|
Packit Service |
4684c1 |
/*
|
|
Packit Service |
4684c1 |
* Copyright (C) 2016-2018 Red Hat, Inc.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Author: Nikos Mavrogiannopoulos
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This file is part of GnuTLS.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS is free software; you can redistribute it and/or modify it
|
|
Packit Service |
4684c1 |
* under the terms of the GNU General Public License as published by
|
|
Packit Service |
4684c1 |
* the Free Software Foundation; either version 3 of the License, or
|
|
Packit Service |
4684c1 |
* (at your option) any later version.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS is distributed in the hope that it will be useful, but
|
|
Packit Service |
4684c1 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
4684c1 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit Service |
4684c1 |
* General Public License for more details.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit Service |
4684c1 |
* along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#ifdef HAVE_CONFIG_H
|
|
Packit Service |
4684c1 |
#include <config.h>
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include <stdio.h>
|
|
Packit Service |
4684c1 |
#include <stdlib.h>
|
|
Packit Service |
4684c1 |
#include <string.h>
|
|
Packit Service |
4684c1 |
#include <assert.h>
|
|
Packit Service |
4684c1 |
#include <unistd.h>
|
|
Packit Service |
4684c1 |
#include <sys/types.h>
|
|
Packit Service |
4684c1 |
#include <sys/wait.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include <gnutls/gnutls.h>
|
|
Packit Service |
4684c1 |
#include <gnutls/pkcs11.h>
|
|
Packit Service |
4684c1 |
#ifndef CRYPTOKI_GNU
|
|
Packit Service |
4684c1 |
# define CRYPTOKI_GNU
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
#include <p11-kit/pkcs11.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include "utils.h"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Tests whether a gnutls_pkcs11_token_get_ptr returns valid handles. */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#if defined(HAVE___REGISTER_ATFORK)
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#ifdef _WIN32
|
|
Packit Service |
4684c1 |
# define P11LIB "libpkcs11mock1.dll"
|
|
Packit Service |
4684c1 |
#else
|
|
Packit Service |
4684c1 |
# include <dlfcn.h>
|
|
Packit Service |
4684c1 |
# define P11LIB "libpkcs11mock1.so"
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static void tls_log_func(int level, const char *str)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
fprintf(stderr, "|<%d>| %s", level, str);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#define TOKEN_NAME "whatever"
|
|
Packit Service |
4684c1 |
void doit(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
const char *lib;
|
|
Packit Service |
4684c1 |
unsigned long slot_id;
|
|
Packit Service |
4684c1 |
struct ck_function_list *mod;
|
|
Packit Service |
4684c1 |
struct ck_info info;
|
|
Packit Service |
4684c1 |
struct ck_token_info tinfo;
|
|
Packit Service |
4684c1 |
ck_rv_t rv;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = global_init();
|
|
Packit Service |
4684c1 |
if (ret != 0) {
|
|
Packit Service |
4684c1 |
fail("%d: %s\n", ret, gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
exit(1);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_global_set_log_function(tls_log_func);
|
|
Packit Service |
4684c1 |
if (debug)
|
|
Packit Service |
4684c1 |
gnutls_global_set_log_level(4711);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
lib = getenv("P11MOCKLIB1");
|
|
Packit Service |
4684c1 |
if (lib == NULL)
|
|
Packit Service |
4684c1 |
lib = P11LIB;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_pkcs11_init(GNUTLS_PKCS11_FLAG_MANUAL, NULL);
|
|
Packit Service |
4684c1 |
if (ret != 0) {
|
|
Packit Service |
4684c1 |
fail("%d: %s\n", ret, gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
exit(1);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_pkcs11_add_provider(lib, NULL);
|
|
Packit Service |
4684c1 |
if (ret != 0) {
|
|
Packit Service |
4684c1 |
fail("%d: %s\n", ret, gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
exit(1);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
static const char url[] = "pkcs11:token="TOKEN_NAME;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Testing a too small buffer */
|
|
Packit Service |
4684c1 |
size_t size = 1;
|
|
Packit Service |
4684c1 |
char *buf = gnutls_malloc(size);
|
|
Packit Service |
4684c1 |
assert(buf != NULL);
|
|
Packit Service |
4684c1 |
ret = gnutls_pkcs11_token_get_info(url,
|
|
Packit Service |
4684c1 |
GNUTLS_PKCS11_TOKEN_LABEL,
|
|
Packit Service |
4684c1 |
buf, &size);
|
|
Packit Service |
4684c1 |
assert(ret == GNUTLS_E_SHORT_MEMORY_BUFFER);
|
|
Packit Service |
4684c1 |
assert(size == strlen(TOKEN_NAME)+1);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Testing a too small buffer by one */
|
|
Packit Service |
4684c1 |
size -= 1;
|
|
Packit Service |
4684c1 |
buf = gnutls_realloc(buf, size);
|
|
Packit Service |
4684c1 |
assert(buf != NULL);
|
|
Packit Service |
4684c1 |
ret = gnutls_pkcs11_token_get_info(url,
|
|
Packit Service |
4684c1 |
GNUTLS_PKCS11_TOKEN_LABEL,
|
|
Packit Service |
4684c1 |
buf, &size);
|
|
Packit Service |
4684c1 |
assert(ret == GNUTLS_E_SHORT_MEMORY_BUFFER);
|
|
Packit Service |
4684c1 |
assert(size == strlen(TOKEN_NAME)+1);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* Testing an exactly fitting buffer */
|
|
Packit Service |
4684c1 |
buf = gnutls_realloc(buf, size);
|
|
Packit Service |
4684c1 |
assert(buf != NULL);
|
|
Packit Service |
4684c1 |
ret = gnutls_pkcs11_token_get_info(url,
|
|
Packit Service |
4684c1 |
GNUTLS_PKCS11_TOKEN_LABEL,
|
|
Packit Service |
4684c1 |
buf, &size);
|
|
Packit Service |
4684c1 |
assert(ret == 0);
|
|
Packit Service |
4684c1 |
assert(strcmp(buf, TOKEN_NAME) == 0);
|
|
Packit Service |
4684c1 |
assert(size == strlen(TOKEN_NAME));
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_free(buf);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_pkcs11_token_get_ptr("pkcs11:token=invalid", (void**)&mod, &slot_id, 0);
|
|
Packit Service |
4684c1 |
assert(ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_pkcs11_token_get_ptr("pkcs11:", (void**)&mod, &slot_id, 0);
|
|
Packit Service |
4684c1 |
if (ret < 0) {
|
|
Packit Service |
4684c1 |
fail("%d: %s\n", ret, gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
exit(1);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
rv = mod->C_GetInfo(&info;;
|
|
Packit Service |
4684c1 |
if (rv != CKR_OK) {
|
|
Packit Service |
4684c1 |
fail("%d: %s\n", ret, gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
exit(1);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
assert(info.cryptoki_version.major == 0x02);
|
|
Packit Service |
4684c1 |
assert(info.cryptoki_version.minor == 0x14);
|
|
Packit Service |
4684c1 |
assert(info.flags == 0);
|
|
Packit Service |
4684c1 |
assert(info.library_version.major == 0x01);
|
|
Packit Service |
4684c1 |
assert(info.library_version.minor == 0x00);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
rv = mod->C_GetTokenInfo(slot_id, &tinfo);
|
|
Packit Service |
4684c1 |
if (rv != CKR_OK) {
|
|
Packit Service |
4684c1 |
fail("%d: %s\n", ret, gnutls_strerror(ret));
|
|
Packit Service |
4684c1 |
exit(1);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
assert(tinfo.session_count == 0);
|
|
Packit Service |
4684c1 |
assert(tinfo.hardware_version.major == 0x01);
|
|
Packit Service |
4684c1 |
assert(tinfo.firmware_version.major == 0x01);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (debug)
|
|
Packit Service |
4684c1 |
printf("done\n\n\n");
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_pkcs11_deinit();
|
|
Packit Service |
4684c1 |
gnutls_global_deinit();
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
#else
|
|
Packit Service |
4684c1 |
void doit(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
exit(77);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
#endif
|