2 * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
23 #include <dpl/test/test_runner.h>
25 #include <tests_common.h>
26 #include <test-certs.h>
27 #include <ckm_helpers.h>
29 #include <ckm-common.h>
30 #include <ckm/ckm-manager.h>
31 #include <ckm/ckm-control.h>
32 #include <ckm/ckm-password.h>
33 #include <ckm/ckm-type.h>
34 #include <ckm/ckm-pkcs12.h>
36 #include <openssl/x509.h>
37 #include <openssl/x509v3.h>
40 const int USER_APP = 5001;
42 const int USER_APP_2 = 5020;
43 const int USER_APP_3 = 5030;
45 const char * const APP_PASS = "user-pass";
46 const int USER_TEST = 5001;
48 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
49 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
50 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
51 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
52 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
53 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
54 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
55 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
56 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
58 "-----END PUBLIC KEY-----";
60 } // namespace anonymous
63 * How to numerate tests:
65 * T - test case (always T)
66 * AB - number of test group (always two digits)
67 * C - test number in group (all tests with same TABC must be run in the same time).
70 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
72 RUNNER_TEST(T0011_Control)
75 auto control = CKM::Control::create();
77 control->removeUserData(0);
78 control->removeUserData(USER_APP_2);
79 control->removeUserData(USER_APP);
82 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
83 "Error=" << CKM::APICodeToString(temp));
86 RUNNER_TEST(T0012_Control)
89 auto control = CKM::Control::create();
91 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
92 "Error=" << CKM::APICodeToString(temp));
94 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
95 "Error=" << CKM::APICodeToString(temp));
98 RUNNER_TEST(T0013_Control)
101 auto control = CKM::Control::create();
103 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
104 "Error=" << CKM::APICodeToString(temp));
107 RUNNER_TEST(T0014_Control)
110 auto control = CKM::Control::create();
112 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
113 "Error=" << CKM::APICodeToString(temp));
116 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
117 "Error=" << CKM::APICodeToString(temp));
120 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
121 "Error=" << CKM::APICodeToString(temp));
124 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
125 "Error=" << CKM::APICodeToString(temp));
128 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
129 "Error=" << CKM::APICodeToString(temp));
132 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
133 "Error=" << CKM::APICodeToString(temp));
136 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
137 "Error=" << CKM::APICodeToString(temp));
140 RUNNER_TEST(T0015_Control)
143 auto control = CKM::Control::create();
145 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
146 "Error=" << CKM::APICodeToString(temp));
148 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
149 "Error=" << CKM::APICodeToString(temp));
151 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
152 "Error=" << CKM::APICodeToString(temp));
154 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
155 "Error=" << CKM::APICodeToString(temp));
158 RUNNER_TEST(T0016_Control_negative_wrong_password)
161 auto control = CKM::Control::create();
163 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
164 "Error=" << CKM::APICodeToString(temp));
166 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
167 "Error=" << CKM::APICodeToString(temp));
169 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
170 "Error=" << CKM::APICodeToString(temp));
172 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
173 "Error=" << CKM::APICodeToString(temp));
175 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
176 "Error=" << CKM::APICodeToString(temp));
179 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
181 RUNNER_TEST(T1010_init)
183 unlock_user_data(USER_APP, "user-pass");
186 RUNNER_TEST(T1011_key)
189 auto manager = CKM::Manager::create();
191 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
192 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
193 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
194 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
195 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
196 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
197 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
199 "-----END PUBLIC KEY-----";
201 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
202 auto key = CKM::Key::create(buffer, CKM::Password());
204 CKM::Alias alias = "mykey";
207 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
208 "Error=" << CKM::APICodeToString(temp));
210 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
211 "Error=" << CKM::APICodeToString(temp));
213 key->getDER() == key2->getDER(),
214 "Key value has been changed by service");
217 RUNNER_TEST(T1012_certificate)
220 auto manager = CKM::Manager::create();
222 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
223 CKM::CertificateShPtr cert2;
224 CKM::Alias alias = "myCert";
227 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
228 "Error=" << CKM::APICodeToString(temp));
230 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
231 "Error=" << CKM::APICodeToString(temp));
233 cert->getDER() == cert2->getDER(),
234 "Data has been modified in key manager");
237 RUNNER_TEST(T1014_save_with_label)
240 auto manager = CKM::Manager::create();
242 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
243 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
244 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
245 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
246 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
247 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
248 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
250 "-----END PUBLIC KEY-----";
252 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
253 auto key = CKM::Key::create(buffer, CKM::Password());
254 CKM::KeyShPtr key_name, key_full_addr;
255 CKM::Alias alias = "mykey-2";
256 std::string top_label = getOwnerIdFromSelf();
257 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
260 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
261 "Error=" << CKM::APICodeToString(temp));
265 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
266 "Error=" << CKM::APICodeToString(temp));
268 key->getDER() == key_name->getDER(),
269 "Key value has been changed by service");
271 // lookup by full address
273 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
274 "Error=" << CKM::APICodeToString(temp));
276 key->getDER() == key_full_addr->getDER(),
277 "Key value has been changed by service");
280 RUNNER_TEST(T1020_save_big_data)
283 const size_t BIG_SIZE = 100000;
284 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
286 const size_t BIG_SIZE = 5000000;
287 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
291 std::vector<char> big_data(BIG_SIZE);
292 std::ifstream is("/dev/urandom", std::ifstream::binary);
294 is.read(big_data.data(), BIG_SIZE);
296 RUNNER_ASSERT_MSG(is,
297 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
299 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
300 CKM::Policy policy(CKM::Password(), true, backend);
301 CKM::RawBuffer returned;
303 auto manager = CKM::Manager::create();
306 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
307 "Error=" << CKM::APICodeToString(temp));
310 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
311 "Error=" << CKM::APICodeToString(temp));
313 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
316 RUNNER_TEST(T1015_deinit)
318 remove_user_data(USER_APP);
321 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
323 RUNNER_TEST(T1020_init)
326 auto control = CKM::Control::create();
328 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
329 "Error=" << CKM::APICodeToString(temp));
332 RUNNER_TEST(T1021_save_keys_get_alias)
335 auto manager = CKM::Manager::create();
337 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
338 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
339 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
340 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
341 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
342 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
343 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
345 "-----END PUBLIC KEY-----";
347 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
348 auto key = CKM::Key::create(buffer, CKM::Password());
349 CKM::AliasVector labelAliasVector;
351 size_t current_aliases_num = count_aliases(ALIAS_KEY);
353 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
354 "Error=" << CKM::APICodeToString(temp));
356 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
357 "Error=" << CKM::APICodeToString(temp));
359 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
360 "Error=" << CKM::APICodeToString(temp));
362 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
363 "Error=" << CKM::APICodeToString(temp));
365 labelAliasVector.size() == (current_aliases_num+3),
366 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
369 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
372 auto manager = CKM::Manager::create();
374 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
375 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
376 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
377 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
378 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
379 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
380 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
382 "-----END PUBLIC KEY-----";
384 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
385 auto key = CKM::Key::create(buffer, CKM::Password());
386 CKM::AliasVector labelAliasVector;
388 size_t current_aliases_num = count_aliases(ALIAS_KEY);
390 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
391 "Error=" << CKM::APICodeToString(temp));
393 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
394 "Error=" << CKM::APICodeToString(temp));
396 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
397 "Error=" << CKM::APICodeToString(temp));
399 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
400 "Error=" << CKM::APICodeToString(temp));
402 labelAliasVector.size() == (current_aliases_num+3),
403 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
406 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
409 auto manager = CKM::Manager::create();
411 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
412 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
413 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
414 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
415 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
416 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
417 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
419 "-----END PUBLIC KEY-----";
421 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
422 auto key = CKM::Key::create(buffer, CKM::Password());
423 CKM::AliasVector aliasVector;
424 CKM::Policy notExportable(CKM::Password(), false);
427 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
428 "Error=" << CKM::APICodeToString(temp));
430 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
431 "Error=" << CKM::APICodeToString(temp));
433 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, notExportable)),
434 "Error=" << CKM::APICodeToString(temp));
437 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
439 remove_user_data(USER_APP);
442 const int aliasNameCount = 10;
443 auto manager = CKM::Manager::create();
445 CKM::AliasPwdVector expected;
446 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
447 auto key = CKM::Key::create(buffer, CKM::Password());
448 std::string currentAlias;
450 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
451 // make aliases with & without: password protection, exportable flag
452 for (int it = 0; it < aliasNameCount; ++it)
454 CKM::Policy policy = generate_ckm_policy(it);
455 currentAlias = "T1024_appkey" + std::to_string(it);
456 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
458 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
459 "Error=" << CKM::APICodeToString(exitCode));
462 CKM::AliasPwdVector actual;
465 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasPwdVector(actual)),
466 "Error=" << CKM::APICodeToString(exitCode));
468 actual.size() == (beforeSaveAliasCount + aliasNameCount),
469 "Wrong aliases count: " << actual.size() << " Expected: "
470 << (beforeSaveAliasCount + aliasNameCount));
471 check_alias_info_list_helper(expected, actual, "/User ");
473 remove_user_data(USER_APP);
476 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
478 remove_user_data(USER_APP);
481 const int aliasNameCount = 10;
482 auto manager = CKM::Manager::create();
484 CKM::AliasPwdVector expected;
485 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
486 std::string currentAlias;
488 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
489 for (int it = 0; it < aliasNameCount; ++it)
491 CKM::Policy policy = generate_ckm_policy(it);
492 currentAlias = "T1025_appcert" + std::to_string(it);
493 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
495 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
496 "Error=" << CKM::APICodeToString(exitCode));
499 CKM::AliasPwdVector actual;
501 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasPwdVector(actual)),
502 "Error=" << CKM::APICodeToString(exitCode));
504 actual.size() == (beforeSaveAliasCount + aliasNameCount),
505 "Wrong aliases count: " << actual.size() << " Expected: "
506 << (beforeSaveAliasCount + aliasNameCount));
507 check_alias_info_list_helper(expected, actual, "/User ");
509 remove_user_data(USER_APP);
512 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
514 remove_user_data(USER_APP);
517 const int aliasNameCount = 10;
518 auto manager = CKM::Manager::create();
520 CKM::AliasPwdVector expected;
521 std::string binData = "My bin data";
522 CKM::RawBuffer buffer(binData.begin(), binData.end());
523 std::string currentAlias;
525 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
526 for (int it = 0; it < aliasNameCount; ++it)
528 CKM::Policy policy = generate_ckm_policy(it);
529 currentAlias = "T1026_appdata" + std::to_string(it);
530 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
532 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
533 "Error=" << CKM::APICodeToString(exitCode));
536 CKM::AliasPwdVector actual;
538 CKM_API_SUCCESS == (exitCode = manager->getDataAliasPwdVector(actual)),
539 "Error=" << CKM::APICodeToString(exitCode));
541 actual.size() == (beforeSaveAliasCount + aliasNameCount),
542 "Wrong aliases count: " << actual.size() << " Expected: "
543 << (beforeSaveAliasCount + aliasNameCount));
544 check_alias_info_list_helper(expected, actual, "/User ");
546 remove_user_data(USER_APP);
549 RUNNER_TEST(T1029_deinit)
551 remove_user_data(USER_APP);
554 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
555 RUNNER_TEST(T1030_init)
557 reset_user_data(USER_APP, APP_PASS);
560 RUNNER_TEST(T1032_app_user_save_bin_data)
562 ScopedDBUnlock unlock(USER_APP, APP_PASS);
565 auto manager = CKM::Manager::create();
567 std::string binData = "My bin data";
569 CKM::RawBuffer buffer(binData.begin(), binData.end());
571 CKM::AliasVector labelAliasVector;
573 size_t current_aliases_num = count_aliases(ALIAS_DATA);
575 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
576 "Error=" << CKM::APICodeToString(temp));
578 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
579 "Error=" << CKM::APICodeToString(temp));
581 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
582 "Error=" << CKM::APICodeToString(temp));
584 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
585 "Error=" << CKM::APICodeToString(temp));
587 labelAliasVector.size() == (current_aliases_num+3),
588 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
591 RUNNER_TEST(T1034_app_remove_bin_data)
593 ScopedDBUnlock unlock(USER_APP, APP_PASS);
596 auto manager = CKM::Manager::create();
598 std::string binData2 = "My bin data";
599 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
601 CKM::AliasVector labelAliasVector;
603 size_t current_aliases_num = count_aliases(ALIAS_DATA);
604 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
606 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
607 "Error=" << CKM::APICodeToString(temp));
609 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
610 "Error=" << CKM::APICodeToString(temp));
612 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
613 "Error=" << CKM::APICodeToString(temp));
615 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
616 "Error=" << CKM::APICodeToString(temp));
618 labelAliasVector.size() == (current_aliases_num-2),
619 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
621 CKM::RawBuffer buffer;
623 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
624 "Error=" << CKM::APICodeToString(temp));
629 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
630 "Error=" << CKM::APICodeToString(temp));
633 RUNNER_TEST(T1035_getData_wrong_password)
635 ScopedDBUnlock unlock(USER_APP, APP_PASS);
638 auto manager = CKM::Manager::create();
640 std::string binData1 = "My bin data4";
642 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
645 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
646 "Error=" << CKM::APICodeToString(temp));
648 CKM::RawBuffer buffer;
650 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
651 "Error=" << CKM::APICodeToString(temp));
657 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
658 "Error=" << CKM::APICodeToString(temp));
661 RUNNER_TEST(T1036_deinit)
663 remove_user_data(USER_APP);
666 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
668 RUNNER_TEST(T1040_init)
671 auto control = CKM::Control::create();
674 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
675 "Error=" << CKM::APICodeToString(temp));
678 RUNNER_TEST(T1041_create_RSA_key)
681 auto manager = CKM::Manager::create();
684 size_t current_aliases_num = count_aliases(ALIAS_KEY);
686 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
687 "Error=" << CKM::APICodeToString(temp));
689 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
690 "Error=" << CKM::APICodeToString(temp));
692 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
693 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
696 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
699 auto manager = CKM::Manager::create();
703 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
704 "Error=" << CKM::APICodeToString(temp));
706 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
707 "Error=" << CKM::APICodeToString(temp));
710 RUNNER_TEST(T1043_create_DSA_key)
713 auto manager = CKM::Manager::create();
716 size_t current_aliases_num = count_aliases(ALIAS_KEY);
718 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
719 "Error=" << CKM::APICodeToString(temp));
721 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
722 "Error=" << CKM::APICodeToString(temp));
724 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
725 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
728 RUNNER_TEST(T1044_create_AES_key)
731 auto manager = CKM::Manager::create();
734 int current_aliases_num = count_aliases(ALIAS_KEY);
736 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
737 "Error=" << CKM::APICodeToString(temp));
739 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
740 "Error=" << CKM::APICodeToString(temp));
742 (current_aliases_num+1) == (temp = av.size()),
743 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
746 RUNNER_TEST(T1049_deinit)
748 remove_user_data(USER_APP);
752 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
754 RUNNER_TEST(T1110_init)
756 unlock_user_data(USER_APP, "user-pass");
759 RUNNER_TEST(T1111_CreateKeyPairRSA)
762 auto manager = CKM::Manager::create();
763 CKM::Alias a1 = "rsa-test-1";
764 CKM::Alias a2 = "rsa-test-2";
768 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
769 "Error=" << CKM::APICodeToString(temp));
771 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
772 "Error=" << CKM::APICodeToString(temp));
775 RUNNER_TEST(T1112_CreateKeyPairDSA)
778 auto manager = CKM::Manager::create();
779 CKM::Alias a1 = "dsa-test-1";
780 CKM::Alias a2 = "dsa-test-2";
784 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
785 "Error=" << CKM::APICodeToString(temp));
787 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
788 "Error=" << CKM::APICodeToString(temp));
791 RUNNER_TEST(T1113_CreateKeyPairECDSA)
794 auto manager = CKM::Manager::create();
795 CKM::Alias a1 = "ecdsa-test-1";
796 CKM::Alias a2 = "ecdsa-test-2";
800 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
801 "Error=" << CKM::APICodeToString(temp));
804 RUNNER_TEST(T1114_deinit)
806 remove_user_data(USER_APP);
809 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
811 RUNNER_TEST(T12100_init)
813 reset_user_data(USER_APP, APP_PASS);
816 RUNNER_TEST(T12101_key_exist)
818 ScopedDBUnlock unlock(USER_APP, APP_PASS);
821 auto manager = CKM::Manager::create();
823 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
824 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
825 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
826 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
827 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
828 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
829 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
831 "-----END PUBLIC KEY-----";
833 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
834 auto key = CKM::Key::create(buffer);
835 CKM::Alias alias = "rsa-alias-duplication";
838 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
839 "Error=" << CKM::APICodeToString(ret));
841 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
842 "Error=" << CKM::APICodeToString(ret));
846 * These test cases tests API when empty parameters are passed to functions
849 RUNNER_TEST(T12102_saveKey_empty_alias)
851 ScopedDBUnlock unlock(USER_APP, APP_PASS);
853 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
854 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
855 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
856 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
857 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
858 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
859 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
860 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
862 "-----END PUBLIC KEY-----";
864 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
865 auto key = CKM::Key::create(buffer);
866 CKM::Alias alias; //alias is not initialized
869 auto manager = CKM::Manager::create();
871 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
872 "Error=" << CKM::APICodeToString(ret));
875 RUNNER_TEST(T12103_saveKey_foreign_label)
877 ScopedDBUnlock unlock(USER_APP, APP_PASS);
879 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
880 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
881 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
882 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
883 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
884 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
885 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
887 "-----END PUBLIC KEY-----";
889 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
890 auto key = CKM::Key::create(buffer);
891 CKM::Alias alias = "iamsomebodyelse alias";
894 auto manager = CKM::Manager::create();
896 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
897 "Error=" << CKM::APICodeToString(ret));
900 RUNNER_TEST(T12104_saveKey_empty_key)
902 ScopedDBUnlock unlock(USER_APP, APP_PASS);
904 CKM::KeyShPtr key; //key is not initialized
905 CKM::Alias alias = "empty-key";
908 auto manager = CKM::Manager::create();
910 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
911 "Error=" << CKM::APICodeToString(ret));
914 RUNNER_TEST(T12105_saveCertificate_empty_alias)
916 ScopedDBUnlock unlock(USER_APP, APP_PASS);
918 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
919 CKM::Alias alias; //alias is not initialized
922 auto manager = CKM::Manager::create();
924 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
925 "Error=" << CKM::APICodeToString(temp));
928 RUNNER_TEST(T12106_saveCertificate_foreign_label)
930 ScopedDBUnlock unlock(USER_APP, APP_PASS);
932 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
933 CKM::Alias alias = "iamsomebodyelse alias";
936 auto manager = CKM::Manager::create();
938 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
939 "Error=" << CKM::APICodeToString(temp));
942 RUNNER_TEST(T12107_saveCertificate_empty_cert)
944 ScopedDBUnlock unlock(USER_APP, APP_PASS);
946 CKM::CertificateShPtr cert; //cert is not initialized
947 CKM::Alias alias = "empty-cert";
950 auto manager = CKM::Manager::create();
952 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
953 "Error=" << CKM::APICodeToString(temp));
956 RUNNER_TEST(T12108_saveData_empty_alias)
958 ScopedDBUnlock unlock(USER_APP, APP_PASS);
960 std::string testData = "test data test data test data";
961 CKM::RawBuffer buffer(testData.begin(), testData.end());
965 auto manager = CKM::Manager::create();
967 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
968 "Error=" << CKM::APICodeToString(temp));
971 RUNNER_TEST(T12109_saveData_foreign_label)
973 ScopedDBUnlock unlock(USER_APP, APP_PASS);
975 std::string testData = "test data test data test data";
976 CKM::RawBuffer buffer(testData.begin(), testData.end());
977 CKM::Alias alias = "iamsomebodyelse alias";
980 auto manager = CKM::Manager::create();
982 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
983 "Error=" << CKM::APICodeToString(temp));
986 RUNNER_TEST(T12110_saveData_empty_data)
988 ScopedDBUnlock unlock(USER_APP, APP_PASS);
990 CKM::RawBuffer buffer;
991 CKM::Alias alias = "empty-data";
994 auto manager = CKM::Manager::create();
996 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
997 "Error=" << CKM::APICodeToString(temp));
1001 * These test cases tests API when trying to get data from not existing alias
1004 RUNNER_TEST(T12111_getKey_alias_not_exist)
1006 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1009 CKM::Alias alias = "this-alias-not-exist";
1012 auto manager = CKM::Manager::create();
1014 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1015 "Error=" << CKM::APICodeToString(temp));
1018 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1020 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1022 CKM::CertificateShPtr certificate;
1023 CKM::Alias alias = "this-alias-not-exist";
1026 auto manager = CKM::Manager::create();
1028 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1029 "Error=" << CKM::APICodeToString(temp));
1032 RUNNER_TEST(T12113_getData_alias_not_exist)
1034 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1037 auto manager = CKM::Manager::create();
1038 CKM::RawBuffer buffer;
1039 CKM::Alias alias("some alias");
1041 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1042 "Error=" << CKM::APICodeToString(temp));
1046 * These test cases tests API when damaged keys are used
1048 RUNNER_TEST(T12114_RSA_key_damaged)
1050 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1053 auto manager = CKM::Manager::create();
1055 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1056 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1057 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1058 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1059 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1060 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1061 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1063 "-----END PUBLIC KEY-----";
1065 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1066 auto key = CKM::Key::create(buffer);
1067 CKM::Alias alias = "damaged-rsa";
1070 NULL == key.get(), "Key is broken. It should be empty");
1073 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1074 "Error=" << CKM::APICodeToString(ret));
1077 RUNNER_TEST(T12115_RSA_key_too_short)
1079 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1082 auto manager = CKM::Manager::create();
1084 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1085 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1086 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1087 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1088 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1089 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1090 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1092 "-----END PUBLIC KEY-----";
1094 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1095 auto key = CKM::Key::create(buffer);
1096 CKM::Alias alias = "short-rsa";
1099 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1100 "Error=" << CKM::APICodeToString(ret));
1103 RUNNER_TEST(T12116_DSA_key_too_short)
1105 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1108 auto manager = CKM::Manager::create();
1110 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1111 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1112 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1113 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1114 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1115 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1116 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1117 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1118 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1119 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1120 "YMYCBhubtrVaLmc=\n"
1121 "-----END PUBLIC KEY-----";
1123 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1124 auto key = CKM::Key::create(buffer);
1125 CKM::Alias alias = "short-dsa";
1128 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1129 "Error=" << CKM::APICodeToString(ret));
1132 RUNNER_TEST(T12117_AES_key_too_short)
1135 auto manager = CKM::Manager::create();
1137 size_t key_size = (128-1);
1138 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1140 auto key = CKM::Key::create(key_AES);
1141 CKM::Alias alias = "short-AES";
1144 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1145 "Error=" << CKM::APICodeToString(ret));
1149 * These test cases tests CKM service if malicious data is provided over the socket.
1152 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1154 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1157 auto manager = CKM::Manager::create();
1159 // fake the client - let the service detect the problem
1160 class WrongKeyImpl : public CKM::Key
1163 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1166 virtual bool empty() const {
1170 virtual CKM::KeyType getType() const {
1171 return CKM::KeyType::KEY_RSA_PUBLIC;
1173 virtual int getSize() const {
1176 virtual CKM::ElipticCurve getCurve() const {
1177 return CKM::ElipticCurve::prime192v1;
1179 virtual CKM::RawBuffer getDER() const {
1182 virtual ~WrongKeyImpl() {}
1184 CKM::RawBuffer & m_dummy;
1186 std::string dummyData = "my_cat_Berta\n";
1187 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1188 auto key = std::make_shared<WrongKeyImpl>(buffer);
1189 CKM::Alias alias = "damaged-rsa";
1192 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1193 "Error=" << CKM::APICodeToString(ret));
1196 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1198 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1200 // fake the client - let the service detect the problem
1201 class WrongCertImpl : public CKM::Certificate
1204 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1205 m_x509 = X509_new();
1208 bool empty() const {
1212 virtual X509 *getX509() const {
1216 virtual CKM::RawBuffer getDER() const {
1220 virtual ~WrongCertImpl() {
1225 CKM::RawBuffer & m_dummy;
1227 std::string dummyData = "my_cat_Stefan\n";
1228 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1229 auto cert = std::make_shared<WrongCertImpl>(buffer);
1230 CKM::Alias alias = "damaged-cert";
1233 auto manager = CKM::Manager::create();
1235 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1236 "Error=" << CKM::APICodeToString(temp));
1239 RUNNER_TEST(T12120_deinit)
1241 remove_user_data(USER_APP);
1244 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1246 RUNNER_TEST(T1311_init)
1248 remove_user_data(USER_APP);
1249 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1250 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1252 struct hostent* he = gethostbyname("google.com");
1254 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1255 "is not woking on the device. OCSP tests requires network access!");
1258 RUNNER_TEST(T13121_get_chain_no_cert)
1260 CKM::CertificateShPtrVector certChain;
1261 CKM::CertificateShPtr cert;
1263 auto manager = CKM::Manager::create();
1265 int ret = manager->getCertificateChain(cert,
1270 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1271 "Function should fail for empty certificate");
1274 RUNNER_TEST(T13122_get_chain_empty_cert)
1276 CKM::CertificateShPtrVector certChain;
1277 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1278 CKM::DataFormat::FORM_PEM);
1280 auto manager = CKM::Manager::create();
1282 int ret = manager->getCertificateChain(cert,
1287 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1288 "Function should fail for empty certificate");
1291 RUNNER_TEST(T13129_get_chain)
1293 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1294 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1295 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1297 CKM::CertificateShPtrVector certVector = {cert1};
1298 CKM::CertificateShPtrVector certChain;
1299 CKM::CertificateShPtrVector trusted = {root};
1302 auto manager = CKM::Manager::create();
1304 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1305 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1307 tmp = manager->getCertificateChain(cert,
1312 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1313 "Error=" << CKM::APICodeToString(tmp));
1316 0 == certChain.size(),
1317 "Wrong size of certificate chain.");
1319 tmp = manager->getCertificateChain(cert, certVector, trusted, true, certChain);
1320 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1323 3 == certChain.size(),
1324 "Wrong size of certificate chain.");
1327 RUNNER_TEST(T1313_get_chain_with_alias)
1329 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1330 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1331 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1333 CKM::CertificateShPtrVector certChain;
1336 auto manager = CKM::Manager::create();
1338 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1339 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1341 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, EMPTY_ALIAS_VECTOR, true, certChain);
1342 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1343 "Error=" << CKM::APICodeToString(tmp));
1346 0 == certChain.size(),
1347 "Wrong size of certificate chain.");
1349 CKM::AliasVector aliasVector = { "imcert" };
1351 CKM_API_SUCCESS == (tmp = manager->saveCertificate(aliasVector[0], cert1, CKM::Policy())),
1352 "Error=" << CKM::APICodeToString(tmp));
1354 CKM::AliasVector trustedAliasVector = { "rootcert" };
1356 CKM_API_SUCCESS == (tmp = manager->saveCertificate(trustedAliasVector[0], root, CKM::Policy())),
1357 "Error=" << CKM::APICodeToString(tmp));
1359 tmp = manager->getCertificateChain(cert, aliasVector, trustedAliasVector, true, certChain);
1360 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1363 3 == certChain.size(),
1364 "Wrong size of certificate chain.");
1367 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1369 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1371 CKM::CertificateShPtrVector certChain;
1374 auto manager = CKM::Manager::create();
1376 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1378 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1379 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1382 2 == certChain.size(),
1383 "Wrong size of certificate chain.");
1387 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1388 "Error=" << CKM::APICodeToString(tmp));
1390 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1393 RUNNER_TEST(T13142_ocsp_check_empty)
1395 CKM::CertificateShPtrVector certVector;
1397 auto manager = CKM::Manager::create();
1402 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1403 "ocspCheck should fail for empty certificate vector");
1406 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1408 CKM::CertificateShPtrVector certVector = {
1409 CKM::CertificateShPtr(),
1410 CKM::CertificateShPtr(),
1411 CKM::CertificateShPtr()};
1413 auto manager = CKM::Manager::create();
1418 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1419 "ocspCheck should fail for empty certificate vector");
1422 RUNNER_TEST(T13144_ocsp_check_root)
1424 auto root = TestData::getTestCertificate(TestData::OCSP_ROOT_CA);
1425 CKM::CertificateShPtrVector certVector = {root};
1427 auto manager = CKM::Manager::create();
1429 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1434 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1435 "Ocsp should fail for single certificate");
1438 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1440 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1441 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1443 CKM::CertificateShPtrVector certVector = {ca, root};
1445 auto manager = CKM::Manager::create();
1447 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1448 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1453 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1454 "Error=" << CKM::APICodeToString(tmp));
1456 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1459 RUNNER_TEST(T1315_deinit)
1461 remove_user_data(USER_APP);
1464 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1466 RUNNER_TEST(T1411_init)
1468 remove_user_data(USER_APP);
1471 RUNNER_TEST(T1412_RSA_key_create_verify)
1474 auto manager = CKM::Manager::create();
1476 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1477 "Proc-Type: 4,ENCRYPTED\n"
1478 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1480 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1481 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1482 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1483 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1484 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1485 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1486 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1487 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1488 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1489 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1490 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1491 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1492 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1493 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1494 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1495 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1496 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1497 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1498 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1499 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1500 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1501 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1502 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1503 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1504 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1505 "-----END RSA PRIVATE KEY-----\n";
1507 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1508 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1509 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1510 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1511 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1512 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1513 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1515 "-----END PUBLIC KEY-----\n";
1517 std::string message = "message test";
1519 CKM::Alias aliasPub = "pub1";
1520 CKM::Alias aliasPrv = "prv1";
1521 CKM::Password password = "1234";
1522 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1523 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1524 CKM::RawBuffer signature;
1526 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1527 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1529 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1530 "Key is empty. Failed to import public key.");
1531 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1532 "Key is empty. Failed to import private key.");
1535 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1536 "Error=" << CKM::APICodeToString(temp));
1538 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1539 "Error=" << CKM::APICodeToString(temp));
1542 CKM_API_SUCCESS == (temp = manager->createSignature(
1545 CKM::RawBuffer(message.begin(), message.end()),
1549 "Error=" << CKM::APICodeToString(temp));
1552 CKM_API_SUCCESS == (temp = manager->verifySignature(
1555 CKM::RawBuffer(message.begin(), message.end()),
1559 "Error=" << CKM::APICodeToString(temp));
1562 RUNNER_TEST(T1413_DSA_key_create_verify)
1565 auto manager = CKM::Manager::create();
1567 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1568 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1569 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1570 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1571 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1572 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1573 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1574 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1575 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1576 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1577 "u1roOuaPY+Hl19BlTE2qdw==\n"
1578 "-----END DSA PRIVATE KEY-----";
1580 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1581 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1582 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1583 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1584 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1585 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1586 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1587 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1588 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1589 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1590 "YMYCBhubtrVaLmc=\n"
1591 "-----END PUBLIC KEY-----";
1593 std::string message = "message test";
1595 CKM::Alias aliasPub = "pub2";
1596 CKM::Alias aliasPrv = "prv2";
1597 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1598 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1599 CKM::RawBuffer signature;
1601 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1602 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1604 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1605 "Key is empty. Failed to import public key.");
1606 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1607 "Key is empty. Failed to import private key.");
1610 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1611 "Error=" << CKM::APICodeToString(temp));
1613 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1614 "Error=" << CKM::APICodeToString(temp));
1617 CKM_API_SUCCESS == (temp = manager->createSignature(
1620 CKM::RawBuffer(message.begin(), message.end()),
1624 "Error=" << CKM::APICodeToString(temp));
1627 CKM_API_SUCCESS == (temp = manager->verifySignature(
1630 CKM::RawBuffer(message.begin(), message.end()),
1634 "Error=" << CKM::APICodeToString(temp));
1638 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1641 auto manager = CKM::Manager::create();
1643 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1644 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1645 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1646 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1647 "-----END EC PRIVATE KEY-----\n";
1649 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1650 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1651 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1652 "-----END PUBLIC KEY-----\n";
1654 std::string message = "message test";
1656 CKM::Alias aliasPub = "ecpub2";
1657 CKM::Alias aliasPrv = "ecprv2";
1658 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1659 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1660 CKM::RawBuffer signature;
1662 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1663 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1665 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1666 "Key is empty. Failed to import public key.");
1667 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1668 "Key is empty. Failed to import private key.");
1671 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1672 "Error=" << CKM::APICodeToString(temp));
1674 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1675 "Error=" << CKM::APICodeToString(temp));
1678 CKM_API_SUCCESS == (temp = manager->createSignature(
1681 CKM::RawBuffer(message.begin(), message.end()),
1685 "Error=" << CKM::APICodeToString(temp));
1688 CKM_API_SUCCESS == (temp = manager->verifySignature(
1691 CKM::RawBuffer(message.begin(), message.end()),
1695 "Error=" << CKM::APICodeToString(temp));
1697 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1699 memcpy((void*)signature.data(), "BROKEN", 6);
1702 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1705 CKM::RawBuffer(message.begin(), message.end()),
1709 "Error=" << CKM::APICodeToString(temp));
1712 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1715 auto manager = CKM::Manager::create();
1716 std::string message = "message asdfaslkdfjlksadjf test";
1718 CKM::Alias aliasPub = "pub1";
1719 CKM::Alias aliasPrv = "prv1";
1721 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1722 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1723 CKM::RawBuffer signature;
1726 CKM_API_SUCCESS == (temp = manager->createSignature(
1729 CKM::RawBuffer(message.begin(), message.end()),
1733 "Error=" << CKM::APICodeToString(temp));
1736 CKM_API_SUCCESS == (temp = manager->verifySignature(
1739 CKM::RawBuffer(message.begin(), message.end()),
1743 "Error=" << CKM::APICodeToString(temp));
1745 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1746 memcpy((void*)signature.data(), "BROKEN", 6);
1749 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1752 CKM::RawBuffer(message.begin(), message.end()),
1756 "Error=" << CKM::APICodeToString(temp));
1759 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1762 auto manager = CKM::Manager::create();
1763 std::string message = "message asdfaslkdfjlksadjf test";
1765 CKM::Alias aliasPub = "pub2";
1766 CKM::Alias aliasPrv = "prv2";
1768 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1769 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1770 CKM::RawBuffer signature;
1773 CKM_API_SUCCESS == (temp = manager->createSignature(
1776 CKM::RawBuffer(message.begin(), message.end()),
1780 "Error=" << CKM::APICodeToString(temp));
1783 CKM_API_SUCCESS == (temp = manager->verifySignature(
1786 CKM::RawBuffer(message.begin(), message.end()),
1790 "Error=" << CKM::APICodeToString(temp));
1792 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1793 memcpy((void*)signature.data(), "BROKEN", 6);
1796 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1799 CKM::RawBuffer(message.begin(), message.end()),
1803 "Error=" << CKM::APICodeToString(temp));
1806 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1809 auto manager = CKM::Manager::create();
1812 "-----BEGIN RSA PRIVATE KEY-----\n"
1813 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1814 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1815 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1816 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1817 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1818 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1819 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1820 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1821 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1822 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1823 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1824 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1825 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1826 "-----END RSA PRIVATE KEY-----\n";
1829 "-----BEGIN CERTIFICATE-----\n"
1830 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1831 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1832 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1833 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1834 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1835 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1836 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1837 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1838 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1839 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1840 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1841 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1842 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1843 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1844 "-----END CERTIFICATE-----\n";
1846 std::string message = "message test";
1848 CKM::Alias aliasPub = "pub1-cert";
1849 CKM::Alias aliasPrv = "prv1-cert";
1850 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1851 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1852 CKM::RawBuffer signature;
1854 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1855 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1857 RUNNER_ASSERT_MSG(NULL != cert.get(),
1858 "Key is empty. Failed to import public key.");
1859 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1860 "Key is empty. Failed to import private key.");
1863 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1864 "Error=" << CKM::APICodeToString(temp));
1866 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1867 "Error=" << CKM::APICodeToString(temp));
1870 CKM_API_SUCCESS == (temp = manager->createSignature(
1873 CKM::RawBuffer(message.begin(), message.end()),
1877 "Error=" << CKM::APICodeToString(temp));
1880 CKM_API_SUCCESS == (temp = manager->verifySignature(
1883 CKM::RawBuffer(message.begin(), message.end()),
1887 "Error=" << CKM::APICodeToString(temp));
1889 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1891 memcpy((void*)signature.data(), "BROKEN", 6);
1894 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1897 CKM::RawBuffer(message.begin(), message.end()),
1901 "Error=" << CKM::APICodeToString(temp));
1904 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1907 auto manager = CKM::Manager::create();
1909 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1910 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1911 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1912 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1913 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1914 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1915 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1916 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1917 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1918 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1919 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1920 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1921 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1922 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1923 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1924 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1925 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1926 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1927 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1928 "-----END CERTIFICATE-----\n";
1930 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1931 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1932 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1933 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1934 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1935 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1936 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1937 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1938 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1939 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1940 "vonbjii3BYe4AIdkzOvp\n"
1941 "-----END DSA PRIVATE KEY-----\n";
1943 std::string message = "message test";
1945 CKM::Alias aliasPub = "pub2-cert";
1946 CKM::Alias aliasPrv = "prv2-cert";
1947 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1948 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1949 CKM::RawBuffer signature;
1951 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1952 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1954 RUNNER_ASSERT_MSG(NULL != cert.get(),
1955 "Key is empty. Failed to import public key.");
1956 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1957 "Key is empty. Failed to import private key.");
1960 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1961 "Error=" << CKM::APICodeToString(temp));
1963 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1964 "Error=" << CKM::APICodeToString(temp));
1967 CKM_API_SUCCESS == (temp = manager->createSignature(
1970 CKM::RawBuffer(message.begin(), message.end()),
1974 "Error=" << CKM::APICodeToString(temp));
1977 CKM_API_SUCCESS == (temp = manager->verifySignature(
1980 CKM::RawBuffer(message.begin(), message.end()),
1984 "Error=" << CKM::APICodeToString(temp));
1986 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1988 memcpy((void*)signature.data(), "BROKEN", 6);
1991 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1994 CKM::RawBuffer(message.begin(), message.end()),
1998 "Error=" << CKM::APICodeToString(temp));
2001 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2004 auto manager = CKM::Manager::create();
2007 "-----BEGIN EC PRIVATE KEY-----\n"
2008 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2009 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2010 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2011 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2012 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2013 "ELyhe7yPCAuOoLZlTLgf\n"
2014 "-----END EC PRIVATE KEY-----\n";
2017 "-----BEGIN CERTIFICATE-----\n"
2018 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2019 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2020 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2021 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2022 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2023 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2024 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2025 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2026 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2027 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2028 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2029 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2030 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2031 "Q1oBry6NEc+lLFmWMDesAA==\n"
2032 "-----END CERTIFICATE-----\n";
2034 std::string message = "message test";
2036 CKM::Alias aliasPub = "pub3";
2037 CKM::Alias aliasPrv = "prv3";
2038 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2039 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2040 CKM::RawBuffer signature;
2042 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2043 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2045 RUNNER_ASSERT_MSG(NULL != cert.get(),
2046 "Key is empty. Failed to import public key.");
2047 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2048 "Key is empty. Failed to import private key.");
2051 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2052 "Error=" << CKM::APICodeToString(temp));
2054 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2055 "Error=" << CKM::APICodeToString(temp));
2058 CKM_API_SUCCESS == (temp = manager->createSignature(
2061 CKM::RawBuffer(message.begin(), message.end()),
2065 "Error=" << CKM::APICodeToString(temp));
2068 CKM_API_SUCCESS == (temp = manager->verifySignature(
2071 CKM::RawBuffer(message.begin(), message.end()),
2075 "Error=" << CKM::APICodeToString(temp));
2077 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2079 memcpy((void*)signature.data(), "BROKEN", 6);
2082 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2085 CKM::RawBuffer(message.begin(), message.end()),
2089 "Error=" << CKM::APICodeToString(temp));
2092 RUNNER_TEST(T1420_deinit)
2094 remove_user_data(USER_APP);
2097 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2099 RUNNER_TEST(T14180_init)
2102 remove_user_data(USER_APP);
2104 auto manager = CKM::Manager::create();
2106 // Prepare RSA Key Pair
2107 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2108 "Proc-Type: 4,ENCRYPTED\n"
2109 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2111 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2112 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2113 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2114 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2115 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2116 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2117 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2118 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2119 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2120 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2121 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2122 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2123 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2124 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2125 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2126 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2127 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2128 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2129 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2130 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2131 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2132 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2133 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2134 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2135 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2136 "-----END RSA PRIVATE KEY-----\n";
2138 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2139 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2140 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2141 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2142 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2143 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2144 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2146 "-----END PUBLIC KEY-----\n";
2148 CKM::Alias aliasPub = "pub_nohash1";
2149 CKM::Alias aliasPrv = "prv_nohash1";
2150 CKM::Password password = "1234";
2152 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2153 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2155 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2156 "Key is empty. Failed to import public key.");
2157 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2158 "Key is empty. Failed to import private key.");
2161 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2162 "Error=" << CKM::APICodeToString(temp));
2164 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2165 "Error=" << CKM::APICodeToString(temp));
2167 // Prepare ECDSA Key Pair
2168 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2169 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2170 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2171 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2172 "-----END EC PRIVATE KEY-----\n";
2174 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2175 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2176 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2177 "-----END PUBLIC KEY-----\n";
2179 CKM::Alias aliasEcPub = "ecpub_nohash1";
2180 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2182 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2183 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2185 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2186 "Key is empty. Failed to import public key.");
2187 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2188 "Key is empty. Failed to import private key.");
2191 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2192 "Error=" << CKM::APICodeToString(temp));
2194 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2195 "Error=" << CKM::APICodeToString(temp));
2199 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2202 auto manager = CKM::Manager::create();
2203 std::string message = "message asdfaslkdfjlksadjf test";
2205 CKM::Alias aliasPub = "pub_nohash1";
2206 CKM::Alias aliasPrv = "prv_nohash1";
2208 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2209 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2210 CKM::RawBuffer signature;
2213 CKM_API_SUCCESS == (temp = manager->createSignature(
2216 CKM::RawBuffer(message.begin(), message.end()),
2220 "Error=" << CKM::APICodeToString(temp));
2223 CKM_API_SUCCESS == (temp = manager->verifySignature(
2226 CKM::RawBuffer(message.begin(), message.end()),
2230 "Error=" << CKM::APICodeToString(temp));
2232 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2233 memcpy((void*)signature.data(), "BROKEN", 6);
2236 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2239 CKM::RawBuffer(message.begin(), message.end()),
2243 "Error=" << CKM::APICodeToString(temp));
2246 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2249 auto manager = CKM::Manager::create();
2250 std::string message = "message asdfaslkdfjlksadjf test";
2252 CKM::Alias aliasPub = "pub_nohash1";
2253 CKM::Alias aliasPrv = "prv_nohash1";
2255 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2256 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2257 CKM::RawBuffer signature;
2260 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2263 CKM::RawBuffer(message.begin(), message.end()),
2267 "Error=" << CKM::APICodeToString(temp));
2270 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2273 auto manager = CKM::Manager::create();
2274 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2275 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2276 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2277 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2278 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2279 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2280 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2281 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2282 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2283 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2284 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2285 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2286 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2287 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2288 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2289 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2290 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2291 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2292 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2293 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2295 CKM::Alias aliasPub = "pub_nohash1";
2296 CKM::Alias aliasPrv = "prv_nohash1";
2298 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2299 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2300 CKM::RawBuffer signature;
2303 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2306 CKM::RawBuffer(message.begin(), message.end()),
2310 "Error=" << CKM::APICodeToString(temp));
2314 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2317 auto manager = CKM::Manager::create();
2319 std::string message = "message test";
2321 CKM::Alias aliasPrv = "ecprv_nohash1";
2322 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2323 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2324 CKM::RawBuffer signature;
2327 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2330 CKM::RawBuffer(message.begin(), message.end()),
2334 "Error=" << CKM::APICodeToString(temp));
2337 RUNNER_TEST(T14189_deinit)
2339 remove_user_data(USER_APP);
2343 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2347 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2348 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2349 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2350 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2351 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2354 RUNNER_TEST(T1800_init)
2356 remove_user_data(USER_APP);
2359 RUNNER_TEST(T1801_parse_PKCS12) {
2360 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2361 std::istreambuf_iterator<char> begin(is), end;
2362 std::vector<char> buff(begin, end);
2364 CKM::RawBuffer buffer(buff.size());
2365 memcpy(buffer.data(), buff.data(), buff.size());
2367 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2370 "Error in PKCS12::create()");
2372 auto cert = pkcs->getCertificate();
2375 "Error in PKCS12::getCertificate()");
2377 auto key = pkcs->getKey();
2380 "Error in PKCS12::getKey()");
2382 auto caVector = pkcs->getCaCertificateShPtrVector();
2384 0 == caVector.size(),
2385 "Wrong size of vector");
2388 RUNNER_TEST(T1802_negative_wrong_password) {
2389 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2390 std::istreambuf_iterator<char> begin(is), end;
2391 std::vector<char> buff(begin, end);
2393 CKM::RawBuffer buffer(buff.size());
2394 memcpy(buffer.data(), buff.data(), buff.size());
2396 auto pkcs = CKM::PKCS12::create(buffer, "error");
2399 "Expected error in PKCS12::create()");
2402 RUNNER_TEST(T1803_negative_broken_buffer) {
2403 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2404 std::istreambuf_iterator<char> begin(is), end;
2405 std::vector<char> buff(begin, end);
2407 CKM::RawBuffer buffer(buff.size());
2408 memcpy(buffer.data(), buff.data(), buff.size());
2410 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2413 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2416 "Expected error in PKCS12::create()");
2419 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2421 auto manager = CKM::Manager::create();
2422 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2423 std::istreambuf_iterator<char> begin(is), end;
2424 std::vector<char> buff(begin, end);
2426 CKM::RawBuffer buffer(buff.size());
2427 memcpy(buffer.data(), buff.data(), buff.size());
2429 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2432 "Error in PKCS12::create()");
2435 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2436 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2437 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2438 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2439 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2440 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2441 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2442 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2443 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2444 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2445 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2446 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2447 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2448 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2449 "-----END RSA PRIVATE KEY-----\n";
2451 std::string message = "message test";
2453 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2454 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2455 "Key is empty. Failed to import private key.");
2459 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2460 "Error=" << CKM::APICodeToString(temp));
2463 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2464 "Error=" << CKM::APICodeToString(temp));
2467 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2469 auto manager = CKM::Manager::create();
2470 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2471 std::istreambuf_iterator<char> begin(is), end;
2472 std::vector<char> buff(begin, end);
2474 CKM::RawBuffer buffer(buff.size());
2475 memcpy(buffer.data(), buff.data(), buff.size());
2477 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2480 "Error in PKCS12::create()");
2482 auto cert = pkcs->getCertificate();
2485 "Error in PKCS12::getCertificate()");
2487 auto key = pkcs->getKey();
2490 "Error in PKCS12::getKey()");
2492 auto caVector = pkcs->getCaCertificateShPtrVector();
2494 2 == caVector.size(),
2495 "Wrong size of vector");
2499 CKM::Policy exportable;
2500 CKM::Policy notExportable(CKM::Password(), false);
2503 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2504 "Error=" << CKM::APICodeToString(tmp));
2506 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2507 "Error=" << CKM::APICodeToString(tmp));
2509 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2510 "Error=" << CKM::APICodeToString(tmp));
2512 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2513 "Error=" << CKM::APICodeToString(tmp));
2515 // try to lookup key
2516 CKM::KeyShPtr key_lookup;
2518 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2519 "Error=" << CKM::APICodeToString(tmp));
2521 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2522 "Error=" << CKM::APICodeToString(tmp));
2524 // try to lookup certificate
2525 CKM::CertificateShPtr cert_lookup;
2527 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2528 "Error=" << CKM::APICodeToString(tmp));
2530 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2531 "Error=" << CKM::APICodeToString(tmp));
2534 RUNNER_TEST(T1806_get_PKCS)
2537 auto manager = CKM::Manager::create();
2539 CKM::PKCS12ShPtr pkcs;
2543 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2544 "Error=" << CKM::APICodeToString(temp));
2546 // fail - not exportable
2548 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2549 "Error=" << CKM::APICodeToString(temp));
2551 // success - exportable
2553 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2554 "Error=" << CKM::APICodeToString(temp));
2556 auto cert = pkcs->getCertificate();
2559 "Error in PKCS12::getCertificate()");
2561 auto key = pkcs->getKey();
2564 "Error in PKCS12::getKey()");
2566 auto caVector = pkcs->getCaCertificateShPtrVector();
2568 2 == caVector.size(),
2569 "Wrong size of vector");
2572 RUNNER_TEST(T1807_create_and_verify_signature)
2575 auto manager = CKM::Manager::create();
2577 std::string message = "message test";
2579 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2580 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2581 CKM::RawBuffer signature;
2584 CKM_API_SUCCESS == (temp = manager->createSignature(
2585 alias_PKCS_exportable,
2587 CKM::RawBuffer(message.begin(), message.end()),
2591 "Error=" << CKM::APICodeToString(temp));
2594 CKM_API_SUCCESS == (temp = manager->verifySignature(
2595 alias_PKCS_exportable,
2597 CKM::RawBuffer(message.begin(), message.end()),
2601 "Error=" << CKM::APICodeToString(temp));
2604 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2607 auto manager = CKM::Manager::create();
2610 "-----BEGIN RSA PRIVATE KEY-----\n"
2611 "MIICWwIBAAKBgQDDgmPurTQa3wbnlM+9nCEQvhDviYRvSC9TL5lAMBCmBSl93v0U\n"
2612 "BXWsqO+fmAINm5QJa89hF5N7Q4xtvfSJUPIeyzowTOEGM4U3FnJtlsNQsoNbFlNy\n"
2613 "QLoZZmmY4ljG6/YqX+JGBgS9/J8uvaDWkvs+ktkORygfNz4Gi5DERT7eeQIDAQAB\n"
2614 "AoGAARIqx/js6yTDnesjxC8hwzy3TQic0Bs+Hx+IoGBjBvXKR2U8T6rD/UEjpuUn\n"
2615 "RbnPcsnDZg3CAg/ZqhQ7TbFC0kPo+S6+wKsZGDWUUvnpMkdcZUqXel8GFhdnmeIh\n"
2616 "22vYthP4TCbolxwXlwvuhu0PLZWhRO/Z+g37T3QENexqGv0CQQDmqJ9PDoUj5eUR\n"
2617 "wWEqEPraoU6ARBUUX5EhmTT9g9/BXnhwumIOksDHcBqNUwNOlKCUlWfBOelO93Ys\n"
2618 "PRW3QyejAkEA2P0tW/8iU4j+0a6DV+TUYFDTjD29y8KPw0Aj59591xD5eIPK3IgU\n"
2619 "91vnmtvU/QR26PnMOx4OAPk9a7BtN62zMwJAIFV0950edtjMUr/cAgydTbadDYf9\n"
2620 "uHxpGN+kOQGahT3b/llyU36o/YwufK8tYH+fPxTulXyrwwEXlL3/ZFBKpwJAeLGS\n"
2621 "Wlp2WGqZ+j2MdwYkDxLGKHprKHwnBN6XWjCKZGbfrGX6H2Jd7xyinaNrO/UQwxO2\n"
2622 "wqc7+NSpkk3G4jJuuwJAODYlk2Q+djE4jkjDc4xiqsQGBQlI2dlgzjRjIF4HWiLx\n"
2623 "bIrI0uCCbGItx++hlvmDx7G8anBmIFfBWIaKdX0aWw==\n"
2624 "-----END RSA PRIVATE KEY-----\n";
2626 std::string message = "message test";
2628 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2629 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2630 "Key is empty. Failed to import private key.");
2633 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2634 "Error=" << CKM::APICodeToString(temp));
2636 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2637 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2638 CKM::RawBuffer signature;
2641 CKM_API_SUCCESS == (temp = manager->createSignature(
2642 alias_PKCS_priv_key_copy,
2644 CKM::RawBuffer(message.begin(), message.end()),
2648 "Error=" << CKM::APICodeToString(temp));
2651 CKM_API_SUCCESS == (temp = manager->verifySignature(
2652 alias_PKCS_exportable,
2654 CKM::RawBuffer(message.begin(), message.end()),
2658 "Error=" << CKM::APICodeToString(temp));
2661 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2664 auto manager = CKM::Manager::create();
2666 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2667 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2668 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2669 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2670 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2671 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2672 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2673 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2674 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2675 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2676 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2677 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2678 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2679 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2680 "-----END RSA PRIVATE KEY-----\n";
2682 std::string message = "message test";
2684 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2685 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2686 "Key is empty. Failed to import private key.");
2689 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2690 "Error=" << CKM::APICodeToString(temp));
2692 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2693 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2694 CKM::RawBuffer signature;
2697 CKM_API_SUCCESS == (temp = manager->createSignature(
2698 alias_PKCS_priv_key_wrong,
2700 CKM::RawBuffer(message.begin(), message.end()),
2704 "Error=" << CKM::APICodeToString(temp));
2707 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2708 alias_PKCS_exportable,
2710 CKM::RawBuffer(message.begin(), message.end()),
2714 "Error=" << CKM::APICodeToString(temp));
2717 RUNNER_TEST(T1810_verify_get_certificate_chain)
2719 // this certificate has been signed using PKCS chain
2721 "-----BEGIN CERTIFICATE-----\n"
2722 "MIICxDCCAi0CFGHuCEUksqn0Rr3SXdhn+TlnL804MA0GCSqGSIb3DQEBCwUAMGEx\n"
2723 "CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n"
2724 "cm5ldCBXaWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMMEXNlcnZlckB0ZXN0bWUuY29t\n"
2725 "MB4XDTE5MDYxMzEyMTkyNloXDTI5MDYxMDEyMTkyNlowXTELMAkGA1UEBhMCQVUx\n"
2726 "EzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg\n"
2727 "UHR5IEx0ZDEWMBQGA1UEAwwNZWVAdGVzdG1lLmNvbTCCASIwDQYJKoZIhvcNAQEB\n"
2728 "BQADggEPADCCAQoCggEBAK3/XvE3uc2EhzwmsAfq6KEw52J8kCAB9Rma/qjkw6ZT\n"
2729 "yUYmSQvmcK8wSDt015Y/ekYLereCeWNLNkFlQeZC7LHT6T1mGnxNIgL3oUS2c+15\n"
2730 "FEYX9QJIN/CoJYQ/tmiQPa1OJz4prUFwqAzM1kRtHGfcAGmQHfgu77P3ljAJzfsW\n"
2731 "2beVHM+MTNSybkGHql28Z93bp382k5FQXegkxbozsKBMk37QjKiqes29J/ET0Huy\n"
2732 "yzOkf+XvbizIPRvMt/2guw9sgRb7YrM2M+igmHIHxfzxuqzpPr+bmcqQdyFdVkAK\n"
2733 "Qcx930HbfjHJ5k5vcovPLQ3LvSnYVCTe7aCAAmMzKXsCAwEAATANBgkqhkiG9w0B\n"
2734 "AQsFAAOBgQBfFMim/9zLd+EeZyeYA0vy3C9YuNJI+KsZlKAfrFDQNeIT/qg/GQM4\n"
2735 "o7I3TIHQ62tdEx6nBJs0DKSAmhRh4yc+P1KHMzIQIgSjftqS3Z+AKbJn6vOpWNTq\n"
2736 "cexnpexaNn69dbqJZsjr0fHsGAkh5n96icAB4VZyFncEknZKbTdd0g==\n"
2737 "-----END CERTIFICATE-----\n";
2739 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2740 CKM::CertificateShPtrVector certChain;
2741 CKM::AliasVector aliasVector;
2744 auto manager = CKM::Manager::create();
2746 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2748 tmp = manager->getCertificateChain(cert,
2753 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2754 "Error=" << CKM::APICodeToString(tmp));
2757 0 == certChain.size(),
2758 "Wrong size of certificate chain.");
2760 aliasVector.push_back(alias_PKCS_exportable);
2762 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2763 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2765 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2767 4 == certChain.size(),
2768 "Wrong size of certificate chain: " << certChain.size());
2771 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2773 auto manager = CKM::Manager::create();
2777 // remove the whole PKCS12 bundles
2779 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2780 "Error=" << CKM::APICodeToString(tmp));
2782 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2783 "Error=" << CKM::APICodeToString(tmp));
2785 // expect lookup fails due to unknown alias
2786 // try to lookup key
2787 CKM::KeyShPtr key_lookup;
2789 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2790 "Error=" << CKM::APICodeToString(tmp));
2792 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2793 "Error=" << CKM::APICodeToString(tmp));
2795 // try to lookup certificate
2796 CKM::CertificateShPtr cert_lookup;
2798 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2799 "Error=" << CKM::APICodeToString(tmp));
2801 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2802 "Error=" << CKM::APICodeToString(tmp));
2805 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2807 CKM::Alias alias = "t1812alias1";
2809 auto manager = CKM::Manager::create();
2810 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2811 std::istreambuf_iterator<char> begin(is), end;
2812 std::vector<char> buff(begin, end);
2814 CKM::PKCS12ShPtr pkcs12;
2815 CKM::Password pass1 = "easypass1";
2816 CKM::Password pass2 = "easypass2";
2818 CKM::RawBuffer buffer(buff.size());
2819 memcpy(buffer.data(), buff.data(), buff.size());
2821 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2824 "Error in PKCS12::create()");
2828 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2829 "Error=" << CKM::APICodeToString(temp));
2832 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2833 "Error=" << CKM::APICodeToString(temp));
2836 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2837 "Error=" << CKM::APICodeToString(temp));
2840 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2841 "Error=" << CKM::APICodeToString(temp));
2844 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2845 "Error=" << CKM::APICodeToString(temp));
2848 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2849 "Error=" << CKM::APICodeToString(temp));
2851 CKM::CertificateShPtr cert;
2853 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2854 "Error=" << CKM::APICodeToString(temp));
2856 CKM::CertificateShPtrVector certChain;
2857 CKM::AliasVector certVect;
2858 certVect.push_back(alias);
2861 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2862 "Error=" << CKM::APICodeToString(temp));
2865 RUNNER_TEST(T1813_deinit)
2868 auto control = CKM::Control::create();
2871 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2872 "Error=" << CKM::APICodeToString(temp));
2875 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2877 const char * const T190_PASSWD = "t190-special-password";
2879 RUNNER_TEST(T1901_init_unlock_key)
2881 reset_user_data(USER_APP, T190_PASSWD);
2884 RUNNER_TEST(T1902_get_data)
2886 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2888 auto manager = CKM::Manager::create();
2891 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2894 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2895 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2898 RUNNER_TEST(T1903_lock_database)
2901 auto control = CKM::Control::create();
2903 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2904 "Error=" << CKM::APICodeToString(tmp));
2907 RUNNER_TEST(T1904_get_data_from_locked_database)
2909 auto manager = CKM::Manager::create();
2912 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2915 CKM_API_ERROR_DB_LOCKED == status1,
2916 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2919 RUNNER_TEST(T1905_deinit)
2921 remove_user_data(USER_APP);
2924 int main(int argc, char *argv[])
2926 require_default_user(argv);
2928 int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
2930 detectCkmBugTrustzoneLeak();
projects / platform / core / test / security-tests.git / blob