rpms / openssl-pkcs11

Clone
Source Code
GIT

Files

  1.   61e0f428148475caf6f6a353041ee088aaae9c8b
  2.   SOURCES
  3.   openssl-pkcs11-0.4.8-ec-sign-test.patch
Blob Blame History Raw 
From 10ed7e56f159dba8980644494532898c9063438d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20Trojnara?= <Michal.Trojnara@stunnel.org>
Date: Thu, 23 Aug 2018 22:19:04 +0200
Subject: [PATCH 03/23] ec-evp-sign test

---
 tests/Makefile.am         |  1 +
 tests/ec-common.sh        | 18 +++++-----
 tests/ec-evp-sign.softhsm | 71 +++++++++++++++++++++++++++++++++++++++
 tests/ec-testfork.softhsm |  2 +-
 4 files changed, 82 insertions(+), 10 deletions(-)
 create mode 100755 tests/ec-evp-sign.softhsm

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 8864709..cd17051 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -21,6 +21,7 @@ dist_check_SCRIPTS = \
 	rsa-testfork.softhsm \
 	rsa-testlistkeys.softhsm \
 	rsa-evp-sign.softhsm \
+	ec-evp-sign.softhsm \
 	ec-testfork.softhsm \
 	fork-change-slot.softhsm \
 	rsa-pss-sign.softhsm \
diff --git a/tests/ec-common.sh b/tests/ec-common.sh
index a709c0d..a53a4ee 100755
--- a/tests/ec-common.sh
+++ b/tests/ec-common.sh
@@ -35,11 +35,11 @@ mkdir -p $outdir
 
 for i in /usr/lib64/pkcs11 /usr/lib64/softhsm /usr/lib/x86_64-linux-gnu/softhsm /usr/local/lib/softhsm /opt/local/lib/softhsm /usr/lib/softhsm /usr/lib ;do
 	if test -f "$i/libsofthsm2.so"; then
-		ADDITIONAL_PARAM="$i/libsofthsm2.so"
+		MODULE="$i/libsofthsm2.so"
 		break
 	else
 		if test -f "$i/libsofthsm.so";then
-			ADDITIONAL_PARAM="$i/libsofthsm.so"
+			MODULE="$i/libsofthsm.so"
 			break
 		fi
 	fi
@@ -104,18 +104,18 @@ PUK=1234
 init_card $PIN $PUK
 
 # generate key in token
-pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/ec-prvkey.der -y privkey >/dev/null
+pkcs11-tool -p $PIN --module $MODULE -d 01020304 -a server-key -l -w ${srcdir}/ec-prvkey.der -y privkey >/dev/null
 if test $? != 0;then
 	exit 1;
 fi
 
 # pkcs11-tool currently only supports RSA public keys
-#pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/ec-pubkey.der -y pubkey >/dev/null
-#if test $? != 0;then
-#	exit 1;
-#fi
+pkcs11-tool -p $PIN --module $MODULE -d 01020304 -a server-key -l -w ${srcdir}/ec-pubkey.der -y pubkey >/dev/null
+if test $? != 0;then
+	exit 1;
+fi
 
-pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/ec-cert.der -y cert >/dev/null
+pkcs11-tool -p $PIN --module $MODULE -d 01020304 -a server-key -l -w ${srcdir}/ec-cert.der -y cert >/dev/null
 if test $? != 0;then
 	exit 1;
 fi
@@ -123,4 +123,4 @@ fi
 echo "***************"
 echo "Listing objects"
 echo "***************"
-pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -l -O
+pkcs11-tool -p $PIN --module $MODULE -l -O
diff --git a/tests/ec-evp-sign.softhsm b/tests/ec-evp-sign.softhsm
new file mode 100755
index 0000000..edecd4a
--- /dev/null
+++ b/tests/ec-evp-sign.softhsm
@@ -0,0 +1,71 @@
+#!/bin/sh
+
+# Copyright (C) 2015 Nikos Mavrogiannopoulos
+#
+# GnuTLS is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+outdir="output.$$"
+
+# Load common test functions
+. ${srcdir}/ec-common.sh
+
+# Do the common test initialization
+# common_init
+
+sed -e "s|@MODULE_PATH@|${MODULE}|g" -e "s|@ENGINE_PATH@|../src/.libs/pkcs11.so|g" <"${srcdir}/engines.cnf.in" >"${outdir}/engines.cnf"
+
+export OPENSSL_ENGINES="../src/.libs/"
+PRIVATE_KEY="pkcs11:token=libp11-test;id=%01%02%03%04;object=server-key;type=private;pin-value=1234"
+PUBLIC_KEY="pkcs11:token=libp11-test;id=%01%02%03%04;object=server-key;type=public;pin-value=1234"
+
+./evp-sign ctrl false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE}
+if test $? != 0;then
+	echo "Basic PKCS #11 test, using ctrl failed"
+	exit 1;
+fi
+
+./evp-sign default false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE}
+if test $? != 0;then
+	echo "Basic PKCS #11 test, using default failed"
+	exit 1;
+fi
+
+./evp-sign ctrl 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE}
+if test $? != 0;then
+	echo "Basic PKCS #11 test without pin-value, using ctrl failed"
+	exit 1;
+fi
+
+./evp-sign default 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE}
+if test $? != 0;then
+	echo "Basic PKCS #11 test without pin-value, using default failed"
+	exit 1;
+fi
+
+./evp-sign ctrl 1234 "${outdir}/engines.cnf" "label_server-key" "label_server-key" ${MODULE}
+if test $? != 0;then
+	echo "Basic PKCS #11 test with legacy name #1 failed"
+	exit 1;
+fi
+
+./evp-sign default 1234 "${outdir}/engines.cnf" "id_01020304" "id_01020304" ${MODULE}
+if test $? != 0;then
+	echo "Basic PKCS #11 test with legacy name #2 failed"
+	exit 1;
+fi
+
+rm -rf "$outdir"
+
+exit 0
diff --git a/tests/ec-testfork.softhsm b/tests/ec-testfork.softhsm
index 961424a..55b6516 100755
--- a/tests/ec-testfork.softhsm
+++ b/tests/ec-testfork.softhsm
@@ -21,7 +21,7 @@ outdir="output.$$"
 
 . ${srcdir}/ec-common.sh
 
-./fork-test $ADDITIONAL_PARAM $PIN
+./fork-test $MODULE $PIN
 if test $? != 0;then
 	exit 1;
 fi
-- 
2.17.1

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation