2 * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
23 #include <dpl/test/test_runner.h>
25 #include <tests_common.h>
26 #include <test-certs.h>
27 #include <ckm_helpers.h>
29 #include <ckm-common.h>
30 #include <ckm/ckm-manager.h>
31 #include <ckm/ckm-control.h>
32 #include <ckm/ckm-password.h>
33 #include <ckm/ckm-type.h>
34 #include <ckm/ckm-pkcs12.h>
36 #include <openssl/x509.h>
37 #include <openssl/x509v3.h>
40 const int USER_APP = 5001;
42 const int USER_APP_2 = 5020;
43 const int USER_APP_3 = 5030;
45 const char * const APP_PASS = "user-pass";
46 const int USER_TEST = 5001;
48 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
49 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
50 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
51 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
52 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
53 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
54 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
55 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
56 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
58 "-----END PUBLIC KEY-----";
60 } // namespace anonymous
63 * How to numerate tests:
65 * T - test case (always T)
66 * AB - number of test group (always two digits)
67 * C - test number in group (all tests with same TABC must be run in the same time).
70 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
72 RUNNER_TEST(T0011_Control)
75 auto control = CKM::Control::create();
77 control->removeUserData(0);
78 control->removeUserData(USER_APP_2);
79 control->removeUserData(USER_APP);
82 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
83 "Error=" << CKM::APICodeToString(temp));
86 RUNNER_TEST(T0012_Control)
89 auto control = CKM::Control::create();
91 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
92 "Error=" << CKM::APICodeToString(temp));
94 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
95 "Error=" << CKM::APICodeToString(temp));
98 RUNNER_TEST(T0013_Control)
101 auto control = CKM::Control::create();
103 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
104 "Error=" << CKM::APICodeToString(temp));
107 RUNNER_TEST(T0014_Control)
110 auto control = CKM::Control::create();
112 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
113 "Error=" << CKM::APICodeToString(temp));
116 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
117 "Error=" << CKM::APICodeToString(temp));
120 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
121 "Error=" << CKM::APICodeToString(temp));
124 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
125 "Error=" << CKM::APICodeToString(temp));
128 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
129 "Error=" << CKM::APICodeToString(temp));
132 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
133 "Error=" << CKM::APICodeToString(temp));
136 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
137 "Error=" << CKM::APICodeToString(temp));
140 RUNNER_TEST(T0015_Control)
143 auto control = CKM::Control::create();
145 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
146 "Error=" << CKM::APICodeToString(temp));
148 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
149 "Error=" << CKM::APICodeToString(temp));
151 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
152 "Error=" << CKM::APICodeToString(temp));
154 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
155 "Error=" << CKM::APICodeToString(temp));
158 RUNNER_TEST(T0016_Control_negative_wrong_password)
161 auto control = CKM::Control::create();
163 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
164 "Error=" << CKM::APICodeToString(temp));
166 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
167 "Error=" << CKM::APICodeToString(temp));
169 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
170 "Error=" << CKM::APICodeToString(temp));
172 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
173 "Error=" << CKM::APICodeToString(temp));
175 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
176 "Error=" << CKM::APICodeToString(temp));
179 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
181 RUNNER_TEST(T1010_init)
183 unlock_user_data(USER_APP, "user-pass");
186 RUNNER_TEST(T1011_key)
189 auto manager = CKM::Manager::create();
191 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
192 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
193 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
194 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
195 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
196 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
197 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
199 "-----END PUBLIC KEY-----";
201 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
202 auto key = CKM::Key::create(buffer, CKM::Password());
204 CKM::Alias alias = "mykey";
207 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
208 "Error=" << CKM::APICodeToString(temp));
210 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
211 "Error=" << CKM::APICodeToString(temp));
213 key->getDER() == key2->getDER(),
214 "Key value has been changed by service");
217 RUNNER_TEST(T1012_certificate)
220 auto manager = CKM::Manager::create();
222 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
223 CKM::CertificateShPtr cert2;
224 CKM::Alias alias = "myCert";
227 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
228 "Error=" << CKM::APICodeToString(temp));
230 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
231 "Error=" << CKM::APICodeToString(temp));
233 cert->getDER() == cert2->getDER(),
234 "Data has been modified in key manager");
237 RUNNER_TEST(T1014_save_with_label)
240 auto manager = CKM::Manager::create();
242 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
243 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
244 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
245 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
246 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
247 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
248 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
250 "-----END PUBLIC KEY-----";
252 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
253 auto key = CKM::Key::create(buffer, CKM::Password());
254 CKM::KeyShPtr key_name, key_full_addr;
255 CKM::Alias alias = "mykey-2";
256 std::string top_label = getOwnerIdFromSelf();
257 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
260 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
261 "Error=" << CKM::APICodeToString(temp));
265 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
266 "Error=" << CKM::APICodeToString(temp));
268 key->getDER() == key_name->getDER(),
269 "Key value has been changed by service");
271 // lookup by full address
273 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
274 "Error=" << CKM::APICodeToString(temp));
276 key->getDER() == key_full_addr->getDER(),
277 "Key value has been changed by service");
280 RUNNER_TEST(T1020_save_big_data)
283 ckmc_backend_info_h info;
285 // all data goes to TZ when enabled
286 assert_positive(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info);
287 assert_positive(ckmc_backend_get_max_chunk_size, info, &size);
288 const size_t BIG_SIZE = size;
290 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
292 const size_t BIG_SIZE = 5000000;
293 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
297 std::vector<char> big_data(BIG_SIZE);
298 std::ifstream is("/dev/urandom", std::ifstream::binary);
300 is.read(big_data.data(), BIG_SIZE);
302 RUNNER_ASSERT_MSG(is,
303 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
305 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
306 CKM::Policy policy(CKM::Password(), true, backend);
307 CKM::RawBuffer returned;
309 auto manager = CKM::Manager::create();
312 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
313 "Error=" << CKM::APICodeToString(temp));
316 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
317 "Error=" << CKM::APICodeToString(temp));
319 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
322 RUNNER_TEST(T1015_deinit)
324 remove_user_data(USER_APP);
327 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
329 RUNNER_TEST(T1020_init)
332 auto control = CKM::Control::create();
334 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
335 "Error=" << CKM::APICodeToString(temp));
338 RUNNER_TEST(T1021_save_keys_get_alias)
341 auto manager = CKM::Manager::create();
343 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
344 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
345 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
346 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
347 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
348 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
349 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
351 "-----END PUBLIC KEY-----";
353 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
354 auto key = CKM::Key::create(buffer, CKM::Password());
355 CKM::AliasVector labelAliasVector;
357 size_t current_aliases_num = count_aliases(ALIAS_KEY);
359 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
360 "Error=" << CKM::APICodeToString(temp));
362 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
363 "Error=" << CKM::APICodeToString(temp));
365 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
366 "Error=" << CKM::APICodeToString(temp));
368 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
369 "Error=" << CKM::APICodeToString(temp));
371 labelAliasVector.size() == (current_aliases_num+3),
372 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
375 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
378 auto manager = CKM::Manager::create();
380 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
381 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
382 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
383 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
384 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
385 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
386 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
388 "-----END PUBLIC KEY-----";
390 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
391 auto key = CKM::Key::create(buffer, CKM::Password());
392 CKM::AliasVector labelAliasVector;
394 size_t current_aliases_num = count_aliases(ALIAS_KEY);
396 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
397 "Error=" << CKM::APICodeToString(temp));
399 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
400 "Error=" << CKM::APICodeToString(temp));
402 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
403 "Error=" << CKM::APICodeToString(temp));
405 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
406 "Error=" << CKM::APICodeToString(temp));
408 labelAliasVector.size() == (current_aliases_num+3),
409 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
412 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
415 auto manager = CKM::Manager::create();
417 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
418 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
419 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
420 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
421 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
422 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
423 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
425 "-----END PUBLIC KEY-----";
427 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
428 auto key = CKM::Key::create(buffer, CKM::Password());
429 CKM::AliasVector aliasVector;
430 CKM::Policy notExportable(CKM::Password(), false);
433 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
434 "Error=" << CKM::APICodeToString(temp));
436 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
437 "Error=" << CKM::APICodeToString(temp));
439 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, notExportable)),
440 "Error=" << CKM::APICodeToString(temp));
443 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
445 remove_user_data(USER_APP);
448 const int aliasNameCount = 10;
449 auto manager = CKM::Manager::create();
452 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
453 auto key = CKM::Key::create(buffer, CKM::Password());
454 std::string currentAlias;
456 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
457 // make aliases with & without: password protection, exportable flag
458 for (int it = 0; it < aliasNameCount; ++it)
460 CKM::Policy policy = generate_ckm_policy(it);
461 currentAlias = "T1024_appkey" + std::to_string(it);
462 expected.emplace_back(currentAlias, !policy.password.empty(), backend());
464 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
465 "Error=" << CKM::APICodeToString(exitCode));
468 CKM::AliasInfoVector aliasInfoVector;
472 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasInfoVector(aliasInfoVector)),
473 "Error=" << CKM::APICodeToString(exitCode));
475 aliasInfoVector.size() == (beforeSaveAliasCount + aliasNameCount),
476 "Wrong aliases count: " << aliasInfoVector.size() << " Expected: "
477 << (beforeSaveAliasCount + aliasNameCount));
480 for (const auto &info : aliasInfoVector) {
481 exitCode = manager->getKeyEncryptionStatus(info.alias, status);
482 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == exitCode, "Error=" << CKM::APICodeToString(exitCode));
484 actual.try_emplace(info.alias, info.alias, status, info.backend);
487 check_alias_info_list_helper(expected, actual, "/User ");
489 remove_user_data(USER_APP);
492 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
494 remove_user_data(USER_APP);
497 const int aliasNameCount = 10;
498 auto manager = CKM::Manager::create();
501 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
502 std::string currentAlias;
504 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
505 for (int it = 0; it < aliasNameCount; ++it)
507 CKM::Policy policy = generate_ckm_policy(it);
508 currentAlias = "T1025_appcert" + std::to_string(it);
509 expected.emplace_back(currentAlias, !policy.password.empty(), CKM::BackendId::SW);
511 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
512 "Error=" << CKM::APICodeToString(exitCode));
515 CKM::AliasInfoVector aliasInfoVector;
519 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasInfoVector(aliasInfoVector)),
520 "Error=" << CKM::APICodeToString(exitCode));
522 aliasInfoVector.size() == (beforeSaveAliasCount + aliasNameCount),
523 "Wrong aliases count: " << aliasInfoVector.size() << " Expected: "
524 << (beforeSaveAliasCount + aliasNameCount));
527 for (const auto &info : aliasInfoVector) {
528 exitCode = manager->getCertificateEncryptionStatus(info.alias, status);
529 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == exitCode, "Error=" << CKM::APICodeToString(exitCode));
531 actual.try_emplace(info.alias, info.alias, status, info.backend);
534 check_alias_info_list_helper(expected, actual, "/User ");
536 remove_user_data(USER_APP);
539 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
541 remove_user_data(USER_APP);
544 const int aliasNameCount = 10;
545 auto manager = CKM::Manager::create();
548 std::string binData = "My bin data";
549 CKM::RawBuffer buffer(binData.begin(), binData.end());
550 std::string currentAlias;
552 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
553 for (int it = 0; it < aliasNameCount; ++it)
555 CKM::Policy policy = generate_ckm_policy(it);
556 currentAlias = "T1026_appdata" + std::to_string(it);
557 expected.emplace_back(currentAlias, !policy.password.empty(), backend());
559 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
560 "Error=" << CKM::APICodeToString(exitCode));
563 CKM::AliasInfoVector aliasInfoVector;
567 CKM_API_SUCCESS == (exitCode = manager->getDataAliasInfoVector(aliasInfoVector)),
568 "Error=" << CKM::APICodeToString(exitCode));
570 aliasInfoVector.size() == (beforeSaveAliasCount + aliasNameCount),
571 "Wrong aliases count: " << aliasInfoVector.size() << " Expected: "
572 << (beforeSaveAliasCount + aliasNameCount));
575 for (const auto &info : aliasInfoVector) {
576 exitCode = manager->getDataEncryptionStatus(info.alias, status);
577 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == exitCode, "Error=" << CKM::APICodeToString(exitCode));
579 actual.try_emplace(info.alias, info.alias, status, info.backend);
582 check_alias_info_list_helper(expected, actual, "/User ");
584 remove_user_data(USER_APP);
587 RUNNER_TEST(T1027_backend_info)
589 //int ckmc_get_backend_info(ckmc_backend_id_e backend, ckmc_backend_info_h* ppinfo)
590 ckmc_backend_info_h info;
592 assert_invalid_param(ckmc_get_backend_info, static_cast<ckmc_backend_id_e>(-1), &info);
593 assert_invalid_param(ckmc_get_backend_info, static_cast<ckmc_backend_id_e>(2), &info);
594 assert_invalid_param(ckmc_get_backend_info, CKMC_BACKEND_SW, nullptr);
597 assert_positive(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info);
598 RUNNER_ASSERT_MSG(info != nullptr, "Backend info is null");
600 assert_positive(ckmc_backend_get_max_chunk_size, info, &size);
601 RUNNER_ASSERT_MSG(size != 0, "Unexpected max chunk size");
603 assert_invalid_param(ckmc_get_backend_info, CKMC_BACKEND_TZ, &info);
606 assert_positive(ckmc_get_backend_info, CKMC_BACKEND_SW, &info);
607 RUNNER_ASSERT_MSG(info != nullptr, "Backend info is null");
609 assert_positive(ckmc_backend_get_max_chunk_size, info, &size);
610 RUNNER_ASSERT_MSG(size == 0, "Unexpected max chunk size");
614 RUNNER_TEST(T1029_deinit)
616 remove_user_data(USER_APP);
619 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
620 RUNNER_TEST(T1030_init)
622 reset_user_data(USER_APP, APP_PASS);
625 RUNNER_TEST(T1032_app_user_save_bin_data)
627 ScopedDBUnlock unlock(USER_APP, APP_PASS);
630 auto manager = CKM::Manager::create();
632 std::string binData = "My bin data";
634 CKM::RawBuffer buffer(binData.begin(), binData.end());
636 CKM::AliasVector labelAliasVector;
638 size_t current_aliases_num = count_aliases(ALIAS_DATA);
640 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
641 "Error=" << CKM::APICodeToString(temp));
643 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
644 "Error=" << CKM::APICodeToString(temp));
646 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
647 "Error=" << CKM::APICodeToString(temp));
649 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
650 "Error=" << CKM::APICodeToString(temp));
652 labelAliasVector.size() == (current_aliases_num+3),
653 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
656 RUNNER_TEST(T1034_app_remove_bin_data)
658 ScopedDBUnlock unlock(USER_APP, APP_PASS);
661 auto manager = CKM::Manager::create();
663 std::string binData2 = "My bin data";
664 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
666 CKM::AliasVector labelAliasVector;
668 size_t current_aliases_num = count_aliases(ALIAS_DATA);
669 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
671 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
672 "Error=" << CKM::APICodeToString(temp));
674 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
675 "Error=" << CKM::APICodeToString(temp));
677 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
678 "Error=" << CKM::APICodeToString(temp));
680 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
681 "Error=" << CKM::APICodeToString(temp));
683 labelAliasVector.size() == (current_aliases_num-2),
684 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
686 CKM::RawBuffer buffer;
688 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
689 "Error=" << CKM::APICodeToString(temp));
694 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
695 "Error=" << CKM::APICodeToString(temp));
698 RUNNER_TEST(T1035_getData_wrong_password)
700 ScopedDBUnlock unlock(USER_APP, APP_PASS);
703 auto manager = CKM::Manager::create();
705 std::string binData1 = "My bin data4";
707 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
710 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
711 "Error=" << CKM::APICodeToString(temp));
713 CKM::RawBuffer buffer;
715 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
716 "Error=" << CKM::APICodeToString(temp));
722 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
723 "Error=" << CKM::APICodeToString(temp));
726 RUNNER_TEST(T1036_deinit)
728 remove_user_data(USER_APP);
731 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
733 RUNNER_TEST(T1040_init)
736 auto control = CKM::Control::create();
739 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
740 "Error=" << CKM::APICodeToString(temp));
743 RUNNER_TEST(T1041_create_RSA_key)
746 auto manager = CKM::Manager::create();
749 size_t current_aliases_num = count_aliases(ALIAS_KEY);
751 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
752 "Error=" << CKM::APICodeToString(temp));
754 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
755 "Error=" << CKM::APICodeToString(temp));
757 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
758 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
761 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
764 auto manager = CKM::Manager::create();
768 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
769 "Error=" << CKM::APICodeToString(temp));
771 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
772 "Error=" << CKM::APICodeToString(temp));
775 RUNNER_TEST(T1043_create_DSA_key)
778 auto manager = CKM::Manager::create();
781 size_t current_aliases_num = count_aliases(ALIAS_KEY);
783 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
784 "Error=" << CKM::APICodeToString(temp));
786 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
787 "Error=" << CKM::APICodeToString(temp));
789 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
790 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
793 RUNNER_TEST(T1044_create_AES_key)
796 auto manager = CKM::Manager::create();
799 int current_aliases_num = count_aliases(ALIAS_KEY);
801 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
802 "Error=" << CKM::APICodeToString(temp));
804 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
805 "Error=" << CKM::APICodeToString(temp));
807 (current_aliases_num+1) == (temp = av.size()),
808 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
811 RUNNER_TEST(T1049_deinit)
813 remove_user_data(USER_APP);
817 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
819 RUNNER_TEST(T1110_init)
821 unlock_user_data(USER_APP, "user-pass");
824 RUNNER_TEST(T1111_CreateKeyPairRSA)
827 auto manager = CKM::Manager::create();
828 CKM::Alias a1 = "rsa-test-1";
829 CKM::Alias a2 = "rsa-test-2";
833 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
834 "Error=" << CKM::APICodeToString(temp));
836 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
837 "Error=" << CKM::APICodeToString(temp));
840 RUNNER_TEST(T1112_CreateKeyPairDSA)
843 auto manager = CKM::Manager::create();
844 CKM::Alias a1 = "dsa-test-1";
845 CKM::Alias a2 = "dsa-test-2";
849 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
850 "Error=" << CKM::APICodeToString(temp));
852 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
853 "Error=" << CKM::APICodeToString(temp));
856 RUNNER_TEST(T1113_CreateKeyPairECDSA)
859 auto manager = CKM::Manager::create();
860 CKM::Alias a1 = "ecdsa-test-1";
861 CKM::Alias a2 = "ecdsa-test-2";
865 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
866 "Error=" << CKM::APICodeToString(temp));
869 RUNNER_TEST(T1114_deinit)
871 remove_user_data(USER_APP);
874 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
876 RUNNER_TEST(T12100_init)
878 reset_user_data(USER_APP, APP_PASS);
881 RUNNER_TEST(T12101_key_exist)
883 ScopedDBUnlock unlock(USER_APP, APP_PASS);
886 auto manager = CKM::Manager::create();
888 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
889 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
890 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
891 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
892 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
893 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
894 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
896 "-----END PUBLIC KEY-----";
898 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
899 auto key = CKM::Key::create(buffer);
900 CKM::Alias alias = "rsa-alias-duplication";
903 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
904 "Error=" << CKM::APICodeToString(ret));
906 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
907 "Error=" << CKM::APICodeToString(ret));
911 * These test cases tests API when empty parameters are passed to functions
914 RUNNER_TEST(T12102_saveKey_empty_alias)
916 ScopedDBUnlock unlock(USER_APP, APP_PASS);
918 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
919 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
920 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
921 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
922 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
923 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
924 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
925 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
927 "-----END PUBLIC KEY-----";
929 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
930 auto key = CKM::Key::create(buffer);
931 CKM::Alias alias; //alias is not initialized
934 auto manager = CKM::Manager::create();
936 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
937 "Error=" << CKM::APICodeToString(ret));
940 RUNNER_TEST(T12103_saveKey_foreign_label)
942 ScopedDBUnlock unlock(USER_APP, APP_PASS);
944 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
945 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
946 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
947 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
948 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
949 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
950 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
952 "-----END PUBLIC KEY-----";
954 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
955 auto key = CKM::Key::create(buffer);
956 CKM::Alias alias = "iamsomebodyelse alias";
959 auto manager = CKM::Manager::create();
961 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
962 "Error=" << CKM::APICodeToString(ret));
965 RUNNER_TEST(T12104_saveKey_empty_key)
967 ScopedDBUnlock unlock(USER_APP, APP_PASS);
969 CKM::KeyShPtr key; //key is not initialized
970 CKM::Alias alias = "empty-key";
973 auto manager = CKM::Manager::create();
975 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
976 "Error=" << CKM::APICodeToString(ret));
979 RUNNER_TEST(T12105_saveCertificate_empty_alias)
981 ScopedDBUnlock unlock(USER_APP, APP_PASS);
983 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
984 CKM::Alias alias; //alias is not initialized
987 auto manager = CKM::Manager::create();
989 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
990 "Error=" << CKM::APICodeToString(temp));
993 RUNNER_TEST(T12106_saveCertificate_foreign_label)
995 ScopedDBUnlock unlock(USER_APP, APP_PASS);
997 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
998 CKM::Alias alias = "iamsomebodyelse alias";
1001 auto manager = CKM::Manager::create();
1003 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1004 "Error=" << CKM::APICodeToString(temp));
1007 RUNNER_TEST(T12107_saveCertificate_empty_cert)
1009 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1011 CKM::CertificateShPtr cert; //cert is not initialized
1012 CKM::Alias alias = "empty-cert";
1015 auto manager = CKM::Manager::create();
1017 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1018 "Error=" << CKM::APICodeToString(temp));
1021 RUNNER_TEST(T12108_saveData_empty_alias)
1023 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1025 std::string testData = "test data test data test data";
1026 CKM::RawBuffer buffer(testData.begin(), testData.end());
1030 auto manager = CKM::Manager::create();
1032 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1033 "Error=" << CKM::APICodeToString(temp));
1036 RUNNER_TEST(T12109_saveData_foreign_label)
1038 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1040 std::string testData = "test data test data test data";
1041 CKM::RawBuffer buffer(testData.begin(), testData.end());
1042 CKM::Alias alias = "iamsomebodyelse alias";
1045 auto manager = CKM::Manager::create();
1047 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1048 "Error=" << CKM::APICodeToString(temp));
1051 RUNNER_TEST(T12110_saveData_empty_data)
1053 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1055 CKM::RawBuffer buffer;
1056 CKM::Alias alias = "empty-data";
1059 auto manager = CKM::Manager::create();
1061 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1062 "Error=" << CKM::APICodeToString(temp));
1066 * These test cases tests API when trying to get data from not existing alias
1069 RUNNER_TEST(T12111_getKey_alias_not_exist)
1071 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1074 CKM::Alias alias = "this-alias-not-exist";
1077 auto manager = CKM::Manager::create();
1079 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1080 "Error=" << CKM::APICodeToString(temp));
1083 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1085 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1087 CKM::CertificateShPtr certificate;
1088 CKM::Alias alias = "this-alias-not-exist";
1091 auto manager = CKM::Manager::create();
1093 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1094 "Error=" << CKM::APICodeToString(temp));
1097 RUNNER_TEST(T12113_getData_alias_not_exist)
1099 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1102 auto manager = CKM::Manager::create();
1103 CKM::RawBuffer buffer;
1104 CKM::Alias alias("some alias");
1106 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1107 "Error=" << CKM::APICodeToString(temp));
1111 * These test cases tests API when damaged keys are used
1113 RUNNER_TEST(T12114_RSA_key_damaged)
1115 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1118 auto manager = CKM::Manager::create();
1120 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1121 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1122 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1123 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1124 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1125 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1126 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1128 "-----END PUBLIC KEY-----";
1130 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1131 auto key = CKM::Key::create(buffer);
1132 CKM::Alias alias = "damaged-rsa";
1135 NULL == key.get(), "Key is broken. It should be empty");
1138 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1139 "Error=" << CKM::APICodeToString(ret));
1142 RUNNER_TEST(T12115_RSA_key_too_short)
1144 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1147 auto manager = CKM::Manager::create();
1149 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1150 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1151 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1152 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1153 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1154 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1155 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1157 "-----END PUBLIC KEY-----";
1159 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1160 auto key = CKM::Key::create(buffer);
1161 CKM::Alias alias = "short-rsa";
1164 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1165 "Error=" << CKM::APICodeToString(ret));
1168 RUNNER_TEST(T12116_DSA_key_too_short)
1170 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1173 auto manager = CKM::Manager::create();
1175 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1176 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1177 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1178 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1179 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1180 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1181 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1182 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1183 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1184 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1185 "YMYCBhubtrVaLmc=\n"
1186 "-----END PUBLIC KEY-----";
1188 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1189 auto key = CKM::Key::create(buffer);
1190 CKM::Alias alias = "short-dsa";
1193 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1194 "Error=" << CKM::APICodeToString(ret));
1197 RUNNER_TEST(T12117_AES_key_too_short)
1200 auto manager = CKM::Manager::create();
1202 size_t key_size = (128-1);
1203 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1205 auto key = CKM::Key::create(key_AES);
1206 CKM::Alias alias = "short-AES";
1209 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1210 "Error=" << CKM::APICodeToString(ret));
1214 * These test cases tests CKM service if malicious data is provided over the socket.
1217 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1219 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1222 auto manager = CKM::Manager::create();
1224 // fake the client - let the service detect the problem
1225 class WrongKeyImpl : public CKM::Key
1228 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1231 virtual bool empty() const {
1235 virtual CKM::KeyType getType() const {
1236 return CKM::KeyType::KEY_RSA_PUBLIC;
1238 virtual int getSize() const {
1241 virtual CKM::ElipticCurve getCurve() const {
1242 return CKM::ElipticCurve::prime192v1;
1244 virtual CKM::RawBuffer getDER() const {
1247 virtual ~WrongKeyImpl() {}
1249 CKM::RawBuffer & m_dummy;
1251 std::string dummyData = "my_cat_Berta\n";
1252 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1253 auto key = std::make_shared<WrongKeyImpl>(buffer);
1254 CKM::Alias alias = "damaged-rsa";
1257 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1258 "Error=" << CKM::APICodeToString(ret));
1261 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1263 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1265 // fake the client - let the service detect the problem
1266 class WrongCertImpl : public CKM::Certificate
1269 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1270 m_x509 = X509_new();
1273 bool empty() const {
1277 virtual X509 *getX509() const {
1281 virtual CKM::RawBuffer getDER() const {
1285 virtual ~WrongCertImpl() {
1290 CKM::RawBuffer & m_dummy;
1292 std::string dummyData = "my_cat_Stefan\n";
1293 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1294 auto cert = std::make_shared<WrongCertImpl>(buffer);
1295 CKM::Alias alias = "damaged-cert";
1298 auto manager = CKM::Manager::create();
1300 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1301 "Error=" << CKM::APICodeToString(temp));
1304 RUNNER_TEST(T12120_deinit)
1306 remove_user_data(USER_APP);
1309 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1311 RUNNER_TEST(T1311_init)
1313 remove_user_data(USER_APP);
1314 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1315 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1317 struct hostent* he = gethostbyname("google.com");
1319 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1320 "is not woking on the device. OCSP tests requires network access!");
1323 RUNNER_TEST(T13121_get_chain_no_cert)
1325 CKM::CertificateShPtrVector certChain;
1326 CKM::CertificateShPtr cert;
1328 auto manager = CKM::Manager::create();
1330 int ret = manager->getCertificateChain(cert,
1335 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1336 "Function should fail for empty certificate");
1339 RUNNER_TEST(T13122_get_chain_empty_cert)
1341 CKM::CertificateShPtrVector certChain;
1342 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1343 CKM::DataFormat::FORM_PEM);
1345 auto manager = CKM::Manager::create();
1347 int ret = manager->getCertificateChain(cert,
1352 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1353 "Function should fail for empty certificate");
1356 RUNNER_TEST(T13129_get_chain)
1358 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1359 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1360 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1362 CKM::CertificateShPtrVector certVector = {cert1};
1363 CKM::CertificateShPtrVector certChain;
1364 CKM::CertificateShPtrVector trusted = {root};
1367 auto manager = CKM::Manager::create();
1369 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1370 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1372 tmp = manager->getCertificateChain(cert,
1377 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1378 "Error=" << CKM::APICodeToString(tmp));
1381 0 == certChain.size(),
1382 "Wrong size of certificate chain.");
1384 tmp = manager->getCertificateChain(cert, certVector, trusted, true, certChain);
1385 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1388 3 == certChain.size(),
1389 "Wrong size of certificate chain.");
1392 RUNNER_TEST(T1313_get_chain_with_alias)
1394 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1395 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1396 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1398 CKM::CertificateShPtrVector certChain;
1401 auto manager = CKM::Manager::create();
1403 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1404 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1406 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, EMPTY_ALIAS_VECTOR, true, certChain);
1407 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1408 "Error=" << CKM::APICodeToString(tmp));
1411 0 == certChain.size(),
1412 "Wrong size of certificate chain.");
1414 CKM::AliasVector aliasVector = { "imcert" };
1416 CKM_API_SUCCESS == (tmp = manager->saveCertificate(aliasVector[0], cert1, CKM::Policy())),
1417 "Error=" << CKM::APICodeToString(tmp));
1419 CKM::AliasVector trustedAliasVector = { "rootcert" };
1421 CKM_API_SUCCESS == (tmp = manager->saveCertificate(trustedAliasVector[0], root, CKM::Policy())),
1422 "Error=" << CKM::APICodeToString(tmp));
1424 tmp = manager->getCertificateChain(cert, aliasVector, trustedAliasVector, true, certChain);
1425 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1428 3 == certChain.size(),
1429 "Wrong size of certificate chain.");
1432 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1434 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1436 CKM::CertificateShPtrVector certChain;
1439 auto manager = CKM::Manager::create();
1441 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1443 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1444 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1447 2 == certChain.size(),
1448 "Wrong size of certificate chain.");
1452 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1453 "Error=" << CKM::APICodeToString(tmp));
1455 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1458 RUNNER_TEST(T13142_ocsp_check_empty)
1460 CKM::CertificateShPtrVector certVector;
1462 auto manager = CKM::Manager::create();
1467 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1468 "ocspCheck should fail for empty certificate vector");
1471 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1473 CKM::CertificateShPtrVector certVector = {
1474 CKM::CertificateShPtr(),
1475 CKM::CertificateShPtr(),
1476 CKM::CertificateShPtr()};
1478 auto manager = CKM::Manager::create();
1483 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1484 "ocspCheck should fail for empty certificate vector");
1487 RUNNER_TEST(T13144_ocsp_check_root)
1489 auto root = TestData::getTestCertificate(TestData::OCSP_ROOT_CA);
1490 CKM::CertificateShPtrVector certVector = {root};
1492 auto manager = CKM::Manager::create();
1494 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1499 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1500 "Ocsp should fail for single certificate");
1503 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1505 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1506 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1508 CKM::CertificateShPtrVector certVector = {ca, root};
1510 auto manager = CKM::Manager::create();
1512 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1513 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1518 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1519 "Error=" << CKM::APICodeToString(tmp));
1521 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1524 RUNNER_TEST(T1315_deinit)
1526 remove_user_data(USER_APP);
1529 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1531 RUNNER_TEST(T1411_init)
1533 remove_user_data(USER_APP);
1536 RUNNER_TEST(T1412_RSA_key_create_verify)
1539 auto manager = CKM::Manager::create();
1541 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1542 "Proc-Type: 4,ENCRYPTED\n"
1543 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1545 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1546 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1547 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1548 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1549 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1550 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1551 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1552 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1553 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1554 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1555 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1556 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1557 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1558 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1559 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1560 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1561 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1562 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1563 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1564 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1565 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1566 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1567 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1568 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1569 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1570 "-----END RSA PRIVATE KEY-----\n";
1572 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1573 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1574 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1575 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1576 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1577 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1578 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1580 "-----END PUBLIC KEY-----\n";
1582 std::string message = "message test";
1584 CKM::Alias aliasPub = "pub1";
1585 CKM::Alias aliasPrv = "prv1";
1586 CKM::Password password = "1234";
1587 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1588 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1589 CKM::RawBuffer signature;
1591 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1592 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1594 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1595 "Key is empty. Failed to import public key.");
1596 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1597 "Key is empty. Failed to import private key.");
1600 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1601 "Error=" << CKM::APICodeToString(temp));
1603 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1604 "Error=" << CKM::APICodeToString(temp));
1607 CKM_API_SUCCESS == (temp = manager->createSignature(
1610 CKM::RawBuffer(message.begin(), message.end()),
1614 "Error=" << CKM::APICodeToString(temp));
1617 CKM_API_SUCCESS == (temp = manager->verifySignature(
1620 CKM::RawBuffer(message.begin(), message.end()),
1624 "Error=" << CKM::APICodeToString(temp));
1627 RUNNER_TEST(T1413_DSA_key_create_verify)
1630 auto manager = CKM::Manager::create();
1632 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1633 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1634 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1635 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1636 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1637 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1638 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1639 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1640 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1641 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1642 "u1roOuaPY+Hl19BlTE2qdw==\n"
1643 "-----END DSA PRIVATE KEY-----";
1645 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1646 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1647 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1648 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1649 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1650 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1651 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1652 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1653 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1654 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1655 "YMYCBhubtrVaLmc=\n"
1656 "-----END PUBLIC KEY-----";
1658 std::string message = "message test";
1660 CKM::Alias aliasPub = "pub2";
1661 CKM::Alias aliasPrv = "prv2";
1662 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1663 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1664 CKM::RawBuffer signature;
1666 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1667 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1669 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1670 "Key is empty. Failed to import public key.");
1671 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1672 "Key is empty. Failed to import private key.");
1675 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1676 "Error=" << CKM::APICodeToString(temp));
1678 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1679 "Error=" << CKM::APICodeToString(temp));
1682 CKM_API_SUCCESS == (temp = manager->createSignature(
1685 CKM::RawBuffer(message.begin(), message.end()),
1689 "Error=" << CKM::APICodeToString(temp));
1692 CKM_API_SUCCESS == (temp = manager->verifySignature(
1695 CKM::RawBuffer(message.begin(), message.end()),
1699 "Error=" << CKM::APICodeToString(temp));
1703 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1706 auto manager = CKM::Manager::create();
1708 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1709 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1710 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1711 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1712 "-----END EC PRIVATE KEY-----\n";
1714 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1715 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1716 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1717 "-----END PUBLIC KEY-----\n";
1719 std::string message = "message test";
1721 CKM::Alias aliasPub = "ecpub2";
1722 CKM::Alias aliasPrv = "ecprv2";
1723 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1724 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1725 CKM::RawBuffer signature;
1727 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1728 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1730 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1731 "Key is empty. Failed to import public key.");
1732 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1733 "Key is empty. Failed to import private key.");
1736 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1737 "Error=" << CKM::APICodeToString(temp));
1739 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1740 "Error=" << CKM::APICodeToString(temp));
1743 CKM_API_SUCCESS == (temp = manager->createSignature(
1746 CKM::RawBuffer(message.begin(), message.end()),
1750 "Error=" << CKM::APICodeToString(temp));
1753 CKM_API_SUCCESS == (temp = manager->verifySignature(
1756 CKM::RawBuffer(message.begin(), message.end()),
1760 "Error=" << CKM::APICodeToString(temp));
1762 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1764 memcpy((void*)signature.data(), "BROKEN", 6);
1767 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1770 CKM::RawBuffer(message.begin(), message.end()),
1774 "Error=" << CKM::APICodeToString(temp));
1777 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1780 auto manager = CKM::Manager::create();
1781 std::string message = "message asdfaslkdfjlksadjf test";
1783 CKM::Alias aliasPub = "pub1";
1784 CKM::Alias aliasPrv = "prv1";
1786 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1787 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1788 CKM::RawBuffer signature;
1791 CKM_API_SUCCESS == (temp = manager->createSignature(
1794 CKM::RawBuffer(message.begin(), message.end()),
1798 "Error=" << CKM::APICodeToString(temp));
1801 CKM_API_SUCCESS == (temp = manager->verifySignature(
1804 CKM::RawBuffer(message.begin(), message.end()),
1808 "Error=" << CKM::APICodeToString(temp));
1810 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1811 memcpy((void*)signature.data(), "BROKEN", 6);
1814 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1817 CKM::RawBuffer(message.begin(), message.end()),
1821 "Error=" << CKM::APICodeToString(temp));
1824 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1827 auto manager = CKM::Manager::create();
1828 std::string message = "message asdfaslkdfjlksadjf test";
1830 CKM::Alias aliasPub = "pub2";
1831 CKM::Alias aliasPrv = "prv2";
1833 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1834 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1835 CKM::RawBuffer signature;
1838 CKM_API_SUCCESS == (temp = manager->createSignature(
1841 CKM::RawBuffer(message.begin(), message.end()),
1845 "Error=" << CKM::APICodeToString(temp));
1848 CKM_API_SUCCESS == (temp = manager->verifySignature(
1851 CKM::RawBuffer(message.begin(), message.end()),
1855 "Error=" << CKM::APICodeToString(temp));
1857 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1858 memcpy((void*)signature.data(), "BROKEN", 6);
1861 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1864 CKM::RawBuffer(message.begin(), message.end()),
1868 "Error=" << CKM::APICodeToString(temp));
1871 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1874 auto manager = CKM::Manager::create();
1877 "-----BEGIN RSA PRIVATE KEY-----\n"
1878 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1879 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1880 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1881 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1882 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1883 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1884 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1885 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1886 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1887 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1888 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1889 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1890 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1891 "-----END RSA PRIVATE KEY-----\n";
1894 "-----BEGIN CERTIFICATE-----\n"
1895 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1896 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1897 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1898 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1899 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1900 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1901 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1902 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1903 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1904 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1905 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1906 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1907 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1908 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1909 "-----END CERTIFICATE-----\n";
1911 std::string message = "message test";
1913 CKM::Alias aliasPub = "pub1-cert";
1914 CKM::Alias aliasPrv = "prv1-cert";
1915 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1916 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1917 CKM::RawBuffer signature;
1919 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1920 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1922 RUNNER_ASSERT_MSG(NULL != cert.get(),
1923 "Key is empty. Failed to import public key.");
1924 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1925 "Key is empty. Failed to import private key.");
1928 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1929 "Error=" << CKM::APICodeToString(temp));
1931 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1932 "Error=" << CKM::APICodeToString(temp));
1935 CKM_API_SUCCESS == (temp = manager->createSignature(
1938 CKM::RawBuffer(message.begin(), message.end()),
1942 "Error=" << CKM::APICodeToString(temp));
1945 CKM_API_SUCCESS == (temp = manager->verifySignature(
1948 CKM::RawBuffer(message.begin(), message.end()),
1952 "Error=" << CKM::APICodeToString(temp));
1954 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1956 memcpy((void*)signature.data(), "BROKEN", 6);
1959 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1962 CKM::RawBuffer(message.begin(), message.end()),
1966 "Error=" << CKM::APICodeToString(temp));
1969 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1972 auto manager = CKM::Manager::create();
1974 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1975 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1976 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1977 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1978 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1979 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1980 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1981 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1982 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1983 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1984 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1985 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1986 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1987 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1988 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1989 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1990 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1991 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1992 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1993 "-----END CERTIFICATE-----\n";
1995 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1996 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1997 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1998 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1999 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2000 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2001 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2002 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2003 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2004 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2005 "vonbjii3BYe4AIdkzOvp\n"
2006 "-----END DSA PRIVATE KEY-----\n";
2008 std::string message = "message test";
2010 CKM::Alias aliasPub = "pub2-cert";
2011 CKM::Alias aliasPrv = "prv2-cert";
2012 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2013 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2014 CKM::RawBuffer signature;
2016 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2017 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2019 RUNNER_ASSERT_MSG(NULL != cert.get(),
2020 "Key is empty. Failed to import public key.");
2021 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2022 "Key is empty. Failed to import private key.");
2025 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2026 "Error=" << CKM::APICodeToString(temp));
2028 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2029 "Error=" << CKM::APICodeToString(temp));
2032 CKM_API_SUCCESS == (temp = manager->createSignature(
2035 CKM::RawBuffer(message.begin(), message.end()),
2039 "Error=" << CKM::APICodeToString(temp));
2042 CKM_API_SUCCESS == (temp = manager->verifySignature(
2045 CKM::RawBuffer(message.begin(), message.end()),
2049 "Error=" << CKM::APICodeToString(temp));
2051 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2053 memcpy((void*)signature.data(), "BROKEN", 6);
2056 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2059 CKM::RawBuffer(message.begin(), message.end()),
2063 "Error=" << CKM::APICodeToString(temp));
2066 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2069 auto manager = CKM::Manager::create();
2072 "-----BEGIN EC PRIVATE KEY-----\n"
2073 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2074 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2075 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2076 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2077 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2078 "ELyhe7yPCAuOoLZlTLgf\n"
2079 "-----END EC PRIVATE KEY-----\n";
2082 "-----BEGIN CERTIFICATE-----\n"
2083 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2084 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2085 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2086 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2087 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2088 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2089 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2090 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2091 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2092 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2093 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2094 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2095 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2096 "Q1oBry6NEc+lLFmWMDesAA==\n"
2097 "-----END CERTIFICATE-----\n";
2099 std::string message = "message test";
2101 CKM::Alias aliasPub = "pub3";
2102 CKM::Alias aliasPrv = "prv3";
2103 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2104 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2105 CKM::RawBuffer signature;
2107 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2108 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2110 RUNNER_ASSERT_MSG(NULL != cert.get(),
2111 "Key is empty. Failed to import public key.");
2112 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2113 "Key is empty. Failed to import private key.");
2116 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2117 "Error=" << CKM::APICodeToString(temp));
2119 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2120 "Error=" << CKM::APICodeToString(temp));
2123 CKM_API_SUCCESS == (temp = manager->createSignature(
2126 CKM::RawBuffer(message.begin(), message.end()),
2130 "Error=" << CKM::APICodeToString(temp));
2133 CKM_API_SUCCESS == (temp = manager->verifySignature(
2136 CKM::RawBuffer(message.begin(), message.end()),
2140 "Error=" << CKM::APICodeToString(temp));
2142 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2144 memcpy((void*)signature.data(), "BROKEN", 6);
2147 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2150 CKM::RawBuffer(message.begin(), message.end()),
2154 "Error=" << CKM::APICodeToString(temp));
2157 RUNNER_TEST(T1420_deinit)
2159 remove_user_data(USER_APP);
2162 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2164 RUNNER_TEST(T14180_init)
2167 remove_user_data(USER_APP);
2169 auto manager = CKM::Manager::create();
2171 // Prepare RSA Key Pair
2172 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2173 "Proc-Type: 4,ENCRYPTED\n"
2174 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2176 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2177 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2178 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2179 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2180 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2181 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2182 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2183 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2184 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2185 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2186 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2187 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2188 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2189 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2190 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2191 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2192 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2193 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2194 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2195 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2196 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2197 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2198 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2199 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2200 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2201 "-----END RSA PRIVATE KEY-----\n";
2203 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2204 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2205 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2206 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2207 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2208 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2209 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2211 "-----END PUBLIC KEY-----\n";
2213 CKM::Alias aliasPub = "pub_nohash1";
2214 CKM::Alias aliasPrv = "prv_nohash1";
2215 CKM::Password password = "1234";
2217 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2218 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2220 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2221 "Key is empty. Failed to import public key.");
2222 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2223 "Key is empty. Failed to import private key.");
2226 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2227 "Error=" << CKM::APICodeToString(temp));
2229 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2230 "Error=" << CKM::APICodeToString(temp));
2232 // Prepare ECDSA Key Pair
2233 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2234 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2235 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2236 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2237 "-----END EC PRIVATE KEY-----\n";
2239 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2240 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2241 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2242 "-----END PUBLIC KEY-----\n";
2244 CKM::Alias aliasEcPub = "ecpub_nohash1";
2245 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2247 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2248 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2250 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2251 "Key is empty. Failed to import public key.");
2252 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2253 "Key is empty. Failed to import private key.");
2256 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2257 "Error=" << CKM::APICodeToString(temp));
2259 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2260 "Error=" << CKM::APICodeToString(temp));
2264 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2267 auto manager = CKM::Manager::create();
2268 std::string message = "message asdfaslkdfjlksadjf test";
2270 CKM::Alias aliasPub = "pub_nohash1";
2271 CKM::Alias aliasPrv = "prv_nohash1";
2273 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2274 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2275 CKM::RawBuffer signature;
2278 CKM_API_SUCCESS == (temp = manager->createSignature(
2281 CKM::RawBuffer(message.begin(), message.end()),
2285 "Error=" << CKM::APICodeToString(temp));
2288 CKM_API_SUCCESS == (temp = manager->verifySignature(
2291 CKM::RawBuffer(message.begin(), message.end()),
2295 "Error=" << CKM::APICodeToString(temp));
2297 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2298 memcpy((void*)signature.data(), "BROKEN", 6);
2301 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2304 CKM::RawBuffer(message.begin(), message.end()),
2308 "Error=" << CKM::APICodeToString(temp));
2311 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2314 auto manager = CKM::Manager::create();
2315 std::string message = "message asdfaslkdfjlksadjf test";
2317 CKM::Alias aliasPub = "pub_nohash1";
2318 CKM::Alias aliasPrv = "prv_nohash1";
2320 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2321 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2322 CKM::RawBuffer signature;
2325 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2328 CKM::RawBuffer(message.begin(), message.end()),
2332 "Error=" << CKM::APICodeToString(temp));
2335 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2338 auto manager = CKM::Manager::create();
2339 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2340 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2341 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2342 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2343 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2344 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2345 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2346 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2347 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2348 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2349 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2350 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2351 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2352 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2353 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2354 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2355 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2356 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2357 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2358 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2360 CKM::Alias aliasPub = "pub_nohash1";
2361 CKM::Alias aliasPrv = "prv_nohash1";
2363 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2364 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2365 CKM::RawBuffer signature;
2368 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2371 CKM::RawBuffer(message.begin(), message.end()),
2375 "Error=" << CKM::APICodeToString(temp));
2379 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2382 auto manager = CKM::Manager::create();
2384 std::string message = "message test";
2386 CKM::Alias aliasPrv = "ecprv_nohash1";
2387 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2388 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2389 CKM::RawBuffer signature;
2392 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2395 CKM::RawBuffer(message.begin(), message.end()),
2399 "Error=" << CKM::APICodeToString(temp));
2402 RUNNER_TEST(T14189_deinit)
2404 remove_user_data(USER_APP);
2408 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2412 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2413 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2414 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2415 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2416 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2419 RUNNER_TEST(T1800_init)
2421 remove_user_data(USER_APP);
2424 RUNNER_TEST(T1801_parse_PKCS12) {
2425 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2426 std::istreambuf_iterator<char> begin(is), end;
2427 std::vector<char> buff(begin, end);
2429 CKM::RawBuffer buffer(buff.size());
2430 memcpy(buffer.data(), buff.data(), buff.size());
2432 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2435 "Error in PKCS12::create()");
2437 auto cert = pkcs->getCertificate();
2440 "Error in PKCS12::getCertificate()");
2442 auto key = pkcs->getKey();
2445 "Error in PKCS12::getKey()");
2447 auto caVector = pkcs->getCaCertificateShPtrVector();
2449 0 == caVector.size(),
2450 "Wrong size of vector");
2453 RUNNER_TEST(T1802_negative_wrong_password) {
2454 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2455 std::istreambuf_iterator<char> begin(is), end;
2456 std::vector<char> buff(begin, end);
2458 CKM::RawBuffer buffer(buff.size());
2459 memcpy(buffer.data(), buff.data(), buff.size());
2461 auto pkcs = CKM::PKCS12::create(buffer, "error");
2464 "Expected error in PKCS12::create()");
2467 RUNNER_TEST(T1803_negative_broken_buffer) {
2468 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2469 std::istreambuf_iterator<char> begin(is), end;
2470 std::vector<char> buff(begin, end);
2472 CKM::RawBuffer buffer(buff.size());
2473 memcpy(buffer.data(), buff.data(), buff.size());
2475 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2478 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2481 "Expected error in PKCS12::create()");
2484 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2486 auto manager = CKM::Manager::create();
2487 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2488 std::istreambuf_iterator<char> begin(is), end;
2489 std::vector<char> buff(begin, end);
2491 CKM::RawBuffer buffer(buff.size());
2492 memcpy(buffer.data(), buff.data(), buff.size());
2494 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2497 "Error in PKCS12::create()");
2500 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2501 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2502 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2503 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2504 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2505 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2506 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2507 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2508 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2509 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2510 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2511 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2512 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2513 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2514 "-----END RSA PRIVATE KEY-----\n";
2516 std::string message = "message test";
2518 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2519 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2520 "Key is empty. Failed to import private key.");
2524 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2525 "Error=" << CKM::APICodeToString(temp));
2528 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2529 "Error=" << CKM::APICodeToString(temp));
2532 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2534 auto manager = CKM::Manager::create();
2535 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2536 std::istreambuf_iterator<char> begin(is), end;
2537 std::vector<char> buff(begin, end);
2539 CKM::RawBuffer buffer(buff.size());
2540 memcpy(buffer.data(), buff.data(), buff.size());
2542 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2545 "Error in PKCS12::create()");
2547 auto cert = pkcs->getCertificate();
2550 "Error in PKCS12::getCertificate()");
2552 auto key = pkcs->getKey();
2555 "Error in PKCS12::getKey()");
2557 auto caVector = pkcs->getCaCertificateShPtrVector();
2559 2 == caVector.size(),
2560 "Wrong size of vector");
2564 CKM::Policy exportable;
2565 CKM::Policy notExportable(CKM::Password(), false);
2568 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2569 "Error=" << CKM::APICodeToString(tmp));
2571 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2572 "Error=" << CKM::APICodeToString(tmp));
2574 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2575 "Error=" << CKM::APICodeToString(tmp));
2577 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2578 "Error=" << CKM::APICodeToString(tmp));
2580 // try to lookup key
2581 CKM::KeyShPtr key_lookup;
2583 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2584 "Error=" << CKM::APICodeToString(tmp));
2586 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2587 "Error=" << CKM::APICodeToString(tmp));
2589 // try to lookup certificate
2590 CKM::CertificateShPtr cert_lookup;
2592 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2593 "Error=" << CKM::APICodeToString(tmp));
2595 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2596 "Error=" << CKM::APICodeToString(tmp));
2599 RUNNER_TEST(T1806_get_PKCS)
2602 auto manager = CKM::Manager::create();
2604 CKM::PKCS12ShPtr pkcs;
2608 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2609 "Error=" << CKM::APICodeToString(temp));
2611 // fail - not exportable
2613 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2614 "Error=" << CKM::APICodeToString(temp));
2616 // success - exportable
2618 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2619 "Error=" << CKM::APICodeToString(temp));
2621 auto cert = pkcs->getCertificate();
2624 "Error in PKCS12::getCertificate()");
2626 auto key = pkcs->getKey();
2629 "Error in PKCS12::getKey()");
2631 auto caVector = pkcs->getCaCertificateShPtrVector();
2633 2 == caVector.size(),
2634 "Wrong size of vector");
2637 RUNNER_TEST(T1807_create_and_verify_signature)
2640 auto manager = CKM::Manager::create();
2642 std::string message = "message test";
2644 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2645 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2646 CKM::RawBuffer signature;
2649 CKM_API_SUCCESS == (temp = manager->createSignature(
2650 alias_PKCS_exportable,
2652 CKM::RawBuffer(message.begin(), message.end()),
2656 "Error=" << CKM::APICodeToString(temp));
2659 CKM_API_SUCCESS == (temp = manager->verifySignature(
2660 alias_PKCS_exportable,
2662 CKM::RawBuffer(message.begin(), message.end()),
2666 "Error=" << CKM::APICodeToString(temp));
2669 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2672 auto manager = CKM::Manager::create();
2675 "-----BEGIN RSA PRIVATE KEY-----\n"
2676 "MIICWwIBAAKBgQDDgmPurTQa3wbnlM+9nCEQvhDviYRvSC9TL5lAMBCmBSl93v0U\n"
2677 "BXWsqO+fmAINm5QJa89hF5N7Q4xtvfSJUPIeyzowTOEGM4U3FnJtlsNQsoNbFlNy\n"
2678 "QLoZZmmY4ljG6/YqX+JGBgS9/J8uvaDWkvs+ktkORygfNz4Gi5DERT7eeQIDAQAB\n"
2679 "AoGAARIqx/js6yTDnesjxC8hwzy3TQic0Bs+Hx+IoGBjBvXKR2U8T6rD/UEjpuUn\n"
2680 "RbnPcsnDZg3CAg/ZqhQ7TbFC0kPo+S6+wKsZGDWUUvnpMkdcZUqXel8GFhdnmeIh\n"
2681 "22vYthP4TCbolxwXlwvuhu0PLZWhRO/Z+g37T3QENexqGv0CQQDmqJ9PDoUj5eUR\n"
2682 "wWEqEPraoU6ARBUUX5EhmTT9g9/BXnhwumIOksDHcBqNUwNOlKCUlWfBOelO93Ys\n"
2683 "PRW3QyejAkEA2P0tW/8iU4j+0a6DV+TUYFDTjD29y8KPw0Aj59591xD5eIPK3IgU\n"
2684 "91vnmtvU/QR26PnMOx4OAPk9a7BtN62zMwJAIFV0950edtjMUr/cAgydTbadDYf9\n"
2685 "uHxpGN+kOQGahT3b/llyU36o/YwufK8tYH+fPxTulXyrwwEXlL3/ZFBKpwJAeLGS\n"
2686 "Wlp2WGqZ+j2MdwYkDxLGKHprKHwnBN6XWjCKZGbfrGX6H2Jd7xyinaNrO/UQwxO2\n"
2687 "wqc7+NSpkk3G4jJuuwJAODYlk2Q+djE4jkjDc4xiqsQGBQlI2dlgzjRjIF4HWiLx\n"
2688 "bIrI0uCCbGItx++hlvmDx7G8anBmIFfBWIaKdX0aWw==\n"
2689 "-----END RSA PRIVATE KEY-----\n";
2691 std::string message = "message test";
2693 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2694 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2695 "Key is empty. Failed to import private key.");
2698 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2699 "Error=" << CKM::APICodeToString(temp));
2701 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2702 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2703 CKM::RawBuffer signature;
2706 CKM_API_SUCCESS == (temp = manager->createSignature(
2707 alias_PKCS_priv_key_copy,
2709 CKM::RawBuffer(message.begin(), message.end()),
2713 "Error=" << CKM::APICodeToString(temp));
2716 CKM_API_SUCCESS == (temp = manager->verifySignature(
2717 alias_PKCS_exportable,
2719 CKM::RawBuffer(message.begin(), message.end()),
2723 "Error=" << CKM::APICodeToString(temp));
2726 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2729 auto manager = CKM::Manager::create();
2731 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2732 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2733 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2734 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2735 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2736 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2737 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2738 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2739 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2740 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2741 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2742 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2743 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2744 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2745 "-----END RSA PRIVATE KEY-----\n";
2747 std::string message = "message test";
2749 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2750 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2751 "Key is empty. Failed to import private key.");
2754 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2755 "Error=" << CKM::APICodeToString(temp));
2757 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2758 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2759 CKM::RawBuffer signature;
2762 CKM_API_SUCCESS == (temp = manager->createSignature(
2763 alias_PKCS_priv_key_wrong,
2765 CKM::RawBuffer(message.begin(), message.end()),
2769 "Error=" << CKM::APICodeToString(temp));
2772 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2773 alias_PKCS_exportable,
2775 CKM::RawBuffer(message.begin(), message.end()),
2779 "Error=" << CKM::APICodeToString(temp));
2782 RUNNER_TEST(T1810_verify_get_certificate_chain)
2784 // this certificate has been signed using PKCS chain
2786 "-----BEGIN CERTIFICATE-----\n"
2787 "MIICxDCCAi0CFGHuCEUksqn0Rr3SXdhn+TlnL804MA0GCSqGSIb3DQEBCwUAMGEx\n"
2788 "CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n"
2789 "cm5ldCBXaWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMMEXNlcnZlckB0ZXN0bWUuY29t\n"
2790 "MB4XDTE5MDYxMzEyMTkyNloXDTI5MDYxMDEyMTkyNlowXTELMAkGA1UEBhMCQVUx\n"
2791 "EzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg\n"
2792 "UHR5IEx0ZDEWMBQGA1UEAwwNZWVAdGVzdG1lLmNvbTCCASIwDQYJKoZIhvcNAQEB\n"
2793 "BQADggEPADCCAQoCggEBAK3/XvE3uc2EhzwmsAfq6KEw52J8kCAB9Rma/qjkw6ZT\n"
2794 "yUYmSQvmcK8wSDt015Y/ekYLereCeWNLNkFlQeZC7LHT6T1mGnxNIgL3oUS2c+15\n"
2795 "FEYX9QJIN/CoJYQ/tmiQPa1OJz4prUFwqAzM1kRtHGfcAGmQHfgu77P3ljAJzfsW\n"
2796 "2beVHM+MTNSybkGHql28Z93bp382k5FQXegkxbozsKBMk37QjKiqes29J/ET0Huy\n"
2797 "yzOkf+XvbizIPRvMt/2guw9sgRb7YrM2M+igmHIHxfzxuqzpPr+bmcqQdyFdVkAK\n"
2798 "Qcx930HbfjHJ5k5vcovPLQ3LvSnYVCTe7aCAAmMzKXsCAwEAATANBgkqhkiG9w0B\n"
2799 "AQsFAAOBgQBfFMim/9zLd+EeZyeYA0vy3C9YuNJI+KsZlKAfrFDQNeIT/qg/GQM4\n"
2800 "o7I3TIHQ62tdEx6nBJs0DKSAmhRh4yc+P1KHMzIQIgSjftqS3Z+AKbJn6vOpWNTq\n"
2801 "cexnpexaNn69dbqJZsjr0fHsGAkh5n96icAB4VZyFncEknZKbTdd0g==\n"
2802 "-----END CERTIFICATE-----\n";
2804 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2805 CKM::CertificateShPtrVector certChain;
2806 CKM::AliasVector aliasVector;
2809 auto manager = CKM::Manager::create();
2811 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2813 tmp = manager->getCertificateChain(cert,
2818 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2819 "Error=" << CKM::APICodeToString(tmp));
2822 0 == certChain.size(),
2823 "Wrong size of certificate chain.");
2825 aliasVector.push_back(alias_PKCS_exportable);
2827 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2828 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2830 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2832 4 == certChain.size(),
2833 "Wrong size of certificate chain: " << certChain.size());
2836 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2838 auto manager = CKM::Manager::create();
2842 // remove the whole PKCS12 bundles
2844 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2845 "Error=" << CKM::APICodeToString(tmp));
2847 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2848 "Error=" << CKM::APICodeToString(tmp));
2850 // expect lookup fails due to unknown alias
2851 // try to lookup key
2852 CKM::KeyShPtr key_lookup;
2854 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2855 "Error=" << CKM::APICodeToString(tmp));
2857 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2858 "Error=" << CKM::APICodeToString(tmp));
2860 // try to lookup certificate
2861 CKM::CertificateShPtr cert_lookup;
2863 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2864 "Error=" << CKM::APICodeToString(tmp));
2866 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2867 "Error=" << CKM::APICodeToString(tmp));
2870 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2872 CKM::Alias alias = "t1812alias1";
2874 auto manager = CKM::Manager::create();
2875 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2876 std::istreambuf_iterator<char> begin(is), end;
2877 std::vector<char> buff(begin, end);
2879 CKM::PKCS12ShPtr pkcs12;
2880 CKM::Password pass1 = "easypass1";
2881 CKM::Password pass2 = "easypass2";
2883 CKM::RawBuffer buffer(buff.size());
2884 memcpy(buffer.data(), buff.data(), buff.size());
2886 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2889 "Error in PKCS12::create()");
2893 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2894 "Error=" << CKM::APICodeToString(temp));
2897 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2898 "Error=" << CKM::APICodeToString(temp));
2901 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2902 "Error=" << CKM::APICodeToString(temp));
2905 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2906 "Error=" << CKM::APICodeToString(temp));
2909 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2910 "Error=" << CKM::APICodeToString(temp));
2913 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2914 "Error=" << CKM::APICodeToString(temp));
2916 CKM::CertificateShPtr cert;
2918 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2919 "Error=" << CKM::APICodeToString(temp));
2921 CKM::CertificateShPtrVector certChain;
2922 CKM::AliasVector certVect;
2923 certVect.push_back(alias);
2926 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2927 "Error=" << CKM::APICodeToString(temp));
2930 RUNNER_TEST(T1813_deinit)
2933 auto control = CKM::Control::create();
2936 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2937 "Error=" << CKM::APICodeToString(temp));
2940 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2942 const char * const T190_PASSWD = "t190-special-password";
2944 RUNNER_TEST(T1901_init_unlock_key)
2946 reset_user_data(USER_APP, T190_PASSWD);
2949 RUNNER_TEST(T1902_get_data)
2951 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2953 auto manager = CKM::Manager::create();
2956 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2959 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2960 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2963 RUNNER_TEST(T1903_lock_database)
2966 auto control = CKM::Control::create();
2968 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2969 "Error=" << CKM::APICodeToString(tmp));
2972 RUNNER_TEST(T1904_get_data_from_locked_database)
2974 auto manager = CKM::Manager::create();
2977 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2980 CKM_API_ERROR_DB_LOCKED == status1,
2981 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2984 RUNNER_TEST(T1905_deinit)
2986 remove_user_data(USER_APP);
2989 int main(int argc, char *argv[])
2991 require_default_user(argv);
2993 int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
2995 detectCkmBugTrustzoneLeak();
projects / platform / core / test / security-tests.git / blob