2 * Copyright (c) 2016 - 2020 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
18 * @author Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
24 #include <condition_variable>
27 #include <ckmc/ckmc-type.h>
28 #include <ckm/ckm-manager-async.h>
29 #include <ckm/ckm-manager.h>
30 #include <ckm/ckm-control.h>
31 #include <ckm/ckm-raw-buffer.h>
35 #include <dpl/test/test_runner.h>
37 #include <tests_common.h>
38 #include <test-certs.h>
39 #include <ckm-common.h>
44 using namespace TestData;
48 const char* TEST_DATA = "dsflsdkghkslhglrtghierhgilrehgidsafasdffsgfdgdgfdgfdgfdgfdggf";
50 const char* TEST_PASS = "test-pass";
52 const CertificateShPtrVector EMPTY_CERT_VECTOR;
53 const CertificateShPtrVector NULL_PTR_VECTOR = {
58 const AliasVector EMPTY_ALIAS_VECTOR;
59 const Alias alias_PKCS_exportable = "async-test-PKCS-export";
60 const Alias alias_PKCS_not_exportable = "async-test-PKCS-no-export";
62 class MyObserver: public ManagerAsync::Observer
66 m_finished(false), m_error(0), m_ocspStatus(0)
70 void ReceivedError(int error)
77 void ReceivedSaveKey()
81 void ReceivedSaveCertificate()
85 void ReceivedSaveData()
89 void ReceivedSavePKCS12()
93 void ReceivedRemovedAlias()
97 void ReceivedKey(Key && key)
99 m_data = move(key.getDER());
102 void ReceivedCertificate(Certificate && cert)
104 m_data = move(cert.getDER());
107 void ReceivedData(RawBuffer && data)
112 void ReceivedPKCS12(PKCS12ShPtr && pkcs)
117 void ReceivedKeyAliasVector(AliasVector && av)
119 m_aliases = move(av);
122 void ReceivedCertificateAliasVector(AliasVector && av)
124 m_aliases = move(av);
127 void ReceivedDataAliasVector(AliasVector && av)
129 m_aliases = move(av);
132 void ReceivedCreateKeyAES()
136 void ReceivedCreateKeyPair()
140 void ReceivedGetCertificateChain(CertificateShPtrVector && chain)
142 m_certChain = move(chain);
145 void ReceivedCreateSignature(RawBuffer && buffer)
147 m_signed = move(buffer);
150 void ReceivedVerifySignature()
154 void ReceivedOCSPCheck(int status)
156 m_ocspStatus = status;
159 void ReceivedSetPermission()
164 void WaitForResponse()
166 unique_lock < mutex > lock(m_mutex);
168 m_cv.wait(lock, [this] {return m_finished;});
170 RUNNER_ASSERT_MSG(m_finished, "Request is not finished!");
174 void WaitForSuccess()
178 RUNNER_ASSERT_MSG(m_error == 0,
179 "Request failed " << m_error << "/" << APICodeToString(m_error));
182 void WaitFor(int expected)
186 RUNNER_ASSERT_MSG(m_error == expected,
187 "Expected " << expected << "/" << APICodeToString(expected) <<
188 " got: " << m_error << "/" << APICodeToString(m_error));
193 AliasVector m_aliases;
194 CertificateShPtrVector m_certChain;
208 condition_variable m_cv;
211 typedef shared_ptr<MyObserver> MyObserverPtr;
223 KeyContainer(const std::string& prv_pem, const std::string& pub_pem) {
224 RawBuffer buffer_prv(prv_pem.begin(), prv_pem.end());
225 prv = Key::create(buffer_prv);
228 RawBuffer buffer_pub(pub_pem.begin(), pub_pem.end());
229 pub = Key::create(buffer_pub);
234 KeyContainer(const RawBuffer& key_raw) {
235 prv = pub = Key::createAES(key_raw);
244 typedef map<Type, vector<KeyContainer> > KeyMap;
247 KeyMap initializeKeys()
251 km[RSA].emplace_back(
252 "-----BEGIN RSA PRIVATE KEY-----\n"
253 "MIICXAIBAAKBgQDMP6sKttnQ58BAi27b8X+8KVQtJgpJhhCF0RtWaTVqAhVDG3y4\n"
254 "x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06BCWPYH2+7jOfQIOy/TMlt+W7x\n"
255 "fou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+3Op0tEjy0jpmzeyNiQIDAQAB\n"
256 "AoGBAJRDX1CuvNx1bkwsKvQDkTqwMYd4hp0qcVICIbsPMhPaoT6OdHHZkHOf+HDx\n"
257 "KWhOj1LsXgzu95Q+Tp5k+LURI8ayu2RTsz/gYECgPNUsZ7gXl4co1bK+g5kiC+qr\n"
258 "sgSfkbYpp0OXefnl5x4KaJlZeSpn0UdDqx0kwI1x2E098i1VAkEA5thNY9YZNQdN\n"
259 "p6aopxOF5OmAjbLkq6wu255rDM5YgeepXXro/lmPociobtv8vPzbWKfoYZJL0Zj4\n"
260 "Qzj7Qz7s0wJBAOKBbpeG9PuNP1nR1h8kvyuILW8F89JOcIOUeqwokq4eJVqXdFIj\n"
261 "ct8eSEFmyXNqXD7b9+Tcw6vRIZuddVhNcrMCQAlpaD5ZzE1NLu1W7ilhsmPS4Vrl\n"
262 "oE0fiAmMO/EZuKITP+R/zmAQZrrB45whe/x4krjan67auByjj/utpxDmz+ECQEg/\n"
263 "UK80dN/n5dUYgVvdtLyF6zgGhgcGzgyqR5ayOlcfdnq25Htuoy1X02RJDOirfFDw\n"
264 "iNmPMTqUskuYpd1MltECQBwcy1cpnJWIXwCTQwg3enjkOVw80Tbr3iU9ASjHJTH2\n"
265 "N6FGHC4BQCm1fL6Bo0/0oSra+Ika3/1Vw1WwijUSiO8=\n"
266 "-----END RSA PRIVATE KEY-----",
268 "-----BEGIN PUBLIC KEY-----\n"
269 "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMP6sKttnQ58BAi27b8X+8KVQt\n"
270 "JgpJhhCF0RtWaTVqAhVDG3y4x6IuAvXDtPSjLe/2E01fYGVxNComPJOmUOfUD06B\n"
271 "CWPYH2+7jOfQIOy/TMlt+W7xfou9rqnPRoKRaodoLqH5WK0ahkntWCAjstoKZoG+\n"
272 "3Op0tEjy0jpmzeyNiQIDAQAB\n"
273 "-----END PUBLIC KEY-----"
276 km[RSA].emplace_back(
277 "-----BEGIN RSA PRIVATE KEY-----\n"
278 "MIIJKgIBAAKCAgEAzIft00bxMjLwkweLexg3+dmcibxEJRf6veU+9uYMLxnZfWS6\n"
279 "YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wuitagFvGhm3Uy6pMvj64AI1e3IjZ6T\n"
280 "AQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaBx8yLSKIcza6SOxcUywNb1Ij+ro7m\n"
281 "Tus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2QNv3kBPuYdQQrXhoxCcIVtSIl8pU\n"
282 "fI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t89paSCZakBt8SGjA6mSpmrp7lPlKE\n"
283 "9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4m41dD/Lzv0ZQE1mSDwxjrZWpxOzb\n"
284 "lliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA+wRMf3yd41q6yvTC1rVd/+R6P37J\n"
285 "IudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kpf6AeVzqY2OYgdOHMCQzcTg9PqdS4\n"
286 "V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4+klR5zlh8+kN5ZjfzEgpZ+eWlDes\n"
287 "NBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ4rsmBqOwuglHFW52dIZEG9u/20ta\n"
288 "QMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+8lLQwmLiBLx0Yr/RXKf6gJUCAwEA\n"
289 "AQKCAgEAmHp1yN7Ijd4AD/y99WTWxkN/OgfK3cSEv/EaAcL7LlodFCh18pva5Kzh\n"
290 "EU8Lv72jGXwm1Qp418bPT+FE8NbR1I+QxycmGLFNK/J81mK7M5FzxHCFs2koMOmh\n"
291 "9u236vTdXCHbCqurHLj9/ut2x1hxBFzvMZT52DTe+4J3k+nLGiWPiN8rv4YH9cXN\n"
292 "GF5JjNcCOQxO1Em8pVthqRh6Z7Amf6/9XcIeI3yPemOb5zAaPXFw64iBd+H5QVYG\n"
293 "5DPb19r9XjQhUPjbcq3/4qmLwtLT9JnIAbH2UtEWk8OEzA8aQfBfgxjN2cIe0Pd+\n"
294 "fTJASHU8FgtZaqMjnyNuHJXkMIFHSwrn4IyVJgSK6wX2IQ+7vJoWQyg2w6DbpSRq\n"
295 "cyqNvHiJ7z/4IcKC7zCT/Wv/DgmIl8W395UThEMvdqxQtiDLkxeeRpNqFU9OCw0B\n"
296 "d3tJr4bR2VCigikOhP2noSbhHNxgYRdwXrLhuMmygnEgcCTGzUZzNk3ZabdXgo1O\n"
297 "bCdHrK3Fe1iHm82JtDAWLZo6KjXrlTrDKM7RIbvKFDvp8Omet8GGCFcFU5cz+QBW\n"
298 "gUyLSdxR5RoEjBbe0a1KUptdQvXmYiks0krd3UdO1mVeHel4CcMxn8+iHn8SaSbP\n"
299 "ggFZ8JnuwgtNo0soVKsWGATH65Xe7nskmrnDFUheoKmtUWPpLUECggEBAOUt+OX8\n"
300 "0jqYuPsgNWHH1MxMwXR+fw5N68LWJXIdWw5H1TYDjwA1iBFku/O/xx7Jag7Y0A2l\n"
301 "1Z+3pMZmx64KaSu5VWwGvM08kPXxUXTAgI8qGfS395mqv+MOGFTs5r9QyM//sm5D\n"
302 "2osdK1Urs2D7+3r6QDXbNhhSeWG4fYhwzfgOwZtZkEcqa5IHqYoxDrJ1PrDOUCx6\n"
303 "xUAkWBEsSclzT3/5CpdcqKkbwxF8uPF8zs56olJyU81HDoLIlQcw7HgcP6w060I0\n"
304 "/zX4MFMD/Iq9Umb38mXPT1HjkQytHN0n0DklpgooGXzdeTfO1HgW+jY9gP398BWd\n"
305 "kKpm9xcFddATlT0CggEBAOR3gVRswKrXGOOsUdV3ErJF1lKYssYxq2neKA6A0WvE\n"
306 "qgKHOgZO9ztD6/UgX41uc+3rKfvmY5AsldGZgd0ov/DyeF0N834LeBVayG1fdcEt\n"
307 "amqjfVnQSHY437JyQ/qn63j/Se+HqbeEifJi+11OwPD9TwoUWS2xmldc+nehCdHs\n"
308 "WQUQiNuDSVoBgLlj3FbI9WXlkE/zQxb3qG48SCiiyQBfuyrD/5L/siq+ETjKemdK\n"
309 "HQaxJ4TcBnHSU92tpG7AFrtSa8T+kE335Z6f+/jawxFbJln3+uUnrljfo0EuD//5\n"
310 "ZB7ev8B0XWU+RK9y4KWnK0wmwwKyheNmGhN3Q9H3vjkCggEBALNGTQeLx+Ayi7FW\n"
311 "Nqvwp9PQzxwTv8wuxBg7cDteH1aCdpS0H+7n8TK5/BTmlhrNL/vBOq8SZJN2Ep1o\n"
312 "1Rad6jtb1SiV9KcPk83wIeoUk/xp0LgQGM3KNiSlZ/82+iH6Tbv3p1p+Fbzw6m7L\n"
313 "qpxZQRWoIQaAHkbUbUM2EGzk4RoEYQrm+ufQlSk8eTEywu5yrMGeAjVpLFfKlmGI\n"
314 "pYfCfhP7en+A6iavIt7RE9ND8Hqwj72y1T8lMIK56WogqTojzuMk2kuGLYXISfUG\n"
315 "j0zwYD9QAfwGOWQzgcnKuWN+u3GYs9QKHjYBAcvYLXhrcPtxDTCirmYaRYom1W7a\n"
316 "xJgqWXkCggEBALwWbpDUn6GGR+VX/l8hEnFV8WY6dCOazKXx0URvZPm2BMjkDy8W\n"
317 "X4+ZEW7S4heLsUFT81KAj8MoEYdnO3SZkbuJwvHJBIbmZkweWxdAGa+Z9hwo0I/a\n"
318 "W22I0REV5UU8bS1F7taV93EwWmkEeDCPH2THBgUkT27A4nG+CC3olC8QxxDWVfVy\n"
319 "FjdVOWZnAgUomG71GWPYv4jvBukKE9Xwfk4igfJpPcUFYOazZ3Y7q53RdCgIPKKy\n"
320 "iVO3dnfv9ol+9rfs2PBrKt4lkhKPX1+2qhVl1yMGdrWlf3GHW93TUDTKWlTXyUFm\n"
321 "C2XIZ7+RccSu5YRh/PYBhxx4+ErCS0FXFnECggEAAr/slAO0x10V7kmshltYG08t\n"
322 "fEBcynlHoZxJGCLAxd5uFfIl8GxsywKYsaKcdbewFbH3+0b3BuQYzyuzTo1wtNL6\n"
323 "06qeBC8xoVqcuLaOP1ZVl6nPSK83DGE3YTq1Afk0QclydBm1hpBLQyoI5CjIHKTQ\n"
324 "pyVWfB+F2ppBOYtKvNubyKd6blBK2j1IawGJEG/6wDfFSvWJziT7zTk+mIecxb+I\n"
325 "Qj8I06c1T31kzfJ71Vx1DUWZW/65xmFD4D6vkEFsGfjkcmSMK83PHhrSE1CmZ/rq\n"
326 "uPjo7MY8fylkeVfefQoKhTUkr6Nz/DVaGTbTostgRog+Vx676FQrM4EzjSSqgA==\n"
327 "-----END RSA PRIVATE KEY-----\n",
328 "-----BEGIN PUBLIC KEY-----\n"
329 "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzIft00bxMjLwkweLexg3\n"
330 "+dmcibxEJRf6veU+9uYMLxnZfWS6YX0EGab6Ab17jj5TOO4tIVzTUT6b/RxZ1wui\n"
331 "tagFvGhm3Uy6pMvj64AI1e3IjZ6TAQKw7Fb+YO6r7X9gzY8MnAKA4IfzzTQqJEaB\n"
332 "x8yLSKIcza6SOxcUywNb1Ij+ro7mTus3fLP3ZbhEuA/sd3+wsgaw0uL04kgC72H2\n"
333 "QNv3kBPuYdQQrXhoxCcIVtSIl8pUfI367KQQ3MsXCucjkAvm6xAr/Wig91yue6t8\n"
334 "9paSCZakBt8SGjA6mSpmrp7lPlKE9FYZ8Sxgj3H4fXIcyyD0aOa0RxZBE6t06OE4\n"
335 "m41dD/Lzv0ZQE1mSDwxjrZWpxOzblliTiGDLhdWMF3zxeDhcWY9cTALOedJI3GNA\n"
336 "+wRMf3yd41q6yvTC1rVd/+R6P37JIudLZqwQTEr8wX12cT1fLmGBwAgbgTdzz1Kp\n"
337 "f6AeVzqY2OYgdOHMCQzcTg9PqdS4V3mUq6gnguhf/2iTgCPfVRgEuc3mLESGDNp4\n"
338 "+klR5zlh8+kN5ZjfzEgpZ+eWlDesNBBCZni0ELe1+JHD9V5oaloLEOk5e5JiwRTZ\n"
339 "4rsmBqOwuglHFW52dIZEG9u/20taQMImzIym1nxl1e6GoL+yeNVs6oK90+lX3s7+\n"
340 "8lLQwmLiBLx0Yr/RXKf6gJUCAwEAAQ==\n"
341 "-----END PUBLIC KEY-----");
342 km[DSA].emplace_back(
343 "-----BEGIN DSA PRIVATE KEY-----\n"
344 "MIIBuwIBAAKBgQDIsQRYgnU4mm5VrMyykpNNzeHTQAO8E2hJAcOwNPBrdos8amak\n"
345 "rcJnyBaNh56ZslcuXNEKJuxiDsy4VM9KUR8fHTqTiF5s+4NArzdrdwNQpKWjAqJN\n"
346 "fgpCdaLZHw9o857flcQ4dyYNnAz1/SNGnv03Dm8EYRNRFNaFNw7zBPjyVwIVANyj\n"
347 "7ijLfrCbDZDi6ond5Np1Ns0hAoGBAIcS1ceWtw6DAGmYww27r/1lLtqjrq8j0w0a\n"
348 "F6Ly+pZ/y+WTw9KT18eRKPmVgruVSn3VVVJeN00XaoKvfPSHkTRIE5rro2ZEInhp\n"
349 "3g0Vak7EXJWe7KKBRXqSMNFkndjKv1nyNKeWSEq9Xql6SPn8J8TfmbyUpPSIglZR\n"
350 "vJ2DHwHJAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkBeukXzeZGqNWEjgzLAjMZEVYM\n"
351 "DLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23ToR8fQuiBu+KvtAP/QuCOJ/L\n"
352 "S0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6J2+fygnWcOOSo6sCFC/slPOv\n"
353 "yAKPlW7WQzgV5jLLNUW7\n"
354 "-----END DSA PRIVATE KEY-----\n",
355 "-----BEGIN PUBLIC KEY-----\n"
356 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBAMixBFiCdTiablWszLKSk03N4dNAA7wT\n"
357 "aEkBw7A08Gt2izxqZqStwmfIFo2HnpmyVy5c0Qom7GIOzLhUz0pRHx8dOpOIXmz7\n"
358 "g0CvN2t3A1CkpaMCok1+CkJ1otkfD2jznt+VxDh3Jg2cDPX9I0ae/TcObwRhE1EU\n"
359 "1oU3DvME+PJXAhUA3KPuKMt+sJsNkOLqid3k2nU2zSECgYEAhxLVx5a3DoMAaZjD\n"
360 "Dbuv/WUu2qOuryPTDRoXovL6ln/L5ZPD0pPXx5Eo+ZWCu5VKfdVVUl43TRdqgq98\n"
361 "9IeRNEgTmuujZkQieGneDRVqTsRclZ7sooFFepIw0WSd2Mq/WfI0p5ZISr1eqXpI\n"
362 "+fwnxN+ZvJSk9IiCVlG8nYMfAckDgYQAAoGAPZLRdIhIIJi4UWoyQrCqk1iF3pkB\n"
363 "eukXzeZGqNWEjgzLAjMZEVYMDLLKippahjxLZSWB7LOoS+XE4fonpBBute/tgF23\n"
364 "ToR8fQuiBu+KvtAP/QuCOJ/LS0aYYr1/eXmMByYPZ58Vf93KuUgoUAkWmc+mLBn6\n"
366 "-----END PUBLIC KEY-----\n"
368 km[ECDSA].emplace_back(
369 "-----BEGIN EC PRIVATE KEY-----\n"
370 "MF8CAQEEGF3rz8OuFpcESrlqCm0G96oovr0XbX+DRKAKBggqhkjOPQMBAaE0AzIA\n"
371 "BHiZYByQiRNQ91GWNnTfoBbp9G8DP9oJYc/cDZlk4lKUpmbvm//RWf1U7ag3tOVy\n"
373 "-----END EC PRIVATE KEY-----",
375 "-----BEGIN PUBLIC KEY-----\n"
376 "MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEeJlgHJCJE1D3UZY2dN+gFun0bwM/\n"
377 "2glhz9wNmWTiUpSmZu+b/9FZ/VTtqDe05XKx\n"
378 "-----END PUBLIC KEY-----"
381 CKM::RawBuffer AES_key = createRandomBuffer(256/8);
382 km[AES].emplace_back(AES_key);
387 KeyMap keys = initializeKeys();
388 typedef vector<CertificateShPtr> CertVector;
390 const RawBuffer raw_buffer(const char* buffer)
392 return RawBuffer(buffer, buffer + strlen(buffer));
395 const RawBuffer test_buffer = raw_buffer("test_string");
397 template <typename F, typename... Args>
398 void test_negative(F&& func, int expected, Args... args)
400 MyObserverPtr obs = make_shared<MyObserver>();
403 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
404 obs->WaitFor(expected);
407 template <typename F, typename... Args>
408 void test_invalid_param(F&& func, Args... args)
410 test_negative(move(func), CKM_API_ERROR_INPUT_PARAM, args...);
413 template <typename F, typename... Args>
414 MyObserverPtr test_positive(F&& func, Args... args)
416 MyObserverPtr obs = make_shared<MyObserver>();
419 (mgr.*func)(static_pointer_cast < ManagerAsync::Observer > (obs), args...);
420 obs->WaitForSuccess();
424 template <typename F, typename... Args>
425 void test_check_aliases(F&& func, const AliasVector& expected, Args... args)
427 auto obs = test_positive(move(func), args...);
428 RUNNER_ASSERT_MSG(obs->m_aliases == expected, "Retrieved aliases differ from expected");
431 template <typename F, typename... Args>
432 void test_check_cert_chain(F&& func, size_t expected, Args... args)
434 auto obs = test_positive(move(func), args...);
436 obs->m_certChain.size() == expected,
437 "Expected chain length: " << expected << " got: " << obs->m_certChain.size());
440 typedef void (ManagerAsync::*certChainFn1)(const ManagerAsync::ObserverPtr&,
441 const CertificateShPtr&,
442 const CertificateShPtrVector&,
443 const CertificateShPtrVector&,
446 typedef void (ManagerAsync::*certChainFn2)(const ManagerAsync::ObserverPtr&,
447 const CertificateShPtr&,
452 class UserEnv : public RemoveDataEnv<APP_UID>
455 void init(const std::string & str) {
456 RemoveDataEnv<APP_UID>::init(str);
457 unlock_user_data(APP_UID, TEST_PASS);
460 // lock is performed by remove_user_data() in RemoveDataEnv
461 RemoveDataEnv<APP_UID>::finish();
465 CKM::PKCS12ShPtr loadPkcs()
467 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
468 std::istreambuf_iterator<char> begin(is), end;
469 std::vector<char> buff(begin, end);
471 CKM::RawBuffer buffer(buff.size());
472 memcpy(buffer.data(), buff.data(), buff.size());
474 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
477 "Error in PKCS12::create()");
479 auto cert = pkcs->getCertificate();
482 "Error in PKCS12::getCertificate()");
484 auto key = pkcs->getKey();
487 "Error in PKCS12::getKey()");
489 auto caVector = pkcs->getCaCertificateShPtrVector();
491 2 == caVector.size(),
492 "Wrong size of vector");
497 } // namespace anonymous
499 RUNNER_TEST_GROUP_INIT(CKM_ASYNC_API);
502 RUNNER_TEST(TA0010_save_key_invalid_param, UserEnv)
504 test_no_observer(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
505 test_invalid_param(&ManagerAsync::saveKey, "", keys[RSA][0].prv, Policy());
506 test_invalid_param(&ManagerAsync::saveKey, "alias", KeyShPtr(), Policy());
509 RUNNER_TEST(TA0020_save_key_already_exists, UserEnv)
511 test_positive(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy());
512 test_negative(&ManagerAsync::saveKey,
513 CKM_API_ERROR_DB_ALIAS_EXISTS,
519 RUNNER_TEST(TA0050_save_key_positive, UserEnv)
521 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy());
522 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy());
523 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
528 RUNNER_TEST(TA0110_save_cert_invalid_param, UserEnv)
530 CertificateShPtr cert = Certificate::create(test_buffer, DataFormat::FORM_PEM);
531 test_no_observer(&ManagerAsync::saveCertificate, "", cert, Policy());
532 test_invalid_param(&ManagerAsync::saveCertificate, "", cert, Policy());
533 test_invalid_param(&ManagerAsync::saveCertificate, "alias", CertificateShPtr(), Policy());
536 RUNNER_TEST(TA0120_save_cert_already_exists, UserEnv)
538 test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
539 test_negative(&ManagerAsync::saveCertificate,
540 CKM_API_ERROR_DB_ALIAS_EXISTS,
542 getTestCertificate(OCSP_AVAILABLE_LEAF),
546 RUNNER_TEST(TA0150_save_cert_positive, UserEnv)
548 test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
553 RUNNER_TEST(TA0210_save_data_invalid_param, UserEnv)
555 test_no_observer(&ManagerAsync::saveData, "", test_buffer, Policy());
556 test_invalid_param(&ManagerAsync::saveData, "", test_buffer, Policy());
557 test_invalid_param(&ManagerAsync::saveData, "alias", RawBuffer(), Policy());
560 RUNNER_TEST(TA0220_save_data_already_exists, UserEnv)
562 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy());
563 test_negative(&ManagerAsync::saveData,
564 CKM_API_ERROR_DB_ALIAS_EXISTS,
570 RUNNER_TEST(TA0250_save_data_positive, UserEnv)
572 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy());
577 RUNNER_TEST(TA0310_remove_alias_invalid_param, UserEnv)
579 test_no_observer(&ManagerAsync::removeAlias, "alias");
580 test_invalid_param(&ManagerAsync::removeAlias, "");
583 RUNNER_TEST(TA0330_remove_alias_unknown_alias, UserEnv)
585 test_negative(&ManagerAsync::removeAlias, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias");
588 RUNNER_TEST(TA0350_remove_key_positive, UserEnv)
590 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy());
591 test_positive(&ManagerAsync::removeAlias, "alias_RSA");
592 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy());
593 test_positive(&ManagerAsync::removeAlias, "alias_DSA");
594 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
595 test_positive(&ManagerAsync::removeAlias, "alias_AES");
600 RUNNER_TEST(TA0450_remove_cert_positive, UserEnv)
602 test_positive(&ManagerAsync::saveCertificate, "alias", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
603 test_positive(&ManagerAsync::removeAlias, "alias");
607 RUNNER_TEST(TA0550_remove_data_positive, UserEnv)
609 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy());
610 test_positive(&ManagerAsync::removeAlias, "alias");
615 RUNNER_TEST(TA0610_get_key_invalid_param, UserEnv)
617 test_no_observer(&ManagerAsync::getKey, "alias", "");
618 test_invalid_param(&ManagerAsync::getKey, "", "");
621 RUNNER_TEST(TA0630_get_key_unknown_alias, UserEnv)
623 test_negative(&ManagerAsync::getKey, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
626 RUNNER_TEST(TA0640_get_key_wrong_password, UserEnv)
628 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy("password"));
629 test_negative(&ManagerAsync::getKey,
630 CKM_API_ERROR_AUTHENTICATION_FAILED,
633 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy("password"));
634 test_negative(&ManagerAsync::getKey,
635 CKM_API_ERROR_AUTHENTICATION_FAILED,
638 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy("password"));
639 test_negative(&ManagerAsync::getKey,
640 CKM_API_ERROR_AUTHENTICATION_FAILED,
645 RUNNER_TEST(TA0650_get_key_positive, UserEnv)
647 MyObserverPtr obs = make_shared<MyObserver>();
650 auto saveGetKey = [&](const string& alias, const KeyShPtr& key){
651 static constexpr char PASS[] = "password";
652 mgr.saveKey(obs, alias, key, Policy(PASS));
653 obs->WaitForSuccess();
654 mgr.getKey(obs, alias, PASS);
655 obs->WaitForSuccess();
656 RUNNER_ASSERT_MSG(obs->m_data == key->getDER(), "Received key does not match");
659 saveGetKey("alias_RSA_prv", keys[RSA][0].prv);
660 saveGetKey("alias_RSA_pub", keys[RSA][0].pub);
661 saveGetKey("alias_DSA_prv", keys[DSA][0].prv);
662 saveGetKey("alias_DSA_pub", keys[DSA][0].pub);
663 saveGetKey("alias_ECDSA_prv", keys[ECDSA][0].prv);
664 saveGetKey("alias_ECDSA_pub", keys[ECDSA][0].pub);
665 saveGetKey("alias_AES", keys[AES][0].prv);
670 RUNNER_TEST(TA0710_get_cert_invalid_param, UserEnv)
672 test_no_observer(&ManagerAsync::getCertificate, "alias", "");
673 test_invalid_param(&ManagerAsync::getCertificate, "", "");
676 RUNNER_TEST(TA0730_get_cert_unknown_alias, UserEnv)
678 test_negative(&ManagerAsync::getCertificate,
679 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
680 "non-existing-alias",
684 RUNNER_TEST(TA0740_get_cert_wrong_password, UserEnv)
686 test_positive(&ManagerAsync::saveCertificate,
688 getTestCertificate(OCSP_AVAILABLE_LEAF),
690 test_negative(&ManagerAsync::getCertificate,
691 CKM_API_ERROR_AUTHENTICATION_FAILED,
696 RUNNER_TEST(TA0750_get_cert_positive, UserEnv)
698 MyObserverPtr obs = make_shared<MyObserver>();
701 static constexpr char PASS[] = "password";
702 static constexpr char ALIAS[] = "alias";
704 const auto cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
706 mgr.saveCertificate(obs, ALIAS, cert, Policy(PASS));
707 obs->WaitForSuccess();
708 mgr.getCertificate(obs, ALIAS, PASS);
709 obs->WaitForSuccess();
710 RUNNER_ASSERT_MSG(obs->m_data == cert->getDER(), "Received cert does not match");
715 RUNNER_TEST(TA0810_get_data_invalid_param, UserEnv)
717 test_no_observer(&ManagerAsync::getData, "alias", "");
718 test_invalid_param(&ManagerAsync::getData, "", "");
721 RUNNER_TEST(TA0830_get_data_unknown_alias, UserEnv)
723 test_negative(&ManagerAsync::getData, CKM_API_ERROR_DB_ALIAS_UNKNOWN, "non-existing-alias", "");
726 RUNNER_TEST(TA0840_get_data_wrong_password, UserEnv)
728 test_positive(&ManagerAsync::saveData, "alias", test_buffer, Policy("password"));
729 test_negative(&ManagerAsync::getData,
730 CKM_API_ERROR_AUTHENTICATION_FAILED,
735 RUNNER_TEST(TA0850_get_data_positive, UserEnv)
737 MyObserverPtr obs = make_shared<MyObserver>();
740 static constexpr char PASS[] = "password";
741 static constexpr char ALIAS[] = "alias";
743 mgr.saveData(obs, ALIAS, test_buffer, Policy(PASS));
744 obs->WaitForSuccess();
745 mgr.getData(obs, ALIAS, PASS);
746 obs->WaitForSuccess();
747 RUNNER_ASSERT_MSG(obs->m_data == test_buffer, "Received data does not match");
752 RUNNER_TEST(TA0910_get_key_alias_vector_invalid_param, UserEnv)
754 test_no_observer(&ManagerAsync::getKeyAliasVector);
757 RUNNER_TEST(TA0950_get_key_alias_vector_positive, UserEnv)
759 test_positive(&ManagerAsync::saveKey, "alias_RSA", keys[RSA][0].prv, Policy());
760 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_RSA") });
762 test_positive(&ManagerAsync::saveKey, "alias_DSA", keys[DSA][0].prv, Policy());
763 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_RSA"),
764 aliasWithLabelFromSelf("alias_DSA") });
766 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
767 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_RSA"),
768 aliasWithLabelFromSelf("alias_DSA"),
769 aliasWithLabelFromSelf("alias_AES") });
772 test_positive(&ManagerAsync::removeAlias, "alias_DSA");
773 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_RSA"),
774 aliasWithLabelFromSelf("alias_AES")});
778 // getCertificateAliasVector
779 RUNNER_TEST(TA1010_get_cert_alias_vector_invalid_param, UserEnv)
781 test_no_observer(&ManagerAsync::getCertificateAliasVector);
784 RUNNER_TEST(TA1050_get_cert_alias_vector_positive, UserEnv)
786 test_positive(&ManagerAsync::saveCertificate, "alias1", getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
787 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabelFromSelf("alias1") });
789 test_positive(&ManagerAsync::saveCertificate, "alias2", getTestCertificate(OCSP_AVAILABLE_IM), Policy());
790 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabelFromSelf("alias1"),
791 aliasWithLabelFromSelf("alias2") });
793 test_positive(&ManagerAsync::removeAlias, "alias1");
794 test_check_aliases(&ManagerAsync::getCertificateAliasVector, { aliasWithLabelFromSelf("alias2") });
798 // getDataAliasVector
799 RUNNER_TEST(TA1110_get_data_alias_vector_invalid_param, UserEnv)
801 test_no_observer(&ManagerAsync::getDataAliasVector);
804 RUNNER_TEST(TA1150_get_data_alias_vector_positive, UserEnv)
806 test_positive(&ManagerAsync::saveData, "alias1", test_buffer, Policy());
807 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabelFromSelf("alias1") });
809 test_positive(&ManagerAsync::saveData, "alias2", test_buffer, Policy());
810 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabelFromSelf("alias1"),
811 aliasWithLabelFromSelf("alias2") });
813 test_positive(&ManagerAsync::removeAlias, "alias1");
814 test_check_aliases(&ManagerAsync::getDataAliasVector, { aliasWithLabelFromSelf("alias2") });
819 RUNNER_TEST(TA1210_create_key_pair_RSA_invalid_param, UserEnv)
821 test_no_observer(&ManagerAsync::createKeyPairRSA,
829 RUNNER_TEST(TA1220_create_key_pair_RSA_already_exists, UserEnv)
831 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy());
832 test_negative(&ManagerAsync::createKeyPairRSA,
833 CKM_API_ERROR_DB_ALIAS_EXISTS,
841 RUNNER_TEST(TA1250_create_key_pair_RSA_positive, UserEnv)
843 test_positive(&ManagerAsync::createKeyPairRSA,
850 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_prv"),
851 aliasWithLabelFromSelf("alias_pub") });
855 RUNNER_TEST(TA1270_create_key_pair_DSA_invalid_param, UserEnv)
857 test_no_observer(&ManagerAsync::createKeyPairDSA,
865 RUNNER_TEST(TA1280_create_key_pair_DSA_already_exists, UserEnv)
867 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[DSA][0].prv, Policy());
868 test_negative(&ManagerAsync::createKeyPairDSA,
869 CKM_API_ERROR_DB_ALIAS_EXISTS,
877 RUNNER_TEST(TA1290_create_key_pair_DSA_positive, UserEnv)
879 test_positive(&ManagerAsync::createKeyPairDSA,
886 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_prv"),
887 aliasWithLabelFromSelf("alias_pub") });
890 // createKeyPairECDSA
891 RUNNER_TEST(TA1310_create_key_pair_ECDSA_invalid_param, UserEnv)
893 test_no_observer(&ManagerAsync::createKeyPairECDSA,
894 ElipticCurve::prime192v1,
901 RUNNER_TEST(TA1320_create_key_pair_ECDSA_already_exists, UserEnv)
903 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[ECDSA][0].prv, Policy());
904 test_negative(&ManagerAsync::createKeyPairECDSA,
905 CKM_API_ERROR_DB_ALIAS_EXISTS,
906 ElipticCurve::prime192v1,
913 RUNNER_TEST(TA1350_create_key_pair_ECDSA_positive, UserEnv)
915 test_positive(&ManagerAsync::createKeyPairECDSA,
916 ElipticCurve::prime192v1,
922 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_prv"),
923 aliasWithLabelFromSelf("alias_pub") });
927 RUNNER_TEST(TA1360_create_key_AES_invalid_param, UserEnv)
929 test_invalid_param(&ManagerAsync::createKeyAES,
935 RUNNER_TEST(TA1370_create_key_AES_already_exists, UserEnv)
937 test_positive(&ManagerAsync::saveKey, "alias_AES", keys[AES][0].prv, Policy());
938 test_negative(&ManagerAsync::createKeyAES,
939 CKM_API_ERROR_DB_ALIAS_EXISTS,
945 RUNNER_TEST(TA1380_create_key_AES_positive, UserEnv)
947 test_positive(&ManagerAsync::createKeyAES,
952 test_check_aliases(&ManagerAsync::getKeyAliasVector, { aliasWithLabelFromSelf("alias_AES")});
955 // getCertificateChain
956 RUNNER_TEST(TA1410_get_certificate_chain_invalid_param, UserEnv)
958 CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
959 CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) };
960 test_no_observer<certChainFn1>(&ManagerAsync::getCertificateChain,
965 test_invalid_param<certChainFn1>(&ManagerAsync::getCertificateChain,
971 Alias alias = "alias";
972 AliasVector aliasv = { alias };
973 test_no_observer<certChainFn2>(&ManagerAsync::getCertificateChain,
978 test_invalid_param<certChainFn2>(&ManagerAsync::getCertificateChain,
985 RUNNER_TEST(TA1420_get_certificate_chain_negative, UserEnv)
987 CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
988 CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_LEAF) };
989 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
990 CKM_API_ERROR_VERIFICATION_FAILED,
995 test_negative<certChainFn1>(&ManagerAsync::getCertificateChain,
996 CKM_API_ERROR_VERIFICATION_FAILED,
1001 AliasVector aliasv = { "alias" };
1002 test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(OCSP_AVAILABLE_LEAF), Policy());
1003 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
1004 CKM_API_ERROR_VERIFICATION_FAILED,
1009 test_negative<certChainFn2>(&ManagerAsync::getCertificateChain,
1010 CKM_API_ERROR_VERIFICATION_FAILED,
1017 RUNNER_TEST(TA1450_get_certificate_chain_positive, UserEnv)
1019 CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
1020 CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) };
1021 test_check_cert_chain<certChainFn1>(&ManagerAsync::getCertificateChain,
1028 AliasVector aliasv = { "alias" };
1029 test_positive(&ManagerAsync::saveCertificate, aliasv[0], getTestCertificate(OCSP_AVAILABLE_IM), Policy());
1030 test_check_cert_chain<certChainFn2>(&ManagerAsync::getCertificateChain,
1040 RUNNER_TEST(TA1510_create_signature_invalid_param, UserEnv)
1042 test_no_observer(&ManagerAsync::createSignature,
1046 HashAlgorithm::SHA1,
1047 RSAPaddingAlgorithm::PKCS1);
1048 test_invalid_param(&ManagerAsync::createSignature,
1052 HashAlgorithm::SHA1,
1053 RSAPaddingAlgorithm::PKCS1);
1054 test_invalid_param(&ManagerAsync::createSignature,
1058 HashAlgorithm::SHA1,
1059 RSAPaddingAlgorithm::PKCS1);
1062 RUNNER_TEST(TA1520_create_signature_invalid_password, UserEnv)
1064 test_positive(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy("password"));
1065 test_negative(&ManagerAsync::createSignature,
1066 CKM_API_ERROR_INPUT_PARAM,
1070 HashAlgorithm::SHA1,
1071 RSAPaddingAlgorithm::PKCS1);
1074 RUNNER_TEST(TA1550_create_signature_positive, UserEnv)
1076 test_positive(&ManagerAsync::saveKey, "alias", keys[RSA][0].prv, Policy("password"));
1077 test_positive(&ManagerAsync::createSignature,
1081 HashAlgorithm::SHA1,
1082 RSAPaddingAlgorithm::PKCS1);
1087 RUNNER_TEST(TA1610_verify_signature_invalid_param, UserEnv)
1089 test_no_observer(&ManagerAsync::verifySignature,
1094 HashAlgorithm::SHA1,
1095 RSAPaddingAlgorithm::PKCS1);
1096 test_invalid_param(&ManagerAsync::verifySignature,
1101 HashAlgorithm::SHA1,
1102 RSAPaddingAlgorithm::PKCS1);
1105 RUNNER_TEST(TA1620_verify_signature_invalid_password, UserEnv)
1107 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy("pass1"));
1108 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy("pass2"));
1109 auto obs = test_positive(&ManagerAsync::createSignature,
1113 HashAlgorithm::SHA1,
1114 RSAPaddingAlgorithm::PKCS1);
1116 test_negative(&ManagerAsync::verifySignature,
1117 CKM_API_ERROR_AUTHENTICATION_FAILED,
1122 HashAlgorithm::SHA1,
1123 RSAPaddingAlgorithm::PKCS1);
1126 RUNNER_TEST(TA1630_verify_signature_invalid_message, UserEnv)
1128 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy(""));
1129 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy(""));
1131 auto obs = test_positive(&ManagerAsync::createSignature,
1135 HashAlgorithm::SHA1,
1136 RSAPaddingAlgorithm::PKCS1);
1138 test_negative(&ManagerAsync::verifySignature,
1139 CKM_API_ERROR_VERIFICATION_FAILED,
1142 raw_buffer("invalid-unsigned-mesage"),
1144 HashAlgorithm::SHA1,
1145 RSAPaddingAlgorithm::PKCS1);
1148 RUNNER_TEST(TA1640_verify_signature_invalid_signature, UserEnv)
1150 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy(""));
1152 test_negative(&ManagerAsync::verifySignature,
1153 CKM_API_ERROR_VERIFICATION_FAILED,
1157 raw_buffer("invalid-signature"),
1158 HashAlgorithm::SHA1,
1159 RSAPaddingAlgorithm::PKCS1);
1162 RUNNER_TEST(TA1650_verify_signature_wrong_key, UserEnv)
1164 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy(""));
1165 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy(""));
1166 test_positive(&ManagerAsync::saveKey, "alias_pub2", keys[RSA][1].pub, Policy(""));
1167 test_positive(&ManagerAsync::saveKey, "alias_pub3", keys[DSA][0].prv, Policy(""));
1168 auto obs = test_positive(&ManagerAsync::createSignature,
1172 HashAlgorithm::SHA1,
1173 RSAPaddingAlgorithm::PKCS1);
1175 test_positive(&ManagerAsync::verifySignature,
1180 HashAlgorithm::SHA1,
1181 RSAPaddingAlgorithm::PKCS1);
1183 test_positive(&ManagerAsync::verifySignature,
1188 HashAlgorithm::SHA1,
1189 RSAPaddingAlgorithm::PKCS1);
1191 test_negative(&ManagerAsync::verifySignature,
1192 CKM_API_ERROR_VERIFICATION_FAILED,
1197 HashAlgorithm::SHA1,
1198 RSAPaddingAlgorithm::PKCS1);
1200 test_negative(&ManagerAsync::verifySignature,
1201 CKM_API_ERROR_VERIFICATION_FAILED,
1206 HashAlgorithm::SHA1,
1207 RSAPaddingAlgorithm::PKCS1);
1210 RUNNER_TEST(TA1660_verify_signature_positive, UserEnv)
1212 test_positive(&ManagerAsync::saveKey, "alias_prv", keys[RSA][0].prv, Policy("pass1"));
1213 test_positive(&ManagerAsync::saveKey, "alias_pub", keys[RSA][0].pub, Policy("pass2"));
1214 auto obs = test_positive(&ManagerAsync::createSignature,
1218 HashAlgorithm::SHA1,
1219 RSAPaddingAlgorithm::PKCS1);
1221 test_positive(&ManagerAsync::verifySignature,
1226 HashAlgorithm::SHA1,
1227 RSAPaddingAlgorithm::PKCS1);
1232 RUNNER_TEST(TA1710_ocsp_check_invalid_param, UserEnv)
1234 test_no_observer(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1235 test_invalid_param(&ManagerAsync::ocspCheck, EMPTY_CERT_VECTOR);
1236 test_invalid_param(&ManagerAsync::ocspCheck, NULL_PTR_VECTOR);
1239 RUNNER_TEST(TA1720_ocsp_check_negative, UserEnv)
1241 CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_LEAF), getTestCertificate(OCSP_AVAILABLE_LEAF) };
1243 auto obs = test_positive(&ManagerAsync::ocspCheck, certv);
1244 RUNNER_ASSERT_MSG(obs->m_ocspStatus != CKM_API_OCSP_STATUS_GOOD,
1245 "Verification should fail. Got: " << obs->m_ocspStatus);
1248 RUNNER_TEST(TA1750_ocsp_check_positive, UserEnv)
1250 CertificateShPtr cert = getTestCertificate(OCSP_AVAILABLE_LEAF);
1251 CertificateShPtrVector certv = { getTestCertificate(OCSP_AVAILABLE_IM) };
1252 auto obs = test_positive<certChainFn1>(&ManagerAsync::getCertificateChain,
1258 auto obs2 = test_positive(&ManagerAsync::ocspCheck, obs->m_certChain);
1259 RUNNER_ASSERT_MSG(obs2->m_ocspStatus == CKM_API_OCSP_STATUS_GOOD,
1260 "Verification failed. Error: " << obs->m_ocspStatus);
1264 RUNNER_TEST(TA1810_allow_access_invalid_param, UserEnv)
1266 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1267 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::READ | CKM::Permission::REMOVE);
1268 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::READ | CKM::Permission::REMOVE);
1271 RUNNER_TEST(TA1820_allow_access, UserEnv)
1273 ScopedDBUnlock dbu(APP_UID, TEST_PASS);
1275 // prepare: add data
1276 const char *alias1 = "alias-1";
1277 const char *alias2 = "alias-2";
1278 const char *alias3 = "alias-3";
1280 save_data(alias1, TEST_DATA);
1281 save_data(alias2, TEST_DATA);
1282 save_data(alias3, TEST_DATA);
1284 test_positive(&ManagerAsync::setPermission,
1287 CKM::Permission::READ);
1288 test_positive(&ManagerAsync::setPermission,
1291 CKM::Permission::READ | CKM::Permission::REMOVE);
1295 RUNNER_TEST(TA1910_deny_access_invalid_param, UserEnv)
1297 test_no_observer(&ManagerAsync::setPermission, "alias", "accessor", CKM::Permission::NONE);
1298 test_invalid_param(&ManagerAsync::setPermission, "", "accessor", CKM::Permission::NONE);
1299 test_invalid_param(&ManagerAsync::setPermission, "alias", "", CKM::Permission::NONE);
1302 RUNNER_TEST(TA1920_deny_access, UserEnv)
1304 ScopedDBUnlock dbu(APP_UID, TEST_PASS);
1306 // prepare: add data
1307 const char *alias1 = "alias-1";
1309 save_data(alias1, TEST_DATA);
1311 test_positive(&ManagerAsync::setPermission,
1314 CKM::Permission::READ | CKM::Permission::REMOVE);
1315 test_positive(&ManagerAsync::setPermission,
1318 CKM::Permission::NONE);
1321 RUNNER_TEST(TA2000_PKCS_add_bundle_with_chain_certs, UserEnv)
1323 auto pkcs = loadPkcs();
1326 CKM::Policy exportable;
1327 CKM::Policy notExportable(CKM::Password(), false);
1329 test_positive(&ManagerAsync::savePKCS12,
1330 alias_PKCS_exportable,
1334 test_negative(&ManagerAsync::savePKCS12,
1335 CKM_API_ERROR_DB_ALIAS_EXISTS,
1336 alias_PKCS_exportable,
1341 test_positive(&ManagerAsync::savePKCS12,
1342 alias_PKCS_not_exportable,
1346 test_negative(&ManagerAsync::savePKCS12,
1347 CKM_API_ERROR_DB_ALIAS_EXISTS,
1348 alias_PKCS_not_exportable,
1354 RUNNER_TEST(TA2010_PKCS_get, UserEnv)
1356 auto pkcs = loadPkcs();
1359 CKM::Policy exportable;
1360 CKM::Policy notExportable(CKM::Password(), false);
1362 test_positive(&ManagerAsync::savePKCS12,
1363 alias_PKCS_exportable,
1367 test_positive(&ManagerAsync::savePKCS12,
1368 alias_PKCS_not_exportable,
1374 test_negative(&ManagerAsync::getPKCS12,
1375 CKM_API_ERROR_DB_ALIAS_UNKNOWN,
1381 // fail - not exportable
1382 test_negative(&ManagerAsync::getPKCS12,
1383 CKM_API_ERROR_NOT_EXPORTABLE,
1384 alias_PKCS_not_exportable,
1388 // success - exportable
1389 auto obs = test_positive(&ManagerAsync::getPKCS12,
1390 alias_PKCS_exportable,
1394 auto cert = obs->m_pkcs->getCertificate();
1397 "Error in PKCS12::getCertificate()");
1399 auto key = obs->m_pkcs->getKey();
1402 "Error in PKCS12::getKey()");
1404 auto caVector = obs->m_pkcs->getCaCertificateShPtrVector();
1406 2 == caVector.size(),
1407 "Wrong size of vector");