--- /dev/null
+/*
+ * Copyright (c) 2023 Samsung Electronics Co., Ltd All Rights Reserved
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License
+ */
+
+#include <string>
+
+#include <dpl/test/test_runner.h>
+#include <ckm-common.h>
+#include <ckmc/ckmc-manager.h>
+#include <ckmc/ckmc-control.h>
+
+using namespace CKM;
+namespace {
+
+const uid_t UID = 5001;
+ckmc_raw_buffer_s* DEFAULT_IV = nullptr;
+
+const Alias AES_KEY_128_ALIAS = "AES-gen-test-128";
+const Alias AES_KEY_192_ALIAS = "AES-gen-test-192";
+const Alias AES_KEY_256_ALIAS = "AES-gen-test-256";
+const Alias AES_KEY_128_PASS_ALIAS = "AES-gen-test-128-pass";
+const Alias AES_KEY_UNEXP_PASS_ALIAS = "AES-gen-test-128-unexp-pass";
+const Alias AES_KEY_UNEXP_ALIAS = "AES-gen-test-128-unexp";
+const Alias RSA_KEY_1024_PRV_ALIAS = "RSA-gen-test-1024-prv";
+const Alias RSA_KEY_1024_PUB_ALIAS = "RSA-gen-test-1024-pub";
+const Alias RSA_KEY_2048_PRV_ALIAS = "RSA-gen-test-2048-prv";
+const Alias RSA_KEY_2048_PUB_ALIAS = "RSA-gen-test-2048-pub";
+const Alias RSA_KEY_4096_PRV_ALIAS = "RSA-gen-test-4096-prv";
+const Alias RSA_KEY_4096_PUB_ALIAS = "RSA-gen-test-4096-pub";
+
+const Alias IMP_AES_CTR = "imp-AES-CTR";
+const Alias IMP_AES_CTR_PASS = "imp-AES-CTR-p";
+const Alias IMPORTED_ALIAS = "imported-key-1";
+
+const char* KEY_PASSWORD = "test-pass-1";
+const ckmc_policy_s EXPORTABLE = {nullptr, 1};
+const ckmc_policy_s EXPORTABLE_PASS = {const_cast<char*>(KEY_PASSWORD), 1};
+const ckmc_policy_s UNEXPORTABLE = {nullptr, 0};
+const ckmc_policy_s UNEXPORTABLE_PASS = {const_cast<char*>(KEY_PASSWORD), 0};
+
+struct Algo {
+ ckmc_algo_type_e type;
+ size_t initVector;
+};
+const Algo AES_CTR_ALGO = {CKMC_ALGO_AES_CTR, 16};
+const Algo AES_CBC_ALGO = {CKMC_ALGO_AES_CBC, 16};
+const Algo AES_GCM_ALGO = {CKMC_ALGO_AES_GCM, 16};
+const Algo AES_CFB_ALGO = {CKMC_ALGO_AES_CFB, 16};
+const Algo RSA_OAEP_ALGO = {CKMC_ALGO_RSA_OAEP, 0};
+
+void importKey(const Algo &algo,
+ int buffLen,
+ const Alias &wrappingKeyAlias,
+ const char* wrappingKeyPass,
+ const Alias &importedKeyAlias,
+ const ckmc_policy_s &importedKeyPolicy);
+
+class GroupFixture: public DPL::Test::TestGroup{
+public:
+ void Init() override {
+ remove_user_data(UID);
+ int ret = ckmc_unlock_user_key(UID,"db-pass");
+ if (ret != CKMC_ERROR_NONE)
+ RUNNER_ERROR_MSG("DB unlock failed: " <<CKMCErrorToString(ret));
+
+ assert_positive(ckmc_create_key_pair_rsa,
+ 1024,
+ RSA_KEY_1024_PRV_ALIAS.c_str(),
+ RSA_KEY_1024_PUB_ALIAS.c_str(),
+ EXPORTABLE,
+ EXPORTABLE);
+
+ assert_positive(ckmc_create_key_pair_rsa,
+ 2048,
+ RSA_KEY_2048_PRV_ALIAS.c_str(),
+ RSA_KEY_2048_PUB_ALIAS.c_str(),
+ EXPORTABLE,
+ EXPORTABLE);
+
+ assert_positive(ckmc_create_key_pair_rsa,
+ 4096,
+ RSA_KEY_4096_PRV_ALIAS.c_str(),
+ RSA_KEY_4096_PUB_ALIAS.c_str(),
+ EXPORTABLE,
+ EXPORTABLE);
+
+ assert_positive(ckmc_create_key_aes, 128, AES_KEY_128_ALIAS.c_str(), EXPORTABLE);
+ assert_positive(ckmc_create_key_aes, 192, AES_KEY_192_ALIAS.c_str(), EXPORTABLE);
+ assert_positive(ckmc_create_key_aes, 256, AES_KEY_256_ALIAS.c_str(), EXPORTABLE);
+ assert_positive(ckmc_create_key_aes, 128, AES_KEY_128_PASS_ALIAS.c_str(), EXPORTABLE_PASS);
+ assert_positive(ckmc_create_key_aes, 128, AES_KEY_UNEXP_ALIAS.c_str(), UNEXPORTABLE);
+ assert_positive(ckmc_create_key_aes, 128, AES_KEY_UNEXP_PASS_ALIAS.c_str(), UNEXPORTABLE_PASS);
+
+ importKey(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, IMP_AES_CTR, EXPORTABLE);
+ importKey(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, IMP_AES_CTR_PASS, EXPORTABLE_PASS);
+ }
+ void Finish() override {
+ int ret = ckmc_lock_user_key(UID);
+ if (ret != CKMC_ERROR_NONE)
+ RUNNER_ERROR_MSG("DB lock failed: " <<CKMCErrorToString(ret));
+
+ remove_user_data(UID);
+ ckmc_buffer_free(DEFAULT_IV);
+
+ ckmc_remove_key(RSA_KEY_1024_PRV_ALIAS.c_str());
+ ckmc_remove_key(RSA_KEY_1024_PUB_ALIAS.c_str());
+ ckmc_remove_key(RSA_KEY_2048_PRV_ALIAS.c_str());
+ ckmc_remove_key(RSA_KEY_2048_PUB_ALIAS.c_str());
+ ckmc_remove_key(RSA_KEY_4096_PRV_ALIAS.c_str());
+ ckmc_remove_key(RSA_KEY_4096_PUB_ALIAS.c_str());
+ ckmc_remove_key(AES_KEY_128_ALIAS.c_str());
+ ckmc_remove_key(AES_KEY_192_ALIAS.c_str());
+ ckmc_remove_key(AES_KEY_256_ALIAS.c_str());
+ ckmc_remove_key(AES_KEY_128_PASS_ALIAS.c_str());
+ ckmc_remove_key(AES_KEY_UNEXP_ALIAS.c_str());
+ ckmc_remove_key(AES_KEY_UNEXP_PASS_ALIAS.c_str());
+
+ ckmc_remove_key(IMP_AES_CTR.c_str());
+ ckmc_remove_key(IMP_AES_CTR_PASS.c_str());
+ }
+};
+
+ParamListPtr getDefaultParams(const Algo &algo){
+ ckmc_param_list_h handle = nullptr;
+
+ assert_positive(ckmc_generate_new_params, algo.type, &handle);
+ ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
+ if(algo.type == CKMC_ALGO_RSA_OAEP)
+ return params;
+
+ DEFAULT_IV = createRandomBufferCAPI(algo.initVector);
+ setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
+ return params;
+}
+
+RawBufferPtr encryptAndImport(const ParamListPtr ¶ms,
+ int buffLen,
+ const Alias &wrappingKeyAlias,
+ const char* wrappingKeyPass,
+ const Alias &importedKeyAlias,
+ const ckmc_policy_s &importedKeyPolicy){
+ RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
+
+ ckmc_raw_buffer_s *encrypted = nullptr;
+ ckmc_key_s *aesKey = nullptr;
+
+ assert_positive(ckmc_encrypt_data,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ wrappingKeyPass,
+ *plainData.get(),
+ &encrypted);
+
+ assert_positive(ckmc_key_new,
+ encrypted->data,
+ encrypted->size,
+ CKMC_KEY_AES,
+ nullptr,
+ &aesKey);
+
+ assert_positive(ckmc_import_wrapped_key,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ wrappingKeyPass,
+ importedKeyAlias.c_str(),
+ aesKey,
+ importedKeyPolicy);
+
+ ckmc_buffer_free(encrypted);
+ ckmc_key_free(aesKey);
+ return plainData;
+}
+void testInvalidAlgoParameters(const ParamListPtr &invalidParams, const Algo &algo){
+ ParamListPtr params = getDefaultParams(algo);
+ RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(32));
+
+ ckmc_raw_buffer_s *encrypted = nullptr;
+ ckmc_key_s *aesKey = nullptr;
+
+ assert_positive(ckmc_encrypt_data,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ *plainData.get(),
+ &encrypted);
+
+ assert_positive(ckmc_key_new,
+ encrypted->data,
+ encrypted->size,
+ CKMC_KEY_AES,
+ nullptr,
+ &aesKey);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ invalidParams.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ EXPORTABLE);
+
+ ckmc_buffer_free(encrypted);
+ ckmc_key_free(aesKey);
+}
+void testImportInvalidBuffLen(const Algo &algo,
+ int buffLen,
+ const Alias &wrappingKeyAlias){
+ RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
+
+ ckmc_raw_buffer_s *encrypted = nullptr;
+ ckmc_key_s *aesKey = nullptr;
+
+ ParamListPtr params = getDefaultParams(algo);
+
+ assert_positive(ckmc_encrypt_data,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ nullptr,
+ *plainData.get(),
+ &encrypted);
+
+ assert_positive(ckmc_key_new,
+ encrypted->data,
+ encrypted->size,
+ CKMC_KEY_AES,
+ nullptr,
+ &aesKey);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ EXPORTABLE);
+ ckmc_buffer_free(encrypted);
+ ckmc_key_free(aesKey);
+}
+
+void testImportValidArgs(const Algo &algo, int buffLen, const Alias &wrappingKeyAlias){
+ ckmc_key_s *ppkey = nullptr;
+ ckmc_raw_buffer_s *finalData = nullptr;
+
+ ParamListPtr params = getDefaultParams(algo);
+
+ RawBufferPtr plainData = encryptAndImport(params,
+ buffLen,
+ wrappingKeyAlias,
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ EXPORTABLE);
+
+ assert_positive(ckmc_get_key, IMPORTED_ALIAS.c_str(), nullptr, &ppkey);
+ assert_positive(ckmc_buffer_new, ppkey->raw_key, ppkey->key_size, &finalData);
+ assert_buffers_equal(plainData.get(), finalData);
+
+ ckmc_buffer_free(finalData);
+ ckmc_key_free(ppkey);
+ ckmc_remove_key(IMPORTED_ALIAS.c_str());
+}
+
+void testBadWrappedKey(const Algo &algo){
+ ParamListPtr params = getDefaultParams(algo);
+ ckmc_key_s *wrongKey = generate_AES_key(128, nullptr);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ wrongKey,
+ EXPORTABLE);
+
+ ckmc_key_free(wrongKey);
+}
+
+void testExportableImported(const Algo &algo,
+ int buffLen,
+ const Alias &wrappingKeyAlias,
+ const char* wrappingKeyPass,
+ const ckmc_policy_s &importedKeyPolicy,
+ const char* importedKeyPass){
+ ckmc_key_s *ppkey = nullptr;
+ ckmc_raw_buffer_s* finalData = nullptr;
+
+ ParamListPtr params = getDefaultParams(algo);
+
+ RawBufferPtr plainData = encryptAndImport(params,
+ buffLen,
+ wrappingKeyAlias,
+ wrappingKeyPass,
+ IMPORTED_ALIAS.c_str(),
+ importedKeyPolicy);
+
+ assert_positive(ckmc_get_key,
+ IMPORTED_ALIAS.c_str(),
+ importedKeyPass,
+ &ppkey);
+
+ assert_positive(ckmc_buffer_new,
+ ppkey->raw_key,
+ ppkey->key_size,
+ &finalData);
+
+ assert_buffers_equal(plainData.get(), finalData);
+
+ ckmc_buffer_free(finalData);
+ ckmc_key_free(ppkey);
+ ckmc_remove_key(IMPORTED_ALIAS.c_str());
+}
+
+void testUnEXPORTABLEImported(const Algo &algo,
+ int buffLen,
+ const Alias &wrappingKeyAlias,
+ const char* wrappingKeyPass,
+ const ckmc_policy_s &importedKeyPolicy,
+ const char* importedKeyPass){
+ ckmc_key_s *ppkey = nullptr;
+ ParamListPtr params = getDefaultParams(algo);
+
+ RawBufferPtr plainData = encryptAndImport(params,
+ buffLen,
+ wrappingKeyAlias,
+ wrappingKeyPass,
+ IMPORTED_ALIAS.c_str(),
+ importedKeyPolicy);
+
+ assert_result(CKMC_ERROR_NOT_EXPORTABLE,
+ ckmc_get_key,
+ IMPORTED_ALIAS.c_str(),
+ importedKeyPass,
+ &ppkey);
+ ckmc_key_free(ppkey);
+ ckmc_remove_key(IMPORTED_ALIAS.c_str());
+}
+
+void importKey(const Algo &algo,
+ int buffLen,
+ const Alias &wrappingKeyAlias,
+ const char* wrappingKeyPass,
+ const Alias &importedKeyAlias,
+ const ckmc_policy_s &importedKeyPolicy){
+ RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
+
+ ckmc_key_s *aesKey = nullptr;
+ ckmc_raw_buffer_s* encrypted = nullptr;
+
+ ParamListPtr params = getDefaultParams(algo);
+
+ assert_positive(ckmc_encrypt_data,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ wrappingKeyPass,
+ *plainData.get(),
+ &encrypted);
+
+ assert_positive(ckmc_key_new,
+ encrypted->data,
+ encrypted->size,
+ CKMC_KEY_AES,
+ nullptr,
+ &aesKey);
+
+ assert_positive(ckmc_import_wrapped_key,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ wrappingKeyPass,
+ importedKeyAlias.c_str(),
+ aesKey,
+ importedKeyPolicy);
+
+ ckmc_buffer_free(encrypted);
+ ckmc_key_free(aesKey);
+}
+
+void testImportExportValidArgs(const Algo &algo,
+ int buffLen,
+ const Alias &wrappingKeyAlias,
+ const char* wrappingKeyPass,
+ const ckmc_policy_s &importedKeyPolicy,
+ const char* importedKeyPass){
+ ckmc_key_s *ppkey = nullptr;
+ ckmc_raw_buffer_s* finalData = nullptr;
+ ckmc_raw_buffer_s* decrypted = nullptr;
+
+ ParamListPtr params = getDefaultParams(algo);
+
+ RawBufferPtr plainData = encryptAndImport(params,
+ buffLen,
+ wrappingKeyAlias.c_str(),
+ wrappingKeyPass,
+ IMPORTED_ALIAS,
+ importedKeyPolicy);
+
+ assert_positive(ckmc_export_wrapped_key,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ wrappingKeyPass,
+ IMPORTED_ALIAS.c_str(),
+ importedKeyPass,
+ &ppkey);
+
+ assert_positive(ckmc_buffer_new,
+ ppkey->raw_key,
+ ppkey->key_size,
+ &finalData);
+
+ assert_positive(ckmc_decrypt_data,
+ params.get(),
+ wrappingKeyAlias.c_str(),
+ wrappingKeyPass,
+ *finalData,
+ &decrypted);
+
+ assert_buffers_equal(plainData.get(), decrypted);
+
+ ckmc_buffer_free(finalData);
+ ckmc_buffer_free(decrypted);
+ ckmc_key_free(ppkey);
+ ckmc_remove_key(IMPORTED_ALIAS.c_str());
+}
+
+} //END OF THE NAMESPACE
+
+RUNNER_TEST_GROUP_INIT_ENV(CKM_KEY_WRAPPING, GroupFixture);
+
+RUNNER_TEST(TKW_NO_ADDED_ALGO){
+ RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(32));
+
+ ckmc_key_s *aesKey = nullptr;
+ ckmc_raw_buffer_s* encrypted = nullptr;
+
+ ParamListPtr params = getDefaultParams(AES_CBC_ALGO);
+
+ ckmc_param_list_h handle = nullptr;
+
+ assert_positive(ckmc_encrypt_data,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ *plainData.get(),
+ &encrypted);
+
+ assert_positive(ckmc_key_new,
+ encrypted->data,
+ encrypted->size,
+ CKMC_KEY_AES,
+ nullptr,
+ &aesKey);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ handle,
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ EXPORTABLE);
+ ckmc_buffer_free(encrypted);
+ ckmc_key_free(aesKey);
+}
+
+RUNNER_TEST(TKW_WRONG_ALGO_PARAMS){
+ ckmc_param_list_h handle = nullptr;
+ assert_positive(ckmc_generate_new_params, AES_CTR_ALGO.type, &handle);
+ ParamListPtr invalidParams = ParamListPtr(handle, ckmc_param_list_free);
+ ckmc_raw_buffer_s *initVec = createRandomBufferCAPI(8);
+ setParam(invalidParams, CKMC_PARAM_ED_IV, initVec);
+
+ testInvalidAlgoParameters(invalidParams, AES_CTR_ALGO);
+
+ ckmc_buffer_free(initVec);
+ invalidParams.reset();
+ assert_positive(ckmc_generate_new_params, AES_GCM_ALGO.type, &handle);
+ invalidParams = ParamListPtr(handle, ckmc_param_list_free);
+ initVec = createRandomBufferCAPI(16);
+ setParam(invalidParams, CKMC_PARAM_ED_IV, initVec);
+ setParam(invalidParams, CKMC_PARAM_ED_TAG_LEN, 130);
+
+ testInvalidAlgoParameters(invalidParams, AES_GCM_ALGO);
+
+ ckmc_buffer_free(initVec);
+}
+
+RUNNER_TEST(TKW_WRONG_PASS_WRAPPING_KEY){
+ int buffLen = 32;
+ RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
+
+ ckmc_key_s *aesKey = nullptr;
+ ckmc_raw_buffer_s* encrypted = nullptr;
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+
+ assert_positive(ckmc_encrypt_data,
+ params.get(),
+ AES_KEY_128_PASS_ALIAS.c_str(),
+ KEY_PASSWORD,
+ *plainData.get(),
+ &encrypted);
+
+ assert_positive(ckmc_key_new,
+ encrypted->data,
+ encrypted->size,
+ CKMC_KEY_AES,
+ nullptr,
+ &aesKey);
+
+ assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
+ ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_PASS_ALIAS.c_str(),
+ "wrong_password",
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ UNEXPORTABLE);
+
+ assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
+ ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_PASS_ALIAS.c_str(),
+ "",
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ UNEXPORTABLE);
+
+ assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
+ ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ "non_empty_password",
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ UNEXPORTABLE);
+
+ ckmc_buffer_free(encrypted);
+ ckmc_key_free(aesKey);
+}
+
+RUNNER_TEST(TKW_UNKNOWN_ALIAS_WRAPPING_KEY){
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+ ckmc_key_s *key = generate_AES_key(128, nullptr);
+
+ assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
+ ckmc_import_wrapped_key,
+ params.get(),
+ "unknown_alias",
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ key,
+ EXPORTABLE);
+
+ ckmc_key_free(key);
+}
+
+RUNNER_TEST(TKW_EXISTING_ALIAS_WRAPPING_KEY){
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+ ckmc_key_s *key = generate_AES_key(128, nullptr);
+
+ assert_result(CKMC_ERROR_DB_ALIAS_EXISTS,
+ ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ key,
+ EXPORTABLE);
+
+ ckmc_key_free(key);
+}
+
+RUNNER_TEST(TKW_INVALID_ALIAS_IMPORT){
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+ ckmc_key_s *key = generate_AES_key(128, nullptr);
+ Alias invalidAlias = "invalid alias";
+
+ assert_result(CKMC_ERROR_PERMISSION_DENIED,
+ ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ invalidAlias.c_str(),
+ key,
+ EXPORTABLE);
+
+ ckmc_key_free(key);
+}
+
+RUNNER_TEST(TKW_BAD_WRAPPED_KEY){
+ testBadWrappedKey(AES_CBC_ALGO);
+ testBadWrappedKey(AES_GCM_ALGO);
+ testBadWrappedKey(RSA_OAEP_ALGO);
+}
+
+RUNNER_TEST(TKW_NULL_PARAMETER){
+ RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(16));
+
+ ckmc_key_s *aesKey = nullptr;
+ ckmc_raw_buffer_s* encrypted = nullptr;
+
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+
+ assert_positive(ckmc_encrypt_data,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ *plainData.get(),
+ &encrypted);
+
+ assert_positive(ckmc_key_new,
+ encrypted->data,
+ encrypted->size,
+ CKMC_KEY_AES,
+ nullptr,
+ &aesKey);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ nullptr,
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ EXPORTABLE);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ params.get(),
+ nullptr,
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ aesKey,
+ EXPORTABLE);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ nullptr,
+ aesKey,
+ EXPORTABLE);
+
+ assert_invalid_param(ckmc_import_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMPORTED_ALIAS.c_str(),
+ nullptr,
+ EXPORTABLE);
+ ckmc_buffer_free(encrypted);
+ ckmc_key_free(aesKey);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CTR_128){
+ testImportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CBC_128){
+ testImportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_GCM_128){
+ testImportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CFB_128){
+ testImportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_ALIAS);
+ testImportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CTR_192){
+ testImportValidArgs(AES_CTR_ALGO, 16, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_CTR_ALGO, 24, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_CTR_ALGO, 32, AES_KEY_192_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CBC_192){
+ testImportValidArgs(AES_CBC_ALGO, 16, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_CBC_ALGO, 24, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_CBC_ALGO, 32, AES_KEY_192_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_GCM_192){
+ testImportValidArgs(AES_GCM_ALGO, 16, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_GCM_ALGO, 24, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_GCM_ALGO, 32, AES_KEY_192_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CFB_192){
+ testImportValidArgs(AES_CFB_ALGO, 16, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_CFB_ALGO, 24, AES_KEY_192_ALIAS);
+ testImportValidArgs(AES_CFB_ALGO, 32, AES_KEY_192_ALIAS);
+}
+RUNNER_TEST(TKW_VALID_ARGS_AES_CTR_256){
+ testImportValidArgs(AES_CTR_ALGO, 16, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_CTR_ALGO, 24, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_CTR_ALGO, 32, AES_KEY_256_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CBC_256){
+ testImportValidArgs(AES_CBC_ALGO, 16, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_CBC_ALGO, 24, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_CBC_ALGO, 32, AES_KEY_256_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_GCM_256){
+ testImportValidArgs(AES_GCM_ALGO, 16, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_GCM_ALGO, 24, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_GCM_ALGO, 32, AES_KEY_256_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_AES_CFB_256){
+ testImportValidArgs(AES_CFB_ALGO, 16, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_CFB_ALGO, 24, AES_KEY_256_ALIAS);
+ testImportValidArgs(AES_CFB_ALGO, 32, AES_KEY_256_ALIAS);
+}
+
+RUNNER_TEST(TKW_AES_CTR_INVALID_BUFF_LENGTH){
+ testImportInvalidBuffLen(AES_CTR_ALGO, 8, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 12, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 128, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 8, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 12, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 128, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 8, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 12, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_CTR_ALGO, 128, AES_KEY_256_ALIAS);
+}
+
+RUNNER_TEST(TKW_AES_CBC_INVALID_BUFF_LENGTH){
+ testImportInvalidBuffLen(AES_CBC_ALGO, 8, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 12, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 128, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 8, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 12, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 128, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 8, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 12, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_CBC_ALGO, 128, AES_KEY_256_ALIAS);
+}
+RUNNER_TEST(TKW_AES_GCM_INVALID_BUFF_LENGTH){
+ testImportInvalidBuffLen(AES_GCM_ALGO, 8, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 12, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 128, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 8, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 12, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 128, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 8, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 12, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_GCM_ALGO, 128, AES_KEY_256_ALIAS);
+}
+
+RUNNER_TEST(TKW_AES_CFB_INVALID_BUFF_LENGTH){
+ testImportInvalidBuffLen(AES_CFB_ALGO, 8, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 12, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 128, AES_KEY_128_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 8, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 12, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 128, AES_KEY_192_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 8, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 12, AES_KEY_256_ALIAS);
+ testImportInvalidBuffLen(AES_CFB_ALGO, 128, AES_KEY_256_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_1024){
+ testImportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PRV_ALIAS);
+ testImportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PRV_ALIAS);
+ testImportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PRV_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_2048){
+ testImportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PRV_ALIAS);
+ testImportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PRV_ALIAS);
+ testImportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PRV_ALIAS);
+}
+
+RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_4096){
+ testImportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PRV_ALIAS);
+ testImportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PRV_ALIAS);
+ testImportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PRV_ALIAS);
+}
+
+RUNNER_TEST(TKW_RSAOAEP_INVALID_BUFF_LENGTH){
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 8, RSA_KEY_1024_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 12, RSA_KEY_1024_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 82, RSA_KEY_1024_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 8, RSA_KEY_2048_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 12, RSA_KEY_2048_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 82, RSA_KEY_2048_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 8, RSA_KEY_4096_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 12, RSA_KEY_4096_PRV_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 82, RSA_KEY_4096_PRV_ALIAS);
+}
+
+RUNNER_TEST(TKW_WRONG_TYPE_WRAPPING_KEY){
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PUB_ALIAS);
+ testImportInvalidBuffLen(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PUB_ALIAS);
+}
+
+RUNNER_TEST(TKW_DIF_POLICIES_EXPORTABLE_IMPORTED){
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_DIF_POLICIES_UNEXPORTABLE_IMPORTED){
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, UNEXPORTABLE, nullptr);
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE, nullptr);
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, UNEXPORTABLE, nullptr);
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE, nullptr);
+
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, UNEXPORTABLE_PASS, KEY_PASSWORD);
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE_PASS, KEY_PASSWORD);
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, UNEXPORTABLE_PASS, KEY_PASSWORD);
+ testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_EXPORT_IMPORTED_KEY){
+ ckmc_key_s *ppkey = nullptr;
+
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+ assert_positive(ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ &ppkey);
+
+ ckmc_key_free(ppkey);
+}
+
+RUNNER_TEST(TKW_NO_ADDED_ALGO_EXPORT){
+ ckmc_key_s *ppkey = nullptr;
+ ckmc_param_list_h handle = nullptr;
+
+ assert_invalid_param(ckmc_export_wrapped_key,
+ handle,
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ &ppkey);
+
+ ckmc_key_free(ppkey);
+}
+
+RUNNER_TEST(TKW_EXPORT_UNKNOWN_WRAPPING_KEY_ALIAS){
+ ckmc_key_s *ppkey = nullptr;
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+
+ assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
+ ckmc_export_wrapped_key,
+ params.get(),
+ "unknown_alias",
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ &ppkey);
+
+ ckmc_key_free(ppkey);
+}
+
+RUNNER_TEST(TKW_EXPORT_UNKNOWN_IMPORTED_KEY_ALIAS){
+ ckmc_key_s *ppkey = nullptr;
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+ Alias alias = "non_existing_alias";
+
+ assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
+ ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ alias.c_str(),
+ nullptr,
+ &ppkey);
+
+ ckmc_key_free(ppkey);
+}
+
+RUNNER_TEST(TKW_EXPORT_AUTHENTICATION_FAILED){
+ ckmc_key_s *ppkey = nullptr;
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+
+ assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
+ ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_PASS_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ &ppkey);
+
+ assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
+ ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_PASS_ALIAS.c_str(),
+ "wrong_password",
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ &ppkey);
+
+ assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
+ ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR_PASS.c_str(),
+ nullptr,
+ &ppkey);
+
+ assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
+ ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR_PASS.c_str(),
+ "wrong_password",
+ &ppkey);
+
+ ckmc_key_free(ppkey);
+}
+
+RUNNER_TEST(TKW_EXPORT_NULL_PARAMETER){
+ ckmc_key_s *ppkey = nullptr;
+ ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
+
+ assert_invalid_param(ckmc_export_wrapped_key,
+ nullptr,
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ &ppkey);
+
+ assert_invalid_param(ckmc_export_wrapped_key,
+ params.get(),
+ nullptr,
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ &ppkey);
+
+ assert_invalid_param(ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ nullptr,
+ nullptr,
+ &ppkey);
+
+ assert_invalid_param(ckmc_export_wrapped_key,
+ params.get(),
+ AES_KEY_128_ALIAS.c_str(),
+ nullptr,
+ IMP_AES_CTR.c_str(),
+ nullptr,
+ nullptr);
+
+ ckmc_key_free(ppkey);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CTR){
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CTR_PASS){
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CBC){
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CBC_PASS){
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_GCM){
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_GCM_PASS){
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CFB){
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CFB_PASS){
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
+}
+
+RUNNER_TEST(TKW_IMPORT_EXPORT_RSA_OAEP){
+ testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
+
+ testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+ testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
+}
projects / platform / core / test / security-tests.git / commitdiff