From: Krzysztof Jackiewicz <k.jackiewicz@samsung.com>
Date: Tue, 4 Jul 2017 09:45:36 +0000 (+0200)
Subject: CKM: Test for different sign/verify params
X-Git-Tag: security-manager_5.5_testing~9^2~11
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f747fff8328c5f083ba733808042be39a2f86c47;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git

CKM: Test for different sign/verify params

Test valid and invalid combinations of padding, hash function and message
length for functions ckmc_create_signature and ckmc_verify_signature.

Change-Id: I2133c3cb8996c5280b33230040959fa430d1b528
---

diff --git a/src/ckm/unprivileged/capi-testcases.cpp b/src/ckm/unprivileged/capi-testcases.cpp
index 0d8056b..757826f 100644
--- a/src/ckm/unprivileged/capi-testcases.cpp
+++ b/src/ckm/unprivileged/capi-testcases.cpp
@@ -1279,7 +1279,7 @@ RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
 			CKMCReadableError(temp));
 }
 
-RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
+RUNNER_TEST(T3083a_CAPI__rsa_key_create_verify_negative)
 {
 	int temp;
 
@@ -1326,6 +1326,137 @@ RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
 			CKMCReadableError(temp));
 }
 
+RUNNER_TEST(T3083b_CAPI__rsa_key_create_verify_hash_and_padding)
+{
+	int temp;
+
+	unsigned char hashed_msg[256] = {}; // shouldn't need padding (2048-bit key)
+	ckmc_raw_buffer_s msg_buff;
+	msg_buff.data = hashed_msg;
+	msg_buff.size = sizeof(hashed_msg);
+	ckmc_raw_buffer_s short_data = prepare_message_buffer("length not equal to key size");
+	CKM::Alias pub_alias = "pub1";
+	CKM::Alias pri_alias = "prv1";
+	char *pri_passwd = NULL;
+	char *pub_passwd = NULL;
+	ckmc_raw_buffer_s *signature;
+
+	// sign: no padding + hash
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_create_signature(
+					pri_alias.c_str(),
+					pri_passwd,
+					msg_buff,
+					CKMC_HASH_SHA256,
+					CKMC_NONE_PADDING,
+					&signature)),
+			CKMCReadableError(temp));
+
+	// sign: no padding + no hash + short data
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_create_signature(
+					pri_alias.c_str(),
+					pri_passwd,
+					short_data,
+					CKMC_HASH_NONE,
+					CKMC_NONE_PADDING,
+					&signature)),
+			CKMCReadableError(temp));
+
+	// sign: no padding + no hash + correct length
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+					pri_alias.c_str(),
+					pri_passwd,
+					msg_buff,
+					CKMC_HASH_NONE,
+					CKMC_NONE_PADDING,
+					&signature)),
+			CKMCReadableError(temp));
+
+	// verify: no padding + no hash
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+					pub_alias.c_str(),
+					pub_passwd,
+					msg_buff,
+					*signature,
+					CKMC_HASH_NONE,
+					CKMC_NONE_PADDING)),
+			CKMCReadableError(temp));
+
+	// verify: padding + no hash
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+					pub_alias.c_str(),
+					pub_passwd,
+					msg_buff,
+					*signature,
+					CKMC_HASH_NONE,
+					CKMC_PKCS1_PADDING)),
+			CKMCReadableError(temp));
+
+	// verify: no padding + hash
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_verify_signature(
+					pub_alias.c_str(),
+					pub_passwd,
+					msg_buff,
+					*signature,
+					CKMC_HASH_SHA256,
+					CKMC_NONE_PADDING)),
+			CKMCReadableError(temp));
+
+	ckmc_buffer_free(signature);
+
+	// sign: padding + no hash + short data
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_create_signature(
+					pri_alias.c_str(),
+					pri_passwd,
+					short_data,
+					CKMC_HASH_NONE,
+					CKMC_PKCS1_PADDING,
+					&signature)),
+			CKMCReadableError(temp));
+
+	// verify: padding + no hash
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
+					pub_alias.c_str(),
+					pub_passwd,
+					short_data,
+					*signature,
+					CKMC_HASH_NONE,
+					CKMC_PKCS1_PADDING)),
+			CKMCReadableError(temp));
+
+	// verify: no padding + no hash
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
+					pub_alias.c_str(),
+					pub_passwd,
+					short_data,
+					*signature,
+					CKMC_HASH_NONE,
+					CKMC_NONE_PADDING)),
+			CKMCReadableError(temp));
+
+	// verify: no padding + hash
+	RUNNER_ASSERT_MSG(
+			CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_verify_signature(
+					pub_alias.c_str(),
+					pub_passwd,
+					short_data,
+					*signature,
+					CKMC_HASH_SHA256,
+					CKMC_NONE_PADDING)),
+			CKMCReadableError(temp));
+
+	ckmc_buffer_free(signature);
+}
+
+
 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
 {
 	int temp;