3 #include <dpl/test/test_runner.h>
5 #include <tests_common.h>
6 #include <test-certs.h>
8 #include <ckm-common.h>
9 #include <ckm/ckm-manager.h>
10 #include <ckm/ckm-control.h>
11 #include <ckm/ckm-password.h>
12 #include <ckm/ckm-type.h>
13 #include <ckm/ckm-pkcs12.h>
17 #include <openssl/x509.h>
18 #include <openssl/x509v3.h>
21 const int USER_APP = 5001;
23 const int USER_APP_2 = 5020;
24 const int USER_APP_3 = 5030;
26 const char * const APP_PASS = "user-pass";
27 const int USER_TEST = 5001;
29 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
30 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
31 } // namespace anonymous
34 * How to numerate tests:
36 * T - test case (always T)
37 * AB - number of test group (always two digits)
38 * C - test number in group (all tests with same TABC must be run in the same time).
41 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
43 RUNNER_TEST(T0011_Control)
46 auto control = CKM::Control::create();
48 control->removeUserData(0);
49 control->removeUserData(USER_APP_2);
50 control->removeUserData(USER_APP);
53 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
54 "Error=" << CKMErrorToString(temp));
57 RUNNER_TEST(T0012_Control)
60 auto control = CKM::Control::create();
62 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
63 "Error=" << CKMErrorToString(temp));
65 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
66 "Error=" << CKMErrorToString(temp));
69 RUNNER_TEST(T0013_Control)
72 auto control = CKM::Control::create();
74 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
75 "Error=" << CKMErrorToString(temp));
78 RUNNER_TEST(T0014_Control)
81 auto control = CKM::Control::create();
83 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
84 "Error=" << CKMErrorToString(temp));
87 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
88 "Error=" << CKMErrorToString(temp));
91 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
92 "Error=" << CKMErrorToString(temp));
95 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
96 "Error=" << CKMErrorToString(temp));
99 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
100 "Error=" << CKMErrorToString(temp));
103 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
104 "Error=" << CKMErrorToString(temp));
107 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
108 "Error=" << CKMErrorToString(temp));
111 RUNNER_TEST(T0015_Control)
114 auto control = CKM::Control::create();
116 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
117 "Error=" << CKMErrorToString(temp));
119 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
120 "Error=" << CKMErrorToString(temp));
122 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
123 "Error=" << CKMErrorToString(temp));
125 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
126 "Error=" << CKMErrorToString(temp));
129 RUNNER_TEST(T0016_Control_negative_wrong_password)
132 auto control = CKM::Control::create();
134 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
135 "Error=" << CKMErrorToString(temp));
137 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
138 "Error=" << CKMErrorToString(temp));
140 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
141 "Error=" << CKMErrorToString(temp));
143 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
144 "Error=" << CKMErrorToString(temp));
146 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
147 "Error=" << CKMErrorToString(temp));
150 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
152 RUNNER_TEST(T1010_init)
154 unlock_user_data(USER_APP, "user-pass");
157 RUNNER_TEST(T1011_key)
160 auto manager = CKM::Manager::create();
162 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
163 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
164 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
165 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
166 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
167 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
168 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
170 "-----END PUBLIC KEY-----";
172 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
173 auto key = CKM::Key::create(buffer, CKM::Password());
175 CKM::Alias alias = "mykey";
178 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
179 "Error=" << CKMErrorToString(temp));
181 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
182 "Error=" << CKMErrorToString(temp));
184 key->getDER() == key2->getDER(),
185 "Key value has been changed by service");
188 RUNNER_TEST(T1012_certificate)
191 auto manager = CKM::Manager::create();
193 auto cert = TestData::getTestCertificate(TestData::GIAG2);
194 CKM::CertificateShPtr cert2;
195 CKM::Alias alias = "myCert";
198 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
199 "Error=" << CKMErrorToString(temp));
201 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
202 "Error=" << CKMErrorToString(temp));
204 cert->getDER() == cert2->getDER(),
205 "Data has been modified in key manager");
208 RUNNER_TEST(T1014_save_with_label)
211 auto manager = CKM::Manager::create();
213 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
214 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
215 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
216 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
217 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
218 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
219 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
221 "-----END PUBLIC KEY-----";
223 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
224 auto key = CKM::Key::create(buffer, CKM::Password());
225 CKM::KeyShPtr key_name, key_full_addr;
226 CKM::Alias alias = "mykey-2";
227 std::string top_label = getOwnerIdFromSelf();
228 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
231 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
232 "Error=" << CKMErrorToString(temp));
236 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
237 "Error=" << CKMErrorToString(temp));
239 key->getDER() == key_name->getDER(),
240 "Key value has been changed by service");
242 // lookup by full address
244 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
245 "Error=" << CKMErrorToString(temp));
247 key->getDER() == key_full_addr->getDER(),
248 "Key value has been changed by service");
251 RUNNER_TEST(T1015_deinit)
253 remove_user_data(USER_APP);
256 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
258 RUNNER_TEST(T1020_init)
261 auto control = CKM::Control::create();
263 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
264 "Error=" << CKMErrorToString(temp));
267 RUNNER_TEST(T1021_save_keys_get_alias)
270 auto manager = CKM::Manager::create();
272 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
273 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
274 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
275 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
276 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
277 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
278 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
280 "-----END PUBLIC KEY-----";
282 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
283 auto key = CKM::Key::create(buffer, CKM::Password());
284 CKM::AliasVector labelAliasVector;
286 size_t current_aliases_num = count_aliases(ALIAS_KEY);
288 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
289 "Error=" << CKMErrorToString(temp));
291 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
292 "Error=" << CKMErrorToString(temp));
294 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
295 "Error=" << CKMErrorToString(temp));
297 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
298 "Error=" << CKMErrorToString(temp));
300 labelAliasVector.size() == (current_aliases_num+3),
301 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
304 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
307 auto manager = CKM::Manager::create();
309 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
310 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
311 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
312 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
313 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
314 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
315 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
317 "-----END PUBLIC KEY-----";
319 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
320 auto key = CKM::Key::create(buffer, CKM::Password());
321 CKM::AliasVector labelAliasVector;
323 size_t current_aliases_num = count_aliases(ALIAS_KEY);
325 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
326 "Error=" << CKMErrorToString(temp));
328 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
329 "Error=" << CKMErrorToString(temp));
331 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
332 "Error=" << CKMErrorToString(temp));
334 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
335 "Error=" << CKMErrorToString(temp));
337 labelAliasVector.size() == (current_aliases_num+3),
338 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
341 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
344 auto manager = CKM::Manager::create();
346 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
347 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
348 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
349 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
350 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
351 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
352 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
354 "-----END PUBLIC KEY-----";
356 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
357 auto key = CKM::Key::create(buffer, CKM::Password());
358 CKM::AliasVector aliasVector;
359 CKM::Policy notExportable(CKM::Password(), false);
362 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
363 "Error=" << CKMErrorToString(temp));
365 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
366 "Error=" << CKMErrorToString(temp));
368 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
369 "Error=" << CKMErrorToString(temp));
372 RUNNER_TEST(T1029_deinit)
374 remove_user_data(USER_APP);
377 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
378 RUNNER_TEST(T1030_init)
380 reset_user_data(USER_APP, APP_PASS);
383 RUNNER_TEST(T1032_app_user_save_bin_data)
385 ScopedDBUnlock unlock(USER_APP, APP_PASS);
388 auto manager = CKM::Manager::create();
390 std::string binData = "My bin data";
392 CKM::RawBuffer buffer(binData.begin(), binData.end());
394 CKM::AliasVector labelAliasVector;
396 size_t current_aliases_num = count_aliases(ALIAS_DATA);
398 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
399 "Error=" << CKMErrorToString(temp));
401 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
402 "Error=" << CKMErrorToString(temp));
404 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
405 "Error=" << CKMErrorToString(temp));
407 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
408 "Error=" << CKMErrorToString(temp));
410 labelAliasVector.size() == (current_aliases_num+3),
411 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
414 RUNNER_TEST(T1034_app_remove_bin_data)
416 ScopedDBUnlock unlock(USER_APP, APP_PASS);
419 auto manager = CKM::Manager::create();
421 std::string binData2 = "My bin data";
422 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
424 CKM::AliasVector labelAliasVector;
426 size_t current_aliases_num = count_aliases(ALIAS_DATA);
427 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
429 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
430 "Error=" << CKMErrorToString(temp));
432 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
433 "Error=" << CKMErrorToString(temp));
435 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
436 "Error=" << CKMErrorToString(temp));
438 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
439 "Error=" << CKMErrorToString(temp));
441 labelAliasVector.size() == (current_aliases_num-2),
442 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
444 CKM::RawBuffer buffer;
446 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
447 "Error=" << CKMErrorToString(temp));
452 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
453 "Error=" << CKMErrorToString(temp));
456 RUNNER_TEST(T1035_getData_wrong_password)
458 ScopedDBUnlock unlock(USER_APP, APP_PASS);
461 auto manager = CKM::Manager::create();
463 std::string binData1 = "My bin data4";
465 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
468 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
469 "Error=" << CKMErrorToString(temp));
471 CKM::RawBuffer buffer;
473 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
474 "Error=" << CKMErrorToString(temp));
480 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
481 "Error=" << CKMErrorToString(temp));
484 RUNNER_TEST(T1036_deinit)
486 remove_user_data(USER_APP);
489 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
491 RUNNER_TEST(T1040_init)
494 auto control = CKM::Control::create();
497 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
498 "Error=" << CKMErrorToString(temp));
501 RUNNER_TEST(T1041_create_RSA_key)
504 auto manager = CKM::Manager::create();
507 size_t current_aliases_num = count_aliases(ALIAS_KEY);
509 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
510 "Error=" << CKMErrorToString(temp));
512 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
513 "Error=" << CKMErrorToString(temp));
515 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
516 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
519 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
522 auto manager = CKM::Manager::create();
526 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
527 "Error=" << CKMErrorToString(temp));
529 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
530 "Error=" << CKMErrorToString(temp));
533 RUNNER_TEST(T1043_create_DSA_key)
536 auto manager = CKM::Manager::create();
539 size_t current_aliases_num = count_aliases(ALIAS_KEY);
541 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
542 "Error=" << CKMErrorToString(temp));
544 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
545 "Error=" << CKMErrorToString(temp));
547 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
548 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
551 RUNNER_TEST(T1044_create_AES_key)
554 auto manager = CKM::Manager::create();
557 int current_aliases_num = count_aliases(ALIAS_KEY);
559 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
560 "Error=" << CKMErrorToString(temp));
562 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
563 "Error=" << CKMErrorToString(temp));
565 (current_aliases_num+1) == (temp = av.size()),
566 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
569 RUNNER_TEST(T1049_deinit)
571 remove_user_data(USER_APP);
575 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
577 RUNNER_TEST(T1110_init)
579 unlock_user_data(USER_APP, "user-pass");
582 RUNNER_TEST(T1111_CreateKeyPairRSA)
585 auto manager = CKM::Manager::create();
586 CKM::Alias a1 = "rsa-test-1";
587 CKM::Alias a2 = "rsa-test-2";
591 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
592 "Error=" << CKMErrorToString(temp));
594 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
595 "Error=" << CKMErrorToString(temp));
598 RUNNER_TEST(T1112_CreateKeyPairDSA)
601 auto manager = CKM::Manager::create();
602 CKM::Alias a1 = "dsa-test-1";
603 CKM::Alias a2 = "dsa-test-2";
607 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
608 "Error=" << CKMErrorToString(temp));
610 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
611 "Error=" << CKMErrorToString(temp));
614 RUNNER_TEST(T1113_CreateKeyPairECDSA)
617 auto manager = CKM::Manager::create();
618 CKM::Alias a1 = "ecdsa-test-1";
619 CKM::Alias a2 = "ecdsa-test-2";
623 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
624 "Error=" << CKMErrorToString(temp));
627 RUNNER_TEST(T1114_deinit)
629 remove_user_data(USER_APP);
632 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
634 RUNNER_TEST(T12100_init)
636 reset_user_data(USER_APP, APP_PASS);
639 RUNNER_TEST(T12101_key_exist)
641 ScopedDBUnlock unlock(USER_APP, APP_PASS);
644 auto manager = CKM::Manager::create();
646 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
647 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
648 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
649 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
650 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
651 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
652 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
654 "-----END PUBLIC KEY-----";
656 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
657 auto key = CKM::Key::create(buffer);
658 CKM::Alias alias = "rsa-alias-duplication";
661 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
662 "Error=" << CKMErrorToString(ret));
664 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
665 "Error=" << CKMErrorToString(ret));
669 * These test cases tests API when empty parameters are passed to functions
672 RUNNER_TEST(T12102_saveKey_empty_alias)
674 ScopedDBUnlock unlock(USER_APP, APP_PASS);
676 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
677 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
678 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
679 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
680 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
681 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
682 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
683 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
685 "-----END PUBLIC KEY-----";
687 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
688 auto key = CKM::Key::create(buffer);
689 CKM::Alias alias; //alias is not initialized
692 auto manager = CKM::Manager::create();
694 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
695 "Error=" << CKMErrorToString(ret));
698 RUNNER_TEST(T12103_saveKey_foreign_label)
700 ScopedDBUnlock unlock(USER_APP, APP_PASS);
702 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
703 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
704 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
705 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
706 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
707 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
708 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
710 "-----END PUBLIC KEY-----";
712 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
713 auto key = CKM::Key::create(buffer);
714 CKM::Alias alias = "iamsomebodyelse alias";
717 auto manager = CKM::Manager::create();
719 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
720 "Error=" << CKMErrorToString(ret));
723 RUNNER_TEST(T12104_saveKey_empty_key)
725 ScopedDBUnlock unlock(USER_APP, APP_PASS);
727 CKM::KeyShPtr key; //key is not initialized
728 CKM::Alias alias = "empty-key";
731 auto manager = CKM::Manager::create();
733 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
734 "Error=" << CKMErrorToString(ret));
737 RUNNER_TEST(T12105_saveCertificate_empty_alias)
739 ScopedDBUnlock unlock(USER_APP, APP_PASS);
741 auto cert = TestData::getTestCertificate(TestData::GIAG2);
742 CKM::Alias alias; //alias is not initialized
745 auto manager = CKM::Manager::create();
747 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
748 "Error=" << CKMErrorToString(temp));
751 RUNNER_TEST(T12106_saveCertificate_foreign_label)
753 ScopedDBUnlock unlock(USER_APP, APP_PASS);
755 auto cert = TestData::getTestCertificate(TestData::GIAG2);
756 CKM::Alias alias = "iamsomebodyelse alias";
759 auto manager = CKM::Manager::create();
761 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
762 "Error=" << CKMErrorToString(temp));
765 RUNNER_TEST(T12107_saveCertificate_empty_cert)
767 ScopedDBUnlock unlock(USER_APP, APP_PASS);
769 CKM::CertificateShPtr cert; //cert is not initialized
770 CKM::Alias alias = "empty-cert";
773 auto manager = CKM::Manager::create();
775 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
776 "Error=" << CKMErrorToString(temp));
779 RUNNER_TEST(T12108_saveData_empty_alias)
781 ScopedDBUnlock unlock(USER_APP, APP_PASS);
783 std::string testData = "test data test data test data";
784 CKM::RawBuffer buffer(testData.begin(), testData.end());
788 auto manager = CKM::Manager::create();
790 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
791 "Error=" << CKMErrorToString(temp));
794 RUNNER_TEST(T12109_saveData_foreign_label)
796 ScopedDBUnlock unlock(USER_APP, APP_PASS);
798 std::string testData = "test data test data test data";
799 CKM::RawBuffer buffer(testData.begin(), testData.end());
800 CKM::Alias alias = "iamsomebodyelse alias";
803 auto manager = CKM::Manager::create();
805 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
806 "Error=" << CKMErrorToString(temp));
809 RUNNER_TEST(T12110_saveData_empty_data)
811 ScopedDBUnlock unlock(USER_APP, APP_PASS);
813 CKM::RawBuffer buffer;
814 CKM::Alias alias = "empty-data";
817 auto manager = CKM::Manager::create();
819 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
820 "Error=" << CKMErrorToString(temp));
824 * These test cases tests API when trying to get data from not existing alias
827 RUNNER_TEST(T12111_getKey_alias_not_exist)
829 ScopedDBUnlock unlock(USER_APP, APP_PASS);
832 CKM::Alias alias = "this-alias-not-exist";
835 auto manager = CKM::Manager::create();
837 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
838 "Error=" << CKMErrorToString(temp));
841 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
843 ScopedDBUnlock unlock(USER_APP, APP_PASS);
845 CKM::CertificateShPtr certificate;
846 CKM::Alias alias = "this-alias-not-exist";
849 auto manager = CKM::Manager::create();
851 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
852 "Error=" << CKMErrorToString(temp));
855 RUNNER_TEST(T12113_getData_alias_not_exist)
857 ScopedDBUnlock unlock(USER_APP, APP_PASS);
860 auto manager = CKM::Manager::create();
861 CKM::RawBuffer buffer;
862 CKM::Alias alias("some alias");
864 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
865 "Error=" << CKMErrorToString(temp));
869 * These test cases tests API when damaged keys are used
871 RUNNER_TEST(T12114_RSA_key_damaged)
873 ScopedDBUnlock unlock(USER_APP, APP_PASS);
876 auto manager = CKM::Manager::create();
878 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
879 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
880 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
881 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
882 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
883 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
884 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
886 "-----END PUBLIC KEY-----";
888 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
889 auto key = CKM::Key::create(buffer);
890 CKM::Alias alias = "damaged-rsa";
893 NULL == key.get(), "Key is broken. It should be empty");
896 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
897 "Error=" << CKMErrorToString(ret));
900 RUNNER_TEST(T12115_RSA_key_too_short)
902 ScopedDBUnlock unlock(USER_APP, APP_PASS);
905 auto manager = CKM::Manager::create();
907 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
908 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
909 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
910 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
911 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
912 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
913 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
915 "-----END PUBLIC KEY-----";
917 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
918 auto key = CKM::Key::create(buffer);
919 CKM::Alias alias = "short-rsa";
922 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
923 "Error=" << CKMErrorToString(ret));
926 RUNNER_TEST(T12116_DSA_key_too_short)
928 ScopedDBUnlock unlock(USER_APP, APP_PASS);
931 auto manager = CKM::Manager::create();
933 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
934 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
935 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
936 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
937 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
938 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
939 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
940 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
941 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
942 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
944 "-----END PUBLIC KEY-----";
946 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
947 auto key = CKM::Key::create(buffer);
948 CKM::Alias alias = "short-dsa";
951 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
952 "Error=" << CKMErrorToString(ret));
955 RUNNER_TEST(T12117_AES_key_too_short)
958 auto manager = CKM::Manager::create();
960 size_t key_size = (128-1);
961 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
963 auto key = CKM::Key::create(key_AES);
964 CKM::Alias alias = "short-AES";
967 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
968 "Error=" << CKMErrorToString(ret));
972 * These test cases tests CKM service if malicious data is provided over the socket.
975 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
977 ScopedDBUnlock unlock(USER_APP, APP_PASS);
980 auto manager = CKM::Manager::create();
982 // fake the client - let the service detect the problem
983 class WrongKeyImpl : public CKM::Key
986 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
989 virtual bool empty() const {
993 virtual CKM::KeyType getType() const {
994 return CKM::KeyType::KEY_RSA_PUBLIC;
996 virtual int getSize() const {
999 virtual CKM::ElipticCurve getCurve() const {
1000 return CKM::ElipticCurve::prime192v1;
1002 virtual CKM::RawBuffer getDER() const {
1005 virtual ~WrongKeyImpl() {}
1007 CKM::RawBuffer & m_dummy;
1009 std::string dummyData = "my_cat_Berta\n";
1010 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1011 auto key = std::make_shared<WrongKeyImpl>(buffer);
1012 CKM::Alias alias = "damaged-rsa";
1015 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1016 "Error=" << CKMErrorToString(ret));
1019 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1021 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1023 // fake the client - let the service detect the problem
1024 class WrongCertImpl : public CKM::Certificate
1027 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1028 m_x509 = X509_new();
1031 bool empty() const {
1035 virtual X509 *getX509() const {
1039 virtual CKM::RawBuffer getDER() const {
1043 virtual ~WrongCertImpl() {
1048 CKM::RawBuffer & m_dummy;
1050 std::string dummyData = "my_cat_Stefan\n";
1051 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1052 auto cert = std::make_shared<WrongCertImpl>(buffer);
1053 CKM::Alias alias = "damaged-cert";
1056 auto manager = CKM::Manager::create();
1058 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1059 "Error=" << CKMErrorToString(temp));
1062 RUNNER_TEST(T12120_deinit)
1064 remove_user_data(USER_APP);
1067 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1069 RUNNER_TEST(T1311_init)
1071 remove_user_data(USER_APP);
1072 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1073 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1075 struct hostent* he = gethostbyname("google.com");
1077 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1078 "is not woking on the device. OCSP tests requires network access!");
1081 RUNNER_TEST(T13121_get_chain_no_cert)
1083 CKM::CertificateShPtrVector certChain;
1084 CKM::CertificateShPtr cert;
1086 auto manager = CKM::Manager::create();
1088 int ret = manager->getCertificateChain(cert,
1093 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1094 "Function should fail for empty certificate");
1097 RUNNER_TEST(T13122_get_chain_empty_cert)
1099 CKM::CertificateShPtrVector certChain;
1100 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1101 CKM::DataFormat::FORM_PEM);
1103 auto manager = CKM::Manager::create();
1105 int ret = manager->getCertificateChain(cert,
1110 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1111 "Function should fail for empty certificate");
1114 RUNNER_TEST(T13129_get_chain)
1116 auto cert = TestData::getTestCertificate(TestData::MBANK);
1117 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1119 CKM::CertificateShPtrVector certVector = {cert1};
1120 CKM::CertificateShPtrVector certChain;
1123 auto manager = CKM::Manager::create();
1125 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1126 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1128 tmp = manager->getCertificateChain(cert,
1133 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1134 "Error=" << CKMErrorToString(tmp));
1137 0 == certChain.size(),
1138 "Wrong size of certificate chain.");
1140 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1141 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1144 3 == certChain.size(),
1145 "Wrong size of certificate chain.");
1148 RUNNER_TEST(T1313_get_chain_with_alias)
1150 auto cert = TestData::getTestCertificate(TestData::MBANK);
1151 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1153 CKM::CertificateShPtrVector certChain;
1154 CKM::AliasVector aliasVector;
1155 CKM::Alias alias = "imcert";
1158 auto manager = CKM::Manager::create();
1160 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1161 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1163 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1164 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1165 "Error=" << CKMErrorToString(tmp));
1168 0 == certChain.size(),
1169 "Wrong size of certificate chain.");
1172 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1173 "Error=" << CKMErrorToString(tmp));
1175 aliasVector.push_back(alias);
1177 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1178 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1181 3 == certChain.size(),
1182 "Wrong size of certificate chain.");
1185 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1187 auto cert = TestData::getTestCertificate(TestData::MBANK);
1188 auto cert1 = TestData::getTestCertificate(TestData::SYMANTEC);
1189 CKM::CertificateShPtrVector certVector = {cert1};
1190 CKM::CertificateShPtrVector certChain;
1193 auto manager = CKM::Manager::create();
1195 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1196 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1198 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1199 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1200 "Error=" << CKMErrorToString(tmp));
1203 0 == certChain.size(),
1204 "Wrong size of certificate chain.");
1206 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1207 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
1210 3 == certChain.size(),
1211 "Wrong size of certificate chain.");
1215 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1216 "Error=" << CKMErrorToString(tmp));
1218 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1221 RUNNER_TEST(T13142_ocsp_check_empty)
1223 CKM::CertificateShPtrVector certVector;
1225 auto manager = CKM::Manager::create();
1230 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1231 "ocspCheck should fail for empty certificate vector");
1234 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1236 CKM::CertificateShPtrVector certVector = {
1237 CKM::CertificateShPtr(),
1238 CKM::CertificateShPtr(),
1239 CKM::CertificateShPtr()};
1241 auto manager = CKM::Manager::create();
1246 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1247 "ocspCheck should fail for empty certificate vector");
1250 RUNNER_TEST(T13144_ocsp_check_root)
1252 auto root = TestData::getTestCertificate(TestData::EQUIFAX);
1253 CKM::CertificateShPtrVector certVector = {root};
1255 auto manager = CKM::Manager::create();
1257 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1262 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1263 "Ocsp should fail for single certificate");
1266 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1268 auto root = TestData::getTestCertificate(TestData::EQUIFAX);
1269 auto ca2 = TestData::getTestCertificate(TestData::GEOTRUST);
1270 auto ca1 = TestData::getTestCertificate(TestData::GIAG2);
1272 CKM::CertificateShPtrVector certVector = {ca1, ca2, root};
1274 auto manager = CKM::Manager::create();
1276 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1277 RUNNER_ASSERT_MSG(NULL != ca2.get(), "Certificate should not be empty");
1278 RUNNER_ASSERT_MSG(NULL != ca1.get(), "Certificate should not be empty");
1283 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1284 "Error=" << CKMErrorToString(tmp));
1286 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1289 RUNNER_TEST(T1315_deinit)
1291 remove_user_data(USER_APP);
1294 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1296 RUNNER_TEST(T1411_init)
1298 remove_user_data(USER_APP);
1301 RUNNER_TEST(T1412_RSA_key_create_verify)
1304 auto manager = CKM::Manager::create();
1306 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1307 "Proc-Type: 4,ENCRYPTED\n"
1308 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1310 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1311 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1312 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1313 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1314 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1315 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1316 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1317 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1318 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1319 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1320 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1321 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1322 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1323 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1324 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1325 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1326 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1327 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1328 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1329 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1330 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1331 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1332 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1333 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1334 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1335 "-----END RSA PRIVATE KEY-----\n";
1337 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1338 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1339 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1340 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1341 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1342 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1343 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1345 "-----END PUBLIC KEY-----\n";
1347 std::string message = "message test";
1349 CKM::Alias aliasPub = "pub1";
1350 CKM::Alias aliasPrv = "prv1";
1351 CKM::Password password = "1234";
1352 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1353 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1354 CKM::RawBuffer signature;
1356 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1357 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1359 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1360 "Key is empty. Failed to import public key.");
1361 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1362 "Key is empty. Failed to import private key.");
1365 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1366 "Error=" << CKMErrorToString(temp));
1368 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1369 "Error=" << CKMErrorToString(temp));
1372 CKM_API_SUCCESS == (temp = manager->createSignature(
1375 CKM::RawBuffer(message.begin(), message.end()),
1379 "Error=" << CKMErrorToString(temp));
1382 CKM_API_SUCCESS == (temp = manager->verifySignature(
1385 CKM::RawBuffer(message.begin(), message.end()),
1389 "Error=" << CKMErrorToString(temp));
1392 RUNNER_TEST(T1413_DSA_key_create_verify)
1395 auto manager = CKM::Manager::create();
1397 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1398 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1399 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1400 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1401 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1402 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1403 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1404 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1405 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1406 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1407 "u1roOuaPY+Hl19BlTE2qdw==\n"
1408 "-----END DSA PRIVATE KEY-----";
1410 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1411 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1412 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1413 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1414 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1415 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1416 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1417 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1418 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1419 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1420 "YMYCBhubtrVaLmc=\n"
1421 "-----END PUBLIC KEY-----";
1423 std::string message = "message test";
1425 CKM::Alias aliasPub = "pub2";
1426 CKM::Alias aliasPrv = "prv2";
1427 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1428 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1429 CKM::RawBuffer signature;
1431 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1432 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1434 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1435 "Key is empty. Failed to import public key.");
1436 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1437 "Key is empty. Failed to import private key.");
1440 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1441 "Error=" << CKMErrorToString(temp));
1443 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1444 "Error=" << CKMErrorToString(temp));
1447 CKM_API_SUCCESS == (temp = manager->createSignature(
1450 CKM::RawBuffer(message.begin(), message.end()),
1454 "Error=" << CKMErrorToString(temp));
1457 CKM_API_SUCCESS == (temp = manager->verifySignature(
1460 CKM::RawBuffer(message.begin(), message.end()),
1464 "Error=" << CKMErrorToString(temp));
1468 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1471 auto manager = CKM::Manager::create();
1473 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1474 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1475 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1476 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1477 "-----END EC PRIVATE KEY-----\n";
1479 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1480 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1481 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1482 "-----END PUBLIC KEY-----\n";
1484 std::string message = "message test";
1486 CKM::Alias aliasPub = "ecpub2";
1487 CKM::Alias aliasPrv = "ecprv2";
1488 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1489 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1490 CKM::RawBuffer signature;
1492 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1493 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1495 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1496 "Key is empty. Failed to import public key.");
1497 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1498 "Key is empty. Failed to import private key.");
1501 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1502 "Error=" << CKMErrorToString(temp));
1504 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1505 "Error=" << CKMErrorToString(temp));
1508 CKM_API_SUCCESS == (temp = manager->createSignature(
1511 CKM::RawBuffer(message.begin(), message.end()),
1515 "Error=" << CKMErrorToString(temp));
1518 CKM_API_SUCCESS == (temp = manager->verifySignature(
1521 CKM::RawBuffer(message.begin(), message.end()),
1525 "Error=" << CKMErrorToString(temp));
1527 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1529 memcpy((void*)signature.data(), "BROKEN", 6);
1532 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1535 CKM::RawBuffer(message.begin(), message.end()),
1539 "Error=" << CKMErrorToString(temp));
1542 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1545 auto manager = CKM::Manager::create();
1546 std::string message = "message asdfaslkdfjlksadjf test";
1548 CKM::Alias aliasPub = "pub1";
1549 CKM::Alias aliasPrv = "prv1";
1551 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1552 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1553 CKM::RawBuffer signature;
1556 CKM_API_SUCCESS == (temp = manager->createSignature(
1559 CKM::RawBuffer(message.begin(), message.end()),
1563 "Error=" << CKMErrorToString(temp));
1566 CKM_API_SUCCESS == (temp = manager->verifySignature(
1569 CKM::RawBuffer(message.begin(), message.end()),
1573 "Error=" << CKMErrorToString(temp));
1575 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1576 memcpy((void*)signature.data(), "BROKEN", 6);
1579 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1582 CKM::RawBuffer(message.begin(), message.end()),
1586 "Error=" << CKMErrorToString(temp));
1589 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1592 auto manager = CKM::Manager::create();
1593 std::string message = "message asdfaslkdfjlksadjf test";
1595 CKM::Alias aliasPub = "pub2";
1596 CKM::Alias aliasPrv = "prv2";
1598 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1599 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1600 CKM::RawBuffer signature;
1603 CKM_API_SUCCESS == (temp = manager->createSignature(
1606 CKM::RawBuffer(message.begin(), message.end()),
1610 "Error=" << CKMErrorToString(temp));
1613 CKM_API_SUCCESS == (temp = manager->verifySignature(
1616 CKM::RawBuffer(message.begin(), message.end()),
1620 "Error=" << CKMErrorToString(temp));
1622 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1623 memcpy((void*)signature.data(), "BROKEN", 6);
1626 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1629 CKM::RawBuffer(message.begin(), message.end()),
1633 "Error=" << CKMErrorToString(temp));
1636 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1639 auto manager = CKM::Manager::create();
1642 "-----BEGIN RSA PRIVATE KEY-----\n"
1643 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1644 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1645 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1646 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1647 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1648 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1649 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1650 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1651 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1652 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1653 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1654 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1655 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1656 "-----END RSA PRIVATE KEY-----\n";
1659 "-----BEGIN CERTIFICATE-----\n"
1660 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1661 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1662 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1663 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1664 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1665 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1666 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1667 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1668 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1669 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1670 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1671 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1672 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1673 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1674 "-----END CERTIFICATE-----\n";
1676 std::string message = "message test";
1678 CKM::Alias aliasPub = "pub1-cert";
1679 CKM::Alias aliasPrv = "prv1-cert";
1680 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1681 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1682 CKM::RawBuffer signature;
1684 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1685 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1687 RUNNER_ASSERT_MSG(NULL != cert.get(),
1688 "Key is empty. Failed to import public key.");
1689 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1690 "Key is empty. Failed to import private key.");
1693 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1694 "Error=" << CKMErrorToString(temp));
1696 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1697 "Error=" << CKMErrorToString(temp));
1700 CKM_API_SUCCESS == (temp = manager->createSignature(
1703 CKM::RawBuffer(message.begin(), message.end()),
1707 "Error=" << CKMErrorToString(temp));
1710 CKM_API_SUCCESS == (temp = manager->verifySignature(
1713 CKM::RawBuffer(message.begin(), message.end()),
1717 "Error=" << CKMErrorToString(temp));
1719 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1721 memcpy((void*)signature.data(), "BROKEN", 6);
1724 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1727 CKM::RawBuffer(message.begin(), message.end()),
1731 "Error=" << CKMErrorToString(temp));
1734 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1737 auto manager = CKM::Manager::create();
1739 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1740 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1741 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1742 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1743 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1744 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1745 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1746 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1747 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1748 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1749 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1750 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1751 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1752 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1753 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1754 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1755 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1756 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1757 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1758 "-----END CERTIFICATE-----\n";
1760 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1761 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1762 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1763 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1764 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1765 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1766 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1767 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1768 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1769 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1770 "vonbjii3BYe4AIdkzOvp\n"
1771 "-----END DSA PRIVATE KEY-----\n";
1773 std::string message = "message test";
1775 CKM::Alias aliasPub = "pub2-cert";
1776 CKM::Alias aliasPrv = "prv2-cert";
1777 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1778 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1779 CKM::RawBuffer signature;
1781 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1782 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1784 RUNNER_ASSERT_MSG(NULL != cert.get(),
1785 "Key is empty. Failed to import public key.");
1786 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1787 "Key is empty. Failed to import private key.");
1790 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1791 "Error=" << CKMErrorToString(temp));
1793 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1794 "Error=" << CKMErrorToString(temp));
1797 CKM_API_SUCCESS == (temp = manager->createSignature(
1800 CKM::RawBuffer(message.begin(), message.end()),
1804 "Error=" << CKMErrorToString(temp));
1807 CKM_API_SUCCESS == (temp = manager->verifySignature(
1810 CKM::RawBuffer(message.begin(), message.end()),
1814 "Error=" << CKMErrorToString(temp));
1816 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1818 memcpy((void*)signature.data(), "BROKEN", 6);
1821 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1824 CKM::RawBuffer(message.begin(), message.end()),
1828 "Error=" << CKMErrorToString(temp));
1831 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
1834 auto manager = CKM::Manager::create();
1837 "-----BEGIN EC PRIVATE KEY-----\n"
1838 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
1839 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
1840 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
1841 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
1842 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
1843 "ELyhe7yPCAuOoLZlTLgf\n"
1844 "-----END EC PRIVATE KEY-----\n";
1847 "-----BEGIN CERTIFICATE-----\n"
1848 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
1849 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
1850 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
1851 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
1852 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
1853 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
1854 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
1855 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
1856 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
1857 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
1858 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
1859 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
1860 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
1861 "Q1oBry6NEc+lLFmWMDesAA==\n"
1862 "-----END CERTIFICATE-----\n";
1864 std::string message = "message test";
1866 CKM::Alias aliasPub = "pub3";
1867 CKM::Alias aliasPrv = "prv3";
1868 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1869 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1870 CKM::RawBuffer signature;
1872 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1873 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1875 RUNNER_ASSERT_MSG(NULL != cert.get(),
1876 "Key is empty. Failed to import public key.");
1877 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1878 "Key is empty. Failed to import private key.");
1881 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1882 "Error=" << CKMErrorToString(temp));
1884 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1885 "Error=" << CKMErrorToString(temp));
1888 CKM_API_SUCCESS == (temp = manager->createSignature(
1891 CKM::RawBuffer(message.begin(), message.end()),
1895 "Error=" << CKMErrorToString(temp));
1898 CKM_API_SUCCESS == (temp = manager->verifySignature(
1901 CKM::RawBuffer(message.begin(), message.end()),
1905 "Error=" << CKMErrorToString(temp));
1907 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1909 memcpy((void*)signature.data(), "BROKEN", 6);
1912 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1915 CKM::RawBuffer(message.begin(), message.end()),
1919 "Error=" << CKMErrorToString(temp));
1922 RUNNER_TEST(T1420_deinit)
1924 remove_user_data(USER_APP);
1927 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
1929 RUNNER_TEST(T14180_init)
1932 remove_user_data(USER_APP);
1934 auto manager = CKM::Manager::create();
1936 // Prepare RSA Key Pair
1937 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1938 "Proc-Type: 4,ENCRYPTED\n"
1939 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1941 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1942 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1943 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1944 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1945 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1946 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1947 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1948 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1949 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1950 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1951 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1952 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1953 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1954 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1955 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1956 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1957 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1958 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1959 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1960 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1961 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1962 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1963 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1964 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1965 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1966 "-----END RSA PRIVATE KEY-----\n";
1968 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1969 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1970 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1971 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1972 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1973 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1974 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1976 "-----END PUBLIC KEY-----\n";
1978 CKM::Alias aliasPub = "pub_nohash1";
1979 CKM::Alias aliasPrv = "prv_nohash1";
1980 CKM::Password password = "1234";
1982 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1983 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1985 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1986 "Key is empty. Failed to import public key.");
1987 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1988 "Key is empty. Failed to import private key.");
1991 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1992 "Error=" << CKMErrorToString(temp));
1994 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1995 "Error=" << CKMErrorToString(temp));
1997 // Prepare ECDSA Key Pair
1998 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
1999 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2000 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2001 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2002 "-----END EC PRIVATE KEY-----\n";
2004 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2005 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2006 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2007 "-----END PUBLIC KEY-----\n";
2009 CKM::Alias aliasEcPub = "ecpub_nohash1";
2010 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2012 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2013 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2015 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2016 "Key is empty. Failed to import public key.");
2017 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2018 "Key is empty. Failed to import private key.");
2021 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2022 "Error=" << CKMErrorToString(temp));
2024 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2025 "Error=" << CKMErrorToString(temp));
2029 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2032 auto manager = CKM::Manager::create();
2033 std::string message = "message asdfaslkdfjlksadjf test";
2035 CKM::Alias aliasPub = "pub_nohash1";
2036 CKM::Alias aliasPrv = "prv_nohash1";
2038 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2039 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2040 CKM::RawBuffer signature;
2043 CKM_API_SUCCESS == (temp = manager->createSignature(
2046 CKM::RawBuffer(message.begin(), message.end()),
2050 "Error=" << CKMErrorToString(temp));
2053 CKM_API_SUCCESS == (temp = manager->verifySignature(
2056 CKM::RawBuffer(message.begin(), message.end()),
2060 "Error=" << CKMErrorToString(temp));
2062 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2063 memcpy((void*)signature.data(), "BROKEN", 6);
2066 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2069 CKM::RawBuffer(message.begin(), message.end()),
2073 "Error=" << CKMErrorToString(temp));
2076 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2079 auto manager = CKM::Manager::create();
2080 std::string message = "message asdfaslkdfjlksadjf test";
2082 CKM::Alias aliasPub = "pub_nohash1";
2083 CKM::Alias aliasPrv = "prv_nohash1";
2085 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2086 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2087 CKM::RawBuffer signature;
2090 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2093 CKM::RawBuffer(message.begin(), message.end()),
2097 "Error=" << CKMErrorToString(temp));
2100 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2103 auto manager = CKM::Manager::create();
2104 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2105 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2106 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2107 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2108 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2109 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2110 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2111 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2112 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2113 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2114 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2115 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2116 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2117 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2118 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2119 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2120 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2121 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2122 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2123 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2125 CKM::Alias aliasPub = "pub_nohash1";
2126 CKM::Alias aliasPrv = "prv_nohash1";
2128 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2129 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2130 CKM::RawBuffer signature;
2133 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2136 CKM::RawBuffer(message.begin(), message.end()),
2140 "Error=" << CKMErrorToString(temp));
2144 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2147 auto manager = CKM::Manager::create();
2149 std::string message = "message test";
2151 CKM::Alias aliasPub = "ecpub_nohash1";
2152 CKM::Alias aliasPrv = "ecprv_nohash1";
2153 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2154 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2155 CKM::RawBuffer signature;
2158 CKM_API_SUCCESS == (temp = manager->createSignature(
2161 CKM::RawBuffer(message.begin(), message.end()),
2165 "Error=" << CKMErrorToString(temp));
2168 CKM_API_SUCCESS == (temp = manager->verifySignature(
2171 CKM::RawBuffer(message.begin(), message.end()),
2175 "Error=" << CKMErrorToString(temp));
2177 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2179 memcpy((void*)signature.data(), "BROKEN", 6);
2182 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2185 CKM::RawBuffer(message.begin(), message.end()),
2189 "Error=" << CKMErrorToString(temp));
2192 RUNNER_TEST(T14185_ECDSA_create_signatue_nohash_bigmsg)
2195 auto manager = CKM::Manager::create();
2197 int msgSize = 1024*1024;
2198 char big_msg[msgSize];
2199 for(int i =0; i<msgSize-1; i++) {
2202 big_msg[msgSize-1]=0x00;
2203 std::string message(big_msg);
2205 CKM::Alias aliasPub = "ecpub_nohash1";
2206 CKM::Alias aliasPrv = "ecprv_nohash1";
2207 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2208 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2209 CKM::RawBuffer signature;
2212 CKM_API_SUCCESS == (temp = manager->createSignature(
2215 CKM::RawBuffer(message.begin(), message.end()),
2219 "Error=" << CKMErrorToString(temp));
2223 RUNNER_TEST(T14189_deinit)
2225 remove_user_data(USER_APP);
2229 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2233 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2234 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2235 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2236 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2237 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2240 RUNNER_TEST(T1800_init)
2242 remove_user_data(USER_APP);
2245 RUNNER_TEST(T1801_parse_PKCS12) {
2246 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2247 std::istreambuf_iterator<char> begin(is), end;
2248 std::vector<char> buff(begin, end);
2250 CKM::RawBuffer buffer(buff.size());
2251 memcpy(buffer.data(), buff.data(), buff.size());
2253 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2256 "Error in PKCS12::create()");
2258 auto cert = pkcs->getCertificate();
2261 "Error in PKCS12::getCertificate()");
2263 auto key = pkcs->getKey();
2266 "Error in PKCS12::getKey()");
2268 auto caVector = pkcs->getCaCertificateShPtrVector();
2270 0 == caVector.size(),
2271 "Wrong size of vector");
2274 RUNNER_TEST(T1802_negative_wrong_password) {
2275 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2276 std::istreambuf_iterator<char> begin(is), end;
2277 std::vector<char> buff(begin, end);
2279 CKM::RawBuffer buffer(buff.size());
2280 memcpy(buffer.data(), buff.data(), buff.size());
2282 auto pkcs = CKM::PKCS12::create(buffer, "error");
2285 "Expected error in PKCS12::create()");
2288 RUNNER_TEST(T1803_negative_broken_buffer) {
2289 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2290 std::istreambuf_iterator<char> begin(is), end;
2291 std::vector<char> buff(begin, end);
2293 CKM::RawBuffer buffer(buff.size());
2294 memcpy(buffer.data(), buff.data(), buff.size());
2296 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2299 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2302 "Expected error in PKCS12::create()");
2305 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2307 auto manager = CKM::Manager::create();
2308 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2309 std::istreambuf_iterator<char> begin(is), end;
2310 std::vector<char> buff(begin, end);
2312 CKM::RawBuffer buffer(buff.size());
2313 memcpy(buffer.data(), buff.data(), buff.size());
2315 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2318 "Error in PKCS12::create()");
2321 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2322 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2323 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2324 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2325 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2326 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2327 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2328 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2329 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2330 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2331 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2332 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2333 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2334 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2335 "-----END RSA PRIVATE KEY-----\n";
2337 std::string message = "message test";
2339 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2340 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2341 "Key is empty. Failed to import private key.");
2345 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2346 "Error=" << CKMErrorToString(temp));
2349 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2350 "Error=" << CKMErrorToString(temp));
2353 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2355 auto manager = CKM::Manager::create();
2356 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2357 std::istreambuf_iterator<char> begin(is), end;
2358 std::vector<char> buff(begin, end);
2360 CKM::RawBuffer buffer(buff.size());
2361 memcpy(buffer.data(), buff.data(), buff.size());
2363 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2366 "Error in PKCS12::create()");
2368 auto cert = pkcs->getCertificate();
2371 "Error in PKCS12::getCertificate()");
2373 auto key = pkcs->getKey();
2376 "Error in PKCS12::getKey()");
2378 auto caVector = pkcs->getCaCertificateShPtrVector();
2380 2 == caVector.size(),
2381 "Wrong size of vector");
2385 CKM::Policy exportable;
2386 CKM::Policy notExportable(CKM::Password(), false);
2389 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2390 "Error=" << CKMErrorToString(tmp));
2392 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2393 "Error=" << CKMErrorToString(tmp));
2395 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2396 "Error=" << CKMErrorToString(tmp));
2398 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2399 "Error=" << CKMErrorToString(tmp));
2401 // try to lookup key
2402 CKM::KeyShPtr key_lookup;
2404 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2405 "Error=" << CKMErrorToString(tmp));
2407 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2408 "Error=" << CKMErrorToString(tmp));
2410 // try to lookup certificate
2411 CKM::CertificateShPtr cert_lookup;
2413 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2414 "Error=" << CKMErrorToString(tmp));
2416 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2417 "Error=" << CKMErrorToString(tmp));
2420 RUNNER_TEST(T1806_get_PKCS)
2423 auto manager = CKM::Manager::create();
2425 CKM::PKCS12ShPtr pkcs;
2429 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2430 "Error=" << CKMErrorToString(temp));
2432 // fail - not exportable
2434 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2435 "Error=" << CKMErrorToString(temp));
2437 // success - exportable
2439 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2440 "Error=" << CKMErrorToString(temp));
2442 auto cert = pkcs->getCertificate();
2445 "Error in PKCS12::getCertificate()");
2447 auto key = pkcs->getKey();
2450 "Error in PKCS12::getKey()");
2452 auto caVector = pkcs->getCaCertificateShPtrVector();
2454 2 == caVector.size(),
2455 "Wrong size of vector");
2458 RUNNER_TEST(T1807_create_and_verify_signature)
2461 auto manager = CKM::Manager::create();
2463 std::string message = "message test";
2465 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2466 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2467 CKM::RawBuffer signature;
2470 CKM_API_SUCCESS == (temp = manager->createSignature(
2471 alias_PKCS_exportable,
2473 CKM::RawBuffer(message.begin(), message.end()),
2477 "Error=" << CKMErrorToString(temp));
2480 CKM_API_SUCCESS == (temp = manager->verifySignature(
2481 alias_PKCS_exportable,
2483 CKM::RawBuffer(message.begin(), message.end()),
2487 "Error=" << CKMErrorToString(temp));
2490 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2493 auto manager = CKM::Manager::create();
2495 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2496 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
2497 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
2498 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
2499 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
2500 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
2501 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
2502 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
2503 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
2504 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
2505 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
2506 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
2507 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
2508 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
2509 "-----END RSA PRIVATE KEY-----";
2510 std::string message = "message test";
2512 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2513 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2514 "Key is empty. Failed to import private key.");
2517 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2518 "Error=" << CKMErrorToString(temp));
2520 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2521 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2522 CKM::RawBuffer signature;
2525 CKM_API_SUCCESS == (temp = manager->createSignature(
2526 alias_PKCS_priv_key_copy,
2528 CKM::RawBuffer(message.begin(), message.end()),
2532 "Error=" << CKMErrorToString(temp));
2535 CKM_API_SUCCESS == (temp = manager->verifySignature(
2536 alias_PKCS_exportable,
2538 CKM::RawBuffer(message.begin(), message.end()),
2542 "Error=" << CKMErrorToString(temp));
2545 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2548 auto manager = CKM::Manager::create();
2550 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2551 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2552 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2553 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2554 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2555 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2556 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2557 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2558 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2559 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2560 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2561 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2562 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2563 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2564 "-----END RSA PRIVATE KEY-----\n";
2566 std::string message = "message test";
2568 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2569 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2570 "Key is empty. Failed to import private key.");
2573 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2574 "Error=" << CKMErrorToString(temp));
2576 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2577 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2578 CKM::RawBuffer signature;
2581 CKM_API_SUCCESS == (temp = manager->createSignature(
2582 alias_PKCS_priv_key_wrong,
2584 CKM::RawBuffer(message.begin(), message.end()),
2588 "Error=" << CKMErrorToString(temp));
2591 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2592 alias_PKCS_exportable,
2594 CKM::RawBuffer(message.begin(), message.end()),
2598 "Error=" << CKMErrorToString(temp));
2601 RUNNER_TEST(T1810_verify_get_certificate_chain)
2603 // this certificate has been signed using PKCS chain
2605 "-----BEGIN CERTIFICATE-----\n"
2606 "MIIBozCCAQwCAQEwDQYJKoZIhvcNAQEFBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
2607 "c3RtZS5jb20wHhcNMTUxMjA5MTA0NjU0WhcNMjUxMjA2MTA0NjU0WjAYMRYwFAYD\n"
2608 "VQQDDA1lZUB0ZXN0bWUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDP\n"
2609 "+fNsZB1Vlmhnk0IwYDs7Pw9E38KQfTt/egqqRFN6IvIt0CCDBXqnPTujuvlO2OyL\n"
2610 "XVuALnIBmTDm5Oz+oz+qiY6/XrVS/CoACNZyMo6ihG9OeocvDbU3jXEaPGL6ib/x\n"
2611 "jlms0aA9d5L9TO2lEzEP7bFKgHCB8FWINcxSP5zl1QIDAQABMA0GCSqGSIb3DQEB\n"
2612 "BQUAA4GBAKBpVJMkdK6/qnAz7d7Bul/BhhSLEYbNPdxRiUj3U2dt0GJgswMu2SNT\n"
2613 "/3NXB8V8mnnXR6cWn5bmjyA7ZpQEKAatS/KEQ9wfLXyCgYDRebX71mVKAI3XcyxB\n"
2614 "p2qsOWWaJhuHmC1GVjx3foL+RDrmRo6BiucNHMIuvrd1W36eKdhj\n"
2615 "-----END CERTIFICATE-----\n";
2617 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2618 CKM::CertificateShPtrVector certChain;
2619 CKM::AliasVector aliasVector;
2622 auto manager = CKM::Manager::create();
2624 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2626 tmp = manager->getCertificateChain(cert,
2631 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2632 "Error=" << CKMErrorToString(tmp));
2635 0 == certChain.size(),
2636 "Wrong size of certificate chain.");
2638 aliasVector.push_back(alias_PKCS_exportable);
2640 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2641 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKMErrorToString(tmp));
2643 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2645 4 == certChain.size(),
2646 "Wrong size of certificate chain: " << certChain.size());
2649 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2651 auto manager = CKM::Manager::create();
2655 // remove the whole PKCS12 bundles
2657 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2658 "Error=" << CKMErrorToString(tmp));
2660 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2661 "Error=" << CKMErrorToString(tmp));
2663 // expect lookup fails due to unknown alias
2664 // try to lookup key
2665 CKM::KeyShPtr key_lookup;
2667 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2668 "Error=" << CKMErrorToString(tmp));
2670 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2671 "Error=" << CKMErrorToString(tmp));
2673 // try to lookup certificate
2674 CKM::CertificateShPtr cert_lookup;
2676 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2677 "Error=" << CKMErrorToString(tmp));
2679 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2680 "Error=" << CKMErrorToString(tmp));
2683 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2685 CKM::Alias alias = "t1812alias1";
2687 auto manager = CKM::Manager::create();
2688 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2689 std::istreambuf_iterator<char> begin(is), end;
2690 std::vector<char> buff(begin, end);
2692 CKM::PKCS12ShPtr pkcs12;
2693 CKM::Password pass1 = "easypass1";
2694 CKM::Password pass2 = "easypass2";
2696 CKM::RawBuffer buffer(buff.size());
2697 memcpy(buffer.data(), buff.data(), buff.size());
2699 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2702 "Error in PKCS12::create()");
2706 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2707 "Error=" << CKMErrorToString(temp));
2710 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2711 "Error=" << CKMErrorToString(temp));
2714 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2715 "Error=" << CKMErrorToString(temp));
2718 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2719 "Error=" << CKMErrorToString(temp));
2722 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2723 "Error=" << CKMErrorToString(temp));
2726 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2727 "Error=" << CKMErrorToString(temp));
2729 CKM::CertificateShPtr cert;
2731 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2732 "Error=" << CKMErrorToString(temp));
2734 CKM::CertificateShPtrVector certChain;
2735 CKM::AliasVector certVect;
2736 certVect.push_back(alias);
2739 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2740 "Error=" << CKMErrorToString(temp));
2743 RUNNER_TEST(T1813_deinit)
2746 auto control = CKM::Control::create();
2749 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2750 "Error=" << CKMErrorToString(temp));
2753 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2755 const char * const T190_PASSWD = "t190-special-password";
2757 RUNNER_TEST(T1901_init_unlock_key)
2759 reset_user_data(USER_APP, T190_PASSWD);
2762 RUNNER_TEST(T1902_get_data)
2764 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2766 auto manager = CKM::Manager::create();
2769 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2772 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2773 "Could not put certificate in datbase. Error=" << CKMErrorToString(status1));
2776 RUNNER_TEST(T1903_lock_database)
2779 auto control = CKM::Control::create();
2781 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2782 "Error=" << CKMErrorToString(tmp));
2785 RUNNER_TEST(T1904_get_data_from_locked_database)
2787 auto manager = CKM::Manager::create();
2790 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2793 CKM_API_ERROR_DB_LOCKED == status1,
2794 "Could not get key from locked database. Error=" << CKMErrorToString(status1));
2797 RUNNER_TEST(T1905_deinit)
2799 remove_user_data(USER_APP);
2802 int main(int argc, char *argv[])
2804 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob