${PROJECT_SOURCE_DIR}/src/ckm/cc-mode.cpp
# ${PROJECT_SOURCE_DIR}/src/ckm/password-integration.cpp
${PROJECT_SOURCE_DIR}/src/ckm/system-db.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/initial-values.cpp
${PROJECT_SOURCE_DIR}/src/ckm/clean-env.cpp
${PROJECT_SOURCE_DIR}/src/ckm/test-certs.cpp
)
test1801.pkcs12
pkcs.p12
capi-t3096.p12
+ XML_1_okay.xml
+ XML_2_okay.xml
+ XML_3_wrong.xml
DESTINATION /usr/share/ckm-test
)
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<InitialValues version="1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="initial_values.xsd ">
+ <Key name="test-key1" type="RSA_PUB" password="123">
+ <PEM>
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3
+ +dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui
+ tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB
+ x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2
+ QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8
+ 9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4
+ m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA
+ +wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp
+ f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4
+ +klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ
+ 4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+
+ 8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ==
+ -----END PUBLIC KEY-----
+ </PEM>
+ <Permission accessor="web_app1"/>
+ </Key>
+ <Key name="test-key2" type="RSA_PRV" exportable="true">
+ <DER>
+ MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17
+ jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA
+ 4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2
+ QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8S
+ GjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWp
+ xOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQ
+ TEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPf
+ VRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5Ji
+ wRTZ4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLi
+ BLx0Yr/RXKf6gJUCAwEAAQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh1
+ 8pva5KzhEU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh9u23
+ 6vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXNGF5JjNcCOQxO1Em8
+ pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG5DPb19r9XjQhUPjbcq3/4qmLwtLT
+ 9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK
+ 6wX2IQ+7vJoWQyg2w6DbpSRqcyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxee
+ RpNqFU9OCw0Bd3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O
+ bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBWgUyLSdxR5RoE
+ jBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbPggFZ8JnuwgtNo0soVKsWGATH
+ 65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX80jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H
+ 1TYDjwA1iBFku/O/xx7Jag7Y0A2l1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MO
+ GFTs5r9QyM//sm5D2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDO
+ UCx6xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0/zX4MFMD
+ /Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWdkKpm9xcFddATlT0CggEB
+ AOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvEqgKHOgZO9ztD6/UgX41uc+3rKfvmY5As
+ ldGZgd0ov/DyeF0N834LeBVayG1fdcEtamqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9
+ TwoUWS2xmldc+nehCdHsWQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+
+ ETjKemdKHQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5ZB7e
+ v8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FWNqvwp9PQzxwTv8wu
+ xBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o1Rad6jtb1SiV9KcPk83wIeoUk/xp
+ 0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7LqpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8
+ eTEywu5yrMGeAjVpLFfKlmGIpYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk
+ 2kuGLYXISfUGj0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a
+ xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8WX4+ZEW7S4heL
+ sUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/aW22I0REV5UU8bS1F7taV93Ew
+ WmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVyFjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4i
+ gfJpPcUFYOazZ3Y7q53RdCgIPKKyiVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GH
+ W93TUDTKWlTXyUFmC2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltY
+ G08tfEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL606qeBC8x
+ oVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQpyVWfB+F2ppBOYtKvNub
+ yKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+IQj8I06c1T31kzfJ71Vx1DUWZW/65xmFD
+ 4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rquPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+
+ Vx676FQrM4EzjSSqgA==
+ </DER>
+ <Permission accessor="web_app2"/>
+ </Key>
+ <Cert exportable="true" name="test-cert1">
+ <DER>
+ MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkFVMRMw
+ EQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMSEwHwYD
+ VQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUwHhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcy
+ MTUyWjBmMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQ
+ MA4GA1UECwwHVGVzdGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjAN
+ BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC9IDE/Yr1
+ 2w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3daeDoV59IZ9r543KM+g8jm
+ 6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/WrQl1aIdLGFIegAzPGFPXDcU6F192686x
+ 54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY
+ +Cgw1Yoz+HHv31AllgFsBquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQID
+ AQABo1AwTjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pkzFt1
+ PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAld7Qwq0cdzDQ
+ 51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBXldvGBG5Tn0vT7xSuhmSgI2/HnBpy
+ 9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYU
+ wJFQEofkjmd4UpOYSqmcRXhSJzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX7
+ 7+XYvhodLRsVqMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK
+ kOg11TpPdNDkhb1J4ZCh2gupDg==
+ </DER>
+ <Permission accessor="web_app2"/>
+ </Cert>
+ <Data name="test-data1" exportable="true">
+ <ASCII>My secret data</ASCII>
+ <Permission accessor="web_app1"/>
+ <Permission accessor="web_app2"/>
+ </Data>
+ <Key name="test-aes1" type="AES">
+ <Base64>
+ MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
+ </Base64>
+ <Permission accessor="web_app1"/>
+ <Permission accessor="web_app2"/>
+ </Key>
+</InitialValues>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<InitialValues version="1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="initial_values.xsd ">
+ <Key name="test2-key1" type="RSA_PUB" password="123">
+ <PEM>
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3
+ +dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui
+ tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB
+ x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2
+ QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8
+ 9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4
+ m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA
+ +wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp
+ f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4
+ +klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ
+ 4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+
+ 8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ==
+ -----END PUBLIC KEY-----
+ </PEM>
+ <Permission accessor="web_app1"/>
+ </Key>
+ <Key name="test2-key2" type="RSA_PRV" exportable="true">
+ <DER>
+ MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17
+ jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA
+ 4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2
+ QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8S
+ GjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWp
+ xOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQ
+ TEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPf
+ VRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5Ji
+ wRTZ4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLi
+ BLx0Yr/RXKf6gJUCAwEAAQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh1
+ 8pva5KzhEU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh9u23
+ 6vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXNGF5JjNcCOQxO1Em8
+ pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG5DPb19r9XjQhUPjbcq3/4qmLwtLT
+ 9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK
+ 6wX2IQ+7vJoWQyg2w6DbpSRqcyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxee
+ RpNqFU9OCw0Bd3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O
+ bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBWgUyLSdxR5RoE
+ jBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbPggFZ8JnuwgtNo0soVKsWGATH
+ 65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX80jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H
+ 1TYDjwA1iBFku/O/xx7Jag7Y0A2l1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MO
+ GFTs5r9QyM//sm5D2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDO
+ UCx6xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0/zX4MFMD
+ /Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWdkKpm9xcFddATlT0CggEB
+ AOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvEqgKHOgZO9ztD6/UgX41uc+3rKfvmY5As
+ ldGZgd0ov/DyeF0N834LeBVayG1fdcEtamqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9
+ TwoUWS2xmldc+nehCdHsWQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+
+ ETjKemdKHQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5ZB7e
+ v8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FWNqvwp9PQzxwTv8wu
+ xBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o1Rad6jtb1SiV9KcPk83wIeoUk/xp
+ 0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7LqpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8
+ eTEywu5yrMGeAjVpLFfKlmGIpYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk
+ 2kuGLYXISfUGj0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a
+ xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8WX4+ZEW7S4heL
+ sUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/aW22I0REV5UU8bS1F7taV93Ew
+ WmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVyFjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4i
+ gfJpPcUFYOazZ3Y7q53RdCgIPKKyiVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GH
+ W93TUDTKWlTXyUFmC2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltY
+ G08tfEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL606qeBC8x
+ oVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQpyVWfB+F2ppBOYtKvNub
+ yKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+IQj8I06c1T31kzfJ71Vx1DUWZW/65xmFD
+ 4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rquPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+
+ Vx676FQrM4EzjSSqgA==
+ </DER>
+ <Permission accessor="web_app2"/>
+ </Key>
+ <Cert exportable="true" name="test2-cert1">
+ <DER>
+ MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkFVMRMw
+ EQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMSEwHwYD
+ VQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUwHhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcy
+ MTUyWjBmMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQ
+ MA4GA1UECwwHVGVzdGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjAN
+ BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC9IDE/Yr1
+ 2w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3daeDoV59IZ9r543KM+g8jm
+ 6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/WrQl1aIdLGFIegAzPGFPXDcU6F192686x
+ 54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY
+ +Cgw1Yoz+HHv31AllgFsBquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQID
+ AQABo1AwTjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pkzFt1
+ PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAld7Qwq0cdzDQ
+ 51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBXldvGBG5Tn0vT7xSuhmSgI2/HnBpy
+ 9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYU
+ wJFQEofkjmd4UpOYSqmcRXhSJzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX7
+ 7+XYvhodLRsVqMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK
+ kOg11TpPdNDkhb1J4ZCh2gupDg==
+ </DER>
+ <Permission accessor="web_app2"/>
+ </Cert>
+ <Data name="test2-data1" exportable="true">
+ <ASCII>My secret data</ASCII>
+ <Permission accessor="web_app1"/>
+ <Permission accessor="web_app2"/>
+ </Data>
+ <Key name="test2-aes1" type="AES">
+ <Base64>
+ MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
+ </Base64>
+ <Permission accessor="web_app1"/>
+ <Permission accessor="web_app2"/>
+ </Key>
+</InitialValues>
--- /dev/null
+<?xml version="1.0" encoding="UTF-8"?>
+<InitialValues version="1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="initial_values.xsd ">
+ <Key name="test3-key1" type="RSA_PUB" password="123">
+ <Permission accessor="web_app1"/>
+ <PEM>
+ -----BEGIN PUBLIC KEY-----
+ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3
+ +dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui
+ tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB
+ x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2
+ QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8
+ 9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4
+ m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA
+ +wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp
+ f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4
+ +klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ
+ 4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+
+ 8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ==
+ -----END PUBLIC KEY-----
+ </PEMIAMWRONG>
+ </Key>
+ <Key name="test3-key2" type="RSA_PRV" exportable="true">
+ <DER>
+ MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17
+ jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA
+ 4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2
+ QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8S
+ GjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWp
+ xOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQ
+ TEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPf
+ VRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5Ji
+ wRTZ4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLi
+ BLx0Yr/RXKf6gJUCAwEAAQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh1
+ 8pva5KzhEU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh9u23
+ 6vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXNGF5JjNcCOQxO1Em8
+ pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG5DPb19r9XjQhUPjbcq3/4qmLwtLT
+ 9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK
+ 6wX2IQ+7vJoWQyg2w6DbpSRqcyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxee
+ RpNqFU9OCw0Bd3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O
+ bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBWgUyLSdxR5RoE
+ jBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbPggFZ8JnuwgtNo0soVKsWGATH
+ 65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX80jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H
+ 1TYDjwA1iBFku/O/xx7Jag7Y0A2l1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MO
+ GFTs5r9QyM//sm5D2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDO
+ UCx6xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0/zX4MFMD
+ /Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWdkKpm9xcFddATlT0CggEB
+ AOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvEqgKHOgZO9ztD6/UgX41uc+3rKfvmY5As
+ ldGZgd0ov/DyeF0N834LeBVayG1fdcEtamqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9
+ TwoUWS2xmldc+nehCdHsWQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+
+ ETjKemdKHQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5ZB7e
+ v8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FWNqvwp9PQzxwTv8wu
+ xBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o1Rad6jtb1SiV9KcPk83wIeoUk/xp
+ 0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7LqpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8
+ eTEywu5yrMGeAjVpLFfKlmGIpYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk
+ 2kuGLYXISfUGj0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a
+ xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8WX4+ZEW7S4heL
+ sUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/aW22I0REV5UU8bS1F7taV93Ew
+ WmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVyFjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4i
+ gfJpPcUFYOazZ3Y7q53RdCgIPKKyiVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GH
+ W93TUDTKWlTXyUFmC2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltY
+ G08tfEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL606qeBC8x
+ oVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQpyVWfB+F2ppBOYtKvNub
+ yKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+IQj8I06c1T31kzfJ71Vx1DUWZW/65xmFD
+ 4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rquPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+
+ Vx676FQrM4EzjSSqgA==
+ </DER>
+ <Permission accessor="web_app2"/>
+ </Key>
+ <Cert exportable="true" name="test3-cert1">
+ <DER>
+ MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkFVMRMw
+ EQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMSEwHwYD
+ VQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUwHhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcy
+ MTUyWjBmMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQ
+ MA4GA1UECwwHVGVzdGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjAN
+ BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC9IDE/Yr1
+ 2w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3daeDoV59IZ9r543KM+g8jm
+ 6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/WrQl1aIdLGFIegAzPGFPXDcU6F192686x
+ 54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY
+ +Cgw1Yoz+HHv31AllgFsBquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQID
+ AQABo1AwTjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pkzFt1
+ PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAld7Qwq0cdzDQ
+ 51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBXldvGBG5Tn0vT7xSuhmSgI2/HnBpy
+ 9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYU
+ wJFQEofkjmd4UpOYSqmcRXhSJzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX7
+ 7+XYvhodLRsVqMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK
+ kOg11TpPdNDkhb1J4ZCh2gupDg==
+ </DER>
+ <Permission accessor="web_app2"/>
+ </Cert>
+ <Data name="test3-data1" exportable="true">
+ <ASCII>My secret data</ASCII>
+ <Permission accessor="web_app1"/>
+ <Permission accessor="web_app2"/>
+ </Data>
+ <Key name="test3-aes1" type="AES">
+ <Base64>
+ MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE
+ </Base64>
+ <Permission accessor="web_app1"/>
+ <Permission accessor="web_app2"/>
+ </Key>
+</InitialValues>
ckmc_raw_buffer_s* buffer = NULL;
int ret = ckmc_get_data(alias, NULL, &buffer);
RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
- "App with different label shouldn't have rights to see this data." << CKMCErrorToString(ret));
+ "App with different label shouldn't have rights to see this data. " << CKMCErrorToString(ret));
ckmc_buffer_free(buffer);
}
}
+void check_key(const char *alias, int expected_error, ckmc_key_type_e expected_type)
+{
+ ckmc_key_s *test_key = NULL;
+ int temp = ckmc_get_key(alias, 0, &test_key);
+ RUNNER_ASSERT_MSG(
+ expected_error == temp,
+ "received: " << CKMCReadableError(temp) << " while expected: " << CKMCReadableError(expected_error));
+ if(expected_type != CKMC_KEY_NONE)
+ {
+ RUNNER_ASSERT_MSG(
+ test_key->key_type == expected_type,
+ "received type: " << test_key->key_type << " while expected type: " << expected_type);
+ }
+ ckmc_key_free(test_key);
+}
+void check_key_allowed(const char *alias, ckmc_key_type_e expected_type)
+{
+ check_key(alias, CKMC_ERROR_NONE, expected_type);
+}
+void check_key_not_visible(const char *alias)
+{
+ check_key(alias, CKMC_ERROR_DB_ALIAS_UNKNOWN);
+}
+void check_cert_allowed(const char *alias)
+{
+ ckmc_cert_s *test_cert = NULL;
+ int temp = ckmc_get_cert(alias, 0, &test_cert);
+ ckmc_cert_free(test_cert);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == temp, CKMCReadableError(temp));
+
+}
+void check_cert_not_visible(const char *alias)
+{
+ ckmc_cert_s *test_cert = NULL;
+ int temp = ckmc_get_cert(alias, 0, &test_cert);
+ ckmc_cert_free(test_cert);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == temp,
+ "App with different label shouldn't have rights to see this cert. " << CKMCErrorToString(temp));
+}
+
void allow_access(const char* alias, const char* accessor, int permissionMask)
{
// data removal should revoke this access
int expected_code = CKMC_ERROR_NONE);
void check_read_allowed(const char* alias, const char *data);
void check_read_not_visible(const char* alias);
+void check_key(const char *alias,
+ int expected_error = CKMC_ERROR_NONE,
+ ckmc_key_type_e expected_type = CKMC_KEY_NONE);
+void check_key_allowed(const char *alias, ckmc_key_type_e expected_type = CKMC_KEY_NONE);
+void check_key_not_visible(const char *alias);
+void check_cert_allowed(const char *alias);
+void check_cert_not_visible(const char *alias);
void allow_access(const char* alias, const char* accessor, int permissionMask);
void allow_access_negative(const char* alias, const char* accessor, int permissionMask, int expectedCode);
void deny_access(const char* alias, const char* accessor);
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2015 Samsung Electronics Co.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ * @file system-db.cpp
+ * @author Maciej Karpiuk (m.karpiuk2@samsung.com)
+ * @version 1.0
+ */
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+#include <dpl/log/log.h>
+#include <tests_common.h>
+#include <ckm-common.h>
+#include <ckm/ckm-control.h>
+#include <ckmc/ckmc-manager.h>
+#include <access_provider2.h>
+#include <fstream>
+#include <ios>
+#include <unistd.h>
+
+namespace
+{
+const uid_t USER_APP = 5070;
+const uid_t GROUP_APP = 5070;
+const char* APP_PASS = "user-pass";
+const char* TEST_WEB_APP_1 = "web_app1";
+const char* TEST_WEB_APP_2 = "web_app2";
+
+const char *XML_1_okay = "XML_1_okay.xml";
+const char *XML_1_EXPECTED_KEY_1_RSA = "/ test-key1";
+const char *XML_1_EXPECTED_KEY_1_PASSWD = "123";
+const char *XML_1_EXPECTED_KEY_2_RSA = "/ test-key2";
+// uncomment when AES is supported (+ usage in the tests)
+//const char *XML_1_EXPECTED_KEY_3_AES = "/ test-aes1";
+const char *XML_1_EXPECTED_CERT_1 = "/ test-cert1";
+const char *XML_1_EXPECTED_DATA_1 = "/ test-data1";
+const char *XML_1_EXPECTED_DATA_1_DATA = "My secret data";
+
+const char *XML_2_okay = "XML_2_okay.xml";
+const char *XML_2_EXPECTED_KEY_1_RSA = "/ test2-key1";
+const char *XML_2_EXPECTED_KEY_2_RSA = "/ test2-key2";
+// uncomment when AES is supported
+//const char *XML_2_EXPECTED_KEY_3_AES = "/ test2-aes1";
+const char *XML_2_EXPECTED_CERT_1 = "/ test2-cert1";
+const char *XML_2_EXPECTED_DATA_1 = "/ test2-data1";
+const char *XML_2_EXPECTED_DATA_1_DATA = "My secret data";
+
+const char *XML_3_wrong = "XML_3_wrong.xml";
+const char *XML_3_EXPECTED_KEY_1_RSA = "/ test3-key1";
+const char *XML_3_EXPECTED_KEY_2_RSA = "/ test3-key2";
+// uncomment when AES is supported
+//const char *XML_2_EXPECTED_KEY_3_AES = "/ test3-aes1";
+const char *XML_3_EXPECTED_CERT_1 = "/ test3-cert1";
+const char *XML_3_EXPECTED_DATA_1 = "/ test3-data1";
+
+void feedGarbageCollector(GarbageCollector & gc)
+{
+ // [prepare]
+ gc.add(XML_1_EXPECTED_KEY_1_RSA);
+ gc.add(XML_1_EXPECTED_KEY_2_RSA);
+ //gc.add(XML_1_EXPECTED_KEY_3_AES);
+ gc.add(XML_1_EXPECTED_CERT_1);
+ gc.add(XML_1_EXPECTED_DATA_1);
+ gc.add(XML_2_EXPECTED_KEY_1_RSA);
+ gc.add(XML_2_EXPECTED_KEY_2_RSA);
+ //gc.add(XML_2_EXPECTED_KEY_3_AES);
+ gc.add(XML_2_EXPECTED_CERT_1);
+ gc.add(XML_2_EXPECTED_DATA_1);
+}
+
+std::string format_src_path(const char *file)
+{
+ return std::string("/usr/share/ckm-test/") + std::string(file);
+}
+
+std::string format_dest_path(const char *file)
+{
+ return std::string("/opt/data/ckm/initial_values/") + std::string(file);
+}
+
+void copy_file(const std::string &from, const std::string &to)
+{
+ std::ifstream infile(from, std::ios_base::binary);
+ std::ofstream outfile(to, std::ios_base::binary);
+ outfile << infile.rdbuf();
+}
+
+void restart_key_manager()
+{
+ stop_service(MANAGER);
+ start_service(MANAGER);
+}
+
+void test_exists(const std::string& name, bool expected) {
+ bool file_exists = (access( name.c_str(), F_OK ) != -1);
+ RUNNER_ASSERT_MSG(file_exists == expected,
+ "File " << name << " status: " << file_exists <<
+ " while expected: " << expected);
+}
+
+}
+
+
+RUNNER_TEST_GROUP_INIT(T60_INITIAL_VALUES);
+
+RUNNER_TEST(T6010_PARSE_XML_FILE_AT_STARTUP)
+{
+ // [prepare]
+ // remove database 0
+ // copy to the initial-values folder
+ // [test0]
+ // check XML file exists
+ // restart the key-manager
+ // check XML file exists - should fail
+ // [test1]
+ // check items existence as system service
+ // [test2]
+ // check items existence as web_app1
+ // [test3]
+ // check items existence as web_app2
+
+
+ // [prepare]
+ GarbageCollector gc;
+ feedGarbageCollector(gc);
+
+ remove_user_data(0);
+ copy_file(format_src_path(XML_1_okay), format_dest_path(XML_1_okay));
+
+ // [test0]
+ test_exists(format_dest_path(XML_1_okay), true);
+ restart_key_manager();
+ test_exists(format_dest_path(XML_1_okay), false);
+
+ // [test1]
+ check_key(XML_1_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE);
+ check_key_allowed(XML_1_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE);
+ //check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES);
+ check_cert_allowed(XML_1_EXPECTED_CERT_1);
+ check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA);
+
+ // [test2]
+ {
+ ScopedAccessProvider ap(TEST_WEB_APP_1);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+
+ check_key(XML_1_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE);
+ check_key_not_visible(XML_1_EXPECTED_KEY_2_RSA);
+ // check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES);
+ check_cert_not_visible(XML_1_EXPECTED_CERT_1);
+ check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA);
+ }
+
+ // [test3]
+ {
+ ScopedAccessProvider ap(TEST_WEB_APP_2);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+ ScopedDBUnlock unlock(USER_APP, APP_PASS);
+
+ check_key_not_visible(XML_1_EXPECTED_KEY_1_RSA);
+ check_key_allowed(XML_1_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE);
+ // check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES);
+ check_cert_allowed(XML_1_EXPECTED_CERT_1);
+ check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA);
+ }
+}
+
+RUNNER_TEST(T6020_PARSE_TWO_XML_FILES_AT_STARTUP)
+{
+ // [prepare]
+ // remove database 0
+ // copy two files to the initial-values folder
+ // [test0]
+ // check XML files exist
+ // restart the key-manager
+ // check XML files exist - should fail
+ // [test1]
+ // check items existence as system service
+
+ // [prepare]
+ GarbageCollector gc;
+ feedGarbageCollector(gc);
+
+ remove_user_data(0);
+ copy_file(format_src_path(XML_1_okay), format_dest_path(XML_1_okay));
+ copy_file(format_src_path(XML_2_okay), format_dest_path(XML_2_okay));
+
+ // [test0]
+ test_exists(format_dest_path(XML_1_okay), true);
+ test_exists(format_dest_path(XML_1_okay), true);
+ restart_key_manager();
+ test_exists(format_dest_path(XML_2_okay), false);
+ test_exists(format_dest_path(XML_2_okay), false);
+
+ // [test1]
+ check_key(XML_1_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE);
+ check_key(XML_2_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE);
+ check_key_allowed(XML_1_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE);
+ check_key_allowed(XML_2_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE);
+ //check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES);
+ //check_key_allowed(XML_2_EXPECTED_KEY_3_AES, CKMC_KEY_AES);
+ check_cert_allowed(XML_1_EXPECTED_CERT_1);
+ check_cert_allowed(XML_2_EXPECTED_CERT_1);
+ check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA);
+ check_read_allowed(XML_2_EXPECTED_DATA_1, XML_2_EXPECTED_DATA_1_DATA);
+}
+
+RUNNER_TEST(T6030_PARSE_FAIL_XML_AT_STARTUP)
+{
+ // [prepare]
+ // remove database 0
+ // copy failing XML file to the initial-values folder
+ // [test0]
+ // check XML files exist
+ // restart the key-manager
+ // check XML files exist - should fail
+ // [test1]
+ // check items existence as system service - nothing should be available
+
+ // [prepare]
+ remove_user_data(0);
+ copy_file(format_src_path(XML_3_wrong), format_dest_path(XML_3_wrong));
+
+ // [test0]
+ test_exists(format_dest_path(XML_3_wrong), true);
+ restart_key_manager();
+ test_exists(format_dest_path(XML_3_wrong), false);
+
+ // [test1]
+ check_key_not_visible(XML_3_EXPECTED_KEY_1_RSA);
+ check_key_not_visible(XML_3_EXPECTED_KEY_2_RSA);
+ //check_key_not_visible(XML_3_EXPECTED_KEY_3_AES);
+ check_cert_not_visible(XML_3_EXPECTED_CERT_1);
+ check_read_not_visible(XML_3_EXPECTED_DATA_1);
+}
+
+RUNNER_TEST(T6040_CHECK_KEYS_VALID)
+{
+ // [prepare]
+ // remove database 0
+ // copy to the initial-values folder
+ // restart the key-manager
+ // [test]
+ // check if key can create & verify signature
+
+ // [prepare]
+ GarbageCollector gc;
+ feedGarbageCollector(gc);
+ remove_user_data(0);
+ copy_file(format_src_path(XML_1_okay), format_dest_path(XML_1_okay));
+ restart_key_manager();
+
+ // [test]
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("Raz ugryzla misia pszczola..");
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature = NULL;
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ XML_1_EXPECTED_KEY_2_RSA,
+ NULL,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ // invalid password
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_AUTHENTICATION_FAILED == (temp = ckmc_verify_signature(
+ XML_1_EXPECTED_KEY_1_RSA,
+ NULL,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ // correct password
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ XML_1_EXPECTED_KEY_1_RSA,
+ XML_1_EXPECTED_KEY_1_PASSWD,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ ckmc_buffer_free(signature);
+}
projects / platform / core / test / security-tests.git / commitdiff