From 10ed7e56f159dba8980644494532898c9063438d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Trojnara?= Date: Thu, 23 Aug 2018 22:19:04 +0200 Subject: [PATCH 03/23] ec-evp-sign test --- tests/Makefile.am | 1 + tests/ec-common.sh | 18 +++++----- tests/ec-evp-sign.softhsm | 71 +++++++++++++++++++++++++++++++++++++++ tests/ec-testfork.softhsm | 2 +- 4 files changed, 82 insertions(+), 10 deletions(-) create mode 100755 tests/ec-evp-sign.softhsm diff --git a/tests/Makefile.am b/tests/Makefile.am index 8864709..cd17051 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -21,6 +21,7 @@ dist_check_SCRIPTS = \ rsa-testfork.softhsm \ rsa-testlistkeys.softhsm \ rsa-evp-sign.softhsm \ + ec-evp-sign.softhsm \ ec-testfork.softhsm \ fork-change-slot.softhsm \ rsa-pss-sign.softhsm \ diff --git a/tests/ec-common.sh b/tests/ec-common.sh index a709c0d..a53a4ee 100755 --- a/tests/ec-common.sh +++ b/tests/ec-common.sh @@ -35,11 +35,11 @@ mkdir -p $outdir for i in /usr/lib64/pkcs11 /usr/lib64/softhsm /usr/lib/x86_64-linux-gnu/softhsm /usr/local/lib/softhsm /opt/local/lib/softhsm /usr/lib/softhsm /usr/lib ;do if test -f "$i/libsofthsm2.so"; then - ADDITIONAL_PARAM="$i/libsofthsm2.so" + MODULE="$i/libsofthsm2.so" break else if test -f "$i/libsofthsm.so";then - ADDITIONAL_PARAM="$i/libsofthsm.so" + MODULE="$i/libsofthsm.so" break fi fi @@ -104,18 +104,18 @@ PUK=1234 init_card $PIN $PUK # generate key in token -pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/ec-prvkey.der -y privkey >/dev/null +pkcs11-tool -p $PIN --module $MODULE -d 01020304 -a server-key -l -w ${srcdir}/ec-prvkey.der -y privkey >/dev/null if test $? != 0;then exit 1; fi # pkcs11-tool currently only supports RSA public keys -#pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/ec-pubkey.der -y pubkey >/dev/null -#if test $? != 0;then -# exit 1; -#fi +pkcs11-tool -p $PIN --module $MODULE -d 01020304 -a server-key -l -w ${srcdir}/ec-pubkey.der -y pubkey >/dev/null +if test $? != 0;then + exit 1; +fi -pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/ec-cert.der -y cert >/dev/null +pkcs11-tool -p $PIN --module $MODULE -d 01020304 -a server-key -l -w ${srcdir}/ec-cert.der -y cert >/dev/null if test $? != 0;then exit 1; fi @@ -123,4 +123,4 @@ fi echo "***************" echo "Listing objects" echo "***************" -pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -l -O +pkcs11-tool -p $PIN --module $MODULE -l -O diff --git a/tests/ec-evp-sign.softhsm b/tests/ec-evp-sign.softhsm new file mode 100755 index 0000000..edecd4a --- /dev/null +++ b/tests/ec-evp-sign.softhsm @@ -0,0 +1,71 @@ +#!/bin/sh + +# Copyright (C) 2015 Nikos Mavrogiannopoulos +# +# GnuTLS is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +outdir="output.$$" + +# Load common test functions +. ${srcdir}/ec-common.sh + +# Do the common test initialization +# common_init + +sed -e "s|@MODULE_PATH@|${MODULE}|g" -e "s|@ENGINE_PATH@|../src/.libs/pkcs11.so|g" <"${srcdir}/engines.cnf.in" >"${outdir}/engines.cnf" + +export OPENSSL_ENGINES="../src/.libs/" +PRIVATE_KEY="pkcs11:token=libp11-test;id=%01%02%03%04;object=server-key;type=private;pin-value=1234" +PUBLIC_KEY="pkcs11:token=libp11-test;id=%01%02%03%04;object=server-key;type=public;pin-value=1234" + +./evp-sign ctrl false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} +if test $? != 0;then + echo "Basic PKCS #11 test, using ctrl failed" + exit 1; +fi + +./evp-sign default false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} +if test $? != 0;then + echo "Basic PKCS #11 test, using default failed" + exit 1; +fi + +./evp-sign ctrl 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} +if test $? != 0;then + echo "Basic PKCS #11 test without pin-value, using ctrl failed" + exit 1; +fi + +./evp-sign default 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} +if test $? != 0;then + echo "Basic PKCS #11 test without pin-value, using default failed" + exit 1; +fi + +./evp-sign ctrl 1234 "${outdir}/engines.cnf" "label_server-key" "label_server-key" ${MODULE} +if test $? != 0;then + echo "Basic PKCS #11 test with legacy name #1 failed" + exit 1; +fi + +./evp-sign default 1234 "${outdir}/engines.cnf" "id_01020304" "id_01020304" ${MODULE} +if test $? != 0;then + echo "Basic PKCS #11 test with legacy name #2 failed" + exit 1; +fi + +rm -rf "$outdir" + +exit 0 diff --git a/tests/ec-testfork.softhsm b/tests/ec-testfork.softhsm index 961424a..55b6516 100755 --- a/tests/ec-testfork.softhsm +++ b/tests/ec-testfork.softhsm @@ -21,7 +21,7 @@ outdir="output.$$" . ${srcdir}/ec-common.sh -./fork-test $ADDITIONAL_PARAM $PIN +./fork-test $MODULE $PIN if test $? != 0;then exit 1; fi -- 2.17.1