2 * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
25 #include <dpl/test/test_runner.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
29 #include <ckm_helpers.h>
31 #include <ckm-common.h>
32 #include <ckm/ckm-manager.h>
33 #include <ckm/ckm-control.h>
34 #include <ckm/ckm-password.h>
35 #include <ckm/ckm-type.h>
36 #include <ckm/ckm-pkcs12.h>
38 #include <openssl/x509.h>
39 #include <openssl/x509v3.h>
41 #include <tzplatform_config.h>
44 const int USER_APP = 5001;
46 const int USER_APP_2 = 5020;
47 const int USER_APP_3 = 5030;
49 const char * const APP_PASS = "user-pass";
50 const int USER_TEST = 5001;
52 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
53 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
54 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
55 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
56 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
57 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
58 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
59 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
60 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
62 "-----END PUBLIC KEY-----";
64 } // namespace anonymous
67 * How to numerate tests:
69 * T - test case (always T)
70 * AB - number of test group (always two digits)
71 * C - test number in group (all tests with same TABC must be run in the same time).
74 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
76 RUNNER_TEST(T0011_Control)
79 auto control = CKM::Control::create();
81 control->removeUserData(0);
82 control->removeUserData(USER_APP_2);
83 control->removeUserData(USER_APP);
86 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
87 "Error=" << CKM::APICodeToString(temp));
90 RUNNER_TEST(T0012_Control)
93 auto control = CKM::Control::create();
95 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
96 "Error=" << CKM::APICodeToString(temp));
98 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
99 "Error=" << CKM::APICodeToString(temp));
102 RUNNER_TEST(T0013_Control)
105 auto control = CKM::Control::create();
107 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
108 "Error=" << CKM::APICodeToString(temp));
111 RUNNER_TEST(T0014_Control)
114 auto control = CKM::Control::create();
116 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
117 "Error=" << CKM::APICodeToString(temp));
120 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
121 "Error=" << CKM::APICodeToString(temp));
124 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
125 "Error=" << CKM::APICodeToString(temp));
128 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
129 "Error=" << CKM::APICodeToString(temp));
132 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
133 "Error=" << CKM::APICodeToString(temp));
136 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
137 "Error=" << CKM::APICodeToString(temp));
140 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
141 "Error=" << CKM::APICodeToString(temp));
144 RUNNER_TEST(T0015_Control)
147 auto control = CKM::Control::create();
149 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
150 "Error=" << CKM::APICodeToString(temp));
152 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
153 "Error=" << CKM::APICodeToString(temp));
155 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
156 "Error=" << CKM::APICodeToString(temp));
158 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
159 "Error=" << CKM::APICodeToString(temp));
162 RUNNER_TEST(T0016_Control_negative_wrong_password)
165 auto control = CKM::Control::create();
167 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
168 "Error=" << CKM::APICodeToString(temp));
170 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
171 "Error=" << CKM::APICodeToString(temp));
173 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
174 "Error=" << CKM::APICodeToString(temp));
176 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
177 "Error=" << CKM::APICodeToString(temp));
179 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
180 "Error=" << CKM::APICodeToString(temp));
183 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
185 RUNNER_TEST(T1010_init)
187 unlock_user_data(USER_APP, "user-pass");
190 RUNNER_TEST(T1011_key)
193 auto manager = CKM::Manager::create();
195 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
196 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
197 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
198 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
199 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
200 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
201 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
203 "-----END PUBLIC KEY-----";
205 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
206 auto key = CKM::Key::create(buffer, CKM::Password());
208 CKM::Alias alias = "mykey";
211 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
212 "Error=" << CKM::APICodeToString(temp));
214 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
215 "Error=" << CKM::APICodeToString(temp));
217 key->getDER() == key2->getDER(),
218 "Key value has been changed by service");
221 RUNNER_TEST(T1012_certificate)
224 auto manager = CKM::Manager::create();
226 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
227 CKM::CertificateShPtr cert2;
228 CKM::Alias alias = "myCert";
231 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
232 "Error=" << CKM::APICodeToString(temp));
234 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
235 "Error=" << CKM::APICodeToString(temp));
237 cert->getDER() == cert2->getDER(),
238 "Data has been modified in key manager");
241 RUNNER_TEST(T1014_save_with_label)
244 auto manager = CKM::Manager::create();
246 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
247 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
248 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
249 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
250 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
251 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
252 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
254 "-----END PUBLIC KEY-----";
256 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
257 auto key = CKM::Key::create(buffer, CKM::Password());
258 CKM::KeyShPtr key_name, key_full_addr;
259 CKM::Alias alias = "mykey-2";
260 std::string top_label = getOwnerIdFromSelf();
261 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
264 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
265 "Error=" << CKM::APICodeToString(temp));
269 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
270 "Error=" << CKM::APICodeToString(temp));
272 key->getDER() == key_name->getDER(),
273 "Key value has been changed by service");
275 // lookup by full address
277 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
278 "Error=" << CKM::APICodeToString(temp));
280 key->getDER() == key_full_addr->getDER(),
281 "Key value has been changed by service");
284 RUNNER_TEST(T1020_save_big_data)
287 const size_t BIG_SIZE = 100000;
288 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
290 const size_t BIG_SIZE = 5000000;
291 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
295 std::vector<char> big_data(BIG_SIZE);
296 std::ifstream is("/dev/urandom", std::ifstream::binary);
298 is.read(big_data.data(), BIG_SIZE);
300 RUNNER_ASSERT_MSG(is,
301 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
303 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
304 CKM::Policy policy(CKM::Password(), true, backend);
305 CKM::RawBuffer returned;
307 auto manager = CKM::Manager::create();
310 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
311 "Error=" << CKM::APICodeToString(temp));
314 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
315 "Error=" << CKM::APICodeToString(temp));
317 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
320 RUNNER_TEST(T1015_deinit)
322 remove_user_data(USER_APP);
325 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
327 RUNNER_TEST(T1020_init)
330 auto control = CKM::Control::create();
332 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
333 "Error=" << CKM::APICodeToString(temp));
336 RUNNER_TEST(T1021_save_keys_get_alias)
339 auto manager = CKM::Manager::create();
341 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
342 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
343 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
344 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
345 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
346 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
347 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
349 "-----END PUBLIC KEY-----";
351 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
352 auto key = CKM::Key::create(buffer, CKM::Password());
353 CKM::AliasVector labelAliasVector;
355 size_t current_aliases_num = count_aliases(ALIAS_KEY);
357 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
358 "Error=" << CKM::APICodeToString(temp));
360 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
361 "Error=" << CKM::APICodeToString(temp));
363 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
364 "Error=" << CKM::APICodeToString(temp));
366 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
367 "Error=" << CKM::APICodeToString(temp));
369 labelAliasVector.size() == (current_aliases_num+3),
370 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
373 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
376 auto manager = CKM::Manager::create();
378 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
379 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
380 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
381 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
382 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
383 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
384 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
386 "-----END PUBLIC KEY-----";
388 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
389 auto key = CKM::Key::create(buffer, CKM::Password());
390 CKM::AliasVector labelAliasVector;
392 size_t current_aliases_num = count_aliases(ALIAS_KEY);
394 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
395 "Error=" << CKM::APICodeToString(temp));
397 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
398 "Error=" << CKM::APICodeToString(temp));
400 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
401 "Error=" << CKM::APICodeToString(temp));
403 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
404 "Error=" << CKM::APICodeToString(temp));
406 labelAliasVector.size() == (current_aliases_num+3),
407 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
410 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
413 auto manager = CKM::Manager::create();
415 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
416 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
417 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
418 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
419 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
420 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
421 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
423 "-----END PUBLIC KEY-----";
425 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
426 auto key = CKM::Key::create(buffer, CKM::Password());
427 CKM::AliasVector aliasVector;
428 CKM::Policy notExportable(CKM::Password(), false);
431 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
432 "Error=" << CKM::APICodeToString(temp));
434 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
435 "Error=" << CKM::APICodeToString(temp));
437 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
438 "Error=" << CKM::APICodeToString(temp));
441 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
443 remove_user_data(USER_APP);
446 const int aliasNameCount = 10;
447 auto manager = CKM::Manager::create();
449 CKM::AliasPwdVector expected;
450 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
451 auto key = CKM::Key::create(buffer, CKM::Password());
452 std::string currentAlias;
454 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
455 // make aliases with & without: password protection, exportable flag
456 for (int it = 0; it < aliasNameCount; ++it)
458 CKM::Policy policy = generate_ckm_policy(it);
459 currentAlias = "T1024_appkey" + std::to_string(it);
460 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
462 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
463 "Error=" << CKM::APICodeToString(exitCode));
466 CKM::AliasPwdVector actual;
469 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasPwdVector(actual)),
470 "Error=" << CKM::APICodeToString(exitCode));
472 actual.size() == (beforeSaveAliasCount + aliasNameCount),
473 "Wrong aliases count: " << actual.size() << " Expected: "
474 << (beforeSaveAliasCount + aliasNameCount));
475 check_alias_info_list_helper(expected, actual, "/User ");
477 remove_user_data(USER_APP);
480 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
482 remove_user_data(USER_APP);
485 const int aliasNameCount = 10;
486 auto manager = CKM::Manager::create();
488 CKM::AliasPwdVector expected;
489 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
490 std::string currentAlias;
492 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
493 for (int it = 0; it < aliasNameCount; ++it)
495 CKM::Policy policy = generate_ckm_policy(it);
496 currentAlias = "T1025_appcert" + std::to_string(it);
497 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
499 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
500 "Error=" << CKM::APICodeToString(exitCode));
503 CKM::AliasPwdVector actual;
505 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasPwdVector(actual)),
506 "Error=" << CKM::APICodeToString(exitCode));
508 actual.size() == (beforeSaveAliasCount + aliasNameCount),
509 "Wrong aliases count: " << actual.size() << " Expected: "
510 << (beforeSaveAliasCount + aliasNameCount));
511 check_alias_info_list_helper(expected, actual, "/User ");
513 remove_user_data(USER_APP);
516 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
518 remove_user_data(USER_APP);
521 const int aliasNameCount = 10;
522 auto manager = CKM::Manager::create();
524 CKM::AliasPwdVector expected;
525 std::string binData = "My bin data";
526 CKM::RawBuffer buffer(binData.begin(), binData.end());
527 std::string currentAlias;
529 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
530 for (int it = 0; it < aliasNameCount; ++it)
532 CKM::Policy policy = generate_ckm_policy(it);
533 currentAlias = "T1026_appdata" + std::to_string(it);
534 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
536 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
537 "Error=" << CKM::APICodeToString(exitCode));
540 CKM::AliasPwdVector actual;
542 CKM_API_SUCCESS == (exitCode = manager->getDataAliasPwdVector(actual)),
543 "Error=" << CKM::APICodeToString(exitCode));
545 actual.size() == (beforeSaveAliasCount + aliasNameCount),
546 "Wrong aliases count: " << actual.size() << " Expected: "
547 << (beforeSaveAliasCount + aliasNameCount));
548 check_alias_info_list_helper(expected, actual, "/User ");
550 remove_user_data(USER_APP);
553 RUNNER_TEST(T1029_deinit)
555 remove_user_data(USER_APP);
558 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
559 RUNNER_TEST(T1030_init)
561 reset_user_data(USER_APP, APP_PASS);
564 RUNNER_TEST(T1032_app_user_save_bin_data)
566 ScopedDBUnlock unlock(USER_APP, APP_PASS);
569 auto manager = CKM::Manager::create();
571 std::string binData = "My bin data";
573 CKM::RawBuffer buffer(binData.begin(), binData.end());
575 CKM::AliasVector labelAliasVector;
577 size_t current_aliases_num = count_aliases(ALIAS_DATA);
579 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
580 "Error=" << CKM::APICodeToString(temp));
582 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
583 "Error=" << CKM::APICodeToString(temp));
585 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
586 "Error=" << CKM::APICodeToString(temp));
588 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
589 "Error=" << CKM::APICodeToString(temp));
591 labelAliasVector.size() == (current_aliases_num+3),
592 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
595 RUNNER_TEST(T1034_app_remove_bin_data)
597 ScopedDBUnlock unlock(USER_APP, APP_PASS);
600 auto manager = CKM::Manager::create();
602 std::string binData2 = "My bin data";
603 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
605 CKM::AliasVector labelAliasVector;
607 size_t current_aliases_num = count_aliases(ALIAS_DATA);
608 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
610 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
611 "Error=" << CKM::APICodeToString(temp));
613 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
614 "Error=" << CKM::APICodeToString(temp));
616 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
617 "Error=" << CKM::APICodeToString(temp));
619 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
620 "Error=" << CKM::APICodeToString(temp));
622 labelAliasVector.size() == (current_aliases_num-2),
623 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
625 CKM::RawBuffer buffer;
627 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
628 "Error=" << CKM::APICodeToString(temp));
633 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
634 "Error=" << CKM::APICodeToString(temp));
637 RUNNER_TEST(T1035_getData_wrong_password)
639 ScopedDBUnlock unlock(USER_APP, APP_PASS);
642 auto manager = CKM::Manager::create();
644 std::string binData1 = "My bin data4";
646 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
649 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
650 "Error=" << CKM::APICodeToString(temp));
652 CKM::RawBuffer buffer;
654 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
655 "Error=" << CKM::APICodeToString(temp));
661 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
662 "Error=" << CKM::APICodeToString(temp));
665 RUNNER_TEST(T1036_deinit)
667 remove_user_data(USER_APP);
670 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
672 RUNNER_TEST(T1040_init)
675 auto control = CKM::Control::create();
678 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
679 "Error=" << CKM::APICodeToString(temp));
682 RUNNER_TEST(T1041_create_RSA_key)
685 auto manager = CKM::Manager::create();
688 size_t current_aliases_num = count_aliases(ALIAS_KEY);
690 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
691 "Error=" << CKM::APICodeToString(temp));
693 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
694 "Error=" << CKM::APICodeToString(temp));
696 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
697 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
700 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
703 auto manager = CKM::Manager::create();
707 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
708 "Error=" << CKM::APICodeToString(temp));
710 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
711 "Error=" << CKM::APICodeToString(temp));
714 RUNNER_TEST(T1043_create_DSA_key)
717 auto manager = CKM::Manager::create();
720 size_t current_aliases_num = count_aliases(ALIAS_KEY);
722 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
723 "Error=" << CKM::APICodeToString(temp));
725 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
726 "Error=" << CKM::APICodeToString(temp));
728 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
729 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
732 RUNNER_TEST(T1044_create_AES_key)
735 auto manager = CKM::Manager::create();
738 int current_aliases_num = count_aliases(ALIAS_KEY);
740 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
741 "Error=" << CKM::APICodeToString(temp));
743 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
744 "Error=" << CKM::APICodeToString(temp));
746 (current_aliases_num+1) == (temp = av.size()),
747 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
750 RUNNER_TEST(T1049_deinit)
752 remove_user_data(USER_APP);
756 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
758 RUNNER_TEST(T1110_init)
760 unlock_user_data(USER_APP, "user-pass");
763 RUNNER_TEST(T1111_CreateKeyPairRSA)
766 auto manager = CKM::Manager::create();
767 CKM::Alias a1 = "rsa-test-1";
768 CKM::Alias a2 = "rsa-test-2";
772 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
773 "Error=" << CKM::APICodeToString(temp));
775 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
776 "Error=" << CKM::APICodeToString(temp));
779 RUNNER_TEST(T1112_CreateKeyPairDSA)
782 auto manager = CKM::Manager::create();
783 CKM::Alias a1 = "dsa-test-1";
784 CKM::Alias a2 = "dsa-test-2";
788 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
789 "Error=" << CKM::APICodeToString(temp));
791 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
792 "Error=" << CKM::APICodeToString(temp));
795 RUNNER_TEST(T1113_CreateKeyPairECDSA)
798 auto manager = CKM::Manager::create();
799 CKM::Alias a1 = "ecdsa-test-1";
800 CKM::Alias a2 = "ecdsa-test-2";
804 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
805 "Error=" << CKM::APICodeToString(temp));
808 RUNNER_TEST(T1114_deinit)
810 remove_user_data(USER_APP);
813 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
815 RUNNER_TEST(T12100_init)
817 reset_user_data(USER_APP, APP_PASS);
820 RUNNER_TEST(T12101_key_exist)
822 ScopedDBUnlock unlock(USER_APP, APP_PASS);
825 auto manager = CKM::Manager::create();
827 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
828 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
829 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
830 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
831 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
832 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
833 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
835 "-----END PUBLIC KEY-----";
837 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
838 auto key = CKM::Key::create(buffer);
839 CKM::Alias alias = "rsa-alias-duplication";
842 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
843 "Error=" << CKM::APICodeToString(ret));
845 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
846 "Error=" << CKM::APICodeToString(ret));
850 * These test cases tests API when empty parameters are passed to functions
853 RUNNER_TEST(T12102_saveKey_empty_alias)
855 ScopedDBUnlock unlock(USER_APP, APP_PASS);
857 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
858 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
859 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
860 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
861 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
862 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
863 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
864 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
866 "-----END PUBLIC KEY-----";
868 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
869 auto key = CKM::Key::create(buffer);
870 CKM::Alias alias; //alias is not initialized
873 auto manager = CKM::Manager::create();
875 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
876 "Error=" << CKM::APICodeToString(ret));
879 RUNNER_TEST(T12103_saveKey_foreign_label)
881 ScopedDBUnlock unlock(USER_APP, APP_PASS);
883 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
884 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
885 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
886 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
887 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
888 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
889 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
891 "-----END PUBLIC KEY-----";
893 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
894 auto key = CKM::Key::create(buffer);
895 CKM::Alias alias = "iamsomebodyelse alias";
898 auto manager = CKM::Manager::create();
900 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
901 "Error=" << CKM::APICodeToString(ret));
904 RUNNER_TEST(T12104_saveKey_empty_key)
906 ScopedDBUnlock unlock(USER_APP, APP_PASS);
908 CKM::KeyShPtr key; //key is not initialized
909 CKM::Alias alias = "empty-key";
912 auto manager = CKM::Manager::create();
914 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
915 "Error=" << CKM::APICodeToString(ret));
918 RUNNER_TEST(T12105_saveCertificate_empty_alias)
920 ScopedDBUnlock unlock(USER_APP, APP_PASS);
922 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
923 CKM::Alias alias; //alias is not initialized
926 auto manager = CKM::Manager::create();
928 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
929 "Error=" << CKM::APICodeToString(temp));
932 RUNNER_TEST(T12106_saveCertificate_foreign_label)
934 ScopedDBUnlock unlock(USER_APP, APP_PASS);
936 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
937 CKM::Alias alias = "iamsomebodyelse alias";
940 auto manager = CKM::Manager::create();
942 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
943 "Error=" << CKM::APICodeToString(temp));
946 RUNNER_TEST(T12107_saveCertificate_empty_cert)
948 ScopedDBUnlock unlock(USER_APP, APP_PASS);
950 CKM::CertificateShPtr cert; //cert is not initialized
951 CKM::Alias alias = "empty-cert";
954 auto manager = CKM::Manager::create();
956 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
957 "Error=" << CKM::APICodeToString(temp));
960 RUNNER_TEST(T12108_saveData_empty_alias)
962 ScopedDBUnlock unlock(USER_APP, APP_PASS);
964 std::string testData = "test data test data test data";
965 CKM::RawBuffer buffer(testData.begin(), testData.end());
969 auto manager = CKM::Manager::create();
971 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
972 "Error=" << CKM::APICodeToString(temp));
975 RUNNER_TEST(T12109_saveData_foreign_label)
977 ScopedDBUnlock unlock(USER_APP, APP_PASS);
979 std::string testData = "test data test data test data";
980 CKM::RawBuffer buffer(testData.begin(), testData.end());
981 CKM::Alias alias = "iamsomebodyelse alias";
984 auto manager = CKM::Manager::create();
986 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
987 "Error=" << CKM::APICodeToString(temp));
990 RUNNER_TEST(T12110_saveData_empty_data)
992 ScopedDBUnlock unlock(USER_APP, APP_PASS);
994 CKM::RawBuffer buffer;
995 CKM::Alias alias = "empty-data";
998 auto manager = CKM::Manager::create();
1000 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1001 "Error=" << CKM::APICodeToString(temp));
1005 * These test cases tests API when trying to get data from not existing alias
1008 RUNNER_TEST(T12111_getKey_alias_not_exist)
1010 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1013 CKM::Alias alias = "this-alias-not-exist";
1016 auto manager = CKM::Manager::create();
1018 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1019 "Error=" << CKM::APICodeToString(temp));
1022 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1024 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1026 CKM::CertificateShPtr certificate;
1027 CKM::Alias alias = "this-alias-not-exist";
1030 auto manager = CKM::Manager::create();
1032 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1033 "Error=" << CKM::APICodeToString(temp));
1036 RUNNER_TEST(T12113_getData_alias_not_exist)
1038 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1041 auto manager = CKM::Manager::create();
1042 CKM::RawBuffer buffer;
1043 CKM::Alias alias("some alias");
1045 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1046 "Error=" << CKM::APICodeToString(temp));
1050 * These test cases tests API when damaged keys are used
1052 RUNNER_TEST(T12114_RSA_key_damaged)
1054 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1057 auto manager = CKM::Manager::create();
1059 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1060 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1061 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1062 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1063 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1064 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1065 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1067 "-----END PUBLIC KEY-----";
1069 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1070 auto key = CKM::Key::create(buffer);
1071 CKM::Alias alias = "damaged-rsa";
1074 NULL == key.get(), "Key is broken. It should be empty");
1077 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1078 "Error=" << CKM::APICodeToString(ret));
1081 RUNNER_TEST(T12115_RSA_key_too_short)
1083 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1086 auto manager = CKM::Manager::create();
1088 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1089 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1090 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1091 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1092 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1093 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1094 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1096 "-----END PUBLIC KEY-----";
1098 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1099 auto key = CKM::Key::create(buffer);
1100 CKM::Alias alias = "short-rsa";
1103 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1104 "Error=" << CKM::APICodeToString(ret));
1107 RUNNER_TEST(T12116_DSA_key_too_short)
1109 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1112 auto manager = CKM::Manager::create();
1114 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1115 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1116 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1117 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1118 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1119 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1120 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1121 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1122 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1123 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1124 "YMYCBhubtrVaLmc=\n"
1125 "-----END PUBLIC KEY-----";
1127 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1128 auto key = CKM::Key::create(buffer);
1129 CKM::Alias alias = "short-dsa";
1132 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1133 "Error=" << CKM::APICodeToString(ret));
1136 RUNNER_TEST(T12117_AES_key_too_short)
1139 auto manager = CKM::Manager::create();
1141 size_t key_size = (128-1);
1142 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1144 auto key = CKM::Key::create(key_AES);
1145 CKM::Alias alias = "short-AES";
1148 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1149 "Error=" << CKM::APICodeToString(ret));
1153 * These test cases tests CKM service if malicious data is provided over the socket.
1156 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1158 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1161 auto manager = CKM::Manager::create();
1163 // fake the client - let the service detect the problem
1164 class WrongKeyImpl : public CKM::Key
1167 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1170 virtual bool empty() const {
1174 virtual CKM::KeyType getType() const {
1175 return CKM::KeyType::KEY_RSA_PUBLIC;
1177 virtual int getSize() const {
1180 virtual CKM::ElipticCurve getCurve() const {
1181 return CKM::ElipticCurve::prime192v1;
1183 virtual CKM::RawBuffer getDER() const {
1186 virtual ~WrongKeyImpl() {}
1188 CKM::RawBuffer & m_dummy;
1190 std::string dummyData = "my_cat_Berta\n";
1191 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1192 auto key = std::make_shared<WrongKeyImpl>(buffer);
1193 CKM::Alias alias = "damaged-rsa";
1196 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1197 "Error=" << CKM::APICodeToString(ret));
1200 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1202 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1204 // fake the client - let the service detect the problem
1205 class WrongCertImpl : public CKM::Certificate
1208 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1209 m_x509 = X509_new();
1212 bool empty() const {
1216 virtual X509 *getX509() const {
1220 virtual CKM::RawBuffer getDER() const {
1224 virtual ~WrongCertImpl() {
1229 CKM::RawBuffer & m_dummy;
1231 std::string dummyData = "my_cat_Stefan\n";
1232 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1233 auto cert = std::make_shared<WrongCertImpl>(buffer);
1234 CKM::Alias alias = "damaged-cert";
1237 auto manager = CKM::Manager::create();
1239 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1240 "Error=" << CKM::APICodeToString(temp));
1243 RUNNER_TEST(T12120_deinit)
1245 remove_user_data(USER_APP);
1248 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1250 RUNNER_TEST(T1311_init)
1252 remove_user_data(USER_APP);
1253 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1254 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1256 struct hostent* he = gethostbyname("google.com");
1258 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1259 "is not woking on the device. OCSP tests requires network access!");
1262 RUNNER_TEST(T13121_get_chain_no_cert)
1264 CKM::CertificateShPtrVector certChain;
1265 CKM::CertificateShPtr cert;
1267 auto manager = CKM::Manager::create();
1269 int ret = manager->getCertificateChain(cert,
1274 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1275 "Function should fail for empty certificate");
1278 RUNNER_TEST(T13122_get_chain_empty_cert)
1280 CKM::CertificateShPtrVector certChain;
1281 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1282 CKM::DataFormat::FORM_PEM);
1284 auto manager = CKM::Manager::create();
1286 int ret = manager->getCertificateChain(cert,
1291 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1292 "Function should fail for empty certificate");
1295 RUNNER_TEST(T13129_get_chain)
1297 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1298 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1300 CKM::CertificateShPtrVector certVector = {cert1};
1301 CKM::CertificateShPtrVector certChain;
1304 auto manager = CKM::Manager::create();
1306 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1307 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1309 tmp = manager->getCertificateChain(cert,
1314 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1315 "Error=" << CKM::APICodeToString(tmp));
1318 0 == certChain.size(),
1319 "Wrong size of certificate chain.");
1321 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1322 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1325 3 == certChain.size(),
1326 "Wrong size of certificate chain.");
1329 RUNNER_TEST(T1313_get_chain_with_alias)
1331 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1332 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1334 CKM::CertificateShPtrVector certChain;
1335 CKM::AliasVector aliasVector;
1336 CKM::Alias alias = "imcert";
1339 auto manager = CKM::Manager::create();
1341 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1342 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1344 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1345 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1346 "Error=" << CKM::APICodeToString(tmp));
1349 0 == certChain.size(),
1350 "Wrong size of certificate chain.");
1353 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1354 "Error=" << CKM::APICodeToString(tmp));
1356 aliasVector.push_back(alias);
1358 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1359 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1362 3 == certChain.size(),
1363 "Wrong size of certificate chain.");
1366 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1368 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1369 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1370 CKM::CertificateShPtrVector certVector = {cert1};
1371 CKM::CertificateShPtrVector certChain;
1374 auto manager = CKM::Manager::create();
1376 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1377 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1379 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1380 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1381 "Error=" << CKM::APICodeToString(tmp));
1384 0 == certChain.size(),
1385 "Wrong size of certificate chain.");
1387 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1388 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1391 3 == certChain.size(),
1392 "Wrong size of certificate chain.");
1396 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1397 "Error=" << CKM::APICodeToString(tmp));
1399 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1402 RUNNER_TEST(T13142_ocsp_check_empty)
1404 CKM::CertificateShPtrVector certVector;
1406 auto manager = CKM::Manager::create();
1411 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1412 "ocspCheck should fail for empty certificate vector");
1415 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1417 CKM::CertificateShPtrVector certVector = {
1418 CKM::CertificateShPtr(),
1419 CKM::CertificateShPtr(),
1420 CKM::CertificateShPtr()};
1422 auto manager = CKM::Manager::create();
1427 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1428 "ocspCheck should fail for empty certificate vector");
1431 RUNNER_TEST(T13144_ocsp_check_root)
1433 auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA);
1434 CKM::CertificateShPtrVector certVector = {root};
1436 auto manager = CKM::Manager::create();
1438 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1443 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1444 "Ocsp should fail for single certificate");
1447 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1449 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1450 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1452 CKM::CertificateShPtrVector certVector = {ca, root};
1454 auto manager = CKM::Manager::create();
1456 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1457 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1462 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1463 "Error=" << CKM::APICodeToString(tmp));
1465 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1468 RUNNER_TEST(T1315_deinit)
1470 remove_user_data(USER_APP);
1473 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1475 RUNNER_TEST(T1411_init)
1477 remove_user_data(USER_APP);
1480 RUNNER_TEST(T1412_RSA_key_create_verify)
1483 auto manager = CKM::Manager::create();
1485 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1486 "Proc-Type: 4,ENCRYPTED\n"
1487 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1489 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1490 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1491 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1492 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1493 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1494 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1495 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1496 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1497 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1498 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1499 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1500 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1501 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1502 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1503 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1504 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1505 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1506 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1507 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1508 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1509 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1510 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1511 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1512 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1513 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1514 "-----END RSA PRIVATE KEY-----\n";
1516 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1517 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1518 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1519 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1520 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1521 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1522 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1524 "-----END PUBLIC KEY-----\n";
1526 std::string message = "message test";
1528 CKM::Alias aliasPub = "pub1";
1529 CKM::Alias aliasPrv = "prv1";
1530 CKM::Password password = "1234";
1531 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1532 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1533 CKM::RawBuffer signature;
1535 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1536 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1538 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1539 "Key is empty. Failed to import public key.");
1540 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1541 "Key is empty. Failed to import private key.");
1544 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1545 "Error=" << CKM::APICodeToString(temp));
1547 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1548 "Error=" << CKM::APICodeToString(temp));
1551 CKM_API_SUCCESS == (temp = manager->createSignature(
1554 CKM::RawBuffer(message.begin(), message.end()),
1558 "Error=" << CKM::APICodeToString(temp));
1561 CKM_API_SUCCESS == (temp = manager->verifySignature(
1564 CKM::RawBuffer(message.begin(), message.end()),
1568 "Error=" << CKM::APICodeToString(temp));
1571 RUNNER_TEST(T1413_DSA_key_create_verify)
1574 auto manager = CKM::Manager::create();
1576 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1577 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1578 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1579 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1580 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1581 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1582 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1583 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1584 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1585 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1586 "u1roOuaPY+Hl19BlTE2qdw==\n"
1587 "-----END DSA PRIVATE KEY-----";
1589 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1590 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1591 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1592 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1593 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1594 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1595 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1596 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1597 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1598 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1599 "YMYCBhubtrVaLmc=\n"
1600 "-----END PUBLIC KEY-----";
1602 std::string message = "message test";
1604 CKM::Alias aliasPub = "pub2";
1605 CKM::Alias aliasPrv = "prv2";
1606 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1607 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1608 CKM::RawBuffer signature;
1610 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1611 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1613 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1614 "Key is empty. Failed to import public key.");
1615 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1616 "Key is empty. Failed to import private key.");
1619 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1620 "Error=" << CKM::APICodeToString(temp));
1622 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1623 "Error=" << CKM::APICodeToString(temp));
1626 CKM_API_SUCCESS == (temp = manager->createSignature(
1629 CKM::RawBuffer(message.begin(), message.end()),
1633 "Error=" << CKM::APICodeToString(temp));
1636 CKM_API_SUCCESS == (temp = manager->verifySignature(
1639 CKM::RawBuffer(message.begin(), message.end()),
1643 "Error=" << CKM::APICodeToString(temp));
1647 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1650 auto manager = CKM::Manager::create();
1652 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1653 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1654 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1655 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1656 "-----END EC PRIVATE KEY-----\n";
1658 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1659 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1660 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1661 "-----END PUBLIC KEY-----\n";
1663 std::string message = "message test";
1665 CKM::Alias aliasPub = "ecpub2";
1666 CKM::Alias aliasPrv = "ecprv2";
1667 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1668 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1669 CKM::RawBuffer signature;
1671 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1672 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1674 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1675 "Key is empty. Failed to import public key.");
1676 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1677 "Key is empty. Failed to import private key.");
1680 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1681 "Error=" << CKM::APICodeToString(temp));
1683 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1684 "Error=" << CKM::APICodeToString(temp));
1687 CKM_API_SUCCESS == (temp = manager->createSignature(
1690 CKM::RawBuffer(message.begin(), message.end()),
1694 "Error=" << CKM::APICodeToString(temp));
1697 CKM_API_SUCCESS == (temp = manager->verifySignature(
1700 CKM::RawBuffer(message.begin(), message.end()),
1704 "Error=" << CKM::APICodeToString(temp));
1706 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1708 memcpy((void*)signature.data(), "BROKEN", 6);
1711 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1714 CKM::RawBuffer(message.begin(), message.end()),
1718 "Error=" << CKM::APICodeToString(temp));
1721 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1724 auto manager = CKM::Manager::create();
1725 std::string message = "message asdfaslkdfjlksadjf test";
1727 CKM::Alias aliasPub = "pub1";
1728 CKM::Alias aliasPrv = "prv1";
1730 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1731 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1732 CKM::RawBuffer signature;
1735 CKM_API_SUCCESS == (temp = manager->createSignature(
1738 CKM::RawBuffer(message.begin(), message.end()),
1742 "Error=" << CKM::APICodeToString(temp));
1745 CKM_API_SUCCESS == (temp = manager->verifySignature(
1748 CKM::RawBuffer(message.begin(), message.end()),
1752 "Error=" << CKM::APICodeToString(temp));
1754 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1755 memcpy((void*)signature.data(), "BROKEN", 6);
1758 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1761 CKM::RawBuffer(message.begin(), message.end()),
1765 "Error=" << CKM::APICodeToString(temp));
1768 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1771 auto manager = CKM::Manager::create();
1772 std::string message = "message asdfaslkdfjlksadjf test";
1774 CKM::Alias aliasPub = "pub2";
1775 CKM::Alias aliasPrv = "prv2";
1777 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1778 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1779 CKM::RawBuffer signature;
1782 CKM_API_SUCCESS == (temp = manager->createSignature(
1785 CKM::RawBuffer(message.begin(), message.end()),
1789 "Error=" << CKM::APICodeToString(temp));
1792 CKM_API_SUCCESS == (temp = manager->verifySignature(
1795 CKM::RawBuffer(message.begin(), message.end()),
1799 "Error=" << CKM::APICodeToString(temp));
1801 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1802 memcpy((void*)signature.data(), "BROKEN", 6);
1805 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1808 CKM::RawBuffer(message.begin(), message.end()),
1812 "Error=" << CKM::APICodeToString(temp));
1815 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1818 auto manager = CKM::Manager::create();
1821 "-----BEGIN RSA PRIVATE KEY-----\n"
1822 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1823 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1824 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1825 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1826 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1827 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1828 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1829 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1830 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1831 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1832 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1833 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1834 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1835 "-----END RSA PRIVATE KEY-----\n";
1838 "-----BEGIN CERTIFICATE-----\n"
1839 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1840 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1841 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1842 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1843 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1844 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1845 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1846 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1847 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1848 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1849 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1850 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1851 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1852 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1853 "-----END CERTIFICATE-----\n";
1855 std::string message = "message test";
1857 CKM::Alias aliasPub = "pub1-cert";
1858 CKM::Alias aliasPrv = "prv1-cert";
1859 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1860 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1861 CKM::RawBuffer signature;
1863 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1864 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1866 RUNNER_ASSERT_MSG(NULL != cert.get(),
1867 "Key is empty. Failed to import public key.");
1868 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1869 "Key is empty. Failed to import private key.");
1872 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1873 "Error=" << CKM::APICodeToString(temp));
1875 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1876 "Error=" << CKM::APICodeToString(temp));
1879 CKM_API_SUCCESS == (temp = manager->createSignature(
1882 CKM::RawBuffer(message.begin(), message.end()),
1886 "Error=" << CKM::APICodeToString(temp));
1889 CKM_API_SUCCESS == (temp = manager->verifySignature(
1892 CKM::RawBuffer(message.begin(), message.end()),
1896 "Error=" << CKM::APICodeToString(temp));
1898 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1900 memcpy((void*)signature.data(), "BROKEN", 6);
1903 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1906 CKM::RawBuffer(message.begin(), message.end()),
1910 "Error=" << CKM::APICodeToString(temp));
1913 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1916 auto manager = CKM::Manager::create();
1918 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1919 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1920 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1921 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1922 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1923 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1924 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1925 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1926 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1927 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1928 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1929 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1930 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1931 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1932 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1933 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1934 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1935 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1936 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1937 "-----END CERTIFICATE-----\n";
1939 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1940 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1941 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1942 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1943 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1944 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1945 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1946 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1947 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1948 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1949 "vonbjii3BYe4AIdkzOvp\n"
1950 "-----END DSA PRIVATE KEY-----\n";
1952 std::string message = "message test";
1954 CKM::Alias aliasPub = "pub2-cert";
1955 CKM::Alias aliasPrv = "prv2-cert";
1956 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1957 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1958 CKM::RawBuffer signature;
1960 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1961 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1963 RUNNER_ASSERT_MSG(NULL != cert.get(),
1964 "Key is empty. Failed to import public key.");
1965 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1966 "Key is empty. Failed to import private key.");
1969 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1970 "Error=" << CKM::APICodeToString(temp));
1972 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1973 "Error=" << CKM::APICodeToString(temp));
1976 CKM_API_SUCCESS == (temp = manager->createSignature(
1979 CKM::RawBuffer(message.begin(), message.end()),
1983 "Error=" << CKM::APICodeToString(temp));
1986 CKM_API_SUCCESS == (temp = manager->verifySignature(
1989 CKM::RawBuffer(message.begin(), message.end()),
1993 "Error=" << CKM::APICodeToString(temp));
1995 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1997 memcpy((void*)signature.data(), "BROKEN", 6);
2000 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2003 CKM::RawBuffer(message.begin(), message.end()),
2007 "Error=" << CKM::APICodeToString(temp));
2010 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2013 auto manager = CKM::Manager::create();
2016 "-----BEGIN EC PRIVATE KEY-----\n"
2017 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2018 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2019 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2020 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2021 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2022 "ELyhe7yPCAuOoLZlTLgf\n"
2023 "-----END EC PRIVATE KEY-----\n";
2026 "-----BEGIN CERTIFICATE-----\n"
2027 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2028 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2029 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2030 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2031 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2032 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2033 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2034 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2035 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2036 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2037 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2038 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2039 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2040 "Q1oBry6NEc+lLFmWMDesAA==\n"
2041 "-----END CERTIFICATE-----\n";
2043 std::string message = "message test";
2045 CKM::Alias aliasPub = "pub3";
2046 CKM::Alias aliasPrv = "prv3";
2047 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2048 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2049 CKM::RawBuffer signature;
2051 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2052 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2054 RUNNER_ASSERT_MSG(NULL != cert.get(),
2055 "Key is empty. Failed to import public key.");
2056 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2057 "Key is empty. Failed to import private key.");
2060 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2061 "Error=" << CKM::APICodeToString(temp));
2063 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2064 "Error=" << CKM::APICodeToString(temp));
2067 CKM_API_SUCCESS == (temp = manager->createSignature(
2070 CKM::RawBuffer(message.begin(), message.end()),
2074 "Error=" << CKM::APICodeToString(temp));
2077 CKM_API_SUCCESS == (temp = manager->verifySignature(
2080 CKM::RawBuffer(message.begin(), message.end()),
2084 "Error=" << CKM::APICodeToString(temp));
2086 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2088 memcpy((void*)signature.data(), "BROKEN", 6);
2091 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2094 CKM::RawBuffer(message.begin(), message.end()),
2098 "Error=" << CKM::APICodeToString(temp));
2101 RUNNER_TEST(T1420_deinit)
2103 remove_user_data(USER_APP);
2106 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2108 RUNNER_TEST(T14180_init)
2111 remove_user_data(USER_APP);
2113 auto manager = CKM::Manager::create();
2115 // Prepare RSA Key Pair
2116 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2117 "Proc-Type: 4,ENCRYPTED\n"
2118 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2120 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2121 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2122 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2123 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2124 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2125 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2126 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2127 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2128 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2129 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2130 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2131 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2132 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2133 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2134 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2135 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2136 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2137 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2138 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2139 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2140 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2141 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2142 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2143 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2144 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2145 "-----END RSA PRIVATE KEY-----\n";
2147 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2148 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2149 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2150 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2151 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2152 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2153 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2155 "-----END PUBLIC KEY-----\n";
2157 CKM::Alias aliasPub = "pub_nohash1";
2158 CKM::Alias aliasPrv = "prv_nohash1";
2159 CKM::Password password = "1234";
2161 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2162 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2164 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2165 "Key is empty. Failed to import public key.");
2166 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2167 "Key is empty. Failed to import private key.");
2170 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2171 "Error=" << CKM::APICodeToString(temp));
2173 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2174 "Error=" << CKM::APICodeToString(temp));
2176 // Prepare ECDSA Key Pair
2177 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2178 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2179 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2180 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2181 "-----END EC PRIVATE KEY-----\n";
2183 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2184 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2185 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2186 "-----END PUBLIC KEY-----\n";
2188 CKM::Alias aliasEcPub = "ecpub_nohash1";
2189 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2191 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2192 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2194 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2195 "Key is empty. Failed to import public key.");
2196 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2197 "Key is empty. Failed to import private key.");
2200 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2201 "Error=" << CKM::APICodeToString(temp));
2203 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2204 "Error=" << CKM::APICodeToString(temp));
2208 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2211 auto manager = CKM::Manager::create();
2212 std::string message = "message asdfaslkdfjlksadjf test";
2214 CKM::Alias aliasPub = "pub_nohash1";
2215 CKM::Alias aliasPrv = "prv_nohash1";
2217 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2218 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2219 CKM::RawBuffer signature;
2222 CKM_API_SUCCESS == (temp = manager->createSignature(
2225 CKM::RawBuffer(message.begin(), message.end()),
2229 "Error=" << CKM::APICodeToString(temp));
2232 CKM_API_SUCCESS == (temp = manager->verifySignature(
2235 CKM::RawBuffer(message.begin(), message.end()),
2239 "Error=" << CKM::APICodeToString(temp));
2241 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2242 memcpy((void*)signature.data(), "BROKEN", 6);
2245 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2248 CKM::RawBuffer(message.begin(), message.end()),
2252 "Error=" << CKM::APICodeToString(temp));
2255 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2258 auto manager = CKM::Manager::create();
2259 std::string message = "message asdfaslkdfjlksadjf test";
2261 CKM::Alias aliasPub = "pub_nohash1";
2262 CKM::Alias aliasPrv = "prv_nohash1";
2264 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2265 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2266 CKM::RawBuffer signature;
2269 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2272 CKM::RawBuffer(message.begin(), message.end()),
2276 "Error=" << CKM::APICodeToString(temp));
2279 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2282 auto manager = CKM::Manager::create();
2283 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2284 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2285 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2286 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2287 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2288 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2289 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2290 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2291 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2292 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2293 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2294 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2295 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2296 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2297 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2298 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2299 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2300 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2301 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2302 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2304 CKM::Alias aliasPub = "pub_nohash1";
2305 CKM::Alias aliasPrv = "prv_nohash1";
2307 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2308 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2309 CKM::RawBuffer signature;
2312 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2315 CKM::RawBuffer(message.begin(), message.end()),
2319 "Error=" << CKM::APICodeToString(temp));
2323 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2326 auto manager = CKM::Manager::create();
2328 std::string message = "message test";
2330 CKM::Alias aliasPrv = "ecprv_nohash1";
2331 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2332 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2333 CKM::RawBuffer signature;
2336 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2339 CKM::RawBuffer(message.begin(), message.end()),
2343 "Error=" << CKM::APICodeToString(temp));
2346 RUNNER_TEST(T14189_deinit)
2348 remove_user_data(USER_APP);
2352 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2356 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2357 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2358 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2359 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2360 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2363 RUNNER_TEST(T1800_init)
2365 remove_user_data(USER_APP);
2368 RUNNER_TEST(T1801_parse_PKCS12) {
2369 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2370 std::istreambuf_iterator<char> begin(is), end;
2371 std::vector<char> buff(begin, end);
2373 CKM::RawBuffer buffer(buff.size());
2374 memcpy(buffer.data(), buff.data(), buff.size());
2376 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2379 "Error in PKCS12::create()");
2381 auto cert = pkcs->getCertificate();
2384 "Error in PKCS12::getCertificate()");
2386 auto key = pkcs->getKey();
2389 "Error in PKCS12::getKey()");
2391 auto caVector = pkcs->getCaCertificateShPtrVector();
2393 0 == caVector.size(),
2394 "Wrong size of vector");
2397 RUNNER_TEST(T1802_negative_wrong_password) {
2398 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2399 std::istreambuf_iterator<char> begin(is), end;
2400 std::vector<char> buff(begin, end);
2402 CKM::RawBuffer buffer(buff.size());
2403 memcpy(buffer.data(), buff.data(), buff.size());
2405 auto pkcs = CKM::PKCS12::create(buffer, "error");
2408 "Expected error in PKCS12::create()");
2411 RUNNER_TEST(T1803_negative_broken_buffer) {
2412 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2413 std::istreambuf_iterator<char> begin(is), end;
2414 std::vector<char> buff(begin, end);
2416 CKM::RawBuffer buffer(buff.size());
2417 memcpy(buffer.data(), buff.data(), buff.size());
2419 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2422 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2425 "Expected error in PKCS12::create()");
2428 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2430 auto manager = CKM::Manager::create();
2431 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2432 std::istreambuf_iterator<char> begin(is), end;
2433 std::vector<char> buff(begin, end);
2435 CKM::RawBuffer buffer(buff.size());
2436 memcpy(buffer.data(), buff.data(), buff.size());
2438 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2441 "Error in PKCS12::create()");
2444 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2445 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2446 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2447 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2448 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2449 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2450 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2451 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2452 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2453 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2454 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2455 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2456 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2457 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2458 "-----END RSA PRIVATE KEY-----\n";
2460 std::string message = "message test";
2462 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2463 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2464 "Key is empty. Failed to import private key.");
2468 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2469 "Error=" << CKM::APICodeToString(temp));
2472 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2473 "Error=" << CKM::APICodeToString(temp));
2476 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2478 auto manager = CKM::Manager::create();
2479 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2480 std::istreambuf_iterator<char> begin(is), end;
2481 std::vector<char> buff(begin, end);
2483 CKM::RawBuffer buffer(buff.size());
2484 memcpy(buffer.data(), buff.data(), buff.size());
2486 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2489 "Error in PKCS12::create()");
2491 auto cert = pkcs->getCertificate();
2494 "Error in PKCS12::getCertificate()");
2496 auto key = pkcs->getKey();
2499 "Error in PKCS12::getKey()");
2501 auto caVector = pkcs->getCaCertificateShPtrVector();
2503 2 == caVector.size(),
2504 "Wrong size of vector");
2508 CKM::Policy exportable;
2509 CKM::Policy notExportable(CKM::Password(), false);
2512 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2513 "Error=" << CKM::APICodeToString(tmp));
2515 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2516 "Error=" << CKM::APICodeToString(tmp));
2518 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2519 "Error=" << CKM::APICodeToString(tmp));
2521 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2522 "Error=" << CKM::APICodeToString(tmp));
2524 // try to lookup key
2525 CKM::KeyShPtr key_lookup;
2527 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2528 "Error=" << CKM::APICodeToString(tmp));
2530 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2531 "Error=" << CKM::APICodeToString(tmp));
2533 // try to lookup certificate
2534 CKM::CertificateShPtr cert_lookup;
2536 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2537 "Error=" << CKM::APICodeToString(tmp));
2539 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2540 "Error=" << CKM::APICodeToString(tmp));
2543 RUNNER_TEST(T1806_get_PKCS)
2546 auto manager = CKM::Manager::create();
2548 CKM::PKCS12ShPtr pkcs;
2552 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2553 "Error=" << CKM::APICodeToString(temp));
2555 // fail - not exportable
2557 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2558 "Error=" << CKM::APICodeToString(temp));
2560 // success - exportable
2562 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2563 "Error=" << CKM::APICodeToString(temp));
2565 auto cert = pkcs->getCertificate();
2568 "Error in PKCS12::getCertificate()");
2570 auto key = pkcs->getKey();
2573 "Error in PKCS12::getKey()");
2575 auto caVector = pkcs->getCaCertificateShPtrVector();
2577 2 == caVector.size(),
2578 "Wrong size of vector");
2581 RUNNER_TEST(T1807_create_and_verify_signature)
2584 auto manager = CKM::Manager::create();
2586 std::string message = "message test";
2588 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2589 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2590 CKM::RawBuffer signature;
2593 CKM_API_SUCCESS == (temp = manager->createSignature(
2594 alias_PKCS_exportable,
2596 CKM::RawBuffer(message.begin(), message.end()),
2600 "Error=" << CKM::APICodeToString(temp));
2603 CKM_API_SUCCESS == (temp = manager->verifySignature(
2604 alias_PKCS_exportable,
2606 CKM::RawBuffer(message.begin(), message.end()),
2610 "Error=" << CKM::APICodeToString(temp));
2613 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2616 auto manager = CKM::Manager::create();
2619 "-----BEGIN RSA PRIVATE KEY-----\n"
2620 "MIICWwIBAAKBgQDDgmPurTQa3wbnlM+9nCEQvhDviYRvSC9TL5lAMBCmBSl93v0U\n"
2621 "BXWsqO+fmAINm5QJa89hF5N7Q4xtvfSJUPIeyzowTOEGM4U3FnJtlsNQsoNbFlNy\n"
2622 "QLoZZmmY4ljG6/YqX+JGBgS9/J8uvaDWkvs+ktkORygfNz4Gi5DERT7eeQIDAQAB\n"
2623 "AoGAARIqx/js6yTDnesjxC8hwzy3TQic0Bs+Hx+IoGBjBvXKR2U8T6rD/UEjpuUn\n"
2624 "RbnPcsnDZg3CAg/ZqhQ7TbFC0kPo+S6+wKsZGDWUUvnpMkdcZUqXel8GFhdnmeIh\n"
2625 "22vYthP4TCbolxwXlwvuhu0PLZWhRO/Z+g37T3QENexqGv0CQQDmqJ9PDoUj5eUR\n"
2626 "wWEqEPraoU6ARBUUX5EhmTT9g9/BXnhwumIOksDHcBqNUwNOlKCUlWfBOelO93Ys\n"
2627 "PRW3QyejAkEA2P0tW/8iU4j+0a6DV+TUYFDTjD29y8KPw0Aj59591xD5eIPK3IgU\n"
2628 "91vnmtvU/QR26PnMOx4OAPk9a7BtN62zMwJAIFV0950edtjMUr/cAgydTbadDYf9\n"
2629 "uHxpGN+kOQGahT3b/llyU36o/YwufK8tYH+fPxTulXyrwwEXlL3/ZFBKpwJAeLGS\n"
2630 "Wlp2WGqZ+j2MdwYkDxLGKHprKHwnBN6XWjCKZGbfrGX6H2Jd7xyinaNrO/UQwxO2\n"
2631 "wqc7+NSpkk3G4jJuuwJAODYlk2Q+djE4jkjDc4xiqsQGBQlI2dlgzjRjIF4HWiLx\n"
2632 "bIrI0uCCbGItx++hlvmDx7G8anBmIFfBWIaKdX0aWw==\n"
2633 "-----END RSA PRIVATE KEY-----\n";
2635 std::string message = "message test";
2637 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2638 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2639 "Key is empty. Failed to import private key.");
2642 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2643 "Error=" << CKM::APICodeToString(temp));
2645 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2646 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2647 CKM::RawBuffer signature;
2650 CKM_API_SUCCESS == (temp = manager->createSignature(
2651 alias_PKCS_priv_key_copy,
2653 CKM::RawBuffer(message.begin(), message.end()),
2657 "Error=" << CKM::APICodeToString(temp));
2660 CKM_API_SUCCESS == (temp = manager->verifySignature(
2661 alias_PKCS_exportable,
2663 CKM::RawBuffer(message.begin(), message.end()),
2667 "Error=" << CKM::APICodeToString(temp));
2670 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2673 auto manager = CKM::Manager::create();
2675 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2676 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2677 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2678 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2679 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2680 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2681 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2682 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2683 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2684 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2685 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2686 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2687 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2688 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2689 "-----END RSA PRIVATE KEY-----\n";
2691 std::string message = "message test";
2693 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2694 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2695 "Key is empty. Failed to import private key.");
2698 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2699 "Error=" << CKM::APICodeToString(temp));
2701 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2702 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2703 CKM::RawBuffer signature;
2706 CKM_API_SUCCESS == (temp = manager->createSignature(
2707 alias_PKCS_priv_key_wrong,
2709 CKM::RawBuffer(message.begin(), message.end()),
2713 "Error=" << CKM::APICodeToString(temp));
2716 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2717 alias_PKCS_exportable,
2719 CKM::RawBuffer(message.begin(), message.end()),
2723 "Error=" << CKM::APICodeToString(temp));
2726 RUNNER_TEST(T1810_verify_get_certificate_chain)
2728 // this certificate has been signed using PKCS chain
2730 "-----BEGIN CERTIFICATE-----\n"
2731 "MIICxDCCAi0CFGHuCEUksqn0Rr3SXdhn+TlnL804MA0GCSqGSIb3DQEBCwUAMGEx\n"
2732 "CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n"
2733 "cm5ldCBXaWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMMEXNlcnZlckB0ZXN0bWUuY29t\n"
2734 "MB4XDTE5MDYxMzEyMTkyNloXDTI5MDYxMDEyMTkyNlowXTELMAkGA1UEBhMCQVUx\n"
2735 "EzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg\n"
2736 "UHR5IEx0ZDEWMBQGA1UEAwwNZWVAdGVzdG1lLmNvbTCCASIwDQYJKoZIhvcNAQEB\n"
2737 "BQADggEPADCCAQoCggEBAK3/XvE3uc2EhzwmsAfq6KEw52J8kCAB9Rma/qjkw6ZT\n"
2738 "yUYmSQvmcK8wSDt015Y/ekYLereCeWNLNkFlQeZC7LHT6T1mGnxNIgL3oUS2c+15\n"
2739 "FEYX9QJIN/CoJYQ/tmiQPa1OJz4prUFwqAzM1kRtHGfcAGmQHfgu77P3ljAJzfsW\n"
2740 "2beVHM+MTNSybkGHql28Z93bp382k5FQXegkxbozsKBMk37QjKiqes29J/ET0Huy\n"
2741 "yzOkf+XvbizIPRvMt/2guw9sgRb7YrM2M+igmHIHxfzxuqzpPr+bmcqQdyFdVkAK\n"
2742 "Qcx930HbfjHJ5k5vcovPLQ3LvSnYVCTe7aCAAmMzKXsCAwEAATANBgkqhkiG9w0B\n"
2743 "AQsFAAOBgQBfFMim/9zLd+EeZyeYA0vy3C9YuNJI+KsZlKAfrFDQNeIT/qg/GQM4\n"
2744 "o7I3TIHQ62tdEx6nBJs0DKSAmhRh4yc+P1KHMzIQIgSjftqS3Z+AKbJn6vOpWNTq\n"
2745 "cexnpexaNn69dbqJZsjr0fHsGAkh5n96icAB4VZyFncEknZKbTdd0g==\n"
2746 "-----END CERTIFICATE-----\n";
2748 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2749 CKM::CertificateShPtrVector certChain;
2750 CKM::AliasVector aliasVector;
2753 auto manager = CKM::Manager::create();
2755 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2757 tmp = manager->getCertificateChain(cert,
2762 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2763 "Error=" << CKM::APICodeToString(tmp));
2766 0 == certChain.size(),
2767 "Wrong size of certificate chain.");
2769 aliasVector.push_back(alias_PKCS_exportable);
2771 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2772 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2774 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2776 4 == certChain.size(),
2777 "Wrong size of certificate chain: " << certChain.size());
2780 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2782 auto manager = CKM::Manager::create();
2786 // remove the whole PKCS12 bundles
2788 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2789 "Error=" << CKM::APICodeToString(tmp));
2791 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2792 "Error=" << CKM::APICodeToString(tmp));
2794 // expect lookup fails due to unknown alias
2795 // try to lookup key
2796 CKM::KeyShPtr key_lookup;
2798 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2799 "Error=" << CKM::APICodeToString(tmp));
2801 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2802 "Error=" << CKM::APICodeToString(tmp));
2804 // try to lookup certificate
2805 CKM::CertificateShPtr cert_lookup;
2807 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2808 "Error=" << CKM::APICodeToString(tmp));
2810 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2811 "Error=" << CKM::APICodeToString(tmp));
2814 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2816 CKM::Alias alias = "t1812alias1";
2818 auto manager = CKM::Manager::create();
2819 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2820 std::istreambuf_iterator<char> begin(is), end;
2821 std::vector<char> buff(begin, end);
2823 CKM::PKCS12ShPtr pkcs12;
2824 CKM::Password pass1 = "easypass1";
2825 CKM::Password pass2 = "easypass2";
2827 CKM::RawBuffer buffer(buff.size());
2828 memcpy(buffer.data(), buff.data(), buff.size());
2830 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2833 "Error in PKCS12::create()");
2837 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2838 "Error=" << CKM::APICodeToString(temp));
2841 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2842 "Error=" << CKM::APICodeToString(temp));
2845 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2846 "Error=" << CKM::APICodeToString(temp));
2849 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2850 "Error=" << CKM::APICodeToString(temp));
2853 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2854 "Error=" << CKM::APICodeToString(temp));
2857 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2858 "Error=" << CKM::APICodeToString(temp));
2860 CKM::CertificateShPtr cert;
2862 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2863 "Error=" << CKM::APICodeToString(temp));
2865 CKM::CertificateShPtrVector certChain;
2866 CKM::AliasVector certVect;
2867 certVect.push_back(alias);
2870 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2871 "Error=" << CKM::APICodeToString(temp));
2874 RUNNER_TEST(T1813_deinit)
2877 auto control = CKM::Control::create();
2880 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2881 "Error=" << CKM::APICodeToString(temp));
2884 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2886 const char * const T190_PASSWD = "t190-special-password";
2888 RUNNER_TEST(T1901_init_unlock_key)
2890 reset_user_data(USER_APP, T190_PASSWD);
2893 RUNNER_TEST(T1902_get_data)
2895 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2897 auto manager = CKM::Manager::create();
2900 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2903 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2904 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2907 RUNNER_TEST(T1903_lock_database)
2910 auto control = CKM::Control::create();
2912 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2913 "Error=" << CKM::APICodeToString(tmp));
2916 RUNNER_TEST(T1904_get_data_from_locked_database)
2918 auto manager = CKM::Manager::create();
2921 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2924 CKM_API_ERROR_DB_LOCKED == status1,
2925 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2928 RUNNER_TEST(T1905_deinit)
2930 remove_user_data(USER_APP);
2933 int main(int argc, char *argv[])
2935 uid_t expected_uid = tzplatform_getuid(TZ_SYS_DEFAULT_USER);
2936 if (expected_uid != geteuid()) {
2937 std::string userStr("owner");
2938 const char* user = tzplatform_getenv(TZ_SYS_DEFAULT_USER);
2942 std::cerr << argv[0] << " should be executed as " << userStr << ". Aborting" << std::endl;
2946 int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
2948 detectCkmBugTrustzoneLeak();
projects / platform / core / test / security-tests.git / blob