3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
23 const int USER_APP = 5000;
24 const int GROUP_APP = 5000;
26 const int USER_APP_2 = 5020;
27 const int USER_APP_3 = 5030;
29 const char * const APP_PASS = "user-pass";
30 const int USER_TEST = 5001;
32 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
33 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
34 } // namespace anonymous
37 * How to numerate tests:
39 * T - test case (always T)
40 * AB - number of test group (always two digits)
41 * C - test number in group (all tests with same TABC must be run in the same time).
45 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
46 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
47 stop_service(MANAGER);
48 start_service(MANAGER);
50 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
51 std::istreambuf_iterator<char> begin(is), end;
52 std::vector<char> buff(begin, end);
54 CKM::RawBuffer buffer(buff.size());
55 memcpy(buffer.data(), buff.data(), buff.size());
57 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
60 "Error in PKCS12::create()");
62 // all further tests will start with newly started service,
63 // OpenSSL on the service side will have to be properly initialized too
64 stop_service(MANAGER);
65 start_service(MANAGER);
68 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
70 RUNNER_TEST(T0011_Control)
73 auto control = CKM::Control::create();
75 control->removeUserData(0);
76 control->removeUserData(USER_APP_2);
77 control->removeUserData(USER_APP);
80 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
81 "Error=" << CKMErrorToString(temp));
84 RUNNER_TEST(T0012_Control)
87 auto control = CKM::Control::create();
89 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
90 "Error=" << CKMErrorToString(temp));
92 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
93 "Error=" << CKMErrorToString(temp));
96 RUNNER_TEST(T0013_Control)
99 auto control = CKM::Control::create();
101 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
102 "Error=" << CKMErrorToString(temp));
105 RUNNER_TEST(T0014_Control)
108 auto control = CKM::Control::create();
110 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
111 "Error=" << CKMErrorToString(temp));
114 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
115 "Error=" << CKMErrorToString(temp));
118 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
119 "Error=" << CKMErrorToString(temp));
122 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
123 "Error=" << CKMErrorToString(temp));
126 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
127 "Error=" << CKMErrorToString(temp));
130 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
131 "Error=" << CKMErrorToString(temp));
134 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
135 "Error=" << CKMErrorToString(temp));
138 RUNNER_TEST(T0015_Control)
141 auto control = CKM::Control::create();
143 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
144 "Error=" << CKMErrorToString(temp));
146 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
147 "Error=" << CKMErrorToString(temp));
149 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
150 "Error=" << CKMErrorToString(temp));
152 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
153 "Error=" << CKMErrorToString(temp));
156 RUNNER_TEST(T0016_Control_negative_wrong_password)
159 auto control = CKM::Control::create();
161 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
162 "Error=" << CKMErrorToString(temp));
164 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
165 "Error=" << CKMErrorToString(temp));
167 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
168 "Error=" << CKMErrorToString(temp));
170 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
171 "Error=" << CKMErrorToString(temp));
173 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
174 "Error=" << CKMErrorToString(temp));
177 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
179 RUNNER_TEST(T1010_init)
181 unlock_user_data(USER_APP, "user-pass");
184 RUNNER_TEST(T1011_key)
187 auto manager = CKM::Manager::create();
189 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
190 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
191 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
192 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
193 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
194 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
195 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
197 "-----END PUBLIC KEY-----";
199 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
200 auto key = CKM::Key::create(buffer, CKM::Password());
202 CKM::Alias alias = sharedDatabase("mykey");
205 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
206 "Error=" << CKMErrorToString(temp));
208 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
209 "Error=" << CKMErrorToString(temp));
211 key->getDER() == key2->getDER(),
212 "Key value has been changed by service");
215 RUNNER_TEST(T1012_certificate)
218 auto manager = CKM::Manager::create();
220 auto cert = TestData::getTestCertificate(TestData::GIAG2);
221 CKM::CertificateShPtr cert2;
222 CKM::Alias alias = sharedDatabase("myCert");
225 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
226 "Error=" << CKMErrorToString(temp));
228 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
229 "Error=" << CKMErrorToString(temp));
231 cert->getDER() == cert2->getDER(),
232 "Data has been modified in key manager");
235 RUNNER_CHILD_TEST(T1013_user_app_save_key)
237 ScopedAccessProvider ap(TEST_LABEL);
238 ap.allowAPI("key-manager::api-storage", "rw");
239 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
241 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
242 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
243 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
244 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
245 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
246 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
247 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
249 "-----END PUBLIC KEY-----";
252 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
253 auto key = CKM::Key::create(buffer, CKM::Password());
255 CKM::Alias alias = "mykey";
256 auto manager = CKM::Manager::create();
259 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
260 "Error=" << CKMErrorToString(temp));
262 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
263 "Error=" << CKMErrorToString(temp));
265 key->getDER() == key2->getDER(), "Key value has been changed by service");
268 RUNNER_TEST(T1014_save_with_label)
270 ScopedAccessProvider ap(TEST_LABEL);
271 ap.allowAPI("key-manager::api-storage", "rw");
272 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
275 auto manager = CKM::Manager::create();
277 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
278 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
279 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
280 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
281 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
282 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
283 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
285 "-----END PUBLIC KEY-----";
287 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
288 auto key = CKM::Key::create(buffer, CKM::Password());
289 CKM::KeyShPtr key_name, key_full_addr;
290 CKM::Alias alias = "mykey-2";
291 std::string top_label = getOwnerIdFromSelf();
292 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
295 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
296 "Error=" << CKMErrorToString(temp));
300 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
301 "Error=" << CKMErrorToString(temp));
303 key->getDER() == key_name->getDER(),
304 "Key value has been changed by service");
306 // lookup by full address
308 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
309 "Error=" << CKMErrorToString(temp));
311 key->getDER() == key_full_addr->getDER(),
312 "Key value has been changed by service");
315 RUNNER_TEST(T1015_deinit)
318 remove_user_data(USER_APP);
321 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
323 RUNNER_TEST(T1020_init)
326 auto control = CKM::Control::create();
328 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
329 "Error=" << CKMErrorToString(temp));
332 RUNNER_TEST(T1021_save_keys_get_alias)
335 auto manager = CKM::Manager::create();
337 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
338 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
339 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
340 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
341 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
342 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
343 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
345 "-----END PUBLIC KEY-----";
347 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
348 auto key = CKM::Key::create(buffer, CKM::Password());
349 CKM::AliasVector labelAliasVector;
351 size_t current_aliases_num = count_aliases(ALIAS_KEY);
353 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey1").c_str(), key, CKM::Policy())),
354 "Error=" << CKMErrorToString(temp));
356 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey2").c_str(), key, CKM::Policy())),
357 "Error=" << CKMErrorToString(temp));
359 CKM_API_SUCCESS == (temp = manager->saveKey(sharedDatabase("rootkey3").c_str(), key, CKM::Policy(CKM::Password(), false))),
360 "Error=" << CKMErrorToString(temp));
362 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
363 "Error=" << CKMErrorToString(temp));
365 labelAliasVector.size() == (current_aliases_num+3),
366 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
369 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
371 ScopedAccessProvider ap(TEST_LABEL);
372 ap.allowAPI("key-manager::api-storage", "rw");
373 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
376 auto manager = CKM::Manager::create();
378 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
379 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
380 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
381 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
382 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
383 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
384 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
386 "-----END PUBLIC KEY-----";
388 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
389 auto key = CKM::Key::create(buffer, CKM::Password());
390 CKM::AliasVector labelAliasVector;
392 size_t current_aliases_num = count_aliases(ALIAS_KEY);
394 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
395 "Error=" << CKMErrorToString(temp));
397 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
398 "Error=" << CKMErrorToString(temp));
400 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
401 "Error=" << CKMErrorToString(temp));
403 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
404 "Error=" << CKMErrorToString(temp));
406 labelAliasVector.size() == (current_aliases_num+3),
407 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
410 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
412 ScopedAccessProvider ap(TEST_LABEL);
413 ap.allowAPI("key-manager::api-storage", "rw");
414 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
417 auto manager = CKM::Manager::create();
419 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
420 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
421 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
422 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
423 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
424 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
425 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
427 "-----END PUBLIC KEY-----";
429 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
430 auto key = CKM::Key::create(buffer, CKM::Password());
431 CKM::AliasVector aliasVector;
432 CKM::Policy notExportable(CKM::Password(), false);
435 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
436 "Error=" << CKMErrorToString(temp));
438 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
439 "Error=" << CKMErrorToString(temp));
441 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
442 "Error=" << CKMErrorToString(temp));
445 RUNNER_TEST(T1029_deinit)
448 remove_user_data(USER_APP);
451 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
452 RUNNER_TEST(T1030_init)
455 reset_user_data(USER_APP, APP_PASS);
458 RUNNER_TEST(T1031_save_get_bin_data)
461 auto manager = CKM::Manager::create();
463 std::string binData1 = "My bin data1";
464 std::string binData2 = "My bin data2";
465 std::string binData3 = "My bin data3";
467 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
468 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
469 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
471 CKM::AliasVector labelAliasVector;
473 size_t current_aliases_num = count_aliases(ALIAS_DATA);
475 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data1").c_str(), buffer1, CKM::Policy())),
476 "Error=" << CKMErrorToString(temp));
478 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data2").c_str(), buffer2, CKM::Policy())),
479 "Error=" << CKMErrorToString(temp));
481 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data3").c_str(), buffer3, CKM::Policy(CKM::Password(), true))),
482 "Error=" << CKMErrorToString(temp));
484 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer3, CKM::Policy(CKM::Password(), false))),
485 "Error=" << CKMErrorToString(temp));
487 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
488 "Error=" << CKMErrorToString(temp));
490 labelAliasVector.size() == (current_aliases_num+3),
491 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
493 CKM::RawBuffer buffer;
495 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
496 "Error=" << CKMErrorToString(temp));
502 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password("Password"), buffer)),
503 "The wrong password should be ignored because non was used in saveData. Error=" << CKMErrorToString(temp));
506 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
508 ScopedDBUnlock unlock(USER_APP, APP_PASS);
509 ScopedAccessProvider ap(TEST_LABEL);
510 ap.allowAPI("key-manager::api-storage", "rw");
511 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
514 auto manager = CKM::Manager::create();
516 std::string binData = "My bin data";
518 CKM::RawBuffer buffer(binData.begin(), binData.end());
520 CKM::AliasVector labelAliasVector;
522 size_t current_aliases_num = count_aliases(ALIAS_DATA);
524 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
525 "Error=" << CKMErrorToString(temp));
527 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
528 "Error=" << CKMErrorToString(temp));
530 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
531 "Error=" << CKMErrorToString(temp));
533 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
534 "Error=" << CKMErrorToString(temp));
536 labelAliasVector.size() == (current_aliases_num+3),
537 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
540 RUNNER_TEST(T1033_remove_bin_data)
543 auto manager = CKM::Manager::create();
545 std::string binData2 = "My bin data2";
546 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
548 CKM::AliasVector labelAliasVector;
550 size_t current_aliases_num = count_aliases(ALIAS_DATA);
551 std::string invalid_address = sharedDatabase("i-do-not-exist");
553 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
554 "Error=" << CKMErrorToString(temp));
556 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data1").c_str())),
557 "Error=" << CKMErrorToString(temp));
559 CKM_API_SUCCESS == (temp = manager->removeAlias(sharedDatabase("data3").c_str())),
560 "Error=" << CKMErrorToString(temp));
562 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
563 "Error=" << CKMErrorToString(temp));
565 labelAliasVector.size() == (current_aliases_num-2),
566 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
568 CKM::RawBuffer buffer;
570 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data2").c_str(), CKM::Password(), buffer)),
571 "Error=" << CKMErrorToString(temp));
576 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(sharedDatabase("data3").c_str(), CKM::Password(), buffer)),
577 "Error=" << CKMErrorToString(temp));
580 RUNNER_TEST(T1034_app_remove_bin_data)
582 ScopedDBUnlock unlock(USER_APP, APP_PASS);
583 ScopedAccessProvider ap(TEST_LABEL);
584 ap.allowAPI("key-manager::api-storage", "rw");
585 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
588 auto manager = CKM::Manager::create();
590 std::string binData2 = "My bin data";
591 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
593 CKM::AliasVector labelAliasVector;
595 size_t current_aliases_num = count_aliases(ALIAS_DATA);
596 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
598 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
599 "Error=" << CKMErrorToString(temp));
601 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
602 "Error=" << CKMErrorToString(temp));
604 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
605 "Error=" << CKMErrorToString(temp));
607 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
608 "Error=" << CKMErrorToString(temp));
610 labelAliasVector.size() == (current_aliases_num-2),
611 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
613 CKM::RawBuffer buffer;
615 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
616 "Error=" << CKMErrorToString(temp));
621 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
622 "Error=" << CKMErrorToString(temp));
625 RUNNER_TEST(T1035_getData_wrong_password)
628 auto manager = CKM::Manager::create();
630 std::string binData1 = "My bin data4";
632 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
635 CKM_API_SUCCESS == (temp = manager->saveData(sharedDatabase("data4").c_str(), buffer1, CKM::Policy("CorrectPassword"))),
636 "Error=" << CKMErrorToString(temp));
638 CKM::RawBuffer buffer;
640 CKM_API_SUCCESS == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("CorrectPassword"), buffer)),
641 "Error=" << CKMErrorToString(temp));
647 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData(sharedDatabase("data4").c_str(), CKM::Password("WrongPassword"), buffer)),
648 "Error=" << CKMErrorToString(temp));
651 RUNNER_TEST(T1036_deinit)
654 remove_user_data(USER_APP);
657 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
659 RUNNER_TEST(T1040_init)
662 auto control = CKM::Control::create();
665 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
666 "Error=" << CKMErrorToString(temp));
669 RUNNER_CHILD_TEST(T1041_create_RSA_key)
672 auto manager = CKM::Manager::create();
675 ScopedAccessProvider ap(TEST_LABEL_2);
676 ap.allowAPI("key-manager::api-storage", "rw");
677 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
679 size_t current_aliases_num = count_aliases(ALIAS_KEY);
681 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
682 "Error=" << CKMErrorToString(temp));
684 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
685 "Error=" << CKMErrorToString(temp));
687 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
688 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
691 RUNNER_CHILD_TEST(T1042_create_RSA_key_foreign_label)
694 auto manager = CKM::Manager::create();
697 ScopedAccessProvider ap(TEST_LABEL_2);
698 ap.allowAPI("key-manager::api-storage", "rw");
699 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
702 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
703 "Error=" << CKMErrorToString(temp));
705 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
706 "Error=" << CKMErrorToString(temp));
709 RUNNER_CHILD_TEST(T1043_create_DSA_key)
712 auto manager = CKM::Manager::create();
715 ScopedAccessProvider ap(TEST_LABEL_3);
716 ap.allowAPI("key-manager::api-storage", "rw");
717 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
719 size_t current_aliases_num = count_aliases(ALIAS_KEY);
721 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
722 "Error=" << CKMErrorToString(temp));
724 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
725 "Error=" << CKMErrorToString(temp));
727 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
728 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
731 RUNNER_CHILD_TEST(T1044_create_AES_key)
734 auto manager = CKM::Manager::create();
737 AccessProvider ap(TEST_LABEL_4);
738 ap.allowAPI("key-manager::api-storage", "rw");
739 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
741 int current_aliases_num = count_aliases(ALIAS_KEY);
743 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
744 "Error=" << CKMErrorToString(temp));
746 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
747 "Error=" << CKMErrorToString(temp));
749 (current_aliases_num+1) == (temp = av.size()),
750 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
753 RUNNER_TEST(T1049_deinit)
755 remove_user_data(USER_APP);
759 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
761 RUNNER_TEST(T1110_init)
763 unlock_user_data(USER_APP, "user-pass");
766 RUNNER_TEST(T1111_CreateKeyPairRSA)
769 auto manager = CKM::Manager::create();
770 CKM::Alias a1 = sharedDatabase("rsa-test-1");
771 CKM::Alias a2 = sharedDatabase("rsa-test-2");
775 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
776 "Error=" << CKMErrorToString(temp));
778 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
779 "Error=" << CKMErrorToString(temp));
782 RUNNER_TEST(T1112_CreateKeyPairDSA)
785 auto manager = CKM::Manager::create();
786 CKM::Alias a1 = sharedDatabase("dsa-test-1");
787 CKM::Alias a2 = sharedDatabase("dsa-test-2");
791 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
792 "Error=" << CKMErrorToString(temp));
794 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
795 "Error=" << CKMErrorToString(temp));
798 RUNNER_TEST(T1113_CreateKeyPairECDSA)
801 auto manager = CKM::Manager::create();
802 CKM::Alias a1 = sharedDatabase("ecdsa-test-1");
803 CKM::Alias a2 = sharedDatabase("ecdsa-test-2");
807 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
808 "Error=" << CKMErrorToString(temp));
811 RUNNER_TEST(T1114_deinit)
816 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
818 RUNNER_TEST(T12100_init)
820 reset_user_data(USER_APP, APP_PASS);
823 RUNNER_TEST(T12101_key_exist)
825 ScopedDBUnlock unlock(USER_APP, APP_PASS);
826 ScopedAccessProvider ap(TEST_LABEL);
827 ap.allowAPI("key-manager::api-storage", "rw");
828 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
831 auto manager = CKM::Manager::create();
833 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
834 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
835 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
836 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
837 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
838 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
839 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
841 "-----END PUBLIC KEY-----";
843 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
844 auto key = CKM::Key::create(buffer);
845 CKM::Alias alias = "rsa-alias-duplication";
848 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
849 "Error=" << CKMErrorToString(ret));
851 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
852 "Error=" << CKMErrorToString(ret));
856 * These test cases tests API when empty parameters are passed to functions
859 RUNNER_TEST(T12102_saveKey_empty_alias)
861 ScopedDBUnlock unlock(USER_APP, APP_PASS);
862 ScopedAccessProvider ap(TEST_LABEL);
863 ap.allowAPI("key-manager::api-storage", "rw");
864 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
866 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
867 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
868 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
869 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
870 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
871 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
872 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
873 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
875 "-----END PUBLIC KEY-----";
877 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
878 auto key = CKM::Key::create(buffer);
879 CKM::Alias alias; //alias is not initialized
882 auto manager = CKM::Manager::create();
884 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
885 "Error=" << CKMErrorToString(ret));
888 RUNNER_TEST(T12103_saveKey_foreign_label)
890 ScopedDBUnlock unlock(USER_APP, APP_PASS);
891 ScopedAccessProvider ap(TEST_LABEL);
892 ap.allowAPI("key-manager::api-storage", "rw");
893 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
895 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
896 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
897 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
898 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
899 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
900 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
901 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
903 "-----END PUBLIC KEY-----";
905 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
906 auto key = CKM::Key::create(buffer);
907 CKM::Alias alias = "iamsomebodyelse alias";
910 auto manager = CKM::Manager::create();
912 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
913 "Error=" << CKMErrorToString(ret));
916 RUNNER_TEST(T12104_saveKey_empty_key)
918 ScopedDBUnlock unlock(USER_APP, APP_PASS);
919 ScopedAccessProvider ap(TEST_LABEL);
920 ap.allowAPI("key-manager::api-storage", "rw");
921 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
923 CKM::KeyShPtr key; //key is not initialized
924 CKM::Alias alias = "empty-key";
927 auto manager = CKM::Manager::create();
929 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
930 "Error=" << CKMErrorToString(ret));
933 RUNNER_TEST(T12105_saveCertificate_empty_alias)
935 ScopedDBUnlock unlock(USER_APP, APP_PASS);
936 ScopedAccessProvider ap(TEST_LABEL);
937 ap.allowAPI("key-manager::api-storage", "rw");
938 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
940 auto cert = TestData::getTestCertificate(TestData::GIAG2);
941 CKM::Alias alias; //alias is not initialized
944 auto manager = CKM::Manager::create();
946 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
947 "Error=" << CKMErrorToString(temp));
950 RUNNER_TEST(T12106_saveCertificate_foreign_label)
952 ScopedDBUnlock unlock(USER_APP, APP_PASS);
953 ScopedAccessProvider ap(TEST_LABEL);
954 ap.allowAPI("key-manager::api-storage", "rw");
955 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
957 auto cert = TestData::getTestCertificate(TestData::GIAG2);
958 CKM::Alias alias = "iamsomebodyelse alias";
961 auto manager = CKM::Manager::create();
963 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
964 "Error=" << CKMErrorToString(temp));
967 RUNNER_TEST(T12107_saveCertificate_empty_cert)
969 ScopedDBUnlock unlock(USER_APP, APP_PASS);
970 ScopedAccessProvider ap(TEST_LABEL);
971 ap.allowAPI("key-manager::api-storage", "rw");
972 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
974 CKM::CertificateShPtr cert; //cert is not initialized
975 CKM::Alias alias = "empty-cert";
978 auto manager = CKM::Manager::create();
980 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
981 "Error=" << CKMErrorToString(temp));
984 RUNNER_TEST(T12108_saveData_empty_alias)
986 ScopedDBUnlock unlock(USER_APP, APP_PASS);
987 ScopedAccessProvider ap(TEST_LABEL);
988 ap.allowAPI("key-manager::api-storage", "rw");
989 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
991 std::string testData = "test data test data test data";
992 CKM::RawBuffer buffer(testData.begin(), testData.end());
996 auto manager = CKM::Manager::create();
998 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
999 "Error=" << CKMErrorToString(temp));
1002 RUNNER_TEST(T12109_saveData_foreign_label)
1004 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1005 ScopedAccessProvider ap(TEST_LABEL);
1006 ap.allowAPI("key-manager::api-storage", "rw");
1007 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1009 std::string testData = "test data test data test data";
1010 CKM::RawBuffer buffer(testData.begin(), testData.end());
1011 CKM::Alias alias = "iamsomebodyelse alias";
1014 auto manager = CKM::Manager::create();
1016 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1017 "Error=" << CKMErrorToString(temp));
1020 RUNNER_TEST(T12110_saveData_empty_data)
1022 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1023 ScopedAccessProvider ap(TEST_LABEL);
1024 ap.allowAPI("key-manager::api-storage", "rw");
1025 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1027 CKM::RawBuffer buffer;
1028 CKM::Alias alias = "empty-data";
1031 auto manager = CKM::Manager::create();
1033 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1034 "Error=" << CKMErrorToString(temp));
1038 * These test cases tests API when trying to get data from not existing alias
1041 RUNNER_TEST(T12111_getKey_alias_not_exist)
1043 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1044 ScopedAccessProvider ap(TEST_LABEL);
1045 ap.allowAPI("key-manager::api-storage", "rw");
1046 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1049 CKM::Alias alias = "this-alias-not-exist";
1052 auto manager = CKM::Manager::create();
1054 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1055 "Error=" << CKMErrorToString(temp));
1058 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1060 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1061 ScopedAccessProvider ap(TEST_LABEL);
1062 ap.allowAPI("key-manager::api-storage", "rw");
1063 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1065 CKM::CertificateShPtr certificate;
1066 CKM::Alias alias = "this-alias-not-exist";
1069 auto manager = CKM::Manager::create();
1071 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1072 "Error=" << CKMErrorToString(temp));
1075 RUNNER_TEST(T12113_getData_alias_not_exist)
1077 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1078 ScopedAccessProvider ap(TEST_LABEL);
1079 ap.allowAPI("key-manager::api-storage", "rw");
1080 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1083 auto manager = CKM::Manager::create();
1084 CKM::RawBuffer buffer;
1085 CKM::Alias alias("some alias");
1087 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1088 "Error=" << CKMErrorToString(temp));
1092 * These test cases tests API when damaged keys are used
1094 RUNNER_TEST(T12114_RSA_key_damaged)
1096 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1097 ScopedAccessProvider ap(TEST_LABEL);
1098 ap.allowAPI("key-manager::api-storage", "rw");
1099 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1102 auto manager = CKM::Manager::create();
1104 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1105 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1106 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1107 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1108 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1109 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1110 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1112 "-----END PUBLIC KEY-----";
1114 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1115 auto key = CKM::Key::create(buffer);
1116 CKM::Alias alias = "damaged-rsa";
1119 NULL == key.get(), "Key is broken. It should be empty");
1122 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1123 "Error=" << CKMErrorToString(ret));
1126 RUNNER_TEST(T12115_RSA_key_too_short)
1128 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1129 ScopedAccessProvider ap(TEST_LABEL);
1130 ap.allowAPI("key-manager::api-storage", "rw");
1131 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1134 auto manager = CKM::Manager::create();
1136 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1137 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1138 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1139 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1140 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1141 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1142 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1144 "-----END PUBLIC KEY-----";
1146 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1147 auto key = CKM::Key::create(buffer);
1148 CKM::Alias alias = "short-rsa";
1151 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1152 "Error=" << CKMErrorToString(ret));
1155 RUNNER_TEST(T12116_DSA_key_too_short)
1157 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1158 ScopedAccessProvider ap(TEST_LABEL);
1159 ap.allowAPI("key-manager::api-storage", "rw");
1160 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1163 auto manager = CKM::Manager::create();
1165 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1166 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1167 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1168 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1169 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1170 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1171 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1172 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1173 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1174 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1175 "YMYCBhubtrVaLmc=\n"
1176 "-----END PUBLIC KEY-----";
1178 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1179 auto key = CKM::Key::create(buffer);
1180 CKM::Alias alias = "short-dsa";
1183 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1184 "Error=" << CKMErrorToString(ret));
1187 RUNNER_TEST(T12117_AES_key_too_short)
1190 auto manager = CKM::Manager::create();
1192 size_t key_size = (128-1);
1193 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1195 auto key = CKM::Key::create(key_AES);
1196 CKM::Alias alias = "short-AES";
1199 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1200 "Error=" << CKMErrorToString(ret));
1204 * These test cases tests CKM service if malicious data is provided over the socket.
1207 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1209 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1210 ScopedAccessProvider ap(TEST_LABEL);
1211 ap.allowAPI("key-manager::api-storage", "rw");
1212 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1215 auto manager = CKM::Manager::create();
1217 // fake the client - let the service detect the problem
1218 class WrongKeyImpl : public CKM::Key
1221 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1224 virtual bool empty() const {
1228 virtual CKM::KeyType getType() const {
1229 return CKM::KeyType::KEY_RSA_PUBLIC;
1231 virtual int getSize() const {
1234 virtual CKM::ElipticCurve getCurve() const {
1235 return CKM::ElipticCurve::prime192v1;
1237 virtual CKM::RawBuffer getDER() const {
1240 virtual ~WrongKeyImpl() {}
1242 CKM::RawBuffer & m_dummy;
1244 std::string dummyData = "my_cat_Berta\n";
1245 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1246 auto key = std::make_shared<WrongKeyImpl>(buffer);
1247 CKM::Alias alias = "damaged-rsa";
1250 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1251 "Error=" << CKMErrorToString(ret));
1254 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1256 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1257 ScopedAccessProvider ap(TEST_LABEL);
1258 ap.allowAPI("key-manager::api-storage", "rw");
1259 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
1261 // fake the client - let the service detect the problem
1262 class WrongCertImpl : public CKM::Certificate
1265 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1266 m_x509 = X509_new();
1269 bool empty() const {
1273 virtual X509 *getX509() const {
1277 virtual CKM::RawBuffer getDER() const {
1281 virtual ~WrongCertImpl() {
1286 CKM::RawBuffer & m_dummy;
1288 std::string dummyData = "my_cat_Stefan\n";
1289 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1290 auto cert = std::make_shared<WrongCertImpl>(buffer);
1291 CKM::Alias alias = "damaged-cert";
1294 auto manager = CKM::Manager::create();
1296 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1297 "Error=" << CKMErrorToString(temp));
1300 RUNNER_TEST(T12120_deinit)
1302 remove_user_data(USER_APP);
1305 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1307 RUNNER_TEST(T1311_init)
1309 remove_user_data(0);
1310 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1311 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1313 struct hostent* he = gethostbyname("google.com");
1315 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1316 "is not woking on the device. OCSP tests requires network access!");
1319 RUNNER_TEST(T13121_get_chain_no_cert)
1321 CKM::CertificateShPtrVector certChain;
1322 CKM::CertificateShPtr cert;
1324 auto manager = CKM::Manager::create();
1326 int ret = manager->getCertificateChain(cert,
1331 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1332 "Function should fail for empty certificate");
1335 RUNNER_TEST(T13122_get_chain_empty_cert)
1337 CKM::CertificateShPtrVector certChain;
1338 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1339 CKM::DataFormat::FORM_PEM);
1341 auto manager = CKM::Manager::create();
1343 int ret = manager->getCertificateChain(cert,
1348 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1349 "Function should fail for empty certificate");
1352 RUNNER_TEST(T13129_get_chain)
1354 auto cert = TestData::getTestCertificate(TestData::MBANK);
1355 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1357 CKM::CertificateShPtrVector certVector = {cert1};
1358 CKM::CertificateShPtrVector certChain;
1361 auto manager = CKM::Manager::create();
1363 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1364 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1366 tmp = manager->getCertificateChain(cert,
1371 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1372 "Error=" << CKMErrorToString(tmp));
1375 0 == certChain.size(),
1376 "Wrong size of certificate chain.");
1378 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1379 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1382 3 == certChain.size(),
1383 "Wrong size of certificate chain.");
1386 RUNNER_TEST(T1313_get_chain_with_alias)
1388 auto cert = TestData::getTestCertificate(TestData::MBANK);
1389 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1391 CKM::CertificateShPtrVector certChain;
1392 CKM::AliasVector aliasVector;
1393 CKM::Alias alias = sharedDatabase("imcert");
1396 auto manager = CKM::Manager::create();
1398 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1399 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1401 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1402 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1403 "Error=" << CKMErrorToString(tmp));
1406 0 == certChain.size(),
1407 "Wrong size of certificate chain.");
1410 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1411 "Error=" << CKMErrorToString(tmp));
1413 aliasVector.push_back(alias);
1415 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1416 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1419 3 == certChain.size(),
1420 "Wrong size of certificate chain.");
1423 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1425 auto cert = TestData::getTestCertificate(TestData::MBANK);
1426 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1427 CKM::CertificateShPtrVector certVector = {cert1};
1428 CKM::CertificateShPtrVector certChain;
1431 auto manager = CKM::Manager::create();
1433 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1434 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1436 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1437 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1438 "Error=" << CKMErrorToString(tmp));
1441 0 == certChain.size(),
1442 "Wrong size of certificate chain.");
1444 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1445 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1448 3 == certChain.size(),
1449 "Wrong size of certificate chain.");
1453 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1454 "Error=" << CKMErrorToString(tmp));
1456 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1459 RUNNER_TEST(T13142_ocsp_check_empty)
1461 CKM::CertificateShPtrVector certVector;
1463 auto manager = CKM::Manager::create();
1468 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1469 "ocspCheck should fail for empty certificate vector");
1472 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1474 CKM::CertificateShPtrVector certVector = {
1475 CKM::CertificateShPtr(),
1476 CKM::CertificateShPtr(),
1477 CKM::CertificateShPtr()};
1479 auto manager = CKM::Manager::create();
1484 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1485 "ocspCheck should fail for empty certificate vector");
1488 RUNNER_TEST(T13144_ocsp_check_root)
1490 auto root = TestData::getTestCertificate(TestData::EQUIFAX);
1491 CKM::CertificateShPtrVector certVector = {root};
1493 auto manager = CKM::Manager::create();
1495 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1500 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1501 "Ocsp should fail for single certificate");
1504 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1506 auto root = TestData::getTestCertificate(TestData::EQUIFAX);
1507 auto ca2 = TestData::getTestCertificate(TestData::GEOTRUST);
1508 auto ca1 = TestData::getTestCertificate(TestData::GIAG2);
1510 CKM::CertificateShPtrVector certVector = {ca1, ca2, root};
1512 auto manager = CKM::Manager::create();
1514 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1515 RUNNER_ASSERT_MSG(NULL != ca2.get(), "Certificate should not be empty");
1516 RUNNER_ASSERT_MSG(NULL != ca1.get(), "Certificate should not be empty");
1521 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1522 "Error=" << CKMErrorToString(tmp));
1524 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1527 RUNNER_TEST(T1315_deinit)
1529 remove_user_data(0);
1532 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1534 RUNNER_TEST(T1411_init)
1536 remove_user_data(0);
1539 RUNNER_TEST(T1412_RSA_key_create_verify)
1542 auto manager = CKM::Manager::create();
1544 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1545 "Proc-Type: 4,ENCRYPTED\n"
1546 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1548 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1549 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1550 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1551 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1552 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1553 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1554 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1555 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1556 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1557 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1558 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1559 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1560 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1561 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1562 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1563 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1564 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1565 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1566 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1567 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1568 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1569 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1570 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1571 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1572 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1573 "-----END RSA PRIVATE KEY-----\n";
1575 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1576 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1577 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1578 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1579 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1580 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1581 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1583 "-----END PUBLIC KEY-----\n";
1585 std::string message = "message test";
1587 CKM::Alias aliasPub = sharedDatabase("pub1");
1588 CKM::Alias aliasPrv = sharedDatabase("prv1");
1589 CKM::Password password = "1234";
1590 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1591 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1592 CKM::RawBuffer signature;
1594 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1595 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1597 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1598 "Key is empty. Failed to import public key.");
1599 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1600 "Key is empty. Failed to import private key.");
1603 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1604 "Error=" << CKMErrorToString(temp));
1606 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1607 "Error=" << CKMErrorToString(temp));
1610 CKM_API_SUCCESS == (temp = manager->createSignature(
1613 CKM::RawBuffer(message.begin(), message.end()),
1617 "Error=" << CKMErrorToString(temp));
1620 CKM_API_SUCCESS == (temp = manager->verifySignature(
1623 CKM::RawBuffer(message.begin(), message.end()),
1627 "Error=" << CKMErrorToString(temp));
1630 RUNNER_TEST(T1413_DSA_key_create_verify)
1633 auto manager = CKM::Manager::create();
1635 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1636 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1637 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1638 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1639 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1640 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1641 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1642 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1643 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1644 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1645 "u1roOuaPY+Hl19BlTE2qdw==\n"
1646 "-----END DSA PRIVATE KEY-----";
1648 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1649 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1650 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1651 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1652 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1653 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1654 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1655 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1656 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1657 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1658 "YMYCBhubtrVaLmc=\n"
1659 "-----END PUBLIC KEY-----";
1661 std::string message = "message test";
1663 CKM::Alias aliasPub = sharedDatabase("pub2");
1664 CKM::Alias aliasPrv = sharedDatabase("prv2");
1665 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1666 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1667 CKM::RawBuffer signature;
1669 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1670 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1672 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1673 "Key is empty. Failed to import public key.");
1674 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1675 "Key is empty. Failed to import private key.");
1678 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1679 "Error=" << CKMErrorToString(temp));
1681 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1682 "Error=" << CKMErrorToString(temp));
1685 CKM_API_SUCCESS == (temp = manager->createSignature(
1688 CKM::RawBuffer(message.begin(), message.end()),
1692 "Error=" << CKMErrorToString(temp));
1695 CKM_API_SUCCESS == (temp = manager->verifySignature(
1698 CKM::RawBuffer(message.begin(), message.end()),
1702 "Error=" << CKMErrorToString(temp));
1706 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1709 auto manager = CKM::Manager::create();
1711 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1712 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1713 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1714 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1715 "-----END EC PRIVATE KEY-----\n";
1717 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1718 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1719 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1720 "-----END PUBLIC KEY-----\n";
1722 std::string message = "message test";
1724 CKM::Alias aliasPub = sharedDatabase("ecpub2");
1725 CKM::Alias aliasPrv = sharedDatabase("ecprv2");
1726 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1727 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1728 CKM::RawBuffer signature;
1730 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1731 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1733 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1734 "Key is empty. Failed to import public key.");
1735 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1736 "Key is empty. Failed to import private key.");
1739 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1740 "Error=" << CKMErrorToString(temp));
1742 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1743 "Error=" << CKMErrorToString(temp));
1746 CKM_API_SUCCESS == (temp = manager->createSignature(
1749 CKM::RawBuffer(message.begin(), message.end()),
1753 "Error=" << CKMErrorToString(temp));
1756 CKM_API_SUCCESS == (temp = manager->verifySignature(
1759 CKM::RawBuffer(message.begin(), message.end()),
1763 "Error=" << CKMErrorToString(temp));
1765 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1767 memcpy((void*)signature.data(), "BROKEN", 6);
1770 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1773 CKM::RawBuffer(message.begin(), message.end()),
1777 "Error=" << CKMErrorToString(temp));
1780 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1783 auto manager = CKM::Manager::create();
1784 std::string message = "message asdfaslkdfjlksadjf test";
1786 CKM::Alias aliasPub = sharedDatabase("pub1");
1787 CKM::Alias aliasPrv = sharedDatabase("prv1");
1789 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1790 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1791 CKM::RawBuffer signature;
1794 CKM_API_SUCCESS == (temp = manager->createSignature(
1797 CKM::RawBuffer(message.begin(), message.end()),
1801 "Error=" << CKMErrorToString(temp));
1804 CKM_API_SUCCESS == (temp = manager->verifySignature(
1807 CKM::RawBuffer(message.begin(), message.end()),
1811 "Error=" << CKMErrorToString(temp));
1813 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1814 memcpy((void*)signature.data(), "BROKEN", 6);
1817 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1820 CKM::RawBuffer(message.begin(), message.end()),
1824 "Error=" << CKMErrorToString(temp));
1827 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1830 auto manager = CKM::Manager::create();
1831 std::string message = "message asdfaslkdfjlksadjf test";
1833 CKM::Alias aliasPub = sharedDatabase("pub2");
1834 CKM::Alias aliasPrv = sharedDatabase("prv2");
1836 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1837 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1838 CKM::RawBuffer signature;
1841 CKM_API_SUCCESS == (temp = manager->createSignature(
1844 CKM::RawBuffer(message.begin(), message.end()),
1848 "Error=" << CKMErrorToString(temp));
1851 CKM_API_SUCCESS == (temp = manager->verifySignature(
1854 CKM::RawBuffer(message.begin(), message.end()),
1858 "Error=" << CKMErrorToString(temp));
1860 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1861 memcpy((void*)signature.data(), "BROKEN", 6);
1864 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1867 CKM::RawBuffer(message.begin(), message.end()),
1871 "Error=" << CKMErrorToString(temp));
1874 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1877 auto manager = CKM::Manager::create();
1880 "-----BEGIN RSA PRIVATE KEY-----\n"
1881 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1882 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1883 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1884 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1885 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1886 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1887 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1888 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1889 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1890 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1891 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1892 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1893 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1894 "-----END RSA PRIVATE KEY-----\n";
1897 "-----BEGIN CERTIFICATE-----\n"
1898 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1899 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1900 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1901 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1902 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1903 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1904 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1905 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1906 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1907 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1908 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1909 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1910 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1911 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1912 "-----END CERTIFICATE-----\n";
1914 std::string message = "message test";
1916 CKM::Alias aliasPub = sharedDatabase("pub1-cert");
1917 CKM::Alias aliasPrv = sharedDatabase("prv1-cert");
1918 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1919 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1920 CKM::RawBuffer signature;
1922 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1923 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1925 RUNNER_ASSERT_MSG(NULL != cert.get(),
1926 "Key is empty. Failed to import public key.");
1927 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1928 "Key is empty. Failed to import private key.");
1931 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1932 "Error=" << CKMErrorToString(temp));
1934 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1935 "Error=" << CKMErrorToString(temp));
1938 CKM_API_SUCCESS == (temp = manager->createSignature(
1941 CKM::RawBuffer(message.begin(), message.end()),
1945 "Error=" << CKMErrorToString(temp));
1948 CKM_API_SUCCESS == (temp = manager->verifySignature(
1951 CKM::RawBuffer(message.begin(), message.end()),
1955 "Error=" << CKMErrorToString(temp));
1957 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1959 memcpy((void*)signature.data(), "BROKEN", 6);
1962 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1965 CKM::RawBuffer(message.begin(), message.end()),
1969 "Error=" << CKMErrorToString(temp));
1972 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1975 auto manager = CKM::Manager::create();
1977 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1978 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1979 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1980 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1981 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1982 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1983 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1984 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1985 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1986 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1987 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1988 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1989 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1990 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1991 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1992 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1993 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1994 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1995 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1996 "-----END CERTIFICATE-----\n";
1998 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1999 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
2000 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
2001 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
2002 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2003 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2004 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2005 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2006 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2007 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2008 "vonbjii3BYe4AIdkzOvp\n"
2009 "-----END DSA PRIVATE KEY-----\n";
2011 std::string message = "message test";
2013 CKM::Alias aliasPub = sharedDatabase("pub2-cert");
2014 CKM::Alias aliasPrv = sharedDatabase("prv2-cert");
2015 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2016 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2017 CKM::RawBuffer signature;
2019 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2020 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2022 RUNNER_ASSERT_MSG(NULL != cert.get(),
2023 "Key is empty. Failed to import public key.");
2024 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2025 "Key is empty. Failed to import private key.");
2028 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2029 "Error=" << CKMErrorToString(temp));
2031 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2032 "Error=" << CKMErrorToString(temp));
2035 CKM_API_SUCCESS == (temp = manager->createSignature(
2038 CKM::RawBuffer(message.begin(), message.end()),
2042 "Error=" << CKMErrorToString(temp));
2045 CKM_API_SUCCESS == (temp = manager->verifySignature(
2048 CKM::RawBuffer(message.begin(), message.end()),
2052 "Error=" << CKMErrorToString(temp));
2054 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2056 memcpy((void*)signature.data(), "BROKEN", 6);
2059 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2062 CKM::RawBuffer(message.begin(), message.end()),
2066 "Error=" << CKMErrorToString(temp));
2069 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2072 auto manager = CKM::Manager::create();
2075 "-----BEGIN EC PRIVATE KEY-----\n"
2076 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2077 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2078 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2079 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2080 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2081 "ELyhe7yPCAuOoLZlTLgf\n"
2082 "-----END EC PRIVATE KEY-----\n";
2085 "-----BEGIN CERTIFICATE-----\n"
2086 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2087 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2088 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2089 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2090 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2091 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2092 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2093 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2094 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2095 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2096 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2097 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2098 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2099 "Q1oBry6NEc+lLFmWMDesAA==\n"
2100 "-----END CERTIFICATE-----\n";
2102 std::string message = "message test";
2104 CKM::Alias aliasPub = sharedDatabase("pub3");
2105 CKM::Alias aliasPrv = sharedDatabase("prv3");
2106 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2107 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2108 CKM::RawBuffer signature;
2110 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2111 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2113 RUNNER_ASSERT_MSG(NULL != cert.get(),
2114 "Key is empty. Failed to import public key.");
2115 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2116 "Key is empty. Failed to import private key.");
2119 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2120 "Error=" << CKMErrorToString(temp));
2122 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2123 "Error=" << CKMErrorToString(temp));
2126 CKM_API_SUCCESS == (temp = manager->createSignature(
2129 CKM::RawBuffer(message.begin(), message.end()),
2133 "Error=" << CKMErrorToString(temp));
2136 CKM_API_SUCCESS == (temp = manager->verifySignature(
2139 CKM::RawBuffer(message.begin(), message.end()),
2143 "Error=" << CKMErrorToString(temp));
2145 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2147 memcpy((void*)signature.data(), "BROKEN", 6);
2150 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2153 CKM::RawBuffer(message.begin(), message.end()),
2157 "Error=" << CKMErrorToString(temp));
2160 RUNNER_TEST(T1420_deinit)
2162 remove_user_data(0);
2165 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2167 RUNNER_TEST(T14180_init)
2170 remove_user_data(0);
2172 auto manager = CKM::Manager::create();
2174 // Prepare RSA Key Pair
2175 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2176 "Proc-Type: 4,ENCRYPTED\n"
2177 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2179 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2180 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2181 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2182 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2183 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2184 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2185 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2186 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2187 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2188 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2189 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2190 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2191 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2192 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2193 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2194 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2195 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2196 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2197 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2198 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2199 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2200 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2201 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2202 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2203 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2204 "-----END RSA PRIVATE KEY-----\n";
2206 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2207 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2208 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2209 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2210 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2211 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2212 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2214 "-----END PUBLIC KEY-----\n";
2216 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2217 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2218 CKM::Password password = "1234";
2220 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2221 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2223 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2224 "Key is empty. Failed to import public key.");
2225 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2226 "Key is empty. Failed to import private key.");
2229 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2230 "Error=" << CKMErrorToString(temp));
2232 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2233 "Error=" << CKMErrorToString(temp));
2235 // Prepare ECDSA Key Pair
2236 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2237 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2238 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2239 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2240 "-----END EC PRIVATE KEY-----\n";
2242 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2243 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2244 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2245 "-----END PUBLIC KEY-----\n";
2247 CKM::Alias aliasEcPub = sharedDatabase("ecpub_nohash1");
2248 CKM::Alias aliasEcPrv = sharedDatabase("ecprv_nohash1");
2250 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2251 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2253 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2254 "Key is empty. Failed to import public key.");
2255 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2256 "Key is empty. Failed to import private key.");
2259 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2260 "Error=" << CKMErrorToString(temp));
2262 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2263 "Error=" << CKMErrorToString(temp));
2267 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2270 auto manager = CKM::Manager::create();
2271 std::string message = "message asdfaslkdfjlksadjf test";
2273 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2274 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2276 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2277 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2278 CKM::RawBuffer signature;
2281 CKM_API_SUCCESS == (temp = manager->createSignature(
2284 CKM::RawBuffer(message.begin(), message.end()),
2288 "Error=" << CKMErrorToString(temp));
2291 CKM_API_SUCCESS == (temp = manager->verifySignature(
2294 CKM::RawBuffer(message.begin(), message.end()),
2298 "Error=" << CKMErrorToString(temp));
2300 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2301 memcpy((void*)signature.data(), "BROKEN", 6);
2304 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2307 CKM::RawBuffer(message.begin(), message.end()),
2311 "Error=" << CKMErrorToString(temp));
2314 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2317 auto manager = CKM::Manager::create();
2318 std::string message = "message asdfaslkdfjlksadjf test";
2320 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2321 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2323 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2324 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2325 CKM::RawBuffer signature;
2328 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2331 CKM::RawBuffer(message.begin(), message.end()),
2335 "Error=" << CKMErrorToString(temp));
2338 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2341 auto manager = CKM::Manager::create();
2342 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2343 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2344 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2345 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2346 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2347 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2348 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2349 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2350 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2351 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2352 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2353 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2354 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2355 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2356 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2357 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2358 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2359 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2360 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2361 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2363 CKM::Alias aliasPub = sharedDatabase("pub_nohash1");
2364 CKM::Alias aliasPrv = sharedDatabase("prv_nohash1");
2366 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2367 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2368 CKM::RawBuffer signature;
2371 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2374 CKM::RawBuffer(message.begin(), message.end()),
2378 "Error=" << CKMErrorToString(temp));
2382 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2385 auto manager = CKM::Manager::create();
2387 std::string message = "message test";
2389 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2390 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2391 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2392 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2393 CKM::RawBuffer signature;
2396 CKM_API_SUCCESS == (temp = manager->createSignature(
2399 CKM::RawBuffer(message.begin(), message.end()),
2403 "Error=" << CKMErrorToString(temp));
2406 CKM_API_SUCCESS == (temp = manager->verifySignature(
2409 CKM::RawBuffer(message.begin(), message.end()),
2413 "Error=" << CKMErrorToString(temp));
2415 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2417 memcpy((void*)signature.data(), "BROKEN", 6);
2420 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2423 CKM::RawBuffer(message.begin(), message.end()),
2427 "Error=" << CKMErrorToString(temp));
2430 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2433 auto manager = CKM::Manager::create();
2435 int msgSize = 1024*1024;
2436 char big_msg[msgSize];
2437 for(int i =0; i<msgSize-1; i++) {
2440 big_msg[msgSize-1]=0x00;
2441 std::string message(big_msg);
2443 CKM::Alias aliasPub = sharedDatabase("ecpub_nohash1");
2444 CKM::Alias aliasPrv = sharedDatabase("ecprv_nohash1");
2445 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2446 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2447 CKM::RawBuffer signature;
2450 CKM_API_SUCCESS == (temp = manager->createSignature(
2453 CKM::RawBuffer(message.begin(), message.end()),
2457 "Error=" << CKMErrorToString(temp));
2461 RUNNER_TEST(T14189_deinit)
2463 remove_user_data(0);
2467 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2469 RUNNER_TEST(T1510_init_unlock_key)
2471 reset_user_data(USER_TEST, APP_PASS);
2474 RUNNER_TEST(T1511_insert_data)
2476 auto certee = TestData::getTestCertificate(TestData::MBANK);
2477 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2478 CKM::Alias certeeAlias("CertEE");
2479 CKM::Alias certimAlias("CertIM");
2481 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2482 ScopedAccessProvider ap(TEST_LABEL);
2483 ap.allowAPI("key-manager::api-storage", "rw");
2484 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2486 auto manager = CKM::Manager::create();
2487 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
2488 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
2492 stop_service(MANAGER);
2493 start_service(MANAGER);
2497 ScopedDBUnlock unlock(USER_TEST, APP_PASS);
2498 ScopedAccessProvider ap(TEST_LABEL);
2499 ap.allowAPI("key-manager::api-storage", "rw");
2500 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2502 auto manager = CKM::Manager::create();
2503 int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
2504 int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
2506 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2507 "Certificate should be in database already. Error=" << CKMErrorToString(status1));
2509 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2510 "Certificate should be in database already. Error=" << CKMErrorToString(status2));
2514 RUNNER_TEST(T1519_deinit)
2516 remove_user_data(USER_TEST);
2519 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2521 RUNNER_TEST(T1701_init_unlock_key)
2523 unlock_user_data(USER_TEST+1, "t170-special-password");
2525 ScopedAccessProvider ap(TEST_LABEL_5);
2526 ap.allowAPI("key-manager::api-storage", "rw");
2527 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2530 RUNNER_CHILD_TEST(T1702_insert_data)
2533 ScopedAccessProvider ap(TEST_LABEL_5);
2534 ap.allowAPI("key-manager::api-storage", "rw");
2535 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2537 auto certee = TestData::getTestCertificate(TestData::MBANK);
2539 auto manager = CKM::Manager::create();
2540 size_t current_aliases_num = count_aliases(ALIAS_CERT);
2541 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2544 CKM_API_SUCCESS == status1,
2545 "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
2547 CKM::AliasVector av;
2549 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2550 "Error=" << CKMErrorToString(temp));
2552 (current_aliases_num+1) == static_cast<size_t>(temp = av.size()),
2553 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
2556 RUNNER_TEST(T1703_removeApplicationData)
2559 auto control = CKM::Control::create();
2561 CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL_5)),
2562 "Error=" << CKMErrorToString(tmp));
2565 RUNNER_CHILD_TEST(T1704_data_test)
2568 ScopedAccessProvider ap(TEST_LABEL_5);
2569 ap.allowAPI("key-manager::api-storage", "rw");
2570 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2572 CKM::AliasVector av;
2573 auto manager = CKM::Manager::create();
2576 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2577 "Error=" << CKMErrorToString(temp));
2579 0 == (temp = av.size()),
2580 "Vector size: " << temp << ". Expected: 0");
2583 RUNNER_TEST(T1705_deinit)
2585 remove_user_data(USER_TEST+1);
2588 RUNNER_TEST(T17101_init)
2592 auto control = CKM::Control::create();
2594 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2595 "Error=" << CKMErrorToString(tmp));
2597 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2598 "Error=" << CKMErrorToString(tmp));
2600 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2601 "Error=" << CKMErrorToString(tmp));
2604 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2605 "Error=" << CKMErrorToString(tmp));
2607 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2608 "Error=" << CKMErrorToString(tmp));
2610 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2611 "Error=" << CKMErrorToString(tmp));
2614 RUNNER_CHILD_TEST(T17102_prep_data_01)
2617 ScopedAccessProvider ap(TEST_LABEL);
2618 ap.allowAPI("key-manager::api-storage", "rw");
2619 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2621 CKM::AliasVector av;
2622 auto manager = CKM::Manager::create();
2624 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2626 CKM::RawBuffer buffer(data.begin(), data.end());
2627 CKM::Policy exportable(CKM::Password(), true);
2630 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2631 "Error=" << CKMErrorToString(temp));
2634 RUNNER_CHILD_TEST(T17103_prep_data_02)
2637 ScopedAccessProvider ap(TEST_LABEL_2);
2638 ap.allowAPI("key-manager::api-storage", "rw");
2639 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2641 CKM::AliasVector av;
2642 auto manager = CKM::Manager::create();
2644 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2646 CKM::RawBuffer buffer(data.begin(), data.end());
2647 CKM::Policy exportable(CKM::Password(), true);
2650 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2651 "Error=" << CKMErrorToString(temp));
2654 RUNNER_CHILD_TEST(T17104_prep_data_03)
2657 ScopedAccessProvider ap(TEST_LABEL);
2658 ap.allowAPI("key-manager::api-storage", "rw");
2659 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2661 CKM::AliasVector av;
2662 auto manager = CKM::Manager::create();
2664 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2666 CKM::RawBuffer buffer(data.begin(), data.end());
2667 CKM::Policy exportable(CKM::Password(), true);
2670 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2671 "Error=" << CKMErrorToString(temp));
2674 RUNNER_CHILD_TEST(T17105_prep_data_04)
2677 ScopedAccessProvider ap(TEST_LABEL_2);
2678 ap.allowAPI("key-manager::api-storage", "rw");
2679 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2681 CKM::AliasVector av;
2682 auto manager = CKM::Manager::create();
2684 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2686 CKM::RawBuffer buffer(data.begin(), data.end());
2687 CKM::Policy exportable(CKM::Password(), true);
2690 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2691 "Error=" << CKMErrorToString(temp));
2694 RUNNER_TEST(T17106_remove_application)
2698 auto control = CKM::Control::create();
2700 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2701 "Error=" << CKMErrorToString(tmp));
2703 CKM_API_SUCCESS == (tmp = control->removeApplicationData(TEST_LABEL)),
2704 "Error=" << CKMErrorToString(tmp));
2707 RUNNER_CHILD_TEST(T17107_check_data_01)
2710 ScopedAccessProvider ap(TEST_LABEL);
2711 ap.allowAPI("key-manager::api-storage", "rw");
2712 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2714 CKM::AliasVector av;
2715 auto manager = CKM::Manager::create();
2718 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2719 "Error=" << CKMErrorToString(temp));
2721 0 == (temp = av.size()),
2722 "Vector size: " << temp << ". Expected: 0");
2725 RUNNER_CHILD_TEST(T17108_check_data_02)
2728 ScopedAccessProvider ap(TEST_LABEL_2);
2729 ap.allowAPI("key-manager::api-storage", "rw");
2730 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2732 CKM::AliasVector av;
2733 auto manager = CKM::Manager::create();
2736 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2737 "Error=" << CKMErrorToString(temp));
2739 1 == (temp = av.size()),
2740 "Vector size: " << temp << ". Expected: 1");
2743 RUNNER_TEST(T17109_unlock_user2)
2747 auto control = CKM::Control::create();
2749 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2750 "Error=" << CKMErrorToString(tmp));
2753 RUNNER_CHILD_TEST(T17110_check_data_03)
2756 ScopedAccessProvider ap(TEST_LABEL);
2757 ap.allowAPI("key-manager::api-storage", "rw");
2758 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2760 CKM::AliasVector av;
2761 auto manager = CKM::Manager::create();
2764 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2765 "Error=" << CKMErrorToString(temp));
2767 0 == (temp = av.size()),
2768 "Vector size: " << temp << ". Expected: 0");
2771 RUNNER_CHILD_TEST(T17111_check_data_04)
2774 ScopedAccessProvider ap(TEST_LABEL_2);
2775 ap.allowAPI("key-manager::api-storage", "rw");
2776 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2778 CKM::AliasVector av;
2779 auto manager = CKM::Manager::create();
2782 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2783 "Error=" << CKMErrorToString(temp));
2785 1 == (temp = av.size()),
2786 "Vector size: " << temp << ". Expected: 1");
2789 RUNNER_TEST(T17112_deinit)
2791 remove_user_data(USER_TEST+2);
2792 remove_user_data(USER_TEST+3);
2795 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2799 CKM::Alias alias_PKCS_collision = sharedDatabase("test-PKCS-collision");
2800 CKM::Alias alias_PKCS_exportable = sharedDatabase("test-PKCS-export");
2801 CKM::Alias alias_PKCS_not_exportable = sharedDatabase("test-PKCS-no-export");
2802 CKM::Alias alias_PKCS_priv_key_copy = sharedDatabase("test-PKCS-private-key-copy");
2803 CKM::Alias alias_PKCS_priv_key_wrong = sharedDatabase("test-PKCS-private-key-wrong");
2806 RUNNER_TEST(T1800_init)
2808 remove_user_data(0);
2811 RUNNER_TEST(T1801_parse_PKCS12) {
2812 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2813 std::istreambuf_iterator<char> begin(is), end;
2814 std::vector<char> buff(begin, end);
2816 CKM::RawBuffer buffer(buff.size());
2817 memcpy(buffer.data(), buff.data(), buff.size());
2819 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2822 "Error in PKCS12::create()");
2824 auto cert = pkcs->getCertificate();
2827 "Error in PKCS12::getCertificate()");
2829 auto key = pkcs->getKey();
2832 "Error in PKCS12::getKey()");
2834 auto caVector = pkcs->getCaCertificateShPtrVector();
2836 0 == caVector.size(),
2837 "Wrong size of vector");
2840 RUNNER_TEST(T1802_negative_wrong_password) {
2841 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2842 std::istreambuf_iterator<char> begin(is), end;
2843 std::vector<char> buff(begin, end);
2845 CKM::RawBuffer buffer(buff.size());
2846 memcpy(buffer.data(), buff.data(), buff.size());
2848 auto pkcs = CKM::PKCS12::create(buffer, "error");
2851 "Expected error in PKCS12::create()");
2854 RUNNER_TEST(T1803_negative_broken_buffer) {
2855 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2856 std::istreambuf_iterator<char> begin(is), end;
2857 std::vector<char> buff(begin, end);
2859 CKM::RawBuffer buffer(buff.size());
2860 memcpy(buffer.data(), buff.data(), buff.size());
2862 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2865 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2868 "Expected error in PKCS12::create()");
2871 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2873 auto manager = CKM::Manager::create();
2874 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2875 std::istreambuf_iterator<char> begin(is), end;
2876 std::vector<char> buff(begin, end);
2878 CKM::RawBuffer buffer(buff.size());
2879 memcpy(buffer.data(), buff.data(), buff.size());
2881 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2884 "Error in PKCS12::create()");
2887 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2888 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2889 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2890 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2891 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2892 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2893 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2894 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2895 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2896 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2897 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2898 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2899 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2900 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2901 "-----END RSA PRIVATE KEY-----\n";
2903 std::string message = "message test";
2905 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2906 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2907 "Key is empty. Failed to import private key.");
2911 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2912 "Error=" << CKMErrorToString(temp));
2915 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2916 "Error=" << CKMErrorToString(temp));
2919 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2921 auto manager = CKM::Manager::create();
2922 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2923 std::istreambuf_iterator<char> begin(is), end;
2924 std::vector<char> buff(begin, end);
2926 CKM::RawBuffer buffer(buff.size());
2927 memcpy(buffer.data(), buff.data(), buff.size());
2929 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2932 "Error in PKCS12::create()");
2934 auto cert = pkcs->getCertificate();
2937 "Error in PKCS12::getCertificate()");
2939 auto key = pkcs->getKey();
2942 "Error in PKCS12::getKey()");
2944 auto caVector = pkcs->getCaCertificateShPtrVector();
2946 2 == caVector.size(),
2947 "Wrong size of vector");
2951 CKM::Policy exportable;
2952 CKM::Policy notExportable(CKM::Password(), false);
2955 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2956 "Error=" << CKMErrorToString(tmp));
2958 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2959 "Error=" << CKMErrorToString(tmp));
2961 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2962 "Error=" << CKMErrorToString(tmp));
2964 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2965 "Error=" << CKMErrorToString(tmp));
2967 // try to lookup key
2968 CKM::KeyShPtr key_lookup;
2970 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2971 "Error=" << CKMErrorToString(tmp));
2973 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2974 "Error=" << CKMErrorToString(tmp));
2976 // try to lookup certificate
2977 CKM::CertificateShPtr cert_lookup;
2979 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2980 "Error=" << CKMErrorToString(tmp));
2982 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2983 "Error=" << CKMErrorToString(tmp));
2986 RUNNER_TEST(T1806_get_PKCS)
2989 auto manager = CKM::Manager::create();
2991 CKM::PKCS12ShPtr pkcs;
2995 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12(sharedDatabase("i-do-not-exist").c_str(), pkcs)),
2996 "Error=" << CKMErrorToString(temp));
2998 // fail - not exportable
3000 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
3001 "Error=" << CKMErrorToString(temp));
3003 // success - exportable
3005 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3006 "Error=" << CKMErrorToString(temp));
3008 auto cert = pkcs->getCertificate();
3011 "Error in PKCS12::getCertificate()");
3013 auto key = pkcs->getKey();
3016 "Error in PKCS12::getKey()");
3018 auto caVector = pkcs->getCaCertificateShPtrVector();
3020 2 == caVector.size(),
3021 "Wrong size of vector");
3024 RUNNER_TEST(T1807_create_and_verify_signature)
3027 auto manager = CKM::Manager::create();
3029 std::string message = "message test";
3031 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3032 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3033 CKM::RawBuffer signature;
3036 CKM_API_SUCCESS == (temp = manager->createSignature(
3037 alias_PKCS_exportable,
3039 CKM::RawBuffer(message.begin(), message.end()),
3043 "Error=" << CKMErrorToString(temp));
3046 CKM_API_SUCCESS == (temp = manager->verifySignature(
3047 alias_PKCS_exportable,
3049 CKM::RawBuffer(message.begin(), message.end()),
3053 "Error=" << CKMErrorToString(temp));
3056 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3059 auto manager = CKM::Manager::create();
3061 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3062 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3063 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3064 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3065 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3066 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3067 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3068 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3069 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3070 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3071 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3072 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3073 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3074 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3075 "-----END RSA PRIVATE KEY-----";
3076 std::string message = "message test";
3078 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3079 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3080 "Key is empty. Failed to import private key.");
3083 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3084 "Error=" << CKMErrorToString(temp));
3086 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3087 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3088 CKM::RawBuffer signature;
3091 CKM_API_SUCCESS == (temp = manager->createSignature(
3092 alias_PKCS_priv_key_copy,
3094 CKM::RawBuffer(message.begin(), message.end()),
3098 "Error=" << CKMErrorToString(temp));
3101 CKM_API_SUCCESS == (temp = manager->verifySignature(
3102 alias_PKCS_exportable,
3104 CKM::RawBuffer(message.begin(), message.end()),
3108 "Error=" << CKMErrorToString(temp));
3111 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3114 auto manager = CKM::Manager::create();
3116 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3117 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3118 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3119 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3120 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3121 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3122 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3123 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3124 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3125 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3126 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3127 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3128 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3129 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3130 "-----END RSA PRIVATE KEY-----\n";
3132 std::string message = "message test";
3134 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3135 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3136 "Key is empty. Failed to import private key.");
3139 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3140 "Error=" << CKMErrorToString(temp));
3142 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3143 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3144 CKM::RawBuffer signature;
3147 CKM_API_SUCCESS == (temp = manager->createSignature(
3148 alias_PKCS_priv_key_wrong,
3150 CKM::RawBuffer(message.begin(), message.end()),
3154 "Error=" << CKMErrorToString(temp));
3157 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3158 alias_PKCS_exportable,
3160 CKM::RawBuffer(message.begin(), message.end()),
3164 "Error=" << CKMErrorToString(temp));
3167 RUNNER_TEST(T1810_verify_get_certificate_chain)
3169 // this certificate has been signed using PKCS chain
3171 "-----BEGIN CERTIFICATE-----\n"
3172 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3173 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
3174 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
3175 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
3176 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
3177 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
3178 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
3179 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
3180 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
3181 "-----END CERTIFICATE-----\n";
3183 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3184 CKM::CertificateShPtrVector certChain;
3185 CKM::AliasVector aliasVector;
3188 auto manager = CKM::Manager::create();
3190 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3192 tmp = manager->getCertificateChain(cert,
3197 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3198 "Error=" << CKMErrorToString(tmp));
3201 0 == certChain.size(),
3202 "Wrong size of certificate chain.");
3204 aliasVector.push_back(alias_PKCS_exportable);
3206 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3207 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
3209 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3211 4 == certChain.size(),
3212 "Wrong size of certificate chain: " << certChain.size());
3215 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3217 auto manager = CKM::Manager::create();
3221 // remove the whole PKCS12 bundles
3223 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3224 "Error=" << CKMErrorToString(tmp));
3226 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3227 "Error=" << CKMErrorToString(tmp));
3229 // expect lookup fails due to unknown alias
3230 // try to lookup key
3231 CKM::KeyShPtr key_lookup;
3233 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3234 "Error=" << CKMErrorToString(tmp));
3236 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3237 "Error=" << CKMErrorToString(tmp));
3239 // try to lookup certificate
3240 CKM::CertificateShPtr cert_lookup;
3242 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3243 "Error=" << CKMErrorToString(tmp));
3245 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3246 "Error=" << CKMErrorToString(tmp));
3249 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3251 CKM::Alias alias = sharedDatabase("t1812alias1");
3253 auto manager = CKM::Manager::create();
3254 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
3255 std::istreambuf_iterator<char> begin(is), end;
3256 std::vector<char> buff(begin, end);
3258 CKM::PKCS12ShPtr pkcs12;
3259 CKM::Password pass1 = "easypass1";
3260 CKM::Password pass2 = "easypass2";
3262 CKM::RawBuffer buffer(buff.size());
3263 memcpy(buffer.data(), buff.data(), buff.size());
3265 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3268 "Error in PKCS12::create()");
3272 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3273 "Error=" << CKMErrorToString(temp));
3276 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3277 "Error=" << CKMErrorToString(temp));
3280 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3281 "Error=" << CKMErrorToString(temp));
3284 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3285 "Error=" << CKMErrorToString(temp));
3288 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3289 "Error=" << CKMErrorToString(temp));
3292 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3293 "Error=" << CKMErrorToString(temp));
3295 CKM::CertificateShPtr cert;
3297 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3298 "Error=" << CKMErrorToString(temp));
3300 CKM::CertificateShPtrVector certChain;
3301 CKM::AliasVector certVect;
3302 certVect.push_back(alias);
3305 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3306 "Error=" << CKMErrorToString(temp));
3309 RUNNER_TEST(T1813_deinit)
3312 auto control = CKM::Control::create();
3315 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3316 "Error=" << CKMErrorToString(temp));
3319 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3321 const char * const T190_PASSWD = "t190-special-password";
3323 RUNNER_TEST(T1901_init_unlock_key)
3325 reset_user_data(USER_APP, T190_PASSWD);
3328 RUNNER_TEST(T1902_get_data)
3330 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
3331 ScopedAccessProvider ap(TEST_LABEL);
3332 ap.allowAPI("key-manager::api-storage", "rw");
3333 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3335 auto manager = CKM::Manager::create();
3338 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3341 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3342 "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
3345 RUNNER_TEST(T1903_lock_database)
3348 auto control = CKM::Control::create();
3350 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
3351 "Error=" << CKMErrorToString(tmp));
3354 RUNNER_TEST(T1904_get_data_from_locked_database)
3356 ScopedAccessProvider ap(TEST_LABEL);
3357 ap.allowAPI("key-manager::api-storage", "rw");
3358 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
3360 auto manager = CKM::Manager::create();
3363 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3366 CKM_API_ERROR_DB_LOCKED == status1,
3367 "Could not get key from locked database. Error=" << CKMErrorToString(status1));
3370 RUNNER_TEST(T1905_deinit)
3372 remove_user_data(USER_APP);
3375 int main(int argc, char *argv[])
3377 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob