1 #include <dpl/test/test_runner.h>
2 #include <dpl/test/test_runner_child.h>
4 #include <tests_common.h>
5 #include <ckm-common.h>
6 #include <access_provider2.h>
8 #include <ckm/ckm-manager.h>
9 #include <ckm/ckm-control.h>
10 #include <ckm/ckm-type.h>
12 #include <ckmc/ckmc-manager.h>
13 #include <ckmc/ckmc-control.h>
14 #include <ckmc/ckmc-type.h>
15 #include <ckmc/ckmc-error.h>
17 #include <ckm-common.h>
25 static const int USER_APP = 5000;
26 static const int GROUP_APP = 5000;
36 const char* USER_PASS = "user-pass";
38 int count_aliases(alias_type_ type, int minimum_initial_element_count = 0)
40 ckmc_alias_list_s *aliasList = NULL;
45 ec = ckmc_get_key_alias_list(&aliasList);
49 ec = ckmc_get_cert_alias_list(&aliasList);
53 ec = ckmc_get_data_alias_list(&aliasList);
56 if(ec == CKMC_ERROR_DB_ALIAS_UNKNOWN)
60 ckmc_alias_list_s *plist = aliasList;
67 ckmc_alias_list_all_free(aliasList);
70 return_count >= minimum_initial_element_count,
71 "Error: alias list failed, current element count: " << return_count <<
72 " while expected minimal count of " << minimum_initial_element_count <<
82 "Error: alias list failed, ec: " << ec);
88 ckmc_raw_buffer_s prepare_message_buffer(const char * input)
90 ckmc_raw_buffer_s retval;
91 retval.data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(input));
92 retval.size = strlen(input);
96 } // namespace anonymous
99 RUNNER_TEST_GROUP_INIT (T301_CKMC_CONTROL_C_API);
101 RUNNER_TEST(T3011_Control_C_API)
105 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
106 CKMCReadableError(temp));
108 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
109 CKMCReadableError(temp));
112 RUNNER_TEST(T3012_Control_C_API)
116 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
117 CKMCReadableError(temp));
118 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
119 CKMCReadableError(temp));
122 RUNNER_TEST(T3013_Control_C_API)
126 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
127 CKMCReadableError(temp));
130 RUNNER_TEST(T3014_Control_C_API)
133 const uid_t UNIQUE_USER = 15;
135 // clean up environment
136 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
137 CKMCReadableError(temp));
138 // unlock with default password
139 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, NULL)),
140 CKMCReadableError(temp));
141 // reset password (NULL, "simple-password")
142 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
143 CKMCReadableError(temp));
144 // get rid of NULL DKEK
145 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(UNIQUE_USER, "simple-password")),
146 CKMCReadableError(temp));
148 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(UNIQUE_USER)),
149 CKMCReadableError(temp));
150 // try to reset password when db locked
151 RUNNER_ASSERT_MSG( CKMC_ERROR_BAD_REQUEST == (temp = ckmc_reset_user_password(UNIQUE_USER, "simple-password")),
152 CKMCReadableError(temp));
153 // clean up environment
154 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(UNIQUE_USER)),
155 CKMCReadableError(temp));
158 RUNNER_TEST(T3015_Control_C_API)
163 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(20, "test-pass")),
164 CKMCReadableError(temp));
166 CKMC_ERROR_NONE == (temp = ckmc_change_user_password(20, "test-pass", "new-pass")),
167 CKMCReadableError(temp));
168 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
169 CKMCReadableError(temp));
170 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
171 CKMCReadableError(temp));
174 RUNNER_TEST(T3016_Control_C_API)
179 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
180 CKMCReadableError(temp));
182 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
183 CKMCReadableError(temp));
185 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(20)),
186 CKMCReadableError(temp));
188 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(20)),
189 CKMCReadableError(temp));
192 RUNNER_TEST_GROUP_INIT (T302_CKMC_QUICK_SET_GET_TESTS_C_API);
194 RUNNER_TEST(T3021_init_C_API)
199 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
200 CKMCReadableError(temp));
202 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
203 CKMCReadableError(temp));
206 RUNNER_TEST(T3022_key_C_API)
210 ckmc_key_s test_key, *test_key2;
211 ckmc_policy_s test_policy;
213 char* password = NULL;
214 const char *alias = "mykey";
216 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
217 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
218 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
219 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
220 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
221 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
222 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
224 "-----END PUBLIC KEY-----";
226 char* char_keypem = new char[keyPem.length() + 1];
228 std::strcpy(char_keypem, keyPem.c_str());
229 test_key.raw_key = (unsigned char *)char_keypem;
230 test_key.key_size = keyPem.length();
231 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
232 test_key.password = password;
234 test_policy.password = password;
235 test_policy.extractable = 1;
237 test_key2 = &test_key;
240 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
241 CKMCReadableError(temp));
244 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
245 CKMCReadableError(temp));
248 RUNNER_TEST(T3023_certificate_C_API)
252 std::string certPem = "-----BEGIN CERTIFICATE-----\n"
253 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
254 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
255 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
256 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
257 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
258 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
259 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
260 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
261 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
262 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
263 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
264 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
265 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
266 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
267 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
268 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
269 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
270 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
271 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
272 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
273 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
274 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
275 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
276 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
278 "-----END CERTIFICATE-----\n";
280 char* password = NULL;
284 const char *alias = "test-cert-1-RSA";
286 ckmc_policy_s test_policy;
287 test_policy.password = password;
288 test_policy.extractable = 1;
290 char* char_certPem = new char[certPem.length() + 1];
291 std::strcpy(char_certPem, certPem.c_str());
292 cert.raw_cert = (unsigned char *)char_certPem;
293 cert.cert_size = certPem.length();
294 cert.data_format = CKMC_FORM_PEM;
297 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
298 CKMCReadableError(temp));
301 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
302 CKMCReadableError(temp));
304 ckmc_cert_free(cert2);
307 RUNNER_TEST(T3024_certificate_remove_C_API)
311 char* password = NULL;
313 const char *alias = "test-cert-1-RSA";
316 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
317 CKMCReadableError(temp));
318 ckmc_cert_free(cert2);
321 CKMC_ERROR_NONE == (temp = ckmc_remove_cert(alias)),
322 CKMCReadableError(temp));
325 CKMC_ERROR_NONE != (temp = ckmc_get_cert(alias, password, &cert2)),
326 CKMCReadableError(temp));
329 RUNNER_TEST(T3025_certificate_list_C_API)
333 std::string certPem = "-----BEGIN CERTIFICATE-----\n"
334 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
335 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
336 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
337 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
338 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
339 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
340 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
341 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
342 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
343 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
344 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
345 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
346 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
347 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
348 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
349 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
350 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
351 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
352 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
353 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
354 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
355 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
356 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
357 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
359 "-----END CERTIFICATE-----\n";
361 char* password = NULL;
364 ckmc_policy_s test_policy;
365 test_policy.password = password;
366 test_policy.extractable = 1;
368 char* char_certPem = new char[certPem.length() + 1];
369 std::strcpy(char_certPem, certPem.c_str());
370 cert.raw_cert = (unsigned char *)char_certPem;
371 cert.cert_size = certPem.length();
372 cert.data_format = CKMC_FORM_PEM;
374 int current_aliases_num = count_aliases(ALIAS_CERT);
377 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test1", cert, test_policy)),
378 CKMCReadableError(temp));
381 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test2", cert, test_policy)),
382 CKMCReadableError(temp));
385 CKMC_ERROR_NONE == (temp = ckmc_save_cert("cert_test3", cert, test_policy)),
386 CKMCReadableError(temp));
389 (current_aliases_num+3) == (temp = count_aliases(ALIAS_CERT)),
390 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
394 RUNNER_CHILD_TEST(T3026_user_app_save_key_C_API)
396 AccessProvider ap("mylabel");
397 ap.allowAPI("key-manager::api-storage", "rw");
398 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
400 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
401 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
402 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
403 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
404 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
405 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
406 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
408 "-----END PUBLIC KEY-----";
412 ckmc_key_s test_key, *test_key2;
413 ckmc_policy_s test_policy;
415 char* password = NULL;
416 const char *passwordPolicy = "x";
417 const char *alias = "mykey";
418 char* char_keypem = new char[keyPem.length() + 1];
420 std::strcpy(char_keypem, keyPem.c_str());
421 test_key.raw_key = (unsigned char *)char_keypem;
422 test_key.key_size = keyPem.length();
423 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
424 test_key.password = password;
426 test_policy.password = const_cast<char *>(passwordPolicy);
427 test_policy.extractable = 1;
429 test_key2 = &test_key;
433 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
434 CKMCReadableError(temp));
436 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, passwordPolicy, &test_key2)),
437 CKMCReadableError(temp));
439 // RUNNER_ASSERT_MSG(
440 // key.getDER() == key2.getDER(), "Key value has been changed by service");
443 RUNNER_CHILD_TEST(T3027_app_user_save_keys_exportable_flag)
445 AccessProvider ap("mylabel");
446 ap.allowAPI("key-manager::api-storage", "rw");
447 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
450 auto manager = CKM::Manager::create();
452 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
453 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
454 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
455 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
456 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
457 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
458 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
460 "-----END PUBLIC KEY-----";
462 ckmc_policy_s test_policy;
463 ckmc_key_s test_key, *test_key2;
464 char* char_keypem = new char[keyPem.length() + 1];
465 char* password = NULL;
467 std::strcpy(char_keypem, keyPem.c_str());
468 test_key.raw_key = (unsigned char *)char_keypem;
469 test_key.key_size = keyPem.length();
470 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
471 test_key.password = password;
473 test_policy.password = password;
474 test_policy.extractable = 0;
477 CKMC_ERROR_NONE == (temp = ckmc_save_key("appkey1", test_key, test_policy)),
478 CKMCReadableError(temp));
481 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key("appkey1", password, &test_key2)),
482 CKMCReadableError(temp));
486 RUNNER_TEST(T3028_certificate_with_DSA_key_C_API)
490 std::string certPem = "-----BEGIN CERTIFICATE-----\n"
491 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
492 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
493 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
494 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
495 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
496 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
497 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
498 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
499 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
500 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
501 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
502 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
503 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
504 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
505 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
506 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
507 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
508 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
509 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
510 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
511 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
512 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
513 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
514 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
516 "-----END CERTIFICATE-----\n";
518 char* password = NULL;
519 ckmc_cert_s *cert2 = NULL;
522 ckmc_policy_s test_policy;
523 test_policy.password = password;
524 test_policy.extractable = 1;
526 char* char_certPem = new char[certPem.length() + 1];
527 std::strcpy(char_certPem, certPem.c_str());
528 cert.raw_cert = (unsigned char *)char_certPem;
529 cert.cert_size = certPem.length();
530 cert.data_format = CKMC_FORM_PEM;
532 const char *alias = "test-cert-1-DSA";
534 CKMC_ERROR_NONE == (temp = ckmc_save_cert(alias, cert, test_policy)),
535 CKMCReadableError(temp));
538 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias, password, &cert2)),
539 CKMCReadableError(temp));
541 ckmc_cert_free(cert2);
544 RUNNER_TEST(T3029_deinit_C_API)
548 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
549 CKMCReadableError(temp));
550 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
551 CKMCReadableError(temp));
553 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
554 CKMCReadableError(temp));
556 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
557 CKMCReadableError(temp));
561 RUNNER_TEST_GROUP_INIT (T3030_CKMC_QUICK_GET_ALIAS_TESTS_C_API);
563 RUNNER_TEST(T3031_init_C_API)
568 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
569 CKMCReadableError(temp));
571 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
572 CKMCReadableError(temp));
575 RUNNER_TEST(T3032_save_keys_get_alias_C_API)
579 char* password = NULL;
580 ckmc_policy_s test_policy1, test_policy2, test_policy3;
583 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
584 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
585 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
586 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
587 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
588 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
589 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
591 "-----END PUBLIC KEY-----";
593 char* char_keypem = new char[keyPem.length() + 1];
595 std::strcpy(char_keypem, keyPem.c_str());
596 test_key.raw_key = (unsigned char *)char_keypem;
597 test_key.key_size = keyPem.length();
598 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
599 test_key.password = password;
601 test_policy1.password = password;
602 test_policy1.extractable = 1;
604 test_policy2.password = password;
605 test_policy2.extractable = 0;
607 test_policy3.password = password;
608 test_policy3.extractable = 0;
610 int current_aliases_num = count_aliases(ALIAS_KEY);
613 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey1", test_key, test_policy1)),
614 CKMCReadableError(temp));
617 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey2", test_key, test_policy2)),
618 CKMCReadableError(temp));
621 CKMC_ERROR_NONE == (temp = ckmc_save_key("rootkey3", test_key, test_policy3)),
622 CKMCReadableError(temp));
625 (current_aliases_num+3) == (temp = count_aliases(ALIAS_KEY)),
626 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
630 RUNNER_TEST(T3033_remove_key_C_API)
634 char* password = NULL;
636 ckmc_key_s *test_key2;
638 CKMC_ERROR_NONE == (temp = ckmc_get_key("rootkey1", password, &test_key2)),
639 CKMCReadableError(temp));
642 CKMC_ERROR_NONE == (temp = ckmc_remove_key("rootkey1")),
643 CKMCReadableError(temp));
646 CKMC_ERROR_NONE != (temp = ckmc_get_key("rootkey1", password, &test_key2)),
647 CKMCReadableError(temp));
650 RUNNER_TEST(T3034_deinit_C_API)
654 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
655 CKMCReadableError(temp));
656 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
657 CKMCReadableError(temp));
659 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
660 CKMCReadableError(temp));
662 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
663 CKMCReadableError(temp));
666 RUNNER_TEST_GROUP_INIT (T3040_CKMC_QUICK_REMOVE_BIN_DATA_TEST_C_API);
668 RUNNER_TEST(T3041_init_C_API)
672 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
673 CKMCReadableError(temp));
675 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "simple-password")),
676 CKMCReadableError(temp));
679 RUNNER_TEST(T3042_save_get_bin_data_C_API)
683 ckmc_raw_buffer_s testData1, testData2, testData3;
684 char* password = NULL;
686 std::string binData1 = "My bin data1";
687 std::string binData2 = "My bin data2";
688 std::string binData3 = "My bin data3";
689 char* char_binData1 = new char[binData1.length() + 1];
690 char* char_binData2 = new char[binData2.length() + 1];
691 char* char_binData3 = new char[binData3.length() + 1];
692 std::strcpy(char_binData1, binData1.c_str());
693 std::strcpy(char_binData2, binData2.c_str());
694 std::strcpy(char_binData3, binData3.c_str());
695 testData1.data = (unsigned char *) char_binData1;
696 testData2.data = (unsigned char *) char_binData2;
697 testData3.data = (unsigned char *) char_binData3;
698 testData1.size = binData1.length()+1;
699 testData2.size = binData2.length()+1;
700 testData3.size = binData3.length()+1;
702 ckmc_policy_s test_policy1, test_policy2, test_policy3;
704 test_policy1.password = password;
705 test_policy1.extractable = 1;
706 test_policy2.password = password;
707 test_policy2.extractable = 1;
708 test_policy3.password = password;
709 test_policy3.extractable = 0;
711 int current_aliases_num = count_aliases(ALIAS_DATA);
714 CKMC_ERROR_NONE == (temp = ckmc_save_data("data1", testData1, test_policy1)), // should change it as null value
715 CKMCReadableError(temp));
718 CKMC_ERROR_NONE == (temp = ckmc_save_data("data2", testData2, test_policy1)), // should change it as null value
719 CKMCReadableError(temp));
722 CKMC_ERROR_NONE == (temp = ckmc_save_data("data3", testData3, test_policy2)),
723 CKMCReadableError(temp));
726 CKMC_ERROR_INVALID_PARAMETER == (temp = ckmc_save_data("data4", testData3, test_policy3)),
727 CKMCReadableError(temp));
730 (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
731 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
733 ckmc_raw_buffer_s *testData4;
735 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData4)),
736 CKMCReadableError(temp));
739 compareResult = (strcmp((const char *)testData2.data, (const char *)testData4->data));
740 RUNNER_ASSERT_MSG( compareResult == 0,
744 RUNNER_CHILD_TEST(T3043_app_user_save_bin_data_C_API)
746 AccessProvider ap("mylabel");
747 ap.allowAPI("key-manager::api-storage", "rw");
748 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
751 ckmc_raw_buffer_s testData1;
752 char* password = NULL;
753 std::string binData1 = "My bin data";
754 char* char_binData1 = new char[binData1.length() + 1];
755 std::strcpy(char_binData1, binData1.c_str());
756 testData1.data = (unsigned char *) char_binData1;
757 testData1.size = binData1.length()+1;
759 ckmc_policy_s test_policy1, test_policy2;
761 test_policy1.password = password;
762 test_policy1.extractable = 1;
764 test_policy2.password = password;
765 test_policy2.extractable = 1;
767 std::string binData = "My bin data";
769 int current_aliases_num = count_aliases(ALIAS_DATA);
772 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata1", testData1, test_policy1)),
773 CKMCReadableError(temp));
775 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata2", testData1, test_policy1)),
776 CKMCReadableError(temp));
778 CKMC_ERROR_NONE == (temp = ckmc_save_data("appdata3", testData1, test_policy2)),
779 CKMCReadableError(temp));
782 (current_aliases_num+3) == (temp = count_aliases(ALIAS_DATA)),
783 "Error: expecting " << (current_aliases_num+3) << " aliases, while found " << temp);
786 RUNNER_TEST(T3044_remove_bin_data_C_API)
790 int current_aliases_num = count_aliases(ALIAS_DATA, 2);
793 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data1")),
794 CKMCReadableError(temp));
796 CKMC_ERROR_NONE == (temp = ckmc_remove_data("data3")),
797 CKMCReadableError(temp));
800 (current_aliases_num-2) == (temp = count_aliases(ALIAS_DATA)),
801 "Error: expecting " << (current_aliases_num-2) << " aliases, while found " << temp);
803 char* password = NULL;
805 ckmc_raw_buffer_s *testData1, testData2;
807 std::string testStr = "My bin data2";
808 char* char_testData2 = new char[testStr.length() + 1];
809 std::strcpy(char_testData2, testStr.c_str());
810 testData2.data = (unsigned char *) char_testData2;
811 testData2.size = testStr.length()+1;
813 CKM::RawBuffer buffer;
815 CKMC_ERROR_NONE == (temp = ckmc_get_data("data2", password, &testData1)),
816 CKMCReadableError(temp));
819 compareResult = (strcmp((const char *)testData2.data, (const char *)testData1->data));
820 RUNNER_ASSERT_MSG( compareResult == 0,
824 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_data("data3", password, &testData1)),
825 CKMCReadableError(temp));
828 RUNNER_TEST(T3045_deinit_C_API)
833 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
834 CKMCReadableError(temp));
836 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
837 CKMCReadableError(temp));
839 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
840 CKMCReadableError(temp));
842 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
843 CKMCReadableError(temp));
846 RUNNER_TEST_GROUP_INIT(T305_CKMC_QUICK_CREATE_PAIR_CAPI);
848 RUNNER_TEST(T3051_CAPI_init)
853 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
854 CKMCReadableError(temp));
857 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
858 CKMCReadableError(temp));
861 RUNNER_CHILD_TEST(T3052_CAPI_create_rsa_key)
865 AccessProvider ap("mylabel");
866 ap.allowAPI("key-manager::api-storage", "rw");
867 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
870 const char *private_key_alias = "RSA-test-1-priv";
871 const char *public_key_alias = "RSA-test-1-pub";
872 ckmc_policy_s policy_private_key;
873 ckmc_policy_s policy_public_key;
875 policy_private_key.password = NULL;
876 policy_private_key.extractable = 1;
878 policy_public_key.password = NULL;
879 policy_public_key.extractable = 1;
882 int current_aliases_num = count_aliases(ALIAS_KEY);
885 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
886 CKMCReadableError(temp));
889 (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
890 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
892 ckmc_key_s *privateKey;
894 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
895 CKMCReadableError(temp));
897 privateKey->key_type == CKMC_KEY_RSA_PRIVATE,
898 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
900 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
901 "Private key is broken.");
903 ckmc_key_s *publicKey;
905 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &publicKey)),
906 CKMCReadableError(temp));
908 publicKey->key_type == CKMC_KEY_RSA_PUBLIC,
909 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_RSA_PUBLIC) << ", actual=" << static_cast<int>(publicKey->key_type));
911 publicKey != NULL && publicKey->key_size > 0 && publicKey->raw_key != NULL,
912 "Public key is broken.");
914 // on next attempt to generate keys with the same alias, expect fail (alias exists)
916 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
917 CKMCReadableError(temp));
920 RUNNER_CHILD_TEST(T3053_CAPI_create_dsa_key)
924 const char *private_key_alias = "DSA-test-2-priv";
925 const char *public_key_alias = "DSA-test-2-pub";
926 ckmc_policy_s policy_private_key;
927 ckmc_policy_s policy_public_key;
929 policy_private_key.password = NULL;
930 policy_private_key.extractable = 1;
932 policy_public_key.password = NULL;
933 policy_public_key.extractable = 1;
935 int current_aliases_num = count_aliases(ALIAS_KEY);
938 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
939 CKMCReadableError(temp));
942 (current_aliases_num+2) == (temp = count_aliases(ALIAS_KEY)),
943 "Error: expecting " << (current_aliases_num+2) << " aliases, while found " << temp);
945 ckmc_key_s *privateKey = 0;
947 CKMC_ERROR_NONE == (temp = ckmc_get_key(private_key_alias, policy_private_key.password,&privateKey)),
948 CKMCReadableError(temp));
950 privateKey != NULL && privateKey->key_size > 0 && privateKey->raw_key != NULL,
951 "Private key is broken.");
953 privateKey->key_type == CKMC_KEY_DSA_PRIVATE,
954 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PRIVATE) << ", actual=" << static_cast<int>(privateKey->key_type));
955 ckmc_key_free(privateKey);
957 ckmc_key_s *pubKey = 0;
959 CKMC_ERROR_NONE == (temp = ckmc_get_key(public_key_alias, policy_public_key.password, &pubKey)),
960 CKMCReadableError(temp));
962 pubKey != NULL && pubKey->key_size > 0 && pubKey->raw_key != NULL,
963 "Public key is broken.");
965 pubKey->key_type == CKMC_KEY_DSA_PUBLIC,
966 "Key Type Error: expected =" << static_cast<int>(CKMC_KEY_DSA_PUBLIC) << ", actual=" << static_cast<int>(pubKey->key_type));
967 ckmc_key_free(pubKey);
969 // on next attempt to generate keys with the same alias, expect fail (alias exists)
971 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
972 CKMCReadableError(temp));
976 RUNNER_TEST(T3054_CAPI_deinit)
981 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
982 CKMCReadableError(temp));
984 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
985 CKMCReadableError(temp));
989 RUNNER_TEST_GROUP_INIT(T306_CKMC_CAPI_CreateKeyPair);
991 RUNNER_TEST(T3061_CAPI_init)
995 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
996 CKMCReadableError(temp));
998 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
999 CKMCReadableError(temp));
1001 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1002 CKMCReadableError(temp));
1004 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1005 CKMCReadableError(temp));
1008 RUNNER_TEST(T3062_CAPI_CreateKeyPairRSA)
1013 const char *private_key_alias = "rsa-test-1";
1014 const char *public_key_alias = "rsa-test-2";
1015 ckmc_policy_s policy_private_key;
1016 ckmc_policy_s policy_public_key;
1018 policy_private_key.password = const_cast<char *>("privatepassword");
1019 policy_private_key.extractable = 0;
1021 policy_public_key.password = NULL;
1022 policy_public_key.extractable = 1;
1025 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1026 CKMCReadableError(temp));
1028 // on next attempt to generate keys with the same alias, expect fail (alias exists)
1030 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_create_key_pair_rsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1031 CKMCReadableError(temp));
1034 RUNNER_TEST(T3063_CAPI_CreateKeyPairDSA)
1039 const char *private_key_alias = "dsa-test-1";
1040 const char *public_key_alias = "dsa-test-2";
1041 ckmc_policy_s policy_private_key;
1042 ckmc_policy_s policy_public_key;
1044 policy_private_key.password = const_cast<char *>("privatepassword");
1045 policy_private_key.extractable = 0;
1047 policy_public_key.password = NULL;
1048 policy_public_key.extractable = 1;
1051 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1052 CKMCReadableError(temp));
1055 RUNNER_TEST(T3064_CAPI_CreateKeyPairECDSA)
1059 ckmc_ec_type_e ectype = CKMC_EC_PRIME192V1;
1060 const char *private_key_alias = "ecdsa-test-1";
1061 const char *public_key_alias = "ecdsa-test-2";
1062 ckmc_policy_s policy_private_key;
1063 ckmc_policy_s policy_public_key;
1065 policy_private_key.password = const_cast<char *>("privatepassword");
1066 policy_private_key.extractable = 0;
1068 policy_public_key.password = NULL;
1069 policy_public_key.extractable = 1;
1072 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_ecdsa(ectype, private_key_alias, public_key_alias, policy_private_key, policy_public_key)),
1073 CKMCReadableError(temp));
1076 RUNNER_TEST(T3065_CAPI_deinit)
1081 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1082 CKMCReadableError(temp));
1084 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1085 CKMCReadableError(temp));
1089 //RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
1093 RUNNER_TEST_GROUP_INIT(T307_CKMC_CAPI_QUICK_SET_GET_TESTS);
1095 RUNNER_TEST(T3071_CAPI_init)
1099 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1100 CKMCReadableError(temp));
1103 RUNNER_TEST(T3072_CAPI_get_chain)
1106 "-----BEGIN CERTIFICATE-----\n"
1107 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1108 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1109 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1110 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1111 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1112 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1113 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1114 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1115 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1116 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1117 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1118 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1119 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1120 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1121 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1122 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1123 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1124 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1125 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1126 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1127 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1128 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1129 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1130 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1131 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1132 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1133 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1134 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1135 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1136 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1137 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1139 "-----END CERTIFICATE-----\n";
1142 "-----BEGIN CERTIFICATE-----\n"
1143 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1144 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1145 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1146 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1147 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1148 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1149 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1150 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1151 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1152 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1153 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1154 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1155 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1156 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1157 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1158 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1159 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1160 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1161 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1162 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1163 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1164 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1165 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1166 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1167 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1168 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1169 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1170 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1171 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1172 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1173 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1174 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1175 "-----END CERTIFICATE-----\n";
1178 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1179 c_cert.cert_size = ee.size();
1180 c_cert.data_format = CKMC_FORM_PEM;
1182 ckmc_cert_s c_cert1;
1183 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1184 c_cert1.cert_size = im.size();
1185 c_cert1.data_format = CKMC_FORM_PEM;
1187 ckmc_cert_list_s untrustedcerts;
1188 untrustedcerts.cert = &c_cert1;
1189 untrustedcerts.next = NULL;
1191 ckmc_cert_list_s *cert_chain_list;
1195 tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
1197 CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1200 ckmc_cert_list_s *current;
1201 ckmc_cert_list_s *next =cert_chain_list;
1204 next = current->next;
1206 }while(next != NULL);
1207 RUNNER_ASSERT_MSG(cnt == 3, "Wrong size of certificate chain.");
1209 ckmc_cert_list_s *cert_chain_list2 = NULL;
1210 ckmc_cert_list_s *untrustedcerts2 = NULL;
1212 CKMC_ERROR_VERIFICATION_FAILED == (tmp = ckmc_get_cert_chain(&c_cert, untrustedcerts2, &cert_chain_list2)),
1213 CKMCReadableError(tmp));
1216 cert_chain_list2 == NULL,
1217 "Wrong size of certificate chain.");
1220 RUNNER_TEST(T3073_CAPI_get_chain_with_alias)
1223 "-----BEGIN CERTIFICATE-----\n"
1224 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1225 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1226 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1227 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1228 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1229 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1230 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1231 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1232 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1233 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1234 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1235 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1236 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1237 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1238 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1239 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1240 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1241 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1242 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1243 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1244 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1245 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1246 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1247 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1248 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1249 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1250 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1251 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1252 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1253 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1254 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1256 "-----END CERTIFICATE-----\n";
1259 "-----BEGIN CERTIFICATE-----\n"
1260 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1261 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1262 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1263 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1264 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1265 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1266 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1267 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1268 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1269 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1270 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1271 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1272 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1273 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1274 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1275 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1276 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1277 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1278 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1279 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1280 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1281 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1282 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1283 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1284 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1285 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1286 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1287 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1288 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1289 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1290 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1291 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1292 "-----END CERTIFICATE-----\n";
1295 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1296 c_cert.cert_size = ee.size();
1297 c_cert.data_format = CKMC_FORM_PEM;
1299 // save untrusted certificate
1300 ckmc_cert_s c_cert1;
1301 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1302 c_cert1.cert_size = im.size();
1303 c_cert1.data_format = CKMC_FORM_PEM;
1304 ckmc_policy_s test_policy;
1305 test_policy.password = NULL;
1306 test_policy.extractable = 1;
1308 const char *untrusted_alias = "untrusted_certificate";
1311 CKMC_ERROR_NONE == (tmp = ckmc_save_cert(untrusted_alias, c_cert1, test_policy)),
1312 CKMCReadableError(tmp));
1314 CharPtr top_label = get_label();
1315 std::string full_address = aliasWithLabel(top_label.get(), untrusted_alias);
1317 // check if exists (access with full path)
1318 ckmc_cert_s *c_cert_tmp;
1320 CKMC_ERROR_NONE == (tmp = ckmc_get_cert(full_address.c_str(), NULL, &c_cert_tmp)),
1321 CKMCReadableError(tmp));
1322 ckmc_cert_free(c_cert_tmp);
1324 // get cert chain using alias in full "label alias" form
1325 ckmc_alias_list_s *untrustedcerts = (ckmc_alias_list_s *)malloc(sizeof(ckmc_alias_list_s));
1326 untrustedcerts->alias = strdup(full_address.c_str());
1327 untrustedcerts->next = NULL;
1328 ckmc_cert_list_s *cert_chain_list;
1330 tmp = ckmc_get_cert_chain_with_alias(&c_cert, untrustedcerts, &cert_chain_list);
1331 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1332 ckmc_alias_list_free(untrustedcerts);
1336 ckmc_cert_list_s *current;
1337 ckmc_cert_list_s *next = cert_chain_list;
1340 next = current->next;
1342 }while(next != NULL);
1343 RUNNER_ASSERT_MSG(cnt == 3, "Wrong size of certificate chain.");
1345 ckmc_cert_list_s *cert_chain_list2 = NULL;
1346 ckmc_alias_list_s *untrustedcerts2 = NULL;
1348 CKMC_ERROR_VERIFICATION_FAILED == (tmp = ckmc_get_cert_chain_with_alias(&c_cert, untrustedcerts2, &cert_chain_list2)),
1349 CKMCReadableError(tmp));
1352 cert_chain_list2 == NULL,
1353 "Wrong size of certificate chain.");
1356 RUNNER_TEST(T3074_CAPI_ckmc_ocsp_check)
1359 "-----BEGIN CERTIFICATE-----\n"
1360 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1361 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1362 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1363 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1364 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1365 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1366 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1367 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1368 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1369 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1370 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1371 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1372 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1373 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1374 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1375 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1376 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1377 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1378 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1379 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1380 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1381 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1382 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1383 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1384 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1385 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1386 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1387 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1388 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1389 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1390 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1392 "-----END CERTIFICATE-----\n";
1395 "-----BEGIN CERTIFICATE-----\n"
1396 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1397 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1398 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1399 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1400 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1401 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1402 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1403 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1404 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1405 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1406 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1407 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1408 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1409 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1410 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1411 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1412 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1413 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1414 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1415 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1416 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1417 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1418 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1419 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1420 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1421 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1422 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1423 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1424 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1425 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1426 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1427 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1428 "-----END CERTIFICATE-----\n";
1431 c_cert.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(ee.c_str()));
1432 c_cert.cert_size = ee.size();
1433 c_cert.data_format = CKMC_FORM_PEM;
1435 ckmc_cert_s c_cert1;
1436 c_cert1.raw_cert = reinterpret_cast<unsigned char *>(const_cast<char *>(im.c_str()));
1437 c_cert1.cert_size = im.size();
1438 c_cert1.data_format = CKMC_FORM_PEM;
1440 ckmc_cert_list_s untrustedcerts;
1441 untrustedcerts.cert = &c_cert1;
1442 untrustedcerts.next = NULL;
1444 ckmc_cert_list_s *cert_chain_list;
1446 int tmp = ckmc_get_cert_chain(&c_cert, &untrustedcerts, &cert_chain_list);
1448 CKMC_ERROR_NONE == tmp, CKMCReadableError(tmp));
1450 RUNNER_ASSERT_MSG(cert_chain_list != NULL, "Wrong size of certificate chain.");
1452 ckmc_ocsp_status_e ocsp_status;
1453 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_ocsp_check(cert_chain_list, &ocsp_status)), CKMCReadableError(tmp));
1454 RUNNER_ASSERT_MSG(ocsp_status == CKMC_OCSP_STATUS_GOOD, "Wrong status: " << static_cast<int>(ocsp_status));
1457 RUNNER_TEST(T3075_CAPI_deinit)
1462 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
1463 CKMCReadableError(temp));
1465 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1466 CKMCReadableError(temp));
1470 RUNNER_TEST_GROUP_INIT(T308_CAPI_CREATE_AND_VERIFY_SIGNATURE);
1472 RUNNER_TEST(T3081_CAPI__init)
1477 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
1478 CKMCReadableError(temp));
1481 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
1482 CKMCReadableError(temp));
1485 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
1486 CKMCReadableError(temp));
1489 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
1490 CKMCReadableError(temp));
1493 RUNNER_TEST(T3082_CAPI__rsa_key_create_verify)
1497 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1498 "Proc-Type: 4,ENCRYPTED\n"
1499 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1501 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1502 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1503 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1504 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1505 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1506 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1507 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1508 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1509 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1510 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1511 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1512 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1513 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1514 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1515 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1516 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1517 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1518 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1519 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1520 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1521 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1522 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1523 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1524 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1525 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1526 "-----END RSA PRIVATE KEY-----\n";
1528 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1529 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1530 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1531 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1532 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1533 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1534 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1536 "-----END PUBLIC KEY-----\n";
1538 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1540 const char *pub_alias = "pub1";
1541 const char *pri_alias = "prv1";
1542 const char *key_passwd = "1234";
1543 char *pri_passwd = NULL;
1544 char *pub_passwd = NULL;
1545 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1546 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1547 ckmc_raw_buffer_s *signature;
1550 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1551 pubkey.key_size = pub.size();
1552 pubkey.key_type = CKMC_KEY_NONE;
1553 pubkey.password = NULL;
1555 ckmc_policy_s pubpolicy;
1556 pubpolicy.password = pub_passwd;
1557 pubpolicy.extractable = 0;
1559 ckmc_policy_s pripolicy;
1560 pripolicy.password = pri_passwd;
1561 pripolicy.extractable = 1;
1564 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1565 prikey.key_size = prv.size();
1566 prikey.key_type = CKMC_KEY_NONE;
1567 prikey.password = const_cast<char *>(key_passwd);
1571 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1572 CKMCReadableError(temp));
1575 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1576 CKMCReadableError(temp));
1579 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1586 CKMCReadableError(temp));
1589 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1596 CKMCReadableError(temp));
1599 RUNNER_TEST(T3083_CAPI__rsa_key_create_verify_negative)
1603 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message asdfaslkdfjlksadjf test");
1604 const char *pub_alias = "pub1";
1605 const char *pri_alias = "prv1";
1606 char *pri_passwd = NULL;
1607 char *pub_passwd = NULL;
1608 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1609 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1610 ckmc_raw_buffer_s *signature;
1613 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1620 CKMCReadableError(temp));
1623 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1630 CKMCReadableError(temp));
1632 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1633 memcpy((void*)signature->data, "BROKEN", 6);
1636 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1643 CKMCReadableError(temp));
1646 RUNNER_TEST(T3084_CAPI__ec_key_create_verify)
1650 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1651 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1652 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1653 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1654 "-----END EC PRIVATE KEY-----\n";
1656 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1657 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1658 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1659 "-----END PUBLIC KEY-----\n";
1661 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1662 const char *pri_alias = "ecprv2";
1663 const char *pub_alias = "ecpub2";
1664 char *key_passwd = NULL;
1665 char *pri_passwd = NULL;
1666 char *pub_passwd = NULL;
1667 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1668 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1669 ckmc_raw_buffer_s *signature;
1672 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1673 pubkey.key_size = pub.size();
1674 pubkey.key_type = CKMC_KEY_NONE;
1675 pubkey.password = NULL;
1677 ckmc_policy_s pubpolicy;
1678 pubpolicy.password = pub_passwd;
1679 pubpolicy.extractable = 1;
1682 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1683 prikey.key_size = prv.size();
1684 prikey.key_type = CKMC_KEY_NONE;
1685 prikey.password = key_passwd;
1687 ckmc_policy_s pripolicy;
1688 pripolicy.password = pri_passwd;
1689 pripolicy.extractable = 0;
1692 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1693 CKMCReadableError(temp));
1695 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1696 CKMCReadableError(temp));
1699 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1706 CKMCReadableError(temp));
1709 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1716 CKMCReadableError(temp));
1718 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1719 memcpy((void*)signature->data, "BROKEN", 6);
1722 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1729 CKMCReadableError(temp));
1732 RUNNER_TEST(T3085_CAPI__rsa_cert_create_verify_signature)
1737 "-----BEGIN RSA PRIVATE KEY-----\n"
1738 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1739 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1740 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1741 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1742 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1743 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1744 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1745 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1746 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1747 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1748 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1749 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1750 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1751 "-----END RSA PRIVATE KEY-----\n";
1754 "-----BEGIN CERTIFICATE-----\n"
1755 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1756 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1757 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1758 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1759 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1760 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1761 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1762 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1763 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1764 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1765 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1766 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1767 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1768 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1769 "-----END CERTIFICATE-----\n";
1771 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1773 const char *pri_alias = "prv3";
1774 const char *pub_alias = "pub3";
1775 char *key_passwd = NULL;
1776 char *pri_passwd = NULL;
1777 char *pub_passwd = NULL;
1778 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1779 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1780 ckmc_raw_buffer_s *signature;
1783 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1784 cert.cert_size = pub.size();
1785 cert.data_format = CKMC_FORM_PEM;
1787 ckmc_policy_s certpolicy;
1788 certpolicy.password = pub_passwd;
1789 certpolicy.extractable = 1;
1792 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
1793 prikey.key_size = prv.size();
1794 prikey.key_type = CKMC_KEY_NONE;
1795 prikey.password = key_passwd;
1797 ckmc_policy_s pripolicy;
1798 pripolicy.password = pri_passwd;
1799 pripolicy.extractable = 0;
1802 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
1803 CKMCReadableError(temp));
1805 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1806 CKMCReadableError(temp));
1810 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1817 CKMCReadableError(temp));
1820 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1827 CKMCReadableError(temp));
1829 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
1830 memcpy((void*)signature->data, "BROKEN", 6);
1833 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1840 CKMCReadableError(temp));
1843 RUNNER_TEST(T3086_CAPI__dsa_ext_key_create_verify_with_negative)
1847 const std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1848 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1849 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1850 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1851 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1852 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1853 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1854 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1855 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1856 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1857 "YMYCBhubtrVaLmc=\n"
1858 "-----END PUBLIC KEY-----";
1860 const std::string priv = "-----BEGIN DSA PRIVATE KEY-----\n"
1861 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1862 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1863 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1864 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1865 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1866 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1867 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1868 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1869 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1870 "u1roOuaPY+Hl19BlTE2qdw==\n"
1871 "-----END DSA PRIVATE KEY-----";
1873 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1875 const char *pub_alias = "dsa-pub1";
1876 const char *pri_alias = "dsa-prv1";
1877 char *pri_passwd = NULL;
1878 char *pub_passwd = NULL;
1879 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1880 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1881 ckmc_raw_buffer_s *signature = NULL;
1884 pubkey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
1885 pubkey.key_size = pub.size();
1886 pubkey.key_type = CKMC_KEY_NONE;
1887 pubkey.password = NULL;
1889 ckmc_policy_s pubpolicy;
1890 pubpolicy.password = pub_passwd;
1891 pubpolicy.extractable = 0;
1893 ckmc_policy_s pripolicy;
1894 pripolicy.password = pri_passwd;
1895 pripolicy.extractable = 1;
1898 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(priv.c_str()));
1899 prikey.key_size = priv.size();
1900 prikey.key_type = CKMC_KEY_NONE;
1901 prikey.password = NULL;
1905 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
1906 CKMCReadableError(temp));
1909 CKMC_ERROR_NONE == (temp = ckmc_save_key(pub_alias, pubkey, pubpolicy)),
1910 CKMCReadableError(temp));
1913 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1920 CKMCReadableError(temp));
1924 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
1931 CKMCReadableError(temp));
1934 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
1936 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
1943 CKMCReadableError(temp));
1945 ckmc_buffer_free(signature);
1948 RUNNER_TEST(T3087_CAPI__dsa_int_key_create_verify_with_negative)
1953 ckmc_policy_s policy_private_key;
1954 ckmc_policy_s policy_public_key;
1956 policy_private_key.password = NULL;
1957 policy_private_key.extractable = 1;
1959 policy_public_key.password = NULL;
1960 policy_public_key.extractable = 1;
1962 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
1964 const char *pub_alias = "dsa-pub2";
1965 const char *pri_alias = "dsa-prv2";
1968 CKMC_ERROR_NONE == (temp = ckmc_create_key_pair_dsa(size, pri_alias, pub_alias, policy_private_key, policy_public_key)),
1971 char *pri_passwd = NULL;
1972 char *pub_passwd = NULL;
1973 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
1974 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
1975 ckmc_raw_buffer_s *signature;
1977 ckmc_key_s *pubkey = NULL;
1978 ckmc_key_s *prikey = NULL;
1980 CKMC_ERROR_NONE == (temp = ckmc_get_key(pri_alias, 0, &prikey)),
1981 CKMCReadableError(temp));
1984 CKMC_ERROR_NONE == (temp = ckmc_get_key(pub_alias, 0, &pubkey)),
1985 CKMCReadableError(temp));
1988 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
1995 CKMCReadableError(temp));
1999 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2006 CKMCReadableError(temp));
2009 ckmc_raw_buffer_s invalid_msg_buff = prepare_message_buffer("invalid message test");
2011 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
2018 CKMCReadableError(temp));
2020 ckmc_key_free(prikey);
2021 ckmc_key_free(pubkey);
2022 ckmc_buffer_free(signature);
2025 RUNNER_TEST(T3088_CAPI__ecdsa_cert_create_verify_signature)
2030 "-----BEGIN EC PRIVATE KEY-----\n"
2031 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2032 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2033 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2034 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2035 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2036 "ELyhe7yPCAuOoLZlTLgf\n"
2037 "-----END EC PRIVATE KEY-----\n";
2040 "-----BEGIN CERTIFICATE-----\n"
2041 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2042 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2043 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2044 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2045 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2046 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2047 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2048 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2049 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2050 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2051 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2052 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2053 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2054 "Q1oBry6NEc+lLFmWMDesAA==\n"
2055 "-----END CERTIFICATE-----\n";
2057 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2059 const char *pri_alias = "prv4";
2060 const char *pub_alias = "pub4";
2061 char *key_passwd = NULL;
2062 char *pri_passwd = NULL;
2063 char *pub_passwd = NULL;
2064 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2065 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2066 ckmc_raw_buffer_s *signature;
2069 cert.raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(pub.c_str()));
2070 cert.cert_size = pub.size();
2071 cert.data_format = CKMC_FORM_PEM;
2073 ckmc_policy_s certpolicy;
2074 certpolicy.password = pub_passwd;
2075 certpolicy.extractable = 1;
2078 prikey.raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(prv.c_str()));
2079 prikey.key_size = prv.size();
2080 prikey.key_type = CKMC_KEY_NONE;
2081 prikey.password = key_passwd;
2083 ckmc_policy_s pripolicy;
2084 pripolicy.password = pri_passwd;
2085 pripolicy.extractable = 0;
2089 CKMC_ERROR_NONE == (temp = ckmc_save_cert(pub_alias, cert, certpolicy)),
2090 CKMCReadableError(temp));
2092 CKMC_ERROR_NONE == (temp = ckmc_save_key(pri_alias, prikey, pripolicy)),
2093 CKMCReadableError(temp));
2096 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2103 CKMCReadableError(temp));
2106 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2113 CKMCReadableError(temp));
2115 RUNNER_ASSERT_MSG(signature->size > 6, "Signature is too small");
2116 memcpy((void*)signature->data, "BROKEN", 6);
2119 CKMC_ERROR_VERIFICATION_FAILED == (temp = ckmc_verify_signature(
2126 CKMCReadableError(temp));
2129 RUNNER_TEST(T3089_CAPI__deinit)
2134 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2135 CKMCReadableError(temp));
2137 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2138 CKMCReadableError(temp));
2142 //#######################################################################################
2144 void _assertKey(ckmc_key_s *key, unsigned char *raw_key, unsigned int key_size, ckmc_key_type_e key_type, char *password)
2146 RUNNER_ASSERT_MSG(key->key_size == key_size, "Key Size Error" );
2147 RUNNER_ASSERT_MSG(key->key_type == key_type, "Key Type Error" );
2149 if(key->password != NULL && password != NULL) {
2150 RUNNER_ASSERT_MSG(strcmp(key->password, password) == 0, "Password Error" );
2151 }else if(key->password == NULL && password == NULL) {
2152 RUNNER_ASSERT_MSG(true, "Password Error" );
2154 RUNNER_ASSERT_MSG(false, "Password Error" );
2157 if(key->raw_key != NULL && raw_key != NULL) {
2158 for(unsigned int i=0; i<key_size; i++) {
2159 RUNNER_ASSERT_MSG((key->raw_key)[i] == raw_key[i], "Raw Key Error" );
2161 }else if(key->raw_key == NULL && raw_key == NULL) {
2162 RUNNER_ASSERT_MSG(true, "Raw Key Error" );
2164 RUNNER_ASSERT_MSG(false, "Raw Key Error" );
2168 RUNNER_TEST_GROUP_INIT(T309_CKMC_CAPI_TYPES);
2170 RUNNER_TEST(T3091_CAPI_TYPE_init)
2174 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2175 CKMCReadableError(temp));
2177 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2178 CKMCReadableError(temp));
2180 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "test-pass")),
2181 CKMCReadableError(temp));
2183 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, USER_PASS)),
2184 CKMCReadableError(temp));
2187 RUNNER_TEST(T3092_CAPI_TYPE_KEY)
2189 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2190 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2191 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2192 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2193 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2194 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2195 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2197 "-----END PUBLIC KEY-----";
2199 unsigned char *raw_key = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
2200 unsigned int key_size = keyPem.size();
2201 ckmc_key_type_e key_type = CKMC_KEY_NONE;
2202 char *password = const_cast< char *>("");
2205 ckmc_key_new(raw_key, key_size, key_type, password, &key);
2207 _assertKey(key, raw_key, key_size, key_type, password);
2210 char *passwordNull = NULL;
2212 ckmc_key_new(raw_key, key_size, key_type, passwordNull, &key2);
2213 ckmc_key_free(key2);
2216 RUNNER_TEST(T3093_CAPI_TYPE_BUFFER)
2218 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2219 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2220 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2221 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2222 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2223 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2224 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2226 "-----END PUBLIC KEY-----";
2228 unsigned char *data = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(keyPem.c_str()));
2229 unsigned int size = keyPem.size();
2231 ckmc_raw_buffer_s *buff;
2232 ckmc_buffer_new(data, size, &buff);
2234 RUNNER_ASSERT_MSG(buff->size == size, "Size Error" );
2236 if(buff->data != NULL && data != NULL) {
2237 for(unsigned int i=0; i<size; i++) {
2238 RUNNER_ASSERT_MSG((buff->data)[i] == data[i], "Raw data Error" );
2240 }else if(buff->data == NULL && data == NULL) {
2241 RUNNER_ASSERT_MSG(true, "Raw data Error" );
2243 RUNNER_ASSERT_MSG(false, "Raw data Error" );
2246 ckmc_buffer_free(buff);
2249 RUNNER_TEST(T3094_CAPI_TYPE_CERT)
2251 std::string certPem =
2252 "-----BEGIN CERTIFICATE-----\n"
2253 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
2254 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
2255 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
2256 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
2257 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
2258 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
2259 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
2260 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
2261 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
2262 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
2263 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
2264 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
2265 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
2266 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
2267 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
2268 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
2269 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
2270 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
2271 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
2272 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
2273 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
2274 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
2275 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
2276 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
2278 "-----END CERTIFICATE-----\n";
2280 unsigned char *raw_cert = const_cast<unsigned char *>(reinterpret_cast<const unsigned char *>(certPem.c_str()));
2281 unsigned int size = certPem.size();
2282 ckmc_data_format_e form = CKMC_FORM_PEM;
2284 ckmc_cert_s *ckmCert;
2285 ckmc_cert_new(raw_cert, size, form, &ckmCert);
2287 RUNNER_ASSERT_MSG(ckmCert->cert_size == size, "Size Error" );
2289 if(ckmCert->raw_cert != NULL && raw_cert != NULL) {
2290 for(unsigned int i=0; i<size; i++) {
2291 RUNNER_ASSERT_MSG((ckmCert->raw_cert)[i] == raw_cert[i], "Raw data Error" );
2293 }else if(ckmCert->raw_cert == NULL && raw_cert == NULL) {
2294 RUNNER_ASSERT_MSG(true, "raw_cert Error" );
2296 RUNNER_ASSERT_MSG(false, "raw_cert Error" );
2299 RUNNER_ASSERT_MSG(ckmCert->data_format == form, "ckmc_cert_form Error" );
2301 ckmc_cert_free(ckmCert);
2305 RUNNER_TEST(T3095_CAPI_TYPE_load_cert_file)
2309 std::string certStr =
2310 "-----BEGIN CERTIFICATE-----\n"
2311 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2312 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2313 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2314 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2315 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2316 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2317 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2318 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2319 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2320 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2321 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2322 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2323 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2324 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2325 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2326 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2327 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2328 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2329 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2330 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2331 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2332 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2333 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2334 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2335 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2336 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2337 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2338 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2339 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2340 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2341 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2343 "-----END CERTIFICATE-----\n";
2345 const char *file_name = "/tmp/ckmc_test_cert.pem";
2349 cert_file = fopen(file_name, "w");
2350 fprintf(cert_file, "%s",certStr.c_str());
2356 CKMC_ERROR_NONE == (ret = ckmc_load_cert_from_file(file_name, &pcert)),
2357 CKMCReadableError(ret));
2360 pcert != NULL && pcert->cert_size > 0,"Fail to load cert from file.");
2362 const char *lcert_alias = "lcert_alias";
2363 ckmc_policy_s policy;
2364 policy.password = NULL;
2365 policy.extractable = 1;
2368 CKMC_ERROR_NONE == (ret = ckmc_save_cert(lcert_alias, *pcert, policy)),
2369 CKMCReadableError(ret));
2374 RUNNER_TEST(T3096_CAPI_TYPE_load_p12_file) {
2375 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
2376 const char *password = "password";
2380 ckmc_key_s *private_key = NULL;
2381 ckmc_cert_s *cert = NULL;
2382 ckmc_cert_list_s *ca_cert_list = NULL;
2385 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file(p12file, password,
2386 &private_key, &cert, &ca_cert_list)),
2388 RUNNER_ASSERT_MSG(private_key != NULL, "Null private_key");
2389 RUNNER_ASSERT_MSG(cert != NULL, "Null cert");
2390 RUNNER_ASSERT_MSG(ca_cert_list != NULL, "Null ca_cert_list");
2392 ckmc_policy_s policy;
2393 policy.password = NULL;
2394 policy.extractable = 1;
2397 const char *pkey_alias = "pkey_alias";
2399 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *private_key, policy)),
2400 CKMCReadableError(temp));
2402 const char *cert_alias = "cert_alias";
2404 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *cert, policy)),
2405 CKMCReadableError(temp));
2406 std::string caCertAlias = "ca_cert_alias_";
2407 const char *idx = "0";
2409 ckmc_cert_list_s *tmpList = ca_cert_list;
2410 while(tmpList != NULL) {
2411 caCertAlias.append(idx);
2413 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2414 CKMCReadableError(temp));
2415 tmpList = tmpList->next;
2419 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2421 ckmc_key_free(private_key);
2422 ckmc_cert_free(cert);
2423 ckmc_cert_list_all_free(ca_cert_list);
2426 RUNNER_TEST(T3097_CAPI_TYPE_load_p12_file2) {
2427 const char *p12file = "/usr/share/ckm-test/capi-t3096.p12";
2428 const char *password = "password";
2432 ckmc_pkcs12_s *ppkcs12 = NULL;
2435 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file2(p12file, password, &ppkcs12)),
2436 CKMCReadableError(temp));
2437 RUNNER_ASSERT_MSG(ppkcs12->priv_key != NULL, "Null private_key");
2438 RUNNER_ASSERT_MSG(ppkcs12->cert != NULL, "Null cert");
2439 RUNNER_ASSERT_MSG(ppkcs12->ca_chain != NULL, "Null ca_cert_list");
2441 ckmc_policy_s policy;
2442 policy.password = NULL;
2443 policy.extractable = 1;
2446 const char *pkey_alias = "pkey_alias2";
2448 CKMC_ERROR_NONE == (temp = ckmc_save_key(pkey_alias, *(ppkcs12->priv_key), policy)),
2449 CKMCReadableError(temp));
2451 const char *cert_alias = "cert_alias2";
2453 CKMC_ERROR_NONE == (temp = ckmc_save_cert(cert_alias, *(ppkcs12->cert), policy)),
2454 CKMCReadableError(temp));
2455 std::string caCertAlias = "ca_cert_alias_2_";
2456 const char *idx = "0";
2458 ckmc_cert_list_s *tmpList = ppkcs12->ca_chain;
2459 while(tmpList != NULL) {
2460 caCertAlias.append(idx);
2462 CKMC_ERROR_NONE == (temp = ckmc_save_cert(caCertAlias.c_str(), *(tmpList->cert), policy)),
2463 CKMCReadableError(temp));
2464 tmpList = tmpList->next;
2468 RUNNER_ASSERT_MSG(cnt == 2, "Invalid CA Cert Count");
2470 ckmc_pkcs12_free(ppkcs12);
2473 RUNNER_TEST(T3098_CAPI_TYPE_deinit)
2477 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2478 CKMCReadableError(temp));
2480 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2481 CKMCReadableError(temp));
2483 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2484 CKMCReadableError(temp));
2486 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2487 CKMCReadableError(temp));
2490 RUNNER_TEST_GROUP_INIT(T310_CKMC_CAPI_PKCS12);
2494 const char* alias_PKCS_collision = "CAPI-test-PKCS-collision";
2495 const char* alias_PKCS_exportable = "CAPI-test-PKCS-export";
2496 const char* alias_PKCS_not_exportable = "CAPI-test-PKCS-no-export";
2497 const char* alias_PKCS_priv_key_copy = "CAPI-test-PKCS-private-key-copy";
2498 const char* alias_PKCS_priv_key_wrong = "CAPI-test-PKCS-private-key-wrong";
2501 RUNNER_TEST(T3101_CAPI_PKCS12_init)
2505 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2506 CKMCReadableError(temp));
2508 CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(USER_APP, "user-pass")),
2509 CKMCReadableError(temp));
2511 ckmc_remove_pkcs12(alias_PKCS_collision);
2512 ckmc_remove_pkcs12(alias_PKCS_exportable);
2513 ckmc_remove_pkcs12(alias_PKCS_not_exportable);
2514 ckmc_remove_pkcs12(alias_PKCS_priv_key_copy);
2515 ckmc_remove_pkcs12(alias_PKCS_priv_key_wrong);
2518 RUNNER_TEST(T3102_CAPI_PKCS12_negative_wrong_password)
2520 const char *wrong_passwd = "wrong";
2521 ckmc_pkcs12_s *ppkcs12 = NULL;
2524 CKMC_ERROR_INVALID_FORMAT == (temp = ckmc_load_from_pkcs12_file2("/usr/share/ckm-test/test1801.pkcs12", wrong_passwd, &ppkcs12)),
2525 CKMCReadableError(temp));
2528 RUNNER_TEST(T3103_CAPI_PKCS12_add_bundle_with_chain_certs)
2530 ckmc_pkcs12_s *ppkcs12 = NULL;
2533 CKMC_ERROR_NONE == (temp = ckmc_load_from_pkcs12_file2("/usr/share/ckm-test/pkcs.p12", NULL, &ppkcs12)),
2534 CKMCReadableError(temp));
2536 RUNNER_ASSERT_MSG(NULL != ppkcs12->cert, "no certificate in PKCS12");
2537 RUNNER_ASSERT_MSG(NULL != ppkcs12->priv_key, "no private key in PKCS12");
2538 RUNNER_ASSERT_MSG(NULL != ppkcs12->ca_chain, "no chain certificates in PKCS12");
2542 ckmc_policy_s exportable;
2543 exportable.password = NULL;
2544 exportable.extractable = 1;
2545 ckmc_policy_s notExportable;
2546 notExportable.password = NULL;
2547 notExportable.extractable = 0;
2550 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
2551 CKMCReadableError(temp));
2553 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_exportable, ppkcs12, exportable, exportable)),
2554 CKMCReadableError(temp));
2556 CKMC_ERROR_NONE == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
2557 CKMCReadableError(temp));
2559 CKMC_ERROR_DB_ALIAS_EXISTS == (temp = ckmc_save_pkcs12(alias_PKCS_not_exportable, ppkcs12, notExportable, notExportable)),
2560 CKMCReadableError(temp));
2562 // try to lookup key
2563 ckmc_key_s *key_lookup = NULL;
2565 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
2566 CKMCReadableError(temp));
2567 ckmc_key_free(key_lookup);
2570 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_key(alias_PKCS_not_exportable, "", &key_lookup)),
2571 CKMCReadableError(temp));
2572 ckmc_key_free(key_lookup);
2574 // try to lookup certificate
2575 ckmc_cert_s *cert_lookup = NULL;
2577 CKMC_ERROR_NONE == (temp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
2578 CKMCReadableError(temp));
2579 ckmc_cert_free(cert_lookup);
2582 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
2583 CKMCReadableError(temp));
2584 ckmc_cert_free(cert_lookup);
2587 RUNNER_TEST(T3103_CAPI_PKCS12_get_PKCS)
2590 auto manager = CKM::Manager::create();
2592 ckmc_pkcs12_s *pkcs = NULL;
2596 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_pkcs12("i-do-not-exist", &pkcs)),
2597 CKMCReadableError(temp));
2598 ckmc_pkcs12_free(pkcs);
2601 // fail - not exportable
2603 CKMC_ERROR_NOT_EXPORTABLE == (temp = ckmc_get_pkcs12(alias_PKCS_not_exportable, &pkcs)),
2604 CKMCReadableError(temp));
2605 ckmc_pkcs12_free(pkcs);
2608 // success - exportable
2610 CKMC_ERROR_NONE == (temp = ckmc_get_pkcs12(alias_PKCS_exportable, &pkcs)),
2611 CKMCReadableError(temp));
2613 RUNNER_ASSERT_MSG(NULL != pkcs->cert, "no certificate in PKCS12");
2614 RUNNER_ASSERT_MSG(NULL != pkcs->priv_key, "no private key in PKCS12");
2615 RUNNER_ASSERT_MSG(NULL != pkcs->ca_chain, "no chain certificates in PKCS12");
2617 ckmc_cert_list_s *iter = pkcs->ca_chain;
2622 RUNNER_ASSERT_MSG(2 == cntr, "invalid number of chain certificates in PKCS12");
2624 ckmc_pkcs12_free(pkcs);
2627 RUNNER_TEST(T3104_CAPI_PKCS12_create_and_verify_signature)
2629 ckmc_raw_buffer_s msg_buff = prepare_message_buffer("message test");
2632 ckmc_hash_algo_e hash_algo = CKMC_HASH_SHA256;
2633 ckmc_rsa_padding_algo_e pad_algo = CKMC_PKCS1_PADDING;
2634 ckmc_raw_buffer_s *signature = NULL;
2637 CKMC_ERROR_NONE == (temp = ckmc_create_signature(
2638 alias_PKCS_exportable,
2644 CKMCReadableError(temp));
2647 CKMC_ERROR_NONE == (temp = ckmc_verify_signature(
2648 alias_PKCS_exportable,
2654 CKMCReadableError(temp));
2657 RUNNER_TEST(T3105_CAPI_PKCS12_remove_bundle_with_chain_certs)
2661 // remove the whole PKCS12 bundles
2663 CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_exportable)),
2664 CKMCReadableError(tmp));
2666 CKMC_ERROR_NONE == (tmp = ckmc_remove_pkcs12(alias_PKCS_not_exportable)),
2667 CKMCReadableError(tmp));
2669 // expect lookup fails due to unknown alias
2670 // try to lookup key
2671 ckmc_key_s *key_lookup = NULL;
2673 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_exportable, NULL, &key_lookup)),
2674 CKMCReadableError(tmp));
2675 ckmc_key_free(key_lookup);
2678 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_key(alias_PKCS_not_exportable, NULL, &key_lookup)),
2679 CKMCReadableError(tmp));
2680 ckmc_key_free(key_lookup);
2682 // try to lookup certificate
2683 ckmc_cert_s *cert_lookup = NULL;
2685 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_exportable, NULL, &cert_lookup)),
2686 CKMCReadableError(tmp));
2687 ckmc_cert_free(cert_lookup);
2690 CKMC_ERROR_DB_ALIAS_UNKNOWN == (tmp = ckmc_get_cert(alias_PKCS_not_exportable, NULL, &cert_lookup)),
2691 CKMCReadableError(tmp));
2692 ckmc_cert_free(cert_lookup);
2695 RUNNER_TEST(T3109_CAPI_PKCS12_deinit)
2699 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2700 CKMCReadableError(temp));
2703 RUNNER_TEST_GROUP_INIT(T3110_CAPI_LOCKTYPE_TESTS);
2705 RUNNER_CHILD_TEST(T3111_CAPI_init_lock_key)
2708 AccessProvider ap("my-label");
2709 ap.allowAPI("key-manager::api-control", "rw");
2710 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2712 char *null_password = NULL;
2714 CKMC_ERROR_NONE == (tmp = ckmc_change_user_password(USER_APP,USER_PASS,null_password)),
2715 CKMCReadableError(tmp));
2716 RUNNER_ASSERT_MSG(CKMC_ERROR_NONE == (tmp = ckmc_lock_user_key(USER_APP)), CKMCReadableError(tmp));
2719 RUNNER_CHILD_TEST(T3112_CAPI_unlock_default_passwd)
2721 AccessProvider ap("my-label");
2722 ap.allowAPI("key-manager::api-storage", "rw");
2723 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2727 ckmc_key_s test_key, *test_key2;
2728 ckmc_policy_s test_policy;
2730 char* password = NULL;
2731 char alias[20] = "mykey_defpasswd";
2733 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2734 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2735 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2736 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2737 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2738 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2739 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2741 "-----END PUBLIC KEY-----";
2743 char* char_keypem = new char[keyPem.length() + 1];
2745 std::strcpy(char_keypem, keyPem.c_str());
2746 test_key.raw_key = (unsigned char *)char_keypem;
2747 test_key.key_size = keyPem.length();
2748 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
2749 test_key.password = password;
2751 test_policy.password = password;
2752 test_policy.extractable = 1;
2754 test_key2 = &test_key;
2757 CKMC_ERROR_NONE == (temp = ckmc_save_key(alias, test_key, test_policy)),
2758 CKMCReadableError(temp));
2761 CKMC_ERROR_NONE == (temp = ckmc_get_key(alias, password, &test_key2)),
2762 CKMCReadableError(temp));
2764 CKMC_ERROR_NONE == (temp = ckmc_remove_key(alias)),
2765 CKMCReadableError(temp));
2768 RUNNER_CHILD_TEST(T3113_CAPI_init_change_user_password)
2771 AccessProvider ap("my-label");
2772 ap.allowAPI("key-manager::api-control", "rw");
2773 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2775 char *null_password = NULL;
2777 // database has been automatically unlocked with NULL pw in previous test. Lock it now
2779 CKMC_ERROR_NONE == (tmp = ckmc_lock_user_key(USER_APP)),
2780 CKMCReadableError(tmp));
2782 CKMC_ERROR_NONE == (tmp = ckmc_change_user_password(USER_APP,null_password,USER_PASS)),
2783 CKMCReadableError(tmp));
2784 // get rid of NULL DKEK
2786 CKMC_ERROR_NONE == (tmp = ckmc_unlock_user_key(USER_APP,USER_PASS)),
2787 CKMCReadableError(tmp));
2789 CKMC_ERROR_NONE == (tmp = ckmc_lock_user_key(USER_APP)),
2790 CKMCReadableError(tmp));
2793 RUNNER_CHILD_TEST(T3114_CAPI_unlock_default_passwd_negative)
2795 AccessProvider ap("my-label");
2796 ap.allowAPI("key-manager::api-storage", "rw");
2797 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2801 ckmc_key_s test_key, *test_key2;
2802 ckmc_policy_s test_policy;
2804 char* password = NULL;
2805 char alias[20] = "mykey_defpasswd";
2807 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2808 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2809 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2810 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2811 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2812 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2813 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2815 "-----END PUBLIC KEY-----";
2817 char* char_keypem = new char[keyPem.length() + 1];
2819 std::strcpy(char_keypem, keyPem.c_str());
2820 test_key.raw_key = (unsigned char *)char_keypem;
2821 test_key.key_size = keyPem.length();
2822 test_key.key_type = CKMC_KEY_RSA_PUBLIC;
2823 test_key.password = password;
2825 test_policy.password = password;
2826 test_policy.extractable = 1;
2828 test_key2 = &test_key;
2831 CKMC_ERROR_DB_LOCKED == (temp = ckmc_save_key(alias, test_key, test_policy)),
2832 CKMCReadableError(temp));
2835 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key2)),
2836 CKMCReadableError(temp));
2839 RUNNER_CHILD_TEST(T3119_CAPI_deinit)
2843 CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(USER_APP)),
2844 CKMCReadableError(temp));
2846 CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(USER_APP)),
2847 CKMCReadableError(temp));
2850 RUNNER_TEST_GROUP_INIT(T320_CAPI_EMPTY_DATABASE);
2852 RUNNER_TEST(T3201_CAPI_unlock_database)
2855 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2856 CKMCReadableError(temp));
2857 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2858 CKMCReadableError(temp));
2859 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_unlock_user_key(0, "simple-password")),
2860 CKMCReadableError(temp));
2863 RUNNER_CHILD_TEST(T3202_CAPI_get_data_from_empty_database)
2866 char alias[10] = "mykey";
2867 char *password = NULL;
2868 ckmc_key_s *test_key = NULL;
2871 CKMC_ERROR_DB_ALIAS_UNKNOWN == (temp = ckmc_get_key(alias, password, &test_key)),
2874 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2877 RUNNER_CHILD_TEST(T3203_CAPI_lock_database)
2880 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_lock_user_key(0)),
2881 CKMCReadableError(temp));
2884 RUNNER_CHILD_TEST(T3204_CAPI_get_data_from_locked_database)
2887 char alias[10] = "mykey";
2888 char *password = NULL;
2889 ckmc_key_s *test_key = NULL;
2892 CKMC_ERROR_DB_LOCKED == (temp = ckmc_get_key(alias, password, &test_key)),
2893 CKMCReadableError(temp));
2895 RUNNER_ASSERT_MSG(NULL == test_key, "Key value should not be changed");
2898 RUNNER_TEST(T3204_deinit)
2901 RUNNER_ASSERT_MSG( CKMC_ERROR_NONE == (temp = ckmc_remove_user_data(0)),
2902 CKMCReadableError(temp));
projects / platform / core / test / security-tests.git / blob