From 3474d13bbf08c441783bd72afbc8cec8857baf46 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= Date: Tue, 2 Jan 2018 18:13:07 +0100 Subject: [PATCH] Fix pkcs11 variants atf tests Add dns-pkcs11 tests Makefile to configure Add pkcs11 Kyuafile, fix dh_test to pass in pkcs11 mode --- configure.in | 1 + lib/Atffile | 2 ++ lib/Kyuafile | 2 ++ lib/dns-pkcs11/tests/Makefile.in | 10 +++++----- lib/dns-pkcs11/tests/dh_test.c | 3 ++- lib/isc-pkcs11/tests/Makefile.in | 6 +++--- lib/isc-pkcs11/tests/hash_test.c | 32 +++++++++++++++++++++++++------- 7 files changed, 40 insertions(+), 16 deletions(-) diff --git a/configure.in b/configure.in index 1edafd1..5466de1 100644 --- a/configure.in +++ b/configure.in @@ -5489,6 +5489,7 @@ AC_CONFIG_FILES([ lib/dns-pkcs11/include/Makefile lib/dns-pkcs11/include/dns/Makefile lib/dns-pkcs11/include/dst/Makefile + lib/dns-pkcs11/tests/Makefile lib/irs/Makefile lib/irs/include/Makefile lib/irs/include/irs/Makefile diff --git a/lib/Atffile b/lib/Atffile index 93bbb01..4db3dce 100644 --- a/lib/Atffile +++ b/lib/Atffile @@ -3,7 +3,9 @@ Content-Type: application/X-atf-atffile; version="1" prop: test-suite = bind9 tp: dns +tp: dns-pkcs11 tp: irs tp: isc +tp: isc-pkcs11 tp: isccfg tp: lwres diff --git a/lib/Kyuafile b/lib/Kyuafile index ff9fc56..eaaf0dc 100644 --- a/lib/Kyuafile +++ b/lib/Kyuafile @@ -2,7 +2,9 @@ syntax(2) test_suite('bind9') include('dns/Kyuafile') +include('dns-pkcs11/Kyuafile') include('irs/Kyuafile') include('isc/Kyuafile') +include('isc-pkcs11/Kyuafile') include('isccfg/Kyuafile') include('lwres/Kyuafile') diff --git a/lib/dns-pkcs11/tests/Makefile.in b/lib/dns-pkcs11/tests/Makefile.in index 625e809..6fd4e36 100644 --- a/lib/dns-pkcs11/tests/Makefile.in +++ b/lib/dns-pkcs11/tests/Makefile.in @@ -21,12 +21,12 @@ VERSION=@BIND9_VERSION@ CINCLUDES = -I. -Iinclude ${DNS_INCLUDES} ${ISC_INCLUDES} \ @DST_OPENSSL_INC@ -CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/dns/tests/\"" +CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/dns-pkcs11/tests/\"" -ISCLIBS = ../../isc/libisc.@A@ -ISCDEPLIBS = ../../isc/libisc.@A@ -DNSLIBS = ../libdns.@A@ @DNS_CRYPTO_LIBS@ -DNSDEPLIBS = ../libdns.@A@ +ISCLIBS = ../../isc-pkcs11/libisc-pkcs11.@A@ +ISCDEPLIBS = ../../isc-pkcs11/libisc-pkcs11.@A@ +DNSLIBS = ../libdns-pkcs11.@A@ @DNS_CRYPTO_LIBS@ +DNSDEPLIBS = ../libdns-pkcs11.@A@ LIBS = @LIBS@ @ATFLIBS@ diff --git a/lib/dns-pkcs11/tests/dh_test.c b/lib/dns-pkcs11/tests/dh_test.c index 6216b4e..dd74e58 100644 --- a/lib/dns-pkcs11/tests/dh_test.c +++ b/lib/dns-pkcs11/tests/dh_test.c @@ -64,7 +64,8 @@ ATF_TC_BODY(isc_dh_computesecret, tc) { ret = dst_key_computesecret(key, key, &buf); ATF_REQUIRE_EQ(ret, DST_R_NOTPRIVATEKEY); ret = key->func->computesecret(key, key, &buf); - ATF_REQUIRE_EQ(ret, DST_R_COMPUTESECRETFAILURE); + /* PKCS11 variant gives different result, accept both */ + ATF_REQUIRE(ret == DST_R_COMPUTESECRETFAILURE || ret == DST_R_INVALIDPRIVATEKEY); dst_key_free(&key); dns_test_end(); diff --git a/lib/isc-pkcs11/tests/Makefile.in b/lib/isc-pkcs11/tests/Makefile.in index add8068..a928dcf 100644 --- a/lib/isc-pkcs11/tests/Makefile.in +++ b/lib/isc-pkcs11/tests/Makefile.in @@ -20,10 +20,10 @@ VERSION=@BIND9_VERSION@ @BIND9_MAKE_INCLUDES@ CINCLUDES = -I. -Iinclude ${ISC_INCLUDES} @ISC_OPENSSL_INC@ -CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/isc/tests/\"" +CDEFINES = @CRYPTO@ -DTESTS="\"${top_builddir}/lib/isc-pkcs11/tests/\"" -ISCLIBS = ../libisc.@A@ @ISC_OPENSSL_LIBS@ -ISCDEPLIBS = ../libisc.@A@ +ISCLIBS = ../libisc-pkcs11.@A@ @ISC_OPENSSL_LIBS@ +ISCDEPLIBS = ../libisc-pkcs11.@A@ LIBS = @LIBS@ @ATFLIBS@ diff --git a/lib/isc-pkcs11/tests/hash_test.c b/lib/isc-pkcs11/tests/hash_test.c index 7eb1552..048ae9d 100644 --- a/lib/isc-pkcs11/tests/hash_test.c +++ b/lib/isc-pkcs11/tests/hash_test.c @@ -78,7 +78,7 @@ typedef struct hash_testcase { typedef struct hash_test_key { const char *key; - const int len; + const unsigned len; } hash_test_key_t; /* non-hmac tests */ @@ -961,8 +961,11 @@ ATF_TC_BODY(isc_hmacsha1, tc) { hash_test_key_t *test_key = test_keys; while (testcase->input != NULL && testcase->result != NULL) { + int len = ISC_MAX(test_key->len, ISC_SHA1_DIGESTLENGTH); + + memset(buffer, 0, ISC_SHA1_DIGESTLENGTH); memmove(buffer, test_key->key, test_key->len); - isc_hmacsha1_init(&hmacsha1, buffer, test_key->len); + isc_hmacsha1_init(&hmacsha1, buffer, len); isc_hmacsha1_update(&hmacsha1, (const uint8_t *) testcase->input, testcase->input_len); @@ -1124,8 +1127,11 @@ ATF_TC_BODY(isc_hmacsha224, tc) { hash_test_key_t *test_key = test_keys; while (testcase->input != NULL && testcase->result != NULL) { + int len = ISC_MAX(test_key->len, ISC_SHA224_DIGESTLENGTH); + + memset(buffer, 0, ISC_SHA224_DIGESTLENGTH); memmove(buffer, test_key->key, test_key->len); - isc_hmacsha224_init(&hmacsha224, buffer, test_key->len); + isc_hmacsha224_init(&hmacsha224, buffer, len); isc_hmacsha224_update(&hmacsha224, (const uint8_t *) testcase->input, testcase->input_len); @@ -1287,8 +1293,11 @@ ATF_TC_BODY(isc_hmacsha256, tc) { hash_test_key_t *test_key = test_keys; while (testcase->input != NULL && testcase->result != NULL) { + int len = ISC_MAX(test_key->len, ISC_SHA256_DIGESTLENGTH); + + memset(buffer, 0, ISC_SHA256_DIGESTLENGTH); memmove(buffer, test_key->key, test_key->len); - isc_hmacsha256_init(&hmacsha256, buffer, test_key->len); + isc_hmacsha256_init(&hmacsha256, buffer, len); isc_hmacsha256_update(&hmacsha256, (const uint8_t *) testcase->input, testcase->input_len); @@ -1456,8 +1465,11 @@ ATF_TC_BODY(isc_hmacsha384, tc) { hash_test_key_t *test_key = test_keys; while (testcase->input != NULL && testcase->result != NULL) { + int len = ISC_MAX(test_key->len, ISC_SHA384_DIGESTLENGTH); + + memset(buffer, 0, ISC_SHA384_DIGESTLENGTH); memmove(buffer, test_key->key, test_key->len); - isc_hmacsha384_init(&hmacsha384, buffer, test_key->len); + isc_hmacsha384_init(&hmacsha384, buffer, len); isc_hmacsha384_update(&hmacsha384, (const uint8_t *) testcase->input, testcase->input_len); @@ -1625,8 +1637,11 @@ ATF_TC_BODY(isc_hmacsha512, tc) { hash_test_key_t *test_key = test_keys; while (testcase->input != NULL && testcase->result != NULL) { + int len = ISC_MAX(test_key->len, ISC_SHA512_DIGESTLENGTH); + + memset(buffer, 0, ISC_SHA512_DIGESTLENGTH); memmove(buffer, test_key->key, test_key->len); - isc_hmacsha512_init(&hmacsha512, buffer, test_key->len); + isc_hmacsha512_init(&hmacsha512, buffer, len); isc_hmacsha512_update(&hmacsha512, (const uint8_t *) testcase->input, testcase->input_len); @@ -1769,8 +1784,11 @@ ATF_TC_BODY(isc_hmacmd5, tc) { hash_test_key_t *test_key = test_keys; while (testcase->input != NULL && testcase->result != NULL) { + int len = ISC_MAX(test_key->len, ISC_MD5_DIGESTLENGTH); + + memset(buffer, 0, ISC_MD5_DIGESTLENGTH); memmove(buffer, test_key->key, test_key->len); - isc_hmacmd5_init(&hmacmd5, buffer, test_key->len); + isc_hmacmd5_init(&hmacmd5, buffer, len); isc_hmacmd5_update(&hmacmd5, (const uint8_t *) testcase->input, testcase->input_len); -- 2.14.4