsa_pub = extract_public_key(key_rsa);
+ size_t key_rsa_pub_data_len;
+ ChrPtr key_rsa_pub_data = export_key(key_rsa_pub, YACA_KEY_FORMAT_DEFAULT,
+ YACA_KEY_FILE_FORMAT_PEM,
+ nullptr, &key_rsa_pub_data_len);
+
const char *inv_data1 = "qwertyuiopasdfghjklzxcvbnmqwerty";
size_t inv_data1_len = strlen(inv_data1);
const char *inv_data2 = "--------qwertyuiopasdfghjklzxcvbnm";
key_rsa_data.get(), static_cast<size_t>(INT_MAX) + 1, &out));
YACA_INVALID_PARAM(yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, nullptr,
key_rsa_data.get(), 3, &out));
+
+ /* passing password with a key/format that doesn't support it */
+ YACA_INVALID_PARAM(yaca_key_import(YACA_KEY_TYPE_RSA_PRIV, "pass",
+ key_rsa_data.get(), key_rsa_data_len, &out));
+ YACA_INVALID_PARAM(yaca_key_import(YACA_KEY_TYPE_RSA_PUB, "pass",
+ key_rsa_pub_data.get(), key_rsa_pub_data_len, &out));
+}
+
+RUNNER_TEST(T4240_yaca_key_export_import, YacaTest)
+{
+ auto tvv = loadTestVector("key.txt");
+
+ for (const auto& tv : tvv) {
+ yaca_key_type_e key_type;
+ size_t key_len_bits;
+ yaca_key_format_e key_format;
+ yaca_key_file_format_e key_file_format;
+ std::string password;
+
+ tv.get("key_type", key_type);
+ tv.get("key_len_bits", key_len_bits);
+ tv.get("key_format", key_format);
+ tv.get("key_file_format", key_file_format);
+ tv.get("password", password);
+
+ KeyPtr key = generate_key(key_type, key_len_bits);
+
+ size_t key_data_len;
+ ChrPtr key_data = export_key(key, key_format, key_file_format, password.c_str(), &key_data_len);
+ KeyPtr key_imp = import_key(key_type, password.c_str(), key_data.get(), key_data_len);
+
+ assert_keys_equal(key, key_imp);
+
+ /* password test for asymmetric DEFAULT PEM */
+ if (key_format == YACA_KEY_FORMAT_DEFAULT &&
+ (key_type == YACA_KEY_TYPE_RSA_PRIV || key_type == YACA_KEY_TYPE_DSA_PRIV) &&
+ key_file_format == YACA_KEY_FILE_FORMAT_PEM)
+ import_key_wrong_password(key_type, password, key_data.get(), key_data_len);
+
+ /* password test for asymmetric PKCS8 PEM and DER */
+ if (key_format == YACA_KEY_FORMAT_PKCS8 &&
+ (key_type == YACA_KEY_TYPE_RSA_PRIV || key_type == YACA_KEY_TYPE_DSA_PRIV))
+ import_key_wrong_password(key_type, password, key_data.get(), key_data_len);
+
+ /* public key test for asymmetric DEFAULT PEM and DER */
+ if (key_format == YACA_KEY_FORMAT_DEFAULT &&
+ (key_type == YACA_KEY_TYPE_RSA_PRIV || key_type == YACA_KEY_TYPE_DSA_PRIV)) {
+ KeyPtr key_pub = extract_public_key(key);
+ yaca_key_type_e key_pub_type = static_cast<yaca_key_type_e>(-1); // fix clang
+
+ switch (key_type) {
+ case YACA_KEY_TYPE_RSA_PRIV:
+ key_pub_type = YACA_KEY_TYPE_RSA_PUB;
+ break;
+ case YACA_KEY_TYPE_DSA_PRIV:
+ key_pub_type = YACA_KEY_TYPE_DSA_PUB;
+ break;
+ default:
+ RUNNER_FAIL_MSG("Wrong key_type passed");
+ }
+
+ size_t key_pub_data_len;
+ ChrPtr key_pub_data = export_key(key_pub, key_format, key_file_format, nullptr, &key_pub_data_len);
+ KeyPtr key_pub_imp = import_key(key_pub_type, nullptr, key_pub_data.get(), key_pub_data_len);
+
+ assert_keys_equal(key_pub, key_pub_imp);
+ }
+ }
}
projects / platform / core / test / security-tests.git / commitdiff