3 #include <dpl/test/test_runner.h>
4 #include <dpl/test/test_runner_child.h>
6 #include <tests_common.h>
7 #include <access_provider2.h>
9 #include <ckm-common.h>
10 #include <ckm/ckm-manager.h>
11 #include <ckm/ckm-control.h>
12 #include <ckm/ckm-password.h>
13 #include <ckm/ckm-type.h>
14 #include <ckm/ckm-pkcs12.h>
18 #include <openssl/x509.h>
19 #include <openssl/x509v3.h>
21 #include <dpl/log/log.h>
24 const int USER_APP = 5000;
25 const int GROUP_APP = 5000;
26 const int USER_TEST = 5001;
28 const CKM::CertificateShPtrVector EMPTY_CERT_VECTOR;
29 const CKM::AliasVector EMPTY_ALIAS_VECTOR;
30 } // namespace anonymous
33 * How to numerate tests:
35 * T - test case (always T)
36 * AB - number of test group (always two digits)
37 * C - test number in group (all tests with same TABC must be run in the same time).
41 RUNNER_TEST_GROUP_INIT(A_T0010_CKM_OPENSSL_INIT);
42 RUNNER_TEST(A_T0011_OpenSSL_not_init_client_parse_PKCS) {
43 stop_service(MANAGER);
44 start_service(MANAGER);
46 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
47 std::istreambuf_iterator<char> begin(is), end;
48 std::vector<char> buff(begin, end);
50 CKM::RawBuffer buffer(buff.size());
51 memcpy(buffer.data(), buff.data(), buff.size());
53 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
56 "Error in PKCS12::create()");
58 // all further tests will start with newly started service,
59 // OpenSSL on the service side will have to be properly initialized too
60 stop_service(MANAGER);
61 start_service(MANAGER);
64 RUNNER_TEST_GROUP_INIT(T0010_CKM_CONTROL);
66 RUNNER_TEST(T0011_Control)
69 auto control = CKM::Control::create();
71 control->removeUserData(0);
72 control->removeUserData(20);
73 control->removeUserData(USER_APP);
76 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
77 "Error=" << CKM::ErrorToString(temp));
80 RUNNER_TEST(T0012_Control)
83 auto control = CKM::Control::create();
85 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
86 "Error=" << CKM::ErrorToString(temp));
88 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
89 "Error=" << CKM::ErrorToString(temp));
92 RUNNER_TEST(T0013_Control)
95 auto control = CKM::Control::create();
97 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
98 "Error=" << CKM::ErrorToString(temp));
101 RUNNER_TEST(T0014_Control)
104 auto control = CKM::Control::create();
106 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
107 "Error=" << CKM::ErrorToString(temp));
110 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "simple-password")),
111 "Error=" << CKM::ErrorToString(temp));
114 CKM_API_SUCCESS == (temp = control->resetUserPassword(14, "something")),
115 "Error=" << CKM::ErrorToString(temp));
118 CKM_API_SUCCESS == (temp = control->unlockUserKey(14, "test-pass")),
119 "Error=" << CKM::ErrorToString(temp));
122 CKM_API_SUCCESS == (temp = control->lockUserKey(14)),
123 "Error=" << CKM::ErrorToString(temp));
126 CKM_API_ERROR_BAD_REQUEST == (temp = control->resetUserPassword(14, "something")),
127 "Error=" << CKM::ErrorToString(temp));
130 CKM_API_SUCCESS == (temp = control->removeUserData(14)),
131 "Error=" << CKM::ErrorToString(temp));
134 RUNNER_TEST(T0015_Control)
137 auto control = CKM::Control::create();
139 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
140 "Error=" << CKM::ErrorToString(temp));
142 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
143 "Error=" << CKM::ErrorToString(temp));
145 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
146 "Error=" << CKM::ErrorToString(temp));
148 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
149 "Error=" << CKM::ErrorToString(temp));
152 RUNNER_TEST(T0016_Control_negative_wrong_password)
155 auto control = CKM::Control::create();
157 CKM_API_SUCCESS == (temp = control->unlockUserKey(20, "test-pass")),
158 "Error=" << CKM::ErrorToString(temp));
160 CKM_API_SUCCESS == (temp = control->changeUserPassword(20, "test-pass", "new-pass")),
161 "Error=" << CKM::ErrorToString(temp));
163 CKM_API_SUCCESS == (temp = control->lockUserKey(20)),
164 "Error=" << CKM::ErrorToString(temp));
166 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = control->unlockUserKey(20, "incorrect-password")),
167 "Error=" << CKM::ErrorToString(temp));
169 CKM_API_SUCCESS == (temp = control->removeUserData(20)),
170 "Error=" << CKM::ErrorToString(temp));
173 RUNNER_TEST_GROUP_INIT(T101_CKM_QUICK_SET_GET_TESTS);
175 RUNNER_TEST(T1010_init)
178 auto control = CKM::Control::create();
180 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "simple-password")),
181 "Error=" << CKM::ErrorToString(temp));
183 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
184 "Error=" << CKM::ErrorToString(temp));
187 RUNNER_TEST(T1011_key)
190 auto manager = CKM::Manager::create();
192 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
193 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
194 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
195 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
196 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
197 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
198 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
200 "-----END PUBLIC KEY-----";
202 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
203 auto key = CKM::Key::create(buffer, CKM::Password());
205 CKM::Alias alias = "mykey";
208 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
209 "Error=" << CKM::ErrorToString(temp));
211 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
212 "Error=" << CKM::ErrorToString(temp));
214 key->getDER() == key2->getDER(),
215 "Key value has been changed by service");
218 RUNNER_TEST(T1012_certificate)
221 auto manager = CKM::Manager::create();
223 std::string certPem =
224 "-----BEGIN CERTIFICATE-----\n"
225 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
226 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
227 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
228 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
229 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
230 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
231 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
232 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
233 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
234 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
235 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
236 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
237 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
238 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
239 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
240 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
241 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
242 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
243 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
244 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
245 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
246 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
247 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
248 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
250 "-----END CERTIFICATE-----\n";
252 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
253 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
254 CKM::CertificateShPtr cert2;
255 CKM::Alias alias = "myCert";
258 CKM_API_SUCCESS == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
259 "Error=" << CKM::ErrorToString(temp));
261 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, CKM::Password(), cert2)),
262 "Error=" << CKM::ErrorToString(temp));
264 cert->getDER() == cert2->getDER(),
265 "Data has been modified in key manager");
268 RUNNER_CHILD_TEST(T1013_user_app_save_key)
270 AccessProvider ap("mylabel");
271 ap.allowAPI("key-manager::api-storage", "rw");
272 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
274 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
275 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
276 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
277 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
278 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
279 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
280 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
282 "-----END PUBLIC KEY-----";
285 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
286 auto key = CKM::Key::create(buffer, CKM::Password());
288 CKM::Alias alias = "mykey";
289 auto manager = CKM::Manager::create();
292 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy("x"))),
293 "Error=" << CKM::ErrorToString(temp));
295 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password("x"), key2)),
296 "Error=" << CKM::ErrorToString(temp));
298 key->getDER() == key2->getDER(), "Key value has been changed by service");
301 RUNNER_TEST(T1014_save_with_label)
304 auto manager = CKM::Manager::create();
306 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
307 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
308 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
309 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
310 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
311 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
312 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
314 "-----END PUBLIC KEY-----";
316 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
317 auto key = CKM::Key::create(buffer, CKM::Password());
318 CKM::KeyShPtr key_name, key_full_addr;
319 CKM::Alias alias = "mykey-2";
320 CharPtr top_label = get_label();
321 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
324 CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),
325 "Error=" << CKM::ErrorToString(temp));
329 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key_name)),
330 "Error=" << CKM::ErrorToString(temp));
332 key->getDER() == key_name->getDER(),
333 "Key value has been changed by service");
335 // lookup by full address
337 CKM_API_SUCCESS == (temp = manager->getKey(full_address, CKM::Password(), key_full_addr)),
338 "Error=" << CKM::ErrorToString(temp));
340 key->getDER() == key_full_addr->getDER(),
341 "Key value has been changed by service");
344 RUNNER_TEST(T1015_deinit)
347 auto control = CKM::Control::create();
350 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
351 "Error=" << CKM::ErrorToString(temp));
353 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
354 "Error=" << CKM::ErrorToString(temp));
356 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
357 "Error=" << CKM::ErrorToString(temp));
359 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
360 "Error=" << CKM::ErrorToString(temp));
363 RUNNER_TEST_GROUP_INIT(T102_CKM_QUICK_GET_ALIAS_TESTS);
365 RUNNER_TEST(T1020_init)
368 auto control = CKM::Control::create();
370 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
371 "Error=" << CKM::ErrorToString(temp));
373 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
374 "Error=" << CKM::ErrorToString(temp));
377 RUNNER_TEST(T1021_save_keys_get_alias)
380 auto manager = CKM::Manager::create();
382 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
383 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
384 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
385 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
386 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
387 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
388 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
390 "-----END PUBLIC KEY-----";
392 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
393 auto key = CKM::Key::create(buffer, CKM::Password());
394 CKM::AliasVector labelAliasVector;
397 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey1", key, CKM::Policy())),
398 "Error=" << CKM::ErrorToString(temp));
400 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey2", key, CKM::Policy())),
401 "Error=" << CKM::ErrorToString(temp));
403 CKM_API_SUCCESS == (temp = manager->saveKey("rootkey3", key, CKM::Policy(CKM::Password(), false))),
404 "Error=" << CKM::ErrorToString(temp));
406 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
407 "Error=" << CKM::ErrorToString(temp));
409 labelAliasVector.size() == 3,
410 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
413 RUNNER_CHILD_TEST(T1022_app_user_save_keys_get_alias)
415 AccessProvider ap("mylabel");
416 ap.allowAPI("key-manager::api-storage", "rw");
417 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
420 auto manager = CKM::Manager::create();
422 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
423 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
424 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
425 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
426 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
427 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
428 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
430 "-----END PUBLIC KEY-----";
432 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
433 auto key = CKM::Key::create(buffer, CKM::Password());
434 CKM::AliasVector labelAliasVector;
437 CKM_API_SUCCESS == (temp = manager->saveKey("appkey1", key, CKM::Policy())),
438 "Error=" << CKM::ErrorToString(temp));
440 CKM_API_SUCCESS == (temp = manager->saveKey("appkey2", key, CKM::Policy())),
441 "Error=" << CKM::ErrorToString(temp));
443 CKM_API_SUCCESS == (temp = manager->saveKey("appkey3", key, CKM::Policy(CKM::Password(), false))),
444 "Error=" << CKM::ErrorToString(temp));
446 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(labelAliasVector)),
447 "Error=" << CKM::ErrorToString(temp));
449 labelAliasVector.size() == 3,
450 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
453 RUNNER_CHILD_TEST(T1023_app_user_save_keys_exportable_flag)
455 AccessProvider ap("mylabel");
456 ap.allowAPI("key-manager::api-storage", "rw");
457 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
460 auto manager = CKM::Manager::create();
462 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
463 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
464 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
465 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
466 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
467 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
468 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
470 "-----END PUBLIC KEY-----";
472 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
473 auto key = CKM::Key::create(buffer, CKM::Password());
474 CKM::AliasVector aliasVector;
475 CKM::Policy notExportable(CKM::Password(), false);
478 CKM_API_SUCCESS == (temp = manager->saveKey("appkey4", key, notExportable)),
479 "Error=" << CKM::ErrorToString(temp));
481 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getKey("appkey4", CKM::Password(), key)),
482 "Error=" << CKM::ErrorToString(temp));
484 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data3", buffer, notExportable)),
485 "Error=" << CKM::ErrorToString(temp));
488 RUNNER_TEST(T1029_deinit)
491 auto control = CKM::Control::create();
494 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
495 "Error=" << CKM::ErrorToString(temp));
497 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
498 "Error=" << CKM::ErrorToString(temp));
500 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
501 "Error=" << CKM::ErrorToString(temp));
503 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
504 "Error=" << CKM::ErrorToString(temp));
507 RUNNER_TEST_GROUP_INIT(T103_CKM_QUICK_REMOVE_BIN_DATA_TEST);
509 RUNNER_TEST(T1030_init)
512 auto control = CKM::Control::create();
514 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
515 "Error=" << CKM::ErrorToString(temp));
517 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
518 "Error=" << CKM::ErrorToString(temp));
521 RUNNER_TEST(T1031_save_get_bin_data)
524 auto manager = CKM::Manager::create();
526 std::string binData1 = "My bin data1";
527 std::string binData2 = "My bin data2";
528 std::string binData3 = "My bin data3";
530 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
531 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
532 CKM::RawBuffer buffer3(binData3.begin(), binData3.end());
534 CKM::AliasVector labelAliasVector;
537 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer1, CKM::Policy())),
538 "Error=" << CKM::ErrorToString(temp));
540 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer2, CKM::Policy())),
541 "Error=" << CKM::ErrorToString(temp));
543 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer3, CKM::Policy(CKM::Password(), true))),
544 "Error=" << CKM::ErrorToString(temp));
546 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData("data4", buffer3, CKM::Policy(CKM::Password(), false))),
547 "Error=" << CKM::ErrorToString(temp));
549 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
550 "Error=" << CKM::ErrorToString(temp));
552 labelAliasVector.size() == 3,
553 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
555 CKM::RawBuffer buffer;
557 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
558 "Error=" << CKM::ErrorToString(temp));
564 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password("Password"), buffer)),
565 "The wrong password should be ignored because non was used in saveData. Error=" << CKM::ErrorToString(temp));
568 RUNNER_CHILD_TEST(T1032_app_user_save_bin_data)
570 AccessProvider ap("mylabel");
571 ap.allowAPI("key-manager::api-storage", "rw");
572 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
575 auto manager = CKM::Manager::create();
577 std::string binData = "My bin data";
579 CKM::RawBuffer buffer(binData.begin(), binData.end());
581 CKM::AliasVector labelAliasVector;
584 CKM_API_SUCCESS == (temp = manager->saveData("appdata1", buffer, CKM::Policy())),
585 "Error=" << CKM::ErrorToString(temp));
587 CKM_API_SUCCESS == (temp = manager->saveData("appdata2", buffer, CKM::Policy())),
588 "Error=" << CKM::ErrorToString(temp));
590 CKM_API_SUCCESS == (temp = manager->saveData("appdata3", buffer, CKM::Policy(CKM::Password(), true))),
591 "Error=" << CKM::ErrorToString(temp));
593 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
594 "Error=" << CKM::ErrorToString(temp));
596 labelAliasVector.size() == 3,
597 "Wrong size of list: " << labelAliasVector.size() << " Expected: 3");
600 RUNNER_TEST(T1033_remove_bin_data)
603 auto manager = CKM::Manager::create();
605 std::string binData2 = "My bin data2";
606 CKM::RawBuffer buffer2(binData2.begin(), binData2.end());
608 CKM::AliasVector labelAliasVector;
610 std::string invalid_address = aliasWithLabel("i-do-not-exist", "data1");
612 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
613 "Error=" << CKM::ErrorToString(temp));
615 CKM_API_SUCCESS == (temp = manager->removeAlias("data1")),
616 "Error=" << CKM::ErrorToString(temp));
618 CKM_API_SUCCESS == (temp = manager->removeAlias("data3")),
619 "Error=" << CKM::ErrorToString(temp));
621 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(labelAliasVector)),
622 "Error=" << CKM::ErrorToString(temp));
624 labelAliasVector.size() == 1,
625 "Wrong size of list: " << labelAliasVector.size() << " Expected: 1");
627 CKM::RawBuffer buffer;
629 CKM_API_SUCCESS == (temp = manager->getData("data2", CKM::Password(), buffer)),
630 "Error=" << CKM::ErrorToString(temp));
635 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData("data3", CKM::Password(), buffer)),
636 "Error=" << CKM::ErrorToString(temp));
639 RUNNER_TEST(T1034_getData_wrong_password)
642 auto manager = CKM::Manager::create();
644 std::string binData1 = "My bin data4";
646 CKM::RawBuffer buffer1(binData1.begin(), binData1.end());
649 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer1, CKM::Policy("CorrectPassword"))),
650 "Error=" << CKM::ErrorToString(temp));
652 CKM::RawBuffer buffer;
654 CKM_API_SUCCESS == (temp = manager->getData("data4", CKM::Password("CorrectPassword"), buffer)),
655 "Error=" << CKM::ErrorToString(temp));
661 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getData("data4", CKM::Password("WrongPassword"), buffer)),
662 "Error=" << CKM::ErrorToString(temp));
665 RUNNER_TEST(T1035_deinit)
668 auto control = CKM::Control::create();
671 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
672 "Error=" << CKM::ErrorToString(temp));
674 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
675 "Error=" << CKM::ErrorToString(temp));
677 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
678 "Error=" << CKM::ErrorToString(temp));
680 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
681 "Error=" << CKM::ErrorToString(temp));
684 RUNNER_TEST_GROUP_INIT(T104_CKM_QUICK_CREATE_PAIR);
686 RUNNER_TEST(T1040_init)
689 auto control = CKM::Control::create();
692 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
693 "Error=" << CKM::ErrorToString(temp));
696 RUNNER_CHILD_TEST(T1041_create_rsa_key)
699 auto manager = CKM::Manager::create();
702 AccessProvider ap("mylabel-rsa");
703 ap.allowAPI("key-manager::api-storage", "rw");
704 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
707 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY1_RSA"), CKM::Alias("PUB_KEY1_RSA"), CKM::Policy(), CKM::Policy())),
708 "Error=" << CKM::ErrorToString(temp));
710 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
711 "Error=" << CKM::ErrorToString(temp));
713 2 == (temp = av.size()),
714 "Vector size: " << temp << ". Expected: 2");
717 RUNNER_CHILD_TEST(T1042_create_rsa_key_foreign_label)
720 auto manager = CKM::Manager::create();
723 AccessProvider ap("mylabel-rsa");
724 ap.allowAPI("key-manager::api-storage", "rw");
725 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
728 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("iamsomebodyelse PRV_KEY2_RSA"), CKM::Alias("PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
729 "Error=" << CKM::ErrorToString(temp));
731 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->createKeyPairRSA(2048, CKM::Alias("PRV_KEY2_RSA"), CKM::Alias("iamsomebodyelse PUB_KEY2_RSA"), CKM::Policy(), CKM::Policy())),
732 "Error=" << CKM::ErrorToString(temp));
735 RUNNER_CHILD_TEST(T1043_create_dsa_key)
738 auto manager = CKM::Manager::create();
741 AccessProvider ap("mylabel-dsa");
742 ap.allowAPI("key-manager::api-storage", "rw");
743 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
746 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, CKM::Alias("PRV_KEY1_DSA"), CKM::Alias("PUB_KEY1_DSA"), CKM::Policy(), CKM::Policy())),
747 "Error=" << CKM::ErrorToString(temp));
749 CKM_API_SUCCESS == (temp = manager->getKeyAliasVector(av)),
750 "Error=" << CKM::ErrorToString(temp));
752 2 == (temp = av.size()),
753 "Vector size: " << temp << ". Expected: 2");
756 RUNNER_TEST(T1049_deinit)
759 auto control = CKM::Control::create();
762 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
763 "Error=" << CKM::ErrorToString(temp));
765 CKM_API_SUCCESS == (temp = control->removeUserData(USER_APP)),
766 "Error=" << CKM::ErrorToString(temp));
770 RUNNER_TEST_GROUP_INIT(T111_CKM_CreateKeyPair);
772 RUNNER_TEST(T1110_init)
775 auto control = CKM::Control::create();
777 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
778 "Error=" << CKM::ErrorToString(temp));
780 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
781 "Error=" << CKM::ErrorToString(temp));
784 RUNNER_TEST(T1111_CreateKeyPairRSA)
787 auto manager = CKM::Manager::create();
788 CKM::Alias a1("rsa-test-1");
789 CKM::Alias a2("rsa-test-2");
793 CKM_API_SUCCESS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
794 "Error=" << CKM::ErrorToString(temp));
796 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairRSA(1024, a1, a2, p1, p2)),
797 "Error=" << CKM::ErrorToString(temp));
800 RUNNER_TEST(T1112_CreateKeyPairDSA)
803 auto manager = CKM::Manager::create();
804 CKM::Alias a1("dsa-test-1");
805 CKM::Alias a2("dsa-test-2");
809 CKM_API_SUCCESS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
810 "Error=" << CKM::ErrorToString(temp));
812 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->createKeyPairDSA(1024, a1, a2, p1, p2)),
813 "Error=" << CKM::ErrorToString(temp));
816 RUNNER_TEST(T1113_CreateKeyPairECDSA)
819 auto manager = CKM::Manager::create();
820 CKM::Alias a1("ecdsa-test-1");
821 CKM::Alias a2("ecdsa-test-2");
825 CKM_API_SUCCESS == (temp = manager->createKeyPairECDSA(CKM::ElipticCurve::prime192v1, a1, a2, p1, p2)),
826 "Error=" << CKM::ErrorToString(temp));
829 RUNNER_TEST(T1114_deinit)
832 auto control = CKM::Control::create();
835 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
836 "Error=" << CKM::ErrorToString(temp));
838 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
839 "Error=" << CKM::ErrorToString(temp));
842 RUNNER_TEST_GROUP_INIT(T120_NEGATIVE_TESTS);
844 RUNNER_TEST(T12100_init)
847 auto control = CKM::Control::create();
849 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
850 "Error=" << CKM::ErrorToString(temp));
852 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
853 "Error=" << CKM::ErrorToString(temp));
856 RUNNER_TEST(T12101_key_exist)
859 auto manager = CKM::Manager::create();
861 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
862 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
863 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
864 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
865 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
866 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
867 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
869 "-----END PUBLIC KEY-----";
871 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
872 auto key = CKM::Key::create(buffer);
873 CKM::Alias alias = "rsa-alias-duplication";
876 CKM_API_SUCCESS == (ret = manager->saveKey(alias, key, CKM::Policy())),
877 "Error=" << CKM::ErrorToString(ret));
879 CKM_API_ERROR_DB_ALIAS_EXISTS == (ret = manager->saveKey(alias, key, CKM::Policy())),
880 "Error=" << CKM::ErrorToString(ret));
884 * These test cases tests API when empty parameters are passed to functions
887 RUNNER_TEST(T12102_saveKey_empty_alias)
889 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
890 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
891 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
892 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLc\n"
893 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
894 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
895 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
896 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
898 "-----END PUBLIC KEY-----";
900 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
901 auto key = CKM::Key::create(buffer);
902 CKM::Alias alias; //alias is not initialized
905 auto manager = CKM::Manager::create();
907 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
908 "Error=" << CKM::ErrorToString(ret));
911 RUNNER_TEST(T12103_saveKey_foreign_label)
913 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
914 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
915 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
916 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
917 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
918 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
919 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
921 "-----END PUBLIC KEY-----";
923 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
924 auto key = CKM::Key::create(buffer);
925 CKM::Alias alias = "iamsomebodyelse alias";
928 auto manager = CKM::Manager::create();
930 CKM_API_ERROR_ACCESS_DENIED == (ret = manager->saveKey(alias, key, CKM::Policy())),
931 "Error=" << CKM::ErrorToString(ret));
934 RUNNER_TEST(T12104_saveKey_empty_key)
936 CKM::KeyShPtr key; //key is not initialized
937 CKM::Alias alias = "empty-key";
940 auto manager = CKM::Manager::create();
942 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
943 "Error=" << CKM::ErrorToString(ret));
946 RUNNER_TEST(T12105_saveCertificate_empty_alias)
948 std::string certPem =
949 "-----BEGIN CERTIFICATE-----\n"
950 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
951 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
952 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
953 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
954 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
955 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
956 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
957 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
958 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
959 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
960 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
961 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
962 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
963 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
964 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
965 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
966 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
967 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
968 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
969 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
970 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
971 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
972 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
973 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
975 "-----END CERTIFICATE-----\n";
977 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
978 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
979 CKM::Alias alias; //alias is not initialized
982 auto manager = CKM::Manager::create();
984 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
985 "Error=" << CKM::ErrorToString(temp));
988 RUNNER_TEST(T12106_saveCertificate_foreign_label)
990 std::string certPem =
991 "-----BEGIN CERTIFICATE-----\n"
992 "MIIEgDCCA2igAwIBAgIIcjtBYJGQtOAwDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UE\n"
993 "BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl\n"
994 "cm5ldCBBdXRob3JpdHkgRzIwHhcNMTQwNTIyMTEyOTQyWhcNMTQwODIwMDAwMDAw\n"
995 "WjBtMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN\n"
996 "TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEcMBoGA1UEAwwTYWNj\n"
997 "b3VudHMuZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB\n"
998 "ALtlLWVWPN3q3bSEQl1Z97gPdgl5vbgJOZSAr0ZY0tJCuFLBbUKetJWryyE+5KpG\n"
999 "gMMpLS4v8/bvXaZc6mAs+RfAqGM24C3vQg5hPnj4dflnhL0WiOCZBurm1tV4oexk\n"
1000 "HLXs3jr/jpnb738AQpj8zZ9a4VEBuHJRZALnWZ/XhqU+dvYomAoRQNuL5OhkT7uu\n"
1001 "d0NKJL9JjYLyQglGgE2sVsWv2kj7EO/P9Q6NEKt9BGmhMsFvtfeKUaymynaxpR1g\n"
1002 "wEPlqYvB38goh1dIOgVLT0OVyLImeg5Mdwar/8c1U0OYhLOc6PJapOZAfUkE+3+w\n"
1003 "xYt8AChLN1b5szOwInrCVpECAwEAAaOCAUYwggFCMB0GA1UdJQQWMBQGCCsGAQUF\n"
1004 "BwMBBggrBgEFBQcDAjAeBgNVHREEFzAVghNhY2NvdW50cy5nb29nbGUuY29tMGgG\n"
1005 "CCsGAQUFBwEBBFwwWjArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29nbGUuY29t\n"
1006 "L0dJQUcyLmNydDArBggrBgEFBQcwAYYfaHR0cDovL2NsaWVudHMxLmdvb2dsZS5j\n"
1007 "b20vb2NzcDAdBgNVHQ4EFgQU0/UtToEtNIfwDwHuYGuVKcj0xK8wDAYDVR0TAQH/\n"
1008 "BAIwADAfBgNVHSMEGDAWgBRK3QYWG7z2aLV29YG2u2IaulqBLzAXBgNVHSAEEDAO\n"
1009 "MAwGCisGAQQB1nkCBQEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3BraS5nb29n\n"
1010 "bGUuY29tL0dJQUcyLmNybDANBgkqhkiG9w0BAQUFAAOCAQEAcGNI/X9f0g+7ij0o\n"
1011 "ehLpk6vxSMQGrmOZ4+PG/MC9SLClCkt7zJkfU7erZnyVXyxCpwlljq+Wk9YTPUOq\n"
1012 "xD/V2ikQVSAANoxGJFO9UoL5jzWusPhKKv8CcM7fuiERz8K+CfBcqfxbgI5rH0g5\n"
1013 "dYclmLC81cJ/08i+9Nltvxv69Y3hGfEICT6K+EdSxwnQzOhpMZmvxZsIj+d6CVNa\n"
1014 "9ICYgUthsNQVWzrIs5wknpjjZ9liDMwJX0vu8A0rce4X/Lna5hh2bW9igz2iP5WM\n"
1015 "9fuwdbTw4y3jfPQgszU4YZxWxhMzccxe058Qx1tLndAknBQEBesQjXytVQpuM1SV\n"
1017 "-----END CERTIFICATE-----\n";
1019 CKM::RawBuffer buffer(certPem.begin(), certPem.end());
1020 auto cert = CKM::Certificate::create(buffer, CKM::DataFormat::FORM_PEM);
1021 CKM::Alias alias = "iamsomebodyelse alias";
1024 auto manager = CKM::Manager::create();
1026 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1027 "Error=" << CKM::ErrorToString(temp));
1030 RUNNER_TEST(T12107_saveCertificate_empty_cert)
1032 CKM::CertificateShPtr cert; //cert is not initialized
1033 CKM::Alias alias = "empty-cert";
1036 auto manager = CKM::Manager::create();
1038 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1039 "Error=" << CKM::ErrorToString(temp));
1042 RUNNER_TEST(T12108_saveData_empty_alias)
1044 std::string testData = "test data test data test data";
1045 CKM::RawBuffer buffer(testData.begin(), testData.end());
1049 auto manager = CKM::Manager::create();
1051 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1052 "Error=" << CKM::ErrorToString(temp));
1055 RUNNER_TEST(T12109_saveData_foreign_label)
1057 std::string testData = "test data test data test data";
1058 CKM::RawBuffer buffer(testData.begin(), testData.end());
1059 CKM::Alias alias = "iamsomebodyelse alias";
1062 auto manager = CKM::Manager::create();
1064 CKM_API_ERROR_ACCESS_DENIED == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1065 "Error=" << CKM::ErrorToString(temp));
1068 RUNNER_TEST(T12110_saveData_empty_data)
1070 CKM::RawBuffer buffer;
1071 CKM::Alias alias = "empty-data";
1074 auto manager = CKM::Manager::create();
1076 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveData(alias, buffer, CKM::Policy())),
1077 "Error=" << CKM::ErrorToString(temp));
1081 * These test cases tests API when trying to get data from not existing alias
1084 RUNNER_TEST(T12111_getKey_alias_not_exist)
1087 CKM::Alias alias = "this-alias-not-exist";
1090 auto manager = CKM::Manager::create();
1092 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getKey(alias, "", key)),
1093 "Error=" << CKM::ErrorToString(temp));
1096 RUNNER_TEST(T12112_getCertificate_alias_not_exist)
1098 CKM::CertificateShPtr certificate;
1099 CKM::Alias alias = "this-alias-not-exist";
1102 auto manager = CKM::Manager::create();
1104 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getCertificate(alias, CKM::Password(), certificate)),
1105 "Error=" << CKM::ErrorToString(temp));
1108 RUNNER_TEST(T12113_getData_alias_not_exist)
1111 auto manager = CKM::Manager::create();
1112 CKM::RawBuffer buffer;
1113 CKM::Alias alias("some alias");
1115 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getData(alias, "", buffer)),
1116 "Error=" << CKM::ErrorToString(temp));
1120 * These test cases tests API when damaged keys are used
1122 RUNNER_TEST(T12114_rsa_key_damaged)
1125 auto manager = CKM::Manager::create();
1127 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1128 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1129 // "BROKENBROKENBROKENBROKENBROKENTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT\n"
1130 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1131 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1132 // "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1133 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1135 "-----END PUBLIC KEY-----";
1137 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1138 auto key = CKM::Key::create(buffer);
1139 CKM::Alias alias = "damaged-rsa";
1142 NULL == key.get(), "Key is broken. It should be empty");
1145 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1146 "Error=" << CKM::ErrorToString(ret));
1149 RUNNER_TEST(T12115_rsa_key_too_short)
1152 auto manager = CKM::Manager::create();
1154 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1155 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1156 //"T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1157 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1158 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1159 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1160 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1162 "-----END PUBLIC KEY-----";
1164 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1165 auto key = CKM::Key::create(buffer);
1166 CKM::Alias alias = "short-rsa";
1169 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1170 "Error=" << CKM::ErrorToString(ret));
1173 RUNNER_TEST(T12116_dsa_key_too_short)
1176 auto manager = CKM::Manager::create();
1178 const std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
1179 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1180 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1181 //"A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1182 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1183 //"AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1184 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1185 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1186 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1187 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1188 "YMYCBhubtrVaLmc=\n"
1189 "-----END PUBLIC KEY-----";
1191 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
1192 auto key = CKM::Key::create(buffer);
1193 CKM::Alias alias = "short-dsa";
1196 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1197 "Error=" << CKM::ErrorToString(ret));
1202 * These test cases tests CKM service if malicious data is provided over the socket.
1205 RUNNER_TEST(T12117_rsa_key_damaged_serviceTest)
1208 auto manager = CKM::Manager::create();
1210 // fake the client - let the service detect the problem
1211 class WrongKeyImpl : public CKM::Key
1214 WrongKeyImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1217 virtual bool empty() const {
1221 virtual CKM::KeyType getType() const {
1222 return CKM::KeyType::KEY_RSA_PUBLIC;
1224 virtual int getSize() const {
1227 virtual CKM::ElipticCurve getCurve() const {
1228 return CKM::ElipticCurve::prime192v1;
1230 virtual CKM::RawBuffer getDER() const {
1233 virtual ~WrongKeyImpl() {}
1235 CKM::RawBuffer & m_dummy;
1237 std::string dummyData = "my_cat_Berta\n";
1238 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1239 auto key = std::make_shared<WrongKeyImpl>(buffer);
1240 CKM::Alias alias = "damaged-rsa";
1243 CKM_API_ERROR_INPUT_PARAM == (ret = manager->saveKey(alias, key, CKM::Policy())),
1244 "Error=" << CKM::ErrorToString(ret));
1247 RUNNER_TEST(T12118_saveCertificate_damaged_serviceTest)
1249 // fake the client - let the service detect the problem
1250 class WrongCertImpl : public CKM::Certificate
1253 WrongCertImpl(CKM::RawBuffer & dummy_content) : m_dummy(dummy_content) {
1254 m_x509 = X509_new();
1257 bool empty() const {
1261 virtual X509 *getX509() const {
1265 virtual CKM::RawBuffer getDER() const {
1269 virtual ~WrongCertImpl() {
1274 CKM::RawBuffer & m_dummy;
1276 std::string dummyData = "my_cat_Stefan\n";
1277 CKM::RawBuffer buffer(dummyData.begin(), dummyData.end());
1278 auto cert = std::make_shared<WrongCertImpl>(buffer);
1279 CKM::Alias alias = "damaged-cert";
1282 auto manager = CKM::Manager::create();
1284 CKM_API_ERROR_INPUT_PARAM == (temp = manager->saveCertificate(alias, cert, CKM::Policy())),
1285 "Error=" << CKM::ErrorToString(temp));
1288 RUNNER_TEST(T12119_deinit)
1291 auto control = CKM::Control::create();
1294 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1295 "Error=" << CKM::ErrorToString(temp));
1297 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1298 "Error=" << CKM::ErrorToString(temp));
1301 RUNNER_TEST_GROUP_INIT(T131_CKM_QUICK_SET_GET_TESTS);
1303 RUNNER_TEST(T1311_init)
1306 auto control = CKM::Control::create();
1308 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1309 "Error=" << CKM::ErrorToString(temp));
1310 RUNNER_ASSERT_MSG(time(0) > 1405343457,
1311 "Time error. Device date is before 14th of July 2014. You must set proper time on device before run this tests!");
1313 struct hostent* he = gethostbyname("google.com");
1315 RUNNER_ASSERT_MSG(he != NULL, "There is problem with translate domain google.com into ip address. Probably network "
1316 "is not woking on the device. OCSP tests requires network access!");
1319 RUNNER_TEST(T1312_get_chain)
1321 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1322 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1323 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1324 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1325 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1326 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1327 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1328 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1329 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1330 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1331 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1332 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1333 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1334 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1335 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1336 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1337 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1338 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1339 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1340 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1341 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1342 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1343 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1344 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1345 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1346 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1347 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1348 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1349 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1350 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1351 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1352 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1354 "-----END CERTIFICATE-----\n";
1357 "-----BEGIN CERTIFICATE-----\n"
1358 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1359 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1360 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1361 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1362 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1363 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1364 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1365 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1366 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1367 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1368 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1369 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1370 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1371 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1372 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1373 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1374 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1375 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1376 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1377 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1378 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1379 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1380 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1381 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1382 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1383 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1384 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1385 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1386 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1387 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1388 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1389 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1390 "-----END CERTIFICATE-----\n";
1392 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1393 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1394 CKM::CertificateShPtrVector certVector = {cert1};
1395 CKM::CertificateShPtrVector certChain;
1398 auto manager = CKM::Manager::create();
1400 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1401 RUNNER_ASSERT_MSG(false != cert1.get(), "Certificate should not be empty");
1403 tmp = manager->getCertificateChain(cert,
1408 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1409 "Error=" << CKM::ErrorToString(tmp));
1412 0 == certChain.size(),
1413 "Wrong size of certificate chain.");
1415 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1416 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1419 3 == certChain.size(),
1420 "Wrong size of certificate chain.");
1423 RUNNER_TEST(T1313_get_chain_with_alias)
1425 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1426 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1427 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1428 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1429 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1430 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1431 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1432 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1433 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1434 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1435 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1436 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1437 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1438 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1439 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1440 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1441 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1442 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1443 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1444 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1445 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1446 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1447 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1448 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1449 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1450 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1451 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1452 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1453 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1454 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1455 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1456 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1458 "-----END CERTIFICATE-----\n";
1461 "-----BEGIN CERTIFICATE-----\n"
1462 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1463 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1464 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1465 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1466 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1467 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1468 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1469 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1470 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1471 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1472 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1473 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1474 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1475 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1476 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1477 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1478 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1479 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1480 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1481 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1482 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1483 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1484 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1485 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1486 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1487 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1488 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1489 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1490 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1491 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1492 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1493 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1494 "-----END CERTIFICATE-----\n";
1496 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1497 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1498 CKM::CertificateShPtrVector certChain;
1499 CKM::AliasVector aliasVector;
1500 CKM::Alias alias("imcert");
1501 CharPtr top_label = get_label();
1502 std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
1505 auto manager = CKM::Manager::create();
1507 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1508 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1510 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1511 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1512 "Error=" << CKM::ErrorToString(tmp));
1515 0 == certChain.size(),
1516 "Wrong size of certificate chain.");
1519 CKM_API_SUCCESS == (tmp = manager->saveCertificate(alias, cert1, CKM::Policy())),
1520 "Error=" << CKM::ErrorToString(tmp));
1522 aliasVector.push_back(full_address);
1524 tmp = manager->getCertificateChain(cert, aliasVector, EMPTY_ALIAS_VECTOR, true, certChain);
1525 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1528 3 == certChain.size(),
1529 "Wrong size of certificate chain.");
1532 RUNNER_TEST(T1314_ocsp_check)
1534 RUNNER_IGNORED_MSG("Fixed in next version of ckm!");
1536 std::string ee = "-----BEGIN CERTIFICATE-----\n"
1537 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
1538 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1539 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
1540 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
1541 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
1542 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
1543 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
1544 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
1545 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
1546 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
1547 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
1548 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
1549 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
1550 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
1551 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
1552 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
1553 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
1554 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
1555 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
1556 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
1557 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
1558 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
1559 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
1560 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
1561 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
1562 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
1563 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
1564 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
1565 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
1566 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
1567 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
1569 "-----END CERTIFICATE-----\n";
1572 "-----BEGIN CERTIFICATE-----\n"
1573 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
1574 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
1575 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
1576 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
1577 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
1578 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
1579 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
1580 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
1581 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
1582 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
1583 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
1584 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
1585 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
1586 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
1587 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
1588 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
1589 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
1590 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
1591 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
1592 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
1593 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
1594 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
1595 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
1596 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
1597 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
1598 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
1599 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
1600 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
1601 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
1602 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
1603 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
1604 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
1605 "-----END CERTIFICATE-----\n";
1607 auto cert = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
1608 auto cert1 = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
1609 CKM::CertificateShPtrVector certVector = {cert1};
1610 CKM::CertificateShPtrVector certChain;
1613 auto manager = CKM::Manager::create();
1615 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
1616 RUNNER_ASSERT_MSG(NULL != cert1.get(), "Certificate should not be empty");
1618 tmp = manager->getCertificateChain(cert, EMPTY_CERT_VECTOR, EMPTY_CERT_VECTOR, true, certChain);
1619 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
1620 "Error=" << CKM::ErrorToString(tmp));
1623 0 == certChain.size(),
1624 "Wrong size of certificate chain.");
1626 tmp = manager->getCertificateChain(cert, certVector, EMPTY_CERT_VECTOR, true, certChain);
1627 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
1630 3 == certChain.size(),
1631 "Wrong size of certificate chain.");
1635 CKM_API_SUCCESS == (tmp = manager->ocspCheck(certChain, status)),
1636 "Error=" << CKM::ErrorToString(tmp));
1638 RUNNER_ASSERT_MSG(CKM_API_OCSP_STATUS_GOOD == status, "Verfication failed");
1641 RUNNER_TEST(T1315_deinit)
1644 auto control = CKM::Control::create();
1647 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
1648 "Error=" << CKM::ErrorToString(temp));
1650 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
1651 "Error=" << CKM::ErrorToString(temp));
1654 RUNNER_TEST_GROUP_INIT(T141_CREATE_AND_VERIFY_SIGNATURE);
1656 RUNNER_TEST(T1411_init)
1659 auto control = CKM::Control::create();
1661 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
1662 "Error=" << CKM::ErrorToString(temp));
1665 RUNNER_TEST(T1412_rsa_key_create_verify)
1668 auto manager = CKM::Manager::create();
1670 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
1671 "Proc-Type: 4,ENCRYPTED\n"
1672 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
1674 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
1675 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
1676 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
1677 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
1678 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
1679 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
1680 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
1681 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
1682 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
1683 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
1684 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
1685 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
1686 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
1687 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
1688 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
1689 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
1690 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
1691 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
1692 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
1693 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
1694 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
1695 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
1696 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
1697 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
1698 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
1699 "-----END RSA PRIVATE KEY-----\n";
1701 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1702 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
1703 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
1704 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
1705 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
1706 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
1707 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
1709 "-----END PUBLIC KEY-----\n";
1711 std::string message = "message test";
1713 CKM::Alias aliasPub = "pub1";
1714 CKM::Alias aliasPrv = "prv1";
1715 CKM::Password password = "1234";
1716 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1717 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1718 CKM::RawBuffer signature;
1720 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1721 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
1723 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1724 "Key is empty. Failed to import public key.");
1725 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1726 "Key is empty. Failed to import private key.");
1729 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1730 "Error=" << CKM::ErrorToString(temp));
1732 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1733 "Error=" << CKM::ErrorToString(temp));
1736 CKM_API_SUCCESS == (temp = manager->createSignature(
1739 CKM::RawBuffer(message.begin(), message.end()),
1743 "Error=" << CKM::ErrorToString(temp));
1746 CKM_API_SUCCESS == (temp = manager->verifySignature(
1749 CKM::RawBuffer(message.begin(), message.end()),
1753 "Error=" << CKM::ErrorToString(temp));
1756 RUNNER_TEST(T1413_dsa_key_create_verify)
1759 auto manager = CKM::Manager::create();
1761 std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
1762 "MIIBvAIBAAKBgQC3r3mg/xIXlvsLNWLlu+39+OPm65BM5gVXxWB6+7fo8Lup0Ht+\n"
1763 "NUqBEiRvjwoK64cu+ijQwn73osBKFrn1R5yOG2AVPwpczwN2pn+nOcrneOWUf2+j\n"
1764 "ogLnsOqIWNJkBp86noqPAWgrGWiehM4gkpZHSAyYrEnz4J5Vh6n+AMB1XQIVAOyN\n"
1765 "SUO7ARSfjdfcNzprvmjvBBtPAoGBAJXWoMvwnMYYeN3GbgGUMYCSwnKdY4OjXTzH\n"
1766 "ZGdk3Eoo72lcQbvoIxBjqjeTrNlelBe0v5P64x2JnF/bsYKY5At9ckzayshESABS\n"
1767 "GGbRtiuy1QVGauRYJuyPN0AVXISdjwO5gWroCRRITY24SjUYqeVB9/JXtWA2fyIg\n"
1768 "PrLxTqXqAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+hq0c3FGUCtGbVOqg2KPqMBgw\n"
1769 "Sb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdOOSCQciDXnRfSqKbT6tjDTgR5\n"
1770 "jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rCYMYCBhubtrVaLmcCFQC0IB4m\n"
1771 "u1roOuaPY+Hl19BlTE2qdw==\n"
1772 "-----END DSA PRIVATE KEY-----";
1774 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1775 "MIIBtzCCASwGByqGSM44BAEwggEfAoGBALeveaD/EheW+ws1YuW77f344+brkEzm\n"
1776 "BVfFYHr7t+jwu6nQe341SoESJG+PCgrrhy76KNDCfveiwEoWufVHnI4bYBU/ClzP\n"
1777 "A3amf6c5yud45ZR/b6OiAuew6ohY0mQGnzqeio8BaCsZaJ6EziCSlkdIDJisSfPg\n"
1778 "nlWHqf4AwHVdAhUA7I1JQ7sBFJ+N19w3Omu+aO8EG08CgYEAldagy/Ccxhh43cZu\n"
1779 "AZQxgJLCcp1jg6NdPMdkZ2TcSijvaVxBu+gjEGOqN5Os2V6UF7S/k/rjHYmcX9ux\n"
1780 "gpjkC31yTNrKyERIAFIYZtG2K7LVBUZq5Fgm7I83QBVchJ2PA7mBaugJFEhNjbhK\n"
1781 "NRip5UH38le1YDZ/IiA+svFOpeoDgYQAAoGAPT91aEgwFdulzmHlvr3k+GBCE9z+\n"
1782 "hq0c3FGUCtGbVOqg2KPqMBgwSb4MC0msQys4DTVZhLJI+C5eIPEHgfBMqY1ZNJdO\n"
1783 "OSCQciDXnRfSqKbT6tjDTgR5jmh5bG1Q8QFeBTHCDsQHoQYWgx0nyu12lASN80rC\n"
1784 "YMYCBhubtrVaLmc=\n"
1785 "-----END PUBLIC KEY-----";
1787 std::string message = "message test";
1789 CKM::Alias aliasPub = "pub2";
1790 CKM::Alias aliasPrv = "prv2";
1791 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1792 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1793 CKM::RawBuffer signature;
1795 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1796 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
1798 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1799 "Key is empty. Failed to import public key.");
1800 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1801 "Key is empty. Failed to import private key.");
1804 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1805 "Error=" << CKM::ErrorToString(temp));
1807 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1808 "Error=" << CKM::ErrorToString(temp));
1811 CKM_API_SUCCESS == (temp = manager->createSignature(
1814 CKM::RawBuffer(message.begin(), message.end()),
1818 "Error=" << CKM::ErrorToString(temp));
1821 CKM_API_SUCCESS == (temp = manager->verifySignature(
1824 CKM::RawBuffer(message.begin(), message.end()),
1828 "Error=" << CKM::ErrorToString(temp));
1832 RUNNER_TEST(T1414_ec_key_create_verify)
1835 auto manager = CKM::Manager::create();
1837 std::string prv = "-----BEGIN EC PRIVATE KEY-----\n"
1838 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
1839 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
1840 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1841 "-----END EC PRIVATE KEY-----\n";
1843 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
1844 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
1845 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
1846 "-----END PUBLIC KEY-----\n";
1848 std::string message = "message test";
1850 CKM::Alias aliasPub = "ecpub2";
1851 CKM::Alias aliasPrv = "ecprv2";
1852 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1853 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1854 CKM::RawBuffer signature;
1856 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
1857 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
1859 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
1860 "Key is empty. Failed to import public key.");
1861 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
1862 "Key is empty. Failed to import private key.");
1865 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
1866 "Error=" << CKM::ErrorToString(temp));
1868 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
1869 "Error=" << CKM::ErrorToString(temp));
1872 CKM_API_SUCCESS == (temp = manager->createSignature(
1875 CKM::RawBuffer(message.begin(), message.end()),
1879 "Error=" << CKM::ErrorToString(temp));
1882 CKM_API_SUCCESS == (temp = manager->verifySignature(
1885 CKM::RawBuffer(message.begin(), message.end()),
1889 "Error=" << CKM::ErrorToString(temp));
1891 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1893 memcpy((void*)signature.data(), "BROKEN", 6);
1896 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1899 CKM::RawBuffer(message.begin(), message.end()),
1903 "Error=" << CKM::ErrorToString(temp));
1906 RUNNER_TEST(T1415_rsa_key_create_verify_negative)
1909 auto manager = CKM::Manager::create();
1910 std::string message = "message asdfaslkdfjlksadjf test";
1912 CKM::Alias aliasPub = "pub1";
1913 CKM::Alias aliasPrv = "prv1";
1915 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1916 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1917 CKM::RawBuffer signature;
1920 CKM_API_SUCCESS == (temp = manager->createSignature(
1923 CKM::RawBuffer(message.begin(), message.end()),
1927 "Error=" << CKM::ErrorToString(temp));
1930 CKM_API_SUCCESS == (temp = manager->verifySignature(
1933 CKM::RawBuffer(message.begin(), message.end()),
1937 "Error=" << CKM::ErrorToString(temp));
1939 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1940 memcpy((void*)signature.data(), "BROKEN", 6);
1943 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1946 CKM::RawBuffer(message.begin(), message.end()),
1950 "Error=" << CKM::ErrorToString(temp));
1953 RUNNER_TEST(T1416_dsa_key_create_verify_negative)
1956 auto manager = CKM::Manager::create();
1957 std::string message = "message asdfaslkdfjlksadjf test";
1959 CKM::Alias aliasPub = "pub2";
1960 CKM::Alias aliasPrv = "prv2";
1962 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
1963 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
1964 CKM::RawBuffer signature;
1967 CKM_API_SUCCESS == (temp = manager->createSignature(
1970 CKM::RawBuffer(message.begin(), message.end()),
1974 "Error=" << CKM::ErrorToString(temp));
1977 CKM_API_SUCCESS == (temp = manager->verifySignature(
1980 CKM::RawBuffer(message.begin(), message.end()),
1984 "Error=" << CKM::ErrorToString(temp));
1986 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
1987 memcpy((void*)signature.data(), "BROKEN", 6);
1990 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
1993 CKM::RawBuffer(message.begin(), message.end()),
1997 "Error=" << CKM::ErrorToString(temp));
2000 RUNNER_TEST(T1417_rsa_cert_create_verify_signature)
2003 auto manager = CKM::Manager::create();
2006 "-----BEGIN RSA PRIVATE KEY-----\n"
2007 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
2008 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
2009 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
2010 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
2011 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
2012 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
2013 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
2014 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
2015 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
2016 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
2017 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
2018 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
2019 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
2020 "-----END RSA PRIVATE KEY-----\n";
2023 "-----BEGIN CERTIFICATE-----\n"
2024 "MIICijCCAfOgAwIBAgIJAMvaNHQ1ozT8MA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNV\n"
2025 "BAYTAlBMMQ0wCwYDVQQIDARMb2R6MQ0wCwYDVQQHDARMb2R6MRAwDgYDVQQKDAdT\n"
2026 "YW1zdW5nMREwDwYDVQQLDAhTZWN1cml0eTEMMAoGA1UEAwwDQ0tNMB4XDTE0MDcw\n"
2027 "MjEyNDE0N1oXDTE3MDcwMTEyNDE0N1owXjELMAkGA1UEBhMCUEwxDTALBgNVBAgM\n"
2028 "BExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1bmcxETAPBgNVBAsM\n"
2029 "CFNlY3VyaXR5MQwwCgYDVQQDDANDS00wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ\n"
2030 "AoGBAMIpv0GRN06MJNco+L8fkVIa7KuDM5EG1HecJODtJGcvjvM0YSOXbCSCxj1k\n"
2031 "7dQkebSDLkoyNZ4K5RWRIPcbjon2huDVtgmK8JAEkrF+J4DyxY602rUzx6YcYryj\n"
2032 "eyNpGSWueCaTbFIKzm8UlWUKW7MBhSas8ObrgLf6fjJbikEJAgMBAAGjUDBOMB0G\n"
2033 "A1UdDgQWBBQuW9DuITahZJ6saVZZI0aBlis5vzAfBgNVHSMEGDAWgBQuW9DuITah\n"
2034 "ZJ6saVZZI0aBlis5vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAB2X\n"
2035 "GNtJopBJR3dCpzDONknr/c6qcsPVa3nH4c7qzy6F+4bgqa5IObnoF8zUrvD2sMAO\n"
2036 "km3C/N+Qzt8Rb7ORM6U4tlPp1kZ5t6PKjghhNaiYwVm9A/Zm+wyAmRIkQiYDr4MX\n"
2037 "e+bRAkPmJeEWpaav1lvvBnFzGSGJrnSSeWUegGyn\n"
2038 "-----END CERTIFICATE-----\n";
2040 std::string message = "message test";
2042 CKM::Alias aliasPub = "pub1-cert";
2043 CKM::Alias aliasPrv = "prv1-cert";
2044 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2045 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2046 CKM::RawBuffer signature;
2048 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2049 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2051 RUNNER_ASSERT_MSG(NULL != cert.get(),
2052 "Key is empty. Failed to import public key.");
2053 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2054 "Key is empty. Failed to import private key.");
2057 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2058 "Error=" << CKM::ErrorToString(temp));
2060 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2061 "Error=" << CKM::ErrorToString(temp));
2064 CKM_API_SUCCESS == (temp = manager->createSignature(
2067 CKM::RawBuffer(message.begin(), message.end()),
2071 "Error=" << CKM::ErrorToString(temp));
2074 CKM_API_SUCCESS == (temp = manager->verifySignature(
2077 CKM::RawBuffer(message.begin(), message.end()),
2081 "Error=" << CKM::ErrorToString(temp));
2083 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2085 memcpy((void*)signature.data(), "BROKEN", 6);
2088 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2091 CKM::RawBuffer(message.begin(), message.end()),
2095 "Error=" << CKM::ErrorToString(temp));
2098 RUNNER_TEST(T1418_dsa_cert_create_verify_signature)
2101 auto manager = CKM::Manager::create();
2103 const std::string pub = "-----BEGIN CERTIFICATE-----\n"
2104 "MIIDUzCCAxECCQCer/fKcXtJgTALBglghkgBZQMEAwIwgYsxCzAJBgNVBAYTAlBM\n"
2105 "MQ8wDQYDVQQIDAZQb2xhbmQxDzANBgNVBAcMBldhcnNhdzEQMA4GA1UECgwHU2Ft\n"
2106 "c3VuZzEMMAoGA1UECwwDS1NGMRMwEQYDVQQDDAptLmthcnBpdWsyMSUwIwYJKoZI\n"
2107 "hvcNAQkBFhZtLmthcnBpdWsyQHNhbXN1bmcuY29tMCAXDTE0MDkyNjEzNTQwN1oY\n"
2108 "DzIxNDAwOTA1MTM1NDA3WjCBizELMAkGA1UEBhMCUEwxDzANBgNVBAgMBlBvbGFu\n"
2109 "ZDEPMA0GA1UEBwwGV2Fyc2F3MRAwDgYDVQQKDAdTYW1zdW5nMQwwCgYDVQQLDANL\n"
2110 "U0YxEzARBgNVBAMMCm0ua2FycGl1azIxJTAjBgkqhkiG9w0BCQEWFm0ua2FycGl1\n"
2111 "azJAc2Ftc3VuZy5jb20wggG3MIIBKwYHKoZIzjgEATCCAR4CgYEA9Bhh7ZA4onkY\n"
2112 "uDNQbYR4EwkJ6RpD505hB0GF6yppUNp2LanvNcQXcyXY88MB6OdP7Rikbu1H2zP4\n"
2113 "gONCtdxKW58Za7h9bFzYjxcObZsS52F9DP7sv3C4sX4xNWApfhUgbfzKaRCJOkOs\n"
2114 "06tV7teu3G/v26PdI8dlykIuQXQZmH8CFQCHsIV0njb2yC3ggfKz+exH+g5jAQKB\n"
2115 "gBVLYfVCMjUz5XJH+xYU3A8W8rpSLqZKIK2d9mbXqhpz8QK1bvNQUlSRZo+o1ZYV\n"
2116 "mJn3Mx2YuiifHZNKdBNweCqe5a+HV2RSl1Yv/TV9famZKlogGslsmPHUOJMlSIdh\n"
2117 "MfMwVny4/rNtjEtEFE1WnaTr1W6MKH1EBbizVo8fmWFrA4GFAAKBgQCaPjrlkAyX\n"
2118 "kBitWo+w0xZN4OSk13SsCzZ/PG+5zOgMRaFm2XbiC04YsGCi4NFOd9kaiP7w1CsP\n"
2119 "iqG6Vwv0T/VcoxBl/hp6jEqTDSrM6z0ungjDO9wGOdI+jZS0UjVahgC4ZLDHhrOa\n"
2120 "CjfxcHruO3e416b/Rm2CjhOzjKdoSFUWVzALBglghkgBZQMEAwIDLwAwLAIUHa+A\n"
2121 "5xo8O/tPuH9gXkr1mee6kRYCFGNycJ1xkc3nIJaEQOtGfDe7S71A\n"
2122 "-----END CERTIFICATE-----\n";
2124 const std::string prv = "-----BEGIN DSA PRIVATE KEY-----\n"
2125 "MIIBuwIBAAKBgQD0GGHtkDiieRi4M1BthHgTCQnpGkPnTmEHQYXrKmlQ2nYtqe81\n"
2126 "xBdzJdjzwwHo50/tGKRu7UfbM/iA40K13EpbnxlruH1sXNiPFw5tmxLnYX0M/uy/\n"
2127 "cLixfjE1YCl+FSBt/MppEIk6Q6zTq1Xu167cb+/bo90jx2XKQi5BdBmYfwIVAIew\n"
2128 "hXSeNvbILeCB8rP57Ef6DmMBAoGAFUth9UIyNTPlckf7FhTcDxbyulIupkogrZ32\n"
2129 "ZteqGnPxArVu81BSVJFmj6jVlhWYmfczHZi6KJ8dk0p0E3B4Kp7lr4dXZFKXVi/9\n"
2130 "NX19qZkqWiAayWyY8dQ4kyVIh2Ex8zBWfLj+s22MS0QUTVadpOvVbowofUQFuLNW\n"
2131 "jx+ZYWsCgYEAmj465ZAMl5AYrVqPsNMWTeDkpNd0rAs2fzxvuczoDEWhZtl24gtO\n"
2132 "GLBgouDRTnfZGoj+8NQrD4qhulcL9E/1XKMQZf4aeoxKkw0qzOs9Lp4IwzvcBjnS\n"
2133 "Po2UtFI1WoYAuGSwx4azmgo38XB67jt3uNem/0Ztgo4Ts4ynaEhVFlcCFGMH+Z9l\n"
2134 "vonbjii3BYe4AIdkzOvp\n"
2135 "-----END DSA PRIVATE KEY-----\n";
2137 std::string message = "message test";
2139 CKM::Alias aliasPub = "pub2-cert";
2140 CKM::Alias aliasPrv = "prv2-cert";
2141 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2142 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2143 CKM::RawBuffer signature;
2145 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2146 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2148 RUNNER_ASSERT_MSG(NULL != cert.get(),
2149 "Key is empty. Failed to import public key.");
2150 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2151 "Key is empty. Failed to import private key.");
2154 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2155 "Error=" << CKM::ErrorToString(temp));
2157 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2158 "Error=" << CKM::ErrorToString(temp));
2161 CKM_API_SUCCESS == (temp = manager->createSignature(
2164 CKM::RawBuffer(message.begin(), message.end()),
2168 "Error=" << CKM::ErrorToString(temp));
2171 CKM_API_SUCCESS == (temp = manager->verifySignature(
2174 CKM::RawBuffer(message.begin(), message.end()),
2178 "Error=" << CKM::ErrorToString(temp));
2180 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2182 memcpy((void*)signature.data(), "BROKEN", 6);
2185 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2188 CKM::RawBuffer(message.begin(), message.end()),
2192 "Error=" << CKM::ErrorToString(temp));
2195 RUNNER_TEST(T1419_ecdsa_cert_create_verify_signature)
2198 auto manager = CKM::Manager::create();
2201 "-----BEGIN EC PRIVATE KEY-----\n"
2202 "MIH8AgEBBBRPb/2utS5aCtyuwmzIHpU6LH3mc6CBsjCBrwIBATAgBgcqhkjOPQEB\n"
2203 "AhUA/////////////////////3////8wQwQU/////////////////////3////wE\n"
2204 "FByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UEKQRK\n"
2205 "lrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAAAAAA\n"
2206 "AAAAAfTI+Seu08p1IlcCAQGhLAMqAATehLqu61gKC3Tgr4wQMVoguAhhG3Uwwz8u\n"
2207 "ELyhe7yPCAuOoLZlTLgf\n"
2208 "-----END EC PRIVATE KEY-----\n";
2211 "-----BEGIN CERTIFICATE-----\n"
2212 "MIICfDCCAjqgAwIBAgIJANIytpeTKlXBMAkGByqGSM49BAEwXjELMAkGA1UEBhMC\n"
2213 "UEwxDTALBgNVBAgMBExvZHoxDTALBgNVBAcMBExvZHoxEDAOBgNVBAoMB1NhbXN1\n"
2214 "bmcxETAPBgNVBAsMCFNlY3VyaXR5MQwwCgYDVQQDDANDS00wHhcNMTQwNzAyMTI0\n"
2215 "MTQ3WhcNMTcwNzAxMTI0MTQ3WjBeMQswCQYDVQQGEwJQTDENMAsGA1UECAwETG9k\n"
2216 "ejENMAsGA1UEBwwETG9kejEQMA4GA1UECgwHU2Ftc3VuZzERMA8GA1UECwwIU2Vj\n"
2217 "dXJpdHkxDDAKBgNVBAMMA0NLTTCB6jCBuwYHKoZIzj0CATCBrwIBATAgBgcqhkjO\n"
2218 "PQEBAhUA/////////////////////3////8wQwQU/////////////////////3//\n"
2219 "//wEFByXvvxUvXqLZaz4n4HU1K3FZfpFAxUAEFPN5CwU1pbmdodWFRdTO/P4M0UE\n"
2220 "KQRKlrVojvVzKEZkaYlow4u5E8v8giOmKFUxaJR9WdzJEgQjUTd6xfsyAhUBAAAA\n"
2221 "AAAAAAAAAfTI+Seu08p1IlcCAQEDKgAE3oS6rutYCgt04K+MEDFaILgIYRt1MMM/\n"
2222 "LhC8oXu8jwgLjqC2ZUy4H6NQME4wHQYDVR0OBBYEFELElWx3kbLo55Cfn1vywsEZ\n"
2223 "ccsmMB8GA1UdIwQYMBaAFELElWx3kbLo55Cfn1vywsEZccsmMAwGA1UdEwQFMAMB\n"
2224 "Af8wCQYHKoZIzj0EAQMxADAuAhUAumC4mGoyK97SxTvVBQ+ELfCbxEECFQCbMJ72\n"
2225 "Q1oBry6NEc+lLFmWMDesAA==\n"
2226 "-----END CERTIFICATE-----\n";
2228 std::string message = "message test";
2230 CKM::Alias aliasPub = "pub3";
2231 CKM::Alias aliasPrv = "prv3";
2232 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
2233 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2234 CKM::RawBuffer signature;
2236 auto cert = CKM::Certificate::create(CKM::RawBuffer(pub.begin(), pub.end()), CKM::DataFormat::FORM_PEM);
2237 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()));
2239 RUNNER_ASSERT_MSG(NULL != cert.get(),
2240 "Key is empty. Failed to import public key.");
2241 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2242 "Key is empty. Failed to import private key.");
2245 CKM_API_SUCCESS == (temp = manager->saveCertificate(aliasPub, cert, CKM::Policy())),
2246 "Error=" << CKM::ErrorToString(temp));
2248 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2249 "Error=" << CKM::ErrorToString(temp));
2252 CKM_API_SUCCESS == (temp = manager->createSignature(
2255 CKM::RawBuffer(message.begin(), message.end()),
2259 "Error=" << CKM::ErrorToString(temp));
2262 CKM_API_SUCCESS == (temp = manager->verifySignature(
2265 CKM::RawBuffer(message.begin(), message.end()),
2269 "Error=" << CKM::ErrorToString(temp));
2271 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2273 memcpy((void*)signature.data(), "BROKEN", 6);
2276 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2279 CKM::RawBuffer(message.begin(), message.end()),
2283 "Error=" << CKM::ErrorToString(temp));
2286 RUNNER_TEST(T1420_deinit)
2289 auto control = CKM::Control::create();
2292 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2293 "Error=" << CKM::ErrorToString(temp));
2295 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2296 "Error=" << CKM::ErrorToString(temp));
2299 RUNNER_TEST_GROUP_INIT(T1418_signature_tests);
2301 RUNNER_TEST(T14180_init)
2304 auto control = CKM::Control::create();
2306 CKM_API_SUCCESS == (temp = control->unlockUserKey(0, "test-pass")),
2307 "Error=" << CKM::ErrorToString(temp));
2309 auto manager = CKM::Manager::create();
2311 // Prepare RSA Key Pair
2312 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
2313 "Proc-Type: 4,ENCRYPTED\n"
2314 "DEK-Info: DES-EDE3-CBC,6C6507B11671DABC\n"
2316 "YiKNviNqc/V/i241CKtAVsNckesE0kcaka3VrY7ApXR+Va93YoEwVQ8gB9cE/eHH\n"
2317 "S0j3ZS1PAVFM/qo4ZnPdMzaSLvTQw0GAL90wWgF3XQ+feMnWyBObEoQdGXE828TB\n"
2318 "SLz4UOIQ55Dx6JSWTfEhwAlPs2cEWD14xvuxPzAEzBIYmWmBBsCN94YgFeRTzjH0\n"
2319 "TImoYVMN60GgOfZWw6rXq9RaV5dY0Y6F1piypCLGD35VaXAutdHIDvwUGECPm7SN\n"
2320 "w05jRro53E1vb4mYlZEY/bs4q7XEOI5+ZKT76Xn0oEJNX1KRL1h2q8fgUkm5j40M\n"
2321 "uQj71aLR9KyIoQARwGLeRy09tLVjH3fj66CCMqaPcxcIRIyWi5yYBB0s53ipm6A9\n"
2322 "CYuyc7MS2C0pOdWKsDvYsHR/36KUiIdPuhF4AbaTqqO0eWeuP7Na7dGK56Fl+ooi\n"
2323 "cUpJr7cIqMl2vL25B0jW7d4TB3zwCEkVVD1fBPeNoZWo30z4bILcBqjjPkQfHZ2e\n"
2324 "xNraG3qI4FHjoPT8JEE8p+PgwaMoINlICyIMKiCdvwz9yEnsHPy7FkmatpS+jFoS\n"
2325 "mg8R9vMwgK/HGEm0dmb/7/a0XsG2jCDm6cOmJdZJFQ8JW7hFs3eOHpNlQYDChG2D\n"
2326 "A1ExslqBtbpicywTZhzFdYU/hxeCr4UqcY27Zmhr4JlBPMyvadWKeOqCamWepjbT\n"
2327 "T/MhWJbmWgZbI5s5sbpu7cOYubQcUIEsTaQXGx/KEzGo1HLn9tzSeQfP/nqjAD/L\n"
2328 "T5t1Mb8o4LuV/fGIT33Q3i2FospJMqp2JINNzG18I6Fjo08PTvJ3row40Rb76+lJ\n"
2329 "wN1IBthgBgsgsOdB6XNc56sV+uq2TACsNNWw+JnFRCkCQgfF/KUrvN+WireWq88B\n"
2330 "9UPG+Hbans5A6K+y1a+bzfdYnKws7x8wNRyPxb7Vb2t9ZTl5PBorPLVGsjgf9N5X\n"
2331 "tCdBlfJsUdXot+EOxrIczV5zx0JIB1Y9hrDG07RYkzPuJKxkW7skqeLo8oWGVpaQ\n"
2332 "LGWvuebky1R75hcSuL3e4QHfjBHPdQ31fScB884tqkbhBAWr2nT9bYEmyT170bno\n"
2333 "8QkyOSb99xZBX55sLDHs9p61sTJr2C9Lz/KaWQs+3hTkpwSjSRyjEMH2n491qiQX\n"
2334 "G+kvLEnvtR8sl9zinorj/RfsxyPntAxudfY3qaYUu2QkLvVdfTVUVbxS/Fg8f7B3\n"
2335 "hEjCtpKgFjPxQuHE3didNOr5xM7mkmLN/QA7yHVgdpE64T5mFgC3JcVRpcR7zBPH\n"
2336 "3OeXHgjrhDfN8UIX/cq6gNgD8w7O0rhHa3mEXI1xP14ykPcJ7wlRuLm9P3fwx5A2\n"
2337 "jQrVKJKw1Nzummmspn4VOpJY3LkH4Sxo4e7Soo1l1cxJpzmERwgMF+vGz1L70+DG\n"
2338 "M0hVrz1PxlOsBBFgcdS4TB91DIs/RcFDqrJ4gOPNKCgBP+rgTXXLFcxUwJfE3lKg\n"
2339 "Kmpwdne6FuQYX3eyRVAmPgOHbJuRQCh/V4fYo51UxCcEKeKy6UgOPEJlXksWGbH5\n"
2340 "VFmlytYW6dFKJvjltSmK6L2r+TlyEQoXwTqe4bkfhB2LniDEq28hKQ==\n"
2341 "-----END RSA PRIVATE KEY-----\n";
2343 std::string pub = "-----BEGIN PUBLIC KEY-----\n"
2344 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2345 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2346 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2347 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2348 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2349 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2351 "-----END PUBLIC KEY-----\n";
2353 CKM::Alias aliasPub = "pub_nohash1";
2354 CKM::Alias aliasPrv = "prv_nohash1";
2355 CKM::Password password = "1234";
2357 auto keyPub = CKM::Key::create(CKM::RawBuffer(pub.begin(), pub.end()));
2358 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), password);
2360 RUNNER_ASSERT_MSG(NULL != keyPub.get(),
2361 "Key is empty. Failed to import public key.");
2362 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
2363 "Key is empty. Failed to import private key.");
2366 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPub, keyPub, CKM::Policy())),
2367 "Error=" << CKM::ErrorToString(temp));
2369 CKM_API_SUCCESS == (temp = manager->saveKey(aliasPrv, keyPrv, CKM::Policy())),
2370 "Error=" << CKM::ErrorToString(temp));
2372 // Prepare ECDSA Key Pair
2373 std::string ecprv = "-----BEGIN EC PRIVATE KEY-----\n"
2374 "MHQCAQEEIJNud6U4h8EM1rASn4W5vQOJELTaVPQTUiESaBULvQUVoAcGBSuBBAAK\n"
2375 "oUQDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT05YHeT7vK0w08AUL1HCH5nFV\n"
2376 "ljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2377 "-----END EC PRIVATE KEY-----\n";
2379 std::string ecpub = "-----BEGIN PUBLIC KEY-----\n"
2380 "MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEL1R+hgjiFrdjbUKRNOxUG8ze9nveD9zT\n"
2381 "05YHeT7vK0w08AUL1HCH5nFVljePBYSxe6CybFiseayaxRxjA+iF1g==\n"
2382 "-----END PUBLIC KEY-----\n";
2384 CKM::Alias aliasEcPub = "ecpub_nohash1";
2385 CKM::Alias aliasEcPrv = "ecprv_nohash1";
2387 auto ecKeyPub = CKM::Key::create(CKM::RawBuffer(ecpub.begin(), ecpub.end()));
2388 auto ecKeyPrv = CKM::Key::create(CKM::RawBuffer(ecprv.begin(), ecprv.end()));
2390 RUNNER_ASSERT_MSG(NULL != ecKeyPub.get(),
2391 "Key is empty. Failed to import public key.");
2392 RUNNER_ASSERT_MSG(NULL != ecKeyPrv.get(),
2393 "Key is empty. Failed to import private key.");
2396 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPub, ecKeyPub, CKM::Policy())),
2397 "Error=" << CKM::ErrorToString(temp));
2399 CKM_API_SUCCESS == (temp = manager->saveKey(aliasEcPrv, ecKeyPrv, CKM::Policy())),
2400 "Error=" << CKM::ErrorToString(temp));
2404 RUNNER_TEST(T14181_rsa_create_signatue_nohash)
2407 auto manager = CKM::Manager::create();
2408 std::string message = "message asdfaslkdfjlksadjf test";
2410 CKM::Alias aliasPub = "pub_nohash1";
2411 CKM::Alias aliasPrv = "prv_nohash1";
2413 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2414 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2415 CKM::RawBuffer signature;
2418 CKM_API_SUCCESS == (temp = manager->createSignature(
2421 CKM::RawBuffer(message.begin(), message.end()),
2425 "Error=" << CKM::ErrorToString(temp));
2428 CKM_API_SUCCESS == (temp = manager->verifySignature(
2431 CKM::RawBuffer(message.begin(), message.end()),
2435 "Error=" << CKM::ErrorToString(temp));
2437 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2438 memcpy((void*)signature.data(), "BROKEN", 6);
2441 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2444 CKM::RawBuffer(message.begin(), message.end()),
2448 "Error=" << CKM::ErrorToString(temp));
2451 RUNNER_TEST(T14182_rsa_create_signatue_nohash_nopad)
2454 auto manager = CKM::Manager::create();
2455 std::string message = "message asdfaslkdfjlksadjf test";
2457 CKM::Alias aliasPub = "pub_nohash1";
2458 CKM::Alias aliasPrv = "prv_nohash1";
2460 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2461 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2462 CKM::RawBuffer signature;
2465 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2468 CKM::RawBuffer(message.begin(), message.end()),
2472 "Error=" << CKM::ErrorToString(temp));
2475 RUNNER_TEST(T14183_rsa_create_signatue_nohash_bigmsg)
2478 auto manager = CKM::Manager::create();
2479 std::string message = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2480 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2481 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2482 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2483 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2484 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2485 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2486 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2487 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2488 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2489 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2490 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2491 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2492 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2493 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2494 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2495 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2496 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2497 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
2498 "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
2500 CKM::Alias aliasPub = "pub_nohash1";
2501 CKM::Alias aliasPrv = "prv_nohash1";
2503 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2504 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2505 CKM::RawBuffer signature;
2508 CKM_API_ERROR_INPUT_PARAM == (temp = manager->createSignature(
2511 CKM::RawBuffer(message.begin(), message.end()),
2515 "Error=" << CKM::ErrorToString(temp));
2519 RUNNER_TEST(T14184_ec_create_signatue_nohash)
2522 auto manager = CKM::Manager::create();
2524 std::string message = "message test";
2526 CKM::Alias aliasPub = "ecpub_nohash1";
2527 CKM::Alias aliasPrv = "ecprv_nohash1";
2528 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2529 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
2530 CKM::RawBuffer signature;
2533 CKM_API_SUCCESS == (temp = manager->createSignature(
2536 CKM::RawBuffer(message.begin(), message.end()),
2540 "Error=" << CKM::ErrorToString(temp));
2543 CKM_API_SUCCESS == (temp = manager->verifySignature(
2546 CKM::RawBuffer(message.begin(), message.end()),
2550 "Error=" << CKM::ErrorToString(temp));
2552 RUNNER_ASSERT_MSG(signature.size() > 6, "Signature is too small");
2554 memcpy((void*)signature.data(), "BROKEN", 6);
2557 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
2560 CKM::RawBuffer(message.begin(), message.end()),
2564 "Error=" << CKM::ErrorToString(temp));
2567 RUNNER_TEST(T14185_ec_create_signatue_nohash_bigmsg)
2570 auto manager = CKM::Manager::create();
2572 int msgSize = 1024*1024;
2573 char big_msg[msgSize];
2574 for(int i =0; i<msgSize-1; i++) {
2577 big_msg[msgSize-1]=0x00;
2578 std::string message(big_msg);
2580 CKM::Alias aliasPub = "ecpub_nohash1";
2581 CKM::Alias aliasPrv = "ecprv_nohash1";
2582 CKM::HashAlgorithm hash = CKM::HashAlgorithm::NONE;
2583 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::NONE;
2584 CKM::RawBuffer signature;
2587 CKM_API_SUCCESS == (temp = manager->createSignature(
2590 CKM::RawBuffer(message.begin(), message.end()),
2594 "Error=" << CKM::ErrorToString(temp));
2598 RUNNER_TEST(T14189_deinit)
2601 auto control = CKM::Control::create();
2604 CKM_API_SUCCESS == (temp = control->lockUserKey(0)),
2605 "Error=" << CKM::ErrorToString(temp));
2607 CKM_API_SUCCESS == (temp = control->removeUserData(0)),
2608 "Error=" << CKM::ErrorToString(temp));
2612 RUNNER_TEST_GROUP_INIT(T151_CKM_STORAGE_PERNAMENT_TESTS);
2614 RUNNER_CHILD_TEST(T1510_init_unlock_key)
2617 AccessProvider ap("my-label");
2618 ap.allowAPI("key-manager::api-control", "rw");
2619 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2621 auto control = CKM::Control::create();
2623 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST, "strong-password")),
2624 "Error=" << CKM::ErrorToString(tmp));
2627 RUNNER_CHILD_TEST(T1511_insert_data)
2629 AccessProvider ap("my-label");
2630 ap.allowAPI("key-manager::api-storage", "rw");
2631 ap.applyAndSwithToUser(USER_TEST, GROUP_APP);
2633 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2634 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2635 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2636 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2637 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2638 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2639 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2640 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2641 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2642 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2643 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2644 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2645 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2646 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2647 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2648 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2649 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2650 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2651 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2652 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2653 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2654 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2655 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2656 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2657 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2658 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2659 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2660 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2661 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2662 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2663 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2664 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2666 "-----END CERTIFICATE-----\n";
2669 "-----BEGIN CERTIFICATE-----\n"
2670 "MIIF5DCCBMygAwIBAgIQW3dZxheE4V7HJ8AylSkoazANBgkqhkiG9w0BAQUFADCB\n"
2671 "yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2672 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp\n"
2673 "U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW\n"
2674 "ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0\n"
2675 "aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMTYxMTA3MjM1OTU5WjCBujEL\n"
2676 "MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW\n"
2677 "ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQg\n"
2678 "aHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMrVmVy\n"
2679 "aVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJ\n"
2680 "KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJjboFXrnP0XeeOabhQdsVuYI4cWbod2\n"
2681 "nLU4O7WgerQHYwkZ5iqISKnnnbYwWgiXDOyq5BZpcmIjmvt6VCiYxQwtt9citsj5\n"
2682 "OBfH3doxRpqUFI6e7nigtyLUSVSXTeV0W5K87Gws3+fBthsaVWtmCAN/Ra+aM/EQ\n"
2683 "wGyZSpIkMQht3QI+YXZ4eLbtfjeubPOJ4bfh3BXMt1afgKCxBX9ONxX/ty8ejwY4\n"
2684 "P1C3aSijtWZfNhpSSENmUt+ikk/TGGC+4+peGXEFv54cbGhyJW+ze3PJbb0S/5tB\n"
2685 "Ml706H7FC6NMZNFOvCYIZfsZl1h44TO/7Wg+sSdFb8Di7Jdp91zT91ECAwEAAaOC\n"
2686 "AdIwggHOMB0GA1UdDgQWBBT8ilC6nrklWntVhU+VAGOP6VhrQzASBgNVHRMBAf8E\n"
2687 "CDAGAQH/AgEAMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw\n"
2688 "czovL3d3dy52ZXJpc2lnbi5jb20vY3BzMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6\n"
2689 "Ly9FVlNlY3VyZS1jcmwudmVyaXNpZ24uY29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB\n"
2690 "/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZ\n"
2691 "MFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7\n"
2692 "GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nby5naWYwKQYDVR0R\n"
2693 "BCIwIKQeMBwxGjAYBgNVBAMTEUNsYXNzM0NBMjA0OC0xLTQ3MD0GCCsGAQUFBwEB\n"
2694 "BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL0VWU2VjdXJlLW9jc3AudmVyaXNpZ24u\n"
2695 "Y29tMB8GA1UdIwQYMBaAFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqGSIb3DQEB\n"
2696 "BQUAA4IBAQCWovp/5j3t1CvOtxU/wHIDX4u6FpAl98KD2Md1NGNoElMMU4l7yVYJ\n"
2697 "p8M2RE4O0GJis4b66KGbNGeNUyIXPv2s7mcuQ+JdfzOE8qJwwG6Cl8A0/SXGI3/t\n"
2698 "5rDFV0OEst4t8dD2SB8UcVeyrDHhlyQjyRNddOVG7wl8nuGZMQoIeRuPcZ8XZsg4\n"
2699 "z+6Ml7YGuXNG5NOUweVgtSV1LdlpMezNlsOjdv3odESsErlNv1HoudRETifLriDR\n"
2700 "fip8tmNHnna6l9AW5wtsbfdDbzMLKTB3+p359U64drPNGLT5IO892+bKrZvQTtKH\n"
2701 "qQ2mRHNQ3XBb7a1+Srwi1agm5MKFIA3Z\n"
2702 "-----END CERTIFICATE-----\n";
2704 auto manager = CKM::Manager::create();
2705 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2706 auto certim = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
2708 int status1 = manager->saveCertificate(CKM::Alias("CertEE"), certee, CKM::Policy());
2709 int status2 = manager->saveCertificate(CKM::Alias("CertIM"), certim, CKM::Policy());
2712 CKM_API_ERROR_DB_ALIAS_EXISTS == status1,
2713 "Certificate should be in database already. Error=" << CKM::ErrorToString(status1));
2716 CKM_API_ERROR_DB_ALIAS_EXISTS == status2,
2717 "Certificate should be in database already. Error=" << CKM::ErrorToString(status2));
2720 RUNNER_CHILD_TEST(T1519_deinit)
2723 AccessProvider ap("my-label");
2724 ap.allowAPI("key-manager::api-control", "rw");
2725 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2727 auto control = CKM::Control::create();
2729 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST)),
2730 "Error=" << CKM::ErrorToString(tmp));
2734 RUNNER_TEST_GROUP_INIT(T161_CKM_LOCKTYPE_TESTS);
2736 RUNNER_CHILD_TEST(T1610_init_lock_key)
2739 AccessProvider ap("my-label");
2740 ap.allowAPI("key-manager::api-control", "rw");
2741 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2743 auto control = CKM::Control::create();
2745 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"user-pass","")),
2746 "Error=" << CKM::ErrorToString(tmp));
2748 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2749 "Error=" << CKM::ErrorToString(tmp));
2752 RUNNER_CHILD_TEST(T1611_unlock_default_passwd)
2754 AccessProvider ap("my-label");
2755 ap.allowAPI("key-manager::api-storage", "rw");
2756 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2759 auto manager = CKM::Manager::create();
2761 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2762 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2763 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2764 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2765 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2766 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2767 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2769 "-----END PUBLIC KEY-----";
2771 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2772 auto key = CKM::Key::create(buffer, CKM::Password());
2774 CKM::Alias alias = "mykey_defpasswd";
2777 CKM_API_SUCCESS == (temp = manager->saveKey(alias, key, CKM::Policy())),
2778 "Error=" << CKM::ErrorToString(temp));
2780 CKM_API_SUCCESS == (temp = manager->getKey(alias, CKM::Password(), key2)),
2781 "Error=" << CKM::ErrorToString(temp));
2783 key->getDER() == key2->getDER(),
2784 "Key value has been changed by service");
2786 std::string invalid_address = aliasWithLabel("i-do-not-exist", alias.c_str());
2788 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->removeAlias(invalid_address.c_str())),
2789 "Error=" << CKM::ErrorToString(temp));
2791 CKM_API_SUCCESS == (temp = manager->removeAlias(alias)),
2792 "Error=" << CKM::ErrorToString(temp));
2795 RUNNER_CHILD_TEST(T1612_init_change_user_password)
2798 AccessProvider ap("my-label");
2799 ap.allowAPI("key-manager::api-control", "rw");
2800 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2802 auto control = CKM::Control::create();
2804 CKM_API_SUCCESS == (tmp = control->changeUserPassword(USER_APP,"","user-pass")),
2805 "Error=" << CKM::ErrorToString(tmp));
2806 // confirm changed password
2808 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_APP,"user-pass")),
2809 CKM::ErrorToString(tmp));
2811 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_APP)),
2812 CKM::ErrorToString(tmp));
2815 RUNNER_CHILD_TEST(T1613_unlock_default_passwd_negative)
2817 AccessProvider ap("my-label");
2818 ap.allowAPI("key-manager::api-storage", "rw");
2819 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2822 auto manager = CKM::Manager::create();
2824 std::string keyPem = "-----BEGIN PUBLIC KEY-----\n"
2825 "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4\n"
2826 "T4tUddtZNi0NVjQn9RFH1NMa220GsRhRO56F77FlSVFKfSfVZKIiWg6C+DVCkcLf\n"
2827 "zXJ/Z0pvwOQYBAqVMFjV6efQGN0JzJ1Unu7pPRiZl7RKGEI+cyzzrcDyrLLrQ2W7\n"
2828 "0ZySkNEOv6Frx9JgC5NExuYY4lk2fQQa38JXiZkfyzif2em0px7mXbyf5LjccsKq\n"
2829 "v1e+XLtMsL0ZefRcqsP++NzQAI8fKX7WBT+qK0HJDLiHrKOTWYzx6CwJ66LD/vvf\n"
2830 "j55xtsKDLVDbsotvf8/m6VLMab+vqKk11TP4tq6yo0mwyTADvgl1zowQEO9I1W6o\n"
2832 "-----END PUBLIC KEY-----";
2834 CKM::RawBuffer buffer(keyPem.begin(), keyPem.end());
2835 auto key = CKM::Key::create(buffer, CKM::Password());
2837 CKM::Alias alias = "mykey_defpasswd";
2840 CKM_API_ERROR_DB_LOCKED == (temp = manager->saveKey(alias, key, CKM::Policy())),
2841 "Error=" << CKM::ErrorToString(temp));
2843 CKM_API_ERROR_DB_LOCKED == (temp = manager->getKey(alias, CKM::Password(), key2)),
2844 "Error=" << CKM::ErrorToString(temp));
2846 CKM_API_ERROR_DB_LOCKED == (temp = manager->removeAlias(alias)),
2847 "Error=" << CKM::ErrorToString(temp));
2850 RUNNER_CHILD_TEST(T1619_deinit)
2852 AccessProvider ap("my-label");
2853 ap.allowAPI("key-manager::api-control", "rw");
2854 ap.applyAndSwithToUser(USER_APP, GROUP_APP);
2857 RUNNER_TEST_GROUP_INIT(T170_CKM_STORAGE_PERNAMENT_TESTS);
2859 RUNNER_TEST(T1701_init_unlock_key)
2862 auto control = CKM::Control::create();
2864 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+1, "t170-special-password")),
2865 "Error=" << CKM::ErrorToString(tmp));
2868 RUNNER_CHILD_TEST(T1702_insert_data)
2871 AccessProvider ap("t170-special-label");
2872 ap.allowAPI("key-manager::api-storage", "rw");
2873 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2875 std::string ee = "-----BEGIN CERTIFICATE-----\n"
2876 "MIIF0TCCBLmgAwIBAgIQaPGTP4aS7Ut/WDNaBzdQrDANBgkqhkiG9w0BAQUFADCB\n"
2877 "ujELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL\n"
2878 "ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug\n"
2879 "YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykwNjE0MDIGA1UEAxMr\n"
2880 "VmVyaVNpZ24gQ2xhc3MgMyBFeHRlbmRlZCBWYWxpZGF0aW9uIFNTTCBDQTAeFw0x\n"
2881 "NDAyMjAwMDAwMDBaFw0xNTAyMjAyMzU5NTlaMIHmMRMwEQYLKwYBBAGCNzwCAQMT\n"
2882 "AlBMMR0wGwYDVQQPExRQcml2YXRlIE9yZ2FuaXphdGlvbjETMBEGA1UEBRMKMDAw\n"
2883 "MDAyNTIzNzELMAkGA1UEBhMCUEwxDzANBgNVBBEUBjAwLTk1MDEUMBIGA1UECBML\n"
2884 "bWF6b3dpZWNraWUxETAPBgNVBAcUCFdhcnN6YXdhMRYwFAYDVQQJFA1TZW5hdG9y\n"
2885 "c2thIDE4MRMwEQYDVQQKFAptQmFuayBTLkEuMQwwCgYDVQQLFANESU4xGTAXBgNV\n"
2886 "BAMUEHd3dy5tYmFuay5jb20ucGwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\n"
2887 "AoIBAQDph6x8V6xUW/+651+qHF+UmorH9uaz2ZrX2bIWiMKIJFmpDDHlxcapKkqE\n"
2888 "BV04is83aiCpqKtc2ZHy2g4Hpj1eSF5BP2+OAlo0YUQZPIeRRdiMjmeAxw/ncBDx\n"
2889 "9rQBuCJ4XTD6cqQox5SI0TASOZ+wyAEjbDRXzL73XqRAFZ1LOpb2ONkolS+RutMB\n"
2890 "vshvCsWPeNe7eGLuOh6DyC6r1vX9xhw3xnjM2mTSvmtimgzSLacNGKqRrsucUgcb\n"
2891 "0+O5C2jZAtAMLyZksL92cxmWbtVzUYzem4chjHu5cRxUlPNzUJWrrczueB7Ip4A8\n"
2892 "aQuFMfNXYc0x+WLWjy//urypMKjhAgMBAAGjggGjMIIBnzAbBgNVHREEFDASghB3\n"
2893 "d3cubWJhbmsuY29tLnBsMAkGA1UdEwQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1Ud\n"
2894 "JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBEBgNVHSAEPTA7MDkGC2CGSAGG+EUB\n"
2895 "BxcGMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMw\n"
2896 "HQYDVR0OBBYEFN37iGaS7mZnENxZ9FGqNLR+QgoMMB8GA1UdIwQYMBaAFPyKULqe\n"
2897 "uSVae1WFT5UAY4/pWGtDMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9FVlNlY3Vy\n"
2898 "ZS1jcmwudmVyaXNpZ24uY29tL0VWU2VjdXJlMjAwNi5jcmwwfAYIKwYBBQUHAQEE\n"
2899 "cDBuMC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC52ZXJpc2lnbi5j\n"
2900 "b20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9FVlNlY3VyZS1haWEudmVyaXNpZ24uY29t\n"
2901 "L0VWU2VjdXJlMjAwNi5jZXIwDQYJKoZIhvcNAQEFBQADggEBAD0wO+rooUrIM4qp\n"
2902 "PHhp+hkXK6WMQ2qzGOmbMcZjw0govg5vkzkefPDryIXXbrF8mRagiJNMSfNaWWeh\n"
2903 "Cj41OV24EdUl0OLbFxNzcvub599zRs/apfaRLTfsmlmOgi0/YP305i+3tJ2ll946\n"
2904 "P+qV1wXnXqTqEdIl4Ys3+1HmDCdTB1hoDwAAzqRVUXZ5+iiwPAU7R/LTHfMjV1ke\n"
2905 "8jtNFfrorlZMCfVH/7eEnHJvVjOJt+YFe4aFMzE+DfuYIK7MH+olC2v79kBwbnEQ\n"
2906 "fvHMA9gFwOYLUBBdSfcocp8EKZ+mRlNPGR/3LBrPeaQQ0GZEkxzRK+v/aNTuiYfr\n"
2908 "-----END CERTIFICATE-----\n";
2910 auto manager = CKM::Manager::create();
2911 auto certee = CKM::Certificate::create(CKM::RawBuffer(ee.begin(), ee.end()), CKM::DataFormat::FORM_PEM);
2913 int status1 = manager->saveCertificate(CKM::Alias("CertEEE"), certee, CKM::Policy());
2916 CKM_API_SUCCESS == status1,
2917 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
2919 CKM::AliasVector av;
2921 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2922 "Error=" << CKM::ErrorToString(temp));
2924 1 == (temp = av.size()),
2925 "Vector size: " << temp << ". Expected: 1");
2928 RUNNER_TEST(T1703_removeApplicationData)
2931 auto control = CKM::Control::create();
2933 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t170-special-label")),
2934 "Error=" << CKM::ErrorToString(tmp));
2937 RUNNER_CHILD_TEST(T1704_data_test)
2940 AccessProvider ap("t170-special-label");
2941 ap.allowAPI("key-manager::api-storage", "rw");
2942 ap.applyAndSwithToUser(USER_TEST+1, GROUP_APP);
2944 CKM::AliasVector av;
2945 auto manager = CKM::Manager::create();
2948 CKM_API_SUCCESS == (temp = manager->getCertificateAliasVector(av)),
2949 "Error=" << CKM::ErrorToString(temp));
2951 0 == (temp = av.size()),
2952 "Vector size: " << temp << ". Expected: 0");
2955 RUNNER_TEST(T1705_deinit)
2959 auto control = CKM::Control::create();
2961 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+1)),
2962 "Error=" << CKM::ErrorToString(tmp));
2964 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+1)),
2965 "Error=" << CKM::ErrorToString(tmp));
2968 RUNNER_TEST(T17101_init)
2972 auto control = CKM::Control::create();
2974 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
2975 "Error=" << CKM::ErrorToString(tmp));
2977 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
2978 "Error=" << CKM::ErrorToString(tmp));
2980 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+2, "t1706-special-password")),
2981 "Error=" << CKM::ErrorToString(tmp));
2984 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
2985 "Error=" << CKM::ErrorToString(tmp));
2987 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
2988 "Error=" << CKM::ErrorToString(tmp));
2990 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
2991 "Error=" << CKM::ErrorToString(tmp));
2994 RUNNER_CHILD_TEST(T17102_prep_data_01)
2997 AccessProvider ap("t1706-special-label");
2998 ap.allowAPI("key-manager::api-storage", "rw");
2999 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3001 CKM::AliasVector av;
3002 auto manager = CKM::Manager::create();
3004 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3006 CKM::RawBuffer buffer(data.begin(), data.end());
3007 CKM::Policy exportable(CKM::Password(), true);
3010 CKM_API_SUCCESS == (temp = manager->saveData("data1", buffer, exportable)),
3011 "Error=" << CKM::ErrorToString(temp));
3014 RUNNER_CHILD_TEST(T17103_prep_data_02)
3017 AccessProvider ap("t1706-special-label2");
3018 ap.allowAPI("key-manager::api-storage", "rw");
3019 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3021 CKM::AliasVector av;
3022 auto manager = CKM::Manager::create();
3024 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3026 CKM::RawBuffer buffer(data.begin(), data.end());
3027 CKM::Policy exportable(CKM::Password(), true);
3030 CKM_API_SUCCESS == (temp = manager->saveData("data2", buffer, exportable)),
3031 "Error=" << CKM::ErrorToString(temp));
3034 RUNNER_CHILD_TEST(T17104_prep_data_03)
3037 AccessProvider ap("t1706-special-label");
3038 ap.allowAPI("key-manager::api-storage", "rw");
3039 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3041 CKM::AliasVector av;
3042 auto manager = CKM::Manager::create();
3044 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3046 CKM::RawBuffer buffer(data.begin(), data.end());
3047 CKM::Policy exportable(CKM::Password(), true);
3050 CKM_API_SUCCESS == (temp = manager->saveData("data3", buffer, exportable)),
3051 "Error=" << CKM::ErrorToString(temp));
3054 RUNNER_CHILD_TEST(T17105_prep_data_04)
3057 AccessProvider ap("t1706-special-label2");
3058 ap.allowAPI("key-manager::api-storage", "rw");
3059 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3061 CKM::AliasVector av;
3062 auto manager = CKM::Manager::create();
3064 std::string data = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2b1bXDa+S8/MGWnMkru4";
3066 CKM::RawBuffer buffer(data.begin(), data.end());
3067 CKM::Policy exportable(CKM::Password(), true);
3070 CKM_API_SUCCESS == (temp = manager->saveData("data4", buffer, exportable)),
3071 "Error=" << CKM::ErrorToString(temp));
3074 RUNNER_TEST(T17106_remove_application)
3078 auto control = CKM::Control::create();
3080 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3081 "Error=" << CKM::ErrorToString(tmp));
3083 CKM_API_SUCCESS == (tmp = control->removeApplicationData("t1706-special-label")),
3084 "Error=" << CKM::ErrorToString(tmp));
3087 RUNNER_CHILD_TEST(T17107_check_data_01)
3090 AccessProvider ap("t1706-special-label");
3091 ap.allowAPI("key-manager::api-storage", "rw");
3092 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3094 CKM::AliasVector av;
3095 auto manager = CKM::Manager::create();
3098 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3099 "Error=" << CKM::ErrorToString(temp));
3101 0 == (temp = av.size()),
3102 "Vector size: " << temp << ". Expected: 0");
3105 RUNNER_CHILD_TEST(T17108_check_data_02)
3108 AccessProvider ap("t1706-special-label2");
3109 ap.allowAPI("key-manager::api-storage", "rw");
3110 ap.applyAndSwithToUser(USER_TEST+2, GROUP_APP);
3112 CKM::AliasVector av;
3113 auto manager = CKM::Manager::create();
3116 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3117 "Error=" << CKM::ErrorToString(temp));
3119 1 == (temp = av.size()),
3120 "Vector size: " << temp << ". Expected: 1");
3123 RUNNER_TEST(T17109_unlock_user2)
3127 auto control = CKM::Control::create();
3129 CKM_API_SUCCESS == (tmp = control->unlockUserKey(USER_TEST+3, "t1706-special-password")),
3130 "Error=" << CKM::ErrorToString(tmp));
3133 RUNNER_CHILD_TEST(T17110_check_data_03)
3136 AccessProvider ap("t1706-special-label");
3137 ap.allowAPI("key-manager::api-storage", "rw");
3138 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3140 CKM::AliasVector av;
3141 auto manager = CKM::Manager::create();
3144 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3145 "Error=" << CKM::ErrorToString(temp));
3147 0 == (temp = av.size()),
3148 "Vector size: " << temp << ". Expected: 0");
3151 RUNNER_CHILD_TEST(T17111_check_data_04)
3154 AccessProvider ap("t1706-special-label2");
3155 ap.allowAPI("key-manager::api-storage", "rw");
3156 ap.applyAndSwithToUser(USER_TEST+3, GROUP_APP);
3158 CKM::AliasVector av;
3159 auto manager = CKM::Manager::create();
3162 CKM_API_SUCCESS == (temp = manager->getDataAliasVector(av)),
3163 "Error=" << CKM::ErrorToString(temp));
3165 1 == (temp = av.size()),
3166 "Vector size: " << temp << ". Expected: 1");
3169 RUNNER_TEST(T17112_deinit)
3173 auto control = CKM::Control::create();
3175 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+2)),
3176 "Error=" << CKM::ErrorToString(tmp));
3178 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+2)),
3179 "Error=" << CKM::ErrorToString(tmp));
3182 CKM_API_SUCCESS == (tmp = control->lockUserKey(USER_TEST+3)),
3183 "Error=" << CKM::ErrorToString(tmp));
3185 CKM_API_SUCCESS == (tmp = control->removeUserData(USER_TEST+3)),
3186 "Error=" << CKM::ErrorToString(tmp));
3189 RUNNER_TEST_GROUP_INIT(T180_PKCS12);
3193 CKM::Alias alias_PKCS_collision = "test-PKCS-collision";
3194 CKM::Alias alias_PKCS_exportable = "test-PKCS-export";
3195 CKM::Alias alias_PKCS_not_exportable = "test-PKCS-no-export";
3196 CKM::Alias alias_PKCS_priv_key_copy = "test-PKCS-private-key-copy";
3197 CKM::Alias alias_PKCS_priv_key_wrong = "test-PKCS-private-key-wrong";
3200 RUNNER_TEST(T1800_init) {
3202 auto control = CKM::Control::create();
3204 CKM_API_SUCCESS == (temp = control->unlockUserKey(USER_APP, "user-pass")),
3205 "Error=" << CKM::ErrorToString(temp));
3207 auto manager = CKM::Manager::create();
3208 manager->removeAlias(alias_PKCS_collision);
3209 manager->removeAlias(alias_PKCS_exportable);
3210 manager->removeAlias(alias_PKCS_not_exportable);
3211 manager->removeAlias(alias_PKCS_priv_key_copy);
3212 manager->removeAlias(alias_PKCS_priv_key_wrong);
3215 RUNNER_TEST(T1801_parse_PKCS12) {
3216 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3217 std::istreambuf_iterator<char> begin(is), end;
3218 std::vector<char> buff(begin, end);
3220 CKM::RawBuffer buffer(buff.size());
3221 memcpy(buffer.data(), buff.data(), buff.size());
3223 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3226 "Error in PKCS12::create()");
3228 auto cert = pkcs->getCertificate();
3231 "Error in PKCS12::getCertificate()");
3233 auto key = pkcs->getKey();
3236 "Error in PKCS12::getKey()");
3238 auto caVector = pkcs->getCaCertificateShPtrVector();
3240 0 == caVector.size(),
3241 "Wrong size of vector");
3244 RUNNER_TEST(T1802_negative_wrong_password) {
3245 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3246 std::istreambuf_iterator<char> begin(is), end;
3247 std::vector<char> buff(begin, end);
3249 CKM::RawBuffer buffer(buff.size());
3250 memcpy(buffer.data(), buff.data(), buff.size());
3252 auto pkcs = CKM::PKCS12::create(buffer, "error");
3255 "Expected error in PKCS12::create()");
3258 RUNNER_TEST(T1803_negative_broken_buffer) {
3259 std::ifstream is("/usr/share/ckm-test/test1801.pkcs12");
3260 std::istreambuf_iterator<char> begin(is), end;
3261 std::vector<char> buff(begin, end);
3263 CKM::RawBuffer buffer(buff.size());
3264 memcpy(buffer.data(), buff.data(), buff.size());
3266 RUNNER_ASSERT_MSG(buffer.size() > 5, "PKCS file is too small.");
3269 auto pkcs = CKM::PKCS12::create(buffer, "secret");
3272 "Expected error in PKCS12::create()");
3275 RUNNER_TEST(T1804_add_PKCS_collision_with_existing_alias)
3277 auto manager = CKM::Manager::create();
3278 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3279 std::istreambuf_iterator<char> begin(is), end;
3280 std::vector<char> buff(begin, end);
3282 CKM::RawBuffer buffer(buff.size());
3283 memcpy(buffer.data(), buff.data(), buff.size());
3285 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3288 "Error in PKCS12::create()");
3291 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3292 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3293 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3294 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3295 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3296 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3297 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3298 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3299 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3300 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3301 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3302 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3303 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3304 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3305 "-----END RSA PRIVATE KEY-----\n";
3307 std::string message = "message test";
3309 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3310 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3311 "Key is empty. Failed to import private key.");
3315 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_collision, keyPrv, CKM::Policy())),
3316 "Error=" << CKM::ErrorToString(temp));
3319 CKM_API_ERROR_DB_ALIAS_EXISTS == (temp = manager->savePKCS12(alias_PKCS_collision, pkcs, CKM::Policy(), CKM::Policy())),
3320 "Error=" << CKM::ErrorToString(temp));
3323 RUNNER_TEST(T1805_add_bundle_with_chain_certificates)
3325 auto manager = CKM::Manager::create();
3326 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3327 std::istreambuf_iterator<char> begin(is), end;
3328 std::vector<char> buff(begin, end);
3330 CKM::RawBuffer buffer(buff.size());
3331 memcpy(buffer.data(), buff.data(), buff.size());
3333 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3336 "Error in PKCS12::create()");
3338 auto cert = pkcs->getCertificate();
3341 "Error in PKCS12::getCertificate()");
3343 auto key = pkcs->getKey();
3346 "Error in PKCS12::getKey()");
3348 auto caVector = pkcs->getCaCertificateShPtrVector();
3350 2 == caVector.size(),
3351 "Wrong size of vector");
3355 CKM::Policy exportable;
3356 CKM::Policy notExportable(CKM::Password(), false);
3359 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3360 "Error=" << CKM::ErrorToString(tmp));
3362 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_exportable, pkcs, exportable, exportable)),
3363 "Error=" << CKM::ErrorToString(tmp));
3365 CKM_API_SUCCESS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3366 "Error=" << CKM::ErrorToString(tmp));
3368 CKM_API_ERROR_DB_ALIAS_EXISTS == (tmp = manager->savePKCS12(alias_PKCS_not_exportable, pkcs, notExportable, notExportable)),
3369 "Error=" << CKM::ErrorToString(tmp));
3371 // try to lookup key
3372 CKM::KeyShPtr key_lookup;
3374 CKM_API_SUCCESS == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3375 "Error=" << CKM::ErrorToString(tmp));
3377 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3378 "Error=" << CKM::ErrorToString(tmp));
3380 // try to lookup certificate
3381 CKM::CertificateShPtr cert_lookup;
3383 CKM_API_SUCCESS == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3384 "Error=" << CKM::ErrorToString(tmp));
3386 CKM_API_ERROR_NOT_EXPORTABLE == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3387 "Error=" << CKM::ErrorToString(tmp));
3390 RUNNER_TEST(T1806_get_PKCS)
3393 auto manager = CKM::Manager::create();
3395 CKM::PKCS12ShPtr pkcs;
3399 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (temp = manager->getPKCS12("i-do-not-exist", pkcs)),
3400 "Error=" << CKM::ErrorToString(temp));
3402 // fail - not exportable
3404 CKM_API_ERROR_NOT_EXPORTABLE == (temp = manager->getPKCS12(alias_PKCS_not_exportable, pkcs)),
3405 "Error=" << CKM::ErrorToString(temp));
3407 // success - exportable
3409 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias_PKCS_exportable, pkcs)),
3410 "Error=" << CKM::ErrorToString(temp));
3412 auto cert = pkcs->getCertificate();
3415 "Error in PKCS12::getCertificate()");
3417 auto key = pkcs->getKey();
3420 "Error in PKCS12::getKey()");
3422 auto caVector = pkcs->getCaCertificateShPtrVector();
3424 2 == caVector.size(),
3425 "Wrong size of vector");
3428 RUNNER_TEST(T1807_create_and_verify_signature)
3431 auto manager = CKM::Manager::create();
3433 std::string message = "message test";
3435 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3436 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3437 CKM::RawBuffer signature;
3440 CKM_API_SUCCESS == (temp = manager->createSignature(
3441 alias_PKCS_exportable,
3443 CKM::RawBuffer(message.begin(), message.end()),
3447 "Error=" << CKM::ErrorToString(temp));
3450 CKM_API_SUCCESS == (temp = manager->verifySignature(
3451 alias_PKCS_exportable,
3453 CKM::RawBuffer(message.begin(), message.end()),
3457 "Error=" << CKM::ErrorToString(temp));
3460 RUNNER_TEST(T1808_create_signature_on_raw_key_and_verify_on_PKCS)
3463 auto manager = CKM::Manager::create();
3465 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3466 "MIICXQIBAAKBgQD1W9neUbXL1rnq9SvyzprjhWBKXyYKQirG3V2zyUnUaE24Sq2I\n"
3467 "v7ISrwMN/G6WcjrGmeZDEWwrL4zXh002N8BD1waJPRonxwtVkhFy3emGatSmx7eI\n"
3468 "ely5H+PBNImRvBh2u4GWga6OEXcUNdfaBUcxn+P6548/zpDhyNLzQKk5FwIDAQAB\n"
3469 "AoGAR+4WkBuqTUj1FlGsAbHaLKt0UDlWwJknS0eoacWwFEpDxqx19WolfV67aYVA\n"
3470 "snBolMKXg7/+0yZMhv8Ofr+XaHkPQplVVn9BwT0rmtEovJXwx+poRP9Bm3emglj/\n"
3471 "iYd8EkaXDlIXCtewtQW9JEIctWppntHj3TvA/h7FCXPN6SkCQQD/N7sn5S1gBkVh\n"
3472 "dyXQKoyKsZDb7hMIS1q6cKwYCMf2UrsD1/lnr7xXkvORdL213MfueO8g0WkuKfRY\n"
3473 "bDD6WGX1AkEA9hxiOlsgvermqLJkOlJffbSaM8n/6wtnM0HV+Vd9NfSBOmxFDXPO\n"
3474 "vrvdgiDPENhbqTJSQVDsfzHilTpK7lEvWwJBAJLxHoOg0tg3pBiyxgWtic+M3q+R\n"
3475 "ykl7QViY6KzJ2X98MIrM/Z7yMollZXE4+sVLwZ0O6fdGOr3GkBWc7TImVUUCQQC7\n"
3476 "pf6bQfof9Ce0fnf/I+ldHkPost7nJsWkBlGQkM2OQwP5OK4ZyK/dK76DxmI7FMwm\n"
3477 "oJCo7nuzq6R4ZX7WYJ47AkBavxBDo/e9/0Vk5yrloGKW3f8RQXBJLcCkVUGyyJ3D\n"
3478 "3gu/nafW4hzjSJniTjC1fOj0eb0OSg1JAvqHTYAnUsI7\n"
3479 "-----END RSA PRIVATE KEY-----";
3480 std::string message = "message test";
3482 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3483 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3484 "Key is empty. Failed to import private key.");
3487 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_copy, keyPrv, CKM::Policy())),
3488 "Error=" << CKM::ErrorToString(temp));
3490 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3491 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3492 CKM::RawBuffer signature;
3495 CKM_API_SUCCESS == (temp = manager->createSignature(
3496 alias_PKCS_priv_key_copy,
3498 CKM::RawBuffer(message.begin(), message.end()),
3502 "Error=" << CKM::ErrorToString(temp));
3505 CKM_API_SUCCESS == (temp = manager->verifySignature(
3506 alias_PKCS_exportable,
3508 CKM::RawBuffer(message.begin(), message.end()),
3512 "Error=" << CKM::ErrorToString(temp));
3515 RUNNER_TEST(T1809_create_signature_on_wrong_key_and_verify_on_PKCS)
3518 auto manager = CKM::Manager::create();
3520 std::string prv = "-----BEGIN RSA PRIVATE KEY-----\n"
3521 "MIICXQIBAAKBgQDCKb9BkTdOjCTXKPi/H5FSGuyrgzORBtR3nCTg7SRnL47zNGEj\n"
3522 "l2wkgsY9ZO3UJHm0gy5KMjWeCuUVkSD3G46J9obg1bYJivCQBJKxfieA8sWOtNq1\n"
3523 "M8emHGK8o3sjaRklrngmk2xSCs5vFJVlCluzAYUmrPDm64C3+n4yW4pBCQIDAQAB\n"
3524 "AoGAd1IWgiHO3kuLvFome7XXpaB8P27SutZ6rcLcewnhLDRy4g0XgTrmL43abBJh\n"
3525 "gdSkooVXZity/dvuKpHUs2dQ8W8zYiFFsHfu9qqLmLP6SuBPyUCvlUDH5BGfjjxI\n"
3526 "5qGWIowj/qGHKpbQ7uB+Oe2BHwbHao0zFZIkfKqY0mX9U00CQQDwF/4zQcGS1RX/\n"
3527 "229gowTsvSGVmm8cy1jGst6xkueEuOEZ/AVPO1fjavz+nTziUk4E5lZHAj18L6Hl\n"
3528 "iO29LRujAkEAzwbEWVhfTJewCZIFf3sY3ifXhGZhVKDHVzPBNyoft8Z+09DMHTJb\n"
3529 "EYg85MIbR73aUyIWsEci/CPk6LPRNv47YwJAHtQF2NEFqPPhakPjzjXAaSFz0YDN\n"
3530 "6ZWWpZTMEWL6hUkz5iE9EUpeY54WNB8+dRT6XZix1VZNTMfU8uMdG6BSHwJBAKYM\n"
3531 "gm47AGz5eVujwD8op6CACk+KomRzdI+P1lh9s+T+E3mnDiAY5IxiXp0Ix0K6lyN4\n"
3532 "wwPuerQLwi2XFKZsMYsCQQDOiSQFP9PfXh9kFzN6e89LxOdnqC/r9i5GDB3ea8eL\n"
3533 "SCRprpzqOXZvOP1HBAEjsJ6k4f8Dqj1fm+y8ZcgAZUPr\n"
3534 "-----END RSA PRIVATE KEY-----\n";
3536 std::string message = "message test";
3538 auto keyPrv = CKM::Key::create(CKM::RawBuffer(prv.begin(), prv.end()), CKM::Password());
3539 RUNNER_ASSERT_MSG(NULL != keyPrv.get(),
3540 "Key is empty. Failed to import private key.");
3543 CKM_API_SUCCESS == (temp = manager->saveKey(alias_PKCS_priv_key_wrong, keyPrv, CKM::Policy())),
3544 "Error=" << CKM::ErrorToString(temp));
3546 CKM::HashAlgorithm hash = CKM::HashAlgorithm::SHA256;
3547 CKM::RSAPaddingAlgorithm padd = CKM::RSAPaddingAlgorithm::PKCS1;
3548 CKM::RawBuffer signature;
3551 CKM_API_SUCCESS == (temp = manager->createSignature(
3552 alias_PKCS_priv_key_wrong,
3554 CKM::RawBuffer(message.begin(), message.end()),
3558 "Error=" << CKM::ErrorToString(temp));
3561 CKM_API_ERROR_VERIFICATION_FAILED == (temp = manager->verifySignature(
3562 alias_PKCS_exportable,
3564 CKM::RawBuffer(message.begin(), message.end()),
3568 "Error=" << CKM::ErrorToString(temp));
3571 RUNNER_TEST(T1810_verify_get_certificate_chain)
3573 // this certificate has been signed using PKCS chain
3574 std::string im = "-----BEGIN CERTIFICATE-----\n"
3575 "MIIBrTCCARYCAQEwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRc2VydmVyQHRl\n"
3576 "c3RtZS5jb20wHhcNMTQxMjAyMTMxNTQzWhcNMTUxMjAyMTMxNTQzWjAiMSAwHgYD\n"
3577 "VQQDDBdlbmQtb24tY2hhaW5AdGVzdG1lLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOB\n"
3578 "jQAwgYkCgYEAsJS/jky4Cnxnlj6m2Eam3E3ARfR1PTaQV3Om09z3Ax15ca3kfHSb\n"
3579 "n6UlDk9vjP3iE7Nbju5Nzw9Tu/Pe32g/54quUBgbTFWbztR/Q9Dxbt3evWZ98ADS\n"
3580 "qAtH9OU23xS/5jGpmJSP0l22JItx8E8nEbEPj7GTWfVuYb3HXMHqzY8CAwEAATAN\n"
3581 "BgkqhkiG9w0BAQsFAAOBgQCPJqjMH24kAngd0EunIPsVNSpWJMlMocFM5xHJsvgi\n"
3582 "5DZ7swo0O/Jfqvo/vKDVqR/wiPeAxrwirECGC1O2hC7HcOt7kW4taHSVGGd4dHMn\n"
3583 "oK70cUKQeVy3cYY6QUaonjuNVvYQHE3OSLDe56n6c7Mnek28qNtezeSWLUy8L8fA\n"
3585 "-----END CERTIFICATE-----\n";
3587 auto cert = CKM::Certificate::create(CKM::RawBuffer(im.begin(), im.end()), CKM::DataFormat::FORM_PEM);
3588 CKM::CertificateShPtrVector certChain;
3589 CKM::AliasVector aliasVector;
3592 auto manager = CKM::Manager::create();
3594 RUNNER_ASSERT_MSG(NULL != cert.get(), "Certificate should not be empty");
3596 tmp = manager->getCertificateChain(cert,
3601 RUNNER_ASSERT_MSG(CKM_API_ERROR_VERIFICATION_FAILED == tmp,
3602 "Error=" << CKM::ErrorToString(tmp));
3605 0 == certChain.size(),
3606 "Wrong size of certificate chain.");
3608 aliasVector.push_back(alias_PKCS_exportable);
3610 tmp = manager->getCertificateChain(cert, EMPTY_ALIAS_VECTOR, aliasVector, false, certChain);
3611 RUNNER_ASSERT_MSG(CKM_API_SUCCESS == tmp, "Error=" << CKM::ErrorToString(tmp));
3613 // 1(cert) + 1(pkcs12 cert) + 2(pkcs12 chain cert) = 4
3615 4 == certChain.size(),
3616 "Wrong size of certificate chain: " << certChain.size());
3619 RUNNER_TEST(T1811_remove_bundle_with_chain_certificates)
3621 auto manager = CKM::Manager::create();
3625 // remove the whole PKCS12 bundles
3627 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_exportable)),
3628 "Error=" << CKM::ErrorToString(tmp));
3630 CKM_API_SUCCESS == (tmp = manager->removeAlias(alias_PKCS_not_exportable)),
3631 "Error=" << CKM::ErrorToString(tmp));
3633 // expect lookup fails due to unknown alias
3634 // try to lookup key
3635 CKM::KeyShPtr key_lookup;
3637 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_exportable, CKM::Password(), key_lookup)),
3638 "Error=" << CKM::ErrorToString(tmp));
3640 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getKey(alias_PKCS_not_exportable, CKM::Password(), key_lookup)),
3641 "Error=" << CKM::ErrorToString(tmp));
3643 // try to lookup certificate
3644 CKM::CertificateShPtr cert_lookup;
3646 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_exportable, CKM::Password(), cert_lookup)),
3647 "Error=" << CKM::ErrorToString(tmp));
3649 CKM_API_ERROR_DB_ALIAS_UNKNOWN == (tmp = manager->getCertificate(alias_PKCS_not_exportable, CKM::Password(), cert_lookup)),
3650 "Error=" << CKM::ErrorToString(tmp));
3653 RUNNER_TEST(T1812_get_pkcs12_password_tests)
3655 CKM::Alias alias = "t1812alias1";
3657 auto manager = CKM::Manager::create();
3658 std::ifstream is("/usr/share/ckm-test/pkcs.p12");
3659 std::istreambuf_iterator<char> begin(is), end;
3660 std::vector<char> buff(begin, end);
3662 CKM::PKCS12ShPtr pkcs12;
3663 CKM::Password pass1 = "easypass1";
3664 CKM::Password pass2 = "easypass2";
3666 CKM::RawBuffer buffer(buff.size());
3667 memcpy(buffer.data(), buff.data(), buff.size());
3669 auto pkcs = CKM::PKCS12::create(buffer, CKM::Password());
3672 "Error in PKCS12::create()");
3676 CKM_API_SUCCESS == (temp = manager->savePKCS12(alias, pkcs, CKM::Policy(pass1), CKM::Policy(pass2))),
3677 "Error=" << CKM::ErrorToString(temp));
3680 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pkcs)),
3681 "Error=" << CKM::ErrorToString(temp));
3684 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), CKM::Password(), pkcs)),
3685 "Error=" << CKM::ErrorToString(temp));
3688 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, pass1, CKM::Password(), pkcs)),
3689 "Error=" << CKM::ErrorToString(temp));
3692 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getPKCS12(alias, CKM::Password(), pass2, pkcs)),
3693 "Error=" << CKM::ErrorToString(temp));
3696 CKM_API_SUCCESS == (temp = manager->getPKCS12(alias, pass1, pass2, pkcs)),
3697 "Error=" << CKM::ErrorToString(temp));
3699 CKM::CertificateShPtr cert;
3701 CKM_API_SUCCESS == (temp = manager->getCertificate(alias, pass2, cert)),
3702 "Error=" << CKM::ErrorToString(temp));
3704 CKM::CertificateShPtrVector certChain;
3705 CKM::AliasVector certVect;
3706 certVect.push_back(alias);
3709 CKM_API_ERROR_AUTHENTICATION_FAILED == (temp = manager->getCertificateChain(cert, certVect, certVect, true, certChain)),
3710 "Error=" << CKM::ErrorToString(temp));
3713 RUNNER_TEST(T1813_deinit)
3716 auto control = CKM::Control::create();
3719 CKM_API_SUCCESS == (temp = control->lockUserKey(USER_APP)),
3720 "Error=" << CKM::ErrorToString(temp));
3723 RUNNER_TEST_GROUP_INIT(T190_CKM_EMPTY_STORAGE_TESTS);
3725 RUNNER_TEST(T1901_init_unlock_key)
3728 auto control = CKM::Control::create();
3730 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3731 "Error=" << CKM::ErrorToString(tmp));
3733 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3734 "Error=" << CKM::ErrorToString(tmp));
3736 CKM_API_SUCCESS == (tmp = control->unlockUserKey(0, "t190-special-password")),
3737 "Error=" << CKM::ErrorToString(tmp));
3740 RUNNER_TEST(T1902_get_data)
3742 auto manager = CKM::Manager::create();
3745 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3748 CKM_API_ERROR_DB_ALIAS_UNKNOWN == status1,
3749 "Could not put certificate in datbase. Error=" << CKM::ErrorToString(status1));
3752 RUNNER_TEST(T1903_lock_database)
3755 auto control = CKM::Control::create();
3757 CKM_API_SUCCESS == (tmp = control->lockUserKey(0)),
3758 "Error=" << CKM::ErrorToString(tmp));
3761 RUNNER_TEST(T1904_get_data_from_locked_database)
3763 auto manager = CKM::Manager::create();
3766 int status1 = manager->getKey(CKM::Alias("CertEEE"), CKM::Password(), ptr);
3769 CKM_API_ERROR_DB_LOCKED == status1,
3770 "Could not get key from locked database. Error=" << CKM::ErrorToString(status1));
3773 RUNNER_TEST(T1905_deinit)
3776 auto control = CKM::Control::create();
3778 CKM_API_SUCCESS == (tmp = control->removeUserData(0)),
3779 "Error=" << CKM::ErrorToString(tmp));
3782 int main(int argc, char *argv[])
3784 DPL::Log::LogSystemSingleton::Instance().SetTag("CKM_TESTS");
3785 return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
projects / platform / core / test / security-tests.git / blob