3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <test-certs.h>
8 #include <access_provider2.h>
10 #include <ckm-common.h>
11 #include <ckm/ckm-manager.h>
12 #include <ckm/ckm-control.h>
13 #include <ckm/ckm-password.h>
14 #include <ckm/ckm-type.h>
15 #include <ckm/ckm-pkcs12.h>
19 #include <openssl/x509.h>
20 #include <openssl/x509v3.h>
22 #include <dpl/log/log.h>
25 const int USER_APP = 5000;
26 const int GROUP_APP = 5000;
27 const int USER_TEST = 5001;
29 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
30 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
31 } // namespace anonymous
34 * How to numerate tests:
36 * T - test case (always T)
37 * AB - number of test group (always two digits)
38 * C - test number in group (all tests with same TABC must be run in the same time).
42 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
43 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
44 stop_service(MANAGER);
45 start_service(MANAGER);
47 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
48 std::istreambuf_iterator<char> begin(is), end;
49 std::vector<char> buff(begin, end);
51 CKM::RawBuffer buffer(buff.size());
52 memcpy(buffer.data(), buff.data(), buff.size());
54 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
57 "Error in PKCS12::create()");
59 // all further tests will start with newly started service,
60 // OpenSSL on the service side will have to be properly initialized too
61 stop_service(MANAGER);
62 start_service(MANAGER);
65 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
67 RUNNER_TEST(T0011_Control)
70 auto control = CKM::Control::create();
72 control->removeUserData(0);
73 control->removeUserData(20);
74 control->removeUserData(USER_APP);
77 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
78 "Error=" << CKM::ErrorToString(temp));
81 RUNNER_TEST(T0012_Control)
84 auto control = CKM::Control::create();
86 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
87 "Error=" << CKM::ErrorToString(temp));
89 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
90 "Error=" << CKM::ErrorToString(temp));
93 RUNNER_TEST(T0013_Control)
96 auto control = CKM::Control::create();
98 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
99 "Error=" << CKM::ErrorToString(temp));
102 RUNNER_TEST(T0014_Control)
105 auto control = CKM::Control::create();
107 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
108 "Error=" << CKM::ErrorToString(temp));
111 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
112 "Error=" << CKM::ErrorToString(temp));
115 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
116 "Error=" << CKM::ErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
120 "Error=" << CKM::ErrorToString(temp));
123 CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
124 "Error=" << CKM::ErrorToString(temp));
127 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
128 "Error=" << CKM::ErrorToString(temp));
131 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
132 "Error=" << CKM::ErrorToString(temp));
135 RUNNER_TEST(T0015_Control)
138 auto control = CKM::Control::create();
140 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
141 "Error=" << CKM::ErrorToString(temp));
143 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
144 "Error=" << CKM::ErrorToString(temp));
146 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
147 "Error=" << CKM::ErrorToString(temp));
149 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
150 "Error=" << CKM::ErrorToString(temp));
153 RUNNER_TEST(T0016_Control_negative_wrong_password)
156 auto control = CKM::Control::create();
158 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
159 "Error=" << CKM::ErrorToString(temp));
161 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
162 "Error=" << CKM::ErrorToString(temp));
164 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
165 "Error=" << CKM::ErrorToString(temp));
167 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
168 "Error=" << CKM::ErrorToString(temp));
170 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
171 "Error=" << CKM::ErrorToString(temp));
174 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
176 RUNNER_TEST(T1010_init)
179 auto control = CKM::Control::create();
181 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
182 "Error=" << CKM::ErrorToString(temp));
184 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
185 "Error=" << CKM::ErrorToString(temp));
188 RUNNER_TEST(T1011_key)
191 auto manager = CKM::Manager::create();
193 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
194 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
195 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
196 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
197 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
198 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
199 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
201 "-----END PUBLIC KEY-----";
203 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
204 auto key = CKM::Key::create(buffer, CKM::Password());
206 CKM::Alias alias = "mykey";
209 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
210 "Error=" << CKM::ErrorToString(temp));
212 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
213 "Error=" << CKM::ErrorToString(temp));
215 key->getDER() == key2->getDER(),
216 "Key value has been changed by service");
219 RUNNER_TEST(T1012_certificate)
222 auto manager = CKM::Manager::create();
224 auto cert = TestData::getTestCertificate(TestData::GIAG2);
225 CKM::CertificateShPtr cert2;
226 CKM::Alias alias = "myCert";
229 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
230 "Error=" << CKM::ErrorToString(temp));
232 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
233 "Error=" << CKM::ErrorToString(temp));
235 cert->getDER() == cert2->getDER(),
236 "Data has been modified in key manager");
239 RUNNER_CHILD_TEST(T1013_user_app_save_key)
241 AccessProvider ap("mylabel");
242 ap.allowAPI("key-manager::api-storage", "rw");
243 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
256 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
257 auto key = CKM::Key::create(buffer, CKM::Password());
259 CKM::Alias alias = "mykey";
260 auto manager = CKM::Manager::create();
263 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
264 "Error=" << CKM::ErrorToString(temp));
266 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
267 "Error=" << CKM::ErrorToString(temp));
269 key->getDER() == key2->getDER(), "Key value has been changed by service");
272 RUNNER_TEST(T1014_save_with_label)
275 auto manager = CKM::Manager::create();
277 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
278 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
279 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
280 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
281 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
282 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
283 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
285 "-----END PUBLIC KEY-----";
287 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
288 auto key = CKM::Key::create(buffer, CKM::Password());
289 CKM::KeyShPtr key_name, key_full_addr;
290 CKM::Alias alias = "mykey-2";
291 CharPtr top_label = get_label();
292 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
295 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
296 "Error=" << CKM::ErrorToString(temp));
300 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
301 "Error=" << CKM::ErrorToString(temp));
303 key->getDER() == key_name->getDER(),
304 "Key value has been changed by service");
306 // lookup by full address
308 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
309 "Error=" << CKM::ErrorToString(temp));
311 key->getDER() == key_full_addr->getDER(),
312 "Key value has been changed by service");
315 RUNNER_TEST(T1015_deinit)
318 auto control = CKM::Control::create();
321 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
322 "Error=" << CKM::ErrorToString(temp));
324 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
325 "Error=" << CKM::ErrorToString(temp));
327 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
328 "Error=" << CKM::ErrorToString(temp));
330 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
331 "Error=" << CKM::ErrorToString(temp));
334 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
336 RUNNER_TEST(T1020_init)
339 auto control = CKM::Control::create();
341 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
342 "Error=" << CKM::ErrorToString(temp));
344 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
345 "Error=" << CKM::ErrorToString(temp));
348 RUNNER_TEST(T1021_save_keys_get_alias)
351 auto manager = CKM::Manager::create();
353 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
354 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
355 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
356 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
357 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
358 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
359 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
361 "-----END PUBLIC KEY-----";
363 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
364 auto key = CKM::Key::create(buffer, CKM::Password());
365 CKM::AliasVector labelAliasVector;
368 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
369 "Error=" << CKM::ErrorToString(temp));
371 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
372 "Error=" << CKM::ErrorToString(temp));
374 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
375 "Error=" << CKM::ErrorToString(temp));
377 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
378 "Error=" << CKM::ErrorToString(temp));
380 labelAliasVector.size() == 3,
381 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
384 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
386 AccessProvider ap("mylabel");
387 ap.allowAPI("key-manager::api-storage", "rw");
388 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
391 auto manager = CKM::Manager::create();
393 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
394 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
395 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
396 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
397 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
398 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
399 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
401 "-----END PUBLIC KEY-----";
403 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
404 auto key = CKM::Key::create(buffer, CKM::Password());
405 CKM::AliasVector labelAliasVector;
408 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
409 "Error=" << CKM::ErrorToString(temp));
411 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
412 "Error=" << CKM::ErrorToString(temp));
414 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
415 "Error=" << CKM::ErrorToString(temp));
417 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
418 "Error=" << CKM::ErrorToString(temp));
420 labelAliasVector.size() == 3,
421 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
424 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
426 AccessProvider ap("mylabel");
427 ap.allowAPI("key-manager::api-storage", "rw");
428 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
431 auto manager = CKM::Manager::create();
433 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
434 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
435 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
436 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
437 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
438 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
439 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
441 "-----END PUBLIC KEY-----";
443 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
444 auto key = CKM::Key::create(buffer, CKM::Password());
445 CKM::AliasVector aliasVector;
446 CKM::Policy notExportable(CKM::Password(), false);
449 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
450 "Error=" << CKM::ErrorToString(temp));
452 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
453 "Error=" << CKM::ErrorToString(temp));
455 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
456 "Error=" << CKM::ErrorToString(temp));
459 RUNNER_TEST(T1029_deinit)
462 auto control = CKM::Control::create();
465 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
466 "Error=" << CKM::ErrorToString(temp));
468 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
469 "Error=" << CKM::ErrorToString(temp));
471 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
472 "Error=" << CKM::ErrorToString(temp));
474 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
475 "Error=" << CKM::ErrorToString(temp));
478 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
480 RUNNER_TEST(T1030_init)
483 auto control = CKM::Control::create();
485 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
486 "Error=" << CKM::ErrorToString(temp));
488 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
489 "Error=" << CKM::ErrorToString(temp));
492 RUNNER_TEST(T1031_save_get_bin_data)
495 auto manager = CKM::Manager::create();
497 std::string binData1 = "My bin data1";
498 std::string binData2 = "My bin data2";
499 std::string binData3 = "My bin data3";
501 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
502 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
503 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
505 CKM::AliasVector labelAliasVector;
508 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
509 "Error=" << CKM::ErrorToString(temp));
511 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
512 "Error=" << CKM::ErrorToString(temp));
514 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
515 "Error=" << CKM::ErrorToString(temp));
517 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
518 "Error=" << CKM::ErrorToString(temp));
520 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
521 "Error=" << CKM::ErrorToString(temp));
523 labelAliasVector.size() == 3,
524 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
526 CKM::RawBuffer buffer;
528 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
529 "Error=" << CKM::ErrorToString(temp));
535 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
536 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
539 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
541 AccessProvider ap("mylabel");
542 ap.allowAPI("key-manager::api-storage", "rw");
543 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
546 auto manager = CKM::Manager::create();
548 std::string binData = "My bin data";
550 CKM::RawBuffer buffer(binData.begin(), binData.end());
552 CKM::AliasVector labelAliasVector;
555 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
556 "Error=" << CKM::ErrorToString(temp));
558 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
559 "Error=" << CKM::ErrorToString(temp));
561 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
562 "Error=" << CKM::ErrorToString(temp));
564 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
565 "Error=" << CKM::ErrorToString(temp));
567 labelAliasVector.size() == 3,
568 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
571 RUNNER_TEST(T1033_remove_bin_data)
574 auto manager = CKM::Manager::create();
576 std::string binData2 = "My bin data2";
577 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
579 CKM::AliasVector labelAliasVector;
581 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
583 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
584 "Error=" << CKM::ErrorToString(temp));
586 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
587 "Error=" << CKM::ErrorToString(temp));
589 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
590 "Error=" << CKM::ErrorToString(temp));
592 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
593 "Error=" << CKM::ErrorToString(temp));
595 labelAliasVector.size() == 1,
596 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
598 CKM::RawBuffer buffer;
600 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
601 "Error=" << CKM::ErrorToString(temp));
606 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
607 "Error=" << CKM::ErrorToString(temp));
610 RUNNER_TEST(T1034_getData_wrong_password)
613 auto manager = CKM::Manager::create();
615 std::string binData1 = "My bin data4";
617 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
620 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
621 "Error=" << CKM::ErrorToString(temp));
623 CKM::RawBuffer buffer;
625 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
626 "Error=" << CKM::ErrorToString(temp));
632 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
633 "Error=" << CKM::ErrorToString(temp));
636 RUNNER_TEST(T1035_deinit)
639 auto control = CKM::Control::create();
642 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
643 "Error=" << CKM::ErrorToString(temp));
645 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
646 "Error=" << CKM::ErrorToString(temp));
648 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
649 "Error=" << CKM::ErrorToString(temp));
651 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
652 "Error=" << CKM::ErrorToString(temp));
655 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
657 RUNNER_TEST(T1040_init)
660 auto control = CKM::Control::create();
663 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
664 "Error=" << CKM::ErrorToString(temp));
667 RUNNER_CHILD_TEST(T1041_create_rsa_key)
670 auto manager = CKM::Manager::create();
673 AccessProvider ap("mylabel-rsa");
674 ap.allowAPI("key-manager::api-storage", "rw");
675 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
678 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
679 "Error=" << CKM::ErrorToString(temp));
681 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
682 "Error=" << CKM::ErrorToString(temp));
684 2 == (temp = av.size()),
685 "Vector size: " << temp << ". Expected: 2");
688 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
691 auto manager = CKM::Manager::create();
694 AccessProvider ap("mylabel-rsa");
695 ap.allowAPI("key-manager::api-storage", "rw");
696 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
699 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
700 "Error=" << CKM::ErrorToString(temp));
702 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
703 "Error=" << CKM::ErrorToString(temp));
706 RUNNER_CHILD_TEST(T1043_create_dsa_key)
709 auto manager = CKM::Manager::create();
712 AccessProvider ap("mylabel-dsa");
713 ap.allowAPI("key-manager::api-storage", "rw");
714 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
717 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
718 "Error=" << CKM::ErrorToString(temp));
720 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
721 "Error=" << CKM::ErrorToString(temp));
723 2 == (temp = av.size()),
724 "Vector size: " << temp << ". Expected: 2");
727 RUNNER_TEST(T1049_deinit)
730 auto control = CKM::Control::create();
733 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
734 "Error=" << CKM::ErrorToString(temp));
736 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
737 "Error=" << CKM::ErrorToString(temp));
741 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
743 RUNNER_TEST(T1110_init)
746 auto control = CKM::Control::create();
748 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
749 "Error=" << CKM::ErrorToString(temp));
751 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
752 "Error=" << CKM::ErrorToString(temp));
755 RUNNER_TEST(T1111_CreateKeyPairRSA)
758 auto manager = CKM::Manager::create();
759 CKM::Alias a1("rsa-test-1");
760 CKM::Alias a2("rsa-test-2");
764 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
765 "Error=" << CKM::ErrorToString(temp));
767 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
768 "Error=" << CKM::ErrorToString(temp));
771 RUNNER_TEST(T1112_CreateKeyPairDSA)
774 auto manager = CKM::Manager::create();
775 CKM::Alias a1("dsa-test-1");
776 CKM::Alias a2("dsa-test-2");
780 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
781 "Error=" << CKM::ErrorToString(temp));
783 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
784 "Error=" << CKM::ErrorToString(temp));
787 RUNNER_TEST(T1113_CreateKeyPairECDSA)
790 auto manager = CKM::Manager::create();
791 CKM::Alias a1("ecdsa-test-1");
792 CKM::Alias a2("ecdsa-test-2");
796 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
797 "Error=" << CKM::ErrorToString(temp));
800 RUNNER_TEST(T1114_deinit)
803 auto control = CKM::Control::create();
806 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
807 "Error=" << CKM::ErrorToString(temp));
809 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
810 "Error=" << CKM::ErrorToString(temp));
813 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
815 RUNNER_TEST(T12100_init)
818 auto control = CKM::Control::create();
820 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
821 "Error=" << CKM::ErrorToString(temp));
823 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
824 "Error=" << CKM::ErrorToString(temp));
827 RUNNER_TEST(T12101_key_exist)
830 auto manager = CKM::Manager::create();
832 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
833 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
834 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
835 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
836 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
837 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
838 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
840 "-----END PUBLIC KEY-----";
842 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
843 auto key = CKM::Key::create(buffer);
844 CKM::Alias alias = "rsa-alias-duplication";
847 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
848 "Error=" << CKM::ErrorToString(ret));
850 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
851 "Error=" << CKM::ErrorToString(ret));
855 * These test cases tests API when empty parameters are passed to functions
858 RUNNER_TEST(T12102_saveKey_empty_alias)
860 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
861 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
862 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
863 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
864 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
865 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
866 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
867 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
869 "-----END PUBLIC KEY-----";
871 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
872 auto key = CKM::Key::create(buffer);
873 CKM::Alias alias; //alias is not initialized
876 auto manager = CKM::Manager::create();
878 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
879 "Error=" << CKM::ErrorToString(ret));
882 RUNNER_TEST(T12103_saveKey_foreign_label)
884 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
885 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
886 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
887 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
888 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
889 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
890 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
892 "-----END PUBLIC KEY-----";
894 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
895 auto key = CKM::Key::create(buffer);
896 CKM::Alias alias = "iamsomebodyelse alias";
899 auto manager = CKM::Manager::create();
901 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
902 "Error=" << CKM::ErrorToString(ret));
905 RUNNER_TEST(T12104_saveKey_empty_key)
907 CKM::KeyShPtr key; //key is not initialized
908 CKM::Alias alias = "empty-key";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::ErrorToString(ret));
917 RUNNER_TEST(T12105_saveCertificate_empty_alias)
919 auto cert = TestData::getTestCertificate(TestData::GIAG2);
920 CKM::Alias alias; //alias is not initialized
923 auto manager = CKM::Manager::create();
925 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
926 "Error=" << CKM::ErrorToString(temp));
929 RUNNER_TEST(T12106_saveCertificate_foreign_label)
931 auto cert = TestData::getTestCertificate(TestData::GIAG2);
932 CKM::Alias alias = "iamsomebodyelse alias";
935 auto manager = CKM::Manager::create();
937 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
938 "Error=" << CKM::ErrorToString(temp));
941 RUNNER_TEST(T12107_saveCertificate_empty_cert)
943 CKM::CertificateShPtr cert; //cert is not initialized
944 CKM::Alias alias = "empty-cert";
947 auto manager = CKM::Manager::create();
949 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
950 "Error=" << CKM::ErrorToString(temp));
953 RUNNER_TEST(T12108_saveData_empty_alias)
955 std::string testData = "test data test data test data";
956 CKM::RawBuffer buffer(testData.begin(), testData.end());
960 auto manager = CKM::Manager::create();
962 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
963 "Error=" << CKM::ErrorToString(temp));
966 RUNNER_TEST(T12109_saveData_foreign_label)
968 std::string testData = "test data test data test data";
969 CKM::RawBuffer buffer(testData.begin(), testData.end());
970 CKM::Alias alias = "iamsomebodyelse alias";
973 auto manager = CKM::Manager::create();
975 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
976 "Error=" << CKM::ErrorToString(temp));
979 RUNNER_TEST(T12110_saveData_empty_data)
981 CKM::RawBuffer buffer;
982 CKM::Alias alias = "empty-data";
985 auto manager = CKM::Manager::create();
987 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
988 "Error=" << CKM::ErrorToString(temp));
992 * These test cases tests API when trying to get data from not existing alias
995 RUNNER_TEST(T12111_getKey_alias_not_exist)
998 CKM::Alias alias = "this-alias-not-exist";
1001 auto manager = CKM::Manager::create();
1003 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1004 "Error=" << CKM::ErrorToString(temp));
1007 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1009 CKM::CertificateShPtr certificate;
1010 CKM::Alias alias = "this-alias-not-exist";
1013 auto manager = CKM::Manager::create();
1015 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1016 "Error=" << CKM::ErrorToString(temp));
1019 RUNNER_TEST(T12113_getData_alias_not_exist)
1022 auto manager = CKM::Manager::create();
1023 CKM::RawBuffer buffer;
1024 CKM::Alias alias("some alias");
1026 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1027 "Error=" << CKM::ErrorToString(temp));
1031 * These test cases tests API when damaged keys are used
1033 RUNNER_TEST(T12114_rsa_key_damaged)
1036 auto manager = CKM::Manager::create();
1038 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1039 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1040 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1041 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1042 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1043 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1044 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1046 "-----END PUBLIC KEY-----";
1048 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1049 auto key = CKM::Key::create(buffer);
1050 CKM::Alias alias = "damaged-rsa";
1053 NULL == key.get(), "Key is broken. It should be empty");
1056 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1057 "Error=" << CKM::ErrorToString(ret));
1060 RUNNER_TEST(T12115_rsa_key_too_short)
1063 auto manager = CKM::Manager::create();
1065 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1066 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1067 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1068 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1069 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1070 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1071 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1073 "-----END PUBLIC KEY-----";
1075 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1076 auto key = CKM::Key::create(buffer);
1077 CKM::Alias alias = "short-rsa";
1080 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1081 "Error=" << CKM::ErrorToString(ret));
1084 RUNNER_TEST(T12116_dsa_key_too_short)
1087 auto manager = CKM::Manager::create();
1089 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1090 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1091 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1092 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1093 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1094 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1095 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1096 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1097 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1098 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1099 "YMYCBhubtrVaLmc=\n"
1100 "-----END PUBLIC KEY-----";
1102 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1103 auto key = CKM::Key::create(buffer);
1104 CKM::Alias alias = "short-dsa";
1107 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1108 "Error=" << CKM::ErrorToString(ret));
1113 * These test cases tests CKM service if malicious data is provided over the socket.
1116 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1119 auto manager = CKM::Manager::create();
1121 // fake the client - let the service detect the problem
1122 class WrongKeyImpl : public CKM::Key
1125 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1128 virtual bool empty() const {
1132 virtual CKM::KeyType getType() const {
1133 return CKM::KeyType::KEY_RSA_PUBLIC;
1135 virtual int getSize() const {
1138 virtual CKM::ElipticCurve getCurve() const {
1139 return CKM::ElipticCurve::prime192v1;
1141 virtual CKM::RawBuffer getDER() const {
1144 virtual ~WrongKeyImpl() {}
1146 CKM::RawBuffer & m_dummy;
1148 std::string dummyData = "my_cat_Berta\n";
1149 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1150 auto key = std::make_shared<WrongKeyImpl>(buffer);
1151 CKM::Alias alias = "damaged-rsa";
1154 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1155 "Error=" << CKM::ErrorToString(ret));
1158 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1160 // fake the client - let the service detect the problem
1161 class WrongCertImpl : public CKM::Certificate
1164 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1165 m_x509 = X509_new();
1168 bool empty() const {
1172 virtual X509 *getX509() const {
1176 virtual CKM::RawBuffer getDER() const {
1180 virtual ~WrongCertImpl() {
1185 CKM::RawBuffer & m_dummy;
1187 std::string dummyData = "my_cat_Stefan\n";
1188 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1189 auto cert = std::make_shared<WrongCertImpl>(buffer);
1190 CKM::Alias alias = "damaged-cert";
1193 auto manager = CKM::Manager::create();
1195 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1196 "Error=" << CKM::ErrorToString(temp));
1199 RUNNER_TEST(T12119_deinit)
1202 auto control = CKM::Control::create();
1205 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1206 "Error=" << CKM::ErrorToString(temp));
1208 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1209 "Error=" << CKM::ErrorToString(temp));
1212 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1214 RUNNER_TEST(T1311_init)
1217 auto control = CKM::Control::create();
1219 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1220 "Error=" << CKM::ErrorToString(temp));
1221 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1222 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1224 ScopedLabel sl("System");
1225 struct hostent* he = gethostbyname("google.com");
1227 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1228 "is not woking on the device. OCSP tests requires network access!");
1231 RUNNER_TEST(T1312_get_chain)
1233 auto cert = TestData::getTestCertificate(TestData::MBANK);
1234 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1236 CKM::CertificateShPtrVector certVector = {cert1};
1237 CKM::CertificateShPtrVector certChain;
1240 auto manager = CKM::Manager::create();
1242 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1243 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1245 tmp = manager->getCertificateChain(cert,
1250 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1251 "Error=" << CKM::ErrorToString(tmp));
1254 0 == certChain.size(),
1255 "Wrong size of certificate chain.");
1257 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1258 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1261 3 == certChain.size(),
1262 "Wrong size of certificate chain.");
1265 RUNNER_TEST(T1313_get_chain_with_alias)
1267 auto cert = TestData::getTestCertificate(TestData::MBANK);
1268 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1270 CKM::CertificateShPtrVector certChain;
1271 CKM::AliasVector aliasVector;
1272 CKM::Alias alias("imcert");
1273 CharPtr top_label = get_label();
1274 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1277 auto manager = CKM::Manager::create();
1279 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1280 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1282 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1283 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1284 "Error=" << CKM::ErrorToString(tmp));
1287 0 == certChain.size(),
1288 "Wrong size of certificate chain.");
1291 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1292 "Error=" << CKM::ErrorToString(tmp));
1294 aliasVector.push_back(full_address);
1296 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1297 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1300 3 == certChain.size(),
1301 "Wrong size of certificate chain.");
1304 RUNNER_TEST(T1314_ocsp_check)
1306 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1308 auto cert = TestData::getTestCertificate(TestData::MBANK);
1309 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1310 CKM::CertificateShPtrVector certVector = {cert1};
1311 CKM::CertificateShPtrVector certChain;
1314 auto manager = CKM::Manager::create();
1316 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1317 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1319 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1320 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1321 "Error=" << CKM::ErrorToString(tmp));
1324 0 == certChain.size(),
1325 "Wrong size of certificate chain.");
1327 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1328 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1331 3 == certChain.size(),
1332 "Wrong size of certificate chain.");
1336 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1337 "Error=" << CKM::ErrorToString(tmp));
1339 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1342 RUNNER_TEST(T1315_deinit)
1345 auto control = CKM::Control::create();
1348 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1349 "Error=" << CKM::ErrorToString(temp));
1351 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1352 "Error=" << CKM::ErrorToString(temp));
1355 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1357 RUNNER_TEST(T1411_init)
1360 auto control = CKM::Control::create();
1362 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1363 "Error=" << CKM::ErrorToString(temp));
1366 RUNNER_TEST(T1412_rsa_key_create_verify)
1369 auto manager = CKM::Manager::create();
1371 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1372 "Proc-Type: 4,ENCRYPTED\n"
1373 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1375 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1376 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1377 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1378 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1379 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1380 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1381 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1382 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1383 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1384 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1385 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1386 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1387 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1388 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1389 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1390 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1391 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1392 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1393 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1394 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1395 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1396 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1397 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1398 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1399 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1400 "-----END RSA PRIVATE KEY-----\n";
1402 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1403 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1404 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1405 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1406 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1407 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1408 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1410 "-----END PUBLIC KEY-----\n";
1412 std::string message = "message test";
1414 CKM::Alias aliasPub = "pub1";
1415 CKM::Alias aliasPrv = "prv1";
1416 CKM::Password password = "1234";
1417 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1418 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1419 CKM::RawBuffer signature;
1421 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1422 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1424 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1425 "Key is empty. Failed to import public key.");
1426 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1427 "Key is empty. Failed to import private key.");
1430 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1431 "Error=" << CKM::ErrorToString(temp));
1433 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1434 "Error=" << CKM::ErrorToString(temp));
1437 CKM_API_SUCCESS == (temp = manager->createSignature(
1440 CKM::RawBuffer(message.begin(), message.end()),
1444 "Error=" << CKM::ErrorToString(temp));
1447 CKM_API_SUCCESS == (temp = manager->verifySignature(
1450 CKM::RawBuffer(message.begin(), message.end()),
1454 "Error=" << CKM::ErrorToString(temp));
1457 RUNNER_TEST(T1413_dsa_key_create_verify)
1460 auto manager = CKM::Manager::create();
1462 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1463 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1464 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1465 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1466 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1467 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1468 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1469 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1470 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1471 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1472 "u1roOuaPY+Hl19BlTE2qdw==\n"
1473 "-----END DSA PRIVATE KEY-----";
1475 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1476 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1477 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1478 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1479 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1480 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1481 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1482 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1483 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1484 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1485 "YMYCBhubtrVaLmc=\n"
1486 "-----END PUBLIC KEY-----";
1488 std::string message = "message test";
1490 CKM::Alias aliasPub = "pub2";
1491 CKM::Alias aliasPrv = "prv2";
1492 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1493 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1494 CKM::RawBuffer signature;
1496 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1497 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1499 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1500 "Key is empty. Failed to import public key.");
1501 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1502 "Key is empty. Failed to import private key.");
1505 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1506 "Error=" << CKM::ErrorToString(temp));
1508 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1509 "Error=" << CKM::ErrorToString(temp));
1512 CKM_API_SUCCESS == (temp = manager->createSignature(
1515 CKM::RawBuffer(message.begin(), message.end()),
1519 "Error=" << CKM::ErrorToString(temp));
1522 CKM_API_SUCCESS == (temp = manager->verifySignature(
1525 CKM::RawBuffer(message.begin(), message.end()),
1529 "Error=" << CKM::ErrorToString(temp));
1533 RUNNER_TEST(T1414_ec_key_create_verify)
1536 auto manager = CKM::Manager::create();
1538 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1539 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1540 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1541 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1542 "-----END EC PRIVATE KEY-----\n";
1544 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1545 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1546 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1547 "-----END PUBLIC KEY-----\n";
1549 std::string message = "message test";
1551 CKM::Alias aliasPub = "ecpub2";
1552 CKM::Alias aliasPrv = "ecprv2";
1553 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1554 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1555 CKM::RawBuffer signature;
1557 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1558 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1560 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1561 "Key is empty. Failed to import public key.");
1562 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1563 "Key is empty. Failed to import private key.");
1566 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1567 "Error=" << CKM::ErrorToString(temp));
1569 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1570 "Error=" << CKM::ErrorToString(temp));
1573 CKM_API_SUCCESS == (temp = manager->createSignature(
1576 CKM::RawBuffer(message.begin(), message.end()),
1580 "Error=" << CKM::ErrorToString(temp));
1583 CKM_API_SUCCESS == (temp = manager->verifySignature(
1586 CKM::RawBuffer(message.begin(), message.end()),
1590 "Error=" << CKM::ErrorToString(temp));
1592 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1594 memcpy((void*)signature.data(), "BROKEN", 6);
1597 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1600 CKM::RawBuffer(message.begin(), message.end()),
1604 "Error=" << CKM::ErrorToString(temp));
1607 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1610 auto manager = CKM::Manager::create();
1611 std::string message = "message asdfaslkdfjlksadjf test";
1613 CKM::Alias aliasPub = "pub1";
1614 CKM::Alias aliasPrv = "prv1";
1616 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1617 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1618 CKM::RawBuffer signature;
1621 CKM_API_SUCCESS == (temp = manager->createSignature(
1624 CKM::RawBuffer(message.begin(), message.end()),
1628 "Error=" << CKM::ErrorToString(temp));
1631 CKM_API_SUCCESS == (temp = manager->verifySignature(
1634 CKM::RawBuffer(message.begin(), message.end()),
1638 "Error=" << CKM::ErrorToString(temp));
1640 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1641 memcpy((void*)signature.data(), "BROKEN", 6);
1644 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1647 CKM::RawBuffer(message.begin(), message.end()),
1651 "Error=" << CKM::ErrorToString(temp));
1654 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1657 auto manager = CKM::Manager::create();
1658 std::string message = "message asdfaslkdfjlksadjf test";
1660 CKM::Alias aliasPub = "pub2";
1661 CKM::Alias aliasPrv = "prv2";
1663 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1664 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1665 CKM::RawBuffer signature;
1668 CKM_API_SUCCESS == (temp = manager->createSignature(
1671 CKM::RawBuffer(message.begin(), message.end()),
1675 "Error=" << CKM::ErrorToString(temp));
1678 CKM_API_SUCCESS == (temp = manager->verifySignature(
1681 CKM::RawBuffer(message.begin(), message.end()),
1685 "Error=" << CKM::ErrorToString(temp));
1687 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1688 memcpy((void*)signature.data(), "BROKEN", 6);
1691 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1694 CKM::RawBuffer(message.begin(), message.end()),
1698 "Error=" << CKM::ErrorToString(temp));
1701 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1704 auto manager = CKM::Manager::create();
1707 "-----BEGIN RSA PRIVATE KEY-----\n"
1708 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1709 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1710 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1711 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1712 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1713 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1714 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1715 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1716 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1717 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1718 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1719 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1720 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1721 "-----END RSA PRIVATE KEY-----\n";
1724 "-----BEGIN CERTIFICATE-----\n"
1725 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1726 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1727 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1728 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1729 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1730 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1731 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1732 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1733 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1734 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1735 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1736 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1737 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1738 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1739 "-----END CERTIFICATE-----\n";
1741 std::string message = "message test";
1743 CKM::Alias aliasPub = "pub1-cert";
1744 CKM::Alias aliasPrv = "prv1-cert";
1745 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1746 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1747 CKM::RawBuffer signature;
1749 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1750 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1752 RUNNER_ASSERT_MSG(NULL != cert.get(),
1753 "Key is empty. Failed to import public key.");
1754 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1755 "Key is empty. Failed to import private key.");
1758 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1759 "Error=" << CKM::ErrorToString(temp));
1761 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1762 "Error=" << CKM::ErrorToString(temp));
1765 CKM_API_SUCCESS == (temp = manager->createSignature(
1768 CKM::RawBuffer(message.begin(), message.end()),
1772 "Error=" << CKM::ErrorToString(temp));
1775 CKM_API_SUCCESS == (temp = manager->verifySignature(
1778 CKM::RawBuffer(message.begin(), message.end()),
1782 "Error=" << CKM::ErrorToString(temp));
1784 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1786 memcpy((void*)signature.data(), "BROKEN", 6);
1789 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1792 CKM::RawBuffer(message.begin(), message.end()),
1796 "Error=" << CKM::ErrorToString(temp));
1799 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
1802 auto manager = CKM::Manager::create();
1804 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1805 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1806 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1807 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1808 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1809 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1810 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1811 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1812 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1813 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1814 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1815 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1816 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1817 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1818 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1819 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1820 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1821 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1822 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1823 "-----END CERTIFICATE-----\n";
1825 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1826 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1827 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1828 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1829 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1830 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1831 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1832 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1833 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1834 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1835 "vonbjii3BYe4AIdkzOvp\n"
1836 "-----END DSA PRIVATE KEY-----\n";
1838 std::string message = "message test";
1840 CKM::Alias aliasPub = "pub2-cert";
1841 CKM::Alias aliasPrv = "prv2-cert";
1842 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1843 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1844 CKM::RawBuffer signature;
1846 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1847 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1849 RUNNER_ASSERT_MSG(NULL != cert.get(),
1850 "Key is empty. Failed to import public key.");
1851 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1852 "Key is empty. Failed to import private key.");
1855 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1856 "Error=" << CKM::ErrorToString(temp));
1858 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1859 "Error=" << CKM::ErrorToString(temp));
1862 CKM_API_SUCCESS == (temp = manager->createSignature(
1865 CKM::RawBuffer(message.begin(), message.end()),
1869 "Error=" << CKM::ErrorToString(temp));
1872 CKM_API_SUCCESS == (temp = manager->verifySignature(
1875 CKM::RawBuffer(message.begin(), message.end()),
1879 "Error=" << CKM::ErrorToString(temp));
1881 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1883 memcpy((void*)signature.data(), "BROKEN", 6);
1886 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1889 CKM::RawBuffer(message.begin(), message.end()),
1893 "Error=" << CKM::ErrorToString(temp));
1896 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
1899 auto manager = CKM::Manager::create();
1902 "-----BEGIN EC PRIVATE KEY-----\n"
1903 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1904 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1905 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1906 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1907 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1908 "ELyhe7yPCAuOoLZlTLgf\n"
1909 "-----END EC PRIVATE KEY-----\n";
1912 "-----BEGIN CERTIFICATE-----\n"
1913 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1914 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1915 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1916 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1917 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1918 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1919 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1920 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1921 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1922 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1923 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1924 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1925 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1926 "Q1oBry6NEc+lLFmWMDesAA==\n"
1927 "-----END CERTIFICATE-----\n";
1929 std::string message = "message test";
1931 CKM::Alias aliasPub = "pub3";
1932 CKM::Alias aliasPrv = "prv3";
1933 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1934 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1935 CKM::RawBuffer signature;
1937 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1938 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1940 RUNNER_ASSERT_MSG(NULL != cert.get(),
1941 "Key is empty. Failed to import public key.");
1942 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1943 "Key is empty. Failed to import private key.");
1946 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1947 "Error=" << CKM::ErrorToString(temp));
1949 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1950 "Error=" << CKM::ErrorToString(temp));
1953 CKM_API_SUCCESS == (temp = manager->createSignature(
1956 CKM::RawBuffer(message.begin(), message.end()),
1960 "Error=" << CKM::ErrorToString(temp));
1963 CKM_API_SUCCESS == (temp = manager->verifySignature(
1966 CKM::RawBuffer(message.begin(), message.end()),
1970 "Error=" << CKM::ErrorToString(temp));
1972 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1974 memcpy((void*)signature.data(), "BROKEN", 6);
1977 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1980 CKM::RawBuffer(message.begin(), message.end()),
1984 "Error=" << CKM::ErrorToString(temp));
1987 RUNNER_TEST(T1420_deinit)
1990 auto control = CKM::Control::create();
1993 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1994 "Error=" << CKM::ErrorToString(temp));
1996 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1997 "Error=" << CKM::ErrorToString(temp));
2000 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2002 RUNNER_TEST(T14180_init)
2005 auto control = CKM::Control::create();
2007 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2008 "Error=" << CKM::ErrorToString(temp));
2010 auto manager = CKM::Manager::create();
2012 // Prepare RSA Key Pair
2013 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2014 "Proc-Type: 4,ENCRYPTED\n"
2015 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2017 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2018 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2019 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2020 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2021 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2022 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2023 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2024 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2025 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2026 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2027 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2028 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2029 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2030 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2031 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2032 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2033 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2034 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2035 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2036 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2037 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2038 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2039 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2040 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2041 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2042 "-----END RSA PRIVATE KEY-----\n";
2044 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2045 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2046 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2047 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2048 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2049 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2050 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2052 "-----END PUBLIC KEY-----\n";
2054 CKM::Alias aliasPub = "pub_nohash1";
2055 CKM::Alias aliasPrv = "prv_nohash1";
2056 CKM::Password password = "1234";
2058 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2059 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2061 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2062 "Key is empty. Failed to import public key.");
2063 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2064 "Key is empty. Failed to import private key.");
2067 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2068 "Error=" << CKM::ErrorToString(temp));
2070 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2071 "Error=" << CKM::ErrorToString(temp));
2073 // Prepare ECDSA Key Pair
2074 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2075 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2076 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2077 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2078 "-----END EC PRIVATE KEY-----\n";
2080 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2081 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2082 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2083 "-----END PUBLIC KEY-----\n";
2085 CKM::Alias aliasEcPub = "ecpub_nohash1";
2086 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2088 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2089 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2091 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2092 "Key is empty. Failed to import public key.");
2093 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2094 "Key is empty. Failed to import private key.");
2097 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2098 "Error=" << CKM::ErrorToString(temp));
2100 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2101 "Error=" << CKM::ErrorToString(temp));
2105 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2108 auto manager = CKM::Manager::create();
2109 std::string message = "message asdfaslkdfjlksadjf test";
2111 CKM::Alias aliasPub = "pub_nohash1";
2112 CKM::Alias aliasPrv = "prv_nohash1";
2114 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2115 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2116 CKM::RawBuffer signature;
2119 CKM_API_SUCCESS == (temp = manager->createSignature(
2122 CKM::RawBuffer(message.begin(), message.end()),
2126 "Error=" << CKM::ErrorToString(temp));
2129 CKM_API_SUCCESS == (temp = manager->verifySignature(
2132 CKM::RawBuffer(message.begin(), message.end()),
2136 "Error=" << CKM::ErrorToString(temp));
2138 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2139 memcpy((void*)signature.data(), "BROKEN", 6);
2142 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2145 CKM::RawBuffer(message.begin(), message.end()),
2149 "Error=" << CKM::ErrorToString(temp));
2152 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2155 auto manager = CKM::Manager::create();
2156 std::string message = "message asdfaslkdfjlksadjf test";
2158 CKM::Alias aliasPub = "pub_nohash1";
2159 CKM::Alias aliasPrv = "prv_nohash1";
2161 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2162 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2163 CKM::RawBuffer signature;
2166 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2169 CKM::RawBuffer(message.begin(), message.end()),
2173 "Error=" << CKM::ErrorToString(temp));
2176 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2179 auto manager = CKM::Manager::create();
2180 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2181 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2182 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2183 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2184 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2185 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2186 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2187 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2188 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2189 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2190 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2191 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2192 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2193 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2194 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2195 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2196 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2197 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2198 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2199 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2201 CKM::Alias aliasPub = "pub_nohash1";
2202 CKM::Alias aliasPrv = "prv_nohash1";
2204 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2205 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2206 CKM::RawBuffer signature;
2209 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2212 CKM::RawBuffer(message.begin(), message.end()),
2216 "Error=" << CKM::ErrorToString(temp));
2220 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2223 auto manager = CKM::Manager::create();
2225 std::string message = "message test";
2227 CKM::Alias aliasPub = "ecpub_nohash1";
2228 CKM::Alias aliasPrv = "ecprv_nohash1";
2229 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2230 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2231 CKM::RawBuffer signature;
2234 CKM_API_SUCCESS == (temp = manager->createSignature(
2237 CKM::RawBuffer(message.begin(), message.end()),
2241 "Error=" << CKM::ErrorToString(temp));
2244 CKM_API_SUCCESS == (temp = manager->verifySignature(
2247 CKM::RawBuffer(message.begin(), message.end()),
2251 "Error=" << CKM::ErrorToString(temp));
2253 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2255 memcpy((void*)signature.data(), "BROKEN", 6);
2258 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2261 CKM::RawBuffer(message.begin(), message.end()),
2265 "Error=" << CKM::ErrorToString(temp));
2268 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2271 auto manager = CKM::Manager::create();
2273 int msgSize = 1024*1024;
2274 char big_msg[msgSize];
2275 for(int i =0; i<msgSize-1; i++) {
2278 big_msg[msgSize-1]=0x00;
2279 std::string message(big_msg);
2281 CKM::Alias aliasPub = "ecpub_nohash1";
2282 CKM::Alias aliasPrv = "ecprv_nohash1";
2283 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2284 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2285 CKM::RawBuffer signature;
2288 CKM_API_SUCCESS == (temp = manager->createSignature(
2291 CKM::RawBuffer(message.begin(), message.end()),
2295 "Error=" << CKM::ErrorToString(temp));
2299 RUNNER_TEST(T14189_deinit)
2302 auto control = CKM::Control::create();
2305 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2306 "Error=" << CKM::ErrorToString(temp));
2308 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2309 "Error=" << CKM::ErrorToString(temp));
2313 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2315 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2318 AccessProvider ap("my-label");
2319 ap.allowAPI("key-manager::api-control", "rw");
2320 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2322 auto control = CKM::Control::create();
2324 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2325 "Error=" << CKM::ErrorToString(tmp));
2328 RUNNER_CHILD_TEST(T1511_insert_data)
2330 AccessProvider ap("my-label");
2331 ap.allowAPI("key-manager::api-storage", "rw");
2332 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2334 auto certee = TestData::getTestCertificate(TestData::MBANK);
2335 auto certim = TestData::getTestCertificate(TestData::SYMANTEC);
2337 auto manager = CKM::Manager::create();
2338 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2339 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2342 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2343 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2346 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2347 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2350 RUNNER_CHILD_TEST(T1519_deinit)
2353 AccessProvider ap("my-label");
2354 ap.allowAPI("key-manager::api-control", "rw");
2355 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2357 auto control = CKM::Control::create();
2359 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2360 "Error=" << CKM::ErrorToString(tmp));
2364 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2366 RUNNER_TEST(T1701_init_unlock_key)
2369 auto control = CKM::Control::create();
2371 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2372 "Error=" << CKM::ErrorToString(tmp));
2375 RUNNER_CHILD_TEST(T1702_insert_data)
2378 AccessProvider ap("t170-special-label");
2379 ap.allowAPI("key-manager::api-storage", "rw");
2380 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2382 auto certee = TestData::getTestCertificate(TestData::MBANK);
2384 auto manager = CKM::Manager::create();
2385 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2388 CKM_API_SUCCESS == status1,
2389 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2391 CKM::AliasVector av;
2393 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2394 "Error=" << CKM::ErrorToString(temp));
2396 1 == (temp = av.size()),
2397 "Vector size: " << temp << ". Expected: 1");
2400 RUNNER_TEST(T1703_removeApplicationData)
2403 auto control = CKM::Control::create();
2405 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2406 "Error=" << CKM::ErrorToString(tmp));
2409 RUNNER_CHILD_TEST(T1704_data_test)
2412 AccessProvider ap("t170-special-label");
2413 ap.allowAPI("key-manager::api-storage", "rw");
2414 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2416 CKM::AliasVector av;
2417 auto manager = CKM::Manager::create();
2420 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2421 "Error=" << CKM::ErrorToString(temp));
2423 0 == (temp = av.size()),
2424 "Vector size: " << temp << ". Expected: 0");
2427 RUNNER_TEST(T1705_deinit)
2431 auto control = CKM::Control::create();
2433 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2434 "Error=" << CKM::ErrorToString(tmp));
2436 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2437 "Error=" << CKM::ErrorToString(tmp));
2440 RUNNER_TEST(T17101_init)
2444 auto control = CKM::Control::create();
2446 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2447 "Error=" << CKM::ErrorToString(tmp));
2449 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2450 "Error=" << CKM::ErrorToString(tmp));
2452 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2453 "Error=" << CKM::ErrorToString(tmp));
2456 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2457 "Error=" << CKM::ErrorToString(tmp));
2459 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2460 "Error=" << CKM::ErrorToString(tmp));
2462 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2463 "Error=" << CKM::ErrorToString(tmp));
2466 RUNNER_CHILD_TEST(T17102_prep_data_01)
2469 AccessProvider ap("t1706-special-label");
2470 ap.allowAPI("key-manager::api-storage", "rw");
2471 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2473 CKM::AliasVector av;
2474 auto manager = CKM::Manager::create();
2476 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2478 CKM::RawBuffer buffer(data.begin(), data.end());
2479 CKM::Policy exportable(CKM::Password(), true);
2482 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2483 "Error=" << CKM::ErrorToString(temp));
2486 RUNNER_CHILD_TEST(T17103_prep_data_02)
2489 AccessProvider ap("t1706-special-label2");
2490 ap.allowAPI("key-manager::api-storage", "rw");
2491 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2493 CKM::AliasVector av;
2494 auto manager = CKM::Manager::create();
2496 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2498 CKM::RawBuffer buffer(data.begin(), data.end());
2499 CKM::Policy exportable(CKM::Password(), true);
2502 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2503 "Error=" << CKM::ErrorToString(temp));
2506 RUNNER_CHILD_TEST(T17104_prep_data_03)
2509 AccessProvider ap("t1706-special-label");
2510 ap.allowAPI("key-manager::api-storage", "rw");
2511 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2513 CKM::AliasVector av;
2514 auto manager = CKM::Manager::create();
2516 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2518 CKM::RawBuffer buffer(data.begin(), data.end());
2519 CKM::Policy exportable(CKM::Password(), true);
2522 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2523 "Error=" << CKM::ErrorToString(temp));
2526 RUNNER_CHILD_TEST(T17105_prep_data_04)
2529 AccessProvider ap("t1706-special-label2");
2530 ap.allowAPI("key-manager::api-storage", "rw");
2531 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2533 CKM::AliasVector av;
2534 auto manager = CKM::Manager::create();
2536 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2538 CKM::RawBuffer buffer(data.begin(), data.end());
2539 CKM::Policy exportable(CKM::Password(), true);
2542 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2543 "Error=" << CKM::ErrorToString(temp));
2546 RUNNER_TEST(T17106_remove_application)
2550 auto control = CKM::Control::create();
2552 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2553 "Error=" << CKM::ErrorToString(tmp));
2555 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
2556 "Error=" << CKM::ErrorToString(tmp));
2559 RUNNER_CHILD_TEST(T17107_check_data_01)
2562 AccessProvider ap("t1706-special-label");
2563 ap.allowAPI("key-manager::api-storage", "rw");
2564 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2566 CKM::AliasVector av;
2567 auto manager = CKM::Manager::create();
2570 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2571 "Error=" << CKM::ErrorToString(temp));
2573 0 == (temp = av.size()),
2574 "Vector size: " << temp << ". Expected: 0");
2577 RUNNER_CHILD_TEST(T17108_check_data_02)
2580 AccessProvider ap("t1706-special-label2");
2581 ap.allowAPI("key-manager::api-storage", "rw");
2582 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2584 CKM::AliasVector av;
2585 auto manager = CKM::Manager::create();
2588 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2589 "Error=" << CKM::ErrorToString(temp));
2591 1 == (temp = av.size()),
2592 "Vector size: " << temp << ". Expected: 1");
2595 RUNNER_TEST(T17109_unlock_user2)
2599 auto control = CKM::Control::create();
2601 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2602 "Error=" << CKM::ErrorToString(tmp));
2605 RUNNER_CHILD_TEST(T17110_check_data_03)
2608 AccessProvider ap("t1706-special-label");
2609 ap.allowAPI("key-manager::api-storage", "rw");
2610 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2612 CKM::AliasVector av;
2613 auto manager = CKM::Manager::create();
2616 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2617 "Error=" << CKM::ErrorToString(temp));
2619 0 == (temp = av.size()),
2620 "Vector size: " << temp << ". Expected: 0");
2623 RUNNER_CHILD_TEST(T17111_check_data_04)
2626 AccessProvider ap("t1706-special-label2");
2627 ap.allowAPI("key-manager::api-storage", "rw");
2628 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2630 CKM::AliasVector av;
2631 auto manager = CKM::Manager::create();
2634 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
2635 "Error=" << CKM::ErrorToString(temp));
2637 1 == (temp = av.size()),
2638 "Vector size: " << temp << ". Expected: 1");
2641 RUNNER_TEST(T17112_deinit)
2645 auto control = CKM::Control::create();
2647 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2648 "Error=" << CKM::ErrorToString(tmp));
2650 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2651 "Error=" << CKM::ErrorToString(tmp));
2654 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2655 "Error=" << CKM::ErrorToString(tmp));
2657 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2658 "Error=" << CKM::ErrorToString(tmp));
2661 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2665 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2666 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2667 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2668 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2669 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2670 const char *PKCS_PASSWD = "PKCS-pass";
2673 RUNNER_TEST(T1800_init)
2675 reset_user_data(0, PKCS_PASSWD);
2678 RUNNER_TEST(T1801_parse_PKCS12) {
2679 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2680 std::istreambuf_iterator<char> begin(is), end;
2681 std::vector<char> buff(begin, end);
2683 CKM::RawBuffer buffer(buff.size());
2684 memcpy(buffer.data(), buff.data(), buff.size());
2686 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2689 "Error in PKCS12::create()");
2691 auto cert = pkcs->getCertificate();
2694 "Error in PKCS12::getCertificate()");
2696 auto key = pkcs->getKey();
2699 "Error in PKCS12::getKey()");
2701 auto caVector = pkcs->getCaCertificateShPtrVector();
2703 0 == caVector.size(),
2704 "Wrong size of vector");
2707 RUNNER_TEST(T1802_negative_wrong_password) {
2708 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2709 std::istreambuf_iterator<char> begin(is), end;
2710 std::vector<char> buff(begin, end);
2712 CKM::RawBuffer buffer(buff.size());
2713 memcpy(buffer.data(), buff.data(), buff.size());
2715 auto pkcs = CKM::PKCS12::create(buffer, "error");
2718 "Expected error in PKCS12::create()");
2721 RUNNER_TEST(T1803_negative_broken_buffer) {
2722 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
2723 std::istreambuf_iterator<char> begin(is), end;
2724 std::vector<char> buff(begin, end);
2726 CKM::RawBuffer buffer(buff.size());
2727 memcpy(buffer.data(), buff.data(), buff.size());
2729 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2732 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2735 "Expected error in PKCS12::create()");
2738 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2740 auto manager = CKM::Manager::create();
2741 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2742 std::istreambuf_iterator<char> begin(is), end;
2743 std::vector<char> buff(begin, end);
2745 CKM::RawBuffer buffer(buff.size());
2746 memcpy(buffer.data(), buff.data(), buff.size());
2748 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2751 "Error in PKCS12::create()");
2754 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2755 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2756 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2757 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2758 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2759 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2760 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2761 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2762 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2763 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2764 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2765 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2766 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2767 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2768 "-----END RSA PRIVATE KEY-----\n";
2770 std::string message = "message test";
2772 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2773 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2774 "Key is empty. Failed to import private key.");
2778 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2779 "Error=" << CKM::ErrorToString(temp));
2782 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2783 "Error=" << CKM::ErrorToString(temp));
2786 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2788 auto manager = CKM::Manager::create();
2789 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
2790 std::istreambuf_iterator<char> begin(is), end;
2791 std::vector<char> buff(begin, end);
2793 CKM::RawBuffer buffer(buff.size());
2794 memcpy(buffer.data(), buff.data(), buff.size());
2796 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2799 "Error in PKCS12::create()");
2801 auto cert = pkcs->getCertificate();
2804 "Error in PKCS12::getCertificate()");
2806 auto key = pkcs->getKey();
2809 "Error in PKCS12::getKey()");
2811 auto caVector = pkcs->getCaCertificateShPtrVector();
2813 2 == caVector.size(),
2814 "Wrong size of vector");
2818 CKM::Policy exportable;
2819 CKM::Policy notExportable(CKM::Password(), false);
2822 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2823 "Error=" << CKM::ErrorToString(tmp));
2825 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2826 "Error=" << CKM::ErrorToString(tmp));
2828 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2829 "Error=" << CKM::ErrorToString(tmp));
2831 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2832 "Error=" << CKM::ErrorToString(tmp));
2834 // try to lookup key
2835 CKM::KeyShPtr key_lookup;
2837 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2838 "Error=" << CKM::ErrorToString(tmp));
2840 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2841 "Error=" << CKM::ErrorToString(tmp));
2843 // try to lookup certificate
2844 CKM::CertificateShPtr cert_lookup;
2846 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2847 "Error=" << CKM::ErrorToString(tmp));
2849 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2850 "Error=" << CKM::ErrorToString(tmp));
2853 RUNNER_TEST(T1806_get_PKCS)
2856 auto manager = CKM::Manager::create();
2858 CKM::PKCS12ShPtr pkcs;
2862 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2863 "Error=" << CKM::ErrorToString(temp));
2865 // fail - not exportable
2867 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2868 "Error=" << CKM::ErrorToString(temp));
2870 // success - exportable
2872 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2873 "Error=" << CKM::ErrorToString(temp));
2875 auto cert = pkcs->getCertificate();
2878 "Error in PKCS12::getCertificate()");
2880 auto key = pkcs->getKey();
2883 "Error in PKCS12::getKey()");
2885 auto caVector = pkcs->getCaCertificateShPtrVector();
2887 2 == caVector.size(),
2888 "Wrong size of vector");
2891 RUNNER_TEST(T1807_create_and_verify_signature)
2894 auto manager = CKM::Manager::create();
2896 std::string message = "message test";
2898 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2899 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2900 CKM::RawBuffer signature;
2903 CKM_API_SUCCESS == (temp = manager->createSignature(
2904 alias_PKCS_exportable,
2906 CKM::RawBuffer(message.begin(), message.end()),
2910 "Error=" << CKM::ErrorToString(temp));
2913 CKM_API_SUCCESS == (temp = manager->verifySignature(
2914 alias_PKCS_exportable,
2916 CKM::RawBuffer(message.begin(), message.end()),
2920 "Error=" << CKM::ErrorToString(temp));
2923 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2926 auto manager = CKM::Manager::create();
2928 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2929 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2930 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2931 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2932 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2933 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2934 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2935 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2936 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2937 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2938 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2939 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2940 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2941 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2942 "-----END RSA PRIVATE KEY-----";
2943 std::string message = "message test";
2945 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2946 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2947 "Key is empty. Failed to import private key.");
2950 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2951 "Error=" << CKM::ErrorToString(temp));
2953 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2954 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2955 CKM::RawBuffer signature;
2958 CKM_API_SUCCESS == (temp = manager->createSignature(
2959 alias_PKCS_priv_key_copy,
2961 CKM::RawBuffer(message.begin(), message.end()),
2965 "Error=" << CKM::ErrorToString(temp));
2968 CKM_API_SUCCESS == (temp = manager->verifySignature(
2969 alias_PKCS_exportable,
2971 CKM::RawBuffer(message.begin(), message.end()),
2975 "Error=" << CKM::ErrorToString(temp));
2978 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2981 auto manager = CKM::Manager::create();
2983 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2984 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2985 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2986 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2987 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2988 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2989 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2990 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2991 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2992 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2993 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2994 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2995 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2996 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2997 "-----END RSA PRIVATE KEY-----\n";
2999 std::string message = "message test";
3001 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3002 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3003 "Key is empty. Failed to import private key.");
3006 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3007 "Error=" << CKM::ErrorToString(temp));
3009 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3010 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3011 CKM::RawBuffer signature;
3014 CKM_API_SUCCESS == (temp = manager->createSignature(
3015 alias_PKCS_priv_key_wrong,
3017 CKM::RawBuffer(message.begin(), message.end()),
3021 "Error=" << CKM::ErrorToString(temp));
3024 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3025 alias_PKCS_exportable,
3027 CKM::RawBuffer(message.begin(), message.end()),
3031 "Error=" << CKM::ErrorToString(temp));
3034 RUNNER_TEST(T1810_verify_get_certificate_chain)
3036 // this certificate has been signed using PKCS chain
3037 std::string im = "-----BEGIN CERTIFICATE-----\n"
3038 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3039 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3040 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3041 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3042 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3043 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3044 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3045 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3046 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3048 "-----END CERTIFICATE-----\n";
3050 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3051 CKM::CertificateShPtrVector certChain;
3052 CKM::AliasVector aliasVector;
3055 auto manager = CKM::Manager::create();
3057 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3059 tmp = manager->getCertificateChain(cert,
3064 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3065 "Error=" << CKM::ErrorToString(tmp));
3068 0 == certChain.size(),
3069 "Wrong size of certificate chain.");
3071 aliasVector.push_back(alias_PKCS_exportable);
3073 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3074 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3076 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3078 4 == certChain.size(),
3079 "Wrong size of certificate chain: " << certChain.size());
3082 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3084 auto manager = CKM::Manager::create();
3088 // remove the whole PKCS12 bundles
3090 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3091 "Error=" << CKM::ErrorToString(tmp));
3093 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3094 "Error=" << CKM::ErrorToString(tmp));
3096 // expect lookup fails due to unknown alias
3097 // try to lookup key
3098 CKM::KeyShPtr key_lookup;
3100 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3101 "Error=" << CKM::ErrorToString(tmp));
3103 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3104 "Error=" << CKM::ErrorToString(tmp));
3106 // try to lookup certificate
3107 CKM::CertificateShPtr cert_lookup;
3109 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3110 "Error=" << CKM::ErrorToString(tmp));
3112 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3113 "Error=" << CKM::ErrorToString(tmp));
3116 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3118 CKM::Alias alias = "t1812alias1";
3120 auto manager = CKM::Manager::create();
3121 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3122 std::istreambuf_iterator<char> begin(is), end;
3123 std::vector<char> buff(begin, end);
3125 CKM::PKCS12ShPtr pkcs12;
3126 CKM::Password pass1 = "easypass1";
3127 CKM::Password pass2 = "easypass2";
3129 CKM::RawBuffer buffer(buff.size());
3130 memcpy(buffer.data(), buff.data(), buff.size());
3132 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3135 "Error in PKCS12::create()");
3139 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3140 "Error=" << CKM::ErrorToString(temp));
3143 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3144 "Error=" << CKM::ErrorToString(temp));
3147 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3148 "Error=" << CKM::ErrorToString(temp));
3151 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3152 "Error=" << CKM::ErrorToString(temp));
3155 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3156 "Error=" << CKM::ErrorToString(temp));
3159 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3160 "Error=" << CKM::ErrorToString(temp));
3162 CKM::CertificateShPtr cert;
3164 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3165 "Error=" << CKM::ErrorToString(temp));
3167 CKM::CertificateShPtrVector certChain;
3168 CKM::AliasVector certVect;
3169 certVect.push_back(alias);
3172 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3173 "Error=" << CKM::ErrorToString(temp));
3176 RUNNER_TEST(T1813_deinit)
3179 auto control = CKM::Control::create();
3182 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3183 "Error=" << CKM::ErrorToString(temp));
3186 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3188 RUNNER_TEST(T1901_init_unlock_key)
3191 auto control = CKM::Control::create();
3193 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3194 "Error=" << CKM::ErrorToString(tmp));
3196 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3197 "Error=" << CKM::ErrorToString(tmp));
3199 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3200 "Error=" << CKM::ErrorToString(tmp));
3203 RUNNER_TEST(T1902_get_data)
3205 auto manager = CKM::Manager::create();
3208 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3211 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3212 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3215 RUNNER_TEST(T1903_lock_database)
3218 auto control = CKM::Control::create();
3220 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3221 "Error=" << CKM::ErrorToString(tmp));
3224 RUNNER_TEST(T1904_get_data_from_locked_database)
3226 auto manager = CKM::Manager::create();
3229 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3232 CKM_API_ERROR_DB_LOCKED == status1,
3233 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3236 RUNNER_TEST(T1905_deinit)
3239 auto control = CKM::Control::create();
3241 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3242 "Error=" << CKM::ErrorToString(tmp));
3245 int main(int argc, char *argv[])
3247 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3248 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);