1
0
forked from rpms/bind
bind/SOURCES/bind-9.11-kyua-pkcs11.patch

193 lines
7.1 KiB
Diff
Raw Normal View History

2020-07-28 07:51:19 +00:00
From a9b5785f174cf7fd74891fa64f6b69b9a9b55466 Mon Sep 17 00:00:00 2001
2019-08-05 14:40:24 +00:00
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Tue, 2 Jan 2018 18:13:07 +0100
Subject: [PATCH] Fix pkcs11 variants atf tests
Add dns-pkcs11 tests Makefile to configure
Add pkcs11 Kyuafile, fix dh_test to pass in pkcs11 mode
---
2020-01-21 22:30:08 +00:00
configure.ac | 1 +
2019-08-05 14:40:24 +00:00
lib/Kyuafile | 2 ++
lib/dns-pkcs11/tests/Makefile.in | 10 +++++-----
lib/dns-pkcs11/tests/dh_test.c | 3 ++-
lib/isc-pkcs11/tests/Makefile.in | 6 +++---
lib/isc-pkcs11/tests/hash_test.c | 32 +++++++++++++++++++++++++-------
2020-01-21 22:30:08 +00:00
6 files changed, 38 insertions(+), 16 deletions(-)
2019-08-05 14:40:24 +00:00
2020-01-21 22:30:08 +00:00
diff --git a/configure.ac b/configure.ac
2020-07-28 07:51:19 +00:00
index 62ecf56..0940a7d 100644
2020-01-21 22:30:08 +00:00
--- a/configure.ac
+++ b/configure.ac
2020-07-28 07:51:19 +00:00
@@ -5476,6 +5476,7 @@ AC_CONFIG_FILES([
2019-08-05 14:40:24 +00:00
lib/dns-pkcs11/include/Makefile
lib/dns-pkcs11/include/dns/Makefile
lib/dns-pkcs11/include/dst/Makefile
+ lib/dns-pkcs11/tests/Makefile
lib/irs/Makefile
lib/irs/include/Makefile
lib/irs/include/irs/Makefile
diff --git a/lib/Kyuafile b/lib/Kyuafile
2020-01-21 22:30:08 +00:00
index 7c8bab0..eec9564 100644
2019-08-05 14:40:24 +00:00
--- a/lib/Kyuafile
+++ b/lib/Kyuafile
2020-01-21 22:30:08 +00:00
@@ -2,8 +2,10 @@ syntax(2)
2019-08-05 14:40:24 +00:00
test_suite('bind9')
include('dns/Kyuafile')
+include('dns-pkcs11/Kyuafile')
include('irs/Kyuafile')
include('isc/Kyuafile')
+include('isc-pkcs11/Kyuafile')
2020-01-21 22:30:08 +00:00
include('isccc/Kyuafile')
2019-08-05 14:40:24 +00:00
include('isccfg/Kyuafile')
include('lwres/Kyuafile')
diff --git a/lib/dns-pkcs11/tests/Makefile.in b/lib/dns-pkcs11/tests/Makefile.in
2020-07-28 07:51:19 +00:00
index 22a06a8..5df5b15 100644
2019-08-05 14:40:24 +00:00
--- a/lib/dns-pkcs11/tests/Makefile.in
+++ b/lib/dns-pkcs11/tests/Makefile.in
2020-01-21 22:30:08 +00:00
@@ -17,12 +17,12 @@ VERSION=@BIND9_VERSION@
2019-08-05 14:40:24 +00:00
CINCLUDES = -I. -Iinclude ${DNS_INCLUDES} ${ISC_INCLUDES} \
2020-07-28 07:51:19 +00:00
@DST_OPENSSL_INC@ ${MAXMINDDB_CFLAGS}
2019-08-05 14:40:24 +00:00
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/dns/tests/\""
2020-01-21 22:30:08 +00:00
+CDEFINES = @CRYPTO_PK11@ -DTESTS="\"${top_builddir}/lib/dns-pkcs11/tests/\""
2019-08-05 14:40:24 +00:00
-ISCLIBS = ../../isc/libisc.@A@
-ISCDEPLIBS = ../../isc/libisc.@A@
2020-01-21 22:30:08 +00:00
-DNSLIBS = ../libdns.@A@ ${MAXMINDDB_LIBS} @DNS_CRYPTO_LIBS@
2019-08-05 14:40:24 +00:00
-DNSDEPLIBS = ../libdns.@A@
+ISCLIBS = ../../isc-pkcs11/libisc-pkcs11.@A@
+ISCDEPLIBS = ../../isc-pkcs11/libisc-pkcs11.@A@
2020-01-21 22:30:08 +00:00
+DNSLIBS = ../libdns-pkcs11.@A@ ${MAXMINDDB_LIBS} @DNS_CRYPTO_LIBS@
2019-08-05 14:40:24 +00:00
+DNSDEPLIBS = ../libdns-pkcs11.@A@
2020-01-21 22:30:08 +00:00
LIBS = @LIBS@ @CMOCKA_LIBS@
CFLAGS = @CFLAGS@ @CMOCKA_CFLAGS@
2019-08-05 14:40:24 +00:00
diff --git a/lib/dns-pkcs11/tests/dh_test.c b/lib/dns-pkcs11/tests/dh_test.c
2020-07-28 07:51:19 +00:00
index a5bf46c..9ff2b76 100644
2019-08-05 14:40:24 +00:00
--- a/lib/dns-pkcs11/tests/dh_test.c
+++ b/lib/dns-pkcs11/tests/dh_test.c
2020-07-28 07:51:19 +00:00
@@ -88,7 +88,8 @@ dh_computesecret(void **state) {
2020-01-21 22:30:08 +00:00
result = dst_key_computesecret(key, key, &buf);
assert_int_equal(result, DST_R_NOTPRIVATEKEY);
result = key->func->computesecret(key, key, &buf);
- assert_int_equal(result, DST_R_COMPUTESECRETFAILURE);
2019-08-05 14:40:24 +00:00
+ /* PKCS11 variant gives different result, accept both */
2020-01-21 22:30:08 +00:00
+ assert_true(result == DST_R_COMPUTESECRETFAILURE || result == DST_R_INVALIDPRIVATEKEY);
2019-08-05 14:40:24 +00:00
dst_key_free(&key);
2020-01-21 22:30:08 +00:00
}
2019-08-05 14:40:24 +00:00
diff --git a/lib/isc-pkcs11/tests/Makefile.in b/lib/isc-pkcs11/tests/Makefile.in
2020-07-28 07:51:19 +00:00
index 36d2207..00dfbc9 100644
2019-08-05 14:40:24 +00:00
--- a/lib/isc-pkcs11/tests/Makefile.in
+++ b/lib/isc-pkcs11/tests/Makefile.in
2020-01-21 22:30:08 +00:00
@@ -16,10 +16,10 @@ VERSION=@BIND9_VERSION@
2019-08-05 14:40:24 +00:00
@BIND9_MAKE_INCLUDES@
CINCLUDES = -I. -Iinclude ${ISC_INCLUDES} @ISC_OPENSSL_INC@
-CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/isc/tests/\""
2020-01-21 22:30:08 +00:00
+CDEFINES = @CRYPTO_PK11@ -DTESTS="\"${top_builddir}/lib/isc-pkcs11/tests/\""
2019-08-05 14:40:24 +00:00
-ISCLIBS = ../libisc.@A@ @ISC_OPENSSL_LIBS@
-ISCDEPLIBS = ../libisc.@A@
+ISCLIBS = ../libisc-pkcs11.@A@ @ISC_OPENSSL_LIBS@
+ISCDEPLIBS = ../libisc-pkcs11.@A@
2020-01-21 22:30:08 +00:00
LIBS = @LIBS@ @CMOCKA_LIBS@
CFLAGS = @CFLAGS@ @CMOCKA_CFLAGS@
2019-08-05 14:40:24 +00:00
diff --git a/lib/isc-pkcs11/tests/hash_test.c b/lib/isc-pkcs11/tests/hash_test.c
2020-07-28 07:51:19 +00:00
index 4fafc38..5eb2be2 100644
2019-08-05 14:40:24 +00:00
--- a/lib/isc-pkcs11/tests/hash_test.c
+++ b/lib/isc-pkcs11/tests/hash_test.c
2020-07-28 07:51:19 +00:00
@@ -84,7 +84,7 @@ typedef struct hash_testcase {
2019-08-05 14:40:24 +00:00
typedef struct hash_test_key {
const char *key;
- const int len;
+ const unsigned len;
} hash_test_key_t;
/* non-hmac tests */
2020-07-28 07:51:19 +00:00
@@ -955,8 +955,11 @@ isc_hmacsha1_test(void **state) {
2019-08-05 14:40:24 +00:00
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA1_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA1_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha1_init(&hmacsha1, buffer, test_key->len);
+ isc_hmacsha1_init(&hmacsha1, buffer, len);
isc_hmacsha1_update(&hmacsha1,
2020-01-21 22:30:08 +00:00
(const uint8_t *) testcase->input,
2019-08-05 14:40:24 +00:00
testcase->input_len);
2020-07-28 07:51:19 +00:00
@@ -1115,8 +1118,11 @@ isc_hmacsha224_test(void **state) {
2019-08-05 14:40:24 +00:00
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA224_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA224_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha224_init(&hmacsha224, buffer, test_key->len);
+ isc_hmacsha224_init(&hmacsha224, buffer, len);
isc_hmacsha224_update(&hmacsha224,
2020-01-21 22:30:08 +00:00
(const uint8_t *) testcase->input,
2019-08-05 14:40:24 +00:00
testcase->input_len);
2020-07-28 07:51:19 +00:00
@@ -1276,8 +1282,11 @@ isc_hmacsha256_test(void **state) {
2019-08-05 14:40:24 +00:00
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA256_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA256_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha256_init(&hmacsha256, buffer, test_key->len);
+ isc_hmacsha256_init(&hmacsha256, buffer, len);
isc_hmacsha256_update(&hmacsha256,
2020-01-21 22:30:08 +00:00
(const uint8_t *) testcase->input,
2019-08-05 14:40:24 +00:00
testcase->input_len);
2020-07-28 07:51:19 +00:00
@@ -1443,8 +1452,11 @@ isc_hmacsha384_test(void **state) {
2019-08-05 14:40:24 +00:00
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA384_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA384_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha384_init(&hmacsha384, buffer, test_key->len);
+ isc_hmacsha384_init(&hmacsha384, buffer, len);
isc_hmacsha384_update(&hmacsha384,
2020-01-21 22:30:08 +00:00
(const uint8_t *) testcase->input,
2019-08-05 14:40:24 +00:00
testcase->input_len);
2020-07-28 07:51:19 +00:00
@@ -1610,8 +1622,11 @@ isc_hmacsha512_test(void **state) {
2019-08-05 14:40:24 +00:00
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_SHA512_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_SHA512_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacsha512_init(&hmacsha512, buffer, test_key->len);
+ isc_hmacsha512_init(&hmacsha512, buffer, len);
isc_hmacsha512_update(&hmacsha512,
2020-01-21 22:30:08 +00:00
(const uint8_t *) testcase->input,
2019-08-05 14:40:24 +00:00
testcase->input_len);
2020-07-28 07:51:19 +00:00
@@ -1754,8 +1769,11 @@ isc_hmacmd5_test(void **state) {
2019-08-05 14:40:24 +00:00
hash_test_key_t *test_key = test_keys;
while (testcase->input != NULL && testcase->result != NULL) {
+ int len = ISC_MAX(test_key->len, ISC_MD5_DIGESTLENGTH);
+
+ memset(buffer, 0, ISC_MD5_DIGESTLENGTH);
memmove(buffer, test_key->key, test_key->len);
- isc_hmacmd5_init(&hmacmd5, buffer, test_key->len);
+ isc_hmacmd5_init(&hmacmd5, buffer, len);
isc_hmacmd5_update(&hmacmd5,
2020-01-21 22:30:08 +00:00
(const uint8_t *) testcase->input,
2019-08-05 14:40:24 +00:00
testcase->input_len);
--
2020-07-28 07:51:19 +00:00
2.21.1
2019-08-05 14:40:24 +00:00