3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
22 #include <dpl/log/log.h>
25 const int USER_APP = 5000;
26 const int GROUP_APP = 5000;
27 const int USER_TEST = 5001;
29 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
30 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
31 } // namespace anonymous
34 * How to numerate tests:
36 * T - test case (always T)
37 * AB - number of test group (always two digits)
38 * C - test number in group (all tests with same TABC must be run in the same time).
42 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
43 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
44 stop_service(MANAGER);
45 start_service(MANAGER);
47 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
48 std::istreambuf_iterator<char> begin(is), end;
49 std::vector<char> buff(begin, end);
51 CKM::RawBuffer buffer(buff.size());
52 memcpy(buffer.data(), buff.data(), buff.size());
54 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
57 "Error in PKCS12::create()");
59 // all further tests will start with newly started service,
60 // OpenSSL on the service side will have to be properly initialized too
61 stop_service(MANAGER);
62 start_service(MANAGER);
65 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
67 RUNNER_TEST(T0011_Control)
70 auto control = CKM::Control::create();
72 control->removeUserData(0);
73 control->removeUserData(20);
74 control->removeUserData(USER_APP);
77 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
78 "Error=" << CKM::ErrorToString(temp));
81 RUNNER_TEST(T0012_Control)
84 auto control = CKM::Control::create();
86 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
87 "Error=" << CKM::ErrorToString(temp));
89 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
90 "Error=" << CKM::ErrorToString(temp));
93 RUNNER_TEST(T0013_Control)
96 auto control = CKM::Control::create();
98 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
99 "Error=" << CKM::ErrorToString(temp));
102 RUNNER_TEST(T0014_Control)
105 auto control = CKM::Control::create();
107 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
108 "Error=" << CKM::ErrorToString(temp));
111 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
112 "Error=" << CKM::ErrorToString(temp));
115 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
116 "Error=" << CKM::ErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
120 "Error=" << CKM::ErrorToString(temp));
123 CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
124 "Error=" << CKM::ErrorToString(temp));
127 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
128 "Error=" << CKM::ErrorToString(temp));
131 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
132 "Error=" << CKM::ErrorToString(temp));
135 RUNNER_TEST(T0015_Control)
138 auto control = CKM::Control::create();
140 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
141 "Error=" << CKM::ErrorToString(temp));
143 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
144 "Error=" << CKM::ErrorToString(temp));
146 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
147 "Error=" << CKM::ErrorToString(temp));
149 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
150 "Error=" << CKM::ErrorToString(temp));
153 RUNNER_TEST(T0016_Control_negative_wrong_password)
156 auto control = CKM::Control::create();
158 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
159 "Error=" << CKM::ErrorToString(temp));
161 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
162 "Error=" << CKM::ErrorToString(temp));
164 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
165 "Error=" << CKM::ErrorToString(temp));
167 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
168 "Error=" << CKM::ErrorToString(temp));
170 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
171 "Error=" << CKM::ErrorToString(temp));
174 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
176 RUNNER_TEST(T1010_init)
179 auto control = CKM::Control::create();
181 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
182 "Error=" << CKM::ErrorToString(temp));
184 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
185 "Error=" << CKM::ErrorToString(temp));
188 RUNNER_TEST(T1011_key)
191 auto manager = CKM::Manager::create();
193 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
194 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
195 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
196 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
197 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
198 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
199 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
201 "-----END PUBLIC KEY-----";
203 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
204 auto key = CKM::Key::create(buffer, CKM::Password());
206 CKM::Alias alias = "mykey";
209 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
210 "Error=" << CKM::ErrorToString(temp));
212 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
213 "Error=" << CKM::ErrorToString(temp));
215 key->getDER() == key2->getDER(),
216 "Key value has been changed by service");
219 RUNNER_TEST(T1012_certificate)
222 auto manager = CKM::Manager::create();
224 auto cert = TestData::getTestCertificate(TestData::GIAG2);
225 CKM::CertificateShPtr cert2;
226 CKM::Alias alias = "myCert";
229 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
230 "Error=" << CKM::ErrorToString(temp));
232 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
233 "Error=" << CKM::ErrorToString(temp));
235 cert->getDER() == cert2->getDER(),
236 "Data has been modified in key manager");
239 RUNNER_CHILD_TEST(T1013_user_app_save_key)
241 AccessProvider ap("mylabel");
242 ap.allowAPI("key-manager::api-storage", "rw");
243 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
256 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
257 auto key = CKM::Key::create(buffer, CKM::Password());
259 CKM::Alias alias = "mykey";
260 auto manager = CKM::Manager::create();
263 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
264 "Error=" << CKM::ErrorToString(temp));
266 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
267 "Error=" << CKM::ErrorToString(temp));
269 key->getDER() == key2->getDER(), "Key value has been changed by service");
272 RUNNER_TEST(T1014_save_with_label)
275 auto manager = CKM::Manager::create();
277 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
278 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
279 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
280 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
281 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
282 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
283 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
285 "-----END PUBLIC KEY-----";
287 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
288 auto key = CKM::Key::create(buffer, CKM::Password());
289 CKM::KeyShPtr key_name, key_full_addr;
290 CKM::Alias alias = "mykey-2";
291 CharPtr top_label = get_label();
292 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
295 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
296 "Error=" << CKM::ErrorToString(temp));
300 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
301 "Error=" << CKM::ErrorToString(temp));
303 key->getDER() == key_name->getDER(),
304 "Key value has been changed by service");
306 // lookup by full address
308 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
309 "Error=" << CKM::ErrorToString(temp));
311 key->getDER() == key_full_addr->getDER(),
312 "Key value has been changed by service");
315 RUNNER_TEST(T1015_deinit)
318 auto control = CKM::Control::create();
321 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
322 "Error=" << CKM::ErrorToString(temp));
324 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
325 "Error=" << CKM::ErrorToString(temp));
327 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
328 "Error=" << CKM::ErrorToString(temp));
330 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
331 "Error=" << CKM::ErrorToString(temp));
334 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
336 RUNNER_TEST(T1020_init)
339 auto control = CKM::Control::create();
341 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
342 "Error=" << CKM::ErrorToString(temp));
344 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
345 "Error=" << CKM::ErrorToString(temp));
348 RUNNER_TEST(T1021_save_keys_get_alias)
351 auto manager = CKM::Manager::create();
353 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
354 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
355 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
356 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
357 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
358 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
359 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
361 "-----END PUBLIC KEY-----";
363 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
364 auto key = CKM::Key::create(buffer, CKM::Password());
365 CKM::AliasVector labelAliasVector;
368 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
369 "Error=" << CKM::ErrorToString(temp));
371 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
372 "Error=" << CKM::ErrorToString(temp));
374 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
375 "Error=" << CKM::ErrorToString(temp));
377 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
378 "Error=" << CKM::ErrorToString(temp));
380 labelAliasVector.size() == 3,
381 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
384 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
386 AccessProvider ap("mylabel");
387 ap.allowAPI("key-manager::api-storage", "rw");
388 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
391 auto manager = CKM::Manager::create();
393 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
394 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
395 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
396 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
397 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
398 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
399 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
401 "-----END PUBLIC KEY-----";
403 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
404 auto key = CKM::Key::create(buffer, CKM::Password());
405 CKM::AliasVector labelAliasVector;
408 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
409 "Error=" << CKM::ErrorToString(temp));
411 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
412 "Error=" << CKM::ErrorToString(temp));
414 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
415 "Error=" << CKM::ErrorToString(temp));
417 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
418 "Error=" << CKM::ErrorToString(temp));
420 labelAliasVector.size() == 3,
421 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
424 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
426 AccessProvider ap("mylabel");
427 ap.allowAPI("key-manager::api-storage", "rw");
428 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
431 auto manager = CKM::Manager::create();
433 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
434 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
435 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
436 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
437 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
438 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
439 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
441 "-----END PUBLIC KEY-----";
443 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
444 auto key = CKM::Key::create(buffer, CKM::Password());
445 CKM::AliasVector aliasVector;
446 CKM::Policy notExportable(CKM::Password(), false);
449 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
450 "Error=" << CKM::ErrorToString(temp));
452 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
453 "Error=" << CKM::ErrorToString(temp));
455 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
456 "Error=" << CKM::ErrorToString(temp));
459 RUNNER_TEST(T1029_deinit)
462 auto control = CKM::Control::create();
465 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
466 "Error=" << CKM::ErrorToString(temp));
468 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
469 "Error=" << CKM::ErrorToString(temp));
471 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
472 "Error=" << CKM::ErrorToString(temp));
474 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
475 "Error=" << CKM::ErrorToString(temp));
478 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
480 RUNNER_TEST(T1030_init)
483 auto control = CKM::Control::create();
485 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
486 "Error=" << CKM::ErrorToString(temp));
488 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
489 "Error=" << CKM::ErrorToString(temp));
492 RUNNER_TEST(T1031_save_get_bin_data)
495 auto manager = CKM::Manager::create();
497 std::string binData1 = "My bin data1";
498 std::string binData2 = "My bin data2";
499 std::string binData3 = "My bin data3";
501 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
502 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
503 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
505 CKM::AliasVector labelAliasVector;
508 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
509 "Error=" << CKM::ErrorToString(temp));
511 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
512 "Error=" << CKM::ErrorToString(temp));
514 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
515 "Error=" << CKM::ErrorToString(temp));
517 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
518 "Error=" << CKM::ErrorToString(temp));
520 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
521 "Error=" << CKM::ErrorToString(temp));
523 labelAliasVector.size() == 3,
524 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
526 CKM::RawBuffer buffer;
528 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
529 "Error=" << CKM::ErrorToString(temp));
535 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
536 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
539 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
541 AccessProvider ap("mylabel");
542 ap.allowAPI("key-manager::api-storage", "rw");
543 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
546 auto manager = CKM::Manager::create();
548 std::string binData = "My bin data";
550 CKM::RawBuffer buffer(binData.begin(), binData.end());
552 CKM::AliasVector labelAliasVector;
555 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
556 "Error=" << CKM::ErrorToString(temp));
558 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
559 "Error=" << CKM::ErrorToString(temp));
561 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
562 "Error=" << CKM::ErrorToString(temp));
564 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
565 "Error=" << CKM::ErrorToString(temp));
567 labelAliasVector.size() == 3,
568 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
571 RUNNER_TEST(T1033_remove_bin_data)
574 auto manager = CKM::Manager::create();
576 std::string binData2 = "My bin data2";
577 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
579 CKM::AliasVector labelAliasVector;
581 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
583 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
584 "Error=" << CKM::ErrorToString(temp));
586 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
587 "Error=" << CKM::ErrorToString(temp));
589 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
590 "Error=" << CKM::ErrorToString(temp));
592 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
593 "Error=" << CKM::ErrorToString(temp));
595 labelAliasVector.size() == 1,
596 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
598 CKM::RawBuffer buffer;
600 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
601 "Error=" << CKM::ErrorToString(temp));
606 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
607 "Error=" << CKM::ErrorToString(temp));
610 RUNNER_TEST(T1034_getData_wrong_password)
613 auto manager = CKM::Manager::create();
615 std::string binData1 = "My bin data4";
617 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
620 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
621 "Error=" << CKM::ErrorToString(temp));
623 CKM::RawBuffer buffer;
625 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
626 "Error=" << CKM::ErrorToString(temp));
632 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
633 "Error=" << CKM::ErrorToString(temp));
636 RUNNER_TEST(T1035_deinit)
639 auto control = CKM::Control::create();
642 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
643 "Error=" << CKM::ErrorToString(temp));
645 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
646 "Error=" << CKM::ErrorToString(temp));
648 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
649 "Error=" << CKM::ErrorToString(temp));
651 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
652 "Error=" << CKM::ErrorToString(temp));
655 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
657 RUNNER_TEST(T1040_init)
660 auto control = CKM::Control::create();
663 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
664 "Error=" << CKM::ErrorToString(temp));
667 RUNNER_CHILD_TEST(T1041_create_rsa_key)
670 auto manager = CKM::Manager::create();
673 AccessProvider ap("mylabel-rsa");
674 ap.allowAPI("key-manager::api-storage", "rw");
675 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
678 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
679 "Error=" << CKM::ErrorToString(temp));
681 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
682 "Error=" << CKM::ErrorToString(temp));
684 2 == (temp = av.size()),
685 "Vector size: " << temp << ". Expected: 2");
688 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
691 auto manager = CKM::Manager::create();
694 AccessProvider ap("mylabel-rsa");
695 ap.allowAPI("key-manager::api-storage", "rw");
696 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
699 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
700 "Error=" << CKM::ErrorToString(temp));
702 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
703 "Error=" << CKM::ErrorToString(temp));
706 RUNNER_CHILD_TEST(T1043_create_dsa_key)
709 auto manager = CKM::Manager::create();
712 AccessProvider ap("mylabel-dsa");
713 ap.allowAPI("key-manager::api-storage", "rw");
714 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
717 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
718 "Error=" << CKM::ErrorToString(temp));
720 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
721 "Error=" << CKM::ErrorToString(temp));
723 2 == (temp = av.size()),
724 "Vector size: " << temp << ". Expected: 2");
727 RUNNER_TEST(T1049_deinit)
730 auto control = CKM::Control::create();
733 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
734 "Error=" << CKM::ErrorToString(temp));
736 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
737 "Error=" << CKM::ErrorToString(temp));
741 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
743 RUNNER_TEST(T1110_init)
746 auto control = CKM::Control::create();
748 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
749 "Error=" << CKM::ErrorToString(temp));
751 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
752 "Error=" << CKM::ErrorToString(temp));
755 RUNNER_TEST(T1111_CreateKeyPairRSA)
758 auto manager = CKM::Manager::create();
759 CKM::Alias a1("rsa-test-1");
760 CKM::Alias a2("rsa-test-2");
764 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
765 "Error=" << CKM::ErrorToString(temp));
767 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
768 "Error=" << CKM::ErrorToString(temp));
771 RUNNER_TEST(T1112_CreateKeyPairDSA)
774 auto manager = CKM::Manager::create();
775 CKM::Alias a1("dsa-test-1");
776 CKM::Alias a2("dsa-test-2");
780 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
781 "Error=" << CKM::ErrorToString(temp));
783 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
784 "Error=" << CKM::ErrorToString(temp));
787 RUNNER_TEST(T1113_CreateKeyPairECDSA)
790 auto manager = CKM::Manager::create();
791 CKM::Alias a1("ecdsa-test-1");
792 CKM::Alias a2("ecdsa-test-2");
796 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
797 "Error=" << CKM::ErrorToString(temp));
800 RUNNER_TEST(T1114_deinit)
803 auto control = CKM::Control::create();
806 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
807 "Error=" << CKM::ErrorToString(temp));
809 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
810 "Error=" << CKM::ErrorToString(temp));
813 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
815 RUNNER_TEST(T12100_init)
818 auto control = CKM::Control::create();
820 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
821 "Error=" << CKM::ErrorToString(temp));
823 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
824 "Error=" << CKM::ErrorToString(temp));
827 RUNNER_TEST(T12101_key_exist)
830 auto manager = CKM::Manager::create();
832 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
833 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
834 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
835 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
836 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
837 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
838 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
840 "-----END PUBLIC KEY-----";
842 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
843 auto key = CKM::Key::create(buffer);
844 CKM::Alias alias = "rsa-alias-duplication";
847 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
848 "Error=" << CKM::ErrorToString(ret));
850 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
851 "Error=" << CKM::ErrorToString(ret));
855 * These test cases tests API when empty parameters are passed to functions
858 RUNNER_TEST(T12102_saveKey_empty_alias)
860 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
861 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
862 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
863 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
864 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
865 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
866 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
867 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
869 "-----END PUBLIC KEY-----";
871 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
872 auto key = CKM::Key::create(buffer);
873 CKM::Alias alias; //alias is not initialized
876 auto manager = CKM::Manager::create();
878 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
879 "Error=" << CKM::ErrorToString(ret));
882 RUNNER_TEST(T12103_saveKey_foreign_label)
884 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
885 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
886 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
887 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
888 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
889 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
890 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
892 "-----END PUBLIC KEY-----";
894 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
895 auto key = CKM::Key::create(buffer);
896 CKM::Alias alias = "iamsomebodyelse alias";
899 auto manager = CKM::Manager::create();
901 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
902 "Error=" << CKM::ErrorToString(ret));
905 RUNNER_TEST(T12104_saveKey_empty_key)
907 CKM::KeyShPtr key; //key is not initialized
908 CKM::Alias alias = "empty-key";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::ErrorToString(ret));
917 RUNNER_TEST(T12105_saveCertificate_empty_alias)
919 auto cert = TestData::getTestCertificate(TestData::GIAG2);
920 CKM::Alias alias; //alias is not initialized
923 auto manager = CKM::Manager::create();
925 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
926 "Error=" << CKM::ErrorToString(temp));
929 RUNNER_TEST(T12106_saveCertificate_foreign_label)
931 auto cert = TestData::getTestCertificate(TestData::GIAG2);
932 CKM::Alias alias = "iamsomebodyelse alias";
935 auto manager = CKM::Manager::create();
937 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
938 "Error=" << CKM::ErrorToString(temp));
941 RUNNER_TEST(T12107_saveCertificate_empty_cert)
943 CKM::CertificateShPtr cert; //cert is not initialized
944 CKM::Alias alias = "empty-cert";
947 auto manager = CKM::Manager::create();
949 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
950 "Error=" << CKM::ErrorToString(temp));
953 RUNNER_TEST(T12108_saveData_empty_alias)
955 std::string testData = "test data test data test data";
956 CKM::RawBuffer buffer(testData.begin(), testData.end());
960 auto manager = CKM::Manager::create();
962 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
963 "Error=" << CKM::ErrorToString(temp));
966 RUNNER_TEST(T12109_saveData_foreign_label)
968 std::string testData = "test data test data test data";
969 CKM::RawBuffer buffer(testData.begin(), testData.end());
970 CKM::Alias alias = "iamsomebodyelse alias";
973 auto manager = CKM::Manager::create();
975 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
976 "Error=" << CKM::ErrorToString(temp));
979 RUNNER_TEST(T12110_saveData_empty_data)
981 CKM::RawBuffer buffer;
982 CKM::Alias alias = "empty-data";
985 auto manager = CKM::Manager::create();
987 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
988 "Error=" << CKM::ErrorToString(temp));
992 * These test cases tests API when trying to get data from not existing alias
995 RUNNER_TEST(T12111_getKey_alias_not_exist)
998 CKM::Alias alias = "this-alias-not-exist";
1001 auto manager = CKM::Manager::create();
1003 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1004 "Error=" << CKM::ErrorToString(temp));
1007 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1009 CKM::CertificateShPtr certificate;
1010 CKM::Alias alias = "this-alias-not-exist";
1013 auto manager = CKM::Manager::create();
1015 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1016 "Error=" << CKM::ErrorToString(temp));
1019 RUNNER_TEST(T12113_getData_alias_not_exist)
1022 auto manager = CKM::Manager::create();
1023 CKM::RawBuffer buffer;
1024 CKM::Alias alias("some alias");
1026 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1027 "Error=" << CKM::ErrorToString(temp));
1031 * These test cases tests API when damaged keys are used
1033 RUNNER_TEST(T12114_rsa_key_damaged)
1036 auto manager = CKM::Manager::create();
1038 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1039 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1040 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1041 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1042 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1043 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1044 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1046 "-----END PUBLIC KEY-----";
1048 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1049 auto key = CKM::Key::create(buffer);
1050 CKM::Alias alias = "damaged-rsa";
1053 NULL == key.get(), "Key is broken. It should be empty");
1056 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1057 "Error=" << CKM::ErrorToString(ret));
1060 RUNNER_TEST(T12115_rsa_key_too_short)
1063 auto manager = CKM::Manager::create();
1065 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1066 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1067 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1068 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1069 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1070 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1071 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1073 "-----END PUBLIC KEY-----";
1075 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1076 auto key = CKM::Key::create(buffer);
1077 CKM::Alias alias = "short-rsa";
1080 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1081 "Error=" << CKM::ErrorToString(ret));
1084 RUNNER_TEST(T12116_dsa_key_too_short)
1087 auto manager = CKM::Manager::create();
1089 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1090 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1091 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1092 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1093 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1094 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1095 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1096 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1097 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1098 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1099 "YMYCBhubtrVaLmc=\n"
1100 "-----END PUBLIC KEY-----";
1102 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1103 auto key = CKM::Key::create(buffer);
1104 CKM::Alias alias = "short-dsa";
1107 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1108 "Error=" << CKM::ErrorToString(ret));
1113 * These test cases tests CKM service if malicious data is provided over the socket.
1116 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1119 auto manager = CKM::Manager::create();
1121 // fake the client - let the service detect the problem
1122 class WrongKeyImpl : public CKM::Key
1125 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1128 virtual bool empty() const {
1132 virtual CKM::KeyType getType() const {
1133 return CKM::KeyType::KEY_RSA_PUBLIC;
1135 virtual int getSize() const {
1138 virtual CKM::ElipticCurve getCurve() const {
1139 return CKM::ElipticCurve::prime192v1;
1141 virtual CKM::RawBuffer getDER() const {
1144 virtual ~WrongKeyImpl() {}
1146 CKM::RawBuffer & m_dummy;
1148 std::string dummyData = "my_cat_Berta\n";
1149 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1150 auto key = std::make_shared<WrongKeyImpl>(buffer);
1151 CKM::Alias alias = "damaged-rsa";
1154 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1155 "Error=" << CKM::ErrorToString(ret));
1158 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1160 // fake the client - let the service detect the problem
1161 class WrongCertImpl : public CKM::Certificate
1164 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1165 m_x509 = X509_new();
1168 bool empty() const {
1172 virtual X509 *getX509() const {
1176 virtual CKM::RawBuffer getDER() const {
1180 virtual ~WrongCertImpl() {
1185 CKM::RawBuffer & m_dummy;
1187 std::string dummyData = "my_cat_Stefan\n";
1188 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1189 auto cert = std::make_shared<WrongCertImpl>(buffer);
1190 CKM::Alias alias = "damaged-cert";
1193 auto manager = CKM::Manager::create();
1195 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1196 "Error=" << CKM::ErrorToString(temp));
1199 RUNNER_TEST(T12119_deinit)
1202 auto control = CKM::Control::create();
1205 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1206 "Error=" << CKM::ErrorToString(temp));
1208 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1209 "Error=" << CKM::ErrorToString(temp));
1212 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1214 RUNNER_TEST(T1311_init)
1217 auto control = CKM::Control::create();
1219 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1220 "Error=" << CKM::ErrorToString(temp));
1221 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1222 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1224 ScopedLabel sl("System");
1225 struct hostent* he = gethostbyname("google.com");
1227 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1228 "is not woking on the device. OCSP tests requires network access!");
1231 RUNNER_TEST(T1312_get_chain)
1233 auto cert = TestData::getTestCertificate(TestData::MBANK);
1234 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1236 CKM::CertificateShPtrVector certVector = {cert1};
1237 CKM::CertificateShPtrVector certChain;
1240 auto manager = CKM::Manager::create();
1242 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1243 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1245 tmp = manager->getCertificateChain(cert,
1250 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1251 "Error=" << CKM::ErrorToString(tmp));
1254 0 == certChain.size(),
1255 "Wrong size of certificate chain.");
1257 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1258 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1261 3 == certChain.size(),
1262 "Wrong size of certificate chain.");
1265 RUNNER_TEST(T1313_get_chain_with_alias)
1267 auto cert = TestData::getTestCertificate(TestData::MBANK);
1268 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1270 CKM::CertificateShPtrVector certChain;
1271 CKM::AliasVector aliasVector;
1272 CKM::Alias alias("imcert");
1273 CharPtr top_label = get_label();
1274 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1277 auto manager = CKM::Manager::create();
1279 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1280 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1282 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1283 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1284 "Error=" << CKM::ErrorToString(tmp));
1287 0 == certChain.size(),
1288 "Wrong size of certificate chain.");
1291 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1292 "Error=" << CKM::ErrorToString(tmp));
1294 aliasVector.push_back(full_address);
1296 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1297 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1300 3 == certChain.size(),
1301 "Wrong size of certificate chain.");
1304 RUNNER_TEST(T1314_ocsp_check)
1306 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1308 auto cert = TestData::getTestCertificate(TestData::MBANK);
1309 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1310 CKM::CertificateShPtrVector certVector = {cert1};
1311 CKM::CertificateShPtrVector certChain;
1314 auto manager = CKM::Manager::create();
1316 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1317 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1319 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1320 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1321 "Error=" << CKM::ErrorToString(tmp));
1324 0 == certChain.size(),
1325 "Wrong size of certificate chain.");
1327 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1328 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1331 3 == certChain.size(),
1332 "Wrong size of certificate chain.");
1336 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1337 "Error=" << CKM::ErrorToString(tmp));
1339 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1342 RUNNER_TEST(T1315_deinit)
1345 auto control = CKM::Control::create();
1348 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1349 "Error=" << CKM::ErrorToString(temp));
1351 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1352 "Error=" << CKM::ErrorToString(temp));
1355 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1357 RUNNER_TEST(T1411_init)
1360 auto control = CKM::Control::create();
1362 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1363 "Error=" << CKM::ErrorToString(temp));
1366 RUNNER_TEST(T1412_rsa_key_create_verify)
1369 auto manager = CKM::Manager::create();
1371 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1372 "Proc-Type: 4,ENCRYPTED\n"
1373 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1375 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1376 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1377 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1378 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1379 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1380 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1381 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1382 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1383 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1384 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1385 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1386 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1387 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1388 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1389 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1390 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1391 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1392 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1393 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1394 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1395 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1396 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1397 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1398 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1399 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1400 "-----END RSA PRIVATE KEY-----\n";
1402 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1403 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1404 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1405 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1406 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1407 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1408 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1410 "-----END PUBLIC KEY-----\n";
1412 std::string message = "message test";
1414 CKM::Alias aliasPub = "pub1";
1415 CKM::Alias aliasPrv = "prv1";
1416 CKM::Password password = "1234";
1417 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1418 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1419 CKM::RawBuffer signature;
1421 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1422 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1424 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1425 "Key is empty. Failed to import public key.");
1426 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1427 "Key is empty. Failed to import private key.");
1430 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1431 "Error=" << CKM::ErrorToString(temp));
1433 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1434 "Error=" << CKM::ErrorToString(temp));
1437 CKM_API_SUCCESS == (temp = manager->createSignature(
1440 CKM::RawBuffer(message.begin(), message.end()),
1444 "Error=" << CKM::ErrorToString(temp));
1447 CKM_API_SUCCESS == (temp = manager->verifySignature(
1450 CKM::RawBuffer(message.begin(), message.end()),
1454 "Error=" << CKM::ErrorToString(temp));
1457 RUNNER_TEST(T1413_dsa_key_create_verify)
1460 auto manager = CKM::Manager::create();
1462 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1463 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1464 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1465 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1466 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1467 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1468 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1469 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1470 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1471 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1472 "u1roOuaPY+Hl19BlTE2qdw==\n"
1473 "-----END DSA PRIVATE KEY-----";
1475 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1476 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1477 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1478 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1479 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1480 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1481 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1482 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1483 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1484 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1485 "YMYCBhubtrVaLmc=\n"
1486 "-----END PUBLIC KEY-----";
1488 std::string message = "message test";
1490 CKM::Alias aliasPub = "pub2";
1491 CKM::Alias aliasPrv = "prv2";
1492 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1493 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1494 CKM::RawBuffer signature;
1496 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1497 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1499 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1500 "Key is empty. Failed to import public key.");
1501 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1502 "Key is empty. Failed to import private key.");
1505 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1506 "Error=" << CKM::ErrorToString(temp));
1508 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1509 "Error=" << CKM::ErrorToString(temp));
1512 CKM_API_SUCCESS == (temp = manager->createSignature(
1515 CKM::RawBuffer(message.begin(), message.end()),
1519 "Error=" << CKM::ErrorToString(temp));
1522 CKM_API_SUCCESS == (temp = manager->verifySignature(
1525 CKM::RawBuffer(message.begin(), message.end()),
1529 "Error=" << CKM::ErrorToString(temp));
1533 RUNNER_TEST(T1414_ec_key_create_verify)
1536 auto manager = CKM::Manager::create();
1538 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1539 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1540 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1541 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1542 "-----END EC PRIVATE KEY-----\n";
1544 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1545 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1546 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1547 "-----END PUBLIC KEY-----\n";
1549 std::string message = "message test";
1551 CKM::Alias aliasPub = "ecpub2";
1552 CKM::Alias aliasPrv = "ecprv2";
1553 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1554 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1555 CKM::RawBuffer signature;
1557 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1558 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1560 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1561 "Key is empty. Failed to import public key.");
1562 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1563 "Key is empty. Failed to import private key.");
1566 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1567 "Error=" << CKM::ErrorToString(temp));
1569 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1570 "Error=" << CKM::ErrorToString(temp));
1573 CKM_API_SUCCESS == (temp = manager->createSignature(
1576 CKM::RawBuffer(message.begin(), message.end()),
1580 "Error=" << CKM::ErrorToString(temp));
1583 CKM_API_SUCCESS == (temp = manager->verifySignature(
1586 CKM::RawBuffer(message.begin(), message.end()),
1590 "Error=" << CKM::ErrorToString(temp));
1592 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1594 memcpy((void*)signature.data(), "BROKEN", 6);
1597 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1600 CKM::RawBuffer(message.begin(), message.end()),
1604 "Error=" << CKM::ErrorToString(temp));
1607 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1610 auto manager = CKM::Manager::create();
1611 std::string message = "message asdfaslkdfjlksadjf test";
1613 CKM::Alias aliasPub = "pub1";
1614 CKM::Alias aliasPrv = "prv1";
1616 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1617 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1618 CKM::RawBuffer signature;
1621 CKM_API_SUCCESS == (temp = manager->createSignature(
1624 CKM::RawBuffer(message.begin(), message.end()),
1628 "Error=" << CKM::ErrorToString(temp));
1631 CKM_API_SUCCESS == (temp = manager->verifySignature(
1634 CKM::RawBuffer(message.begin(), message.end()),
1638 "Error=" << CKM::ErrorToString(temp));
1640 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1641 memcpy((void*)signature.data(), "BROKEN", 6);
1644 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1647 CKM::RawBuffer(message.begin(), message.end()),
1651 "Error=" << CKM::ErrorToString(temp));
1654 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1657 auto manager = CKM::Manager::create();
1658 std::string message = "message asdfaslkdfjlksadjf test";
1660 CKM::Alias aliasPub = "pub2";
1661 CKM::Alias aliasPrv = "prv2";
1663 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1664 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1665 CKM::RawBuffer signature;
1668 CKM_API_SUCCESS == (temp = manager->createSignature(
1671 CKM::RawBuffer(message.begin(), message.end()),
1675 "Error=" << CKM::ErrorToString(temp));
1678 CKM_API_SUCCESS == (temp = manager->verifySignature(
1681 CKM::RawBuffer(message.begin(), message.end()),
1685 "Error=" << CKM::ErrorToString(temp));
1687 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1688 memcpy((void*)signature.data(), "BROKEN", 6);
1691 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1694 CKM::RawBuffer(message.begin(), message.end()),
1698 "Error=" << CKM::ErrorToString(temp));
1701 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1704 auto manager = CKM::Manager::create();
1707 "-----BEGIN RSA PRIVATE KEY-----\n"
1708 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1709 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1710 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1711 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1712 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1713 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1714 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1715 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1716 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1717 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1718 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1719 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1720 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1721 "-----END RSA PRIVATE KEY-----\n";
1724 "-----BEGIN CERTIFICATE-----\n"
1725 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1726 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1727 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1728 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1729 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1730 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1731 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1732 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1733 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1734 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1735 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1736 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1737 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1738 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1739 "-----END CERTIFICATE-----\n";
1741 std::string message = "message test";
1743 CKM::Alias aliasPub = "pub1-cert";
1744 CKM::Alias aliasPrv = "prv1-cert";
1745 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1746 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1747 CKM::RawBuffer signature;
1749 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1750 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1752 RUNNER_ASSERT_MSG(NULL != cert.get(),
1753 "Key is empty. Failed to import public key.");
1754 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1755 "Key is empty. Failed to import private key.");
1758 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1759 "Error=" << CKM::ErrorToString(temp));
1761 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1762 "Error=" << CKM::ErrorToString(temp));
1765 CKM_API_SUCCESS == (temp = manager->createSignature(
1768 CKM::RawBuffer(message.begin(), message.end()),
1772 "Error=" << CKM::ErrorToString(temp));
1775 CKM_API_SUCCESS == (temp = manager->verifySignature(
1778 CKM::RawBuffer(message.begin(), message.end()),
1782 "Error=" << CKM::ErrorToString(temp));
1784 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1786 memcpy((void*)signature.data(), "BROKEN", 6);
1789 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1792 CKM::RawBuffer(message.begin(), message.end()),
1796 "Error=" << CKM::ErrorToString(temp));
1799 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
1802 auto manager = CKM::Manager::create();
1804 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1805 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1806 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1807 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1808 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1809 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1810 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1811 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1812 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1813 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1814 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1815 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1816 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1817 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1818 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1819 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1820 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1821 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1822 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1823 "-----END CERTIFICATE-----\n";
1825 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1826 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1827 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1828 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1829 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1830 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1831 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1832 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1833 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1834 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1835 "vonbjii3BYe4AIdkzOvp\n"
1836 "-----END DSA PRIVATE KEY-----\n";
1838 std::string message = "message test";
1840 CKM::Alias aliasPub = "pub2-cert";
1841 CKM::Alias aliasPrv = "prv2-cert";
1842 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1843 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1844 CKM::RawBuffer signature;
1846 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1847 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1849 RUNNER_ASSERT_MSG(NULL != cert.get(),
1850 "Key is empty. Failed to import public key.");
1851 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1852 "Key is empty. Failed to import private key.");
1855 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1856 "Error=" << CKM::ErrorToString(temp));
1858 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1859 "Error=" << CKM::ErrorToString(temp));
1862 CKM_API_SUCCESS == (temp = manager->createSignature(
1865 CKM::RawBuffer(message.begin(), message.end()),
1869 "Error=" << CKM::ErrorToString(temp));
1872 CKM_API_SUCCESS == (temp = manager->verifySignature(
1875 CKM::RawBuffer(message.begin(), message.end()),
1879 "Error=" << CKM::ErrorToString(temp));
1881 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1883 memcpy((void*)signature.data(), "BROKEN", 6);
1886 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1889 CKM::RawBuffer(message.begin(), message.end()),
1893 "Error=" << CKM::ErrorToString(temp));
1896 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
1899 auto manager = CKM::Manager::create();
1902 "-----BEGIN EC PRIVATE KEY-----\n"
1903 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1904 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1905 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1906 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1907 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1908 "ELyhe7yPCAuOoLZlTLgf\n"
1909 "-----END EC PRIVATE KEY-----\n";
1912 "-----BEGIN CERTIFICATE-----\n"
1913 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1914 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1915 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1916 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1917 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1918 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1919 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1920 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1921 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1922 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1923 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1924 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1925 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1926 "Q1oBry6NEc+lLFmWMDesAA==\n"
1927 "-----END CERTIFICATE-----\n";
1929 std::string message = "message test";
1931 CKM::Alias aliasPub = "pub3";
1932 CKM::Alias aliasPrv = "prv3";
1933 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1934 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1935 CKM::RawBuffer signature;
1937 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1938 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1940 RUNNER_ASSERT_MSG(NULL != cert.get(),
1941 "Key is empty. Failed to import public key.");
1942 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1943 "Key is empty. Failed to import private key.");
1946 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1947 "Error=" << CKM::ErrorToString(temp));
1949 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1950 "Error=" << CKM::ErrorToString(temp));
1953 CKM_API_SUCCESS == (temp = manager->createSignature(
1956 CKM::RawBuffer(message.begin(), message.end()),
1960 "Error=" << CKM::ErrorToString(temp));
1963 CKM_API_SUCCESS == (temp = manager->verifySignature(
1966 CKM::RawBuffer(message.begin(), message.end()),
1970 "Error=" << CKM::ErrorToString(temp));
1972 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1974 memcpy((void*)signature.data(), "BROKEN", 6);
1977 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1980 CKM::RawBuffer(message.begin(), message.end()),
1984 "Error=" << CKM::ErrorToString(temp));
1987 RUNNER_TEST(T1420_deinit)
1990 auto control = CKM::Control::create();
1993 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1994 "Error=" << CKM::ErrorToString(temp));
1996 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1997 "Error=" << CKM::ErrorToString(temp));
2000 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2002 RUNNER_TEST(T14180_init)
2005 auto control = CKM::Control::create();
2007 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2008 "Error=" << CKM::ErrorToString(temp));
2010 auto manager = CKM::Manager::create();
2012 // Prepare RSA Key Pair
2013 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2014 "Proc-Type: 4,ENCRYPTED\n"
2015 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2017 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2018 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2019 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2020 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2021 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2022 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2023 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2024 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2025 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2026 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2027 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2028 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2029 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2030 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2031 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2032 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2033 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2034 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2035 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2036 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2037 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2038 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2039 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2040 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2041 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2042 "-----END RSA PRIVATE KEY-----\n";
2044 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2045 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2046 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2047 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2048 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2049 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2050 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2052 "-----END PUBLIC KEY-----\n";
2054 CKM::Alias aliasPub = "pub_nohash1";
2055 CKM::Alias aliasPrv = "prv_nohash1";
2056 CKM::Password password = "1234";
2058 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2059 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2061 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2062 "Key is empty. Failed to import public key.");
2063 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2064 "Key is empty. Failed to import private key.");
2067 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2068 "Error=" << CKM::ErrorToString(temp));
2070 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2071 "Error=" << CKM::ErrorToString(temp));
2073 // Prepare ECDSA Key Pair
2074 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2075 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2076 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2077 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2078 "-----END EC PRIVATE KEY-----\n";
2080 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2081 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2082 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2083 "-----END PUBLIC KEY-----\n";
2085 CKM::Alias aliasEcPub = "ecpub_nohash1";
2086 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2088 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2089 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2091 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2092 "Key is empty. Failed to import public key.");
2093 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2094 "Key is empty. Failed to import private key.");
2097 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2098 "Error=" << CKM::ErrorToString(temp));
2100 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2101 "Error=" << CKM::ErrorToString(temp));
2105 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2108 auto manager = CKM::Manager::create();
2109 std::string message = "message asdfaslkdfjlksadjf test";
2111 CKM::Alias aliasPub = "pub_nohash1";
2112 CKM::Alias aliasPrv = "prv_nohash1";
2114 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2115 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2116 CKM::RawBuffer signature;
2119 CKM_API_SUCCESS == (temp = manager->createSignature(
2122 CKM::RawBuffer(message.begin(), message.end()),
2126 "Error=" << CKM::ErrorToString(temp));
2129 CKM_API_SUCCESS == (temp = manager->verifySignature(
2132 CKM::RawBuffer(message.begin(), message.end()),
2136 "Error=" << CKM::ErrorToString(temp));
2138 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2139 memcpy((void*)signature.data(), "BROKEN", 6);
2142 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2145 CKM::RawBuffer(message.begin(), message.end()),
2149 "Error=" << CKM::ErrorToString(temp));
2152 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2155 auto manager = CKM::Manager::create();
2156 std::string message = "message asdfaslkdfjlksadjf test";
2158 CKM::Alias aliasPub = "pub_nohash1";
2159 CKM::Alias aliasPrv = "prv_nohash1";
2161 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2162 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2163 CKM::RawBuffer signature;
2166 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2169 CKM::RawBuffer(message.begin(), message.end()),
2173 "Error=" << CKM::ErrorToString(temp));
2176 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2179 auto manager = CKM::Manager::create();
2180 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2181 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2182 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2183 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2184 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2185 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2186 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2187 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2188 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2189 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2190 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2191 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2192 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2193 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2194 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2195 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2196 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2197 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2198 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2199 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2201 CKM::Alias aliasPub = "pub_nohash1";
2202 CKM::Alias aliasPrv = "prv_nohash1";
2204 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2205 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2206 CKM::RawBuffer signature;
2209 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2212 CKM::RawBuffer(message.begin(), message.end()),
2216 "Error=" << CKM::ErrorToString(temp));
2220 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2223 auto manager = CKM::Manager::create();
2225 std::string message = "message test";
2227 CKM::Alias aliasPub = "ecpub_nohash1";
2228 CKM::Alias aliasPrv = "ecprv_nohash1";
2229 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2230 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2231 CKM::RawBuffer signature;
2234 CKM_API_SUCCESS == (temp = manager->createSignature(
2237 CKM::RawBuffer(message.begin(), message.end()),
2241 "Error=" << CKM::ErrorToString(temp));
2244 CKM_API_SUCCESS == (temp = manager->verifySignature(
2247 CKM::RawBuffer(message.begin(), message.end()),
2251 "Error=" << CKM::ErrorToString(temp));
2253 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2255 memcpy((void*)signature.data(), "BROKEN", 6);
2258 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2261 CKM::RawBuffer(message.begin(), message.end()),
2265 "Error=" << CKM::ErrorToString(temp));
2268 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2271 auto manager = CKM::Manager::create();
2273 int msgSize = 1024*1024;
2274 char big_msg[msgSize];
2275 for(int i =0; i<msgSize-1; i++) {
2278 big_msg[msgSize-1]=0x00;
2279 std::string message(big_msg);
2281 CKM::Alias aliasPub = "ecpub_nohash1";
2282 CKM::Alias aliasPrv = "ecprv_nohash1";
2283 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2284 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2285 CKM::RawBuffer signature;
2288 CKM_API_SUCCESS == (temp = manager->createSignature(
2291 CKM::RawBuffer(message.begin(), message.end()),
2295 "Error=" << CKM::ErrorToString(temp));
2299 RUNNER_TEST(T14189_deinit)
2302 auto control = CKM::Control::create();
2305 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2306 "Error=" << CKM::ErrorToString(temp));
2308 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2309 "Error=" << CKM::ErrorToString(temp));
2313 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2316 CKM::Alias certeeAlias("CertEE");
2317 CKM::Alias certimAlias("CertIM");
2319 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2321 reset_user_data(USER_TEST, "strong-password");
2324 AccessProvider ap("my-label");
2325 ap.allowAPI("key-manager::api-storage", "rw");
2326 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2328 auto manager = CKM::Manager::create();
2329 auto certee = TestData::getTestCertificate(TestData::MBANK);
2330 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2331 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certeeAlias, certee, CKM::Policy()));
2332 RUNNER_ASSERT(CKM_API_SUCCESS == manager->saveCertificate(certimAlias, certim, CKM::Policy()));
2335 RUNNER_TEST(T1511_restart_CKM)
2338 stop_service(MANAGER);
2339 start_service(MANAGER);
2340 unlock_user_data(USER_TEST, "strong-password");
2343 RUNNER_CHILD_TEST(T1512_check_data_exists)
2346 AccessProvider ap("my-label");
2347 ap.allowAPI("key-manager::api-storage", "rw");
2348 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2350 auto manager = CKM::Manager::create();
2351 auto certee = TestData::getTestCertificate(TestData::MBANK);
2352 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2353 int status1 = manager->saveCertificate(certeeAlias, certee, CKM::Policy());
2354 int status2 = manager->saveCertificate(certimAlias, certim, CKM::Policy());
2356 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2357 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2359 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2360 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2363 RUNNER_TEST(T1519_deinit)
2365 remove_user_data(USER_TEST);
2369 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2371 RUNNER_TEST(T1701_init_unlock_key)
2374 auto control = CKM::Control::create();
2376 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2377 "Error=" << CKM::ErrorToString(tmp));
2380 RUNNER_CHILD_TEST(T1702_insert_data)
2383 AccessProvider ap("t170-special-label");
2384 ap.allowAPI("key-manager::api-storage", "rw");
2385 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2387 auto certee = TestData::getTestCertificate(TestData::MBANK);
2389 auto manager = CKM::Manager::create();
2390 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2393 CKM_API_SUCCESS == status1,
2394 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2396 CKM::AliasVector av;
2398 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2399 "Error=" << CKM::ErrorToString(temp));
2401 1 == (temp = av.size()),
2402 "Vector size: " << temp << ". Expected: 1");
2405 RUNNER_TEST(T1703_removeApplicationData)
2408 auto control = CKM::Control::create();
2410 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2411 "Error=" << CKM::ErrorToString(tmp));
2414 RUNNER_CHILD_TEST(T1704_data_test)
2417 AccessProvider ap("t170-special-label");
2418 ap.allowAPI("key-manager::api-storage", "rw");
2419 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2421 CKM::AliasVector av;
2422 auto manager = CKM::Manager::create();
2425 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2426 "Error=" << CKM::ErrorToString(temp));
2428 0 == (temp = av.size()),
2429 "Vector size: " << temp << ". Expected: 0");
2432 RUNNER_TEST(T1705_deinit)
2436 auto control = CKM::Control::create();
2438 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2439 "Error=" << CKM::ErrorToString(tmp));
2441 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2442 "Error=" << CKM::ErrorToString(tmp));
2445 RUNNER_TEST(T17101_init)
2449 auto control = CKM::Control::create();
2451 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2452 "Error=" << CKM::ErrorToString(tmp));
2454 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2455 "Error=" << CKM::ErrorToString(tmp));
2457 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2458 "Error=" << CKM::ErrorToString(tmp));
2461 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2462 "Error=" << CKM::ErrorToString(tmp));
2464 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2465 "Error=" << CKM::ErrorToString(tmp));
2467 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2468 "Error=" << CKM::ErrorToString(tmp));
2471 RUNNER_CHILD_TEST(T17102_prep_data_01)
2474 AccessProvider ap("t1706-special-label");
2475 ap.allowAPI("key-manager::api-storage", "rw");
2476 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2478 CKM::AliasVector av;
2479 auto manager = CKM::Manager::create();
2481 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2483 CKM::RawBuffer buffer(data.begin(), data.end());
2484 CKM::Policy exportable(CKM::Password(), true);
2487 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2488 "Error=" << CKM::ErrorToString(temp));
2491 RUNNER_CHILD_TEST(T17103_prep_data_02)
2494 AccessProvider ap("t1706-special-label2");
2495 ap.allowAPI("key-manager::api-storage", "rw");
2496 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2498 CKM::AliasVector av;
2499 auto manager = CKM::Manager::create();
2501 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2503 CKM::RawBuffer buffer(data.begin(), data.end());
2504 CKM::Policy exportable(CKM::Password(), true);
2507 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2508 "Error=" << CKM::ErrorToString(temp));
2511 RUNNER_CHILD_TEST(T17104_prep_data_03)
2514 AccessProvider ap("t1706-special-label");
2515 ap.allowAPI("key-manager::api-storage", "rw");
2516 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2518 CKM::AliasVector av;
2519 auto manager = CKM::Manager::create();
2521 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2523 CKM::RawBuffer buffer(data.begin(), data.end());
2524 CKM::Policy exportable(CKM::Password(), true);
2527 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2528 "Error=" << CKM::ErrorToString(temp));
2531 RUNNER_CHILD_TEST(T17105_prep_data_04)
2534 AccessProvider ap("t1706-special-label2");
2535 ap.allowAPI("key-manager::api-storage", "rw");
2536 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2538 CKM::AliasVector av;
2539 auto manager = CKM::Manager::create();
2541 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2543 CKM::RawBuffer buffer(data.begin(), data.end());
2544 CKM::Policy exportable(CKM::Password(), true);
2547 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2548 "Error=" << CKM::ErrorToString(temp));
2551 RUNNER_TEST(T17106_remove_application)
2555 auto control = CKM::Control::create();
2557 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2558 "Error=" << CKM::ErrorToString(tmp));
2560 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
2561 "Error=" << CKM::ErrorToString(tmp));
2564 RUNNER_CHILD_TEST(T17107_check_data_01)
2567 AccessProvider ap("t1706-special-label");
2568 ap.allowAPI("key-manager::api-storage", "rw");
2569 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2571 CKM::AliasVector av;
2572 auto manager = CKM::Manager::create();
2575 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2576 "Error=" << CKM::ErrorToString(temp));
2578 0 == (temp = av.size()),
2579 "Vector size: " << temp << ". Expected: 0");
2582 RUNNER_CHILD_TEST(T17108_check_data_02)
2585 AccessProvider ap("t1706-special-label2");
2586 ap.allowAPI("key-manager::api-storage", "rw");
2587 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2589 CKM::AliasVector av;
2590 auto manager = CKM::Manager::create();
2593 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2594 "Error=" << CKM::ErrorToString(temp));
2596 1 == (temp = av.size()),
2597 "Vector size: " << temp << ". Expected: 1");
2600 RUNNER_TEST(T17109_unlock_user2)
2604 auto control = CKM::Control::create();
2606 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2607 "Error=" << CKM::ErrorToString(tmp));
2610 RUNNER_CHILD_TEST(T17110_check_data_03)
2613 AccessProvider ap("t1706-special-label");
2614 ap.allowAPI("key-manager::api-storage", "rw");
2615 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2617 CKM::AliasVector av;
2618 auto manager = CKM::Manager::create();
2621 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2622 "Error=" << CKM::ErrorToString(temp));
2624 0 == (temp = av.size()),
2625 "Vector size: " << temp << ". Expected: 0");
2628 RUNNER_CHILD_TEST(T17111_check_data_04)
2631 AccessProvider ap("t1706-special-label2");
2632 ap.allowAPI("key-manager::api-storage", "rw");
2633 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2635 CKM::AliasVector av;
2636 auto manager = CKM::Manager::create();
2639 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2640 "Error=" << CKM::ErrorToString(temp));
2642 1 == (temp = av.size()),
2643 "Vector size: " << temp << ". Expected: 1");
2646 RUNNER_TEST(T17112_deinit)
2650 auto control = CKM::Control::create();
2652 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2653 "Error=" << CKM::ErrorToString(tmp));
2655 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2656 "Error=" << CKM::ErrorToString(tmp));
2659 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2660 "Error=" << CKM::ErrorToString(tmp));
2662 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2663 "Error=" << CKM::ErrorToString(tmp));
2666 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2670 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2671 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2672 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2673 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2674 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2675 const char *PKCS_PASSWD = "PKCS-pass";
2678 RUNNER_TEST(T1800_init)
2680 reset_user_data(0, PKCS_PASSWD);
2683 RUNNER_TEST(T1801_parse_PKCS12) {
2684 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2685 std::istreambuf_iterator<char> begin(is), end;
2686 std::vector<char> buff(begin, end);
2688 CKM::RawBuffer buffer(buff.size());
2689 memcpy(buffer.data(), buff.data(), buff.size());
2691 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2694 "Error in PKCS12::create()");
2696 auto cert = pkcs->getCertificate();
2699 "Error in PKCS12::getCertificate()");
2701 auto key = pkcs->getKey();
2704 "Error in PKCS12::getKey()");
2706 auto caVector = pkcs->getCaCertificateShPtrVector();
2708 0 == caVector.size(),
2709 "Wrong size of vector");
2712 RUNNER_TEST(T1802_negative_wrong_password) {
2713 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2714 std::istreambuf_iterator<char> begin(is), end;
2715 std::vector<char> buff(begin, end);
2717 CKM::RawBuffer buffer(buff.size());
2718 memcpy(buffer.data(), buff.data(), buff.size());
2720 auto pkcs = CKM::PKCS12::create(buffer, "error");
2723 "Expected error in PKCS12::create()");
2726 RUNNER_TEST(T1803_negative_broken_buffer) {
2727 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2728 std::istreambuf_iterator<char> begin(is), end;
2729 std::vector<char> buff(begin, end);
2731 CKM::RawBuffer buffer(buff.size());
2732 memcpy(buffer.data(), buff.data(), buff.size());
2734 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2737 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2740 "Expected error in PKCS12::create()");
2743 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2745 auto manager = CKM::Manager::create();
2746 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2747 std::istreambuf_iterator<char> begin(is), end;
2748 std::vector<char> buff(begin, end);
2750 CKM::RawBuffer buffer(buff.size());
2751 memcpy(buffer.data(), buff.data(), buff.size());
2753 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2756 "Error in PKCS12::create()");
2759 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2760 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2761 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2762 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2763 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2764 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2765 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2766 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2767 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2768 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2769 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2770 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2771 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2772 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2773 "-----END RSA PRIVATE KEY-----\n";
2775 std::string message = "message test";
2777 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2778 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2779 "Key is empty. Failed to import private key.");
2783 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2784 "Error=" << CKM::ErrorToString(temp));
2787 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2788 "Error=" << CKM::ErrorToString(temp));
2791 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2793 auto manager = CKM::Manager::create();
2794 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2795 std::istreambuf_iterator<char> begin(is), end;
2796 std::vector<char> buff(begin, end);
2798 CKM::RawBuffer buffer(buff.size());
2799 memcpy(buffer.data(), buff.data(), buff.size());
2801 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2804 "Error in PKCS12::create()");
2806 auto cert = pkcs->getCertificate();
2809 "Error in PKCS12::getCertificate()");
2811 auto key = pkcs->getKey();
2814 "Error in PKCS12::getKey()");
2816 auto caVector = pkcs->getCaCertificateShPtrVector();
2818 2 == caVector.size(),
2819 "Wrong size of vector");
2823 CKM::Policy exportable;
2824 CKM::Policy notExportable(CKM::Password(), false);
2827 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2828 "Error=" << CKM::ErrorToString(tmp));
2830 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2831 "Error=" << CKM::ErrorToString(tmp));
2833 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2834 "Error=" << CKM::ErrorToString(tmp));
2836 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2837 "Error=" << CKM::ErrorToString(tmp));
2839 // try to lookup key
2840 CKM::KeyShPtr key_lookup;
2842 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2843 "Error=" << CKM::ErrorToString(tmp));
2845 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2846 "Error=" << CKM::ErrorToString(tmp));
2848 // try to lookup certificate
2849 CKM::CertificateShPtr cert_lookup;
2851 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2852 "Error=" << CKM::ErrorToString(tmp));
2854 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2855 "Error=" << CKM::ErrorToString(tmp));
2858 RUNNER_TEST(T1806_get_PKCS)
2861 auto manager = CKM::Manager::create();
2863 CKM::PKCS12ShPtr pkcs;
2867 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2868 "Error=" << CKM::ErrorToString(temp));
2870 // fail - not exportable
2872 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2873 "Error=" << CKM::ErrorToString(temp));
2875 // success - exportable
2877 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2878 "Error=" << CKM::ErrorToString(temp));
2880 auto cert = pkcs->getCertificate();
2883 "Error in PKCS12::getCertificate()");
2885 auto key = pkcs->getKey();
2888 "Error in PKCS12::getKey()");
2890 auto caVector = pkcs->getCaCertificateShPtrVector();
2892 2 == caVector.size(),
2893 "Wrong size of vector");
2896 RUNNER_TEST(T1807_create_and_verify_signature)
2899 auto manager = CKM::Manager::create();
2901 std::string message = "message test";
2903 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2904 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2905 CKM::RawBuffer signature;
2908 CKM_API_SUCCESS == (temp = manager->createSignature(
2909 alias_PKCS_exportable,
2911 CKM::RawBuffer(message.begin(), message.end()),
2915 "Error=" << CKM::ErrorToString(temp));
2918 CKM_API_SUCCESS == (temp = manager->verifySignature(
2919 alias_PKCS_exportable,
2921 CKM::RawBuffer(message.begin(), message.end()),
2925 "Error=" << CKM::ErrorToString(temp));
2928 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2931 auto manager = CKM::Manager::create();
2933 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2934 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2935 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2936 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2937 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2938 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2939 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2940 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2941 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2942 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2943 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2944 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2945 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2946 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2947 "-----END RSA PRIVATE KEY-----";
2948 std::string message = "message test";
2950 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2951 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2952 "Key is empty. Failed to import private key.");
2955 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2956 "Error=" << CKM::ErrorToString(temp));
2958 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2959 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2960 CKM::RawBuffer signature;
2963 CKM_API_SUCCESS == (temp = manager->createSignature(
2964 alias_PKCS_priv_key_copy,
2966 CKM::RawBuffer(message.begin(), message.end()),
2970 "Error=" << CKM::ErrorToString(temp));
2973 CKM_API_SUCCESS == (temp = manager->verifySignature(
2974 alias_PKCS_exportable,
2976 CKM::RawBuffer(message.begin(), message.end()),
2980 "Error=" << CKM::ErrorToString(temp));
2983 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2986 auto manager = CKM::Manager::create();
2988 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2989 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2990 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2991 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2992 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2993 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2994 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2995 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2996 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2997 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2998 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2999 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3000 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3001 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3002 "-----END RSA PRIVATE KEY-----\n";
3004 std::string message = "message test";
3006 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3007 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3008 "Key is empty. Failed to import private key.");
3011 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3012 "Error=" << CKM::ErrorToString(temp));
3014 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3015 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3016 CKM::RawBuffer signature;
3019 CKM_API_SUCCESS == (temp = manager->createSignature(
3020 alias_PKCS_priv_key_wrong,
3022 CKM::RawBuffer(message.begin(), message.end()),
3026 "Error=" << CKM::ErrorToString(temp));
3029 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3030 alias_PKCS_exportable,
3032 CKM::RawBuffer(message.begin(), message.end()),
3036 "Error=" << CKM::ErrorToString(temp));
3039 RUNNER_TEST(T1810_verify_get_certificate_chain)
3041 // this certificate has been signed using PKCS chain
3042 std::string im = "-----BEGIN CERTIFICATE-----\n"
3043 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3044 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3045 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3046 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3047 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3048 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3049 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3050 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3051 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3053 "-----END CERTIFICATE-----\n";
3055 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3056 CKM::CertificateShPtrVector certChain;
3057 CKM::AliasVector aliasVector;
3060 auto manager = CKM::Manager::create();
3062 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3064 tmp = manager->getCertificateChain(cert,
3069 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3070 "Error=" << CKM::ErrorToString(tmp));
3073 0 == certChain.size(),
3074 "Wrong size of certificate chain.");
3076 aliasVector.push_back(alias_PKCS_exportable);
3078 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3079 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3081 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3083 4 == certChain.size(),
3084 "Wrong size of certificate chain: " << certChain.size());
3087 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3089 auto manager = CKM::Manager::create();
3093 // remove the whole PKCS12 bundles
3095 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3096 "Error=" << CKM::ErrorToString(tmp));
3098 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3099 "Error=" << CKM::ErrorToString(tmp));
3101 // expect lookup fails due to unknown alias
3102 // try to lookup key
3103 CKM::KeyShPtr key_lookup;
3105 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3106 "Error=" << CKM::ErrorToString(tmp));
3108 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3109 "Error=" << CKM::ErrorToString(tmp));
3111 // try to lookup certificate
3112 CKM::CertificateShPtr cert_lookup;
3114 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3115 "Error=" << CKM::ErrorToString(tmp));
3117 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3118 "Error=" << CKM::ErrorToString(tmp));
3121 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3123 CKM::Alias alias = "t1812alias1";
3125 auto manager = CKM::Manager::create();
3126 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3127 std::istreambuf_iterator<char> begin(is), end;
3128 std::vector<char> buff(begin, end);
3130 CKM::PKCS12ShPtr pkcs12;
3131 CKM::Password pass1 = "easypass1";
3132 CKM::Password pass2 = "easypass2";
3134 CKM::RawBuffer buffer(buff.size());
3135 memcpy(buffer.data(), buff.data(), buff.size());
3137 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3140 "Error in PKCS12::create()");
3144 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3145 "Error=" << CKM::ErrorToString(temp));
3148 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3149 "Error=" << CKM::ErrorToString(temp));
3152 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3153 "Error=" << CKM::ErrorToString(temp));
3156 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3157 "Error=" << CKM::ErrorToString(temp));
3160 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3161 "Error=" << CKM::ErrorToString(temp));
3164 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3165 "Error=" << CKM::ErrorToString(temp));
3167 CKM::CertificateShPtr cert;
3169 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3170 "Error=" << CKM::ErrorToString(temp));
3172 CKM::CertificateShPtrVector certChain;
3173 CKM::AliasVector certVect;
3174 certVect.push_back(alias);
3177 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3178 "Error=" << CKM::ErrorToString(temp));
3181 RUNNER_TEST(T1813_deinit)
3184 auto control = CKM::Control::create();
3187 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3188 "Error=" << CKM::ErrorToString(temp));
3191 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3193 RUNNER_TEST(T1901_init_unlock_key)
3196 auto control = CKM::Control::create();
3198 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3199 "Error=" << CKM::ErrorToString(tmp));
3201 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3202 "Error=" << CKM::ErrorToString(tmp));
3204 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3205 "Error=" << CKM::ErrorToString(tmp));
3208 RUNNER_TEST(T1902_get_data)
3210 auto manager = CKM::Manager::create();
3213 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3216 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3217 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3220 RUNNER_TEST(T1903_lock_database)
3223 auto control = CKM::Control::create();
3225 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3226 "Error=" << CKM::ErrorToString(tmp));
3229 RUNNER_TEST(T1904_get_data_from_locked_database)
3231 auto manager = CKM::Manager::create();
3234 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3237 CKM_API_ERROR_DB_LOCKED == status1,
3238 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3241 RUNNER_TEST(T1905_deinit)
3244 auto control = CKM::Control::create();
3246 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3247 "Error=" << CKM::ErrorToString(tmp));
3250 int main(int argc, char *argv[])
3252 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3253 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob