-# Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2012-2015 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
############################# Targets names ###################################
-# No target defined so far
+SET(TARGET_CKM_TESTS "ckm-tests")
+SET(COMMON_TARGET_TEST "tests-common")
############################# subdirectories ##################################
+ADD_SUBDIRECTORY(src)
ADD_SUBDIRECTORY(tests)
cynara
cynara-test
+There are also inner-tests for testing complex security-tests framework
+mechanisms with binary:
+ security-tests-inner-test
+
==HOW TO RUN===================================================================
Each test suite may be run with options:
RUNNER_ERROR_MSG
Print error message using red color.
+--Defer macros-----------------------------------------------------------------
+Used to defer throwing TestException exceptions (TestFailed, TestIgnored)
+by catching them and rethrowing later. This mechanism can help in breaking
+test and passing test result from places where throwing exceptions
+is not allowed
+
+dpl-test-framework
+ test_runner.h
+ RUNNER_DEFER_TRYCATCH
+ Catches thrown TestException exceptions and stores them in TestRunner
+ structures for later use. This macro works only inside deffered scope
+ defined by RUNNER_DEFER_SCOPE, otherwise it won't catch exceptions
+ RUNNER_DEFER_SCOPE
+ Defines deferred scope. All RUNNER_DEFER_TRYCATCH macros used inside
+ the scope catch and save TestException exceptions. After scope is left
+ all saved exceptions take part in setting result of test. If there
+ is no any uncaught exception then additionally first of saved
+ exceptions is thrown.
+
--Collectors-------------------------------------------------------------------
Collectors are classes which collect test results. Each class does it differently.
Collectors can be registered by --output parameter (see HOW TO RUN section) but
BuildRequires: cynara-devel
BuildRequires: pkgconfig(libtzplatform-config)
BuildRequires: boost-devel
+BuildRequires: pkgconfig(vconf)
BuildRequires: pkgconfig(libgum) >= 1.0.5
Requires: perf
Requires: gdb
+Requires: key-manager-listener
%description
Security tests repository - for tests that can't be kept together with code.
-DDPL_LOG="ON" \
-DVERSION=%{version} \
-DCMAKE_BUILD_TYPE=%{?build_type:%build_type}%{!?build_type:DEBUG} \
+%if "%{sec_product_feature_security_mdfpp_enable}" == "1"
+ -DSECURITY_MDFPP_STATE_ENABLE=1 \
+%endif
-DCMAKE_VERBOSE_MAKEFILE=ON \
-DCYNARA_DB_DIR=%{_localstatedir}/cynara/db
make %{?jobs:-j%jobs}
# Load permissions templates
api_feature_loader --verbose
+# Set vconf key for cc-mode testing if vconf key isn't there.
+%if "%{sec_product_feature_security_mdfpp_enable}" != "1"
+ echo "Install vconf key (file/security_mdpp/security_mdpp_state) for testing key-manager"
+ vconftool set -t string file/security_mdpp/security_mdpp_state "Unset"
+%endif
+
echo "security-tests postinst done ..."
%files
/usr/lib/security-tests/cynara-tests/plugins/single-policy/*
/usr/lib/security-tests/cynara-tests/plugins/multiple-policy/*
/usr/lib/security-tests/cynara-tests/plugins/test-agent/*
+/usr/bin/security-tests-inner-test
--- /dev/null
+# Copyright (c) 2011-2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+INCLUDE(FindPkgConfig)
+
+PKG_CHECK_MODULES(SYS_FRAMEWORK_TEST
+ REQUIRED
+ libxml-2.0
+ libpcrecpp
+ libiri
+ )
+
+PKG_CHECK_MODULES(SYS_FRAMEWORK_TEST_OTHER
+ REQUIRED
+ glib-2.0
+ dlog
+ )
+
+ADD_DEFINITIONS(${SYS_FRAMEWORK_TEST_OTHER_CFLAGS})
+
+include(framework/config.cmake)
+
+SET(DPL_FRAMEWORK_TEST_LIBRARY "dpl-test-framework")
+
+INCLUDE_DIRECTORIES(SYSTEM
+ ${SYS_FRAMEWORK_TEST_OTHER_INCLUDE_DIRS}
+ ${DPL_FRAMEWORK_TEST_INCLUDE_DIR}
+ )
+
+ADD_LIBRARY(${DPL_FRAMEWORK_TEST_LIBRARY} ${DPL_FRAMEWORK_TEST_SOURCES})
+
+TARGET_LINK_LIBRARIES(${DPL_FRAMEWORK_TEST_LIBRARY}
+ ${SYS_FRAMEWORK_TEST_OTHER_LIBRARIES}
+ ${SYS_FRAMEWORK_TEST_LIBRARIES}
+ )
+
+INSTALL(FILES ${PROJECT_SOURCE_DIR}/src/security-tests.sh
+ DESTINATION bin
+ PERMISSIONS OWNER_READ
+ OWNER_WRITE
+ OWNER_EXECUTE
+ GROUP_READ
+ GROUP_EXECUTE
+ WORLD_READ
+ WORLD_EXECUTE
+ )
+
+INSTALL(FILES ${PROJECT_SOURCE_DIR}/src/security-tests-all.sh
+ DESTINATION bin
+ PERMISSIONS OWNER_READ
+ OWNER_WRITE
+ OWNER_EXECUTE
+ GROUP_READ
+ GROUP_EXECUTE
+ WORLD_READ
+ WORLD_EXECUTE
+ )
+
+INSTALL(FILES
+ ${PROJECT_SOURCE_DIR}/src/test-performance-check.sh
+ DESTINATION bin
+ PERMISSIONS OWNER_READ
+ OWNER_WRITE
+ OWNER_EXECUTE
+ GROUP_READ
+ GROUP_EXECUTE
+ WORLD_READ
+ WORLD_EXECUTE
+ )
+
+
+ADD_SUBDIRECTORY(common)
+ADD_SUBDIRECTORY(ckm)
+ADD_SUBDIRECTORY(libprivilege-control-tests)
+ADD_SUBDIRECTORY(libsmack-tests)
+ADD_SUBDIRECTORY(smack-dbus-tests)
+ADD_SUBDIRECTORY(security-server-tests)
+ADD_SUBDIRECTORY(security-manager-tests)
+ADD_SUBDIRECTORY(cynara-tests)
--- /dev/null
+# Copyright (c) 2013-2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# @file CMakeLists.txt
+# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+# @brief
+#
+
+INCLUDE(FindPkgConfig)
+
+# mdpp flag
+IF (DEFINED SECURITY_MDFPP_STATE_ENABLED)
+ MESSAGE("SECURITY_MDFPP_STATE_ENABLE ENABLED !")
+ ADD_DEFINITIONS("-DSECURITY_MDFPP_STATE_ENABLE")
+ELSE (DEFINED SECURITY_MDFPP_STATE_ENABLE)
+ MESSAGE("SECURITY_MDFPP_STATE_ENABLE DISABLED !")
+ENDIF (DEFINED SECURITY_MDFPP_STATE_ENABLE)
+
+# Dependencies
+PKG_CHECK_MODULES(CKM_DEP
+ libsmack
+ key-manager
+ dbus-1
+ vconf
+ REQUIRED)
+
+# Targets definition
+
+SET(CKM_SOURCES
+ ${PROJECT_SOURCE_DIR}/src/ckm/access_provider2.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/main.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/capi-testcases.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/capi-certificate-chains.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/capi-access_control.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/async-api.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/ckm-common.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/cc-mode.cpp
+# ${PROJECT_SOURCE_DIR}/src/ckm/password-integration.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/clean-env.cpp
+ ${PROJECT_SOURCE_DIR}/src/ckm/test-certs.cpp
+)
+
+INCLUDE_DIRECTORIES(SYSTEM ${CKM_DEP_INCLUDE_DIRS})
+INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/common/ )
+INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/src/ckm/ )
+
+ADD_EXECUTABLE(${TARGET_CKM_TESTS} ${CKM_SOURCES})
+
+TARGET_LINK_LIBRARIES(${TARGET_CKM_TESTS} ${CKM_DEP_LIBRARIES} ${COMMON_TARGET_TEST})
+
+# Installation
+
+INSTALL(TARGETS ${TARGET_CKM_TESTS} DESTINATION bin)
+INSTALL(FILES
+ test1801.pkcs12
+ pkcs.p12
+ capi-t3096.p12
+ DESTINATION /usr/share/ckm-test
+ )
--- /dev/null
+/*
+ * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file access_provider.cpp
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Common functions and macros used in security-tests package.
+ */
+#include <sys/types.h>
+#include <unistd.h>
+#include <sys/smack.h>
+
+#include <access_provider2.h>
+
+#include <tests_common.h>
+
+AccessProvider::AccessProvider(const std::string &mySubject)
+ : m_mySubject(mySubject)
+{}
+
+void AccessProvider::allowAPI(const std::string &api, const std::string &rule) {
+ m_smackAccess.add(m_mySubject, api, rule);
+}
+
+void AccessProvider::apply() {
+ m_smackAccess.apply();
+}
+
+void AccessProvider::applyAndSwithToUser(int uid, int gid) {
+ RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_mySubject.c_str()),
+ "Error in smack_revoke_subject(" << m_mySubject << ")");
+ apply();
+ RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(m_mySubject.c_str()),
+ "Error in smack_set_label_for_self.");
+ RUNNER_ASSERT_MSG(0 == setgid(gid),
+ "Error in setgid.");
+ RUNNER_ASSERT_MSG(0 == setuid(uid),
+ "Error in setuid.");
+}
+
--- /dev/null
+/*
+ * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file access_provider.h
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ * @brief Common functions and macros used in security-tests package.
+ */
+#ifndef _ACCESS_FOR_DUMMIES_H_
+#define _ACCESS_FOR_DUMMIES_H_
+
+#include <string>
+
+#include <smack_access.h>
+
+class AccessProvider {
+public:
+ AccessProvider(const std::string &mySubject);
+
+ AccessProvider(const AccessProvider &second) = delete;
+ AccessProvider& operator=(const AccessProvider &second) = delete;
+
+ void allowAPI(const std::string &api, const std::string &rules);
+ void apply();
+ void applyAndSwithToUser(int uid, int gid);
+
+ virtual ~AccessProvider(){}
+private:
+ std::string m_mySubject;
+ SmackAccess m_smackAccess;
+};
+
+#endif // _ACCESS_FOR_DUMMIES_H_
+
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Contact: Bumjin Im <bj.im@samsung.com>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file async-api.cpp
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ */
+
+#include <mutex>
+#include <utility>
+#include <condition_variable>
+#include <cassert>
+
+#include <ckmc/ckmc-type.h>
+#include <ckm/ckm-manager-async.h>
+#include <ckm/ckm-manager.h>
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-raw-buffer.h>
+
+#include <fstream>
+
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+#include <dpl/log/log.h>
+
+#include <tests_common.h>
+#include <test-certs.h>
+#include <ckm-common.h>
+
+using namespace CKM;
+using namespace std;
+using namespace TestData;
+
+namespace {
+
+const char* TEST_LABEL = "test_label";
+const CertificateShPtrVector EMPTY_CERT_VECTOR;
+const AliasVector EMPTY_ALIAS_VECTOR;
+
+class MyObserver: public ManagerAsync::Observer
+{
+public:
+ MyObserver() :
+ m_finished(false), m_error(0)
+ {
+ }
+
+ void ReceivedError(int error)
+ {
+ LogError("Received error: " << error);
+ m_finished = true;
+ m_error = error;
+ m_cv.notify_one();
+ }
+
+ void ReceivedSaveKey() { Succeeded(); }
+ void ReceivedSaveCertificate() { Succeeded(); }
+ void ReceivedSaveData() { Succeeded(); }
+ void ReceivedSavePKCS12() { Succeeded(); }
+
+ void ReceivedRemovedAlias() { Succeeded(); }
+
+ void ReceivedKey(Key &&) { Succeeded(); }
+ void ReceivedCertificate(Certificate &&) { Succeeded(); }
+ void ReceivedData(RawBuffer &&) { Succeeded(); }
+ void ReceivedPKCS12(PKCS12ShPtr && pkcs) { m_pkcs = pkcs; Succeeded(); }
+
+ void ReceivedKeyAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
+ void ReceivedCertificateAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
+ void ReceivedDataAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
+
+ void ReceivedCreateKeyPairRSA() { Succeeded(); }
+ void ReceivedCreateKeyPairDSA() { Succeeded(); }
+ void ReceivedCreateKeyPairECDSA() { Succeeded(); }
+
+ void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
+ { m_certChain = move(chain); Succeeded(); }
+
+ void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
+ void ReceivedVerifySignature() { Succeeded(); }
+
+ void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
+
+ void ReceivedSetPermission() { Succeeded(); }
+
+ void WaitForResponse()
+ {
+ unique_lock < mutex > lock(m_mutex);
+
+ m_cv.wait(lock, [this] {return m_finished;});
+ }
+
+ bool m_finished;
+ int m_error;
+ AliasVector m_aliases;
+ CertificateShPtrVector m_certChain;
+ PKCS12ShPtr m_pkcs;
+ RawBuffer m_signed;
+ int m_ocspStatus;
+
+protected:
+ void Succeeded()
+ {
+ LogDebug("Succeeded");
+ m_finished = true;
+ m_cv.notify_one();
+ }
+
+ mutex m_mutex;
+ condition_variable m_cv;
+};
+
+typedef shared_ptr<MyObserver> MyObserverPtr;
+
+const char* TEST_PASS = "test-pass";
+
+enum Type {
+ RSA,
+ DSA,
+ ECDSA
+};
+
+struct KeyPair
+{
+ KeyPair(const std::string& prv_pem, const std::string& pub_pem) {
+ RawBuffer buffer_prv(prv_pem.begin(), prv_pem.end());
+ prv = Key::create(buffer_prv);
+ assert(prv);
+
+ RawBuffer buffer_pub(pub_pem.begin(), pub_pem.end());
+ pub = Key::create(buffer_pub);
+ assert(pub);
+ }
+
+ KeyShPtr prv;
+ KeyShPtr pub;
+};
+
+typedef map<Type, vector<KeyPair> > KeyMap;
+
+
+KeyMap initializeKeys()
+{
+ KeyMap km;
+
+ km[RSA].emplace_back(
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXAIBAAKBgQDMP6sKttnQ58BAi27b8X+8KVQtJgpJhhCF0RtWaTVqAhVDG3y4\n"
+ "x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06BCWPYH2+7jOfQIOy/TMlt+W7x\n"
+ "fou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+3Op0tEjy0jpmzeyNiQIDAQAB\n"
+ "AoGBAJRDX1CuvNx1bkwsKvQDkTqwMYd4hp0qcVICIbsPMhPaoT6OdHHZkHOf+HDx\n"
+ "KWhOj1LsXgzu95Q+Tp5k+LURI8ayu2RTsz/gYECgPNUsZ7gXl4co1bK+g5kiC+qr\n"
+ "sgSfkbYpp0OXefnl5x4KaJlZeSpn0UdDqx0kwI1x2E098i1VAkEA5thNY9YZNQdN\n"
+ "p6aopxOF5OmAjbLkq6wu255rDM5YgeepXXro/lmPociobtv8vPzbWKfoYZJL0Zj4\n"
+ "Qzj7Qz7s0wJBAOKBbpeG9PuNP1nR1h8kvyuILW8F89JOcIOUeqwokq4eJVqXdFIj\n"
+ "ct8eSEFmyXNqXD7b9+Tcw6vRIZuddVhNcrMCQAlpaD5ZzE1NLu1W7ilhsmPS4Vrl\n"
+ "oE0fiAmMO/EZuKITP+R/zmAQZrrB45whe/x4krjan67auByjj/utpxDmz+ECQEg/\n"
+ "UK80dN/n5dUYgVvdtLyF6zgGhgcGzgyqR5ayOlcfdnq25Htuoy1X02RJDOirfFDw\n"
+ "iNmPMTqUskuYpd1MltECQBwcy1cpnJWIXwCTQwg3enjkOVw80Tbr3iU9ASjHJTH2\n"
+ "N6FGHC4BQCm1fL6Bo0/0oSra+Ika3/1Vw1WwijUSiO8=\n"
+ "-----END RSA PRIVATE KEY-----",
+
+ "-----BEGIN PUBLIC KEY-----\n"
+ "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMP6sKttnQ58BAi27b8X+8KVQt\n"
+ "JgpJhhCF0RtWaTVqAhVDG3y4x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06B\n"
+ "CWPYH2+7jOfQIOy/TMlt+W7xfou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+\n"
+ "3Op0tEjy0jpmzeyNiQIDAQAB\n"
+ "-----END PUBLIC KEY-----"
+ );
+ km[DSA].emplace_back(
+ "-----BEGIN DSA PRIVATE KEY-----\n"
+ "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
+ "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
+ "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
+ "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
+ "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
+ "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
+ "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
+ "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
+ "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
+ "yAKPlW7WQzgV5jLLNUW7\n"
+ "-----END DSA PRIVATE KEY-----",
+
+ "-----BEGIN DSA PRIVATE KEY-----\n"
+ "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
+ "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
+ "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
+ "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
+ "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
+ "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
+ "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
+ "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
+ "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
+ "yAKPlW7WQzgV5jLLNUW7\n"
+ "-----END DSA PRIVATE KEY-----"
+ );
+ km[ECDSA].emplace_back(
+ "-----BEGIN EC PRIVATE KEY-----\n"
+ "MF8CAQEEGF3rz8OuFpcESrlqCm0G96oovr0XbX+DRKAKBggqhkjOPQMBAaE0AzIA\n"
+ "BHiZYByQiRNQ91GWNnTfoBbp9G8DP9oJYc/cDZlk4lKUpmbvm//RWf1U7ag3tOVy\n"
+ "sQ==\n"
+ "-----END EC PRIVATE KEY-----",
+
+ "-----BEGIN PUBLIC KEY-----\n"
+ "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEeJlgHJCJE1D3UZY2dN+gFun0bwM/\n"
+ "2glhz9wNmWTiUpSmZu+b/9FZ/VTtqDe05XKx\n"
+ "-----END PUBLIC KEY-----"
+ );
+ return km;
+}
+
+KeyMap keys = initializeKeys();
+typedef vector<CertificateShPtr> CertVector;
+
+const RawBuffer raw_buffer(const char* buffer)
+{
+ return RawBuffer(buffer, buffer + strlen(buffer));
+}
+
+const RawBuffer test_buffer = raw_buffer("test_string");
+
+template <typename F, typename... Args>
+void test_negative(F&& func, int expected, Args... args)
+{
+ MyObserverPtr obs = make_shared<MyObserver>();
+ ManagerAsync mgr;
+
+ (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
+ obs->WaitForResponse();
+
+ RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
+ RUNNER_ASSERT_MSG(
+ obs->m_error == expected,
+ "Expected " << expected << "/" << ErrorToString(expected) <<
+ " got: " << obs->m_error << "/" << ErrorToString(obs->m_error));
+}
+
+template <typename F, typename... Args>
+void test_invalid_param(F&& func, Args... args)
+{
+ test_negative(move(func), CKM_API_ERROR_INPUT_PARAM, args...);
+}
+
+template <typename F, typename... Args>
+void test_no_observer(F&& func, Args... args)
+{
+ ManagerAsync::ObserverPtr obs;
+ ManagerAsync mgr;
+
+ try {
+ (mgr.*func)(obs, args...);
+ RUNNER_ASSERT_MSG(false, "function() should have thrown an exception");
+ } catch (const invalid_argument& e) {
+ RUNNER_ASSERT(true);
+ } catch (...) {
+ RUNNER_ASSERT_MSG(false, "Unexpected exception");
+ }
+}
+
+template <typename F, typename... Args>
+MyObserverPtr test_positive(F&& func, Args... args)
+{
+ MyObserverPtr obs = make_shared<MyObserver>();
+ ManagerAsync mgr;
+
+ (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
+ obs->WaitForResponse();
+
+ RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
+ RUNNER_ASSERT_MSG(obs->m_error == 0,
+ "Request failed " << obs->m_error << "/" << ErrorToString(obs->m_error));
+ return obs;
+}
+
+template <typename F, typename... Args>
+void test_check_aliases(F&& func, const AliasVector& expected, Args... args)
+{
+ auto obs = test_positive(move(func), args...);
+ RUNNER_ASSERT_MSG(obs->m_aliases == expected, "Retrieved aliases differ from expected");
+}
+
+template <typename F, typename... Args>
+void test_check_cert_chain(F&& func, size_t expected, Args... args)
+{
+ auto obs = test_positive(move(func), args...);
+ RUNNER_ASSERT_MSG(
+ obs->m_certChain.size() == expected,
+ "Expected chain length: " << expected << " got: " << obs->m_certChain.size());
+}
+
+typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
+ const CertificateShPtr&,
+ const CertificateShPtrVector&,
+ const CertificateShPtrVector&,
+ bool);
+
+typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
+ const CertificateShPtr&,
+ const AliasVector&,
+ const AliasVector&,
+ bool);
+} // namespace anonymous
+
+
+RUNNER_TEST_GROUP_INIT(CKM_ASYNC_API);
+
+RUNNER_TEST(TA0000_init)
+{
+ int temp;
+ ControlShPtr control = Control::create();
+
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(0, TEST_PASS)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
+ "Error=" << ErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(APP_UID, TEST_PASS)),
+ "Error=" << ErrorToString(temp));
+}
+
+// saveKey
+RUNNER_CHILD_TEST(TA0010_save_key_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
+ test_invalid_param(&ManagerAsync::saveKey, "", keys[RSA][0].prv, Policy());
+ test_invalid_param(&ManagerAsync::saveKey, "alias", KeyShPtr(), Policy());
+}
+
+RUNNER_CHILD_TEST(TA0020_save_key_already_exists)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
+ test_negative(&ManagerAsync::saveKey,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ dbc.alias("alias"),
+ keys[RSA][0].prv,
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA0050_save_key_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
+}
+
+
+// saveCertificate
+RUNNER_CHILD_TEST(TA0110_save_cert_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ CertificateShPtr cert = Certificate::create(test_buffer, DataFormat::FORM_PEM);
+ test_no_observer(&ManagerAsync::saveCertificate, "", cert, Policy());
+ test_invalid_param(&ManagerAsync::saveCertificate, "", cert, Policy());
+ test_invalid_param(&ManagerAsync::saveCertificate, "alias", CertificateShPtr(), Policy());
+}
+
+RUNNER_CHILD_TEST(TA0120_save_cert_already_exists)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
+ test_negative(&ManagerAsync::saveCertificate,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ dbc.alias("alias"),
+ getTestCertificate(MBANK),
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA0150_save_cert_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
+}
+
+
+// saveData
+RUNNER_CHILD_TEST(TA0210_save_data_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::saveData, "", test_buffer, Policy());
+ test_invalid_param(&ManagerAsync::saveData, "", test_buffer, Policy());
+ test_invalid_param(&ManagerAsync::saveData, "alias", RawBuffer(), Policy());
+}
+
+RUNNER_CHILD_TEST(TA0220_save_data_already_exists)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+ test_negative(&ManagerAsync::saveData,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ dbc.alias("alias"),
+ test_buffer,
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA0250_save_data_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+}
+
+
+// removeKey
+RUNNER_CHILD_TEST(TA0310_remove_alias_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::removeAlias, "alias");
+ test_invalid_param(&ManagerAsync::removeAlias, "");
+}
+
+RUNNER_CHILD_TEST(TA0330_remove_alias_unknown_alias)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
+}
+
+RUNNER_CHILD_TEST(TA0350_remove_key_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
+}
+
+
+RUNNER_CHILD_TEST(TA0450_remove_cert_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
+}
+
+
+RUNNER_CHILD_TEST(TA0550_remove_data_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
+}
+
+
+// getKey
+RUNNER_CHILD_TEST(TA0610_get_key_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::getKey, "alias", "");
+ test_invalid_param(&ManagerAsync::getKey, "", "");
+}
+
+RUNNER_CHILD_TEST(TA0630_get_key_unknown_alias)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_negative(&ManagerAsync::getKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
+}
+
+RUNNER_CHILD_TEST(TA0640_get_key_wrong_password)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
+ test_negative(&ManagerAsync::getKey,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
+ dbc.alias("alias"),
+ "wrong-password");
+}
+
+RUNNER_CHILD_TEST(TA0650_get_key_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
+ test_positive(&ManagerAsync::getKey, dbc.alias("alias"), "password");
+}
+
+
+// getCertificate
+RUNNER_CHILD_TEST(TA0710_get_cert_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::getCertificate, "alias", "");
+ test_invalid_param(&ManagerAsync::getCertificate, "", "");
+}
+
+RUNNER_CHILD_TEST(TA0730_get_cert_unknown_alias)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_negative(&ManagerAsync::getCertificate,
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN,
+ "non-existing-alias",
+ "");
+}
+
+RUNNER_CHILD_TEST(TA0740_get_cert_wrong_password)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveCertificate,
+ dbc.alias("alias"),
+ getTestCertificate(MBANK),
+ Policy("password"));
+ test_negative(&ManagerAsync::getCertificate,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
+ dbc.alias("alias"),
+ "wrong-password");
+}
+
+RUNNER_CHILD_TEST(TA0750_get_cert_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy("password"));
+ test_positive(&ManagerAsync::getCertificate, dbc.alias("alias"), "password");
+}
+
+
+// getData
+RUNNER_CHILD_TEST(TA0810_get_data_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::getData, "alias", "");
+ test_invalid_param(&ManagerAsync::getData, "", "");
+}
+
+RUNNER_CHILD_TEST(TA0830_get_data_unknown_alias)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
+}
+
+RUNNER_CHILD_TEST(TA0840_get_data_wrong_password)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
+ test_negative(&ManagerAsync::getData,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
+ dbc.alias("alias"),
+ "wrong-password");
+}
+
+RUNNER_CHILD_TEST(TA0850_get_data_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
+ test_positive(&ManagerAsync::getData, dbc.alias("alias"), "password");
+}
+
+
+// getKeyAliasVector
+RUNNER_CHILD_TEST(TA0910_get_key_alias_vector_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::getKeyAliasVector);
+}
+
+RUNNER_CHILD_TEST(TA0950_get_key_alias_vector_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias1"), keys[RSA][0].prv, Policy());
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
+
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias2"), keys[DSA][0].prv, Policy());
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
+
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
+}
+
+
+// getCertificateAliasVector
+RUNNER_CHILD_TEST(TA1010_get_cert_alias_vector_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::getCertificateAliasVector);
+}
+
+RUNNER_CHILD_TEST(TA1050_get_cert_alias_vector_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), getTestCertificate(MBANK), Policy());
+ test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
+
+ test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), getTestCertificate(SYMANTEC), Policy());
+ test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
+
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
+ test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
+}
+
+
+// getDataAliasVector
+RUNNER_CHILD_TEST(TA1110_get_data_alias_vector_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::getDataAliasVector);
+}
+
+RUNNER_CHILD_TEST(TA1150_get_data_alias_vector_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias1"), test_buffer, Policy());
+ test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
+
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
+ test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
+
+ test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
+ test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
+}
+
+
+// createKeyPairRSA
+RUNNER_CHILD_TEST(TA1210_create_key_pair_rsa_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::createKeyPairRSA,
+ 1024,
+ "alias_prv",
+ "alias_pub",
+ Policy(),
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA1220_create_key_pair_rsa_already_exists)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy());
+ test_negative(&ManagerAsync::createKeyPairRSA,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ 1024,
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
+ Policy(),
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA1250_create_key_pair_rsa_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::createKeyPairRSA,
+ 1024,
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
+ Policy(),
+ Policy());
+
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
+}
+
+// createKeyPairDSA
+RUNNER_CHILD_TEST(TA1270_create_key_pair_dsa_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::createKeyPairDSA,
+ 1024,
+ "alias_prv",
+ "alias_pub",
+ Policy(),
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA1280_create_key_pair_dsa_already_exists)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[DSA][0].prv, Policy());
+ test_negative(&ManagerAsync::createKeyPairDSA,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ 1024,
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
+ Policy(),
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA1290_create_key_pair_dsa_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::createKeyPairDSA,
+ 1024,
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
+ Policy(),
+ Policy());
+
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
+}
+
+// createKeyPairECDSA
+RUNNER_CHILD_TEST(TA1310_create_key_pair_ecdsa_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::createKeyPairECDSA,
+ ElipticCurve::prime192v1,
+ "alias_prv",
+ "alias_pub",
+ Policy(),
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA1320_create_key_pair_ecdsa_already_exists)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[ECDSA][0].prv, Policy());
+ test_negative(&ManagerAsync::createKeyPairECDSA,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ ElipticCurve::prime192v1,
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
+ Policy(),
+ Policy());
+}
+
+RUNNER_CHILD_TEST(TA1350_create_key_pair_ecdsa_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::createKeyPairECDSA,
+ ElipticCurve::prime192v1,
+ dbc.alias("alias_prv"),
+ dbc.alias("alias_pub"),
+ Policy(),
+ Policy());
+
+ test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
+ aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
+}
+
+
+// getCertificateChain
+RUNNER_CHILD_TEST(TA1410_get_certificate_chain_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
+ test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
+ test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
+ CertificateShPtr(),
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
+
+ Alias alias = "alias";
+ AliasVector aliasv = { alias };
+ test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
+ test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
+ CertificateShPtr(),
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
+}
+
+RUNNER_CHILD_TEST(TA1420_get_certificate_chain_negative)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(MBANK) };
+ test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true);
+ test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
+ AliasVector aliasv = { dbc.alias("alias") };
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(MBANK), Policy());
+ test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ cert,
+ EMPTY_ALIAS_VECTOR,
+ EMPTY_ALIAS_VECTOR,
+ true);
+ test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
+}
+
+RUNNER_CHILD_TEST(TA1450_get_certificate_chain_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
+ test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
+ 3,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
+
+ AliasVector aliasv = { dbc.alias("alias") };
+ test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(SYMANTEC), Policy());
+ test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
+ 3,
+ cert,
+ aliasv,
+ EMPTY_ALIAS_VECTOR,
+ true);
+}
+
+
+// createSignature
+RUNNER_CHILD_TEST(TA1510_create_signature_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::createSignature,
+ "alias",
+ "",
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+ test_invalid_param(&ManagerAsync::createSignature,
+ "",
+ "",
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+ test_invalid_param(&ManagerAsync::createSignature,
+ "alias",
+ "",
+ RawBuffer(),
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+RUNNER_CHILD_TEST(TA1520_create_signature_invalid_password)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
+ test_negative(&ManagerAsync::createSignature,
+ CKM_API_ERROR_INPUT_PARAM,
+ dbc.alias("alias"),
+ "wrong-password",
+ RawBuffer(),
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+RUNNER_CHILD_TEST(TA1550_create_signature_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
+ test_positive(&ManagerAsync::createSignature,
+ dbc.alias("alias"),
+ "password",
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+
+// verifySignature
+RUNNER_CHILD_TEST(TA1610_verify_signature_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::verifySignature,
+ "",
+ "",
+ RawBuffer(),
+ RawBuffer(),
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+ test_invalid_param(&ManagerAsync::verifySignature,
+ "",
+ "",
+ test_buffer,
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+RUNNER_CHILD_TEST(TA1620_verify_signature_invalid_password)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
+ auto obs = test_positive(&ManagerAsync::createSignature,
+ dbc.alias("alias_prv"),
+ "pass1",
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+
+ test_negative(&ManagerAsync::verifySignature,
+ CKM_API_ERROR_AUTHENTICATION_FAILED,
+ dbc.alias("alias_pub"),
+ "wrong-password",
+ test_buffer,
+ obs->m_signed,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+RUNNER_CHILD_TEST(TA1630_verify_signature_invalid_message)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
+
+ auto obs = test_positive(&ManagerAsync::createSignature,
+ dbc.alias("alias_prv"),
+ "",
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+
+ test_negative(&ManagerAsync::verifySignature,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ dbc.alias("alias_pub"),
+ "",
+ raw_buffer("invalid-unsigned-mesage"),
+ obs->m_signed,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+RUNNER_CHILD_TEST(TA1640_verify_signature_invalid_signature)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
+
+ test_negative(&ManagerAsync::verifySignature,
+ CKM_API_ERROR_VERIFICATION_FAILED,
+ dbc.alias("alias_pub"),
+ "",
+ test_buffer,
+ raw_buffer("invalid-signature"),
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+RUNNER_CHILD_TEST(TA1650_verify_signature_wrong_key)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
+ auto obs = test_positive(&ManagerAsync::createSignature,
+ dbc.alias("alias_prv"),
+ "",
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+
+ test_negative(&ManagerAsync::verifySignature,
+ CKM_API_ERROR_SERVER_ERROR,
+ dbc.alias("alias_prv"),
+ "",
+ test_buffer,
+ obs->m_signed,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+RUNNER_CHILD_TEST(TA1660_verify_signature_positive)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
+ test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
+ auto obs = test_positive(&ManagerAsync::createSignature,
+ dbc.alias("alias_prv"),
+ "pass1",
+ test_buffer,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+
+ test_positive(&ManagerAsync::verifySignature,
+ dbc.alias("alias_pub"),
+ "pass2",
+ test_buffer,
+ obs->m_signed,
+ HashAlgorithm::SHA1,
+ RSAPaddingAlgorithm::PKCS1);
+}
+
+
+// ocspCheck
+RUNNER_CHILD_TEST(TA1710_ocsp_check_invalid_param)
+{
+ test_no_observer(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
+ test_invalid_param(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
+}
+
+RUNNER_CHILD_TEST(TA1720_ocsp_check_negative)
+{
+ switch_to_storage_ocsp_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ CertificateShPtrVector certv = { getTestCertificate(MBANK), getTestCertificate(MBANK) };
+
+ auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
+ RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
+ "Verification should fail. Got: " << obs->m_ocspStatus);
+}
+
+RUNNER_CHILD_TEST(TA1750_ocsp_check_positive)
+{
+ switch_to_storage_ocsp_user(TEST_LABEL);
+
+ DBCleanup dbc;
+ CertificateShPtr cert = getTestCertificate(MBANK);
+ CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
+ auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
+ cert,
+ certv,
+ EMPTY_CERT_VECTOR,
+ true);
+
+ auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
+ RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
+ "Verification failed. Error: " << obs->m_ocspStatus);
+}
+
+// setPermission
+RUNNER_CHILD_TEST(TA1810_allow_access_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
+ test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
+ test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::READ | CKM::Permission::REMOVE);
+}
+
+RUNNER_TEST(TA1820_allow_access)
+{
+ DBCleanup dbc;
+ CharPtr top_label = get_label();
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias3"), test_buffer, Policy());
+ test_positive(&ManagerAsync::setPermission,
+ dbc.alias("alias2"),
+ TEST_LABEL,
+ CKM::Permission::READ);
+ test_positive(&ManagerAsync::setPermission,
+ dbc.alias("alias3"),
+ TEST_LABEL,
+ CKM::Permission::READ | CKM::Permission::REMOVE);
+
+ {
+ ScopedLabel label(TEST_LABEL);
+
+ test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"), "");
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"));
+
+ // test from allowed label, but without properly addressing alias (coming from default label)
+ test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias2"), "");
+
+ // now test with appropriate addressing
+ std::string full_alias2_address = aliasWithLabel(top_label.get(), dbc.alias("alias2"));
+ test_positive(&ManagerAsync::getData, full_alias2_address, "");
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_ACCESS_DENIED, full_alias2_address);
+
+ std::string full_alias3_address = aliasWithLabel(top_label.get(), dbc.alias("alias3"));
+ test_positive(&ManagerAsync::getData, full_alias3_address, "");
+ test_positive(&ManagerAsync::removeAlias, full_alias3_address);
+ }
+}
+
+// denyAccess
+RUNNER_CHILD_TEST(TA1910_deny_access_invalid_param)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::NONE);
+ test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::NONE);
+ test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::NONE);
+}
+
+RUNNER_TEST(TA1920_deny_access)
+{
+ DBCleanup dbc;
+ CharPtr top_label = get_label();
+ test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
+ test_positive(&ManagerAsync::setPermission,
+ dbc.alias("alias"),
+ TEST_LABEL,
+ CKM::Permission::READ | CKM::Permission::REMOVE);
+ test_positive(&ManagerAsync::setPermission, dbc.alias("alias"), TEST_LABEL, CKM::Permission::NONE);
+
+ {
+ ScopedLabel label(TEST_LABEL);
+
+ std::string full_alias_address = aliasWithLabel(top_label.get(), dbc.alias("alias"));
+ test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address, "");
+ test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address);
+ }
+}
+
+namespace
+{
+CKM::Alias alias_PKCS_exportable = "async-test-PKCS-export";
+CKM::Alias alias_PKCS_not_exportable = "async-test-PKCS-no-export";
+}
+
+RUNNER_TEST(TA2000_PKCS_add_bundle_with_chain_certs)
+{
+ DBCleanup dbc;
+ auto manager = CKM::Manager::create();
+ std::ifstream is("/usr/share/ckm-test/pkcs.p12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ auto cert = pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 2 == caVector.size(),
+ "Wrong size of vector");
+
+ // save to the CKM
+ CKM::Policy exportable;
+ CKM::Policy notExportable(CKM::Password(), false);
+
+ test_positive(&ManagerAsync::savePKCS12,
+ alias_PKCS_exportable,
+ pkcs,
+ exportable,
+ exportable);
+ test_negative(&ManagerAsync::savePKCS12,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ alias_PKCS_exportable,
+ pkcs,
+ exportable,
+ exportable);
+
+ test_positive(&ManagerAsync::savePKCS12,
+ alias_PKCS_not_exportable,
+ pkcs,
+ notExportable,
+ notExportable);
+ test_negative(&ManagerAsync::savePKCS12,
+ CKM_API_ERROR_DB_ALIAS_EXISTS,
+ alias_PKCS_not_exportable,
+ pkcs,
+ notExportable,
+ notExportable);
+}
+
+RUNNER_TEST(TA2010_PKCS_get)
+{
+ DBCleanup dbc;
+ auto manager = CKM::Manager::create();
+
+ // fail - no entry
+ test_negative(&ManagerAsync::getPKCS12,
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN,
+ "i-do-not-exist",
+ CKM::Password(),
+ CKM::Password());
+
+
+ // fail - not exportable
+ test_negative(&ManagerAsync::getPKCS12,
+ CKM_API_ERROR_NOT_EXPORTABLE,
+ dbc.alias(alias_PKCS_not_exportable.c_str()),
+ CKM::Password(),
+ CKM::Password());
+
+ // success - exportable
+ auto obs = test_positive(&ManagerAsync::getPKCS12,
+ dbc.alias(alias_PKCS_exportable.c_str()),
+ CKM::Password(),
+ CKM::Password());
+
+ auto cert = obs->m_pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = obs->m_pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = obs->m_pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 2 == caVector.size(),
+ "Wrong size of vector");
+}
+
+RUNNER_TEST(TA9999_deinit)
+{
+ int temp;
+ ControlShPtr control = Control::create();
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->lockUserKey(APP_UID)),
+ "Error=" << ErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
+ "Error=" << ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << ErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << ErrorToString(temp));
+}
--- /dev/null
+#include <sys/types.h>
+#include <sys/wait.h>
+
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+
+#include <tests_common.h>
+#include <ckm-common.h>
+#include <access_provider2.h>
+
+#include <ckmc/ckmc-manager.h>
+#include <ckmc/ckmc-control.h>
+#include <ckmc/ckmc-type.h>
+#include <ckmc/ckmc-error.h>
+
+#include <ckm/ckm-type.h>
+
+namespace {
+
+const uid_t USER_ROOT = 0;
+const char* APP_PASS = "user-pass";
+const char* ROOT_PASS = "test-pass";
+
+const char* NO_ALIAS = "definitely-non-existent-alias";
+const char* NO_OWNER = "definitely-non-existent-owner";
+
+const char* TEST_ALIAS = "test-alias";
+const char* TEST_ALIAS2 = "test-alias2";
+const char* TEST_ALIAS3 = "test-alias3";
+
+const char* TEST_LABEL = "test-label";
+const char* TEST_LABEL2 = "test-label2";
+const char* TEST_LABEL3 = "test-label3";
+const char* TEST_LABEL4 = "test-label4";
+
+const char* TEST_DATA = "dsflsdkghkslhglrtghierhgilrehgidsafasdffsgfdgdgfdgfdgfdgfdggf";
+
+void save_data(const char* alias, const char *data)
+{
+ ckmc_raw_buffer_s buffer;
+ buffer.data = reinterpret_cast<unsigned char*>(const_cast<char*>(data));
+ buffer.size = strlen(data);
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = true;
+
+ int ret = ckmc_save_data(alias, buffer, policy);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret, "Saving data failed. Error: " << ret);
+}
+
+void save_data(const char* alias)
+{
+ save_data(alias, TEST_DATA);
+}
+
+void check_remove_allowed(const char* alias)
+{
+ int ret = ckmc_remove_alias(alias);
+ // remove, but ignore non existing
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret || CKMC_ERROR_DB_ALIAS_UNKNOWN,
+ "Removing data failed: " << CKMCErrorToString(ret));
+}
+
+void check_remove_denied(const char* alias)
+{
+ int ret = ckmc_remove_alias(alias);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_PERMISSION_DENIED == ret,
+ "App with different label shouldn't have rights to remove this data. Error: " << ret);
+}
+
+void check_remove_not_visible(const char* alias)
+{
+ int ret = ckmc_remove_alias(alias);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "App with different label shouldn't have rights to see this data. Error: " << ret);
+}
+
+void check_read(const char* alias, const char *label, const char *test_data, int expected_code = CKMC_ERROR_NONE)
+{
+ ckmc_raw_buffer_s* buffer = NULL;
+ int ret = ckmc_get_data(aliasWithLabel(label, alias).c_str(), NULL, &buffer);
+ RUNNER_ASSERT_MSG(expected_code == ret, "Getting data failed. Expected code: " << expected_code << ", while result: " << CKMCErrorToString(ret));
+
+ if(expected_code == CKMC_ERROR_NONE)
+ {
+ // compare data with expected
+ RUNNER_ASSERT_MSG(
+ buffer->size == strlen(test_data),
+ "Extracted data length do not match expected data length (encrypted?).");
+
+ RUNNER_ASSERT_MSG(
+ memcmp(const_cast<const char*>(reinterpret_cast<char*>(buffer->data)), test_data, buffer->size) == 0,
+ "Extracted data do not match expected data (encrypted?).");
+
+ ckmc_buffer_free(buffer);
+ }
+}
+
+void check_read_allowed(const char* alias, const char *data)
+{
+ // try to read previously saved data - label taken implicitly
+ check_read(alias, 0, data);
+}
+void check_read_allowed(const char* alias)
+{
+ check_read_allowed(alias, TEST_DATA);
+}
+
+void check_read_not_visible(const char* alias)
+{
+ // try to read previously saved data - label taken implicitly
+ {
+ ckmc_raw_buffer_s* buffer = NULL;
+ int ret = ckmc_get_data(alias, NULL, &buffer);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "App with different label shouldn't have rights to see this data." << CKMCErrorToString(ret));
+ ckmc_buffer_free(buffer);
+ }
+}
+
+void allow_access_deprecated(const char* alias, const char* accessor, ckmc_access_right_e accessRights)
+{
+ int ret = ckmc_allow_access(alias, accessor, accessRights);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret, "Trying to allow access returned: " << CKMCErrorToString(ret));
+}
+
+void allow_access(const char* alias, const char* accessor, int permissionMask)
+{
+ // data removal should revoke this access
+ int ret = ckmc_set_permission(alias, accessor, permissionMask);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret, "Trying to allow access returned: " << CKMCErrorToString(ret));
+}
+
+void allow_access_negative(const char* alias, const char* accessor, int permissionMask, int expectedCode)
+{
+ // data removal should revoke this access
+ int ret = ckmc_set_permission(alias, accessor, permissionMask);
+ RUNNER_ASSERT_MSG(expectedCode == ret, "Trying to allow access returned " << CKMCErrorToString(ret) << ", while expected: " << CKMCErrorToString(expectedCode));
+}
+
+void deny_access(const char* alias, const char* accessor)
+{
+ int ret = ckmc_set_permission(alias, accessor, CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret, "Denying access failed. Error: " << CKMCErrorToString(ret));
+}
+
+void deny_access_negative(const char* alias, const char* accessor, int expectedCode)
+{
+ int ret = ckmc_set_permission(alias, accessor, CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(expectedCode == ret, "Denying access failed. " << CKMCErrorToString(ret) << ", while expected: " << CKMCErrorToString(expectedCode));
+}
+
+void allow_access_deprecated_by_adm(const char* alias, const char* accessor, ckmc_access_right_e accessRights)
+{
+ // data removal should revoke this access
+ int ret = ckmc_allow_access_by_adm(USER_ROOT, get_label().get(), alias, accessor, accessRights);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret, "Trying to allow access returned: " << CKMCErrorToString(ret));
+}
+
+void allow_access_by_adm(const char* alias, const char* accessor, int permissionMask)
+{
+ // data removal should revoke this access
+ int ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel(get_label().get(), alias).c_str(), accessor, permissionMask);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret, "Trying to allow access returned: " << CKMCErrorToString(ret));
+}
+
+void deny_access_by_adm(const char* alias, const char* accessor)
+{
+ int ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel(get_label().get(), alias).c_str(), accessor, CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == ret, "Denying access failed. " << CKMCErrorToString(ret));
+}
+
+int count_aliases()
+{
+ ckmc_alias_list_s *aliasList = NULL;
+ int ret = ckmc_get_data_alias_list(&aliasList);
+ if (ret == CKMC_ERROR_DB_ALIAS_UNKNOWN)
+ return 0;
+
+ RUNNER_ASSERT_MSG(ret == 0, "Failed to get the list of data aliases. " << CKMCErrorToString(ret));
+
+ ckmc_alias_list_s *plist = aliasList;
+ int count = 0;
+ while(plist)
+ {
+ plist = plist->next;
+ count++;
+ }
+ ckmc_alias_list_all_free(aliasList);
+ return count;
+}
+
+void check_alias_count(int expected)
+{
+ int count = count_aliases();
+ RUNNER_ASSERT_MSG(count == expected, "Expected " << expected << " aliases, got " << count);
+}
+
+// saves data upon construction and deletes it upon destruction
+class ScopedSaveData
+{
+public:
+ ScopedSaveData(const char* alias) : m_alias(alias)
+ {
+ save_data(alias);
+ }
+ ScopedSaveData(const char* alias, const char *data) : m_alias(alias)
+ {
+ save_data(alias, data);
+ }
+
+ ~ScopedSaveData()
+ {
+ /*
+ * Let it throw. If we can't remove data then remaining tests results will be
+ * unreliable anyway.
+ */
+ check_remove_allowed(m_alias);
+ }
+private:
+ const char* m_alias;
+};
+
+} // namespace anonymous
+
+RUNNER_TEST_GROUP_INIT (T300_CKMC_ACCESS_CONTROL_C_API);
+
+
+/////////////////////////////////////////////////////////////////////////////
+// Manager
+RUNNER_TEST(T3000_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(APP_UID)), CKMCErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(APP_UID, APP_PASS)), CKMCErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_ROOT)), CKMCErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_ROOT, ROOT_PASS)), CKMCErrorToString(temp));
+}
+
+// invalid arguments check
+RUNNER_TEST(T3001_manager_allow_access_invalid)
+{
+ RUNNER_ASSERT(
+ CKMC_ERROR_INVALID_PARAMETER == ckmc_set_permission(NULL, "accessor", CKMC_PERMISSION_READ));
+ RUNNER_ASSERT(
+ CKMC_ERROR_INVALID_PARAMETER == ckmc_set_permission("alias", NULL, CKMC_PERMISSION_READ));
+}
+
+// invalid arguments check
+RUNNER_TEST(T3002_manager_deny_access_invalid)
+{
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ckmc_set_permission(NULL, "accessor", CKMC_PERMISSION_NONE));
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ckmc_set_permission("alias", NULL, CKMC_PERMISSION_NONE));
+}
+
+// tries to allow access for non existing alias
+RUNNER_CHILD_TEST(T3003_manager_allow_access_non_existing)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ int ret = ckmc_set_permission(NO_ALIAS, "label", CKMC_PERMISSION_READ);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "Allowing access for non existing alias returned " << CKMCErrorToString(ret));
+}
+
+// tries to deny access for non existing alias
+RUNNER_CHILD_TEST(T3004_manager_deny_access_non_existing)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ int ret = ckmc_set_permission(NO_ALIAS, "label", CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "Denying access for non existing alias returned " << CKMCErrorToString(ret));
+}
+
+// tries to deny access that does not exist in database
+RUNNER_CHILD_TEST(T3005_manager_deny_access_non_existing_access)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ // deny non existing access to existing alias
+ int ret = ckmc_set_permission(TEST_ALIAS, "label", CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_INVALID_PARAMETER == ret,
+ "Denying non existing access returned: " << CKMCErrorToString(ret));
+}
+
+// tries to allow access to application own data
+RUNNER_CHILD_TEST(T3006_manager_allow_access_to_myself)
+{
+ switch_to_storage_user(TEST_LABEL);
+
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ CharPtr label = get_label();
+ int ret = ckmc_set_permission(TEST_ALIAS, label.get(), CKMC_PERMISSION_READ);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_INVALID_PARAMETER == ret,
+ "Trying to allow myself returned: " << CKMCErrorToString(ret));
+}
+
+// verifies that alias can not contain forbidden characters
+RUNNER_CHILD_TEST(T3007_manager_check_alias_valid)
+{
+ switch_to_storage_user(TEST_LABEL);
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ std::string test_alias_playground = std::string("AAA BBB CCC");
+ check_read(test_alias_playground.c_str(), 0, TEST_DATA, CKMC_ERROR_INVALID_PARAMETER);
+
+ // control: expect success
+ check_read(TEST_ALIAS, 0, TEST_DATA);
+ check_read(TEST_ALIAS, TEST_LABEL, TEST_DATA);
+}
+
+// verifies that label can not contain forbidden characters
+RUNNER_CHILD_TEST(T3008_manager_check_label_valid)
+{
+ switch_to_storage_user(TEST_LABEL);
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ // basic test
+ std::string test_label_playground = std::string("AAA BBB CCC");
+ check_read(TEST_ALIAS, test_label_playground.c_str(), TEST_DATA, CKMC_ERROR_INVALID_PARAMETER);
+
+ // insert part of the separator in the middle
+ test_label_playground = std::string(TEST_LABEL);
+ test_label_playground.insert(test_label_playground.size()/2, ckmc_label_name_separator);
+ check_read(TEST_ALIAS, test_label_playground.c_str(), TEST_DATA, CKMC_ERROR_INVALID_PARAMETER);
+
+ // prepend separator
+ test_label_playground = std::string(TEST_LABEL);
+ test_label_playground.insert(0, ckmc_label_name_separator);
+ check_read(TEST_ALIAS, test_label_playground.c_str(), TEST_DATA, CKMC_ERROR_INVALID_PARAMETER);
+
+ // append separator
+ test_label_playground = std::string(TEST_LABEL);
+ test_label_playground.append(ckmc_label_name_separator);
+ check_read(TEST_ALIAS, test_label_playground.c_str(), TEST_DATA, CKMC_ERROR_INVALID_PARAMETER);
+
+ // control: expect success
+ check_read(TEST_ALIAS, TEST_LABEL, TEST_DATA);
+}
+
+// tries to access other application data without permission
+RUNNER_TEST(T3020_manager_access_not_allowed)
+{
+ CharPtr top_label = get_label();
+
+ ScopedSaveData ssd(TEST_ALIAS);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ std::string TEST_ALIAS_adr = aliasWithLabel(top_label.get(), TEST_ALIAS);
+ check_read_not_visible(TEST_ALIAS_adr.c_str());
+ check_remove_not_visible(TEST_ALIAS_adr.c_str());
+ }
+}
+
+// tries to access other application data with permission
+RUNNER_TEST(T3021_manager_access_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to read other application data with permission for read/remove
+RUNNER_TEST(T3022_manager_access_allowed_with_remove)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to remove other application data with permission for reading only
+RUNNER_TEST(T3023_manager_access_allowed_remove_denied)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ std::string TEST_ALIAS_adr = aliasWithLabel(top_label.get(), TEST_ALIAS);
+ check_remove_denied(TEST_ALIAS_adr.c_str());
+ check_read_allowed(TEST_ALIAS_adr.c_str());
+ }
+}
+
+// tries to remove other application data with permission
+RUNNER_TEST(T3025_manager_remove_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to access other application data after allow function was called twice with different
+// rights
+RUNNER_TEST(T3026_manager_double_allow)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ // access should be overwritten
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ std::string TEST_ALIAS_adr = aliasWithLabel(top_label.get(), TEST_ALIAS);
+ check_remove_denied(TEST_ALIAS_adr.c_str());
+ check_read_allowed(TEST_ALIAS_adr.c_str());
+ }
+}
+
+// tries to access application data with permission and after permission has been revoked
+RUNNER_TEST(T3027_manager_allow_deny)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ std::string TEST_ALIAS_adr = aliasWithLabel(top_label.get(), TEST_ALIAS);
+
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_denied(TEST_ALIAS_adr.c_str());
+ check_read_allowed(TEST_ALIAS_adr.c_str());
+ }
+
+ deny_access(TEST_ALIAS, TEST_LABEL2);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_not_visible(TEST_ALIAS_adr.c_str());
+ check_read_not_visible(TEST_ALIAS_adr.c_str());
+ }
+}
+
+RUNNER_TEST(T3028_manager_access_by_label)
+{
+ CharPtr top_label = get_label();
+ const char *additional_data = "label-2-data";
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+ ScopedSaveData ssd(TEST_ALIAS, additional_data);
+ allow_access(TEST_ALIAS, top_label.get(), CKMC_PERMISSION_READ);
+
+ // test if accessing valid alias (of label2 domain)
+ check_read_allowed(TEST_ALIAS, additional_data);
+
+ // this has to be done here - in the scope, otherwise
+ // scope destructor will remove the TEST_LABEL2::TEST_ALIAS
+ {
+ ScopedLabel sl(top_label.get());
+
+ // test if can access label2 alias from label1 domain - should succeed
+ check_read_allowed(aliasWithLabel(TEST_LABEL2, TEST_ALIAS).c_str(), additional_data);
+ }
+ }
+
+ // test if accessing valid alias (of label1 domain)
+ check_read_allowed(TEST_ALIAS);
+
+ // access should not be possible - already left the LABEL2 scope, object should be removed
+ check_read_not_visible(aliasWithLabel(TEST_LABEL2, TEST_ALIAS).c_str());
+}
+
+// tries to modify another label's permission
+RUNNER_TEST(T3029_manager_access_modification_by_foreign_label)
+{
+ ScopedLabel sl(TEST_LABEL);
+ ScopedSaveData ssd(TEST_ALIAS);
+ allow_access(TEST_ALIAS, TEST_LABEL3, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ allow_access_negative(aliasWithLabel(TEST_LABEL, TEST_ALIAS).c_str(), TEST_LABEL4, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE, CKMC_ERROR_PERMISSION_DENIED);
+ deny_access_negative (aliasWithLabel(TEST_LABEL, TEST_ALIAS).c_str(), TEST_LABEL4, CKMC_ERROR_PERMISSION_DENIED);
+ }
+}
+
+// checks if only aliases readable by given app are returned
+RUNNER_TEST(T3030_manager_get_all_aliases)
+{
+ ScopedSaveData ssd1(TEST_ALIAS);
+ ScopedSaveData ssd2(TEST_ALIAS2);
+
+ int count = count_aliases();
+
+ allow_access(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ // check that app can access other aliases when it has permission
+ check_alias_count(count - 1);
+
+ ScopedSaveData ssd3(TEST_ALIAS3);
+
+ // check that app can access its own aliases
+ check_alias_count(count - 1 + 1);
+ }
+
+ deny_access(TEST_ALIAS, TEST_LABEL2);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ // check that app can't access other aliases for which permission has been revoked
+ check_alias_count(count - 2);
+ }
+}
+
+// tries to access other application data with permission
+RUNNER_TEST(T3031_manager_deprecated_access_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to read other application data with permission for read/remove
+RUNNER_TEST(T3032_manager_deprecated_access_allowed_with_remove)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to remove other application data with permission for reading only
+RUNNER_TEST(T3033_manager_deprecated_access_allowed_remove_denied)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ std::string TEST_ALIAS_adr = aliasWithLabel(top_label.get(), TEST_ALIAS);
+ check_remove_denied(TEST_ALIAS_adr.c_str());
+ check_read_allowed(TEST_ALIAS_adr.c_str());
+ }
+}
+
+// tries to remove other application data with permission
+RUNNER_TEST(T3034_manager_deprecated_remove_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+
+/////////////////////////////////////////////////////////////////////////////
+// Control
+
+// invalid argument check
+RUNNER_TEST(T3101_control_allow_access_invalid)
+{
+ int ret;
+ ret = ckmc_set_permission_by_adm(USER_ROOT, "alias", "accessor", CKMC_PERMISSION_READ);
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ret);
+ ret = ckmc_set_permission_by_adm(USER_ROOT, "owner alias", NULL, CKMC_PERMISSION_READ);
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ret);
+
+ // double owner
+ std::string aliasLabel = aliasWithLabel(get_label().get(), TEST_ALIAS);
+ ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel("another-owner", aliasLabel.c_str()).c_str(), TEST_LABEL, CKMC_PERMISSION_READ);
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ret);
+}
+
+// invalid argument check
+RUNNER_TEST(T3102_control_deny_access_invalid)
+{
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER ==
+ ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel(NULL, "alias").c_str(), "accessor", CKMC_PERMISSION_NONE));
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER ==
+ ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel("owner", "alias").c_str(), NULL, CKMC_PERMISSION_NONE));
+
+ // double owner
+ std::string aliasLabel = aliasWithLabel(get_label().get(), TEST_ALIAS);
+ RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER ==
+ ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel("another-owner", aliasLabel.c_str()).c_str(), TEST_LABEL, CKMC_PERMISSION_NONE));
+}
+
+// tries to allow access for non existing alias
+RUNNER_TEST(T3103_control_allow_access_non_existing)
+{
+ int ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel(NO_OWNER, NO_ALIAS).c_str(), "label", CKMC_PERMISSION_READ);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "Allowing access for non existing alias returned " << CKMCErrorToString(ret));
+}
+
+// tries to deny access for non existing alias
+RUNNER_TEST(T3104_control_deny_access_non_existing)
+{
+ int ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel(NO_OWNER, NO_ALIAS).c_str(), "label", CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "Denying access for non existing alias returned " << CKMCErrorToString(ret));
+}
+
+// tries to deny non existing access
+RUNNER_TEST(T3105_control_deny_access_non_existing_access)
+{
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ CharPtr label = get_label();
+
+ // deny non existing access to existing alias
+ int ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel(get_label().get(), TEST_ALIAS).c_str(), "label", CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_INVALID_PARAMETER == ret,
+ "Denying non existing access returned: " << CKMCErrorToString(ret));
+}
+
+// tries to allow application to access its own data
+RUNNER_TEST(T3106_control_allow_access_to_myself)
+{
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ CharPtr label = get_label();
+ int ret = ckmc_set_permission(TEST_ALIAS, label.get(), CKMC_PERMISSION_READ);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_INVALID_PARAMETER == ret,
+ "Trying to allow myself returned: " << CKMCErrorToString(ret));
+}
+
+// tries to use admin API as a user
+RUNNER_CHILD_TEST(T3110_control_allow_access_as_user)
+{
+ switch_to_storage_user(TEST_LABEL);
+ int ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel("owner", "alias").c_str(), "accessor", CKMC_PERMISSION_READ);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_PERMISSION_DENIED == ret,
+ "Ordinary user should not be able to use control API. Error " << CKMCErrorToString(ret));
+}
+
+// tries to use admin API as a user
+RUNNER_CHILD_TEST(T3111_control_allow_access_as_user)
+{
+ switch_to_storage_user(TEST_LABEL);
+ int ret = ckmc_set_permission_by_adm(USER_ROOT, aliasWithLabel("owner", "alias").c_str(), "accessor", CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_PERMISSION_DENIED == ret,
+ "Ordinary user should not be able to use control API. Error " << CKMCErrorToString(ret));
+}
+
+// tries to read other application data with permission
+RUNNER_TEST(T3121_control_access_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to read other application data with permission to read/remove
+RUNNER_TEST(T3122_control_access_allowed_with_remove)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to remove other application data with permission to read
+RUNNER_TEST(T3122_control_access_allowed_remove_denied)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_denied(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to remove other application data with permission
+RUNNER_TEST(T3125_control_remove_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to access other application data after allow function has been called twice with different
+// rights
+RUNNER_TEST(T3126_control_double_allow)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ // access should be overwritten
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ std::string TEST_ALIAS_adr = aliasWithLabel(top_label.get(), TEST_ALIAS);
+ check_remove_denied(TEST_ALIAS_adr.c_str());
+ check_read_allowed(TEST_ALIAS_adr.c_str());
+ }
+}
+
+// tries to access other application data with permission and after permission has been revoked
+RUNNER_TEST(T3127_control_allow_deny)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ std::string TEST_ALIAS_adr = aliasWithLabel(top_label.get(), TEST_ALIAS);
+
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_denied(TEST_ALIAS_adr.c_str());
+ check_read_allowed(TEST_ALIAS_adr.c_str());
+ }
+ CharPtr label = get_label();
+ deny_access_by_adm(TEST_ALIAS, TEST_LABEL2);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_not_visible(TEST_ALIAS_adr.c_str());
+ check_read_not_visible(TEST_ALIAS_adr.c_str());
+ }
+}
+
+// checks if only aliases readable by given app are returned
+RUNNER_TEST(T3130_control_get_all_aliases)
+{
+ ScopedSaveData ssd1(TEST_ALIAS);
+ ScopedSaveData ssd2(TEST_ALIAS2);
+
+ int count = count_aliases();
+
+ allow_access_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_PERMISSION_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ // check that app can access other aliases when it has permission
+ check_alias_count(count - 1);
+
+ ScopedSaveData ssd3(TEST_ALIAS3);
+
+ // check that app can access its own aliases
+ check_alias_count(count - 1 + 1);
+ }
+
+ deny_access_by_adm(TEST_ALIAS, TEST_LABEL2);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ // check that app can't access other aliases for which permission has been revoked
+ check_alias_count(count - 2);
+ }
+}
+
+// tries to add access to data in a database of invalid user
+RUNNER_TEST(T3140_control_allow_invalid_user)
+{
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ int ret = ckmc_set_permission_by_adm(
+ APP_UID, aliasWithLabel(get_label().get(), TEST_ALIAS).c_str(), TEST_LABEL2, CKMC_PERMISSION_READ | CKMC_PERMISSION_REMOVE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "Trying to allow access to invalid user returned: " << CKMCErrorToString(ret));
+}
+
+// tries to revoke access to data in a database of invalid user
+RUNNER_TEST(T3141_control_deny_invalid_user)
+{
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ int ret = ckmc_set_permission_by_adm(APP_UID, aliasWithLabel(get_label().get(), TEST_ALIAS).c_str(), TEST_LABEL2, CKMC_PERMISSION_NONE);
+ RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret,
+ "Trying to deny access to invalid user returned: " << CKMCErrorToString(ret));
+}
+
+// tries to read other application data with permission
+RUNNER_TEST(T3142_control_deprecated_access_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to read other application data with permission to read/remove
+RUNNER_TEST(T3143_control_deprecated_access_allowed_with_remove)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_read_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to remove other application data with permission to read
+RUNNER_TEST(T3144_control_deprecated_access_allowed_remove_denied)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_denied(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+// tries to remove other application data with permission
+RUNNER_TEST(T3145_control_deprecated_remove_allowed)
+{
+ CharPtr top_label = get_label();
+ ScopedSaveData ssd(TEST_ALIAS);
+
+ allow_access_deprecated_by_adm(TEST_ALIAS, TEST_LABEL2, CKMC_AR_READ_REMOVE);
+ {
+ ScopedLabel sl(TEST_LABEL2);
+
+ check_remove_allowed(aliasWithLabel(top_label.get(), TEST_ALIAS).c_str());
+ }
+}
+
+
+RUNNER_TEST(T3999_deinit)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(APP_UID)), CKMCErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(APP_UID)), CKMCErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_ROOT)), CKMCErrorToString(temp));
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_ROOT)), CKMCErrorToString(temp));
+}
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file capi-certificate-chains.cpp
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ */
+
+#include <stdarg.h>
+
+#include <string>
+#include <memory>
+
+#include <dpl/test/test_runner.h>
+
+#include <tests_common.h>
+#include <test-certs.h>
+#include <ckm-common.h>
+
+#include <ckmc/ckmc-manager.h>
+#include <ckmc/ckmc-control.h>
+#include <ckmc/ckmc-type.h>
+#include <ckmc/ckmc-error.h>
+
+namespace {
+
+const char *CHAINS_PASSWD = "chains-pass";
+
+typedef std::unique_ptr<ckmc_cert_s, void (*)(ckmc_cert_s*)> CertPtr;
+typedef std::unique_ptr<ckmc_cert_list_s, void (*)(ckmc_cert_list_s*)> CertListPtr;
+typedef std::unique_ptr<ckmc_alias_list_s, void (*)(ckmc_alias_list_s*)> AliasListPtr;
+
+ckmc_cert_s* create_cert(TestData::certificateID idx) {
+
+ std::string cert_raw = TestData::getTestCertificateBase64(idx);
+
+ ckmc_cert_s* cert = NULL;
+ assert_positive(ckmc_cert_new,
+ reinterpret_cast<unsigned char*>(const_cast<char*>(cert_raw.c_str())),
+ cert_raw.size(),
+ CKMC_FORM_PEM,
+ &cert);
+
+ RUNNER_ASSERT_MSG(cert != NULL, "Cert is NULL");
+ return cert;
+}
+
+void save_cert(const ckmc_cert_s* cert, const char* alias) {
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = 1;
+
+ assert_positive(ckmc_save_cert, alias, *cert, policy);
+}
+
+// list gets copies of aliases
+AliasListPtr create_alias_list(const char* alias, ...) {
+ AliasListPtr aliasList(NULL, ckmc_alias_list_all_free);
+
+ va_list ap;
+
+ va_start(ap, alias);
+ ckmc_alias_list_s* last = NULL;
+ for (const char* a = alias; a != NULL; a = va_arg(ap, const char*)) {
+ if (aliasList == NULL) {
+ ckmc_alias_list_s* tmp = NULL;
+ assert_positive(ckmc_alias_list_new, strdup(a), &tmp);
+ aliasList = AliasListPtr(tmp, ckmc_alias_list_all_free);
+ RUNNER_ASSERT_MSG(!!aliasList, "Alias list is NULL");
+ last = aliasList.get();
+ } else {
+ assert_positive(ckmc_alias_list_add, last, strdup(a), &last);
+ RUNNER_ASSERT_MSG(last != NULL, "Last alias on the list is NULL");
+ }
+ }
+ va_end(ap);
+
+ return aliasList;
+}
+
+// list takes ownership of provided certificates
+CertListPtr create_cert_list(ckmc_cert_s* cert, ...) {
+ CertListPtr certList(NULL, ckmc_cert_list_all_free);
+
+ va_list ap;
+
+ va_start(ap, cert);
+ ckmc_cert_list_s* last = NULL;
+ for (ckmc_cert_s* c = cert; c!=NULL; c = va_arg(ap, ckmc_cert_s*)) {
+ if (!certList) {
+ ckmc_cert_list_s* tmp = NULL;
+ assert_positive(ckmc_cert_list_new, c, &tmp);
+ certList = CertListPtr(tmp, ckmc_cert_list_all_free);
+ RUNNER_ASSERT_MSG(!!certList, "Cert list is NULL");
+ last = certList.get();
+ } else {
+ assert_positive(ckmc_cert_list_add, last, c, &last);
+ RUNNER_ASSERT_MSG(last != NULL, "Last cert on the list is NULL");
+ }
+ }
+ va_end(ap);
+
+ return certList;
+}
+
+const ckmc_alias_list_s* NULL_ALIASES = NULL;
+const ckmc_cert_s* NULL_CERT = NULL;
+ckmc_cert_list_s** NULL_CHAIN = NULL;
+
+// old api wrapper
+class ChainApiOld {
+public:
+ static int createChain(const ckmc_cert_s *cert,
+ const ckmc_cert_list_s *untrustedcerts,
+ const ckmc_cert_list_s* /*trustedcerts*/,
+ const bool /*use_trustedsystemcerts*/,
+ ckmc_cert_list_s **ppcert_chain_list)
+ {
+ return ckmc_get_cert_chain(cert, untrustedcerts, ppcert_chain_list);
+ }
+
+ static int createChainWithAlias(const ckmc_cert_s *cert,
+ const ckmc_alias_list_s *untrustedcerts,
+ const ckmc_alias_list_s* /*trustedcerts*/,
+ const bool /*use_trustedsystemcerts*/,
+ ckmc_cert_list_s **ppcert_chain_list)
+ {
+ return ckmc_get_cert_chain_with_alias(cert, untrustedcerts, ppcert_chain_list);
+ }
+};
+
+// new api wrapper
+class ChainApiNew {
+public:
+ static int createChain(const ckmc_cert_s *cert,
+ const ckmc_cert_list_s *untrustedcerts,
+ const ckmc_cert_list_s *trustedcerts,
+ const bool use_trustedsystemcerts,
+ ckmc_cert_list_s **ppcert_chain_list)
+ {
+ return ckmc_get_cert_chain_with_trustedcert(cert,
+ untrustedcerts,
+ trustedcerts,
+ use_trustedsystemcerts,
+ ppcert_chain_list);
+ }
+
+ static int createChainWithAlias(const ckmc_cert_s *cert,
+ const ckmc_alias_list_s *untrustedcerts,
+ const ckmc_alias_list_s *trustedcerts,
+ const bool use_trustedsystemcerts,
+ ckmc_cert_list_s **ppcert_chain_list)
+ {
+ return ckmc_get_cert_chain_with_trustedcert_alias(cert,
+ untrustedcerts,
+ trustedcerts,
+ use_trustedsystemcerts,
+ ppcert_chain_list);
+ }
+};
+
+/*
+ * Helper class for certificate verification
+ */
+template <typename T=ChainApiNew>
+class ChainVerifier
+{
+public:
+ ChainVerifier();
+ ~ChainVerifier();
+
+ void addTrusted(TestData::certificateID idx);
+ void addUntrusted(TestData::certificateID idx);
+ void enableSystem(bool enable);
+
+ void verifyPositive(TestData::certificateID idx, size_t expected);
+ void verifyNegative(TestData::certificateID idx, int error = CKMC_ERROR_VERIFICATION_FAILED);
+
+private:
+ void addCert(ckmc_cert_list_s*& list, ckmc_cert_s* cert);
+ void addAlias(ckmc_alias_list_s*& list, const char* alias);
+
+ ckmc_cert_list_s* m_trustedCerts;
+ ckmc_alias_list_s* m_trustedAliases;
+
+ ckmc_cert_list_s* m_untrustedCerts;
+ ckmc_alias_list_s* m_untrustedAliases;
+
+ bool m_system;
+};
+
+template <typename T>
+ChainVerifier<T>::ChainVerifier() :
+ m_trustedCerts(NULL),
+ m_trustedAliases(NULL),
+ m_untrustedCerts(NULL),
+ m_untrustedAliases(NULL),
+ m_system(true)
+{
+}
+
+template <typename T>
+ChainVerifier<T>::~ChainVerifier()
+{
+ ckmc_cert_list_all_free(m_trustedCerts);
+ ckmc_cert_list_all_free(m_untrustedCerts);
+ ckmc_alias_list_all_free(m_trustedAliases);
+ ckmc_alias_list_all_free(m_untrustedAliases);
+}
+
+template <typename T>
+void ChainVerifier<T>::addTrusted(TestData::certificateID idx)
+{
+ size_t size = list_size(m_trustedCerts);
+ ckmc_cert_s* cert = create_cert(idx);
+ addCert(m_trustedCerts, cert);
+
+ std::stringstream ss;
+ ss << "TRUSTED_CERT_ALIAS_" << size;
+ save_cert(cert, ss.str().c_str());
+ addAlias(m_trustedAliases, ss.str().c_str());
+}
+
+template <typename T>
+void ChainVerifier<T>::addUntrusted(TestData::certificateID idx)
+{
+ size_t size = list_size(m_untrustedCerts);
+ ckmc_cert_s* cert = create_cert(idx);
+ addCert(m_untrustedCerts, cert);
+
+ std::stringstream ss;
+ ss << "UNTRUSTED_CERT_ALIAS_" << size;
+ save_cert(cert, ss.str().c_str());
+ addAlias(m_untrustedAliases, ss.str().c_str());
+}
+
+template <typename T>
+void ChainVerifier<T>::enableSystem(bool enable)
+{
+ m_system = enable;
+}
+
+template <typename T>
+void ChainVerifier<T>::addCert(ckmc_cert_list_s*& list, ckmc_cert_s* cert)
+{
+ if (!list) {
+ ckmc_cert_list_s* tmp = NULL;
+ assert_positive(ckmc_cert_list_new, cert, &tmp);
+ RUNNER_ASSERT_MSG(!!tmp, "Cert list is NULL");
+ list = tmp;
+ } else {
+ ckmc_cert_list_s* last = list;
+ while(last->next)
+ last = last->next;
+ assert_positive(ckmc_cert_list_add, last, cert, &last);
+ RUNNER_ASSERT_MSG(last != NULL, "Last cert on the list is NULL");
+ }
+}
+
+template <typename T>
+void ChainVerifier<T>::addAlias(ckmc_alias_list_s*& list, const char* alias)
+{
+ if (!list) {
+ ckmc_alias_list_s* tmp = NULL;
+ assert_positive(ckmc_alias_list_new, strdup(alias), &tmp);
+ RUNNER_ASSERT_MSG(!!tmp, "Alias list is NULL");
+ list = tmp;
+ } else {
+ ckmc_alias_list_s* last = list;
+ while(last->next)
+ last = last->next;
+ assert_positive(ckmc_alias_list_add, last, strdup(alias), &last);
+ RUNNER_ASSERT_MSG(last != NULL, "Last alias on the list is NULL");
+ }
+}
+
+template <typename T>
+void ChainVerifier<T>::verifyPositive(TestData::certificateID idx, size_t expected)
+{
+ ckmc_cert_s* cert = create_cert(idx);
+
+ ckmc_cert_list_s* chain = NULL;
+
+ assert_positive(T::createChain,
+ cert,
+ m_untrustedCerts,
+ m_trustedCerts,
+ m_system,
+ &chain);
+
+ size_t size = list_size(chain);
+ ckmc_cert_list_all_free(chain);
+ chain = NULL;
+ RUNNER_ASSERT_MSG(size == expected, "Expected chain size: " << expected << " got: " << size);
+
+ assert_positive(T::createChainWithAlias,
+ cert,
+ m_untrustedAliases,
+ m_trustedAliases,
+ m_system,
+ &chain);
+
+ size = list_size(chain);
+ ckmc_cert_list_all_free(chain);
+ chain = NULL;
+ RUNNER_ASSERT_MSG(size == expected, "Expected chain size: " << expected << " got: " << size);
+ ckmc_cert_free(cert);
+}
+
+template <typename T>
+void ChainVerifier<T>::verifyNegative(TestData::certificateID idx, int error)
+{
+ ckmc_cert_s* cert = create_cert(idx);
+
+ ckmc_cert_list_s* chain = NULL;
+
+ assert_result(error,
+ T::createChain,
+ cert,
+ m_untrustedCerts,
+ m_trustedCerts,
+ m_system,
+ &chain);
+ RUNNER_ASSERT_MSG(chain == NULL, "Chain is not empty");
+
+ assert_result(error,
+ T::createChainWithAlias,
+ cert,
+ m_untrustedAliases,
+ m_trustedAliases,
+ m_system,
+ &chain);
+
+ RUNNER_ASSERT_MSG(chain == NULL, "Chain is not empty");
+ ckmc_cert_free(cert);
+}
+} // namespace anonymous
+
+RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_CERTIFICATE_CHAINS);
+
+RUNNER_TEST(TCCH_0000_init)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+}
+
+// old API
+RUNNER_TEST(TCCH_0010_get_chain_old_api)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<ChainApiOld> cv;
+ cv.verifyNegative(TestData::GOOGLE_COM);
+
+ cv.addUntrusted(TestData::GIAG2);
+ cv.verifyPositive(TestData::GOOGLE_COM, 3); // including system cert
+ cv.verifyNegative(TestData::TEST_LEAF);
+}
+
+// old API
+RUNNER_TEST(TCCH_0020_get_chain_old_api_system_only)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<ChainApiOld> cv;
+ cv.verifyPositive(TestData::GIAG2, 2); // including system cert
+}
+
+// check invalid arguments
+RUNNER_TEST(TCCH_0100_get_certificate_chain_invalid_param)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ckmc_cert_s* ca2 = create_cert(TestData::GIAG2);
+ ckmc_cert_s* ca1 = create_cert(TestData::GEOTRUST);
+ ckmc_cert_list_s* chain = NULL;
+
+ // cert
+ CertListPtr untrusted_c = create_cert_list(ca1, NULL);
+ ca1 = NULL;
+
+ assert_invalid_param(ckmc_get_cert_chain_with_trustedcert,
+ NULL_CERT,
+ untrusted_c.get(),
+ untrusted_c.get(),
+ true,
+ &chain);
+
+ assert_invalid_param(ckmc_get_cert_chain_with_trustedcert,
+ ca2,
+ untrusted_c.get(),
+ untrusted_c.get(),
+ true,
+ NULL_CHAIN);
+
+ // alias
+ ca1 = create_cert(TestData::GEOTRUST);
+ save_cert(ca1, "GEOTRUST");
+ AliasListPtr untrusted_a = create_alias_list("GEOTRUST", NULL);
+
+ assert_invalid_param(ckmc_get_cert_chain_with_trustedcert_alias,
+ NULL_CERT,
+ untrusted_a.get(),
+ untrusted_a.get(),
+ true,
+ &chain);
+
+ assert_invalid_param(ckmc_get_cert_chain_with_trustedcert_alias,
+ ca2,
+ untrusted_a.get(),
+ untrusted_a.get(),
+ true,
+ NULL_CHAIN);
+
+ ckmc_cert_free(ca2);
+}
+
+// check invalid arguments
+RUNNER_TEST(TCCH_0110_get_certificate_chain_alias_unknown)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ckmc_cert_s* ca2 = create_cert(TestData::GIAG2);
+ ckmc_cert_list_s* chain = NULL;
+
+ AliasListPtr non_existing = create_alias_list("NON_EXISTING_ALIAS", NULL);
+ assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
+ ckmc_get_cert_chain_with_trustedcert_alias,
+ ca2,
+ non_existing.get(),
+ NULL_ALIASES,
+ true,
+ &chain);
+
+ assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
+ ckmc_get_cert_chain_with_trustedcert_alias,
+ ca2,
+ NULL_ALIASES,
+ non_existing.get(),
+ true,
+ &chain);
+ ckmc_cert_free(ca2);
+}
+
+/*
+ * This test verifies that chain of trust won't be successfully built unless system or trusted
+ * certificates are used even if real trusted root ca certs are used as untrusted.
+ */
+RUNNER_TEST(TCCH_0120_get_certificate_chain_root_ca_negative)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.enableSystem(false);
+ cv.verifyNegative(TestData::EQUIFAX);
+
+ cv.addUntrusted(TestData::GIAG2);
+ cv.verifyNegative(TestData::GOOGLE_COM);
+}
+
+/*
+ * This test verifies that it's possible to build a chain of trust with single trusted certificate
+ * and no system certificates.
+ */
+RUNNER_TEST(TCCH_0140_get_certificate_chain_trusted_only)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.enableSystem(false);
+ cv.addTrusted(TestData::TEST_ROOT_CA);
+ cv.verifyPositive(TestData::TEST_IM_CA, 2);
+ cv.verifyNegative(TestData::TEST_LEAF);
+}
+
+/*
+ * This test verifies that it's possible to build a chain of trust with system certificates only
+ */
+RUNNER_TEST(TCCH_0150_get_certificate_chain_system_only)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.verifyPositive(TestData::GIAG2, 2); // including system cert
+ cv.verifyNegative(TestData::GOOGLE_COM);
+}
+
+/*
+ * Verifies that chain of trust can be built without untrusted certificates.
+ */
+RUNNER_TEST(TCCH_0160_get_certificate_chain_no_untrusted)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.addTrusted(TestData::TEST_ROOT_CA);
+ cv.verifyPositive(TestData::TEST_IM_CA, 2);// signed by trusted cert (TEST_ROOT_CA)
+ cv.verifyPositive(TestData::GIAG2, 2); // signed by system cert (GEOTRUST)
+ cv.verifyNegative(TestData::GOOGLE_COM);
+}
+
+RUNNER_TEST(TCCH_0170_get_certificate_chain_no_trusted)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.addUntrusted(TestData::GIAG2);
+ cv.verifyPositive(TestData::GOOGLE_COM,3); // including system cert
+ cv.verifyNegative(TestData::TEST_LEAF);
+}
+
+/*
+ * Check if its possible to build a chain of trust without system certs.
+ */
+RUNNER_TEST(TCCH_0180_get_certificate_chain_no_system)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.enableSystem(false);
+ cv.addTrusted(TestData::TEST_ROOT_CA);
+ cv.addUntrusted(TestData::TEST_IM_CA);
+ cv.verifyPositive(TestData::TEST_LEAF, 3);
+ cv.verifyNegative(TestData::GOOGLE_COM);
+}
+
+/*
+ * Check if its possible to build a chain of trust with intermediate ca cert in trusted list.
+ */
+RUNNER_TEST(TCCH_0190_get_certificate_chain_im_ca_in_trusted)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.enableSystem(false);
+ cv.addTrusted(TestData::TEST_ROOT_CA);
+ cv.addTrusted(TestData::TEST_IM_CA);
+ cv.verifyPositive(TestData::TEST_LEAF, 3);
+ cv.verifyNegative(TestData::GOOGLE_COM);
+}
+
+RUNNER_TEST(TCCH_0200_get_certificate_chain_all)
+{
+ reset_user_data(0, CHAINS_PASSWD);
+
+ ChainVerifier<> cv;
+ cv.enableSystem(true);
+ cv.addTrusted(TestData::TEST_ROOT_CA);
+ cv.addUntrusted(TestData::GEOTRUST);
+ cv.addUntrusted(TestData::GIAG2);
+ /*
+ * In combat conditions this may as well be 3. Because of 2 existing GeoTrust certificates with
+ * same Subject and Public key one being root ca and the other not there are 2 possible chains
+ * of trust for this certificate.
+ */
+ cv.verifyPositive(TestData::GOOGLE_COM,4);
+ cv.verifyNegative(TestData::TEST_LEAF);
+}
+
+RUNNER_TEST(TCCH_9999_deinit)
+{
+ remove_user_data(0);
+}
--- /dev/null
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+
+#include <tests_common.h>
+#include <test-certs.h>
+#include <ckm-common.h>
+#include <access_provider2.h>
+
+#include <ckm/ckm-manager.h>
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-type.h>
+
+#include <ckmc/ckmc-manager.h>
+#include <ckmc/ckmc-control.h>
+#include <ckmc/ckmc-type.h>
+#include <ckmc/ckmc-error.h>
+
+#include <ckm-common.h>
+
+#include <string>
+#include <string.h>
+#include <stdio.h>
+#include <stddef.h>
+#include <stdlib.h>
+
+static const int USER_APP = 5000;
+static const int GROUP_APP = 5000;
+
+namespace {
+
+typedef enum {
+ ALIAS_KEY,
+ ALIAS_CERT,
+ ALIAS_DATA
+} alias_type_;
+
+const char* USER_PASS = "user-pass";
+
+int count_aliases(alias_type_ type, int minimum_initial_element_count = 0)
+{
+ ckmc_alias_list_s *aliasList = NULL;
+ int ec;
+ switch(type)
+ {
+ case ALIAS_KEY:
+ ec = ckmc_get_key_alias_list(&aliasList);
+ break;
+
+ case ALIAS_CERT:
+ ec = ckmc_get_cert_alias_list(&aliasList);
+ break;
+
+ case ALIAS_DATA:
+ ec = ckmc_get_data_alias_list(&aliasList);
+ break;
+ }
+ if(ec == CKMC_ERROR_DB_ALIAS_UNKNOWN)
+ return 0;
+ else if(ec==0)
+ {
+ ckmc_alias_list_s *plist = aliasList;
+ int return_count = 0;
+ while(plist)
+ {
+ plist = plist->next;
+ return_count ++;
+ }
+ ckmc_alias_list_all_free(aliasList);
+
+ RUNNER_ASSERT_MSG(
+ return_count >= minimum_initial_element_count,
+ "Error: alias list failed, current element count: " << return_count <<
+ " while expected minimal count of " << minimum_initial_element_count <<
+ " elements");
+
+ return return_count;
+ }
+ else
+ {
+ // error - fail
+ RUNNER_ASSERT_MSG(
+ ec >= 0,
+ "Error: alias list failed, ec: " << CKMCErrorToString(ec));
+ }
+
+ return ec;
+}
+
+ckmc_raw_buffer_s prepare_message_buffer(const char * input)
+{
+ ckmc_raw_buffer_s retval;
+ retval.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(input));
+ retval.size = strlen(input);
+ return retval;
+}
+
+} // namespace anonymous
+
+
+RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
+
+RUNNER_TEST(T3011_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3012_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3013_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3014_Control_C_API)
+{
+ int temp;
+ const uid_t UNIQUE_USER = 15;
+
+ // clean up environment
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
+ CKMCReadableError(temp));
+ // unlock with default password
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
+ CKMCReadableError(temp));
+ // reset password (NULL, "simple-password")
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
+ CKMCReadableError(temp));
+ // get rid of NULL DKEK
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
+ CKMCReadableError(temp));
+ // lock db
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
+ CKMCReadableError(temp));
+ // try to reset password when db locked
+ RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
+ CKMCReadableError(temp));
+ // clean up environment
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3015_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(20, "test-pass")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_change_user_password(20, "test-pass", "new-pass")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3016_Control_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
+
+RUNNER_TEST(T3021_init_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3022_key_C_API)
+{
+ int temp;
+
+ ckmc_key_s test_key, *test_key2;
+ ckmc_policy_s test_policy;
+
+ char* password = NULL;
+ const char *alias = "mykey";
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ test_key2 = &test_key;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3023_certificate_C_API)
+{
+ int temp;
+
+ std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
+
+ char* password = NULL;
+ ckmc_cert_s *cert2;
+ ckmc_cert_s cert;
+
+ const char *alias = "test-cert-1-RSA";
+
+ ckmc_policy_s test_policy;
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ char* char_certPem = new char[certPem.length() + 1];
+ std::strcpy(char_certPem, certPem.c_str());
+ cert.raw_cert = (unsigned char *)char_certPem;
+ cert.cert_size = certPem.length();
+ cert.data_format = CKMC_FORM_PEM;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMCReadableError(temp));
+
+ ckmc_cert_free(cert2);
+}
+
+RUNNER_TEST(T3024_certificate_remove_C_API)
+{
+ int temp;
+
+ char* password = NULL;
+ ckmc_cert_s *cert2;
+ const char *alias = "test-cert-1-RSA";
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMCReadableError(temp));
+ ckmc_cert_free(cert2);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3025_certificate_list_C_API)
+{
+ int temp;
+
+ std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
+
+ char* password = NULL;
+ ckmc_cert_s cert;
+
+ ckmc_policy_s test_policy;
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ char* char_certPem = new char[certPem.length() + 1];
+ std::strcpy(char_certPem, certPem.c_str());
+ cert.raw_cert = (unsigned char *)char_certPem;
+ cert.cert_size = certPem.length();
+ cert.data_format = CKMC_FORM_PEM;
+
+ int current_aliases_num = count_aliases(ALIAS_CERT);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+3) == (temp = count_aliases(ALIAS_CERT)),
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+}
+
+
+RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
+{
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ int temp;
+
+ ckmc_key_s test_key, *test_key2;
+ ckmc_policy_s test_policy;
+
+ char* password = NULL;
+ const char *passwordPolicy = "x";
+ const char *alias = "mykey";
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = const_cast<char *>(passwordPolicy);
+ test_policy.extractable = 1;
+
+ test_key2 = &test_key;
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
+ CKMCReadableError(temp));
+
+ // RUNNER_ASSERT_MSG(
+ // key.getDER() == key2.getDER(), "Key value has been changed by service");
+}
+
+RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
+{
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ ckmc_policy_s test_policy;
+ ckmc_key_s test_key, *test_key2;
+ char* char_keypem = new char[keyPem.length() + 1];
+ char* password = NULL;
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy.password = password;
+ test_policy.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
+ CKMCReadableError(temp));
+}
+
+
+RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
+{
+ int temp;
+
+ std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
+
+ char* password = NULL;
+ ckmc_cert_s *cert2 = NULL;
+ ckmc_cert_s cert;
+
+ ckmc_policy_s test_policy;
+ test_policy.password = password;
+ test_policy.extractable = 1;
+
+ char* char_certPem = new char[certPem.length() + 1];
+ std::strcpy(char_certPem, certPem.c_str());
+ cert.raw_cert = (unsigned char *)char_certPem;
+ cert.cert_size = certPem.length();
+ cert.data_format = CKMC_FORM_PEM;
+
+ const char *alias = "test-cert-1-DSA";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
+ CKMCReadableError(temp));
+
+ ckmc_cert_free(cert2);
+}
+
+RUNNER_TEST(T3029_deinit_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
+
+RUNNER_TEST(T3031_init_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3032_save_keys_get_alias_C_API)
+{
+ int temp;
+
+ char* password = NULL;
+ ckmc_policy_s test_policy1, test_policy2, test_policy3;
+ ckmc_key_s test_key;
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ char* char_keypem = new char[keyPem.length() + 1];
+
+ std::strcpy(char_keypem, keyPem.c_str());
+ test_key.raw_key = (unsigned char *)char_keypem;
+ test_key.key_size = keyPem.length();
+ test_key.key_type = CKMC_KEY_RSA_PUBLIC;
+ test_key.password = password;
+
+ test_policy1.password = password;
+ test_policy1.extractable = 1;
+
+ test_policy2.password = password;
+ test_policy2.extractable = 0;
+
+ test_policy3.password = password;
+ test_policy3.extractable = 0;
+
+ int current_aliases_num = count_aliases(ALIAS_KEY);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+}
+
+
+RUNNER_TEST(T3033_remove_key_C_API)
+{
+ int temp;
+
+ char* password = NULL;
+
+ ckmc_key_s *test_key2;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3034_deinit_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
+
+RUNNER_TEST(T3041_init_C_API)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3042_save_get_bin_data_C_API)
+{
+ int temp;
+
+ ckmc_raw_buffer_s testData1, testData2, testData3;
+ char* password = NULL;
+
+ std::string binData1 = "My bin data1";
+ std::string binData2 = "My bin data2";
+ std::string binData3 = "My bin data3";
+ char* char_binData1 = new char[binData1.length() + 1];
+ char* char_binData2 = new char[binData2.length() + 1];
+ char* char_binData3 = new char[binData3.length() + 1];
+ std::strcpy(char_binData1, binData1.c_str());
+ std::strcpy(char_binData2, binData2.c_str());
+ std::strcpy(char_binData3, binData3.c_str());
+ testData1.data = (unsigned char *) char_binData1;
+ testData2.data = (unsigned char *) char_binData2;
+ testData3.data = (unsigned char *) char_binData3;
+ testData1.size = binData1.length()+1;
+ testData2.size = binData2.length()+1;
+ testData3.size = binData3.length()+1;
+
+ ckmc_policy_s test_policy1, test_policy2, test_policy3;
+
+ test_policy1.password = password;
+ test_policy1.extractable = 1;
+ test_policy2.password = password;
+ test_policy2.extractable = 1;
+ test_policy3.password = password;
+ test_policy3.extractable = 0;
+
+ int current_aliases_num = count_aliases(ALIAS_DATA);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+
+ ckmc_raw_buffer_s *testData4;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
+ CKMCReadableError(temp));
+
+ int compareResult;
+ compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
+ RUNNER_ASSERT_MSG( compareResult == 0,
+ "Data corrupted");
+}
+
+RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
+{
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ ckmc_raw_buffer_s testData1;
+ char* password = NULL;
+ std::string binData1 = "My bin data";
+ char* char_binData1 = new char[binData1.length() + 1];
+ std::strcpy(char_binData1, binData1.c_str());
+ testData1.data = (unsigned char *) char_binData1;
+ testData1.size = binData1.length()+1;
+
+ ckmc_policy_s test_policy1, test_policy2;
+
+ test_policy1.password = password;
+ test_policy1.extractable = 1;
+
+ test_policy2.password = password;
+ test_policy2.extractable = 1;
+
+ std::string binData = "My bin data";
+
+ int current_aliases_num = count_aliases(ALIAS_DATA);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
+ "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
+}
+
+RUNNER_TEST(T3044_remove_bin_data_C_API)
+{
+ int temp;
+
+ int current_aliases_num = count_aliases(ALIAS_DATA, 2);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num-2) == (temp = count_aliases(ALIAS_DATA)),
+ "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << temp);
+
+ char* password = NULL;
+
+ ckmc_raw_buffer_s *testData1, testData2;
+
+ std::string testStr = "My bin data2";
+ char* char_testData2 = new char[testStr.length() + 1];
+ std::strcpy(char_testData2, testStr.c_str());
+ testData2.data = (unsigned char *) char_testData2;
+ testData2.size = testStr.length()+1;
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
+ CKMCReadableError(temp));
+
+ int compareResult;
+ compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
+ RUNNER_ASSERT_MSG( compareResult == 0,
+ "Data corrupted");
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3045_deinit_C_API)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
+
+RUNNER_TEST(T3051_CAPI_init)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
+{
+ int temp;
+
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ size_t size = 1024;
+ const char *private_key_alias = "RSA-test-1-priv";
+ const char *public_key_alias = "RSA-test-1-pub";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = NULL;
+ policy_private_key.extractable = 1;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+
+ int current_aliases_num = count_aliases(ALIAS_KEY);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
+ "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
+
+ ckmc_key_s *privateKey;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
+ "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
+ RUNNER_ASSERT_MSG(
+ privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
+ "Private key is broken.");
+
+ ckmc_key_s *publicKey;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
+ "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
+ RUNNER_ASSERT_MSG(
+ publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
+ "Public key is broken.");
+
+ // on next attempt to generate keys with the same alias, expect fail (alias exists)
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
+{
+ int temp;
+
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ size_t size = 1024;
+ const char *private_key_alias = "DSA-test-2-priv";
+ const char *public_key_alias = "DSA-test-2-pub";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = NULL;
+ policy_private_key.extractable = 1;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ int current_aliases_num = count_aliases(ALIAS_KEY);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
+ "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
+
+ ckmc_key_s *privateKey = 0;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
+ "Private key is broken.");
+ RUNNER_ASSERT_MSG(
+ privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
+ "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
+ ckmc_key_free(privateKey);
+
+ ckmc_key_s *pubKey = 0;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
+ "Public key is broken.");
+ RUNNER_ASSERT_MSG(
+ pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
+ "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
+ ckmc_key_free(pubKey);
+
+ // on next attempt to generate keys with the same alias, expect fail (alias exists)
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+}
+
+
+RUNNER_TEST(T3054_CAPI_deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
+
+RUNNER_TEST(T3061_CAPI_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
+{
+ int temp;
+
+ size_t size = 1024;
+ const char *private_key_alias = "rsa-test-1";
+ const char *public_key_alias = "rsa-test-2";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = const_cast<char *>("privatepassword");
+ policy_private_key.extractable = 0;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+
+ // on next attempt to generate keys with the same alias, expect fail (alias exists)
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
+{
+ int temp;
+
+ size_t size = 1024;
+ const char *private_key_alias = "dsa-test-1";
+ const char *public_key_alias = "dsa-test-2";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = const_cast<char *>("privatepassword");
+ policy_private_key.extractable = 0;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
+{
+ int temp;
+
+ ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
+ const char *private_key_alias = "ecdsa-test-1";
+ const char *public_key_alias = "ecdsa-test-2";
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = const_cast<char *>("privatepassword");
+ policy_private_key.extractable = 0;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3065_CAPI_deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+}
+
+// TODO
+//RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
+
+
+
+RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
+
+RUNNER_TEST(T3071_CAPI_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
+{
+ std::string ee = TestData::getTestCertificateBase64(TestData::MBANK);
+ std::string im = TestData::getTestCertificateBase64(TestData::SYMANTEC);
+
+ ckmc_cert_s c_cert;
+ c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
+ c_cert.cert_size = ee.size();
+ c_cert.data_format = CKMC_FORM_PEM;
+
+ ckmc_cert_s c_cert1;
+ c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
+ c_cert1.cert_size = im.size();
+ c_cert1.data_format = CKMC_FORM_PEM;
+
+ ckmc_cert_list_s untrustedcerts;
+ untrustedcerts.cert = &c_cert1;
+ untrustedcerts.next = NULL;
+
+ ckmc_cert_list_s *cert_chain_list;
+
+ int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
+
+ RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
+
+ ckmc_ocsp_status_e ocsp_status;
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
+ RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
+}
+
+RUNNER_TEST(T3075_CAPI_deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
+
+RUNNER_TEST(T3081_CAPI__init)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
+{
+ int temp;
+
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "Proc-Type: 4,ENCRYPTED\n"
+ "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
+ "\n"
+ "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
+ "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
+ "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
+ "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
+ "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
+ "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
+ "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
+ "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
+ "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
+ "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
+ "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
+ "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
+ "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
+ "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
+ "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
+ "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
+ "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
+ "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
+ "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
+ "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
+ "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
+ "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
+ "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
+ "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
+ "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----\n";
+
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+
+ const char *pub_alias = "pub1";
+ const char *pri_alias = "prv1";
+ const char *key_passwd = "1234";
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_key_s pubkey;
+ pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ pubkey.key_size = pub.size();
+ pubkey.key_type = CKMC_KEY_NONE;
+ pubkey.password = NULL;
+
+ ckmc_policy_s pubpolicy;
+ pubpolicy.password = pub_passwd;
+ pubpolicy.extractable = 0;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = const_cast<char *>(key_passwd);
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
+{
+ int temp;
+
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
+ const char *pub_alias = "pub1";
+ const char *pri_alias = "prv1";
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
+{
+ int temp;
+
+ std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
+ "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
+ "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
+ "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
+ "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END PUBLIC KEY-----\n";
+
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+ const char *pri_alias = "ecprv2";
+ const char *pub_alias = "ecpub2";
+ char *key_passwd = NULL;
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_key_s pubkey;
+ pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ pubkey.key_size = pub.size();
+ pubkey.key_type = CKMC_KEY_NONE;
+ pubkey.password = NULL;
+
+ ckmc_policy_s pubpolicy;
+ pubpolicy.password = pub_passwd;
+ pubpolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = key_passwd;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
+{
+ int temp;
+
+ std::string prv =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
+ "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
+ "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
+ "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
+ "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
+ "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
+ "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
+ "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
+ "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
+ "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
+ "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
+ "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
+ "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
+ "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
+ "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
+ "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
+ "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
+ "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
+ "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
+ "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
+ "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
+ "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
+ "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
+ "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
+ "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
+ "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
+ "-----END CERTIFICATE-----\n";
+
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+
+ const char *pri_alias = "prv3";
+ const char *pub_alias = "pub3";
+ char *key_passwd = NULL;
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_cert_s cert;
+ cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ cert.cert_size = pub.size();
+ cert.data_format = CKMC_FORM_PEM;
+
+ ckmc_policy_s certpolicy;
+ certpolicy.password = pub_passwd;
+ certpolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = key_passwd;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMCReadableError(temp));
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
+{
+ int temp;
+
+ const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
+ "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
+ "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
+ "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
+ "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
+ "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
+ "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
+ "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
+ "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
+ "YMYCBhubtrVaLmc=\n"
+ "-----END PUBLIC KEY-----";
+
+ const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
+ "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
+ "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
+ "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
+ "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
+ "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
+ "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
+ "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
+ "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
+ "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
+ "u1roOuaPY+Hl19BlTE2qdw==\n"
+ "-----END DSA PRIVATE KEY-----";
+
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+
+ const char *pub_alias = "dsa-pub1";
+ const char *pri_alias = "dsa-prv1";
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature = NULL;
+
+ ckmc_key_s pubkey;
+ pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ pubkey.key_size = pub.size();
+ pubkey.key_type = CKMC_KEY_NONE;
+ pubkey.password = NULL;
+
+ ckmc_policy_s pubpolicy;
+ pubpolicy.password = pub_passwd;
+ pubpolicy.extractable = 0;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
+ prikey.key_size = priv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = NULL;
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ // positive test
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ // negative test
+ ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ invalid_msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ ckmc_buffer_free(signature);
+}
+
+RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
+{
+ int temp;
+
+ size_t size = 1024;
+ ckmc_policy_s policy_private_key;
+ ckmc_policy_s policy_public_key;
+
+ policy_private_key.password = NULL;
+ policy_private_key.extractable = 1;
+
+ policy_public_key.password = NULL;
+ policy_public_key.extractable = 1;
+
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+
+ const char *pub_alias = "dsa-pub2";
+ const char *pri_alias = "dsa-prv2";
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias, pub_alias, policy_private_key, policy_public_key)),
+ "Error=" << temp);
+
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_key_s *pubkey = NULL;
+ ckmc_key_s *prikey = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias, 0, &prikey)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias, 0, &pubkey)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ // positive test
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ // negative test
+ ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ invalid_msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ ckmc_key_free(prikey);
+ ckmc_key_free(pubkey);
+ ckmc_buffer_free(signature);
+}
+
+RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
+{
+ int temp;
+
+ std::string prv =
+ "-----BEGIN EC PRIVATE KEY-----\n"
+ "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
+ "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
+ "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
+ "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
+ "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
+ "ELyhe7yPCAuOoLZlTLgf\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
+ "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
+ "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
+ "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
+ "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
+ "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
+ "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
+ "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
+ "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
+ "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
+ "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
+ "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
+ "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
+ "Q1oBry6NEc+lLFmWMDesAA==\n"
+ "-----END CERTIFICATE-----\n";
+
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+
+ const char *pri_alias = "prv4";
+ const char *pub_alias = "pub4";
+ char *key_passwd = NULL;
+ char *pri_passwd = NULL;
+ char *pub_passwd = NULL;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature;
+
+ ckmc_cert_s cert;
+ cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
+ cert.cert_size = pub.size();
+ cert.data_format = CKMC_FORM_PEM;
+
+ ckmc_policy_s certpolicy;
+ certpolicy.password = pub_passwd;
+ certpolicy.extractable = 1;
+
+ ckmc_key_s prikey;
+ prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
+ prikey.key_size = prv.size();
+ prikey.key_type = CKMC_KEY_NONE;
+ prikey.password = key_passwd;
+
+ ckmc_policy_s pripolicy;
+ pripolicy.password = pri_passwd;
+ pripolicy.extractable = 0;
+
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ pri_alias,
+ pri_passwd,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
+ memcpy((void*)signature->data, "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+ pub_alias,
+ pub_passwd,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3089_CAPI__deinit)
+{
+ int temp;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+}
+
+
+//#######################################################################################
+
+void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
+{
+ RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
+ RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
+
+ if(key->password != NULL && password != NULL) {
+ RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
+ }else if(key->password == NULL && password == NULL) {
+ RUNNER_ASSERT_MSG(true, "Password Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "Password Error" );
+ }
+
+ if(key->raw_key != NULL && raw_key != NULL) {
+ for(unsigned int i=0; i<key_size; i++) {
+ RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
+ }
+ }else if(key->raw_key == NULL && raw_key == NULL) {
+ RUNNER_ASSERT_MSG(true, "Raw Key Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "Raw Key Error" );
+ }
+}
+
+RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
+
+RUNNER_TEST(T3091_CAPI_TYPE_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3092_CAPI_TYPE_KEY)
+{
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
+ unsigned int key_size = keyPem.size();
+ ckmc_key_type_e key_type = CKMC_KEY_NONE;
+ char *password = const_cast< char *>("");
+
+ ckmc_key_s *key;
+ ckmc_key_new(raw_key, key_size, key_type, password, &key);
+
+ _assertKey(key, raw_key, key_size, key_type, password);
+ ckmc_key_free(key);
+
+ char *passwordNull = NULL;
+ ckmc_key_s *key2;
+ ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
+ ckmc_key_free(key2);
+}
+
+RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
+{
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
+ unsigned int size = keyPem.size();
+
+ ckmc_raw_buffer_s *buff;
+ ckmc_buffer_new(data, size, &buff);
+
+ RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
+
+ if(buff->data != NULL && data != NULL) {
+ for(unsigned int i=0; i<size; i++) {
+ RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
+ }
+ }else if(buff->data == NULL && data == NULL) {
+ RUNNER_ASSERT_MSG(true, "Raw data Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "Raw data Error" );
+ }
+
+ ckmc_buffer_free(buff);
+}
+
+RUNNER_TEST(T3094_CAPI_TYPE_CERT)
+{
+ std::string certPem = TestData::getTestCertificateBase64(TestData::GIAG2);
+
+ unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
+ unsigned int size = certPem.size();
+ ckmc_data_format_e form = CKMC_FORM_PEM;
+
+ ckmc_cert_s *ckmCert;
+ ckmc_cert_new(raw_cert, size, form, &ckmCert);
+
+ RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
+
+ if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
+ for(unsigned int i=0; i<size; i++) {
+ RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
+ }
+ }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
+ RUNNER_ASSERT_MSG(true, "raw_cert Error" );
+ }else {
+ RUNNER_ASSERT_MSG(false, "raw_cert Error" );
+ }
+
+ RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
+
+ ckmc_cert_free(ckmCert);
+}
+
+
+RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
+{
+ int ret;
+
+ std::string certStr = TestData::getTestCertificateBase64(TestData::MBANK);
+
+ const char *file_name = "/tmp/ckmc_test_cert.pem";
+ remove(file_name);
+
+ FILE* cert_file;
+ cert_file = fopen(file_name, "w");
+ fprintf(cert_file, "%s",certStr.c_str());
+ fclose(cert_file);
+
+ ckmc_cert_s *pcert;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
+ CKMCReadableError(ret));
+
+ RUNNER_ASSERT_MSG(
+ pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
+
+ const char *lcert_alias = "lcert_alias";
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = 1;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias, *pcert, policy)),
+ CKMCReadableError(ret));
+
+ remove(file_name);
+}
+
+RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
+ const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
+ const char *password = "password";
+
+ int temp;
+
+ ckmc_key_s *private_key = NULL;
+ ckmc_cert_s *cert = NULL;
+ ckmc_cert_list_s *ca_cert_list = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
+ &private_key, &cert, &ca_cert_list)),
+ "Error=" << temp);
+ RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
+ RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
+ RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
+
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = 1;
+
+
+ const char *pkey_alias = "pkey_alias";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *private_key, policy)),
+ CKMCReadableError(temp));
+
+ const char *cert_alias = "cert_alias";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *cert, policy)),
+ CKMCReadableError(temp));
+ std::string caCertAlias = "ca_cert_alias_";
+ const char *idx = "0";
+ int cnt = 0;
+ ckmc_cert_list_s *tmpList = ca_cert_list;
+ while(tmpList != NULL) {
+ caCertAlias.append(idx);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
+ CKMCReadableError(temp));
+ tmpList = tmpList->next;
+ cnt ++;
+ }
+
+ RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
+
+ ckmc_key_free(private_key);
+ ckmc_cert_free(cert);
+ ckmc_cert_list_all_free(ca_cert_list);
+}
+
+RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
+ const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
+ const char *password = "password";
+
+ int temp;
+
+ ckmc_pkcs12_s *ppkcs12 = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
+ RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
+ RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
+
+ ckmc_policy_s policy;
+ policy.password = NULL;
+ policy.extractable = 1;
+
+
+ const char *pkey_alias = "pkey_alias2";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *(ppkcs12->priv_key), policy)),
+ CKMCReadableError(temp));
+
+ const char *cert_alias = "cert_alias2";
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *(ppkcs12->cert), policy)),
+ CKMCReadableError(temp));
+ std::string caCertAlias = "ca_cert_alias_2_";
+ const char *idx = "0";
+ int cnt = 0;
+ ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
+ while(tmpList != NULL) {
+ caCertAlias.append(idx);
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
+ CKMCReadableError(temp));
+ tmpList = tmpList->next;
+ cnt ++;
+ }
+
+ RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
+
+ ckmc_pkcs12_free(ppkcs12);
+}
+
+RUNNER_TEST(T3098_CAPI_TYPE_deinit)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
+
+namespace
+{
+const char* alias_PKCS_exportable = "CAPI-test-PKCS-export";
+const char* alias_PKCS_not_exportable = "CAPI-test-PKCS-no-export";
+}
+
+RUNNER_TEST(T3101_CAPI_PKCS12_init)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "PKCS-pass")),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
+{
+ const char *wrong_passwd = "wrong";
+ ckmc_pkcs12_s *ppkcs12 = NULL;
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
+{
+ ckmc_pkcs12_s *ppkcs12 = NULL;
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
+
+ // save to the CKM
+ ckmc_policy_s exportable;
+ exportable.password = NULL;
+ exportable.extractable = 1;
+ ckmc_policy_s notExportable;
+ notExportable.password = NULL;
+ notExportable.extractable = 0;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
+ CKMCReadableError(temp));
+
+ // try to lookup key
+ ckmc_key_s *key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
+ CKMCReadableError(temp));
+ ckmc_key_free(key_lookup);
+ key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable, "", &key_lookup)),
+ CKMCReadableError(temp));
+ ckmc_key_free(key_lookup);
+
+ // try to lookup certificate
+ ckmc_cert_s *cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
+ CKMCReadableError(temp));
+ ckmc_cert_free(cert_lookup);
+ cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
+ CKMCReadableError(temp));
+ ckmc_cert_free(cert_lookup);
+}
+
+RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
+{
+ int temp;
+ ckmc_pkcs12_s *pkcs = NULL;
+
+ // fail - no entry
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12("i-do-not-exist", NULL, NULL, &pkcs)),
+ CKMCReadableError(temp));
+ ckmc_pkcs12_free(pkcs);
+ pkcs = NULL;
+
+ // fail - not exportable
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable, NULL, NULL, &pkcs)),
+ CKMCReadableError(temp));
+ ckmc_pkcs12_free(pkcs);
+ pkcs = NULL;
+
+ // success - exportable
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable, NULL, NULL, &pkcs)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
+ RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
+ size_t cntr = 0;
+ ckmc_cert_list_s *iter = pkcs->ca_chain;
+ do {
+ cntr ++;
+ iter = iter->next;
+ } while(iter);
+ RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
+
+ ckmc_pkcs12_free(pkcs);
+}
+
+RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
+{
+ ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
+
+ int temp;
+ ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
+ ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
+ ckmc_raw_buffer_s *signature = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+ alias_PKCS_exportable,
+ NULL,
+ msg_buff,
+ hash_algo,
+ pad_algo,
+ &signature)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+ alias_PKCS_exportable,
+ NULL,
+ msg_buff,
+ *signature,
+ hash_algo,
+ pad_algo)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
+{
+ int tmp;
+
+ // remove the whole PKCS12 bundles
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_exportable)),
+ CKMCReadableError(tmp));
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_not_exportable)),
+ CKMCReadableError(tmp));
+
+ // expect lookup fails due to unknown alias
+ // try to lookup key
+ ckmc_key_s *key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_key_free(key_lookup);
+ key_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable, NULL, &key_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_key_free(key_lookup);
+
+ // try to lookup certificate
+ ckmc_cert_s *cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_cert_free(cert_lookup);
+ cert_lookup = NULL;
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
+ CKMCReadableError(tmp));
+ ckmc_cert_free(cert_lookup);
+}
+
+RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
+{
+ int temp;
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
+
+RUNNER_TEST(T3201_CAPI_unlock_database)
+{
+ int temp;
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
+ CKMCReadableError(temp));
+}
+
+RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
+{
+ int temp;
+ char alias[10] = "mykey";
+ char *password = NULL;
+ ckmc_key_s *test_key = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias, password, &test_key)),
+ "Error=" << temp);
+
+ RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
+}
+
+RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
+{
+ int temp;
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
+ CKMCReadableError(temp));
+}
+
+RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
+{
+ int temp;
+ char alias[10] = "mykey";
+ char *password = NULL;
+ ckmc_key_s *test_key = NULL;
+
+ RUNNER_ASSERT_MSG(
+ CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key)),
+ CKMCReadableError(temp));
+
+ RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
+}
+
+RUNNER_TEST(T3204_deinit)
+{
+ int temp;
+ RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
+ CKMCReadableError(temp));
+}
+
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file cc-mode.cpp
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <string>
+
+#include <vconf/vconf.h>
+
+#include <dpl/test/test_runner.h>
+#include <tests_common.h>
+#include <ckm-common.h>
+#include <ckm/ckm-manager.h>
+#include <ckm/ckm-control.h>
+
+using namespace CKM;
+using namespace std;
+
+#ifndef VCONFKEY_SECURITY_MDPP_STATE
+#define VCONFKEY_SECURITY_MDPP_STATE "file/security_mdpp/security_mdpp_state"
+#endif
+
+namespace {
+
+const useconds_t SLEEP = 100*1000;
+
+const size_t MAX_RETRIES = 50;
+
+const char* const ENABLED = "Enabled";
+const char* const ENFORCING = "Enforcing";
+const char* const DISABLED = "Disabled";
+const char* const READY = "Ready";
+const char* const UNSET = "Unset"; // Meaningless value for unset.
+
+const char* const USER_LABEL = "User";
+const char* const CKM_LOCK = "/var/run/key-manager.pid";
+
+const char* const CC_PASSWD = "t200-special-password";
+
+// Wrapper for mdpp state that restores the original value upon destruction
+class MdppState
+{
+public:
+ MdppState();
+ ~MdppState();
+
+ // pass NULL to unset
+ void set(const char* const value);
+
+private:
+ char* m_original;
+};
+
+MdppState::MdppState()
+{
+ ScopedLabel sl(USER_LABEL);
+ m_original = vconf_get_str(VCONFKEY_SECURITY_MDPP_STATE);
+}
+
+MdppState::~MdppState()
+{
+ ScopedLabel sl(USER_LABEL);
+ if (!m_original)
+ vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, UNSET);
+ else {
+ vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, m_original);
+ }
+}
+
+void MdppState::set(const char* const value)
+{
+ ScopedLabel sl(USER_LABEL);
+ if (value)
+ {
+ int ret = vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, value);
+ RUNNER_ASSERT_MSG(0 == ret,
+ "vconf_set() failed, ec: " << ret);
+ }
+ else
+ vconf_set_str(VCONFKEY_SECURITY_MDPP_STATE, UNSET);
+}
+
+
+
+Alias rsa_pri_alias("rsa-private-T2002");
+Alias rsa_pub_alias("rsa-public-T2002");
+Alias ecdsa_pri_alias("ecdsa-private-T2002");
+Alias ecdsa_pub_alias("ecdsa-public-T2002");
+
+void save_keys()
+{
+ int temp;
+ auto manager = Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(
+ 1024,
+ rsa_pri_alias,
+ rsa_pub_alias,
+ Policy(Password(), true),
+ Policy(Password(), true))),
+ "Error=" << ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(
+ ElipticCurve::prime192v1,
+ ecdsa_pri_alias,
+ ecdsa_pub_alias,
+ Policy(Password(), true),
+ Policy(Password(), true))),
+ "Error=" << ErrorToString(temp));
+}
+
+void read_key(ManagerShPtr& manager, const Alias& alias, int expected) {
+ KeyShPtr key;
+ int temp;
+ RUNNER_ASSERT_MSG(
+ expected == (temp = manager->getKey(alias, Password(), key)),
+ "Expected: " << expected << "/" << ErrorToString(expected) << " got: " << temp << "/" <<
+ ErrorToString(temp));
+}
+
+void read_keys(int expected)
+{
+// if mdpp is disabled at compilation time we expect that read_key always succeeds
+#ifndef DSECURITY_MDFPP_STATE_ENABLE
+ expected = CKM_API_SUCCESS;
+#endif
+ auto manager = Manager::create();
+
+ read_key(manager, rsa_pri_alias, expected);
+ read_key(manager, ecdsa_pri_alias, expected);
+}
+
+void update_cc_mode()
+{
+ auto control = Control::create();
+ int ret;
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (ret = control->updateCCMode()),
+ "Error=" << ErrorToString(ret));
+}
+
+void restart_ckm(const char* const mdpp_setting)
+{
+ stop_service(MANAGER);
+ MdppState mdpp;
+ mdpp.set(mdpp_setting);
+ start_service(MANAGER);
+}
+} // namespace anonymous
+
+RUNNER_TEST_GROUP_INIT(CKM_CC_MODE);
+
+RUNNER_TEST(TCC_0000_init)
+{
+ reset_user_data(0, CC_PASSWD);
+}
+
+// updatedCCMode should succeed regardless of mdpp setting
+RUNNER_TEST(TCC_0010_updateCCMode)
+{
+ MdppState mdpp;
+
+ mdpp.set(NULL);
+ update_cc_mode();
+
+ mdpp.set(ENABLED);
+ update_cc_mode();
+
+ mdpp.set(ENFORCING);
+ update_cc_mode();
+
+ mdpp.set(DISABLED);
+ update_cc_mode();
+
+ mdpp.set(READY);
+ update_cc_mode();
+
+ mdpp.set("whatever");
+ update_cc_mode();
+}
+
+// tests without listener (ckm only)
+RUNNER_TEST(TCC_0020_noListener)
+{
+ stop_service(LISTENER);
+ MdppState mdpp;
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+
+ mdpp.set(NULL);
+ update_cc_mode();
+ read_keys(CKM_API_SUCCESS);
+
+ mdpp.set(DISABLED);
+ update_cc_mode();
+ // MJK, it's counter-intuitive: Disabled does not mean
+ // that CC mode is disabled, but that device
+ // self-test failed "device DISABLED"
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+
+ mdpp.set("whatever");
+ update_cc_mode();
+ read_keys(CKM_API_SUCCESS);
+
+ mdpp.set(ENABLED);
+ update_cc_mode();
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+
+ mdpp.set(ENFORCING);
+ update_cc_mode();
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+
+ mdpp.set(READY);
+ update_cc_mode();
+ read_keys(CKM_API_SUCCESS);
+
+ mdpp.set("whatever");
+ update_cc_mode();
+ read_keys(CKM_API_SUCCESS);
+
+ mdpp.set(DISABLED);
+ update_cc_mode();
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+}
+
+// when listener is started with mdpp key unset it should not update mdpp status in ckm
+RUNNER_TEST(TCC_0030_noCallbackRegistered)
+{
+ // restart listener without vconf callback
+ stop_service(LISTENER);
+ reset_user_data(0, CC_PASSWD);
+ MdppState mdpp;
+ mdpp.set(NULL);
+ update_cc_mode();
+ start_service(LISTENER);
+
+ // save and read
+ save_keys();
+ read_keys(CKM_API_SUCCESS);
+
+ mdpp.set(ENABLED);
+ usleep(SLEEP); // give some time for notification to reach ckm
+
+ read_keys(CKM_API_SUCCESS);
+}
+
+// when listener is started with mdpp key set it should update mdpp status in ckm
+RUNNER_TEST(TCC_0040_callbackRegistered)
+{
+ // restart listener with vconf callback
+ stop_service(LISTENER);
+ MdppState mdpp;
+ mdpp.set(DISABLED);
+ update_cc_mode();
+ start_service(LISTENER);
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+
+ mdpp.set("whatever");
+ usleep(SLEEP); // give some time for notification to reach ckm
+ read_keys(CKM_API_SUCCESS);
+
+ mdpp.set(ENABLED);
+ usleep(SLEEP); // give some time for notification to reach ckm
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+
+ mdpp.set(DISABLED);
+ usleep(SLEEP); // give some time for notification to reach ckm
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+
+ mdpp.set(READY);
+ usleep(SLEEP); // give some time for notification to reach ckm
+ read_keys(CKM_API_SUCCESS);
+
+ mdpp.set(ENFORCING);
+ usleep(SLEEP); // give some time for notification to reach ckm
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+
+ mdpp.set(NULL);
+ usleep(SLEEP); // give some time for notification to reach ckm
+ read_keys(CKM_API_SUCCESS);
+}
+
+// run ckm manually and see if it properly loads mdpp setting
+RUNNER_TEST(TCC_0050_manualCkmDisabled)
+{
+ restart_ckm(DISABLED);
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+}
+
+// run ckm manually and see if it properly loads mdpp setting
+RUNNER_TEST(TCC_0060_manualCkmEnabled)
+{
+ restart_ckm(ENABLED);
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+}
+
+// run ckm manually and see if it properly loads mdpp setting
+RUNNER_TEST(TCC_0070_manualCkmEnforcing)
+{
+ restart_ckm(ENFORCING);
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+ read_keys(CKM_API_ERROR_BAD_REQUEST);
+}
+
+// run ckm manually and see if it properly loads mdpp setting
+RUNNER_TEST(TCC_0075_manualCkmReady)
+{
+ restart_ckm(READY);
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+ read_keys(CKM_API_SUCCESS);
+}
+
+// run ckm manually and see if it properly loads mdpp setting
+RUNNER_TEST(TCC_0080_manualCkmWhatever)
+{
+ restart_ckm("whatever");
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+ read_keys(CKM_API_SUCCESS);
+}
+
+// run ckm manually and see if it properly loads mdpp setting
+RUNNER_TEST(TCC_0090_manualCkmUnset)
+{
+ restart_ckm(NULL);
+
+ reset_user_data(0, CC_PASSWD);
+ save_keys();
+ read_keys(CKM_API_SUCCESS);
+}
+
+// make sure listener won't activate ckm to update mdpp
+RUNNER_TEST(TCC_0100_listenerDoesntStartCkm)
+{
+ stop_service(MANAGER);
+ stop_service(LISTENER);
+
+ MdppState mdpp;
+ mdpp.set(ENABLED);
+
+ start_service(LISTENER);
+
+ usleep(1000*1000); // by that time ckm would be already started
+
+ int lock = TEMP_FAILURE_RETRY(open(CKM_LOCK, O_RDWR));
+ RUNNER_ASSERT_MSG(-1 != lock, "Error in opening lock file. Errno: " << strerror(errno));
+
+ int ret = lockf(lock, F_TEST, 0);
+ close(lock);
+ RUNNER_ASSERT_MSG(ret == 0, "CKM lock is occupied. CKM seems to be running.");
+}
+
+RUNNER_TEST(TCC_9999_deinit)
+{
+ remove_user_data(0);
+}
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file ckm-common.cpp
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ */
+#include <string>
+
+#include <sys/smack.h>
+#include <ckmc/ckmc-type.h>
+#include <ckm-common.h>
+#include <tests_common.h>
+#include <access_provider2.h>
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-manager.h>
+#include <ckmc/ckmc-control.h>
+#include <ckmc/ckmc-manager.h>
+#include <service_manager.h>
+
+const char* SERVICE[] = {
+ "central-key-manager-listener.service",
+ "central-key-manager.service" };
+
+void start_service(ServiceIdx idx)
+{
+ ServiceManager sm(SERVICE[idx]);
+ sm.startService();
+}
+
+void stop_service(ServiceIdx idx)
+{
+ ServiceManager sm(SERVICE[idx]);
+ sm.stopService();
+}
+
+
+void switch_to_storage_user(const char* label)
+{
+ AccessProvider ap(label);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(APP_UID, APP_GID);
+}
+
+void switch_to_storage_ocsp_user(const char* label)
+{
+ AccessProvider ap(label);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.allowAPI("key-manager::api-ocsp", "rw");
+ ap.applyAndSwithToUser(APP_UID, APP_GID);
+}
+
+DBCleanup::~DBCleanup()
+{
+ // Let it throw. If db can't be cleared further tests are unreliable
+ CKM::ManagerShPtr mgr = CKM::Manager::create();
+ for(const auto& it:m_aliases)
+ mgr->removeAlias(it);
+ m_aliases.clear();
+}
+
+// returns process label
+CharPtr get_label()
+{
+ int ret;
+ char* my_label = NULL;
+ RUNNER_ASSERT_MSG(0 <= (ret = smack_new_label_from_self(&my_label)),
+ "Failed to get smack label for self. Error: " << ret);
+
+ return CharPtr(my_label, free);
+}
+
+std::string aliasWithLabel(const char *label, const char *alias)
+{
+ if(label)
+ {
+ std::stringstream ss;
+ ss << label << std::string(ckmc_label_name_separator) << alias;
+ return ss.str();
+ }
+ return std::string(alias);
+}
+
+// changes process label
+void change_label(const char* label)
+{
+ int ret = smack_set_label_for_self(label);
+ RUNNER_ASSERT_MSG(0 == ret, "Error in smack_set_label_for_self. Error: " << ret);
+}
+
+ScopedLabel::ScopedLabel(const char* label) : m_original_label(get_label())
+{
+ change_label(label);
+}
+
+ScopedLabel::~ScopedLabel()
+{
+ /*
+ * Let it throw. If we can't restore label then remaining tests results will be
+ * unreliable anyway.
+ */
+ change_label(m_original_label.get());
+}
+
+const char * CKMCErrorToString(int error) {
+#define ERRORDESCRIBE(name) case name: return #name
+ switch(error) {
+ ERRORDESCRIBE(CKMC_ERROR_NONE);
+ ERRORDESCRIBE(CKMC_ERROR_INVALID_PARAMETER);
+ ERRORDESCRIBE(CKMC_ERROR_OUT_OF_MEMORY);
+ ERRORDESCRIBE(CKMC_ERROR_PERMISSION_DENIED);
+ ERRORDESCRIBE(CKMC_ERROR_SOCKET);
+ ERRORDESCRIBE(CKMC_ERROR_BAD_REQUEST);
+ ERRORDESCRIBE(CKMC_ERROR_BAD_RESPONSE);
+ ERRORDESCRIBE(CKMC_ERROR_SEND_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_RECV_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_AUTHENTICATION_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_BUFFER_TOO_SMALL);
+ ERRORDESCRIBE(CKMC_ERROR_SERVER_ERROR);
+ ERRORDESCRIBE(CKMC_ERROR_DB_LOCKED);
+ ERRORDESCRIBE(CKMC_ERROR_DB_ERROR);
+ ERRORDESCRIBE(CKMC_ERROR_DB_ALIAS_EXISTS);
+ ERRORDESCRIBE(CKMC_ERROR_DB_ALIAS_UNKNOWN);
+ ERRORDESCRIBE(CKMC_ERROR_VERIFICATION_FAILED);
+ ERRORDESCRIBE(CKMC_ERROR_INVALID_FORMAT);
+ ERRORDESCRIBE(CKMC_ERROR_FILE_ACCESS_DENIED);
+ ERRORDESCRIBE(CKMC_ERROR_NOT_EXPORTABLE);
+ ERRORDESCRIBE(CKMC_ERROR_FILE_SYSTEM);
+ ERRORDESCRIBE(CKMC_ERROR_UNKNOWN);
+ default: return "Error not defined";
+ }
+#undef ERRORDESCRIBE
+}
+
+std::string CKMCReadableError(int error) {
+ std::string output("Error: ");
+ output += std::to_string(error);
+ output += " Description: ";
+ output += CKMCErrorToString(error);
+ return output;
+}
+
+void unlock_user_data(uid_t user_id, const char *passwd)
+{
+ int ret;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (ret = control->unlockUserKey(user_id, passwd)),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+void remove_user_data(uid_t user_id)
+{
+ int ret;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (ret = control->lockUserKey(user_id)),
+ "Error=" << CKM::ErrorToString(ret));
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (ret = control->removeUserData(user_id)),
+ "Remove user data failed with error: " << CKM::ErrorToString(ret));
+}
+
+void reset_user_data(uid_t user_id, const char *passwd)
+{
+ remove_user_data(user_id);
+ unlock_user_data(user_id, passwd);
+}
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file ckm-common.h
+ * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
+ * @version 1.0
+ */
+
+#pragma once
+
+#include <unordered_set>
+#include <memory>
+#include <ckm/ckm-type.h>
+#include <ckmc/ckmc-error.h>
+#include <tests_common.h>
+
+void switch_to_storage_user(const char* label);
+void switch_to_storage_ocsp_user(const char* label);
+
+
+// RUNNER_ASSERT wrappers
+template <typename F, typename... Args>
+void assert_result(int expected, F&& func, Args... args)
+{
+ int ret = func(args...);
+ RUNNER_ASSERT_MSG(ret == expected, "Expected " << expected << " got: " << ret);
+}
+
+template <typename F, typename... Args>
+void assert_positive(F&& func, Args... args)
+{
+ assert_result(CKMC_ERROR_NONE, std::move(func), args...);
+}
+
+template <typename F, typename... Args>
+void assert_invalid_param(F&& func, Args... args)
+{
+ assert_result(CKMC_ERROR_INVALID_PARAMETER, std::move(func), args...);
+}
+
+
+// list operations
+template <typename T>
+size_t list_size(const T* list)
+{
+ size_t size = 0;
+ while(list) {
+ list = list->next;
+ size++;
+ }
+ return size;
+}
+
+
+// service lifecycle management
+enum ServiceIdx {
+ LISTENER,
+ MANAGER
+};
+void start_service(ServiceIdx idx);
+void stop_service(ServiceIdx idx);
+
+// support for error printing
+const char * CKMCErrorToString(int error);
+std::string CKMCReadableError(int error);
+
+// Class responsible for db cleanup after positive tests. Will remove all used aliases in destructor
+class DBCleanup
+{
+public:
+ DBCleanup() {}
+
+ const char* alias(const char* alias)
+ {
+ return m_aliases.insert(CKM::Alias(alias)).first->c_str();
+ }
+
+ ~DBCleanup();
+
+private:
+ std::unordered_set<CKM::Alias> m_aliases;
+};
+
+// scoped free
+typedef std::unique_ptr<char, void (*)(void *)> CharPtr;
+
+// returns process label
+CharPtr get_label();
+
+std::string aliasWithLabel(const char *label, const char *alias);
+
+// changes process label
+void change_label(const char* label);
+
+// changes process label upon construction and restores it upon destruction
+class ScopedLabel
+{
+public:
+ ScopedLabel(const char* label);
+ ~ScopedLabel();
+
+private:
+ CharPtr m_original_label;
+};
+
+void unlock_user_data(uid_t user_id, const char *passwd);
+void remove_user_data(uid_t user_id);
+void reset_user_data(uid_t user_id, const char *passwd);
--- /dev/null
+/*
+ * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ */
+/*
+ * @file security_server_tests_clean_env.cpp
+ * @author Zbigniew Jasinski (z.jasinski@samsung.com)
+ * @version 1.0
+ * @brief Functions to prepare clean env for tests.
+ *
+ */
+
+#include <ftw.h>
+#include <unistd.h>
+
+#include <ckm/ckm-control.h>
+
+#include <service_manager.h>
+#include <clean-env.h>
+
+int restart_security_server() {
+ ServiceManager sm("security-server.service");
+ sm.restartService();
+
+ return 0;
+}
+
+static int nftw_rmdir_contents(const char *fpath, const struct stat * /*sb*/,
+ int tflag, struct FTW *ftwbuf)
+{
+ if (tflag == FTW_F)
+ unlink(fpath);
+ else if (tflag == FTW_DP && ftwbuf->level != 0)
+ rmdir(fpath);
+
+ return 0;
+}
+
+/**
+ * This function should be called at the begining of every SS test, so all the tests
+ * are independent of each other.
+ */
+int reset_security_server()
+{
+ const char* path = "/opt/data/security-server/";
+ const int max_descriptors = 10; //max number of open file descriptors by nftw function
+
+ // Clear /opt/data/security-server/ directory
+ if (access(path, F_OK) == 0) {
+ if (nftw(path, &nftw_rmdir_contents, max_descriptors, FTW_DEPTH) == -1) {
+ return 1;
+ }
+ sync();
+ }
+
+ restart_security_server();
+ auto control = CKM::Control::create();
+
+ if (!!control) {
+ control->lockUserKey(5000);
+ control->removeUserData(5000);
+ control->unlockUserKey(5000, "");
+ }
+
+ return 0;
+}
+
--- /dev/null
+/*
+ * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ */
+/*
+ * @file security_server_tests_clean_env.cpp
+ * @author Zbigniew Jasinski (z.jasinski@samsung.com)
+ * @version 1.0
+ * @brief Functions to prepare clean env for tests.
+ *
+ */
+#pragma once
+
+#include <ftw.h>
+#include <unistd.h>
+
+#include <ckm/ckm-control.h>
+
+int restart_security_server();
+int reset_security_server();
+
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDljCCAn6gAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwZjELMAkGA1UEBhMCQVUx
+EzARBgNVBAgMClNvbWUtU3RhdGUxDTALBgNVBAoMBEFDTUUxEDAOBgNVBAsMB1Rl
+c3RpbmcxITAfBgNVBAMMGFRlc3Qgcm9vdCBjYSBjZXJ0aWZpY2F0ZTAeFw0xNTAx
+MTYxNjQ1MzRaFw0zNTAxMTExNjQ1MzRaMGQxCzAJBgNVBAYTAkFVMRMwEQYDVQQI
+DApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMR8w
+HQYDVQQDDBZUZXN0IElNIENBIGNlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAzmBF78qClgoKfnLAncMXZwZ14TW+5kags1+QCYeg3c7j
+L9+RvDxIaX2tKf1sukJcwQfYqUlQkwt+58LMOb2ORtkpj8Or6WCWCZ0BzneT8ug7
+nxJT4m9+bohMF0JoKjjB2H4KNMHamLIwUxRKt6nyfk81kVhJOi2vzzxd+UCPi6Pc
+UAbJNH48eNgOIg55nyFovVzYj8GIo/9GvHJj83PPa/KlJZ+Z1qZASZZ/VYorplVT
+thsHXKfejhFy5YJ9t7n/vyAQsyBsagZsvX19xnH41fbYXHKf8UbXG23rNaZlchs6
+XJVLQdzOpj3WTj/lCocVHqLaZISLhNQ3aI7kUBUdiwIDAQABo1AwTjAdBgNVHQ4E
+FgQUoCYNaCBP4jl/3SYQuK8Ka+6i3QEwHwYDVR0jBBgwFoAUt6pkzFt1PZlfYRL/
+HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAjRzWiD97
+Htv4Kxpm3P+C+xP9AEteCJfO+7p8MWgtWEJOknJyt55zeKS2JwZIq57KcbqD8U7v
+vAUx1ymtUhlFPFd7J1mJ3pou+3aFYmGShYhGHpbrmUwjp7HVP588jrW1NoZVHdMc
+4OgJWFrViXeu9+maIcekjMB/+9Y0dUgQuK5ZuT5H/Jwet7Th/o9uufTUZjBzRvrB
+pbXgQpqgME2av4Q/6LuldPCTHLtWXgFUU2R+yCGmuGilvhFJnKoQryAbYnIQNWE8
+SLoHQ9s1i7Zyb7HU6UAaqMOz15LBkyAqtNyJcO2p7Q/p5YK0xfD4xisI5qXucqVm
+F2obL5qJSTN/RQ==
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIICqTCCAZECAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
+DTALBgNVBAoMBEFDTUUxEDAOBgNVBAsMB1Rlc3RpbmcxHzAdBgNVBAMMFlRlc3Qg
+SU0gQ0EgY2VydGlmaWNhdGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDOYEXvyoKWCgp+csCdwxdnBnXhNb7mRqCzX5AJh6DdzuMv35G8PEhpfa0p/Wy6
+QlzBB9ipSVCTC37nwsw5vY5G2SmPw6vpYJYJnQHOd5Py6DufElPib35uiEwXQmgq
+OMHYfgo0wdqYsjBTFEq3qfJ+TzWRWEk6La/PPF35QI+Lo9xQBsk0fjx42A4iDnmf
+IWi9XNiPwYij/0a8cmPzc89r8qUln5nWpkBJln9ViiumVVO2Gwdcp96OEXLlgn23
+uf+/IBCzIGxqBmy9fX3GcfjV9thccp/xRtcbbes1pmVyGzpclUtB3M6mPdZOP+UK
+hxUeotpkhIuE1DdojuRQFR2LAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAOERz
+vFL+n7sPG3KdkWJFdIYKZvPHCOaJ6mdrNatAF1rHeRayeSgM6PYwQF4DwwKcPLyo
+IUi2B2sxabvKCCBZ9EjIrhG2fC2ocv7VawuQecB9QET6X4sbUcchcBCkGwL7evrZ
+LzWSs9lBr8wwkPdHwvujup5VTZ7+VYs1lVt38CrFERrAlY03v5VDwN1B1JUCqcDf
+wh69OJNPDgx7Y09GJLoRBfdXSpSVGznDmSB+VRCGb/JsiWAB+qtse1cN4Iwihx8I
++hhfRFLsxBKo/iYncuovPY0riRYBJsop6g/hLqn6kXIhzNnaApKhpwxpmN1cO5N6
+hnsAlvR2v9u2bFMILQ==
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAzmBF78qClgoKfnLAncMXZwZ14TW+5kags1+QCYeg3c7jL9+R
+vDxIaX2tKf1sukJcwQfYqUlQkwt+58LMOb2ORtkpj8Or6WCWCZ0BzneT8ug7nxJT
+4m9+bohMF0JoKjjB2H4KNMHamLIwUxRKt6nyfk81kVhJOi2vzzxd+UCPi6PcUAbJ
+NH48eNgOIg55nyFovVzYj8GIo/9GvHJj83PPa/KlJZ+Z1qZASZZ/VYorplVTthsH
+XKfejhFy5YJ9t7n/vyAQsyBsagZsvX19xnH41fbYXHKf8UbXG23rNaZlchs6XJVL
+QdzOpj3WTj/lCocVHqLaZISLhNQ3aI7kUBUdiwIDAQABAoIBAQCLidy/vZV+DVv7
+E2vZP8fbCSs7EzP4T1jo73xcdS/3yaMjA29ubvQnH6qt8YRKjARbIAsGq2OniOZN
+nhCoGdrRXJQVeKAMNBo+dcJ6769BVnS5oZLGT8yUv+Ny9punsKig0NflxA0hoZm7
+EsVSWb50WOpHVAJvK+Trok2H8nccWn6q3od9xSoDszexhGFgo1Q9qFVP/YUfT1Qg
+8ZwRu04JTZEHa9DXIRir10rkvhHTHJ0nb+9FeWd6CsCkOtdWRig3a+Vq+4MK/Yt3
+dstf0D1MQXG2WPaHxPB/DpJBOoU7jj4FxrIaJGPM7qVFnpHwRh0iCKtkGQfarKR6
+JjshtU7BAoGBAPywan5o9ZOD+NnfazglPlFrkBansXG329GP/2ag8+PWOadgin+0
+oyMqB81lBr6yI4ZmM+DgvXkb4yjHb9hGNoWjgttbtjU9eVaXzOg5laOd8nZIhmki
+aH/1yPa0sqmlsAlipUq3nqHKOSeG6pE2dg/R5Yu4TYFj6WV57AbLhxPXAoGBANEU
+guet7XZMAiAJKmEy3pRs22Qs0YcEywX44h09ShPz2OoNYpuSWzS2RgxRbSgs0f25
+ks94lYMNOnm6RMWawRgMPv0Z2Pbwpki6CR72ratvZKqYOoZkCg+UM9pMpvmOd4W3
+ZybxLa/4tJMdpVU4unhJ4v1ZIt2lThnC8d369k1tAoGAVF6rEA4HgPudiVF5wUNe
+LV1WvNm8+5VCBhSoWCIBjN8oXOR1GfK8Ta9o74F94QolpmhVhg5D9T4EeMcuZu36
+omBX/tn+WoRuESWaOyeO+RRxsmDA0DW24pK0SPtIdDBoOJoBSpNImgilULdRdq7S
+eLHCjQY6iqtLcKBm2FX4gf0CgYAW9qfCBmpUWdjJ5/fNoSatKp+WCw4gRDiAOWus
+RnUCZ//lBP9VkueNjI94/uB8Tx/pPB6Rxu607BkGEZ1IDs0ydPXeGp6n0JqS1kv2
+KKW+dIeb7QhQhmBMgbyIN28HbcxW1WPw9QBNmYVLuy/Tgl2IpKTXqpiXu3YugijK
+dqviqQKBgF+L6GJPZkVIA1YSy6E3ph2F6K1kxSamTuSA+48352PJ0QFapes8blVg
+vtnlku41CO383G3qk0zZIpgalE2SeF1p5UO/pT6M9mAmJJMY0iF8jTQkvJa9WUwD
+zxWFEfIgTFlU9PtOnPQZlZELS0nwlRXsGYsWJiwEcMbBrXCQNXXV
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYD
+VQQLDAdUZXN0aW5nMSEwHwYDVQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUw
+HhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcyMTUyWjBmMQswCQYDVQQGEwJBVTET
+MBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQMA4GA1UECwwHVGVz
+dGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC
+9IDE/Yr12w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3da
+eDoV59IZ9r543KM+g8jm6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/W
+rQl1aIdLGFIegAzPGFPXDcU6F192686x54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo
+5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY+Cgw1Yoz+HHv31AllgFs
+BquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQIDAQABo1Aw
+TjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pk
+zFt1PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC
+AQEAld7Qwq0cdzDQ51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBX
+ldvGBG5Tn0vT7xSuhmSgI2/HnBpy9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus
+9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYUwJFQEofkjmd4UpOYSqmcRXhS
+Jzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX77+XYvhodLRsV
+qMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK
+kOg11TpPdNDkhb1J4ZCh2gupDg==
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC9IDE/Yr12w+a9jd0
+s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3daeDoV59IZ9r543KM+
+g8jm6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/WrQl1aIdLGFIegAzP
+GFPXDcU6F192686x54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo5/AH5WZpasv8sfrG
+iiohAxtieoYoJkv5MOYP4/2lPlOY+Cgw1Yoz+HHv31AllgFsBquBb/kJVmCCNsAO
+cnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQIDAQABAoIBAQDNI3YvrrRdfHfJ
+ZG9jp6q/dp/h2nGpeJBZ3XmtMbMpO/7tZwTKhkVXeIaRVJXxhBrCQQ6+KnaQBA9n
+2nbCnmXwqhBKaZy1whBYewbW2er/VPGijB5pG3zwUWPEBcqxPtSluM54ZcDUfKqg
+2kgWorCSnyLRwxzKz4G74qRG+XWsFncEaGSk7upv49LPrNMBrSQaiEy/HsNvR4gd
+viQ7E1RY3Tj9T0DFruv4RU9gIvXagCs+lole1fZDGupD3QBschJWGoNyyes4yjMS
+fWbGWquWMXfsrSi7CuwIrFoOVIErAjlU1m1CJqB+mZMubTOdmOnJMjNQOqXgvhN7
+0z/aKh6xAoGBAPyKYeVZUVC+wbIl3t0QEDtXaPaOnN6IJfMkHGQ+kCw2GjiUl628
+hqdR3eKZgu0nC9o9erlvOm3ItfKWMHrTtwE66ON1uFmGY1IzEEbgmHmiVtFdgk/C
+QVxIVz7ht66raqZ3ES0FMaFJvvQw3fT3pa7hCr0XA5xyfOBd99ylRhnlAoGBANMc
+peBk2HO29JPw+vcUeLJv4g4/EoE1gEWzUy8BKnqqP4vvh7hCMUuo+1U7IOy2MKXd
+TuXJ5tcuGSIfi02ID2darSlE2jZcYwahn4RTvYttfKksBw2ulf52g62Ig8vG4nkf
+sAOs9EOdRCyCVDomXxt4Oi+NFd0Wks5Rec9T3PwlAoGAexLpwL81rNc6SJrCMRP6
+BSGFStuXwa+yZvtLRuNimdlIEBkCjq4ZJYP1UdCkiPUFhrd9js+RNx2g5nehasqx
+Hk1aYDfnvuGKl+3A2fns9SJTkzcyIbK27cVnl4KjZOGvWS8f1MP6OvNYt2L1WMQ0
+H7UW6a5EmUMGbsX83LBDKK0CgYBXKgXm/1xLcqfLCX1lVMN80SshvLL0PFXI8YCP
+8MhMO0zfhzefQV0/Ivcaur4eXh757MUtpU41XCguaZ3Hljzd7JeAaZg7R6vvSf4l
+0bl5/uuwoagL4yC1HtPBa5MXKPfLEOVIrzlvTVifk/QYyk0Md3h2t6bmUPKuUv+b
+NcIRLQKBgQCQ56ygXw/DgrTk+QC+prA11UVUy5EYWSifhQZGRRZ/IOxjzVZ9NQf6
+lKxLg9QHQ3/FOk01pk3m2K8wz+bucCxJgXf38wIpJp9t9DWgnjrJqB2xw4tMzFvL
+AnBVXNYND8vdi51tIaziFuOgW81SroZFoX5XBv8wPv/HZT2KqxAMmg==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+-----BEGIN CERTIFICATE-----
+MIIDOzCCAiMCAQEwDQYJKoZIhvcNAQEFBQAwZDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgMClNvbWUtU3RhdGUxDTALBgNVBAoMBEFDTUUxEDAOBgNVBAsMB1Rlc3Rpbmcx
+HzAdBgNVBAMMFlRlc3QgSU0gQ0EgY2VydGlmaWNhdGUwHhcNMTUwMTE2MTY0ODE0
+WhcNMzUwMTExMTY0ODE0WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1T
+dGF0ZTENMAsGA1UECgwEQUNNRTEQMA4GA1UECwwHVGVzdGluZzEeMBwGA1UEAwwV
+VGVzdCBsZWFmIGNlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAzTdDIa2tDmRxFnIgiG+mBz8GoSVODs0ImNQGbqj+pLhBOFRH8fsah4Jl
+z5YF9KwhMVLknnHGFLE/Nb7Ac35kEzhMQMpTRxohW83oxw3eZ8zN/FBoKqg4qHRq
+QR8kS10YXTgrBR0ex/Vp+OUKEw6h7yL2r4Tpvrn9/qHwsxtLxqWbDIVf1O9b1Lfc
+bllYMdmV5E62yN5tcwrDP8gvHjFnVeLzrG8wTpc9FR90/0Jkfp5jAJcArOBLrT0E
+4VRqs+4HuwT8jAwFAmNnc7IYX5qSjtSWkmmHe73K/lzB+OiI0JEc/3eWUTWqwTSk
+4tNCiQGBKJ39LXPTBBJdzmxVH7CUDQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQAp
+UdDOGu3hNiG+Vn10aQ6B1ZmOj3t+45gUV3sC+y8hB8EK1g4P5Ke9bVDts0T5eOnj
+CSc+6VoND5O4adI0IFFRFljHNVnvjeosHfUZNnowsmA2ptQBtC1g5ZKRvKXlkC5/
+i5BGgRqPFA7y9WB9Y05MrJHf3E+Oz/RBsLeeNiNN+rF5X1vYExvGHpo0M0zS0ze9
+HtC0aOy8ocsTrQkf3ceHTAXx2i8ftoSSD4klojtWFpWMrNQa52F7wB9nU6FfKRuF
+Zj/T1JkYXKkEwZU6nAR2jdZp3EP9xj3o15V/tyFcXHx6l8NTxn4cJb+Xe4VquQJz
+6ON7PVe0ABN/AlwVQiFE
+-----END CERTIFICATE-----
--- /dev/null
+-----BEGIN CERTIFICATE REQUEST-----
+MIICqDCCAZACAQAwYzELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
+DTALBgNVBAoMBEFDTUUxEDAOBgNVBAsMB1Rlc3RpbmcxHjAcBgNVBAMMFVRlc3Qg
+bGVhZiBjZXJ0aWZpY2F0ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AM03QyGtrQ5kcRZyIIhvpgc/BqElTg7NCJjUBm6o/qS4QThUR/H7GoeCZc+WBfSs
+ITFS5J5xxhSxPzW+wHN+ZBM4TEDKU0caIVvN6McN3mfMzfxQaCqoOKh0akEfJEtd
+GF04KwUdHsf1afjlChMOoe8i9q+E6b65/f6h8LMbS8almwyFX9TvW9S33G5ZWDHZ
+leROtsjebXMKwz/ILx4xZ1Xi86xvME6XPRUfdP9CZH6eYwCXAKzgS609BOFUarPu
+B7sE/IwMBQJjZ3OyGF+ako7UlpJph3u9yv5cwfjoiNCRHP93llE1qsE0pOLTQokB
+gSid/S1z0wQSXc5sVR+wlA0CAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQAI0DmU
+6E9XSs42wVqzKghvjuGwXH+SHIxSTQVaoXzMbFnsCPrt9F9FGTKjRq2IRBHb2yq/
+S+kW3ptSteKrqLzABxaQ8aCt//Xm/hYnpeJZV4WuDr2TWpEfT0U955iGRAOqpOzi
+E19J9h7F/+cX1FzVdP86mHhwQERTPWGg8jiwEPuApe3APmNBYlu7K4zMa2IB/LKh
+cItzpqi8sJ0wmGQrdRVHgNyBc7TC2IkyCVl5eJiD+gmQEOuy6agAVggWM9yQQlNg
+5WkqBDegPG/pLOxFvDtaV2SlxSuFAXKDoyRPeRC21w6pYEtc7aXzpgBWgcv2R0pT
+NrWNXibZ7aLImIhW
+-----END CERTIFICATE REQUEST-----
--- /dev/null
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAzTdDIa2tDmRxFnIgiG+mBz8GoSVODs0ImNQGbqj+pLhBOFRH
+8fsah4Jlz5YF9KwhMVLknnHGFLE/Nb7Ac35kEzhMQMpTRxohW83oxw3eZ8zN/FBo
+Kqg4qHRqQR8kS10YXTgrBR0ex/Vp+OUKEw6h7yL2r4Tpvrn9/qHwsxtLxqWbDIVf
+1O9b1LfcbllYMdmV5E62yN5tcwrDP8gvHjFnVeLzrG8wTpc9FR90/0Jkfp5jAJcA
+rOBLrT0E4VRqs+4HuwT8jAwFAmNnc7IYX5qSjtSWkmmHe73K/lzB+OiI0JEc/3eW
+UTWqwTSk4tNCiQGBKJ39LXPTBBJdzmxVH7CUDQIDAQABAoIBAQCTBhmhglVu70Ua
+KK/oL91KabwtLZXsArc7DwSAubCegKexXKii1B0goqqge8JOlhe9x76lSav5XTeF
+IOGunQnDv1zaOlpJoY3uwOoZ2nTR9yhIsa6/iP/2qFkLyOzu1YbEGp6vrjpEVi4T
+NLzwBFa+BlWoUFhK3eP8TzcsiszSRr8/vbvlRFzDyq4+YqLsAHpGsvaIZHScU3iG
+AjtCCCpV9HNW3TAAhGq9j/x3YPqt6edrsK1taR+dbLIeGoMnmMReaxgaKd7wWZCr
+dbvngGtpgyEXjONkXVpAcZrD2AaWoGWHjoik+14T4K2QU4OW8jQ2h2uljQa2JXDu
++LMaTKCBAoGBAP6MPqMfcMmf4bYAhrgeZMwSq1F7ubBPu/YyOYiCF6J259jcdxjY
+HfdwtDeoNGKCwE8S8BMXMs33tlL8/AcVdYwbIMVmk6ZXmyFDAyUGB/fGq+QkFCwJ
+yVHb75uuiPpn8euIwg+Y9NBDQYt59oJI9TyCjNPy6Xd612u6AXBcFU1hAoGBAM5i
++HM6lSuqNdp77awbDIzuuu/zTRzgF4bbodjGSxwn1cx7xb2iCPWiykiD5EU3XWWv
+68i15yud6ooIFjxGYP6oYjFIpfjRU7n+/UJpbnkTjMUbUqc4IpiP+ruU9hoMZZ3S
+ey+bLSYQfy6Jf8YnCLkroKtGsgFF30gi0EL6qjotAoGAFTPzZ70PtQvHTlS+5AlM
+Fh+b+56VuhT6MCjA2BkWBOdoqoy6suwVmu3dZSFys532jN+j9cMh7TwsCL+f8qsb
+7n63/RltRRbZCi09ztCwyzfWS5uhvoVWKqZqUAp6yHjuEtOCbrAr/EkN5aNUIEgZ
+fV/WgTUjs1sdJJEK26Qf9iECgYB2HmabbDfbmbrgpHTOP1zbe/Y5RkIn+Ij+gc0L
+R9HM92+BbIUrlwURsG2dOv72Lk2h2SFU6ea4K9UD0sUHEjCJDs3D7xQuZ39HwAwq
+ajTzzqCOXqjbU2FZd23E1ehT2CyAOuqNwH4CfwaLF96tBcIUWEfIPtm5qMe1fVc8
+PkIWsQKBgQCiwgARCIHhzXUoAY8U0k4Ng8cTj2ykISTf9HKXyKoInhBbuHRDvYsU
+oCPi8eYvz4Vwmwcf938CdtLAd5XHCMmTQ+96Xjt/QgJrkA3n04hWsgTMQM2E9QMv
+cxv8UfypFUzhMkUfj4b3EsaTHOxJVS3Ml5m8+YJdncKoZnz8lBKALA==
+-----END RSA PRIVATE KEY-----
--- /dev/null
+#include <netdb.h>
+
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+
+#include <tests_common.h>
+#include <test-certs.h>
+#include <access_provider2.h>
+
+#include <ckm-common.h>
+#include <ckm/ckm-manager.h>
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-password.h>
+#include <ckm/ckm-type.h>
+#include <ckm/ckm-pkcs12.h>
+
+#include <fstream>
+
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
+
+#include <dpl/log/log.h>
+
+namespace {
+const int USER_APP = 5000;
+const int GROUP_APP = 5000;
+const int USER_TEST = 5001;
+
+const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
+const CKM::AliasVector EMPTY_ALIAS_VECTOR;
+} // namespace anonymous
+
+/*
+ * How to numerate tests:
+ * TABCD_NAME
+ * T - test case (always T)
+ * AB - number of test group (always two digits)
+ * C - test number in group (all tests with same TABC must be run in the same time).
+ * D - subtest.
+ */
+
+RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
+RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
+ stop_service(MANAGER);
+ start_service(MANAGER);
+
+ std::ifstream is("/usr/share/ckm-test/pkcs.p12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ // all further tests will start with newly started service,
+ // OpenSSL on the service side will have to be properly initialized too
+ stop_service(MANAGER);
+ start_service(MANAGER);
+}
+
+RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
+
+RUNNER_TEST(T0011_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ control->removeUserData(0);
+ control->removeUserData(20);
+ control->removeUserData(USER_APP);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0012_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0013_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0014_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(14)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(14)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0015_Control)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(20)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T0016_Control_negative_wrong_password)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(20)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
+
+RUNNER_TEST(T1010_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1011_key)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::KeyShPtr key2;
+ CKM::Alias alias = "mykey";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ key->getDER() == key2->getDER(),
+ "Key value has been changed by service");
+}
+
+RUNNER_TEST(T1012_certificate)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ auto cert = TestData::getTestCertificate(TestData::GIAG2);
+ CKM::CertificateShPtr cert2;
+ CKM::Alias alias = "myCert";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ cert->getDER() == cert2->getDER(),
+ "Data has been modified in key manager");
+}
+
+RUNNER_CHILD_TEST(T1013_user_app_save_key)
+{
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ int temp;
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::KeyShPtr key2;
+ CKM::Alias alias = "mykey";
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ key->getDER() == key2->getDER(), "Key value has been changed by service");
+}
+
+RUNNER_TEST(T1014_save_with_label)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::KeyShPtr key_name, key_full_addr;
+ CKM::Alias alias = "mykey-2";
+ CharPtr top_label = get_label();
+ std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ // lookup by name
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ key->getDER() == key_name->getDER(),
+ "Key value has been changed by service");
+
+ // lookup by full address
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ key->getDER() == key_full_addr->getDER(),
+ "Key value has been changed by service");
+}
+
+RUNNER_TEST(T1015_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
+
+RUNNER_TEST(T1020_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1021_save_keys_get_alias)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::AliasVector labelAliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ labelAliasVector.size() == 3,
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+}
+
+RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
+{
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::AliasVector labelAliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ labelAliasVector.size() == 3,
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+}
+
+RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
+{
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer, CKM::Password());
+ CKM::AliasVector aliasVector;
+ CKM::Policy notExportable(CKM::Password(), false);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1029_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
+
+RUNNER_TEST(T1030_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1031_save_get_bin_data)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData1 = "My bin data1";
+ std::string binData2 = "My bin data2";
+ std::string binData3 = "My bin data3";
+
+ CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
+ CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
+ CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
+
+ CKM::AliasVector labelAliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ labelAliasVector.size() == 3,
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ buffer == buffer2,
+ "Data corrupted");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
+ "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
+{
+ AccessProvider ap("mylabel");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData = "My bin data";
+
+ CKM::RawBuffer buffer(binData.begin(), binData.end());
+
+ CKM::AliasVector labelAliasVector;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ labelAliasVector.size() == 3,
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
+}
+
+RUNNER_TEST(T1033_remove_bin_data)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData2 = "My bin data2";
+ CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
+
+ CKM::AliasVector labelAliasVector;
+
+ std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ labelAliasVector.size() == 1,
+ "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ buffer == buffer2,
+ "Data corrupted");
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1034_getData_wrong_password)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string binData1 = "My bin data4";
+
+ CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::RawBuffer buffer;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ buffer == buffer1,
+ "Data corrupted");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1035_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
+
+RUNNER_TEST(T1040_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T1041_create_rsa_key)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::AliasVector av;
+
+ AccessProvider ap("mylabel-rsa");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 2 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 2");
+}
+
+RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::AliasVector av;
+
+ AccessProvider ap("mylabel-rsa");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T1043_create_dsa_key)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::AliasVector av;
+
+ AccessProvider ap("mylabel-dsa");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 2 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 2");
+}
+
+RUNNER_TEST(T1049_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
+
+RUNNER_TEST(T1110_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1111_CreateKeyPairRSA)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::Alias a1("rsa-test-1");
+ CKM::Alias a2("rsa-test-2");
+ CKM::Policy p1;
+ CKM::Policy p2;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1112_CreateKeyPairDSA)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::Alias a1("dsa-test-1");
+ CKM::Alias a2("dsa-test-2");
+ CKM::Policy p1;
+ CKM::Policy p2;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1113_CreateKeyPairECDSA)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::Alias a1("ecdsa-test-1");
+ CKM::Alias a2("ecdsa-test-2");
+ CKM::Policy p1;
+ CKM::Policy p2;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1114_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
+
+RUNNER_TEST(T12100_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12101_key_exist)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "rsa-alias-duplication";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+/*
+ * These test cases tests API when empty parameters are passed to functions
+ */
+
+RUNNER_TEST(T12102_saveKey_empty_alias)
+{
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias; //alias is not initialized
+
+ int ret;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12103_saveKey_foreign_label)
+{
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "iamsomebodyelse alias";
+
+ int ret;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12104_saveKey_empty_key)
+{
+ CKM::KeyShPtr key; //key is not initialized
+ CKM::Alias alias = "empty-key";
+
+ int ret;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12105_saveCertificate_empty_alias)
+{
+ auto cert = TestData::getTestCertificate(TestData::GIAG2);
+ CKM::Alias alias; //alias is not initialized
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12106_saveCertificate_foreign_label)
+{
+ auto cert = TestData::getTestCertificate(TestData::GIAG2);
+ CKM::Alias alias = "iamsomebodyelse alias";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12107_saveCertificate_empty_cert)
+{
+ CKM::CertificateShPtr cert; //cert is not initialized
+ CKM::Alias alias = "empty-cert";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12108_saveData_empty_alias)
+{
+ std::string testData = "test data test data test data";
+ CKM::RawBuffer buffer(testData.begin(), testData.end());
+ CKM::Alias alias;
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12109_saveData_foreign_label)
+{
+ std::string testData = "test data test data test data";
+ CKM::RawBuffer buffer(testData.begin(), testData.end());
+ CKM::Alias alias = "iamsomebodyelse alias";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12110_saveData_empty_data)
+{
+ CKM::RawBuffer buffer;
+ CKM::Alias alias = "empty-data";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+/*
+ * These test cases tests API when trying to get data from not existing alias
+ */
+
+RUNNER_TEST(T12111_getKey_alias_not_exist)
+{
+ CKM::KeyShPtr key;
+ CKM::Alias alias = "this-alias-not-exist";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12112_getCertificate_alias_not_exist)
+{
+ CKM::CertificateShPtr certificate;
+ CKM::Alias alias = "this-alias-not-exist";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12113_getData_alias_not_exist)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ CKM::RawBuffer buffer;
+ CKM::Alias alias("some alias");
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+/*
+ * These test cases tests API when damaged keys are used
+ */
+RUNNER_TEST(T12114_rsa_key_damaged)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "damaged-rsa";
+
+ RUNNER_ASSERT_MSG(
+ NULL == key.get(), "Key is broken. It should be empty");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12115_rsa_key_too_short)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "short-rsa";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12116_dsa_key_too_short)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
+ "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
+ //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
+ "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
+ //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
+ "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
+ "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
+ "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
+ "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
+ "YMYCBhubtrVaLmc=\n"
+ "-----END PUBLIC KEY-----";
+
+ CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
+ auto key = CKM::Key::create(buffer);
+ CKM::Alias alias = "short-dsa";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+
+/*
+ * These test cases tests CKM service if malicious data is provided over the socket.
+ */
+
+RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
+{
+ int ret;
+ auto manager = CKM::Manager::create();
+
+ // fake the client - let the service detect the problem
+ class WrongKeyImpl : public CKM::Key
+ {
+ public:
+ WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
+ }
+
+ virtual bool empty() const {
+ return false;
+ }
+
+ virtual CKM::KeyType getType() const {
+ return CKM::KeyType::KEY_RSA_PUBLIC;
+ }
+ virtual int getSize() const {
+ return 1024;
+ }
+ virtual CKM::ElipticCurve getCurve() const {
+ return CKM::ElipticCurve::prime192v1;
+ }
+ virtual CKM::RawBuffer getDER() const {
+ return m_dummy;
+ }
+ virtual ~WrongKeyImpl() {}
+ private:
+ CKM::RawBuffer & m_dummy;
+ };
+ std::string dummyData = "my_cat_Berta\n";
+ CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
+ auto key = std::make_shared<WrongKeyImpl>(buffer);
+ CKM::Alias alias = "damaged-rsa";
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
+{
+ // fake the client - let the service detect the problem
+ class WrongCertImpl : public CKM::Certificate
+ {
+ public:
+ WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
+ m_x509 = X509_new();
+ }
+
+ bool empty() const {
+ return false;
+ }
+
+ virtual X509 *getX509() const {
+ return m_x509;
+ }
+
+ virtual CKM::RawBuffer getDER() const {
+ return m_dummy;
+ }
+
+ virtual ~WrongCertImpl() {
+ X509_free(m_x509);
+ }
+ private:
+ X509* m_x509;
+ CKM::RawBuffer & m_dummy;
+ };
+ std::string dummyData = "my_cat_Stefan\n";
+ CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
+ auto cert = std::make_shared<WrongCertImpl>(buffer);
+ CKM::Alias alias = "damaged-cert";
+
+ int temp;
+ auto manager = CKM::Manager::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T12119_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
+
+RUNNER_TEST(T1311_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(time(0) > 1405343457,
+ "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
+
+ struct hostent* he = gethostbyname("google.com");
+
+ RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
+ "is not woking on the device. OCSP tests requires network access!");
+}
+
+RUNNER_TEST(T1312_get_chain)
+{
+ auto cert = TestData::getTestCertificate(TestData::MBANK);
+ auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
+
+ CKM::CertificateShPtrVector certVector = {cert1};
+ CKM::CertificateShPtrVector certChain;
+
+ int tmp;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
+
+ tmp = manager->getCertificateChain(cert,
+ EMPTY_CERT_VECTOR,
+ EMPTY_CERT_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 0 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 3 == certChain.size(),
+ "Wrong size of certificate chain.");
+}
+
+RUNNER_TEST(T1313_get_chain_with_alias)
+{
+ auto cert = TestData::getTestCertificate(TestData::MBANK);
+ auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
+
+ CKM::CertificateShPtrVector certChain;
+ CKM::AliasVector aliasVector;
+ CKM::Alias alias("imcert");
+ CharPtr top_label = get_label();
+ std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
+
+ int tmp;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
+
+ tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 0 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ aliasVector.push_back(full_address);
+
+ tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 3 == certChain.size(),
+ "Wrong size of certificate chain.");
+}
+
+RUNNER_TEST(T1314_ocsp_check)
+{
+ RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
+
+ auto cert = TestData::getTestCertificate(TestData::MBANK);
+ auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
+ CKM::CertificateShPtrVector certVector = {cert1};
+ CKM::CertificateShPtrVector certChain;
+
+ int tmp;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
+ RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
+
+ tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 0 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 3 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ int status;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
+}
+
+RUNNER_TEST(T1315_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
+
+RUNNER_TEST(T1411_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1412_rsa_key_create_verify)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "Proc-Type: 4,ENCRYPTED\n"
+ "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
+ "\n"
+ "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
+ "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
+ "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
+ "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
+ "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
+ "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
+ "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
+ "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
+ "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
+ "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
+ "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
+ "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
+ "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
+ "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
+ "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
+ "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
+ "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
+ "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
+ "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
+ "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
+ "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
+ "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
+ "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
+ "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
+ "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub1";
+ CKM::Alias aliasPrv = "prv1";
+ CKM::Password password = "1234";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
+
+ RUNNER_ASSERT_MSG(NULL != keyPub.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1413_dsa_key_create_verify)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
+ "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
+ "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
+ "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
+ "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
+ "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
+ "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
+ "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
+ "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
+ "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
+ "u1roOuaPY+Hl19BlTE2qdw==\n"
+ "-----END DSA PRIVATE KEY-----";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
+ "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
+ "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
+ "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
+ "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
+ "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
+ "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
+ "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
+ "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
+ "YMYCBhubtrVaLmc=\n"
+ "-----END PUBLIC KEY-----";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub2";
+ CKM::Alias aliasPrv = "prv2";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
+
+ RUNNER_ASSERT_MSG(NULL != keyPub.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+
+RUNNER_TEST(T1414_ec_key_create_verify)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
+ "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
+ "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
+ "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
+ "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END PUBLIC KEY-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "ecpub2";
+ CKM::Alias aliasPrv = "ecprv2";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != keyPub.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1415_rsa_key_create_verify_negative)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ std::string message = "message asdfaslkdfjlksadjf test";
+
+ CKM::Alias aliasPub = "pub1";
+ CKM::Alias aliasPrv = "prv1";
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1416_dsa_key_create_verify_negative)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ std::string message = "message asdfaslkdfjlksadjf test";
+
+ CKM::Alias aliasPub = "pub2";
+ CKM::Alias aliasPrv = "prv2";
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
+ "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
+ "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
+ "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
+ "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
+ "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
+ "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
+ "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
+ "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
+ "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
+ "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
+ "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
+ "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
+ "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
+ "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
+ "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
+ "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
+ "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
+ "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
+ "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
+ "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
+ "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
+ "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
+ "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
+ "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
+ "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub1-cert";
+ CKM::Alias aliasPrv = "prv1-cert";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ const std::string pub = "-----BEGIN CERTIFICATE-----\n"
+ "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
+ "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
+ "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
+ "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
+ "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
+ "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
+ "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
+ "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
+ "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
+ "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
+ "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
+ "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
+ "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
+ "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
+ "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
+ "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
+ "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
+ "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
+ "-----END CERTIFICATE-----\n";
+
+ const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
+ "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
+ "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
+ "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
+ "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
+ "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
+ "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
+ "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
+ "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
+ "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
+ "vonbjii3BYe4AIdkzOvp\n"
+ "-----END DSA PRIVATE KEY-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub2-cert";
+ CKM::Alias aliasPrv = "prv2-cert";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv =
+ "-----BEGIN EC PRIVATE KEY-----\n"
+ "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
+ "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
+ "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
+ "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
+ "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
+ "ELyhe7yPCAuOoLZlTLgf\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string pub =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
+ "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
+ "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
+ "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
+ "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
+ "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
+ "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
+ "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
+ "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
+ "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
+ "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
+ "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
+ "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
+ "Q1oBry6NEc+lLFmWMDesAA==\n"
+ "-----END CERTIFICATE-----\n";
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "pub3";
+ CKM::Alias aliasPrv = "prv3";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1420_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
+
+RUNNER_TEST(T14180_init)
+{
+ int temp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
+ "Error=" << CKM::ErrorToString(temp));
+
+ auto manager = CKM::Manager::create();
+
+ // Prepare RSA Key Pair
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "Proc-Type: 4,ENCRYPTED\n"
+ "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
+ "\n"
+ "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
+ "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
+ "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
+ "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
+ "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
+ "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
+ "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
+ "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
+ "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
+ "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
+ "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
+ "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
+ "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
+ "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
+ "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
+ "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
+ "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
+ "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
+ "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
+ "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
+ "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
+ "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
+ "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
+ "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
+ "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string pub = "-----BEGIN PUBLIC KEY-----\n"
+ "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
+ "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
+ "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
+ "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
+ "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
+ "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
+ "zQIDAQAB\n"
+ "-----END PUBLIC KEY-----\n";
+
+ CKM::Alias aliasPub = "pub_nohash1";
+ CKM::Alias aliasPrv = "prv_nohash1";
+ CKM::Password password = "1234";
+
+ auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
+
+ RUNNER_ASSERT_MSG(NULL != keyPub.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ // Prepare ECDSA Key Pair
+ std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
+ "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
+ "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
+ "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END EC PRIVATE KEY-----\n";
+
+ std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
+ "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
+ "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
+ "-----END PUBLIC KEY-----\n";
+
+ CKM::Alias aliasEcPub = "ecpub_nohash1";
+ CKM::Alias aliasEcPrv = "ecprv_nohash1";
+
+ auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
+ auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
+
+ RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
+ "Key is empty. Failed to import public key.");
+ RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+
+RUNNER_TEST(T14181_rsa_create_signatue_nohash)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ std::string message = "message asdfaslkdfjlksadjf test";
+
+ CKM::Alias aliasPub = "pub_nohash1";
+ CKM::Alias aliasPrv = "prv_nohash1";
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ std::string message = "message asdfaslkdfjlksadjf test";
+
+ CKM::Alias aliasPub = "pub_nohash1";
+ CKM::Alias aliasPrv = "prv_nohash1";
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+ std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+ "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
+
+ CKM::Alias aliasPub = "pub_nohash1";
+ CKM::Alias aliasPrv = "prv_nohash1";
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+
+RUNNER_TEST(T14184_ec_create_signatue_nohash)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string message = "message test";
+
+ CKM::Alias aliasPub = "ecpub_nohash1";
+ CKM::Alias aliasPrv = "ecprv_nohash1";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
+
+ memcpy((void*)signature.data(), "BROKEN", 6);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ aliasPub,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ int msgSize = 1024*1024;
+ char big_msg[msgSize];
+ for(int i =0; i<msgSize-1; i++) {
+ big_msg[i] = 'a';
+ }
+ big_msg[msgSize-1]=0x00;
+ std::string message(big_msg);
+
+ CKM::Alias aliasPub = "ecpub_nohash1";
+ CKM::Alias aliasPrv = "ecprv_nohash1";
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ aliasPrv,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+
+RUNNER_TEST(T14189_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
+
+RUNNER_CHILD_TEST(T1510_init_unlock_key)
+{
+ int tmp;
+ AccessProvider ap("my-label");
+ ap.allowAPI("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1511_insert_data)
+{
+ AccessProvider ap("my-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
+
+ auto certee = TestData::getTestCertificate(TestData::MBANK);
+ auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
+
+ auto manager = CKM::Manager::create();
+ int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
+ int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
+ "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
+}
+
+RUNNER_CHILD_TEST(T1519_deinit)
+{
+ int tmp;
+ AccessProvider ap("my-label");
+ ap.allowAPI("key-manager::api-control", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+
+RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
+
+RUNNER_TEST(T1701_init_unlock_key)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1702_insert_data)
+{
+ int temp;
+ AccessProvider ap("t170-special-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
+
+ auto certee = TestData::getTestCertificate(TestData::MBANK);
+
+ auto manager = CKM::Manager::create();
+ int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == status1,
+ "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
+
+ CKM::AliasVector av;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 1 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 1");
+}
+
+RUNNER_TEST(T1703_removeApplicationData)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T1704_data_test)
+{
+ int temp;
+ AccessProvider ap("t170-special-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 0 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 0");
+}
+
+RUNNER_TEST(T1705_deinit)
+{
+ int tmp;
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST(T17101_init)
+{
+ int tmp;
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T17102_prep_data_01)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
+
+ CKM::RawBuffer buffer(data.begin(), data.end());
+ CKM::Policy exportable(CKM::Password(), true);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T17103_prep_data_02)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label2");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
+
+ CKM::RawBuffer buffer(data.begin(), data.end());
+ CKM::Policy exportable(CKM::Password(), true);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T17104_prep_data_03)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
+
+ CKM::RawBuffer buffer(data.begin(), data.end());
+ CKM::Policy exportable(CKM::Password(), true);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_CHILD_TEST(T17105_prep_data_04)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label2");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
+
+ CKM::RawBuffer buffer(data.begin(), data.end());
+ CKM::Policy exportable(CKM::Password(), true);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T17106_remove_application)
+{
+ int tmp;
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T17107_check_data_01)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 0 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 0");
+}
+
+RUNNER_CHILD_TEST(T17108_check_data_02)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label2");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 1 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 1");
+}
+
+RUNNER_TEST(T17109_unlock_user2)
+{
+ int tmp;
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_CHILD_TEST(T17110_check_data_03)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 0 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 0");
+}
+
+RUNNER_CHILD_TEST(T17111_check_data_04)
+{
+ int temp;
+ AccessProvider ap("t1706-special-label2");
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
+
+ CKM::AliasVector av;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
+ "Error=" << CKM::ErrorToString(temp));
+ RUNNER_ASSERT_MSG(
+ 1 == (temp = av.size()),
+ "Vector size: " << temp << ". Expected: 1");
+}
+
+RUNNER_TEST(T17112_deinit)
+{
+ int tmp;
+
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST_GROUP_INIT(T180_PKCS12);
+
+namespace
+{
+CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
+CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
+CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
+CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
+CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
+const char *PKCS_PASSWD = "PKCS-pass";
+}
+
+RUNNER_TEST(T1800_init)
+{
+ reset_user_data(0, PKCS_PASSWD);
+}
+
+RUNNER_TEST(T1801_parse_PKCS12) {
+ std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, "secret");
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ auto cert = pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 0 == caVector.size(),
+ "Wrong size of vector");
+}
+
+RUNNER_TEST(T1802_negative_wrong_password) {
+ std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, "error");
+ RUNNER_ASSERT_MSG(
+ NULL == pkcs.get(),
+ "Expected error in PKCS12::create()");
+}
+
+RUNNER_TEST(T1803_negative_broken_buffer) {
+ std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
+ buffer[4]=0;
+
+ auto pkcs = CKM::PKCS12::create(buffer, "secret");
+ RUNNER_ASSERT_MSG(
+ NULL == pkcs.get(),
+ "Expected error in PKCS12::create()");
+}
+
+RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
+{
+ auto manager = CKM::Manager::create();
+ std::ifstream is("/usr/share/ckm-test/pkcs.p12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ // save private key
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
+ "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
+ "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
+ "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
+ "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
+ "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
+ "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
+ "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
+ "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
+ "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
+ "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
+ "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
+ "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string message = "message test";
+
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
+{
+ auto manager = CKM::Manager::create();
+ std::ifstream is("/usr/share/ckm-test/pkcs.p12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ auto cert = pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 2 == caVector.size(),
+ "Wrong size of vector");
+
+ // save to the CKM
+ int tmp;
+ CKM::Policy exportable;
+ CKM::Policy notExportable(CKM::Password(), false);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ // try to lookup key
+ CKM::KeyShPtr key_lookup;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ // try to lookup certificate
+ CKM::CertificateShPtr cert_lookup;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST(T1806_get_PKCS)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ CKM::PKCS12ShPtr pkcs;
+
+ // fail - no entry
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ // fail - not exportable
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ // success - exportable
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ auto cert = pkcs->getCertificate();
+ RUNNER_ASSERT_MSG(
+ NULL != cert.get(),
+ "Error in PKCS12::getCertificate()");
+
+ auto key = pkcs->getKey();
+ RUNNER_ASSERT_MSG(
+ NULL != key.get(),
+ "Error in PKCS12::getKey()");
+
+ auto caVector = pkcs->getCaCertificateShPtrVector();
+ RUNNER_ASSERT_MSG(
+ 2 == caVector.size(),
+ "Wrong size of vector");
+}
+
+RUNNER_TEST(T1807_create_and_verify_signature)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string message = "message test";
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ alias_PKCS_exportable,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ alias_PKCS_exportable,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
+ "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
+ "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
+ "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
+ "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
+ "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
+ "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
+ "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
+ "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
+ "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
+ "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
+ "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
+ "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
+ "-----END RSA PRIVATE KEY-----";
+ std::string message = "message test";
+
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ alias_PKCS_priv_key_copy,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->verifySignature(
+ alias_PKCS_exportable,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
+{
+ int temp;
+ auto manager = CKM::Manager::create();
+
+ std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
+ "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
+ "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
+ "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
+ "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
+ "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
+ "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
+ "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
+ "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
+ "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
+ "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
+ "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
+ "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+ std::string message = "message test";
+
+ auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
+ RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
+ "Key is empty. Failed to import private key.");
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
+ CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
+ CKM::RawBuffer signature;
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->createSignature(
+ alias_PKCS_priv_key_wrong,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ hash,
+ padd,
+ signature)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
+ alias_PKCS_exportable,
+ CKM::Password(),
+ CKM::RawBuffer(message.begin(), message.end()),
+ signature,
+ hash,
+ padd)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1810_verify_get_certificate_chain)
+{
+ // this certificate has been signed using PKCS chain
+ std::string im = "-----BEGIN CERTIFICATE-----\n"
+ "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
+ "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
+ "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
+ "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
+ "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
+ "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
+ "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
+ "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
+ "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
+ "Qw==\n"
+ "-----END CERTIFICATE-----\n";
+
+ auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
+ CKM::CertificateShPtrVector certChain;
+ CKM::AliasVector aliasVector;
+
+ int tmp;
+ auto manager = CKM::Manager::create();
+
+ RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
+
+ tmp = manager->getCertificateChain(cert,
+ EMPTY_ALIAS_VECTOR,
+ EMPTY_ALIAS_VECTOR,
+ true,
+ certChain);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
+ "Error=" << CKM::ErrorToString(tmp));
+
+ RUNNER_ASSERT_MSG(
+ 0 == certChain.size(),
+ "Wrong size of certificate chain.");
+
+ aliasVector.push_back(alias_PKCS_exportable);
+
+ tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
+
+ // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
+ RUNNER_ASSERT_MSG(
+ 4 == certChain.size(),
+ "Wrong size of certificate chain: " << certChain.size());
+}
+
+RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
+{
+ auto manager = CKM::Manager::create();
+ int tmp;
+
+
+ // remove the whole PKCS12 bundles
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ // expect lookup fails due to unknown alias
+ // try to lookup key
+ CKM::KeyShPtr key_lookup;
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+
+ // try to lookup certificate
+ CKM::CertificateShPtr cert_lookup;
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST(T1812_get_pkcs12_password_tests)
+{
+ CKM::Alias alias = "t1812alias1";
+
+ auto manager = CKM::Manager::create();
+ std::ifstream is("/usr/share/ckm-test/pkcs.p12");
+ std::istreambuf_iterator<char> begin(is), end;
+ std::vector<char> buff(begin, end);
+
+ CKM::PKCS12ShPtr pkcs12;
+ CKM::Password pass1 = "easypass1";
+ CKM::Password pass2 = "easypass2";
+
+ CKM::RawBuffer buffer(buff.size());
+ memcpy(buffer.data(), buff.data(), buff.size());
+
+ auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
+ RUNNER_ASSERT_MSG(
+ NULL != pkcs.get(),
+ "Error in PKCS12::create()");
+
+ int temp;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::CertificateShPtr cert;
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
+ "Error=" << CKM::ErrorToString(temp));
+
+ CKM::CertificateShPtrVector certChain;
+ CKM::AliasVector certVect;
+ certVect.push_back(alias);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST(T1813_deinit)
+{
+ int temp;
+ auto control = CKM::Control::create();
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
+ "Error=" << CKM::ErrorToString(temp));
+}
+
+RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
+
+RUNNER_TEST(T1901_init_unlock_key)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST(T1902_get_data)
+{
+ auto manager = CKM::Manager::create();
+ CKM::KeyShPtr ptr;
+
+ int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
+ "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
+}
+
+RUNNER_TEST(T1903_lock_database)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+RUNNER_TEST(T1904_get_data_from_locked_database)
+{
+ auto manager = CKM::Manager::create();
+ CKM::KeyShPtr ptr;
+
+ int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
+
+ RUNNER_ASSERT_MSG(
+ CKM_API_ERROR_DB_LOCKED == status1,
+ "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
+}
+
+RUNNER_TEST(T1905_deinit)
+{
+ int tmp;
+ auto control = CKM::Control::create();
+ RUNNER_ASSERT_MSG(
+ CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
+ "Error=" << CKM::ErrorToString(tmp));
+}
+
+int main(int argc, char *argv[])
+{
+ DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
+ return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+}
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2014 Samsung Electronics Co.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ *
+ * @file password-integration.cpp
+ * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
+ * @version 1.0
+ */
+#include <vector>
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+#include <dpl/log/log.h>
+
+#include <tests_common.h>
+
+#include <ckm/ckm-control.h>
+#include <ckm/ckm-manager.h>
+#include <ckm/ckm-password.h>
+#include <ckm/ckm-type.h>
+
+#include <security-server.h>
+
+#include <access_provider2.h>
+#include <clean-env.h>
+
+CKM::Alias CKM_ALIAS1 = "ALIAS1";
+CKM::Alias CKM_ALIAS2 = "ALIAS2";
+
+CKM::RawBuffer BIN_DATA1 = {'A','B','R','A','C','A','D','A','B','R','A'};
+
+const char * PASSWORD1 = "LongPassword1";
+const char * PASSWORD2 = "LongerPassword2";
+
+static const int USER_APP = 5000;
+
+const unsigned int PASSWORD_RETRY_TIMEOUT_US = 500000;
+
+void dropPrivileges() {
+ static const std::string LABEL1 = "TestLabel1";
+ static const int GROUP_APP = 5000;
+
+ AccessProvider ap(LABEL1);
+ ap.allowAPI("key-manager::api-storage", "rw");
+ ap.applyAndSwithToUser(USER_APP, GROUP_APP);
+}
+
+RUNNER_TEST_GROUP_INIT(T401_SECURITY_SERVER_PASSWORD_INTEGRATION);
+
+RUNNER_TEST(T4010_INIT)
+{
+ reset_security_server();
+ unsigned int attempt, max_attempt, expire_sec;
+
+ int ret = security_server_chk_pwd(NULL, &attempt, &max_attempt, &expire_sec);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
+}
+
+RUNNER_CHILD_TEST(T4011_ADD_DATA)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ int ret = mgr->saveData(CKM_ALIAS1, BIN_DATA1, CKM::Policy());
+ RUNNER_ASSERT_MSG(ret == CKM_API_SUCCESS, "");
+}
+
+RUNNER_TEST(T4012_CLOSE_CKM_DB)
+{
+ auto ctl = CKM::Control::create();
+
+ int ret = ctl->lockUserKey(USER_APP);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_CHILD_TEST(T4013_GET_DATA)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ CKM::RawBuffer buffer;
+
+ // CKM will automaticly unlock with empty password
+ int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T4014_UNLOCK_DATABASE_WITH_SECURITY_SERVER)
+{
+ unsigned int attempt, max_attempt, expire_sec;
+
+ usleep(PASSWORD_RETRY_TIMEOUT_US);
+
+ int ret = security_server_chk_pwd(NULL, &attempt, &max_attempt, &expire_sec);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
+}
+
+RUNNER_CHILD_TEST(T4015_GET_DATA)
+{
+ dropPrivileges();
+ auto mgr = CKM::Manager::create();
+
+ CKM::RawBuffer buffer;
+ int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+
+ RUNNER_ASSERT_MSG(buffer == BIN_DATA1, "Data mismatch");
+}
+
+RUNNER_TEST_GROUP_INIT(T402_SECURITY_SERVER_PASSWORD_INTEGRATION);
+
+RUNNER_TEST(T4020_INIT)
+{
+ reset_security_server();
+
+ int ret = security_server_set_pwd(NULL, PASSWORD1, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
+}
+
+RUNNER_CHILD_TEST(T4021_ADD_DATA)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ int ret = mgr->saveData(CKM_ALIAS1, BIN_DATA1, CKM::Policy());
+ RUNNER_ASSERT_MSG(ret == CKM_API_SUCCESS, "");
+}
+
+RUNNER_TEST(T4022_CLOSE_CKM_DB)
+{
+ unsigned int attempt, max, expire;
+
+ auto ctl = CKM::Control::create();
+
+ int ret = ctl->lockUserKey(USER_APP);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+
+ usleep(PASSWORD_RETRY_TIMEOUT_US);
+
+ // login with current password to get rid of invalid "NULL" DKEK
+ ret = security_server_chk_pwd(PASSWORD1, &attempt, &max, &expire);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error=" << ret);
+
+ ret = ctl->lockUserKey(USER_APP);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_CHILD_TEST(T4023_GET_DATA_NEGATIVE)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ CKM::RawBuffer buffer;
+ int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_DB_LOCKED == ret, "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T4024_UNLOCK_DATABASE_WITH_SECURITY_SERVER)
+{
+ unsigned int attempt, max, expire;
+
+ usleep(PASSWORD_RETRY_TIMEOUT_US);
+ int ret = security_server_chk_pwd(PASSWORD1, &attempt, &max, &expire);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error =" << ret);
+}
+
+RUNNER_CHILD_TEST(T4025_GET_DATA)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ CKM::RawBuffer buffer;
+ int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+
+ RUNNER_ASSERT_MSG(buffer == BIN_DATA1, "Data missmatch");
+}
+
+RUNNER_TEST_GROUP_INIT(T403_SECURITY_SERVER_PASSWORD_INTEGRATION);
+
+RUNNER_TEST(T4030_INIT)
+{
+ reset_security_server();
+
+ int ret = security_server_set_pwd(NULL, PASSWORD1, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
+}
+
+RUNNER_CHILD_TEST(T4031_ADD_DATA)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ int ret = mgr->saveData(CKM_ALIAS1, BIN_DATA1, CKM::Policy());
+ RUNNER_ASSERT_MSG(ret == CKM_API_SUCCESS, "");
+}
+
+RUNNER_TEST(T4032_CLOSE_CKM_DB)
+{
+ unsigned int attempt, max, expire;
+
+ auto ctl = CKM::Control::create();
+
+ int ret = ctl->lockUserKey(USER_APP);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+
+ usleep(PASSWORD_RETRY_TIMEOUT_US);
+
+ // login with current password to get rid of invalid "NULL" DKEK
+ ret = security_server_chk_pwd(PASSWORD1, &attempt, &max, &expire);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error=" << ret);
+
+ ret = ctl->lockUserKey(USER_APP);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_CHILD_TEST(T4033_GET_DATA_NEGATIVE)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ CKM::RawBuffer buffer;
+ int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
+ RUNNER_ASSERT_MSG(CKM_API_ERROR_DB_LOCKED == ret, "Error=" << CKM::ErrorToString(ret));
+}
+
+RUNNER_TEST(T4034_UNLOCK_DATABASE_WITH_SECURITY_SERVER)
+{
+ usleep(PASSWORD_RETRY_TIMEOUT_US);
+
+ int ret = security_server_set_pwd(PASSWORD1, PASSWORD2, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error=" << ret);
+}
+
+RUNNER_CHILD_TEST(T4035_GET_DATA)
+{
+ dropPrivileges();
+
+ auto mgr = CKM::Manager::create();
+
+ CKM::RawBuffer buffer;
+ int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
+ RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
+
+ RUNNER_ASSERT_MSG(buffer == BIN_DATA1, "Data mismatch");
+}
+
+
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file test-certs.cpp
+ * @author Maciej J. Karpiuk (m.karpiuk2@samsung.com)
+ * @version 1.0
+ */
+
+#include <map>
+#include <test-certs.h>
+#include <dpl/test/test_runner.h>
+#include <dpl/test/test_runner_child.h>
+
+using namespace std;
+
+namespace {
+typedef map<TestData::certificateID, pair<string, CKM::CertificateShPtr>> CertMap;
+
+CKM::CertificateShPtr createCert(const string& cert) {
+ CKM::RawBuffer buffer_cert(cert.begin(), cert.end());
+ CKM::CertificateShPtr cptr = CKM::Certificate::create(buffer_cert, CKM::DataFormat::FORM_PEM);
+ return cptr;
+}
+
+CertMap initializeTestCerts()
+{
+ CertMap cm;
+
+ // TEST_ROOT_CA, expires 2035
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNV\n"
+ "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYD\n"
+ "VQQLDAdUZXN0aW5nMSEwHwYDVQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUw\n"
+ "HhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcyMTUyWjBmMQswCQYDVQQGEwJBVTET\n"
+ "MBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQMA4GA1UECwwHVGVz\n"
+ "dGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjANBgkq\n"
+ "hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC\n"
+ "9IDE/Yr12w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3da\n"
+ "eDoV59IZ9r543KM+g8jm6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/W\n"
+ "rQl1aIdLGFIegAzPGFPXDcU6F192686x54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo\n"
+ "5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY+Cgw1Yoz+HHv31AllgFs\n"
+ "BquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQIDAQABo1Aw\n"
+ "TjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pk\n"
+ "zFt1PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOC\n"
+ "AQEAld7Qwq0cdzDQ51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBX\n"
+ "ldvGBG5Tn0vT7xSuhmSgI2/HnBpy9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus\n"
+ "9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYUwJFQEofkjmd4UpOYSqmcRXhS\n"
+ "Jzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX77+XYvhodLRsV\n"
+ "qMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK\n"
+ "kOg11TpPdNDkhb1J4ZCh2gupDg==\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::TEST_ROOT_CA] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // TEST_IM_CA, signed by TEST_ROOT_CA, expires 2035
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIDljCCAn6gAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwZjELMAkGA1UEBhMCQVUx\n"
+ "EzARBgNVBAgMClNvbWUtU3RhdGUxDTALBgNVBAoMBEFDTUUxEDAOBgNVBAsMB1Rl\n"
+ "c3RpbmcxITAfBgNVBAMMGFRlc3Qgcm9vdCBjYSBjZXJ0aWZpY2F0ZTAeFw0xNTAx\n"
+ "MTYxNjQ1MzRaFw0zNTAxMTExNjQ1MzRaMGQxCzAJBgNVBAYTAkFVMRMwEQYDVQQI\n"
+ "DApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMR8w\n"
+ "HQYDVQQDDBZUZXN0IElNIENBIGNlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEF\n"
+ "AAOCAQ8AMIIBCgKCAQEAzmBF78qClgoKfnLAncMXZwZ14TW+5kags1+QCYeg3c7j\n"
+ "L9+RvDxIaX2tKf1sukJcwQfYqUlQkwt+58LMOb2ORtkpj8Or6WCWCZ0BzneT8ug7\n"
+ "nxJT4m9+bohMF0JoKjjB2H4KNMHamLIwUxRKt6nyfk81kVhJOi2vzzxd+UCPi6Pc\n"
+ "UAbJNH48eNgOIg55nyFovVzYj8GIo/9GvHJj83PPa/KlJZ+Z1qZASZZ/VYorplVT\n"
+ "thsHXKfejhFy5YJ9t7n/vyAQsyBsagZsvX19xnH41fbYXHKf8UbXG23rNaZlchs6\n"
+ "XJVLQdzOpj3WTj/lCocVHqLaZISLhNQ3aI7kUBUdiwIDAQABo1AwTjAdBgNVHQ4E\n"
+ "FgQUoCYNaCBP4jl/3SYQuK8Ka+6i3QEwHwYDVR0jBBgwFoAUt6pkzFt1PZlfYRL/\n"
+ "HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAjRzWiD97\n"
+ "Htv4Kxpm3P+C+xP9AEteCJfO+7p8MWgtWEJOknJyt55zeKS2JwZIq57KcbqD8U7v\n"
+ "vAUx1ymtUhlFPFd7J1mJ3pou+3aFYmGShYhGHpbrmUwjp7HVP588jrW1NoZVHdMc\n"
+ "4OgJWFrViXeu9+maIcekjMB/+9Y0dUgQuK5ZuT5H/Jwet7Th/o9uufTUZjBzRvrB\n"
+ "pbXgQpqgME2av4Q/6LuldPCTHLtWXgFUU2R+yCGmuGilvhFJnKoQryAbYnIQNWE8\n"
+ "SLoHQ9s1i7Zyb7HU6UAaqMOz15LBkyAqtNyJcO2p7Q/p5YK0xfD4xisI5qXucqVm\n"
+ "F2obL5qJSTN/RQ==\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::TEST_IM_CA] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // TEST_LEAF, signed by TEST_IM_CA, expires 2035
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIDOzCCAiMCAQEwDQYJKoZIhvcNAQEFBQAwZDELMAkGA1UEBhMCQVUxEzARBgNV\n"
+ "BAgMClNvbWUtU3RhdGUxDTALBgNVBAoMBEFDTUUxEDAOBgNVBAsMB1Rlc3Rpbmcx\n"
+ "HzAdBgNVBAMMFlRlc3QgSU0gQ0EgY2VydGlmaWNhdGUwHhcNMTUwMTE2MTY0ODE0\n"
+ "WhcNMzUwMTExMTY0ODE0WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1T\n"
+ "dGF0ZTENMAsGA1UECgwEQUNNRTEQMA4GA1UECwwHVGVzdGluZzEeMBwGA1UEAwwV\n"
+ "VGVzdCBsZWFmIGNlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
+ "CgKCAQEAzTdDIa2tDmRxFnIgiG+mBz8GoSVODs0ImNQGbqj+pLhBOFRH8fsah4Jl\n"
+ "z5YF9KwhMVLknnHGFLE/Nb7Ac35kEzhMQMpTRxohW83oxw3eZ8zN/FBoKqg4qHRq\n"
+ "QR8kS10YXTgrBR0ex/Vp+OUKEw6h7yL2r4Tpvrn9/qHwsxtLxqWbDIVf1O9b1Lfc\n"
+ "bllYMdmV5E62yN5tcwrDP8gvHjFnVeLzrG8wTpc9FR90/0Jkfp5jAJcArOBLrT0E\n"
+ "4VRqs+4HuwT8jAwFAmNnc7IYX5qSjtSWkmmHe73K/lzB+OiI0JEc/3eWUTWqwTSk\n"
+ "4tNCiQGBKJ39LXPTBBJdzmxVH7CUDQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQAp\n"
+ "UdDOGu3hNiG+Vn10aQ6B1ZmOj3t+45gUV3sC+y8hB8EK1g4P5Ke9bVDts0T5eOnj\n"
+ "CSc+6VoND5O4adI0IFFRFljHNVnvjeosHfUZNnowsmA2ptQBtC1g5ZKRvKXlkC5/\n"
+ "i5BGgRqPFA7y9WB9Y05MrJHf3E+Oz/RBsLeeNiNN+rF5X1vYExvGHpo0M0zS0ze9\n"
+ "HtC0aOy8ocsTrQkf3ceHTAXx2i8ftoSSD4klojtWFpWMrNQa52F7wB9nU6FfKRuF\n"
+ "Zj/T1JkYXKkEwZU6nAR2jdZp3EP9xj3o15V/tyFcXHx6l8NTxn4cJb+Xe4VquQJz\n"
+ "6ON7PVe0ABN/AlwVQiFE\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::TEST_LEAF] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // GIAG2, signed by GEOTRUST, expires 31 Dec 2016
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIID8DCCAtigAwIBAgIDAjp2MA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT\n"
+ "MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i\n"
+ "YWwgQ0EwHhcNMTMwNDA1MTUxNTU1WhcNMTYxMjMxMjM1OTU5WjBJMQswCQYDVQQG\n"
+ "EwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzElMCMGA1UEAxMcR29vZ2xlIEludGVy\n"
+ "bmV0IEF1dGhvcml0eSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
+ "AJwqBHdc2FCROgajguDYUEi8iT/xGXAaiEZ+4I/F8YnOIe5a/mENtzJEiaB0C1NP\n"
+ "VaTOgmKV7utZX8bhBYASxF6UP7xbSDj0U/ck5vuR6RXEz/RTDfRK/J9U3n2+oGtv\n"
+ "h8DQUB8oMANA2ghzUWx//zo8pzcGjr1LEQTrfSTe5vn8MXH7lNVg8y5Kr0LSy+rE\n"
+ "ahqyzFPdFUuLH8gZYR/Nnag+YyuENWllhMgZxUYi+FOVvuOAShDGKuy6lyARxzmZ\n"
+ "EASg8GF6lSWMTlJ14rbtCMoU/M4iarNOz0YDl5cDfsCx3nuvRTPPuj5xt970JSXC\n"
+ "DTWJnZ37DhF5iR43xa+OcmkCAwEAAaOB5zCB5DAfBgNVHSMEGDAWgBTAephojYn7\n"
+ "qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUSt0GFhu89mi1dvWBtrtiGrpagS8wEgYD\n"
+ "VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCig\n"
+ "JoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUF\n"
+ "BwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMBcGA1UdIAQQ\n"
+ "MA4wDAYKKwYBBAHWeQIFATANBgkqhkiG9w0BAQUFAAOCAQEAJ4zP6cc7vsBv6JaE\n"
+ "+5xcXZDkd9uLMmCbZdiFJrW6nx7eZE4fxsggWwmfq6ngCTRFomUlNz1/Wm8gzPn6\n"
+ "8R2PEAwCOsTJAXaWvpv5Fdg50cUDR3a4iowx1mDV5I/b+jzG1Zgo+ByPF5E0y8tS\n"
+ "etH7OiDk4Yax2BgPvtaHZI3FCiVCUe+yOLjgHdDh/Ob0r0a678C/xbQF9ZR1DP6i\n"
+ "vgK66oZb+TWzZvXFjYWhGiN3GhkXVBNgnwvhtJwoKvmuAjRtJZOcgqgXe/GFsNMP\n"
+ "WOH7sf6coaPo/ck/9Ndx3L2MpBngISMjVROPpBYCCX65r+7bU2S9cS+5Oc4wt7S8\n"
+ "VOBHBw==\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::GIAG2] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // MBANK, signed by SYMANTEC, expires 04 Feb 2016
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIGXDCCBUSgAwIBAgIQKJK70TuBw91HAA0BqZSPETANBgkqhkiG9w0BAQsFADB3\n"
+ "MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd\n"
+ "BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVj\n"
+ "IENsYXNzIDMgRVYgU1NMIENBIC0gRzMwHhcNMTUwMTE1MDAwMDAwWhcNMTYwMjA0\n"
+ "MjM1OTU5WjCB5zETMBEGCysGAQQBgjc8AgEDEwJQTDEdMBsGA1UEDxMUUHJpdmF0\n"
+ "ZSBPcmdhbml6YXRpb24xEzARBgNVBAUTCjAwMDAwMjUyMzcxCzAJBgNVBAYTAlBM\n"
+ "MQ8wDQYDVQQRDAYwMC05NTAxFDASBgNVBAgMC21hem93aWVja2llMREwDwYDVQQH\n"
+ "DAhXYXJzemF3YTEWMBQGA1UECQwNU2VuYXRvcnNrYSAxODETMBEGA1UECgwKbUJh\n"
+ "bmsgUy5BLjEOMAwGA1UECwwFbUJhbmsxGDAWBgNVBAMMD29ubGluZS5tYmFuay5w\n"
+ "bDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALsoKHBnIkP1AoHBKPYm\n"
+ "JkCOgvwFeKgrLGDjpte9eVljMGYPkpWv2GtwV2lKAy47fCOOtBGfVR7qp3C3kR06\n"
+ "Eep7tKm0C9/X75wTIAu2ulfdooX89JZ2UfMyBs8q0eyGPbBz42g5FQx3cey+OUjU\n"
+ "aadDwfxfn9UKFABrq/wowkYLIpFejQePmztdNepinOVcbZ4NVrsMCkxHnyYXR+Kh\n"
+ "Tn/UEpX8FEBx9Ra96AbeXY7f6IpPf8IwoAF3lp00R0nigCfuhWF/GrX0+GX8f/vV\n"
+ "dtnNozuBN59tWPmpcTUmpSbDJFMCJbEYwX+cKo8Kq38qOp/c2y7x/Cphuv0hapGp\n"
+ "Q78CAwEAAaOCAnEwggJtMBoGA1UdEQQTMBGCD29ubGluZS5tYmFuay5wbDAJBgNV\n"
+ "HRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB\n"
+ "BQUHAwIwZgYDVR0gBF8wXTBbBgtghkgBhvhFAQcXBjBMMCMGCCsGAQUFBwIBFhdo\n"
+ "dHRwczovL2Quc3ltY2IuY29tL2NwczAlBggrBgEFBQcCAjAZGhdodHRwczovL2Qu\n"
+ "c3ltY2IuY29tL3JwYTAfBgNVHSMEGDAWgBQBWavn3ToLWaZkY9bPIAdX1ZHnajAr\n"
+ "BgNVHR8EJDAiMCCgHqAchhpodHRwOi8vc3Iuc3ltY2IuY29tL3NyLmNybDBXBggr\n"
+ "BgEFBQcBAQRLMEkwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zci5zeW1jZC5jb20wJgYI\n"
+ "KwYBBQUHMAKGGmh0dHA6Ly9zci5zeW1jYi5jb20vc3IuY3J0MIIBBAYKKwYBBAHW\n"
+ "eQIEAgSB9QSB8gDwAHYApLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BAA\n"
+ "AAFK7fScbAAABAMARzBFAiEAuFUfNYF/LMBuKewPE8xTrmye39LyNfBh5roPCaVq\n"
+ "ReQCIEOB7ktB3xu7yd/pHuXSWdXzZpOmVQiMChsoE46TIBryAHYAVhQGmi/XwuzT\n"
+ "9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0AAAFK7fSemAAABAMARzBFAiAaixUME3mn\n"
+ "rmzLb8WpwEfV60cXQ1945LWlLxCL5VVR6wIhAMBCNzFiOMtnLu0oBWHo1RrJxMnf\n"
+ "LbWvlnrdF7yloeAjMA0GCSqGSIb3DQEBCwUAA4IBAQCIvFY/1sEmBKEMlwpJCvHD\n"
+ "U0yx67QDsiJ0Fo4MZmgOUZ1AH/gSKUUy7j6RnQ/e9v5DlKKlWZpUpr5KqaXcOOWq\n"
+ "vSeuWoKVCnjdsVyYJm1zW7Py3Khrkbef53gZjSR+X5gGlRC/WeeDwUxoCm/nJ4S0\n"
+ "SReh+urkTFGUdSPCsD4mQk3zI1wNhE7Amb2mUTIaSLzabnN89hn9jlvQwLH2Wkf2\n"
+ "aFmUlsB1C6YFMqVPRfHuxyPUb2zjw+ll7UStQxuSSTpwBmW1g/dIhtle9+o8i3z2\n"
+ "WJAT38TP3mPw8SUWLbgGyih6bsB6eBxFEM5awP60XXjZfVAmoVLlj9oWYNQrZLwk\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::MBANK] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // SYMANTEC, signed by VERISIGN, expires 30 Oct 2023
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIFKzCCBBOgAwIBAgIQfuFKb2/v8tN/P61lTTratDANBgkqhkiG9w0BAQsFADCB\n"
+ "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
+ "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
+ "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
+ "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
+ "aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB3MQsw\n"
+ "CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV\n"
+ "BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVjIENs\n"
+ "YXNzIDMgRVYgU1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
+ "AoIBAQDYoWV0I+grZOIy1zM3PY71NBZI3U9/hxz4RCMTjvsR2ERaGHGOYBYmkpv9\n"
+ "FwvhcXBC/r/6HMCqo6e1cej/GIP23xAKE2LIPZyn3i4/DNkd5y77Ks7Imn+Hv9hM\n"
+ "BBUyydHMlXGgTihPhNk1++OGb5RT5nKKY2cuvmn2926OnGAE6yn6xEdC0niY4+wL\n"
+ "pZLct5q9gGQrOHw4CVtm9i2VeoayNC6FnpAOX7ddpFFyRnATv2fytqdNFB5suVPu\n"
+ "IxpOjUhVQ0GxiXVqQCjFfd3SbtICGS97JJRL6/EaqZvjI5rq+jOrCiy39GAI3Z8c\n"
+ "zd0tAWaAr7MvKR0juIrhoXAHDDQPAgMBAAGjggFdMIIBWTAvBggrBgEFBQcBAQQj\n"
+ "MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wEgYDVR0TAQH/BAgw\n"
+ "BgEB/wIBADBlBgNVHSAEXjBcMFoGBFUdIAAwUjAmBggrBgEFBQcCARYaaHR0cDov\n"
+ "L3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIwHBoaaHR0cDovL3d3dy5z\n"
+ "eW1hdXRoLmNvbS9ycGEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3MxLnN5bWNi\n"
+ "LmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwx\n"
+ "GjAYBgNVBAMTEVN5bWFudGVjUEtJLTEtNTMzMB0GA1UdDgQWBBQBWavn3ToLWaZk\n"
+ "Y9bPIAdX1ZHnajAfBgNVHSMEGDAWgBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkq\n"
+ "hkiG9w0BAQsFAAOCAQEAQgFVe9AWGl1Y6LubqE3X89frE5SG1n8hC0e8V5uSXU8F\n"
+ "nzikEHzPg74GQ0aNCLxq1xCm+quvL2GoY/Jl339MiBKIT7Np2f8nwAqXkY9W+4nE\n"
+ "qLuSLRtzsMarNvSWbCAI7woeZiRFT2cAQMgHVHQzO6atuyOfZu2iRHA0+w7qAf3P\n"
+ "eHTfp61Vt19N9tY/4IbOJMdCqRMURDVLtt/JYKwMf9mTIUvunORJApjTYHtcvNUw\n"
+ "LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j\n"
+ "2bkPXToHHZGThkspTOHcteHgM52zyzaRS/6htO7w+Q==\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::SYMANTEC] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // GEOTRUST, signed by EQUIFAX, expires 21 Aug 2018
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIDfTCCAuagAwIBAgIDErvmMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT\n"
+ "MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0\n"
+ "aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDIwNTIxMDQwMDAwWhcNMTgwODIxMDQwMDAw\n"
+ "WjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UE\n"
+ "AxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB\n"
+ "CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9m\n"
+ "OSm9BXiLnTjoBbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIu\n"
+ "T8rxh0PBFpVXLVDviS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6c\n"
+ "JmTM386DGXHKTubU1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmR\n"
+ "Cw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5asz\n"
+ "PeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo4HwMIHtMB8GA1UdIwQYMBaAFEjm\n"
+ "aPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrM\n"
+ "TjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA6BgNVHR8EMzAxMC+g\n"
+ "LaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxzL3NlY3VyZWNhLmNybDBO\n"
+ "BgNVHSAERzBFMEMGBFUdIAAwOzA5BggrBgEFBQcCARYtaHR0cHM6Ly93d3cuZ2Vv\n"
+ "dHJ1c3QuY29tL3Jlc291cmNlcy9yZXBvc2l0b3J5MA0GCSqGSIb3DQEBBQUAA4GB\n"
+ "AHbhEm5OSxYShjAGsoEIz/AIx8dxfmbuwu3UOx//8PDITtZDOLC5MH0Y0FWDomrL\n"
+ "NhGc6Ehmo21/uBPUR/6LWlxz/K7ZGzIZOKuXNBSqltLroxwUCEm2u+WR74M26x1W\n"
+ "b8ravHNjkOR/ez4iyz0H7V84dJzjA1BOoa+Y7mHyhD8S\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::GEOTRUST] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // EQUIFAX, (root CA), expires 22 Aug 2018
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJV\n"
+ "UzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2Vy\n"
+ "dGlmaWNhdGUgQXV0aG9yaXR5MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1\n"
+ "MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoTB0VxdWlmYXgxLTArBgNVBAsTJEVx\n"
+ "dWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCBnzANBgkqhkiG9w0B\n"
+ "AQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPRfM6f\n"
+ "BeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+A\n"
+ "cJkVV5MW8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kC\n"
+ "AwEAAaOCAQkwggEFMHAGA1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQ\n"
+ "MA4GA1UEChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlm\n"
+ "aWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoGA1UdEAQTMBGBDzIwMTgw\n"
+ "ODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvSspXXR9gj\n"
+ "IBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQF\n"
+ "MAMBAf8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUA\n"
+ "A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y\n"
+ "7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh\n"
+ "1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::EQUIFAX] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ // GOOGLE_COM, *.google.com - signed by GIAG2, expires 12 May 2015
+ {
+ std::string raw_base64 = std::string(
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIIGxTCCBa2gAwIBAgIIBIsVw6gw3hgwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
+ "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
+ "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwMjExMTI0NzAyWhcNMTUwNTEyMDAwMDAw\n"
+ "WjBmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
+ "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEVMBMGA1UEAwwMKi5n\n"
+ "b29nbGUuY29tMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEmokK6sw/osw7yrkc\n"
+ "rSJZk5FAod6yrCptxyq7AssrJbcTCpuxGbG9Ip6/jR8QP4109kZxadoaZ/0ICOh5\n"
+ "bHx44qOCBF0wggRZMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCCAyYG\n"
+ "A1UdEQSCAx0wggMZggwqLmdvb2dsZS5jb22CDSouYW5kcm9pZC5jb22CFiouYXBw\n"
+ "ZW5naW5lLmdvb2dsZS5jb22CEiouY2xvdWQuZ29vZ2xlLmNvbYIWKi5nb29nbGUt\n"
+ "YW5hbHl0aWNzLmNvbYILKi5nb29nbGUuY2GCCyouZ29vZ2xlLmNsgg4qLmdvb2ds\n"
+ "ZS5jby5pboIOKi5nb29nbGUuY28uanCCDiouZ29vZ2xlLmNvLnVrgg8qLmdvb2ds\n"
+ "ZS5jb20uYXKCDyouZ29vZ2xlLmNvbS5hdYIPKi5nb29nbGUuY29tLmJygg8qLmdv\n"
+ "b2dsZS5jb20uY2+CDyouZ29vZ2xlLmNvbS5teIIPKi5nb29nbGUuY29tLnRygg8q\n"
+ "Lmdvb2dsZS5jb20udm6CCyouZ29vZ2xlLmRlggsqLmdvb2dsZS5lc4ILKi5nb29n\n"
+ "bGUuZnKCCyouZ29vZ2xlLmh1ggsqLmdvb2dsZS5pdIILKi5nb29nbGUubmyCCyou\n"
+ "Z29vZ2xlLnBsggsqLmdvb2dsZS5wdIISKi5nb29nbGVhZGFwaXMuY29tgg8qLmdv\n"
+ "b2dsZWFwaXMuY26CFCouZ29vZ2xlY29tbWVyY2UuY29tghEqLmdvb2dsZXZpZGVv\n"
+ "LmNvbYIMKi5nc3RhdGljLmNugg0qLmdzdGF0aWMuY29tggoqLmd2dDEuY29tggoq\n"
+ "Lmd2dDIuY29tghQqLm1ldHJpYy5nc3RhdGljLmNvbYIMKi51cmNoaW4uY29tghAq\n"
+ "LnVybC5nb29nbGUuY29tghYqLnlvdXR1YmUtbm9jb29raWUuY29tgg0qLnlvdXR1\n"
+ "YmUuY29tghYqLnlvdXR1YmVlZHVjYXRpb24uY29tggsqLnl0aW1nLmNvbYILYW5k\n"
+ "cm9pZC5jb22CBGcuY2+CBmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CCmdv\n"
+ "b2dsZS5jb22CEmdvb2dsZWNvbW1lcmNlLmNvbYIKdXJjaGluLmNvbYIIeW91dHUu\n"
+ "YmWCC3lvdXR1YmUuY29tghR5b3V0dWJlZWR1Y2F0aW9uLmNvbTALBgNVHQ8EBAMC\n"
+ "B4AwaAYIKwYBBQUHAQEEXDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2ds\n"
+ "ZS5jb20vR0lBRzIuY3J0MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29v\n"
+ "Z2xlLmNvbS9vY3NwMB0GA1UdDgQWBBShZRhQFOqlCCt51oEJBD94sL7K4zAMBgNV\n"
+ "HRMBAf8EAjAAMB8GA1UdIwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMBcGA1Ud\n"
+ "IAQQMA4wDAYKKwYBBAHWeQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtp\n"
+ "Lmdvb2dsZS5jb20vR0lBRzIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQBOQBrolcUp\n"
+ "UFh/5O369pXbuxDZajpSKAjX4Zu6L5LxS9NQRuWqheWNsNcZMRzZ6dP6xpeqf522\n"
+ "zUjzUEzDCOaxCbccakucnXUvg3/m5qgYhxUmLdZjXZ53mTCy4tHbswQrwnxZH+t+\n"
+ "Y4rlJFr4bzPNPx7ucB7wRvxFGCjWXflK1JpgXmUcjFFu8/xrlqJdCwmrjEOJaVRq\n"
+ "urh11t2o4N/DjdboKWBdv+reuijPjzJTKmTbjuZU/bty6COIqtu8vWD39xRCK2y+\n"
+ "W6und7oGKIEvisrLIoHRRgBPfiFBxuzLbvOg/mGbz34pSuBJEzMxrAbkOnGWEQOm\n"
+ "B3KPgoV0lPFo\n"
+ "-----END CERTIFICATE-----\n");
+ cm[TestData::GOOGLE_COM] = std::make_pair(raw_base64, createCert(raw_base64));
+ }
+
+ return cm;
+}
+
+CertMap TEST_CERTS = initializeTestCerts();
+}
+
+
+std::string TestData::getTestCertificateBase64(TestData::certificateID id)
+{
+ RUNNER_ASSERT_MSG(TEST_CERTS.find(id) != TEST_CERTS.end(), "Unknown certificate index!");
+ RUNNER_ASSERT_MSG(TEST_CERTS[id].first.size()>0, "Certificate is empty (should never ever happen)!");
+
+ return TEST_CERTS[id].first;
+}
+
+CKM::CertificateShPtr TestData::getTestCertificate(certificateID id)
+{
+ RUNNER_ASSERT_MSG(TEST_CERTS.find(id) != TEST_CERTS.end(), "Unknown certificate index!");
+ RUNNER_ASSERT_MSG(TEST_CERTS[id].second, "Certificate is empty (should never ever happen)!");
+
+ return TEST_CERTS[id].second;
+}
--- /dev/null
+/*
+ * Copyright (c) 2000 - 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+/*
+ * @file test-certs.h
+ * @author Maciej J. Karpiuk (m.karpiuk2@samsung.com)
+ * @version 1.0
+ */
+
+#pragma once
+
+#include <string>
+#include <ckm/ckm-certificate.h>
+
+namespace TestData
+{
+
+enum certificateID {
+ // test certificates
+ TEST_ROOT_CA = 0, // TEST_ROOT_CA, expires 2035
+ TEST_IM_CA, // TEST_IM_CA, signed by TEST_ROOT_CA, expires 2035
+ TEST_LEAF, // TEST_LEAF, signed by TEST_IM_CA, expires 2035
+
+ // third party
+ GIAG2, // GIAG2, signed by GEOTRUST, expires 31 Dec 2016
+ MBANK, // MBANK, signed by SYMANTEC, expires 04 Feb 2016
+ SYMANTEC, // SYMANTEC, signed by VERISIGN, expires 30 Oct 2023
+ GEOTRUST, // GEOTRUST, GeoTrust Global CA - signed by EQUIFAX, expires 21 Aug 2018
+ EQUIFAX, // EQUIFAX (root CA), expires 22 Aug 2018
+ GOOGLE_COM, // GOOGLE_COM, *.google.com - signed by GIAG2, expires 12 May 2015
+
+ // footer - last element in the set
+ NO_CERT
+};
+
+std::string getTestCertificateBase64(certificateID id);
+CKM::CertificateShPtr getTestCertificate(certificateID id);
+}
--- /dev/null
+INCLUDE(FindPkgConfig)
+SET(COMMON_TARGET_TEST "tests-common")
+
+#dependencies
+PKG_CHECK_MODULES(COMMON_TARGET_DEP
+ libsmack
+ dbus-1
+ sqlite3
+ libgum
+ glib-2.0
+ REQUIRED
+ )
+
+#files to compile
+SET(COMMON_TARGET_TEST_SOURCES
+ ${PROJECT_SOURCE_DIR}/src/common/tests_common.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/access_provider.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/smack_access.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/dbus_connection.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/dbus_message_in.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/dbus_message_out.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/service_manager.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/memory.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/db_sqlite.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/fs_label_manager.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/passwd_access.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/uds.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/synchronization_pipe.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/timeout.cpp
+ ${PROJECT_SOURCE_DIR}/src/common/temp_test_user.cpp
+ )
+
+#system and local includes
+INCLUDE_DIRECTORIES(SYSTEM ${COMMON_TARGET_DEP_INCLUDE_DIRS})
+
+INCLUDE_DIRECTORIES(
+ ${PROJECT_SOURCE_DIR}/src/framework/include
+ ${PROJECT_SOURCE_DIR}/src/common
+ )
+
+
+#output OBJECT format
+ADD_LIBRARY(${COMMON_TARGET_TEST} ${COMMON_TARGET_TEST_SOURCES})
+
+TARGET_LINK_LIBRARIES(${COMMON_TARGET_TEST} ${COMMON_TARGET_DEP_LIBRARIES}
+ dpl-test-framework)
+
+INSTALL (FILES ${PROJECT_SOURCE_DIR}/src/common/security-tests.conf DESTINATION /etc/dbus-1/system.d)
/*
- * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2012-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*
* If database is already opened do nothing.
*
- * @throw DPL::Test::TestRunner::TestFailed when opening database fails
+ * @throw DPL::Test::TestFailed when opening database fails
*/
void open(void);
/**
* @brief Close database.
*
- * @throw DPL::Test::TestRunner::TestFailed when closing database fails
+ * @throw DPL::Test::TestFailed when closing database fails
*/
void close(void);
* @param sql_query SQL query
* @param result returned result
*
- * @throw DPL::Test::TestRunner::TestFailed when execution of query fails
+ * @throw DPL::Test::TestFailed when execution of query fails
*/
void execute(const std::string& sql_query, Sqlite3DBaseSelectResult& result);
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file passwd_access.cpp
+ * @author Aleksander Zdyb <a.zdyb@samsung.com>
+ * @version 1.0
+ * @brief Provides access to UID and GID
+ */
+
+#include <cerrno>
+#include <grp.h>
+#include <pwd.h>
+
+#include <dpl/test/test_runner.h>
+
+#include "passwd_access.h"
+
+namespace PasswdAccess {
+ uid_t uid(const std::string &username) {
+ struct passwd *passwd = nullptr;
+ do {
+ errno = 0;
+ passwd = getpwnam(username.c_str());
+ } while (passwd == nullptr && errno == EINTR);
+ RUNNER_ASSERT_ERRNO_MSG(passwd != nullptr, "Error in getpwnam(). Username: " << username);
+ return passwd->pw_uid;
+ }
+
+ gid_t gid(const std::string &groupname) {
+ struct group *group = nullptr;
+ do {
+ errno = 0;
+ group = getgrnam(groupname.c_str());
+ } while (group == nullptr && errno == EINTR);
+ RUNNER_ASSERT_ERRNO_MSG(group != nullptr, "Error in getgrnam(). Groupname: " << groupname);
+ return group->gr_gid;
+ }
+} // namespace PasswdAccess
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file passwd_access.h
+ * @author Aleksander Zdyb <a.zdyb@samsung.com>
+ * @version 1.0
+ * @brief Provides access to UID and GID
+ */
+
+#ifndef TESTS_COMMON_PASSWD_ACCESS_H_
+#define TESTS_COMMON_PASSWD_ACCESS_H_
+
+#include <string>
+#include <sys/types.h>
+
+namespace PasswdAccess {
+ uid_t uid(const std::string &username);
+ gid_t gid(const std::string &groupname);
+} // namespace PasswdAccess
+
+#endif // TESTS_COMMON_PASSWD_ACCESS_H_
#include <dpl/test/test_runner.h>
+#include <algorithm>
#include <sstream>
#include <unistd.h>
#include <vector>
}
-ServiceManager::ServiceManager(const std::string &serviceName)
+ServiceManager::ServiceManager(const std::string &serviceName,
+ const std::vector<std::string>& socketsNames)
: m_connection(DBUS_BUS_SYSTEM, true)
, m_serviceName(serviceName)
+ , m_socketsNames(socketsNames)
{
addBusMatch(MATCH_JOB_REMOVED);
addBusMatch(MATCH_JOB_NEW);
addBusMatch(MATCH_RELOADING);
m_connection.flush();
m_connection.addFilter(messageHandler,
- reinterpret_cast<void*>(this));
+ static_cast<void*>(this));
subscribeSignals();
m_connection.requestName(DBUS_CLIENT_NAME);
getUnitPath();
return iteratorSub.getArgUint64();
}
-void ServiceManager::sendToService(const std::string &method)
+void ServiceManager::sendToService(const std::string &method, const std::string &unit)
{
DBus::MessageOut messageOut = newMethodCall(method);
- messageOut.append(m_serviceName);
+ messageOut.append(unit);
messageOut.append("fail");
DBus::MessageIn messageIn = m_connection.sendWithReplyAndBlock(messageOut);
m_runningJobs.insert(handleObjectPathMsgReply(messageIn));
DBusHandlerResult ServiceManager::messageHandler(DBusConnection *conn, DBusMessage *msg, void *t)
{
(void) conn;
- ServiceManager* self = reinterpret_cast<ServiceManager*>(t);
+ ServiceManager* self = static_cast<ServiceManager*>(t);
DBus::MessageIn messageIn(msg, true);
if (messageIn.isSignal(SYSTEMD_MANAGER_INTERFACE, MATCH_JOB_REMOVED))
iterator.expectArgType(DBUS_TYPE_STRING);
std::string result = iterator.getArgString();
- if(m_serviceName == unit) {
+ if (unit == m_serviceName
+ || std::count(m_socketsNames.begin(), m_socketsNames.end(), unit) > 0) {
RUNNER_ASSERT_MSG(result == "done" || result == "canceled",
"RemoveJob signal delivered bad news. Job wasn't completed successfully: "
<< "expected job results = {done, canceled}, "
m_connection.readWriteDispatch();
}
-void ServiceManager::startService()
+void ServiceManager::executeMethod(const std::string &method, const std::string &unit)
{
- sendToService("StartUnit");
+ sendToService(method, unit);
waitForRunningJobsFinish();
sendResetFailedToService();
}
-void ServiceManager::stopService()
+void ServiceManager::startService(bool withSockets)
{
- sendToService("StopUnit");
- waitForRunningJobsFinish();
- sendResetFailedToService();
+ executeMethod("StartUnit", m_serviceName);
+ if (withSockets)
+ for (const auto &socket : m_socketsNames)
+ executeMethod("StartUnit", socket);
}
-void ServiceManager::restartService()
+void ServiceManager::stopService(bool withSockets)
{
- sendToService("RestartUnit");
- waitForRunningJobsFinish();
- sendResetFailedToService();
+ if (withSockets)
+ for (const auto &socket : m_socketsNames)
+ executeMethod("StopUnit", socket);
+ executeMethod("StopUnit", m_serviceName);
+}
+
+void ServiceManager::restartService(bool withSockets)
+{
+ if (withSockets)
+ for (const auto &socket : m_socketsNames)
+ executeMethod("StopUnit", socket);
+
+ executeMethod("RestartUnit", m_serviceName);
+
+ if (withSockets)
+ for (const auto &socket : m_socketsNames)
+ executeMethod("StartUnit", socket);
}
pid_t ServiceManager::getServicePid()
class ServiceManager {
public:
ServiceManager() = delete;
- ServiceManager(const std::string &serviceName);
+ ServiceManager(const std::string &serviceName,
+ const std::vector<std::string>& socketsNames = {});
~ServiceManager() = default;
- void startService();
- void stopService();
- void restartService();
+ void startService(bool withSockets = false);
+ void stopService(bool withSockets = false);
+ void restartService(bool withSockets = false);
pid_t getServicePid();
timeval getServiceStartTimestamp();
void maskService();
uint32_t handleVariantUIntMsgReply(DBus::MessageIn &messageIn);
uint64_t handleVariantUInt64MsgReply(DBus::MessageIn &messageIn);
- void sendToService(const std::string &method);
+ void sendToService(const std::string &method, const std::string &unit);
void sendMaskToService();
void sendUnmaskToService();
DBus::MessageIn sendPropertyGetMsg(const std::string &interface, const std::string &property);
void signalReloadingHandler(DBus::MessageIn &messageIn);
void waitForRunningJobsFinish();
+ void executeMethod(const std::string &method, const std::string &unit);
+
DBus::Connection m_connection;
const std::string m_serviceName;
+ const std::vector<std::string> m_socketsNames;
std::string m_unitPath;
std::set<std::string> m_runningJobs;
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file synchronization_pipe.cpp
+ * @author Aleksander Zdyb <a.zdyb@samsung.com>
+ * @version 1.0
+ * @brief A crippled abstraction of widely praised, but often misused communication mechanism
+ */
+
+#include <stdexcept>
+#include <unistd.h>
+
+#include <dpl/test/test_runner.h>
+
+#include "synchronization_pipe.h"
+
+static void closeFd(int *fd) {
+ if (*fd > -1) {
+ close(*fd);
+ *fd = -1;
+ }
+}
+
+SynchronizationPipe::SynchronizationPipe() {
+ auto ret = pipe(m_pipeCP);
+ RUNNER_ASSERT_ERRNO_MSG(ret == 0, "pipe failed");
+
+ ret = pipe(m_pipePC);
+ RUNNER_ASSERT_ERRNO_MSG(ret == 0, "pipe failed");
+}
+
+SynchronizationPipe::~SynchronizationPipe() {
+ closeFd(m_pipeCP + 0);
+ closeFd(m_pipeCP + 1);
+ closeFd(m_pipePC + 0);
+ closeFd(m_pipePC + 1);
+}
+
+void SynchronizationPipe::claimParentEp() {
+ if (m_epClaimed)
+ return;
+
+ m_readEp = m_pipeCP[0];
+ closeFd(m_pipeCP + 1);
+
+ m_writeEp = m_pipePC[1];
+ closeFd(m_pipePC + 0);
+
+ m_epClaimed = true;
+}
+
+void SynchronizationPipe::claimChildEp() {
+ if (m_epClaimed)
+ return;
+
+ m_readEp = m_pipePC[0];
+ closeFd(m_pipePC + 1);
+
+ m_writeEp = m_pipeCP[1];
+ closeFd(m_pipeCP + 0);
+
+ m_epClaimed = true;
+}
+
+void SynchronizationPipe::post() {
+ RUNNER_ASSERT_MSG(m_epClaimed == true, "Endpoint not claimed");
+ auto ret = TEMP_FAILURE_RETRY(write(m_writeEp, "#", 1));
+ RUNNER_ASSERT_ERRNO_MSG(ret > 0, "Write failed ret = " << ret);
+}
+
+void SynchronizationPipe::wait() {
+ RUNNER_ASSERT_MSG(m_epClaimed == true, "Endpoint not claimed");
+
+ char buf;
+ auto ret = TEMP_FAILURE_RETRY(read(m_readEp, &buf, 1));
+ RUNNER_ASSERT_ERRNO_MSG(ret > 0, "Read failed ret = " << ret);
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file synchronization_pipe.h
+ * @author Aleksander Zdyb <a.zdyb@samsung.com>
+ * @version 1.0
+ * @brief A crippled abstraction of widely praised, but often misused communication mechanism
+ */
+
+#ifndef TESTS_COMMON_SYNCHRONIZATION_PIPE_H_
+#define TESTS_COMMON_SYNCHRONIZATION_PIPE_H_
+
+class SynchronizationPipe {
+public:
+ SynchronizationPipe();
+ ~SynchronizationPipe();
+
+ void claimParentEp();
+ void claimChildEp();
+
+ void post();
+ void wait();
+
+private:
+ int m_pipeCP[2]; // Child -> Parent
+ int m_pipePC[2]; // Parent -> Child
+ int m_readEp = -1;
+ int m_writeEp = -1;
+ bool m_epClaimed = false;
+};
+
+#endif // TESTS_COMMON_SYNCHRONIZATION_PIPE_H_
/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2013-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
const char *WGT_APP_ID = "QwCqJ0ttyS";
-int smack_runtime_check(void)
-{
- static int smack_present = -1;
- if (-1 == smack_present) {
- if (smack_smackfs_path()) {
- smack_present = 1;
- } else {
- smack_present = 0;
- }
- }
- return smack_present;
-}
-
-int smack_check(void)
+bool smack_check(void)
{
#ifndef WRT_SMACK_ENABLED
- return 0;
+ return false;
#else
- return smack_runtime_check();
+ static int smack_present = -1;
+ if (-1 == smack_present)
+ smack_present = smack_smackfs_path() == nullptr ? 0 : 1;
+ return smack_present == 1;
#endif
}
/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2013-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
const gid_t DB_ALARM_GID = 6001;
const std::string TMP_DIR("/tmp");
-int smack_runtime_check(void);
-int smack_check(void);
+bool smack_check(void);
int drop_root_privileges(uid_t appUid = APP_UID, gid_t appGid = APP_GID);
void setLabelForSelf(const int line, const char *label);
void add_process_group(const char* group_name);
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file timeout.cpp
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @brief Definition of future_status serialization operator
+ */
+
+#include <timeout.h>
+
+namespace Timeout {
+
+std::ostream& operator<<(std::ostream& os, const std::future_status &status)
+{
+ switch (status) {
+ case std::future_status::ready:
+ os << "<READY>";
+ break;
+ case std::future_status::timeout:
+ os << "<TIMEOUT>";
+ break;
+ case std::future_status::deferred:
+ os << "<DEFERRED>";
+ break;
+ }
+ os << " [" << static_cast<int>(status) << "]";
+ return os;
+}
+
+} // namespace Timeout
#include <chrono>
#include <functional>
#include <future>
+#include <type_traits>
#include <utility>
-#include <tests_common.h>
+#include <dpl/test/test_runner.h>
namespace Timeout {
template <class Rep, class Period>
using Timeout = std::chrono::duration<Rep, Period>;
-template <class Ret, class... Args>
-using Function = std::function<Ret(Args...)>;
-
typedef std::function<void(void)> CancelFunction;
enum ExpectMode {
IGNORE,
};
-std::ostream& operator<<(std::ostream& os, const std::future_status &status)
-{
- switch (status) {
- case std::future_status::ready:
- os << "<READY>";
- break;
- case std::future_status::timeout:
- os << "<TIMEOUT>";
- break;
- case std::future_status::deferred:
- os << "<DEFERRED>";
- break;
- }
- os << " [" << static_cast<int>(status) << "]";
- return os;
-}
+std::ostream& operator<<(std::ostream& os, const std::future_status &status);
-template <class Rep, class Period, class Ret, class... Args>
-Ret callAndWait(const Timeout<Rep, Period> &timeout,
+template <class Rep, class Period, class F, class... Args>
+ typename std::result_of<F(Args...)>::type
+ callAndWait(const Timeout<Rep, Period> &timeout,
ExpectMode expect,
CancelFunction cancelFunction,
- Function<Ret, Args...> function,
- Args... args) {
- RUNNER_ASSERT_MSG(function,
- "not empty function must be passed to callAndWait");
+ F&& function,
+ Args&&... args) {
- std::future<Ret> fut = std::async(std::launch::async, function, std::forward<Args>(args)...);
+ auto fut = std::async(std::launch::async, function, std::forward<Args>(args)...);
std::future_status status = fut.wait_for(timeout);
if (status == std::future_status::timeout && cancelFunction)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file uds.cpp
+ * @author Aleksander Zdyb <a.zdyb@samsung.com>
+ * @version 1.0
+ * @brief Helpers for Unix Domain Sockets
+ */
+
+#include <cstring>
+#include <poll.h>
+#include <sys/socket.h>
+#include <unistd.h>
+
+#include <dpl/test/test_runner.h>
+#include <memory.h>
+
+#include "uds.h"
+
+namespace UDSHelpers {
+
+int createServer(const struct sockaddr_un *sockaddr) {
+ int sock = socket(AF_UNIX, SOCK_STREAM, 0);
+ RUNNER_ASSERT_ERRNO_MSG(sock >= 0, "socket failed");
+
+ SockUniquePtr sockPtr(&sock);
+
+ int bindResult = bind(sock, (const struct sockaddr*) sockaddr, sizeof(struct sockaddr_un));
+ RUNNER_ASSERT_ERRNO_MSG(bindResult == 0, "bind failed");
+
+ int listenResult = listen(sock, 1);
+ RUNNER_ASSERT_ERRNO_MSG(listenResult == 0, "listen failed");
+
+ sockPtr.release();
+ return sock;
+}
+
+int createClient(const struct sockaddr_un *sockaddr) {
+ int sock = socket(AF_UNIX, SOCK_STREAM, 0);
+ RUNNER_ASSERT_ERRNO_MSG(sock >= 0, "socket failed");
+
+ SockUniquePtr sockPtr(&sock);
+
+ int connectResult = TEMP_FAILURE_RETRY(
+ connect(sock, (const struct sockaddr*) sockaddr, sizeof(struct sockaddr_un)));
+ RUNNER_ASSERT_ERRNO_MSG(connectResult == 0, "connect failed");
+
+ sockPtr.release();
+ return sock;
+}
+
+int acceptClient(int sock) {
+ int clientSock = TEMP_FAILURE_RETRY(accept(sock, NULL, NULL));
+ RUNNER_ASSERT_ERRNO_MSG(clientSock >= 0, "accept failed");
+ return clientSock;
+}
+
+void waitForDisconnect(int sock) {
+ const nfds_t fdCount = 1;
+ const int timeout = -1; // no timeout
+
+ struct pollfd pfd { sock, POLLRDHUP, 0 };
+ int ret = TEMP_FAILURE_RETRY(poll(&pfd, fdCount, timeout));
+ RUNNER_ASSERT_ERRNO_MSG(ret >= 0, "poll failed");
+}
+
+struct sockaddr_un makeAbstractAddress(const std::string &path) {
+ struct sockaddr_un sockaddr;
+ RUNNER_ASSERT_MSG(path.size() <= sizeof(sockaddr.sun_path) - 1, "Socket path too long");
+ memset(&sockaddr, 0, sizeof(struct sockaddr_un));
+ sockaddr.sun_family = AF_UNIX;
+ // Leave '\0' as a first character of path
+ memcpy(sockaddr.sun_path + 1, path.c_str(), path.size());
+ return sockaddr;
+}
+
+} // namespace UDSHelpers
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file uds.h
+ * @author Aleksander Zdyb <a.zdyb@partner.samsung.com>
+ * @version 1.0
+ * @brief Helpers for Unix Domain Sockets
+ */
+
+#ifndef TESTS_COMMON_UDS_H_
+#define TESTS_COMMON_UDS_H_
+
+#include <string>
+#include <sys/un.h>
+
+namespace UDSHelpers {
+ int createServer(const struct sockaddr_un *sockaddr);
+ int createClient(const struct sockaddr_un *sockaddr);
+ int acceptClient(int sock);
+ void waitForDisconnect(int sock);
+ struct sockaddr_un makeAbstractAddress(const std::string &path);
+};
+
+#endif // TESTS_COMMON_UDS_H_
#files to compile
SET(CYNARA_TARGET_TEST_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_admin.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_agent.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_agent_request.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_agent_response.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_client.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_client_async_client.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_client_async_request_monitor.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_client_async_status_monitor.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_commons.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_cynara_mask.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_env.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_file_operations.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/plugins.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/cynara-test.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/test_cases.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/test_cases_async.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/test_cases_db.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_admin.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_agent.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_agent_request.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_agent_response.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_client.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_client_async_client.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_client_async_request_monitor.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_client_async_status_monitor.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_commons.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_cynara_mask.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_env.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_file_operations.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/plugins.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/cynara-test.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/test_cases.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/test_cases_agent.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/test_cases_async.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/test_cases_db.cpp
)
#header directories
)
INCLUDE_DIRECTORIES(
- ${PROJECT_SOURCE_DIR}/tests/common/
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/
+ ${PROJECT_SOURCE_DIR}/src/common/
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/
)
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/WRT_test_for_cynara_rules.smack
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/WRT_test_for_cynara_rules.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(DIRECTORY
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/db_patterns
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/db_patterns
DESTINATION /etc/security-tests/
)
void Agent::putResponse(const AgentResponse &response, int expectedResult)
{
+ auto size = response.data().size();
int ret = cynara_agent_put_response(m_agent,
response.type(),
response.id(),
- reinterpret_cast<const void*>(response.data().data()),
- response.data().size());
+ size ? static_cast<const void*>(response.data().data())
+ : nullptr,
+ size);
RUNNER_ASSERT_MSG(ret == expectedResult,
"cynara_agent_put_response returned wrong value: "
{
m_type = type;
m_id = id;
- m_data = Cynara::PluginData(reinterpret_cast<const char*>(data), dataSize);
+ m_data = Cynara::PluginData(static_cast<const char*>(data), dataSize);
m_client.clear();
m_user.clear();
m_privilege.clear();
Client::Client(const StatusFunction &userFunction)
: m_cynara(nullptr), m_statusMonitor(userFunction)
{
- int ret = cynara_async_initialize(&m_cynara, nullptr, StatusMonitor::updateStatus,
- reinterpret_cast<void*>(&m_statusMonitor));
+ int ret;
+ RUNNER_DEFER_SCOPE(ret = cynara_async_initialize(&m_cynara, nullptr,
+ StatusMonitor::updateStatus,
+ static_cast<void*>(&m_statusMonitor)););
RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
"cynara_async_initialize() failed. ret = " << ret << ".");
RUNNER_ASSERT_MSG(m_cynara != nullptr, "cynara_async struct was not initialized.");
{
bool oops = std::uncaught_exception();
try {
- cynara_async_finish(m_cynara);
+ RUNNER_DEFER_SCOPE(cynara_async_finish(m_cynara););
assertStatus(DISCONNECTED);
} catch (...) {
if (!oops)
void Client::checkCache(const CheckData &checkData, int expectedResult)
{
- int ret = cynara_async_check_cache(m_cynara, checkData.m_client.c_str(),
- checkData.m_session.c_str(), checkData.m_user.c_str(),
- checkData.m_privilege.c_str());
+ int ret;
+ RUNNER_DEFER_SCOPE(ret = cynara_async_check_cache(m_cynara, checkData.m_client.c_str(),
+ checkData.m_session.c_str(),
+ checkData.m_user.c_str(),
+ checkData.m_privilege.c_str()););
RUNNER_ASSERT_MSG(ret == expectedResult,
"Cache check returned unexpected value: "
<< " returned value = " << ret << ","
void Client::createRequest(const CheckData &checkData, cynara_check_id &id,
const RequestEntity &callbackData, int expectedResult)
{
- int ret = cynara_async_create_request(m_cynara, checkData.m_client.c_str(),
- checkData.m_session.c_str(), checkData.m_user.c_str(),
- checkData.m_privilege.c_str(), &id,
- RequestMonitor::updateResponse,
- reinterpret_cast<void*>(&m_requestMonitor));
+ int ret;
+ RUNNER_DEFER_SCOPE(ret = cynara_async_create_request(m_cynara, checkData.m_client.c_str(),
+ checkData.m_session.c_str(),
+ checkData.m_user.c_str(),
+ checkData.m_privilege.c_str(), &id,
+ RequestMonitor::updateResponse,
+ static_cast<void*>(
+ &m_requestMonitor)););
if (ret == CYNARA_API_SUCCESS)
m_requestMonitor.registerRequest(id, callbackData);
ret = TEMP_FAILURE_RETRY(select(fd + 1, &fds, &fds, NULL, &tv));
if (ret == 0) {
- RUNNER_ASSERT_ERRNO_MSG(timeoutExpectation != EXPECT_NO_TIMEOUT,
- "Unexpected select timeout."
- << " ret = " << ret);
+ RUNNER_ASSERT_MSG(timeoutExpectation != EXPECT_NO_TIMEOUT,
+ "Unexpected select timeout."
+ << " ret = " << ret);
return;
}
RUNNER_ASSERT_ERRNO_MSG(ret > 0,
"Select returned error:"
<< " ret = " << ret);
- RUNNER_ASSERT_ERRNO_MSG(timeoutExpectation != EXPECT_TIMEOUT,
- "Select returned positive value, when timeout was expected."
- << " ret = " << ret);
+ RUNNER_ASSERT_MSG(timeoutExpectation != EXPECT_TIMEOUT,
+ "Select returned positive value, when timeout was expected."
+ << " ret = " << ret);
- ret = cynara_async_process(m_cynara);
+ RUNNER_DEFER_SCOPE(ret = cynara_async_process(m_cynara););
RUNNER_ASSERT_MSG(ret == expectedResult,
"cynara_async_process returned unexpected value: "
<< " returned value = " << ret << ","
void Client::cancel(cynara_check_id id, int expectedResult)
{
- int ret = cynara_async_cancel_request(m_cynara, id);
+ int ret;
+ RUNNER_DEFER_SCOPE(ret = cynara_async_cancel_request(m_cynara, id););
RUNNER_ASSERT_MSG(ret == expectedResult,
"Cancel request returned unexpected value: "
<< " returned value = " << ret << ","
void RequestMonitor::updateResponse(cynara_check_id checkId, cynara_async_call_cause cause,
int response, void *data)
{
- RequestMonitor *monitor = reinterpret_cast<RequestMonitor*>(data);
- if (!monitor) {
- RUNNER_FAIL_MSG("Bad user data (nullptr) in response callback.");
- return;
- }
-
- auto it = monitor->m_requests.find(checkId);
- if (it == monitor->m_requests.end()) {
- RUNNER_FAIL_MSG("Received unexpected callback for request:"
- << "id = " << checkId << ","
- << "response = " << response << ","
- << "cause = " << cause << ".");
- return;
- }
+ RUNNER_DEFER_TRYCATCH(
+ RequestMonitor *monitor = static_cast<RequestMonitor*>(data);
+ if (!monitor) {
+ RUNNER_FAIL_MSG("Bad user data (nullptr) in response callback.");
+ return;
+ }
- //save request data and remove request from monitored requests
- auto expectedResponse = it->second.m_expectedResponse;
- auto expectedCause = it->second.m_expectedCause;
- auto userFunction = it->second.m_userFunction;
- monitor->m_requests.erase(it);
+ auto it = monitor->m_requests.find(checkId);
+ if (it == monitor->m_requests.end()) {
+ RUNNER_FAIL_MSG("Received unexpected callback for request:"
+ << "id = " << checkId << ","
+ << "response = " << response << ","
+ << "cause = " << cause << ".");
+ return;
+ }
- RUNNER_ASSERT_MSG(cause == expectedCause,
- "Unexpected cause in response callback:"
- << "id = " << checkId << ","
- << "received response = " << response << ","
- << "expected response = " << expectedResponse << ","
- << "received cause = " << cause << ","
- << "expected cause = " << expectedCause << ".");
+ //save request data and remove request from monitored requests
+ auto expectedResponse = it->second.m_expectedResponse;
+ auto expectedCause = it->second.m_expectedCause;
+ auto userFunction = it->second.m_userFunction;
+ monitor->m_requests.erase(it);
- if (cause == CYNARA_CALL_CAUSE_ANSWER)
- {
- RUNNER_ASSERT_MSG(response == expectedResponse,
- "Unexpected response in response callback:"
+ RUNNER_ASSERT_MSG(cause == expectedCause,
+ "Unexpected cause in response callback:"
<< "id = " << checkId << ","
<< "received response = " << response << ","
<< "expected response = " << expectedResponse << ","
<< "received cause = " << cause << ","
<< "expected cause = " << expectedCause << ".");
- }
- if (userFunction)
- userFunction();
+ if (cause == CYNARA_CALL_CAUSE_ANSWER)
+ {
+ RUNNER_ASSERT_MSG(response == expectedResponse,
+ "Unexpected response in response callback:"
+ << "id = " << checkId << ","
+ << "received response = " << response << ","
+ << "expected response = " << expectedResponse << ","
+ << "received cause = " << cause << ","
+ << "expected cause = " << expectedCause << ".");
+ }
+
+ if (userFunction)
+ userFunction();
+ );
}
}// namespace CynaraTestClientAsync
void StatusMonitor::updateStatus(int oldFd, int newFd, cynara_async_status status, void *data)
{
- StatusMonitor *monitor = reinterpret_cast<StatusMonitor*>(data);
- if (!monitor) {
- RUNNER_FAIL_MSG("Bad user data (nullptr) in status callback.");
- return;
- }
+ RUNNER_DEFER_TRYCATCH(
+ StatusMonitor *monitor = static_cast<StatusMonitor*>(data);
+ if (!monitor) {
+ RUNNER_FAIL_MSG("Bad user data (nullptr) in status callback.");
+ return;
+ }
- RUNNER_ASSERT_MSG(monitor->m_fd == oldFd,
- "fd value mismatch: "
- << " last saved fd = " << monitor->m_fd << ","
- << " callback oldFd = " << oldFd << ".");
+ RUNNER_ASSERT_MSG(monitor->m_fd == oldFd,
+ "fd value mismatch: "
+ << " last saved fd = " << monitor->m_fd << ","
+ << " callback oldFd = " << oldFd << ".");
- monitor->m_fd = newFd;
- monitor->m_status = status;
- if (monitor->m_userFunction)
- monitor->m_userFunction(oldFd, newFd, status);
+ monitor->m_fd = newFd;
+ monitor->m_status = status;
+ if (monitor->m_userFunction)
+ monitor->m_userFunction(oldFd, newFd, status);
+ );
}
int StatusMonitor::getFd(void) const
#include <cynara_test_cynara_mask.h>
#include <dpl/exception.h>
-#include <dpl/test/test_runner.h>
+#include <dpl/test/test_exception.h>
#include <exception>
const std::string USER("cynara");
const std::string LABEL("System");
const std::string SERVICE("cynara.service");
+const std::string SOCKET_CLIENT("cynara.socket");
+const std::string SOCKET_ADMIN("cynara-admin.socket");
+const std::string SOCKET_AGENT("cynara-agent.socket");
+
const std::string SERVICE_PLUGINS_DIR("/usr/lib/cynara/plugin/service/");
}
{
CynaraTestEnv env(testName);
env.save();
+ env.loadDefaultDatabase();
try {
func();
- } catch (const DPL::Test::TestRunner::TestFailed &e) {
- env.restore();
- throw e;
- } catch (const DPL::Test::TestRunner::Ignored &e) {
+ } catch (const DPL::Test::TestException &e) {
env.restore();
- throw e;
+ throw;
} catch (const DPL::Exception &e) {
env.restore();
- throw e;
+ throw;
} catch (const std::exception &e) {
env.restore();
- throw e;
+ throw;
} catch (...) {
env.restore();
throw std::runtime_error("Unknown exception");
for (const auto &dir : pluginDirectories)
FileOperations::copyCynaraFiles(dir.c_str(), CynaraTestConsts::SERVICE_PLUGINS_DIR);
}
+
+void restartCynaraService()
+{
+ ServiceManager service(CynaraTestConsts::SERVICE);
+ service.restartService();
+}
+
+void restartCynaraServiceAndSockets()
+{
+ ServiceManager service(CynaraTestConsts::SERVICE, { CynaraTestConsts::SOCKET_CLIENT,
+ CynaraTestConsts::SOCKET_ADMIN,
+ CynaraTestConsts::SOCKET_AGENT });
+
+ service.restartService(true);
+}
extern const std::string LABEL;
extern const std::string SERVICE;
extern const std::string SERVICE_PLUGINS_DIR;
+extern const std::string SOCKET_CLIENT;
+extern const std::string SOCKET_ADMIN;
+extern const std::string SOCKET_AGENT;
}
typedef std::vector<std::string> DirectoryPaths;
void loadServicePlugins(const DirectoryPaths &pluginDirectories);
+void restartCynaraService();
+void restartCynaraServiceAndSockets();
+
#endif /* CYNARA_TEST_COMMONS_H_ */
m_saveDir = TMP_DIR + "/" + dirName;
m_dbSaveDir = m_saveDir + "/db";
m_pluginsSaveDir = m_saveDir + "/plugins";
+ m_defaultDir = "/etc/security-tests/db_patterns/default";
}
CynaraTestEnv::~CynaraTestEnv()
removeDirIfExists(m_pluginsSaveDir);
removeDirIfExists(m_saveDir);
}
+
+void CynaraTestEnv::loadDefaultDatabase()
+{
+ CynaraMask mask;
+
+ if (m_dbPresent) {
+ removeDirFiles(CynaraTestConsts::DB_DIR);
+ copyCynaraFiles(m_defaultDir, CynaraTestConsts::DB_DIR);
+ }
+}
void save();
void restore();
+ void loadDefaultDatabase();
private:
std::string m_saveDir;
std::string m_dbSaveDir;
std::string m_pluginsSaveDir;
+ std::string m_defaultDir;
bool m_dbPresent;
};
ret = sendfile(outFd, inFd, 0, statSrc.st_size);
RUNNER_ASSERT_ERRNO_MSG(ret != -1, "sendfile failed");
+
+ ret = fsync(outFd);
+ RUNNER_ASSERT_ERRNO_MSG(ret != -1, "fsync failed");
}
void copyCynaraFiles(const std::string &source, const std::string &destination)
std::string tempSrc = source + "/" + direntPtr->d_name;
copyCynaraFile(tempSrc, tempDest);
}
+
+ syncDir(destination);
+}
+
+void syncElem(const std::string &filename, int flags, mode_t mode)
+{
+ int fileFd = TEMP_FAILURE_RETRY(open(filename.c_str(), flags, mode));
+ RUNNER_ASSERT_ERRNO_MSG(fileFd != -1, "open failed name=" << filename);
+ FdUniquePtr fdPtr(&fileFd);
+
+ int ret = fsync(fileFd);
+ RUNNER_ASSERT_ERRNO_MSG(ret != -1, "fsync failed name=" << filename);
+}
+
+void syncDir(const std::string &dirname, mode_t mode) {
+ syncElem(dirname, O_DIRECTORY, mode);
}
void makeDir(const std::string &directory)
{
RUNNER_ASSERT_ERRNO_MSG(!mkdir(directory.c_str(), S_IRWXU | S_IRWXG | S_IRWXO),
"Unable to make " << directory << " test directory");
+
+ syncDir(directory);
}
void removeDirFiles(const std::string &dir)
int ret = nftw(dir.c_str(), removeFile, 2, FTW_DEPTH | FTW_PHYS);
if (ret == -1)
RUNNER_ASSERT_ERRNO_MSG(errno == ENOENT, "nftw failed");
+ else
+ syncDir(dir);
}
void removeDirIfExists(const std::string &dir)
#ifndef CYNARA_TEST_FILE_OPERATIONS_H
#define CYNARA_TEST_FILE_OPERATIONS_H
+#include <fcntl.h>
#include <string>
namespace FileOperations
bool dirExists(const std::string &directory);
void copyCynaraFile(const std::string &src, const std::string &dst);
void copyCynaraFiles(const std::string &source, const std::string &destination);
+void syncElem(const std::string &filename, int flags = O_RDONLY, mode_t mode = S_IRUSR | S_IWUSR);
+void syncDir(const std::string &dirname, mode_t mode = S_IRUSR | S_IWUSR);
void makeDir(const std::string &directory);
void removeDirFiles(const std::string &dir);
void removeDirIfExists(const std::string &dir);
--- /dev/null
+buckets;$1$$6ZlVs5lw2nZgVmiw0BdY21
+_;$1$$qRPK7m23GJusamGpoGLby/
--- /dev/null
+buckets;$1$$UYHKvrIkGoSTO5hIgvCLg0
+_;$1$$qRPK7m23GJusamGpoGLby/
--- /dev/null
+buckets;$1$$6ZlVs5lw2nZgVmiw0BdY21
+_;$1$$nssatAXP6yl4N8gjldhxf0
INCLUDE_DIRECTORIES(
${CYNARA_TARGET_TEST_PLUGIN_MULTIPLE_POLICY_DEP_INCLUDE_DIRS}
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/
)
SET(CYNARA_TARGET_TEST_PLUGIN_MULTIPLE_POLICY_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/multiple-policy/plugin.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/plugins.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/multiple-policy/plugin.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/plugins.cpp
)
ADD_DEFINITIONS("-fvisibility=default")
INCLUDE_DIRECTORIES(
${CYNARA_TARGET_TEST_PLUGIN_SINGLE_POLICY_DEP_INCLUDE_DIRS}
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/
)
SET(CYNARA_TARGET_TEST_PLUGIN_SINGLE_POLICY_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/single-policy/plugin.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/plugins.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/single-policy/plugin.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/plugins.cpp
)
ADD_DEFINITIONS("-fvisibility=default")
INCLUDE_DIRECTORIES(
${CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT_DEP_INCLUDE_DIRS}
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/
)
SET(CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/test-agent/plugin.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/plugins.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/test-agent/plugin.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/plugins.cpp
)
ADD_DEFINITIONS("-fvisibility=default")
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file test_cases_agent.cpp
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @author Radoslaw Bartosiak <r.bartosiak@samsung.com>
+ * @version 1.0
+ * @brief Tests for libcynara-agent
+ */
+
+#include <chrono>
+#include <string>
+
+#include <cynara-error.h>
+#include <cynara-admin-types.h>
+#include <cynara-client-async.h>
+
+#include <dpl/test/test_runner.h>
+#include <cynara_test_admin.h>
+#include <cynara_test_agent.h>
+#include <cynara_test_agent_request.h>
+#include <cynara_test_agent_response.h>
+#include <cynara_test_client_async_client.h>
+#include <cynara_test_commons.h>
+#include <cynara_test_env.h>
+#include <service_manager.h>
+#include <timeout.h>
+
+using namespace CynaraTestAdmin;
+using namespace CynaraTestAgent;
+using namespace CynaraTestClientAsync;
+using namespace CynaraTestPlugins;
+
+void loadAgentPlugin()
+{
+ DirectoryPaths paths;
+ paths.push_back(TEST_PLUGIN_PATH + TEST_AGENT);
+ loadServicePlugins(paths);
+}
+
+void setAgentPolicy(int expectedResult = CYNARA_API_SUCCESS)
+{
+ const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *extra = nullptr;
+// collection of policy descriptions defined by plugin that causes use of TestAgent
+ auto testAgentPolicies = POLICY_DESCRIPTIONS.at(TEST_AGENT);
+// any policy type from above collection
+ auto policyType = testAgentPolicies[0].type;
+
+ CynaraPoliciesContainer cp;
+ cp.add(bucket, wildcard, wildcard, wildcard, policyType, extra);
+
+ Admin admin;
+ admin.setPolicies(cp, expectedResult);
+}
+
+void getAgentRequest(Agent &agent, AgentRequest &request, Client &client,
+ int expectedResult = CYNARA_API_SUCCESS,
+ Timeout::ExpectMode expectTimeoutMode = Timeout::ExpectMode::TIMEOUT)
+{
+ auto timeLimit = std::chrono::seconds(2);
+ auto hangOnGetRequest = [&agent, &request, &expectedResult]() {
+ agent.getRequest(request, expectedResult);
+ };
+ Timeout::CancelFunction sendClientRequest = [&client]() {
+ client.process();
+ client.assertStatus(READ);
+ };
+
+ Timeout::callAndWait(timeLimit, expectTimeoutMode,
+ sendClientRequest, hangOnGetRequest);
+}
+
+void tcag01_set_agent_type_policy_without_plugin_func()
+{
+ loadServicePlugins(DirectoryPaths());
+ setAgentPolicy(CYNARA_API_INVALID_PARAM);
+}
+
+void tcag02_set_agent_type_policy_with_plugin_loaded_func()
+{
+ loadAgentPlugin();
+ setAgentPolicy();
+}
+
+void tcag03_check_with_no_agent_func()
+{
+ std::string testNo("03");
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_DENIED,
+ CYNARA_CALL_CAUSE_ANSWER};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Client client;
+ client.createRequest({testNo}, id, callbackData);
+ client.assertStatus(READWRITE);
+
+ //send requests
+ client.process();
+ client.process(CYNARA_API_SUCCESS, Client::IGNORE_TIMEOUT);
+}
+
+void tcag04_agent_initialize_func()
+{
+ Agent();
+}
+
+void tcag05_agent_request_timeout_func()
+{
+ Agent agent;
+ AgentRequest request;
+
+ auto testTimeLimit = std::chrono::seconds(2);
+ auto hangOnGetRequest = [&agent, &request]() {
+ agent.getRequest(request, CYNARA_API_SERVICE_NOT_AVAILABLE);
+ };
+
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::TIMEOUT,
+ restartCynaraServiceAndSockets, hangOnGetRequest);
+}
+
+void tcag06_check_with_unregistered_agent_func()
+{
+ std::string testNo("06");
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_DENIED,
+ CYNARA_CALL_CAUSE_ANSWER};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+
+ Client client;
+ client.createRequest({testNo}, id, callbackData);
+ client.assertStatus(READWRITE);
+
+ //send requests
+ client.process();
+ client.process(CYNARA_API_SUCCESS, Client::IGNORE_TIMEOUT);
+}
+
+void tcag07_get_request_func()
+{
+ std::string testNo("07");
+ CheckData data(testNo);
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_ALLOWED,
+ CYNARA_CALL_CAUSE_ANSWER};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+ AgentRequest agentRequest;
+ Client client;
+ client.createRequest(data, id, callbackData);
+ client.assertStatus(READWRITE);
+
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+
+ agentRequest.assertAction(data.m_client, data.m_user, data.m_privilege);
+ agent.putResponse(AgentResponse::createAllow(agentRequest.id()));
+ client.process();
+}
+
+void tcag08_get_request_and_respond_with_wrong_id_func()
+{
+ std::string testNo("08");
+ CheckData data(testNo);
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_SUCCESS,
+ CYNARA_CALL_CAUSE_FINISH};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+ AgentRequest agentRequest;
+ Client client;
+ client.createRequest(data, id, callbackData);
+ client.assertStatus(READWRITE);
+
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ agentRequest.assertAction(data.m_client, data.m_user, data.m_privilege);
+ agent.putResponse(AgentResponse::createAllow(agentRequest.id() + 1));
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::EXPECT_TIMEOUT, 2);
+}
+
+void tcag09_get_request_and_correct_responded_id_func()
+{
+ std::string testNo("09");
+ CheckData data(testNo);
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_ALLOWED,
+ CYNARA_CALL_CAUSE_ANSWER};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+ AgentRequest agentRequest;
+ Client client;
+ client.createRequest(data, id, callbackData);
+ client.assertStatus(READWRITE);
+
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ agentRequest.assertAction(data.m_client, data.m_user, data.m_privilege);
+ agent.putResponse(AgentResponse::createAllow(agentRequest.id() + 1));
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::EXPECT_TIMEOUT, 2);
+ agent.putResponse(AgentResponse::createAllow(agentRequest.id()));
+ client.process();
+}
+
+void tcag10_cancel_request_func()
+{
+ std::string testNo("10");
+ CheckData data(testNo);
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_ALLOWED,
+ CYNARA_CALL_CAUSE_CANCEL};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+ AgentRequest agentRequest;
+
+ Client client;
+ client.createRequest(data, id, callbackData);
+ client.assertStatus(READWRITE);
+
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ agentRequest.assertAction(data.m_client, data.m_user, data.m_privilege);
+ client.cancel(id);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ agentRequest.assertCancel();
+ agent.putResponse(AgentResponse::createCancel(id));
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::EXPECT_NO_TIMEOUT, 2);
+}
+
+void tcag11_cancel_processed_request_func()
+{
+ std::string testNo("11");
+ CheckData data(testNo);
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_ALLOWED,
+ CYNARA_CALL_CAUSE_CANCEL};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+ AgentRequest agentRequest;
+
+ Client client;
+ client.createRequest(data, id, callbackData);
+ client.assertStatus(READWRITE);
+
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ agentRequest.assertAction(data.m_client, data.m_user, data.m_privilege);
+ agent.putResponse(AgentResponse::createCancel(id));
+ client.cancel(id);
+ // we do not expect getting the cancel request in the agent
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::TIMEOUT,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SERVICE_NOT_AVAILABLE, Timeout::ExpectMode::TIMEOUT);
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::EXPECT_NO_TIMEOUT, 2);
+}
+
+void tcag12_create_two_requests_func()
+{
+ std::string testNo("12");
+ CheckData data1(testNo, 1), data2(testNo, 2);
+ cynara_check_id id1, id2;
+ RequestEntity callbackData1 = {RequestFunction(),
+ CYNARA_API_ACCESS_DENIED,
+ CYNARA_CALL_CAUSE_ANSWER};
+ RequestEntity callbackData2 = {RequestFunction(),
+ CYNARA_API_ACCESS_ALLOWED,
+ CYNARA_CALL_CAUSE_CANCEL};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+ AgentRequest agentRequest1, agentRequest2, agentRequest3;
+ Client client;
+ client.createRequest(data1, id1, callbackData1);
+ client.assertStatus(READWRITE);
+ client.createRequest(data2, id2, callbackData2);
+ client.assertStatus(READWRITE);
+
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest1), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest2), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::IGNORE);
+ client.cancel(id2);
+ client.assertStatus(READWRITE);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest3), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ agentRequest1.assertAction(data1.m_client, data1.m_user, data1.m_privilege);
+ agentRequest2.assertAction(data2.m_client, data2.m_user, data2.m_privilege);
+ agentRequest3.assertCancel();
+
+ agent.putResponse(AgentResponse::createDeny(id1));
+ agent.putResponse(AgentResponse::createCancel(id2));
+
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::EXPECT_NO_TIMEOUT, 3);
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::IGNORE_TIMEOUT, 1);
+}
+
+void tcag13_create_many_requests_func()
+{
+ const int numberOfRequests = 4;
+ std::string testNo("13");
+ cynara_check_id ids[numberOfRequests];
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_DENIED,
+ CYNARA_CALL_CAUSE_ANSWER};
+ loadAgentPlugin();
+ setAgentPolicy();
+
+ Agent agent;
+ AgentRequest agentRequests[numberOfRequests];
+ Client client;
+ for (int i = 0; i < numberOfRequests; i++) {
+ CheckData data(testNo, i);
+ client.createRequest(data, ids[i], callbackData);
+ client.assertStatus(READWRITE);
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequests[i]), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ agentRequests[i].assertAction(data.m_client, data.m_user, data.m_privilege);
+ };
+ for (int i = numberOfRequests - 1; i >= 0; i--) {
+ agent.putResponse(AgentResponse::createDeny(ids[i]));
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::EXPECT_NO_TIMEOUT, 2);
+ }
+}
+
+void tcag14_client_disconnects_func()
+{
+ std::string testNo("14");
+ CheckData data(testNo);
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_ALLOWED,
+ CYNARA_CALL_CAUSE_FINISH};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+ Agent agent;
+ AgentRequest agentRequest;
+ auto testTimeLimit = std::chrono::seconds(5);
+ {
+ Client client;
+ client.createRequest(data, id, callbackData);
+ client.assertStatus(READWRITE);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ };
+ auto getAgentRequestWrap = [&agent, &agentRequest]() {
+ agent.getRequest(agentRequest, CYNARA_API_SUCCESS);
+ };
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequestWrap);
+ agentRequest.assertCancel();
+}
+
+void tcag15_agent_disconnects_func()
+{
+ std::string testNo("15");
+ CheckData data(testNo);
+ cynara_check_id id;
+ RequestEntity callbackData = {RequestFunction(),
+ CYNARA_API_ACCESS_DENIED,
+ CYNARA_CALL_CAUSE_ANSWER};
+
+ loadAgentPlugin();
+ setAgentPolicy();
+ Client client;
+ client.createRequest(data, id, callbackData);
+ client.assertStatus(READWRITE);
+ AgentRequest agentRequest;
+ {
+ Agent agent;
+ auto testTimeLimit = std::chrono::seconds(5);
+ Timeout::callAndWait(testTimeLimit, Timeout::ExpectMode::FINISHED,
+ restartCynaraServiceAndSockets, getAgentRequest,
+ std::ref(agent), std::ref(agentRequest), std::ref(client),
+ CYNARA_API_SUCCESS, Timeout::ExpectMode::TIMEOUT);
+ };
+ client.process(CYNARA_API_SUCCESS, Client::TimeoutExpectation::EXPECT_NO_TIMEOUT, 2);
+}
+
+RUNNER_TEST_GROUP_INIT(cynara_agent_tests)
+
+RUN_CYNARA_TEST(tcag01_set_agent_type_policy_without_plugin)
+RUN_CYNARA_TEST(tcag02_set_agent_type_policy_with_plugin_loaded)
+RUN_CYNARA_TEST(tcag03_check_with_no_agent)
+RUN_CYNARA_TEST(tcag04_agent_initialize)
+RUN_CYNARA_TEST(tcag05_agent_request_timeout)
+RUN_CYNARA_TEST(tcag06_check_with_unregistered_agent)
+RUN_CYNARA_TEST(tcag07_get_request)
+RUN_CYNARA_TEST(tcag08_get_request_and_respond_with_wrong_id)
+RUN_CYNARA_TEST(tcag09_get_request_and_correct_responded_id)
+RUN_CYNARA_TEST(tcag10_cancel_request)
+RUN_CYNARA_TEST(tcag11_cancel_processed_request)
+RUN_CYNARA_TEST(tcag12_create_two_requests)
+RUN_CYNARA_TEST(tcag13_create_many_requests)
+RUN_CYNARA_TEST(tcag14_client_disconnects)
+RUN_CYNARA_TEST(tcag15_agent_disconnects)
{
std::string testNo("08");
int subtest = 1;
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
cynara_check_id id;
RequestEntity callbackData = {RequestFunction(),
CYNARA_API_ACCESS_DENIED,
client.createRequest({testNo, subtest}, id, callbackData);
client.assertStatus(READWRITE);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
client.process();
client.assertStatus(READ);
{
std::string testNo("08");
int subtest = 2;
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
cynara_check_id id;
RequestEntity callbackData = {RequestFunction(),
CYNARA_API_ACCESS_DENIED,
client.createRequest({testNo, subtest}, id, callbackData);
client.assertStatus(READWRITE);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
client.process();
client.assertStatus(READ);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
client.process();
client.process(CYNARA_API_SUCCESS, Client::IGNORE_TIMEOUT);
std::string testNo("08");
int subtest = 2;
cynara_check_id id;
- RequestEntity callbackData = {[&](){
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
- serviceManager.restartService();
- },
+ RequestEntity callbackData = {restartCynaraServiceAndSockets,
CYNARA_API_ACCESS_DENIED,
CYNARA_CALL_CAUSE_ANSWER};
Client client;
{
std::string testNo("09");
int subtest = 1;
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
cynara_check_id id;
RequestEntity callbackData = {RequestFunction(),
CYNARA_API_ACCESS_DENIED,
client.process();
client.assertStatus(READ);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
client.cancel(id);
client.assertStatus(READWRITE);
{
std::string testNo("09");
int subtest = 2;
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
cynara_check_id id;
RequestEntity callbackData = {RequestFunction(),
CYNARA_API_ACCESS_DENIED,
client.cancel(id);
client.assertStatus(READWRITE);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
//handle reconnect
client.process();
CYNARA_CALL_CAUSE_ANSWER};
RequestEntity callbackData = {[&](){
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
client.createRequest({testNo}, id2, callbackData2);
},
CYNARA_API_ACCESS_DENIED,
/*
- * Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
const std::string nonEmptyDb("nonEmptyDatabase");
const std::string cynaraTestPatternsPath("/etc/security-tests/db_patterns/");
const std::string directoryWildcard("/*");
+const char directorySeparator('/');
void createDbFile(const std::string &filename)
{
return dbFilesCount;
}
+const std::set<std::string> dump_glob_filenames(const glob_t &globbuf) {
+ std::set<std::string> set;
+
+ for (unsigned i = 0; i < globbuf.gl_pathc; ++i) {
+ std::string filename(globbuf.gl_pathv[i]);
+ set.insert(filename.substr(filename.find_last_of(directorySeparator)+1));
+ }
+
+ return set;
+}
+
+const std::set<std::string> glob_filenames(const std::string &source, const std::string &wildcard) {
+ //for finding files matching pattern in directory
+ glob_t globbuf;
+ std::string pattern = source + wildcard;
+
+ //for freeing allocated memory
+ GlobPtr globbufPtr(&globbuf);
+
+ //actually find files matching pattern in directory - including dotfiles
+ RUNNER_ASSERT_MSG(0 == glob(pattern.c_str(), GLOB_NOSORT | GLOB_PERIOD, NULL, &globbuf),
+ "Failed to search for requested pathnames in " << source << ".");
+
+ return dump_glob_filenames(globbuf);
+}
+
+const std::set<std::string> db_files_pathnames(const std::string &source) {
+ return glob_filenames(source, directoryWildcard);
+}
+
+std::ostream& operator<<(std::ostream& os, const std::set<std::string> &set)
+{
+ os << "{";
+ for (const auto &item : set) {
+ os << " " << item;
+ }
+ os << " }";
+ return os;
+}
+
void compareDbs(const std::string &source)
{
//for accessing files in directory
std::string patternDir = cynaraTestPatternsPath + source;
+ std::string resultDir = CynaraTestConsts::DB_DIR;
DIR *patternDirPtr = nullptr;
struct dirent *direntPtr;
size_t patternFileCount = db_files_count(patternDir);
- size_t resultFileCount = db_files_count(CynaraTestConsts::DB_DIR);
+ size_t resultFileCount = db_files_count(resultDir);
//directories do not match if there is different number of files
RUNNER_ASSERT_MSG(patternFileCount == resultFileCount,
- "No match in database and pattern directory file count");
+ "No match in database and pattern directory file count: "
+ << resultFileCount << " != " << patternFileCount << "." << std::endl
+ << "Expected: " << db_files_pathnames(patternDir) << std::endl
+ << "Actual: " << db_files_pathnames(resultDir));
//compare files in database directory with pattern directory
RUNNER_ASSERT_ERRNO_MSG(patternDirPtr = opendir(patternDir.c_str()),
if (!strcmp(direntPtr->d_name, ".")
|| !strcmp(direntPtr->d_name, ".."))
continue;
- std::string patternName = patternDir + "/" + direntPtr->d_name;
- std::string resultName = CynaraTestConsts::DB_DIR + "/" + direntPtr->d_name;
+ std::string patternName = patternDir + directorySeparator + direntPtr->d_name;
+ std::string resultName = CynaraTestConsts::DB_DIR + directorySeparator + direntPtr->d_name;
//comparing file saved db dir with reference file from patterns dir
RUNNER_ASSERT_MSG(true == unordered_files_match(patternName, resultName),
- "No match in stored file and pattern file");
+ "No match in stored file and pattern file: " << resultName);
}
}
{
Admin admin;
Client cynara;
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *extra = nullptr;
- const auto fakeBackupGuard = CynaraTestConsts::DB_DIR + "/guard";
+ const auto fakeBackupGuard = CynaraTestConsts::DB_DIR + directorySeparator + "guard";
createDbFile(fakeBackupGuard);
admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra, CYNARA_API_OPERATION_FAILED);
deleteDbFile(fakeBackupGuard);
admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
compareDbs(defDbAllow);
}
{
Admin admin;
Client cynara;
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *extra = nullptr;
- const auto fakeBucketDumpFile = CynaraTestConsts::DB_DIR + "/_~";
+ const auto fakeBucketDumpFile = CynaraTestConsts::DB_DIR + directorySeparator + "_~";
admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
compareDbs(defDbAllow);
createDbFile(fakeBucketDumpFile);
admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra, CYNARA_API_OPERATION_FAILED);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
compareDbs(defDbAllow);
}
{
Admin admin;
Client cynara;
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *extra = nullptr;
- const auto defaultBucketDumpFile = CynaraTestConsts::DB_DIR + "/_~";
+ const auto defaultBucketDumpFile = CynaraTestConsts::DB_DIR + directorySeparator + "_~";
createDbFile(defaultBucketDumpFile);
admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra, CYNARA_API_OPERATION_FAILED);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
compareDbs(defDb);
admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
compareDbs(defDbAllow);
}
*/
void tcdb05_non_indexed_files_removal_func()
{
- ServiceManager serviceManager(CynaraTestConsts::SERVICE);
-
std::vector<std::string> filenames = { "_broken-backup~", "_non-indexed-bucket",
"some-file-that-doesnt-belong-here" };
for (const auto &filename : filenames) {
- auto garbageFilename = CynaraTestConsts::DB_DIR + "/" + filename;
+ auto garbageFilename = CynaraTestConsts::DB_DIR + directorySeparator + filename;
createDbFile(garbageFilename);
}
- serviceManager.restartService();
+ restartCynaraServiceAndSockets();
compareDbs(defDb);
}
--- /dev/null
+# Copyright (c) 2011-2015 Samsung Electronics Co., Ltd All Rights Reserved
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+#
+# @file config.cmake
+# @author Lukasz Marek (l.marek@samsung.com)
+# @version 1.0
+# @brief
+#
+
+SET(DPL_FRAMEWORK_TEST_SOURCES
+ ${PROJECT_SOURCE_DIR}/src/framework/src/assert.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/atomic.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/binary_queue.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/colors.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/exception.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/gdbbacktrace.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/noncopyable.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/singleton.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/abstract_log_provider.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/dlog_log_provider.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/log.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/old_style_log_provider.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_failed.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_results_collector.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_results_collector_commons.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_results_collector_console.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_results_collector_html.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_results_collector_summary.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_results_collector_xml.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_runner_child.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_runner.cpp
+ ${PROJECT_SOURCE_DIR}/src/framework/src/test_runner_multiprocess.cpp
+)
+
+SET(DPL_FRAMEWORK_TEST_INCLUDE_DIR
+ ${PROJECT_SOURCE_DIR}/src/framework/include
+)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file performance_result.h
+ * @author Marcin Niesluchowski (m.niesluchow@samsung.com)
+ * @version 1.0
+ * @brief Header file with declaration of PerformanceResult class
+ */
+
+#ifndef DPL_TEST_PERFORMANCE_RESULT_H
+#define DPL_TEST_PERFORMANCE_RESULT_H
+
+#include <dpl/binary_queue.h>
+
+#include <chrono>
+#include <memory>
+
+namespace DPL {
+namespace Test {
+
+class PerformanceResult;
+
+typedef std::shared_ptr<PerformanceResult> PerformanceResultPtr;
+typedef std::shared_ptr<const PerformanceResult> ConstPerformanceResultPtr;
+
+class PerformanceResult
+{
+public:
+ PerformanceResult(const std::chrono::system_clock::duration& maxDuration)
+ : m_startTime(std::chrono::system_clock::now())
+ , m_duration(std::chrono::microseconds::zero())
+ , m_maxDuration(maxDuration < std::chrono::microseconds::zero()
+ ? std::chrono::microseconds::zero()
+ : maxDuration) {}
+
+ PerformanceResult(BinaryQueue &queue)
+ : m_startTime(std::chrono::system_clock::now())
+ , m_duration(std::chrono::microseconds::zero())
+ , m_maxDuration(std::chrono::microseconds::zero()) {
+ queue.FlattenConsume(const_cast<std::chrono::system_clock::time_point*>(&m_startTime),
+ sizeof(std::chrono::system_clock::time_point));
+ queue.FlattenConsume(const_cast<std::chrono::system_clock::duration*>(&m_duration),
+ sizeof(std::chrono::system_clock::duration));
+ queue.FlattenConsume(const_cast<std::chrono::system_clock::duration*>(&m_maxDuration),
+ sizeof(std::chrono::system_clock::duration));
+ }
+
+ bool IsMaxDuration() const {
+ return m_maxDuration > std::chrono::microseconds::zero();
+ }
+
+ bool IsDurationOk() const {
+ return m_duration <= m_maxDuration;
+ }
+
+ const std::chrono::system_clock::duration &GetDuration() const {
+ return m_duration;
+ }
+
+ const std::chrono::system_clock::duration &GetMaxDuration() const {
+ return m_maxDuration;
+ }
+
+ void Finish() {
+ if (m_duration == std::chrono::microseconds::zero())
+ m_duration = std::chrono::system_clock::now() - m_startTime;
+ }
+
+ const std::string ToBinaryString() const {
+ std::string strStartTime(reinterpret_cast<const char*>(&m_startTime), sizeof(m_startTime));
+ std::string strDuration(reinterpret_cast<const char*>(&m_duration), sizeof(m_duration));
+ std::string strMaxDuration(reinterpret_cast<const char*>(&m_maxDuration),
+ sizeof(m_maxDuration));
+ return strStartTime + strDuration + strMaxDuration;
+ }
+
+private:
+ const std::chrono::system_clock::time_point m_startTime;
+ std::chrono::system_clock::duration m_duration;
+ const std::chrono::system_clock::duration m_maxDuration;
+};
+
+} // namespace Test
+} // namespace DPL
+
+#endif // DPL_TEST_PERFORMANCE_RESULT_H
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <cstddef>
#include <dpl/assert.h>
-#include <dpl/test/test_results_collector.h>
+#include <dpl/test/test_result.h>
namespace DPL {
namespace Test {
m_count(0)
{}
- void AddTest(TestResultsCollectorBase::FailStatus status)
+ void AddTest(TestResult::FailStatus status)
{
++m_count;
switch (status) {
- case TestResultsCollectorBase::FailStatus::FAILED: ++m_failed;
+ case TestResult::FailStatus::FAILED: ++m_failed;
break;
- case TestResultsCollectorBase::FailStatus::IGNORED: ++m_ignored;
+ case TestResult::FailStatus::IGNORED: ++m_ignored;
break;
- case TestResultsCollectorBase::FailStatus::NONE: ++m_passed;
+ case TestResult::FailStatus::NONE: ++m_passed;
break;
default:
Assert(false && "Bad FailStatus");
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file test_exception.h
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @version 1.0
+ * @brief This file is the header file of test_exception base class
+ */
+
+#ifndef DPL_TEST_EXCEPTION_H
+#define DPL_TEST_EXCEPTION_H
+
+#include <string>
+
+namespace DPL {
+namespace Test {
+
+class TestException
+{
+ public:
+ std::string GetMessage() const
+ {
+ return m_message;
+ }
+
+ protected:
+ std::string m_message;
+
+ TestException() {}
+ TestException(const std::string &message) :
+ m_message(message) {}
+
+};
+
+} // namespace Test
+} // namespace DPL
+
+#endif // DPL_TEST_EXCEPTION_H
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file test_failed.h
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @version 1.0
+ * @brief This file is the header file of TestFailed class
+ */
+
+#ifndef DPL_TEST_FAILED_H
+#define DPL_TEST_FAILED_H
+
+#include <string>
+
+#include <dpl/test/test_exception.h>
+
+namespace DPL {
+namespace Test {
+
+class TestFailed : public TestException
+{
+ public:
+ TestFailed() = default;
+
+ //! \brief Failed test message creator
+ //!
+ //! \param[in] aTest string for tested expression
+ //! \param[in] aFile source file name
+ //! \param[in] aLine source file line
+ //! \param[in] aMessage error message
+ TestFailed(const char* aTest,
+ const char* aFile,
+ int aLine,
+ const std::string &aMessage);
+
+ TestFailed(const std::string &message) :
+ TestException(message)
+ {}
+};
+
+} // namespace Test
+} // namespace DPL
+
+#endif // DPL_TEST_FAILED_H
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file test_ignored.h
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @version 1.0
+ * @brief This file is the header file of TestIgnored class
+ */
+
+#ifndef DPL_TEST_IGNORED_H
+#define DPL_TEST_IGNORED_H
+
+#include <string>
+
+#include <dpl/test/test_exception.h>
+
+namespace DPL {
+namespace Test {
+
+class TestIgnored : public TestException
+{
+ public:
+ TestIgnored() = default;
+
+ TestIgnored(const std::string &message) :
+ TestException(message)
+ {}
+};
+
+} // namespace Test
+} // namespace DPL
+
+#endif // DPL_TEST_IGNORED_H
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * @file test_result.h
+ * @author Marcin Niesluchowski (m.niesluchow@samsung.com)
+ * @author Lukasz Wrzosek (l.wrzosek@samsung.com)
+ * @version 1.0
+ * @brief Header file with declaration of TestResult class
+ */
+
+#ifndef DPL_TEST_RESULT_H
+#define DPL_TEST_RESULT_H
+
+#include <dpl/test/performance_result.h>
+
+#include <string>
+
+namespace DPL {
+namespace Test {
+
+class TestResult
+{
+public:
+ enum class FailStatus
+ {
+ NONE,
+ FAILED,
+ IGNORED
+ };
+
+ TestResult(FailStatus status,
+ const std::string& reason = std::string(),
+ ConstPerformanceResultPtr performanceResult = nullptr)
+ : m_failStatus(status)
+ , m_reason(reason)
+ , m_performanceResult(performanceResult) {}
+
+ FailStatus GetFailStatus() const {
+ return m_failStatus;
+ }
+
+ const std::string& GetReason() const {
+ return m_reason;
+ }
+
+ ConstPerformanceResultPtr GetPerformanceResult() const {
+ return m_performanceResult;
+ }
+
+private:
+ const FailStatus m_failStatus;
+ const std::string m_reason;
+ ConstPerformanceResultPtr m_performanceResult;
+};
+
+} // namespace Test
+} // namespace DPL
+
+#endif // DPL_TEST_RESULT_H
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
*/
/*
* @file test_results_collector.h
+ * @author Marcin Niesluchowski (m.niesluchow@samsung.com)
* @author Lukasz Wrzosek (l.wrzosek@samsung.com)
* @version 1.0
* @brief Header file with declaration of TestResultsCollectorBase
#define DPL_TEST_RESULTS_COLLECTOR_H
#include <dpl/noncopyable.h>
+#include <dpl/test/test_result.h>
+
#include <vector>
#include <list>
#include <map>
-#include <chrono>
#include <string>
#include <memory>
public:
typedef TestResultsCollectorBase* (*CollectorConstructorFunc)();
typedef std::list<std::string> TestCaseIdList;
- enum class FailStatus
- {
- NONE,
- FAILED,
- IGNORED
- };
virtual ~TestResultsCollectorBase() {}
virtual void CollectCurrentTestGroupName(const std::string& /*groupName*/)
{}
- virtual void CollectTestsCasesList(const TestCaseIdList& /*list*/) {}
- virtual void CollectResult(const std::string& id,
- const FailStatus status = FailStatus::NONE,
- const std::string& reason = "",
- const bool& isPerformanceTest = false,
- const std::chrono::system_clock::duration& performanceTime = std::chrono::microseconds::zero(),
- const std::chrono::system_clock::duration& performanceMaxTime = std::chrono::microseconds::zero()) = 0;
+ virtual void CollectResult(const std::string& id, const TestResult &result) = 0;
virtual std::string CollectorSpecificHelp() const
{
return "";
"[%s%s%s] %s[elapsed: %0.3fms, expected < %0.3fms]%s\n", BOLD_GREEN_BEGIN, \
" OK ", BOLD_GREEN_END, BOLD_RED_BEGIN, elapsed, max, BOLD_RED_END
+extern const std::string COLLECTOR_NO_VERBOSE_HELP;
+
// Get duration as a fraction of millisecond (max precision is 1 microsecond)
double get_milliseconds (const std::chrono::system_clock::duration& performanceTime);
+std::string CollectorFileHelp(const std::string &defaultFilename);
bool ParseCollectorFileArg(const std::string &arg, std::string &filename);
+bool ParseCollectorNoVerboseArg(const std::string &arg, bool &verbosity);
} // namespace Test
} // namespace DPL
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
private:
ConsoleCollector();
+ virtual bool ParseCollectorSpecificArg(const std::string& arg);
+ virtual std::string CollectorSpecificHelp() const;
virtual void CollectCurrentTestGroupName(const std::string& name);
- virtual void CollectResult(const std::string& id,
- const FailStatus status = FailStatus::NONE,
- const std::string& reason = "",
- const bool& isPerformanceTest = true,
- const std::chrono::system_clock::duration& performanceTime
- = std::chrono::microseconds::zero(),
- const std::chrono::system_clock::duration& performanceMaxTime
- = std::chrono::microseconds::zero());
+ virtual void CollectResult(const std::string& id, const TestResult &result);
virtual void Finish();
- void PrintfErrorMessage(const char* type,
- const std::string& message,
- bool verbosity);
- void PrintfIgnoredMessage(const char* type,
- const std::string& message,
- bool verbosity);
+ void PrintfErrorMessage(const char* type, const std::string& message);
+ void PrintfIgnoredMessage(const char* type, const std::string& message);
void PrintStats(const std::string& title, const Statistic& stats);
Statistic m_stats;
std::map<std::string, Statistic> m_groupsStats;
std::string m_currentGroup;
+ bool m_verbosity;
};
} // namespace Test
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
virtual bool Configure();
virtual void Start();
virtual void CollectCurrentTestGroupName(const std::string& name);
- virtual void CollectResult(const std::string& id,
- const FailStatus status = FailStatus::NONE,
- const std::string& reason = "",
- const bool& isPerformanceTest = false,
- const std::chrono::system_clock::duration& performanceTime
- = std::chrono::microseconds::zero(),
- const std::chrono::system_clock::duration& performanceMaxTime
- = std::chrono::microseconds::zero());
+ virtual void CollectResult(const std::string& id, const TestResult &result);
virtual void Finish();
- void PrintfErrorMessage(const char* type,
- const std::string& message,
- bool verbosity);
- void PrintfIgnoredMessage(const char* type,
- const std::string& message,
- bool verbosity);
+ void PrintfErrorMessage(const char* type, const std::string& message);
+ void PrintfIgnoredMessage(const char* type, const std::string& message);
void PrintStats(const std::string& name, const Statistic& stats);
std::string m_filename;
Statistic m_stats;
std::string m_currentGroup;
std::map<std::string, Statistic> m_groupsStats;
+ bool m_verbosity;
};
} // namespace Test
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
virtual std::string CollectorSpecificHelp() const;
virtual bool ParseCollectorSpecificArg(const std::string& arg);
virtual void Start();
- virtual void CollectResult(const std::string& id,
- const FailStatus status = FailStatus::NONE,
- const std::string& reason = "",
- const bool& isPerformanceTest = false,
- const std::chrono::system_clock::duration& performanceTime
- = std::chrono::microseconds::zero(),
- const std::chrono::system_clock::duration& performanceMaxTime
- = std::chrono::microseconds::zero());
+ virtual void CollectResult(const std::string& id, const TestResult &result);
virtual void Finish();
void writeStats(bool segfault);
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
virtual bool Configure();
virtual void Start();
virtual void CollectCurrentTestGroupName(const std::string& name);
- virtual void CollectResult(const std::string& id,
- const FailStatus status = FailStatus::NONE,
- const std::string& reason = "",
- const bool& isPerformanceTest = false,
- const std::chrono::system_clock::duration& performanceTime
- = std::chrono::microseconds::zero(),
- const std::chrono::system_clock::duration& performanceMaxTime
- = std::chrono::microseconds::zero());
+ virtual void CollectResult(const std::string& id, const TestResult &result);
virtual void Finish();
void GroupStart(const std::size_t pos, const std::string& name);
const std::string& value);
std::string UIntToString(const unsigned int value);
void GroupFinish(const std::size_t groupPosition);
- void PrintfErrorMessage(const char* type,
- const std::string& message,
- bool verbosity);
- void PrintfIgnoredMessage(const char* type,
- const std::string& message,
- bool verbosity);
+ void PrintfErrorMessage(const char* type, const std::string& message);
+ void PrintfIgnoredMessage(const char* type, const std::string& message);
void FlushOutput();
std::string EscapeSpecialCharacters(std::string s);
Statistic m_stats;
std::string m_outputBuffer;
std::string m_resultBuffer;
+ bool m_verbosity;
};
} // namespace Test
#define DPL_TEST_RUNNER_H
#include <chrono>
+#include <cstdlib>
#include <cstring>
#include <exception>
#include <iostream>
#include <dpl/colors.h>
#include <dpl/gdbbacktrace.h>
#include <dpl/singleton.h>
+#include <dpl/test/performance_result.h>
+#include <dpl/test/test_exception.h>
+#include <dpl/test/test_failed.h>
+#include <dpl/test/test_ignored.h>
+#include <dpl/test/test_result.h>
#include <dpl/test/test_results_collector.h>
namespace DPL {
m_currentTestCase(nullptr)
, m_terminate(false)
, m_allowChildLogs(false)
+ , m_deferDeepness(0U)
+ , m_firstDeferredExceptionType(DeferredExceptionType::DEFERRED_FAILED)
{}
- void beginPerformanceTestTime(std::chrono::system_clock::duration maxTimeInMicroseconds);
- void endPerformanceTestTime();
- void getCurrentTestCasePerformanceResult(bool& isPerformanceTest,
- std::chrono::system_clock::duration& result,
- std::chrono::system_clock::duration& resultMax);
- void setCurrentTestCasePerformanceResult(bool isPerformanceTest,
- std::chrono::system_clock::duration result,
- std::chrono::system_clock::duration resultMax);
+ void beginPerformance(std::chrono::system_clock::duration maxDurationInMicroseconds);
+ void endPerformance();
+ void setCurrentTestCasePerformanceResult(const PerformanceResultPtr &performance);
+ ConstPerformanceResultPtr getCurrentTestCasePerformanceResult();
void addFailReason(const std::string &reason);
{
std::string name;
TestCase proc;
-
- bool m_isPerformanceTest;
- std::chrono::system_clock::time_point m_performanceTestStartTime;
- std::chrono::system_clock::duration m_performanceTestDurationTime;
- std::chrono::system_clock::duration m_performanceMaxTime;
+ PerformanceResultPtr performance;
bool operator <(const TestCaseStruct &other) const
{
TestCaseStruct(const std::string &n, TestCase p) :
name(n),
- proc(p),
- m_isPerformanceTest(false)
+ proc(p)
{}
};
TestCaseStruct * m_currentTestCase;
- typedef std::set<std::string> SelectedTestNameSet;
- SelectedTestNameSet m_selectedTestNamesSet;
- typedef std::set<std::string> SelectedTestGroupSet;
- SelectedTestGroupSet m_selectedTestGroupSet;
std::string m_currentGroup;
- DPL::Atomic m_totalAssertions;
-
// Terminate without any logs.
// Some test requires to call fork function.
// Child process must not produce any logs and should die quietly.
bool filterByXML(std::map<std::string, bool> & casesMap);
void normalizeXMLTag(std::string& str, const std::string& testcase);
- enum Status { FAILED, IGNORED, PASS };
-
- Status RunTestCase(const TestCaseStruct& testCase);
+ void RunTestCase(const TestCaseStruct& testCase);
void setCurrentTestCase(TestCaseStruct* testCase);
TestCaseStruct *getCurrentTestCase();
std::string getConcatedFailReason(const std::string &reason);
- void CollectResult(const std::string& id,
- const TestResultsCollectorBase::FailStatus status
- = TestResultsCollectorBase::FailStatus::NONE,
- const std::string& reason = std::string(),
- const bool& isPerformanceTest = false,
- const std::chrono::system_clock::duration& performanceTime = std::chrono::microseconds::zero(),
- const std::chrono::system_clock::duration& performanceMaxTime = std::chrono::microseconds::zero());
+ void CollectResult(const std::string& id, const TestResult &result);
public:
- class TestFailed
- {
- private:
- std::string m_message;
-
- public:
- TestFailed()
- {}
-
- //! \brief Failed test message creator
- //!
- //! \param[in] aTest string for tested expression
- //! \param[in] aFile source file name
- //! \param[in] aLine source file line
- //! \param[in] aMessage error message
- TestFailed(const char* aTest,
- const char* aFile,
- int aLine,
- const std::string &aMessage);
-
- TestFailed(const std::string &message);
-
- std::string GetMessage() const
- {
- return m_message;
- }
- };
-
- class Ignored
- {
- private:
- std::string m_message;
-
- public:
- Ignored()
- {}
-
- Ignored(const std::string &message) :
- m_message(message)
- {}
-
- std::string GetMessage() const
- {
- return m_message;
- }
- };
-
- void MarkAssertion();
-
void RegisterTest(const char *testName, TestCase proc);
void InitGroup(const char* name);
int ExecTestRunner(int argc, char *argv[]);
typedef std::vector<std::string> ArgsList;
int ExecTestRunner(ArgsList args);
- bool getRunIgnored() const;
// The runner will terminate as soon as possible (after current test).
void Terminate();
bool GetAllowChildLogs();
+
+ void deferFailedException(const DPL::Test::TestFailed &ex);
+ void deferIgnoredException(const DPL::Test::TestIgnored &ex);
+ void deferBegin();
+ void deferEnd();
+
+private:
+ std::vector<std::string> m_deferredExceptionsMessages;
+ std::size_t m_deferDeepness;
+ enum DeferredExceptionType {
+ DEFERRED_FAILED,
+ DEFERRED_IGNORED,
+ } m_firstDeferredExceptionType;
+ DPL::Test::TestFailed m_firstDeferredFail;
+ DPL::Test::TestIgnored m_firstDeferredIgnore;
};
typedef DPL::Singleton<TestRunner> TestRunnerSingleton;
#define RUNNER_ASSERT_MSG(test, message) \
do \
{ \
- DPL::Test::TestRunnerSingleton::Instance().MarkAssertion(); \
- \
if (!(test)) \
{ \
std::ostringstream assertMsg; \
assertMsg << message << DPL::gdbbacktrace(); \
- DPL::Test::TestRunner::TestFailed e(#test, \
- __FILE__, \
- __LINE__, \
- assertMsg.str()); \
+ DPL::Test::TestFailed e(#test, \
+ __FILE__, \
+ __LINE__, \
+ assertMsg.str()); \
if (!std::uncaught_exception()) \
throw e; \
DPL::Test::TestRunnerSingleton::Instance().addFailReason(e.GetMessage()); \
#define RUNNER_ASSERT_ERRNO_MSG(test, message) \
do \
{ \
- DPL::Test::TestRunnerSingleton::Instance().MarkAssertion(); \
- \
if (!(test)) \
{ \
const char *err = strerror(errno); \
if (!assertMsg.str().empty()) \
assertMsg << ". "; \
assertMsg << err << DPL::gdbbacktrace(); \
- DPL::Test::TestRunner::TestFailed e(#test, \
- __FILE__, \
- __LINE__, \
- assertMsg.str()); \
+ DPL::Test::TestFailed e(#test, \
+ __FILE__, \
+ __LINE__, \
+ assertMsg.str()); \
if (!std::uncaught_exception()) \
throw e; \
DPL::Test::TestRunnerSingleton::Instance().addFailReason(e.GetMessage()); \
* body.
*/
-#define RUNNER_IGNORED_MSG(message) \
- do \
- { \
- std::ostringstream assertMsg; \
- assertMsg << message; \
- throw DPL::Test::TestRunner::Ignored(assertMsg.str()); \
+#define RUNNER_IGNORED_MSG(message) \
+ do \
+ { \
+ std::ostringstream assertMsg; \
+ assertMsg << message; \
+ throw DPL::Test::TestIgnored(assertMsg.str()); \
} while (0)
/**
#define RUNNER_PERF_TEST_BEGIN(maxTime) \
do { \
- DPL::Test::TestRunnerSingleton::Instance().beginPerformanceTestTime( \
+ DPL::Test::TestRunnerSingleton::Instance().beginPerformance( \
std::chrono::microseconds{static_cast<long long int>(maxTime*1000000.0)}); \
} while (0)
-#define RUNNER_PERF_TEST_END() \
- do { \
- DPL::Test::TestRunnerSingleton::Instance().endPerformanceTestTime(); \
+#define RUNNER_PERF_TEST_END() \
+ do { \
+ DPL::Test::TestRunnerSingleton::Instance().endPerformance(); \
} while (0)
/**
<< DPL::Colors::Text::RED_END << std::endl; \
} while (0)
+/**
+ * DEFER MACROS
+ *
+ * Use them to defer fails and ignores in test cases.
+ * Some code constructions disallow to throw. Such places can be surrounded
+ * with RUNNER_DEFER_SCOPE macro. RUNNER_DEFER_TRYCATCH macro can be used to catch possibly thrown
+ * exceptions within such scope. Possibly catched exceptions will be rethrown
+ * when leaving RUNNER_DEFER_SCOPE scope.
+ * Macros can be safely nested.
+ */
+
+
+#define RUNNER_DEFER_TRYCATCH(scope) \
+ do { \
+ try \
+ { \
+ scope \
+ } \
+ catch (const DPL::Test::TestFailed &ex) \
+ { \
+ DPL::Test::TestRunnerSingleton::Instance().deferFailedException(ex); \
+ } \
+ catch (const DPL::Test::TestIgnored &ex) \
+ { \
+ DPL::Test::TestRunnerSingleton::Instance().deferIgnoredException(ex); \
+ } \
+ } while (0) \
+
+#define RUNNER_DEFER_SCOPE(scope) \
+ do { \
+ DPL::Test::TestRunnerSingleton::Instance().deferBegin(); \
+ scope \
+ DPL::Test::TestRunnerSingleton::Instance().deferEnd(); \
+ } while (0) \
+
#endif // DPL_TEST_RUNNER_H
/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2013-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
virtual ~PipeWrapper();
Status send(int code, std::string &message);
- Status sendTime(int code,
- std::chrono::system_clock::duration time,
- std::chrono::system_clock::duration timeMax);
+ Status sendPerformance(const ConstPerformanceResultPtr &performance);
Status receive(int &code,
- int &msgType,
std::string &data,
- std::chrono::system_clock::duration &time,
- std::chrono::system_clock::duration &timeMax,
+ PerformanceResultPtr &performance,
time_t deadline);
void closeAll();
protected:
std::string toBinaryString(int data);
- std::string toBinaryString(std::chrono::system_clock::duration data);
void closeHelp(int desc);
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file test_failed.cpp
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @version 1.0
+ * @brief This file is the implementation file of TestFailed class
+ */
+
+#include <cstdlib>
+#include <cstring>
+#include <libgen.h>
+#include <memory>
+#include <sstream>
+
+#include <dpl/test/test_failed.h>
+
+namespace DPL {
+namespace Test {
+namespace // anonymous
+{
+std::string BaseName(const std::string &aPath)
+{
+ std::unique_ptr<char, decltype(free)*> path(strdup(aPath.c_str()), free);
+ if (!path)
+ throw std::bad_alloc();
+
+ return basename(path.get());
+}
+} // namespace anonymous
+
+//! \brief Failed test message creator
+//!
+//! \param[in] aTest string for tested expression
+//! \param[in] aFile source file name
+//! \param[in] aLine source file line
+//! \param[in] aMessage error message
+TestFailed::TestFailed(const char* aTest,
+ const char* aFile,
+ int aLine,
+ const std::string &aMessage)
+{
+ std::ostringstream assertMsg;
+ assertMsg << "[" << BaseName(aFile) << ":" << aLine
+ << "] Assertion failed ("
+ << aTest << ") " << aMessage;
+ m_message = assertMsg.str();
+}
+
+} // namespace Test
+} // namespace DPL
namespace DPL {
namespace Test {
+namespace {
+
+const std::string NO_VERBOSE_ARG = "--no-verbose";
+
+} // namespace
+
+const std::string COLLECTOR_NO_VERBOSE_HELP =
+ NO_VERBOSE_ARG + " - turns off verbosity\n" +
+ std::string(NO_VERBOSE_ARG.size(), ' ') + " verbosity turned on by default\n";
+
double get_milliseconds (const std::chrono::system_clock::duration& performanceTime)
{
return (static_cast<double>(std::chrono::duration_cast<std::chrono::microseconds>
(performanceTime).count()))/1000.0;
}
+std::string CollectorFileHelp(const std::string &defaultFilename)
+{
+ return "--file=<filename> - name of file for output\n"
+ " default - " + defaultFilename + "\n";
+}
+
bool ParseCollectorFileArg(const std::string &arg, std::string &filename)
{
const std::string argname = "--file=";
return false;
}
+bool ParseCollectorNoVerboseArg(const std::string &arg, bool &verbosity)
+{
+ if (arg != NO_VERBOSE_ARG)
+ return false;
+ verbosity=false;
+ return true;
+}
+
} // namespace Test
} // namespace DPL
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
namespace Test {
ConsoleCollector::ConsoleCollector()
+ : m_verbosity(true)
{
}
return new ConsoleCollector();
}
+bool ConsoleCollector::ParseCollectorSpecificArg(const std::string& arg)
+{
+ return ParseCollectorNoVerboseArg(arg, m_verbosity);
+}
+
+std::string ConsoleCollector::CollectorSpecificHelp() const
+{
+ return COLLECTOR_NO_VERBOSE_HELP;
+}
+
void ConsoleCollector::CollectCurrentTestGroupName(const std::string& name)
{
printf("Starting group %s\n", name.c_str());
PrintStats("All tests together", m_stats);
}
-void ConsoleCollector::CollectResult(const std::string& id,
- const FailStatus status,
- const std::string& reason,
- const bool& isPerformanceTest,
- const std::chrono::system_clock::duration& performanceTime,
- const std::chrono::system_clock::duration& performanceMaxTime)
+void ConsoleCollector::CollectResult(const std::string& id, const TestResult &result)
{
using namespace DPL::Colors::Text;
std::string tmp = "'" + id + "' ...";
printf("Running test case %-60s", tmp.c_str());
- switch (status) {
- case FailStatus::NONE:
- if (isPerformanceTest) {
- if (performanceMaxTime <= std::chrono::microseconds::zero()) {
- printf(GREEN_RESULT_OK_TIME,
- get_milliseconds(performanceTime));
- break;
- }
- else {
- if (performanceTime > performanceMaxTime)
- printf(GREEN_RESULT_OK_TIME_TOO_LONG(
- get_milliseconds(performanceTime),
- get_milliseconds(performanceMaxTime)));
- else
- printf(GREEN_RESULT_OK_TIME_MAX(
- get_milliseconds(performanceTime),
- get_milliseconds(performanceMaxTime)));
- break;
- }
+
+ ConstPerformanceResultPtr performanceResult;
+ switch (result.GetFailStatus()) {
+ case TestResult::FailStatus::NONE:
+ performanceResult = result.GetPerformanceResult();
+ if (!performanceResult) {
+ printf(GREEN_RESULT_OK);
+ break;
+ }
+ if (!performanceResult->IsMaxDuration()) {
+ printf(GREEN_RESULT_OK_TIME,
+ get_milliseconds(performanceResult->GetDuration()));
+ break;
+ }
+ if (!performanceResult->IsDurationOk()) {
+ printf(GREEN_RESULT_OK_TIME_TOO_LONG(
+ get_milliseconds(performanceResult->GetDuration()),
+ get_milliseconds(performanceResult->GetMaxDuration())));
+ break;
}
- printf(GREEN_RESULT_OK);
+ printf(GREEN_RESULT_OK_TIME_MAX(
+ get_milliseconds(performanceResult->GetDuration()),
+ get_milliseconds(performanceResult->GetMaxDuration())));
break;
- case FailStatus::FAILED:
- PrintfErrorMessage(" FAILED ", reason, true);
+ case TestResult::FailStatus::FAILED:
+ PrintfErrorMessage(" FAILED ", result.GetReason());
break;
- case FailStatus::IGNORED:
- PrintfIgnoredMessage("Ignored ", reason, true);
+ case TestResult::FailStatus::IGNORED:
+ PrintfIgnoredMessage("Ignored ", result.GetReason());
break;
default:
Assert(false && "Bad status");
}
- m_stats.AddTest(status);
- m_groupsStats[m_currentGroup].AddTest(status);
+ m_stats.AddTest(result.GetFailStatus());
+ m_groupsStats[m_currentGroup].AddTest(result.GetFailStatus());
}
-void ConsoleCollector::PrintfErrorMessage(const char* type,
- const std::string& message,
- bool verbosity)
+void ConsoleCollector::PrintfErrorMessage(const char* type, const std::string& message)
{
using namespace DPL::Colors::Text;
- if (verbosity) {
- printf("[%s%s%s] %s%s%s\n",
- BOLD_RED_BEGIN,
- type,
- BOLD_RED_END,
+ printf("[%s%s%s]",
+ BOLD_RED_BEGIN,
+ type,
+ BOLD_RED_END);
+ if (m_verbosity) {
+ printf(" %s%s%s",
BOLD_YELLOW_BEGIN,
message.c_str(),
BOLD_YELLOW_END);
- } else {
- printf("[%s%s%s]\n",
- BOLD_RED_BEGIN,
- type,
- BOLD_RED_END);
}
+ printf("\n");
}
-void ConsoleCollector::PrintfIgnoredMessage(const char* type,
- const std::string& message,
- bool verbosity)
+void ConsoleCollector::PrintfIgnoredMessage(const char* type, const std::string& message)
{
using namespace DPL::Colors::Text;
- if (verbosity) {
- printf("[%s%s%s] %s%s%s\n",
- CYAN_BEGIN,
- type,
- CYAN_END,
+ printf("[%s%s%s]",
+ CYAN_BEGIN,
+ type,
+ CYAN_END);
+ if (m_verbosity) {
+ printf(" %s%s%s",
BOLD_GOLD_BEGIN,
message.c_str(),
BOLD_GOLD_END);
- } else {
- printf("[%s%s%s]\n",
- CYAN_BEGIN,
- type,
- CYAN_END);
}
+ printf("\n");
}
void ConsoleCollector::PrintStats(const std::string& title, const Statistic& stats)
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
}
HtmlCollector::HtmlCollector()
- : m_filename(DEFAULT_HTML_FILE_NAME)
+ : m_filename(DEFAULT_HTML_FILE_NAME),
+ m_verbosity(true)
{
}
std::string HtmlCollector::CollectorSpecificHelp() const
{
- return "--file=<filename> - name of file for output\n"
- " default - index.html\n";
+ return CollectorFileHelp(DEFAULT_HTML_FILE_NAME) + COLLECTOR_NO_VERBOSE_HELP;
}
void HtmlCollector::Start()
bool HtmlCollector::ParseCollectorSpecificArg(const std::string& arg)
{
- return ParseCollectorFileArg(arg, m_filename);
+ return ParseCollectorFileArg(arg, m_filename) || ParseCollectorNoVerboseArg(arg, m_verbosity);
}
-void HtmlCollector::CollectResult(const std::string& id,
- const FailStatus status,
- const std::string& reason,
- const bool& isPerformanceTest,
- const std::chrono::system_clock::duration& performanceTime,
- const std::chrono::system_clock::duration& performanceMaxTime)
+void HtmlCollector::CollectResult(const std::string& id, const TestResult &result)
{
using namespace DPL::Colors::Html;
std::string tmp = "'" + id + "' ...";
fprintf(m_fp.Get(), "Running test case %-100s", tmp.c_str());
- switch (status) {
- case FailStatus::NONE:
- if (isPerformanceTest) {
- if (performanceMaxTime <= std::chrono::microseconds::zero()) {
- fprintf(m_fp.Get(), GREEN_RESULT_OK_TIME,
- get_milliseconds(performanceTime));
- break;
- } else {
- if (performanceTime > performanceMaxTime)
- fprintf(m_fp.Get(), GREEN_RESULT_OK_TIME_TOO_LONG(
- get_milliseconds(performanceTime),
- get_milliseconds(performanceMaxTime)));
- else
- fprintf(m_fp.Get(), GREEN_RESULT_OK_TIME_MAX(
- get_milliseconds(performanceTime),
- get_milliseconds(performanceMaxTime)));
- break;
- }
+
+ ConstPerformanceResultPtr performanceResult;
+ switch (result.GetFailStatus()) {
+ case TestResult::FailStatus::NONE:
+ performanceResult = result.GetPerformanceResult();
+ if (!performanceResult) {
+ fprintf(m_fp.Get(), GREEN_RESULT_OK);
+ break;
+ }
+ if (!performanceResult->IsMaxDuration()) {
+ fprintf(m_fp.Get(), GREEN_RESULT_OK_TIME,
+ get_milliseconds(performanceResult->GetDuration()));
+ break;
}
- fprintf(m_fp.Get(), GREEN_RESULT_OK);
+ if (!performanceResult->IsDurationOk()) {
+ fprintf(m_fp.Get(), GREEN_RESULT_OK_TIME_TOO_LONG(
+ get_milliseconds(performanceResult->GetDuration()),
+ get_milliseconds(performanceResult->GetMaxDuration())));
+ break;
+ }
+ fprintf(m_fp.Get(), GREEN_RESULT_OK_TIME_MAX(
+ get_milliseconds(performanceResult->GetDuration()),
+ get_milliseconds(performanceResult->GetMaxDuration())));
break;
- case FailStatus::FAILED:
- PrintfErrorMessage(" FAILED ", reason, true);
+ case TestResult::FailStatus::FAILED:
+ PrintfErrorMessage(" FAILED ", result.GetReason());
break;
- case FailStatus::IGNORED:
- PrintfIgnoredMessage("Ignored ", reason, true);
+ case TestResult::FailStatus::IGNORED:
+ PrintfIgnoredMessage("Ignored ", result.GetReason());
break;
default:
Assert(false && "Bad status");
}
- m_groupsStats[m_currentGroup].AddTest(status);
- m_stats.AddTest(status);
+ m_groupsStats[m_currentGroup].AddTest(result.GetFailStatus());
+ m_stats.AddTest(result.GetFailStatus());
}
-void HtmlCollector::PrintfErrorMessage(const char* type,
- const std::string& message,
- bool verbosity)
+void HtmlCollector::PrintfErrorMessage(const char* type, const std::string& message)
{
using namespace DPL::Colors::Html;
- if (verbosity) {
+ fprintf(m_fp.Get(),
+ "[%s%s%s]",
+ BOLD_RED_BEGIN,
+ type,
+ BOLD_RED_END);
+ if (m_verbosity) {
fprintf(m_fp.Get(),
- "[%s%s%s] %s%s%s\n",
- BOLD_RED_BEGIN,
- type,
- BOLD_RED_END,
+ " %s%s%s",
BOLD_YELLOW_BEGIN,
message.c_str(),
BOLD_YELLOW_END);
- } else {
- fprintf(m_fp.Get(),
- "[%s%s%s]\n",
- BOLD_RED_BEGIN,
- type,
- BOLD_RED_END);
}
+ fprintf(m_fp.Get(), "\n");
}
-void HtmlCollector::PrintfIgnoredMessage(const char* type,
- const std::string& message,
- bool verbosity)
+void HtmlCollector::PrintfIgnoredMessage(const char* type, const std::string& message)
{
using namespace DPL::Colors::Html;
- if (verbosity) {
+ fprintf(m_fp.Get(),
+ "[%s%s%s]",
+ CYAN_BEGIN,
+ type,
+ CYAN_END);
+ if (m_verbosity) {
fprintf(m_fp.Get(),
- "[%s%s%s] %s%s%s\n",
- CYAN_BEGIN,
- type,
- CYAN_END,
+ " %s%s%s",
BOLD_GOLD_BEGIN,
message.c_str(),
BOLD_GOLD_END);
- } else {
- fprintf(m_fp.Get(),
- "[%s%s%s]\n",
- CYAN_BEGIN,
- type,
- CYAN_END);
}
+ fprintf(m_fp.Get(), "\n");
}
void HtmlCollector::PrintStats(const std::string& name, const Statistic& stats)
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
std::string SummaryCollector::CollectorSpecificHelp() const
{
- return "--file=<filename> - name of file for output\n"
- " default - " + DEFAULT_SUMMARY_FILE_NAME + "\n";
+ return CollectorFileHelp(DEFAULT_SUMMARY_FILE_NAME);
}
bool SummaryCollector::ParseCollectorSpecificArg(const std::string& arg)
writeStats(true);
}
-void SummaryCollector::CollectResult(const std::string& id,
- const FailStatus status,
- const std::string& reason,
- const bool& isPerformanceTest,
- const std::chrono::system_clock::duration& performanceTime,
- const std::chrono::system_clock::duration& performanceMaxTime)
+void SummaryCollector::CollectResult(const std::string& id, const TestResult &result)
{
DPL_UNUSED_PARAM(id);
- DPL_UNUSED_PARAM(reason);
- DPL_UNUSED_PARAM(isPerformanceTest);
- DPL_UNUSED_PARAM(performanceTime);
- DPL_UNUSED_PARAM(performanceMaxTime);
- m_stats.AddTest(status);
+ m_stats.AddTest(result.GetFailStatus());
writeStats(true);
}
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
}
XmlCollector::XmlCollector()
- : m_filename(DEFAULT_XML_FILE_NAME)
+ : m_filename(DEFAULT_XML_FILE_NAME), m_verbosity(true)
{
}
std::string XmlCollector::CollectorSpecificHelp() const
{
- return "--file=<filename> - name of file for output\n"
- " default - results.xml\n";
+ return CollectorFileHelp(DEFAULT_XML_FILE_NAME) + COLLECTOR_NO_VERBOSE_HELP;
}
void XmlCollector::Start()
bool XmlCollector::ParseCollectorSpecificArg(const std::string& arg)
{
- return ParseCollectorFileArg(arg, m_filename);
+ return ParseCollectorFileArg(arg, m_filename) || ParseCollectorNoVerboseArg(arg, m_verbosity);
}
-void XmlCollector::CollectResult(const std::string& id,
- const FailStatus status,
- const std::string& reason,
- const bool& isPerformanceTest,
- const std::chrono::system_clock::duration& performanceTime,
- const std::chrono::system_clock::duration& performanceMaxTime)
+void XmlCollector::CollectResult(const std::string& id, const TestResult &result)
{
m_resultBuffer.erase();
m_resultBuffer.append("\t\t<testcase name=\"");
m_resultBuffer.append(EscapeSpecialCharacters(id));
m_resultBuffer.append("\"");
- switch (status) {
- case FailStatus::NONE:
- if (isPerformanceTest) {
- if (performanceMaxTime <= std::chrono::microseconds::zero()) {
- m_resultBuffer.append(" status=\"OK\" time=\"");
- std::ostringstream ostr;
- ostr << performanceTime.count();
- m_resultBuffer.append(ostr.str());
- m_resultBuffer.append("\"/>\n");
- break;
- } else {
- m_resultBuffer.append(" status=\"OK\" time=\"");
- std::ostringstream ostr;
- ostr << performanceTime.count();
- m_resultBuffer.append(ostr.str());
- m_resultBuffer.append("\" time_expected=\"");
- ostr.str("");
- ostr << performanceMaxTime.count();
- m_resultBuffer.append(ostr.str());
- m_resultBuffer.append("\"/>\n");
- break;
- }
+
+ std::ostringstream ostr;
+ ConstPerformanceResultPtr performanceResult;
+ switch (result.GetFailStatus()) {
+ case TestResult::FailStatus::NONE:
+ performanceResult = result.GetPerformanceResult();
+ if (!performanceResult) {
+ m_resultBuffer.append(" status=\"OK\"/>\n");
+ break;
}
- m_resultBuffer.append(" status=\"OK\"/>\n");
+ if (!performanceResult->IsMaxDuration()) {
+ m_resultBuffer.append(" status=\"OK\" time=\"");
+ ostr << performanceResult->GetDuration().count();
+ m_resultBuffer.append(ostr.str());
+ m_resultBuffer.append("\"/>\n");
+ break;
+ }
+ m_resultBuffer.append(" status=\"OK\" time=\"");
+ ostr << performanceResult->GetDuration().count();
+ m_resultBuffer.append(ostr.str());
+ m_resultBuffer.append("\" time_expected=\"");
+ ostr.str("");
+ ostr << performanceResult->GetMaxDuration().count();
+ m_resultBuffer.append(ostr.str());
+ m_resultBuffer.append("\"/>\n");
break;
- case FailStatus::FAILED:
+ case TestResult::FailStatus::FAILED:
m_resultBuffer.append(" status=\"FAILED\">\n");
- PrintfErrorMessage("FAILED", EscapeSpecialCharacters(reason), true);
+ PrintfErrorMessage("FAILED", EscapeSpecialCharacters(result.GetReason()));
m_resultBuffer.append("\t\t</testcase>\n");
break;
- case FailStatus::IGNORED:
+ case TestResult::FailStatus::IGNORED:
m_resultBuffer.append(" status=\"Ignored\">\n");
- PrintfIgnoredMessage("Ignored", EscapeSpecialCharacters(
- reason), true);
+ PrintfIgnoredMessage("Ignored", EscapeSpecialCharacters(result.GetReason()));
m_resultBuffer.append("\t\t</testcase>\n");
break;
default:
}
m_outputBuffer.insert(last_case_pos - 2, m_resultBuffer);
- m_stats.AddTest(status);
+ m_stats.AddTest(result.GetFailStatus());
UpdateGroupHeader(group_pos,
m_stats.GetTotal() + 1, // include SegFault
}
}
-void XmlCollector::PrintfErrorMessage(const char* type,
- const std::string& message,
- bool verbosity)
+void XmlCollector::PrintfErrorMessage(const char* type, const std::string& message)
{
- if (verbosity) {
- m_resultBuffer.append("\t\t\t<failure type=\"");
- m_resultBuffer.append(EscapeSpecialCharacters(type));
+ m_resultBuffer.append("\t\t\t<failure type=\"");
+ m_resultBuffer.append(EscapeSpecialCharacters(type));
+ if (m_verbosity) {
m_resultBuffer.append("\" message=\"");
m_resultBuffer.append(EscapeSpecialCharacters(message));
- m_resultBuffer.append("\"/>\n");
- } else {
- m_resultBuffer.append("\t\t\t<failure type=\"");
- m_resultBuffer.append(EscapeSpecialCharacters(type));
- m_resultBuffer.append("\"/>\n");
}
+ m_resultBuffer.append("\"/>\n");
}
-void XmlCollector::PrintfIgnoredMessage(const char* type,
- const std::string& message,
- bool verbosity)
+void XmlCollector::PrintfIgnoredMessage(const char* type, const std::string& message)
{
- if (verbosity) {
- m_resultBuffer.append("\t\t\t<skipped type=\"");
- m_resultBuffer.append(EscapeSpecialCharacters(type));
+ m_resultBuffer.append("\t\t\t<skipped type=\"");
+ m_resultBuffer.append(EscapeSpecialCharacters(type));
+ if (m_verbosity) {
m_resultBuffer.append("\" message=\"");
m_resultBuffer.append(EscapeSpecialCharacters(message));
- m_resultBuffer.append("\"/>\n");
- } else {
- m_resultBuffer.append("\t\t\t<skipped type=\"");
- m_resultBuffer.append(EscapeSpecialCharacters(type));
- m_resultBuffer.append("\"/>\n");
}
+ m_resultBuffer.append("\"/>\n");
}
std::string XmlCollector::EscapeSpecialCharacters(std::string s)
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/*
+/**
* @file test_runner.cpp
* @author Przemyslaw Dobrowolski (p.dobrowolsk@samsung.com)
* @author Lukasz Wrzosek (l.wrzosek@samsung.com)
* @brief This file is the implementation file of test runner
*/
#include <stddef.h>
+#include <dpl/test/test_failed.h>
+#include <dpl/test/test_ignored.h>
#include <dpl/test/test_runner.h>
#include <dpl/test/test_results_collector.h>
#include <dpl/exception.h>
#include <algorithm>
#include <cstdio>
#include <memory.h>
-#include <libgen.h>
-#include <cstring>
-#include <cstdlib>
#include <libxml/xpath.h>
#include <libxml/xpathInternals.h>
namespace DPL {
namespace Test {
-namespace // anonymous
-{
-std::string BaseName(std::string aPath)
-{
- ScopedFree<char> path(strdup(aPath.c_str()));
- if (nullptr == path.Get()) {
- throw std::bad_alloc();
- }
- char* baseName = basename(path.Get());
- std::string retValue = baseName;
- return retValue;
-}
-} // namespace anonymous
-
-//! \brief Failed test message creator
-//!
-//! \param[in] aTest string for tested expression
-//! \param[in] aFile source file name
-//! \param[in] aLine source file line
-//! \param[in] aMessage error message
-TestRunner::TestFailed::TestFailed(const char* aTest,
- const char* aFile,
- int aLine,
- const std::string &aMessage)
-{
- std::ostringstream assertMsg;
- assertMsg << "[" << BaseName(aFile) << ":" << aLine
- << "] Assertion failed ("
- << aTest << ") " << aMessage;
- m_message = assertMsg.str();
-}
-
-TestRunner::TestFailed::TestFailed(const std::string &message)
-{
- m_message = message;
-}
void TestRunner::RegisterTest(const char *testName, TestCase proc)
{
return true;
}
-TestRunner::Status TestRunner::RunTestCase(const TestCaseStruct& testCase)
+void TestRunner::RunTestCase(const TestCaseStruct& testCase)
{
setCurrentTestCase(&(const_cast<TestCaseStruct &>(testCase)));
+ m_deferDeepness = 0U;
try {
testCase.proc();
} catch (const TestFailed &e) {
// Simple test failure
CollectResult(testCase.name,
- TestResultsCollectorBase::FailStatus::FAILED,
- getConcatedFailReason(e.GetMessage()));
+ TestResult(TestResult::FailStatus::FAILED,
+ getConcatedFailReason(e.GetMessage())));
setCurrentTestCase(nullptr);
- return FAILED;
- } catch (const Ignored &e) {
+ return;
+ } catch (const TestIgnored &e) {
if (m_runIgnored) {
// Simple test have to be implemented
CollectResult(testCase.name,
- TestResultsCollectorBase::FailStatus::IGNORED,
- e.GetMessage());
+ TestResult(TestResult::FailStatus::IGNORED, e.GetMessage()));
}
setCurrentTestCase(nullptr);
- return IGNORED;
+ return;
} catch (const std::exception &) {
// std exception failure
CollectResult(testCase.name,
- TestResultsCollectorBase::FailStatus::FAILED,
- "std exception");
+ TestResult(TestResult::FailStatus::FAILED, "std exception"));
setCurrentTestCase(nullptr);
- return FAILED;
+ return;
} catch (...) {
// Unknown exception failure
CollectResult(testCase.name,
- TestResultsCollectorBase::FailStatus::FAILED,
- "unknown exception");
-
+ TestResult(TestResult::FailStatus::FAILED, "unknown exception"));
setCurrentTestCase(nullptr);
- return FAILED;
+ return;
}
+ // Everything OK
CollectResult(testCase.name,
- TestResultsCollectorBase::FailStatus::NONE,
- "",
- testCase.m_isPerformanceTest,
- testCase.m_performanceTestDurationTime,
- testCase.m_performanceMaxTime);
+ TestResult(TestResult::FailStatus::NONE,
+ std::string(),
+ testCase.performance));
setCurrentTestCase(nullptr);
-
- // Everything OK
- return PASS;
}
void TestRunner::RunTests()
m_currentTestCase = testCase;
}
-void TestRunner::beginPerformanceTestTime(std::chrono::system_clock::duration maxTimeInMicroseconds)
+void TestRunner::beginPerformance(std::chrono::system_clock::duration maxDurationInMicroseconds)
{
TestCaseStruct* testCase = getCurrentTestCase();
if (!testCase)
return;
- testCase->m_isPerformanceTest = true;
- testCase->m_performanceMaxTime = maxTimeInMicroseconds;
- testCase->m_performanceTestStartTime = std::chrono::system_clock::now();
-
- // Set result to 0 microseconds. Display 0ms result when end macro is missing.
- testCase->m_performanceTestDurationTime = std::chrono::microseconds::zero();
+ if (!testCase->performance)
+ testCase->performance.reset(new PerformanceResult(maxDurationInMicroseconds));
}
-void TestRunner::endPerformanceTestTime()
+void TestRunner::endPerformance()
{
TestCaseStruct* testCase = getCurrentTestCase();
if (!testCase)
return;
- testCase->m_performanceTestDurationTime = std::chrono::system_clock::now() -
- testCase->m_performanceTestStartTime;
+ testCase->performance->Finish();
}
-void TestRunner::getCurrentTestCasePerformanceResult(bool& isPerformanceTest,
- std::chrono::system_clock::duration& result,
- std::chrono::system_clock::duration& resultMax)
+ConstPerformanceResultPtr TestRunner::getCurrentTestCasePerformanceResult()
{
TestCaseStruct* testCase = getCurrentTestCase();
- if (!testCase || !(testCase->m_isPerformanceTest)){
- isPerformanceTest = false;
- return;
- }
+ if (!testCase)
+ return nullptr;
- isPerformanceTest = testCase->m_isPerformanceTest;
- result = testCase->m_performanceTestDurationTime;
- resultMax = testCase->m_performanceMaxTime;
+ return testCase->performance;
}
-void TestRunner::setCurrentTestCasePerformanceResult(bool isPerformanceTest,
- std::chrono::system_clock::duration result,
- std::chrono::system_clock::duration resultMax)
+void TestRunner::setCurrentTestCasePerformanceResult(const PerformanceResultPtr &performance)
{
TestCaseStruct* testCase = getCurrentTestCase();
if (!testCase)
return;
- testCase->m_isPerformanceTest = isPerformanceTest;
- testCase->m_performanceTestDurationTime = result;
- testCase->m_performanceMaxTime = resultMax;
+ testCase->performance = performance;
}
void TestRunner::addFailReason(const std::string &reason)
return reason + ret;
}
-void TestRunner::CollectResult(
- const std::string& id,
- const TestResultsCollectorBase::FailStatus status,
- const std::string& reason,
- const bool& isPerformanceTest,
- const std::chrono::system_clock::duration& performanceTestDurationTime,
- const std::chrono::system_clock::duration& performanceMaxTime)
+void TestRunner::CollectResult(const std::string& id, const TestResult& result)
{
std::for_each(m_collectors.begin(),
m_collectors.end(),
[&](const TestResultsCollectors::value_type & collector)
{
- collector.second->CollectResult(id,
- status,
- reason,
- isPerformanceTest,
- performanceTestDurationTime,
- performanceMaxTime);
+ collector.second->CollectResult(id, result);
});
}
return ExecTestRunner(args);
}
-void TestRunner::MarkAssertion()
-{
- ++m_totalAssertions;
-}
-
int TestRunner::ExecTestRunner(ArgsList args)
{
m_runIgnored = false;
return 0;
}
-bool TestRunner::getRunIgnored() const
-{
- return m_runIgnored;
-}
-
void TestRunner::Terminate()
{
m_terminate = true;
return m_allowChildLogs;
}
+void TestRunner::deferFailedException(const DPL::Test::TestFailed &ex)
+{
+ if (m_deferDeepness <= 0)
+ throw ex;
+
+ if (m_deferredExceptionsMessages.empty()) {
+ m_firstDeferredFail = ex;
+ m_firstDeferredExceptionType = DeferredExceptionType::DEFERRED_FAILED;
+ }
+ m_deferredExceptionsMessages.push_back(ex.GetMessage());
}
+
+void TestRunner::deferIgnoredException(const DPL::Test::TestIgnored &ex)
+{
+ if (m_deferDeepness <= 0)
+ throw ex;
+
+ if (m_deferredExceptionsMessages.empty()) {
+ m_firstDeferredIgnore = ex;
+ m_firstDeferredExceptionType = DeferredExceptionType::DEFERRED_IGNORED;
+ }
+ m_deferredExceptionsMessages.push_back(ex.GetMessage());
+}
+
+void TestRunner::deferBegin()
+{
+ m_deferDeepness++;
+}
+
+void TestRunner::deferEnd()
+{
+ if (m_deferDeepness > 0)
+ m_deferDeepness--;
+
+ if (m_deferDeepness > 0)
+ return;
+
+ bool oops = std::uncaught_exception();
+ size_t additionalExceptions = oops ? 0 : 1;
+ for (size_t i = additionalExceptions; i < m_deferredExceptionsMessages.size(); ++i)
+ addFailReason(m_deferredExceptionsMessages[i]);
+
+ if (!oops && !m_deferredExceptionsMessages.empty())
+ {
+ m_deferredExceptionsMessages.clear();
+ switch (m_firstDeferredExceptionType) {
+ case DeferredExceptionType::DEFERRED_FAILED:
+ throw m_firstDeferredFail;
+ case DeferredExceptionType::DEFERRED_IGNORED:
+ throw m_firstDeferredIgnore;
+ }
+ }
+ m_deferredExceptionsMessages.clear();
+}
+
+} // namespace Test
} // namespace DPL
/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2013-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/*
+/**
* @file test_runner_child.cpp
* @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
* @version 1.0
* @brief This file is the implementation file of test runner
*/
#include <stddef.h>
+#include <dpl/test/test_failed.h>
+#include <dpl/test/test_ignored.h>
#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>
#include <dpl/test/test_results_collector.h>
const int CHILD_TEST_PASS = 1;
const int CHILD_TEST_IGNORED = 2;
-const int MSG_TYPE_MESSAGE = 0; // sizeof(Message) + Message
-const int MSG_TYPE_PERF_TIME = 1; // perfTime + maxTime
-
int closeOutput() {
int devnull;
int retcode = -1;
std::ostringstream output;
output << toBinaryString(code);
- output << toBinaryString(MSG_TYPE_MESSAGE);
output << toBinaryString(static_cast<int>(message.size()));
output << message;
return SUCCESS;
}
-PipeWrapper::Status PipeWrapper::sendTime(int code,
- std::chrono::system_clock::duration time,
- std::chrono::system_clock::duration timeMax)
+PipeWrapper::Status PipeWrapper::sendPerformance(const ConstPerformanceResultPtr &performance)
{
+ int foo = 0;
if (m_pipefd[1] == PIPE_CLOSED) {
return ERROR;
}
+ if (!performance)
+ return writeHelp(&foo, sizeof(int));
- std::ostringstream output;
- output << toBinaryString(code);
- output << toBinaryString(MSG_TYPE_PERF_TIME);
- output << toBinaryString(time);
- output << toBinaryString(timeMax);
-
- std::string binary = output.str();
+ std::string binary = performance->ToBinaryString();
int size = binary.size();
if ((writeHelp(&size,
}
PipeWrapper::Status PipeWrapper::receive(int &code,
- int &msgType,
std::string &data,
- std::chrono::system_clock::duration &time,
- std::chrono::system_clock::duration &timeMax,
+ PerformanceResultPtr &performance,
time_t deadline)
{
if (m_pipefd[0] == PIPE_CLOSED) {
queue.AppendCopy(&buffer[0], size);
queue.FlattenConsume(&code, sizeof(int));
- queue.FlattenConsume(&msgType, sizeof(int));
-
- switch (msgType) {
- case MSG_TYPE_MESSAGE:
- queue.FlattenConsume(&size, sizeof(int));
-
- buffer.resize(size);
-
- queue.FlattenConsume(&buffer[0], size);
- data.assign(buffer.begin(), buffer.end());
- break;
- case MSG_TYPE_PERF_TIME:
- queue.FlattenConsume(&time, sizeof(std::chrono::system_clock::duration));
- queue.FlattenConsume(&timeMax, sizeof(std::chrono::system_clock::duration));
- break;
- default:
- return ERROR;
+ queue.FlattenConsume(&size, sizeof(int));
+
+ buffer.resize(size);
+
+ queue.FlattenConsume(&buffer[0], size);
+ data.assign(buffer.begin(), buffer.end());
+
+ if (code != CHILD_TEST_PASS)
+ return SUCCESS;
+
+ if ((ret = readHelp(&size, sizeof(int), deadline)) != SUCCESS) {
+ return ret;
}
+
+ if (size == 0) {
+ performance = nullptr;
+ return SUCCESS;
+ }
+
+ buffer.resize(size);
+
+ if ((ret = readHelp(buffer.data(), size, deadline)) != SUCCESS) {
+ return ret;
+ }
+
+ queue.AppendCopy(buffer.data(), size);
+
+ performance.reset(new PerformanceResult(queue));
} catch (DPL::BinaryQueue::Exception::Base &e) {
return ERROR;
}
return std::string(buffer, buffer + sizeof(int));
}
-std::string PipeWrapper::toBinaryString(std::chrono::system_clock::duration data)
-{
- char buffer[sizeof(std::chrono::system_clock::duration)];
- memcpy(buffer, &data, sizeof(std::chrono::system_clock::duration));
- return std::string(buffer, buffer + sizeof(std::chrono::system_clock::duration));
-}
-
void PipeWrapper::closeHelp(int desc)
{
if (m_pipefd[desc] != PIPE_CLOSED) {
{
PipeWrapper pipe;
if (!pipe.isReady()) {
- throw TestRunner::TestFailed("Pipe creation failed");
+ throw TestFailed("Pipe creation failed");
}
pid_t pid = fork();
if (pid == -1) {
- throw TestRunner::TestFailed("Child creation failed");
+ throw TestFailed("Child creation failed");
}
if (pid != 0) {
pipe.setUsage(PipeWrapper::READONLY);
int code;
- int msgType;
- std::chrono::system_clock::duration time_m;
- std::chrono::system_clock::duration timeMax_m;
std::string message;
+ PerformanceResultPtr performance;
- int pipeReturn = pipe.receive(code, msgType, message, time_m, timeMax_m, time(0) + 10);
+ int pipeReturn = pipe.receive(code, message, performance, time(0) + 10);
if (pipeReturn != PipeWrapper::SUCCESS) { // Timeout or reading error
pipe.closeAll();
waitpid(pid, &status, 0);
if (pipeReturn == PipeWrapper::TIMEOUT) {
- throw TestRunner::TestFailed("Timeout");
+ throw TestFailed("Timeout");
}
if (pipeReturn == PipeWrapper::ERROR) {
- throw TestRunner::TestFailed("Reading pipe error");
+ throw TestFailed("Reading pipe error");
}
- if (code == CHILD_TEST_PASS && msgType == MSG_TYPE_PERF_TIME) {
- DPL::Test::TestRunnerSingleton::Instance().setCurrentTestCasePerformanceResult(true,
- time_m,
- timeMax_m);
- }
+ TestRunnerSingleton::Instance().setCurrentTestCasePerformanceResult(performance);
if (code == CHILD_TEST_FAIL) {
- throw TestRunner::TestFailed(message);
+ throw TestFailed(message);
} else if (code == CHILD_TEST_IGNORED) {
- throw TestRunner::Ignored(message);
+ throw TestIgnored(message);
}
} else {
// child code
int code = CHILD_TEST_PASS;
std::string msg;
- bool isPerformanceTest;
- std::chrono::system_clock::duration time_m;
- std::chrono::system_clock::duration timeMax_m;
bool allowLogs = TestRunnerSingleton::Instance().GetAllowChildLogs();
try {
procChild();
- } catch (const DPL::Test::TestRunner::TestFailed &e) {
+ } catch (const DPL::Test::TestFailed &e) {
msg = e.GetMessage();
code = CHILD_TEST_FAIL;
- } catch (const DPL::Test::TestRunner::Ignored &e) {
+ } catch (const DPL::Test::TestIgnored &e) {
msg = e.GetMessage();
code = CHILD_TEST_IGNORED;
} catch (...) { // catch all exception generated by "user" code
closeOutput();
}
- DPL::Test::TestRunnerSingleton::Instance().getCurrentTestCasePerformanceResult(isPerformanceTest,
- time_m,
- timeMax_m);
-
- if (code == CHILD_TEST_PASS && isPerformanceTest){
- pipe.sendTime(code,
- time_m,
- timeMax_m);
- } else {
- pipe.send(code, msg);
+ pipe.send(code, msg);
+ if (code == CHILD_TEST_PASS){
+ pipe.sendPerformance(TestRunnerSingleton::Instance() \
+ .getCurrentTestCasePerformanceResult());
}
}
}
/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-/*
+/**
* @file test_runner_multiprocess.cpp
* @author Marcin Niesluchowski (m.niesluchow@samsung.com)
* @version 1.0
#include <sys/file.h>
#include <dpl/exception.h>
+#include <dpl/test/test_failed.h>
+#include <dpl/test/test_ignored.h>
#include <dpl/test/test_runner.h>
#include <dpl/test/test_runner_child.h>
#include <dpl/test/test_runner_multiprocess.h>
pid_t top_pid = getpid();
if (!pipe.isReady()) {
- throw TestRunner::TestFailed("Pipe creation failed");
+ throw TestFailed("Pipe creation failed");
}
// pipe
try {
procMulti();
- } catch (const TestRunner::TestFailed &e) {
+ } catch (const TestFailed &e) {
code = MULTI_TEST_FAILED;
msg = e.GetMessage();
- } catch (const TestRunner::Ignored &e) {
+ } catch (const TestIgnored &e) {
code = MULTI_TEST_IGNORED;
msg = e.GetMessage();
} catch (const std::exception &) {
}
if (pipeReturn == PipeWrapper::ERROR) {
pipe.closeAll();
- throw TestRunner::TestFailed("Reading pipe error");
+ throw TestFailed("Reading pipe error");
} else if (pipeReturn == PipeWrapper::TIMEOUT) {
pipe.closeAll();
- throw TestRunner::TestFailed("Timeout error");
+ throw TestFailed("Timeout error");
}
msg = msg + "\n" + recMsg;
}
case MULTI_TEST_PASS:
return;
case MULTI_TEST_FAILED:
- throw TestRunner::TestFailed(msg);
+ throw TestFailed(msg);
case MULTI_TEST_IGNORED:
- throw TestRunner::Ignored(msg);
+ throw TestIgnored(msg);
default:
- throw TestRunner::TestFailed(msg);
+ throw TestFailed(msg);
}
} else {
pipe.setUsage(PipeWrapper::WRITEONLY);
-#Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2012-2015 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
SET(TEST_APP_WGT "test-app-wgt")
SET(TEST_APP_OSP "test-app-osp")
SET(HELLO_TIZEN_TEST_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/hello-tizen.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/hello-tizen.cpp
)
ADD_EXECUTABLE( ${TEST_APP_EFL} ${HELLO_TIZEN_TEST_SOURCES} )
INSTALL(TARGETS ${TEST_APP_EFL}
#files to compile
SET(LPC_TARGET_TEST_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/db.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/duplicates.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control-test.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases_nosmack.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases_incorrect_params.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_cases_stress.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/common/db.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/common/duplicates.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/libprivilege-control-test.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/test_cases.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/test_cases_nosmack.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/test_cases_incorrect_params.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/test_cases_stress.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/libprivilege-control_test_common.cpp
)
#header directories
)
INCLUDE_DIRECTORIES(
- ${PROJECT_SOURCE_DIR}/tests/common/
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/
+ ${PROJECT_SOURCE_DIR}/src/common/
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/common/
)
#preprocessor definitions
# Test SMACK rules
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/WRT_test_privilege_control_rules1.smack
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/WRT_test_privilege_control_rules1.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/WRT_test_privilege_control_rules2.smack
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/WRT_test_privilege_control_rules2.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/WRT_test_privilege_control_rules2_no_r.smack
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/WRT_test_privilege_control_rules2_no_r.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/WRT_test_privilege_control_rules2_r.smack
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/WRT_test_privilege_control_rules2_r.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(DIRECTORY
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/test_privilege_control_DIR
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/test_privilege_control_DIR
DESTINATION /etc/smack/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/WRT_test_privilege_control_rules_wgt.smack
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/WRT_test_privilege_control_rules_wgt.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/WRT_test_privilege_control_rules_wgt.dac
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/WRT_test_privilege_control_rules_wgt.dac
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/OSP_test_privilege_control_rules_osp.smack
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/OSP_test_privilege_control_rules_osp.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/OSP_test_privilege_control_rules_osp.dac
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/OSP_test_privilege_control_rules_osp.dac
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/EFL_test_privilege_control_rules_efl.smack
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/EFL_test_privilege_control_rules_efl.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/EFL_test_privilege_control_rules_efl.dac
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/EFL_test_privilege_control_rules_efl.dac
DESTINATION /usr/share/privilege-control/
)
-#Copyright (c) 2012 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2012-2015 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#files to compile
SET(TARGET_TEST_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/libsmack-tests/libsmack-test.cpp
- ${PROJECT_SOURCE_DIR}/tests/libsmack-tests/test_cases.cpp
+ ${PROJECT_SOURCE_DIR}/src/libsmack-tests/libsmack-test.cpp
+ ${PROJECT_SOURCE_DIR}/src/libsmack-tests/test_cases.cpp
)
#header directories
)
INCLUDE_DIRECTORIES(
- ${PROJECT_SOURCE_DIR}/tests/common/
+ ${PROJECT_SOURCE_DIR}/src/common/
)
#preprocessor definitions
#place for additional files
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libsmack-tests/test_smack_rules
+ ${PROJECT_SOURCE_DIR}/src/libsmack-tests/test_smack_rules
DESTINATION /etc/smack
PERMISSIONS
OWNER_READ
#place for full rules
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libsmack-tests/test_smack_rules_full
+ ${PROJECT_SOURCE_DIR}/src/libsmack-tests/test_smack_rules_full
DESTINATION /etc/smack
PERMISSIONS
OWNER_READ
#place for rules2
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libsmack-tests/test_smack_rules2
+ ${PROJECT_SOURCE_DIR}/src/libsmack-tests/test_smack_rules2
DESTINATION /etc/smack
PERMISSIONS
OWNER_READ
#place for rules3
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libsmack-tests/test_smack_rules3
+ ${PROJECT_SOURCE_DIR}/src/libsmack-tests/test_smack_rules3
DESTINATION /etc/smack
PERMISSIONS
OWNER_READ
#place for rules4
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/libsmack-tests/test_smack_rules4
+ ${PROJECT_SOURCE_DIR}/src/libsmack-tests/test_smack_rules4
DESTINATION /etc/smack
PERMISSIONS
OWNER_READ
-#
-#Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
sqlite3
libcap
dbus-1
- libgum
- cynara-admin)
+ libgum)
SET(TARGET_SEC_MGR_TESTS "security-manager-tests")
SET(SEC_MGR_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/security_manager_tests.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/sm_api.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/sm_db.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/sm_request.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/sm_user_request.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/sm_policy_request.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_client.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/cynara_test_admin.cpp
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/plugins.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/security_manager_tests.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_api.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_db.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_request.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_user_request.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/sm_policy_request.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_client.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/cynara_test_admin.cpp
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/plugins.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/libprivilege-control_test_common.cpp
)
INCLUDE_DIRECTORIES(SYSTEM
)
INCLUDE_DIRECTORIES(
- ${PROJECT_SOURCE_DIR}/tests/common/
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/common/
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/common/
- ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/
+ ${PROJECT_SOURCE_DIR}/src/common/
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/common/
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/common/
+ ${PROJECT_SOURCE_DIR}/src/cynara-tests/plugins/
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/common/
)
FIND_PACKAGE(Threads)
INSTALL(TARGETS ${TARGET_SEC_MGR_TESTS} DESTINATION /usr/bin)
INSTALL(DIRECTORY
- ${PROJECT_SOURCE_DIR}/tests/security-manager-tests/apps_rw/
+ ${PROJECT_SOURCE_DIR}/src/security-manager-tests/apps_rw/
DESTINATION /usr/apps/
)
-#
-#Copyright (c) 2013-2014 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2013-2015 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Sources definition
SET(SEC_SRV_COMMON_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/common/security_server_tests_common.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/common/security_server_tests_common.cpp
)
SET(SEC_SRV_CLIENT_SMACK_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_client_smack.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_mockup.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_client_smack.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_mockup.cpp
)
SET(SEC_SRV_TC_SERVER_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/server.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/cookie_api.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/weird_arguments.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_clean_env.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/server.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/cookie_api.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/weird_arguments.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_clean_env.cpp
)
SET(SEC_SRV_PWD_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_password.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_clean_env.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_password.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_clean_env.cpp
)
SET(SEC_SRV_PRIVILEGE_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_privilege.cpp
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/libprivilege-control_test_common.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_privilege.cpp
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/libprivilege-control_test_common.cpp
)
SET(SEC_SRV_STRESS_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_stress.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_stress.cpp
)
SET(SEC_SRV_MT_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_tests_mt.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_mt.cpp
)
SET(SEC_SRV_MEASURER_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_measurer_API_speed.cpp
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/security_server_mockup.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_measurer_API_speed.cpp
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_mockup.cpp
)
INCLUDE_DIRECTORIES(SYSTEM
)
INCLUDE_DIRECTORIES(
- ${PROJECT_SOURCE_DIR}/tests/common/
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/common/
- ${PROJECT_SOURCE_DIR}/tests/libprivilege-control-tests/common/
+ ${PROJECT_SOURCE_DIR}/src/common/
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/common/
+ ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/common/
)
#LINK_DIRECTORIES(${SEC_SRV_PKGS_LIBRARY_DIRS})
INSTALL(TARGETS ${TARGET_SEC_SRV_MEASURER} DESTINATION /usr/bin)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/WRT_sstp_test_rules1.smack
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/WRT_sstp_test_rules1.smack
DESTINATION /usr/share/privilege-control/
)
INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/security-server-tests/WRT_sstp_test_rules2.smack
+ ${PROJECT_SOURCE_DIR}/src/security-server-tests/WRT_sstp_test_rules2.smack
DESTINATION /usr/share/privilege-control/
)
runTest smack
runTest smack-dbus
-#runTest libprivilege-control
+runTest libprivilege-control
#runTest ss-clientsmack
#runTest ss-server
#runTest ss-password
#runTest ss-stress
runTest security-manager
runTest cynara
+runTest ckm
printSummary
echo
cynara-test "${@:2}"
;;
+"ckm")
+ echo "========================================================================="
+ echo "KEY MANAGER TESTS"
+ echo
+ ckm-tests "${@:2}"
+ ;;
*)
echo "Correct using:"
echo " security_test.sh <module> <args_for_module>"
echo
echo "modules: smack, smack-dbus, libprivilege-control, ss-clientsmack"
echo " ss-server, ss-api-speed, ss-password, ss-stress"
- echo " ss-privilege, security-manager, cynara"
+ echo " ss-privilege, security-manager, cynara, ckm"
;;
esac
-#
-#Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Sources definition
SET(SMACK_DBUS_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/smack-dbus-tests/smack_dbus_tests.cpp
+ ${PROJECT_SOURCE_DIR}/src/smack-dbus-tests/smack_dbus_tests.cpp
)
INCLUDE_DIRECTORIES(
- ${PROJECT_SOURCE_DIR}/tests/common/
+ ${PROJECT_SOURCE_DIR}/src/common/
)
ADD_EXECUTABLE(${TARGET_SMACK_DBUS_TESTS} ${SMACK_DBUS_SOURCES})
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
+# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
#
-INCLUDE(FindPkgConfig)
+cmake_minimum_required(VERSION 2.8.3)
-PKG_CHECK_MODULES(SYS_FRAMEWORK_TEST
- REQUIRED
- libxml-2.0
- libpcrecpp
- libiri
- )
+INCLUDE(FindPkgConfig)
+SET(INNER_TARGET_TEST "security-tests-inner-test")
-PKG_CHECK_MODULES(SYS_FRAMEWORK_TEST_OTHER
+PKG_CHECK_MODULES(INNER_TARGET_DEP
REQUIRED
glib-2.0
- dlog
)
-ADD_DEFINITIONS(${SYS_FRAMEWORK_TEST_OTHER_CFLAGS})
-
-include(framework/config.cmake)
-
-SET(DPL_FRAMEWORK_TEST_LIBRARY "dpl-test-framework")
+#files to compile
+SET(INNER_TARGET_TEST_SOURCES
+ ${PROJECT_SOURCE_DIR}/tests/inner-test.cpp
+ ${PROJECT_SOURCE_DIR}/tests/common/test_cases_timeout.cpp
+ ${PROJECT_SOURCE_DIR}/tests/framework/test_cases_deferred.cpp
+ )
+#header directories
INCLUDE_DIRECTORIES(SYSTEM
- ${SYS_FRAMEWORK_TEST_OTHER_INCLUDE_DIRS}
- ${DPL_FRAMEWORK_TEST_INCLUDE_DIR}
+ ${INNER_TARGET_DEP_INCLUDE_DIRS}
)
-ADD_LIBRARY(${DPL_FRAMEWORK_TEST_LIBRARY} ${DPL_FRAMEWORK_TEST_SOURCES})
-
-TARGET_LINK_LIBRARIES(${DPL_FRAMEWORK_TEST_LIBRARY}
- ${SYS_FRAMEWORK_TEST_OTHER_LIBRARIES}
- ${SYS_FRAMEWORK_TEST_LIBRARIES}
+INCLUDE_DIRECTORIES(
+ ${PROJECT_SOURCE_DIR}/src/framework/include/
+ ${PROJECT_SOURCE_DIR}/src/
)
-INSTALL(FILES ${PROJECT_SOURCE_DIR}/tests/security-tests.sh
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
- )
+#output format
+ADD_EXECUTABLE(${INNER_TARGET_TEST} ${INNER_TARGET_TEST_SOURCES})
-INSTALL(FILES ${PROJECT_SOURCE_DIR}/tests/security-tests-all.sh
- DESTINATION bin
- PERMISSIONS OWNER_READ
- OWNER_WRITE
- OWNER_EXECUTE
- GROUP_READ
- GROUP_EXECUTE
- WORLD_READ
- WORLD_EXECUTE
+#linker directories
+TARGET_LINK_LIBRARIES(${INNER_TARGET_TEST}
+ ${INNER_TARGET_DEP_LIBRARIES}
+ tests-common
+ dpl-test-framework
)
-INSTALL(FILES
- ${PROJECT_SOURCE_DIR}/tests/test-performance-check.sh
- DESTINATION bin
+#place for output file
+INSTALL(TARGETS ${INNER_TARGET_TEST}
+ DESTINATION /usr/bin
PERMISSIONS OWNER_READ
OWNER_WRITE
OWNER_EXECUTE
WORLD_READ
WORLD_EXECUTE
)
-
-
-ADD_SUBDIRECTORY(common)
-ADD_SUBDIRECTORY(ckm)
-ADD_SUBDIRECTORY(libprivilege-control-tests)
-ADD_SUBDIRECTORY(libsmack-tests)
-ADD_SUBDIRECTORY(smack-dbus-tests)
-ADD_SUBDIRECTORY(security-server-tests)
-ADD_SUBDIRECTORY(security-manager-tests)
-ADD_SUBDIRECTORY(cynara-tests)
+++ /dev/null
-#
-#Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# @file CMakeLists.txt
-# @author Bartlomiej Grzelewski (b.grzelewski@samsung.com)
-# @brief
-#
-
-INCLUDE(FindPkgConfig)
-
-# Dependencies
-PKG_CHECK_MODULES(CKM_DEP
- libsmack
- key-manager
- dlog
- REQUIRED)
-
-# Targets definition
-
-SET(TARGET_CKM_TESTS "ckm-tests")
-
-SET(CKM_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/ckm/main.cpp
- ${PROJECT_SOURCE_DIR}/tests/ckm/capi-testcases.cpp
-)
-
-INCLUDE_DIRECTORIES(SYSTEM ${CKM_DEP_INCLUDE_DIRS})
-INCLUDE_DIRECTORIES(${PROJECT_SOURCE_DIR}/tests/common/ )
-
-ADD_EXECUTABLE(${TARGET_CKM_TESTS} ${CKM_SOURCES})
-
-TARGET_LINK_LIBRARIES(${TARGET_CKM_TESTS} ${CKM_DEP_LIBRARIES} tests-common)
-
-# Installation
-
-INSTALL(TARGETS ${TARGET_CKM_TESTS} DESTINATION bin)
-INSTALL(FILES test1801.pkcs12 DESTINATION /usr/share/ckm-test)
+++ /dev/null
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_child.h>
-
-#include <tests_common.h>
-#include <access_provider.h>
-
-#include <ckm/ckm-manager.h>
-#include <ckm/ckm-control.h>
-#include <ckm/ckm-type.h>
-
-#include <ckmc/ckmc-manager.h>
-#include <ckmc/ckmc-control.h>
-#include <ckmc/ckmc-type.h>
-#include <ckmc/ckmc-error.h>
-
-#include <string>
-#include <string.h>
-#include <stdio.h>
-#include <stddef.h>
-#include <stdlib.h>
-
-static const int USER_APP = 5000;
-static const int GROUP_APP = 5000;
-
-RUNNER_TEST_GROUP_INIT (T201_CKMC_CONTROL_C_API);
-
-RUNNER_TEST(T2011_Control_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2012_Control_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2013_Control_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2014_Control_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(14, "simple-password")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2015_Control_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(20, "test-pass")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_change_user_password(20, "test-pass", "new-pass")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(TT2016_Control_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
- "Error=" << temp);
-}
-
-RUNNER_TEST_GROUP_INIT (T202_CKMC_QUICK_SET_GET_TESTS_C_API);
-
-RUNNER_TEST(T2021_init_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2022_key_C_API)
-{
- int temp;
-
- ckmc_key_s test_key, *test_key2;
- ckmc_policy_s test_policy;
-
- char* password = NULL;
- char alias[10] = "mykey";
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- char* char_keypem = new char[keyPem.length() + 1];
-
- std::strcpy(char_keypem, keyPem.c_str());
- test_key.raw_key = (unsigned char *)char_keypem;
- test_key.key_size = keyPem.length();
- test_key.key_type = CKMC_KEY_RSA_PUBLIC;
- test_key.password = password;
-
- test_policy.password = password;
- test_policy.extractable = 1;
-
- test_key2 = &test_key;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
- "Error=" << temp);
-
- // int compareResult;
- // compareResult = (strcmp((const char *)test_key.raw_key, (const char *)test_key2->raw_key));
- // printf("compare !! %s \n compare 2 !! = %s\n",test_key.raw_key, test_key2->raw_key);
- //
- // RUNNER_ASSERT_MSG(
- // compareResult == 0,
- // "Key modified");
-}
-
-RUNNER_TEST(T2023_certificate_C_API)
-{
- int temp;
-
- std::string certPem = "-----BEGIN CERTIFICATE-----\n"
- "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
- "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
- "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
- "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
- "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
- "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
- "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
- "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
- "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
- "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
- "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
- "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
- "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
- "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
- "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
- "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
- "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
- "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
- "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
- "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
- "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
- "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
- "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
- "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
- "rHva8A==\n"
- "-----END CERTIFICATE-----\n";
-
- char* password = NULL;
- ckmc_cert_s *cert2;
- ckmc_cert_s cert;
-
- ckmc_policy_s test_policy;
- test_policy.password = password;
- test_policy.extractable = 1;
-
- char* char_certPem = new char[certPem.length() + 1];
- std::strcpy(char_certPem, certPem.c_str());
- cert.raw_cert = (unsigned char *)char_certPem;
- cert.cert_size = certPem.length();
- cert.data_format = CKMC_FORM_PEM;
-
- char alias[10] = "myCert";
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
- "Error=" << temp);
-
- // int compareResult;
- // printf("compare !! %s \n compare 2 !!\n\n %s",cert.raw_cert, cert2->raw_cert);
- // compareResult = (strcmp((const char *)cert.raw_cert, (const char *)cert2->raw_cert));
- //
- // RUNNER_ASSERT_MSG(
- // compareResult == 0,
- // "Cert modified");
-}
-
-RUNNER_TEST(T2024_certificate_remove_C_API)
-{
- int temp;
-
- char* password = NULL;
- ckmc_cert_s *cert2;
- char alias[10] = "myCert";
-
-
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias, password, &cert2)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2025_certificate_list_C_API)
-{
- int temp;
-
- std::string certPem = "-----BEGIN CERTIFICATE-----\n"
- "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
- "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
- "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
- "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
- "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
- "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
- "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
- "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
- "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
- "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
- "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
- "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
- "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
- "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
- "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
- "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
- "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
- "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
- "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
- "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
- "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
- "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
- "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
- "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
- "rHva8A==\n"
- "-----END CERTIFICATE-----\n";
-
- char* password = NULL;
- ckmc_cert_s cert;
-
- ckmc_policy_s test_policy;
- test_policy.password = password;
- test_policy.extractable = 1;
-
- char* char_certPem = new char[certPem.length() + 1];
- std::strcpy(char_certPem, certPem.c_str());
- cert.raw_cert = (unsigned char *)char_certPem;
- cert.cert_size = certPem.length();
- cert.data_format = CKMC_FORM_PEM;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
- "Error=" << temp);
-
- ckmc_alias_list_s *aliasList;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_cert_alias_list(&aliasList)),
- "Error=" << temp);
-
- ckmc_alias_list_s *plist = aliasList;
- int count_list;
- count_list = 1;
-
- while(plist && plist->next!=NULL) {
- plist = plist->next;
- count_list +=1;
- }
-
- RUNNER_ASSERT_MSG( count_list == 3,
- "Wrong size of list: " << count_list << " Expected: 3");
-}
-
-
-RUNNER_CHILD_TEST(T2026_user_app_save_key_C_API)
-{
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- int temp;
-
- ckmc_key_s test_key, *test_key2;
- ckmc_policy_s test_policy;
-
- char* password = NULL;
- char passwordPolicy[3] = "x";
- char alias[10] = "mykey";
- char* char_keypem = new char[keyPem.length() + 1];
-
- std::strcpy(char_keypem, keyPem.c_str());
- test_key.raw_key = (unsigned char *)char_keypem;
- test_key.key_size = keyPem.length();
- test_key.key_type = CKMC_KEY_RSA_PUBLIC;
- test_key.password = password;
-
- test_policy.password = passwordPolicy;
- test_policy.extractable = 1;
-
- test_key2 = &test_key;
-
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
- "Error=" << temp);
-
- // RUNNER_ASSERT_MSG(
- // key.getDER() == key2.getDER(), "Key value has been changed by service");
-}
-
-RUNNER_CHILD_TEST(T2027_app_user_save_keys_exportable_flag)
-{
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- ckmc_policy_s test_policy;
- ckmc_key_s test_key, *test_key2;
- char* char_keypem = new char[keyPem.length() + 1];
- char* password = NULL;
-
- std::strcpy(char_keypem, keyPem.c_str());
- test_key.raw_key = (unsigned char *)char_keypem;
- test_key.key_size = keyPem.length();
- test_key.key_type = CKMC_KEY_RSA_PUBLIC;
- test_key.password = password;
-
- test_policy.password = password;
- test_policy.extractable = 0;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2028_deinit_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
-}
-
-
-RUNNER_TEST_GROUP_INIT (T2030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
-
-RUNNER_TEST(T2031_init_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2032_save_keys_get_alias_C_API)
-{
- int temp;
-
- char* password = NULL;
- ckmc_policy_s test_policy1, test_policy2, test_policy3;
- ckmc_key_s test_key;
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- char* char_keypem = new char[keyPem.length() + 1];
-
- std::strcpy(char_keypem, keyPem.c_str());
- test_key.raw_key = (unsigned char *)char_keypem;
- test_key.key_size = keyPem.length();
- test_key.key_type = CKMC_KEY_RSA_PUBLIC;
- test_key.password = password;
- ckmc_alias_list_s *aliasList;
-
- test_policy1.password = password;
- test_policy1.extractable = 1;
-
- test_policy2.password = password;
- test_policy2.extractable = 0;
-
- test_policy3.password = password;
- test_policy3.extractable = 0;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key_alias_list(&aliasList)),
- "Error=" << temp);
-
- ckmc_alias_list_s *plist = aliasList;
- int count_list;
- count_list = 1;
-
- while(plist && plist->next!=NULL) {
- plist = plist->next;
- count_list +=1;
- }
-
- RUNNER_ASSERT_MSG( count_list == 3,
- "Wrong size of list: " << count_list << " Expected: 3");
-}
-
-
-RUNNER_TEST(T2033_remove_key_C_API)
-{
- int temp;
-
- char* password = NULL;
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- char* char_keypem = new char[keyPem.length() + 1];
-
- std::strcpy(char_keypem, keyPem.c_str());
- ckmc_key_s *test_key2;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2034_deinit_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
-}
-
-RUNNER_TEST_GROUP_INIT (T2040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
-
-RUNNER_TEST(T2041_init_C_API)
-{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2042_save_get_bin_data_C_API)
-{
- int temp;
-
- ckmc_raw_buffer_s testData1, testData2, testData3;
- char* password = NULL;
-
- std::string binData1 = "My bin data1";
- std::string binData2 = "My bin data2";
- std::string binData3 = "My bin data3";
- char* char_binData1 = new char[binData1.length() + 1];
- char* char_binData2 = new char[binData2.length() + 1];
- char* char_binData3 = new char[binData3.length() + 1];
- std::strcpy(char_binData1, binData1.c_str());
- std::strcpy(char_binData2, binData2.c_str());
- std::strcpy(char_binData3, binData3.c_str());
- testData1.data = (unsigned char *) char_binData1;
- testData2.data = (unsigned char *) char_binData2;
- testData3.data = (unsigned char *) char_binData3;
- testData1.size = binData1.length()+1;
- testData2.size = binData2.length()+1;
- testData3.size = binData3.length()+1;
-
- ckmc_policy_s test_policy1, test_policy2, test_policy3;
-
- test_policy1.password = password;
- test_policy1.extractable = 1;
- test_policy2.password = password;
- test_policy2.extractable = 1;
- test_policy3.password = password;
- test_policy3.extractable = 0;
-
- ckmc_alias_list_s *aliasList;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_data_alias_list(&aliasList)),
- "Error=" << temp);
-
- ckmc_alias_list_s *plist = aliasList;
- int count_list;
- count_list = 1;
-
- while(plist && plist->next!=NULL) {
- plist = plist->next;
- count_list +=1;
- }
-
- RUNNER_ASSERT_MSG( count_list == 3,
- "Wrong size of list: " << count_list << " Expected: 3");
-
- ckmc_raw_buffer_s *testData4;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
- "Error=" << temp);
-
- int compareResult;
- compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
- RUNNER_ASSERT_MSG( compareResult == 0,
- "Data corrupted");
-}
-
-RUNNER_CHILD_TEST(T2043_app_user_save_bin_data_C_API)
-{
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
- ckmc_raw_buffer_s testData1;
- char* password = NULL;
- std::string binData1 = "My bin data";
- char* char_binData1 = new char[binData1.length() + 1];
- std::strcpy(char_binData1, binData1.c_str());
- testData1.data = (unsigned char *) char_binData1;
- testData1.size = binData1.length()+1;
-
- ckmc_policy_s test_policy1, test_policy2;
-
- test_policy1.password = password;
- test_policy1.extractable = 1;
-
- test_policy2.password = password;
- test_policy2.extractable = 1;
-
- std::string binData = "My bin data";
-
- ckmc_alias_list_s *aliasList;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_data_alias_list(&aliasList)),
- "Error=" << temp);
-
- ckmc_alias_list_s *plist = aliasList;
-
- int count_list;
- count_list = 1;
-
- while(plist && plist->next!=NULL) {
- plist = plist->next;
- count_list +=1;
- }
-
- RUNNER_ASSERT_MSG( count_list == 3,
- "Wrong size of list: " << count_list << " Expected: 3");
-}
-
-RUNNER_TEST(T2044_remove_bin_data_C_API)
-{
- int temp;
-
- ckmc_alias_list_s *aliasList;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_data_alias_list(&aliasList)),
- "Error=" << temp);
-
- ckmc_alias_list_s *plist = aliasList;
- int count_list;
- count_list = 1;
-
- while(plist && plist->next!=NULL) {
- plist = plist->next;
- count_list +=1;
- }
-
- RUNNER_ASSERT_MSG(
- count_list == 1,
- "Wrong size of list: " << count_list << " Expected: 1");
- char* password = NULL;
-
- ckmc_raw_buffer_s *testData1, testData2;
-
- std::string testStr = "My bin data2";
- char* char_testData2 = new char[testStr.length() + 1];
- std::strcpy(char_testData2, testStr.c_str());
- testData2.data = (unsigned char *) char_testData2;
- testData2.size = testStr.length()+1;
-
- CKM::RawBuffer buffer;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
- "Error=" << temp);
-
- int compareResult;
- compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
- RUNNER_ASSERT_MSG( compareResult == 0,
- "Data corrupted");
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2045_deinit_C_API)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
-}
-
-RUNNER_TEST_GROUP_INIT(T205_CKMC_QUICK_CREATE_PAIR_CAPI);
-
-RUNNER_TEST(T2051_CAPI_init)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
- "Error=" << temp);
-}
-
-RUNNER_CHILD_TEST(T2052_CAPI_create_rsa_key)
-{
- int temp;
-
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- size_t size = 2048;
- const char *private_key_alias = "PRV_KEY1";
- const char *public_key_alias = "PUB_KEY1";
- ckmc_policy_s policy_private_key;
- ckmc_policy_s policy_public_key;
-
- policy_private_key.password = NULL;
- policy_private_key.extractable = 1;
-
- policy_public_key.password = NULL;
- policy_public_key.extractable = 1;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
- "Error=" << temp);
-
- ckmc_key_s *privateKey;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
- "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
- RUNNER_ASSERT_MSG(
- privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
- "Error=" << temp);
-
- ckmc_key_s *publicKey;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
- "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
- RUNNER_ASSERT_MSG(
- publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
- "Error=" << temp);
-
- ckmc_alias_list_s *alias_list;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key_alias_list(&alias_list)),
- "Error=" << temp);
- int cnt = 0;
- ckmc_alias_list_s *current;
- ckmc_alias_list_s *next =alias_list;
- do{
- current = next;
- next = current->next;
- cnt ++;
- }while(next != NULL);
- RUNNER_ASSERT_MSG(cnt == 2, "Error=Invalid Key Number");
-}
-
-RUNNER_TEST(T2053_CAPI_deinit)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
-}
-
-
-RUNNER_TEST_GROUP_INIT(T206_CKMC_CAPI_CreateKeyPairRSA);
-
-RUNNER_TEST(T2061_CAPI_init)
-{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2062_CAPI_CreateKeyPairRSA)
-{
- int temp;
-
- size_t size = 1024;
- const char *private_key_alias = "rsa-test-1";
- const char *public_key_alias = "rsa-test-2";
- ckmc_policy_s policy_private_key;
- ckmc_policy_s policy_public_key;
-
- policy_private_key.password = const_cast<char *>("privatepassword");
- policy_private_key.extractable = 0;
-
- policy_public_key.password = NULL;
- policy_public_key.extractable = 1;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
- "Error=" << temp);
-
- sleep(1);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
- "Error=" << temp << ", ret=" << temp);
-}
-
-RUNNER_TEST(T2063_CAPI_CreateKeyPairECDSA)
-{
- int temp;
-
- ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
- const char *private_key_alias = "ecdsa-test-1";
- const char *public_key_alias = "ecdsa-test-2";
- ckmc_policy_s policy_private_key;
- ckmc_policy_s policy_public_key;
-
- policy_private_key.password = const_cast<char *>("privatepassword");
- policy_private_key.extractable = 0;
-
- policy_public_key.password = NULL;
- policy_public_key.extractable = 1;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2064_CAPI_deinit)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
-}
-
-// TODO
-//RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
-
-
-
-RUNNER_TEST_GROUP_INIT(T207_CKMC_CAPI_QUICK_SET_GET_TESTS);
-
-RUNNER_TEST(T2071_CAPI_init)
-{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2072_CAPI_get_chain)
-{
- std::string ee =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n";
-
- std::string im =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
- "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
- "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
- "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
- "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
- "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
- "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
- "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
- "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
- "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
- "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
- "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
- "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
- "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
- "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
- "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
- "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
- "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
- "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
- "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
- "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
- "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
- "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
- "-----END CERTIFICATE-----\n";
-
- ckmc_cert_s c_cert;
- c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
- c_cert.cert_size = ee.size();
- c_cert.data_format = CKMC_FORM_PEM;
-
- ckmc_cert_s c_cert1;
- c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
- c_cert1.cert_size = im.size();
- c_cert1.data_format = CKMC_FORM_PEM;
-
- ckmc_cert_list_s untrustedcerts;
- untrustedcerts.cert = &c_cert1;
- untrustedcerts.next = NULL;
-
- ckmc_cert_list_s *cert_chain_list;
-
- int tmp;
-
- tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == tmp, "Error=" << CKM::ErrorToString(tmp));
-
- int cnt = 0;
- ckmc_cert_list_s *current;
- ckmc_cert_list_s *next =cert_chain_list;
- do{
- current = next;
- next = current->next;
- cnt ++;
- }while(next != NULL);
- RUNNER_ASSERT_MSG(cnt == 3, "Wrong size of certificate chain.");
-
- ckmc_cert_list_s *cert_chain_list2 = NULL;
- ckmc_cert_list_s *untrustedcerts2 = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_VERIFICATION_FAILED == (tmp = ckmc_get_cert_chain(&c_cert, untrustedcerts2, &cert_chain_list2)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- cert_chain_list2 == NULL,
- "Wrong size of certificate chain.");
-}
-
-RUNNER_TEST(T2073_CAPI_deinit)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
-}
-
-
-RUNNER_TEST_GROUP_INIT(T208_CAPI_CREATE_AND_VERIFY_SIGNATURE);
-
-RUNNER_TEST(T2081_CAPI__init)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2082_CAPI__rsa_key_create_verify)
-{
- int temp;
-
- std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
- "Proc-Type: 4,ENCRYPTED\n"
- "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
- "\n"
- "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
- "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
- "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
- "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
- "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
- "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
- "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
- "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
- "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
- "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
- "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
- "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
- "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
- "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
- "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
- "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
- "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
- "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
- "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
- "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
- "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
- "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
- "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
- "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
- "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
- "-----END RSA PRIVATE KEY-----\n";
-
- std::string pub = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----\n";
-
- std::string message = "message test";
- ckmc_raw_buffer_s msg_buff;
- msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
- msg_buff.size = message.size();
-
- const char *pub_alias = "pub1";
- const char *pri_alias = "prv1";
- char *key_passwd = (char *) "1234";
- char *pri_passwd = NULL;
- char *pub_passwd = NULL;
- ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
- ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
- ckmc_raw_buffer_s *signature;
-
- ckmc_key_s pubkey;
- pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
- pubkey.key_size = pub.size();
- pubkey.key_type = CKMC_KEY_NONE;
- pubkey.password = NULL;
-
- ckmc_policy_s pubpolicy;
- pubpolicy.password = pub_passwd;
- pubpolicy.extractable = 0;
-
- ckmc_policy_s pripolicy;
- pripolicy.password = pri_passwd;
- pripolicy.extractable = 1;
-
- ckmc_key_s prikey;
- prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
- prikey.key_size = prv.size();
- prikey.key_type = CKMC_KEY_NONE;
- prikey.password = key_passwd;
-
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
- pri_passwd,
- msg_buff,
- hash_algo,
- pad_algo,
- &signature)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-
-}
-
-RUNNER_TEST(T2083_CAPI__rsa_key_create_verify_negative)
-{
- int temp;
- std::string message = "message asdfaslkdfjlksadjf test";
-
- ckmc_raw_buffer_s msg_buff;
- msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
- msg_buff.size = message.size();
-
- const char *pub_alias = "pub1";
- const char *pri_alias = "prv1";
- char *pri_passwd = NULL;
- char *pub_passwd = NULL;
- ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
- ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
- ckmc_raw_buffer_s *signature;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
- pri_passwd,
- msg_buff,
- hash_algo,
- pad_algo,
- &signature)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
- memcpy((void*)signature->data, "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2084_CAPI__ec_key_create_verify)
-{
- int temp;
-
- std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
- "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
- "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
- "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
- "-----END EC PRIVATE KEY-----\n";
-
- std::string pub = "-----BEGIN PUBLIC KEY-----\n"
- "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
- "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
- "-----END PUBLIC KEY-----\n";
-
- std::string message = "message test";
-
- ckmc_raw_buffer_s msg_buff;
- msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
- msg_buff.size = message.size();
-
- const char *pri_alias = "ecprv2";
- const char *pub_alias = "ecpub2";
- char *key_passwd = NULL;
- char *pri_passwd = NULL;
- char *pub_passwd = NULL;
- ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
- ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
- ckmc_raw_buffer_s *signature;
-
- ckmc_key_s pubkey;
- pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
- pubkey.key_size = pub.size();
- pubkey.key_type = CKMC_KEY_NONE;
- pubkey.password = NULL;
-
- ckmc_policy_s pubpolicy;
- pubpolicy.password = pub_passwd;
- pubpolicy.extractable = 1;
-
- ckmc_key_s prikey;
- prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
- prikey.key_size = prv.size();
- prikey.key_type = CKMC_KEY_NONE;
- prikey.password = key_passwd;
-
- ckmc_policy_s pripolicy;
- pripolicy.password = (char *)pri_passwd;
- pripolicy.extractable = 0;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
- pri_passwd,
- msg_buff,
- hash_algo,
- pad_algo,
- &signature)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
- memcpy((void*)signature->data, "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2085_CAPI__rsa_cert_create_verify_signature)
-{
- int temp;
-
- std::string prv =
- "-----BEGIN RSA PRIVATE KEY-----\n"
- "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
- "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
- "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
- "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
- "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
- "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
- "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
- "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
- "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
- "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
- "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
- "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
- "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
- "-----END RSA PRIVATE KEY-----\n";
-
- std::string pub =
- "-----BEGIN CERTIFICATE-----\n"
- "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
- "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
- "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
- "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
- "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
- "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
- "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
- "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
- "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
- "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
- "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
- "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
- "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
- "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
- "-----END CERTIFICATE-----\n";
-
- std::string message = "message test";
-
- ckmc_raw_buffer_s msg_buff;
- msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
- msg_buff.size = message.size();
-
- const char *pri_alias = "prv3";
- const char *pub_alias = "pub3";
- char *key_passwd = NULL;
- char *pri_passwd = NULL;
- char *pub_passwd = NULL;
- ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
- ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
- ckmc_raw_buffer_s *signature;
-
- ckmc_cert_s cert;
- cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
- cert.cert_size = pub.size();
- cert.data_format = CKMC_FORM_PEM;
-
- ckmc_policy_s certpolicy;
- certpolicy.password = pub_passwd;
- certpolicy.extractable = 1;
-
- ckmc_key_s prikey;
- prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
- prikey.key_size = prv.size();
- prikey.key_type = CKMC_KEY_NONE;
- prikey.password = key_passwd;
-
- ckmc_policy_s pripolicy;
- pripolicy.password = pri_passwd;
- pripolicy.extractable = 0;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
- "Error=" << temp);
-
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
- pri_passwd,
- msg_buff,
- hash_algo,
- pad_algo,
- &signature)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
- memcpy((void*)signature->data, "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2086_CAPI__ecdsa_cert_create_verify_signature)
-{
- int temp;
-
- std::string prv =
- "-----BEGIN EC PRIVATE KEY-----\n"
- "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
- "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
- "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
- "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
- "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
- "ELyhe7yPCAuOoLZlTLgf\n"
- "-----END EC PRIVATE KEY-----\n";
-
- std::string pub =
- "-----BEGIN CERTIFICATE-----\n"
- "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
- "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
- "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
- "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
- "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
- "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
- "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
- "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
- "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
- "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
- "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
- "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
- "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
- "Q1oBry6NEc+lLFmWMDesAA==\n"
- "-----END CERTIFICATE-----\n";
-
- std::string message = "message test";
-
-
- ckmc_raw_buffer_s msg_buff;
- msg_buff.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(message.c_str()));
- msg_buff.size = message.size();
-
- const char *pri_alias = "prv4";
- const char *pub_alias = "pub4";
- char *key_passwd = NULL;
- char *pri_passwd = NULL;
- char *pub_passwd = NULL;
- ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
- ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
- ckmc_raw_buffer_s *signature;
-
- ckmc_cert_s cert;
- cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
- cert.cert_size = pub.size();
- cert.data_format = CKMC_FORM_PEM;
-
- ckmc_policy_s certpolicy;
- certpolicy.password = pub_passwd;
- certpolicy.extractable = 1;
-
- ckmc_key_s prikey;
- prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
- prikey.key_size = prv.size();
- prikey.key_type = CKMC_KEY_NONE;
- prikey.password = key_passwd;
-
- ckmc_policy_s pripolicy;
- pripolicy.password = pri_passwd;
- pripolicy.extractable = 0;
-
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_create_signature(
- pri_alias,
- pri_passwd,
- msg_buff,
- hash_algo,
- pad_algo,
- &signature)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
- memcpy((void*)signature->data, "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
- pub_alias,
- pub_passwd,
- msg_buff,
- *signature,
- hash_algo,
- pad_algo)),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2087_CAPI__deinit)
-{
- int temp;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
-}
-
-
-//#######################################################################################
-
-void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
-{
- RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
- RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
-
- if(key->password != NULL && password != NULL) {
- RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
- }else if(key->password == NULL && password == NULL) {
- RUNNER_ASSERT_MSG(true, "Password Error" );
- }else {
- RUNNER_ASSERT_MSG(false, "Password Error" );
- }
-
- if(key->raw_key != NULL && raw_key != NULL) {
- for(unsigned int i=0; i<key_size; i++) {
- RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
- }
- }else if(key->raw_key == NULL && raw_key == NULL) {
- RUNNER_ASSERT_MSG(true, "Raw Key Error" );
- }else {
- RUNNER_ASSERT_MSG(false, "Raw Key Error" );
- }
-}
-
-RUNNER_TEST_GROUP_INIT(T209_CKMC_CAPI_TYPES);
-
-RUNNER_TEST(T2091_CAPI_TYPE_init)
-{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
- "Error=" << temp);
-}
-
-RUNNER_TEST(T2092_CAPI_TYPE_KEY)
-{
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
- unsigned int key_size = keyPem.size();
- ckmc_key_type_e key_type = CKMC_KEY_NONE;
- char *password = const_cast< char *>("");
-
- ckmc_key_s *key;
- ckmc_key_new(raw_key, key_size, key_type, password, &key);
-
- _assertKey(key, raw_key, key_size, key_type, password);
- ckmc_key_free(key);
-
- char *passwordNull = NULL;
- ckmc_key_s *key2;
- ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
- ckmc_key_free(key2);
-}
-
-RUNNER_TEST(T2093_CAPI_TYPE_BUFFER)
-{
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
- unsigned int size = keyPem.size();
-
- ckmc_raw_buffer_s *buff;
- ckmc_buffer_new(data, size, &buff);
-
- RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
-
- if(buff->data != NULL && data != NULL) {
- for(unsigned int i=0; i<size; i++) {
- RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
- }
- }else if(buff->data == NULL && data == NULL) {
- RUNNER_ASSERT_MSG(true, "Raw data Error" );
- }else {
- RUNNER_ASSERT_MSG(false, "Raw data Error" );
- }
-
- ckmc_buffer_free(buff);
-}
-
-RUNNER_TEST(T2094_CAPI_TYPE_CERT)
-{
- std::string certPem =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
- "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
- "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
- "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
- "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
- "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
- "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
- "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
- "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
- "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
- "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
- "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
- "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
- "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
- "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
- "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
- "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
- "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
- "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
- "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
- "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
- "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
- "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
- "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
- "rHva8A==\n"
- "-----END CERTIFICATE-----\n";
-
- unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
- unsigned int size = certPem.size();
- ckmc_data_format_e form = CKMC_FORM_PEM;
-
- ckmc_cert_s *ckmCert;
- ckmc_cert_new(raw_cert, size, form, &ckmCert);
-
- RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
-
- if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
- for(unsigned int i=0; i<size; i++) {
- RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
- }
- }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
- RUNNER_ASSERT_MSG(true, "raw_cert Error" );
- }else {
- RUNNER_ASSERT_MSG(false, "raw_cert Error" );
- }
-
- RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
-
- ckmc_cert_free(ckmCert);
-}
-
-
-RUNNER_TEST(T2095_CAPI_TYPE_load_cert_file)
-{
- int ret;
-
- std::string certStr =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n";
-
- const char *file_name = "/tmp/ckmc_test_cert.pem";
- remove(file_name);
-
- FILE* cert_file;
- cert_file = fopen(file_name, "w");
- fprintf(cert_file, "%s",certStr.c_str());
- fclose(cert_file);
-
- ckmc_cert_s *pcert;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
- "Error=" << CKM::ErrorToString(ret));
-
- RUNNER_ASSERT_MSG(
- pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
-
- const char *lcert_alias = "lcert_alias";
- ckmc_policy_s policy;
- policy.password = NULL;
- policy.extractable = 1;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias, *pcert, policy)),
- "Error=" << CKM::ErrorToString(ret));
-
- remove(file_name);
-}
-
-RUNNER_TEST(T2096_CAPI_TYPE_load_p12_file) {
- std::string p12Base64 =
- "MIINaQIBAzCCDS8GCSqGSIb3DQEHAaCCDSAEgg0cMIINGDCCChcGCSqGSIb3DQEH\n"
- "BqCCCggwggoEAgEAMIIJ/QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIvO01\n"
- "D2ODdkYCAggAgIIJ0NscvWq3hmXai5DQcleOgELPbu2c97d+KJnRGCK7K3eRb0/v\n"
- "4F3f3LFSFFT9OAK0/OS1ZYCiO+IuZ6Rpc8Baqe89xVcOHrQ0dQ7sIvbq10dnp5nY\n"
- "fEcrt7qPXcRa3IdOX4PFo4aCOFq5bHv5M3quHldKRh4itosjsAGuF/xtnVnO6lU5\n"
- "UlPhtAdr2Mpr4SHh+oBbJknLvyd6n/4xZ2elEA8ui4Qt5GfiHwWs2J7KO3Z8M1vW\n"
- "yukuyVTaZ6RNkj8dkq/RttvVinlgATYLoosjCsH7VVcd+/z9JqD37QQ89pzdjvJg\n"
- "CtXFVbqsOIbjPMkQMYtMdaPsLDDzw6l+q7BJreGIoJmTHbhTtNOJo03XPEnlVXUq\n"
- "Q+224ibNKzLAvpSWOo8BUHK7ZDc1oaLODDZ+WAA6jfgHkuhhWYr9dxce6UdhMghJ\n"
- "M7ixWwa350psdACREdGxNQzxmucmueprbDumVPAnnJfnKfgRXdKpTDFWS4TaYRc/\n"
- "TE4lKSBZpFFduy/gdpLGCHdklTs33aWZ/mEVZJnk2PggKyvSKH9oL3DxkZIFkGdQ\n"
- "wcy8gAuLBirdWB/q4JWqW7sH8kMfEwXACEm1z4SzCik8afamQNJEbovA3Pvrhw/P\n"
- "1HE5KPNvKMaIr9kk5rTnGGTSNrSMqUCnBl4MjVS4HacrZvvt60y0D3RFB8IqlFMt\n"
- "od2FagxojPyO/wP8jDERnySo2Irz0x0WUjWARtcLLH2FOK7ROkX1/WjRZmDV0jtv\n"
- "yL8r97XZf/NddVU13Jt13dBJCjxZRvfJZgNI8RybkPQ3Y9J5LIOLVFPU3ZKIi7W7\n"
- "KtCw/FCUfEdNarLQMWG0Z9bux7vu/eK1+KpF9pfzD3Q1V0sj2M158Q5W2gy9q/u0\n"
- "gOOuybiZB2AL9kxBv0rqb8h7SF5ZIRoy85PrwtnX7w4Xq+4I7RA68bcEGyqgTWWb\n"
- "XZxcY65F2slqekXddKeDSTizQk/APgWva/TwgaUeXR9YBCO4o71pla//FNqJ6pRm\n"
- "tZjEY9ALBCc083gsImc7+LAeubEcYzjhhgRPQwGJfJTMqgC/NOa9wFhvNO4QcFjf\n"
- "XQxxIFxlQJ64qU316FyeuyxLYGd02uakrLLgYtAGG7nPZCYNkUKvCwICKJYI+wAg\n"
- "CX0FVwXsR1f33kVuV6sd4YConz80Lk9ayvNJVeCzEOBvhthbMcP3mIn22X+GT3jU\n"
- "O5Z0bkXAU0C8XTfLQMk2m6Ag3mctrn4iJBPwQ7j12GnlSLko+e7IssRd4Qj4vBZd\n"
- "KXUIoRcOsXqWoQgXJAtdLJEHVo0SUyxVojXsXqUZ3yYOkVUykvXZUcBnS6xwtaUt\n"
- "EzdFsEO3NQSLOju5Tpp12lKbrgIToV75zyA3CULEdimEUWD/wA+pDaIS39shNyeE\n"
- "edtAp3WF3mDkHQFyKG52IVx7hJU8jXXunvY21tshTAx/Gda0X1CtgSU7Q00ROr+L\n"
- "TaehRiKsSgxQa6/jyJY5KY1hIDzwaem5Y7gDnxotmQuPhIX8MeD5Qdv6AVovfScN\n"
- "07QuWyUBgFsZzbp79AsnPRLzoiAMQljMn7TXDDLq+uF922OU47BQkzlPfKAuHbyu\n"
- "R+uZwtDfMD71FqWjCAHMPyENinsnUehCwX2pVxa6KSs61IsTfb3oUPY1TRxfZnfd\n"
- "8SAUfPjKVss9Eyahuv+kzenPUDZn5LV9E0G0DGNxIf493A5Z29scNkQcCBjTJJvx\n"
- "4BBJCES6SgkTQl7eFoBGOIqqytpYP9QZW5jy7ramgz/gF2kMKjAfikhbd5vB4Fwd\n"
- "QlExMlbW+wL/ffr4AGlwenlDzXBFKQM0mYZNKLuB9LrRzw35fVFZ9XY06VCxhbMa\n"
- "wI9gN4rKA3bNG3DCWTsr1TZ6CvrqFJjlfK4KF/+eNfnkIY8uVYxnPlRRkmPw4dpE\n"
- "KdaXUiu5WJvZupeYqqNsWdxs+v2KS1E/PcM9BgUFKFD4lW84WbWUHPxvxXoZhSCs\n"
- "nQ0hsPd53NKBBdEOao5HAAf+T5yFnJzZ3rVkYBEC67gHyWgXB1Zy283yAIihvUXw\n"
- "DOEVppNHnIqAjQpncQcDpV0/zYCvqOEfU+JPpmepgo737Tq2MlUKLTByhg1mQhKm\n"
- "2pI63BFiw2/2igImFbmhzJjilWkaM4kwM1uGKOKgjacXI/VSVEajuYAfo37quBxF\n"
- "ZWyWJoFXBvQ7jolTKXUVbCqnSSaItosZrS3vcDdGUegRm0rf6IzCRPdSIsfCDdZG\n"
- "9UeChoznNezoLENgmqQJTV3wDo3uSZbztlctoERvZpn457MLZEn8hXEwMLPXx2Ur\n"
- "HQ5fYAdTBzBpoLiy8ujzFxFJDzW9ytnb7aFF7YVivfj42eVGnCANvVcwkp2/E3MW\n"
- "Img0OyqKRQHaGGI7iGNO5KYpTk0CdSyErQarH52ZRvr0t2CK6J6vDgrhJnzd5Ayr\n"
- "6t+coAZBw8eIJqiM5WzAm4mlZRSHL+JcaKkrqoYOo+kewj7wgW2Kk/7S8re38RvP\n"
- "+V9nqpfr18gIV72G2yZ60C21eRqOFPgl1CYbmWHqYKXatuT4o+kgBmJpez5uvIHz\n"
- "LSd88An02ow+WQ+KP8YGV38ZtuA6D4FPA3fsMdhNOqjtwWiPei+ILaXD5PsOfDGH\n"
- "2fZgOWXivFYqq9Cm3B3ffFX/oD/7sFMs+/AWeZOh8XqU8ro73L1HNRXx4HdyRUY/\n"
- "pInwA0mWaFNGgBRPbNW0A6cZ2dY0Hn8sRRsF+5tIs0hOelpT1y/ZEVyGImTQgEbK\n"
- "KeggQGT9h9rhrrUK+hE27MorcRi6tVteKlNyGQsCJko0ZoqqctM4o7wT5ce4nWtb\n"
- "ixzp5xDkDmcP6eldHiVm8TsZn0hkmNDu0xpgIVtb4VDRmWP687EOaGHYhjOBw6X1\n"
- "GD1d1yyg/VxlUr0lKmbsFVC2mDiWbnWd49+FGsrySc2RO8DlC9xkXLaG+ubjmLpK\n"
- "lwagiI2P1MzkHuZiz7WlIjFefuYh0yrYvDA5UDiQTDdoZWFuR5r93QWdsUcHlvdF\n"
- "rYmhQ93F6I4gaT9HSVEDJfisIjIUmIwhh20tdGnf3FC5VyqBYS5GQObq3VnC8stU\n"
- "b7byCEMlKr5bWslEem6gRGTB9xektKgrsFgS7nb3Geegq9K+mWIBC/iBOInVqFYx\n"
- "Uw8+s6ywApXPLPEIrVZumkwo7Rl8lJfCTDNni/68XHhhVHY70N0PSdfnCAvV9G41\n"
- "3wuTZHqLOeQG3Sm8I1JJXkWSuuk0QI7DVKZpmz+x4aFBd+rncfvWOEbN9G0ZqbUT\n"
- "lGkfxtUWY6pWX/XJpyBzOlv2+fCPi/Yd0csb45IEuFHNG1svgqGMJw5BmFu5v0Qs\n"
- "0i1zKBrNA/Acd6+uL0UqDZStB6lyPn6+uifh3sMwggL5BgkqhkiG9w0BBwGgggLq\n"
- "BIIC5jCCAuIwggLeBgsqhkiG9w0BDAoBAqCCAqYwggKiMBwGCiqGSIb3DQEMAQMw\n"
- "DgQIBJuBj07uHGACAggABIICgJBfOlC99JJjEUBibYLXIJPe53Cy7eDXCtVaPbhX\n"
- "VHPCsBrUd7+6Ul7Vh/JHMlJL1VA3WvGnX93f0p5FICgZZA3sIZjpxBoeVkZ0Zx6r\n"
- "ZMnBPIN4GaHYufCGPyAlPXgEGjlBr3g6Sxr8j50vsWtfspwiILsyte+nQ3kE1nV4\n"
- "TjNBnayXmCMnEkf4kKu+dlLFbd1OY/fQJbiT+f9YtMfcfp2IR+7bXb23UIv8Wt1I\n"
- "XyqsYTcUjIvnByKSDrvVu941x1EN5DF1964qQbAZb/z5ueTl8tCpaCFlGbZcXz7X\n"
- "7L3k0YWdymx1J+szd6heQJrzqMjcHK3XWC7YlDytWB59j0eNMx42XEFP0pAO+gt9\n"
- "Iny2XL+sxJC/xzf6apYMmmGwEXrZkkudsSVMgLCtYyin4zM7PFzLAPK9ryEhsxaP\n"
- "g077MJ/aIaZ7PLi7cABz/g+gQ1dSXakNOof6EjRUADHpav9UKeKwWdR8ycB/8AQV\n"
- "XxQTpEsFJ7izdNZDNC/ZeOhc/ohnei169rfH0shVeeckjf++c8zlh/Y5UWIi3V6i\n"
- "5c7RlIJLMtHrvpB5UxRpZgWSdXvCuTCBEzlZAeWJ11I4DAeioqJ1V3h2KcUjNKf1\n"
- "z8mTJrzAycuhm8npaC0Gj6JU7jiYPZLvj+cK/e/gjadWggHFYsjAKhACDbAtG64N\n"
- "Gu9PWJszvhSO8ga7TOVEzdbe2jm4oWtqPe3gb6eYl2Ma6GTfj/PUEDpNAOnr99qV\n"
- "g3uKIXMBp2115bfUf5sbfPdMbnH12XILXR9Va+JjeQHexa64QWlsiRgtXEAXxoEb\n"
- "D2aTlfdsJpgilyj31Y45xOdN7FI+Ltfhudxt1kABPdmKwRMxJTAjBgkqhkiG9w0B\n"
- "CRUxFgQUMvxYuPi3XpEeXbzAkXaNbAw7P5gwMTAhMAkGBSsOAwIaBQAEFOBC4ppE\n"
- "AXO+xdzSBKimvjBBTLbEBAjlaWiC5IVtmAICCAA=\n";
-
- // write file
- const char *p12base64file = "/tmp/ckmc_test_p12.p12.b64";
- const char *p12file = "/tmp/ckmc_test_p12.p12";
- const char *password = "password";
-
- remove(p12base64file);
- remove(p12file);
-
- FILE* b64_file;
- b64_file = fopen(p12base64file, "w");
- fprintf(b64_file, "%s",p12Base64.c_str());
- fclose(b64_file);
-
- std::string cmd("openssl base64 -d -in ");
- cmd.append(p12base64file);
- cmd.append(" -out ");
- cmd.append(p12file);
- system(cmd.c_str());
-
- int temp;
-
- ckmc_key_s *private_key = NULL;
- ckmc_cert_s *cert = NULL;
- ckmc_cert_list_s *ca_cert_list = NULL;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
- &private_key, &cert, &ca_cert_list)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
- RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
- RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
-
- ckmc_policy_s policy;
- policy.password = NULL;
- policy.extractable = 1;
-
-
- const char *pkey_alias = "pkey_alias";
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *private_key, policy)),
- "Error=" << temp);
-
- const char *cert_alias = "cert_alias";
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *cert, policy)),
- "Error=" << temp);
- std::string caCertAlias = "ca_cert_alias_";
- const char *idx = "0";
- int cnt = 0;
- ckmc_cert_list_s *tmpList = ca_cert_list;
- while(tmpList != NULL) {
- caCertAlias.append(idx);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
- "Error=" << temp);
- tmpList = tmpList->next;
- cnt ++;
- }
-
- RUNNER_ASSERT_MSG(cnt == 2,"Invalid CA Cert Count");
-
- ckmc_key_free(private_key);
- ckmc_cert_free(cert);
- ckmc_cert_list_all_free(ca_cert_list);
-
- remove(p12base64file);
- remove(p12file);
-}
-
-
-RUNNER_TEST(T2098_CAPI_TYPE_deinit)
-{
- int temp;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
- "Error=" << temp);
-}
-
-
-RUNNER_TEST_GROUP_INIT(T2000_CAPI_LOCKTYPE_TESTS);
-
-RUNNER_CHILD_TEST(T2101_CAPI_init_lock_key)
-{
- int tmp;
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- char *null_password = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (tmp = ckmc_change_user_password(USER_APP,"user-pass",null_password)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (tmp = ckmc_lock_user_key(USER_APP)),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_CHILD_TEST(T2102_CAPI_unlock_default_passwd)
-{
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
-
- ckmc_key_s test_key, *test_key2;
- ckmc_policy_s test_policy;
-
- char* password = NULL;
- char alias[20] = "mykey_defpasswd";
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- char* char_keypem = new char[keyPem.length() + 1];
-
- std::strcpy(char_keypem, keyPem.c_str());
- test_key.raw_key = (unsigned char *)char_keypem;
- test_key.key_size = keyPem.length();
- test_key.key_type = CKMC_KEY_RSA_PUBLIC;
- test_key.password = password;
-
- test_policy.password = password;
- test_policy.extractable = 1;
-
- test_key2 = &test_key;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (temp = ckmc_remove_key(alias)),
- "Error=" << temp);
-}
-
-RUNNER_CHILD_TEST(T2103_CAPI_init_change_user_password)
-{
- int tmp;
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- char *null_password = NULL;
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (tmp = ckmc_change_user_password(USER_APP,null_password,"user-pass")),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_NONE == (tmp = ckmc_lock_user_key(USER_APP)),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_CHILD_TEST(T2104_CAPI_unlock_default_passwd_negative)
-{
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
-
- ckmc_key_s test_key, *test_key2;
- ckmc_policy_s test_policy;
-
- char* password = NULL;
- char alias[20] = "mykey_defpasswd";
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- char* char_keypem = new char[keyPem.length() + 1];
-
- std::strcpy(char_keypem, keyPem.c_str());
- test_key.raw_key = (unsigned char *)char_keypem;
- test_key.key_size = keyPem.length();
- test_key.key_type = CKMC_KEY_RSA_PUBLIC;
- test_key.password = password;
-
- test_policy.password = password;
- test_policy.extractable = 1;
-
- test_key2 = &test_key;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_LOCKED == (temp = ckmc_save_key(alias, test_key, test_policy)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key2)),
- "Error=" << temp);
-}
-
-RUNNER_CHILD_TEST(T2109_CAPI_deinit)
-{
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-}
-
-RUNNER_TEST_GROUP_INIT(T220_CAPI_EMPTY_DATABASE);
-
-RUNNER_TEST(T2201_CAPI_unlock_database)
-{
- int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
- "Error=" << temp);
-}
-
-RUNNER_CHILD_TEST(T2202_CAPI_get_data_from_empty_database)
-{
- int temp;
- char alias[10] = "mykey";
- char *password = NULL;
- ckmc_key_s *test_key = NULL;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias, password, &test_key)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
-}
-
-RUNNER_CHILD_TEST(T2203_CAPI_deinit_lock_database)
-{
- int temp;
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
- "Error=" << temp);
- RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
- "Error=" << temp);
-}
-
-RUNNER_CHILD_TEST(T2204_CAPI_get_data_from_locked_database)
-{
- int temp;
- char alias[10] = "mykey";
- char *password = NULL;
- ckmc_key_s *test_key = NULL;
-
- RUNNER_ASSERT_MSG(
- CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key)),
- "Error=" << temp);
-
- RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
-}
+++ /dev/null
-#include <netdb.h>
-
-#include <dpl/log/log.h>
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_child.h>
-
-#include <tests_common.h>
-#include <access_provider.h>
-
-#include <ckm/ckm-manager.h>
-#include <ckm/ckm-control.h>
-#include <ckm/ckm-password.h>
-#include <ckm/ckm-type.h>
-#include <ckm/ckm-pkcs12.h>
-
-#include <fstream>
-
-static const int USER_APP = 5000;
-static const int GROUP_APP = 5000;
-static const int USER_TEST = 5001;
-
-/*
- * How to numerate tests:
- * TABCD_NAME
- * T - test case (always T)
- * AB - number of test group (always two digits)
- * C - test number in group (all tests with same TABC must be run in the same time).
- * D - subtest.
- */
-
-
-RUNNER_TEST_GROUP_INIT(T0000_CKM_CONTROL);
-
-RUNNER_TEST(T0010_Control)
-{
- int temp;
- auto control = CKM::Control::create();
-
- control->removeUserData(0);
- control->removeUserData(20);
- control->removeUserData(USER_APP);
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T0020_Control)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T0030_Control)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T0040_Control)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "simple-password")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T0050_Control)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(20)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
-
-RUNNER_TEST(T1010_init)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1011_key)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer, CKM::Password());
- CKM::KeyShPtr key2;
- CKM::Alias alias = "mykey";
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- key->getDER() == key2->getDER(),
- "Key value has been changed by service");
-}
-
-RUNNER_TEST(T1012_certificate)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string certPem =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
- "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
- "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
- "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
- "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
- "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
- "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
- "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
- "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
- "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
- "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
- "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
- "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
- "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
- "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
- "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
- "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
- "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
- "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
- "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
- "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
- "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
- "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
- "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
- "rHva8A==\n"
- "-----END CERTIFICATE-----\n";
-
- CKM::RawBuffer buffer(certPem.begin(), certPem.end());
- auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
- CKM::CertificateShPtr cert2;
- CKM::Alias alias = "myCert";
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- cert->getDER() == cert2->getDER(),
- "Data has been modified in key manager");
-}
-
-RUNNER_CHILD_TEST(T1013_user_app_save_key)
-{
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- int temp;
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer, CKM::Password());
- CKM::KeyShPtr key2;
- CKM::Alias alias = "mykey";
- auto manager = CKM::Manager::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- key->getDER() == key2->getDER(), "Key value has been changed by service");
-}
-
-
-RUNNER_TEST(T1014_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
-
-RUNNER_TEST(T1020_init)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1021_save_keys_get_alias)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer, CKM::Password());
- CKM::AliasVector aliasVector;
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(aliasVector)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- aliasVector.size() == 3,
- "Wrong size of list: " << aliasVector.size() << " Expected: 3");
-}
-
-RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
-{
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer, CKM::Password());
- CKM::AliasVector aliasVector;
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(aliasVector)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- aliasVector.size() == 3,
- "Wrong size of list: " << aliasVector.size() << " Expected: 3");
-}
-
-RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
-{
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer, CKM::Password());
- CKM::AliasVector aliasVector;
- CKM::Policy notExportable(CKM::Password(), false);
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1029_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
-
-RUNNER_TEST(T1030_init)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1031_save_get_bin_data)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string binData1 = "My bin data1";
- std::string binData2 = "My bin data2";
- std::string binData3 = "My bin data3";
-
- CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
- CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
- CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
-
- CKM::AliasVector aliasVector;
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getDataAliasVector(aliasVector)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- aliasVector.size() == 3,
- "Wrong size of list: " << aliasVector.size() << " Expected: 3");
-
- CKM::RawBuffer buffer;
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- buffer == buffer2,
- "Data corrupted");
-}
-
-RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
-{
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string binData = "My bin data";
-
- CKM::RawBuffer buffer(binData.begin(), binData.end());
-
- CKM::AliasVector aliasVector;
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getDataAliasVector(aliasVector)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- aliasVector.size() == 3,
- "Wrong size of list: " << aliasVector.size() << " Expected: 3");
-}
-
-RUNNER_TEST(T1033_remove_bin_data)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string binData2 = "My bin data2";
- CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
-
- CKM::AliasVector aliasVector;
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->removeData("data1")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->removeData("data3")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getDataAliasVector(aliasVector)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- aliasVector.size() == 1,
- "Wrong size of list: " << aliasVector.size() << " Expected: 1");
-
- CKM::RawBuffer buffer;
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- buffer == buffer2,
- "Data corrupted");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1039_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
-
-RUNNER_TEST(T1040_init)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_CHILD_TEST(T1041_create_rsa_key)
-{
- int temp;
- auto manager = CKM::Manager::create();
- CKM::AliasVector av;
-
- SecurityServer::AccessProvider ap("mylabel");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1"), CKM::Alias("PUB_KEY1"), CKM::Policy(), CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- 2 == (temp = av.size()),
- "Vector size: " << temp << ". Expected: 2");
-}
-
-RUNNER_TEST(T1049_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-
-RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPairRSA);
-
-RUNNER_TEST(T1110_init)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1111_CreateKeyPairRSA)
-{
- int temp;
- auto manager = CKM::Manager::create();
- CKM::Alias a1("rsa-test-1");
- CKM::Alias a2("rsa-test-2");
- CKM::Policy p1;
- CKM::Policy p2;
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1112_CreateKeyPairECDSA)
-{
- int temp;
- auto manager = CKM::Manager::create();
- CKM::Alias a1("ecdsa-test-1");
- CKM::Alias a2("ecdsa-test-2");
- CKM::Policy p1;
- CKM::Policy p2;
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1113_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
-
-RUNNER_TEST(T12100_init)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T12101_key_exist)
-{
- int ret;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer);
- CKM::Alias alias = "rsa-alias-duplication";
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(ret));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(ret));
-}
-
-/*
- * These test cases tests API when empty parameters are passed to functions
- */
-
-RUNNER_TEST(T12102_saveKey_empty_alias)
-{
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer);
- CKM::Alias alias; //alias is not initialized
-
- int ret;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_TEST(T12103_saveKey_empty_key)
-{
- CKM::KeyShPtr key; //key is not initialized
- CKM::Alias alias = "empty-key";
-
- int ret;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_TEST(T12104_saveCertificate_empty_alias)
-{
- std::string certPem =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
- "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
- "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
- "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
- "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
- "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
- "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
- "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
- "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
- "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
- "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
- "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
- "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
- "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
- "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
- "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
- "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
- "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
- "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
- "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
- "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
- "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
- "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
- "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
- "rHva8A==\n"
- "-----END CERTIFICATE-----\n";
-
- CKM::RawBuffer buffer(certPem.begin(), certPem.end());
- auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
- CKM::Alias alias; //alias is not initialized
-
- int temp;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T12105_saveCertificate_empty_cert)
-{
- CKM::CertificateShPtr cert; //cert is not initialized
- CKM::Alias alias = "empty-cert";
-
- int temp;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T12106_saveData_empty_alias)
-{
- std::string testData = "test data test data test data";
- CKM::RawBuffer buffer(testData.begin(), testData.end());
- CKM::Alias alias;
-
- int temp;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T12107_saveData_empty_data)
-{
- CKM::RawBuffer buffer;
- CKM::Alias alias = "empty-data";
-
- int temp;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-/*
- * These test cases tests API when trying to get data from not existing alias
- */
-
-RUNNER_TEST(T12108_getKey_alias_not_exist)
-{
- CKM::KeyShPtr key;
- CKM::Alias alias = "this-alias-not-exist";
-
- int temp;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T12109_getCertificate_alias_not_exist)
-{
- CKM::CertificateShPtr certificate;
- CKM::Alias alias = "this-alias-not-exist";
-
- int temp;
- auto manager = CKM::Manager::create();
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T12110_getData_alias_not_exist)
-{
- int temp;
- auto manager = CKM::Manager::create();
- CKM::RawBuffer buffer;
- CKM::Alias alias("some alias");
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-/*
- * These test cases tests API when damaged keys are used
- */
-RUNNER_TEST(T12111_rsa_key_damaged)
-{
- int ret;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer);
- CKM::Alias alias = "damaged-rsa";
-
- RUNNER_ASSERT_MSG(
- NULL == key.get(), "Key is broken. It should be empty");
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_TEST(T12112_rsa_key_too_short)
-{
- int ret;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer);
- CKM::Alias alias = "short-rsa";
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_TEST(T12113_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
-
-RUNNER_TEST(T1311_init)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(time(0) > 1405343457,
- "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
-
- struct hostent* he = gethostbyname("google.com");
-
- RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
- "is not woking on the device. OCSP tests requires network access!");
-}
-
-RUNNER_TEST(T1312_get_chain)
-{
- std::string ee = "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n";
-
- std::string im =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
- "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
- "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
- "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
- "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
- "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
- "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
- "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
- "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
- "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
- "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
- "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
- "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
- "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
- "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
- "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
- "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
- "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
- "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
- "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
- "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
- "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
- "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
- "-----END CERTIFICATE-----\n";
-
- auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
- auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
- CKM::CertificateShPtrVector certVector = {cert1};
- CKM::CertificateShPtrVector certChain;
-
- int tmp;
- auto manager = CKM::Manager::create();
-
- RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- 0 == certChain.size(),
- "Wrong size of certificate chain.");
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- 3 == certChain.size(),
- "Wrong size of certificate chain.");
-}
-
-RUNNER_TEST(T1313_get_chain_with_alias)
-{
- std::string ee = "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n";
-
- std::string im =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
- "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
- "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
- "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
- "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
- "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
- "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
- "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
- "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
- "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
- "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
- "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
- "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
- "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
- "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
- "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
- "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
- "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
- "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
- "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
- "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
- "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
- "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
- "-----END CERTIFICATE-----\n";
-
- auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
- auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
- CKM::CertificateShPtrVector certChain;
- CKM::AliasVector aliasVector;
- CKM::Alias alias("imcert");
-
- int tmp;
- auto manager = CKM::Manager::create();
-
- RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- 0 == certChain.size(),
- "Wrong size of certificate chain.");
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
- "Error=" << CKM::ErrorToString(tmp));
-
- aliasVector.push_back(alias);
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, aliasVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- 3 == certChain.size(),
- "Wrong size of certificate chain.");
-}
-
-RUNNER_TEST(T1314_ocsp_check)
-{
- std::string ee = "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n";
-
- std::string im =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
- "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
- "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
- "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
- "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
- "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
- "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
- "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
- "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
- "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
- "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
- "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
- "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
- "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
- "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
- "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
- "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
- "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
- "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
- "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
- "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
- "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
- "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
- "-----END CERTIFICATE-----\n";
-
- auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
- auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
- CKM::CertificateShPtrVector certVector = {cert1};
- CKM::CertificateShPtrVector certChain;
-
- int tmp;
- auto manager = CKM::Manager::create();
-
- RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
- RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (tmp = manager->getCertificateChain(cert, CKM::CertificateShPtrVector(), certChain)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- 0 == certChain.size(),
- "Wrong size of certificate chain.");
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->getCertificateChain(cert, certVector, certChain)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(
- 3 == certChain.size(),
- "Wrong size of certificate chain.");
-
- int status;
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
- "Error=" << CKM::ErrorToString(tmp));
-
- RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
-}
-
-RUNNER_TEST(T1315_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
-
-RUNNER_TEST(T1411_init)
-{
- int temp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1412_rsa_key_create_verify)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
- "Proc-Type: 4,ENCRYPTED\n"
- "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
- "\n"
- "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
- "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
- "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
- "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
- "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
- "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
- "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
- "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
- "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
- "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
- "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
- "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
- "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
- "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
- "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
- "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
- "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
- "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
- "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
- "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
- "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
- "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
- "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
- "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
- "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
- "-----END RSA PRIVATE KEY-----\n";
-
- std::string pub = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----\n";
-
- std::string message = "message test";
-
- CKM::Alias aliasPub = "pub1";
- CKM::Alias aliasPrv = "prv1";
- CKM::Password password = "1234";
- CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
- CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
- CKM::RawBuffer signature;
-
- auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
- auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
-
- RUNNER_ASSERT_MSG(NULL != keyPub.get(),
- "Key is empty. Failed to import public key.");
- RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
- "Key is empty. Failed to import private key.");
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createSignature(
- aliasPrv,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- hash,
- padd,
- signature)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1413_rsa_key_create_verify_negative)
-{
- int temp;
- auto manager = CKM::Manager::create();
- std::string message = "message asdfaslkdfjlksadjf test";
-
- CKM::Alias aliasPub = "pub1";
- CKM::Alias aliasPrv = "prv1";
-
- CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
- CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
- CKM::RawBuffer signature;
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createSignature(
- aliasPrv,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- hash,
- padd,
- signature)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
- memcpy((void*)signature.data(), "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1414_ec_key_create_verify)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
- "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
- "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
- "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
- "-----END EC PRIVATE KEY-----\n";
-
- std::string pub = "-----BEGIN PUBLIC KEY-----\n"
- "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
- "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
- "-----END PUBLIC KEY-----\n";
-
- std::string message = "message test";
-
- CKM::Alias aliasPub = "ecpub2";
- CKM::Alias aliasPrv = "ecprv2";
- CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
- CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
- CKM::RawBuffer signature;
-
- auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
- auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
-
- RUNNER_ASSERT_MSG(NULL != keyPub.get(),
- "Key is empty. Failed to import public key.");
- RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
- "Key is empty. Failed to import private key.");
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createSignature(
- aliasPrv,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- hash,
- padd,
- signature)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
-
- memcpy((void*)signature.data(), "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1415_rsa_cert_create_verify_signature)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string prv =
- "-----BEGIN RSA PRIVATE KEY-----\n"
- "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
- "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
- "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
- "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
- "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
- "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
- "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
- "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
- "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
- "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
- "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
- "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
- "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
- "-----END RSA PRIVATE KEY-----\n";
-
- std::string pub =
- "-----BEGIN CERTIFICATE-----\n"
- "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
- "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
- "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
- "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
- "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
- "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
- "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
- "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
- "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
- "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
- "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
- "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
- "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
- "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
- "-----END CERTIFICATE-----\n";
-
- std::string message = "message test";
-
- CKM::Alias aliasPub = "pub3";
- CKM::Alias aliasPrv = "prv3";
- CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
- CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
- CKM::RawBuffer signature;
-
- auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
- auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
-
- RUNNER_ASSERT_MSG(NULL != cert.get(),
- "Key is empty. Failed to import public key.");
- RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
- "Key is empty. Failed to import private key.");
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createSignature(
- aliasPrv,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- hash,
- padd,
- signature)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
-
- memcpy((void*)signature.data(), "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1416_ecdsa_cert_create_verify_signature)
-{
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string prv =
- "-----BEGIN EC PRIVATE KEY-----\n"
- "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
- "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
- "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
- "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
- "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
- "ELyhe7yPCAuOoLZlTLgf\n"
- "-----END EC PRIVATE KEY-----\n";
-
- std::string pub =
- "-----BEGIN CERTIFICATE-----\n"
- "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
- "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
- "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
- "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
- "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
- "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
- "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
- "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
- "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
- "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
- "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
- "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
- "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
- "Q1oBry6NEc+lLFmWMDesAA==\n"
- "-----END CERTIFICATE-----\n";
-
- std::string message = "message test";
-
- CKM::Alias aliasPub = "pub4";
- CKM::Alias aliasPrv = "prv4";
- CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
- CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
- CKM::RawBuffer signature;
-
- auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
- auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
-
- RUNNER_ASSERT_MSG(NULL != cert.get(),
- "Key is empty. Failed to import public key.");
- RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
- "Key is empty. Failed to import private key.");
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->createSignature(
- aliasPrv,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- hash,
- padd,
- signature)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-
- RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
-
- memcpy((void*)signature.data(), "BROKEN", 6);
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
- aliasPub,
- CKM::Password(),
- CKM::RawBuffer(message.begin(), message.end()),
- signature,
- hash,
- padd)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST(T1417_deinit)
-{
- int temp;
- auto control = CKM::Control::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
-
-RUNNER_CHILD_TEST(T1510_init_unlock_key)
-{
- int tmp;
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_CHILD_TEST(T1511_init_insert_data)
-{
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
-
- std::string ee = "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n";
-
- std::string im =
- "-----BEGIN CERTIFICATE-----\n"
- "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
- "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
- "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
- "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
- "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
- "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
- "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
- "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
- "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
- "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
- "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
- "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
- "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
- "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
- "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
- "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
- "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
- "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
- "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
- "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
- "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
- "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
- "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
- "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
- "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
- "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
- "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
- "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
- "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
- "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
- "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
- "-----END CERTIFICATE-----\n";
-
- auto manager = CKM::Manager::create();
- auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
- auto certim = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
-
- int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
- int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
- "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
- "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
-}
-
-RUNNER_CHILD_TEST(T1519_deinit)
-{
- int tmp;
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-
-RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
-
-RUNNER_CHILD_TEST(T1610_init_lock_key)
-{
- int tmp;
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
-{
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer, CKM::Password());
- CKM::KeyShPtr key2;
- CKM::Alias alias = "mykey_defpasswd";
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- key->getDER() == key2->getDER(),
- "Key value has been changed by service");
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->removeKey(alias)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_CHILD_TEST(T1612_init_change_user_password)
-{
- int tmp;
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
-{
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-
- int temp;
- auto manager = CKM::Manager::create();
-
- std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
- "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
- "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
- "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
- "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
- "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
- "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
- "zQIDAQAB\n"
- "-----END PUBLIC KEY-----";
-
- CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
- auto key = CKM::Key::create(buffer, CKM::Password());
- CKM::KeyShPtr key2;
- CKM::Alias alias = "mykey_defpasswd";
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_LOCKED == (temp = manager->removeKey(alias)),
- "Error=" << CKM::ErrorToString(temp));
-}
-
-RUNNER_CHILD_TEST(T1619_deinit)
-{
- SecurityServer::AccessProvider ap("my-label");
- ap.addObjectRule("key-manager::api-control", "rw");
- ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-}
-
-RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
-
-RUNNER_TEST(T1701_init_unlock_key)
-{
- int tmp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_CHILD_TEST(T1702_init_insert_data)
-{
- int temp;
- SecurityServer::AccessProvider ap("t170-special-label");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
-
- std::string ee = "-----BEGIN CERTIFICATE-----\n"
- "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
- "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
- "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
- "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
- "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
- "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
- "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
- "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
- "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
- "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
- "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
- "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
- "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
- "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
- "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
- "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
- "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
- "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
- "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
- "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
- "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
- "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
- "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
- "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
- "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
- "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
- "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
- "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
- "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
- "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
- "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
- "oFXtrg0=\n"
- "-----END CERTIFICATE-----\n";
-
- auto manager = CKM::Manager::create();
- auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
-
- int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == status1,
- "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
-
- CKM::AliasVector av;
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- 1 == (temp = av.size()),
- "Vector size: " << temp << ". Expected: 1");
-}
-
-RUNNER_TEST(T1703_removeApplicationData)
-{
- int tmp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_CHILD_TEST(T1704_data_test)
-{
- int temp;
- SecurityServer::AccessProvider ap("t170-special-label");
- ap.addObjectRule("key-manager::api-storage", "rw");
- ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
-
- CKM::AliasVector av;
- auto manager = CKM::Manager::create();
-
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
- "Error=" << CKM::ErrorToString(temp));
- RUNNER_ASSERT_MSG(
- 0 == (temp = av.size()),
- "Vector size: " << temp << ". Expected: 0");
-}
-
-RUNNER_TEST(T1705_deinit)
-{
- int tmp;
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_TEST_GROUP_INIT(T180_PKCS12);
-
-RUNNER_TEST(T1801) {
- std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
- std::istreambuf_iterator<char> begin(is), end;
- std::vector<char> buff(begin, end);
-
- CKM::RawBuffer buffer(buff.size());
- memcpy(buffer.data(), buff.data(), buff.size());
-
- auto pkcs = CKM::PKCS12::create(buffer, "secret");
- RUNNER_ASSERT_MSG(
- NULL != pkcs.get(),
- "Error in PKCS12::create()");
-
- auto cert = pkcs->getCertificate();
- RUNNER_ASSERT_MSG(
- NULL != cert.get(),
- "Error in PKCS12::getCertificate()");
-
- auto key = pkcs->getKey();
- RUNNER_ASSERT_MSG(
- NULL != key.get(),
- "Error in PKCS12::getKey()");
-
- auto caVector = pkcs->getCaCertificateShPtrVector();
- RUNNER_ASSERT_MSG(
- 0 == caVector.size(),
- "Wrong size of vector");
-}
-
-RUNNER_TEST(T1802_negative_wrong_password) {
- std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
- std::istreambuf_iterator<char> begin(is), end;
- std::vector<char> buff(begin, end);
-
- CKM::RawBuffer buffer(buff.size());
- memcpy(buffer.data(), buff.data(), buff.size());
-
- auto pkcs = CKM::PKCS12::create(buffer, "error");
- RUNNER_ASSERT_MSG(
- NULL == pkcs.get(),
- "Expected error in PKCS12::create()");
-}
-
-RUNNER_TEST(T1803_negative_broken_buffer) {
- std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
- std::istreambuf_iterator<char> begin(is), end;
- std::vector<char> buff(begin, end);
-
- CKM::RawBuffer buffer(buff.size());
- memcpy(buffer.data(), buff.data(), buff.size());
-
- RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
- buffer[4]=0;
-
- auto pkcs = CKM::PKCS12::create(buffer, "secret");
- RUNNER_ASSERT_MSG(
- NULL == pkcs.get(),
- "Expected error in PKCS12::create()");
-}
-
-RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
-
-RUNNER_TEST(T1901_init_unlock_key)
-{
- int tmp;
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_TEST(T1902_get_data)
-{
- auto manager = CKM::Manager::create();
- CKM::KeyShPtr ptr;
-
- int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
- "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
-}
-
-RUNNER_TEST(T1903_deinit)
-{
- int tmp;
-
- auto control = CKM::Control::create();
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
- "Error=" << CKM::ErrorToString(tmp));
- RUNNER_ASSERT_MSG(
- CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
- "Error=" << CKM::ErrorToString(tmp));
-}
-
-RUNNER_TEST(T1904_get_data_from_locked_database)
-{
- auto manager = CKM::Manager::create();
- CKM::KeyShPtr ptr;
-
- int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
-
- RUNNER_ASSERT_MSG(
- CKM_API_ERROR_DB_LOCKED == status1,
- "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
-}
-
-int main(int argc, char *argv[])
-{
- DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
- return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-}
+++ /dev/null
-INCLUDE(FindPkgConfig)
-SET(COMMON_TARGET_TEST "tests-common")
-
-#dependencies
-PKG_CHECK_MODULES(COMMON_TARGET_DEP
- libsmack
- dbus-1
- sqlite3
- libgum
- glib-2.0
- REQUIRED
- )
-
-#files to compile
-SET(COMMON_TARGET_TEST_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/common/tests_common.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/access_provider.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/smack_access.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/dbus_connection.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/dbus_message_in.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/dbus_message_out.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/service_manager.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/memory.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/db_sqlite.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/fs_label_manager.cpp
- ${PROJECT_SOURCE_DIR}/tests/common/temp_test_user.cpp
- )
-
-#system and local includes
-INCLUDE_DIRECTORIES(SYSTEM ${COMMON_TARGET_DEP_INCLUDE_DIRS})
-
-INCLUDE_DIRECTORIES(
- ${PROJECT_SOURCE_DIR}/tests/framework/include
- ${PROJECT_SOURCE_DIR}/tests/common
- )
-
-
-#output OBJECT format
-ADD_LIBRARY(${COMMON_TARGET_TEST} ${COMMON_TARGET_TEST_SOURCES})
-
-TARGET_LINK_LIBRARIES(${COMMON_TARGET_TEST} ${COMMON_TARGET_DEP_LIBRARIES}
- dpl-test-framework)
-
-INSTALL (FILES ${PROJECT_SOURCE_DIR}/tests/common/security-tests.conf DESTINATION /etc/dbus-1/system.d)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file test_cases_timeout.cpp
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @version 1.0
+ * @brief Inner tests for timeout mechanism
+ */
+
+#include <chrono>
+#include <string>
+#include <thread>
+
+#include <dpl/test/test_runner.h>
+#include <common/timeout.h>
+
+RUNNER_TEST_GROUP_INIT(TIMEOUT)
+
+void timeout_test_ret(int waitDuration, int functionDuration, Timeout::ExpectMode expect) {
+ float fRet = 3.1415;
+ auto ret = Timeout::callAndWait(std::chrono::seconds(waitDuration), expect,
+ Timeout::CancelFunction(),
+ ([fRet](int sec) -> float {
+ std::this_thread::sleep_for(std::chrono::seconds(sec));
+ return fRet;
+ }), functionDuration);
+ RUNNER_ASSERT_MSG(ret == fRet,
+ "Function returned = " << ret << " while expected value was " << fRet);
+}
+
+RUNNER_TEST(it01_expected_timeout)
+{
+ timeout_test_ret(3, 5, Timeout::ExpectMode::TIMEOUT);
+}
+
+RUNNER_TEST(it02_unexpected_finish)
+{
+ bool thrown = false;
+ try {
+ timeout_test_ret(3, 5, Timeout::ExpectMode::FINISHED);
+ } catch (const DPL::Test::TestException&) {
+ thrown = true;
+ }
+ RUNNER_ASSERT_MSG(thrown,
+ "Test should throw DPL::Test::TestException");
+}
+
+RUNNER_TEST(it03_ignored_timeout)
+{
+ timeout_test_ret(3, 5, Timeout::ExpectMode::IGNORE);
+}
+
+RUNNER_TEST(it04_expected_finish)
+{
+ timeout_test_ret(5, 3, Timeout::ExpectMode::FINISHED);
+}
+
+RUNNER_TEST(it05_unexpected_timeout)
+{
+ bool thrown = false;
+ try {
+ timeout_test_ret(5, 3, Timeout::ExpectMode::TIMEOUT);
+ } catch (const DPL::Test::TestException&) {
+ thrown = true;
+ }
+ RUNNER_ASSERT_MSG(thrown,
+ "Test should throw DPL::Test::TestException");
+}
+
+RUNNER_TEST(it06_ignored_finish)
+{
+ timeout_test_ret(5, 3, Timeout::ExpectMode::IGNORE);
+}
+
+void timeout_test_throw(int waitDuration, int functionDuration, Timeout::ExpectMode expect) {
+ std::string exceptionString("exceptionString");
+ bool thrown = false;
+ try {
+ Timeout::callAndWait(std::chrono::seconds(waitDuration), expect,
+ Timeout::CancelFunction(),
+ ([exceptionString](int sec) -> float {
+ std::this_thread::sleep_for(std::chrono::seconds(sec));
+ throw exceptionString;
+ }), functionDuration);
+ } catch (const std::string &str) {
+ RUNNER_ASSERT_MSG(str == exceptionString,
+ "Function thrown = " << str
+ << " while expected value was " << exceptionString);
+ thrown = true;
+ }
+ RUNNER_ASSERT_MSG(thrown,
+ "Test should throw std::string(" << exceptionString << ")");
+}
+
+RUNNER_TEST(it07_throw_expected_timeout)
+{
+ timeout_test_throw(3, 5, Timeout::ExpectMode::TIMEOUT);
+}
+
+RUNNER_TEST(it08_throw_unexpected_finish)
+{
+ bool thrown = false;
+ try {
+ timeout_test_throw(3, 5, Timeout::ExpectMode::FINISHED);
+ } catch (const DPL::Test::TestException&) {
+ thrown = true;
+ }
+ RUNNER_ASSERT_MSG(thrown,
+ "Test should throw DPL::Test::TestException");
+}
+
+RUNNER_TEST(it09_throw_ignored_timeout)
+{
+ timeout_test_throw(3, 5, Timeout::ExpectMode::IGNORE);
+}
+
+RUNNER_TEST(it10_throw_expected_finish)
+{
+ timeout_test_throw(5, 3, Timeout::ExpectMode::FINISHED);
+}
+
+RUNNER_TEST(it11_throw_unexpected_timeout)
+{
+ bool thrown = false;
+ try {
+ timeout_test_throw(5, 3, Timeout::ExpectMode::TIMEOUT);
+ } catch (const DPL::Test::TestException&) {
+ thrown = true;
+ }
+ RUNNER_ASSERT_MSG(thrown,
+ "Test should throw DPL::Test::TestException");
+}
+
+RUNNER_TEST(it12_throw_ignored_finish)
+{
+ timeout_test_throw(5, 3, Timeout::ExpectMode::IGNORE);
+}
+++ /dev/null
-# Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-#
-# @file config.cmake
-# @author Lukasz Marek (l.marek@samsung.com)
-# @version 1.0
-# @brief
-#
-
-SET(DPL_FRAMEWORK_TEST_SOURCES
- ${PROJECT_SOURCE_DIR}/tests/framework/src/assert.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/atomic.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/binary_queue.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/colors.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/exception.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/gdbbacktrace.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/noncopyable.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/singleton.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/abstract_log_provider.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/dlog_log_provider.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/log.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/old_style_log_provider.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_results_collector.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_results_collector_commons.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_results_collector_console.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_results_collector_html.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_results_collector_summary.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_results_collector_xml.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_runner_child.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_runner.cpp
- ${PROJECT_SOURCE_DIR}/tests/framework/src/test_runner_multiprocess.cpp
-)
-
-SET(DPL_FRAMEWORK_TEST_INCLUDE_DIR
- ${PROJECT_SOURCE_DIR}/tests/framework/include
-)
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/**
+ * @file test_cases_deferred.cpp
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
+ * @version 1.0
+ * @brief Inner tests for defer macros mechanism
+ */
+
+#include <dpl/test/test_exception.h>
+#include <dpl/test/test_runner.h>
+
+#define EXPECT_EXCEPTION(expectedCatch, F) { \
+ bool catched = false; \
+ try { \
+ F; \
+ } catch (const DPL::Test::TestException & ex) { \
+ catched = true; \
+ } \
+ RUNNER_ASSERT_MSG(catched == expectedCatch, \
+ "Exception catched = " << catched \
+ << " while expected is = " << expectedCatch); \
+}
+
+#define FILTER(F) { \
+ try { \
+ F; \
+ } catch (...) { \
+ } \
+}
+
+#define TRYCATCH(F) { \
+ RUNNER_DEFER_TRYCATCH( \
+ F; \
+ ); \
+}
+
+#define SCOPE(F) { \
+ RUNNER_DEFER_SCOPE( \
+ F; \
+ ); \
+}
+
+void fail(void)
+{
+ RUNNER_FAIL_MSG("Oops!");
+}
+
+void pass(void)
+{
+}
+
+RUNNER_TEST_GROUP_INIT(DEFERRED)
+
+RUNNER_TEST(id01_simple_fail)
+{
+ EXPECT_EXCEPTION(true, fail());
+}
+
+RUNNER_TEST(id02_filtred_fail)
+{
+ EXPECT_EXCEPTION(false, FILTER(fail()));
+}
+
+RUNNER_TEST(id03_saved_filtred_rethrown_fail)
+{
+ EXPECT_EXCEPTION(true, SCOPE(FILTER(TRYCATCH(fail()))));
+}
+
+RUNNER_TEST(id04_saved_filtred_fail)
+{
+ EXPECT_EXCEPTION(false, FILTER(TRYCATCH(fail())));
+}
+
+RUNNER_TEST(id05_filtred_rethrown_fail)
+{
+ EXPECT_EXCEPTION(false, SCOPE(FILTER(fail())));
+}
+
+RUNNER_TEST(id06_saved_rethrown_fail)
+{
+ EXPECT_EXCEPTION(true, SCOPE(TRYCATCH(fail())));
+}
+
+RUNNER_TEST(id07_saved_fail)
+{
+ EXPECT_EXCEPTION(true, TRYCATCH(fail()));
+}
+
+RUNNER_TEST(id08_rethrown_fail)
+{
+ EXPECT_EXCEPTION(true, SCOPE(fail()));
+}
+
+RUNNER_TEST(id09_nested_scope)
+{
+ EXPECT_EXCEPTION(true, SCOPE(SCOPE(SCOPE(FILTER(TRYCATCH(fail()))))));
+}
+
+RUNNER_TEST(id10_nested_scope2)
+{
+ EXPECT_EXCEPTION(true, SCOPE(SCOPE(FILTER(SCOPE(TRYCATCH(fail()))))));
+}
+
+RUNNER_TEST(id11_saved_filtred_rethrown_pass)
+{
+ EXPECT_EXCEPTION(false, SCOPE(FILTER(TRYCATCH(pass()))));
+}
--- /dev/null
+/*
+ * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <dpl/test/test_runner.h>
+
+int main (int argc, char *argv[])
+{
+ int status = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
+ return status;
+}