diff --git a/src/p11_load.c b/src/p11_load.c index 58cec7c..4109083 100644 --- a/src/p11_load.c +++ b/src/p11_load.c @@ -126,8 +126,7 @@ int pkcs11_CTX_reload(PKCS11_CTX *ctx) return -1; } - /* Reinitialize the PKCS11 internal slot table */ - return pkcs11_enumerate_slots(ctx, NULL, NULL); + return 0; } /* diff --git a/tests/Makefile.am b/tests/Makefile.am index b65e24a..1112078 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -9,10 +9,10 @@ AM_CPPFLAGS = \ AM_LDFLAGS = -no-install LDADD = ../src/libp11.la $(OPENSSL_LIBS) -check_PROGRAMS = openssl_version fork-test evp-sign +check_PROGRAMS = openssl_version fork-test evp-sign fork-change-slot dist_check_SCRIPTS = \ rsa-testpkcs11.softhsm rsa-testfork.softhsm rsa-testlistkeys.softhsm rsa-evp-sign.softhsm \ - ec-testfork.softhsm + ec-testfork.softhsm fork-change-slot.softhsm dist_check_DATA = \ rsa-cert.der rsa-prvkey.der rsa-pubkey.der \ ec-cert.der ec-prvkey.der ec-pubkey.der diff --git a/tests/ec-common.sh b/tests/ec-common.sh index 2e6f735..a709c0d 100755 --- a/tests/ec-common.sh +++ b/tests/ec-common.sh @@ -33,7 +33,7 @@ echo "Output directory: ${outdir}" mkdir -p $outdir -for i in /usr/lib64/pkcs11 /usr/lib/softhsm /usr/local/lib/softhsm /opt/local/lib/softhsm /usr/lib/x86_64-linux-gnu/softhsm /usr/lib /usr/lib64/softhsm;do +for i in /usr/lib64/pkcs11 /usr/lib64/softhsm /usr/lib/x86_64-linux-gnu/softhsm /usr/local/lib/softhsm /opt/local/lib/softhsm /usr/lib/softhsm /usr/lib ;do if test -f "$i/libsofthsm2.so"; then ADDITIONAL_PARAM="$i/libsofthsm2.so" break @@ -53,6 +53,11 @@ init_card () { PIN="$1" PUK="$2" + if test -x "/usr/bin/softhsm"; then + export SOFTHSM_CONF="$outdir/softhsm-testpkcs11.config" + SOFTHSM_TOOL="/usr/bin/softhsm" + fi + if test -x "/usr/local/bin/softhsm2-util"; then export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config" SOFTHSM_TOOL="/usr/local/bin/softhsm2-util" @@ -68,17 +73,12 @@ init_card () { SOFTHSM_TOOL="/usr/bin/softhsm2-util" fi - if test -x "/usr/bin/softhsm"; then - export SOFTHSM_CONF="$outdir/softhsm-testpkcs11.config" - SOFTHSM_TOOL="/usr/bin/softhsm" - fi - if test -z "${SOFTHSM_TOOL}"; then echo "Could not find softhsm(2) tool" exit 77 fi - if test -z "${SOFTHSM_CONF}"; then + if test -n "${SOFTHSM2_CONF}"; then rm -rf $outdir/softhsm-testpkcs11.db mkdir -p $outdir/softhsm-testpkcs11.db echo "objectstore.backend = file" > "${SOFTHSM2_CONF}" diff --git a/tests/fork-change-slot.c b/tests/fork-change-slot.c new file mode 100644 index 0000000..8e782ce --- /dev/null +++ b/tests/fork-change-slot.c @@ -0,0 +1,288 @@ +/* libp11 test code: fork-change-slot.c + * + * This program loads a key pair using the engine pkcs11, forks to create + * a new process, and waits for a SIGUSR1 signal before trying to sign/verify + * random data in both parent and child processes. + * + * The intention of the signal waiting is to allow the user to add/remove + * devices before continuing to the signature/verifying test. + * + * Adding or removing devices can lead to a change in the list of slot IDs + * obtained from the PKCS#11 module. If the engine does not handle the + * slot ID referenced by the previously loaded key properly, then the key in + * the child process can reference to the wrong slot ID after forking. + * This would lead to an error, since the engine will try to sign the data + * using the key in the wrong slot. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#include +#include +#include + +#define RANDOM_SIZE 20 +#define MAX_SIGSIZE 1024 + +#if OPENSSL_VERSION_NUMBER < 0x10100003L +#define EVP_PKEY_get0_RSA(key) ((key)->pkey.rsa) +#endif + +static int do_wait(pid_t pids[], int num) +{ + int i; + int status = 0; + + for (i = 0; i < num; i++) { + waitpid(pids[i], &status, 0); + if (WIFEXITED(status)) { + printf("child %d exited with status %d\n", pids[i], WEXITSTATUS(status)); + return (WEXITSTATUS(status)); + } + if (WIFSIGNALED(status)) { + fprintf(stderr, "Child %d terminated by signal #%d\n", pids[i], + WTERMSIG(status)); + return (WTERMSIG(status)); + } + else { + perror("waitpid"); + } + } + + return 0; +} + +static int spawn_processes(int num) +{ + int i; + int chld_ret = 0; + pid_t *pids; + pid_t pid; + + sigset_t set, oldset; + int signal; + + sigemptyset(&set); + sigaddset(&set, SIGUSR1); + + /* If only 1 process was requested, no more processes are required */ + if (num <= 1) { + return 0; + } + + pids = (pid_t *)malloc(num * sizeof(pid_t)); + if (pids == NULL) { + exit(ENOMEM); + } + + /* Spawn (num - 1) new processes to get a total of num processes */ + for (i = 0; i < (num - 1); i++) { + pid = fork(); + switch (pid) { + case -1: /* failed */ + perror("fork"); + do_wait(pids, i); + free(pids); + exit(5); + case 0: /* child */ + printf("Remove or add a device to try to cause an error\n"); + printf("Waiting for signal SIGUSR1\n"); + sigprocmask(SIG_BLOCK, &set, &oldset); + sigwait(&set, &signal); + sigprocmask(SIG_SETMASK, &oldset, NULL); + free(pids); + return 0; + default: /* parent */ + pids[i] = pid; + printf("spawned %d\n", pid); + } + } + + /* Wait for the created processes */ + chld_ret = do_wait(pids, (num - 1)); + + free(pids); + + return chld_ret; +} + +static void error_queue(const char *name, int pid) +{ + if (ERR_peek_last_error()) { + fprintf(stderr, "pid %d: %s generated errors:\n", pid, name); + ERR_print_errors_fp(stderr); + } +} + +static void usage(char *arg) +{ + printf("usage: %s (Key PKCS#11 URL) [opt: PKCS#11 module path]\n", + arg); +} + +int main(int argc, char *argv[]) +{ + const EVP_MD *digest_algo = NULL; + EVP_PKEY *pkey = NULL; + EVP_MD_CTX *md_ctx = NULL; + ENGINE *engine = NULL; + unsigned char random[RANDOM_SIZE], signature[MAX_SIGSIZE]; + unsigned int siglen = MAX_SIGSIZE; + + int ret, num_processes = 2; + pid_t pid; + + int rv = 1; + + /* Check arguments */ + if (argc < 2) { + fprintf(stderr, "Missing required arguments\n"); + usage(argv[0]); + goto failed; + } + + if (argc > 4) { + fprintf(stderr, "Too many arguments\n"); + usage(argv[0]); + goto failed; + } + + /* Check PKCS#11 URL */ + if (strncmp(argv[1], "pkcs11:", 7)) { + fprintf(stderr, "fatal: invalid PKCS#11 URL\n"); + usage(argv[0]); + goto failed; + } + + pid = getpid(); + printf("pid %d is the parent\n", pid); + + /* Load configuration file, if provided */ + if (argc >= 3) { + ret = CONF_modules_load_file(argv[2], "engines", 0); + if (ret <= 0) { + fprintf(stderr, "cannot load %s\n", argv[2]); + error_queue("CONF_modules_load_file", pid); + goto failed; + } + ENGINE_add_conf_module(); + } + + ENGINE_add_conf_module(); + OpenSSL_add_all_algorithms(); + ERR_load_crypto_strings(); + ERR_clear_error(); + ENGINE_load_builtin_engines(); + + /* Get structural reference */ + engine = ENGINE_by_id("pkcs11"); + if (engine == NULL) { + fprintf(stderr, "fatal: engine \"pkcs11\" not available\n"); + error_queue("ENGINE_by_id", pid); + goto failed; + } + + /* Set the used */ + if (argc >= 4) { + ENGINE_ctrl_cmd(engine, "MODULE_PATH", 0, argv[3], NULL, 1); + } + + /* Initialize to get the engine functional reference */ + if (ENGINE_init(engine)) { + pkey = ENGINE_load_private_key(engine, argv[1], 0, 0); + if (pkey == NULL) { + error_queue("ENGINE_load_private_key", pid); + goto failed; + } + + if (!ENGINE_set_default(engine, ENGINE_METHOD_ALL)) { + error_queue("ENGINE_set_default", pid); + goto failed; + } + + ENGINE_free(engine); + engine = NULL; + } + else { + error_queue("ENGINE_init", pid); + goto failed; + } + + /* Spawn processes and check child return */ + if (spawn_processes(num_processes)) { + goto failed; + } + pid = getpid(); + + /* Generate random data */ + if (!RAND_bytes(random, RANDOM_SIZE)){ + error_queue("RAND_bytes", pid); + goto failed; + } + + /* Create context to sign the random data */ + digest_algo = EVP_get_digestbyname("sha256"); + md_ctx = EVP_MD_CTX_create(); + if (EVP_DigestInit(md_ctx, digest_algo) <= 0) { + error_queue("EVP_DigestInit", pid); + goto failed; + } + + EVP_SignInit(md_ctx, digest_algo); + if (EVP_SignUpdate(md_ctx, random, RANDOM_SIZE) <= 0) { + error_queue("EVP_SignUpdate", pid); + goto failed; + } + + if (EVP_SignFinal(md_ctx, signature, &siglen, pkey) <= 0) { + error_queue("EVP_SignFinal", pid); + goto failed; + } + EVP_MD_CTX_destroy(md_ctx); + + printf("pid %d: %u-byte signature created\n", pid, siglen); + + /* Now verify the result */ + md_ctx = EVP_MD_CTX_create(); + if (EVP_DigestInit(md_ctx, digest_algo) <= 0) { + error_queue("EVP_DigestInit", pid); + goto failed; + } + + EVP_VerifyInit(md_ctx, digest_algo); + if (EVP_VerifyUpdate(md_ctx, random, RANDOM_SIZE) <= 0) { + error_queue("EVP_VerifyUpdate", pid); + goto failed; + } + + if (EVP_VerifyFinal(md_ctx, signature, siglen, pkey) <= 0) { + error_queue("EVP_VerifyFinal", pid); + goto failed; + } + printf("pid %d: Signature matched\n", pid); + + rv = 0; + +failed: + if (md_ctx != NULL) + EVP_MD_CTX_destroy(md_ctx); + if (pkey != NULL) + EVP_PKEY_free(pkey); + if (engine != NULL) + ENGINE_free(engine); + CRYPTO_cleanup_all_ex_data(); + ERR_free_strings(); + + return rv; +} diff --git a/tests/fork-change-slot.softhsm b/tests/fork-change-slot.softhsm new file mode 100755 index 0000000..f13d2c8 --- /dev/null +++ b/tests/fork-change-slot.softhsm @@ -0,0 +1,75 @@ +#!/bin/sh + +# Copyright (C) 2013 Nikos Mavrogiannopoulos +# Copyright (C) 2015 Red Hat, Inc. +# +# This is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at +# your option) any later version. +# +# GnuTLS is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +outdir="output.$$" + +# Load common test functions +. ${srcdir}/rsa-common.sh + +sed -e "s|@MODULE_PATH@|${MODULE}|g" -e \ + "s|@ENGINE_PATH@|../src/.libs/pkcs11.so|g" \ + <"${srcdir}/engines.cnf.in" >"${outdir}/engines.cnf" + +# Set the used PIN and PUK +PIN=1234 +PUK=1234 + +# Initialize SoftHSM DB +init_db + +# Create 2 different tokens +init_card $PIN $PUK "token1" +init_card $PIN $PUK "token2" + +# Force the use of the local built engine +export OPENSSL_ENGINES="../src/.libs/" + +# Generate a key pair in the second token +pkcs11-tool --module ${MODULE} -l --pin $PIN --keypairgen --key-type \ + rsa:1024 --id 01020304 --label pkey --token-label token2 +if test $? != 0;then + exit 1; +fi + +# Run the test program which will stop and wait for a signal (SIGUSR1) +./fork-change-slot \ + "pkcs11:token=token2;object=pkey;type=private;pin-value=$PIN" \ + "${outdir}/engines.cnf" ${MODULE} & +pid=$! + +# Wait the test program to reach the sigwait +sleep 3 + +# Remove the first token to change the slotID associated with token2 +${SOFTHSM_TOOL} --delete-token --token token1 + +# Send the signal to the waiting process +kill -USR1 `pgrep -P $pid` + +# Test the result +wait $pid +if test $? != 0;then + exit 1; +fi + +# Cleanup +rm -rf "$outdir" + +exit 0 + diff --git a/tests/rsa-common.sh b/tests/rsa-common.sh index ba1faf5..7db5ba0 100755 --- a/tests/rsa-common.sh +++ b/tests/rsa-common.sh @@ -10,7 +10,7 @@ # # GnuTLS is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License @@ -23,13 +23,15 @@ echo "Output directory: ${outdir}" mkdir -p $outdir -for i in /usr/lib64/pkcs11 /usr/lib/softhsm /usr/local/lib/softhsm /opt/local/lib/softhsm /usr/lib/x86_64-linux-gnu/softhsm /usr/lib /usr/lib64/softhsm;do +# Set the module to be used +for i in /usr/lib64/pkcs11 /usr/lib64/softhsm /usr/lib/x86_64-linux-gnu/softhsm \ + /usr/local/lib/softhsm /opt/local/lib/softhsm /usr/lib/softhsm /usr/lib ;do if test -f "$i/libsofthsm2.so"; then - ADDITIONAL_PARAM="$i/libsofthsm2.so" + MODULE="$i/libsofthsm2.so" break else if test -f "$i/libsofthsm.so";then - ADDITIONAL_PARAM="$i/libsofthsm.so" + MODULE="$i/libsofthsm.so" break fi fi @@ -39,28 +41,30 @@ if (! test -x /usr/bin/pkcs11-tool && ! test -x /usr/local/bin/pkcs11-tool);then exit 77 fi -init_card () { - PIN="$1" - PUK="$2" +# Initialize the SoftHSM DB +init_db () { + if test -x "/usr/bin/softhsm"; then + export SOFTHSM_CONF="$outdir/softhsm-testpkcs11.config" + SOFTHSM_TOOL="/usr/bin/softhsm" + SLOT="--slot 0" + fi if test -x "/usr/local/bin/softhsm2-util"; then export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config" SOFTHSM_TOOL="/usr/local/bin/softhsm2-util" + SLOT="--free " fi if test -x "/opt/local/bin/softhsm2-util"; then export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config" SOFTHSM_TOOL="/opt/local/bin/softhsm2-util" + SLOT="--free " fi if test -x "/usr/bin/softhsm2-util"; then export SOFTHSM2_CONF="$outdir/softhsm-testpkcs11.config" SOFTHSM_TOOL="/usr/bin/softhsm2-util" - fi - - if test -x "/usr/bin/softhsm"; then - export SOFTHSM_CONF="$outdir/softhsm-testpkcs11.config" - SOFTHSM_TOOL="/usr/bin/softhsm" + SLOT="--free " fi if test -z "${SOFTHSM_TOOL}"; then @@ -68,19 +72,27 @@ init_card () { exit 77 fi - if test -z "${SOFTHSM_CONF}"; then + if test -n "${SOFTHSM2_CONF}"; then rm -rf $outdir/softhsm-testpkcs11.db mkdir -p $outdir/softhsm-testpkcs11.db echo "objectstore.backend = file" > "${SOFTHSM2_CONF}" - echo "directories.tokendir = $outdir/softhsm-testpkcs11.db" >> "${SOFTHSM2_CONF}" + echo "directories.tokendir = $outdir/softhsm-testpkcs11.db" >> \ + "${SOFTHSM2_CONF}" else rm -rf $outdir/softhsm-testpkcs11.db echo "0:$outdir/softhsm-testpkcs11.db" > "${SOFTHSM_CONF}" fi +} +# Create a new device +init_card () { + PIN="$1" + PUK="$2" + DEV_LABEL="$3" echo -n "* Initializing smart card... " - ${SOFTHSM_TOOL} --init-token --slot 0 --label "libp11-test" --so-pin "${PUK}" --pin "${PIN}" >/dev/null + ${SOFTHSM_TOOL} --init-token ${SLOT} --label "${DEV_LABEL}" \ + --so-pin "${PUK}" --pin "${PIN}" >/dev/null if test $? = 0; then echo ok else @@ -89,27 +101,55 @@ init_card () { fi } -PIN=1234 -PUK=1234 -init_card $PIN $PUK +# Import objects to the token +import_objects () { + ID=$1 + OBJ_LABEL=$2 -# generate key in token -pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/rsa-prvkey.der -y privkey >/dev/null -if test $? != 0;then - exit 1; -fi + pkcs11-tool -p ${PIN} --module ${MODULE} -d ${ID} -a ${OBJ_LABEL} -l -w \ + ${srcdir}/rsa-prvkey.der -y privkey >/dev/null + if test $? != 0;then + exit 1; + fi -pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/rsa-pubkey.der -y pubkey >/dev/null -if test $? != 0;then - exit 1; -fi + pkcs11-tool -p ${PIN} --module ${MODULE} -d ${ID} -a ${OBJ_LABEL} -l -w \ + ${srcdir}/rsa-pubkey.der -y pubkey >/dev/null + if test $? != 0;then + exit 1; + fi -pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 01020304 -a server-key -l -w ${srcdir}/rsa-cert.der -y cert >/dev/null -if test $? != 0;then - exit 1; -fi + pkcs11-tool -p ${PIN} --module ${MODULE} -d ${ID} -a ${OBJ_LABEL} -l -w \ + ${srcdir}/rsa-cert.der -y cert >/dev/null + if test $? != 0;then + exit 1; + fi + + echo Finished +} -echo "***************" -echo "Listing objects" -echo "***************" -pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -l -O +# List the objects contained in the token +list_objects () { + echo "***************" + echo "Listing objects" + echo "***************" + pkcs11-tool -p ${PIN} --module ${MODULE} -l -O +} + +common_init () { + # Set the used PIN and PUK + PIN=1234 + PUK=1234 + + # Initialize the SoftHSM DB + init_db + + # Initialize a new device + init_card $PIN $PUK "libp11-test" + + echo Importing + # Import the used objects (private key, public key, and certificate) + import_objects 01020304 "server-key" + + # List the imported objects + list_objects +} diff --git a/tests/rsa-evp-sign.softhsm b/tests/rsa-evp-sign.softhsm index 4d60c83..7ef993d 100755 --- a/tests/rsa-evp-sign.softhsm +++ b/tests/rsa-evp-sign.softhsm @@ -18,47 +18,49 @@ outdir="output.$$" +# Load common test functions . ${srcdir}/rsa-common.sh -# This uses the engine for basic sign-verify operation. +# Do the common test initialization +common_init -sed -e "s|@MODULE_PATH@|${ADDITIONAL_PARAM}|g" -e "s|@ENGINE_PATH@|../src/.libs/pkcs11.so|g" <"${srcdir}/engines.cnf.in" >"${outdir}/engines.cnf" +sed -e "s|@MODULE_PATH@|${MODULE}|g" -e "s|@ENGINE_PATH@|../src/.libs/pkcs11.so|g" <"${srcdir}/engines.cnf.in" >"${outdir}/engines.cnf" export OPENSSL_ENGINES="../src/.libs/" PRIVATE_KEY="pkcs11:token=libp11-test;id=%01%02%03%04;object=server-key;type=private;pin-value=1234" PUBLIC_KEY="pkcs11:token=libp11-test;id=%01%02%03%04;object=server-key;type=public;pin-value=1234" -./evp-sign ctrl false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${ADDITIONAL_PARAM} +./evp-sign ctrl false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} if test $? != 0;then echo "Basic PKCS #11 test, using ctrl failed" exit 1; fi -./evp-sign default false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${ADDITIONAL_PARAM} +./evp-sign default false "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} if test $? != 0;then echo "Basic PKCS #11 test, using default failed" exit 1; fi -./evp-sign ctrl 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${ADDITIONAL_PARAM} +./evp-sign ctrl 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} if test $? != 0;then echo "Basic PKCS #11 test without pin-value, using ctrl failed" exit 1; fi -./evp-sign default 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${ADDITIONAL_PARAM} +./evp-sign default 1234 "${outdir}/engines.cnf" ${PRIVATE_KEY} ${PUBLIC_KEY} ${MODULE} if test $? != 0;then echo "Basic PKCS #11 test without pin-value, using default failed" exit 1; fi -./evp-sign ctrl 1234 "${outdir}/engines.cnf" "label_server-key" "label_server-key" ${ADDITIONAL_PARAM} +./evp-sign ctrl 1234 "${outdir}/engines.cnf" "label_server-key" "label_server-key" ${MODULE} if test $? != 0;then echo "Basic PKCS #11 test with legacy name #1 failed" exit 1; fi -./evp-sign default 1234 "${outdir}/engines.cnf" "id_01020304" "id_01020304" ${ADDITIONAL_PARAM} +./evp-sign default 1234 "${outdir}/engines.cnf" "id_01020304" "id_01020304" ${MODULE} if test $? != 0;then echo "Basic PKCS #11 test with legacy name #2 failed" exit 1; diff --git a/tests/rsa-testfork.softhsm b/tests/rsa-testfork.softhsm index 0643e96..ba5d851 100755 --- a/tests/rsa-testfork.softhsm +++ b/tests/rsa-testfork.softhsm @@ -19,13 +19,19 @@ outdir="output.$$" +# Load common test functions . ${srcdir}/rsa-common.sh -./fork-test $ADDITIONAL_PARAM $PIN +# Do the common test initialization +common_init + +# Run the test +./fork-test ${MODULE} ${PIN} if test $? != 0;then exit 1; fi +# Cleanup rm -rf "$outdir" exit 0 diff --git a/tests/rsa-testlistkeys.softhsm b/tests/rsa-testlistkeys.softhsm index 9494f9d..b3696f5 100755 --- a/tests/rsa-testlistkeys.softhsm +++ b/tests/rsa-testlistkeys.softhsm @@ -19,9 +19,14 @@ outdir="output.$$" +# Load common test functions . ${srcdir}/rsa-common.sh -../examples/listkeys $ADDITIONAL_PARAM $PIN +# Do the common test initialization +common_init + +# Run the test +../examples/listkeys ${MODULE} ${PIN} if test $? != 0;then exit 1; fi diff --git a/tests/rsa-testpkcs11.softhsm b/tests/rsa-testpkcs11.softhsm index d1e1f50..f76a8d3 100755 --- a/tests/rsa-testpkcs11.softhsm +++ b/tests/rsa-testpkcs11.softhsm @@ -20,14 +20,19 @@ outdir="output.$$" +# Load common test functions . ${srcdir}/rsa-common.sh -../examples/auth $ADDITIONAL_PARAM $PIN +# Do the common test initialization +common_init + +../examples/auth ${MODULE} ${PIN} if test $? != 0;then echo "Basic PKCS #11 test test failed" exit 1; fi +# Cleanup rm -rf "$outdir" exit 0