2 * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #include <sys/types.h>
25 #include <dpl/test/test_runner.h>
27 #include <tests_common.h>
28 #include <test-certs.h>
30 #include <ckm-common.h>
31 #include <ckm/ckm-manager.h>
32 #include <ckm/ckm-control.h>
33 #include <ckm/ckm-password.h>
34 #include <ckm/ckm-type.h>
35 #include <ckm/ckm-pkcs12.h>
37 #include <openssl/x509.h>
38 #include <openssl/x509v3.h>
40 #include <tzplatform_config.h>
43 const int USER_APP = 5001;
45 const int USER_APP_2 = 5020;
46 const int USER_APP_3 = 5030;
48 const char * const APP_PASS = "user-pass";
49 const int USER_TEST = 5001;
51 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
52 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
53 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
54 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
55 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
56 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
57 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
58 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
59 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
61 "-----END PUBLIC KEY-----";
63 } // namespace anonymous
66 * How to numerate tests:
68 * T - test case (always T)
69 * AB - number of test group (always two digits)
70 * C - test number in group (all tests with same TABC must be run in the same time).
73 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
75 RUNNER_TEST(T0011_Control)
78 auto control = CKM::Control::create();
80 control->removeUserData(0);
81 control->removeUserData(USER_APP_2);
82 control->removeUserData(USER_APP);
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
86 "Error=" << CKM::APICodeToString(temp));
89 RUNNER_TEST(T0012_Control)
92 auto control = CKM::Control::create();
94 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
95 "Error=" << CKM::APICodeToString(temp));
97 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
98 "Error=" << CKM::APICodeToString(temp));
101 RUNNER_TEST(T0013_Control)
104 auto control = CKM::Control::create();
106 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
107 "Error=" << CKM::APICodeToString(temp));
110 RUNNER_TEST(T0014_Control)
113 auto control = CKM::Control::create();
115 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
116 "Error=" << CKM::APICodeToString(temp));
119 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
120 "Error=" << CKM::APICodeToString(temp));
123 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
124 "Error=" << CKM::APICodeToString(temp));
127 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
128 "Error=" << CKM::APICodeToString(temp));
131 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
132 "Error=" << CKM::APICodeToString(temp));
135 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
136 "Error=" << CKM::APICodeToString(temp));
139 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
140 "Error=" << CKM::APICodeToString(temp));
143 RUNNER_TEST(T0015_Control)
146 auto control = CKM::Control::create();
148 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
149 "Error=" << CKM::APICodeToString(temp));
151 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
152 "Error=" << CKM::APICodeToString(temp));
154 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
155 "Error=" << CKM::APICodeToString(temp));
157 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
158 "Error=" << CKM::APICodeToString(temp));
161 RUNNER_TEST(T0016_Control_negative_wrong_password)
164 auto control = CKM::Control::create();
166 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
167 "Error=" << CKM::APICodeToString(temp));
169 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
170 "Error=" << CKM::APICodeToString(temp));
172 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
173 "Error=" << CKM::APICodeToString(temp));
175 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
176 "Error=" << CKM::APICodeToString(temp));
178 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
179 "Error=" << CKM::APICodeToString(temp));
182 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
184 RUNNER_TEST(T1010_init)
186 unlock_user_data(USER_APP, "user-pass");
189 RUNNER_TEST(T1011_key)
192 auto manager = CKM::Manager::create();
194 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
195 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
196 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
197 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
198 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
199 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
200 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
202 "-----END PUBLIC KEY-----";
204 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
205 auto key = CKM::Key::create(buffer, CKM::Password());
207 CKM::Alias alias = "mykey";
210 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
211 "Error=" << CKM::APICodeToString(temp));
213 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
214 "Error=" << CKM::APICodeToString(temp));
216 key->getDER() == key2->getDER(),
217 "Key value has been changed by service");
220 RUNNER_TEST(T1012_certificate)
223 auto manager = CKM::Manager::create();
225 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
226 CKM::CertificateShPtr cert2;
227 CKM::Alias alias = "myCert";
230 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
231 "Error=" << CKM::APICodeToString(temp));
233 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
234 "Error=" << CKM::APICodeToString(temp));
236 cert->getDER() == cert2->getDER(),
237 "Data has been modified in key manager");
240 RUNNER_TEST(T1014_save_with_label)
243 auto manager = CKM::Manager::create();
245 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
246 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
247 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
248 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
249 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
250 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
251 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
253 "-----END PUBLIC KEY-----";
255 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
256 auto key = CKM::Key::create(buffer, CKM::Password());
257 CKM::KeyShPtr key_name, key_full_addr;
258 CKM::Alias alias = "mykey-2";
259 std::string top_label = getOwnerIdFromSelf();
260 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
263 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
264 "Error=" << CKM::APICodeToString(temp));
268 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
269 "Error=" << CKM::APICodeToString(temp));
271 key->getDER() == key_name->getDER(),
272 "Key value has been changed by service");
274 // lookup by full address
276 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
277 "Error=" << CKM::APICodeToString(temp));
279 key->getDER() == key_full_addr->getDER(),
280 "Key value has been changed by service");
283 RUNNER_TEST(T1020_save_big_data)
286 const size_t BIG_SIZE = 100000;
287 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
289 const size_t BIG_SIZE = 5000000;
290 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
294 std::vector<char> big_data(BIG_SIZE);
295 std::ifstream is("/dev/urandom", std::ifstream::binary);
297 is.read(big_data.data(), BIG_SIZE);
299 RUNNER_ASSERT_MSG(is,
300 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
302 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
303 CKM::Policy policy(CKM::Password(), true, backend);
304 CKM::RawBuffer returned;
306 auto manager = CKM::Manager::create();
309 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
310 "Error=" << CKM::APICodeToString(temp));
313 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
314 "Error=" << CKM::APICodeToString(temp));
316 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
319 RUNNER_TEST(T1015_deinit)
321 remove_user_data(USER_APP);
324 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
326 RUNNER_TEST(T1020_init)
329 auto control = CKM::Control::create();
331 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
332 "Error=" << CKM::APICodeToString(temp));
335 RUNNER_TEST(T1021_save_keys_get_alias)
338 auto manager = CKM::Manager::create();
340 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
341 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
342 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
343 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
344 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
345 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
346 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
348 "-----END PUBLIC KEY-----";
350 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
351 auto key = CKM::Key::create(buffer, CKM::Password());
352 CKM::AliasVector labelAliasVector;
354 size_t current_aliases_num = count_aliases(ALIAS_KEY);
356 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
357 "Error=" << CKM::APICodeToString(temp));
359 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
360 "Error=" << CKM::APICodeToString(temp));
362 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
363 "Error=" << CKM::APICodeToString(temp));
365 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
366 "Error=" << CKM::APICodeToString(temp));
368 labelAliasVector.size() == (current_aliases_num+3),
369 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
372 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
375 auto manager = CKM::Manager::create();
377 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
378 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
379 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
380 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
381 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
382 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
383 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
385 "-----END PUBLIC KEY-----";
387 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
388 auto key = CKM::Key::create(buffer, CKM::Password());
389 CKM::AliasVector labelAliasVector;
391 size_t current_aliases_num = count_aliases(ALIAS_KEY);
393 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
394 "Error=" << CKM::APICodeToString(temp));
396 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
397 "Error=" << CKM::APICodeToString(temp));
399 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
400 "Error=" << CKM::APICodeToString(temp));
402 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
403 "Error=" << CKM::APICodeToString(temp));
405 labelAliasVector.size() == (current_aliases_num+3),
406 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
409 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
412 auto manager = CKM::Manager::create();
414 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
415 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
416 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
417 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
418 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
419 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
420 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
422 "-----END PUBLIC KEY-----";
424 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
425 auto key = CKM::Key::create(buffer, CKM::Password());
426 CKM::AliasVector aliasVector;
427 CKM::Policy notExportable(CKM::Password(), false);
430 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
431 "Error=" << CKM::APICodeToString(temp));
433 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
434 "Error=" << CKM::APICodeToString(temp));
436 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
437 "Error=" << CKM::APICodeToString(temp));
440 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
442 remove_user_data(USER_APP);
445 const int aliasNameCount = 10;
446 auto manager = CKM::Manager::create();
448 CKM::AliasPwdVector expected;
449 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
450 auto key = CKM::Key::create(buffer, CKM::Password());
451 std::string currentAlias;
453 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
454 // make aliases with & without: password protection, exportable flag
455 for (int it = 0; it < aliasNameCount; ++it)
457 CKM::Policy policy = generate_ckm_policy(it);
458 currentAlias = "T1024_appkey" + std::to_string(it);
459 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
461 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
462 "Error=" << CKM::APICodeToString(exitCode));
465 CKM::AliasPwdVector actual;
468 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasPwdVector(actual)),
469 "Error=" << CKM::APICodeToString(exitCode));
471 actual.size() == (beforeSaveAliasCount + aliasNameCount),
472 "Wrong aliases count: " << actual.size() << " Expected: "
473 << (beforeSaveAliasCount + aliasNameCount));
474 check_alias_info_list_helper(expected, actual, "/User ");
476 remove_user_data(USER_APP);
479 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
481 remove_user_data(USER_APP);
484 const int aliasNameCount = 10;
485 auto manager = CKM::Manager::create();
487 CKM::AliasPwdVector expected;
488 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
489 std::string currentAlias;
491 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
492 for (int it = 0; it < aliasNameCount; ++it)
494 CKM::Policy policy = generate_ckm_policy(it);
495 currentAlias = "T1025_appcert" + std::to_string(it);
496 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
498 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
499 "Error=" << CKM::APICodeToString(exitCode));
502 CKM::AliasPwdVector actual;
504 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasPwdVector(actual)),
505 "Error=" << CKM::APICodeToString(exitCode));
507 actual.size() == (beforeSaveAliasCount + aliasNameCount),
508 "Wrong aliases count: " << actual.size() << " Expected: "
509 << (beforeSaveAliasCount + aliasNameCount));
510 check_alias_info_list_helper(expected, actual, "/User ");
512 remove_user_data(USER_APP);
515 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
517 remove_user_data(USER_APP);
520 const int aliasNameCount = 10;
521 auto manager = CKM::Manager::create();
523 CKM::AliasPwdVector expected;
524 std::string binData = "My bin data";
525 CKM::RawBuffer buffer(binData.begin(), binData.end());
526 std::string currentAlias;
528 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
529 for (int it = 0; it < aliasNameCount; ++it)
531 CKM::Policy policy = generate_ckm_policy(it);
532 currentAlias = "T1026_appdata" + std::to_string(it);
533 expected.push_back(std::make_pair(currentAlias, !policy.password.empty()));
535 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
536 "Error=" << CKM::APICodeToString(exitCode));
539 CKM::AliasPwdVector actual;
541 CKM_API_SUCCESS == (exitCode = manager->getDataAliasPwdVector(actual)),
542 "Error=" << CKM::APICodeToString(exitCode));
544 actual.size() == (beforeSaveAliasCount + aliasNameCount),
545 "Wrong aliases count: " << actual.size() << " Expected: "
546 << (beforeSaveAliasCount + aliasNameCount));
547 check_alias_info_list_helper(expected, actual, "/User ");
549 remove_user_data(USER_APP);
552 RUNNER_TEST(T1029_deinit)
554 remove_user_data(USER_APP);
557 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
558 RUNNER_TEST(T1030_init)
560 reset_user_data(USER_APP, APP_PASS);
563 RUNNER_TEST(T1032_app_user_save_bin_data)
565 ScopedDBUnlock unlock(USER_APP, APP_PASS);
568 auto manager = CKM::Manager::create();
570 std::string binData = "My bin data";
572 CKM::RawBuffer buffer(binData.begin(), binData.end());
574 CKM::AliasVector labelAliasVector;
576 size_t current_aliases_num = count_aliases(ALIAS_DATA);
578 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
579 "Error=" << CKM::APICodeToString(temp));
581 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
582 "Error=" << CKM::APICodeToString(temp));
584 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
585 "Error=" << CKM::APICodeToString(temp));
587 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
588 "Error=" << CKM::APICodeToString(temp));
590 labelAliasVector.size() == (current_aliases_num+3),
591 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
594 RUNNER_TEST(T1034_app_remove_bin_data)
596 ScopedDBUnlock unlock(USER_APP, APP_PASS);
599 auto manager = CKM::Manager::create();
601 std::string binData2 = "My bin data";
602 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
604 CKM::AliasVector labelAliasVector;
606 size_t current_aliases_num = count_aliases(ALIAS_DATA);
607 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
609 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
610 "Error=" << CKM::APICodeToString(temp));
612 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
613 "Error=" << CKM::APICodeToString(temp));
615 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
616 "Error=" << CKM::APICodeToString(temp));
618 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
619 "Error=" << CKM::APICodeToString(temp));
621 labelAliasVector.size() == (current_aliases_num-2),
622 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
624 CKM::RawBuffer buffer;
626 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
627 "Error=" << CKM::APICodeToString(temp));
632 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
633 "Error=" << CKM::APICodeToString(temp));
636 RUNNER_TEST(T1035_getData_wrong_password)
638 ScopedDBUnlock unlock(USER_APP, APP_PASS);
641 auto manager = CKM::Manager::create();
643 std::string binData1 = "My bin data4";
645 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
648 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
649 "Error=" << CKM::APICodeToString(temp));
651 CKM::RawBuffer buffer;
653 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
654 "Error=" << CKM::APICodeToString(temp));
660 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
661 "Error=" << CKM::APICodeToString(temp));
664 RUNNER_TEST(T1036_deinit)
666 remove_user_data(USER_APP);
669 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
671 RUNNER_TEST(T1040_init)
674 auto control = CKM::Control::create();
677 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
678 "Error=" << CKM::APICodeToString(temp));
681 RUNNER_TEST(T1041_create_RSA_key)
684 auto manager = CKM::Manager::create();
687 size_t current_aliases_num = count_aliases(ALIAS_KEY);
689 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
690 "Error=" << CKM::APICodeToString(temp));
692 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
693 "Error=" << CKM::APICodeToString(temp));
695 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
696 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
699 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
702 auto manager = CKM::Manager::create();
706 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
707 "Error=" << CKM::APICodeToString(temp));
709 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
710 "Error=" << CKM::APICodeToString(temp));
713 RUNNER_TEST(T1043_create_DSA_key)
716 auto manager = CKM::Manager::create();
719 size_t current_aliases_num = count_aliases(ALIAS_KEY);
721 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
722 "Error=" << CKM::APICodeToString(temp));
724 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
725 "Error=" << CKM::APICodeToString(temp));
727 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
728 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
731 RUNNER_TEST(T1044_create_AES_key)
734 auto manager = CKM::Manager::create();
737 int current_aliases_num = count_aliases(ALIAS_KEY);
739 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
740 "Error=" << CKM::APICodeToString(temp));
742 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
743 "Error=" << CKM::APICodeToString(temp));
745 (current_aliases_num+1) == (temp = av.size()),
746 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
749 RUNNER_TEST(T1049_deinit)
751 remove_user_data(USER_APP);
755 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
757 RUNNER_TEST(T1110_init)
759 unlock_user_data(USER_APP, "user-pass");
762 RUNNER_TEST(T1111_CreateKeyPairRSA)
765 auto manager = CKM::Manager::create();
766 CKM::Alias a1 = "rsa-test-1";
767 CKM::Alias a2 = "rsa-test-2";
771 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
772 "Error=" << CKM::APICodeToString(temp));
774 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
775 "Error=" << CKM::APICodeToString(temp));
778 RUNNER_TEST(T1112_CreateKeyPairDSA)
781 auto manager = CKM::Manager::create();
782 CKM::Alias a1 = "dsa-test-1";
783 CKM::Alias a2 = "dsa-test-2";
787 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
788 "Error=" << CKM::APICodeToString(temp));
790 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
791 "Error=" << CKM::APICodeToString(temp));
794 RUNNER_TEST(T1113_CreateKeyPairECDSA)
797 auto manager = CKM::Manager::create();
798 CKM::Alias a1 = "ecdsa-test-1";
799 CKM::Alias a2 = "ecdsa-test-2";
803 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
804 "Error=" << CKM::APICodeToString(temp));
807 RUNNER_TEST(T1114_deinit)
809 remove_user_data(USER_APP);
812 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
814 RUNNER_TEST(T12100_init)
816 reset_user_data(USER_APP, APP_PASS);
819 RUNNER_TEST(T12101_key_exist)
821 ScopedDBUnlock unlock(USER_APP, APP_PASS);
824 auto manager = CKM::Manager::create();
826 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
827 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
828 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
829 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
830 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
831 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
832 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
834 "-----END PUBLIC KEY-----";
836 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
837 auto key = CKM::Key::create(buffer);
838 CKM::Alias alias = "rsa-alias-duplication";
841 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
842 "Error=" << CKM::APICodeToString(ret));
844 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
845 "Error=" << CKM::APICodeToString(ret));
849 * These test cases tests API when empty parameters are passed to functions
852 RUNNER_TEST(T12102_saveKey_empty_alias)
854 ScopedDBUnlock unlock(USER_APP, APP_PASS);
856 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
857 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
858 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
859 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
860 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
861 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
862 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
863 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
865 "-----END PUBLIC KEY-----";
867 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
868 auto key = CKM::Key::create(buffer);
869 CKM::Alias alias; //alias is not initialized
872 auto manager = CKM::Manager::create();
874 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
875 "Error=" << CKM::APICodeToString(ret));
878 RUNNER_TEST(T12103_saveKey_foreign_label)
880 ScopedDBUnlock unlock(USER_APP, APP_PASS);
882 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
883 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
884 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
885 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
886 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
887 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
888 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
890 "-----END PUBLIC KEY-----";
892 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
893 auto key = CKM::Key::create(buffer);
894 CKM::Alias alias = "iamsomebodyelse alias";
897 auto manager = CKM::Manager::create();
899 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
900 "Error=" << CKM::APICodeToString(ret));
903 RUNNER_TEST(T12104_saveKey_empty_key)
905 ScopedDBUnlock unlock(USER_APP, APP_PASS);
907 CKM::KeyShPtr key; //key is not initialized
908 CKM::Alias alias = "empty-key";
911 auto manager = CKM::Manager::create();
913 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
914 "Error=" << CKM::APICodeToString(ret));
917 RUNNER_TEST(T12105_saveCertificate_empty_alias)
919 ScopedDBUnlock unlock(USER_APP, APP_PASS);
921 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
922 CKM::Alias alias; //alias is not initialized
925 auto manager = CKM::Manager::create();
927 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
928 "Error=" << CKM::APICodeToString(temp));
931 RUNNER_TEST(T12106_saveCertificate_foreign_label)
933 ScopedDBUnlock unlock(USER_APP, APP_PASS);
935 auto cert = TestData::getTestCertificate(TestData::THIRD_PARTY_LEAF);
936 CKM::Alias alias = "iamsomebodyelse alias";
939 auto manager = CKM::Manager::create();
941 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
942 "Error=" << CKM::APICodeToString(temp));
945 RUNNER_TEST(T12107_saveCertificate_empty_cert)
947 ScopedDBUnlock unlock(USER_APP, APP_PASS);
949 CKM::CertificateShPtr cert; //cert is not initialized
950 CKM::Alias alias = "empty-cert";
953 auto manager = CKM::Manager::create();
955 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
956 "Error=" << CKM::APICodeToString(temp));
959 RUNNER_TEST(T12108_saveData_empty_alias)
961 ScopedDBUnlock unlock(USER_APP, APP_PASS);
963 std::string testData = "test data test data test data";
964 CKM::RawBuffer buffer(testData.begin(), testData.end());
968 auto manager = CKM::Manager::create();
970 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
971 "Error=" << CKM::APICodeToString(temp));
974 RUNNER_TEST(T12109_saveData_foreign_label)
976 ScopedDBUnlock unlock(USER_APP, APP_PASS);
978 std::string testData = "test data test data test data";
979 CKM::RawBuffer buffer(testData.begin(), testData.end());
980 CKM::Alias alias = "iamsomebodyelse alias";
983 auto manager = CKM::Manager::create();
985 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
986 "Error=" << CKM::APICodeToString(temp));
989 RUNNER_TEST(T12110_saveData_empty_data)
991 ScopedDBUnlock unlock(USER_APP, APP_PASS);
993 CKM::RawBuffer buffer;
994 CKM::Alias alias = "empty-data";
997 auto manager = CKM::Manager::create();
999 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1000 "Error=" << CKM::APICodeToString(temp));
1004 * These test cases tests API when trying to get data from not existing alias
1007 RUNNER_TEST(T12111_getKey_alias_not_exist)
1009 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1012 CKM::Alias alias = "this-alias-not-exist";
1015 auto manager = CKM::Manager::create();
1017 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1018 "Error=" << CKM::APICodeToString(temp));
1021 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1023 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1025 CKM::CertificateShPtr certificate;
1026 CKM::Alias alias = "this-alias-not-exist";
1029 auto manager = CKM::Manager::create();
1031 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1032 "Error=" << CKM::APICodeToString(temp));
1035 RUNNER_TEST(T12113_getData_alias_not_exist)
1037 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1040 auto manager = CKM::Manager::create();
1041 CKM::RawBuffer buffer;
1042 CKM::Alias alias("some alias");
1044 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1045 "Error=" << CKM::APICodeToString(temp));
1049 * These test cases tests API when damaged keys are used
1051 RUNNER_TEST(T12114_RSA_key_damaged)
1053 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1056 auto manager = CKM::Manager::create();
1058 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1059 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1060 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1061 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1062 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1063 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1064 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1066 "-----END PUBLIC KEY-----";
1068 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1069 auto key = CKM::Key::create(buffer);
1070 CKM::Alias alias = "damaged-rsa";
1073 NULL == key.get(), "Key is broken. It should be empty");
1076 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1077 "Error=" << CKM::APICodeToString(ret));
1080 RUNNER_TEST(T12115_RSA_key_too_short)
1082 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1085 auto manager = CKM::Manager::create();
1087 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1088 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1089 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1090 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1091 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1092 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1093 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1095 "-----END PUBLIC KEY-----";
1097 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1098 auto key = CKM::Key::create(buffer);
1099 CKM::Alias alias = "short-rsa";
1102 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1103 "Error=" << CKM::APICodeToString(ret));
1106 RUNNER_TEST(T12116_DSA_key_too_short)
1108 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1111 auto manager = CKM::Manager::create();
1113 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1114 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1115 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1116 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1117 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1118 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1119 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1120 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1121 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1122 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1123 "YMYCBhubtrVaLmc=\n"
1124 "-----END PUBLIC KEY-----";
1126 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1127 auto key = CKM::Key::create(buffer);
1128 CKM::Alias alias = "short-dsa";
1131 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1132 "Error=" << CKM::APICodeToString(ret));
1135 RUNNER_TEST(T12117_AES_key_too_short)
1138 auto manager = CKM::Manager::create();
1140 size_t key_size = (128-1);
1141 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1143 auto key = CKM::Key::create(key_AES);
1144 CKM::Alias alias = "short-AES";
1147 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1148 "Error=" << CKM::APICodeToString(ret));
1152 * These test cases tests CKM service if malicious data is provided over the socket.
1155 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1157 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1160 auto manager = CKM::Manager::create();
1162 // fake the client - let the service detect the problem
1163 class WrongKeyImpl : public CKM::Key
1166 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1169 virtual bool empty() const {
1173 virtual CKM::KeyType getType() const {
1174 return CKM::KeyType::KEY_RSA_PUBLIC;
1176 virtual int getSize() const {
1179 virtual CKM::ElipticCurve getCurve() const {
1180 return CKM::ElipticCurve::prime192v1;
1182 virtual CKM::RawBuffer getDER() const {
1185 virtual ~WrongKeyImpl() {}
1187 CKM::RawBuffer & m_dummy;
1189 std::string dummyData = "my_cat_Berta\n";
1190 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1191 auto key = std::make_shared<WrongKeyImpl>(buffer);
1192 CKM::Alias alias = "damaged-rsa";
1195 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1196 "Error=" << CKM::APICodeToString(ret));
1199 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1201 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1203 // fake the client - let the service detect the problem
1204 class WrongCertImpl : public CKM::Certificate
1207 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1208 m_x509 = X509_new();
1211 bool empty() const {
1215 virtual X509 *getX509() const {
1219 virtual CKM::RawBuffer getDER() const {
1223 virtual ~WrongCertImpl() {
1228 CKM::RawBuffer & m_dummy;
1230 std::string dummyData = "my_cat_Stefan\n";
1231 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1232 auto cert = std::make_shared<WrongCertImpl>(buffer);
1233 CKM::Alias alias = "damaged-cert";
1236 auto manager = CKM::Manager::create();
1238 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1239 "Error=" << CKM::APICodeToString(temp));
1242 RUNNER_TEST(T12120_deinit)
1244 remove_user_data(USER_APP);
1247 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1249 RUNNER_TEST(T1311_init)
1251 remove_user_data(USER_APP);
1252 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1253 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1255 struct hostent* he = gethostbyname("google.com");
1257 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1258 "is not woking on the device. OCSP tests requires network access!");
1261 RUNNER_TEST(T13121_get_chain_no_cert)
1263 CKM::CertificateShPtrVector certChain;
1264 CKM::CertificateShPtr cert;
1266 auto manager = CKM::Manager::create();
1268 int ret = manager->getCertificateChain(cert,
1273 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1274 "Function should fail for empty certificate");
1277 RUNNER_TEST(T13122_get_chain_empty_cert)
1279 CKM::CertificateShPtrVector certChain;
1280 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1281 CKM::DataFormat::FORM_PEM);
1283 auto manager = CKM::Manager::create();
1285 int ret = manager->getCertificateChain(cert,
1290 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1291 "Function should fail for empty certificate");
1294 RUNNER_TEST(T13129_get_chain)
1296 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1297 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1299 CKM::CertificateShPtrVector certVector = {cert1};
1300 CKM::CertificateShPtrVector certChain;
1303 auto manager = CKM::Manager::create();
1305 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1307 tmp = manager->getCertificateChain(cert,
1312 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1313 "Error=" << CKM::APICodeToString(tmp));
1316 0 == certChain.size(),
1317 "Wrong size of certificate chain.");
1319 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1320 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1323 3 == certChain.size(),
1324 "Wrong size of certificate chain.");
1327 RUNNER_TEST(T1313_get_chain_with_alias)
1329 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1330 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1332 CKM::CertificateShPtrVector certChain;
1333 CKM::AliasVector aliasVector;
1334 CKM::Alias alias = "imcert";
1337 auto manager = CKM::Manager::create();
1339 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1340 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1342 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1343 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1344 "Error=" << CKM::APICodeToString(tmp));
1347 0 == certChain.size(),
1348 "Wrong size of certificate chain.");
1351 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1352 "Error=" << CKM::APICodeToString(tmp));
1354 aliasVector.push_back(alias);
1356 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1357 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1360 3 == certChain.size(),
1361 "Wrong size of certificate chain.");
1364 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1366 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_LEAF);
1367 auto cert1 = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1368 CKM::CertificateShPtrVector certVector = {cert1};
1369 CKM::CertificateShPtrVector certChain;
1372 auto manager = CKM::Manager::create();
1374 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1375 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1377 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1378 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1379 "Error=" << CKM::APICodeToString(tmp));
1382 0 == certChain.size(),
1383 "Wrong size of certificate chain.");
1385 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1386 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1389 3 == certChain.size(),
1390 "Wrong size of certificate chain.");
1394 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1395 "Error=" << CKM::APICodeToString(tmp));
1397 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1400 RUNNER_TEST(T13142_ocsp_check_empty)
1402 CKM::CertificateShPtrVector certVector;
1404 auto manager = CKM::Manager::create();
1409 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1410 "ocspCheck should fail for empty certificate vector");
1413 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1415 CKM::CertificateShPtrVector certVector = {
1416 CKM::CertificateShPtr(),
1417 CKM::CertificateShPtr(),
1418 CKM::CertificateShPtr()};
1420 auto manager = CKM::Manager::create();
1425 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1426 "ocspCheck should fail for empty certificate vector");
1429 RUNNER_TEST(T13144_ocsp_check_root)
1431 auto root = TestData::getTestCertificate(TestData::THIRD_PARTY_ROOT_CA);
1432 CKM::CertificateShPtrVector certVector = {root};
1434 auto manager = CKM::Manager::create();
1436 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1441 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1442 "Ocsp should fail for single certificate");
1445 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1447 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1448 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1450 CKM::CertificateShPtrVector certVector = {ca, root};
1452 auto manager = CKM::Manager::create();
1454 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1455 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1460 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1461 "Error=" << CKM::APICodeToString(tmp));
1463 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1466 RUNNER_TEST(T1315_deinit)
1468 remove_user_data(USER_APP);
1471 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1473 RUNNER_TEST(T1411_init)
1475 remove_user_data(USER_APP);
1478 RUNNER_TEST(T1412_RSA_key_create_verify)
1481 auto manager = CKM::Manager::create();
1483 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1484 "Proc-Type: 4,ENCRYPTED\n"
1485 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1487 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1488 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1489 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1490 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1491 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1492 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1493 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1494 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1495 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1496 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1497 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1498 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1499 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1500 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1501 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1502 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1503 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1504 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1505 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1506 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1507 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1508 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1509 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1510 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1511 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1512 "-----END RSA PRIVATE KEY-----\n";
1514 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1515 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1516 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1517 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1518 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1519 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1520 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1522 "-----END PUBLIC KEY-----\n";
1524 std::string message = "message test";
1526 CKM::Alias aliasPub = "pub1";
1527 CKM::Alias aliasPrv = "prv1";
1528 CKM::Password password = "1234";
1529 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1530 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1531 CKM::RawBuffer signature;
1533 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1534 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1536 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1537 "Key is empty. Failed to import public key.");
1538 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1539 "Key is empty. Failed to import private key.");
1542 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1543 "Error=" << CKM::APICodeToString(temp));
1545 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1546 "Error=" << CKM::APICodeToString(temp));
1549 CKM_API_SUCCESS == (temp = manager->createSignature(
1552 CKM::RawBuffer(message.begin(), message.end()),
1556 "Error=" << CKM::APICodeToString(temp));
1559 CKM_API_SUCCESS == (temp = manager->verifySignature(
1562 CKM::RawBuffer(message.begin(), message.end()),
1566 "Error=" << CKM::APICodeToString(temp));
1569 RUNNER_TEST(T1413_DSA_key_create_verify)
1572 auto manager = CKM::Manager::create();
1574 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1575 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1576 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1577 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1578 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1579 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1580 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1581 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1582 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1583 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1584 "u1roOuaPY+Hl19BlTE2qdw==\n"
1585 "-----END DSA PRIVATE KEY-----";
1587 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1588 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1589 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1590 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1591 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1592 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1593 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1594 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1595 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1596 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1597 "YMYCBhubtrVaLmc=\n"
1598 "-----END PUBLIC KEY-----";
1600 std::string message = "message test";
1602 CKM::Alias aliasPub = "pub2";
1603 CKM::Alias aliasPrv = "prv2";
1604 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1605 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1606 CKM::RawBuffer signature;
1608 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1609 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1611 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1612 "Key is empty. Failed to import public key.");
1613 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1614 "Key is empty. Failed to import private key.");
1617 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1618 "Error=" << CKM::APICodeToString(temp));
1620 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1621 "Error=" << CKM::APICodeToString(temp));
1624 CKM_API_SUCCESS == (temp = manager->createSignature(
1627 CKM::RawBuffer(message.begin(), message.end()),
1631 "Error=" << CKM::APICodeToString(temp));
1634 CKM_API_SUCCESS == (temp = manager->verifySignature(
1637 CKM::RawBuffer(message.begin(), message.end()),
1641 "Error=" << CKM::APICodeToString(temp));
1645 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1648 auto manager = CKM::Manager::create();
1650 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1651 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1652 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1653 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1654 "-----END EC PRIVATE KEY-----\n";
1656 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1657 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1658 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1659 "-----END PUBLIC KEY-----\n";
1661 std::string message = "message test";
1663 CKM::Alias aliasPub = "ecpub2";
1664 CKM::Alias aliasPrv = "ecprv2";
1665 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1666 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1667 CKM::RawBuffer signature;
1669 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1670 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1672 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1673 "Key is empty. Failed to import public key.");
1674 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1675 "Key is empty. Failed to import private key.");
1678 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1679 "Error=" << CKM::APICodeToString(temp));
1681 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1682 "Error=" << CKM::APICodeToString(temp));
1685 CKM_API_SUCCESS == (temp = manager->createSignature(
1688 CKM::RawBuffer(message.begin(), message.end()),
1692 "Error=" << CKM::APICodeToString(temp));
1695 CKM_API_SUCCESS == (temp = manager->verifySignature(
1698 CKM::RawBuffer(message.begin(), message.end()),
1702 "Error=" << CKM::APICodeToString(temp));
1704 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1706 memcpy((void*)signature.data(), "BROKEN", 6);
1709 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1712 CKM::RawBuffer(message.begin(), message.end()),
1716 "Error=" << CKM::APICodeToString(temp));
1719 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1722 auto manager = CKM::Manager::create();
1723 std::string message = "message asdfaslkdfjlksadjf test";
1725 CKM::Alias aliasPub = "pub1";
1726 CKM::Alias aliasPrv = "prv1";
1728 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1729 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1730 CKM::RawBuffer signature;
1733 CKM_API_SUCCESS == (temp = manager->createSignature(
1736 CKM::RawBuffer(message.begin(), message.end()),
1740 "Error=" << CKM::APICodeToString(temp));
1743 CKM_API_SUCCESS == (temp = manager->verifySignature(
1746 CKM::RawBuffer(message.begin(), message.end()),
1750 "Error=" << CKM::APICodeToString(temp));
1752 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1753 memcpy((void*)signature.data(), "BROKEN", 6);
1756 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1759 CKM::RawBuffer(message.begin(), message.end()),
1763 "Error=" << CKM::APICodeToString(temp));
1766 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1769 auto manager = CKM::Manager::create();
1770 std::string message = "message asdfaslkdfjlksadjf test";
1772 CKM::Alias aliasPub = "pub2";
1773 CKM::Alias aliasPrv = "prv2";
1775 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1776 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1777 CKM::RawBuffer signature;
1780 CKM_API_SUCCESS == (temp = manager->createSignature(
1783 CKM::RawBuffer(message.begin(), message.end()),
1787 "Error=" << CKM::APICodeToString(temp));
1790 CKM_API_SUCCESS == (temp = manager->verifySignature(
1793 CKM::RawBuffer(message.begin(), message.end()),
1797 "Error=" << CKM::APICodeToString(temp));
1799 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1800 memcpy((void*)signature.data(), "BROKEN", 6);
1803 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1806 CKM::RawBuffer(message.begin(), message.end()),
1810 "Error=" << CKM::APICodeToString(temp));
1813 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1816 auto manager = CKM::Manager::create();
1819 "-----BEGIN RSA PRIVATE KEY-----\n"
1820 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1821 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1822 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1823 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1824 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1825 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1826 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1827 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1828 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1829 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1830 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1831 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1832 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1833 "-----END RSA PRIVATE KEY-----\n";
1836 "-----BEGIN CERTIFICATE-----\n"
1837 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1838 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1839 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1840 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1841 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1842 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1843 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1844 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1845 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1846 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1847 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1848 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1849 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1850 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1851 "-----END CERTIFICATE-----\n";
1853 std::string message = "message test";
1855 CKM::Alias aliasPub = "pub1-cert";
1856 CKM::Alias aliasPrv = "prv1-cert";
1857 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1858 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1859 CKM::RawBuffer signature;
1861 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1862 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1864 RUNNER_ASSERT_MSG(NULL != cert.get(),
1865 "Key is empty. Failed to import public key.");
1866 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1867 "Key is empty. Failed to import private key.");
1870 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1871 "Error=" << CKM::APICodeToString(temp));
1873 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1874 "Error=" << CKM::APICodeToString(temp));
1877 CKM_API_SUCCESS == (temp = manager->createSignature(
1880 CKM::RawBuffer(message.begin(), message.end()),
1884 "Error=" << CKM::APICodeToString(temp));
1887 CKM_API_SUCCESS == (temp = manager->verifySignature(
1890 CKM::RawBuffer(message.begin(), message.end()),
1894 "Error=" << CKM::APICodeToString(temp));
1896 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1898 memcpy((void*)signature.data(), "BROKEN", 6);
1901 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1904 CKM::RawBuffer(message.begin(), message.end()),
1908 "Error=" << CKM::APICodeToString(temp));
1911 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1914 auto manager = CKM::Manager::create();
1916 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1917 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1918 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1919 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1920 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1921 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1922 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1923 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1924 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1925 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1926 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1927 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1928 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1929 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1930 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1931 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1932 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1933 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1934 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1935 "-----END CERTIFICATE-----\n";
1937 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1938 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1939 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1940 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1941 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1942 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1943 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1944 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1945 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1946 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1947 "vonbjii3BYe4AIdkzOvp\n"
1948 "-----END DSA PRIVATE KEY-----\n";
1950 std::string message = "message test";
1952 CKM::Alias aliasPub = "pub2-cert";
1953 CKM::Alias aliasPrv = "prv2-cert";
1954 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1955 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1956 CKM::RawBuffer signature;
1958 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1959 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1961 RUNNER_ASSERT_MSG(NULL != cert.get(),
1962 "Key is empty. Failed to import public key.");
1963 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1964 "Key is empty. Failed to import private key.");
1967 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1968 "Error=" << CKM::APICodeToString(temp));
1970 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1971 "Error=" << CKM::APICodeToString(temp));
1974 CKM_API_SUCCESS == (temp = manager->createSignature(
1977 CKM::RawBuffer(message.begin(), message.end()),
1981 "Error=" << CKM::APICodeToString(temp));
1984 CKM_API_SUCCESS == (temp = manager->verifySignature(
1987 CKM::RawBuffer(message.begin(), message.end()),
1991 "Error=" << CKM::APICodeToString(temp));
1993 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1995 memcpy((void*)signature.data(), "BROKEN", 6);
1998 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2001 CKM::RawBuffer(message.begin(), message.end()),
2005 "Error=" << CKM::APICodeToString(temp));
2008 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2011 auto manager = CKM::Manager::create();
2014 "-----BEGIN EC PRIVATE KEY-----\n"
2015 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2016 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2017 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2018 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2019 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2020 "ELyhe7yPCAuOoLZlTLgf\n"
2021 "-----END EC PRIVATE KEY-----\n";
2024 "-----BEGIN CERTIFICATE-----\n"
2025 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2026 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2027 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2028 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2029 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2030 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2031 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2032 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2033 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2034 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2035 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2036 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2037 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2038 "Q1oBry6NEc+lLFmWMDesAA==\n"
2039 "-----END CERTIFICATE-----\n";
2041 std::string message = "message test";
2043 CKM::Alias aliasPub = "pub3";
2044 CKM::Alias aliasPrv = "prv3";
2045 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2046 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2047 CKM::RawBuffer signature;
2049 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2050 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2052 RUNNER_ASSERT_MSG(NULL != cert.get(),
2053 "Key is empty. Failed to import public key.");
2054 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2055 "Key is empty. Failed to import private key.");
2058 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2059 "Error=" << CKM::APICodeToString(temp));
2061 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2062 "Error=" << CKM::APICodeToString(temp));
2065 CKM_API_SUCCESS == (temp = manager->createSignature(
2068 CKM::RawBuffer(message.begin(), message.end()),
2072 "Error=" << CKM::APICodeToString(temp));
2075 CKM_API_SUCCESS == (temp = manager->verifySignature(
2078 CKM::RawBuffer(message.begin(), message.end()),
2082 "Error=" << CKM::APICodeToString(temp));
2084 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2086 memcpy((void*)signature.data(), "BROKEN", 6);
2089 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2092 CKM::RawBuffer(message.begin(), message.end()),
2096 "Error=" << CKM::APICodeToString(temp));
2099 RUNNER_TEST(T1420_deinit)
2101 remove_user_data(USER_APP);
2104 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2106 RUNNER_TEST(T14180_init)
2109 remove_user_data(USER_APP);
2111 auto manager = CKM::Manager::create();
2113 // Prepare RSA Key Pair
2114 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2115 "Proc-Type: 4,ENCRYPTED\n"
2116 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2118 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2119 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2120 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2121 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2122 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2123 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2124 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2125 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2126 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2127 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2128 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2129 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2130 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2131 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2132 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2133 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2134 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2135 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2136 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2137 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2138 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2139 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2140 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2141 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2142 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2143 "-----END RSA PRIVATE KEY-----\n";
2145 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2146 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2147 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2148 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2149 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2150 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2151 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2153 "-----END PUBLIC KEY-----\n";
2155 CKM::Alias aliasPub = "pub_nohash1";
2156 CKM::Alias aliasPrv = "prv_nohash1";
2157 CKM::Password password = "1234";
2159 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2160 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2162 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2163 "Key is empty. Failed to import public key.");
2164 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2165 "Key is empty. Failed to import private key.");
2168 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2169 "Error=" << CKM::APICodeToString(temp));
2171 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2172 "Error=" << CKM::APICodeToString(temp));
2174 // Prepare ECDSA Key Pair
2175 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2176 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2177 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2178 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2179 "-----END EC PRIVATE KEY-----\n";
2181 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2182 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2183 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2184 "-----END PUBLIC KEY-----\n";
2186 CKM::Alias aliasEcPub = "ecpub_nohash1";
2187 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2189 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2190 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2192 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2193 "Key is empty. Failed to import public key.");
2194 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2195 "Key is empty. Failed to import private key.");
2198 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2199 "Error=" << CKM::APICodeToString(temp));
2201 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2202 "Error=" << CKM::APICodeToString(temp));
2206 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2209 auto manager = CKM::Manager::create();
2210 std::string message = "message asdfaslkdfjlksadjf test";
2212 CKM::Alias aliasPub = "pub_nohash1";
2213 CKM::Alias aliasPrv = "prv_nohash1";
2215 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2216 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2217 CKM::RawBuffer signature;
2220 CKM_API_SUCCESS == (temp = manager->createSignature(
2223 CKM::RawBuffer(message.begin(), message.end()),
2227 "Error=" << CKM::APICodeToString(temp));
2230 CKM_API_SUCCESS == (temp = manager->verifySignature(
2233 CKM::RawBuffer(message.begin(), message.end()),
2237 "Error=" << CKM::APICodeToString(temp));
2239 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2240 memcpy((void*)signature.data(), "BROKEN", 6);
2243 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2246 CKM::RawBuffer(message.begin(), message.end()),
2250 "Error=" << CKM::APICodeToString(temp));
2253 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2256 auto manager = CKM::Manager::create();
2257 std::string message = "message asdfaslkdfjlksadjf test";
2259 CKM::Alias aliasPub = "pub_nohash1";
2260 CKM::Alias aliasPrv = "prv_nohash1";
2262 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2263 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2264 CKM::RawBuffer signature;
2267 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2270 CKM::RawBuffer(message.begin(), message.end()),
2274 "Error=" << CKM::APICodeToString(temp));
2277 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2280 auto manager = CKM::Manager::create();
2281 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2282 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2283 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2284 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2285 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2286 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2287 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2288 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2289 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2290 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2291 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2292 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2293 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2294 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2295 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2296 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2297 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2298 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2299 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2300 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2302 CKM::Alias aliasPub = "pub_nohash1";
2303 CKM::Alias aliasPrv = "prv_nohash1";
2305 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2306 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2307 CKM::RawBuffer signature;
2310 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2313 CKM::RawBuffer(message.begin(), message.end()),
2317 "Error=" << CKM::APICodeToString(temp));
2321 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2324 auto manager = CKM::Manager::create();
2326 std::string message = "message test";
2328 CKM::Alias aliasPrv = "ecprv_nohash1";
2329 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2330 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2331 CKM::RawBuffer signature;
2334 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2337 CKM::RawBuffer(message.begin(), message.end()),
2341 "Error=" << CKM::APICodeToString(temp));
2344 RUNNER_TEST(T14189_deinit)
2346 remove_user_data(USER_APP);
2350 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2354 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2355 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2356 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2357 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2358 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2361 RUNNER_TEST(T1800_init)
2363 remove_user_data(USER_APP);
2366 RUNNER_TEST(T1801_parse_PKCS12) {
2367 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2368 std::istreambuf_iterator<char> begin(is), end;
2369 std::vector<char> buff(begin, end);
2371 CKM::RawBuffer buffer(buff.size());
2372 memcpy(buffer.data(), buff.data(), buff.size());
2374 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2377 "Error in PKCS12::create()");
2379 auto cert = pkcs->getCertificate();
2382 "Error in PKCS12::getCertificate()");
2384 auto key = pkcs->getKey();
2387 "Error in PKCS12::getKey()");
2389 auto caVector = pkcs->getCaCertificateShPtrVector();
2391 0 == caVector.size(),
2392 "Wrong size of vector");
2395 RUNNER_TEST(T1802_negative_wrong_password) {
2396 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2397 std::istreambuf_iterator<char> begin(is), end;
2398 std::vector<char> buff(begin, end);
2400 CKM::RawBuffer buffer(buff.size());
2401 memcpy(buffer.data(), buff.data(), buff.size());
2403 auto pkcs = CKM::PKCS12::create(buffer, "error");
2406 "Expected error in PKCS12::create()");
2409 RUNNER_TEST(T1803_negative_broken_buffer) {
2410 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2411 std::istreambuf_iterator<char> begin(is), end;
2412 std::vector<char> buff(begin, end);
2414 CKM::RawBuffer buffer(buff.size());
2415 memcpy(buffer.data(), buff.data(), buff.size());
2417 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2420 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2423 "Expected error in PKCS12::create()");
2426 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2428 auto manager = CKM::Manager::create();
2429 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2430 std::istreambuf_iterator<char> begin(is), end;
2431 std::vector<char> buff(begin, end);
2433 CKM::RawBuffer buffer(buff.size());
2434 memcpy(buffer.data(), buff.data(), buff.size());
2436 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2439 "Error in PKCS12::create()");
2442 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2443 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2444 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2445 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2446 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2447 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2448 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2449 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2450 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2451 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2452 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2453 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2454 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2455 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2456 "-----END RSA PRIVATE KEY-----\n";
2458 std::string message = "message test";
2460 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2461 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2462 "Key is empty. Failed to import private key.");
2466 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2467 "Error=" << CKM::APICodeToString(temp));
2470 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2471 "Error=" << CKM::APICodeToString(temp));
2474 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2476 auto manager = CKM::Manager::create();
2477 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2478 std::istreambuf_iterator<char> begin(is), end;
2479 std::vector<char> buff(begin, end);
2481 CKM::RawBuffer buffer(buff.size());
2482 memcpy(buffer.data(), buff.data(), buff.size());
2484 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2487 "Error in PKCS12::create()");
2489 auto cert = pkcs->getCertificate();
2492 "Error in PKCS12::getCertificate()");
2494 auto key = pkcs->getKey();
2497 "Error in PKCS12::getKey()");
2499 auto caVector = pkcs->getCaCertificateShPtrVector();
2501 2 == caVector.size(),
2502 "Wrong size of vector");
2506 CKM::Policy exportable;
2507 CKM::Policy notExportable(CKM::Password(), false);
2510 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2511 "Error=" << CKM::APICodeToString(tmp));
2513 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2514 "Error=" << CKM::APICodeToString(tmp));
2516 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2517 "Error=" << CKM::APICodeToString(tmp));
2519 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2520 "Error=" << CKM::APICodeToString(tmp));
2522 // try to lookup key
2523 CKM::KeyShPtr key_lookup;
2525 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2526 "Error=" << CKM::APICodeToString(tmp));
2528 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2529 "Error=" << CKM::APICodeToString(tmp));
2531 // try to lookup certificate
2532 CKM::CertificateShPtr cert_lookup;
2534 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2535 "Error=" << CKM::APICodeToString(tmp));
2537 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2538 "Error=" << CKM::APICodeToString(tmp));
2541 RUNNER_TEST(T1806_get_PKCS)
2544 auto manager = CKM::Manager::create();
2546 CKM::PKCS12ShPtr pkcs;
2550 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2551 "Error=" << CKM::APICodeToString(temp));
2553 // fail - not exportable
2555 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2556 "Error=" << CKM::APICodeToString(temp));
2558 // success - exportable
2560 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2561 "Error=" << CKM::APICodeToString(temp));
2563 auto cert = pkcs->getCertificate();
2566 "Error in PKCS12::getCertificate()");
2568 auto key = pkcs->getKey();
2571 "Error in PKCS12::getKey()");
2573 auto caVector = pkcs->getCaCertificateShPtrVector();
2575 2 == caVector.size(),
2576 "Wrong size of vector");
2579 RUNNER_TEST(T1807_create_and_verify_signature)
2582 auto manager = CKM::Manager::create();
2584 std::string message = "message test";
2586 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2587 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2588 CKM::RawBuffer signature;
2591 CKM_API_SUCCESS == (temp = manager->createSignature(
2592 alias_PKCS_exportable,
2594 CKM::RawBuffer(message.begin(), message.end()),
2598 "Error=" << CKM::APICodeToString(temp));
2601 CKM_API_SUCCESS == (temp = manager->verifySignature(
2602 alias_PKCS_exportable,
2604 CKM::RawBuffer(message.begin(), message.end()),
2608 "Error=" << CKM::APICodeToString(temp));
2611 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2614 auto manager = CKM::Manager::create();
2617 "-----BEGIN RSA PRIVATE KEY-----\n"
2618 "MIICWwIBAAKBgQDDgmPurTQa3wbnlM+9nCEQvhDviYRvSC9TL5lAMBCmBSl93v0U\n"
2619 "BXWsqO+fmAINm5QJa89hF5N7Q4xtvfSJUPIeyzowTOEGM4U3FnJtlsNQsoNbFlNy\n"
2620 "QLoZZmmY4ljG6/YqX+JGBgS9/J8uvaDWkvs+ktkORygfNz4Gi5DERT7eeQIDAQAB\n"
2621 "AoGAARIqx/js6yTDnesjxC8hwzy3TQic0Bs+Hx+IoGBjBvXKR2U8T6rD/UEjpuUn\n"
2622 "RbnPcsnDZg3CAg/ZqhQ7TbFC0kPo+S6+wKsZGDWUUvnpMkdcZUqXel8GFhdnmeIh\n"
2623 "22vYthP4TCbolxwXlwvuhu0PLZWhRO/Z+g37T3QENexqGv0CQQDmqJ9PDoUj5eUR\n"
2624 "wWEqEPraoU6ARBUUX5EhmTT9g9/BXnhwumIOksDHcBqNUwNOlKCUlWfBOelO93Ys\n"
2625 "PRW3QyejAkEA2P0tW/8iU4j+0a6DV+TUYFDTjD29y8KPw0Aj59591xD5eIPK3IgU\n"
2626 "91vnmtvU/QR26PnMOx4OAPk9a7BtN62zMwJAIFV0950edtjMUr/cAgydTbadDYf9\n"
2627 "uHxpGN+kOQGahT3b/llyU36o/YwufK8tYH+fPxTulXyrwwEXlL3/ZFBKpwJAeLGS\n"
2628 "Wlp2WGqZ+j2MdwYkDxLGKHprKHwnBN6XWjCKZGbfrGX6H2Jd7xyinaNrO/UQwxO2\n"
2629 "wqc7+NSpkk3G4jJuuwJAODYlk2Q+djE4jkjDc4xiqsQGBQlI2dlgzjRjIF4HWiLx\n"
2630 "bIrI0uCCbGItx++hlvmDx7G8anBmIFfBWIaKdX0aWw==\n"
2631 "-----END RSA PRIVATE KEY-----\n";
2633 std::string message = "message test";
2635 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2636 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2637 "Key is empty. Failed to import private key.");
2640 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2641 "Error=" << CKM::APICodeToString(temp));
2643 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2644 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2645 CKM::RawBuffer signature;
2648 CKM_API_SUCCESS == (temp = manager->createSignature(
2649 alias_PKCS_priv_key_copy,
2651 CKM::RawBuffer(message.begin(), message.end()),
2655 "Error=" << CKM::APICodeToString(temp));
2658 CKM_API_SUCCESS == (temp = manager->verifySignature(
2659 alias_PKCS_exportable,
2661 CKM::RawBuffer(message.begin(), message.end()),
2665 "Error=" << CKM::APICodeToString(temp));
2668 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2671 auto manager = CKM::Manager::create();
2673 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2674 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2675 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2676 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2677 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2678 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2679 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2680 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2681 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2682 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2683 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2684 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2685 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2686 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2687 "-----END RSA PRIVATE KEY-----\n";
2689 std::string message = "message test";
2691 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2692 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2693 "Key is empty. Failed to import private key.");
2696 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2697 "Error=" << CKM::APICodeToString(temp));
2699 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2700 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2701 CKM::RawBuffer signature;
2704 CKM_API_SUCCESS == (temp = manager->createSignature(
2705 alias_PKCS_priv_key_wrong,
2707 CKM::RawBuffer(message.begin(), message.end()),
2711 "Error=" << CKM::APICodeToString(temp));
2714 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2715 alias_PKCS_exportable,
2717 CKM::RawBuffer(message.begin(), message.end()),
2721 "Error=" << CKM::APICodeToString(temp));
2724 RUNNER_TEST(T1810_verify_get_certificate_chain)
2726 // this certificate has been signed using PKCS chain
2728 "-----BEGIN CERTIFICATE-----\n"
2729 "MIICxDCCAi0CFGHuCEUksqn0Rr3SXdhn+TlnL804MA0GCSqGSIb3DQEBCwUAMGEx\n"
2730 "CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n"
2731 "cm5ldCBXaWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMMEXNlcnZlckB0ZXN0bWUuY29t\n"
2732 "MB4XDTE5MDYxMzEyMTkyNloXDTI5MDYxMDEyMTkyNlowXTELMAkGA1UEBhMCQVUx\n"
2733 "EzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg\n"
2734 "UHR5IEx0ZDEWMBQGA1UEAwwNZWVAdGVzdG1lLmNvbTCCASIwDQYJKoZIhvcNAQEB\n"
2735 "BQADggEPADCCAQoCggEBAK3/XvE3uc2EhzwmsAfq6KEw52J8kCAB9Rma/qjkw6ZT\n"
2736 "yUYmSQvmcK8wSDt015Y/ekYLereCeWNLNkFlQeZC7LHT6T1mGnxNIgL3oUS2c+15\n"
2737 "FEYX9QJIN/CoJYQ/tmiQPa1OJz4prUFwqAzM1kRtHGfcAGmQHfgu77P3ljAJzfsW\n"
2738 "2beVHM+MTNSybkGHql28Z93bp382k5FQXegkxbozsKBMk37QjKiqes29J/ET0Huy\n"
2739 "yzOkf+XvbizIPRvMt/2guw9sgRb7YrM2M+igmHIHxfzxuqzpPr+bmcqQdyFdVkAK\n"
2740 "Qcx930HbfjHJ5k5vcovPLQ3LvSnYVCTe7aCAAmMzKXsCAwEAATANBgkqhkiG9w0B\n"
2741 "AQsFAAOBgQBfFMim/9zLd+EeZyeYA0vy3C9YuNJI+KsZlKAfrFDQNeIT/qg/GQM4\n"
2742 "o7I3TIHQ62tdEx6nBJs0DKSAmhRh4yc+P1KHMzIQIgSjftqS3Z+AKbJn6vOpWNTq\n"
2743 "cexnpexaNn69dbqJZsjr0fHsGAkh5n96icAB4VZyFncEknZKbTdd0g==\n"
2744 "-----END CERTIFICATE-----\n";
2746 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2747 CKM::CertificateShPtrVector certChain;
2748 CKM::AliasVector aliasVector;
2751 auto manager = CKM::Manager::create();
2753 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2755 tmp = manager->getCertificateChain(cert,
2760 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2761 "Error=" << CKM::APICodeToString(tmp));
2764 0 == certChain.size(),
2765 "Wrong size of certificate chain.");
2767 aliasVector.push_back(alias_PKCS_exportable);
2769 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2770 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2772 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2774 4 == certChain.size(),
2775 "Wrong size of certificate chain: " << certChain.size());
2778 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2780 auto manager = CKM::Manager::create();
2784 // remove the whole PKCS12 bundles
2786 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2787 "Error=" << CKM::APICodeToString(tmp));
2789 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2790 "Error=" << CKM::APICodeToString(tmp));
2792 // expect lookup fails due to unknown alias
2793 // try to lookup key
2794 CKM::KeyShPtr key_lookup;
2796 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2797 "Error=" << CKM::APICodeToString(tmp));
2799 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2800 "Error=" << CKM::APICodeToString(tmp));
2802 // try to lookup certificate
2803 CKM::CertificateShPtr cert_lookup;
2805 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2806 "Error=" << CKM::APICodeToString(tmp));
2808 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2809 "Error=" << CKM::APICodeToString(tmp));
2812 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2814 CKM::Alias alias = "t1812alias1";
2816 auto manager = CKM::Manager::create();
2817 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2818 std::istreambuf_iterator<char> begin(is), end;
2819 std::vector<char> buff(begin, end);
2821 CKM::PKCS12ShPtr pkcs12;
2822 CKM::Password pass1 = "easypass1";
2823 CKM::Password pass2 = "easypass2";
2825 CKM::RawBuffer buffer(buff.size());
2826 memcpy(buffer.data(), buff.data(), buff.size());
2828 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2831 "Error in PKCS12::create()");
2835 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2836 "Error=" << CKM::APICodeToString(temp));
2839 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2840 "Error=" << CKM::APICodeToString(temp));
2843 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2844 "Error=" << CKM::APICodeToString(temp));
2847 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2848 "Error=" << CKM::APICodeToString(temp));
2851 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2852 "Error=" << CKM::APICodeToString(temp));
2855 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2856 "Error=" << CKM::APICodeToString(temp));
2858 CKM::CertificateShPtr cert;
2860 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2861 "Error=" << CKM::APICodeToString(temp));
2863 CKM::CertificateShPtrVector certChain;
2864 CKM::AliasVector certVect;
2865 certVect.push_back(alias);
2868 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2869 "Error=" << CKM::APICodeToString(temp));
2872 RUNNER_TEST(T1813_deinit)
2875 auto control = CKM::Control::create();
2878 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2879 "Error=" << CKM::APICodeToString(temp));
2882 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2884 const char * const T190_PASSWD = "t190-special-password";
2886 RUNNER_TEST(T1901_init_unlock_key)
2888 reset_user_data(USER_APP, T190_PASSWD);
2891 RUNNER_TEST(T1902_get_data)
2893 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2895 auto manager = CKM::Manager::create();
2898 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2901 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2902 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2905 RUNNER_TEST(T1903_lock_database)
2908 auto control = CKM::Control::create();
2910 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2911 "Error=" << CKM::APICodeToString(tmp));
2914 RUNNER_TEST(T1904_get_data_from_locked_database)
2916 auto manager = CKM::Manager::create();
2919 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2922 CKM_API_ERROR_DB_LOCKED == status1,
2923 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2926 RUNNER_TEST(T1905_deinit)
2928 remove_user_data(USER_APP);
2931 int main(int argc, char *argv[])
2933 uid_t expected_uid = tzplatform_getuid(TZ_SYS_DEFAULT_USER);
2934 if (expected_uid != geteuid()) {
2935 std::string userStr("owner");
2936 const char* user = tzplatform_getenv(TZ_SYS_DEFAULT_USER);
2940 std::cerr << argv[0] << " should be executed as " << userStr << ". Aborting" << std::endl;
2944 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob