2 * Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
23 #include <dpl/test/test_runner.h>
25 #include <tests_common.h>
26 #include <test-certs.h>
27 #include <ckm_helpers.h>
29 #include <ckm-common.h>
30 #include <ckm/ckm-manager.h>
31 #include <ckm/ckm-control.h>
32 #include <ckm/ckm-password.h>
33 #include <ckm/ckm-type.h>
34 #include <ckm/ckm-pkcs12.h>
36 #include <openssl/x509.h>
37 #include <openssl/x509v3.h>
40 const int USER_APP = 5001;
42 const int USER_APP_2 = 5020;
43 const int USER_APP_3 = 5030;
45 const char * const APP_PASS = "user-pass";
46 const int USER_TEST = 5001;
48 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
49 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
50 const std::string KEY_PEM = "-----BEGIN PUBLIC KEY-----\n"
51 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
52 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
53 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
54 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
55 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
56 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
58 "-----END PUBLIC KEY-----";
60 } // namespace anonymous
63 * How to numerate tests:
65 * T - test case (always T)
66 * AB - number of test group (always two digits)
67 * C - test number in group (all tests with same TABC must be run in the same time).
70 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
72 RUNNER_TEST(T0011_Control)
75 auto control = CKM::Control::create();
77 control->removeUserData(0);
78 control->removeUserData(USER_APP_2);
79 control->removeUserData(USER_APP);
82 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
83 "Error=" << CKM::APICodeToString(temp));
86 RUNNER_TEST(T0012_Control)
89 auto control = CKM::Control::create();
91 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
92 "Error=" << CKM::APICodeToString(temp));
94 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
95 "Error=" << CKM::APICodeToString(temp));
98 RUNNER_TEST(T0013_Control)
101 auto control = CKM::Control::create();
103 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "simple-password")),
104 "Error=" << CKM::APICodeToString(temp));
107 RUNNER_TEST(T0014_Control)
110 auto control = CKM::Control::create();
112 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
113 "Error=" << CKM::APICodeToString(temp));
116 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "simple-password")),
117 "Error=" << CKM::APICodeToString(temp));
120 CKM_API_SUCCESS == (temp = control->resetUserPassword(USER_APP_3, "something")),
121 "Error=" << CKM::APICodeToString(temp));
124 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_3, "test-pass")),
125 "Error=" << CKM::APICodeToString(temp));
128 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_3)),
129 "Error=" << CKM::APICodeToString(temp));
132 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(USER_APP_3, "something")),
133 "Error=" << CKM::APICodeToString(temp));
136 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_3)),
137 "Error=" << CKM::APICodeToString(temp));
140 RUNNER_TEST(T0015_Control)
143 auto control = CKM::Control::create();
145 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
146 "Error=" << CKM::APICodeToString(temp));
148 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
149 "Error=" << CKM::APICodeToString(temp));
151 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
152 "Error=" << CKM::APICodeToString(temp));
154 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
155 "Error=" << CKM::APICodeToString(temp));
158 RUNNER_TEST(T0016_Control_negative_wrong_password)
161 auto control = CKM::Control::create();
163 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP_2, "test-pass")),
164 "Error=" << CKM::APICodeToString(temp));
166 CKM_API_SUCCESS == (temp = control->changeUserPassword(USER_APP_2, "test-pass", "new-pass")),
167 "Error=" << CKM::APICodeToString(temp));
169 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP_2)),
170 "Error=" << CKM::APICodeToString(temp));
172 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(USER_APP_2, "incorrect-password")),
173 "Error=" << CKM::APICodeToString(temp));
175 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP_2)),
176 "Error=" << CKM::APICodeToString(temp));
179 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
181 RUNNER_TEST(T1010_init)
183 unlock_user_data(USER_APP, "user-pass");
186 RUNNER_TEST(T1011_key)
189 auto manager = CKM::Manager::create();
191 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
192 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
193 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
194 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
195 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
196 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
197 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
199 "-----END PUBLIC KEY-----";
201 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
202 auto key = CKM::Key::create(buffer, CKM::Password());
204 CKM::Alias alias = "mykey";
207 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
208 "Error=" << CKM::APICodeToString(temp));
210 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
211 "Error=" << CKM::APICodeToString(temp));
213 key->getDER() == key2->getDER(),
214 "Key value has been changed by service");
217 RUNNER_TEST(T1012_certificate)
220 auto manager = CKM::Manager::create();
222 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
223 CKM::CertificateShPtr cert2;
224 CKM::Alias alias = "myCert";
227 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
228 "Error=" << CKM::APICodeToString(temp));
230 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
231 "Error=" << CKM::APICodeToString(temp));
233 cert->getDER() == cert2->getDER(),
234 "Data has been modified in key manager");
237 RUNNER_TEST(T1014_save_with_label)
240 auto manager = CKM::Manager::create();
242 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
243 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
244 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
245 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
246 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
247 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
248 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
250 "-----END PUBLIC KEY-----";
252 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
253 auto key = CKM::Key::create(buffer, CKM::Password());
254 CKM::KeyShPtr key_name, key_full_addr;
255 CKM::Alias alias = "mykey-2";
256 std::string top_label = getOwnerIdFromSelf();
257 std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
260 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
261 "Error=" << CKM::APICodeToString(temp));
265 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
266 "Error=" << CKM::APICodeToString(temp));
268 key->getDER() == key_name->getDER(),
269 "Key value has been changed by service");
271 // lookup by full address
273 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
274 "Error=" << CKM::APICodeToString(temp));
276 key->getDER() == key_full_addr->getDER(),
277 "Key value has been changed by service");
280 RUNNER_TEST(T1020_save_big_data)
283 const size_t BIG_SIZE = 100000;
284 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_HARDWARE;
286 const size_t BIG_SIZE = 5000000;
287 CKM::PolicyBackend backend = CKM::PolicyBackend::FORCE_SOFTWARE;
291 std::vector<char> big_data(BIG_SIZE);
292 std::ifstream is("/dev/urandom", std::ifstream::binary);
294 is.read(big_data.data(), BIG_SIZE);
296 RUNNER_ASSERT_MSG(is,
297 "Only " << is.gcount() << "/" << BIG_SIZE << " bytes read from /dev/urandom");
299 CKM::RawBuffer buffer(big_data.begin(), big_data.end());
300 CKM::Policy policy(CKM::Password(), true, backend);
301 CKM::RawBuffer returned;
303 auto manager = CKM::Manager::create();
306 CKM_API_SUCCESS == (temp = manager->saveData("big_data", buffer, policy)),
307 "Error=" << CKM::APICodeToString(temp));
310 CKM_API_SUCCESS == (temp = manager->getData("big_data", CKM::Password(), returned)),
311 "Error=" << CKM::APICodeToString(temp));
313 RUNNER_ASSERT_MSG(buffer == returned, "Returned data doesn't match the original");
316 RUNNER_TEST(T1015_deinit)
318 remove_user_data(USER_APP);
321 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
323 RUNNER_TEST(T1020_init)
326 auto control = CKM::Control::create();
328 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
329 "Error=" << CKM::APICodeToString(temp));
332 RUNNER_TEST(T1021_save_keys_get_alias)
335 auto manager = CKM::Manager::create();
337 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
338 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
339 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
340 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
341 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
342 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
343 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
345 "-----END PUBLIC KEY-----";
347 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
348 auto key = CKM::Key::create(buffer, CKM::Password());
349 CKM::AliasVector labelAliasVector;
351 size_t current_aliases_num = count_aliases(ALIAS_KEY);
353 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
354 "Error=" << CKM::APICodeToString(temp));
356 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
357 "Error=" << CKM::APICodeToString(temp));
359 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
360 "Error=" << CKM::APICodeToString(temp));
362 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
363 "Error=" << CKM::APICodeToString(temp));
365 labelAliasVector.size() == (current_aliases_num+3),
366 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
369 RUNNER_TEST(T1022_app_user_save_keys_get_alias)
372 auto manager = CKM::Manager::create();
374 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
375 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
376 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
377 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
378 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
379 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
380 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
382 "-----END PUBLIC KEY-----";
384 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
385 auto key = CKM::Key::create(buffer, CKM::Password());
386 CKM::AliasVector labelAliasVector;
388 size_t current_aliases_num = count_aliases(ALIAS_KEY);
390 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
391 "Error=" << CKM::APICodeToString(temp));
393 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
394 "Error=" << CKM::APICodeToString(temp));
396 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
397 "Error=" << CKM::APICodeToString(temp));
399 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
400 "Error=" << CKM::APICodeToString(temp));
402 labelAliasVector.size() == (current_aliases_num+3),
403 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
406 RUNNER_TEST(T1023_app_user_save_keys_exportable_flag)
409 auto manager = CKM::Manager::create();
411 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
412 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
413 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
414 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
415 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
416 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
417 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
419 "-----END PUBLIC KEY-----";
421 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
422 auto key = CKM::Key::create(buffer, CKM::Password());
423 CKM::AliasVector aliasVector;
424 CKM::Policy notExportable(CKM::Password(), false);
427 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
428 "Error=" << CKM::APICodeToString(temp));
430 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
431 "Error=" << CKM::APICodeToString(temp));
433 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, notExportable)),
434 "Error=" << CKM::APICodeToString(temp));
437 RUNNER_TEST(T1024_app_user_save_keys_get_alias_pwd)
439 remove_user_data(USER_APP);
442 const int aliasNameCount = 10;
443 auto manager = CKM::Manager::create();
446 CKM::RawBuffer buffer(KEY_PEM.begin(), KEY_PEM.end());
447 auto key = CKM::Key::create(buffer, CKM::Password());
448 std::string currentAlias;
450 size_t beforeSaveAliasCount = count_aliases(ALIAS_KEY);
451 // make aliases with & without: password protection, exportable flag
452 for (int it = 0; it < aliasNameCount; ++it)
454 CKM::Policy policy = generate_ckm_policy(it);
455 currentAlias = "T1024_appkey" + std::to_string(it);
456 expected.emplace_back(currentAlias, !policy.password.empty(), backend());
458 CKM_API_SUCCESS == (exitCode = manager->saveKey(currentAlias, key, policy)),
459 "Error=" << CKM::APICodeToString(exitCode));
462 CKM::AliasInfoVector aliasInfoVector;
466 CKM_API_SUCCESS == (exitCode = manager->getKeyAliasInfoVector(aliasInfoVector)),
467 "Error=" << CKM::APICodeToString(exitCode));
469 aliasInfoVector.size() == (beforeSaveAliasCount + aliasNameCount),
470 "Wrong aliases count: " << aliasInfoVector.size() << " Expected: "
471 << (beforeSaveAliasCount + aliasNameCount));
474 for (const auto &info : aliasInfoVector) {
475 exitCode = manager->getKeyEncryptionStatus(info.alias, status);
476 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == exitCode, "Error=" << CKM::APICodeToString(exitCode));
478 actual.try_emplace(info.alias, info.alias, status, info.backend);
481 check_alias_info_list_helper(expected, actual, "/User ");
483 remove_user_data(USER_APP);
486 RUNNER_TEST(T1025_app_user_save_certificates_get_alias_pwd)
488 remove_user_data(USER_APP);
491 const int aliasNameCount = 10;
492 auto manager = CKM::Manager::create();
495 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
496 std::string currentAlias;
498 size_t beforeSaveAliasCount = count_aliases(ALIAS_CERT);
499 for (int it = 0; it < aliasNameCount; ++it)
501 CKM::Policy policy = generate_ckm_policy(it);
502 currentAlias = "T1025_appcert" + std::to_string(it);
503 expected.emplace_back(currentAlias, !policy.password.empty(), CKM::BackendId::SW);
505 CKM_API_SUCCESS == (exitCode = manager->saveCertificate(currentAlias, cert, policy)),
506 "Error=" << CKM::APICodeToString(exitCode));
509 CKM::AliasInfoVector aliasInfoVector;
513 CKM_API_SUCCESS == (exitCode = manager->getCertificateAliasInfoVector(aliasInfoVector)),
514 "Error=" << CKM::APICodeToString(exitCode));
516 aliasInfoVector.size() == (beforeSaveAliasCount + aliasNameCount),
517 "Wrong aliases count: " << aliasInfoVector.size() << " Expected: "
518 << (beforeSaveAliasCount + aliasNameCount));
521 for (const auto &info : aliasInfoVector) {
522 exitCode = manager->getCertificateEncryptionStatus(info.alias, status);
523 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == exitCode, "Error=" << CKM::APICodeToString(exitCode));
525 actual.try_emplace(info.alias, info.alias, status, info.backend);
528 check_alias_info_list_helper(expected, actual, "/User ");
530 remove_user_data(USER_APP);
533 RUNNER_TEST(T1026_app_user_save_data_get_alias_pwd)
535 remove_user_data(USER_APP);
538 const int aliasNameCount = 10;
539 auto manager = CKM::Manager::create();
542 std::string binData = "My bin data";
543 CKM::RawBuffer buffer(binData.begin(), binData.end());
544 std::string currentAlias;
546 size_t beforeSaveAliasCount = count_aliases(ALIAS_DATA);
547 for (int it = 0; it < aliasNameCount; ++it)
549 CKM::Policy policy = generate_ckm_policy(it);
550 currentAlias = "T1026_appdata" + std::to_string(it);
551 expected.emplace_back(currentAlias, !policy.password.empty(), backend());
553 CKM_API_SUCCESS == (exitCode = manager->saveData(currentAlias, buffer, policy)),
554 "Error=" << CKM::APICodeToString(exitCode));
557 CKM::AliasInfoVector aliasInfoVector;
561 CKM_API_SUCCESS == (exitCode = manager->getDataAliasInfoVector(aliasInfoVector)),
562 "Error=" << CKM::APICodeToString(exitCode));
564 aliasInfoVector.size() == (beforeSaveAliasCount + aliasNameCount),
565 "Wrong aliases count: " << aliasInfoVector.size() << " Expected: "
566 << (beforeSaveAliasCount + aliasNameCount));
569 for (const auto &info : aliasInfoVector) {
570 exitCode = manager->getDataEncryptionStatus(info.alias, status);
571 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == exitCode, "Error=" << CKM::APICodeToString(exitCode));
573 actual.try_emplace(info.alias, info.alias, status, info.backend);
576 check_alias_info_list_helper(expected, actual, "/User ");
578 remove_user_data(USER_APP);
581 RUNNER_TEST(T1029_deinit)
583 remove_user_data(USER_APP);
586 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
587 RUNNER_TEST(T1030_init)
589 reset_user_data(USER_APP, APP_PASS);
592 RUNNER_TEST(T1032_app_user_save_bin_data)
594 ScopedDBUnlock unlock(USER_APP, APP_PASS);
597 auto manager = CKM::Manager::create();
599 std::string binData = "My bin data";
601 CKM::RawBuffer buffer(binData.begin(), binData.end());
603 CKM::AliasVector labelAliasVector;
605 size_t current_aliases_num = count_aliases(ALIAS_DATA);
607 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
608 "Error=" << CKM::APICodeToString(temp));
610 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
611 "Error=" << CKM::APICodeToString(temp));
613 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
614 "Error=" << CKM::APICodeToString(temp));
616 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
617 "Error=" << CKM::APICodeToString(temp));
619 labelAliasVector.size() == (current_aliases_num+3),
620 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num+3));
623 RUNNER_TEST(T1034_app_remove_bin_data)
625 ScopedDBUnlock unlock(USER_APP, APP_PASS);
628 auto manager = CKM::Manager::create();
630 std::string binData2 = "My bin data";
631 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
633 CKM::AliasVector labelAliasVector;
635 size_t current_aliases_num = count_aliases(ALIAS_DATA);
636 std::string invalid_address = aliasWithLabel("i-do-not-exist", "appdata1");
638 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
639 "Error=" << CKM::APICodeToString(temp));
641 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata1")),
642 "Error=" << CKM::APICodeToString(temp));
644 CKM_API_SUCCESS == (temp = manager->removeAlias("appdata3")),
645 "Error=" << CKM::APICodeToString(temp));
647 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
648 "Error=" << CKM::APICodeToString(temp));
650 labelAliasVector.size() == (current_aliases_num-2),
651 "Wrong size of list: " << labelAliasVector.size() << " Expected: " << (current_aliases_num-2));
653 CKM::RawBuffer buffer;
655 CKM_API_SUCCESS == (temp = manager->getData("appdata2", CKM::Password(), buffer)),
656 "Error=" << CKM::APICodeToString(temp));
661 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("appdata3", CKM::Password(), buffer)),
662 "Error=" << CKM::APICodeToString(temp));
665 RUNNER_TEST(T1035_getData_wrong_password)
667 ScopedDBUnlock unlock(USER_APP, APP_PASS);
670 auto manager = CKM::Manager::create();
672 std::string binData1 = "My bin data4";
674 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
677 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
678 "Error=" << CKM::APICodeToString(temp));
680 CKM::RawBuffer buffer;
682 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
683 "Error=" << CKM::APICodeToString(temp));
689 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
690 "Error=" << CKM::APICodeToString(temp));
693 RUNNER_TEST(T1036_deinit)
695 remove_user_data(USER_APP);
698 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
700 RUNNER_TEST(T1040_init)
703 auto control = CKM::Control::create();
706 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
707 "Error=" << CKM::APICodeToString(temp));
710 RUNNER_TEST(T1041_create_RSA_key)
713 auto manager = CKM::Manager::create();
716 size_t current_aliases_num = count_aliases(ALIAS_KEY);
718 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
719 "Error=" << CKM::APICodeToString(temp));
721 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
722 "Error=" << CKM::APICodeToString(temp));
724 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
725 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
728 RUNNER_TEST(T1042_create_RSA_key_foreign_label)
731 auto manager = CKM::Manager::create();
735 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
736 "Error=" << CKM::APICodeToString(temp));
738 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
739 "Error=" << CKM::APICodeToString(temp));
742 RUNNER_TEST(T1043_create_DSA_key)
745 auto manager = CKM::Manager::create();
748 size_t current_aliases_num = count_aliases(ALIAS_KEY);
750 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
751 "Error=" << CKM::APICodeToString(temp));
753 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
754 "Error=" << CKM::APICodeToString(temp));
756 (current_aliases_num+2) == static_cast<size_t>(temp = av.size()),
757 "Vector size: " << temp << ". Expected: " << (current_aliases_num+2));
760 RUNNER_TEST(T1044_create_AES_key)
763 auto manager = CKM::Manager::create();
766 int current_aliases_num = count_aliases(ALIAS_KEY);
768 CKM_API_SUCCESS == (temp = manager->createKeyAES(128, CKM::Alias("KEY1_AES"), CKM::Policy())),
769 "Error=" << CKM::APICodeToString(temp));
771 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
772 "Error=" << CKM::APICodeToString(temp));
774 (current_aliases_num+1) == (temp = av.size()),
775 "Vector size: " << temp << ". Expected: " << (current_aliases_num+1));
778 RUNNER_TEST(T1049_deinit)
780 remove_user_data(USER_APP);
784 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
786 RUNNER_TEST(T1110_init)
788 unlock_user_data(USER_APP, "user-pass");
791 RUNNER_TEST(T1111_CreateKeyPairRSA)
794 auto manager = CKM::Manager::create();
795 CKM::Alias a1 = "rsa-test-1";
796 CKM::Alias a2 = "rsa-test-2";
800 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
801 "Error=" << CKM::APICodeToString(temp));
803 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
804 "Error=" << CKM::APICodeToString(temp));
807 RUNNER_TEST(T1112_CreateKeyPairDSA)
810 auto manager = CKM::Manager::create();
811 CKM::Alias a1 = "dsa-test-1";
812 CKM::Alias a2 = "dsa-test-2";
816 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
817 "Error=" << CKM::APICodeToString(temp));
819 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
820 "Error=" << CKM::APICodeToString(temp));
823 RUNNER_TEST(T1113_CreateKeyPairECDSA)
826 auto manager = CKM::Manager::create();
827 CKM::Alias a1 = "ecdsa-test-1";
828 CKM::Alias a2 = "ecdsa-test-2";
832 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
833 "Error=" << CKM::APICodeToString(temp));
836 RUNNER_TEST(T1114_deinit)
838 remove_user_data(USER_APP);
841 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
843 RUNNER_TEST(T12100_init)
845 reset_user_data(USER_APP, APP_PASS);
848 RUNNER_TEST(T12101_key_exist)
850 ScopedDBUnlock unlock(USER_APP, APP_PASS);
853 auto manager = CKM::Manager::create();
855 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
856 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
857 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
858 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
859 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
860 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
861 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
863 "-----END PUBLIC KEY-----";
865 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
866 auto key = CKM::Key::create(buffer);
867 CKM::Alias alias = "rsa-alias-duplication";
870 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
871 "Error=" << CKM::APICodeToString(ret));
873 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
874 "Error=" << CKM::APICodeToString(ret));
878 * These test cases tests API when empty parameters are passed to functions
881 RUNNER_TEST(T12102_saveKey_empty_alias)
883 ScopedDBUnlock unlock(USER_APP, APP_PASS);
885 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
886 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
887 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
888 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
889 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
890 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
891 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
892 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
894 "-----END PUBLIC KEY-----";
896 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
897 auto key = CKM::Key::create(buffer);
898 CKM::Alias alias; //alias is not initialized
901 auto manager = CKM::Manager::create();
903 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
904 "Error=" << CKM::APICodeToString(ret));
907 RUNNER_TEST(T12103_saveKey_foreign_label)
909 ScopedDBUnlock unlock(USER_APP, APP_PASS);
911 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
912 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
913 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
914 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
915 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
916 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
917 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
919 "-----END PUBLIC KEY-----";
921 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
922 auto key = CKM::Key::create(buffer);
923 CKM::Alias alias = "iamsomebodyelse alias";
926 auto manager = CKM::Manager::create();
928 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
929 "Error=" << CKM::APICodeToString(ret));
932 RUNNER_TEST(T12104_saveKey_empty_key)
934 ScopedDBUnlock unlock(USER_APP, APP_PASS);
936 CKM::KeyShPtr key; //key is not initialized
937 CKM::Alias alias = "empty-key";
940 auto manager = CKM::Manager::create();
942 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
943 "Error=" << CKM::APICodeToString(ret));
946 RUNNER_TEST(T12105_saveCertificate_empty_alias)
948 ScopedDBUnlock unlock(USER_APP, APP_PASS);
950 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
951 CKM::Alias alias; //alias is not initialized
954 auto manager = CKM::Manager::create();
956 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
957 "Error=" << CKM::APICodeToString(temp));
960 RUNNER_TEST(T12106_saveCertificate_foreign_label)
962 ScopedDBUnlock unlock(USER_APP, APP_PASS);
964 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
965 CKM::Alias alias = "iamsomebodyelse alias";
968 auto manager = CKM::Manager::create();
970 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
971 "Error=" << CKM::APICodeToString(temp));
974 RUNNER_TEST(T12107_saveCertificate_empty_cert)
976 ScopedDBUnlock unlock(USER_APP, APP_PASS);
978 CKM::CertificateShPtr cert; //cert is not initialized
979 CKM::Alias alias = "empty-cert";
982 auto manager = CKM::Manager::create();
984 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
985 "Error=" << CKM::APICodeToString(temp));
988 RUNNER_TEST(T12108_saveData_empty_alias)
990 ScopedDBUnlock unlock(USER_APP, APP_PASS);
992 std::string testData = "test data test data test data";
993 CKM::RawBuffer buffer(testData.begin(), testData.end());
997 auto manager = CKM::Manager::create();
999 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1000 "Error=" << CKM::APICodeToString(temp));
1003 RUNNER_TEST(T12109_saveData_foreign_label)
1005 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1007 std::string testData = "test data test data test data";
1008 CKM::RawBuffer buffer(testData.begin(), testData.end());
1009 CKM::Alias alias = "iamsomebodyelse alias";
1012 auto manager = CKM::Manager::create();
1014 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1015 "Error=" << CKM::APICodeToString(temp));
1018 RUNNER_TEST(T12110_saveData_empty_data)
1020 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1022 CKM::RawBuffer buffer;
1023 CKM::Alias alias = "empty-data";
1026 auto manager = CKM::Manager::create();
1028 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1029 "Error=" << CKM::APICodeToString(temp));
1033 * These test cases tests API when trying to get data from not existing alias
1036 RUNNER_TEST(T12111_getKey_alias_not_exist)
1038 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1041 CKM::Alias alias = "this-alias-not-exist";
1044 auto manager = CKM::Manager::create();
1046 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1047 "Error=" << CKM::APICodeToString(temp));
1050 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1052 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1054 CKM::CertificateShPtr certificate;
1055 CKM::Alias alias = "this-alias-not-exist";
1058 auto manager = CKM::Manager::create();
1060 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1061 "Error=" << CKM::APICodeToString(temp));
1064 RUNNER_TEST(T12113_getData_alias_not_exist)
1066 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1069 auto manager = CKM::Manager::create();
1070 CKM::RawBuffer buffer;
1071 CKM::Alias alias("some alias");
1073 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1074 "Error=" << CKM::APICodeToString(temp));
1078 * These test cases tests API when damaged keys are used
1080 RUNNER_TEST(T12114_RSA_key_damaged)
1082 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1085 auto manager = CKM::Manager::create();
1087 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1088 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1089 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1090 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1091 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1092 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1093 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1095 "-----END PUBLIC KEY-----";
1097 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1098 auto key = CKM::Key::create(buffer);
1099 CKM::Alias alias = "damaged-rsa";
1102 NULL == key.get(), "Key is broken. It should be empty");
1105 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1106 "Error=" << CKM::APICodeToString(ret));
1109 RUNNER_TEST(T12115_RSA_key_too_short)
1111 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1114 auto manager = CKM::Manager::create();
1116 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1117 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1118 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1119 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1120 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1121 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1122 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1124 "-----END PUBLIC KEY-----";
1126 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1127 auto key = CKM::Key::create(buffer);
1128 CKM::Alias alias = "short-rsa";
1131 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1132 "Error=" << CKM::APICodeToString(ret));
1135 RUNNER_TEST(T12116_DSA_key_too_short)
1137 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1140 auto manager = CKM::Manager::create();
1142 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1143 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1144 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1145 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1146 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1147 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1148 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1149 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1150 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1151 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1152 "YMYCBhubtrVaLmc=\n"
1153 "-----END PUBLIC KEY-----";
1155 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1156 auto key = CKM::Key::create(buffer);
1157 CKM::Alias alias = "short-dsa";
1160 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1161 "Error=" << CKM::APICodeToString(ret));
1164 RUNNER_TEST(T12117_AES_key_too_short)
1167 auto manager = CKM::Manager::create();
1169 size_t key_size = (128-1);
1170 CKM::RawBuffer key_AES = createRandomBuffer(key_size/8);
1172 auto key = CKM::Key::create(key_AES);
1173 CKM::Alias alias = "short-AES";
1176 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1177 "Error=" << CKM::APICodeToString(ret));
1181 * These test cases tests CKM service if malicious data is provided over the socket.
1184 RUNNER_TEST(T12118_RSA_key_damaged_serviceTest)
1186 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1189 auto manager = CKM::Manager::create();
1191 // fake the client - let the service detect the problem
1192 class WrongKeyImpl : public CKM::Key
1195 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1198 virtual bool empty() const {
1202 virtual CKM::KeyType getType() const {
1203 return CKM::KeyType::KEY_RSA_PUBLIC;
1205 virtual int getSize() const {
1208 virtual CKM::ElipticCurve getCurve() const {
1209 return CKM::ElipticCurve::prime192v1;
1211 virtual CKM::RawBuffer getDER() const {
1214 virtual ~WrongKeyImpl() {}
1216 CKM::RawBuffer & m_dummy;
1218 std::string dummyData = "my_cat_Berta\n";
1219 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1220 auto key = std::make_shared<WrongKeyImpl>(buffer);
1221 CKM::Alias alias = "damaged-rsa";
1224 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1225 "Error=" << CKM::APICodeToString(ret));
1228 RUNNER_TEST(T12119_saveCertificate_damaged_serviceTest)
1230 ScopedDBUnlock unlock(USER_APP, APP_PASS);
1232 // fake the client - let the service detect the problem
1233 class WrongCertImpl : public CKM::Certificate
1236 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1237 m_x509 = X509_new();
1240 bool empty() const {
1244 virtual X509 *getX509() const {
1248 virtual CKM::RawBuffer getDER() const {
1252 virtual ~WrongCertImpl() {
1257 CKM::RawBuffer & m_dummy;
1259 std::string dummyData = "my_cat_Stefan\n";
1260 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1261 auto cert = std::make_shared<WrongCertImpl>(buffer);
1262 CKM::Alias alias = "damaged-cert";
1265 auto manager = CKM::Manager::create();
1267 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1268 "Error=" << CKM::APICodeToString(temp));
1271 RUNNER_TEST(T12120_deinit)
1273 remove_user_data(USER_APP);
1276 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1278 RUNNER_TEST(T1311_init)
1280 remove_user_data(USER_APP);
1281 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1282 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1284 struct hostent* he = gethostbyname("google.com");
1286 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1287 "is not woking on the device. OCSP tests requires network access!");
1290 RUNNER_TEST(T13121_get_chain_no_cert)
1292 CKM::CertificateShPtrVector certChain;
1293 CKM::CertificateShPtr cert;
1295 auto manager = CKM::Manager::create();
1297 int ret = manager->getCertificateChain(cert,
1302 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1303 "Function should fail for empty certificate");
1306 RUNNER_TEST(T13122_get_chain_empty_cert)
1308 CKM::CertificateShPtrVector certChain;
1309 CKM::CertificateShPtr cert = CKM::Certificate::create(CKM::RawBuffer(),
1310 CKM::DataFormat::FORM_PEM);
1312 auto manager = CKM::Manager::create();
1314 int ret = manager->getCertificateChain(cert,
1319 RUNNER_ASSERT_MSG(CKM_API_ERROR_INPUT_PARAM == ret,
1320 "Function should fail for empty certificate");
1323 RUNNER_TEST(T13129_get_chain)
1325 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1326 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1327 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1329 CKM::CertificateShPtrVector certVector = {cert1};
1330 CKM::CertificateShPtrVector certChain;
1331 CKM::CertificateShPtrVector trusted = {root};
1334 auto manager = CKM::Manager::create();
1336 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1337 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1339 tmp = manager->getCertificateChain(cert,
1344 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1345 "Error=" << CKM::APICodeToString(tmp));
1348 0 == certChain.size(),
1349 "Wrong size of certificate chain.");
1351 tmp = manager->getCertificateChain(cert, certVector, trusted, true, certChain);
1352 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1355 3 == certChain.size(),
1356 "Wrong size of certificate chain.");
1359 RUNNER_TEST(T1313_get_chain_with_alias)
1361 auto cert = TestData::getTestCertificate(TestData::TEST_LEAF);
1362 auto cert1 = TestData::getTestCertificate(TestData::TEST_IM_CA);
1363 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1365 CKM::CertificateShPtrVector certChain;
1368 auto manager = CKM::Manager::create();
1370 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1371 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1373 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, EMPTY_ALIAS_VECTOR, true, certChain);
1374 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1375 "Error=" << CKM::APICodeToString(tmp));
1378 0 == certChain.size(),
1379 "Wrong size of certificate chain.");
1381 CKM::AliasVector aliasVector = { "imcert" };
1383 CKM_API_SUCCESS == (tmp = manager->saveCertificate(aliasVector[0], cert1, CKM::Policy())),
1384 "Error=" << CKM::APICodeToString(tmp));
1386 CKM::AliasVector trustedAliasVector = { "rootcert" };
1388 CKM_API_SUCCESS == (tmp = manager->saveCertificate(trustedAliasVector[0], root, CKM::Policy())),
1389 "Error=" << CKM::APICodeToString(tmp));
1391 tmp = manager->getCertificateChain(cert, aliasVector, trustedAliasVector, true, certChain);
1392 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1395 3 == certChain.size(),
1396 "Wrong size of certificate chain.");
1399 RUNNER_TEST(T13141_ocsp_check_valid_chain)
1401 auto cert = TestData::getTestCertificate(TestData::OCSP_AVAILABLE_IM);
1403 CKM::CertificateShPtrVector certChain;
1406 auto manager = CKM::Manager::create();
1408 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1410 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1411 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
1414 2 == certChain.size(),
1415 "Wrong size of certificate chain.");
1419 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1420 "Error=" << CKM::APICodeToString(tmp));
1422 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1425 RUNNER_TEST(T13142_ocsp_check_empty)
1427 CKM::CertificateShPtrVector certVector;
1429 auto manager = CKM::Manager::create();
1434 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1435 "ocspCheck should fail for empty certificate vector");
1438 RUNNER_TEST(T13143_ocsp_check_empty_ptrs)
1440 CKM::CertificateShPtrVector certVector = {
1441 CKM::CertificateShPtr(),
1442 CKM::CertificateShPtr(),
1443 CKM::CertificateShPtr()};
1445 auto manager = CKM::Manager::create();
1450 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1451 "ocspCheck should fail for empty certificate vector");
1454 RUNNER_TEST(T13144_ocsp_check_root)
1456 auto root = TestData::getTestCertificate(TestData::OCSP_ROOT_CA);
1457 CKM::CertificateShPtrVector certVector = {root};
1459 auto manager = CKM::Manager::create();
1461 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1466 CKM_API_ERROR_INPUT_PARAM == (tmp = manager->ocspCheck(certVector, status)),
1467 "Ocsp should fail for single certificate");
1470 RUNNER_TEST(T13145_ocsp_check_no_ocsp)
1472 auto root = TestData::getTestCertificate(TestData::TEST_ROOT_CA);
1473 auto ca = TestData::getTestCertificate(TestData::TEST_IM_CA);
1475 CKM::CertificateShPtrVector certVector = {ca, root};
1477 auto manager = CKM::Manager::create();
1479 RUNNER_ASSERT_MSG(NULL != root.get(), "Certificate should not be empty");
1480 RUNNER_ASSERT_MSG(NULL != ca.get(), "Certificate should not be empty");
1485 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certVector, status)),
1486 "Error=" << CKM::APICodeToString(tmp));
1488 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_UNSUPPORTED == status, "Verfication failed");
1491 RUNNER_TEST(T1315_deinit)
1493 remove_user_data(USER_APP);
1496 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1498 RUNNER_TEST(T1411_init)
1500 remove_user_data(USER_APP);
1503 RUNNER_TEST(T1412_RSA_key_create_verify)
1506 auto manager = CKM::Manager::create();
1508 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1509 "Proc-Type: 4,ENCRYPTED\n"
1510 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1512 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1513 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1514 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1515 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1516 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1517 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1518 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1519 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1520 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1521 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1522 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1523 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1524 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1525 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1526 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1527 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1528 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1529 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1530 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1531 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1532 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1533 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1534 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1535 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1536 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1537 "-----END RSA PRIVATE KEY-----\n";
1539 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1540 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1541 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1542 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1543 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1544 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1545 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1547 "-----END PUBLIC KEY-----\n";
1549 std::string message = "message test";
1551 CKM::Alias aliasPub = "pub1";
1552 CKM::Alias aliasPrv = "prv1";
1553 CKM::Password password = "1234";
1554 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1555 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1556 CKM::RawBuffer signature;
1558 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1559 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1561 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1562 "Key is empty. Failed to import public key.");
1563 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1564 "Key is empty. Failed to import private key.");
1567 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1568 "Error=" << CKM::APICodeToString(temp));
1570 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1571 "Error=" << CKM::APICodeToString(temp));
1574 CKM_API_SUCCESS == (temp = manager->createSignature(
1577 CKM::RawBuffer(message.begin(), message.end()),
1581 "Error=" << CKM::APICodeToString(temp));
1584 CKM_API_SUCCESS == (temp = manager->verifySignature(
1587 CKM::RawBuffer(message.begin(), message.end()),
1591 "Error=" << CKM::APICodeToString(temp));
1594 RUNNER_TEST(T1413_DSA_key_create_verify)
1597 auto manager = CKM::Manager::create();
1599 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1600 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1601 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1602 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1603 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1604 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1605 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1606 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1607 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1608 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1609 "u1roOuaPY+Hl19BlTE2qdw==\n"
1610 "-----END DSA PRIVATE KEY-----";
1612 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1613 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1614 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1615 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1616 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1617 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1618 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1619 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1620 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1621 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1622 "YMYCBhubtrVaLmc=\n"
1623 "-----END PUBLIC KEY-----";
1625 std::string message = "message test";
1627 CKM::Alias aliasPub = "pub2";
1628 CKM::Alias aliasPrv = "prv2";
1629 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1630 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1631 CKM::RawBuffer signature;
1633 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1634 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1636 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1637 "Key is empty. Failed to import public key.");
1638 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1639 "Key is empty. Failed to import private key.");
1642 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1643 "Error=" << CKM::APICodeToString(temp));
1645 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1646 "Error=" << CKM::APICodeToString(temp));
1649 CKM_API_SUCCESS == (temp = manager->createSignature(
1652 CKM::RawBuffer(message.begin(), message.end()),
1656 "Error=" << CKM::APICodeToString(temp));
1659 CKM_API_SUCCESS == (temp = manager->verifySignature(
1662 CKM::RawBuffer(message.begin(), message.end()),
1666 "Error=" << CKM::APICodeToString(temp));
1670 RUNNER_TEST(T1414_ECDSA_key_create_verify)
1673 auto manager = CKM::Manager::create();
1675 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1676 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1677 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1678 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1679 "-----END EC PRIVATE KEY-----\n";
1681 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1682 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1683 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1684 "-----END PUBLIC KEY-----\n";
1686 std::string message = "message test";
1688 CKM::Alias aliasPub = "ecpub2";
1689 CKM::Alias aliasPrv = "ecprv2";
1690 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1691 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1692 CKM::RawBuffer signature;
1694 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1695 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1697 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1698 "Key is empty. Failed to import public key.");
1699 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1700 "Key is empty. Failed to import private key.");
1703 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1704 "Error=" << CKM::APICodeToString(temp));
1706 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1707 "Error=" << CKM::APICodeToString(temp));
1710 CKM_API_SUCCESS == (temp = manager->createSignature(
1713 CKM::RawBuffer(message.begin(), message.end()),
1717 "Error=" << CKM::APICodeToString(temp));
1720 CKM_API_SUCCESS == (temp = manager->verifySignature(
1723 CKM::RawBuffer(message.begin(), message.end()),
1727 "Error=" << CKM::APICodeToString(temp));
1729 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1731 memcpy((void*)signature.data(), "BROKEN", 6);
1734 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1737 CKM::RawBuffer(message.begin(), message.end()),
1741 "Error=" << CKM::APICodeToString(temp));
1744 RUNNER_TEST(T1415_RSA_key_create_verify_negative)
1747 auto manager = CKM::Manager::create();
1748 std::string message = "message asdfaslkdfjlksadjf test";
1750 CKM::Alias aliasPub = "pub1";
1751 CKM::Alias aliasPrv = "prv1";
1753 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1754 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1755 CKM::RawBuffer signature;
1758 CKM_API_SUCCESS == (temp = manager->createSignature(
1761 CKM::RawBuffer(message.begin(), message.end()),
1765 "Error=" << CKM::APICodeToString(temp));
1768 CKM_API_SUCCESS == (temp = manager->verifySignature(
1771 CKM::RawBuffer(message.begin(), message.end()),
1775 "Error=" << CKM::APICodeToString(temp));
1777 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1778 memcpy((void*)signature.data(), "BROKEN", 6);
1781 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1784 CKM::RawBuffer(message.begin(), message.end()),
1788 "Error=" << CKM::APICodeToString(temp));
1791 RUNNER_TEST(T1416_DSA_key_create_verify_negative)
1794 auto manager = CKM::Manager::create();
1795 std::string message = "message asdfaslkdfjlksadjf test";
1797 CKM::Alias aliasPub = "pub2";
1798 CKM::Alias aliasPrv = "prv2";
1800 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1801 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1802 CKM::RawBuffer signature;
1805 CKM_API_SUCCESS == (temp = manager->createSignature(
1808 CKM::RawBuffer(message.begin(), message.end()),
1812 "Error=" << CKM::APICodeToString(temp));
1815 CKM_API_SUCCESS == (temp = manager->verifySignature(
1818 CKM::RawBuffer(message.begin(), message.end()),
1822 "Error=" << CKM::APICodeToString(temp));
1824 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1825 memcpy((void*)signature.data(), "BROKEN", 6);
1828 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1831 CKM::RawBuffer(message.begin(), message.end()),
1835 "Error=" << CKM::APICodeToString(temp));
1838 RUNNER_TEST(T1417_RSA_cert_create_verify_signature)
1841 auto manager = CKM::Manager::create();
1844 "-----BEGIN RSA PRIVATE KEY-----\n"
1845 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1846 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1847 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1848 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1849 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1850 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1851 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1852 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1853 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1854 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1855 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1856 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1857 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1858 "-----END RSA PRIVATE KEY-----\n";
1861 "-----BEGIN CERTIFICATE-----\n"
1862 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1863 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1864 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1865 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1866 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1867 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1868 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1869 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1870 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1871 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1872 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1873 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1874 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1875 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1876 "-----END CERTIFICATE-----\n";
1878 std::string message = "message test";
1880 CKM::Alias aliasPub = "pub1-cert";
1881 CKM::Alias aliasPrv = "prv1-cert";
1882 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1883 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1884 CKM::RawBuffer signature;
1886 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1887 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1889 RUNNER_ASSERT_MSG(NULL != cert.get(),
1890 "Key is empty. Failed to import public key.");
1891 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1892 "Key is empty. Failed to import private key.");
1895 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1896 "Error=" << CKM::APICodeToString(temp));
1898 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1899 "Error=" << CKM::APICodeToString(temp));
1902 CKM_API_SUCCESS == (temp = manager->createSignature(
1905 CKM::RawBuffer(message.begin(), message.end()),
1909 "Error=" << CKM::APICodeToString(temp));
1912 CKM_API_SUCCESS == (temp = manager->verifySignature(
1915 CKM::RawBuffer(message.begin(), message.end()),
1919 "Error=" << CKM::APICodeToString(temp));
1921 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1923 memcpy((void*)signature.data(), "BROKEN", 6);
1926 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1929 CKM::RawBuffer(message.begin(), message.end()),
1933 "Error=" << CKM::APICodeToString(temp));
1936 RUNNER_TEST(T1418_DSA_cert_create_verify_signature)
1939 auto manager = CKM::Manager::create();
1941 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
1942 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
1943 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
1944 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
1945 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
1946 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
1947 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
1948 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
1949 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
1950 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
1951 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
1952 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
1953 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
1954 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
1955 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
1956 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
1957 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
1958 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
1959 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
1960 "-----END CERTIFICATE-----\n";
1962 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1963 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
1964 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
1965 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
1966 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
1967 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
1968 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
1969 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
1970 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
1971 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
1972 "vonbjii3BYe4AIdkzOvp\n"
1973 "-----END DSA PRIVATE KEY-----\n";
1975 std::string message = "message test";
1977 CKM::Alias aliasPub = "pub2-cert";
1978 CKM::Alias aliasPrv = "prv2-cert";
1979 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1980 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1981 CKM::RawBuffer signature;
1983 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1984 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1986 RUNNER_ASSERT_MSG(NULL != cert.get(),
1987 "Key is empty. Failed to import public key.");
1988 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1989 "Key is empty. Failed to import private key.");
1992 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1993 "Error=" << CKM::APICodeToString(temp));
1995 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1996 "Error=" << CKM::APICodeToString(temp));
1999 CKM_API_SUCCESS == (temp = manager->createSignature(
2002 CKM::RawBuffer(message.begin(), message.end()),
2006 "Error=" << CKM::APICodeToString(temp));
2009 CKM_API_SUCCESS == (temp = manager->verifySignature(
2012 CKM::RawBuffer(message.begin(), message.end()),
2016 "Error=" << CKM::APICodeToString(temp));
2018 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2020 memcpy((void*)signature.data(), "BROKEN", 6);
2023 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2026 CKM::RawBuffer(message.begin(), message.end()),
2030 "Error=" << CKM::APICodeToString(temp));
2033 RUNNER_TEST(T1419_ECDSA_cert_create_verify_signature)
2036 auto manager = CKM::Manager::create();
2039 "-----BEGIN EC PRIVATE KEY-----\n"
2040 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2041 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2042 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2043 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2044 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2045 "ELyhe7yPCAuOoLZlTLgf\n"
2046 "-----END EC PRIVATE KEY-----\n";
2049 "-----BEGIN CERTIFICATE-----\n"
2050 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2051 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2052 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2053 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2054 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2055 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2056 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2057 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2058 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2059 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2060 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2061 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2062 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2063 "Q1oBry6NEc+lLFmWMDesAA==\n"
2064 "-----END CERTIFICATE-----\n";
2066 std::string message = "message test";
2068 CKM::Alias aliasPub = "pub3";
2069 CKM::Alias aliasPrv = "prv3";
2070 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2071 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2072 CKM::RawBuffer signature;
2074 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2075 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2077 RUNNER_ASSERT_MSG(NULL != cert.get(),
2078 "Key is empty. Failed to import public key.");
2079 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2080 "Key is empty. Failed to import private key.");
2083 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2084 "Error=" << CKM::APICodeToString(temp));
2086 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2087 "Error=" << CKM::APICodeToString(temp));
2090 CKM_API_SUCCESS == (temp = manager->createSignature(
2093 CKM::RawBuffer(message.begin(), message.end()),
2097 "Error=" << CKM::APICodeToString(temp));
2100 CKM_API_SUCCESS == (temp = manager->verifySignature(
2103 CKM::RawBuffer(message.begin(), message.end()),
2107 "Error=" << CKM::APICodeToString(temp));
2109 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2111 memcpy((void*)signature.data(), "BROKEN", 6);
2114 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2117 CKM::RawBuffer(message.begin(), message.end()),
2121 "Error=" << CKM::APICodeToString(temp));
2124 RUNNER_TEST(T1420_deinit)
2126 remove_user_data(USER_APP);
2129 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2131 RUNNER_TEST(T14180_init)
2134 remove_user_data(USER_APP);
2136 auto manager = CKM::Manager::create();
2138 // Prepare RSA Key Pair
2139 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2140 "Proc-Type: 4,ENCRYPTED\n"
2141 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2143 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2144 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2145 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2146 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2147 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2148 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2149 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2150 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2151 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2152 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2153 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2154 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2155 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2156 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2157 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2158 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2159 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2160 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2161 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2162 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2163 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2164 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2165 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2166 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2167 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2168 "-----END RSA PRIVATE KEY-----\n";
2170 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2171 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2172 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2173 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2174 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2175 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2176 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2178 "-----END PUBLIC KEY-----\n";
2180 CKM::Alias aliasPub = "pub_nohash1";
2181 CKM::Alias aliasPrv = "prv_nohash1";
2182 CKM::Password password = "1234";
2184 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2185 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2187 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2188 "Key is empty. Failed to import public key.");
2189 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2190 "Key is empty. Failed to import private key.");
2193 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2194 "Error=" << CKM::APICodeToString(temp));
2196 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2197 "Error=" << CKM::APICodeToString(temp));
2199 // Prepare ECDSA Key Pair
2200 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2201 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2202 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2203 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2204 "-----END EC PRIVATE KEY-----\n";
2206 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2207 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2208 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2209 "-----END PUBLIC KEY-----\n";
2211 CKM::Alias aliasEcPub = "ecpub_nohash1";
2212 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2214 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2215 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2217 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2218 "Key is empty. Failed to import public key.");
2219 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2220 "Key is empty. Failed to import private key.");
2223 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2224 "Error=" << CKM::APICodeToString(temp));
2226 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2227 "Error=" << CKM::APICodeToString(temp));
2231 RUNNER_TEST(T14181_RSA_create_signatue_nohash)
2234 auto manager = CKM::Manager::create();
2235 std::string message = "message asdfaslkdfjlksadjf test";
2237 CKM::Alias aliasPub = "pub_nohash1";
2238 CKM::Alias aliasPrv = "prv_nohash1";
2240 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2241 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2242 CKM::RawBuffer signature;
2245 CKM_API_SUCCESS == (temp = manager->createSignature(
2248 CKM::RawBuffer(message.begin(), message.end()),
2252 "Error=" << CKM::APICodeToString(temp));
2255 CKM_API_SUCCESS == (temp = manager->verifySignature(
2258 CKM::RawBuffer(message.begin(), message.end()),
2262 "Error=" << CKM::APICodeToString(temp));
2264 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2265 memcpy((void*)signature.data(), "BROKEN", 6);
2268 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2271 CKM::RawBuffer(message.begin(), message.end()),
2275 "Error=" << CKM::APICodeToString(temp));
2278 RUNNER_TEST(T14182_RSA_create_signatue_nohash_nopad)
2281 auto manager = CKM::Manager::create();
2282 std::string message = "message asdfaslkdfjlksadjf test";
2284 CKM::Alias aliasPub = "pub_nohash1";
2285 CKM::Alias aliasPrv = "prv_nohash1";
2287 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2288 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2289 CKM::RawBuffer signature;
2292 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2295 CKM::RawBuffer(message.begin(), message.end()),
2299 "Error=" << CKM::APICodeToString(temp));
2302 RUNNER_TEST(T14183_RSA_create_signatue_nohash_bigmsg)
2305 auto manager = CKM::Manager::create();
2306 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2307 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2308 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2309 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2310 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2311 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2312 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2313 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2314 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2315 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2316 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2317 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2318 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2319 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2320 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2321 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2322 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2323 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2324 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2325 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2327 CKM::Alias aliasPub = "pub_nohash1";
2328 CKM::Alias aliasPrv = "prv_nohash1";
2330 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2331 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2332 CKM::RawBuffer signature;
2335 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2338 CKM::RawBuffer(message.begin(), message.end()),
2342 "Error=" << CKM::APICodeToString(temp));
2346 RUNNER_TEST(T14184_ECDSA_create_signatue_nohash)
2349 auto manager = CKM::Manager::create();
2351 std::string message = "message test";
2353 CKM::Alias aliasPrv = "ecprv_nohash1";
2354 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2355 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2356 CKM::RawBuffer signature;
2359 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2362 CKM::RawBuffer(message.begin(), message.end()),
2366 "Error=" << CKM::APICodeToString(temp));
2369 RUNNER_TEST(T14189_deinit)
2371 remove_user_data(USER_APP);
2375 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
2379 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
2380 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
2381 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
2382 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
2383 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
2386 RUNNER_TEST(T1800_init)
2388 remove_user_data(USER_APP);
2391 RUNNER_TEST(T1801_parse_PKCS12) {
2392 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2393 std::istreambuf_iterator<char> begin(is), end;
2394 std::vector<char> buff(begin, end);
2396 CKM::RawBuffer buffer(buff.size());
2397 memcpy(buffer.data(), buff.data(), buff.size());
2399 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2402 "Error in PKCS12::create()");
2404 auto cert = pkcs->getCertificate();
2407 "Error in PKCS12::getCertificate()");
2409 auto key = pkcs->getKey();
2412 "Error in PKCS12::getKey()");
2414 auto caVector = pkcs->getCaCertificateShPtrVector();
2416 0 == caVector.size(),
2417 "Wrong size of vector");
2420 RUNNER_TEST(T1802_negative_wrong_password) {
2421 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2422 std::istreambuf_iterator<char> begin(is), end;
2423 std::vector<char> buff(begin, end);
2425 CKM::RawBuffer buffer(buff.size());
2426 memcpy(buffer.data(), buff.data(), buff.size());
2428 auto pkcs = CKM::PKCS12::create(buffer, "error");
2431 "Expected error in PKCS12::create()");
2434 RUNNER_TEST(T1803_negative_broken_buffer) {
2435 std::ifstream is(CKM_TEST_DIR "/test1801.pkcs12");
2436 std::istreambuf_iterator<char> begin(is), end;
2437 std::vector<char> buff(begin, end);
2439 CKM::RawBuffer buffer(buff.size());
2440 memcpy(buffer.data(), buff.data(), buff.size());
2442 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
2445 auto pkcs = CKM::PKCS12::create(buffer, "secret");
2448 "Expected error in PKCS12::create()");
2451 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
2453 auto manager = CKM::Manager::create();
2454 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2455 std::istreambuf_iterator<char> begin(is), end;
2456 std::vector<char> buff(begin, end);
2458 CKM::RawBuffer buffer(buff.size());
2459 memcpy(buffer.data(), buff.data(), buff.size());
2461 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2464 "Error in PKCS12::create()");
2467 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2468 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2469 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2470 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2471 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2472 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2473 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2474 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2475 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2476 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2477 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2478 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2479 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2480 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2481 "-----END RSA PRIVATE KEY-----\n";
2483 std::string message = "message test";
2485 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2486 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2487 "Key is empty. Failed to import private key.");
2491 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
2492 "Error=" << CKM::APICodeToString(temp));
2495 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
2496 "Error=" << CKM::APICodeToString(temp));
2499 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
2501 auto manager = CKM::Manager::create();
2502 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2503 std::istreambuf_iterator<char> begin(is), end;
2504 std::vector<char> buff(begin, end);
2506 CKM::RawBuffer buffer(buff.size());
2507 memcpy(buffer.data(), buff.data(), buff.size());
2509 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2512 "Error in PKCS12::create()");
2514 auto cert = pkcs->getCertificate();
2517 "Error in PKCS12::getCertificate()");
2519 auto key = pkcs->getKey();
2522 "Error in PKCS12::getKey()");
2524 auto caVector = pkcs->getCaCertificateShPtrVector();
2526 2 == caVector.size(),
2527 "Wrong size of vector");
2531 CKM::Policy exportable;
2532 CKM::Policy notExportable(CKM::Password(), false);
2535 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2536 "Error=" << CKM::APICodeToString(tmp));
2538 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
2539 "Error=" << CKM::APICodeToString(tmp));
2541 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2542 "Error=" << CKM::APICodeToString(tmp));
2544 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
2545 "Error=" << CKM::APICodeToString(tmp));
2547 // try to lookup key
2548 CKM::KeyShPtr key_lookup;
2550 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2551 "Error=" << CKM::APICodeToString(tmp));
2553 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2554 "Error=" << CKM::APICodeToString(tmp));
2556 // try to lookup certificate
2557 CKM::CertificateShPtr cert_lookup;
2559 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2560 "Error=" << CKM::APICodeToString(tmp));
2562 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2563 "Error=" << CKM::APICodeToString(tmp));
2566 RUNNER_TEST(T1806_get_PKCS)
2569 auto manager = CKM::Manager::create();
2571 CKM::PKCS12ShPtr pkcs;
2575 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
2576 "Error=" << CKM::APICodeToString(temp));
2578 // fail - not exportable
2580 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
2581 "Error=" << CKM::APICodeToString(temp));
2583 // success - exportable
2585 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
2586 "Error=" << CKM::APICodeToString(temp));
2588 auto cert = pkcs->getCertificate();
2591 "Error in PKCS12::getCertificate()");
2593 auto key = pkcs->getKey();
2596 "Error in PKCS12::getKey()");
2598 auto caVector = pkcs->getCaCertificateShPtrVector();
2600 2 == caVector.size(),
2601 "Wrong size of vector");
2604 RUNNER_TEST(T1807_create_and_verify_signature)
2607 auto manager = CKM::Manager::create();
2609 std::string message = "message test";
2611 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2612 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2613 CKM::RawBuffer signature;
2616 CKM_API_SUCCESS == (temp = manager->createSignature(
2617 alias_PKCS_exportable,
2619 CKM::RawBuffer(message.begin(), message.end()),
2623 "Error=" << CKM::APICodeToString(temp));
2626 CKM_API_SUCCESS == (temp = manager->verifySignature(
2627 alias_PKCS_exportable,
2629 CKM::RawBuffer(message.begin(), message.end()),
2633 "Error=" << CKM::APICodeToString(temp));
2636 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
2639 auto manager = CKM::Manager::create();
2642 "-----BEGIN RSA PRIVATE KEY-----\n"
2643 "MIICWwIBAAKBgQDDgmPurTQa3wbnlM+9nCEQvhDviYRvSC9TL5lAMBCmBSl93v0U\n"
2644 "BXWsqO+fmAINm5QJa89hF5N7Q4xtvfSJUPIeyzowTOEGM4U3FnJtlsNQsoNbFlNy\n"
2645 "QLoZZmmY4ljG6/YqX+JGBgS9/J8uvaDWkvs+ktkORygfNz4Gi5DERT7eeQIDAQAB\n"
2646 "AoGAARIqx/js6yTDnesjxC8hwzy3TQic0Bs+Hx+IoGBjBvXKR2U8T6rD/UEjpuUn\n"
2647 "RbnPcsnDZg3CAg/ZqhQ7TbFC0kPo+S6+wKsZGDWUUvnpMkdcZUqXel8GFhdnmeIh\n"
2648 "22vYthP4TCbolxwXlwvuhu0PLZWhRO/Z+g37T3QENexqGv0CQQDmqJ9PDoUj5eUR\n"
2649 "wWEqEPraoU6ARBUUX5EhmTT9g9/BXnhwumIOksDHcBqNUwNOlKCUlWfBOelO93Ys\n"
2650 "PRW3QyejAkEA2P0tW/8iU4j+0a6DV+TUYFDTjD29y8KPw0Aj59591xD5eIPK3IgU\n"
2651 "91vnmtvU/QR26PnMOx4OAPk9a7BtN62zMwJAIFV0950edtjMUr/cAgydTbadDYf9\n"
2652 "uHxpGN+kOQGahT3b/llyU36o/YwufK8tYH+fPxTulXyrwwEXlL3/ZFBKpwJAeLGS\n"
2653 "Wlp2WGqZ+j2MdwYkDxLGKHprKHwnBN6XWjCKZGbfrGX6H2Jd7xyinaNrO/UQwxO2\n"
2654 "wqc7+NSpkk3G4jJuuwJAODYlk2Q+djE4jkjDc4xiqsQGBQlI2dlgzjRjIF4HWiLx\n"
2655 "bIrI0uCCbGItx++hlvmDx7G8anBmIFfBWIaKdX0aWw==\n"
2656 "-----END RSA PRIVATE KEY-----\n";
2658 std::string message = "message test";
2660 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2661 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2662 "Key is empty. Failed to import private key.");
2665 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
2666 "Error=" << CKM::APICodeToString(temp));
2668 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2669 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2670 CKM::RawBuffer signature;
2673 CKM_API_SUCCESS == (temp = manager->createSignature(
2674 alias_PKCS_priv_key_copy,
2676 CKM::RawBuffer(message.begin(), message.end()),
2680 "Error=" << CKM::APICodeToString(temp));
2683 CKM_API_SUCCESS == (temp = manager->verifySignature(
2684 alias_PKCS_exportable,
2686 CKM::RawBuffer(message.begin(), message.end()),
2690 "Error=" << CKM::APICodeToString(temp));
2693 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
2696 auto manager = CKM::Manager::create();
2698 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2699 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2700 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2701 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2702 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2703 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2704 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2705 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2706 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2707 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2708 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2709 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2710 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2711 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2712 "-----END RSA PRIVATE KEY-----\n";
2714 std::string message = "message test";
2716 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
2717 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2718 "Key is empty. Failed to import private key.");
2721 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
2722 "Error=" << CKM::APICodeToString(temp));
2724 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2725 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2726 CKM::RawBuffer signature;
2729 CKM_API_SUCCESS == (temp = manager->createSignature(
2730 alias_PKCS_priv_key_wrong,
2732 CKM::RawBuffer(message.begin(), message.end()),
2736 "Error=" << CKM::APICodeToString(temp));
2739 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2740 alias_PKCS_exportable,
2742 CKM::RawBuffer(message.begin(), message.end()),
2746 "Error=" << CKM::APICodeToString(temp));
2749 RUNNER_TEST(T1810_verify_get_certificate_chain)
2751 // this certificate has been signed using PKCS chain
2753 "-----BEGIN CERTIFICATE-----\n"
2754 "MIICxDCCAi0CFGHuCEUksqn0Rr3SXdhn+TlnL804MA0GCSqGSIb3DQEBCwUAMGEx\n"
2755 "CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl\n"
2756 "cm5ldCBXaWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMMEXNlcnZlckB0ZXN0bWUuY29t\n"
2757 "MB4XDTE5MDYxMzEyMTkyNloXDTI5MDYxMDEyMTkyNlowXTELMAkGA1UEBhMCQVUx\n"
2758 "EzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMg\n"
2759 "UHR5IEx0ZDEWMBQGA1UEAwwNZWVAdGVzdG1lLmNvbTCCASIwDQYJKoZIhvcNAQEB\n"
2760 "BQADggEPADCCAQoCggEBAK3/XvE3uc2EhzwmsAfq6KEw52J8kCAB9Rma/qjkw6ZT\n"
2761 "yUYmSQvmcK8wSDt015Y/ekYLereCeWNLNkFlQeZC7LHT6T1mGnxNIgL3oUS2c+15\n"
2762 "FEYX9QJIN/CoJYQ/tmiQPa1OJz4prUFwqAzM1kRtHGfcAGmQHfgu77P3ljAJzfsW\n"
2763 "2beVHM+MTNSybkGHql28Z93bp382k5FQXegkxbozsKBMk37QjKiqes29J/ET0Huy\n"
2764 "yzOkf+XvbizIPRvMt/2guw9sgRb7YrM2M+igmHIHxfzxuqzpPr+bmcqQdyFdVkAK\n"
2765 "Qcx930HbfjHJ5k5vcovPLQ3LvSnYVCTe7aCAAmMzKXsCAwEAATANBgkqhkiG9w0B\n"
2766 "AQsFAAOBgQBfFMim/9zLd+EeZyeYA0vy3C9YuNJI+KsZlKAfrFDQNeIT/qg/GQM4\n"
2767 "o7I3TIHQ62tdEx6nBJs0DKSAmhRh4yc+P1KHMzIQIgSjftqS3Z+AKbJn6vOpWNTq\n"
2768 "cexnpexaNn69dbqJZsjr0fHsGAkh5n96icAB4VZyFncEknZKbTdd0g==\n"
2769 "-----END CERTIFICATE-----\n";
2771 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2772 CKM::CertificateShPtrVector certChain;
2773 CKM::AliasVector aliasVector;
2776 auto manager = CKM::Manager::create();
2778 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
2780 tmp = manager->getCertificateChain(cert,
2785 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
2786 "Error=" << CKM::APICodeToString(tmp));
2789 0 == certChain.size(),
2790 "Wrong size of certificate chain.");
2792 aliasVector.push_back(alias_PKCS_exportable);
2794 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
2795 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::APICodeToString(tmp));
2797 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
2799 4 == certChain.size(),
2800 "Wrong size of certificate chain: " << certChain.size());
2803 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
2805 auto manager = CKM::Manager::create();
2809 // remove the whole PKCS12 bundles
2811 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
2812 "Error=" << CKM::APICodeToString(tmp));
2814 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
2815 "Error=" << CKM::APICodeToString(tmp));
2817 // expect lookup fails due to unknown alias
2818 // try to lookup key
2819 CKM::KeyShPtr key_lookup;
2821 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
2822 "Error=" << CKM::APICodeToString(tmp));
2824 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
2825 "Error=" << CKM::APICodeToString(tmp));
2827 // try to lookup certificate
2828 CKM::CertificateShPtr cert_lookup;
2830 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
2831 "Error=" << CKM::APICodeToString(tmp));
2833 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
2834 "Error=" << CKM::APICodeToString(tmp));
2837 RUNNER_TEST(T1812_get_pkcs12_password_tests)
2839 CKM::Alias alias = "t1812alias1";
2841 auto manager = CKM::Manager::create();
2842 std::ifstream is(CKM_TEST_DIR "/pkcs.p12");
2843 std::istreambuf_iterator<char> begin(is), end;
2844 std::vector<char> buff(begin, end);
2846 CKM::PKCS12ShPtr pkcs12;
2847 CKM::Password pass1 = "easypass1";
2848 CKM::Password pass2 = "easypass2";
2850 CKM::RawBuffer buffer(buff.size());
2851 memcpy(buffer.data(), buff.data(), buff.size());
2853 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
2856 "Error in PKCS12::create()");
2860 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
2861 "Error=" << CKM::APICodeToString(temp));
2864 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
2865 "Error=" << CKM::APICodeToString(temp));
2868 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
2869 "Error=" << CKM::APICodeToString(temp));
2872 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
2873 "Error=" << CKM::APICodeToString(temp));
2876 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
2877 "Error=" << CKM::APICodeToString(temp));
2880 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
2881 "Error=" << CKM::APICodeToString(temp));
2883 CKM::CertificateShPtr cert;
2885 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
2886 "Error=" << CKM::APICodeToString(temp));
2888 CKM::CertificateShPtrVector certChain;
2889 CKM::AliasVector certVect;
2890 certVect.push_back(alias);
2893 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
2894 "Error=" << CKM::APICodeToString(temp));
2897 RUNNER_TEST(T1813_deinit)
2900 auto control = CKM::Control::create();
2903 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
2904 "Error=" << CKM::APICodeToString(temp));
2907 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
2909 const char * const T190_PASSWD = "t190-special-password";
2911 RUNNER_TEST(T1901_init_unlock_key)
2913 reset_user_data(USER_APP, T190_PASSWD);
2916 RUNNER_TEST(T1902_get_data)
2918 ScopedDBUnlock unlock(USER_APP, T190_PASSWD);
2920 auto manager = CKM::Manager::create();
2923 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2926 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
2927 "Could not put certificate in datbase. Error=" << CKM::APICodeToString(status1));
2930 RUNNER_TEST(T1903_lock_database)
2933 auto control = CKM::Control::create();
2935 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2936 "Error=" << CKM::APICodeToString(tmp));
2939 RUNNER_TEST(T1904_get_data_from_locked_database)
2941 auto manager = CKM::Manager::create();
2944 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
2947 CKM_API_ERROR_DB_LOCKED == status1,
2948 "Could not get key from locked database. Error=" << CKM::APICodeToString(status1));
2951 RUNNER_TEST(T1905_deinit)
2953 remove_user_data(USER_APP);
2956 int main(int argc, char *argv[])
2958 require_default_user(argv);
2960 int exitCode = DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
2962 detectCkmBugTrustzoneLeak();
projects / platform / core / test / security-tests.git / blob