|
 |
767dc7 |
From cfe1f7fdd12e202fa2d056c7fd731cfeee378a98 Mon Sep 17 00:00:00 2001
|
|
|
767dc7 |
From: Jakub Jelen <jjelen@redhat.com>
|
|
|
767dc7 |
Date: Wed, 15 Jul 2020 18:12:32 +0200
|
|
|
767dc7 |
Subject: [PATCH] Unbreak negative mechanism lists in slots.mechanisms +
|
|
|
767dc7 |
testcase
|
|
|
767dc7 |
|
|
|
767dc7 |
Previously, when the list for slots.mechanisms was prefixed with
|
|
|
767dc7 |
minus sign "-", the first mechanism was skipped as invalid and
|
|
|
767dc7 |
therefore the tool was presenting wrong list of algorithms.
|
|
|
767dc7 |
|
|
|
767dc7 |
This fixes the initial index for selection of first algorithm
|
|
|
767dc7 |
and adds unit test for this scenario.
|
|
|
767dc7 |
---
|
|
|
767dc7 |
.gitignore | 1 +
|
|
|
767dc7 |
configure.ac | 1 +
|
|
|
767dc7 |
src/lib/SoftHSM.cpp | 9 ++-
|
|
|
767dc7 |
src/lib/test/InfoTests.cpp | 70 ++++++++++++++++++-
|
|
|
767dc7 |
src/lib/test/InfoTests.h | 2 +
|
|
|
767dc7 |
src/lib/test/Makefile.am | 1 +
|
|
|
767dc7 |
src/lib/test/softhsm2-negative-mech.conf.in | 8 +++
|
|
|
767dc7 |
.../test/softhsm2-negative-mech.conf.win32 | 7 ++
|
|
|
767dc7 |
win32/p11test/p11test.vcxproj.in | 2 +
|
|
|
767dc7 |
9 files changed, 97 insertions(+), 4 deletions(-)
|
|
|
767dc7 |
create mode 100644 src/lib/test/softhsm2-negative-mech.conf.in
|
|
|
767dc7 |
create mode 100644 src/lib/test/softhsm2-negative-mech.conf.win32
|
|
|
767dc7 |
|
|
|
767dc7 |
diff --git a/configure.ac b/configure.ac
|
|
|
767dc7 |
index d4dad435..c6a51c7a 100644
|
|
|
767dc7 |
--- a/configure.ac
|
|
|
767dc7 |
+++ b/configure.ac
|
|
|
767dc7 |
@@ -217,6 +217,7 @@ AC_CONFIG_FILES([
|
|
|
767dc7 |
src/lib/test/softhsm2-alt.conf
|
|
|
767dc7 |
src/lib/test/softhsm2-reset-on-fork.conf
|
|
|
767dc7 |
src/lib/test/softhsm2-mech.conf
|
|
|
767dc7 |
+ src/lib/test/softhsm2-negative-mech.conf
|
|
|
767dc7 |
src/lib/test/tokens/dummy
|
|
|
767dc7 |
src/bin/Makefile
|
|
|
767dc7 |
src/bin/common/Makefile
|
|
|
767dc7 |
diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp
|
|
|
767dc7 |
index 0a0c32cc..cac724e6 100644
|
|
|
767dc7 |
--- a/src/lib/SoftHSM.cpp
|
|
|
767dc7 |
+++ b/src/lib/SoftHSM.cpp
|
|
|
767dc7 |
@@ -791,12 +791,17 @@ void SoftHSM::prepareSupportedMecahnisms(std::map
|
|
|
767dc7 |
if (mechs != "ALL")
|
|
|
767dc7 |
{
|
|
|
767dc7 |
bool negative = (mechs[0] == '-');
|
|
|
767dc7 |
- if (!negative)
|
|
|
767dc7 |
+ size_t pos = 0, prev = 0;
|
|
|
767dc7 |
+ if (negative)
|
|
|
767dc7 |
+ {
|
|
|
767dc7 |
+ /* Skip the minus sign */
|
|
|
767dc7 |
+ prev = 1;
|
|
|
767dc7 |
+ }
|
|
|
767dc7 |
+ else
|
|
|
767dc7 |
{
|
|
|
767dc7 |
/* For positive list, we remove everything */
|
|
|
767dc7 |
supportedMechanisms.clear();
|
|
|
767dc7 |
}
|
|
|
767dc7 |
- size_t pos = 0, prev = 0;
|
|
|
767dc7 |
std::string token;
|
|
|
767dc7 |
do
|
|
|
767dc7 |
{
|
|
|
767dc7 |
diff --git a/src/lib/test/InfoTests.cpp b/src/lib/test/InfoTests.cpp
|
|
|
767dc7 |
index a07956fb..d2218e34 100644
|
|
|
767dc7 |
--- a/src/lib/test/InfoTests.cpp
|
|
|
767dc7 |
+++ b/src/lib/test/InfoTests.cpp
|
|
|
767dc7 |
@@ -328,9 +328,9 @@ void InfoTests::testGetMechanismListConfig()
|
|
|
767dc7 |
CK_MECHANISM_TYPE_PTR pMechanismList;
|
|
|
767dc7 |
|
|
|
767dc7 |
#ifndef _WIN32
|
|
|
767dc7 |
- setenv("SOFTHSM2_CONF", "./softhsm2-mech.conf", 1);
|
|
|
767dc7 |
+ setenv("SOFTHSM2_CONF", "./softhsm2-mech.conf", 1);
|
|
|
767dc7 |
#else
|
|
|
767dc7 |
- setenv("SOFTHSM2_CONF", ".\\softhsm2-mech.conf", 1);
|
|
|
767dc7 |
+ setenv("SOFTHSM2_CONF", ".\\softhsm2-mech.conf", 1);
|
|
|
767dc7 |
#endif
|
|
|
767dc7 |
|
|
|
767dc7 |
// Just make sure that we finalize any previous failed tests
|
|
|
767dc7 |
@@ -363,6 +363,72 @@ void InfoTests::testGetMechanismListConfig()
|
|
|
767dc7 |
#endif
|
|
|
767dc7 |
}
|
|
|
767dc7 |
|
|
|
767dc7 |
+void InfoTests::testGetMechanismNegativeListConfig()
|
|
|
767dc7 |
+{
|
|
|
767dc7 |
+ CK_RV rv;
|
|
|
767dc7 |
+ CK_ULONG ulMechCount = 0;
|
|
|
767dc7 |
+ CK_MECHANISM_TYPE_PTR pMechanismList;
|
|
|
767dc7 |
+ CK_ULONG allMechsCount = 0;
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ // Just make sure that we finalize any previous failed tests
|
|
|
767dc7 |
+ CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ // First of all, try to get the default list
|
|
|
767dc7 |
+ rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, NULL_PTR, &ulMechCount) );
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) );
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(rv == CKR_OK);
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ // Get the size of the buffer
|
|
|
767dc7 |
+ rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, NULL_PTR, &ulMechCount) );
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(rv == CKR_OK);
|
|
|
767dc7 |
+ pMechanismList = (CK_MECHANISM_TYPE_PTR)malloc(ulMechCount * sizeof(CK_MECHANISM_TYPE_PTR));
|
|
|
767dc7 |
+ /* Remember how many mechanisms are supported */
|
|
|
767dc7 |
+ allMechsCount = ulMechCount;
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ // Get the mechanism list
|
|
|
767dc7 |
+ rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, pMechanismList, &ulMechCount) );
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(rv == CKR_OK);
|
|
|
767dc7 |
+ CPPUNIT_ASSERT_EQUAL(allMechsCount, ulMechCount);
|
|
|
767dc7 |
+ free(pMechanismList);
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
|
|
|
767dc7 |
+ /* Now try with configuration having negative list */
|
|
|
767dc7 |
+#ifndef _WIN32
|
|
|
767dc7 |
+ setenv("SOFTHSM2_CONF", "./softhsm2-negative-mech.conf", 1);
|
|
|
767dc7 |
+#else
|
|
|
767dc7 |
+ setenv("SOFTHSM2_CONF", ".\\softhsm2-negative-mech.conf", 1);
|
|
|
767dc7 |
+#endif
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) );
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(rv == CKR_OK);
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ // Get the size of the buffer
|
|
|
767dc7 |
+ rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, NULL_PTR, &ulMechCount) );
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(rv == CKR_OK);
|
|
|
767dc7 |
+ /* We should get 2 shorter */
|
|
|
767dc7 |
+ //CPPUNIT_ASSERT_EQUAL(allMechsCount - 2, ulMechCount);
|
|
|
767dc7 |
+ pMechanismList = (CK_MECHANISM_TYPE_PTR)malloc(ulMechCount * sizeof(CK_MECHANISM_TYPE_PTR));
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ // Get the mechanism list
|
|
|
767dc7 |
+ rv = CRYPTOKI_F_PTR( C_GetMechanismList(m_initializedTokenSlotID, pMechanismList, &ulMechCount) );
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(rv == CKR_OK);
|
|
|
767dc7 |
+ //CPPUNIT_ASSERT_EQUAL(allMechsCount - 2, ulMechCount);
|
|
|
767dc7 |
+ for (unsigned long i = 0; i < ulMechCount; i++) {
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(pMechanismList[i] != CKM_RSA_X_509);
|
|
|
767dc7 |
+ CPPUNIT_ASSERT(pMechanismList[i] != CKM_RSA_PKCS);
|
|
|
767dc7 |
+ }
|
|
|
767dc7 |
+ free(pMechanismList);
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+ CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
|
|
|
767dc7 |
+#ifndef _WIN32
|
|
|
767dc7 |
+ setenv("SOFTHSM2_CONF", "./softhsm2.conf", 1);
|
|
|
767dc7 |
+#else
|
|
|
767dc7 |
+ setenv("SOFTHSM2_CONF", ".\\softhsm2.conf", 1);
|
|
|
767dc7 |
+#endif
|
|
|
767dc7 |
+}
|
|
|
767dc7 |
+
|
|
|
767dc7 |
void InfoTests::testWaitForSlotEvent()
|
|
|
767dc7 |
{
|
|
|
767dc7 |
CK_RV rv;
|
|
|
767dc7 |
diff --git a/src/lib/test/InfoTests.h b/src/lib/test/InfoTests.h
|
|
|
767dc7 |
index dfd02953..1cc99ccb 100644
|
|
|
767dc7 |
--- a/src/lib/test/InfoTests.h
|
|
|
767dc7 |
+++ b/src/lib/test/InfoTests.h
|
|
|
767dc7 |
@@ -49,6 +49,7 @@ class InfoTests : public TestsNoPINInitBase
|
|
|
767dc7 |
CPPUNIT_TEST(testGetMechanismInfo);
|
|
|
767dc7 |
CPPUNIT_TEST(testGetSlotInfoAlt);
|
|
|
767dc7 |
CPPUNIT_TEST(testGetMechanismListConfig);
|
|
|
767dc7 |
+ CPPUNIT_TEST(testGetMechanismNegativeListConfig);
|
|
|
767dc7 |
CPPUNIT_TEST(testWaitForSlotEvent);
|
|
|
767dc7 |
CPPUNIT_TEST_SUITE_END();
|
|
|
767dc7 |
|
|
|
767dc7 |
@@ -62,6 +63,7 @@ class InfoTests : public TestsNoPINInitBase
|
|
|
767dc7 |
void testGetMechanismInfo();
|
|
|
767dc7 |
void testGetSlotInfoAlt();
|
|
|
767dc7 |
void testGetMechanismListConfig();
|
|
|
767dc7 |
+ void testGetMechanismNegativeListConfig();
|
|
|
767dc7 |
void testWaitForSlotEvent();
|
|
|
767dc7 |
};
|
|
|
767dc7 |
|
|
|
767dc7 |
diff --git a/src/lib/test/Makefile.am b/src/lib/test/Makefile.am
|
|
|
767dc7 |
index 17887dd4..a22ce668 100644
|
|
|
767dc7 |
--- a/src/lib/test/Makefile.am
|
|
|
767dc7 |
+++ b/src/lib/test/Makefile.am
|
|
|
767dc7 |
@@ -39,6 +39,7 @@ EXTRA_DIST = $(srcdir)/CMakeLists.txt \
|
|
|
767dc7 |
$(srcdir)/*.h \
|
|
|
767dc7 |
$(srcdir)/softhsm2-alt.conf.win32 \
|
|
|
767dc7 |
$(srcdir)/softhsm2-reset-on-fork.conf.win32 \
|
|
|
767dc7 |
+ $(srcdir)/softhsm2-negative-mech.conf.win32 \
|
|
|
767dc7 |
$(srcdir)/softhsm2-mech.conf.win32 \
|
|
|
767dc7 |
$(srcdir)/softhsm2.conf.win32 \
|
|
|
767dc7 |
$(srcdir)/tokens/dummy.in
|
|
|
767dc7 |
diff --git a/src/lib/test/softhsm2-negative-mech.conf.in b/src/lib/test/softhsm2-negative-mech.conf.in
|
|
|
767dc7 |
new file mode 100644
|
|
|
767dc7 |
index 00000000..51f7e6ac
|
|
|
767dc7 |
--- /dev/null
|
|
|
767dc7 |
+++ b/src/lib/test/softhsm2-negative-mech.conf.in
|
|
|
767dc7 |
@@ -0,0 +1,8 @@
|
|
|
767dc7 |
+# SoftHSM v2 configuration file
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+directories.tokendir = @builddir@/tokens
|
|
|
767dc7 |
+objectstore.backend = file
|
|
|
767dc7 |
+log.level = INFO
|
|
|
767dc7 |
+slots.removable = false
|
|
|
767dc7 |
+slots.mechanisms = -CKM_RSA_X_509,CKM_RSA_PKCS
|
|
|
767dc7 |
+
|
|
|
767dc7 |
diff --git a/src/lib/test/softhsm2-negative-mech.conf.win32 b/src/lib/test/softhsm2-negative-mech.conf.win32
|
|
|
767dc7 |
new file mode 100644
|
|
|
767dc7 |
index 00000000..a3aefb96
|
|
|
767dc7 |
--- /dev/null
|
|
|
767dc7 |
+++ b/src/lib/test/softhsm2-negative-mech.conf.win32
|
|
|
767dc7 |
@@ -0,0 +1,7 @@
|
|
|
767dc7 |
+# SoftHSM v2 configuration file
|
|
|
767dc7 |
+
|
|
|
767dc7 |
+directories.tokendir = .\tokens
|
|
|
767dc7 |
+objectstore.backend = file
|
|
|
767dc7 |
+log.level = INFO
|
|
|
767dc7 |
+slots.removable = false
|
|
|
767dc7 |
+slots.mechanisms = -CKM_RSA_X_509,CKM_RSA_PKCS
|
|
|
767dc7 |
diff --git a/win32/p11test/p11test.vcxproj.in b/win32/p11test/p11test.vcxproj.in
|
|
|
767dc7 |
index 55dfb087..88859bca 100644
|
|
|
767dc7 |
--- a/win32/p11test/p11test.vcxproj.in
|
|
|
767dc7 |
+++ b/win32/p11test/p11test.vcxproj.in
|
|
|
767dc7 |
@@ -67,6 +67,7 @@ copy ..\..\src\lib\test\softhsm2.conf.win32 "$(TargetDir)\softhsm2.conf"
|
|
|
767dc7 |
copy ..\..\src\lib\test\softhsm2-alt.conf.win32 "$(TargetDir)\softhsm2-alt.conf"
|
|
|
767dc7 |
copy ..\..\src\lib\test\softhsm2-reset-on-fork.conf.win32 "$(TargetDir)\softhsm2-reset-on-fork.conf"
|
|
|
767dc7 |
copy ..\..\src\lib\test\softhsm2-mech.conf.win32 "$(TargetDir)\softhsm2-mech.conf"
|
|
|
767dc7 |
+copy ..\..\src\lib\test\softhsm2-negative-mech.conf.win32 "$(TargetDir)\softhsm2-negative-mech.conf"
|
|
|
767dc7 |
mkdir "$(TargetDir)\tokens" 2> nul
|
|
|
767dc7 |
copy ..\..\src\lib\test\tokens\dummy.in "$(TargetDir)\tokens\dummy"
|
|
|
767dc7 |
</Command>
|
|
|
767dc7 |
@@ -99,6 +100,7 @@ copy ..\..\src\lib\test\softhsm2.conf.win32 "$(TargetDir)\softhsm2.conf"
|
|
|
767dc7 |
copy ..\..\src\lib\test\softhsm2-alt.conf.win32 "$(TargetDir)\softhsm2-alt.conf"
|
|
|
767dc7 |
copy ..\..\src\lib\test\softhsm2-reset-on-fork.conf.win32 "$(TargetDir)\softhsm2-reset-on-fork.conf"
|
|
|
767dc7 |
copy ..\..\src\lib\test\softhsm2-mech.conf.win32 "$(TargetDir)\softhsm2-mech.conf"
|
|
|
767dc7 |
+copy ..\..\src\lib\test\softhsm2-negative-mech.conf.win32 "$(TargetDir)\softhsm2-negative-mech.conf"
|
|
|
767dc7 |
mkdir "$(TargetDir)\tokens" 2> nul
|
|
|
767dc7 |
copy ..\..\src\lib\test\tokens\dummy.in "$(TargetDir)\tokens\dummy"
|
|
|
767dc7 |
</Command>
|