|
Packit |
8681c6 |
/*
|
|
Packit |
8681c6 |
* COPYRIGHT (c) International Business Machines Corp. 2011-2017
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* This program is provided under the terms of the Common Public License,
|
|
Packit |
8681c6 |
* version 1.0 (CPL-1.0). Any use, reproduction or distribution for this
|
|
Packit |
8681c6 |
* software constitutes recipient's acceptance of CPL-1.0 terms which can be
|
|
Packit |
8681c6 |
* found in the file LICENSE file or at
|
|
Packit |
8681c6 |
* https://opensource.org/licenses/cpl1.0.php
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/*
|
|
Packit |
8681c6 |
* openCryptoki testcase for RSA
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* August 18, 2011
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* Fionnuala Gunter <fin@linux.vnet.ibm.com>
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#include <stdio.h>
|
|
Packit |
8681c6 |
#include <stdlib.h>
|
|
Packit |
8681c6 |
#include <string.h>
|
|
Packit |
8681c6 |
#include <memory.h>
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#include "pkcs11types.h"
|
|
Packit |
8681c6 |
#include "common.c"
|
|
Packit |
8681c6 |
#include "regress.h"
|
|
Packit |
8681c6 |
#include "mech_to_str.h"
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#include "rsa.h"
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
#define CHUNK 20
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* This function should test:
|
|
Packit |
8681c6 |
* RSA Key Generation, usign CKM_RSA_PKCS_KEY_PAIR_GEN
|
|
Packit |
8681c6 |
* RSA SignUpdate for generated test vectors, mechanism chosen by caller
|
|
Packit |
8681c6 |
* RSA VerifyUpdate for generated test vectors, mechanism chosen by caller
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* 1. Generate RSA Key Pair
|
|
Packit |
8681c6 |
* 2. Generate message
|
|
Packit |
8681c6 |
* 3. Sign message
|
|
Packit |
8681c6 |
* 4. Verify signature
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
CK_RV do_SignVerifyUpdateRSA(struct GENERATED_TEST_SUITE_INFO *tsuite)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
unsigned int i; // test vector index
|
|
Packit |
8681c6 |
unsigned int j; // message byte index
|
|
Packit |
8681c6 |
int inc, count, len;
|
|
Packit |
8681c6 |
CK_BYTE message[MAX_MESSAGE_SIZE];
|
|
Packit |
8681c6 |
CK_ULONG message_len;
|
|
Packit |
8681c6 |
CK_BYTE signature[MAX_SIGNATURE_SIZE];
|
|
Packit |
8681c6 |
CK_ULONG signature_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_MECHANISM mech;
|
|
Packit |
8681c6 |
CK_OBJECT_HANDLE publ_key, priv_key;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE session;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_RV rc, loc_rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
char *s;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// begin testsuite
|
|
Packit |
8681c6 |
testsuite_begin("%s SignUpdate VerifyUpdate.", tsuite->name);
|
|
Packit |
8681c6 |
testcase_rw_session();
|
|
Packit |
8681c6 |
testcase_user_login();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// skip tests if the slot doesn't support this mechanism
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, tsuite->mech.mechanism)) {
|
|
Packit |
8681c6 |
testsuite_skip(tsuite->tvcount,
|
|
Packit |
8681c6 |
"Slot %u doesn't support %s (%u)",
|
|
Packit |
8681c6 |
(unsigned int) slot_id,
|
|
Packit |
8681c6 |
mech_to_str(tsuite->mech.mechanism),
|
|
Packit |
8681c6 |
(unsigned int) tsuite->mech.mechanism);
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// iterate over test vectors
|
|
Packit |
8681c6 |
for (i = 0; i < tsuite->tvcount; i++) {
|
|
Packit |
8681c6 |
// get public exponent from test vector
|
|
Packit |
8681c6 |
if (p11_ahex_dump(&s, tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len) == NULL) {
|
|
Packit |
8681c6 |
testcase_error("p11_ahex_dump() failed");
|
|
Packit |
8681c6 |
rc = -1;
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// begin test
|
|
Packit |
8681c6 |
testcase_begin("%s Sign and Verify with test vector %d, "
|
|
Packit |
8681c6 |
"\npubl_exp='%s', mod_bits='%lu', keylen='%lu'.",
|
|
Packit |
8681c6 |
tsuite->name, i, s,
|
|
Packit |
8681c6 |
tsuite->tv[i].modbits, tsuite->tv[i].keylen);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (!keysize_supported(slot_id, tsuite->mech.mechanism,
|
|
Packit |
8681c6 |
tsuite->tv[i].modbits)) {
|
|
Packit |
8681c6 |
testcase_skip("Token in slot %ld cannot be used with "
|
|
Packit |
8681c6 |
"modbits.='%ld'", SLOT_ID, tsuite->tv[i].modbits);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_ep11_token(slot_id)) {
|
|
Packit |
8681c6 |
if (!is_valid_ep11_pubexp(tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len)) {
|
|
Packit |
8681c6 |
testcase_skip("EP11 Token cannot "
|
|
Packit |
8681c6 |
"be used with publ_exp.='%s'", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_cca_token(slot_id)) {
|
|
Packit |
8681c6 |
if (!is_valid_cca_pubexp(tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len)) {
|
|
Packit |
8681c6 |
testcase_skip("CCA Token cannot "
|
|
Packit |
8681c6 |
"be used with publ_exp='%s'.", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_tpm_token(slot_id)) {
|
|
Packit |
8681c6 |
if ((!is_valid_tpm_pubexp(tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len))
|
|
Packit |
8681c6 |
|| (!is_valid_tpm_modbits(tsuite->tv[i].modbits))) {
|
|
Packit |
8681c6 |
testcase_skip("TPM Token cannot " "be used with publ_exp='%s'.",
|
|
Packit |
8681c6 |
s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_icsf_token(slot_id)) {
|
|
Packit |
8681c6 |
if (!is_valid_icsf_pubexp(tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len) ||
|
|
Packit |
8681c6 |
(tsuite->tv[i].modbits < 1024)) {
|
|
Packit |
8681c6 |
testcase_skip("ICSF Token cannot "
|
|
Packit |
8681c6 |
"be used with publ_exp='%s'.", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// free memory
|
|
Packit |
8681c6 |
free(s);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = CKR_OK; // set rc
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clear buffers
|
|
Packit |
8681c6 |
memset(message, 0, MAX_MESSAGE_SIZE);
|
|
Packit |
8681c6 |
memset(signature, 0, MAX_SIGNATURE_SIZE);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get test vector parameters
|
|
Packit |
8681c6 |
message_len = tsuite->tv[i].inputlen;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// generate key pair
|
|
Packit |
8681c6 |
rc = generate_RSA_PKCS_KeyPair(session,
|
|
Packit |
8681c6 |
tsuite->tv[i].modbits,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len,
|
|
Packit |
8681c6 |
&publ_key, &priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("generate_RSA_PKCS_KeyPair(), "
|
|
Packit |
8681c6 |
"rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// generate message
|
|
Packit |
8681c6 |
for (j = 0; j < message_len; j++) {
|
|
Packit |
8681c6 |
message[j] = (j + 1) % 255;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get mech
|
|
Packit |
8681c6 |
mech = tsuite->mech;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// initialize Sign (length only)
|
|
Packit |
8681c6 |
rc = funcs->C_SignInit(session, &mech, priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignInit(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// set buffer size
|
|
Packit |
8681c6 |
signature_len = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// do SignUpdate
|
|
Packit |
8681c6 |
len = message_len;
|
|
Packit |
8681c6 |
for (count = 0; len > 0; count += inc) {
|
|
Packit |
8681c6 |
if (len < CHUNK)
|
|
Packit |
8681c6 |
inc = len;
|
|
Packit |
8681c6 |
else
|
|
Packit |
8681c6 |
inc = CHUNK;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SignUpdate(session, message + count, inc);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignUpdate(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
len -= inc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* get the required length */
|
|
Packit |
8681c6 |
testcase_new_assertion();
|
|
Packit |
8681c6 |
rc = funcs->C_SignFinal(session, NULL, &signature_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignFinal(),rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
if (signature_len == (tsuite->tv[i].modbits / 8)) {
|
|
Packit |
8681c6 |
testcase_pass("C_SignFinal set output length.");
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
testcase_fail("C_SignFinal failed to set length: "
|
|
Packit |
8681c6 |
"expected %ld, got %ld.",
|
|
Packit |
8681c6 |
signature_len, tsuite->tv[i].modbits / 8);
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SignFinal(session, signature, &signature_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignFinal(),rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// initialize Verify
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyInit(session, &mech, publ_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_VerifyInit(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// do VerifyUpdate
|
|
Packit |
8681c6 |
len = message_len;
|
|
Packit |
8681c6 |
for (count = 0; len > 0; count += inc) {
|
|
Packit |
8681c6 |
if (len < CHUNK)
|
|
Packit |
8681c6 |
inc = len;
|
|
Packit |
8681c6 |
else
|
|
Packit |
8681c6 |
inc = CHUNK;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyUpdate(session, message + count, inc);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_VerifyUpdate(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
len -= inc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyFinal(session, signature, signature_len);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// check results
|
|
Packit |
8681c6 |
testcase_new_assertion();
|
|
Packit |
8681c6 |
if (rc == CKR_OK) {
|
|
Packit |
8681c6 |
testcase_pass("C_VerifyFinal.");
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
testcase_fail("C_VerifyFinal, rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clean up
|
|
Packit |
8681c6 |
rc = funcs->C_DestroyObject(session, publ_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DestroyObject(session, priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
error:
|
|
Packit |
8681c6 |
loc_rc = funcs->C_DestroyObject(session, publ_key);
|
|
Packit |
8681c6 |
if (loc_rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject, rc=%s.", p11_get_ckr(loc_rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
loc_rc = funcs->C_DestroyObject(session, priv_key);
|
|
Packit |
8681c6 |
if (loc_rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject, rc=%s.", p11_get_ckr(loc_rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
testcase_cleanup:
|
|
Packit |
8681c6 |
testcase_user_logout();
|
|
Packit |
8681c6 |
rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_CloesAllSessions, rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* This function should test:
|
|
Packit |
8681c6 |
* RSA Key Generation, usign CKM_RSA_PKCS_KEY_PAIR_GEN
|
|
Packit |
8681c6 |
* RSA-PSS Sign, mechanism chosen by caller
|
|
Packit |
8681c6 |
* RSA-PSS Verify, mechanism chosen by caller
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* 1. Generate RSA Key Pair
|
|
Packit |
8681c6 |
* 2. Generate message
|
|
Packit |
8681c6 |
* 3. Sign message
|
|
Packit |
8681c6 |
* 4. Verify signature
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
#define MAX_HASH_SIZE 64
|
|
Packit |
8681c6 |
CK_RV do_SignVerifyUpdate_RSAPSS(struct GENERATED_TEST_SUITE_INFO * tsuite)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
unsigned int i; // test vector index
|
|
Packit |
8681c6 |
unsigned int j; // message byte index
|
|
Packit |
8681c6 |
int len;
|
|
Packit |
8681c6 |
CK_BYTE message[MAX_MESSAGE_SIZE];
|
|
Packit |
8681c6 |
CK_BYTE signature[MAX_SIGNATURE_SIZE];
|
|
Packit |
8681c6 |
CK_ULONG message_len, signature_len, data_done;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_MECHANISM mech;
|
|
Packit |
8681c6 |
CK_OBJECT_HANDLE publ_key, priv_key;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE session;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_RV rc, loc_rc;
|
|
Packit |
8681c6 |
CK_RSA_PKCS_PSS_PARAMS pss_params;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
char *s;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// begin testsuite
|
|
Packit |
8681c6 |
testsuite_begin("%s SignUpdate VerifyUpdate.", tsuite->name);
|
|
Packit |
8681c6 |
testcase_rw_session();
|
|
Packit |
8681c6 |
testcase_user_login();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// skip tests if the slot doesn't support this mechanism
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, tsuite->mech.mechanism)) {
|
|
Packit |
8681c6 |
testsuite_skip(tsuite->tvcount,
|
|
Packit |
8681c6 |
"Slot %u doesn't support %s (%u)",
|
|
Packit |
8681c6 |
(unsigned int) slot_id,
|
|
Packit |
8681c6 |
mech_to_str(tsuite->mech.mechanism),
|
|
Packit |
8681c6 |
(unsigned int) tsuite->mech.mechanism);
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// iterate over test vectors
|
|
Packit |
8681c6 |
for (i = 0; i < tsuite->tvcount; i++) {
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get public exponent from test vector
|
|
Packit |
8681c6 |
if (p11_ahex_dump(&s, tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len) == NULL) {
|
|
Packit |
8681c6 |
testcase_error("p11_ahex_dump() failed");
|
|
Packit |
8681c6 |
rc = -1;
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// begin test
|
|
Packit |
8681c6 |
testcase_begin("%s Sign and Verify with test vector %d, "
|
|
Packit |
8681c6 |
"\npubl_exp='%s', mod_bits='%lu', keylen='%lu'.",
|
|
Packit |
8681c6 |
tsuite->name, i, s,
|
|
Packit |
8681c6 |
tsuite->tv[i].modbits, tsuite->tv[i].keylen);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (!keysize_supported(slot_id, tsuite->mech.mechanism,
|
|
Packit |
8681c6 |
tsuite->tv[i].modbits)) {
|
|
Packit |
8681c6 |
testcase_skip("Token in slot %ld cannot be used with "
|
|
Packit |
8681c6 |
"modbits.='%ld'", SLOT_ID, tsuite->tv[i].modbits);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_ep11_token(slot_id)) {
|
|
Packit |
8681c6 |
if (!is_valid_ep11_pubexp(tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len)) {
|
|
Packit |
8681c6 |
testcase_skip("EP11 Token cannot "
|
|
Packit |
8681c6 |
"be used with publ_exp.='%s'", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit Service |
8aa27d |
|
|
Packit Service |
8aa27d |
if (is_cca_token(slot_id)) {
|
|
Packit Service |
8aa27d |
if (!is_valid_cca_pubexp(tsuite->tv[i].publ_exp,
|
|
Packit Service |
8aa27d |
tsuite->tv[i].publ_exp_len)) {
|
|
Packit Service |
8aa27d |
testcase_skip("CCA Token cannot "
|
|
Packit Service |
8aa27d |
"be used with publ_exp='%s'.", s);
|
|
Packit Service |
8aa27d |
continue;
|
|
Packit Service |
8aa27d |
}
|
|
Packit Service |
8aa27d |
}
|
|
Packit Service |
8aa27d |
|
|
Packit |
8681c6 |
// free memory
|
|
Packit |
8681c6 |
free(s);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = CKR_OK; // set rc
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clear buffers
|
|
Packit |
8681c6 |
memset(message, 0, MAX_MESSAGE_SIZE);
|
|
Packit |
8681c6 |
memset(signature, 0, MAX_SIGNATURE_SIZE);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get test vector parameters
|
|
Packit |
8681c6 |
message_len = tsuite->tv[i].inputlen;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// generate key pair
|
|
Packit |
8681c6 |
rc = generate_RSA_PKCS_KeyPair(session,
|
|
Packit |
8681c6 |
tsuite->tv[i].modbits,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].publ_exp_len,
|
|
Packit |
8681c6 |
&publ_key, &priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("generate_RSA_PKCS_KeyPair(), "
|
|
Packit |
8681c6 |
"rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// generate message
|
|
Packit |
8681c6 |
for (j = 0; j < message_len; j++) {
|
|
Packit |
8681c6 |
message[j] = (j + 1) % 255;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// set mechanism for signing the digest
|
|
Packit |
8681c6 |
mech = tsuite->mech;
|
|
Packit |
8681c6 |
pss_params = tsuite->tv[i].pss_params;
|
|
Packit |
8681c6 |
mech.pParameter = &pss_params;
|
|
Packit |
8681c6 |
mech.ulParameterLen = sizeof(CK_RSA_PKCS_PSS_PARAMS);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// initialize Sign (length only)
|
|
Packit |
8681c6 |
rc = funcs->C_SignInit(session, &mech, priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignInit(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// set buffer size
|
|
Packit |
8681c6 |
signature_len = 0;
|
|
Packit |
8681c6 |
data_done = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// do SignUpdate
|
|
Packit |
8681c6 |
if (tsuite->tv[i].num_chunks) {
|
|
Packit |
8681c6 |
CK_BYTE *data_chunk = NULL;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
for (j = 0; j < (unsigned int)tsuite->tv[i].num_chunks; j++) {
|
|
Packit |
8681c6 |
if (tsuite->tv[i].chunks[j] == -1) {
|
|
Packit |
8681c6 |
len = 0;
|
|
Packit |
8681c6 |
data_chunk = NULL;
|
|
Packit |
8681c6 |
} else if (tsuite->tv[i].chunks[j] == 0) {
|
|
Packit |
8681c6 |
len = 0;
|
|
Packit |
8681c6 |
data_chunk = (CK_BYTE *) "";
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
len = tsuite->tv[i].chunks[j];
|
|
Packit |
8681c6 |
data_chunk = message + data_done;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SignUpdate(session, data_chunk, len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignUpdate rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
data_done += len;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
rc = funcs->C_SignUpdate(session, message, message_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignUpdate rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* get the required length */
|
|
Packit |
8681c6 |
testcase_new_assertion();
|
|
Packit |
8681c6 |
rc = funcs->C_SignFinal(session, NULL, &signature_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignFinal(),rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
if (signature_len == (tsuite->tv[i].modbits / 8)) {
|
|
Packit |
8681c6 |
testcase_pass("C_SignFinal set output length.");
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
testcase_fail("C_SignFinal failed to set length: "
|
|
Packit |
8681c6 |
"expected %ld, got %ld.",
|
|
Packit |
8681c6 |
signature_len, tsuite->tv[i].modbits / 8);
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SignFinal(session, signature, &signature_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignFinal(),rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// initialize Verify
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyInit(session, &mech, publ_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_VerifyInit(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// do VerifyUpdate
|
|
Packit |
8681c6 |
data_done = 0;
|
|
Packit |
8681c6 |
if (tsuite->tv[i].num_chunks) {
|
|
Packit |
8681c6 |
CK_BYTE *data_chunk = NULL;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
for (j = 0; j < (unsigned int)tsuite->tv[i].num_chunks; j++) {
|
|
Packit |
8681c6 |
if (tsuite->tv[i].chunks[j] == -1) {
|
|
Packit |
8681c6 |
len = 0;
|
|
Packit |
8681c6 |
data_chunk = NULL;
|
|
Packit |
8681c6 |
} else if (tsuite->tv[i].chunks[j] == 0) {
|
|
Packit |
8681c6 |
len = 0;
|
|
Packit |
8681c6 |
data_chunk = (CK_BYTE *) "";
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
len = tsuite->tv[i].chunks[j];
|
|
Packit |
8681c6 |
data_chunk = message + data_done;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyUpdate(session, data_chunk, len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_VerifyUpdate rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
data_done += len;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyUpdate(session, message, message_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_VerifyUpdate rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyFinal(session, signature, signature_len);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// check results
|
|
Packit |
8681c6 |
testcase_new_assertion();
|
|
Packit |
8681c6 |
if (rc == CKR_OK) {
|
|
Packit |
8681c6 |
testcase_pass("C_VerifyFinal.");
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
testcase_fail("C_VerifyFinal(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clean up
|
|
Packit |
8681c6 |
rc = funcs->C_DestroyObject(session, publ_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_DestroyObject(session, priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
error:
|
|
Packit |
8681c6 |
loc_rc = funcs->C_DestroyObject(session, publ_key);
|
|
Packit |
8681c6 |
if (loc_rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject, rc=%s.", p11_get_ckr(loc_rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
loc_rc = funcs->C_DestroyObject(session, priv_key);
|
|
Packit |
8681c6 |
if (loc_rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject, rc=%s.", p11_get_ckr(loc_rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
testcase_cleanup:
|
|
Packit |
8681c6 |
testcase_user_logout();
|
|
Packit |
8681c6 |
rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_CloesAllSessions, rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* This function should test:
|
|
Packit |
8681c6 |
* C_Verify, mechanism chosen by caller
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* 1. Get message from test vector
|
|
Packit |
8681c6 |
* 2. Get signature from test vector
|
|
Packit |
8681c6 |
* 3. Verify signature
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
CK_RV do_VerifyUpdateRSA(struct PUBLISHED_TEST_SUITE_INFO * tsuite)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
unsigned int i, inc, len, j;
|
|
Packit |
8681c6 |
CK_BYTE actual[MAX_SIGNATURE_SIZE];
|
|
Packit |
8681c6 |
CK_BYTE message[MAX_MESSAGE_SIZE];
|
|
Packit |
8681c6 |
CK_ULONG message_len;
|
|
Packit |
8681c6 |
CK_BYTE signature[MAX_SIGNATURE_SIZE];
|
|
Packit |
8681c6 |
CK_ULONG signature_len;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_MECHANISM mech;
|
|
Packit |
8681c6 |
CK_OBJECT_HANDLE publ_key;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE session;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_RV rc, loc_rc;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
char *s;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// begin testsuite
|
|
Packit |
8681c6 |
testsuite_begin("%s Verify.", tsuite->name);
|
|
Packit |
8681c6 |
testcase_rw_session();
|
|
Packit |
8681c6 |
testcase_user_login();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// skip tests if the slot doesn't support this mechanism
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, tsuite->mech.mechanism)) {
|
|
Packit |
8681c6 |
testsuite_skip(tsuite->tvcount,
|
|
Packit |
8681c6 |
"Slot %u doesn't support %s (%u)",
|
|
Packit |
8681c6 |
(unsigned int) slot_id,
|
|
Packit |
8681c6 |
mech_to_str(tsuite->mech.mechanism),
|
|
Packit |
8681c6 |
(unsigned int) tsuite->mech.mechanism);
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// iterate over test vectors
|
|
Packit |
8681c6 |
for (i = 0; i < tsuite->tvcount; i++) {
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (p11_ahex_dump(&s, tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len) == NULL) {
|
|
Packit |
8681c6 |
testcase_error("p11_ahex_dump() failed");
|
|
Packit |
8681c6 |
rc = -1;
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
testcase_begin("%s Verify with test vector %d.", tsuite->name, i);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// special case for EP11
|
|
Packit |
8681c6 |
// modulus length must be multiple of 128 byte
|
|
Packit |
8681c6 |
// skip test if modulus length has unsuported size
|
|
Packit |
8681c6 |
if (is_ep11_token(slot_id)) {
|
|
Packit |
8681c6 |
if ((tsuite->tv[i].mod_len % 128) != 0) {
|
|
Packit |
8681c6 |
testcase_skip("EP11 Token cannot be used with "
|
|
Packit |
8681c6 |
"this key size (no 128bit granularity).");
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_ep11_token(slot_id)) {
|
|
Packit |
8681c6 |
if (!is_valid_ep11_pubexp(tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len)) {
|
|
Packit |
8681c6 |
testcase_skip("EP11 Token cannot "
|
|
Packit |
8681c6 |
"be used with pub_exp.='%s'", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_tpm_token(slot_id)) {
|
|
Packit |
8681c6 |
if ((!is_valid_tpm_pubexp(tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len)) ||
|
|
Packit |
8681c6 |
(!is_valid_tpm_modbits(tsuite->tv[i].mod_len))) {
|
|
Packit |
8681c6 |
testcase_skip("TPM Token cannot "
|
|
Packit |
8681c6 |
"be used with pub_exp='%s'.", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit Service |
8aa27d |
|
|
Packit Service |
8aa27d |
if (is_cca_token(slot_id)) {
|
|
Packit Service |
8aa27d |
if (!is_valid_cca_pubexp(tsuite->tv[i].pub_exp,
|
|
Packit Service |
8aa27d |
tsuite->tv[i].pubexp_len)) {
|
|
Packit Service |
8aa27d |
testcase_skip("CCA Token cannot "
|
|
Packit Service |
8aa27d |
"be used with publ_exp='%s'.", s);
|
|
Packit Service |
8aa27d |
continue;
|
|
Packit Service |
8aa27d |
}
|
|
Packit Service |
8aa27d |
}
|
|
Packit Service |
8aa27d |
|
|
Packit |
8681c6 |
// free memory
|
|
Packit |
8681c6 |
free(s);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = CKR_OK; // set return value
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clear buffers
|
|
Packit |
8681c6 |
memset(message, 0, MAX_MESSAGE_SIZE);
|
|
Packit |
8681c6 |
memset(signature, 0, MAX_SIGNATURE_SIZE);
|
|
Packit |
8681c6 |
memset(actual, 0, MAX_SIGNATURE_SIZE);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get message
|
|
Packit |
8681c6 |
message_len = tsuite->tv[i].msg_len;
|
|
Packit |
8681c6 |
memcpy(message, tsuite->tv[i].msg, message_len);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get signature
|
|
Packit |
8681c6 |
signature_len = tsuite->tv[i].sig_len;
|
|
Packit |
8681c6 |
memcpy(signature, tsuite->tv[i].sig, signature_len);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// create (public) key handle
|
|
Packit |
8681c6 |
rc = create_RSAPublicKey(session,
|
|
Packit |
8681c6 |
tsuite->tv[i].mod,
|
|
Packit |
8681c6 |
tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].mod_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len, &publ_key);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("create_RSAPublicKey(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// set mechanism
|
|
Packit |
8681c6 |
mech = tsuite->mech;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// initialize verify
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyInit(session, &mech, publ_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_VerifyInit(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// do verify
|
|
Packit |
8681c6 |
len = message_len;
|
|
Packit |
8681c6 |
for (j = 0; len > 0; j += inc) {
|
|
Packit |
8681c6 |
if (len < CHUNK)
|
|
Packit |
8681c6 |
inc = len;
|
|
Packit |
8681c6 |
else
|
|
Packit |
8681c6 |
inc = CHUNK;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyUpdate(session, message + j, inc);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_VerifyUpdate(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
len -= inc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// check result
|
|
Packit |
8681c6 |
testcase_new_assertion();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_VerifyFinal(session, signature, signature_len);
|
|
Packit |
8681c6 |
if (rc == CKR_OK) {
|
|
Packit |
8681c6 |
testcase_pass("C_Verify.");
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
testcase_fail("%s Sign Verify with test vector %d "
|
|
Packit |
8681c6 |
"failed.", tsuite->name, i);
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clean up
|
|
Packit |
8681c6 |
rc = funcs->C_DestroyObject(session, publ_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
error:
|
|
Packit |
8681c6 |
loc_rc = funcs->C_DestroyObject(session, publ_key);
|
|
Packit |
8681c6 |
if (loc_rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject(), rc=%s.", p11_get_ckr(loc_rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
testcase_cleanup:
|
|
Packit |
8681c6 |
testcase_user_logout();
|
|
Packit |
8681c6 |
rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_CloseAllSessions rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* This function should test:
|
|
Packit |
8681c6 |
* C_Sign_Update and C_SignFinal, mechanism chosen by caller
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
* 1. Get message from test vector
|
|
Packit |
8681c6 |
* 2. Get expected signature from test vector
|
|
Packit |
8681c6 |
* 3. Sign message
|
|
Packit |
8681c6 |
* 4. Compare expected signature with actual signature
|
|
Packit |
8681c6 |
*
|
|
Packit |
8681c6 |
*/
|
|
Packit |
8681c6 |
CK_RV do_SignUpdateRSA(struct PUBLISHED_TEST_SUITE_INFO * tsuite)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
unsigned int i, len, j;
|
|
Packit |
8681c6 |
CK_BYTE message[MAX_MESSAGE_SIZE];
|
|
Packit |
8681c6 |
CK_BYTE actual[MAX_SIGNATURE_SIZE];
|
|
Packit |
8681c6 |
CK_BYTE expected[MAX_SIGNATURE_SIZE];
|
|
Packit |
8681c6 |
CK_ULONG message_len, actual_len, expected_len;
|
|
Packit |
8681c6 |
CK_ULONG data_done;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_MECHANISM mech;
|
|
Packit |
8681c6 |
CK_OBJECT_HANDLE priv_key;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_SLOT_ID slot_id = SLOT_ID;
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE session;
|
|
Packit |
8681c6 |
CK_FLAGS flags;
|
|
Packit |
8681c6 |
CK_BYTE user_pin[PKCS11_MAX_PIN_LEN];
|
|
Packit |
8681c6 |
CK_ULONG user_pin_len;
|
|
Packit |
8681c6 |
CK_RV rc, loc_rc;
|
|
Packit |
8681c6 |
char *s;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// begin testsuite
|
|
Packit |
8681c6 |
testsuite_begin("%s Sign. ", tsuite->name);
|
|
Packit |
8681c6 |
testcase_rw_session();
|
|
Packit |
8681c6 |
testcase_user_login();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// skip tests if the slot doesn't support this mechanism **/
|
|
Packit |
8681c6 |
if (!mech_supported(slot_id, tsuite->mech.mechanism)) {
|
|
Packit |
8681c6 |
testsuite_skip(tsuite->tvcount,
|
|
Packit |
8681c6 |
"Slot %u doesn't support %s (%u)",
|
|
Packit |
8681c6 |
(unsigned int) slot_id,
|
|
Packit |
8681c6 |
mech_to_str(tsuite->mech.mechanism),
|
|
Packit |
8681c6 |
(unsigned int) tsuite->mech.mechanism);
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// iterate over test vectors
|
|
Packit |
8681c6 |
for (i = 0; i < tsuite->tvcount; i++) {
|
|
Packit |
8681c6 |
if (p11_ahex_dump(&s, tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len) == NULL) {
|
|
Packit |
8681c6 |
testcase_error("p11_ahex_dump() failed");
|
|
Packit |
8681c6 |
rc = -1;
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
testcase_begin("%s Sign with test vector %d.", tsuite->name, i);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// special case for ica
|
|
Packit |
8681c6 |
// prime1, prime2, exp1, exp2, coef
|
|
Packit |
8681c6 |
// must be size mod_len/2 or smaller
|
|
Packit |
8681c6 |
// skip test if prime1, or prime2, or exp1,
|
|
Packit |
8681c6 |
// or exp2 or coef are too long
|
|
Packit |
8681c6 |
if (is_ica_token(slot_id)) {
|
|
Packit |
8681c6 |
// check sizes
|
|
Packit |
8681c6 |
if ((tsuite->tv[i].prime1_len >
|
|
Packit |
8681c6 |
(tsuite->tv[i].mod_len / 2)) ||
|
|
Packit |
8681c6 |
(tsuite->tv[i].prime2_len >
|
|
Packit |
8681c6 |
(tsuite->tv[i].mod_len / 2)) ||
|
|
Packit |
8681c6 |
(tsuite->tv[i].exp1_len >
|
|
Packit |
8681c6 |
(tsuite->tv[i].mod_len / 2)) ||
|
|
Packit |
8681c6 |
(tsuite->tv[i].exp2_len >
|
|
Packit |
8681c6 |
(tsuite->tv[i].mod_len / 2)) ||
|
|
Packit |
8681c6 |
(tsuite->tv[i].coef_len > (tsuite->tv[i].mod_len / 2))) {
|
|
Packit |
8681c6 |
testcase_skip("ICA Token cannot be used with "
|
|
Packit |
8681c6 |
"this test vector.");
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// special case for EP11
|
|
Packit |
8681c6 |
// modulus length must be multiple of 128 byte
|
|
Packit |
8681c6 |
// skip test if modulus length has unsuported size
|
|
Packit |
8681c6 |
if (is_ep11_token(slot_id)) {
|
|
Packit |
8681c6 |
if ((tsuite->tv[i].mod_len % 128) != 0) {
|
|
Packit |
8681c6 |
testcase_skip("EP11 Token cannot be used with "
|
|
Packit |
8681c6 |
"this key size (no 128bit granularity).");
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_ep11_token(slot_id)) {
|
|
Packit |
8681c6 |
if (!is_valid_ep11_pubexp(tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len)) {
|
|
Packit |
8681c6 |
testcase_skip("EP11 Token cannot "
|
|
Packit |
8681c6 |
"be used with publ_exp.='%s'", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (is_tpm_token(slot_id)) {
|
|
Packit |
8681c6 |
if ((!is_valid_tpm_pubexp(tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len)) ||
|
|
Packit |
8681c6 |
(!is_valid_tpm_modbits(tsuite->tv[i].mod_len))) {
|
|
Packit |
8681c6 |
testcase_skip("TPM Token cannot "
|
|
Packit |
8681c6 |
"be used with pub_exp='%s'.", s);
|
|
Packit |
8681c6 |
continue;
|
|
Packit Service |
8aa27d |
}
|
|
Packit Service |
8aa27d |
}
|
|
Packit Service |
8aa27d |
|
|
Packit Service |
8aa27d |
if (is_cca_token(slot_id)) {
|
|
Packit Service |
8aa27d |
if (!is_valid_cca_pubexp(tsuite->tv[i].pub_exp,
|
|
Packit Service |
8aa27d |
tsuite->tv[i].pubexp_len)) {
|
|
Packit Service |
8aa27d |
testcase_skip("CCA Token cannot "
|
|
Packit Service |
8aa27d |
"be used with publ_exp='%s'.", s);
|
|
Packit Service |
8aa27d |
continue;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
free(s);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = CKR_OK; // set return value
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clear buffers
|
|
Packit |
8681c6 |
memset(message, 0, MAX_MESSAGE_SIZE);
|
|
Packit |
8681c6 |
memset(actual, 0, MAX_SIGNATURE_SIZE);
|
|
Packit |
8681c6 |
memset(expected, 0, MAX_SIGNATURE_SIZE);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
actual_len = 0; // get this from opencryptoki
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
data_done = 0;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get message
|
|
Packit |
8681c6 |
message_len = tsuite->tv[i].msg_len;
|
|
Packit |
8681c6 |
memcpy(message, tsuite->tv[i].msg, message_len);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// get (expected) signature
|
|
Packit |
8681c6 |
expected_len = tsuite->tv[i].sig_len;
|
|
Packit |
8681c6 |
memcpy(expected, tsuite->tv[i].sig, expected_len);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// create (private) key handle
|
|
Packit |
8681c6 |
rc = create_RSAPrivateKey(session,
|
|
Packit |
8681c6 |
tsuite->tv[i].mod,
|
|
Packit |
8681c6 |
tsuite->tv[i].pub_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].priv_exp,
|
|
Packit |
8681c6 |
tsuite->tv[i].prime1,
|
|
Packit |
8681c6 |
tsuite->tv[i].prime2,
|
|
Packit |
8681c6 |
tsuite->tv[i].exp1,
|
|
Packit |
8681c6 |
tsuite->tv[i].exp2,
|
|
Packit |
8681c6 |
tsuite->tv[i].coef,
|
|
Packit |
8681c6 |
tsuite->tv[i].mod_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].pubexp_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].privexp_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].prime1_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].prime2_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].exp1_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].exp2_len,
|
|
Packit |
8681c6 |
tsuite->tv[i].coef_len, &priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("create_RSAPrivateKey(), rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// set mechanism
|
|
Packit |
8681c6 |
mech = tsuite->mech;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// initialize signing
|
|
Packit |
8681c6 |
rc = funcs->C_SignInit(session, &mech, priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignInit(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// do signing
|
|
Packit |
8681c6 |
if (tsuite->tv[i].num_chunks) {
|
|
Packit |
8681c6 |
CK_BYTE *data_chunk = NULL;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
for (j = 0; j < (unsigned int)tsuite->tv[i].num_chunks; j++) {
|
|
Packit |
8681c6 |
if (tsuite->tv[i].chunks[j] == -1) {
|
|
Packit |
8681c6 |
len = 0;
|
|
Packit |
8681c6 |
data_chunk = NULL;
|
|
Packit |
8681c6 |
} else if (tsuite->tv[i].chunks[j] == 0) {
|
|
Packit |
8681c6 |
len = 0;
|
|
Packit |
8681c6 |
data_chunk = (CK_BYTE *) "";
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
len = tsuite->tv[i].chunks[j];
|
|
Packit |
8681c6 |
data_chunk = message + data_done;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SignUpdate(session, data_chunk, len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignUpdate rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
data_done += len;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
rc = funcs->C_SignUpdate(session, message, message_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignUpdate rc=%s", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
/* get the required length */
|
|
Packit |
8681c6 |
testcase_new_assertion();
|
|
Packit |
8681c6 |
rc = funcs->C_SignFinal(session, NULL, &actual_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignFinal(),rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
if (actual_len == tsuite->tv[i].mod_len) {
|
|
Packit |
8681c6 |
testcase_pass("C_SignFinal set output length.");
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
testcase_fail("C_SignFinal failed to set length: "
|
|
Packit |
8681c6 |
"expected %ld, got %ld.",
|
|
Packit |
8681c6 |
actual_len, tsuite->tv[i].mod_len);
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_SignFinal(session, actual, &actual_len);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_SignFinal(),rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto error;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
// check results
|
|
Packit |
8681c6 |
testcase_new_assertion();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
if (actual_len != expected_len) {
|
|
Packit |
8681c6 |
testcase_fail("%s Sign with test vector %d failed. "
|
|
Packit |
8681c6 |
"Expected len=%ld, found len=%ld.",
|
|
Packit |
8681c6 |
tsuite->name, i, expected_len, actual_len);
|
|
Packit |
8681c6 |
} else if (memcmp(actual, expected, expected_len)) {
|
|
Packit |
8681c6 |
testcase_fail("%s Sign with test vector %d failed. "
|
|
Packit |
8681c6 |
"Signature data does not match test vector "
|
|
Packit |
8681c6 |
"signature.", tsuite->name, i);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
} else {
|
|
Packit |
8681c6 |
testcase_pass("C_Sign.");
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// clean up
|
|
Packit |
8681c6 |
rc = funcs->C_DestroyObject(session, priv_key);
|
|
Packit |
8681c6 |
if (rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject(), rc=%s.", p11_get_ckr(rc));
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
goto testcase_cleanup;
|
|
Packit |
8681c6 |
error:
|
|
Packit |
8681c6 |
loc_rc = funcs->C_DestroyObject(session, priv_key);
|
|
Packit |
8681c6 |
if (loc_rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_DestroyObject, rc=%s.", p11_get_ckr(loc_rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
testcase_cleanup:
|
|
Packit |
8681c6 |
testcase_user_logout();
|
|
Packit |
8681c6 |
loc_rc = funcs->C_CloseAllSessions(slot_id);
|
|
Packit |
8681c6 |
if (loc_rc != CKR_OK) {
|
|
Packit |
8681c6 |
testcase_error("C_CloseAllSessions, rc=%s.", p11_get_ckr(loc_rc));
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
CK_RV rsa_funcs()
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
unsigned int i;
|
|
Packit |
8681c6 |
CK_RV rv = CKR_OK;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// published (known answer) tests
|
|
Packit |
8681c6 |
for (i = 0; i < NUM_OF_PUBLISHED_TESTSUITES; i++) {
|
|
Packit |
8681c6 |
rv = do_SignUpdateRSA(&published_test_suites[i]);
|
|
Packit |
8681c6 |
if (rv != CKR_OK && (!no_stop))
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
for (i = 0; i < NUM_OF_PUBLISHED_TESTSUITES; i++) {
|
|
Packit |
8681c6 |
rv = do_VerifyUpdateRSA(&published_test_suites[i]);
|
|
Packit |
8681c6 |
if (rv != CKR_OK && (!no_stop))
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
// generated sign verify tests
|
|
Packit |
8681c6 |
for (i = 0; i < NUM_OF_GENERATED_SIGVER_UPDATE_TESTSUITES; i++) {
|
|
Packit |
8681c6 |
rv = do_SignVerifyUpdateRSA(&generated_sigver_update_test_suites[i]);
|
|
Packit |
8681c6 |
if (rv != CKR_OK && (!no_stop))
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
for (i = 0; i < NUM_OF_GENERATED_PSS_UPDATE_TESTSUITES; i++) {
|
|
Packit |
8681c6 |
rv = do_SignVerifyUpdate_RSAPSS(&generated_pss_update_test_suites[i]);
|
|
Packit |
8681c6 |
if (rv != CKR_OK && (!no_stop))
|
|
Packit |
8681c6 |
break;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rv;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
int main(int argc, char **argv)
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
int rc;
|
|
Packit |
8681c6 |
CK_C_INITIALIZE_ARGS cinit_args;
|
|
Packit |
8681c6 |
CK_RV rv;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = do_ParseArgs(argc, argv);
|
|
Packit |
8681c6 |
if (rc != 1) {
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
printf("Using slot #%lu...\n\n", SLOT_ID);
|
|
Packit |
8681c6 |
printf("With option: no_stop: %d\n", no_stop);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = do_GetFunctionList();
|
|
Packit |
8681c6 |
if (!rc) {
|
|
Packit |
8681c6 |
PRINT_ERR("ERROR do_GetFunctionList() Failed, rx = 0x%0x\n", rc);
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
memset(&cinit_args, 0x0, sizeof(cinit_args));
|
|
Packit |
8681c6 |
cinit_args.flags = CKF_OS_LOCKING_OK;
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
funcs->C_Initialize(&cinit_args);
|
|
Packit |
8681c6 |
{
|
|
Packit |
8681c6 |
CK_SESSION_HANDLE hsess = 0;
|
|
Packit |
8681c6 |
rc = funcs->C_GetFunctionStatus(hsess);
|
|
Packit |
8681c6 |
if (rc != CKR_FUNCTION_NOT_PARALLEL) {
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
rc = funcs->C_CancelFunction(hsess);
|
|
Packit |
8681c6 |
if (rc != CKR_FUNCTION_NOT_PARALLEL) {
|
|
Packit |
8681c6 |
return rc;
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
}
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
testcase_setup(0);
|
|
Packit |
8681c6 |
rv = rsa_funcs();
|
|
Packit |
8681c6 |
testcase_print_result();
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
funcs->C_Finalize(NULL);
|
|
Packit |
8681c6 |
|
|
Packit |
8681c6 |
return rv;
|
|
Packit |
8681c6 |
}
|