2 * Copyright (c) 2000 - 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Contact: Bumjin Im <bj.im@samsung.com>
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License
20 * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
26 #include <condition_variable>
29 #include <ckmc/ckmc-type.h>
30 #include <ckm/ckm-manager-async.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-raw-buffer.h>
37 #include <dpl/test/test_runner.h>
38 #include <dpl/test/test_runner_child.h>
39 #include <dpl/log/log.h>
41 #include <tests_common.h>
42 #include <test-certs.h>
43 #include <ckm-common.h>
47 using namespace TestData;
51 const char* TEST_LABEL = "test_label";
52 const CertificateShPtrVector EMPTY_CERT_VECTOR;
53 const AliasVector EMPTY_ALIAS_VECTOR;
55 class MyObserver: public ManagerAsync::Observer
59 m_finished(false), m_error(0)
63 void ReceivedError(int error)
65 LogError("Received error: " << error);
71 void ReceivedSaveKey() { Succeeded(); }
72 void ReceivedSaveCertificate() { Succeeded(); }
73 void ReceivedSaveData() { Succeeded(); }
74 void ReceivedSavePKCS12() { Succeeded(); }
76 void ReceivedRemovedAlias() { Succeeded(); }
78 void ReceivedKey(Key &&) { Succeeded(); }
79 void ReceivedCertificate(Certificate &&) { Succeeded(); }
80 void ReceivedData(RawBuffer &&) { Succeeded(); }
81 void ReceivedPKCS12(PKCS12ShPtr && pkcs) { m_pkcs = pkcs; Succeeded(); }
83 void ReceivedKeyAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
84 void ReceivedCertificateAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
85 void ReceivedDataAliasVector(AliasVector && av) { m_aliases = move(av); Succeeded(); }
87 void ReceivedCreateKeyPairRSA() { Succeeded(); }
88 void ReceivedCreateKeyPairDSA() { Succeeded(); }
89 void ReceivedCreateKeyPairECDSA() { Succeeded(); }
91 void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
92 { m_certChain = move(chain); Succeeded(); }
94 void ReceivedCreateSignature(RawBuffer && buffer) { m_signed = move(buffer); Succeeded(); }
95 void ReceivedVerifySignature() { Succeeded(); }
97 void ReceivedOCSPCheck(int status) { m_ocspStatus = status; Succeeded(); }
99 void ReceivedSetPermission() { Succeeded(); }
101 void WaitForResponse()
103 unique_lock < mutex > lock(m_mutex);
105 m_cv.wait(lock, [this] {return m_finished;});
110 AliasVector m_aliases;
111 CertificateShPtrVector m_certChain;
119 LogDebug("Succeeded");
125 condition_variable m_cv;
128 typedef shared_ptr<MyObserver> MyObserverPtr;
130 const char* TEST_PASS = "test-pass";
140 KeyPair(const std::string& prv_pem, const std::string& pub_pem) {
141 RawBuffer buffer_prv(prv_pem.begin(), prv_pem.end());
142 prv = Key::create(buffer_prv);
145 RawBuffer buffer_pub(pub_pem.begin(), pub_pem.end());
146 pub = Key::create(buffer_pub);
154 typedef map<Type, vector<KeyPair> > KeyMap;
157 KeyMap initializeKeys()
161 km[RSA].emplace_back(
162 "-----BEGIN RSA PRIVATE KEY-----\n"
163 "MIICXAIBAAKBgQDMP6sKttnQ58BAi27b8X+8KVQtJgpJhhCF0RtWaTVqAhVDG3y4\n"
164 "x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06BCWPYH2+7jOfQIOy/TMlt+W7x\n"
165 "fou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+3Op0tEjy0jpmzeyNiQIDAQAB\n"
166 "AoGBAJRDX1CuvNx1bkwsKvQDkTqwMYd4hp0qcVICIbsPMhPaoT6OdHHZkHOf+HDx\n"
167 "KWhOj1LsXgzu95Q+Tp5k+LURI8ayu2RTsz/gYECgPNUsZ7gXl4co1bK+g5kiC+qr\n"
168 "sgSfkbYpp0OXefnl5x4KaJlZeSpn0UdDqx0kwI1x2E098i1VAkEA5thNY9YZNQdN\n"
169 "p6aopxOF5OmAjbLkq6wu255rDM5YgeepXXro/lmPociobtv8vPzbWKfoYZJL0Zj4\n"
170 "Qzj7Qz7s0wJBAOKBbpeG9PuNP1nR1h8kvyuILW8F89JOcIOUeqwokq4eJVqXdFIj\n"
171 "ct8eSEFmyXNqXD7b9+Tcw6vRIZuddVhNcrMCQAlpaD5ZzE1NLu1W7ilhsmPS4Vrl\n"
172 "oE0fiAmMO/EZuKITP+R/zmAQZrrB45whe/x4krjan67auByjj/utpxDmz+ECQEg/\n"
173 "UK80dN/n5dUYgVvdtLyF6zgGhgcGzgyqR5ayOlcfdnq25Htuoy1X02RJDOirfFDw\n"
174 "iNmPMTqUskuYpd1MltECQBwcy1cpnJWIXwCTQwg3enjkOVw80Tbr3iU9ASjHJTH2\n"
175 "N6FGHC4BQCm1fL6Bo0/0oSra+Ika3/1Vw1WwijUSiO8=\n"
176 "-----END RSA PRIVATE KEY-----",
178 "-----BEGIN PUBLIC KEY-----\n"
179 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMP6sKttnQ58BAi27b8X+8KVQt\n"
180 "JgpJhhCF0RtWaTVqAhVDG3y4x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06B\n"
181 "CWPYH2+7jOfQIOy/TMlt+W7xfou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+\n"
182 "3Op0tEjy0jpmzeyNiQIDAQAB\n"
183 "-----END PUBLIC KEY-----"
185 km[DSA].emplace_back(
186 "-----BEGIN DSA PRIVATE KEY-----\n"
187 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
188 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
189 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
190 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
191 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
192 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
193 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
194 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
195 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
196 "yAKPlW7WQzgV5jLLNUW7\n"
197 "-----END DSA PRIVATE KEY-----",
199 "-----BEGIN DSA PRIVATE KEY-----\n"
200 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
201 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
202 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
203 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
204 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
205 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
206 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
207 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
208 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
209 "yAKPlW7WQzgV5jLLNUW7\n"
210 "-----END DSA PRIVATE KEY-----"
212 km[ECDSA].emplace_back(
213 "-----BEGIN EC PRIVATE KEY-----\n"
214 "MF8CAQEEGF3rz8OuFpcESrlqCm0G96oovr0XbX+DRKAKBggqhkjOPQMBAaE0AzIA\n"
215 "BHiZYByQiRNQ91GWNnTfoBbp9G8DP9oJYc/cDZlk4lKUpmbvm//RWf1U7ag3tOVy\n"
217 "-----END EC PRIVATE KEY-----",
219 "-----BEGIN PUBLIC KEY-----\n"
220 "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEeJlgHJCJE1D3UZY2dN+gFun0bwM/\n"
221 "2glhz9wNmWTiUpSmZu+b/9FZ/VTtqDe05XKx\n"
222 "-----END PUBLIC KEY-----"
227 KeyMap keys = initializeKeys();
228 typedef vector<CertificateShPtr> CertVector;
230 const RawBuffer raw_buffer(const char* buffer)
232 return RawBuffer(buffer, buffer + strlen(buffer));
235 const RawBuffer test_buffer = raw_buffer("test_string");
237 template <typename F, typename... Args>
238 void test_negative(F&& func, int expected, Args... args)
240 MyObserverPtr obs = make_shared<MyObserver>();
243 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
244 obs->WaitForResponse();
246 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
248 obs->m_error == expected,
249 "Expected " << expected << "/" << ErrorToString(expected) <<
250 " got: " << obs->m_error << "/" << ErrorToString(obs->m_error));
253 template <typename F, typename... Args>
254 void test_invalid_param(F&& func, Args... args)
256 test_negative(move(func), CKM_API_ERROR_INPUT_PARAM, args...);
259 template <typename F, typename... Args>
260 void test_no_observer(F&& func, Args... args)
262 ManagerAsync::ObserverPtr obs;
266 (mgr.*func)(obs, args...);
267 RUNNER_ASSERT_MSG(false, "function() should have thrown an exception");
268 } catch (const invalid_argument& e) {
271 RUNNER_ASSERT_MSG(false, "Unexpected exception");
275 template <typename F, typename... Args>
276 MyObserverPtr test_positive(F&& func, Args... args)
278 MyObserverPtr obs = make_shared<MyObserver>();
281 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
282 obs->WaitForResponse();
284 RUNNER_ASSERT_MSG(obs->m_finished, "Request is not finished!");
285 RUNNER_ASSERT_MSG(obs->m_error == 0,
286 "Request failed " << obs->m_error << "/" << ErrorToString(obs->m_error));
290 template <typename F, typename... Args>
291 void test_check_aliases(F&& func, const AliasVector& expected, Args... args)
293 auto obs = test_positive(move(func), args...);
294 RUNNER_ASSERT_MSG(obs->m_aliases == expected, "Retrieved aliases differ from expected");
297 template <typename F, typename... Args>
298 void test_check_cert_chain(F&& func, size_t expected, Args... args)
300 auto obs = test_positive(move(func), args...);
302 obs->m_certChain.size() == expected,
303 "Expected chain length: " << expected << " got: " << obs->m_certChain.size());
306 typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
307 const CertificateShPtr&,
308 const CertificateShPtrVector&,
309 const CertificateShPtrVector&,
312 typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
313 const CertificateShPtr&,
321 void init(const std::string &) {
323 ControlShPtr control = Control::create();
325 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(0)),
326 "Error=" << CKM::ErrorToString(temp));
327 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(0, TEST_PASS)),
328 "Error=" << CKM::ErrorToString(temp));
330 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
331 "Error=" << ErrorToString(temp));
332 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->unlockUserKey(APP_UID, TEST_PASS)),
333 "Error=" << ErrorToString(temp));
337 ControlShPtr control = Control::create();
338 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->lockUserKey(APP_UID)),
339 "Error=" << ErrorToString(temp));
340 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(APP_UID)),
341 "Error=" << ErrorToString(temp));
343 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
344 "Error=" << ErrorToString(temp));
345 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == (temp = control->removeUserData(0)),
346 "Error=" << ErrorToString(temp));
350 CKM::Alias alias_PKCS_exportable = "async-test-PKCS-export";
351 CKM::Alias alias_PKCS_not_exportable = "async-test-PKCS-no-export";
353 CKM::PKCS12ShPtr loadPkcs()
355 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
356 std::istreambuf_iterator<char> begin(is), end;
357 std::vector<char> buff(begin, end);
359 CKM::RawBuffer buffer(buff.size());
360 memcpy(buffer.data(), buff.data(), buff.size());
362 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
365 "Error in PKCS12::create()");
367 auto cert = pkcs->getCertificate();
370 "Error in PKCS12::getCertificate()");
372 auto key = pkcs->getKey();
375 "Error in PKCS12::getKey()");
377 auto caVector = pkcs->getCaCertificateShPtrVector();
379 2 == caVector.size(),
380 "Wrong size of vector");
385 } // namespace anonymous
388 RUNNER_TEST_GROUP_INIT(CKM_ASYNC_API);
391 RUNNER_CHILD_TEST(TA0010_save_key_invalid_param, CKMAsyncAPIEnv)
393 switch_to_storage_user(TEST_LABEL);
395 test_no_observer(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
396 test_invalid_param(&ManagerAsync::saveKey, "", keys[RSA][0].prv, Policy());
397 test_invalid_param(&ManagerAsync::saveKey, "alias", KeyShPtr(), Policy());
400 RUNNER_CHILD_TEST(TA0020_save_key_already_exists, CKMAsyncAPIEnv)
402 switch_to_storage_user(TEST_LABEL);
405 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
406 test_negative(&ManagerAsync::saveKey,
407 CKM_API_ERROR_DB_ALIAS_EXISTS,
413 RUNNER_CHILD_TEST(TA0050_save_key_positive, CKMAsyncAPIEnv)
415 switch_to_storage_user(TEST_LABEL);
418 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
423 RUNNER_CHILD_TEST(TA0110_save_cert_invalid_param, CKMAsyncAPIEnv)
425 switch_to_storage_user(TEST_LABEL);
427 CertificateShPtr cert = Certificate::create(test_buffer, DataFormat::FORM_PEM);
428 test_no_observer(&ManagerAsync::saveCertificate, "", cert, Policy());
429 test_invalid_param(&ManagerAsync::saveCertificate, "", cert, Policy());
430 test_invalid_param(&ManagerAsync::saveCertificate, "alias", CertificateShPtr(), Policy());
433 RUNNER_CHILD_TEST(TA0120_save_cert_already_exists, CKMAsyncAPIEnv)
435 switch_to_storage_user(TEST_LABEL);
438 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
439 test_negative(&ManagerAsync::saveCertificate,
440 CKM_API_ERROR_DB_ALIAS_EXISTS,
442 getTestCertificate(MBANK),
446 RUNNER_CHILD_TEST(TA0150_save_cert_positive, CKMAsyncAPIEnv)
448 switch_to_storage_user(TEST_LABEL);
451 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
456 RUNNER_CHILD_TEST(TA0210_save_data_invalid_param, CKMAsyncAPIEnv)
458 switch_to_storage_user(TEST_LABEL);
460 test_no_observer(&ManagerAsync::saveData, "", test_buffer, Policy());
461 test_invalid_param(&ManagerAsync::saveData, "", test_buffer, Policy());
462 test_invalid_param(&ManagerAsync::saveData, "alias", RawBuffer(), Policy());
465 RUNNER_CHILD_TEST(TA0220_save_data_already_exists, CKMAsyncAPIEnv)
467 switch_to_storage_user(TEST_LABEL);
470 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
471 test_negative(&ManagerAsync::saveData,
472 CKM_API_ERROR_DB_ALIAS_EXISTS,
478 RUNNER_CHILD_TEST(TA0250_save_data_positive, CKMAsyncAPIEnv)
480 switch_to_storage_user(TEST_LABEL);
483 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
488 RUNNER_CHILD_TEST(TA0310_remove_alias_invalid_param, CKMAsyncAPIEnv)
490 switch_to_storage_user(TEST_LABEL);
492 test_no_observer(&ManagerAsync::removeAlias, "alias");
493 test_invalid_param(&ManagerAsync::removeAlias, "");
496 RUNNER_CHILD_TEST(TA0330_remove_alias_unknown_alias, CKMAsyncAPIEnv)
498 switch_to_storage_user(TEST_LABEL);
500 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
503 RUNNER_CHILD_TEST(TA0350_remove_key_positive, CKMAsyncAPIEnv)
505 switch_to_storage_user(TEST_LABEL);
508 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy());
509 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
513 RUNNER_CHILD_TEST(TA0450_remove_cert_positive, CKMAsyncAPIEnv)
515 switch_to_storage_user(TEST_LABEL);
518 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy());
519 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
523 RUNNER_CHILD_TEST(TA0550_remove_data_positive, CKMAsyncAPIEnv)
525 switch_to_storage_user(TEST_LABEL);
528 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
529 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias"));
534 RUNNER_CHILD_TEST(TA0610_get_key_invalid_param, CKMAsyncAPIEnv)
536 switch_to_storage_user(TEST_LABEL);
538 test_no_observer(&ManagerAsync::getKey, "alias", "");
539 test_invalid_param(&ManagerAsync::getKey, "", "");
542 RUNNER_CHILD_TEST(TA0630_get_key_unknown_alias, CKMAsyncAPIEnv)
544 switch_to_storage_user(TEST_LABEL);
546 test_negative(&ManagerAsync::getKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
549 RUNNER_CHILD_TEST(TA0640_get_key_wrong_password, CKMAsyncAPIEnv)
551 switch_to_storage_user(TEST_LABEL);
554 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
555 test_negative(&ManagerAsync::getKey,
556 CKM_API_ERROR_AUTHENTICATION_FAILED,
561 RUNNER_CHILD_TEST(TA0650_get_key_positive, CKMAsyncAPIEnv)
563 switch_to_storage_user(TEST_LABEL);
566 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
567 test_positive(&ManagerAsync::getKey, dbc.alias("alias"), "password");
572 RUNNER_CHILD_TEST(TA0710_get_cert_invalid_param, CKMAsyncAPIEnv)
574 switch_to_storage_user(TEST_LABEL);
576 test_no_observer(&ManagerAsync::getCertificate, "alias", "");
577 test_invalid_param(&ManagerAsync::getCertificate, "", "");
580 RUNNER_CHILD_TEST(TA0730_get_cert_unknown_alias, CKMAsyncAPIEnv)
582 switch_to_storage_user(TEST_LABEL);
584 test_negative(&ManagerAsync::getCertificate,
585 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
586 "non-existing-alias",
590 RUNNER_CHILD_TEST(TA0740_get_cert_wrong_password, CKMAsyncAPIEnv)
592 switch_to_storage_user(TEST_LABEL);
595 test_positive(&ManagerAsync::saveCertificate,
597 getTestCertificate(MBANK),
599 test_negative(&ManagerAsync::getCertificate,
600 CKM_API_ERROR_AUTHENTICATION_FAILED,
605 RUNNER_CHILD_TEST(TA0750_get_cert_positive, CKMAsyncAPIEnv)
607 switch_to_storage_user(TEST_LABEL);
610 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias"), getTestCertificate(MBANK), Policy("password"));
611 test_positive(&ManagerAsync::getCertificate, dbc.alias("alias"), "password");
616 RUNNER_CHILD_TEST(TA0810_get_data_invalid_param, CKMAsyncAPIEnv)
618 switch_to_storage_user(TEST_LABEL);
620 test_no_observer(&ManagerAsync::getData, "alias", "");
621 test_invalid_param(&ManagerAsync::getData, "", "");
624 RUNNER_CHILD_TEST(TA0830_get_data_unknown_alias, CKMAsyncAPIEnv)
626 switch_to_storage_user(TEST_LABEL);
628 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
631 RUNNER_CHILD_TEST(TA0840_get_data_wrong_password, CKMAsyncAPIEnv)
633 switch_to_storage_user(TEST_LABEL);
636 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
637 test_negative(&ManagerAsync::getData,
638 CKM_API_ERROR_AUTHENTICATION_FAILED,
643 RUNNER_CHILD_TEST(TA0850_get_data_positive, CKMAsyncAPIEnv)
645 switch_to_storage_user(TEST_LABEL);
648 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy("password"));
649 test_positive(&ManagerAsync::getData, dbc.alias("alias"), "password");
654 RUNNER_CHILD_TEST(TA0910_get_key_alias_vector_invalid_param, CKMAsyncAPIEnv)
656 switch_to_storage_user(TEST_LABEL);
658 test_no_observer(&ManagerAsync::getKeyAliasVector);
661 RUNNER_CHILD_TEST(TA0950_get_key_alias_vector_positive, CKMAsyncAPIEnv)
663 switch_to_storage_user(TEST_LABEL);
666 test_positive(&ManagerAsync::saveKey, dbc.alias("alias1"), keys[RSA][0].prv, Policy());
667 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
669 test_positive(&ManagerAsync::saveKey, dbc.alias("alias2"), keys[DSA][0].prv, Policy());
670 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
671 aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
673 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
674 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
678 // getCertificateAliasVector
679 RUNNER_CHILD_TEST(TA1010_get_cert_alias_vector_invalid_param, CKMAsyncAPIEnv)
681 switch_to_storage_user(TEST_LABEL);
683 test_no_observer(&ManagerAsync::getCertificateAliasVector);
686 RUNNER_CHILD_TEST(TA1050_get_cert_alias_vector_positive, CKMAsyncAPIEnv)
688 switch_to_storage_user(TEST_LABEL);
691 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias1"), getTestCertificate(MBANK), Policy());
692 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
694 test_positive(&ManagerAsync::saveCertificate, dbc.alias("alias2"), getTestCertificate(SYMANTEC), Policy());
695 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
696 aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
698 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
699 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
703 // getDataAliasVector
704 RUNNER_CHILD_TEST(TA1110_get_data_alias_vector_invalid_param, CKMAsyncAPIEnv)
706 switch_to_storage_user(TEST_LABEL);
708 test_no_observer(&ManagerAsync::getDataAliasVector);
711 RUNNER_CHILD_TEST(TA1150_get_data_alias_vector_positive, CKMAsyncAPIEnv)
713 switch_to_storage_user(TEST_LABEL);
716 test_positive(&ManagerAsync::saveData, dbc.alias("alias1"), test_buffer, Policy());
717 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")) });
719 test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
720 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias1")),
721 aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
723 test_positive(&ManagerAsync::removeAlias, dbc.alias("alias1"));
724 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias2")) });
729 RUNNER_CHILD_TEST(TA1210_create_key_pair_rsa_invalid_param, CKMAsyncAPIEnv)
731 switch_to_storage_user(TEST_LABEL);
733 test_no_observer(&ManagerAsync::createKeyPairRSA,
741 RUNNER_CHILD_TEST(TA1220_create_key_pair_rsa_already_exists, CKMAsyncAPIEnv)
743 switch_to_storage_user(TEST_LABEL);
746 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy());
747 test_negative(&ManagerAsync::createKeyPairRSA,
748 CKM_API_ERROR_DB_ALIAS_EXISTS,
750 dbc.alias("alias_prv"),
751 dbc.alias("alias_pub"),
756 RUNNER_CHILD_TEST(TA1250_create_key_pair_rsa_positive, CKMAsyncAPIEnv)
758 switch_to_storage_user(TEST_LABEL);
761 test_positive(&ManagerAsync::createKeyPairRSA,
763 dbc.alias("alias_prv"),
764 dbc.alias("alias_pub"),
768 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
769 aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
773 RUNNER_CHILD_TEST(TA1270_create_key_pair_dsa_invalid_param, CKMAsyncAPIEnv)
775 switch_to_storage_user(TEST_LABEL);
777 test_no_observer(&ManagerAsync::createKeyPairDSA,
785 RUNNER_CHILD_TEST(TA1280_create_key_pair_dsa_already_exists, CKMAsyncAPIEnv)
787 switch_to_storage_user(TEST_LABEL);
790 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[DSA][0].prv, Policy());
791 test_negative(&ManagerAsync::createKeyPairDSA,
792 CKM_API_ERROR_DB_ALIAS_EXISTS,
794 dbc.alias("alias_prv"),
795 dbc.alias("alias_pub"),
800 RUNNER_CHILD_TEST(TA1290_create_key_pair_dsa_positive, CKMAsyncAPIEnv)
802 switch_to_storage_user(TEST_LABEL);
805 test_positive(&ManagerAsync::createKeyPairDSA,
807 dbc.alias("alias_prv"),
808 dbc.alias("alias_pub"),
812 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
813 aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
816 // createKeyPairECDSA
817 RUNNER_CHILD_TEST(TA1310_create_key_pair_ecdsa_invalid_param, CKMAsyncAPIEnv)
819 switch_to_storage_user(TEST_LABEL);
821 test_no_observer(&ManagerAsync::createKeyPairECDSA,
822 ElipticCurve::prime192v1,
829 RUNNER_CHILD_TEST(TA1320_create_key_pair_ecdsa_already_exists, CKMAsyncAPIEnv)
831 switch_to_storage_user(TEST_LABEL);
834 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[ECDSA][0].prv, Policy());
835 test_negative(&ManagerAsync::createKeyPairECDSA,
836 CKM_API_ERROR_DB_ALIAS_EXISTS,
837 ElipticCurve::prime192v1,
838 dbc.alias("alias_prv"),
839 dbc.alias("alias_pub"),
844 RUNNER_CHILD_TEST(TA1350_create_key_pair_ecdsa_positive, CKMAsyncAPIEnv)
846 switch_to_storage_user(TEST_LABEL);
849 test_positive(&ManagerAsync::createKeyPairECDSA,
850 ElipticCurve::prime192v1,
851 dbc.alias("alias_prv"),
852 dbc.alias("alias_pub"),
856 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabel(TEST_LABEL, dbc.alias("alias_prv")),
857 aliasWithLabel(TEST_LABEL, dbc.alias("alias_pub")) });
861 // getCertificateChain
862 RUNNER_CHILD_TEST(TA1410_get_certificate_chain_invalid_param, CKMAsyncAPIEnv)
864 switch_to_storage_user(TEST_LABEL);
866 CertificateShPtr cert = getTestCertificate(MBANK);
867 CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
868 test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
873 test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
879 Alias alias = "alias";
880 AliasVector aliasv = { alias };
881 test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain,
886 test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
893 RUNNER_CHILD_TEST(TA1420_get_certificate_chain_negative, CKMAsyncAPIEnv)
895 switch_to_storage_user(TEST_LABEL);
898 CertificateShPtr cert = getTestCertificate(MBANK);
899 CertificateShPtrVector certv = { getTestCertificate(MBANK) };
900 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
901 CKM_API_ERROR_VERIFICATION_FAILED,
906 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
907 CKM_API_ERROR_VERIFICATION_FAILED,
912 AliasVector aliasv = { dbc.alias("alias") };
913 test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(MBANK), Policy());
914 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
915 CKM_API_ERROR_VERIFICATION_FAILED,
920 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
921 CKM_API_ERROR_VERIFICATION_FAILED,
928 RUNNER_CHILD_TEST(TA1450_get_certificate_chain_positive, CKMAsyncAPIEnv)
930 switch_to_storage_user(TEST_LABEL);
933 CertificateShPtr cert = getTestCertificate(MBANK);
934 CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
935 test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
942 AliasVector aliasv = { dbc.alias("alias") };
943 test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(SYMANTEC), Policy());
944 test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
954 RUNNER_CHILD_TEST(TA1510_create_signature_invalid_param, CKMAsyncAPIEnv)
956 switch_to_storage_user(TEST_LABEL);
958 test_no_observer(&ManagerAsync::createSignature,
963 RSAPaddingAlgorithm::PKCS1);
964 test_invalid_param(&ManagerAsync::createSignature,
969 RSAPaddingAlgorithm::PKCS1);
970 test_invalid_param(&ManagerAsync::createSignature,
975 RSAPaddingAlgorithm::PKCS1);
978 RUNNER_CHILD_TEST(TA1520_create_signature_invalid_password, CKMAsyncAPIEnv)
980 switch_to_storage_user(TEST_LABEL);
983 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
984 test_negative(&ManagerAsync::createSignature,
985 CKM_API_ERROR_INPUT_PARAM,
990 RSAPaddingAlgorithm::PKCS1);
993 RUNNER_CHILD_TEST(TA1550_create_signature_positive, CKMAsyncAPIEnv)
995 switch_to_storage_user(TEST_LABEL);
998 test_positive(&ManagerAsync::saveKey, dbc.alias("alias"), keys[RSA][0].prv, Policy("password"));
999 test_positive(&ManagerAsync::createSignature,
1003 HashAlgorithm::SHA1,
1004 RSAPaddingAlgorithm::PKCS1);
1009 RUNNER_CHILD_TEST(TA1610_verify_signature_invalid_param, CKMAsyncAPIEnv)
1011 switch_to_storage_user(TEST_LABEL);
1013 test_no_observer(&ManagerAsync::verifySignature,
1018 HashAlgorithm::SHA1,
1019 RSAPaddingAlgorithm::PKCS1);
1020 test_invalid_param(&ManagerAsync::verifySignature,
1025 HashAlgorithm::SHA1,
1026 RSAPaddingAlgorithm::PKCS1);
1029 RUNNER_CHILD_TEST(TA1620_verify_signature_invalid_password, CKMAsyncAPIEnv)
1031 switch_to_storage_user(TEST_LABEL);
1034 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
1035 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
1036 auto obs = test_positive(&ManagerAsync::createSignature,
1037 dbc.alias("alias_prv"),
1040 HashAlgorithm::SHA1,
1041 RSAPaddingAlgorithm::PKCS1);
1043 test_negative(&ManagerAsync::verifySignature,
1044 CKM_API_ERROR_AUTHENTICATION_FAILED,
1045 dbc.alias("alias_pub"),
1049 HashAlgorithm::SHA1,
1050 RSAPaddingAlgorithm::PKCS1);
1053 RUNNER_CHILD_TEST(TA1630_verify_signature_invalid_message, CKMAsyncAPIEnv)
1055 switch_to_storage_user(TEST_LABEL);
1058 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
1059 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
1061 auto obs = test_positive(&ManagerAsync::createSignature,
1062 dbc.alias("alias_prv"),
1065 HashAlgorithm::SHA1,
1066 RSAPaddingAlgorithm::PKCS1);
1068 test_negative(&ManagerAsync::verifySignature,
1069 CKM_API_ERROR_VERIFICATION_FAILED,
1070 dbc.alias("alias_pub"),
1072 raw_buffer("invalid-unsigned-mesage"),
1074 HashAlgorithm::SHA1,
1075 RSAPaddingAlgorithm::PKCS1);
1078 RUNNER_CHILD_TEST(TA1640_verify_signature_invalid_signature, CKMAsyncAPIEnv)
1080 switch_to_storage_user(TEST_LABEL);
1083 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy(""));
1085 test_negative(&ManagerAsync::verifySignature,
1086 CKM_API_ERROR_VERIFICATION_FAILED,
1087 dbc.alias("alias_pub"),
1090 raw_buffer("invalid-signature"),
1091 HashAlgorithm::SHA1,
1092 RSAPaddingAlgorithm::PKCS1);
1095 RUNNER_CHILD_TEST(TA1650_verify_signature_wrong_key, CKMAsyncAPIEnv)
1097 switch_to_storage_user(TEST_LABEL);
1100 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy(""));
1101 auto obs = test_positive(&ManagerAsync::createSignature,
1102 dbc.alias("alias_prv"),
1105 HashAlgorithm::SHA1,
1106 RSAPaddingAlgorithm::PKCS1);
1108 test_negative(&ManagerAsync::verifySignature,
1109 CKM_API_ERROR_SERVER_ERROR,
1110 dbc.alias("alias_prv"),
1114 HashAlgorithm::SHA1,
1115 RSAPaddingAlgorithm::PKCS1);
1118 RUNNER_CHILD_TEST(TA1660_verify_signature_positive, CKMAsyncAPIEnv)
1120 switch_to_storage_user(TEST_LABEL);
1123 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_prv"), keys[RSA][0].prv, Policy("pass1"));
1124 test_positive(&ManagerAsync::saveKey, dbc.alias("alias_pub"), keys[RSA][0].pub, Policy("pass2"));
1125 auto obs = test_positive(&ManagerAsync::createSignature,
1126 dbc.alias("alias_prv"),
1129 HashAlgorithm::SHA1,
1130 RSAPaddingAlgorithm::PKCS1);
1132 test_positive(&ManagerAsync::verifySignature,
1133 dbc.alias("alias_pub"),
1137 HashAlgorithm::SHA1,
1138 RSAPaddingAlgorithm::PKCS1);
1143 RUNNER_CHILD_TEST(TA1710_ocsp_check_invalid_param, CKMAsyncAPIEnv)
1145 test_no_observer(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1146 test_invalid_param(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1149 RUNNER_CHILD_TEST(TA1720_ocsp_check_negative, CKMAsyncAPIEnv)
1151 switch_to_storage_ocsp_user(TEST_LABEL);
1154 CertificateShPtrVector certv = { getTestCertificate(MBANK), getTestCertificate(MBANK) };
1156 auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
1157 RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
1158 "Verification should fail. Got: " << obs->m_ocspStatus);
1161 RUNNER_CHILD_TEST(TA1750_ocsp_check_positive, CKMAsyncAPIEnv)
1163 switch_to_storage_ocsp_user(TEST_LABEL);
1166 CertificateShPtr cert = getTestCertificate(MBANK);
1167 CertificateShPtrVector certv = { getTestCertificate(SYMANTEC) };
1168 auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
1174 auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
1175 RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
1176 "Verification failed. Error: " << obs->m_ocspStatus);
1180 RUNNER_CHILD_TEST(TA1810_allow_access_invalid_param, CKMAsyncAPIEnv)
1182 switch_to_storage_user(TEST_LABEL);
1184 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1185 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1186 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::READ | CKM::Permission::REMOVE);
1189 RUNNER_TEST(TA1820_allow_access, CKMAsyncAPIEnv)
1192 CharPtr top_label = get_label();
1193 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
1194 test_positive(&ManagerAsync::saveData, dbc.alias("alias2"), test_buffer, Policy());
1195 test_positive(&ManagerAsync::saveData, dbc.alias("alias3"), test_buffer, Policy());
1196 test_positive(&ManagerAsync::setPermission,
1197 dbc.alias("alias2"),
1199 CKM::Permission::READ);
1200 test_positive(&ManagerAsync::setPermission,
1201 dbc.alias("alias3"),
1203 CKM::Permission::READ | CKM::Permission::REMOVE);
1206 ScopedLabel label(TEST_LABEL);
1208 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"), "");
1209 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias"));
1211 // test from allowed label, but without properly addressing alias (coming from default label)
1212 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, dbc.alias("alias2"), "");
1214 // now test with appropriate addressing
1215 std::string full_alias2_address = aliasWithLabel(top_label.get(), dbc.alias("alias2"));
1216 test_positive(&ManagerAsync::getData, full_alias2_address, "");
1217 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_ACCESS_DENIED, full_alias2_address);
1219 std::string full_alias3_address = aliasWithLabel(top_label.get(), dbc.alias("alias3"));
1220 test_positive(&ManagerAsync::getData, full_alias3_address, "");
1221 test_positive(&ManagerAsync::removeAlias, full_alias3_address);
1226 RUNNER_CHILD_TEST(TA1910_deny_access_invalid_param, CKMAsyncAPIEnv)
1228 switch_to_storage_user(TEST_LABEL);
1230 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::NONE);
1231 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::NONE);
1232 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::NONE);
1235 RUNNER_TEST(TA1920_deny_access, CKMAsyncAPIEnv)
1238 CharPtr top_label = get_label();
1239 test_positive(&ManagerAsync::saveData, dbc.alias("alias"), test_buffer, Policy());
1240 test_positive(&ManagerAsync::setPermission,
1243 CKM::Permission::READ | CKM::Permission::REMOVE);
1244 test_positive(&ManagerAsync::setPermission, dbc.alias("alias"), TEST_LABEL, CKM::Permission::NONE);
1247 ScopedLabel label(TEST_LABEL);
1249 std::string full_alias_address = aliasWithLabel(top_label.get(), dbc.alias("alias"));
1250 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address, "");
1251 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, full_alias_address);
1255 RUNNER_TEST(TA2000_PKCS_add_bundle_with_chain_certs, CKMAsyncAPIEnv)
1258 auto pkcs = loadPkcs();
1261 CKM::Policy exportable;
1262 CKM::Policy notExportable(CKM::Password(), false);
1264 test_positive(&ManagerAsync::savePKCS12,
1265 dbc.alias(alias_PKCS_exportable.c_str()),
1269 test_negative(&ManagerAsync::savePKCS12,
1270 CKM_API_ERROR_DB_ALIAS_EXISTS,
1271 dbc.alias(alias_PKCS_exportable.c_str()),
1276 test_positive(&ManagerAsync::savePKCS12,
1277 dbc.alias(alias_PKCS_not_exportable.c_str()),
1281 test_negative(&ManagerAsync::savePKCS12,
1282 CKM_API_ERROR_DB_ALIAS_EXISTS,
1283 dbc.alias(alias_PKCS_not_exportable.c_str()),
1289 RUNNER_TEST(TA2010_PKCS_get, CKMAsyncAPIEnv)
1293 auto pkcs = loadPkcs();
1296 CKM::Policy exportable;
1297 CKM::Policy notExportable(CKM::Password(), false);
1299 test_positive(&ManagerAsync::savePKCS12,
1300 dbc.alias(alias_PKCS_exportable.c_str()),
1304 test_positive(&ManagerAsync::savePKCS12,
1305 dbc.alias(alias_PKCS_not_exportable.c_str()),
1311 test_negative(&ManagerAsync::getPKCS12,
1312 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
1318 // fail - not exportable
1319 test_negative(&ManagerAsync::getPKCS12,
1320 CKM_API_ERROR_NOT_EXPORTABLE,
1321 dbc.alias(alias_PKCS_not_exportable.c_str()),
1325 // success - exportable
1326 auto obs = test_positive(&ManagerAsync::getPKCS12,
1327 dbc.alias(alias_PKCS_exportable.c_str()),
1331 auto cert = obs->m_pkcs->getCertificate();
1334 "Error in PKCS12::getCertificate()");
1336 auto key = obs->m_pkcs->getKey();
1339 "Error in PKCS12::getKey()");
1341 auto caVector = obs->m_pkcs->getCaCertificateShPtrVector();
1343 2 == caVector.size(),
1344 "Wrong size of vector");