From: Maciej J. Karpiuk Date: Wed, 20 May 2015 13:24:23 +0000 (+0200) Subject: Add tests for initial values provided in XML files. X-Git-Tag: security-manager_5.5_testing~9^2~84 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=64bdaaa36c9fd5b8b88b4b10ab58c1e745e3d7c8;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Add tests for initial values provided in XML files. Change-Id: Ie7c20d34729c6df58bdbcd1ed092d00a57fe6532 --- diff --git a/src/ckm/CMakeLists.txt b/src/ckm/CMakeLists.txt index 669ee1f3..fc11723a 100644 --- a/src/ckm/CMakeLists.txt +++ b/src/ckm/CMakeLists.txt @@ -48,6 +48,7 @@ SET(CKM_SOURCES ${PROJECT_SOURCE_DIR}/src/ckm/cc-mode.cpp # ${PROJECT_SOURCE_DIR}/src/ckm/password-integration.cpp ${PROJECT_SOURCE_DIR}/src/ckm/system-db.cpp + ${PROJECT_SOURCE_DIR}/src/ckm/initial-values.cpp ${PROJECT_SOURCE_DIR}/src/ckm/clean-env.cpp ${PROJECT_SOURCE_DIR}/src/ckm/test-certs.cpp ) @@ -67,5 +68,8 @@ INSTALL(FILES test1801.pkcs12 pkcs.p12 capi-t3096.p12 + XML_1_okay.xml + XML_2_okay.xml + XML_3_wrong.xml DESTINATION /usr/share/ckm-test ) diff --git a/src/ckm/XML_1_okay.xml b/src/ckm/XML_1_okay.xml new file mode 100644 index 00000000..d4b42c56 --- /dev/null +++ b/src/ckm/XML_1_okay.xml @@ -0,0 +1,103 @@ + + + + + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3 + +dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui + tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB + x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2 + QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8 + 9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4 + m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA + +wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp + f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4 + +klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ + 4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+ + 8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ== + -----END PUBLIC KEY----- + + + + + + MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17 + jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA + 4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2 + QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8S + GjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWp + xOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQ + TEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPf + VRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5Ji + wRTZ4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLi + BLx0Yr/RXKf6gJUCAwEAAQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh1 + 8pva5KzhEU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh9u23 + 6vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXNGF5JjNcCOQxO1Em8 + pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG5DPb19r9XjQhUPjbcq3/4qmLwtLT + 9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK + 6wX2IQ+7vJoWQyg2w6DbpSRqcyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxee + RpNqFU9OCw0Bd3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O + bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBWgUyLSdxR5RoE + jBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbPggFZ8JnuwgtNo0soVKsWGATH + 65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX80jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H + 1TYDjwA1iBFku/O/xx7Jag7Y0A2l1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MO + GFTs5r9QyM//sm5D2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDO + UCx6xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0/zX4MFMD + /Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWdkKpm9xcFddATlT0CggEB + AOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvEqgKHOgZO9ztD6/UgX41uc+3rKfvmY5As + ldGZgd0ov/DyeF0N834LeBVayG1fdcEtamqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9 + TwoUWS2xmldc+nehCdHsWQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+ + ETjKemdKHQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5ZB7e + v8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FWNqvwp9PQzxwTv8wu + xBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o1Rad6jtb1SiV9KcPk83wIeoUk/xp + 0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7LqpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8 + eTEywu5yrMGeAjVpLFfKlmGIpYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk + 2kuGLYXISfUGj0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a + xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8WX4+ZEW7S4heL + sUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/aW22I0REV5UU8bS1F7taV93Ew + WmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVyFjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4i + gfJpPcUFYOazZ3Y7q53RdCgIPKKyiVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GH + W93TUDTKWlTXyUFmC2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltY + G08tfEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL606qeBC8x + oVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQpyVWfB+F2ppBOYtKvNub + yKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+IQj8I06c1T31kzfJ71Vx1DUWZW/65xmFD + 4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rquPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+ + Vx676FQrM4EzjSSqgA== + + + + + + MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkFVMRMw + EQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMSEwHwYD + VQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUwHhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcy + MTUyWjBmMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQ + MA4GA1UECwwHVGVzdGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjAN + BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC9IDE/Yr1 + 2w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3daeDoV59IZ9r543KM+g8jm + 6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/WrQl1aIdLGFIegAzPGFPXDcU6F192686x + 54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY + +Cgw1Yoz+HHv31AllgFsBquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQID + AQABo1AwTjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pkzFt1 + PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAld7Qwq0cdzDQ + 51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBXldvGBG5Tn0vT7xSuhmSgI2/HnBpy + 9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYU + wJFQEofkjmd4UpOYSqmcRXhSJzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX7 + 7+XYvhodLRsVqMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK + kOg11TpPdNDkhb1J4ZCh2gupDg== + + + + + My secret data + + + + + + MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE + + + + + diff --git a/src/ckm/XML_2_okay.xml b/src/ckm/XML_2_okay.xml new file mode 100644 index 00000000..8c8aa592 --- /dev/null +++ b/src/ckm/XML_2_okay.xml @@ -0,0 +1,103 @@ + + + + + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3 + +dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui + tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB + x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2 + QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8 + 9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4 + m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA + +wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp + f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4 + +klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ + 4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+ + 8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ== + -----END PUBLIC KEY----- + + + + + + MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17 + jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA + 4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2 + QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8S + GjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWp + xOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQ + TEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPf + VRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5Ji + wRTZ4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLi + BLx0Yr/RXKf6gJUCAwEAAQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh1 + 8pva5KzhEU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh9u23 + 6vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXNGF5JjNcCOQxO1Em8 + pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG5DPb19r9XjQhUPjbcq3/4qmLwtLT + 9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK + 6wX2IQ+7vJoWQyg2w6DbpSRqcyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxee + RpNqFU9OCw0Bd3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O + bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBWgUyLSdxR5RoE + jBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbPggFZ8JnuwgtNo0soVKsWGATH + 65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX80jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H + 1TYDjwA1iBFku/O/xx7Jag7Y0A2l1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MO + GFTs5r9QyM//sm5D2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDO + UCx6xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0/zX4MFMD + /Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWdkKpm9xcFddATlT0CggEB + AOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvEqgKHOgZO9ztD6/UgX41uc+3rKfvmY5As + ldGZgd0ov/DyeF0N834LeBVayG1fdcEtamqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9 + TwoUWS2xmldc+nehCdHsWQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+ + ETjKemdKHQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5ZB7e + v8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FWNqvwp9PQzxwTv8wu + xBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o1Rad6jtb1SiV9KcPk83wIeoUk/xp + 0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7LqpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8 + eTEywu5yrMGeAjVpLFfKlmGIpYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk + 2kuGLYXISfUGj0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a + xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8WX4+ZEW7S4heL + sUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/aW22I0REV5UU8bS1F7taV93Ew + WmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVyFjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4i + gfJpPcUFYOazZ3Y7q53RdCgIPKKyiVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GH + W93TUDTKWlTXyUFmC2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltY + G08tfEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL606qeBC8x + oVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQpyVWfB+F2ppBOYtKvNub + yKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+IQj8I06c1T31kzfJ71Vx1DUWZW/65xmFD + 4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rquPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+ + Vx676FQrM4EzjSSqgA== + + + + + + MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkFVMRMw + EQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMSEwHwYD + VQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUwHhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcy + MTUyWjBmMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQ + MA4GA1UECwwHVGVzdGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjAN + BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC9IDE/Yr1 + 2w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3daeDoV59IZ9r543KM+g8jm + 6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/WrQl1aIdLGFIegAzPGFPXDcU6F192686x + 54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY + +Cgw1Yoz+HHv31AllgFsBquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQID + AQABo1AwTjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pkzFt1 + PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAld7Qwq0cdzDQ + 51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBXldvGBG5Tn0vT7xSuhmSgI2/HnBpy + 9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYU + wJFQEofkjmd4UpOYSqmcRXhSJzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX7 + 7+XYvhodLRsVqMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK + kOg11TpPdNDkhb1J4ZCh2gupDg== + + + + + My secret data + + + + + + MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE + + + + + diff --git a/src/ckm/XML_3_wrong.xml b/src/ckm/XML_3_wrong.xml new file mode 100644 index 00000000..40a64b97 --- /dev/null +++ b/src/ckm/XML_3_wrong.xml @@ -0,0 +1,103 @@ + + + + + + -----BEGIN PUBLIC KEY----- + MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3 + +dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui + tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB + x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2 + QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8 + 9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4 + m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA + +wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp + f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4 + +klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ + 4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+ + 8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ== + -----END PUBLIC KEY----- + + + + + MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17 + jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA + 4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2 + QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8S + GjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWp + xOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQ + TEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPf + VRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5Ji + wRTZ4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLi + BLx0Yr/RXKf6gJUCAwEAAQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh1 + 8pva5KzhEU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh9u23 + 6vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXNGF5JjNcCOQxO1Em8 + pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG5DPb19r9XjQhUPjbcq3/4qmLwtLT + 9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK + 6wX2IQ+7vJoWQyg2w6DbpSRqcyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxee + RpNqFU9OCw0Bd3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O + bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBWgUyLSdxR5RoE + jBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbPggFZ8JnuwgtNo0soVKsWGATH + 65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX80jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H + 1TYDjwA1iBFku/O/xx7Jag7Y0A2l1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MO + GFTs5r9QyM//sm5D2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDO + UCx6xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0/zX4MFMD + /Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWdkKpm9xcFddATlT0CggEB + AOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvEqgKHOgZO9ztD6/UgX41uc+3rKfvmY5As + ldGZgd0ov/DyeF0N834LeBVayG1fdcEtamqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9 + TwoUWS2xmldc+nehCdHsWQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+ + ETjKemdKHQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5ZB7e + v8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FWNqvwp9PQzxwTv8wu + xBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o1Rad6jtb1SiV9KcPk83wIeoUk/xp + 0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7LqpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8 + eTEywu5yrMGeAjVpLFfKlmGIpYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk + 2kuGLYXISfUGj0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a + xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8WX4+ZEW7S4heL + sUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/aW22I0REV5UU8bS1F7taV93Ew + WmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVyFjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4i + gfJpPcUFYOazZ3Y7q53RdCgIPKKyiVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GH + W93TUDTKWlTXyUFmC2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltY + G08tfEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL606qeBC8x + oVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQpyVWfB+F2ppBOYtKvNub + yKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+IQj8I06c1T31kzfJ71Vx1DUWZW/65xmFD + 4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rquPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+ + Vx676FQrM4EzjSSqgA== + + + + + + MIIDnzCCAoegAwIBAgIJAMH/ADkC5YSTMA0GCSqGSIb3DQEBBQUAMGYxCzAJBgNVBAYTAkFVMRMw + EQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQKDARBQ01FMRAwDgYDVQQLDAdUZXN0aW5nMSEwHwYD + VQQDDBhUZXN0IHJvb3QgY2EgY2VydGlmaWNhdGUwHhcNMTQxMjMwMTcyMTUyWhcNMjQxMjI3MTcy + MTUyWjBmMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UECgwEQUNNRTEQ + MA4GA1UECwwHVGVzdGluZzEhMB8GA1UEAwwYVGVzdCByb290IGNhIGNlcnRpZmljYXRlMIIBIjAN + BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EJRdUtd2th0vTVF7QxvDKzyFCF3w9vC9IDE/Yr1 + 2w+a9jd0s7/eG96qTHIYffS3B7x2MB+d4n+SR3W0qmYh7xk8qfEgH3daeDoV59IZ9r543KM+g8jm + 6KffYGX1bIJVVY5OhBRbO9nY6byYpd5kbCIUB6dCf7/WrQl1aIdLGFIegAzPGFPXDcU6F192686x + 54bxt/itMX4agHJ9ZC/rrTBIZghVsjJo5/AH5WZpasv8sfrGiiohAxtieoYoJkv5MOYP4/2lPlOY + +Cgw1Yoz+HHv31AllgFsBquBb/kJVmCCNsAOcnvQzTZUsW/TXz9G2nwRdqI1nSy2JvVjZGsqGQID + AQABo1AwTjAdBgNVHQ4EFgQUt6pkzFt1PZlfYRL/HGnufF4frdwwHwYDVR0jBBgwFoAUt6pkzFt1 + PZlfYRL/HGnufF4frdwwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAld7Qwq0cdzDQ + 51w1RVLwTR8Oy25PB3rzwEHcSGJmdqlMi3xOdaz80S1R1BBXldvGBG5Tn0vT7xSuhmSgI2/HnBpy + 9ocHVOmhtNB4473NieEpfTYrnGXrFxu46Wus9m/ZnugcQ2G6C54A/NFtvgLmaC8uH8M7gKdS6uYU + wJFQEofkjmd4UpOYSqmcRXhSJzd5FYFWkJhKJYp3nlENSOD8CUFFVGekm05nFN2gRVc/qaqQkEX7 + 7+XYvhodLRsVqMn7nf7taidDKLO2T4bhujztnTYOhhaXKgPy7AtZ28N2wvX96VyAPB/vrchGmyBK + kOg11TpPdNDkhb1J4ZCh2gupDg== + + + + + My secret data + + + + + + MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE + + + + + diff --git a/src/ckm/ckm-common.cpp b/src/ckm/ckm-common.cpp index fe7ec2e4..3bbbd4fa 100644 --- a/src/ckm/ckm-common.cpp +++ b/src/ckm/ckm-common.cpp @@ -308,11 +308,51 @@ void check_read_not_visible(const char* alias) ckmc_raw_buffer_s* buffer = NULL; int ret = ckmc_get_data(alias, NULL, &buffer); RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == ret, - "App with different label shouldn't have rights to see this data." << CKMCErrorToString(ret)); + "App with different label shouldn't have rights to see this data. " << CKMCErrorToString(ret)); ckmc_buffer_free(buffer); } } +void check_key(const char *alias, int expected_error, ckmc_key_type_e expected_type) +{ + ckmc_key_s *test_key = NULL; + int temp = ckmc_get_key(alias, 0, &test_key); + RUNNER_ASSERT_MSG( + expected_error == temp, + "received: " << CKMCReadableError(temp) << " while expected: " << CKMCReadableError(expected_error)); + if(expected_type != CKMC_KEY_NONE) + { + RUNNER_ASSERT_MSG( + test_key->key_type == expected_type, + "received type: " << test_key->key_type << " while expected type: " << expected_type); + } + ckmc_key_free(test_key); +} +void check_key_allowed(const char *alias, ckmc_key_type_e expected_type) +{ + check_key(alias, CKMC_ERROR_NONE, expected_type); +} +void check_key_not_visible(const char *alias) +{ + check_key(alias, CKMC_ERROR_DB_ALIAS_UNKNOWN); +} +void check_cert_allowed(const char *alias) +{ + ckmc_cert_s *test_cert = NULL; + int temp = ckmc_get_cert(alias, 0, &test_cert); + ckmc_cert_free(test_cert); + RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == temp, CKMCReadableError(temp)); + +} +void check_cert_not_visible(const char *alias) +{ + ckmc_cert_s *test_cert = NULL; + int temp = ckmc_get_cert(alias, 0, &test_cert); + ckmc_cert_free(test_cert); + RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_UNKNOWN == temp, + "App with different label shouldn't have rights to see this cert. " << CKMCErrorToString(temp)); +} + void allow_access(const char* alias, const char* accessor, int permissionMask) { // data removal should revoke this access diff --git a/src/ckm/ckm-common.h b/src/ckm/ckm-common.h index 538c5786..51f60ce3 100644 --- a/src/ckm/ckm-common.h +++ b/src/ckm/ckm-common.h @@ -173,6 +173,13 @@ void check_read(const char* alias, int expected_code = CKMC_ERROR_NONE); void check_read_allowed(const char* alias, const char *data); void check_read_not_visible(const char* alias); +void check_key(const char *alias, + int expected_error = CKMC_ERROR_NONE, + ckmc_key_type_e expected_type = CKMC_KEY_NONE); +void check_key_allowed(const char *alias, ckmc_key_type_e expected_type = CKMC_KEY_NONE); +void check_key_not_visible(const char *alias); +void check_cert_allowed(const char *alias); +void check_cert_not_visible(const char *alias); void allow_access(const char* alias, const char* accessor, int permissionMask); void allow_access_negative(const char* alias, const char* accessor, int permissionMask, int expectedCode); void deny_access(const char* alias, const char* accessor); diff --git a/src/ckm/initial-values.cpp b/src/ckm/initial-values.cpp new file mode 100644 index 00000000..197e4391 --- /dev/null +++ b/src/ckm/initial-values.cpp @@ -0,0 +1,306 @@ +/* + * Copyright (c) 2000 - 2015 Samsung Electronics Co. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License + * + * @file system-db.cpp + * @author Maciej Karpiuk (m.karpiuk2@samsung.com) + * @version 1.0 + */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +namespace +{ +const uid_t USER_APP = 5070; +const uid_t GROUP_APP = 5070; +const char* APP_PASS = "user-pass"; +const char* TEST_WEB_APP_1 = "web_app1"; +const char* TEST_WEB_APP_2 = "web_app2"; + +const char *XML_1_okay = "XML_1_okay.xml"; +const char *XML_1_EXPECTED_KEY_1_RSA = "/ test-key1"; +const char *XML_1_EXPECTED_KEY_1_PASSWD = "123"; +const char *XML_1_EXPECTED_KEY_2_RSA = "/ test-key2"; +// uncomment when AES is supported (+ usage in the tests) +//const char *XML_1_EXPECTED_KEY_3_AES = "/ test-aes1"; +const char *XML_1_EXPECTED_CERT_1 = "/ test-cert1"; +const char *XML_1_EXPECTED_DATA_1 = "/ test-data1"; +const char *XML_1_EXPECTED_DATA_1_DATA = "My secret data"; + +const char *XML_2_okay = "XML_2_okay.xml"; +const char *XML_2_EXPECTED_KEY_1_RSA = "/ test2-key1"; +const char *XML_2_EXPECTED_KEY_2_RSA = "/ test2-key2"; +// uncomment when AES is supported +//const char *XML_2_EXPECTED_KEY_3_AES = "/ test2-aes1"; +const char *XML_2_EXPECTED_CERT_1 = "/ test2-cert1"; +const char *XML_2_EXPECTED_DATA_1 = "/ test2-data1"; +const char *XML_2_EXPECTED_DATA_1_DATA = "My secret data"; + +const char *XML_3_wrong = "XML_3_wrong.xml"; +const char *XML_3_EXPECTED_KEY_1_RSA = "/ test3-key1"; +const char *XML_3_EXPECTED_KEY_2_RSA = "/ test3-key2"; +// uncomment when AES is supported +//const char *XML_2_EXPECTED_KEY_3_AES = "/ test3-aes1"; +const char *XML_3_EXPECTED_CERT_1 = "/ test3-cert1"; +const char *XML_3_EXPECTED_DATA_1 = "/ test3-data1"; + +void feedGarbageCollector(GarbageCollector & gc) +{ + // [prepare] + gc.add(XML_1_EXPECTED_KEY_1_RSA); + gc.add(XML_1_EXPECTED_KEY_2_RSA); + //gc.add(XML_1_EXPECTED_KEY_3_AES); + gc.add(XML_1_EXPECTED_CERT_1); + gc.add(XML_1_EXPECTED_DATA_1); + gc.add(XML_2_EXPECTED_KEY_1_RSA); + gc.add(XML_2_EXPECTED_KEY_2_RSA); + //gc.add(XML_2_EXPECTED_KEY_3_AES); + gc.add(XML_2_EXPECTED_CERT_1); + gc.add(XML_2_EXPECTED_DATA_1); +} + +std::string format_src_path(const char *file) +{ + return std::string("/usr/share/ckm-test/") + std::string(file); +} + +std::string format_dest_path(const char *file) +{ + return std::string("/opt/data/ckm/initial_values/") + std::string(file); +} + +void copy_file(const std::string &from, const std::string &to) +{ + std::ifstream infile(from, std::ios_base::binary); + std::ofstream outfile(to, std::ios_base::binary); + outfile << infile.rdbuf(); +} + +void restart_key_manager() +{ + stop_service(MANAGER); + start_service(MANAGER); +} + +void test_exists(const std::string& name, bool expected) { + bool file_exists = (access( name.c_str(), F_OK ) != -1); + RUNNER_ASSERT_MSG(file_exists == expected, + "File " << name << " status: " << file_exists << + " while expected: " << expected); +} + +} + + +RUNNER_TEST_GROUP_INIT(T60_INITIAL_VALUES); + +RUNNER_TEST(T6010_PARSE_XML_FILE_AT_STARTUP) +{ + // [prepare] + // remove database 0 + // copy to the initial-values folder + // [test0] + // check XML file exists + // restart the key-manager + // check XML file exists - should fail + // [test1] + // check items existence as system service + // [test2] + // check items existence as web_app1 + // [test3] + // check items existence as web_app2 + + + // [prepare] + GarbageCollector gc; + feedGarbageCollector(gc); + + remove_user_data(0); + copy_file(format_src_path(XML_1_okay), format_dest_path(XML_1_okay)); + + // [test0] + test_exists(format_dest_path(XML_1_okay), true); + restart_key_manager(); + test_exists(format_dest_path(XML_1_okay), false); + + // [test1] + check_key(XML_1_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE); + check_key_allowed(XML_1_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE); + //check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES); + check_cert_allowed(XML_1_EXPECTED_CERT_1); + check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA); + + // [test2] + { + ScopedAccessProvider ap(TEST_WEB_APP_1); + ap.allowAPI("key-manager::api-storage", "rw"); + ap.applyAndSwithToUser(USER_APP, GROUP_APP); + ScopedDBUnlock unlock(USER_APP, APP_PASS); + + check_key(XML_1_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE); + check_key_not_visible(XML_1_EXPECTED_KEY_2_RSA); + // check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES); + check_cert_not_visible(XML_1_EXPECTED_CERT_1); + check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA); + } + + // [test3] + { + ScopedAccessProvider ap(TEST_WEB_APP_2); + ap.allowAPI("key-manager::api-storage", "rw"); + ap.applyAndSwithToUser(USER_APP, GROUP_APP); + ScopedDBUnlock unlock(USER_APP, APP_PASS); + + check_key_not_visible(XML_1_EXPECTED_KEY_1_RSA); + check_key_allowed(XML_1_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE); + // check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES); + check_cert_allowed(XML_1_EXPECTED_CERT_1); + check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA); + } +} + +RUNNER_TEST(T6020_PARSE_TWO_XML_FILES_AT_STARTUP) +{ + // [prepare] + // remove database 0 + // copy two files to the initial-values folder + // [test0] + // check XML files exist + // restart the key-manager + // check XML files exist - should fail + // [test1] + // check items existence as system service + + // [prepare] + GarbageCollector gc; + feedGarbageCollector(gc); + + remove_user_data(0); + copy_file(format_src_path(XML_1_okay), format_dest_path(XML_1_okay)); + copy_file(format_src_path(XML_2_okay), format_dest_path(XML_2_okay)); + + // [test0] + test_exists(format_dest_path(XML_1_okay), true); + test_exists(format_dest_path(XML_1_okay), true); + restart_key_manager(); + test_exists(format_dest_path(XML_2_okay), false); + test_exists(format_dest_path(XML_2_okay), false); + + // [test1] + check_key(XML_1_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE); + check_key(XML_2_EXPECTED_KEY_1_RSA, CKMC_ERROR_NOT_EXPORTABLE); + check_key_allowed(XML_1_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE); + check_key_allowed(XML_2_EXPECTED_KEY_2_RSA, CKMC_KEY_RSA_PRIVATE); + //check_key_allowed(XML_1_EXPECTED_KEY_3_AES, CKMC_KEY_AES); + //check_key_allowed(XML_2_EXPECTED_KEY_3_AES, CKMC_KEY_AES); + check_cert_allowed(XML_1_EXPECTED_CERT_1); + check_cert_allowed(XML_2_EXPECTED_CERT_1); + check_read_allowed(XML_1_EXPECTED_DATA_1, XML_1_EXPECTED_DATA_1_DATA); + check_read_allowed(XML_2_EXPECTED_DATA_1, XML_2_EXPECTED_DATA_1_DATA); +} + +RUNNER_TEST(T6030_PARSE_FAIL_XML_AT_STARTUP) +{ + // [prepare] + // remove database 0 + // copy failing XML file to the initial-values folder + // [test0] + // check XML files exist + // restart the key-manager + // check XML files exist - should fail + // [test1] + // check items existence as system service - nothing should be available + + // [prepare] + remove_user_data(0); + copy_file(format_src_path(XML_3_wrong), format_dest_path(XML_3_wrong)); + + // [test0] + test_exists(format_dest_path(XML_3_wrong), true); + restart_key_manager(); + test_exists(format_dest_path(XML_3_wrong), false); + + // [test1] + check_key_not_visible(XML_3_EXPECTED_KEY_1_RSA); + check_key_not_visible(XML_3_EXPECTED_KEY_2_RSA); + //check_key_not_visible(XML_3_EXPECTED_KEY_3_AES); + check_cert_not_visible(XML_3_EXPECTED_CERT_1); + check_read_not_visible(XML_3_EXPECTED_DATA_1); +} + +RUNNER_TEST(T6040_CHECK_KEYS_VALID) +{ + // [prepare] + // remove database 0 + // copy to the initial-values folder + // restart the key-manager + // [test] + // check if key can create & verify signature + + // [prepare] + GarbageCollector gc; + feedGarbageCollector(gc); + remove_user_data(0); + copy_file(format_src_path(XML_1_okay), format_dest_path(XML_1_okay)); + restart_key_manager(); + + // [test] + ckmc_raw_buffer_s msg_buff = prepare_message_buffer("Raz ugryzla misia pszczola.."); + ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256; + ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING; + ckmc_raw_buffer_s *signature = NULL; + int temp; + RUNNER_ASSERT_MSG( + CKMC_ERROR_NONE == (temp = ckmc_create_signature( + XML_1_EXPECTED_KEY_2_RSA, + NULL, + msg_buff, + hash_algo, + pad_algo, + &signature)), + CKMCReadableError(temp)); + + // invalid password + RUNNER_ASSERT_MSG( + CKMC_ERROR_AUTHENTICATION_FAILED == (temp = ckmc_verify_signature( + XML_1_EXPECTED_KEY_1_RSA, + NULL, + msg_buff, + *signature, + hash_algo, + pad_algo)), + CKMCReadableError(temp)); + + // correct password + RUNNER_ASSERT_MSG( + CKMC_ERROR_NONE == (temp = ckmc_verify_signature( + XML_1_EXPECTED_KEY_1_RSA, + XML_1_EXPECTED_KEY_1_PASSWD, + msg_buff, + *signature, + hash_algo, + pad_algo)), + CKMCReadableError(temp)); + + ckmc_buffer_free(signature); +}