3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <access_provider2.h>
9 #include <ckm-common.h>
10 #include <ckm/ckm-manager.h>
11 #include <ckm/ckm-control.h>
12 #include <ckm/ckm-password.h>
13 #include <ckm/ckm-type.h>
14 #include <ckm/ckm-pkcs12.h>
18 #include <openssl/x509.h>
19 #include <openssl/x509v3.h>
21 #include <dpl/log/log.h>
24 const int USER_APP = 5000;
25 const int GROUP_APP = 5000;
26 const int USER_TEST = 5001;
28 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
29 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
30 } // namespace anonymous
33 * How to numerate tests:
35 * T - test case (always T)
36 * AB - number of test group (always two digits)
37 * C - test number in group (all tests with same TABC must be run in the same time).
41 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
42 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
43 stop_service(MANAGER);
44 start_service(MANAGER);
46 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
47 std::istreambuf_iterator<char> begin(is), end;
48 std::vector<char> buff(begin, end);
50 CKM::RawBuffer buffer(buff.size());
51 memcpy(buffer.data(), buff.data(), buff.size());
53 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
56 "Error in PKCS12::create()");
58 // all further tests will start with newly started service,
59 // OpenSSL on the service side will have to be properly initialized too
60 stop_service(MANAGER);
61 start_service(MANAGER);
64 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
66 RUNNER_TEST(T0011_Control)
69 auto control = CKM::Control::create();
71 control->removeUserData(0);
72 control->removeUserData(20);
73 control->removeUserData(USER_APP);
76 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
77 "Error=" << CKM::ErrorToString(temp));
80 RUNNER_TEST(T0012_Control)
83 auto control = CKM::Control::create();
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
86 "Error=" << CKM::ErrorToString(temp));
88 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
89 "Error=" << CKM::ErrorToString(temp));
92 RUNNER_TEST(T0013_Control)
95 auto control = CKM::Control::create();
97 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
98 "Error=" << CKM::ErrorToString(temp));
101 RUNNER_TEST(T0014_Control)
104 auto control = CKM::Control::create();
106 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "simple-password")),
107 "Error=" << CKM::ErrorToString(temp));
110 RUNNER_TEST(T0015_Control)
113 auto control = CKM::Control::create();
115 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
116 "Error=" << CKM::ErrorToString(temp));
118 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
119 "Error=" << CKM::ErrorToString(temp));
121 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
122 "Error=" << CKM::ErrorToString(temp));
124 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
125 "Error=" << CKM::ErrorToString(temp));
128 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
130 RUNNER_TEST(T1010_init)
133 auto control = CKM::Control::create();
135 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
136 "Error=" << CKM::ErrorToString(temp));
138 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
139 "Error=" << CKM::ErrorToString(temp));
142 RUNNER_TEST(T1011_key)
145 auto manager = CKM::Manager::create();
147 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
148 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
149 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
150 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
151 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
152 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
153 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
155 "-----END PUBLIC KEY-----";
157 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
158 auto key = CKM::Key::create(buffer, CKM::Password());
160 CKM::Alias alias = "mykey";
163 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
164 "Error=" << CKM::ErrorToString(temp));
166 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
167 "Error=" << CKM::ErrorToString(temp));
169 key->getDER() == key2->getDER(),
170 "Key value has been changed by service");
173 RUNNER_TEST(T1012_certificate)
176 auto manager = CKM::Manager::create();
178 std::string certPem =
179 "-----BEGIN CERTIFICATE-----\n"
180 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
181 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
182 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
183 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
184 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
185 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
186 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
187 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
188 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
189 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
190 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
191 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
192 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
193 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
194 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
195 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
196 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
197 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
198 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
199 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
200 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
201 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
202 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
203 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
205 "-----END CERTIFICATE-----\n";
207 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
208 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
209 CKM::CertificateShPtr cert2;
210 CKM::Alias alias = "myCert";
213 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
214 "Error=" << CKM::ErrorToString(temp));
216 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
217 "Error=" << CKM::ErrorToString(temp));
219 cert->getDER() == cert2->getDER(),
220 "Data has been modified in key manager");
223 RUNNER_CHILD_TEST(T1013_user_app_save_key)
225 AccessProvider ap("mylabel");
226 ap.allowAPI("key-manager::api-storage", "rw");
227 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
229 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
230 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
231 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
232 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
233 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
234 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
235 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
237 "-----END PUBLIC KEY-----";
240 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
241 auto key = CKM::Key::create(buffer, CKM::Password());
243 CKM::Alias alias = "mykey";
244 auto manager = CKM::Manager::create();
247 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
248 "Error=" << CKM::ErrorToString(temp));
250 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
251 "Error=" << CKM::ErrorToString(temp));
253 key->getDER() == key2->getDER(), "Key value has been changed by service");
256 RUNNER_TEST(T1014_save_with_label)
259 auto manager = CKM::Manager::create();
261 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
262 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
263 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
264 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
265 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
266 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
267 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
269 "-----END PUBLIC KEY-----";
271 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
272 auto key = CKM::Key::create(buffer, CKM::Password());
273 CKM::KeyShPtr key_name, key_full_addr;
274 CKM::Alias alias = "mykey-2";
275 CharPtr top_label = get_label();
276 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
279 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
280 "Error=" << CKM::ErrorToString(temp));
284 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
285 "Error=" << CKM::ErrorToString(temp));
287 key->getDER() == key_name->getDER(),
288 "Key value has been changed by service");
290 // lookup by full address
292 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
293 "Error=" << CKM::ErrorToString(temp));
295 key->getDER() == key_full_addr->getDER(),
296 "Key value has been changed by service");
299 RUNNER_TEST(T1015_deinit)
302 auto control = CKM::Control::create();
305 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
306 "Error=" << CKM::ErrorToString(temp));
308 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
309 "Error=" << CKM::ErrorToString(temp));
311 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
312 "Error=" << CKM::ErrorToString(temp));
314 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
315 "Error=" << CKM::ErrorToString(temp));
318 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
320 RUNNER_TEST(T1020_init)
323 auto control = CKM::Control::create();
325 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
326 "Error=" << CKM::ErrorToString(temp));
328 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
329 "Error=" << CKM::ErrorToString(temp));
332 RUNNER_TEST(T1021_save_keys_get_alias)
335 auto manager = CKM::Manager::create();
337 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
338 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
339 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
340 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
341 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
342 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
343 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
345 "-----END PUBLIC KEY-----";
347 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
348 auto key = CKM::Key::create(buffer, CKM::Password());
349 CKM::AliasVector labelAliasVector;
352 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
353 "Error=" << CKM::ErrorToString(temp));
355 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
356 "Error=" << CKM::ErrorToString(temp));
358 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
359 "Error=" << CKM::ErrorToString(temp));
361 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
362 "Error=" << CKM::ErrorToString(temp));
364 labelAliasVector.size() == 3,
365 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
368 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
370 AccessProvider ap("mylabel");
371 ap.allowAPI("key-manager::api-storage", "rw");
372 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
375 auto manager = CKM::Manager::create();
377 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
378 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
379 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
380 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
381 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
382 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
383 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
385 "-----END PUBLIC KEY-----";
387 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
388 auto key = CKM::Key::create(buffer, CKM::Password());
389 CKM::AliasVector labelAliasVector;
392 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
393 "Error=" << CKM::ErrorToString(temp));
395 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
396 "Error=" << CKM::ErrorToString(temp));
398 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
399 "Error=" << CKM::ErrorToString(temp));
401 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
402 "Error=" << CKM::ErrorToString(temp));
404 labelAliasVector.size() == 3,
405 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
408 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
410 AccessProvider ap("mylabel");
411 ap.allowAPI("key-manager::api-storage", "rw");
412 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
415 auto manager = CKM::Manager::create();
417 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
418 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
419 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
420 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
421 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
422 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
423 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
425 "-----END PUBLIC KEY-----";
427 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
428 auto key = CKM::Key::create(buffer, CKM::Password());
429 CKM::AliasVector aliasVector;
430 CKM::Policy notExportable(CKM::Password(), false);
433 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
434 "Error=" << CKM::ErrorToString(temp));
436 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
437 "Error=" << CKM::ErrorToString(temp));
439 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
440 "Error=" << CKM::ErrorToString(temp));
443 RUNNER_TEST(T1029_deinit)
446 auto control = CKM::Control::create();
449 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
450 "Error=" << CKM::ErrorToString(temp));
452 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
453 "Error=" << CKM::ErrorToString(temp));
455 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
456 "Error=" << CKM::ErrorToString(temp));
458 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
459 "Error=" << CKM::ErrorToString(temp));
462 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
464 RUNNER_TEST(T1030_init)
467 auto control = CKM::Control::create();
469 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
470 "Error=" << CKM::ErrorToString(temp));
472 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
473 "Error=" << CKM::ErrorToString(temp));
476 RUNNER_TEST(T1031_save_get_bin_data)
479 auto manager = CKM::Manager::create();
481 std::string binData1 = "My bin data1";
482 std::string binData2 = "My bin data2";
483 std::string binData3 = "My bin data3";
485 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
486 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
487 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
489 CKM::AliasVector labelAliasVector;
492 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
493 "Error=" << CKM::ErrorToString(temp));
495 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
496 "Error=" << CKM::ErrorToString(temp));
498 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
499 "Error=" << CKM::ErrorToString(temp));
501 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
502 "Error=" << CKM::ErrorToString(temp));
504 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
505 "Error=" << CKM::ErrorToString(temp));
507 labelAliasVector.size() == 3,
508 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
510 CKM::RawBuffer buffer;
512 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
513 "Error=" << CKM::ErrorToString(temp));
519 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
521 AccessProvider ap("mylabel");
522 ap.allowAPI("key-manager::api-storage", "rw");
523 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
526 auto manager = CKM::Manager::create();
528 std::string binData = "My bin data";
530 CKM::RawBuffer buffer(binData.begin(), binData.end());
532 CKM::AliasVector labelAliasVector;
535 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
536 "Error=" << CKM::ErrorToString(temp));
538 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
539 "Error=" << CKM::ErrorToString(temp));
541 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
542 "Error=" << CKM::ErrorToString(temp));
544 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
545 "Error=" << CKM::ErrorToString(temp));
547 labelAliasVector.size() == 3,
548 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
551 RUNNER_TEST(T1033_remove_bin_data)
554 auto manager = CKM::Manager::create();
556 std::string binData2 = "My bin data2";
557 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
559 CKM::AliasVector labelAliasVector;
561 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
563 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
564 "Error=" << CKM::ErrorToString(temp));
566 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
567 "Error=" << CKM::ErrorToString(temp));
569 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
570 "Error=" << CKM::ErrorToString(temp));
572 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
573 "Error=" << CKM::ErrorToString(temp));
575 labelAliasVector.size() == 1,
576 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
578 CKM::RawBuffer buffer;
580 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
581 "Error=" << CKM::ErrorToString(temp));
586 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
587 "Error=" << CKM::ErrorToString(temp));
590 RUNNER_TEST(T1039_deinit)
593 auto control = CKM::Control::create();
596 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
597 "Error=" << CKM::ErrorToString(temp));
599 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
600 "Error=" << CKM::ErrorToString(temp));
602 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
603 "Error=" << CKM::ErrorToString(temp));
605 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
606 "Error=" << CKM::ErrorToString(temp));
609 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
611 RUNNER_TEST(T1040_init)
614 auto control = CKM::Control::create();
617 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
618 "Error=" << CKM::ErrorToString(temp));
621 RUNNER_CHILD_TEST(T1041_create_rsa_key)
624 auto manager = CKM::Manager::create();
627 AccessProvider ap("mylabel-rsa");
628 ap.allowAPI("key-manager::api-storage", "rw");
629 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
632 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
633 "Error=" << CKM::ErrorToString(temp));
635 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
636 "Error=" << CKM::ErrorToString(temp));
638 2 == (temp = av.size()),
639 "Vector size: " << temp << ". Expected: 2");
642 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
645 auto manager = CKM::Manager::create();
648 AccessProvider ap("mylabel-rsa");
649 ap.allowAPI("key-manager::api-storage", "rw");
650 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
653 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
654 "Error=" << CKM::ErrorToString(temp));
656 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
657 "Error=" << CKM::ErrorToString(temp));
660 RUNNER_CHILD_TEST(T1043_create_dsa_key)
663 auto manager = CKM::Manager::create();
666 AccessProvider ap("mylabel-dsa");
667 ap.allowAPI("key-manager::api-storage", "rw");
668 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
671 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
672 "Error=" << CKM::ErrorToString(temp));
674 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
675 "Error=" << CKM::ErrorToString(temp));
677 2 == (temp = av.size()),
678 "Vector size: " << temp << ". Expected: 2");
681 RUNNER_TEST(T1049_deinit)
684 auto control = CKM::Control::create();
687 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
688 "Error=" << CKM::ErrorToString(temp));
690 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
691 "Error=" << CKM::ErrorToString(temp));
695 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
697 RUNNER_TEST(T1110_init)
700 auto control = CKM::Control::create();
702 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
703 "Error=" << CKM::ErrorToString(temp));
705 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
706 "Error=" << CKM::ErrorToString(temp));
709 RUNNER_TEST(T1111_CreateKeyPairRSA)
712 auto manager = CKM::Manager::create();
713 CKM::Alias a1("rsa-test-1");
714 CKM::Alias a2("rsa-test-2");
718 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
719 "Error=" << CKM::ErrorToString(temp));
721 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
722 "Error=" << CKM::ErrorToString(temp));
725 RUNNER_TEST(T1112_CreateKeyPairDSA)
728 auto manager = CKM::Manager::create();
729 CKM::Alias a1("dsa-test-1");
730 CKM::Alias a2("dsa-test-2");
734 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
735 "Error=" << CKM::ErrorToString(temp));
737 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
738 "Error=" << CKM::ErrorToString(temp));
741 RUNNER_TEST(T1113_CreateKeyPairECDSA)
744 auto manager = CKM::Manager::create();
745 CKM::Alias a1("ecdsa-test-1");
746 CKM::Alias a2("ecdsa-test-2");
750 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
751 "Error=" << CKM::ErrorToString(temp));
754 RUNNER_TEST(T1114_deinit)
757 auto control = CKM::Control::create();
760 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
761 "Error=" << CKM::ErrorToString(temp));
763 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
764 "Error=" << CKM::ErrorToString(temp));
767 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
769 RUNNER_TEST(T12100_init)
772 auto control = CKM::Control::create();
774 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
775 "Error=" << CKM::ErrorToString(temp));
777 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
778 "Error=" << CKM::ErrorToString(temp));
781 RUNNER_TEST(T12101_key_exist)
784 auto manager = CKM::Manager::create();
786 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
787 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
788 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
789 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
790 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
791 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
792 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
794 "-----END PUBLIC KEY-----";
796 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
797 auto key = CKM::Key::create(buffer);
798 CKM::Alias alias = "rsa-alias-duplication";
801 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
802 "Error=" << CKM::ErrorToString(ret));
804 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
805 "Error=" << CKM::ErrorToString(ret));
809 * These test cases tests API when empty parameters are passed to functions
812 RUNNER_TEST(T12102_saveKey_empty_alias)
814 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
815 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
816 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
817 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
818 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
819 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
820 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
821 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
823 "-----END PUBLIC KEY-----";
825 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
826 auto key = CKM::Key::create(buffer);
827 CKM::Alias alias; //alias is not initialized
830 auto manager = CKM::Manager::create();
832 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
833 "Error=" << CKM::ErrorToString(ret));
836 RUNNER_TEST(T12103_saveKey_foreign_label)
838 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
839 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
840 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
841 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
842 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
843 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
844 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
846 "-----END PUBLIC KEY-----";
848 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
849 auto key = CKM::Key::create(buffer);
850 CKM::Alias alias = "iamsomebodyelse alias";
853 auto manager = CKM::Manager::create();
855 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
856 "Error=" << CKM::ErrorToString(ret));
859 RUNNER_TEST(T12104_saveKey_empty_key)
861 CKM::KeyShPtr key; //key is not initialized
862 CKM::Alias alias = "empty-key";
865 auto manager = CKM::Manager::create();
867 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
868 "Error=" << CKM::ErrorToString(ret));
871 RUNNER_TEST(T12105_saveCertificate_empty_alias)
873 std::string certPem =
874 "-----BEGIN CERTIFICATE-----\n"
875 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
876 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
877 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
878 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
879 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
880 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
881 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
882 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
883 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
884 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
885 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
886 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
887 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
888 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
889 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
890 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
891 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
892 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
893 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
894 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
895 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
896 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
897 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
898 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
900 "-----END CERTIFICATE-----\n";
902 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
903 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
904 CKM::Alias alias; //alias is not initialized
907 auto manager = CKM::Manager::create();
909 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
910 "Error=" << CKM::ErrorToString(temp));
913 RUNNER_TEST(T12106_saveCertificate_foreign_label)
915 std::string certPem =
916 "-----BEGIN CERTIFICATE-----\n"
917 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
918 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
919 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
920 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
921 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
922 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
923 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
924 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
925 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
926 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
927 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
928 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
929 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
930 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
931 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
932 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
933 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
934 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
935 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
936 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
937 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
938 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
939 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
940 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
942 "-----END CERTIFICATE-----\n";
944 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
945 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
946 CKM::Alias alias = "iamsomebodyelse alias";
949 auto manager = CKM::Manager::create();
951 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
952 "Error=" << CKM::ErrorToString(temp));
955 RUNNER_TEST(T12107_saveCertificate_empty_cert)
957 CKM::CertificateShPtr cert; //cert is not initialized
958 CKM::Alias alias = "empty-cert";
961 auto manager = CKM::Manager::create();
963 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
964 "Error=" << CKM::ErrorToString(temp));
967 RUNNER_TEST(T12108_saveData_empty_alias)
969 std::string testData = "test data test data test data";
970 CKM::RawBuffer buffer(testData.begin(), testData.end());
974 auto manager = CKM::Manager::create();
976 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
977 "Error=" << CKM::ErrorToString(temp));
980 RUNNER_TEST(T12109_saveData_foreign_label)
982 std::string testData = "test data test data test data";
983 CKM::RawBuffer buffer(testData.begin(), testData.end());
984 CKM::Alias alias = "iamsomebodyelse alias";
987 auto manager = CKM::Manager::create();
989 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
990 "Error=" << CKM::ErrorToString(temp));
993 RUNNER_TEST(T12110_saveData_empty_data)
995 CKM::RawBuffer buffer;
996 CKM::Alias alias = "empty-data";
999 auto manager = CKM::Manager::create();
1001 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1002 "Error=" << CKM::ErrorToString(temp));
1006 * These test cases tests API when trying to get data from not existing alias
1009 RUNNER_TEST(T12111_getKey_alias_not_exist)
1012 CKM::Alias alias = "this-alias-not-exist";
1015 auto manager = CKM::Manager::create();
1017 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1018 "Error=" << CKM::ErrorToString(temp));
1021 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1023 CKM::CertificateShPtr certificate;
1024 CKM::Alias alias = "this-alias-not-exist";
1027 auto manager = CKM::Manager::create();
1029 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1030 "Error=" << CKM::ErrorToString(temp));
1033 RUNNER_TEST(T12113_getData_alias_not_exist)
1036 auto manager = CKM::Manager::create();
1037 CKM::RawBuffer buffer;
1038 CKM::Alias alias("some alias");
1040 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1041 "Error=" << CKM::ErrorToString(temp));
1045 * These test cases tests API when damaged keys are used
1047 RUNNER_TEST(T12114_rsa_key_damaged)
1050 auto manager = CKM::Manager::create();
1052 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1053 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1054 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1055 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1056 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1057 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1058 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1060 "-----END PUBLIC KEY-----";
1062 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1063 auto key = CKM::Key::create(buffer);
1064 CKM::Alias alias = "damaged-rsa";
1067 NULL == key.get(), "Key is broken. It should be empty");
1070 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1071 "Error=" << CKM::ErrorToString(ret));
1074 RUNNER_TEST(T12115_rsa_key_too_short)
1077 auto manager = CKM::Manager::create();
1079 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1080 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1081 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1082 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1083 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1084 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1085 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1087 "-----END PUBLIC KEY-----";
1089 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1090 auto key = CKM::Key::create(buffer);
1091 CKM::Alias alias = "short-rsa";
1094 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1095 "Error=" << CKM::ErrorToString(ret));
1098 RUNNER_TEST(T12116_dsa_key_too_short)
1101 auto manager = CKM::Manager::create();
1103 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1104 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1105 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1106 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1107 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1108 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1109 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1110 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1111 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1112 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1113 "YMYCBhubtrVaLmc=\n"
1114 "-----END PUBLIC KEY-----";
1116 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1117 auto key = CKM::Key::create(buffer);
1118 CKM::Alias alias = "short-dsa";
1121 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1122 "Error=" << CKM::ErrorToString(ret));
1127 * These test cases tests CKM service if malicious data is provided over the socket.
1130 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1133 auto manager = CKM::Manager::create();
1135 // fake the client - let the service detect the problem
1136 class WrongKeyImpl : public CKM::Key
1139 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1142 virtual bool empty() const {
1146 virtual CKM::KeyType getType() const {
1147 return CKM::KeyType::KEY_RSA_PUBLIC;
1149 virtual int getSize() const {
1152 virtual CKM::ElipticCurve getCurve() const {
1153 return CKM::ElipticCurve::prime192v1;
1155 virtual CKM::RawBuffer getDER() const {
1158 virtual ~WrongKeyImpl() {}
1160 CKM::RawBuffer & m_dummy;
1162 std::string dummyData = "my_cat_Berta\n";
1163 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1164 auto key = std::make_shared<WrongKeyImpl>(buffer);
1165 CKM::Alias alias = "damaged-rsa";
1168 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1169 "Error=" << CKM::ErrorToString(ret));
1172 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1174 // fake the client - let the service detect the problem
1175 class WrongCertImpl : public CKM::Certificate
1178 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1179 m_x509 = X509_new();
1182 bool empty() const {
1186 virtual X509 *getX509() const {
1190 virtual CKM::RawBuffer getDER() const {
1194 virtual ~WrongCertImpl() {
1199 CKM::RawBuffer & m_dummy;
1201 std::string dummyData = "my_cat_Stefan\n";
1202 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1203 auto cert = std::make_shared<WrongCertImpl>(buffer);
1204 CKM::Alias alias = "damaged-cert";
1207 auto manager = CKM::Manager::create();
1209 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1210 "Error=" << CKM::ErrorToString(temp));
1213 RUNNER_TEST(T12119_deinit)
1216 auto control = CKM::Control::create();
1219 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1220 "Error=" << CKM::ErrorToString(temp));
1222 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1223 "Error=" << CKM::ErrorToString(temp));
1226 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1228 RUNNER_TEST(T1311_init)
1231 auto control = CKM::Control::create();
1233 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1234 "Error=" << CKM::ErrorToString(temp));
1235 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1236 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1238 struct hostent* he = gethostbyname("google.com");
1240 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1241 "is not woking on the device. OCSP tests requires network access!");
1244 RUNNER_TEST(T1312_get_chain)
1246 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1247 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1248 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1249 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1250 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1251 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1252 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1253 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1254 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1255 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1256 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1257 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1258 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1259 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1260 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1261 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1262 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1263 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1264 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1265 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1266 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1267 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1268 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1269 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1270 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1271 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1272 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1273 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1274 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1275 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1276 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1277 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1279 "-----END CERTIFICATE-----\n";
1282 "-----BEGIN CERTIFICATE-----\n"
1283 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1284 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1285 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1286 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1287 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1288 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1289 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1290 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1291 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1292 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1293 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1294 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1295 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1296 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1297 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1298 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1299 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1300 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1301 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1302 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1303 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1304 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1305 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1306 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1307 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1308 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1309 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1310 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1311 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1312 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1313 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1314 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1315 "-----END CERTIFICATE-----\n";
1317 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1318 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1319 CKM::CertificateShPtrVector certVector = {cert1};
1320 CKM::CertificateShPtrVector certChain;
1323 auto manager = CKM::Manager::create();
1325 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1326 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1328 tmp = manager->getCertificateChain(cert,
1333 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1334 "Error=" << CKM::ErrorToString(tmp));
1337 0 == certChain.size(),
1338 "Wrong size of certificate chain.");
1340 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1341 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1344 3 == certChain.size(),
1345 "Wrong size of certificate chain.");
1348 RUNNER_TEST(T1313_get_chain_with_alias)
1350 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1351 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1352 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1353 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1354 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1355 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1356 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1357 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1358 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1359 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1360 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1361 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1362 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1363 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1364 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1365 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1366 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1367 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1368 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1369 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1370 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1371 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1372 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1373 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1374 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1375 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1376 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1377 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1378 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1379 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1380 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1381 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1383 "-----END CERTIFICATE-----\n";
1386 "-----BEGIN CERTIFICATE-----\n"
1387 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1388 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1389 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1390 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1391 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1392 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1393 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1394 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1395 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1396 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1397 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1398 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1399 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1400 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1401 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1402 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1403 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1404 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1405 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1406 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1407 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1408 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1409 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1410 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1411 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1412 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1413 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1414 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1415 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1416 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1417 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1418 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1419 "-----END CERTIFICATE-----\n";
1421 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1422 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1423 CKM::CertificateShPtrVector certChain;
1424 CKM::AliasVector aliasVector;
1425 CKM::Alias alias("imcert");
1426 CharPtr top_label = get_label();
1427 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1430 auto manager = CKM::Manager::create();
1432 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1433 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1435 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1436 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1437 "Error=" << CKM::ErrorToString(tmp));
1440 0 == certChain.size(),
1441 "Wrong size of certificate chain.");
1444 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1445 "Error=" << CKM::ErrorToString(tmp));
1447 aliasVector.push_back(full_address);
1449 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1450 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1452 RUNNER_ASSERT_MSG_BT(
1453 3 == certChain.size(),
1454 "Wrong size of certificate chain.");
1457 RUNNER_TEST(T1314_ocsp_check)
1459 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1461 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1462 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1463 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1464 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1465 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1466 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1467 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1468 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1469 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1470 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1471 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1472 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1473 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1474 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1475 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1476 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1477 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1478 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1479 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1480 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1481 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1482 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1483 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1484 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1485 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1486 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1487 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1488 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1489 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1490 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1491 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1492 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1494 "-----END CERTIFICATE-----\n";
1497 "-----BEGIN CERTIFICATE-----\n"
1498 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1499 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1500 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1501 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1502 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1503 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1504 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1505 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1506 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1507 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1508 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1509 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1510 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1511 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1512 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1513 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1514 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1515 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1516 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1517 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1518 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1519 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1520 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1521 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1522 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1523 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1524 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1525 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1526 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1527 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1528 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1529 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1530 "-----END CERTIFICATE-----\n";
1532 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1533 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1534 CKM::CertificateShPtrVector certVector = {cert1};
1535 CKM::CertificateShPtrVector certChain;
1538 auto manager = CKM::Manager::create();
1540 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1541 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1543 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1544 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1545 "Error=" << CKM::ErrorToString(tmp));
1548 0 == certChain.size(),
1549 "Wrong size of certificate chain.");
1551 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1552 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1554 RUNNER_ASSERT_MSG_BT(
1555 3 == certChain.size(),
1556 "Wrong size of certificate chain.");
1560 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1561 "Error=" << CKM::ErrorToString(tmp));
1563 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1566 RUNNER_TEST(T1315_deinit)
1569 auto control = CKM::Control::create();
1572 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1573 "Error=" << CKM::ErrorToString(temp));
1575 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1576 "Error=" << CKM::ErrorToString(temp));
1579 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1581 RUNNER_TEST(T1411_init)
1584 auto control = CKM::Control::create();
1586 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1587 "Error=" << CKM::ErrorToString(temp));
1590 RUNNER_TEST(T1412_rsa_key_create_verify)
1593 auto manager = CKM::Manager::create();
1595 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1596 "Proc-Type: 4,ENCRYPTED\n"
1597 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1599 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1600 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1601 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1602 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1603 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1604 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1605 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1606 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1607 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1608 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1609 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1610 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1611 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1612 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1613 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1614 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1615 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1616 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1617 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1618 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1619 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1620 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1621 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1622 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1623 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1624 "-----END RSA PRIVATE KEY-----\n";
1626 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1627 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1628 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1629 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1630 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1631 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1632 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1634 "-----END PUBLIC KEY-----\n";
1636 std::string message = "message test";
1638 CKM::Alias aliasPub = "pub1";
1639 CKM::Alias aliasPrv = "prv1";
1640 CKM::Password password = "1234";
1641 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1642 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1643 CKM::RawBuffer signature;
1645 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1646 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1648 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1649 "Key is empty. Failed to import public key.");
1650 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1651 "Key is empty. Failed to import private key.");
1654 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1655 "Error=" << CKM::ErrorToString(temp));
1657 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1658 "Error=" << CKM::ErrorToString(temp));
1661 CKM_API_SUCCESS == (temp = manager->createSignature(
1664 CKM::RawBuffer(message.begin(), message.end()),
1668 "Error=" << CKM::ErrorToString(temp));
1671 CKM_API_SUCCESS == (temp = manager->verifySignature(
1674 CKM::RawBuffer(message.begin(), message.end()),
1678 "Error=" << CKM::ErrorToString(temp));
1681 RUNNER_TEST(T1413_dsa_key_create_verify)
1684 auto manager = CKM::Manager::create();
1686 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1687 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1688 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1689 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1690 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1691 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1692 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1693 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1694 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1695 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1696 "u1roOuaPY+Hl19BlTE2qdw==\n"
1697 "-----END DSA PRIVATE KEY-----";
1699 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1700 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1701 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1702 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1703 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1704 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1705 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1706 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1707 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1708 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1709 "YMYCBhubtrVaLmc=\n"
1710 "-----END PUBLIC KEY-----";
1712 std::string message = "message test";
1714 CKM::Alias aliasPub = "pub2";
1715 CKM::Alias aliasPrv = "prv2";
1716 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1717 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1718 CKM::RawBuffer signature;
1720 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1721 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1723 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1724 "Key is empty. Failed to import public key.");
1725 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1726 "Key is empty. Failed to import private key.");
1729 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1730 "Error=" << CKM::ErrorToString(temp));
1732 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1733 "Error=" << CKM::ErrorToString(temp));
1736 CKM_API_SUCCESS == (temp = manager->createSignature(
1739 CKM::RawBuffer(message.begin(), message.end()),
1743 "Error=" << CKM::ErrorToString(temp));
1746 CKM_API_SUCCESS == (temp = manager->verifySignature(
1749 CKM::RawBuffer(message.begin(), message.end()),
1753 "Error=" << CKM::ErrorToString(temp));
1757 RUNNER_TEST(T1414_ec_key_create_verify)
1760 auto manager = CKM::Manager::create();
1762 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1763 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1764 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1765 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1766 "-----END EC PRIVATE KEY-----\n";
1768 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1769 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1770 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1771 "-----END PUBLIC KEY-----\n";
1773 std::string message = "message test";
1775 CKM::Alias aliasPub = "ecpub2";
1776 CKM::Alias aliasPrv = "ecprv2";
1777 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1778 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1779 CKM::RawBuffer signature;
1781 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1782 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1784 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1785 "Key is empty. Failed to import public key.");
1786 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1787 "Key is empty. Failed to import private key.");
1790 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1791 "Error=" << CKM::ErrorToString(temp));
1793 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1794 "Error=" << CKM::ErrorToString(temp));
1797 CKM_API_SUCCESS == (temp = manager->createSignature(
1800 CKM::RawBuffer(message.begin(), message.end()),
1804 "Error=" << CKM::ErrorToString(temp));
1807 CKM_API_SUCCESS == (temp = manager->verifySignature(
1810 CKM::RawBuffer(message.begin(), message.end()),
1814 "Error=" << CKM::ErrorToString(temp));
1816 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1818 memcpy((void*)signature.data(), "BROKEN", 6);
1821 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1824 CKM::RawBuffer(message.begin(), message.end()),
1828 "Error=" << CKM::ErrorToString(temp));
1831 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1834 auto manager = CKM::Manager::create();
1835 std::string message = "message asdfaslkdfjlksadjf test";
1837 CKM::Alias aliasPub = "pub1";
1838 CKM::Alias aliasPrv = "prv1";
1840 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1841 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1842 CKM::RawBuffer signature;
1845 CKM_API_SUCCESS == (temp = manager->createSignature(
1848 CKM::RawBuffer(message.begin(), message.end()),
1852 "Error=" << CKM::ErrorToString(temp));
1855 CKM_API_SUCCESS == (temp = manager->verifySignature(
1858 CKM::RawBuffer(message.begin(), message.end()),
1862 "Error=" << CKM::ErrorToString(temp));
1864 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1865 memcpy((void*)signature.data(), "BROKEN", 6);
1868 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1871 CKM::RawBuffer(message.begin(), message.end()),
1875 "Error=" << CKM::ErrorToString(temp));
1878 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1881 auto manager = CKM::Manager::create();
1882 std::string message = "message asdfaslkdfjlksadjf test";
1884 CKM::Alias aliasPub = "pub2";
1885 CKM::Alias aliasPrv = "prv2";
1887 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1888 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1889 CKM::RawBuffer signature;
1892 CKM_API_SUCCESS == (temp = manager->createSignature(
1895 CKM::RawBuffer(message.begin(), message.end()),
1899 "Error=" << CKM::ErrorToString(temp));
1902 CKM_API_SUCCESS == (temp = manager->verifySignature(
1905 CKM::RawBuffer(message.begin(), message.end()),
1909 "Error=" << CKM::ErrorToString(temp));
1911 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1912 memcpy((void*)signature.data(), "BROKEN", 6);
1915 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1918 CKM::RawBuffer(message.begin(), message.end()),
1922 "Error=" << CKM::ErrorToString(temp));
1925 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
1928 auto manager = CKM::Manager::create();
1931 "-----BEGIN RSA PRIVATE KEY-----\n"
1932 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
1933 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
1934 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
1935 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
1936 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
1937 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
1938 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
1939 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
1940 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
1941 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
1942 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
1943 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
1944 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
1945 "-----END RSA PRIVATE KEY-----\n";
1948 "-----BEGIN CERTIFICATE-----\n"
1949 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
1950 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
1951 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
1952 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
1953 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
1954 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
1955 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
1956 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
1957 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
1958 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
1959 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
1960 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
1961 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
1962 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
1963 "-----END CERTIFICATE-----\n";
1965 std::string message = "message test";
1967 CKM::Alias aliasPub = "pub1-cert";
1968 CKM::Alias aliasPrv = "prv1-cert";
1969 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1970 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1971 CKM::RawBuffer signature;
1973 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
1974 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1976 RUNNER_ASSERT_MSG(NULL != cert.get(),
1977 "Key is empty. Failed to import public key.");
1978 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1979 "Key is empty. Failed to import private key.");
1982 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
1983 "Error=" << CKM::ErrorToString(temp));
1985 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1986 "Error=" << CKM::ErrorToString(temp));
1989 CKM_API_SUCCESS == (temp = manager->createSignature(
1992 CKM::RawBuffer(message.begin(), message.end()),
1996 "Error=" << CKM::ErrorToString(temp));
1999 CKM_API_SUCCESS == (temp = manager->verifySignature(
2002 CKM::RawBuffer(message.begin(), message.end()),
2006 "Error=" << CKM::ErrorToString(temp));
2008 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2010 memcpy((void*)signature.data(), "BROKEN", 6);
2013 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2016 CKM::RawBuffer(message.begin(), message.end()),
2020 "Error=" << CKM::ErrorToString(temp));
2023 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
2026 auto manager = CKM::Manager::create();
2028 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
2029 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
2030 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
2031 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
2032 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
2033 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
2034 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
2035 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
2036 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
2037 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
2038 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
2039 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
2040 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
2041 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
2042 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
2043 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
2044 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
2045 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
2046 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
2047 "-----END CERTIFICATE-----\n";
2049 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
2050 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
2051 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
2052 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
2053 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2054 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2055 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2056 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2057 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2058 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2059 "vonbjii3BYe4AIdkzOvp\n"
2060 "-----END DSA PRIVATE KEY-----\n";
2062 std::string message = "message test";
2064 CKM::Alias aliasPub = "pub2-cert";
2065 CKM::Alias aliasPrv = "prv2-cert";
2066 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2067 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2068 CKM::RawBuffer signature;
2070 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2071 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2073 RUNNER_ASSERT_MSG(NULL != cert.get(),
2074 "Key is empty. Failed to import public key.");
2075 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2076 "Key is empty. Failed to import private key.");
2079 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2080 "Error=" << CKM::ErrorToString(temp));
2082 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2083 "Error=" << CKM::ErrorToString(temp));
2086 CKM_API_SUCCESS == (temp = manager->createSignature(
2089 CKM::RawBuffer(message.begin(), message.end()),
2093 "Error=" << CKM::ErrorToString(temp));
2096 CKM_API_SUCCESS == (temp = manager->verifySignature(
2099 CKM::RawBuffer(message.begin(), message.end()),
2103 "Error=" << CKM::ErrorToString(temp));
2105 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2107 memcpy((void*)signature.data(), "BROKEN", 6);
2110 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2113 CKM::RawBuffer(message.begin(), message.end()),
2117 "Error=" << CKM::ErrorToString(temp));
2120 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
2123 auto manager = CKM::Manager::create();
2126 "-----BEGIN EC PRIVATE KEY-----\n"
2127 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2128 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2129 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2130 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2131 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2132 "ELyhe7yPCAuOoLZlTLgf\n"
2133 "-----END EC PRIVATE KEY-----\n";
2136 "-----BEGIN CERTIFICATE-----\n"
2137 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2138 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2139 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2140 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2141 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2142 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2143 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2144 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2145 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2146 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2147 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2148 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2149 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2150 "Q1oBry6NEc+lLFmWMDesAA==\n"
2151 "-----END CERTIFICATE-----\n";
2153 std::string message = "message test";
2155 CKM::Alias aliasPub = "pub3";
2156 CKM::Alias aliasPrv = "prv3";
2157 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2158 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2159 CKM::RawBuffer signature;
2161 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2162 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2164 RUNNER_ASSERT_MSG(NULL != cert.get(),
2165 "Key is empty. Failed to import public key.");
2166 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2167 "Key is empty. Failed to import private key.");
2170 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2171 "Error=" << CKM::ErrorToString(temp));
2173 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2174 "Error=" << CKM::ErrorToString(temp));
2177 CKM_API_SUCCESS == (temp = manager->createSignature(
2180 CKM::RawBuffer(message.begin(), message.end()),
2184 "Error=" << CKM::ErrorToString(temp));
2187 CKM_API_SUCCESS == (temp = manager->verifySignature(
2190 CKM::RawBuffer(message.begin(), message.end()),
2194 "Error=" << CKM::ErrorToString(temp));
2196 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2198 memcpy((void*)signature.data(), "BROKEN", 6);
2201 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2204 CKM::RawBuffer(message.begin(), message.end()),
2208 "Error=" << CKM::ErrorToString(temp));
2211 RUNNER_TEST(T1420_deinit)
2214 auto control = CKM::Control::create();
2217 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2218 "Error=" << CKM::ErrorToString(temp));
2220 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2221 "Error=" << CKM::ErrorToString(temp));
2224 RUNNER_TEST(T14180_init)
2227 auto control = CKM::Control::create();
2229 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2230 "Error=" << CKM::ErrorToString(temp));
2232 auto manager = CKM::Manager::create();
2234 // Prepare RSA Key Pair
2235 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2236 "Proc-Type: 4,ENCRYPTED\n"
2237 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2239 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2240 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2241 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2242 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2243 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2244 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2245 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2246 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2247 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2248 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2249 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2250 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2251 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2252 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2253 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2254 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2255 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2256 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2257 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2258 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2259 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2260 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2261 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2262 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2263 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2264 "-----END RSA PRIVATE KEY-----\n";
2266 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2267 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2268 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2269 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2270 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2271 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2272 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2274 "-----END PUBLIC KEY-----\n";
2276 CKM::Alias aliasPub = "pub_nohash1";
2277 CKM::Alias aliasPrv = "prv_nohash1";
2278 CKM::Password password = "1234";
2280 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2281 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2283 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2284 "Key is empty. Failed to import public key.");
2285 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2286 "Key is empty. Failed to import private key.");
2289 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2290 "Error=" << CKM::ErrorToString(temp));
2292 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2293 "Error=" << CKM::ErrorToString(temp));
2295 // Prepare ECDSA Key Pair
2296 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2297 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2298 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2299 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2300 "-----END EC PRIVATE KEY-----\n";
2302 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2303 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2304 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2305 "-----END PUBLIC KEY-----\n";
2307 CKM::Alias aliasEcPub = "ecpub_nohash1";
2308 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2310 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2311 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2313 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2314 "Key is empty. Failed to import public key.");
2315 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2316 "Key is empty. Failed to import private key.");
2319 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2320 "Error=" << CKM::ErrorToString(temp));
2322 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2323 "Error=" << CKM::ErrorToString(temp));
2327 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2330 auto manager = CKM::Manager::create();
2331 std::string message = "message asdfaslkdfjlksadjf test";
2333 CKM::Alias aliasPub = "pub_nohash1";
2334 CKM::Alias aliasPrv = "prv_nohash1";
2336 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2337 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2338 CKM::RawBuffer signature;
2341 CKM_API_SUCCESS == (temp = manager->createSignature(
2344 CKM::RawBuffer(message.begin(), message.end()),
2348 "Error=" << CKM::ErrorToString(temp));
2351 CKM_API_SUCCESS == (temp = manager->verifySignature(
2354 CKM::RawBuffer(message.begin(), message.end()),
2358 "Error=" << CKM::ErrorToString(temp));
2360 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2361 memcpy((void*)signature.data(), "BROKEN", 6);
2364 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2367 CKM::RawBuffer(message.begin(), message.end()),
2371 "Error=" << CKM::ErrorToString(temp));
2374 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2377 auto manager = CKM::Manager::create();
2378 std::string message = "message asdfaslkdfjlksadjf test";
2380 CKM::Alias aliasPub = "pub_nohash1";
2381 CKM::Alias aliasPrv = "prv_nohash1";
2383 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2384 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2385 CKM::RawBuffer signature;
2388 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2391 CKM::RawBuffer(message.begin(), message.end()),
2395 "Error=" << CKM::ErrorToString(temp));
2398 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2401 auto manager = CKM::Manager::create();
2402 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2403 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2404 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2405 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2406 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2407 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2408 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2409 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2410 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2411 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2412 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2413 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2414 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2415 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2416 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2417 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2418 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2419 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2420 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2421 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2423 CKM::Alias aliasPub = "pub_nohash1";
2424 CKM::Alias aliasPrv = "prv_nohash1";
2426 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2427 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2428 CKM::RawBuffer signature;
2431 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2434 CKM::RawBuffer(message.begin(), message.end()),
2438 "Error=" << CKM::ErrorToString(temp));
2442 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2445 auto manager = CKM::Manager::create();
2447 std::string message = "message test";
2449 CKM::Alias aliasPub = "ecpub_nohash1";
2450 CKM::Alias aliasPrv = "ecprv_nohash1";
2451 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2452 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2453 CKM::RawBuffer signature;
2456 CKM_API_SUCCESS == (temp = manager->createSignature(
2459 CKM::RawBuffer(message.begin(), message.end()),
2463 "Error=" << CKM::ErrorToString(temp));
2466 CKM_API_SUCCESS == (temp = manager->verifySignature(
2469 CKM::RawBuffer(message.begin(), message.end()),
2473 "Error=" << CKM::ErrorToString(temp));
2475 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2477 memcpy((void*)signature.data(), "BROKEN", 6);
2480 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2483 CKM::RawBuffer(message.begin(), message.end()),
2487 "Error=" << CKM::ErrorToString(temp));
2490 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2493 auto manager = CKM::Manager::create();
2495 int msgSize = 1024*1024;
2496 char big_msg[msgSize];
2497 for(int i =0; i<msgSize-1; i++) {
2500 big_msg[msgSize-1]=0x00;
2501 std::string message(big_msg);
2503 CKM::Alias aliasPub = "ecpub_nohash1";
2504 CKM::Alias aliasPrv = "ecprv_nohash1";
2505 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2506 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2507 CKM::RawBuffer signature;
2510 CKM_API_SUCCESS == (temp = manager->createSignature(
2513 CKM::RawBuffer(message.begin(), message.end()),
2517 "Error=" << CKM::ErrorToString(temp));
2521 RUNNER_TEST(T14189_deinit)
2524 auto control = CKM::Control::create();
2527 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2528 "Error=" << CKM::ErrorToString(temp));
2530 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2531 "Error=" << CKM::ErrorToString(temp));
2535 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2537 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2540 AccessProvider ap("my-label");
2541 ap.allowAPI("key-manager::api-control", "rw");
2542 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2544 auto control = CKM::Control::create();
2546 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2547 "Error=" << CKM::ErrorToString(tmp));
2550 RUNNER_CHILD_TEST(T1511_insert_data)
2552 AccessProvider ap("my-label");
2553 ap.allowAPI("key-manager::api-storage", "rw");
2554 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2556 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2557 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2558 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2559 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2560 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2561 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2562 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2563 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2564 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2565 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2566 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2567 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2568 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2569 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2570 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2571 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2572 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2573 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2574 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2575 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2576 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2577 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2578 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2579 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2580 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2581 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2582 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2583 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2584 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2585 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2586 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2587 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2589 "-----END CERTIFICATE-----\n";
2592 "-----BEGIN CERTIFICATE-----\n"
2593 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
2594 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2595 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
2596 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
2597 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
2598 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
2599 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
2600 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
2601 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
2602 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
2603 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
2604 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
2605 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
2606 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
2607 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
2608 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
2609 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
2610 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
2611 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
2612 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
2613 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
2614 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
2615 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
2616 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
2617 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
2618 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
2619 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
2620 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
2621 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
2622 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
2623 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
2624 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
2625 "-----END CERTIFICATE-----\n";
2627 auto manager = CKM::Manager::create();
2628 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2629 auto certim = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2631 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2632 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2635 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2636 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2639 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2640 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2643 RUNNER_CHILD_TEST(T1519_deinit)
2646 AccessProvider ap("my-label");
2647 ap.allowAPI("key-manager::api-control", "rw");
2648 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2650 auto control = CKM::Control::create();
2652 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2653 "Error=" << CKM::ErrorToString(tmp));
2657 RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
2659 RUNNER_CHILD_TEST(T1610_init_lock_key)
2662 AccessProvider ap("my-label");
2663 ap.allowAPI("key-manager::api-control", "rw");
2664 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2666 auto control = CKM::Control::create();
2668 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
2669 "Error=" << CKM::ErrorToString(tmp));
2671 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2672 "Error=" << CKM::ErrorToString(tmp));
2675 RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
2677 AccessProvider ap("my-label");
2678 ap.allowAPI("key-manager::api-storage", "rw");
2679 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2682 auto manager = CKM::Manager::create();
2684 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2685 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2686 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2687 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2688 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2689 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2690 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2692 "-----END PUBLIC KEY-----";
2694 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2695 auto key = CKM::Key::create(buffer, CKM::Password());
2697 CKM::Alias alias = "mykey_defpasswd";
2700 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
2701 "Error=" << CKM::ErrorToString(temp));
2703 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
2704 "Error=" << CKM::ErrorToString(temp));
2706 key->getDER() == key2->getDER(),
2707 "Key value has been changed by service");
2709 std::string invalid_address = aliasWithLabel("i-do-not-exist", alias.c_str());
2711 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
2712 "Error=" << CKM::ErrorToString(temp));
2714 CKM_API_SUCCESS == (temp = manager->removeAlias(alias)),
2715 "Error=" << CKM::ErrorToString(temp));
2718 RUNNER_CHILD_TEST(T1612_init_change_user_password)
2721 AccessProvider ap("my-label");
2722 ap.allowAPI("key-manager::api-control", "rw");
2723 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2725 auto control = CKM::Control::create();
2727 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
2728 "Error=" << CKM::ErrorToString(tmp));
2729 // confirm changed password
2731 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_APP,"user-pass")),
2732 CKM::ErrorToString(tmp));
2734 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2735 CKM::ErrorToString(tmp));
2738 RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
2740 AccessProvider ap("my-label");
2741 ap.allowAPI("key-manager::api-storage", "rw");
2742 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2745 auto manager = CKM::Manager::create();
2747 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2748 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2749 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2750 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2751 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2752 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2753 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2755 "-----END PUBLIC KEY-----";
2757 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2758 auto key = CKM::Key::create(buffer, CKM::Password());
2760 CKM::Alias alias = "mykey_defpasswd";
2763 CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
2764 "Error=" << CKM::ErrorToString(temp));
2766 CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
2767 "Error=" << CKM::ErrorToString(temp));
2769 CKM_API_ERROR_DB_LOCKED == (temp = manager->removeAlias(alias)),
2770 "Error=" << CKM::ErrorToString(temp));
2773 RUNNER_CHILD_TEST(T1619_deinit)
2775 AccessProvider ap("my-label");
2776 ap.allowAPI("key-manager::api-control", "rw");
2777 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2780 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2782 RUNNER_TEST(T1701_init_unlock_key)
2785 auto control = CKM::Control::create();
2787 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2788 "Error=" << CKM::ErrorToString(tmp));
2791 RUNNER_CHILD_TEST(T1702_insert_data)
2794 AccessProvider ap("t170-special-label");
2795 ap.allowAPI("key-manager::api-storage", "rw");
2796 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2798 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2799 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2800 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2801 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2802 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2803 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2804 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2805 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2806 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2807 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2808 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2809 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2810 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2811 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2812 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2813 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2814 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2815 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2816 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2817 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2818 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2819 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2820 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2821 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2822 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2823 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2824 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2825 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2826 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2827 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2828 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2829 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2831 "-----END CERTIFICATE-----\n";
2833 auto manager = CKM::Manager::create();
2834 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2836 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2839 CKM_API_SUCCESS == status1,
2840 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2842 CKM::AliasVector av;
2844 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2845 "Error=" << CKM::ErrorToString(temp));
2847 1 == (temp = av.size()),
2848 "Vector size: " << temp << ". Expected: 1");
2851 RUNNER_TEST(T1703_removeApplicationData)
2854 auto control = CKM::Control::create();
2856 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2857 "Error=" << CKM::ErrorToString(tmp));
2860 RUNNER_CHILD_TEST(T1704_data_test)
2863 AccessProvider ap("t170-special-label");
2864 ap.allowAPI("key-manager::api-storage", "rw");
2865 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2867 CKM::AliasVector av;
2868 auto manager = CKM::Manager::create();
2871 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2872 "Error=" << CKM::ErrorToString(temp));
2874 0 == (temp = av.size()),
2875 "Vector size: " << temp << ". Expected: 0");
2878 RUNNER_TEST(T1705_deinit)
2882 auto control = CKM::Control::create();
2884 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2885 "Error=" << CKM::ErrorToString(tmp));
2887 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2888 "Error=" << CKM::ErrorToString(tmp));
2891 RUNNER_TEST(T17101_init)
2895 auto control = CKM::Control::create();
2897 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2898 "Error=" << CKM::ErrorToString(tmp));
2900 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2901 "Error=" << CKM::ErrorToString(tmp));
2903 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2904 "Error=" << CKM::ErrorToString(tmp));
2907 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2908 "Error=" << CKM::ErrorToString(tmp));
2910 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2911 "Error=" << CKM::ErrorToString(tmp));
2913 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2914 "Error=" << CKM::ErrorToString(tmp));
2917 RUNNER_CHILD_TEST(T17102_prep_data_01)
2920 AccessProvider ap("t1706-special-label");
2921 ap.allowAPI("key-manager::api-storage", "rw");
2922 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2924 CKM::AliasVector av;
2925 auto manager = CKM::Manager::create();
2927 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2929 CKM::RawBuffer buffer(data.begin(), data.end());
2930 CKM::Policy exportable(CKM::Password(), true);
2933 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
2934 "Error=" << CKM::ErrorToString(temp));
2937 RUNNER_CHILD_TEST(T17103_prep_data_02)
2940 AccessProvider ap("t1706-special-label2");
2941 ap.allowAPI("key-manager::api-storage", "rw");
2942 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
2944 CKM::AliasVector av;
2945 auto manager = CKM::Manager::create();
2947 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2949 CKM::RawBuffer buffer(data.begin(), data.end());
2950 CKM::Policy exportable(CKM::Password(), true);
2953 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
2954 "Error=" << CKM::ErrorToString(temp));
2957 RUNNER_CHILD_TEST(T17104_prep_data_03)
2960 AccessProvider ap("t1706-special-label");
2961 ap.allowAPI("key-manager::api-storage", "rw");
2962 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2964 CKM::AliasVector av;
2965 auto manager = CKM::Manager::create();
2967 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2969 CKM::RawBuffer buffer(data.begin(), data.end());
2970 CKM::Policy exportable(CKM::Password(), true);
2973 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
2974 "Error=" << CKM::ErrorToString(temp));
2977 RUNNER_CHILD_TEST(T17105_prep_data_04)
2980 AccessProvider ap("t1706-special-label2");
2981 ap.allowAPI("key-manager::api-storage", "rw");
2982 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
2984 CKM::AliasVector av;
2985 auto manager = CKM::Manager::create();
2987 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
2989 CKM::RawBuffer buffer(data.begin(), data.end());
2990 CKM::Policy exportable(CKM::Password(), true);
2993 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
2994 "Error=" << CKM::ErrorToString(temp));
2997 RUNNER_TEST(T17106_remove_application)
3001 auto control = CKM::Control::create();
3003 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3004 "Error=" << CKM::ErrorToString(tmp));
3006 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
3007 "Error=" << CKM::ErrorToString(tmp));
3010 RUNNER_CHILD_TEST(T17107_check_data_01)
3013 AccessProvider ap("t1706-special-label");
3014 ap.allowAPI("key-manager::api-storage", "rw");
3015 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3017 CKM::AliasVector av;
3018 auto manager = CKM::Manager::create();
3021 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3022 "Error=" << CKM::ErrorToString(temp));
3024 0 == (temp = av.size()),
3025 "Vector size: " << temp << ". Expected: 0");
3028 RUNNER_CHILD_TEST(T17108_check_data_02)
3031 AccessProvider ap("t1706-special-label2");
3032 ap.allowAPI("key-manager::api-storage", "rw");
3033 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3035 CKM::AliasVector av;
3036 auto manager = CKM::Manager::create();
3039 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3040 "Error=" << CKM::ErrorToString(temp));
3042 1 == (temp = av.size()),
3043 "Vector size: " << temp << ". Expected: 1");
3046 RUNNER_TEST(T17109_unlock_user2)
3050 auto control = CKM::Control::create();
3052 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
3053 "Error=" << CKM::ErrorToString(tmp));
3056 RUNNER_CHILD_TEST(T17110_check_data_03)
3059 AccessProvider ap("t1706-special-label");
3060 ap.allowAPI("key-manager::api-storage", "rw");
3061 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3063 CKM::AliasVector av;
3064 auto manager = CKM::Manager::create();
3067 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3068 "Error=" << CKM::ErrorToString(temp));
3070 0 == (temp = av.size()),
3071 "Vector size: " << temp << ". Expected: 0");
3074 RUNNER_CHILD_TEST(T17111_check_data_04)
3077 AccessProvider ap("t1706-special-label2");
3078 ap.allowAPI("key-manager::api-storage", "rw");
3079 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3081 CKM::AliasVector av;
3082 auto manager = CKM::Manager::create();
3085 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3086 "Error=" << CKM::ErrorToString(temp));
3088 1 == (temp = av.size()),
3089 "Vector size: " << temp << ". Expected: 1");
3092 RUNNER_TEST(T17112_deinit)
3096 auto control = CKM::Control::create();
3098 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
3099 "Error=" << CKM::ErrorToString(tmp));
3101 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
3102 "Error=" << CKM::ErrorToString(tmp));
3105 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3106 "Error=" << CKM::ErrorToString(tmp));
3108 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
3109 "Error=" << CKM::ErrorToString(tmp));
3112 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
3116 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
3117 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
3118 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
3119 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
3120 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
3123 RUNNER_TEST(T1800_init) {
3125 auto control = CKM::Control::create();
3127 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
3128 "Error=" << CKM::ErrorToString(temp));
3130 auto manager = CKM::Manager::create();
3131 manager->removeAlias(alias_PKCS_collision);
3132 manager->removeAlias(alias_PKCS_exportable);
3133 manager->removeAlias(alias_PKCS_not_exportable);
3134 manager->removeAlias(alias_PKCS_priv_key_copy);
3135 manager->removeAlias(alias_PKCS_priv_key_wrong);
3138 RUNNER_TEST(T1801_parse_PKCS12) {
3139 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3140 std::istreambuf_iterator<char> begin(is), end;
3141 std::vector<char> buff(begin, end);
3143 CKM::RawBuffer buffer(buff.size());
3144 memcpy(buffer.data(), buff.data(), buff.size());
3146 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3149 "Error in PKCS12::create()");
3151 auto cert = pkcs->getCertificate();
3154 "Error in PKCS12::getCertificate()");
3156 auto key = pkcs->getKey();
3159 "Error in PKCS12::getKey()");
3161 auto caVector = pkcs->getCaCertificateShPtrVector();
3163 0 == caVector.size(),
3164 "Wrong size of vector");
3167 RUNNER_TEST(T1802_negative_wrong_password) {
3168 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3169 std::istreambuf_iterator<char> begin(is), end;
3170 std::vector<char> buff(begin, end);
3172 CKM::RawBuffer buffer(buff.size());
3173 memcpy(buffer.data(), buff.data(), buff.size());
3175 auto pkcs = CKM::PKCS12::create(buffer, "error");
3178 "Expected error in PKCS12::create()");
3181 RUNNER_TEST(T1803_negative_broken_buffer) {
3182 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3183 std::istreambuf_iterator<char> begin(is), end;
3184 std::vector<char> buff(begin, end);
3186 CKM::RawBuffer buffer(buff.size());
3187 memcpy(buffer.data(), buff.data(), buff.size());
3189 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
3192 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3195 "Expected error in PKCS12::create()");
3198 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
3200 auto manager = CKM::Manager::create();
3201 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3202 std::istreambuf_iterator<char> begin(is), end;
3203 std::vector<char> buff(begin, end);
3205 CKM::RawBuffer buffer(buff.size());
3206 memcpy(buffer.data(), buff.data(), buff.size());
3208 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3211 "Error in PKCS12::create()");
3214 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3215 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3216 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3217 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3218 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3219 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3220 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3221 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3222 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3223 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3224 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3225 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3226 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3227 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3228 "-----END RSA PRIVATE KEY-----\n";
3230 std::string message = "message test";
3232 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3233 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3234 "Key is empty. Failed to import private key.");
3238 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
3239 "Error=" << CKM::ErrorToString(temp));
3242 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
3243 "Error=" << CKM::ErrorToString(temp));
3246 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
3248 auto manager = CKM::Manager::create();
3249 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3250 std::istreambuf_iterator<char> begin(is), end;
3251 std::vector<char> buff(begin, end);
3253 CKM::RawBuffer buffer(buff.size());
3254 memcpy(buffer.data(), buff.data(), buff.size());
3256 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3259 "Error in PKCS12::create()");
3261 auto cert = pkcs->getCertificate();
3264 "Error in PKCS12::getCertificate()");
3266 auto key = pkcs->getKey();
3269 "Error in PKCS12::getKey()");
3271 auto caVector = pkcs->getCaCertificateShPtrVector();
3273 2 == caVector.size(),
3274 "Wrong size of vector");
3278 CKM::Policy exportable;
3279 CKM::Policy notExportable(CKM::Password(), false);
3282 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3283 "Error=" << CKM::ErrorToString(tmp));
3285 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3286 "Error=" << CKM::ErrorToString(tmp));
3288 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3289 "Error=" << CKM::ErrorToString(tmp));
3291 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3292 "Error=" << CKM::ErrorToString(tmp));
3294 // try to lookup key
3295 CKM::KeyShPtr key_lookup;
3297 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3298 "Error=" << CKM::ErrorToString(tmp));
3300 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3301 "Error=" << CKM::ErrorToString(tmp));
3303 // try to lookup certificate
3304 CKM::CertificateShPtr cert_lookup;
3306 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3307 "Error=" << CKM::ErrorToString(tmp));
3309 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3310 "Error=" << CKM::ErrorToString(tmp));
3313 RUNNER_TEST(T1806_get_PKCS)
3316 auto manager = CKM::Manager::create();
3318 CKM::PKCS12ShPtr pkcs;
3322 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
3323 "Error=" << CKM::ErrorToString(temp));
3325 // fail - not exportable
3327 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
3328 "Error=" << CKM::ErrorToString(temp));
3330 // success - exportable
3332 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3333 "Error=" << CKM::ErrorToString(temp));
3335 auto cert = pkcs->getCertificate();
3338 "Error in PKCS12::getCertificate()");
3340 auto key = pkcs->getKey();
3343 "Error in PKCS12::getKey()");
3345 auto caVector = pkcs->getCaCertificateShPtrVector();
3347 2 == caVector.size(),
3348 "Wrong size of vector");
3351 RUNNER_TEST(T1807_create_and_verify_signature)
3354 auto manager = CKM::Manager::create();
3356 std::string message = "message test";
3358 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3359 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3360 CKM::RawBuffer signature;
3363 CKM_API_SUCCESS == (temp = manager->createSignature(
3364 alias_PKCS_exportable,
3366 CKM::RawBuffer(message.begin(), message.end()),
3370 "Error=" << CKM::ErrorToString(temp));
3373 CKM_API_SUCCESS == (temp = manager->verifySignature(
3374 alias_PKCS_exportable,
3376 CKM::RawBuffer(message.begin(), message.end()),
3380 "Error=" << CKM::ErrorToString(temp));
3383 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3386 auto manager = CKM::Manager::create();
3388 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3389 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3390 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3391 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3392 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3393 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3394 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3395 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3396 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3397 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3398 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3399 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3400 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3401 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3402 "-----END RSA PRIVATE KEY-----";
3403 std::string message = "message test";
3405 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3406 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3407 "Key is empty. Failed to import private key.");
3410 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3411 "Error=" << CKM::ErrorToString(temp));
3413 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3414 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3415 CKM::RawBuffer signature;
3418 CKM_API_SUCCESS == (temp = manager->createSignature(
3419 alias_PKCS_priv_key_copy,
3421 CKM::RawBuffer(message.begin(), message.end()),
3425 "Error=" << CKM::ErrorToString(temp));
3428 CKM_API_SUCCESS == (temp = manager->verifySignature(
3429 alias_PKCS_exportable,
3431 CKM::RawBuffer(message.begin(), message.end()),
3435 "Error=" << CKM::ErrorToString(temp));
3438 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3441 auto manager = CKM::Manager::create();
3443 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3444 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3445 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3446 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3447 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3448 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3449 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3450 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3451 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3452 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3453 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3454 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3455 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3456 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3457 "-----END RSA PRIVATE KEY-----\n";
3459 std::string message = "message test";
3461 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3462 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3463 "Key is empty. Failed to import private key.");
3466 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3467 "Error=" << CKM::ErrorToString(temp));
3469 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3470 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3471 CKM::RawBuffer signature;
3474 CKM_API_SUCCESS == (temp = manager->createSignature(
3475 alias_PKCS_priv_key_wrong,
3477 CKM::RawBuffer(message.begin(), message.end()),
3481 "Error=" << CKM::ErrorToString(temp));
3484 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3485 alias_PKCS_exportable,
3487 CKM::RawBuffer(message.begin(), message.end()),
3491 "Error=" << CKM::ErrorToString(temp));
3494 RUNNER_TEST(T1810_verify_get_certificate_chain)
3496 // this certificate has been signed using PKCS chain
3497 std::string im = "-----BEGIN CERTIFICATE-----\n"
3498 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3499 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3500 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3501 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3502 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3503 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3504 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3505 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3506 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3508 "-----END CERTIFICATE-----\n";
3510 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3511 CKM::CertificateShPtrVector certChain;
3512 CKM::AliasVector aliasVector;
3515 auto manager = CKM::Manager::create();
3517 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3519 tmp = manager->getCertificateChain(cert,
3524 RUNNER_ASSERT_MSG_BT(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3525 "Error=" << CKM::ErrorToString(tmp));
3528 0 == certChain.size(),
3529 "Wrong size of certificate chain.");
3531 aliasVector.push_back(alias_PKCS_exportable);
3533 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3534 RUNNER_ASSERT_MSG_BT(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3536 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3537 RUNNER_ASSERT_MSG_BT(
3538 4 == certChain.size(),
3539 "Wrong size of certificate chain: " << certChain.size());
3542 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3544 auto manager = CKM::Manager::create();
3548 // remove the whole PKCS12 bundles
3550 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3551 "Error=" << CKM::ErrorToString(tmp));
3553 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3554 "Error=" << CKM::ErrorToString(tmp));
3556 // expect lookup fails due to unknown alias
3557 // try to lookup key
3558 CKM::KeyShPtr key_lookup;
3560 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3561 "Error=" << CKM::ErrorToString(tmp));
3563 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3564 "Error=" << CKM::ErrorToString(tmp));
3566 // try to lookup certificate
3567 CKM::CertificateShPtr cert_lookup;
3569 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3570 "Error=" << CKM::ErrorToString(tmp));
3572 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3573 "Error=" << CKM::ErrorToString(tmp));
3576 RUNNER_TEST(T1812_negative_get_pkcs12_wrong_password)
3578 CKM::Alias alias = "t1812alias1";
3580 auto manager = CKM::Manager::create();
3581 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3582 std::istreambuf_iterator<char> begin(is), end;
3583 std::vector<char> buff(begin, end);
3585 CKM::PKCS12ShPtr pkcs12;
3587 CKM::RawBuffer buffer(buff.size());
3588 memcpy(buffer.data(), buff.data(), buff.size());
3590 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3591 RUNNER_ASSERT_MSG_BT(
3593 "Error in PKCS12::create()");
3596 RUNNER_ASSERT_MSG_BT(
3597 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy("easypass"), CKM::Policy("easypass"))),
3598 "Error=" << CKM::ErrorToString(temp));
3600 RUNNER_ASSERT_MSG_BT(
3601 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3602 "Error=" << CKM::ErrorToString(temp));
3605 RUNNER_TEST(T1813_deinit)
3608 auto control = CKM::Control::create();
3611 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3612 "Error=" << CKM::ErrorToString(temp));
3615 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3617 RUNNER_TEST(T1901_init_unlock_key)
3620 auto control = CKM::Control::create();
3622 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3623 "Error=" << CKM::ErrorToString(tmp));
3625 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3626 "Error=" << CKM::ErrorToString(tmp));
3628 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3629 "Error=" << CKM::ErrorToString(tmp));
3632 RUNNER_TEST(T1902_get_data)
3634 auto manager = CKM::Manager::create();
3637 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3640 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3641 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3644 RUNNER_TEST(T1903_lock_database)
3647 auto control = CKM::Control::create();
3649 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3650 "Error=" << CKM::ErrorToString(tmp));
3653 RUNNER_TEST(T1904_get_data_from_locked_database)
3655 auto manager = CKM::Manager::create();
3658 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3661 CKM_API_ERROR_DB_LOCKED == status1,
3662 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3665 RUNNER_TEST(T1905_deinit)
3668 auto control = CKM::Control::create();
3670 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3671 "Error=" << CKM::ErrorToString(tmp));
3674 int main(int argc, char *argv[])
3676 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3677 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);