projects / platform / core / test / security-tests.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
CKM: Saving unexportable data is now allowed
[platform/core/test/security-tests.git] / src / ckm / unprivileged / capi-testcases.cpp
1 #include <dpl/test/test_runner.h>
2
3 #include <tests_common.h>
4 #include <test-certs.h>
5 #include <ckm-common.h>
6
7 #include <ckm/ckm-manager.h>
8 #include <ckm/ckm-control.h>
9 #include <ckm/ckm-type.h>
10
11 #include <ckmc/ckmc-manager.h>
12 #include <ckmc/ckmc-control.h>
13 #include <ckmc/ckmc-type.h>
14 #include <ckmc/ckmc-error.h>
15
16 #include <ckm-common.h>
17
18 #include <string>
19 #include <fstream>
20 #include <string.h>
21 #include <stdio.h>
22 #include <stddef.h>
23 #include <stdlib.h>
24
25 namespace {
26 const int USER_APP = 5001;
27 const char* USER_PASS = "user-pass";
28 const char *const TEST_OBJECT1 = "OBJECT1";
29 } // namespace anonymous
30
31
32 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
33
34 RUNNER_TEST(T3010_Control_C_API_service_unlock_DB)
35 {
36         int temp;
37
38         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(0)),
39                         CKMCReadableError(temp));
40         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
41                         CKMCReadableError(temp));
42         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(0, "test-pass")),
43                         CKMCReadableError(temp));
44
45         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_lock_user_key(4999)),
46                         CKMCReadableError(temp));
47         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(4999)),
48                         CKMCReadableError(temp));
49         RUNNER_ASSERT_MSG( CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_unlock_user_key(4999, "test-pass")),
50                         CKMCReadableError(temp));
51
52         remove_user_data(5000);
53         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(5000)),
54                         CKMCReadableError(temp));
55         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(5000)),
56                         CKMCReadableError(temp));
57         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(5000, "test-pass")),
58                         CKMCReadableError(temp));
59 }
60
61 RUNNER_TEST(T3011_Control_C_API)
62 {
63         int temp;
64
65         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
66                         CKMCReadableError(temp));
67
68         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
69                         CKMCReadableError(temp));
70 }
71
72 RUNNER_TEST(T3012_Control_C_API)
73 {
74         int temp;
75
76         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
77                         CKMCReadableError(temp));
78         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
79                         CKMCReadableError(temp));
80 }
81
82 RUNNER_TEST(T3013_Control_C_API)
83 {
84         int temp;
85
86         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
87                         CKMCReadableError(temp));
88 }
89
90 RUNNER_TEST(T3014_Control_C_API)
91 {
92         int temp;
93         const uid_t UNIQUE_USER = 6500;
94
95         // clean up environment
96         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
97                         CKMCReadableError(temp));
98         // unlock with empty password
99         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
100                         CKMCReadableError(temp));
101         // reset password (NULL, "simple-password")
102         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
103                         CKMCReadableError(temp));
104         // get rid of NULL DKEK
105         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
106                         CKMCReadableError(temp));
107         // lock db
108         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
109                         CKMCReadableError(temp));
110         // try to reset password when db locked
111         RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
112                         CKMCReadableError(temp));
113         // clean up environment
114         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
115                         CKMCReadableError(temp));
116 }
117
118 RUNNER_TEST(T3015_Control_C_API)
119 {
120         int temp;
121
122         RUNNER_ASSERT_MSG(
123                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
124                         CKMCReadableError(temp));
125         RUNNER_ASSERT_MSG(
126                         CKMC_ERROR_NONE == (temp = ckmc_change_user_password(USER_APP, "simple-password", "new-pass")),
127                         CKMCReadableError(temp));
128         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
129                         CKMCReadableError(temp));
130         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
131                         CKMCReadableError(temp));
132 }
133
134 RUNNER_TEST(T3016_Control_C_API)
135 {
136         int temp;
137
138         RUNNER_ASSERT_MSG(
139                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
140                         CKMCReadableError(temp));
141         RUNNER_ASSERT_MSG(
142                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
143                         CKMCReadableError(temp));
144 }
145
146
147 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
148
149 RUNNER_TEST(T30201_init_C_API)
150 {
151         int temp;
152
153         remove_user_data(USER_APP);
154         RUNNER_ASSERT_MSG(
155                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
156                         CKMCReadableError(temp));
157 }
158
159 RUNNER_TEST(T30202_RSA_key_C_API)
160 {
161         int temp;
162
163         ckmc_key_s test_key, *test_key2;
164         ckmc_policy_s test_policy;
165
166         char* password = NULL;
167         CKM::Alias alias = "mykey";
168
169         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
170                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
171                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
172                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
173                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
174                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
175                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
176                 "zQIDAQAB\n"
177                 "-----END PUBLIC KEY-----";
178
179         char* char_keypem = new char[keyPem.length() + 1];
180
181         std::strcpy(char_keypem, keyPem.c_str());
182         test_key.raw_key =  (unsigned char *)char_keypem;
183         test_key.key_size = keyPem.length();
184         test_key.key_type = CKMC_KEY_RSA_PUBLIC;
185         test_key.password = password;
186
187         test_policy.password = password;
188         test_policy.extractable = 1;
189
190         test_key2 = &test_key;
191
192         RUNNER_ASSERT_MSG(
193                         CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), test_key, test_policy)),
194                         CKMCReadableError(temp));
195
196         RUNNER_ASSERT_MSG(
197                         CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
198                         CKMCReadableError(temp));
199 }
200
201 RUNNER_TEST(T30203_AES_key_C_API)
202 {
203         int temp;
204         CKM::Alias alias = "my_AES_key";
205         size_t key_length = 192;
206
207         ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
208         ckmc_key_s *test_key2;
209         ckmc_policy_s test_policy;
210         test_policy.password = NULL;
211         test_policy.extractable = 1;
212
213         RUNNER_ASSERT_MSG(
214                         CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
215                         CKMCReadableError(temp));
216
217         RUNNER_ASSERT_MSG(
218                         CKMC_ERROR_NONE == (temp = ckmc_get_key(alias.c_str(), NULL, &test_key2)),
219                         CKMCReadableError(temp));
220
221         compare_AES_keys(test_key, test_key2);
222         ckmc_key_free(test_key);
223         ckmc_key_free(test_key2);
224 }
225
226 RUNNER_TEST(T30204_certificate_C_API)
227 {
228         int temp;
229
230         std::string certPem = TestData::getTestCertificateBase64(TestData::TEST_LEAF);
231
232         char* password = NULL;
233         ckmc_cert_s *cert2;
234         ckmc_cert_s cert;
235
236         CKM::Alias alias = "test-cert-1-RSA";
237
238         ckmc_policy_s test_policy;
239         test_policy.password = password;
240         test_policy.extractable = 1;
241
242         char* char_certPem = new char[certPem.length() + 1];
243         std::strcpy(char_certPem, certPem.c_str());
244         cert.raw_cert =  (unsigned char *)char_certPem;
245         cert.cert_size = certPem.length();
246         cert.data_format = CKMC_FORM_PEM;
247
248         RUNNER_ASSERT_MSG(
249                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias.c_str(), cert, test_policy)),
250                         CKMCReadableError(temp));
251
252         RUNNER_ASSERT_MSG(
253                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
254                         CKMCReadableError(temp));
255
256         ckmc_cert_free(cert2);
257 }
258
259 RUNNER_TEST(T30205_certificate_remove_C_API)
260 {
261         int temp;
262
263         char* password = NULL;
264         ckmc_cert_s *cert2;
265         CKM::Alias alias = "test-cert-1-RSA";
266
267         RUNNER_ASSERT_MSG(
268                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
269                         CKMCReadableError(temp));
270         ckmc_cert_free(cert2);
271
272         RUNNER_ASSERT_MSG(
273                         CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias.c_str())),
274                         CKMCReadableError(temp));
275
276         RUNNER_ASSERT_MSG(
277                         CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias.c_str(), password, &cert2)),
278                         CKMCReadableError(temp));
279 }
280
281 RUNNER_TEST(T30206_certificate_list_C_API)
282 {
283         int temp;
284
285         std::string certPem = TestData::getTestCertificateBase64(TestData::TEST_LEAF);
286
287         char* password = NULL;
288         ckmc_cert_s cert;
289
290         ckmc_policy_s test_policy;
291         test_policy.password = password;
292         test_policy.extractable = 1;
293
294         char* char_certPem = new char[certPem.length() + 1];
295         std::strcpy(char_certPem, certPem.c_str());
296         cert.raw_cert =  (unsigned char *)char_certPem;
297         cert.cert_size = certPem.length();
298         cert.data_format = CKMC_FORM_PEM;
299
300         size_t current_aliases_num = count_aliases(ALIAS_CERT);
301
302         RUNNER_ASSERT_MSG(
303                         CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
304                         CKMCReadableError(temp));
305
306         RUNNER_ASSERT_MSG(
307                         CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
308                         CKMCReadableError(temp));
309
310         RUNNER_ASSERT_MSG(
311                         CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
312                         CKMCReadableError(temp));
313
314         size_t actual_cnt = count_aliases(ALIAS_CERT);
315         RUNNER_ASSERT_MSG(
316                         (current_aliases_num+3) == actual_cnt,
317                         "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
318 }
319
320 RUNNER_TEST(T30207_save_AES_key_passwd_C_API)
321 {
322         int temp;
323         const char* password = "x";
324         size_t key_length = 192;
325         CKM::Alias alias = "my_AES_key-2";
326
327         ckmc_key_s *test_key = generate_AES_key(key_length, password);
328         ckmc_policy_s test_policy;
329         test_policy.password = const_cast<char *>(password);
330         test_policy.extractable = 1;
331
332         RUNNER_ASSERT_MSG(
333                 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
334                 CKMCReadableError(temp));
335         ckmc_key_free(test_key);
336 }
337
338 RUNNER_TEST(T30208_save_RSA_keys_exportable_flag)
339 {
340         int temp;
341         auto manager = CKM::Manager::create();
342
343         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
344                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
345                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
346                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
347                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
348                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
349                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
350                 "zQIDAQAB\n"
351                 "-----END PUBLIC KEY-----";
352
353         ckmc_policy_s test_policy;
354         ckmc_key_s test_key, *test_key2;
355         char* char_keypem = new char[keyPem.length() + 1];
356         char* password = NULL;
357
358         std::strcpy(char_keypem, keyPem.c_str());
359         test_key.raw_key = (unsigned char *)char_keypem;
360         test_key.key_size = keyPem.length();
361         test_key.key_type = CKMC_KEY_RSA_PUBLIC;
362         test_key.password = NULL;
363
364         test_policy.password = password;
365         test_policy.extractable = 0;
366
367         RUNNER_ASSERT_MSG(
368                         CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
369                         CKMCReadableError(temp));
370
371         RUNNER_ASSERT_MSG(
372                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
373                         CKMCReadableError(temp));
374 }
375
376 RUNNER_TEST(T30209_save_AES_keys_exportable_flag)
377 {
378         int temp;
379         const char* password = NULL;
380         size_t key_length = 256;
381         CKM::Alias alias = "my_AES_key-3";
382
383         ckmc_key_s *test_key = generate_AES_key(key_length, password);
384         ckmc_key_s *test_key2;
385         ckmc_policy_s test_policy;
386         test_policy.password = const_cast<char *>(password);
387         test_policy.extractable = 0;
388
389         RUNNER_ASSERT_MSG(
390                         CKMC_ERROR_NONE == (temp = ckmc_save_key(alias.c_str(), *test_key, test_policy)),
391                         CKMCReadableError(temp));
392         ckmc_key_free(test_key);
393
394         RUNNER_ASSERT_MSG(
395                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias.c_str(), password, &test_key2)),
396                         CKMCReadableError(temp));
397 }
398
399 RUNNER_TEST(T30211_deinit_C_API)
400 {
401         int temp;
402
403         RUNNER_ASSERT_MSG(
404                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
405                         CKMCReadableError(temp));
406         RUNNER_ASSERT_MSG(
407                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
408                         CKMCReadableError(temp));
409 }
410
411
412 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
413
414 RUNNER_TEST(T3031_init_C_API)
415 {
416         int temp;
417
418         remove_user_data(USER_APP);
419         RUNNER_ASSERT_MSG(
420                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
421                         CKMCReadableError(temp));
422 }
423
424 RUNNER_TEST(T3032_save_asymmetric_keys_get_alias_C_API)
425 {
426         int temp;
427
428         char* password = NULL;
429         ckmc_policy_s test_policy1, test_policy2, test_policy3;
430         ckmc_key_s test_key;
431
432         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
433                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
434                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
435                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
436                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
437                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
438                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
439                 "zQIDAQAB\n"
440                 "-----END PUBLIC KEY-----";
441
442         char* char_keypem = new char[keyPem.length() + 1];
443
444         std::strcpy(char_keypem, keyPem.c_str());
445         test_key.raw_key = (unsigned char *)char_keypem;
446         test_key.key_size = keyPem.length();
447         test_key.key_type = CKMC_KEY_RSA_PUBLIC;
448         test_key.password = password;
449
450         test_policy1.password = password;
451         test_policy1.extractable = 1;
452
453         test_policy2.password = password;
454         test_policy2.extractable = 0;
455
456         test_policy3.password = password;
457         test_policy3.extractable = 0;
458
459         size_t current_aliases_num = count_aliases(ALIAS_KEY);
460
461         RUNNER_ASSERT_MSG(
462                         CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
463                         CKMCReadableError(temp));
464
465         RUNNER_ASSERT_MSG(
466                         CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
467                         CKMCReadableError(temp));
468
469         RUNNER_ASSERT_MSG(
470                         CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
471                         CKMCReadableError(temp));
472
473         size_t actual_cnt = count_aliases(ALIAS_KEY);
474         RUNNER_ASSERT_MSG(
475                         (current_aliases_num+3) == actual_cnt,
476                         "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
477 }
478
479
480 RUNNER_TEST(T3033_remove_asymmetric_key_C_API)
481 {
482         int temp;
483
484         char* password = NULL;
485
486         ckmc_key_s *test_key2;
487         RUNNER_ASSERT_MSG(
488                         CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
489                         CKMCReadableError(temp));
490
491         RUNNER_ASSERT_MSG(
492                         CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
493                         CKMCReadableError(temp));
494
495         RUNNER_ASSERT_MSG(
496                         CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
497                         CKMCReadableError(temp));
498 }
499
500 RUNNER_TEST(T3034_save_symmetric_keys_get_alias_C_API)
501 {
502         int temp;
503         size_t key_length = 128;
504         ckmc_key_s *test_key = generate_AES_key(key_length, NULL);
505         ckmc_policy_s test_policy1, test_policy2, test_policy3;
506         test_policy1.password = NULL;
507         test_policy1.extractable = 1;
508
509         test_policy2.password = NULL;
510         test_policy2.extractable = 1;
511
512         test_policy3.password = NULL;
513         test_policy3.extractable = 1;
514
515         int current_aliases_num = count_aliases(ALIAS_KEY);
516
517         RUNNER_ASSERT_MSG(
518                         CKMC_ERROR_NONE == (temp = ckmc_save_key("AES_key1", *test_key, test_policy1)),
519                         CKMCReadableError(temp));
520
521         RUNNER_ASSERT_MSG(
522                         CKMC_ERROR_NONE == (temp = ckmc_save_key("AES_key2", *test_key, test_policy2)),
523                         CKMCReadableError(temp));
524
525         RUNNER_ASSERT_MSG(
526                         CKMC_ERROR_NONE == (temp = ckmc_save_key("AES_key3", *test_key, test_policy3)),
527                         CKMCReadableError(temp));
528
529         RUNNER_ASSERT_MSG(
530                         (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
531                         "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
532
533         ckmc_key_free(test_key);
534 }
535
536
537 RUNNER_TEST(T3035_remove_symmetric_key_C_API)
538 {
539         int temp;
540
541         ckmc_key_s *test_key2;
542         RUNNER_ASSERT_MSG(
543                         CKMC_ERROR_NONE == (temp = ckmc_get_key("AES_key1", NULL, &test_key2)),
544                         CKMCReadableError(temp));
545         validate_AES_key(test_key2);
546         ckmc_key_free(test_key2);
547
548         // actual test - remove middle item
549         RUNNER_ASSERT_MSG(
550                         CKMC_ERROR_NONE == (temp = ckmc_remove_key("AES_key2")),
551                         CKMCReadableError(temp));
552
553         RUNNER_ASSERT_MSG(
554                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key("AES_key2", NULL, &test_key2)),
555                         CKMCReadableError(temp));
556
557         RUNNER_ASSERT_MSG(
558                         CKMC_ERROR_NONE == (temp = ckmc_get_key("AES_key3", NULL, &test_key2)),
559                         CKMCReadableError(temp));
560         validate_AES_key(test_key2);
561         ckmc_key_free(test_key2);
562
563 }
564
565 RUNNER_TEST(T3036_alias_new_C_API)
566 {
567         char *full_alias = NULL;
568         std::string owner_id = "iocma412ovyc";
569         std::string alias = "fvyuweq27c";
570
571         std::string full_alias_str = owner_id + ckmc_owner_id_separator + alias;
572
573         int temp = ckmc_alias_new(owner_id.c_str(), alias.c_str(), &full_alias);
574         std::unique_ptr<char, void(*)(void *)> p(full_alias, ::free);
575         RUNNER_ASSERT_MSG(temp == CKMC_ERROR_NONE, CKMCReadableError(temp));
576         RUNNER_ASSERT_MSG(full_alias_str == full_alias,
577                         "Invalid full alias. expected(" << full_alias_str <<
578                         ") actual(" << full_alias << ")");
579 }
580
581 RUNNER_TEST(T3037_deinit_C_API)
582 {
583         int temp;
584
585         RUNNER_ASSERT_MSG(
586                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
587                         CKMCReadableError(temp));
588         RUNNER_ASSERT_MSG(
589                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
590                         CKMCReadableError(temp));
591 }
592
593 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
594
595 RUNNER_TEST(T3041_init_C_API)
596 {
597         reset_user_data(USER_APP, "simple-password");
598 }
599
600 RUNNER_TEST(T3042_save_get_bin_data_C_API)
601 {
602         int temp;
603
604         ckmc_raw_buffer_s testData1, testData2, testData3;
605         char* password = NULL;
606
607         std::string binData1 = "My bin data1";
608         std::string binData2 = "My bin data2";
609         std::string binData3 = "My bin data3";
610         char* char_binData1 = new char[binData1.length() + 1];
611         char* char_binData2 = new char[binData2.length() + 1];
612         char* char_binData3 = new char[binData3.length() + 1];
613         std::strcpy(char_binData1, binData1.c_str());
614         std::strcpy(char_binData2, binData2.c_str());
615         std::strcpy(char_binData3, binData3.c_str());
616         testData1.data = (unsigned char *) char_binData1;
617         testData2.data = (unsigned char *) char_binData2;
618         testData3.data = (unsigned char *) char_binData3;
619         testData1.size = binData1.length()+1;
620         testData2.size = binData2.length()+1;
621         testData3.size = binData3.length()+1;
622
623         ckmc_policy_s test_policy1, test_policy2, test_policy3;
624
625         test_policy1.password = password;
626         test_policy1.extractable = 1;
627         test_policy2.password = password;
628         test_policy2.extractable = 1;
629         test_policy3.password = password;
630         test_policy3.extractable = 0;
631
632         size_t current_aliases_num = count_aliases(ALIAS_DATA);
633
634         RUNNER_ASSERT_MSG(
635                         CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
636                         CKMCReadableError(temp));
637
638         RUNNER_ASSERT_MSG(
639                         CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
640                         CKMCReadableError(temp));
641
642         RUNNER_ASSERT_MSG(
643                         CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
644                         CKMCReadableError(temp));
645
646         RUNNER_ASSERT_MSG(
647                         CKMC_ERROR_NONE == (temp = ckmc_save_data("data4", testData3, test_policy3)),
648                         CKMCReadableError(temp));
649
650         size_t actual_cnt = count_aliases(ALIAS_DATA);
651         RUNNER_ASSERT_MSG(
652                         (current_aliases_num+4) == actual_cnt,
653                         "Error: expecting " << (current_aliases_num+4) << " aliases, while found " << actual_cnt);
654
655         ckmc_raw_buffer_s *testData4;
656         RUNNER_ASSERT_MSG(
657                         CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
658                         CKMCReadableError(temp));
659
660         int compareResult;
661         compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
662         RUNNER_ASSERT_MSG( compareResult == 0,
663                         "Data corrupted");
664 }
665
666 RUNNER_TEST(T3043_app_user_save_bin_data_C_API)
667 {
668         int temp;
669         ckmc_raw_buffer_s testData1;
670         char* password = NULL;
671         std::string binData1 = "My bin data";
672         char* char_binData1 = new char[binData1.length() + 1];
673         std::strcpy(char_binData1, binData1.c_str());
674         testData1.data = (unsigned char *) char_binData1;
675         testData1.size = binData1.length()+1;
676
677         ckmc_policy_s test_policy1, test_policy2;
678
679         test_policy1.password = password;
680         test_policy1.extractable = 1;
681
682         test_policy2.password = password;
683         test_policy2.extractable = 1;
684
685         std::string binData = "My bin data";
686
687         size_t current_aliases_num = count_aliases(ALIAS_DATA);
688
689         RUNNER_ASSERT_MSG(
690                         CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
691                         CKMCReadableError(temp));
692         RUNNER_ASSERT_MSG(
693                         CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
694                         CKMCReadableError(temp));
695         RUNNER_ASSERT_MSG(
696                         CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
697                         CKMCReadableError(temp));
698
699         size_t actual_cnt = count_aliases(ALIAS_DATA);
700         RUNNER_ASSERT_MSG(
701                                 (current_aliases_num+3) == actual_cnt,
702                                 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << actual_cnt);
703 }
704
705 RUNNER_TEST(T3044_remove_bin_data_C_API)
706 {
707         int temp;
708
709         size_t current_aliases_num = count_aliases(ALIAS_DATA, 2);
710
711         RUNNER_ASSERT_MSG(
712                         CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
713                         CKMCReadableError(temp));
714         RUNNER_ASSERT_MSG(
715                         CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
716                         CKMCReadableError(temp));
717
718         size_t actual_cnt = count_aliases(ALIAS_DATA);
719         RUNNER_ASSERT_MSG(
720                                 (current_aliases_num-2) == actual_cnt,
721                                 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << actual_cnt);
722
723         char* password = NULL;
724
725         ckmc_raw_buffer_s *testData1, testData2;
726
727         std::string testStr = "My bin data2";
728         char* char_testData2 = new char[testStr.length() + 1];
729         std::strcpy(char_testData2, testStr.c_str());
730         testData2.data = (unsigned char *) char_testData2;
731         testData2.size = testStr.length()+1;
732
733         CKM::RawBuffer buffer;
734         RUNNER_ASSERT_MSG(
735                         CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
736                         CKMCReadableError(temp));
737
738         int compareResult;
739         compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
740         RUNNER_ASSERT_MSG( compareResult == 0,
741                         "Data corrupted");
742
743         RUNNER_ASSERT_MSG(
744                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
745                         CKMCReadableError(temp));
746 }
747
748 RUNNER_TEST(T3045_save_big_data_C_API, RemoveDataEnv<USER_APP>)
749 {
750         // We don't know which backend will be used
751         const size_t BIG_SIZE = 100000;
752
753         std::vector<char> big_data(BIG_SIZE);
754         std::ifstream is("/dev/urandom", std::ifstream::binary);
755         if(is)
756                 is.read(big_data.data(), BIG_SIZE);
757
758         RUNNER_ASSERT_MSG(is,
759                         "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
760
761         save_data(TEST_OBJECT1, big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
762         auto self_label = getOwnerIdFromSelf();
763         check_read(TEST_OBJECT1, self_label.c_str(), big_data.data(), BIG_SIZE, CKMC_ERROR_NONE);
764 }
765
766 RUNNER_TEST(T3046_save_get_password_protected_data)
767 {
768         const char *alias = "T3046_data_alias";
769         const char *password = "test-password";
770         std::vector<unsigned char> data = { 0x28, 0x34, 0x5a, 0xf3 };
771
772         ckmc_raw_buffer_s raw_buffer;
773         raw_buffer.data = data.data();
774         raw_buffer.size = data.size();
775
776         ckmc_policy_s policy;
777         policy.password = const_cast<char *>(password);
778         policy.extractable = 1;
779
780         int temp;
781
782         RUNNER_ASSERT_MSG(
783                 CKMC_ERROR_NONE == (temp = ckmc_save_data(alias, raw_buffer, policy)),
784                 CKMCReadableError(temp));
785
786         ckmc_raw_buffer_s *raw_buffer_stored = nullptr;
787
788         // test negative case first
789         temp = ckmc_get_data(alias, "invalid_password", &raw_buffer_stored);
790
791         // make scoped buffer for in case of success
792         std::unique_ptr<ckmc_raw_buffer_s, void(*)(ckmc_raw_buffer_s *)> scoped_buffer(
793                 raw_buffer_stored, ckmc_buffer_free);
794
795         RUNNER_ASSERT_MSG(temp == CKMC_ERROR_AUTHENTICATION_FAILED,
796                 "expected(" << CKMCErrorToString(CKMC_ERROR_AUTHENTICATION_FAILED)
797                         << ") but ret(" << CKMCErrorToString(temp) << ")");
798
799         temp = ckmc_get_data(alias, password, &raw_buffer_stored);
800         // reset buffer with raw buffer of positive case
801         scoped_buffer.reset(raw_buffer_stored);
802         RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == temp, CKMCReadableError(temp));
803
804         RUNNER_ASSERT_MSG(
805                 raw_buffer_stored->size == raw_buffer.size,
806                 "stored raw buffer size(" << raw_buffer_stored->size
807                         << ") is differ to original raw buffer size(" << raw_buffer.size << ")");
808         for (size_t i = 0; i < raw_buffer_stored->size; ++i)
809                 RUNNER_ASSERT_MSG(
810                         raw_buffer_stored->data[i] == raw_buffer.data[i],
811                         "stored raw buffer data[" << i << "](" << raw_buffer_stored->data[i]
812                                 << ") is differ to original raw buffer data["
813                                 << i << "](" << raw_buffer.data[i] << ")");
814
815         RUNNER_ASSERT_MSG(
816                 CKMC_ERROR_NONE == (temp = ckmc_remove_alias(alias)),
817                 CKMCReadableError(temp));
818 }
819
820 RUNNER_TEST(T3050_deinit_C_API)
821 {
822         int temp;
823
824         RUNNER_ASSERT_MSG(
825                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
826                         CKMCReadableError(temp));
827         RUNNER_ASSERT_MSG(
828                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
829                         CKMCReadableError(temp));
830 }
831
832 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
833
834 RUNNER_TEST(T3051_CAPI_init)
835 {
836         int temp;
837
838         RUNNER_ASSERT_MSG(
839                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
840                         CKMCReadableError(temp));
841
842         RUNNER_ASSERT_MSG(
843                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
844                         CKMCReadableError(temp));
845 }
846
847 RUNNER_TEST(T3052_CAPI_create_RSA_key)
848 {
849         int temp;
850         size_t size = 1024;
851         const char *private_key_alias = "RSA-test-1-priv";
852         const char *public_key_alias = "RSA-test-1-pub";
853         ckmc_policy_s policy_private_key;
854         ckmc_policy_s policy_public_key;
855
856         policy_private_key.password = NULL;
857         policy_private_key.extractable = 1;
858
859         policy_public_key.password = NULL;
860         policy_public_key.extractable = 1;
861
862
863         size_t current_aliases_num = count_aliases(ALIAS_KEY);
864
865         RUNNER_ASSERT_MSG(
866                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
867                         CKMCReadableError(temp));
868
869         size_t actual_cnt = count_aliases(ALIAS_KEY);
870         RUNNER_ASSERT_MSG(
871                         (current_aliases_num+2) == actual_cnt,
872                         "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
873
874         ckmc_key_s *privateKey;
875         RUNNER_ASSERT_MSG(
876                         CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
877                         CKMCReadableError(temp));
878         RUNNER_ASSERT_MSG(
879                         privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
880                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
881         RUNNER_ASSERT_MSG(
882                         privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
883                         "Private key is broken.");
884
885         ckmc_key_s *publicKey;
886         RUNNER_ASSERT_MSG(
887                         CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
888                         CKMCReadableError(temp));
889         RUNNER_ASSERT_MSG(
890                         publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
891                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
892         RUNNER_ASSERT_MSG(
893                         publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
894                         "Public key is broken.");
895
896         // on next attempt to generate keys with the same alias, expect fail (alias exists)
897         RUNNER_ASSERT_MSG(
898                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
899                         CKMCReadableError(temp));
900 }
901
902 RUNNER_TEST(T3053_CAPI_create_DSA_key)
903 {
904         int temp;
905         size_t size = 1024;
906         const char *private_key_alias = "DSA-test-2-priv";
907         const char *public_key_alias = "DSA-test-2-pub";
908         ckmc_policy_s policy_private_key;
909         ckmc_policy_s policy_public_key;
910
911         policy_private_key.password = NULL;
912         policy_private_key.extractable = 1;
913
914         policy_public_key.password = NULL;
915         policy_public_key.extractable = 1;
916
917         size_t current_aliases_num = count_aliases(ALIAS_KEY);
918
919         RUNNER_ASSERT_MSG(
920                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
921                         CKMCReadableError(temp));
922
923         size_t actual_cnt = count_aliases(ALIAS_KEY);
924         RUNNER_ASSERT_MSG(
925                         (current_aliases_num+2) == actual_cnt,
926                         "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << actual_cnt);
927
928         ckmc_key_s *privateKey = 0;
929         RUNNER_ASSERT_MSG(
930                         CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
931                         CKMCReadableError(temp));
932         RUNNER_ASSERT_MSG(
933                         privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
934                         "Private key is broken.");
935         RUNNER_ASSERT_MSG(
936                         privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
937                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
938         ckmc_key_free(privateKey);
939
940         ckmc_key_s *pubKey = 0;
941         RUNNER_ASSERT_MSG(
942                         CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
943                         CKMCReadableError(temp));
944         RUNNER_ASSERT_MSG(
945                         pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
946                         "Public key is broken.");
947         RUNNER_ASSERT_MSG(
948                         pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
949                         "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
950         ckmc_key_free(pubKey);
951
952         // on next attempt to generate keys with the same alias, expect fail (alias exists)
953         RUNNER_ASSERT_MSG(
954                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
955                         CKMCReadableError(temp));
956 }
957
958
959 RUNNER_TEST(T3054_CAPI_create_AES_key)
960 {
961         int temp;
962         size_t size = 128;
963         CKM::Alias key_alias = "AES-gen-test-1";
964         ckmc_policy_s policy_key;
965
966         policy_key.password = NULL;
967         policy_key.extractable = 1;
968
969         int current_aliases_num = count_aliases(ALIAS_KEY);
970
971         RUNNER_ASSERT_MSG(
972                         CKMC_ERROR_NONE == (temp = ckmc_create_key_aes(size, key_alias.c_str(), policy_key)),
973                         CKMCReadableError(temp));
974
975         RUNNER_ASSERT_MSG(
976                         (current_aliases_num+1) == (temp = count_aliases(ALIAS_KEY)),
977                         "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
978
979         ckmc_key_s *get_AES_key = 0;
980         RUNNER_ASSERT_MSG(
981                         CKMC_ERROR_NONE == (temp = ckmc_get_key(key_alias.c_str(), policy_key.password, &get_AES_key)),
982                         CKMCReadableError(temp));
983         validate_AES_key(get_AES_key);
984         ckmc_key_free(get_AES_key);
985 }
986
987
988 RUNNER_TEST(T3055_CAPI_deinit)
989 {
990         int temp;
991
992         RUNNER_ASSERT_MSG(
993                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
994                         CKMCReadableError(temp));
995         RUNNER_ASSERT_MSG(
996                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
997                         CKMCReadableError(temp));
998 }
999
1000
1001 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
1002
1003 RUNNER_TEST(T3061_CAPI_init)
1004 {
1005         reset_user_data(USER_APP, USER_PASS);
1006 }
1007
1008 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
1009 {
1010         int temp;
1011
1012         size_t size = 1024;
1013         CKM::Alias private_key_alias = "rsa-test-1";
1014         CKM::Alias public_key_alias = "rsa-test-2";
1015         ckmc_policy_s policy_private_key;
1016         ckmc_policy_s policy_public_key;
1017
1018         policy_private_key.password = const_cast<char *>("privatepassword");
1019         policy_private_key.extractable = 0;
1020
1021         policy_public_key.password = NULL;
1022         policy_public_key.extractable = 1;
1023
1024         RUNNER_ASSERT_MSG(
1025                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1026                         CKMCReadableError(temp));
1027
1028         // on next attempt to generate keys with the same alias, expect fail (alias exists)
1029         RUNNER_ASSERT_MSG(
1030                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1031                         CKMCReadableError(temp));
1032 }
1033
1034 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
1035 {
1036         int temp;
1037
1038         size_t size = 1024;
1039         CKM::Alias private_key_alias = "dsa-test-1";
1040         CKM::Alias public_key_alias = "dsa-test-2";
1041         ckmc_policy_s policy_private_key;
1042         ckmc_policy_s policy_public_key;
1043
1044         policy_private_key.password = const_cast<char *>("privatepassword");
1045         policy_private_key.extractable = 0;
1046
1047         policy_public_key.password = NULL;
1048         policy_public_key.extractable = 1;
1049
1050         RUNNER_ASSERT_MSG(
1051                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1052                         CKMCReadableError(temp));
1053 }
1054
1055 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
1056 {
1057         int temp;
1058
1059         ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
1060         CKM::Alias private_key_alias = "ecdsa-test-1";
1061         CKM::Alias public_key_alias = "ecdsa-test-2";
1062         ckmc_policy_s policy_private_key;
1063         ckmc_policy_s policy_public_key;
1064
1065         policy_private_key.password = const_cast<char *>("privatepassword");
1066         policy_private_key.extractable = 0;
1067
1068         policy_public_key.password = NULL;
1069         policy_public_key.extractable = 1;
1070
1071         RUNNER_ASSERT_MSG(
1072                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias.c_str(), public_key_alias.c_str(), policy_private_key, policy_public_key)),
1073                         CKMCReadableError(temp));
1074 }
1075
1076 RUNNER_TEST(T3065_CAPI_deinit)
1077 {
1078         remove_user_data(USER_APP);
1079 }
1080
1081 // TODO
1082 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
1083
1084
1085 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_OCSP_TESTS);
1086
1087 RUNNER_TEST(T3071_CAPI_init)
1088 {
1089         remove_user_data(USER_APP);
1090 }
1091
1092 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
1093 {
1094         std::string im = TestData::getTestCertificateBase64(TestData::OCSP_AVAILABLE_IM);
1095
1096         ckmc_cert_s c_cert;
1097         c_cert.raw_cert = reinterpret_cast<unsigned char *>(im.data());
1098         c_cert.cert_size = im.size();
1099         c_cert.data_format = CKMC_FORM_PEM;
1100
1101         ckmc_cert_list_s *cert_chain_list;
1102
1103         int     tmp = ckmc_get_cert_chain(&c_cert, NULL, &cert_chain_list);
1104         RUNNER_ASSERT_MSG(
1105                         CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1106
1107         RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1108
1109         ckmc_ocsp_status_e ocsp_status;
1110         RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1111         RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1112 }
1113
1114 RUNNER_TEST(T3075_CAPI_deinit)
1115 {
1116         remove_user_data(USER_APP);
1117 }
1118
1119
1120 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1121
1122 RUNNER_TEST(T3081_CAPI__init)
1123 {
1124         int temp;
1125
1126         RUNNER_ASSERT_MSG(
1127                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1128                         CKMCReadableError(temp));
1129
1130         RUNNER_ASSERT_MSG(
1131                         CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1132                         CKMCReadableError(temp));
1133 }
1134
1135 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1136 {
1137         int temp;
1138
1139         std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1140                 "Proc-Type: 4,ENCRYPTED\n"
1141                 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1142                 "\n"
1143                 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1144                 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1145                 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1146                 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1147                 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1148                 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1149                 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1150                 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1151                 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1152                 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1153                 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1154                 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1155                 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1156                 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1157                 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1158                 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1159                 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1160                 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1161                 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1162                 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1163                 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1164                 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1165                 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1166                 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1167                 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1168                 "-----END RSA PRIVATE KEY-----\n";
1169
1170         std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1171                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1172                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1173                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1174                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1175                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1176                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1177                 "zQIDAQAB\n"
1178                 "-----END PUBLIC KEY-----\n";
1179
1180         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1181
1182         CKM::Alias pub_alias = "pub1";
1183         CKM::Alias pri_alias = "prv1";
1184         const char *key_passwd = "1234";
1185         char *pri_passwd = NULL;
1186         char *pub_passwd = NULL;
1187         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1188         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1189         ckmc_raw_buffer_s *signature;
1190
1191         ckmc_key_s pubkey;
1192         pubkey.raw_key = reinterpret_cast<unsigned char *>(pub.data());
1193         pubkey.key_size = pub.size();
1194         pubkey.key_type = CKMC_KEY_NONE;
1195         pubkey.password = NULL;
1196
1197         ckmc_policy_s pubpolicy;
1198         pubpolicy.password = pub_passwd;
1199         pubpolicy.extractable = 0;
1200
1201         ckmc_policy_s pripolicy;
1202         pripolicy.password = pri_passwd;
1203         pripolicy.extractable = 1;
1204
1205         ckmc_key_s prikey;
1206         prikey.raw_key = reinterpret_cast<unsigned char *>(prv.data());
1207         prikey.key_size = prv.size();
1208         prikey.key_type = CKMC_KEY_NONE;
1209         prikey.password = const_cast<char *>(key_passwd);
1210
1211
1212         RUNNER_ASSERT_MSG(
1213                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1214                         CKMCReadableError(temp));
1215
1216         RUNNER_ASSERT_MSG(
1217                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1218                         CKMCReadableError(temp));
1219
1220         RUNNER_ASSERT_MSG(
1221                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1222                                         pri_alias.c_str(),
1223                                         pri_passwd,
1224                                         msg_buff,
1225                                         hash_algo,
1226                                         pad_algo,
1227                                         &signature)),
1228                         CKMCReadableError(temp));
1229
1230         RUNNER_ASSERT_MSG(
1231                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1232                                         pub_alias.c_str(),
1233                                         pub_passwd,
1234                                         msg_buff,
1235                                         *signature,
1236                                         hash_algo,
1237                                         pad_algo)),
1238                         CKMCReadableError(temp));
1239 }
1240
1241 RUNNER_TEST(T3083a_CAPI__rsa_key_create_verify_negative)
1242 {
1243         int temp;
1244
1245         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1246         CKM::Alias pub_alias = "pub1";
1247         CKM::Alias pri_alias = "prv1";
1248         char *pri_passwd = NULL;
1249         char *pub_passwd = NULL;
1250         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1251         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1252         ckmc_raw_buffer_s *signature;
1253
1254         RUNNER_ASSERT_MSG(
1255                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1256                                         pri_alias.c_str(),
1257                                         pri_passwd,
1258                                         msg_buff,
1259                                         hash_algo,
1260                                         pad_algo,
1261                                         &signature)),
1262                         CKMCReadableError(temp));
1263
1264         RUNNER_ASSERT_MSG(
1265                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1266                                         pub_alias.c_str(),
1267                                         pub_passwd,
1268                                         msg_buff,
1269                                         *signature,
1270                                         hash_algo,
1271                                         pad_algo)),
1272                         CKMCReadableError(temp));
1273
1274         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1275         memcpy((void*)signature->data, "BROKEN", 6);
1276
1277         RUNNER_ASSERT_MSG(
1278                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1279                                         pub_alias.c_str(),
1280                                         pub_passwd,
1281                                         msg_buff,
1282                                         *signature,
1283                                         hash_algo,
1284                                         pad_algo)),
1285                         CKMCReadableError(temp));
1286 }
1287
1288 RUNNER_TEST(T3083b_CAPI__rsa_key_create_verify_hash_and_padding)
1289 {
1290         int temp;
1291
1292         unsigned char hashed_msg[256] = {}; // shouldn't need padding (2048-bit key)
1293         ckmc_raw_buffer_s msg_buff;
1294         msg_buff.data = hashed_msg;
1295         msg_buff.size = sizeof(hashed_msg);
1296         ckmc_raw_buffer_s short_data = prepare_message_buffer("length not equal to key size");
1297         CKM::Alias pub_alias = "pub1";
1298         CKM::Alias pri_alias = "prv1";
1299         char *pri_passwd = NULL;
1300         char *pub_passwd = NULL;
1301         ckmc_raw_buffer_s *signature;
1302
1303         // sign: no padding + hash
1304         RUNNER_ASSERT_MSG(
1305                         CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_create_signature(
1306                                         pri_alias.c_str(),
1307                                         pri_passwd,
1308                                         msg_buff,
1309                                         CKMC_HASH_SHA256,
1310                                         CKMC_NONE_PADDING,
1311                                         &signature)),
1312                         CKMCReadableError(temp));
1313
1314         // sign: no padding + no hash + short data
1315         RUNNER_ASSERT_MSG(
1316                         CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_create_signature(
1317                                         pri_alias.c_str(),
1318                                         pri_passwd,
1319                                         short_data,
1320                                         CKMC_HASH_NONE,
1321                                         CKMC_NONE_PADDING,
1322                                         &signature)),
1323                         CKMCReadableError(temp));
1324
1325         // sign: no padding + no hash + correct length
1326         RUNNER_ASSERT_MSG(
1327                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1328                                         pri_alias.c_str(),
1329                                         pri_passwd,
1330                                         msg_buff,
1331                                         CKMC_HASH_NONE,
1332                                         CKMC_NONE_PADDING,
1333                                         &signature)),
1334                         CKMCReadableError(temp));
1335
1336         // verify: no padding + no hash
1337         RUNNER_ASSERT_MSG(
1338                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1339                                         pub_alias.c_str(),
1340                                         pub_passwd,
1341                                         msg_buff,
1342                                         *signature,
1343                                         CKMC_HASH_NONE,
1344                                         CKMC_NONE_PADDING)),
1345                         CKMCReadableError(temp));
1346
1347         // verify: padding + no hash
1348         RUNNER_ASSERT_MSG(
1349                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1350                                         pub_alias.c_str(),
1351                                         pub_passwd,
1352                                         msg_buff,
1353                                         *signature,
1354                                         CKMC_HASH_NONE,
1355                                         CKMC_PKCS1_PADDING)),
1356                         CKMCReadableError(temp));
1357
1358         // verify: no padding + hash
1359         RUNNER_ASSERT_MSG(
1360                         CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_verify_signature(
1361                                         pub_alias.c_str(),
1362                                         pub_passwd,
1363                                         msg_buff,
1364                                         *signature,
1365                                         CKMC_HASH_SHA256,
1366                                         CKMC_NONE_PADDING)),
1367                         CKMCReadableError(temp));
1368
1369         ckmc_buffer_free(signature);
1370
1371         // sign: padding + no hash + short data
1372         RUNNER_ASSERT_MSG(
1373                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1374                                         pri_alias.c_str(),
1375                                         pri_passwd,
1376                                         short_data,
1377                                         CKMC_HASH_NONE,
1378                                         CKMC_PKCS1_PADDING,
1379                                         &signature)),
1380                         CKMCReadableError(temp));
1381
1382         // verify: padding + no hash
1383         RUNNER_ASSERT_MSG(
1384                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1385                                         pub_alias.c_str(),
1386                                         pub_passwd,
1387                                         short_data,
1388                                         *signature,
1389                                         CKMC_HASH_NONE,
1390                                         CKMC_PKCS1_PADDING)),
1391                         CKMCReadableError(temp));
1392
1393         // verify: no padding + no hash
1394         RUNNER_ASSERT_MSG(
1395                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1396                                         pub_alias.c_str(),
1397                                         pub_passwd,
1398                                         short_data,
1399                                         *signature,
1400                                         CKMC_HASH_NONE,
1401                                         CKMC_NONE_PADDING)),
1402                         CKMCReadableError(temp));
1403
1404         // verify: no padding + hash
1405         RUNNER_ASSERT_MSG(
1406                         CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_verify_signature(
1407                                         pub_alias.c_str(),
1408                                         pub_passwd,
1409                                         short_data,
1410                                         *signature,
1411                                         CKMC_HASH_SHA256,
1412                                         CKMC_NONE_PADDING)),
1413                         CKMCReadableError(temp));
1414
1415         ckmc_buffer_free(signature);
1416 }
1417
1418
1419 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1420 {
1421         int temp;
1422
1423         std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1424                 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1425                 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1426                 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1427                 "-----END EC PRIVATE KEY-----\n";
1428
1429         std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1430                 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1431                 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1432                 "-----END PUBLIC KEY-----\n";
1433
1434         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1435         CKM::Alias pri_alias = "ecprv2";
1436         CKM::Alias pub_alias = "ecpub2";
1437         char *key_passwd = NULL;
1438         char *pri_passwd = NULL;
1439         char *pub_passwd = NULL;
1440         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1441         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1442         ckmc_raw_buffer_s *signature;
1443
1444         ckmc_key_s pubkey;
1445         pubkey.raw_key = reinterpret_cast<unsigned char *>(pub.data());
1446         pubkey.key_size = pub.size();
1447         pubkey.key_type = CKMC_KEY_NONE;
1448         pubkey.password = NULL;
1449
1450         ckmc_policy_s pubpolicy;
1451         pubpolicy.password = pub_passwd;
1452         pubpolicy.extractable = 1;
1453
1454         ckmc_key_s prikey;
1455         prikey.raw_key = reinterpret_cast<unsigned char *>(prv.data());
1456         prikey.key_size = prv.size();
1457         prikey.key_type = CKMC_KEY_NONE;
1458         prikey.password = key_passwd;
1459
1460         ckmc_policy_s pripolicy;
1461         pripolicy.password = pri_passwd;
1462         pripolicy.extractable = 0;
1463
1464         RUNNER_ASSERT_MSG(
1465                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1466                         CKMCReadableError(temp));
1467         RUNNER_ASSERT_MSG(
1468                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1469                         CKMCReadableError(temp));
1470
1471         RUNNER_ASSERT_MSG(
1472                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1473                                         pri_alias.c_str(),
1474                                         pri_passwd,
1475                                         msg_buff,
1476                                         hash_algo,
1477                                         pad_algo,
1478                                         &signature)),
1479                         CKMCReadableError(temp));
1480
1481         RUNNER_ASSERT_MSG(
1482                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1483                                         pub_alias.c_str(),
1484                                         pub_passwd,
1485                                         msg_buff,
1486                                         *signature,
1487                                         hash_algo,
1488                                         pad_algo)),
1489                         CKMCReadableError(temp));
1490
1491         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1492         memcpy((void*)signature->data, "BROKEN", 6);
1493
1494         RUNNER_ASSERT_MSG(
1495                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1496                                         pub_alias.c_str(),
1497                                         pub_passwd,
1498                                         msg_buff,
1499                                         *signature,
1500                                         hash_algo,
1501                                         pad_algo)),
1502                         CKMCReadableError(temp));
1503 }
1504
1505 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1506 {
1507         int temp;
1508
1509         std::string prv =
1510                 "-----BEGIN RSA PRIVATE KEY-----\n"
1511                 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1512                 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1513                 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1514                 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1515                 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1516                 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1517                 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1518                 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1519                 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1520                 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1521                 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1522                 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1523                 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1524                 "-----END RSA PRIVATE KEY-----\n";
1525
1526         std::string pub =
1527                 "-----BEGIN CERTIFICATE-----\n"
1528                 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1529                 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1530                 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1531                 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1532                 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1533                 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1534                 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1535                 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1536                 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1537                 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1538                 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1539                 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1540                 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1541                 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1542                 "-----END CERTIFICATE-----\n";
1543
1544         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1545
1546         CKM::Alias pri_alias = "prv3";
1547         CKM::Alias pub_alias = "pub3";
1548         char *key_passwd = NULL;
1549         char *pri_passwd = NULL;
1550         char *pub_passwd = NULL;
1551         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1552         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1553         ckmc_raw_buffer_s *signature;
1554
1555         ckmc_cert_s cert;
1556         cert.raw_cert = reinterpret_cast<unsigned char *>(pub.data());
1557         cert.cert_size = pub.size();
1558         cert.data_format = CKMC_FORM_PEM;
1559
1560         ckmc_policy_s certpolicy;
1561         certpolicy.password = pub_passwd;
1562         certpolicy.extractable = 1;
1563
1564         ckmc_key_s prikey;
1565         prikey.raw_key = reinterpret_cast<unsigned char *>(prv.data());
1566         prikey.key_size = prv.size();
1567         prikey.key_type = CKMC_KEY_NONE;
1568         prikey.password = key_passwd;
1569
1570         ckmc_policy_s pripolicy;
1571         pripolicy.password = pri_passwd;
1572         pripolicy.extractable = 0;
1573
1574         RUNNER_ASSERT_MSG(
1575                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1576                         CKMCReadableError(temp));
1577         RUNNER_ASSERT_MSG(
1578                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1579                         CKMCReadableError(temp));
1580
1581
1582         RUNNER_ASSERT_MSG(
1583                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1584                                         pri_alias.c_str(),
1585                                         pri_passwd,
1586                                         msg_buff,
1587                                         hash_algo,
1588                                         pad_algo,
1589                                         &signature)),
1590                         CKMCReadableError(temp));
1591
1592         RUNNER_ASSERT_MSG(
1593                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1594                                         pub_alias.c_str(),
1595                                         pub_passwd,
1596                                         msg_buff,
1597                                         *signature,
1598                                         hash_algo,
1599                                         pad_algo)),
1600                         CKMCReadableError(temp));
1601
1602         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1603         memcpy((void*)signature->data, "BROKEN", 6);
1604
1605         RUNNER_ASSERT_MSG(
1606                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1607                                         pub_alias.c_str(),
1608                                         pub_passwd,
1609                                         msg_buff,
1610                                         *signature,
1611                                         hash_algo,
1612                                         pad_algo)),
1613                         CKMCReadableError(temp));
1614 }
1615
1616 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1617 {
1618         int temp;
1619
1620         std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1621                 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1622                 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1623                 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1624                 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1625                 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1626                 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1627                 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1628                 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1629                 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1630                 "YMYCBhubtrVaLmc=\n"
1631                 "-----END PUBLIC KEY-----";
1632
1633         std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1634                 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1635                 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1636                 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1637                 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1638                 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1639                 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1640                 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1641                 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1642                 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1643                 "u1roOuaPY+Hl19BlTE2qdw==\n"
1644                 "-----END DSA PRIVATE KEY-----";
1645
1646         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1647
1648         CKM::Alias pub_alias = "dsa-pub1";
1649         CKM::Alias pri_alias = "dsa-prv1";
1650         char *pri_passwd = NULL;
1651         char *pub_passwd = NULL;
1652         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1653         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1654         ckmc_raw_buffer_s *signature = NULL;
1655
1656         ckmc_key_s pubkey;
1657         pubkey.raw_key = reinterpret_cast<unsigned char *>(pub.data());
1658         pubkey.key_size = pub.size();
1659         pubkey.key_type = CKMC_KEY_NONE;
1660         pubkey.password = NULL;
1661
1662         ckmc_policy_s pubpolicy;
1663         pubpolicy.password = pub_passwd;
1664         pubpolicy.extractable = 0;
1665
1666         ckmc_policy_s pripolicy;
1667         pripolicy.password = pri_passwd;
1668         pripolicy.extractable = 1;
1669
1670         ckmc_key_s prikey;
1671         prikey.raw_key = reinterpret_cast<unsigned char *>(priv.data());
1672         prikey.key_size = priv.size();
1673         prikey.key_type = CKMC_KEY_NONE;
1674         prikey.password = NULL;
1675
1676
1677         RUNNER_ASSERT_MSG(
1678                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1679                         CKMCReadableError(temp));
1680
1681         RUNNER_ASSERT_MSG(
1682                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias.c_str(), pubkey, pubpolicy)),
1683                         CKMCReadableError(temp));
1684
1685         RUNNER_ASSERT_MSG(
1686                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1687                                         pri_alias.c_str(),
1688                                         pri_passwd,
1689                                         msg_buff,
1690                                         hash_algo,
1691                                         pad_algo,
1692                                         &signature)),
1693                         CKMCReadableError(temp));
1694
1695         // positive test
1696         RUNNER_ASSERT_MSG(
1697                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1698                                         pub_alias.c_str(),
1699                                         pub_passwd,
1700                                         msg_buff,
1701                                         *signature,
1702                                         hash_algo,
1703                                         pad_algo)),
1704                         CKMCReadableError(temp));
1705
1706         // negative test
1707         ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1708         RUNNER_ASSERT_MSG(
1709                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1710                                         pub_alias.c_str(),
1711                                         pub_passwd,
1712                                         invalid_msg_buff,
1713                                         *signature,
1714                                         hash_algo,
1715                                         pad_algo)),
1716                         CKMCReadableError(temp));
1717
1718         ckmc_buffer_free(signature);
1719 }
1720
1721 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1722 {
1723         int temp;
1724
1725         size_t size = 1024;
1726         ckmc_policy_s policy_private_key;
1727         ckmc_policy_s policy_public_key;
1728
1729         policy_private_key.password = NULL;
1730         policy_private_key.extractable = 1;
1731
1732         policy_public_key.password = NULL;
1733         policy_public_key.extractable = 1;
1734
1735         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1736
1737         CKM::Alias pub_alias = "dsa-pub2";
1738         CKM::Alias pri_alias = "dsa-prv2";
1739
1740         RUNNER_ASSERT_MSG(
1741                         CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias.c_str(), pub_alias.c_str(), policy_private_key, policy_public_key)),
1742                         "Error=" << temp);
1743
1744         char *pri_passwd = NULL;
1745         char *pub_passwd = NULL;
1746         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1747         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1748         ckmc_raw_buffer_s *signature;
1749
1750         ckmc_key_s *pubkey = NULL;
1751         ckmc_key_s *prikey = NULL;
1752         RUNNER_ASSERT_MSG(
1753                         CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias.c_str(), 0, &prikey)),
1754                         CKMCReadableError(temp));
1755
1756         RUNNER_ASSERT_MSG(
1757                         CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias.c_str(), 0, &pubkey)),
1758                         CKMCReadableError(temp));
1759
1760         RUNNER_ASSERT_MSG(
1761                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1762                                         pri_alias.c_str(),
1763                                         pri_passwd,
1764                                         msg_buff,
1765                                         hash_algo,
1766                                         pad_algo,
1767                                         &signature)),
1768                         CKMCReadableError(temp));
1769
1770         // positive test
1771         RUNNER_ASSERT_MSG(
1772                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1773                                         pub_alias.c_str(),
1774                                         pub_passwd,
1775                                         msg_buff,
1776                                         *signature,
1777                                         hash_algo,
1778                                         pad_algo)),
1779                         CKMCReadableError(temp));
1780
1781         // negative test
1782         ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1783         RUNNER_ASSERT_MSG(
1784                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1785                                         pub_alias.c_str(),
1786                                         pub_passwd,
1787                                         invalid_msg_buff,
1788                                         *signature,
1789                                         hash_algo,
1790                                         pad_algo)),
1791                         CKMCReadableError(temp));
1792
1793         ckmc_key_free(prikey);
1794         ckmc_key_free(pubkey);
1795         ckmc_buffer_free(signature);
1796 }
1797
1798 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
1799 {
1800         int temp;
1801
1802         std::string prv =
1803                 "-----BEGIN EC PRIVATE KEY-----\n"
1804                 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1805                 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1806                 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1807                 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1808                 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1809                 "ELyhe7yPCAuOoLZlTLgf\n"
1810                 "-----END EC PRIVATE KEY-----\n";
1811
1812         std::string pub =
1813                 "-----BEGIN CERTIFICATE-----\n"
1814                 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1815                 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1816                 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1817                 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1818                 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1819                 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1820                 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1821                 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1822                 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1823                 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1824                 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1825                 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1826                 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1827                 "Q1oBry6NEc+lLFmWMDesAA==\n"
1828                 "-----END CERTIFICATE-----\n";
1829
1830         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1831
1832         CKM::Alias pri_alias = "prv4";
1833         CKM::Alias pub_alias = "pub4";
1834         char *key_passwd = NULL;
1835         char *pri_passwd = NULL;
1836         char *pub_passwd = NULL;
1837         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1838         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1839         ckmc_raw_buffer_s *signature;
1840
1841         ckmc_cert_s cert;
1842         cert.raw_cert = reinterpret_cast<unsigned char *>(pub.data());
1843         cert.cert_size = pub.size();
1844         cert.data_format = CKMC_FORM_PEM;
1845
1846         ckmc_policy_s certpolicy;
1847         certpolicy.password = pub_passwd;
1848         certpolicy.extractable = 1;
1849
1850         ckmc_key_s prikey;
1851         prikey.raw_key = reinterpret_cast<unsigned char *>(prv.data());
1852         prikey.key_size = prv.size();
1853         prikey.key_type = CKMC_KEY_NONE;
1854         prikey.password = key_passwd;
1855
1856         ckmc_policy_s pripolicy;
1857         pripolicy.password = pri_passwd;
1858         pripolicy.extractable = 0;
1859
1860
1861         RUNNER_ASSERT_MSG(
1862                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias.c_str(), cert, certpolicy)),
1863                         CKMCReadableError(temp));
1864         RUNNER_ASSERT_MSG(
1865                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias.c_str(), prikey, pripolicy)),
1866                         CKMCReadableError(temp));
1867
1868         RUNNER_ASSERT_MSG(
1869                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1870                                         pri_alias.c_str(),
1871                                         pri_passwd,
1872                                         msg_buff,
1873                                         hash_algo,
1874                                         pad_algo,
1875                                         &signature)),
1876                         CKMCReadableError(temp));
1877
1878         RUNNER_ASSERT_MSG(
1879                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1880                                         pub_alias.c_str(),
1881                                         pub_passwd,
1882                                         msg_buff,
1883                                         *signature,
1884                                         hash_algo,
1885                                         pad_algo)),
1886                         CKMCReadableError(temp));
1887
1888         RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1889         memcpy((void*)signature->data, "BROKEN", 6);
1890
1891         RUNNER_ASSERT_MSG(
1892                         CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1893                                         pub_alias.c_str(),
1894                                         pub_passwd,
1895                                         msg_buff,
1896                                         *signature,
1897                                         hash_algo,
1898                                         pad_algo)),
1899                         CKMCReadableError(temp));
1900 }
1901
1902 RUNNER_TEST(T3089_CAPI_deinit)
1903 {
1904         remove_user_data(USER_APP);
1905 }
1906
1907
1908 //#######################################################################################
1909
1910 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
1911 {
1912         RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
1913         RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
1914
1915         if(key->password != NULL && password != NULL) {
1916                 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
1917         }else if(key->password == NULL && password == NULL) {
1918                 RUNNER_ASSERT_MSG(true, "Password Error" );
1919         }else {
1920                 RUNNER_ASSERT_MSG(false, "Password Error" );
1921         }
1922
1923         if(key->raw_key != NULL && raw_key != NULL) {
1924                 for(unsigned int i=0; i<key_size; i++) {
1925                         RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i],  "Raw Key Error" );
1926                 }
1927         }else if(key->raw_key == NULL && raw_key == NULL) {
1928                 RUNNER_ASSERT_MSG(true,  "Raw Key Error" );
1929         }else {
1930                 RUNNER_ASSERT_MSG(false,  "Raw Key Error" );
1931         }
1932 }
1933
1934 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
1935
1936 RUNNER_TEST(T3091_CAPI_TYPE_init)
1937 {
1938         reset_user_data(USER_APP, USER_PASS);
1939 }
1940
1941 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
1942 {
1943         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1944                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1945                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1946                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1947                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1948                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1949                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1950                 "zQIDAQAB\n"
1951                 "-----END PUBLIC KEY-----";
1952
1953         unsigned char *raw_key = reinterpret_cast<unsigned char *>(keyPem.data());
1954         unsigned int key_size = keyPem.size();
1955         ckmc_key_type_e key_type = CKMC_KEY_NONE;
1956         char *password = const_cast< char *>("");
1957
1958         ckmc_key_s *key;
1959         ckmc_key_new(raw_key, key_size, key_type, password, &key);
1960
1961         _assertKey(key, raw_key, key_size, key_type, password);
1962         ckmc_key_free(key);
1963
1964         char *passwordNull = NULL;
1965         ckmc_key_s *key2;
1966         ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
1967         ckmc_key_free(key2);
1968 }
1969
1970 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
1971 {
1972         std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1973                 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1974                 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1975                 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1976                 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1977                 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1978                 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1979                 "zQIDAQAB\n"
1980                 "-----END PUBLIC KEY-----";
1981
1982         unsigned char *data = reinterpret_cast<unsigned char *>(keyPem.data());
1983         unsigned int size = keyPem.size();
1984
1985         ckmc_raw_buffer_s *buff;
1986         ckmc_buffer_new(data, size, &buff);
1987
1988         RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
1989
1990         if(buff->data != NULL && data != NULL) {
1991                 for(unsigned int i=0; i<size; i++) {
1992                         RUNNER_ASSERT_MSG((buff->data)[i] == data[i],  "Raw data Error" );
1993                 }
1994         }else if(buff->data == NULL && data == NULL) {
1995                 RUNNER_ASSERT_MSG(true,  "Raw data Error" );
1996         }else {
1997                 RUNNER_ASSERT_MSG(false,  "Raw data Error" );
1998         }
1999
2000         ckmc_buffer_free(buff);
2001 }
2002
2003 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
2004 {
2005         std::string certPem = TestData::getTestCertificateBase64(TestData::TEST_LEAF);
2006
2007         unsigned char *raw_cert = reinterpret_cast<unsigned char *>(certPem.data());
2008         unsigned int size = certPem.size();
2009         ckmc_data_format_e form = CKMC_FORM_PEM;
2010
2011         ckmc_cert_s *ckmCert;
2012         ckmc_cert_new(raw_cert, size, form, &ckmCert);
2013
2014         RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
2015
2016         if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
2017                 for(unsigned int i=0; i<size; i++) {
2018                         RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i],  "Raw data Error" );
2019                 }
2020         }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
2021                 RUNNER_ASSERT_MSG(true,  "raw_cert Error" );
2022         }else {
2023                 RUNNER_ASSERT_MSG(false,  "raw_cert Error" );
2024         }
2025
2026         RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
2027
2028         ckmc_cert_free(ckmCert);
2029 }
2030
2031
2032 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
2033 {
2034         int ret;
2035
2036         std::string certStr = TestData::getTestCertificateBase64(TestData::TEST_LEAF);
2037
2038         const char *file_name = "/tmp/ckmc_test_cert.pem";
2039         remove(file_name);
2040
2041         FILE* cert_file;
2042         cert_file = fopen(file_name, "w");
2043         fprintf(cert_file, "%s",certStr.c_str());
2044         fclose(cert_file);
2045
2046         ckmc_cert_s *pcert;
2047
2048         RUNNER_ASSERT_MSG(
2049                         CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
2050                         CKMCReadableError(ret));
2051
2052         RUNNER_ASSERT_MSG(
2053                         pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
2054
2055         CKM::Alias lcert_alias = "lcert_alias";
2056         ckmc_policy_s policy;
2057         policy.password = NULL;
2058         policy.extractable = 1;
2059
2060         RUNNER_ASSERT_MSG(
2061                         CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias.c_str(), *pcert, policy)),
2062                         CKMCReadableError(ret));
2063
2064         remove(file_name);
2065 }
2066
2067 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
2068         const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
2069         const char *password = "password";
2070
2071         int temp;
2072
2073         ckmc_key_s *private_key = NULL;
2074         ckmc_cert_s *cert = NULL;
2075         ckmc_cert_list_s *ca_cert_list = NULL;
2076
2077         RUNNER_ASSERT_MSG(
2078                         CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
2079                                         &private_key, &cert, &ca_cert_list)),
2080                         "Error=" << temp);
2081         RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
2082         RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
2083         RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
2084
2085         ckmc_policy_s policy;
2086         policy.password = NULL;
2087         policy.extractable = 1;
2088
2089
2090         CKM::Alias pkey_alias = "pkey_alias";
2091         RUNNER_ASSERT_MSG(
2092                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *private_key, policy)),
2093                         CKMCReadableError(temp));
2094
2095         CKM::Alias cert_alias = "cert_alias";
2096         RUNNER_ASSERT_MSG(
2097                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *cert, policy)),
2098                         CKMCReadableError(temp));
2099         std::string caCertAlias = "ca_cert_alias_";
2100         const char *idx = "0";
2101         int cnt = 0;
2102         ckmc_cert_list_s *tmpList = ca_cert_list;
2103         while(tmpList != NULL) {
2104                 caCertAlias.append(idx);
2105                 RUNNER_ASSERT_MSG(
2106                                 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2107                                 CKMCReadableError(temp));
2108                 tmpList = tmpList->next;
2109                 cnt ++;
2110         }
2111
2112         RUNNER_ASSERT_MSG(cnt ==  2, "Invalid CA Cert Count");
2113
2114         ckmc_key_free(private_key);
2115         ckmc_cert_free(cert);
2116         ckmc_cert_list_all_free(ca_cert_list);
2117 }
2118
2119 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
2120         const char *p12file = CKM_TEST_DIR "/capi-t3096.p12";
2121         const char *password = "password";
2122
2123         int temp;
2124
2125         ckmc_pkcs12_s *ppkcs12 = NULL;
2126
2127         RUNNER_ASSERT_MSG(
2128                         CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(p12file, password, &ppkcs12)),
2129                         CKMCReadableError(temp));
2130         RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
2131         RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
2132         RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
2133
2134         ckmc_policy_s policy;
2135         policy.password = NULL;
2136         policy.extractable = 1;
2137
2138
2139         CKM::Alias pkey_alias = "pkey_alias2";
2140         RUNNER_ASSERT_MSG(
2141                         CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias.c_str(), *(ppkcs12->priv_key), policy)),
2142                         CKMCReadableError(temp));
2143
2144         CKM::Alias cert_alias = "cert_alias2";
2145         RUNNER_ASSERT_MSG(
2146                         CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias.c_str(), *(ppkcs12->cert), policy)),
2147                         CKMCReadableError(temp));
2148         std::string caCertAlias = "ca_cert_alias_2_";
2149         const char *idx = "0";
2150         int cnt = 0;
2151         ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
2152         while(tmpList != NULL) {
2153                 caCertAlias.append(idx);
2154                 RUNNER_ASSERT_MSG(
2155                                 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2156                                 CKMCReadableError(temp));
2157                 tmpList = tmpList->next;
2158                 cnt ++;
2159         }
2160
2161         RUNNER_ASSERT_MSG(cnt ==  2, "Invalid CA Cert Count");
2162
2163         ckmc_pkcs12_free(ppkcs12);
2164 }
2165
2166 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
2167 {
2168         int temp;
2169         RUNNER_ASSERT_MSG(
2170                         CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2171                         CKMCReadableError(temp));
2172         RUNNER_ASSERT_MSG(
2173                         CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2174                         CKMCReadableError(temp));
2175 }
2176
2177 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
2178
2179 namespace
2180 {
2181 CKM::Alias alias_PKCS_exportable = "CAPI-test-PKCS-export";
2182 CKM::Alias alias_PKCS_not_exportable = "CAPI-test-PKCS-no-export";
2183 CKM::Alias alias_PKCS_key_not_exportable = "CAPI-test-PKCS-no-key-export";
2184 }
2185
2186 RUNNER_TEST(T3101_CAPI_PKCS12_init)
2187 {
2188         remove_user_data(USER_APP);
2189 }
2190
2191 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
2192 {
2193         const char *wrong_passwd = "wrong";
2194         ckmc_pkcs12_s *ppkcs12 = NULL;
2195         int temp;
2196         RUNNER_ASSERT_MSG(
2197                         CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/test1801.pkcs12", wrong_passwd, &ppkcs12)),
2198                         CKMCReadableError(temp));
2199 }
2200
2201 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
2202 {
2203         ckmc_pkcs12_s *ppkcs12 = NULL;
2204         int temp;
2205         RUNNER_ASSERT_MSG(
2206                         CKMC_ERROR_NONE == (temp = ckmc_pkcs12_load(CKM_TEST_DIR "/pkcs.p12", NULL, &ppkcs12)),
2207                         CKMCReadableError(temp));
2208
2209         RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
2210         RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
2211         RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
2212
2213         // save to the CKM
2214         ckmc_policy_s exportable;
2215         exportable.password = NULL;
2216         exportable.extractable = 1;
2217         ckmc_policy_s notExportable;
2218         notExportable.password = NULL;
2219         notExportable.extractable = 0;
2220
2221         RUNNER_ASSERT_MSG(
2222                         CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2223                         CKMCReadableError(temp));
2224         RUNNER_ASSERT_MSG(
2225                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable.c_str(), ppkcs12, exportable, exportable)),
2226                         CKMCReadableError(temp));
2227         RUNNER_ASSERT_MSG(
2228                         CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2229                         CKMCReadableError(temp));
2230         RUNNER_ASSERT_MSG(
2231                         CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable.c_str(), ppkcs12, notExportable, notExportable)),
2232                         CKMCReadableError(temp));
2233         RUNNER_ASSERT_MSG(
2234                         CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_key_not_exportable.c_str(), ppkcs12, notExportable, exportable)),
2235                         CKMCReadableError(temp));
2236         RUNNER_ASSERT_MSG(CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_key_not_exportable.c_str(), ppkcs12, notExportable, exportable)),
2237                         CKMCReadableError(temp));
2238
2239         // try to lookup key
2240         ckmc_key_s *key_lookup = NULL;
2241         RUNNER_ASSERT_MSG(
2242                         CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2243                         CKMCReadableError(temp));
2244         ckmc_key_free(key_lookup);
2245         key_lookup = NULL;
2246         RUNNER_ASSERT_MSG(
2247                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), "", &key_lookup)),
2248                         CKMCReadableError(temp));
2249         ckmc_key_free(key_lookup);
2250         key_lookup = NULL;
2251         RUNNER_ASSERT_MSG(CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_key_not_exportable.c_str(), "", &key_lookup)),
2252                         CKMCReadableError(temp));
2253         ckmc_key_free(key_lookup);
2254
2255         // try to lookup certificate
2256         ckmc_cert_s *cert_lookup = NULL;
2257         RUNNER_ASSERT_MSG(
2258                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2259                         CKMCReadableError(temp));
2260         ckmc_cert_free(cert_lookup);
2261         cert_lookup = NULL;
2262         RUNNER_ASSERT_MSG(
2263                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2264                         CKMCReadableError(temp));
2265         ckmc_cert_free(cert_lookup);
2266         cert_lookup = NULL;
2267         RUNNER_ASSERT_MSG(
2268                         CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_key_not_exportable.c_str(), NULL, &cert_lookup)),
2269                         CKMCReadableError(temp));
2270         ckmc_cert_free(cert_lookup);
2271 }
2272
2273 RUNNER_TEST(T3104_CAPI_PKCS12_get_PKCS)
2274 {
2275         int temp;
2276         ckmc_pkcs12_s *pkcs = NULL;
2277
2278         // fail - no entry
2279         RUNNER_ASSERT_MSG(
2280                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12("i-do-not-exist", NULL, NULL, &pkcs)),
2281                         CKMCReadableError(temp));
2282         ckmc_pkcs12_free(pkcs);
2283         pkcs = NULL;
2284
2285         // fail - not exportable
2286         RUNNER_ASSERT_MSG(
2287                         CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable.c_str(), NULL, NULL, &pkcs)),
2288                         CKMCReadableError(temp));
2289         ckmc_pkcs12_free(pkcs);
2290         pkcs = NULL;
2291
2292         // success - partially exportable
2293         RUNNER_ASSERT_MSG(
2294                         CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_key_not_exportable.c_str(), NULL, NULL, &pkcs)),
2295                         CKMCReadableError(temp));
2296
2297         RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2298         RUNNER_ASSERT_MSG(NULL == pkcs->priv_key, "there should be no private key in PKCS12");
2299         RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2300         size_t cntr = 0;
2301         ckmc_cert_list_s *iter = pkcs->ca_chain;
2302         do {
2303                 cntr++;
2304                 iter = iter->next;
2305         } while (iter);
2306         RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2307
2308         ckmc_pkcs12_free(pkcs);
2309
2310
2311         // success - exportable
2312         RUNNER_ASSERT_MSG(
2313                         CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable.c_str(), NULL, NULL, &pkcs)),
2314                         CKMCReadableError(temp));
2315
2316         RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2317         RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2318         RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2319         cntr = 0;
2320         iter = pkcs->ca_chain;
2321         do {
2322                 cntr ++;
2323                 iter = iter->next;
2324         } while(iter);
2325         RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2326
2327         ckmc_pkcs12_free(pkcs);
2328 }
2329
2330 RUNNER_TEST(T3105_CAPI_PKCS12_create_and_verify_signature)
2331 {
2332         ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2333
2334         int temp;
2335         ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2336         ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2337         ckmc_raw_buffer_s *signature = NULL;
2338
2339         RUNNER_ASSERT_MSG(
2340                         CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2341                                         alias_PKCS_exportable.c_str(),
2342                                         NULL,
2343                                         msg_buff,
2344                                         hash_algo,
2345                                         pad_algo,
2346                                         &signature)),
2347                         CKMCReadableError(temp));
2348
2349         RUNNER_ASSERT_MSG(
2350                         CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2351                                         alias_PKCS_exportable.c_str(),
2352                                         NULL,
2353                                         msg_buff,
2354                                         *signature,
2355                                         hash_algo,
2356                                         pad_algo)),
2357                         CKMCReadableError(temp));
2358 }
2359
2360 RUNNER_TEST(T3106_CAPI_PKCS12_remove_bundle_with_chain_certs)
2361 {
2362         int tmp;
2363
2364         // remove the whole PKCS12 bundles
2365         RUNNER_ASSERT_MSG(
2366                         CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_exportable.c_str())),
2367                         CKMCReadableError(tmp));
2368         RUNNER_ASSERT_MSG(
2369                         CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_not_exportable.c_str())),
2370                         CKMCReadableError(tmp));
2371         RUNNER_ASSERT_MSG(
2372                         CKMC_ERROR_NONE == (tmp = ckmc_remove_alias(alias_PKCS_key_not_exportable.c_str())),
2373                         CKMCReadableError(tmp));
2374
2375         // expect lookup fails due to unknown alias
2376         // try to lookup key
2377         ckmc_key_s *key_lookup = NULL;
2378         RUNNER_ASSERT_MSG(
2379                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable.c_str(), NULL, &key_lookup)),
2380                         CKMCReadableError(tmp));
2381         ckmc_key_free(key_lookup);
2382         key_lookup = NULL;
2383         RUNNER_ASSERT_MSG(
2384                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable.c_str(), NULL, &key_lookup)),
2385                         CKMCReadableError(tmp));
2386         ckmc_key_free(key_lookup);
2387         key_lookup = NULL;
2388         RUNNER_ASSERT_MSG(
2389                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_key_not_exportable.c_str(), NULL, &key_lookup)),
2390                         CKMCReadableError(tmp));
2391         ckmc_key_free(key_lookup);
2392
2393         // try to lookup certificate
2394         ckmc_cert_s *cert_lookup = NULL;
2395         RUNNER_ASSERT_MSG(
2396                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable.c_str(), NULL, &cert_lookup)),
2397                         CKMCReadableError(tmp));
2398         ckmc_cert_free(cert_lookup);
2399         cert_lookup = NULL;
2400         RUNNER_ASSERT_MSG(
2401                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable.c_str(), NULL, &cert_lookup)),
2402                         CKMCReadableError(tmp));
2403         ckmc_cert_free(cert_lookup);
2404         cert_lookup = NULL;
2405         RUNNER_ASSERT_MSG(
2406                         CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_key_not_exportable.c_str(), NULL, &cert_lookup)),
2407                         CKMCReadableError(tmp));
2408         ckmc_cert_free(cert_lookup);
2409 }
2410
2411 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2412 {
2413         remove_user_data(USER_APP);
2414 }
2415
2416
2417 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2418
2419 RUNNER_TEST(T3201_CAPI_unlock_database)
2420 {
2421         reset_user_data(USER_APP, USER_PASS);
2422 }
2423
2424 RUNNER_TEST(T3202_CAPI_get_data_from_empty_database)
2425 {
2426         ScopedDBUnlock unlock(USER_APP, USER_PASS);
2427
2428         int temp;
2429         CKM::Alias alias = "mykey";
2430         char *password = NULL;
2431         ckmc_key_s *test_key = NULL;
2432
2433         RUNNER_ASSERT_MSG(
2434                 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2435                 "Error=" << temp);
2436
2437         RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2438 }
2439
2440 RUNNER_TEST(T3203_CAPI_lock_database)
2441 {
2442         ScopedDBUnlock unlock(USER_APP, USER_PASS);
2443
2444         int temp;
2445         RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2446                 CKMCReadableError(temp));
2447 }
2448
2449 RUNNER_TEST(T3204_CAPI_get_data_from_locked_database)
2450 {
2451         int temp;
2452         CKM::Alias alias = "mykey";
2453         char *password = NULL;
2454         ckmc_key_s *test_key = NULL;
2455
2456         RUNNER_ASSERT_MSG(
2457                 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias.c_str(), password, &test_key)),
2458                 CKMCReadableError(temp));
2459
2460         RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2461 }
2462
2463 RUNNER_TEST(T3204_deinit)
2464 {
2465         remove_user_data(USER_APP);
2466 }
2467
Domain: Security / Uncategorized;