2 * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
25 #include <dpl/test/test_runner.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
29 #include <ckm_helpers.h>
31 #include <ckm-common.h>
32 #include <ckm/ckm-manager.h>
33 #include <ckm/ckm-control.h>
34 #include <ckm/ckm-password.h>
35 #include <ckm/ckm-type.h>
36 #include <ckm/ckm-pkcs12.h>
38 #include <openssl/x509.h>
39 #include <openssl/x509v3.h>
41 #include <tzplatform_config.h>
44 const int USER_APP = 5001;
46 const int USER_APP_2 = 5020;
47 const int USER_APP_3 = 5030;
49 const char * const APP_PASS = "user-pass";
50 const int USER_TEST = 5001;
52 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
53 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
54 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
55 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
56 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
57 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
58 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
59 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
60 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
62 "-----END PUBLIC KEY-----";
64 } // namespace anonymous
67 * How to numerate tests:
69 * T - test case (always T)
70 * AB - number of test group (always two digits)
71 * C - test number in group (all tests with same TABC must be run in the same time).
74 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
76 RUNNER_TEST(T0011_Control)
79 auto control = CKM::Control::create();
81 control->removeUserData(0);
82 control->removeUserData(USER_APP_2);
83 control->removeUserData(USER_APP);
86 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
87 "Error=" << CKM::APICodeToString(temp));
90 RUNNER_TEST(T0012_Control)
93 auto control = CKM::Control::create();
95 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
96 "Error=" << CKM::APICodeToString(temp));
98 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
99 "Error=" << CKM::APICodeToString(temp));
102 RUNNER_TEST(T0013_Control)
105 auto control = CKM::Control::create();
107 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
108 "Error=" << CKM::APICodeToString(temp));
111 RUNNER_TEST(T0014_Control)
114 auto control = CKM::Control::create();
116 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
117 "Error=" << CKM::APICodeToString(temp));
120 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
121 "Error=" << CKM::APICodeToString(temp));
124 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
125 "Error=" << CKM::APICodeToString(temp));
128 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
129 "Error=" << CKM::APICodeToString(temp));
132 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
133 "Error=" << CKM::APICodeToString(temp));
136 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
137 "Error=" << CKM::APICodeToString(temp));
140 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
141 "Error=" << CKM::APICodeToString(temp));
144 RUNNER_TEST(T0015_Control)
147 auto control = CKM::Control::create();
149 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
150 "Error=" << CKM::APICodeToString(temp));
152 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
153 "Error=" << CKM::APICodeToString(temp));
155 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
156 "Error=" << CKM::APICodeToString(temp));
158 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
159 "Error=" << CKM::APICodeToString(temp));
162 RUNNER_TEST(T0016_Control_negative_wrong_password)
165 auto control = CKM::Control::create();
167 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
168 "Error=" << CKM::APICodeToString(temp));
170 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
171 "Error=" << CKM::APICodeToString(temp));
173 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
174 "Error=" << CKM::APICodeToString(temp));
176 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
177 "Error=" << CKM::APICodeToString(temp));
179 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
180 "Error=" << CKM::APICodeToString(temp));
183 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
185 RUNNER_TEST(T1010_init)
187 unlock_user_data(USER_APP, "user-pass");
190 RUNNER_TEST(T1011_key)
193 auto manager = CKM::Manager::create();
195 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
196 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
197 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
198 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
199 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
200 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
201 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
203 "-----END PUBLIC KEY-----";
205 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
206 auto key = CKM::Key::create(buffer, CKM::Password());
208 CKM::Alias alias = "mykey";
211 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
212 "Error=" << CKM::APICodeToString(temp));
214 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
215 "Error=" << CKM::APICodeToString(temp));
217 key->getDER() == key2->getDER(),
218 "Key value has been changed by service");
221 RUNNER_TEST(T1012_certificate)
224 auto manager = CKM::Manager::create();
226 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
227 CKM::CertificateShPtr cert2;
228 CKM::Alias alias = "myCert";
231 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
232 "Error=" << CKM::APICodeToString(temp));
234 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
235 "Error=" << CKM::APICodeToString(temp));
237 cert->getDER() == cert2->getDER(),
238 "Data has been modified in key manager");
241 RUNNER_TEST(T1014_save_with_label)
244 auto manager = CKM::Manager::create();
246 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
247 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
248 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
249 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
250 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
251 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
252 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
254 "-----END PUBLIC KEY-----";
256 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
257 auto key = CKM::Key::create(buffer, CKM::Password());
258 CKM::KeyShPtr key_name, key_full_addr;
259 CKM::Alias alias = "mykey-2";
260 std::string top_label = getOwnerIdFromSelf();
261 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
264 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
265 "Error=" << CKM::APICodeToString(temp));
269 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
270 "Error=" << CKM::APICodeToString(temp));
272 key->getDER() == key_name->getDER(),
273 "Key value has been changed by service");
275 // lookup by full address
277 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
278 "Error=" << CKM::APICodeToString(temp));
280 key->getDER() == key_full_addr->getDER(),
281 "Key value has been changed by service");
284 RUNNER_TEST(T1020_save_big_data)
287 const size_t BIG_SIZE = 100000;
288 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
290 const size_t BIG_SIZE = 5000000;
291 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
295 std::vector<char> big_data(BIG_SIZE);
296 std::ifstream is("/dev/urandom", std::ifstream::binary);
298 is.read(big_data.data(), BIG_SIZE);
300 RUNNER_ASSERT_MSG(is,
301 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
303 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
304 CKM::Policy policy(CKM::Password(), true, backend);
305 CKM::RawBuffer returned;
307 auto manager = CKM::Manager::create();
310 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
311 "Error=" << CKM::APICodeToString(temp));
314 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
315 "Error=" << CKM::APICodeToString(temp));
317 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
320 RUNNER_TEST(T1015_deinit)
322 remove_user_data(USER_APP);
325 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
327 RUNNER_TEST(T1020_init)
330 auto control = CKM::Control::create();
332 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
333 "Error=" << CKM::APICodeToString(temp));
336 RUNNER_TEST(T1021_save_keys_get_alias)
339 auto manager = CKM::Manager::create();
341 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
342 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
343 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
344 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
345 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
346 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
347 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
349 "-----END PUBLIC KEY-----";
351 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
352 auto key = CKM::Key::create(buffer, CKM::Password());
353 CKM::AliasVector labelAliasVector;
355 size_t current_aliases_num = count_aliases(ALIAS_KEY);
357 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
358 "Error=" << CKM::APICodeToString(temp));
360 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
361 "Error=" << CKM::APICodeToString(temp));
363 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
364 "Error=" << CKM::APICodeToString(temp));
366 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
367 "Error=" << CKM::APICodeToString(temp));
369 labelAliasVector.size() == (current_aliases_num+3),
370 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
373 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
376 auto manager = CKM::Manager::create();
378 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
379 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
380 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
381 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
382 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
383 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
384 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
386 "-----END PUBLIC KEY-----";
388 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
389 auto key = CKM::Key::create(buffer, CKM::Password());
390 CKM::AliasVector labelAliasVector;
392 size_t current_aliases_num = count_aliases(ALIAS_KEY);
394 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
395 "Error=" << CKM::APICodeToString(temp));
397 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
398 "Error=" << CKM::APICodeToString(temp));
400 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
401 "Error=" << CKM::APICodeToString(temp));
403 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
404 "Error=" << CKM::APICodeToString(temp));
406 labelAliasVector.size() == (current_aliases_num+3),
407 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
410 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
413 auto manager = CKM::Manager::create();
415 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
416 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
417 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
418 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
419 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
420 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
421 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
423 "-----END PUBLIC KEY-----";
425 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
426 auto key = CKM::Key::create(buffer, CKM::Password());
427 CKM::AliasVector aliasVector;
428 CKM::Policy notExportable(CKM::Password(), false);
431 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
432 "Error=" << CKM::APICodeToString(temp));
434 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
435 "Error=" << CKM::APICodeToString(temp));
437 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
438 "Error=" << CKM::APICodeToString(temp));
441 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
443 remove_user_data(USER_APP);
446 const int aliasNameCount = 10;
447 auto manager = CKM::Manager::create();
449 CKM::AliasPwdVector expected;
450 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
451 auto key = CKM::Key::create(buffer, CKM::Password());
452 std::string currentAlias;
454 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
455 // make aliases with & without: password protection, exportable flag
456 for (int it = 0; it < aliasNameCount; ++it)
458 CKM::Policy policy = generate_ckm_policy(it);
459 currentAlias = "T1024_appkey" + std::to_string(it);
460 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
462 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
463 "Error=" << CKM::APICodeToString(exitCode));
466 CKM::AliasPwdVector actual;
469 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasPwdVector(actual)),
470 "Error=" << CKM::APICodeToString(exitCode));
472 actual.size() == (beforeSaveAliasCount + aliasNameCount),
473 "Wrong aliases count: " << actual.size() << " Expected: "
474 << (beforeSaveAliasCount + aliasNameCount));
475 check_alias_info_list_helper(expected, actual, "/User ");
477 remove_user_data(USER_APP);
480 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
482 remove_user_data(USER_APP);
485 const int aliasNameCount = 10;
486 auto manager = CKM::Manager::create();
488 CKM::AliasPwdVector expected;
489 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
490 std::string currentAlias;
492 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
493 for (int it = 0; it < aliasNameCount; ++it)
495 CKM::Policy policy = generate_ckm_policy(it);
496 currentAlias = "T1025_appcert" + std::to_string(it);
497 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
499 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
500 "Error=" << CKM::APICodeToString(exitCode));
503 CKM::AliasPwdVector actual;
505 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasPwdVector(actual)),
506 "Error=" << CKM::APICodeToString(exitCode));
508 actual.size() == (beforeSaveAliasCount + aliasNameCount),
509 "Wrong aliases count: " << actual.size() << " Expected: "
510 << (beforeSaveAliasCount + aliasNameCount));
511 check_alias_info_list_helper(expected, actual, "/User ");
513 remove_user_data(USER_APP);
516 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
518 remove_user_data(USER_APP);
521 const int aliasNameCount = 10;
522 auto manager = CKM::Manager::create();
524 CKM::AliasPwdVector expected;
525 std::string binData = "My bin data";
526 CKM::RawBuffer buffer(binData.begin(), binData.end());
527 std::string currentAlias;
529 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
530 for (int it = 0; it < aliasNameCount; ++it)
532 CKM::Policy policy = generate_ckm_policy(it);
533 currentAlias = "T1026_appdata" + std::to_string(it);
534 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
536 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
537 "Error=" << CKM::APICodeToString(exitCode));
540 CKM::AliasPwdVector actual;
542 CKM_API_SUCCESS == (exitCode = manager->getDataAliasPwdVector(actual)),
543 "Error=" << CKM::APICodeToString(exitCode));
545 actual.size() == (beforeSaveAliasCount + aliasNameCount),
546 "Wrong aliases count: " << actual.size() << " Expected: "
547 << (beforeSaveAliasCount + aliasNameCount));
548 check_alias_info_list_helper(expected, actual, "/User ");
550 remove_user_data(USER_APP);
553 RUNNER_TEST(T1029_deinit)
555 remove_user_data(USER_APP);
558 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
559 RUNNER_TEST(T1030_init)
561 reset_user_data(USER_APP, APP_PASS);
564 RUNNER_TEST(T1032_app_user_save_bin_data)
566 ScopedDBUnlock unlock(USER_APP, APP_PASS);
569 auto manager = CKM::Manager::create();
571 std::string binData = "My bin data";
573 CKM::RawBuffer buffer(binData.begin(), binData.end());
575 CKM::AliasVector labelAliasVector;
577 size_t current_aliases_num = count_aliases(ALIAS_DATA);
579 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
580 "Error=" << CKM::APICodeToString(temp));
582 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
583 "Error=" << CKM::APICodeToString(temp));
585 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
586 "Error=" << CKM::APICodeToString(temp));
588 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
589 "Error=" << CKM::APICodeToString(temp));
591 labelAliasVector.size() == (current_aliases_num+3),
592 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
595 RUNNER_TEST(T1034_app_remove_bin_data)
597 ScopedDBUnlock unlock(USER_APP, APP_PASS);
600 auto manager = CKM::Manager::create();
602 std::string binData2 = "My bin data";
603 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
605 CKM::AliasVector labelAliasVector;
607 size_t current_aliases_num = count_aliases(ALIAS_DATA);
608 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
610 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
611 "Error=" << CKM::APICodeToString(temp));
613 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
614 "Error=" << CKM::APICodeToString(temp));
616 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
617 "Error=" << CKM::APICodeToString(temp));
619 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
620 "Error=" << CKM::APICodeToString(temp));
622 labelAliasVector.size() == (current_aliases_num-2),
623 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
625 CKM::RawBuffer buffer;
627 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
628 "Error=" << CKM::APICodeToString(temp));
633 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
634 "Error=" << CKM::APICodeToString(temp));
637 RUNNER_TEST(T1035_getData_wrong_password)
639 ScopedDBUnlock unlock(USER_APP, APP_PASS);
642 auto manager = CKM::Manager::create();
644 std::string binData1 = "My bin data4";
646 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
649 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
650 "Error=" << CKM::APICodeToString(temp));
652 CKM::RawBuffer buffer;
654 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
655 "Error=" << CKM::APICodeToString(temp));
661 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
662 "Error=" << CKM::APICodeToString(temp));
665 RUNNER_TEST(T1036_deinit)
667 remove_user_data(USER_APP);
670 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
672 RUNNER_TEST(T1040_init)
675 auto control = CKM::Control::create();
678 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
679 "Error=" << CKM::APICodeToString(temp));
682 RUNNER_TEST(T1041_create_RSA_key)
685 auto manager = CKM::Manager::create();
688 size_t current_aliases_num = count_aliases(ALIAS_KEY);
690 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
691 "Error=" << CKM::APICodeToString(temp));
693 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
694 "Error=" << CKM::APICodeToString(temp));
696 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
697 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
700 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
703 auto manager = CKM::Manager::create();
707 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
708 "Error=" << CKM::APICodeToString(temp));
710 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
711 "Error=" << CKM::APICodeToString(temp));
714 RUNNER_TEST(T1043_create_DSA_key)
717 auto manager = CKM::Manager::create();
720 size_t current_aliases_num = count_aliases(ALIAS_KEY);
722 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
723 "Error=" << CKM::APICodeToString(temp));
725 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
726 "Error=" << CKM::APICodeToString(temp));
728 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
729 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
732 RUNNER_TEST(T1044_create_AES_key)
735 auto manager = CKM::Manager::create();
738 int current_aliases_num = count_aliases(ALIAS_KEY);
740 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
741 "Error=" << CKM::APICodeToString(temp));
743 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
744 "Error=" << CKM::APICodeToString(temp));
746 (current_aliases_num+1) == (temp = av.size()),
747 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
750 RUNNER_TEST(T1049_deinit)
752 remove_user_data(USER_APP);
756 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
758 RUNNER_TEST(T1110_init)
760 unlock_user_data(USER_APP, "user-pass");
763 RUNNER_TEST(T1111_CreateKeyPairRSA)
766 auto manager = CKM::Manager::create();
767 CKM::Alias a1 = "rsa-test-1";
768 CKM::Alias a2 = "rsa-test-2";
772 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
773 "Error=" << CKM::APICodeToString(temp));
775 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
776 "Error=" << CKM::APICodeToString(temp));
779 RUNNER_TEST(T1112_CreateKeyPairDSA)
782 auto manager = CKM::Manager::create();
783 CKM::Alias a1 = "dsa-test-1";
784 CKM::Alias a2 = "dsa-test-2";
788 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
789 "Error=" << CKM::APICodeToString(temp));
791 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
792 "Error=" << CKM::APICodeToString(temp));
795 RUNNER_TEST(T1113_CreateKeyPairECDSA)
798 auto manager = CKM::Manager::create();
799 CKM::Alias a1 = "ecdsa-test-1";
800 CKM::Alias a2 = "ecdsa-test-2";
804 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
805 "Error=" << CKM::APICodeToString(temp));
808 RUNNER_TEST(T1114_deinit)
810 remove_user_data(USER_APP);
813 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
815 RUNNER_TEST(T12100_init)
817 reset_user_data(USER_APP, APP_PASS);
820 RUNNER_TEST(T12101_key_exist)
822 ScopedDBUnlock unlock(USER_APP, APP_PASS);
825 auto manager = CKM::Manager::create();
827 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
828 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
829 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
830 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
831 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
832 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
833 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
835 "-----END PUBLIC KEY-----";
837 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
838 auto key = CKM::Key::create(buffer);
839 CKM::Alias alias = "rsa-alias-duplication";
842 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
843 "Error=" << CKM::APICodeToString(ret));
845 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
846 "Error=" << CKM::APICodeToString(ret));
850 * These test cases tests API when empty parameters are passed to functions
853 RUNNER_TEST(T12102_saveKey_empty_alias)
855 ScopedDBUnlock unlock(USER_APP, APP_PASS);
857 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
858 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
859 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
860 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
861 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
862 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
863 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
864 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
866 "-----END PUBLIC KEY-----";
868 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
869 auto key = CKM::Key::create(buffer);
870 CKM::Alias alias; //alias is not initialized
873 auto manager = CKM::Manager::create();
875 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
876 "Error=" << CKM::APICodeToString(ret));
879 RUNNER_TEST(T12103_saveKey_foreign_label)
881 ScopedDBUnlock unlock(USER_APP, APP_PASS);
883 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
884 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
885 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
886 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
887 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
888 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
889 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
891 "-----END PUBLIC KEY-----";
893 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
894 auto key = CKM::Key::create(buffer);
895 CKM::Alias alias = "iamsomebodyelse alias";
898 auto manager = CKM::Manager::create();
900 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
901 "Error=" << CKM::APICodeToString(ret));
904 RUNNER_TEST(T12104_saveKey_empty_key)
906 ScopedDBUnlock unlock(USER_APP, APP_PASS);
908 CKM::KeyShPtr key; //key is not initialized
909 CKM::Alias alias = "empty-key";
912 auto manager = CKM::Manager::create();
914 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
915 "Error=" << CKM::APICodeToString(ret));
918 RUNNER_TEST(T12105_saveCertificate_empty_alias)
920 ScopedDBUnlock unlock(USER_APP, APP_PASS);
922 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
923 CKM::Alias alias; //alias is not initialized
926 auto manager = CKM::Manager::create();
928 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
929 "Error=" << CKM::APICodeToString(temp));
932 RUNNER_TEST(T12106_saveCertificate_foreign_label)
934 ScopedDBUnlock unlock(USER_APP, APP_PASS);
936 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
937 CKM::Alias alias = "iamsomebodyelse alias";
940 auto manager = CKM::Manager::create();
942 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
943 "Error=" << CKM::APICodeToString(temp));
946 RUNNER_TEST(T12107_saveCertificate_empty_cert)
948 ScopedDBUnlock unlock(USER_APP, APP_PASS);
950 CKM::CertificateShPtr cert; //cert is not initialized
951 CKM::Alias alias = "empty-cert";
954 auto manager = CKM::Manager::create();
956 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
957 "Error=" << CKM::APICodeToString(temp));
960 RUNNER_TEST(T12108_saveData_empty_alias)
962 ScopedDBUnlock unlock(USER_APP, APP_PASS);
964 std::string testData = "test data test data test data";
965 CKM::RawBuffer buffer(testData.begin(), testData.end());
969 auto manager = CKM::Manager::create();
971 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
972 "Error=" << CKM::APICodeToString(temp));
975 RUNNER_TEST(T12109_saveData_foreign_label)
977 ScopedDBUnlock unlock(USER_APP, APP_PASS);
979 std::string testData = "test data test data test data";
980 CKM::RawBuffer buffer(testData.begin(), testData.end());
981 CKM::Alias alias = "iamsomebodyelse alias";
984 auto manager = CKM::Manager::create();
986 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
987 "Error=" << CKM::APICodeToString(temp));
990 RUNNER_TEST(T12110_saveData_empty_data)
992 ScopedDBUnlock unlock(USER_APP, APP_PASS);
994 CKM::RawBuffer buffer;
995 CKM::Alias alias = "empty-data";
998 auto manager = CKM::Manager::create();
1000 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1001 "Error=" << CKM::APICodeToString(temp));
1005 * These test cases tests API when trying to get data from not existing alias
1008 RUNNER_TEST(T12111_getKey_alias_not_exist)
1010 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1013 CKM::Alias alias = "this-alias-not-exist";
1016 auto manager = CKM::Manager::create();
1018 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1019 "Error=" << CKM::APICodeToString(temp));
1022 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1024 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1026 CKM::CertificateShPtr certificate;
1027 CKM::Alias alias = "this-alias-not-exist";
1030 auto manager = CKM::Manager::create();
1032 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1033 "Error=" << CKM::APICodeToString(temp));
1036 RUNNER_TEST(T12113_getData_alias_not_exist)
1038 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1041 auto manager = CKM::Manager::create();
1042 CKM::RawBuffer buffer;
1043 CKM::Alias alias("some alias");
1045 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1046 "Error=" << CKM::APICodeToString(temp));
1050 * These test cases tests API when damaged keys are used
1052 RUNNER_TEST(T12114_RSA_key_damaged)
1054 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1057 auto manager = CKM::Manager::create();
1059 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1060 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1061 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1062 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1063 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1064 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1065 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1067 "-----END PUBLIC KEY-----";
1069 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1070 auto key = CKM::Key::create(buffer);
1071 CKM::Alias alias = "damaged-rsa";
1074 NULL == key.get(), "Key is broken. It should be empty");
1077 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1078 "Error=" << CKM::APICodeToString(ret));
1081 RUNNER_TEST(T12115_RSA_key_too_short)
1083 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1086 auto manager = CKM::Manager::create();
1088 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1089 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1090 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1091 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1092 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1093 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1094 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1096 "-----END PUBLIC KEY-----";
1098 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1099 auto key = CKM::Key::create(buffer);
1100 CKM::Alias alias = "short-rsa";
1103 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1104 "Error=" << CKM::APICodeToString(ret));
1107 RUNNER_TEST(T12116_DSA_key_too_short)
1109 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1112 auto manager = CKM::Manager::create();
1114 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1115 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1116 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1117 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1118 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1119 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1120 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1121 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1122 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1123 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1124 "YMYCBhubtrVaLmc=\n"
1125 "-----END PUBLIC KEY-----";
1127 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1128 auto key = CKM::Key::create(buffer);
1129 CKM::Alias alias = "short-dsa";
1132 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1133 "Error=" << CKM::APICodeToString(ret));
1136 RUNNER_TEST(T12117_AES_key_too_short)
1139 auto manager = CKM::Manager::create();
1141 size_t key_size = (128-1);
1142 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1144 auto key = CKM::Key::create(key_AES);
1145 CKM::Alias alias = "short-AES";
1148 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1149 "Error=" << CKM::APICodeToString(ret));
1153 * These test cases tests CKM service if malicious data is provided over the socket.
1156 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1158 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1161 auto manager = CKM::Manager::create();
1163 // fake the client - let the service detect the problem
1164 class WrongKeyImpl : public CKM::Key
1167 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1170 virtual bool empty() const {
1174 virtual CKM::KeyType getType() const {
1175 return CKM::KeyType::KEY_RSA_PUBLIC;
1177 virtual int getSize() const {
1180 virtual CKM::ElipticCurve getCurve() const {
1181 return CKM::ElipticCurve::prime192v1;
1183 virtual CKM::RawBuffer getDER() const {
1186 virtual ~WrongKeyImpl() {}
1188 CKM::RawBuffer & m_dummy;
1190 std::string dummyData = "my_cat_Berta\n";
1191 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1192 auto key = std::make_shared<WrongKeyImpl>(buffer);
1193 CKM::Alias alias = "damaged-rsa";
1196 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1197 "Error=" << CKM::APICodeToString(ret));
1200 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1202 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1204 // fake the client - let the service detect the problem
1205 class WrongCertImpl : public CKM::Certificate
1208 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1209 m_x509 = X509_new();
1212 bool empty() const {
1216 virtual X509 *getX509() const {
1220 virtual CKM::RawBuffer getDER() const {
1224 virtual ~WrongCertImpl() {
1229 CKM::RawBuffer & m_dummy;
1231 std::string dummyData = "my_cat_Stefan\n";
1232 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1233 auto cert = std::make_shared<WrongCertImpl>(buffer);
1234 CKM::Alias alias = "damaged-cert";
1237 auto manager = CKM::Manager::create();
1239 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1240 "Error=" << CKM::APICodeToString(temp));
1243 RUNNER_TEST(T12120_deinit)
1245 remove_user_data(USER_APP);
1248 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1250 RUNNER_TEST(T1311_init)
1252 remove_user_data(USER_APP);
1253 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1254 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1256 struct hostent* he = gethostbyname("google.com");
1258 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1259 "is not woking on the device. OCSP tests requires network access!");
1262 RUNNER_TEST(T13121_get_chain_no_cert)
1264 CKM::CertificateShPtrVector certChain;
1265 CKM::CertificateShPtr cert;
1267 auto manager = CKM::Manager::create();
1269 int ret = manager->getCertificateChain(cert,
1274 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1275 "Function should fail for empty certificate");
1278 RUNNER_TEST(T13122_get_chain_empty_cert)
1280 CKM::CertificateShPtrVector certChain;
1281 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1282 CKM::DataFormat::FORM_PEM);
1284 auto manager = CKM::Manager::create();
1286 int ret = manager->getCertificateChain(cert,
1291 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1292 "Function should fail for empty certificate");
1295 RUNNER_TEST(T13129_get_chain)
1297 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1298 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1299 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1301 CKM::CertificateShPtrVector certVector = {cert1};
1302 CKM::CertificateShPtrVector certChain;
1303 CKM::CertificateShPtrVector trusted = {root};
1306 auto manager = CKM::Manager::create();
1308 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1309 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1311 tmp = manager->getCertificateChain(cert,
1316 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1317 "Error=" << CKM::APICodeToString(tmp));
1320 0 == certChain.size(),
1321 "Wrong size of certificate chain.");
1323 tmp = manager->getCertificateChain(cert, certVector, trusted, true, certChain);
1324 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1327 3 == certChain.size(),
1328 "Wrong size of certificate chain.");
1331 RUNNER_TEST(T1313_get_chain_with_alias)
1333 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1334 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1335 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1337 CKM::CertificateShPtrVector certChain;
1340 auto manager = CKM::Manager::create();
1342 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1343 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1345 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, EMPTY_ALIAS_VECTOR, true, certChain);
1346 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1347 "Error=" << CKM::APICodeToString(tmp));
1350 0 == certChain.size(),
1351 "Wrong size of certificate chain.");
1353 CKM::AliasVector aliasVector = { "imcert" };
1355 CKM_API_SUCCESS == (tmp = manager->saveCertificate(aliasVector[0], cert1, CKM::Policy())),
1356 "Error=" << CKM::APICodeToString(tmp));
1358 CKM::AliasVector trustedAliasVector = { "rootcert" };
1360 CKM_API_SUCCESS == (tmp = manager->saveCertificate(trustedAliasVector[0], root, CKM::Policy())),
1361 "Error=" << CKM::APICodeToString(tmp));
1363 tmp = manager->getCertificateChain(cert, aliasVector, trustedAliasVector, true, certChain);
1364 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1367 3 == certChain.size(),
1368 "Wrong size of certificate chain.");
1371 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1373 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1375 CKM::CertificateShPtrVector certChain;
1378 auto manager = CKM::Manager::create();
1380 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1382 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1383 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1386 2 == certChain.size(),
1387 "Wrong size of certificate chain.");
1391 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1392 "Error=" << CKM::APICodeToString(tmp));
1394 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1397 RUNNER_TEST(T13142_ocsp_check_empty)
1399 CKM::CertificateShPtrVector certVector;
1401 auto manager = CKM::Manager::create();
1406 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1407 "ocspCheck should fail for empty certificate vector");
1410 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1412 CKM::CertificateShPtrVector certVector = {
1413 CKM::CertificateShPtr(),
1414 CKM::CertificateShPtr(),
1415 CKM::CertificateShPtr()};
1417 auto manager = CKM::Manager::create();
1422 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1423 "ocspCheck should fail for empty certificate vector");
1426 RUNNER_TEST(T13144_ocsp_check_root)
1428 auto root = TestData::getTestCertificate(TestData::OCSP_ROOT_CA);
1429 CKM::CertificateShPtrVector certVector = {root};
1431 auto manager = CKM::Manager::create();
1433 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1438 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1439 "Ocsp should fail for single certificate");
1442 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1444 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1445 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1447 CKM::CertificateShPtrVector certVector = {ca, root};
1449 auto manager = CKM::Manager::create();
1451 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1452 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1457 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1458 "Error=" << CKM::APICodeToString(tmp));
1460 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1463 RUNNER_TEST(T1315_deinit)
1465 remove_user_data(USER_APP);
1468 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1470 RUNNER_TEST(T1411_init)
1472 remove_user_data(USER_APP);
1475 RUNNER_TEST(T1412_RSA_key_create_verify)
1478 auto manager = CKM::Manager::create();
1480 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1481 "Proc-Type: 4,ENCRYPTED\n"
1482 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1484 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1485 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1486 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1487 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1488 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1489 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1490 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1491 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1492 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1493 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1494 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1495 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1496 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1497 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1498 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1499 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1500 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1501 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1502 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1503 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1504 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1505 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1506 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1507 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1508 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1509 "-----END RSA PRIVATE KEY-----\n";
1511 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1512 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1513 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1514 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1515 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1516 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1517 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1519 "-----END PUBLIC KEY-----\n";
1521 std::string message = "message test";
1523 CKM::Alias aliasPub = "pub1";
1524 CKM::Alias aliasPrv = "prv1";
1525 CKM::Password password = "1234";
1526 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1527 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1528 CKM::RawBuffer signature;
1530 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1531 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1533 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1534 "Key is empty. Failed to import public key.");
1535 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1536 "Key is empty. Failed to import private key.");
1539 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1540 "Error=" << CKM::APICodeToString(temp));
1542 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1543 "Error=" << CKM::APICodeToString(temp));
1546 CKM_API_SUCCESS == (temp = manager->createSignature(
1549 CKM::RawBuffer(message.begin(), message.end()),
1553 "Error=" << CKM::APICodeToString(temp));
1556 CKM_API_SUCCESS == (temp = manager->verifySignature(
1559 CKM::RawBuffer(message.begin(), message.end()),
1563 "Error=" << CKM::APICodeToString(temp));
1566 RUNNER_TEST(T1413_DSA_key_create_verify)
1569 auto manager = CKM::Manager::create();
1571 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1572 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1573 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1574 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1575 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1576 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1577 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1578 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1579 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1580 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1581 "u1roOuaPY+Hl19BlTE2qdw==\n"
1582 "-----END DSA PRIVATE KEY-----";
1584 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1585 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1586 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1587 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1588 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1589 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1590 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1591 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1592 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1593 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1594 "YMYCBhubtrVaLmc=\n"
1595 "-----END PUBLIC KEY-----";
1597 std::string message = "message test";
1599 CKM::Alias aliasPub = "pub2";
1600 CKM::Alias aliasPrv = "prv2";
1601 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1602 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1603 CKM::RawBuffer signature;
1605 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1606 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1608 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1609 "Key is empty. Failed to import public key.");
1610 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1611 "Key is empty. Failed to import private key.");
1614 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1615 "Error=" << CKM::APICodeToString(temp));
1617 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1618 "Error=" << CKM::APICodeToString(temp));
1621 CKM_API_SUCCESS == (temp = manager->createSignature(
1624 CKM::RawBuffer(message.begin(), message.end()),
1628 "Error=" << CKM::APICodeToString(temp));
1631 CKM_API_SUCCESS == (temp = manager->verifySignature(
1634 CKM::RawBuffer(message.begin(), message.end()),
1638 "Error=" << CKM::APICodeToString(temp));
1642 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1645 auto manager = CKM::Manager::create();
1647 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1648 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1649 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1650 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1651 "-----END EC PRIVATE KEY-----\n";
1653 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1654 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1655 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1656 "-----END PUBLIC KEY-----\n";
1658 std::string message = "message test";
1660 CKM::Alias aliasPub = "ecpub2";
1661 CKM::Alias aliasPrv = "ecprv2";
1662 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1663 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1664 CKM::RawBuffer signature;
1666 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1667 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1669 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1670 "Key is empty. Failed to import public key.");
1671 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1672 "Key is empty. Failed to import private key.");
1675 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1676 "Error=" << CKM::APICodeToString(temp));
1678 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1679 "Error=" << CKM::APICodeToString(temp));
1682 CKM_API_SUCCESS == (temp = manager->createSignature(
1685 CKM::RawBuffer(message.begin(), message.end()),
1689 "Error=" << CKM::APICodeToString(temp));
1692 CKM_API_SUCCESS == (temp = manager->verifySignature(
1695 CKM::RawBuffer(message.begin(), message.end()),
1699 "Error=" << CKM::APICodeToString(temp));
1701 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1703 memcpy((void*)signature.data(), "BROKEN", 6);
1706 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1709 CKM::RawBuffer(message.begin(), message.end()),
1713 "Error=" << CKM::APICodeToString(temp));
1716 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1719 auto manager = CKM::Manager::create();
1720 std::string message = "message asdfaslkdfjlksadjf test";
1722 CKM::Alias aliasPub = "pub1";
1723 CKM::Alias aliasPrv = "prv1";
1725 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1726 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1727 CKM::RawBuffer signature;
1730 CKM_API_SUCCESS == (temp = manager->createSignature(
1733 CKM::RawBuffer(message.begin(), message.end()),
1737 "Error=" << CKM::APICodeToString(temp));
1740 CKM_API_SUCCESS == (temp = manager->verifySignature(
1743 CKM::RawBuffer(message.begin(), message.end()),
1747 "Error=" << CKM::APICodeToString(temp));
1749 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1750 memcpy((void*)signature.data(), "BROKEN", 6);
1753 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1756 CKM::RawBuffer(message.begin(), message.end()),
1760 "Error=" << CKM::APICodeToString(temp));
1763 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1766 auto manager = CKM::Manager::create();
1767 std::string message = "message asdfaslkdfjlksadjf test";
1769 CKM::Alias aliasPub = "pub2";
1770 CKM::Alias aliasPrv = "prv2";
1772 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1773 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1774 CKM::RawBuffer signature;
1777 CKM_API_SUCCESS == (temp = manager->createSignature(
1780 CKM::RawBuffer(message.begin(), message.end()),
1784 "Error=" << CKM::APICodeToString(temp));
1787 CKM_API_SUCCESS == (temp = manager->verifySignature(
1790 CKM::RawBuffer(message.begin(), message.end()),
1794 "Error=" << CKM::APICodeToString(temp));
1796 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1797 memcpy((void*)signature.data(), "BROKEN", 6);
1800 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1803 CKM::RawBuffer(message.begin(), message.end()),
1807 "Error=" << CKM::APICodeToString(temp));
1810 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1813 auto manager = CKM::Manager::create();
1816 "-----BEGIN RSA PRIVATE KEY-----\n"
1817 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1818 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1819 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1820 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1821 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1822 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1823 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1824 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1825 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1826 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1827 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1828 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1829 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1830 "-----END RSA PRIVATE KEY-----\n";
1833 "-----BEGIN CERTIFICATE-----\n"
1834 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1835 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1836 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1837 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1838 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1839 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1840 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1841 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1842 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1843 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1844 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1845 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1846 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1847 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1848 "-----END CERTIFICATE-----\n";
1850 std::string message = "message test";
1852 CKM::Alias aliasPub = "pub1-cert";
1853 CKM::Alias aliasPrv = "prv1-cert";
1854 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1855 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1856 CKM::RawBuffer signature;
1858 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1859 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1861 RUNNER_ASSERT_MSG(NULL != cert.get(),
1862 "Key is empty. Failed to import public key.");
1863 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1864 "Key is empty. Failed to import private key.");
1867 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1868 "Error=" << CKM::APICodeToString(temp));
1870 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1871 "Error=" << CKM::APICodeToString(temp));
1874 CKM_API_SUCCESS == (temp = manager->createSignature(
1877 CKM::RawBuffer(message.begin(), message.end()),
1881 "Error=" << CKM::APICodeToString(temp));
1884 CKM_API_SUCCESS == (temp = manager->verifySignature(
1887 CKM::RawBuffer(message.begin(), message.end()),
1891 "Error=" << CKM::APICodeToString(temp));
1893 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1895 memcpy((void*)signature.data(), "BROKEN", 6);
1898 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1901 CKM::RawBuffer(message.begin(), message.end()),
1905 "Error=" << CKM::APICodeToString(temp));
1908 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1911 auto manager = CKM::Manager::create();
1913 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1914 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1915 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1916 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1917 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1918 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1919 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1920 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1921 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1922 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1923 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1924 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1925 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1926 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1927 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1928 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1929 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1930 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1931 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1932 "-----END CERTIFICATE-----\n";
1934 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1935 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1936 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1937 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1938 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1939 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1940 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1941 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1942 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1943 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1944 "vonbjii3BYe4AIdkzOvp\n"
1945 "-----END DSA PRIVATE KEY-----\n";
1947 std::string message = "message test";
1949 CKM::Alias aliasPub = "pub2-cert";
1950 CKM::Alias aliasPrv = "prv2-cert";
1951 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1952 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1953 CKM::RawBuffer signature;
1955 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1956 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1958 RUNNER_ASSERT_MSG(NULL != cert.get(),
1959 "Key is empty. Failed to import public key.");
1960 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1961 "Key is empty. Failed to import private key.");
1964 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1965 "Error=" << CKM::APICodeToString(temp));
1967 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1968 "Error=" << CKM::APICodeToString(temp));
1971 CKM_API_SUCCESS == (temp = manager->createSignature(
1974 CKM::RawBuffer(message.begin(), message.end()),
1978 "Error=" << CKM::APICodeToString(temp));
1981 CKM_API_SUCCESS == (temp = manager->verifySignature(
1984 CKM::RawBuffer(message.begin(), message.end()),
1988 "Error=" << CKM::APICodeToString(temp));
1990 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1992 memcpy((void*)signature.data(), "BROKEN", 6);
1995 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1998 CKM::RawBuffer(message.begin(), message.end()),
2002 "Error=" << CKM::APICodeToString(temp));
2005 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2008 auto manager = CKM::Manager::create();
2011 "-----BEGIN EC PRIVATE KEY-----\n"
2012 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2013 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2014 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2015 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2016 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2017 "ELyhe7yPCAuOoLZlTLgf\n"
2018 "-----END EC PRIVATE KEY-----\n";
2021 "-----BEGIN CERTIFICATE-----\n"
2022 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2023 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2024 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2025 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2026 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2027 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2028 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2029 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2030 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2031 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2032 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2033 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2034 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2035 "Q1oBry6NEc+lLFmWMDesAA==\n"
2036 "-----END CERTIFICATE-----\n";
2038 std::string message = "message test";
2040 CKM::Alias aliasPub = "pub3";
2041 CKM::Alias aliasPrv = "prv3";
2042 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2043 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2044 CKM::RawBuffer signature;
2046 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2047 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2049 RUNNER_ASSERT_MSG(NULL != cert.get(),
2050 "Key is empty. Failed to import public key.");
2051 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2052 "Key is empty. Failed to import private key.");
2055 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2056 "Error=" << CKM::APICodeToString(temp));
2058 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2059 "Error=" << CKM::APICodeToString(temp));
2062 CKM_API_SUCCESS == (temp = manager->createSignature(
2065 CKM::RawBuffer(message.begin(), message.end()),
2069 "Error=" << CKM::APICodeToString(temp));
2072 CKM_API_SUCCESS == (temp = manager->verifySignature(
2075 CKM::RawBuffer(message.begin(), message.end()),
2079 "Error=" << CKM::APICodeToString(temp));
2081 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2083 memcpy((void*)signature.data(), "BROKEN", 6);
2086 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2089 CKM::RawBuffer(message.begin(), message.end()),
2093 "Error=" << CKM::APICodeToString(temp));
2096 RUNNER_TEST(T1420_deinit)
2098 remove_user_data(USER_APP);
2101 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2103 RUNNER_TEST(T14180_init)
2106 remove_user_data(USER_APP);
2108 auto manager = CKM::Manager::create();
2110 // Prepare RSA Key Pair
2111 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2112 "Proc-Type: 4,ENCRYPTED\n"
2113 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2115 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2116 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2117 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2118 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2119 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2120 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2121 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2122 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2123 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2124 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2125 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2126 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2127 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2128 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2129 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2130 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2131 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2132 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2133 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2134 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2135 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2136 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2137 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2138 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2139 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2140 "-----END RSA PRIVATE KEY-----\n";
2142 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2143 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2144 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2145 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2146 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2147 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2148 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2150 "-----END PUBLIC KEY-----\n";
2152 CKM::Alias aliasPub = "pub_nohash1";
2153 CKM::Alias aliasPrv = "prv_nohash1";
2154 CKM::Password password = "1234";
2156 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2157 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2159 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2160 "Key is empty. Failed to import public key.");
2161 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2162 "Key is empty. Failed to import private key.");
2165 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2166 "Error=" << CKM::APICodeToString(temp));
2168 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2169 "Error=" << CKM::APICodeToString(temp));
2171 // Prepare ECDSA Key Pair
2172 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2173 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2174 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2175 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2176 "-----END EC PRIVATE KEY-----\n";
2178 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2179 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2180 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2181 "-----END PUBLIC KEY-----\n";
2183 CKM::Alias aliasEcPub = "ecpub_nohash1";
2184 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2186 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2187 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2189 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2190 "Key is empty. Failed to import public key.");
2191 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2192 "Key is empty. Failed to import private key.");
2195 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2196 "Error=" << CKM::APICodeToString(temp));
2198 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2199 "Error=" << CKM::APICodeToString(temp));
2203 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2206 auto manager = CKM::Manager::create();
2207 std::string message = "message asdfaslkdfjlksadjf test";
2209 CKM::Alias aliasPub = "pub_nohash1";
2210 CKM::Alias aliasPrv = "prv_nohash1";
2212 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2213 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2214 CKM::RawBuffer signature;
2217 CKM_API_SUCCESS == (temp = manager->createSignature(
2220 CKM::RawBuffer(message.begin(), message.end()),
2224 "Error=" << CKM::APICodeToString(temp));
2227 CKM_API_SUCCESS == (temp = manager->verifySignature(
2230 CKM::RawBuffer(message.begin(), message.end()),
2234 "Error=" << CKM::APICodeToString(temp));
2236 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2237 memcpy((void*)signature.data(), "BROKEN", 6);
2240 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2243 CKM::RawBuffer(message.begin(), message.end()),
2247 "Error=" << CKM::APICodeToString(temp));
2250 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2253 auto manager = CKM::Manager::create();
2254 std::string message = "message asdfaslkdfjlksadjf test";
2256 CKM::Alias aliasPub = "pub_nohash1";
2257 CKM::Alias aliasPrv = "prv_nohash1";
2259 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2260 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2261 CKM::RawBuffer signature;
2264 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2267 CKM::RawBuffer(message.begin(), message.end()),
2271 "Error=" << CKM::APICodeToString(temp));
2274 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2277 auto manager = CKM::Manager::create();
2278 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2279 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2280 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2281 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2282 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2283 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2284 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2285 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2286 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2287 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2288 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2289 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2290 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2291 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2292 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2293 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2294 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2295 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2296 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2297 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2299 CKM::Alias aliasPub = "pub_nohash1";
2300 CKM::Alias aliasPrv = "prv_nohash1";
2302 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2303 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2304 CKM::RawBuffer signature;
2307 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2310 CKM::RawBuffer(message.begin(), message.end()),
2314 "Error=" << CKM::APICodeToString(temp));
2318 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2321 auto manager = CKM::Manager::create();
2323 std::string message = "message test";
2325 CKM::Alias aliasPrv = "ecprv_nohash1";
2326 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2327 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2328 CKM::RawBuffer signature;
2331 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2334 CKM::RawBuffer(message.begin(), message.end()),
2338 "Error=" << CKM::APICodeToString(temp));
2341 RUNNER_TEST(T14189_deinit)
2343 remove_user_data(USER_APP);
2347 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2351 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2352 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2353 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2354 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2355 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2358 RUNNER_TEST(T1800_init)
2360 remove_user_data(USER_APP);
2363 RUNNER_TEST(T1801_parse_PKCS12) {
2364 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2365 std::istreambuf_iterator<char> begin(is), end;
2366 std::vector<char> buff(begin, end);
2368 CKM::RawBuffer buffer(buff.size());
2369 memcpy(buffer.data(), buff.data(), buff.size());
2371 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2374 "Error in PKCS12::create()");
2376 auto cert = pkcs->getCertificate();
2379 "Error in PKCS12::getCertificate()");
2381 auto key = pkcs->getKey();
2384 "Error in PKCS12::getKey()");
2386 auto caVector = pkcs->getCaCertificateShPtrVector();
2388 0 == caVector.size(),
2389 "Wrong size of vector");
2392 RUNNER_TEST(T1802_negative_wrong_password) {
2393 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2394 std::istreambuf_iterator<char> begin(is), end;
2395 std::vector<char> buff(begin, end);
2397 CKM::RawBuffer buffer(buff.size());
2398 memcpy(buffer.data(), buff.data(), buff.size());
2400 auto pkcs = CKM::PKCS12::create(buffer, "error");
2403 "Expected error in PKCS12::create()");
2406 RUNNER_TEST(T1803_negative_broken_buffer) {
2407 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2408 std::istreambuf_iterator<char> begin(is), end;
2409 std::vector<char> buff(begin, end);
2411 CKM::RawBuffer buffer(buff.size());
2412 memcpy(buffer.data(), buff.data(), buff.size());
2414 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2417 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2420 "Expected error in PKCS12::create()");
2423 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2425 auto manager = CKM::Manager::create();
2426 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2427 std::istreambuf_iterator<char> begin(is), end;
2428 std::vector<char> buff(begin, end);
2430 CKM::RawBuffer buffer(buff.size());
2431 memcpy(buffer.data(), buff.data(), buff.size());
2433 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2436 "Error in PKCS12::create()");
2439 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2440 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2441 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2442 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2443 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2444 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2445 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2446 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2447 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2448 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2449 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2450 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2451 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2452 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2453 "-----END RSA PRIVATE KEY-----\n";
2455 std::string message = "message test";
2457 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2458 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2459 "Key is empty. Failed to import private key.");
2463 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2464 "Error=" << CKM::APICodeToString(temp));
2467 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2468 "Error=" << CKM::APICodeToString(temp));
2471 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2473 auto manager = CKM::Manager::create();
2474 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2475 std::istreambuf_iterator<char> begin(is), end;
2476 std::vector<char> buff(begin, end);
2478 CKM::RawBuffer buffer(buff.size());
2479 memcpy(buffer.data(), buff.data(), buff.size());
2481 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2484 "Error in PKCS12::create()");
2486 auto cert = pkcs->getCertificate();
2489 "Error in PKCS12::getCertificate()");
2491 auto key = pkcs->getKey();
2494 "Error in PKCS12::getKey()");
2496 auto caVector = pkcs->getCaCertificateShPtrVector();
2498 2 == caVector.size(),
2499 "Wrong size of vector");
2503 CKM::Policy exportable;
2504 CKM::Policy notExportable(CKM::Password(), false);
2507 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2508 "Error=" << CKM::APICodeToString(tmp));
2510 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2511 "Error=" << CKM::APICodeToString(tmp));
2513 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2514 "Error=" << CKM::APICodeToString(tmp));
2516 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2517 "Error=" << CKM::APICodeToString(tmp));
2519 // try to lookup key
2520 CKM::KeyShPtr key_lookup;
2522 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2523 "Error=" << CKM::APICodeToString(tmp));
2525 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2526 "Error=" << CKM::APICodeToString(tmp));
2528 // try to lookup certificate
2529 CKM::CertificateShPtr cert_lookup;
2531 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2532 "Error=" << CKM::APICodeToString(tmp));
2534 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2535 "Error=" << CKM::APICodeToString(tmp));
2538 RUNNER_TEST(T1806_get_PKCS)
2541 auto manager = CKM::Manager::create();
2543 CKM::PKCS12ShPtr pkcs;
2547 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2548 "Error=" << CKM::APICodeToString(temp));
2550 // fail - not exportable
2552 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2553 "Error=" << CKM::APICodeToString(temp));
2555 // success - exportable
2557 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2558 "Error=" << CKM::APICodeToString(temp));
2560 auto cert = pkcs->getCertificate();
2563 "Error in PKCS12::getCertificate()");
2565 auto key = pkcs->getKey();
2568 "Error in PKCS12::getKey()");
2570 auto caVector = pkcs->getCaCertificateShPtrVector();
2572 2 == caVector.size(),
2573 "Wrong size of vector");
2576 RUNNER_TEST(T1807_create_and_verify_signature)
2579 auto manager = CKM::Manager::create();
2581 std::string message = "message test";
2583 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2584 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2585 CKM::RawBuffer signature;
2588 CKM_API_SUCCESS == (temp = manager->createSignature(
2589 alias_PKCS_exportable,
2591 CKM::RawBuffer(message.begin(), message.end()),
2595 "Error=" << CKM::APICodeToString(temp));
2598 CKM_API_SUCCESS == (temp = manager->verifySignature(
2599 alias_PKCS_exportable,
2601 CKM::RawBuffer(message.begin(), message.end()),
2605 "Error=" << CKM::APICodeToString(temp));
2608 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2611 auto manager = CKM::Manager::create();
2614 "-----BEGIN RSA PRIVATE KEY-----\n"
2615 "MIICWwIBAAKBgQDDgmPurTQa3wbnlM+9nCEQvhDviYRvSC9TL5lAMBCmBSl93v0U\n"
2616 "BXWsqO+fmAINm5QJa89hF5N7Q4xtvfSJUPIeyzowTOEGM4U3FnJtlsNQsoNbFlNy\n"
2617 "QLoZZmmY4ljG6/YqX+JGBgS9/J8uvaDWkvs+ktkORygfNz4Gi5DERT7eeQIDAQAB\n"
2618 "AoGAARIqx/js6yTDnesjxC8hwzy3TQic0Bs+Hx+IoGBjBvXKR2U8T6rD/UEjpuUn\n"
2619 "RbnPcsnDZg3CAg/ZqhQ7TbFC0kPo+S6+wKsZGDWUUvnpMkdcZUqXel8GFhdnmeIh\n"
2620 "22vYthP4TCbolxwXlwvuhu0PLZWhRO/Z+g37T3QENexqGv0CQQDmqJ9PDoUj5eUR\n"
2621 "wWEqEPraoU6ARBUUX5EhmTT9g9/BXnhwumIOksDHcBqNUwNOlKCUlWfBOelO93Ys\n"
2622 "PRW3QyejAkEA2P0tW/8iU4j+0a6DV+TUYFDTjD29y8KPw0Aj59591xD5eIPK3IgU\n"
2623 "91vnmtvU/QR26PnMOx4OAPk9a7BtN62zMwJAIFV0950edtjMUr/cAgydTbadDYf9\n"
2624 "uHxpGN+kOQGahT3b/llyU36o/YwufK8tYH+fPxTulXyrwwEXlL3/ZFBKpwJAeLGS\n"
2625 "Wlp2WGqZ+j2MdwYkDxLGKHprKHwnBN6XWjCKZGbfrGX6H2Jd7xyinaNrO/UQwxO2\n"
2626 "wqc7+NSpkk3G4jJuuwJAODYlk2Q+djE4jkjDc4xiqsQGBQlI2dlgzjRjIF4HWiLx\n"
2627 "bIrI0uCCbGItx++hlvmDx7G8anBmIFfBWIaKdX0aWw==\n"
2628 "-----END RSA PRIVATE KEY-----\n";
2630 std::string message = "message test";
2632 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2633 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2634 "Key is empty. Failed to import private key.");
2637 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2638 "Error=" << CKM::APICodeToString(temp));
2640 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2641 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2642 CKM::RawBuffer signature;
2645 CKM_API_SUCCESS == (temp = manager->createSignature(
2646 alias_PKCS_priv_key_copy,
2648 CKM::RawBuffer(message.begin(), message.end()),
2652 "Error=" << CKM::APICodeToString(temp));
2655 CKM_API_SUCCESS == (temp = manager->verifySignature(
2656 alias_PKCS_exportable,
2658 CKM::RawBuffer(message.begin(), message.end()),
2662 "Error=" << CKM::APICodeToString(temp));
2665 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2668 auto manager = CKM::Manager::create();
2670 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2671 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2672 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2673 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2674 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2675 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2676 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2677 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2678 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2679 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2680 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2681 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2682 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2683 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2684 "-----END RSA PRIVATE KEY-----\n";
2686 std::string message = "message test";
2688 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2689 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2690 "Key is empty. Failed to import private key.");
2693 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2694 "Error=" << CKM::APICodeToString(temp));
2696 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2697 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2698 CKM::RawBuffer signature;
2701 CKM_API_SUCCESS == (temp = manager->createSignature(
2702 alias_PKCS_priv_key_wrong,
2704 CKM::RawBuffer(message.begin(), message.end()),
2708 "Error=" << CKM::APICodeToString(temp));
2711 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2712 alias_PKCS_exportable,
2714 CKM::RawBuffer(message.begin(), message.end()),
2718 "Error=" << CKM::APICodeToString(temp));
2721 RUNNER_TEST(T1810_verify_get_certificate_chain)
2723 // this certificate has been signed using PKCS chain
2725 "-----BEGIN CERTIFICATE-----\n"
2726 "MIICxDCCAi0CFGHuCEUksqn0Rr3SXdhn+TlnL804MA0GCSqGSIb3DQEBCwUAMGEx\n"
2727 "CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n"
2728 "cm5ldCBXaWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMMEXNlcnZlckB0ZXN0bWUuY29t\n"
2729 "MB4XDTE5MDYxMzEyMTkyNloXDTI5MDYxMDEyMTkyNlowXTELMAkGA1UEBhMCQVUx\n"
2730 "EzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg\n"
2731 "UHR5IEx0ZDEWMBQGA1UEAwwNZWVAdGVzdG1lLmNvbTCCASIwDQYJKoZIhvcNAQEB\n"
2732 "BQADggEPADCCAQoCggEBAK3/XvE3uc2EhzwmsAfq6KEw52J8kCAB9Rma/qjkw6ZT\n"
2733 "yUYmSQvmcK8wSDt015Y/ekYLereCeWNLNkFlQeZC7LHT6T1mGnxNIgL3oUS2c+15\n"
2734 "FEYX9QJIN/CoJYQ/tmiQPa1OJz4prUFwqAzM1kRtHGfcAGmQHfgu77P3ljAJzfsW\n"
2735 "2beVHM+MTNSybkGHql28Z93bp382k5FQXegkxbozsKBMk37QjKiqes29J/ET0Huy\n"
2736 "yzOkf+XvbizIPRvMt/2guw9sgRb7YrM2M+igmHIHxfzxuqzpPr+bmcqQdyFdVkAK\n"
2737 "Qcx930HbfjHJ5k5vcovPLQ3LvSnYVCTe7aCAAmMzKXsCAwEAATANBgkqhkiG9w0B\n"
2738 "AQsFAAOBgQBfFMim/9zLd+EeZyeYA0vy3C9YuNJI+KsZlKAfrFDQNeIT/qg/GQM4\n"
2739 "o7I3TIHQ62tdEx6nBJs0DKSAmhRh4yc+P1KHMzIQIgSjftqS3Z+AKbJn6vOpWNTq\n"
2740 "cexnpexaNn69dbqJZsjr0fHsGAkh5n96icAB4VZyFncEknZKbTdd0g==\n"
2741 "-----END CERTIFICATE-----\n";
2743 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2744 CKM::CertificateShPtrVector certChain;
2745 CKM::AliasVector aliasVector;
2748 auto manager = CKM::Manager::create();
2750 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2752 tmp = manager->getCertificateChain(cert,
2757 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2758 "Error=" << CKM::APICodeToString(tmp));
2761 0 == certChain.size(),
2762 "Wrong size of certificate chain.");
2764 aliasVector.push_back(alias_PKCS_exportable);
2766 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2767 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2769 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2771 4 == certChain.size(),
2772 "Wrong size of certificate chain: " << certChain.size());
2775 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2777 auto manager = CKM::Manager::create();
2781 // remove the whole PKCS12 bundles
2783 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2784 "Error=" << CKM::APICodeToString(tmp));
2786 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2787 "Error=" << CKM::APICodeToString(tmp));
2789 // expect lookup fails due to unknown alias
2790 // try to lookup key
2791 CKM::KeyShPtr key_lookup;
2793 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2794 "Error=" << CKM::APICodeToString(tmp));
2796 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2797 "Error=" << CKM::APICodeToString(tmp));
2799 // try to lookup certificate
2800 CKM::CertificateShPtr cert_lookup;
2802 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2803 "Error=" << CKM::APICodeToString(tmp));
2805 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2806 "Error=" << CKM::APICodeToString(tmp));
2809 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2811 CKM::Alias alias = "t1812alias1";
2813 auto manager = CKM::Manager::create();
2814 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2815 std::istreambuf_iterator<char> begin(is), end;
2816 std::vector<char> buff(begin, end);
2818 CKM::PKCS12ShPtr pkcs12;
2819 CKM::Password pass1 = "easypass1";
2820 CKM::Password pass2 = "easypass2";
2822 CKM::RawBuffer buffer(buff.size());
2823 memcpy(buffer.data(), buff.data(), buff.size());
2825 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2828 "Error in PKCS12::create()");
2832 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2833 "Error=" << CKM::APICodeToString(temp));
2836 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2837 "Error=" << CKM::APICodeToString(temp));
2840 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2841 "Error=" << CKM::APICodeToString(temp));
2844 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2845 "Error=" << CKM::APICodeToString(temp));
2848 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2849 "Error=" << CKM::APICodeToString(temp));
2852 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2853 "Error=" << CKM::APICodeToString(temp));
2855 CKM::CertificateShPtr cert;
2857 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2858 "Error=" << CKM::APICodeToString(temp));
2860 CKM::CertificateShPtrVector certChain;
2861 CKM::AliasVector certVect;
2862 certVect.push_back(alias);
2865 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2866 "Error=" << CKM::APICodeToString(temp));
2869 RUNNER_TEST(T1813_deinit)
2872 auto control = CKM::Control::create();
2875 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2876 "Error=" << CKM::APICodeToString(temp));
2879 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2881 const char * const T190_PASSWD = "t190-special-password";
2883 RUNNER_TEST(T1901_init_unlock_key)
2885 reset_user_data(USER_APP, T190_PASSWD);
2888 RUNNER_TEST(T1902_get_data)
2890 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2892 auto manager = CKM::Manager::create();
2895 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2898 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2899 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2902 RUNNER_TEST(T1903_lock_database)
2905 auto control = CKM::Control::create();
2907 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2908 "Error=" << CKM::APICodeToString(tmp));
2911 RUNNER_TEST(T1904_get_data_from_locked_database)
2913 auto manager = CKM::Manager::create();
2916 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2919 CKM_API_ERROR_DB_LOCKED == status1,
2920 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2923 RUNNER_TEST(T1905_deinit)
2925 remove_user_data(USER_APP);
2928 int main(int argc, char *argv[])
2930 uid_t expected_uid = tzplatform_getuid(TZ_SYS_DEFAULT_USER);
2931 if (expected_uid != geteuid()) {
2932 std::string userStr("owner");
2933 const char* user = tzplatform_getenv(TZ_SYS_DEFAULT_USER);
2937 std::cerr << argv[0] << " should be executed as " << userStr << ". Aborting" << std::endl;
2941 int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
2943 detectCkmBugTrustzoneLeak();
projects / platform / core / test / security-tests.git / blob