rpms / softhsm

Clone
Source Code
GIT

Blame SOURCES/softhsm-2.6.1-rh1857272-negatives.patch

c7 c7-beta c7-i686 c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client c8s-stream-DL1 c8s-stream-client c9 c9-beta
  1.   a3138ed91203de58c0901163a2f117fdb081668c
  2.   SOURCES
  3.   softhsm-2.6.1-rh1857272-negatives.patch
Blob History Raw
a3138e 
From cfe1f7fdd12e202fa2d056c7fd731cfeee378a98 Mon Sep 17 00:00:00 2001
a3138e 
From: Jakub Jelen <jjelen@redhat.com>
a3138e 
Date: Wed, 15 Jul 2020 18:12:32 +0200
a3138e 
Subject: [PATCH] Unbreak negative mechanism lists in slots.mechanisms +
a3138e 
 testcase
a3138e
a3138e 
Previously, when the list for slots.mechanisms was prefixed with
a3138e 
minus sign "-", the first mechanism was skipped as invalid and
a3138e 
therefore the tool was presenting wrong list of algorithms.
a3138e
a3138e 
This fixes the initial index for selection of first algorithm
a3138e 
and adds unit test for this scenario.
a3138e 
---
a3138e 
 .gitignore                                    |  1 +
a3138e 
 configure.ac                                  |  1 +
a3138e 
 src/lib/SoftHSM.cpp                           |  9 ++-
a3138e 
 src/lib/test/InfoTests.cpp                    | 70 ++++++++++++++++++-
a3138e 
 src/lib/test/InfoTests.h                      |  2 +
a3138e 
 src/lib/test/Makefile.am                      |  1 +
a3138e 
 src/lib/test/softhsm2-negative-mech.conf.in   |  8 +++
a3138e 
 .../test/softhsm2-negative-mech.conf.win32    |  7 ++
a3138e 
 win32/p11test/p11test.vcxproj.in              |  2 +
a3138e 
 9 files changed, 97 insertions(+), 4 deletions(-)
a3138e 
 create mode 100644 src/lib/test/softhsm2-negative-mech.conf.in
a3138e 
 create mode 100644 src/lib/test/softhsm2-negative-mech.conf.win32
a3138e
a3138e 
diff --git a/configure.ac b/configure.ac
a3138e 
index d4dad435..c6a51c7a 100644
a3138e 
--- a/configure.ac
a3138e 
+++ b/configure.ac
a3138e 
@@ -217,6 +217,7 @@ AC_CONFIG_FILES([
a3138e 
 	src/lib/test/softhsm2-alt.conf
a3138e 
 	src/lib/test/softhsm2-reset-on-fork.conf
a3138e 
 	src/lib/test/softhsm2-mech.conf
a3138e 
+	src/lib/test/softhsm2-negative-mech.conf
a3138e 
 	src/lib/test/tokens/dummy
a3138e 
 	src/bin/Makefile
a3138e 
 	src/bin/common/Makefile
a3138e 
diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp
a3138e 
index 0a0c32cc..cac724e6 100644
a3138e 
--- a/src/lib/SoftHSM.cpp
a3138e 
+++ b/src/lib/SoftHSM.cpp
a3138e 
@@ -791,12 +791,17 @@ void SoftHSM::prepareSupportedMecahnisms(std::map
a3138e 
 	if (mechs != "ALL")
a3138e 
 	{
a3138e 
 		bool negative = (mechs[0] == '-');
a3138e 
-		if (!negative)
a3138e 
+		size_t pos = 0, prev = 0;
a3138e 
+		if (negative)
a3138e 
+		{
a3138e 
+			/* Skip the minus sign */
a3138e 
+			prev = 1;
a3138e 
+		}
a3138e 
+		else
a3138e 
 		{
a3138e 
 			/* For positive list, we remove everything */
a3138e 
 			supportedMechanisms.clear();
a3138e 
 		}
a3138e 
-		size_t pos = 0, prev = 0;
a3138e 
 		std::string token;
a3138e 
 		do
a3138e 
 		{
a3138e 
diff --git a/src/lib/test/InfoTests.cpp b/src/lib/test/InfoTests.cpp
a3138e 
index a07956fb..d2218e34 100644
a3138e 
--- a/src/lib/test/InfoTests.cpp
a3138e 
+++ b/src/lib/test/InfoTests.cpp
a3138e 
@@ -328,9 +328,9 @@ void InfoTests::testGetMechanismListConfig()
a3138e 
 	CK_MECHANISM_TYPE_PTR pMechanismList;
a3138e
a3138e 
 #ifndef _WIN32
a3138e 
-    setenv("SOFTHSM2_CONF", "./softhsm2-mech.conf", 1);
a3138e 
+	setenv("SOFTHSM2_CONF", "./softhsm2-mech.conf", 1);
a3138e 
 #else
a3138e 
-    setenv("SOFTHSM2_CONF", ".\\softhsm2-mech.conf", 1);
a3138e 
+	setenv("SOFTHSM2_CONF", ".\\softhsm2-mech.conf", 1);
a3138e 
 #endif
a3138e
a3138e 
 	// Just make sure that we finalize any previous failed tests
a3138e 
@@ -363,6 +363,72 @@ void InfoTests::testGetMechanismListConfig()
a3138e 
 #endif
a3138e 
 }
a3138e
a3138e 
+void InfoTests::testGetMechanismNegativeListConfig()
a3138e 
+{
a3138e 
+	CK_RV rv;
a3138e 
+	CK_ULONG ulMechCount = 0;
a3138e 
+	CK_MECHANISM_TYPE_PTR pMechanismList;
a3138e 
+	CK_ULONG allMechsCount = 0;
a3138e 
+
a3138e 
+	// Just make sure that we finalize any previous failed tests
a3138e 
+	CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
a3138e 
+
a3138e 
+	// First of all, try to get the default list
a3138e 
+	rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, NULL_PTR, &ulMechCount) );
a3138e 
+	CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
a3138e 
+
a3138e 
+	rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) );
a3138e 
+	CPPUNIT_ASSERT(rv == CKR_OK);
a3138e 
+
a3138e 
+	// Get the size of the buffer
a3138e 
+	rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, NULL_PTR, &ulMechCount) );
a3138e 
+	CPPUNIT_ASSERT(rv == CKR_OK);
a3138e 
+	pMechanismList = (CK_MECHANISM_TYPE_PTR)malloc(ulMechCount * sizeof(CK_MECHANISM_TYPE_PTR));
a3138e 
+	/* Remember how many mechanisms are supported */
a3138e 
+	allMechsCount = ulMechCount;
a3138e 
+
a3138e 
+	// Get the mechanism list
a3138e 
+	rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, pMechanismList, &ulMechCount) );
a3138e 
+	CPPUNIT_ASSERT(rv == CKR_OK);
a3138e 
+	CPPUNIT_ASSERT_EQUAL(allMechsCount, ulMechCount);
a3138e 
+	free(pMechanismList);
a3138e 
+
a3138e 
+	CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
a3138e 
+	/* Now try with configuration having negative list */
a3138e 
+#ifndef _WIN32
a3138e 
+	setenv("SOFTHSM2_CONF", "./softhsm2-negative-mech.conf", 1);
a3138e 
+#else
a3138e 
+	setenv("SOFTHSM2_CONF", ".\\softhsm2-negative-mech.conf", 1);
a3138e 
+#endif
a3138e 
+
a3138e 
+	rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) );
a3138e 
+	CPPUNIT_ASSERT(rv == CKR_OK);
a3138e 
+
a3138e 
+	// Get the size of the buffer
a3138e 
+	rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, NULL_PTR, &ulMechCount) );
a3138e 
+	CPPUNIT_ASSERT(rv == CKR_OK);
a3138e 
+	/* We should get 2 shorter */
a3138e 
+	//CPPUNIT_ASSERT_EQUAL(allMechsCount - 2, ulMechCount);
a3138e 
+	pMechanismList = (CK_MECHANISM_TYPE_PTR)malloc(ulMechCount * sizeof(CK_MECHANISM_TYPE_PTR));
a3138e 
+
a3138e 
+	// Get the mechanism list
a3138e 
+	rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, pMechanismList, &ulMechCount) );
a3138e 
+	CPPUNIT_ASSERT(rv == CKR_OK);
a3138e 
+	//CPPUNIT_ASSERT_EQUAL(allMechsCount - 2, ulMechCount);
a3138e 
+	for (unsigned long i = 0; i < ulMechCount; i++) {
a3138e 
+		CPPUNIT_ASSERT(pMechanismList[i] != CKM_RSA_X_509);
a3138e 
+		CPPUNIT_ASSERT(pMechanismList[i] != CKM_RSA_PKCS);
a3138e 
+	}
a3138e 
+	free(pMechanismList);
a3138e 
+
a3138e 
+	CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
a3138e 
+#ifndef _WIN32
a3138e 
+	setenv("SOFTHSM2_CONF", "./softhsm2.conf", 1);
a3138e 
+#else
a3138e 
+	setenv("SOFTHSM2_CONF", ".\\softhsm2.conf", 1);
a3138e 
+#endif
a3138e 
+}
a3138e 
+
a3138e 
 void InfoTests::testWaitForSlotEvent()
a3138e 
 {
a3138e 
 	CK_RV rv;
a3138e 
diff --git a/src/lib/test/InfoTests.h b/src/lib/test/InfoTests.h
a3138e 
index dfd02953..1cc99ccb 100644
a3138e 
--- a/src/lib/test/InfoTests.h
a3138e 
+++ b/src/lib/test/InfoTests.h
a3138e 
@@ -49,6 +49,7 @@ class InfoTests : public TestsNoPINInitBase
a3138e 
 	CPPUNIT_TEST(testGetMechanismInfo);
a3138e 
 	CPPUNIT_TEST(testGetSlotInfoAlt);
a3138e 
 	CPPUNIT_TEST(testGetMechanismListConfig);
a3138e 
+	CPPUNIT_TEST(testGetMechanismNegativeListConfig);
a3138e 
 	CPPUNIT_TEST(testWaitForSlotEvent);
a3138e 
 	CPPUNIT_TEST_SUITE_END();
a3138e
a3138e 
@@ -62,6 +63,7 @@ class InfoTests : public TestsNoPINInitBase
a3138e 
 	void testGetMechanismInfo();
a3138e 
 	void testGetSlotInfoAlt();
a3138e 
 	void testGetMechanismListConfig();
a3138e 
+	void testGetMechanismNegativeListConfig();
a3138e 
 	void testWaitForSlotEvent();
a3138e 
 };
a3138e
a3138e 
diff --git a/src/lib/test/Makefile.am b/src/lib/test/Makefile.am
a3138e 
index 17887dd4..a22ce668 100644
a3138e 
--- a/src/lib/test/Makefile.am
a3138e 
+++ b/src/lib/test/Makefile.am
a3138e 
@@ -39,6 +39,7 @@ EXTRA_DIST =			$(srcdir)/CMakeLists.txt \
a3138e 
 				$(srcdir)/*.h \
a3138e 
 				$(srcdir)/softhsm2-alt.conf.win32 \
a3138e 
 				$(srcdir)/softhsm2-reset-on-fork.conf.win32 \
a3138e 
+				$(srcdir)/softhsm2-negative-mech.conf.win32 \
a3138e 
 				$(srcdir)/softhsm2-mech.conf.win32 \
a3138e 
 				$(srcdir)/softhsm2.conf.win32 \
a3138e 
 				$(srcdir)/tokens/dummy.in
a3138e 
diff --git a/src/lib/test/softhsm2-negative-mech.conf.in b/src/lib/test/softhsm2-negative-mech.conf.in
a3138e 
new file mode 100644
a3138e 
index 00000000..51f7e6ac
a3138e 
--- /dev/null
a3138e 
+++ b/src/lib/test/softhsm2-negative-mech.conf.in
a3138e 
@@ -0,0 +1,8 @@
a3138e 
+# SoftHSM v2 configuration file
a3138e 
+
a3138e 
+directories.tokendir = @builddir@/tokens
a3138e 
+objectstore.backend = file
a3138e 
+log.level = INFO
a3138e 
+slots.removable = false
a3138e 
+slots.mechanisms = -CKM_RSA_X_509,CKM_RSA_PKCS
a3138e 
+
a3138e 
diff --git a/src/lib/test/softhsm2-negative-mech.conf.win32 b/src/lib/test/softhsm2-negative-mech.conf.win32
a3138e 
new file mode 100644
a3138e 
index 00000000..a3aefb96
a3138e 
--- /dev/null
a3138e 
+++ b/src/lib/test/softhsm2-negative-mech.conf.win32
a3138e 
@@ -0,0 +1,7 @@
a3138e 
+# SoftHSM v2 configuration file
a3138e 
+
a3138e 
+directories.tokendir = .\tokens
a3138e 
+objectstore.backend = file
a3138e 
+log.level = INFO
a3138e 
+slots.removable = false
a3138e 
+slots.mechanisms = -CKM_RSA_X_509,CKM_RSA_PKCS
a3138e 
diff --git a/win32/p11test/p11test.vcxproj.in b/win32/p11test/p11test.vcxproj.in
a3138e 
index 55dfb087..88859bca 100644
a3138e 
--- a/win32/p11test/p11test.vcxproj.in
a3138e 
+++ b/win32/p11test/p11test.vcxproj.in
a3138e 
@@ -67,6 +67,7 @@ copy ..\..\src\lib\test\softhsm2.conf.win32 "$(TargetDir)\softhsm2.conf"
a3138e 
 copy ..\..\src\lib\test\softhsm2-alt.conf.win32 "$(TargetDir)\softhsm2-alt.conf"
a3138e 
 copy ..\..\src\lib\test\softhsm2-reset-on-fork.conf.win32 "$(TargetDir)\softhsm2-reset-on-fork.conf"
a3138e 
 copy ..\..\src\lib\test\softhsm2-mech.conf.win32 "$(TargetDir)\softhsm2-mech.conf"
a3138e 
+copy ..\..\src\lib\test\softhsm2-negative-mech.conf.win32 "$(TargetDir)\softhsm2-negative-mech.conf"
a3138e 
 mkdir "$(TargetDir)\tokens" 2> nul
a3138e 
 copy ..\..\src\lib\test\tokens\dummy.in "$(TargetDir)\tokens\dummy"
a3138e 
       </Command>
a3138e 
@@ -99,6 +100,7 @@ copy ..\..\src\lib\test\softhsm2.conf.win32 "$(TargetDir)\softhsm2.conf"
a3138e 
 copy ..\..\src\lib\test\softhsm2-alt.conf.win32 "$(TargetDir)\softhsm2-alt.conf"
a3138e 
 copy ..\..\src\lib\test\softhsm2-reset-on-fork.conf.win32 "$(TargetDir)\softhsm2-reset-on-fork.conf"
a3138e 
 copy ..\..\src\lib\test\softhsm2-mech.conf.win32 "$(TargetDir)\softhsm2-mech.conf"
a3138e 
+copy ..\..\src\lib\test\softhsm2-negative-mech.conf.win32 "$(TargetDir)\softhsm2-negative-mech.conf"
a3138e 
 mkdir "$(TargetDir)\tokens" 2> nul
a3138e 
 copy ..\..\src\lib\test\tokens\dummy.in "$(TargetDir)\tokens\dummy"
a3138e 
       </Command>

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation