projects / platform / core / test / security-tests.git / blob
? search:


cfb88a0824720fb46a20923b54869d8aec7e5766
[platform/core/test/security-tests.git] / src / ckm / unprivileged / key-wrapping.cpp
1 /*
2  *  Copyright (c) 2023 Samsung Electronics Co., Ltd All Rights Reserved
3  *
4  *  Licensed under the Apache License, Version 2.0 (the "License");
5  *  you may not use this file except in compliance with the License.
6  *  You may obtain a copy of the License at
7  *
8  *   http://www.apache.org/licenses/LICENSE-2.0
9  *
10  *  Unless required by applicable law or agreed to in writing, software
11  *  distributed under the License is distributed on an "AS IS" BASIS,
12  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  *  See the License for the specific language governing permissions and
14  *  limitations under the License
15  */
16
17 #include <string>
18
19 #include <dpl/test/test_runner.h>
20 #include <ckm-common.h>
21 #include <ckmc/ckmc-manager.h>
22 #include <ckmc/ckmc-control.h>
23
24 using namespace CKM;
25 namespace {
26
27 const uid_t UID = 5001;
28 ckmc_raw_buffer_s* DEFAULT_IV = nullptr;
29
30 const Alias AES_KEY_128_ALIAS = "AES-gen-test-128";
31 const Alias AES_KEY_192_ALIAS = "AES-gen-test-192";
32 const Alias AES_KEY_256_ALIAS = "AES-gen-test-256";
33 const Alias AES_KEY_128_PASS_ALIAS = "AES-gen-test-128-pass";
34 const Alias AES_KEY_UNEXP_PASS_ALIAS = "AES-gen-test-128-unexp-pass";
35 const Alias AES_KEY_UNEXP_ALIAS = "AES-gen-test-128-unexp";
36 const Alias RSA_KEY_1024_PRV_ALIAS = "RSA-gen-test-1024-prv";
37 const Alias RSA_KEY_1024_PUB_ALIAS = "RSA-gen-test-1024-pub";
38 const Alias RSA_KEY_2048_PRV_ALIAS = "RSA-gen-test-2048-prv";
39 const Alias RSA_KEY_2048_PUB_ALIAS = "RSA-gen-test-2048-pub";
40 const Alias RSA_KEY_4096_PRV_ALIAS = "RSA-gen-test-4096-prv";
41 const Alias RSA_KEY_4096_PUB_ALIAS = "RSA-gen-test-4096-pub";
42
43 const Alias IMP_AES_CTR = "imp-AES-CTR";
44 const Alias IMP_AES_CTR_PASS = "imp-AES-CTR-p";
45 const Alias IMPORTED_ALIAS = "imported-key-1";
46
47 const char* KEY_PASSWORD = "test-pass-1";
48 const ckmc_policy_s EXPORTABLE = {nullptr, 1};
49 const ckmc_policy_s EXPORTABLE_PASS = {const_cast<char*>(KEY_PASSWORD), 1};
50 const ckmc_policy_s UNEXPORTABLE = {nullptr, 0};
51 const ckmc_policy_s UNEXPORTABLE_PASS = {const_cast<char*>(KEY_PASSWORD), 0};
52
53 struct Algo {
54         ckmc_algo_type_e type;
55         size_t initVector;
56 };
57 const Algo AES_CTR_ALGO = {CKMC_ALGO_AES_CTR, 16};
58 const Algo AES_CBC_ALGO = {CKMC_ALGO_AES_CBC, 16};
59 const Algo AES_GCM_ALGO = {CKMC_ALGO_AES_GCM, 16};
60 const Algo AES_CFB_ALGO = {CKMC_ALGO_AES_CFB, 16};
61 const Algo RSA_OAEP_ALGO = {CKMC_ALGO_RSA_OAEP, 0};
62
63 void importKey(const Algo &algo,
64                 int buffLen,
65                 const Alias &wrappingKeyAlias,
66                 const char* wrappingKeyPass,
67                 const Alias &importedKeyAlias,
68                 const ckmc_policy_s &importedKeyPolicy);
69
70 class GroupFixture: public DPL::Test::TestGroup{
71 public:
72         void Init() override {
73                 remove_user_data(UID);
74                 int ret = ckmc_unlock_user_key(UID,"db-pass");
75                 if (ret != CKMC_ERROR_NONE)
76                         RUNNER_ERROR_MSG("DB unlock failed: " <<CKMCErrorToString(ret));
77
78                 assert_positive(ckmc_create_key_pair_rsa,
79                                 1024,
80                                 RSA_KEY_1024_PRV_ALIAS.c_str(),
81                                 RSA_KEY_1024_PUB_ALIAS.c_str(),
82                                 EXPORTABLE,
83                                 EXPORTABLE);
84
85                 assert_positive(ckmc_create_key_pair_rsa,
86                                 2048,
87                                 RSA_KEY_2048_PRV_ALIAS.c_str(),
88                                 RSA_KEY_2048_PUB_ALIAS.c_str(),
89                                 EXPORTABLE,
90                                 EXPORTABLE);
91
92                 assert_positive(ckmc_create_key_pair_rsa,
93                                 4096,
94                                 RSA_KEY_4096_PRV_ALIAS.c_str(),
95                                 RSA_KEY_4096_PUB_ALIAS.c_str(),
96                                 EXPORTABLE,
97                                 EXPORTABLE);
98
99                 assert_positive(ckmc_create_key_aes, 128, AES_KEY_128_ALIAS.c_str(), EXPORTABLE);
100                 assert_positive(ckmc_create_key_aes, 192, AES_KEY_192_ALIAS.c_str(), EXPORTABLE);
101                 assert_positive(ckmc_create_key_aes, 256, AES_KEY_256_ALIAS.c_str(), EXPORTABLE);
102                 assert_positive(ckmc_create_key_aes, 128, AES_KEY_128_PASS_ALIAS.c_str(), EXPORTABLE_PASS);
103                 assert_positive(ckmc_create_key_aes, 128, AES_KEY_UNEXP_ALIAS.c_str(), UNEXPORTABLE);
104                 assert_positive(ckmc_create_key_aes, 128, AES_KEY_UNEXP_PASS_ALIAS.c_str(), UNEXPORTABLE_PASS);
105
106                 importKey(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, IMP_AES_CTR, EXPORTABLE);
107                 importKey(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, IMP_AES_CTR_PASS, EXPORTABLE_PASS);
108         }
109         void Finish() override {
110                 int ret = ckmc_lock_user_key(UID);
111                 if (ret != CKMC_ERROR_NONE)
112                         RUNNER_ERROR_MSG("DB lock failed: " <<CKMCErrorToString(ret));
113
114                 remove_user_data(UID);
115                 ckmc_buffer_free(DEFAULT_IV);
116
117                 ckmc_remove_key(RSA_KEY_1024_PRV_ALIAS.c_str());
118                 ckmc_remove_key(RSA_KEY_1024_PUB_ALIAS.c_str());
119                 ckmc_remove_key(RSA_KEY_2048_PRV_ALIAS.c_str());
120                 ckmc_remove_key(RSA_KEY_2048_PUB_ALIAS.c_str());
121                 ckmc_remove_key(RSA_KEY_4096_PRV_ALIAS.c_str());
122                 ckmc_remove_key(RSA_KEY_4096_PUB_ALIAS.c_str());
123                 ckmc_remove_key(AES_KEY_128_ALIAS.c_str());
124                 ckmc_remove_key(AES_KEY_192_ALIAS.c_str());
125                 ckmc_remove_key(AES_KEY_256_ALIAS.c_str());
126                 ckmc_remove_key(AES_KEY_128_PASS_ALIAS.c_str());
127                 ckmc_remove_key(AES_KEY_UNEXP_ALIAS.c_str());
128                 ckmc_remove_key(AES_KEY_UNEXP_PASS_ALIAS.c_str());
129
130                 ckmc_remove_key(IMP_AES_CTR.c_str());
131                 ckmc_remove_key(IMP_AES_CTR_PASS.c_str());
132         }
133 };
134
135 ParamListPtr getDefaultParams(const Algo &algo){
136         ckmc_param_list_h handle = nullptr;
137
138         assert_positive(ckmc_generate_new_params, algo.type, &handle);
139         ParamListPtr params = ParamListPtr(handle, ckmc_param_list_free);
140         if(algo.type == CKMC_ALGO_RSA_OAEP)
141                 return params;
142
143         DEFAULT_IV = createRandomBufferCAPI(algo.initVector);
144         setParam(params, CKMC_PARAM_ED_IV, DEFAULT_IV);
145         return params;
146 }
147
148 RawBufferPtr encryptAndImport(const ParamListPtr &params,
149                         int buffLen,
150                         const Alias &wrappingKeyAlias,
151                         const char* wrappingKeyPass,
152                         const Alias &importedKeyAlias,
153                         const ckmc_policy_s &importedKeyPolicy){
154         RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
155
156         ckmc_raw_buffer_s *encrypted = nullptr;
157         ckmc_key_s *aesKey = nullptr;
158
159         assert_positive(ckmc_encrypt_data,
160                                 params.get(),
161                                 wrappingKeyAlias.c_str(),
162                                 wrappingKeyPass,
163                                 *plainData.get(),
164                                 &encrypted);
165
166         assert_positive(ckmc_key_new,
167                                 encrypted->data,
168                                 encrypted->size,
169                                 CKMC_KEY_AES,
170                                 nullptr,
171                                 &aesKey);
172
173         assert_positive(ckmc_import_wrapped_key,
174                                 params.get(),
175                                 wrappingKeyAlias.c_str(),
176                                 wrappingKeyPass,
177                                 importedKeyAlias.c_str(),
178                                 aesKey,
179                                 importedKeyPolicy);
180
181         ckmc_buffer_free(encrypted);
182         ckmc_key_free(aesKey);
183         return plainData;
184 }
185 void testInvalidAlgoParameters(const ParamListPtr &invalidParams, const Algo &algo){
186         ParamListPtr params = getDefaultParams(algo);
187         RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(32));
188
189         ckmc_raw_buffer_s *encrypted = nullptr;
190         ckmc_key_s *aesKey = nullptr;
191
192         assert_positive(ckmc_encrypt_data,
193                                 params.get(),
194                                 AES_KEY_128_ALIAS.c_str(),
195                                 nullptr,
196                                 *plainData.get(),
197                                 &encrypted);
198
199         assert_positive(ckmc_key_new,
200                                 encrypted->data,
201                                 encrypted->size,
202                                 CKMC_KEY_AES,
203                                 nullptr,
204                                 &aesKey);
205
206         assert_invalid_param(ckmc_import_wrapped_key,
207                                 invalidParams.get(),
208                                 AES_KEY_128_ALIAS.c_str(),
209                                 nullptr,
210                                 IMPORTED_ALIAS.c_str(),
211                                 aesKey,
212                                 EXPORTABLE);
213
214         ckmc_buffer_free(encrypted);
215         ckmc_key_free(aesKey);
216 }
217 void testImportInvalidBuffLen(const Algo &algo,
218                         int buffLen,
219                         const Alias &wrappingKeyAlias){
220         RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
221
222         ckmc_raw_buffer_s *encrypted = nullptr;
223         ckmc_key_s *aesKey = nullptr;
224
225         ParamListPtr params = getDefaultParams(algo);
226
227         assert_positive(ckmc_encrypt_data,
228                                 params.get(),
229                                 wrappingKeyAlias.c_str(),
230                                 nullptr,
231                                 *plainData.get(),
232                                 &encrypted);
233
234         assert_positive(ckmc_key_new,
235                                 encrypted->data,
236                                 encrypted->size,
237                                 CKMC_KEY_AES,
238                                 nullptr,
239                                 &aesKey);
240
241         assert_invalid_param(ckmc_import_wrapped_key,
242                                 params.get(),
243                                 wrappingKeyAlias.c_str(),
244                                 nullptr,
245                                 IMPORTED_ALIAS.c_str(),
246                                 aesKey,
247                                 EXPORTABLE);
248         ckmc_buffer_free(encrypted);
249         ckmc_key_free(aesKey);
250 }
251
252 void testImportValidArgs(const Algo &algo, int buffLen, const Alias &wrappingKeyAlias){
253         ckmc_key_s *ppkey = nullptr;
254         ckmc_raw_buffer_s *finalData = nullptr;
255
256         ParamListPtr params = getDefaultParams(algo);
257
258         RawBufferPtr plainData = encryptAndImport(params,
259                                 buffLen,
260                                 wrappingKeyAlias,
261                                 nullptr,
262                                 IMPORTED_ALIAS.c_str(),
263                                 EXPORTABLE);
264
265         assert_positive(ckmc_get_key, IMPORTED_ALIAS.c_str(), nullptr, &ppkey);
266         assert_positive(ckmc_buffer_new, ppkey->raw_key, ppkey->key_size, &finalData);
267         assert_buffers_equal(plainData.get(), finalData);
268
269         ckmc_buffer_free(finalData);
270         ckmc_key_free(ppkey);
271         ckmc_remove_key(IMPORTED_ALIAS.c_str());
272 }
273
274 void testBadWrappedKey(const Algo &algo){
275         ParamListPtr params = getDefaultParams(algo);
276         ckmc_key_s *wrongKey = generate_AES_key(128, nullptr);
277
278         assert_invalid_param(ckmc_import_wrapped_key,
279                                 params.get(),
280                                 AES_KEY_128_ALIAS.c_str(),
281                                 nullptr,
282                                 IMPORTED_ALIAS.c_str(),
283                                 wrongKey,
284                                 EXPORTABLE);
285
286         ckmc_key_free(wrongKey);
287 }
288
289 void testExportableImported(const Algo &algo,
290                         int buffLen,
291                         const Alias &wrappingKeyAlias,
292                         const char* wrappingKeyPass,
293                         const ckmc_policy_s &importedKeyPolicy,
294                         const char* importedKeyPass){
295         ckmc_key_s *ppkey = nullptr;
296         ckmc_raw_buffer_s* finalData = nullptr;
297
298         ParamListPtr params = getDefaultParams(algo);
299
300         RawBufferPtr plainData = encryptAndImport(params,
301                                 buffLen,
302                                 wrappingKeyAlias,
303                                 wrappingKeyPass,
304                                 IMPORTED_ALIAS.c_str(),
305                                 importedKeyPolicy);
306
307         assert_positive(ckmc_get_key,
308                                 IMPORTED_ALIAS.c_str(),
309                                 importedKeyPass,
310                                 &ppkey);
311
312         assert_positive(ckmc_buffer_new,
313                                 ppkey->raw_key,
314                                 ppkey->key_size,
315                                 &finalData);
316
317         assert_buffers_equal(plainData.get(), finalData);
318
319         ckmc_buffer_free(finalData);
320         ckmc_key_free(ppkey);
321         ckmc_remove_key(IMPORTED_ALIAS.c_str());
322 }
323
324 void testUnEXPORTABLEImported(const Algo &algo,
325                         int buffLen,
326                         const Alias &wrappingKeyAlias,
327                         const char* wrappingKeyPass,
328                         const ckmc_policy_s &importedKeyPolicy,
329                         const char* importedKeyPass){
330         ckmc_key_s *ppkey = nullptr;
331         ParamListPtr params = getDefaultParams(algo);
332
333         RawBufferPtr plainData = encryptAndImport(params,
334                                 buffLen,
335                                 wrappingKeyAlias,
336                                 wrappingKeyPass,
337                                 IMPORTED_ALIAS.c_str(),
338                                 importedKeyPolicy);
339
340         assert_result(CKMC_ERROR_NOT_EXPORTABLE,
341                                 ckmc_get_key,
342                                 IMPORTED_ALIAS.c_str(),
343                                 importedKeyPass,
344                                 &ppkey);
345         ckmc_key_free(ppkey);
346         ckmc_remove_key(IMPORTED_ALIAS.c_str());
347 }
348
349 void importKey(const Algo &algo,
350                         int buffLen,
351                         const Alias &wrappingKeyAlias,
352                         const char* wrappingKeyPass,
353                         const Alias &importedKeyAlias,
354                         const ckmc_policy_s &importedKeyPolicy){
355         RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
356
357         ckmc_key_s *aesKey = nullptr;
358         ckmc_raw_buffer_s* encrypted = nullptr;
359
360         ParamListPtr params = getDefaultParams(algo);
361
362         assert_positive(ckmc_encrypt_data,
363                                 params.get(),
364                                 wrappingKeyAlias.c_str(),
365                                 wrappingKeyPass,
366                                 *plainData.get(),
367                                 &encrypted);
368
369         assert_positive(ckmc_key_new,
370                                 encrypted->data,
371                                 encrypted->size,
372                                 CKMC_KEY_AES,
373                                 nullptr,
374                                 &aesKey);
375
376         assert_positive(ckmc_import_wrapped_key,
377                                 params.get(),
378                                 wrappingKeyAlias.c_str(),
379                                 wrappingKeyPass,
380                                 importedKeyAlias.c_str(),
381                                 aesKey,
382                                 importedKeyPolicy);
383
384         ckmc_buffer_free(encrypted);
385         ckmc_key_free(aesKey);
386 }
387
388 void testImportExportValidArgs(const Algo &algo,
389                         int buffLen,
390                         const Alias &wrappingKeyAlias,
391                         const char* wrappingKeyPass,
392                         const ckmc_policy_s &importedKeyPolicy,
393                         const char* importedKeyPass){
394         ckmc_key_s *ppkey = nullptr;
395         ckmc_raw_buffer_s* finalData = nullptr;
396         ckmc_raw_buffer_s* decrypted = nullptr;
397
398         ParamListPtr params = getDefaultParams(algo);
399
400         RawBufferPtr plainData = encryptAndImport(params,
401                                 buffLen,
402                                 wrappingKeyAlias.c_str(),
403                                 wrappingKeyPass,
404                                 IMPORTED_ALIAS,
405                                 importedKeyPolicy);
406
407         assert_positive(ckmc_export_wrapped_key,
408                                 params.get(),
409                                 wrappingKeyAlias.c_str(),
410                                 wrappingKeyPass,
411                                 IMPORTED_ALIAS.c_str(),
412                                 importedKeyPass,
413                                 &ppkey);
414
415         assert_positive(ckmc_buffer_new,
416                                 ppkey->raw_key,
417                                 ppkey->key_size,
418                                 &finalData);
419
420         assert_positive(ckmc_decrypt_data,
421                                 params.get(),
422                                 wrappingKeyAlias.c_str(),
423                                 wrappingKeyPass,
424                                 *finalData,
425                                 &decrypted);
426
427         assert_buffers_equal(plainData.get(), decrypted);
428
429         ckmc_buffer_free(finalData);
430         ckmc_buffer_free(decrypted);
431         ckmc_key_free(ppkey);
432         ckmc_remove_key(IMPORTED_ALIAS.c_str());
433 }
434
435 }       //END OF THE NAMESPACE
436
437 RUNNER_TEST_GROUP_INIT_ENV(CKM_KEY_WRAPPING, GroupFixture);
438
439 RUNNER_TEST(TKW_NO_ADDED_ALGO){
440         RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(32));
441
442         ckmc_key_s *aesKey = nullptr;
443         ckmc_raw_buffer_s* encrypted = nullptr;
444
445         ParamListPtr params = getDefaultParams(AES_CBC_ALGO);
446
447         ckmc_param_list_h handle = nullptr;
448
449         assert_positive(ckmc_encrypt_data,
450                                 params.get(),
451                                 AES_KEY_128_ALIAS.c_str(),
452                                 nullptr,
453                                 *plainData.get(),
454                                 &encrypted);
455
456         assert_positive(ckmc_key_new,
457                                 encrypted->data,
458                                 encrypted->size,
459                                 CKMC_KEY_AES,
460                                 nullptr,
461                                 &aesKey);
462
463         assert_invalid_param(ckmc_import_wrapped_key,
464                                 handle,
465                                 AES_KEY_128_ALIAS.c_str(),
466                                 nullptr,
467                                 IMPORTED_ALIAS.c_str(),
468                                 aesKey,
469                                 EXPORTABLE);
470         ckmc_buffer_free(encrypted);
471         ckmc_key_free(aesKey);
472 }
473
474 RUNNER_TEST(TKW_WRONG_ALGO_PARAMS){
475         ckmc_param_list_h handle = nullptr;
476         assert_positive(ckmc_generate_new_params, AES_CTR_ALGO.type, &handle);
477         ParamListPtr invalidParams = ParamListPtr(handle, ckmc_param_list_free);
478         ckmc_raw_buffer_s *initVec = createRandomBufferCAPI(8);
479         setParam(invalidParams, CKMC_PARAM_ED_IV, initVec);
480
481         testInvalidAlgoParameters(invalidParams, AES_CTR_ALGO);
482
483         ckmc_buffer_free(initVec);
484         invalidParams.reset();
485         assert_positive(ckmc_generate_new_params, AES_GCM_ALGO.type, &handle);
486         invalidParams = ParamListPtr(handle, ckmc_param_list_free);
487         initVec = createRandomBufferCAPI(16);
488         setParam(invalidParams, CKMC_PARAM_ED_IV, initVec);
489         setParam(invalidParams, CKMC_PARAM_ED_TAG_LEN, 130);
490
491         testInvalidAlgoParameters(invalidParams, AES_GCM_ALGO);
492
493         ckmc_buffer_free(initVec);
494 }
495
496 RUNNER_TEST(TKW_WRONG_PASS_WRAPPING_KEY){
497         int buffLen = 32;
498         RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(buffLen));
499
500         ckmc_key_s *aesKey = nullptr;
501         ckmc_raw_buffer_s* encrypted = nullptr;
502         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
503
504         assert_positive(ckmc_encrypt_data,
505                                 params.get(),
506                                 AES_KEY_128_PASS_ALIAS.c_str(),
507                                 KEY_PASSWORD,
508                                 *plainData.get(),
509                                 &encrypted);
510
511         assert_positive(ckmc_key_new,
512                                 encrypted->data,
513                                 encrypted->size,
514                                 CKMC_KEY_AES,
515                                 nullptr,
516                                 &aesKey);
517
518         assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
519                                 ckmc_import_wrapped_key,
520                                 params.get(),
521                                 AES_KEY_128_PASS_ALIAS.c_str(),
522                                 "wrong_password",
523                                 IMPORTED_ALIAS.c_str(),
524                                 aesKey,
525                                 UNEXPORTABLE);
526
527         assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
528                                 ckmc_import_wrapped_key,
529                                 params.get(),
530                                 AES_KEY_128_PASS_ALIAS.c_str(),
531                                 "",
532                                 IMPORTED_ALIAS.c_str(),
533                                 aesKey,
534                                 UNEXPORTABLE);
535
536         assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
537                                 ckmc_import_wrapped_key,
538                                 params.get(),
539                                 AES_KEY_128_ALIAS.c_str(),
540                                 "non_empty_password",
541                                 IMPORTED_ALIAS.c_str(),
542                                 aesKey,
543                                 UNEXPORTABLE);
544
545         ckmc_buffer_free(encrypted);
546         ckmc_key_free(aesKey);
547 }
548
549 RUNNER_TEST(TKW_UNKNOWN_ALIAS_WRAPPING_KEY){
550         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
551         ckmc_key_s *key = generate_AES_key(128, nullptr);
552
553         assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
554                                 ckmc_import_wrapped_key,
555                                 params.get(),
556                                 "unknown_alias",
557                                 nullptr,
558                                 IMPORTED_ALIAS.c_str(),
559                                 key,
560                                 EXPORTABLE);
561
562         ckmc_key_free(key);
563 }
564
565 RUNNER_TEST(TKW_EXISTING_ALIAS_WRAPPING_KEY){
566         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
567         ckmc_key_s *key = generate_AES_key(128, nullptr);
568
569         assert_result(CKMC_ERROR_DB_ALIAS_EXISTS,
570                                 ckmc_import_wrapped_key,
571                                 params.get(),
572                                 AES_KEY_128_ALIAS.c_str(),
573                                 nullptr,
574                                 IMP_AES_CTR.c_str(),
575                                 key,
576                                 EXPORTABLE);
577
578         ckmc_key_free(key);
579 }
580
581 RUNNER_TEST(TKW_INVALID_ALIAS_IMPORT){
582         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
583         ckmc_key_s *key = generate_AES_key(128, nullptr);
584         Alias invalidAlias = "invalid alias";
585
586         assert_result(CKMC_ERROR_PERMISSION_DENIED,
587                                 ckmc_import_wrapped_key,
588                                 params.get(),
589                                 AES_KEY_128_ALIAS.c_str(),
590                                 nullptr,
591                                 invalidAlias.c_str(),
592                                 key,
593                                 EXPORTABLE);
594
595         ckmc_key_free(key);
596 }
597
598 RUNNER_TEST(TKW_BAD_WRAPPED_KEY){
599         testBadWrappedKey(AES_CBC_ALGO);
600         testBadWrappedKey(AES_GCM_ALGO);
601         testBadWrappedKey(RSA_OAEP_ALGO);
602 }
603
604 RUNNER_TEST(TKW_NULL_PARAMETER){
605         RawBufferPtr plainData = create_raw_buffer(createRandomBufferCAPI(16));
606
607         ckmc_key_s *aesKey = nullptr;
608         ckmc_raw_buffer_s* encrypted = nullptr;
609
610         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
611
612         assert_positive(ckmc_encrypt_data,
613                                 params.get(),
614                                 AES_KEY_128_ALIAS.c_str(),
615                                 nullptr,
616                                 *plainData.get(),
617                                 &encrypted);
618
619         assert_positive(ckmc_key_new,
620                                 encrypted->data,
621                                 encrypted->size,
622                                 CKMC_KEY_AES,
623                                 nullptr,
624                                 &aesKey);
625
626         assert_invalid_param(ckmc_import_wrapped_key,
627                                 nullptr,
628                                 AES_KEY_128_ALIAS.c_str(),
629                                 nullptr,
630                                 IMPORTED_ALIAS.c_str(),
631                                 aesKey,
632                                 EXPORTABLE);
633
634         assert_invalid_param(ckmc_import_wrapped_key,
635                                 params.get(),
636                                 nullptr,
637                                 nullptr,
638                                 IMPORTED_ALIAS.c_str(),
639                                 aesKey,
640                                 EXPORTABLE);
641
642         assert_invalid_param(ckmc_import_wrapped_key,
643                                 params.get(),
644                                 AES_KEY_128_ALIAS.c_str(),
645                                 nullptr,
646                                 nullptr,
647                                 aesKey,
648                                 EXPORTABLE);
649
650         assert_invalid_param(ckmc_import_wrapped_key,
651                                 params.get(),
652                                 AES_KEY_128_ALIAS.c_str(),
653                                 nullptr,
654                                 IMPORTED_ALIAS.c_str(),
655                                 nullptr,
656                                 EXPORTABLE);
657         ckmc_buffer_free(encrypted);
658         ckmc_key_free(aesKey);
659 }
660
661 RUNNER_TEST(TKW_VALID_ARGS_AES_CTR_128){
662         testImportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS);
663         testImportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_ALIAS);
664         testImportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_ALIAS);
665 }
666
667 RUNNER_TEST(TKW_VALID_ARGS_AES_CBC_128){
668         testImportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_ALIAS);
669         testImportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_ALIAS);
670         testImportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_ALIAS);
671 }
672
673 RUNNER_TEST(TKW_VALID_ARGS_AES_GCM_128){
674         testImportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_ALIAS);
675         testImportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_ALIAS);
676         testImportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_ALIAS);
677 }
678
679 RUNNER_TEST(TKW_VALID_ARGS_AES_CFB_128){
680         testImportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_ALIAS);
681         testImportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_ALIAS);
682         testImportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_ALIAS);
683 }
684
685 RUNNER_TEST(TKW_VALID_ARGS_AES_CTR_192){
686         testImportValidArgs(AES_CTR_ALGO, 16, AES_KEY_192_ALIAS);
687         testImportValidArgs(AES_CTR_ALGO, 24, AES_KEY_192_ALIAS);
688         testImportValidArgs(AES_CTR_ALGO, 32, AES_KEY_192_ALIAS);
689 }
690
691 RUNNER_TEST(TKW_VALID_ARGS_AES_CBC_192){
692         testImportValidArgs(AES_CBC_ALGO, 16, AES_KEY_192_ALIAS);
693         testImportValidArgs(AES_CBC_ALGO, 24, AES_KEY_192_ALIAS);
694         testImportValidArgs(AES_CBC_ALGO, 32, AES_KEY_192_ALIAS);
695 }
696
697 RUNNER_TEST(TKW_VALID_ARGS_AES_GCM_192){
698         testImportValidArgs(AES_GCM_ALGO, 16, AES_KEY_192_ALIAS);
699         testImportValidArgs(AES_GCM_ALGO, 24, AES_KEY_192_ALIAS);
700         testImportValidArgs(AES_GCM_ALGO, 32, AES_KEY_192_ALIAS);
701 }
702
703 RUNNER_TEST(TKW_VALID_ARGS_AES_CFB_192){
704         testImportValidArgs(AES_CFB_ALGO, 16, AES_KEY_192_ALIAS);
705         testImportValidArgs(AES_CFB_ALGO, 24, AES_KEY_192_ALIAS);
706         testImportValidArgs(AES_CFB_ALGO, 32, AES_KEY_192_ALIAS);
707 }
708 RUNNER_TEST(TKW_VALID_ARGS_AES_CTR_256){
709         testImportValidArgs(AES_CTR_ALGO, 16, AES_KEY_256_ALIAS);
710         testImportValidArgs(AES_CTR_ALGO, 24, AES_KEY_256_ALIAS);
711         testImportValidArgs(AES_CTR_ALGO, 32, AES_KEY_256_ALIAS);
712 }
713
714 RUNNER_TEST(TKW_VALID_ARGS_AES_CBC_256){
715         testImportValidArgs(AES_CBC_ALGO, 16, AES_KEY_256_ALIAS);
716         testImportValidArgs(AES_CBC_ALGO, 24, AES_KEY_256_ALIAS);
717         testImportValidArgs(AES_CBC_ALGO, 32, AES_KEY_256_ALIAS);
718 }
719
720 RUNNER_TEST(TKW_VALID_ARGS_AES_GCM_256){
721         testImportValidArgs(AES_GCM_ALGO, 16, AES_KEY_256_ALIAS);
722         testImportValidArgs(AES_GCM_ALGO, 24, AES_KEY_256_ALIAS);
723         testImportValidArgs(AES_GCM_ALGO, 32, AES_KEY_256_ALIAS);
724 }
725
726 RUNNER_TEST(TKW_VALID_ARGS_AES_CFB_256){
727         testImportValidArgs(AES_CFB_ALGO, 16, AES_KEY_256_ALIAS);
728         testImportValidArgs(AES_CFB_ALGO, 24, AES_KEY_256_ALIAS);
729         testImportValidArgs(AES_CFB_ALGO, 32, AES_KEY_256_ALIAS);
730 }
731
732 RUNNER_TEST(TKW_AES_CTR_INVALID_BUFF_LENGTH){
733         testImportInvalidBuffLen(AES_CTR_ALGO, 8, AES_KEY_128_ALIAS);
734         testImportInvalidBuffLen(AES_CTR_ALGO, 12, AES_KEY_128_ALIAS);
735         testImportInvalidBuffLen(AES_CTR_ALGO, 128, AES_KEY_128_ALIAS);
736         testImportInvalidBuffLen(AES_CTR_ALGO, 8, AES_KEY_192_ALIAS);
737         testImportInvalidBuffLen(AES_CTR_ALGO, 12, AES_KEY_192_ALIAS);
738         testImportInvalidBuffLen(AES_CTR_ALGO, 128, AES_KEY_192_ALIAS);
739         testImportInvalidBuffLen(AES_CTR_ALGO, 8, AES_KEY_256_ALIAS);
740         testImportInvalidBuffLen(AES_CTR_ALGO, 12, AES_KEY_256_ALIAS);
741         testImportInvalidBuffLen(AES_CTR_ALGO, 128, AES_KEY_256_ALIAS);
742 }
743
744 RUNNER_TEST(TKW_AES_CBC_INVALID_BUFF_LENGTH){
745         testImportInvalidBuffLen(AES_CBC_ALGO, 8, AES_KEY_128_ALIAS);
746         testImportInvalidBuffLen(AES_CBC_ALGO, 12, AES_KEY_128_ALIAS);
747         testImportInvalidBuffLen(AES_CBC_ALGO, 128, AES_KEY_128_ALIAS);
748         testImportInvalidBuffLen(AES_CBC_ALGO, 8, AES_KEY_192_ALIAS);
749         testImportInvalidBuffLen(AES_CBC_ALGO, 12, AES_KEY_192_ALIAS);
750         testImportInvalidBuffLen(AES_CBC_ALGO, 128, AES_KEY_192_ALIAS);
751         testImportInvalidBuffLen(AES_CBC_ALGO, 8, AES_KEY_256_ALIAS);
752         testImportInvalidBuffLen(AES_CBC_ALGO, 12, AES_KEY_256_ALIAS);
753         testImportInvalidBuffLen(AES_CBC_ALGO, 128, AES_KEY_256_ALIAS);
754 }
755 RUNNER_TEST(TKW_AES_GCM_INVALID_BUFF_LENGTH){
756         testImportInvalidBuffLen(AES_GCM_ALGO, 8, AES_KEY_128_ALIAS);
757         testImportInvalidBuffLen(AES_GCM_ALGO, 12, AES_KEY_128_ALIAS);
758         testImportInvalidBuffLen(AES_GCM_ALGO, 128, AES_KEY_128_ALIAS);
759         testImportInvalidBuffLen(AES_GCM_ALGO, 8, AES_KEY_192_ALIAS);
760         testImportInvalidBuffLen(AES_GCM_ALGO, 12, AES_KEY_192_ALIAS);
761         testImportInvalidBuffLen(AES_GCM_ALGO, 128, AES_KEY_192_ALIAS);
762         testImportInvalidBuffLen(AES_GCM_ALGO, 8, AES_KEY_256_ALIAS);
763         testImportInvalidBuffLen(AES_GCM_ALGO, 12, AES_KEY_256_ALIAS);
764         testImportInvalidBuffLen(AES_GCM_ALGO, 128, AES_KEY_256_ALIAS);
765 }
766
767 RUNNER_TEST(TKW_AES_CFB_INVALID_BUFF_LENGTH){
768         testImportInvalidBuffLen(AES_CFB_ALGO, 8, AES_KEY_128_ALIAS);
769         testImportInvalidBuffLen(AES_CFB_ALGO, 12, AES_KEY_128_ALIAS);
770         testImportInvalidBuffLen(AES_CFB_ALGO, 128, AES_KEY_128_ALIAS);
771         testImportInvalidBuffLen(AES_CFB_ALGO, 8, AES_KEY_192_ALIAS);
772         testImportInvalidBuffLen(AES_CFB_ALGO, 12, AES_KEY_192_ALIAS);
773         testImportInvalidBuffLen(AES_CFB_ALGO, 128, AES_KEY_192_ALIAS);
774         testImportInvalidBuffLen(AES_CFB_ALGO, 8, AES_KEY_256_ALIAS);
775         testImportInvalidBuffLen(AES_CFB_ALGO, 12, AES_KEY_256_ALIAS);
776         testImportInvalidBuffLen(AES_CFB_ALGO, 128, AES_KEY_256_ALIAS);
777 }
778
779 RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_1024){
780         testImportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PRV_ALIAS);
781         testImportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PRV_ALIAS);
782         testImportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PRV_ALIAS);
783 }
784
785 RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_2048){
786         testImportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PRV_ALIAS);
787         testImportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PRV_ALIAS);
788         testImportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PRV_ALIAS);
789 }
790
791 RUNNER_TEST(TKW_VALID_ARGS_RSA_OAEP_4096){
792         testImportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PRV_ALIAS);
793         testImportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PRV_ALIAS);
794         testImportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PRV_ALIAS);
795 }
796
797 RUNNER_TEST(TKW_RSAOAEP_INVALID_BUFF_LENGTH){
798         testImportInvalidBuffLen(RSA_OAEP_ALGO, 8, RSA_KEY_1024_PRV_ALIAS);
799         testImportInvalidBuffLen(RSA_OAEP_ALGO, 12, RSA_KEY_1024_PRV_ALIAS);
800         testImportInvalidBuffLen(RSA_OAEP_ALGO, 82, RSA_KEY_1024_PRV_ALIAS);
801         testImportInvalidBuffLen(RSA_OAEP_ALGO, 8, RSA_KEY_2048_PRV_ALIAS);
802         testImportInvalidBuffLen(RSA_OAEP_ALGO, 12, RSA_KEY_2048_PRV_ALIAS);
803         testImportInvalidBuffLen(RSA_OAEP_ALGO, 82, RSA_KEY_2048_PRV_ALIAS);
804         testImportInvalidBuffLen(RSA_OAEP_ALGO, 8, RSA_KEY_4096_PRV_ALIAS);
805         testImportInvalidBuffLen(RSA_OAEP_ALGO, 12, RSA_KEY_4096_PRV_ALIAS);
806         testImportInvalidBuffLen(RSA_OAEP_ALGO, 82, RSA_KEY_4096_PRV_ALIAS);
807 }
808
809 RUNNER_TEST(TKW_WRONG_TYPE_WRAPPING_KEY){
810         testImportInvalidBuffLen(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PUB_ALIAS);
811         testImportInvalidBuffLen(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PUB_ALIAS);
812         testImportInvalidBuffLen(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PUB_ALIAS);
813         testImportInvalidBuffLen(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PUB_ALIAS);
814         testImportInvalidBuffLen(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PUB_ALIAS);
815         testImportInvalidBuffLen(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PUB_ALIAS);
816         testImportInvalidBuffLen(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PUB_ALIAS);
817         testImportInvalidBuffLen(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PUB_ALIAS);
818         testImportInvalidBuffLen(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PUB_ALIAS);
819 }
820
821 RUNNER_TEST(TKW_DIF_POLICIES_EXPORTABLE_IMPORTED){
822         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
823         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
824         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, EXPORTABLE, nullptr);
825         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
826
827         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
828         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
829         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
830         testExportableImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
831 }
832
833 RUNNER_TEST(TKW_DIF_POLICIES_UNEXPORTABLE_IMPORTED){
834         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, UNEXPORTABLE, nullptr);
835         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE, nullptr);
836         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, UNEXPORTABLE, nullptr);
837         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE, nullptr);
838
839         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, UNEXPORTABLE_PASS, KEY_PASSWORD);
840         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE_PASS, KEY_PASSWORD);
841         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_ALIAS, nullptr, UNEXPORTABLE_PASS, KEY_PASSWORD);
842         testUnEXPORTABLEImported(AES_CTR_ALGO, 16, AES_KEY_UNEXP_PASS_ALIAS, KEY_PASSWORD, UNEXPORTABLE_PASS, KEY_PASSWORD);
843 }
844
845 RUNNER_TEST(TKW_EXPORT_IMPORTED_KEY){
846         ckmc_key_s *ppkey = nullptr;
847
848         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
849         assert_positive(ckmc_export_wrapped_key,
850                         params.get(),
851                         AES_KEY_128_ALIAS.c_str(),
852                         nullptr,
853                         IMP_AES_CTR.c_str(),
854                         nullptr,
855                         &ppkey);
856
857         ckmc_key_free(ppkey);
858 }
859
860 RUNNER_TEST(TKW_NO_ADDED_ALGO_EXPORT){
861         ckmc_key_s *ppkey = nullptr;
862         ckmc_param_list_h handle = nullptr;
863
864         assert_invalid_param(ckmc_export_wrapped_key,
865                                 handle,
866                                 AES_KEY_128_ALIAS.c_str(),
867                                 nullptr,
868                                 IMP_AES_CTR.c_str(),
869                                 nullptr,
870                                 &ppkey);
871
872         ckmc_key_free(ppkey);
873 }
874
875 RUNNER_TEST(TKW_EXPORT_UNKNOWN_WRAPPING_KEY_ALIAS){
876         ckmc_key_s *ppkey = nullptr;
877         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
878
879         assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
880                                 ckmc_export_wrapped_key,
881                                 params.get(),
882                                 "unknown_alias",
883                                 nullptr,
884                                 IMP_AES_CTR.c_str(),
885                                 nullptr,
886                                 &ppkey);
887
888         ckmc_key_free(ppkey);
889 }
890
891 RUNNER_TEST(TKW_EXPORT_UNKNOWN_IMPORTED_KEY_ALIAS){
892         ckmc_key_s *ppkey = nullptr;
893         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
894         Alias alias = "non_existing_alias";
895
896         assert_result(CKMC_ERROR_DB_ALIAS_UNKNOWN,
897                                 ckmc_export_wrapped_key,
898                                 params.get(),
899                                 AES_KEY_128_ALIAS.c_str(),
900                                 nullptr,
901                                 alias.c_str(),
902                                 nullptr,
903                                 &ppkey);
904
905         ckmc_key_free(ppkey);
906 }
907
908 RUNNER_TEST(TKW_EXPORT_AUTHENTICATION_FAILED){
909         ckmc_key_s *ppkey = nullptr;
910         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
911
912         assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
913                                 ckmc_export_wrapped_key,
914                                 params.get(),
915                                 AES_KEY_128_PASS_ALIAS.c_str(),
916                                 nullptr,
917                                 IMP_AES_CTR.c_str(),
918                                 nullptr,
919                                 &ppkey);
920
921         assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
922                                 ckmc_export_wrapped_key,
923                                 params.get(),
924                                 AES_KEY_128_PASS_ALIAS.c_str(),
925                                 "wrong_password",
926                                 IMP_AES_CTR.c_str(),
927                                 nullptr,
928                                 &ppkey);
929
930         assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
931                                 ckmc_export_wrapped_key,
932                                 params.get(),
933                                 AES_KEY_128_ALIAS.c_str(),
934                                 nullptr,
935                                 IMP_AES_CTR_PASS.c_str(),
936                                 nullptr,
937                                 &ppkey);
938
939         assert_result(CKMC_ERROR_AUTHENTICATION_FAILED,
940                                 ckmc_export_wrapped_key,
941                                 params.get(),
942                                 AES_KEY_128_ALIAS.c_str(),
943                                 nullptr,
944                                 IMP_AES_CTR_PASS.c_str(),
945                                 "wrong_password",
946                                 &ppkey);
947
948         ckmc_key_free(ppkey);
949 }
950
951 RUNNER_TEST(TKW_EXPORT_NULL_PARAMETER){
952         ckmc_key_s *ppkey = nullptr;
953         ParamListPtr params = getDefaultParams(AES_CTR_ALGO);
954
955         assert_invalid_param(ckmc_export_wrapped_key,
956                                 nullptr,
957                                 AES_KEY_128_ALIAS.c_str(),
958                                 nullptr,
959                                 IMP_AES_CTR.c_str(),
960                                 nullptr,
961                                 &ppkey);
962
963         assert_invalid_param(ckmc_export_wrapped_key,
964                                 params.get(),
965                                 nullptr,
966                                 nullptr,
967                                 IMP_AES_CTR.c_str(),
968                                 nullptr,
969                                 &ppkey);
970
971         assert_invalid_param(ckmc_export_wrapped_key,
972                                 params.get(),
973                                 AES_KEY_128_ALIAS.c_str(),
974                                 nullptr,
975                                 nullptr,
976                                 nullptr,
977                                 &ppkey);
978
979         assert_invalid_param(ckmc_export_wrapped_key,
980                                 params.get(),
981                                 AES_KEY_128_ALIAS.c_str(),
982                                 nullptr,
983                                 IMP_AES_CTR.c_str(),
984                                 nullptr,
985                                 nullptr);
986
987         ckmc_key_free(ppkey);
988 }
989
990 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CTR){
991         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
992         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
993         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
994         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
995         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
996         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
997         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
998         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
999         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1000
1001         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1002         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1003         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1004         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1005         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1006         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1007         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1008         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1009         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1010 }
1011
1012 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CTR_PASS){
1013         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1014         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1015         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1016
1017         testImportExportValidArgs(AES_CTR_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1018         testImportExportValidArgs(AES_CTR_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1019         testImportExportValidArgs(AES_CTR_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1020 }
1021
1022 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CBC){
1023         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1024         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1025         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1026         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1027         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1028         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1029         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1030         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1031         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1032
1033         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1034         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1035         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1036         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1037         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1038         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1039         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1040         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1041         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1042 }
1043
1044 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CBC_PASS){
1045         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1046         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1047         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1048
1049         testImportExportValidArgs(AES_CBC_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1050         testImportExportValidArgs(AES_CBC_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1051         testImportExportValidArgs(AES_CBC_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1052 }
1053
1054 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_GCM){
1055         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1056         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1057         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1058         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1059         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1060         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1061         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1062         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1063         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1064
1065         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1066         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1067         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1068         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1069         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1070         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1071         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1072         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1073         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1074 }
1075
1076 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_GCM_PASS){
1077         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1078         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1079         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1080
1081         testImportExportValidArgs(AES_GCM_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1082         testImportExportValidArgs(AES_GCM_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1083         testImportExportValidArgs(AES_GCM_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1084 }
1085
1086 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CFB){
1087         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1088         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1089         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE, nullptr);
1090         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1091         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1092         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE, nullptr);
1093         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1094         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1095         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE, nullptr);
1096
1097         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1098         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1099         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1100         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1101         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1102         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_192_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1103         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1104         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1105         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_256_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1106 }
1107
1108 RUNNER_TEST(TKW_IMPORT_EXPORT_AES_CFB_PASS){
1109         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1110         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1111         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE, nullptr);
1112
1113         testImportExportValidArgs(AES_CFB_ALGO, 16, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1114         testImportExportValidArgs(AES_CFB_ALGO, 24, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1115         testImportExportValidArgs(AES_CFB_ALGO, 32, AES_KEY_128_PASS_ALIAS, KEY_PASSWORD, EXPORTABLE_PASS, KEY_PASSWORD);
1116 }
1117
1118 RUNNER_TEST(TKW_IMPORT_EXPORT_RSA_OAEP){
1119         testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1120         testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1121         testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1122         testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1123         testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1124         testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1125         testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1126         testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1127         testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE, nullptr);
1128
1129         testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1130         testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1131         testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_1024_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1132         testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1133         testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1134         testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_2048_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1135         testImportExportValidArgs(RSA_OAEP_ALGO, 16, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1136         testImportExportValidArgs(RSA_OAEP_ALGO, 24, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1137         testImportExportValidArgs(RSA_OAEP_ALGO, 32, RSA_KEY_4096_PRV_ALIAS, nullptr, EXPORTABLE_PASS, KEY_PASSWORD);
1138 }
Domain: Security / Uncategorized;