|
Packit Service |
3749ba |
/*
|
|
Packit Service |
3749ba |
* Copyright (c) 2012 Red Hat Inc.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* Redistribution and use in source and binary forms, with or without
|
|
Packit Service |
3749ba |
* modification, are permitted provided that the following conditions
|
|
Packit Service |
3749ba |
* are met:
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* * Redistributions of source code must retain the above
|
|
Packit Service |
3749ba |
* copyright notice, this list of conditions and the
|
|
Packit Service |
3749ba |
* following disclaimer.
|
|
Packit Service |
3749ba |
* * Redistributions in binary form must reproduce the
|
|
Packit Service |
3749ba |
* above copyright notice, this list of conditions and
|
|
Packit Service |
3749ba |
* the following disclaimer in the documentation and/or
|
|
Packit Service |
3749ba |
* other materials provided with the distribution.
|
|
Packit Service |
3749ba |
* * The names of contributors to this software may not be
|
|
Packit Service |
3749ba |
* used to endorse or promote products derived from this
|
|
Packit Service |
3749ba |
* software without specific prior written permission.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
Packit Service |
3749ba |
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
Packit Service |
3749ba |
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
Packit Service |
3749ba |
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
Packit Service |
3749ba |
* COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
|
|
Packit Service |
3749ba |
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
|
Packit Service |
3749ba |
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
|
|
Packit Service |
3749ba |
* OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
|
Packit Service |
3749ba |
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
|
|
Packit Service |
3749ba |
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
|
|
Packit Service |
3749ba |
* THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
|
|
Packit Service |
3749ba |
* DAMAGE.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* Author: Stef Walter <stefw@gnome.org>
|
|
Packit Service |
3749ba |
*/
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#define CRYPTOKI_EXPORTS
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#include "config.h"
|
|
Packit Service |
3749ba |
#include "test.h"
|
|
Packit Service |
3749ba |
#include "test-trust.h"
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#include <stdlib.h>
|
|
Packit Service |
3749ba |
#include <stdio.h>
|
|
Packit Service |
3749ba |
#include <string.h>
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#include "attrs.h"
|
|
Packit Service |
3749ba |
#include "digest.h"
|
|
Packit Service |
3749ba |
#include "library.h"
|
|
Packit Service |
3749ba |
#include "path.h"
|
|
Packit Service |
3749ba |
#include "parser.h"
|
|
Packit Service |
3749ba |
#include "pkcs11x.h"
|
|
Packit Service |
3749ba |
#include "token.h"
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
#include <assert.h>
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/*
|
|
Packit Service |
3749ba |
* This is the number of input paths. Should match the
|
|
Packit Service |
3749ba |
* paths below near :
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* paths='%s'
|
|
Packit Service |
3749ba |
*/
|
|
Packit Service |
3749ba |
#define NUM_SLOTS 3
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static CK_OBJECT_CLASS data = CKO_DATA;
|
|
Packit Service |
3749ba |
static CK_BBOOL vtrue = CK_TRUE;
|
|
Packit Service |
3749ba |
static CK_BBOOL vfalse = CK_FALSE;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
struct {
|
|
Packit Service |
3749ba |
CK_FUNCTION_LIST *module;
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[NUM_SLOTS];
|
|
Packit Service |
3749ba |
char *directory;
|
|
Packit Service |
3749ba |
p11_asn1_cache *cache;
|
|
Packit Service |
3749ba |
p11_parser *parser;
|
|
Packit Service |
3749ba |
char *unreadable;
|
|
Packit Service |
3749ba |
} test;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
setup (void *unused)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_C_INITIALIZE_ARGS args;
|
|
Packit Service |
3749ba |
const char *paths;
|
|
Packit Service |
3749ba |
char *arguments;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&test, 0, sizeof (test));
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is the entry point of the trust module, linked to this test */
|
|
Packit Service |
3749ba |
rv = C_GetFunctionList (&test.module);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&args, 0, sizeof (args));
|
|
Packit Service |
3749ba |
paths = SRCDIR "/trust/input" P11_PATH_SEP \
|
|
Packit Service |
3749ba |
SRCDIR "/trust/fixtures/self-signed-with-ku.der" P11_PATH_SEP \
|
|
Packit Service |
3749ba |
SRCDIR "/trust/fixtures/thawte.pem";
|
|
Packit Service |
3749ba |
if (asprintf (&arguments, "paths='%s'", paths) < 0)
|
|
Packit Service |
3749ba |
assert (false && "not reached");
|
|
Packit Service |
3749ba |
args.pReserved = arguments;
|
|
Packit Service |
3749ba |
args.flags = CKF_OS_LOCKING_OK;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_Initialize (&args);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
free (arguments);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
assert (count == NUM_SLOTS);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
teardown (void *unused)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (test.parser)
|
|
Packit Service |
3749ba |
p11_parser_free (test.parser);
|
|
Packit Service |
3749ba |
p11_asn1_cache_free (test.cache);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_Finalize (NULL);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (test.unreadable)
|
|
Packit Service |
3749ba |
chmod (test.unreadable, 0644);
|
|
Packit Service |
3749ba |
free (test.unreadable);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
if (test.directory)
|
|
Packit Service |
3749ba |
p11_test_directory_delete (test.directory);
|
|
Packit Service |
3749ba |
free (test.directory);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&test, 0, sizeof (test));
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
setup_writable (void *unused)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_C_INITIALIZE_ARGS args;
|
|
Packit Service |
3749ba |
char *arguments;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&test, 0, sizeof (test));
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is the entry point of the trust module, linked to this test */
|
|
Packit Service |
3749ba |
rv = C_GetFunctionList (&test.module);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test.directory = p11_test_directory ("test-module");
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&args, 0, sizeof (args));
|
|
Packit Service |
3749ba |
if (asprintf (&arguments, "paths='%s'", test.directory) < 0)
|
|
Packit Service |
3749ba |
assert (false && "not reached");
|
|
Packit Service |
3749ba |
args.pReserved = arguments;
|
|
Packit Service |
3749ba |
args.flags = CKF_OS_LOCKING_OK;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_Initialize (&args);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
free (arguments);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = 1;
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
assert_num_eq (count, 1);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test.cache = p11_asn1_cache_new ();
|
|
Packit Service |
3749ba |
test.parser = p11_parser_new (test.cache);
|
|
Packit Service |
3749ba |
p11_parser_formats (test.parser, p11_parser_format_persist, NULL);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is similar to setup(), but it adds an unreadable content in
|
|
Packit Service |
3749ba |
* the anchor directory. */
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
setup_unreadable (void *unused)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_C_INITIALIZE_ARGS args;
|
|
Packit Service |
3749ba |
const char *paths;
|
|
Packit Service |
3749ba |
char *p, *anchors;
|
|
Packit Service |
3749ba |
FILE *f, *ff;
|
|
Packit Service |
3749ba |
char buffer[4096];
|
|
Packit Service |
3749ba |
char *arguments;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&test, 0, sizeof (test));
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is the entry point of the trust module, linked to this test */
|
|
Packit Service |
3749ba |
rv = C_GetFunctionList (&test.module);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test.directory = p11_test_directory ("test-module");
|
|
Packit Service |
3749ba |
anchors = p11_path_build (test.directory, "anchors", NULL);
|
|
Packit Service |
3749ba |
#ifdef OS_UNIX
|
|
Packit Service |
3749ba |
if (mkdir (anchors, S_IRWXU) < 0)
|
|
Packit Service |
3749ba |
#else
|
|
Packit Service |
3749ba |
if (mkdir (anchors) < 0)
|
|
Packit Service |
3749ba |
#endif
|
|
Packit Service |
3749ba |
assert_fail ("mkdir()", anchors);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test.unreadable = p11_path_build (anchors, "unreadable", NULL);
|
|
Packit Service |
3749ba |
f = fopen (test.unreadable, "w");
|
|
Packit Service |
3749ba |
fwrite ("foo", 3, 1, f);
|
|
Packit Service |
3749ba |
fclose (f);
|
|
Packit Service |
3749ba |
chmod (test.unreadable, 0);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p = p11_path_build (anchors, "thawte", NULL);
|
|
Packit Service |
3749ba |
ff = fopen (p, "w");
|
|
Packit Service |
3749ba |
f = fopen (SRCDIR "/trust/fixtures/thawte.pem", "r");
|
|
Packit Service |
3749ba |
while (!feof (f)) {
|
|
Packit Service |
3749ba |
size_t size;
|
|
Packit Service |
3749ba |
size = fread (buffer, 1, sizeof (buffer), f);
|
|
Packit Service |
3749ba |
if (ferror (f))
|
|
Packit Service |
3749ba |
assert_fail ("fread()",
|
|
Packit Service |
3749ba |
SRCDIR "/trust/fixtures/thawte.pem");
|
|
Packit Service |
3749ba |
fwrite (buffer, 1, size, ff);
|
|
Packit Service |
3749ba |
if (ferror (ff))
|
|
Packit Service |
3749ba |
assert_fail ("write()", p);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
free (p);
|
|
Packit Service |
3749ba |
fclose (ff);
|
|
Packit Service |
3749ba |
fclose (f);
|
|
Packit Service |
3749ba |
free (anchors);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&args, 0, sizeof (args));
|
|
Packit Service |
3749ba |
paths = SRCDIR "/trust/input" P11_PATH_SEP \
|
|
Packit Service |
3749ba |
SRCDIR "/trust/fixtures/self-signed-with-ku.der";
|
|
Packit Service |
3749ba |
if (asprintf (&arguments, "paths='%s%c%s'",
|
|
Packit Service |
3749ba |
paths, P11_PATH_SEP_C, test.directory) < 0)
|
|
Packit Service |
3749ba |
assert (false && "not reached");
|
|
Packit Service |
3749ba |
args.pReserved = arguments;
|
|
Packit Service |
3749ba |
args.flags = CKF_OS_LOCKING_OK;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_Initialize (&args);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
free (arguments);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
assert (count == NUM_SLOTS);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_get_slot_list (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[NUM_SLOTS];
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (TRUE, NULL, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (NUM_SLOTS, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = 1;
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_BUFFER_TOO_SMALL, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (NUM_SLOTS, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
memset (slots, 0, sizeof (slots));
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (NUM_SLOTS, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < NUM_SLOTS; i++)
|
|
Packit Service |
3749ba |
assert (slots[i] != 0);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_null_initialize (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_FUNCTION_LIST *module;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is the entry point of the trust module, linked to this test */
|
|
Packit Service |
3749ba |
rv = C_GetFunctionList (&module);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Initialize (NULL);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Finalize (NULL);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_multi_initialize (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
static CK_C_INITIALIZE_ARGS args =
|
|
Packit Service |
3749ba |
{ NULL, NULL, NULL, NULL, CKF_OS_LOCKING_OK, NULL, };
|
|
Packit Service |
3749ba |
CK_FUNCTION_LIST *module;
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[8];
|
|
Packit Service |
3749ba |
CK_SESSION_INFO info;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is the entry point of the trust module, linked to this test */
|
|
Packit Service |
3749ba |
rv = C_GetFunctionList (&module);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
args.pReserved = "paths='" SYSCONFDIR "/trust/input'";
|
|
Packit Service |
3749ba |
rv = module->C_Initialize (&args);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = 8;
|
|
Packit Service |
3749ba |
rv = module->C_GetSlotList (CK_TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
assert_num_cmp (count, ==, 1);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_OpenSession (slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_GetSessionInfo (session, &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
assert_num_eq (info.slotID, slots[0]);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Initialize (&args);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_GetSessionInfo (session, &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
assert_num_eq (info.slotID, slots[0]);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Finalize (NULL);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Finalize (NULL);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Finalize (NULL);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_CRYPTOKI_NOT_INITIALIZED, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_get_slot_info (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[NUM_SLOTS];
|
|
Packit Service |
3749ba |
CK_SLOT_INFO info;
|
|
Packit Service |
3749ba |
char description[64];
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
size_t length;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* These are the paths passed in in setup() */
|
|
Packit Service |
3749ba |
const char *paths[] = {
|
|
Packit Service |
3749ba |
SRCDIR "/trust/input",
|
|
Packit Service |
3749ba |
SRCDIR "/trust/fixtures/self-signed-with-ku.der",
|
|
Packit Service |
3749ba |
SRCDIR "/trust/fixtures/thawte.pem"
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (NUM_SLOTS, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < NUM_SLOTS; i++) {
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotInfo (slots[i], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (description, ' ', sizeof (description));
|
|
Packit Service |
3749ba |
length = strlen(paths[i]);
|
|
Packit Service |
3749ba |
if (length > sizeof (description))
|
|
Packit Service |
3749ba |
length = sizeof (description);
|
|
Packit Service |
3749ba |
memcpy (description, paths[i], length);
|
|
Packit Service |
3749ba |
assert (memcmp (info.slotDescription, description, sizeof (description)) == 0);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_get_token_info (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_C_INITIALIZE_ARGS args;
|
|
Packit Service |
3749ba |
CK_FUNCTION_LIST *module;
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[NUM_SLOTS];
|
|
Packit Service |
3749ba |
CK_TOKEN_INFO info;
|
|
Packit Service |
3749ba |
char label[32];
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* These are the paths passed in in setup() */
|
|
Packit Service |
3749ba |
const char *labels[] = {
|
|
Packit Service |
3749ba |
"System Trust",
|
|
Packit Service |
3749ba |
"Default Trust",
|
|
Packit Service |
3749ba |
"the-basename",
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is the entry point of the trust module, linked to this test */
|
|
Packit Service |
3749ba |
rv = C_GetFunctionList (&module);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&args, 0, sizeof (args));
|
|
Packit Service |
3749ba |
args.pReserved = "paths='" \
|
|
Packit Service |
3749ba |
P11_SYSTEM_TRUST_PREFIX "/trust/input" P11_PATH_SEP \
|
|
Packit Service |
3749ba |
P11_DEFAULT_TRUST_PREFIX "/trust/fixtures/blah" P11_PATH_SEP \
|
|
Packit Service |
3749ba |
"/some/other/path/the-basename'";
|
|
Packit Service |
3749ba |
args.flags = CKF_OS_LOCKING_OK;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Initialize (&args);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
rv = module->C_GetSlotList (CK_TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
assert (count == NUM_SLOTS);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < NUM_SLOTS; i++) {
|
|
Packit Service |
3749ba |
rv = module->C_GetTokenInfo (slots[i], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (label, ' ', sizeof (label));
|
|
Packit Service |
3749ba |
memcpy (label, labels[i], strlen (labels[i]));
|
|
Packit Service |
3749ba |
assert (memcmp (info.label, label, sizeof (label)) == 0);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Finalize (NULL);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_get_session_info (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[NUM_SLOTS];
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE sessions[NUM_SLOTS];
|
|
Packit Service |
3749ba |
CK_SESSION_INFO info;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (NUM_SLOTS, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Open two sessions with each token */
|
|
Packit Service |
3749ba |
for (i = 0; i < NUM_SLOTS; i++) {
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i]);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSessionInfo (sessions[i], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
assert_num_eq (slots[i], info.slotID);
|
|
Packit Service |
3749ba |
assert_num_eq (CKF_SERIAL_SESSION, info.flags);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_close_all_sessions (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[NUM_SLOTS];
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE sessions[NUM_SLOTS][2];
|
|
Packit Service |
3749ba |
CK_SESSION_INFO info;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSlotList (TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (NUM_SLOTS, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Open two sessions with each token */
|
|
Packit Service |
3749ba |
for (i = 0; i < NUM_SLOTS; i++) {
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i][0]);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSessionInfo (sessions[i][0], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i][1]);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSessionInfo (sessions[i][0], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Close all the sessions on the first token */
|
|
Packit Service |
3749ba |
rv = test.module->C_CloseAllSessions (slots[0]);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Those sessions should be closed */
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSessionInfo (sessions[0][0], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_SESSION_HANDLE_INVALID, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSessionInfo (sessions[0][1], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_SESSION_HANDLE_INVALID, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Other sessions should still be open */
|
|
Packit Service |
3749ba |
for (i = 1; i < NUM_SLOTS; i++) {
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSessionInfo (sessions[i][0], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_GetSessionInfo (sessions[i][0], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static CK_ULONG
|
|
Packit Service |
3749ba |
find_objects (CK_ATTRIBUTE *match,
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE *sessions,
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE *objects,
|
|
Packit Service |
3749ba |
CK_ULONG max_objects)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
CK_ULONG found;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
int i, j;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
found = 0;
|
|
Packit Service |
3749ba |
for (i = 0; i < NUM_SLOTS; i++) {
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[i], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, match, p11_attrs_count (match));
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, objects + found, max_objects - found, &count);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (j = found ; j < found + count; j++)
|
|
Packit Service |
3749ba |
sessions[j] = session;
|
|
Packit Service |
3749ba |
found += count;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
assert (found < max_objects);
|
|
Packit Service |
3749ba |
return found;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
check_trust_object_equiv (CK_SESSION_HANDLE session,
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE trust,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *cert)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
unsigned char subject[1024];
|
|
Packit Service |
3749ba |
unsigned char issuer[1024];
|
|
Packit Service |
3749ba |
unsigned char serial[128];
|
|
Packit Service |
3749ba |
CK_BBOOL private;
|
|
Packit Service |
3749ba |
CK_BBOOL token;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* The following attributes should be equivalent to the certificate */
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE equiv[] = {
|
|
Packit Service |
3749ba |
{ CKA_TOKEN, &token, sizeof (token) },
|
|
Packit Service |
3749ba |
{ CKA_PRIVATE, &private, sizeof (private) },
|
|
Packit Service |
3749ba |
{ CKA_ISSUER, issuer, sizeof (issuer) },
|
|
Packit Service |
3749ba |
{ CKA_SUBJECT, subject, sizeof (subject) },
|
|
Packit Service |
3749ba |
{ CKA_SERIAL_NUMBER, serial, sizeof (serial) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, },
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetAttributeValue (session, trust, equiv, 5);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test_check_attrs (equiv, cert);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
check_trust_object_hashes (CK_SESSION_HANDLE session,
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE trust,
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *cert)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
unsigned char sha1[P11_DIGEST_SHA1_LEN];
|
|
Packit Service |
3749ba |
unsigned char md5[P11_DIGEST_MD5_LEN];
|
|
Packit Service |
3749ba |
unsigned char check[128];
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *value;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE hashes[] = {
|
|
Packit Service |
3749ba |
{ CKA_CERT_SHA1_HASH, sha1, sizeof (sha1) },
|
|
Packit Service |
3749ba |
{ CKA_CERT_MD5_HASH, md5, sizeof (md5) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, },
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetAttributeValue (session, trust, hashes, 2);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
value = p11_attrs_find_valid (cert, CKA_VALUE);
|
|
Packit Service |
3749ba |
assert_ptr_not_null (value);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_digest_md5 (check, value->pValue, value->ulValueLen, NULL);
|
|
Packit Service |
3749ba |
assert (memcmp (md5, check, sizeof (md5)) == 0);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_digest_sha1 (check, value->pValue, value->ulValueLen, NULL);
|
|
Packit Service |
3749ba |
assert (memcmp (sha1, check, sizeof (sha1)) == 0);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
check_has_trust_object (CK_ATTRIBUTE *cert)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS trust_object = CKO_NSS_TRUST;
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE klass = { CKA_CLASS, &trust_object, sizeof (trust_object) };
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE objects[2];
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE sessions[2];
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *match;
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE *attr;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
attr = p11_attrs_find_valid (cert, CKA_ID);
|
|
Packit Service |
3749ba |
assert_ptr_not_null (attr);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
match = p11_attrs_build (NULL, &klass, attr, NULL);
|
|
Packit Service |
3749ba |
count = find_objects (match, sessions, objects, 2);
|
|
Packit Service |
3749ba |
assert_num_eq (1, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
check_trust_object_equiv (sessions[0], objects[0], cert);
|
|
Packit Service |
3749ba |
check_trust_object_hashes (sessions[0], objects[0], cert);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_attrs_free (match);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
check_certificate (CK_SESSION_HANDLE session,
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
unsigned char label[4096]= { 0, };
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass;
|
|
Packit Service |
3749ba |
unsigned char value[4096];
|
|
Packit Service |
3749ba |
unsigned char subject[1024];
|
|
Packit Service |
3749ba |
unsigned char issuer[1024];
|
|
Packit Service |
3749ba |
unsigned char serial[128];
|
|
Packit Service |
3749ba |
unsigned char id[128];
|
|
Packit Service |
3749ba |
CK_CERTIFICATE_TYPE type;
|
|
Packit Service |
3749ba |
CK_BYTE check[3];
|
|
Packit Service |
3749ba |
CK_DATE start;
|
|
Packit Service |
3749ba |
CK_DATE end;
|
|
Packit Service |
3749ba |
CK_ULONG category;
|
|
Packit Service |
3749ba |
CK_BBOOL private;
|
|
Packit Service |
3749ba |
CK_BBOOL token;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE attrs[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &klass, sizeof (klass) },
|
|
Packit Service |
3749ba |
{ CKA_TOKEN, &token, sizeof (token) },
|
|
Packit Service |
3749ba |
{ CKA_PRIVATE, &private, sizeof (private) },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, value, sizeof (value) },
|
|
Packit Service |
3749ba |
{ CKA_ISSUER, issuer, sizeof (issuer) },
|
|
Packit Service |
3749ba |
{ CKA_SUBJECT, subject, sizeof (subject) },
|
|
Packit Service |
3749ba |
{ CKA_CERTIFICATE_TYPE, &type, sizeof (type) },
|
|
Packit Service |
3749ba |
{ CKA_CERTIFICATE_CATEGORY, &category, sizeof (category) },
|
|
Packit Service |
3749ba |
{ CKA_START_DATE, &start, sizeof (start) },
|
|
Packit Service |
3749ba |
{ CKA_END_DATE, &end, sizeof (end) },
|
|
Packit Service |
3749ba |
{ CKA_SERIAL_NUMBER, serial, sizeof (serial) },
|
|
Packit Service |
3749ba |
{ CKA_CHECK_VALUE, check, sizeof (check) },
|
|
Packit Service |
3749ba |
{ CKA_ID, id, sizeof (id) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, label, sizeof (label) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, },
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Note that we don't pass the CKA_INVALID attribute in */
|
|
Packit Service |
3749ba |
rv = test.module->C_GetAttributeValue (session, handle, attrs, 14);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* If this is the cacert3 certificate, check its values */
|
|
Packit Service |
3749ba |
if (memcmp (value, test_cacert3_ca_der, sizeof (test_cacert3_ca_der)) == 0) {
|
|
Packit Service |
3749ba |
CK_BBOOL trusted;
|
|
Packit Service |
3749ba |
CK_BBOOL vtrue = CK_TRUE;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE anchor[] = {
|
|
Packit Service |
3749ba |
{ CKA_TRUSTED, &trusted, sizeof (trusted) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, },
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE check[] = {
|
|
Packit Service |
3749ba |
{ CKA_TRUSTED, &vtrue, sizeof (vtrue) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, },
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test_check_cacert3_ca (attrs, NULL);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Get anchor specific attributes */
|
|
Packit Service |
3749ba |
rv = test.module->C_GetAttributeValue (session, handle, anchor, 1);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* It lives in the trusted directory */
|
|
Packit Service |
3749ba |
test_check_attrs (check, anchor);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Other certificates, we can't check the values */
|
|
Packit Service |
3749ba |
} else {
|
|
Packit Service |
3749ba |
test_check_object (attrs, CKO_CERTIFICATE, NULL);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
check_has_trust_object (attrs);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_find_certificates (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass = CKO_CERTIFICATE;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE match[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &klass, sizeof (klass) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE objects[16];
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE sessions[16];
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_ULONG i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = find_objects (match, sessions, objects, 16);
|
|
Packit Service |
3749ba |
assert_num_eq (9, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < count; i++)
|
|
Packit Service |
3749ba |
check_certificate (sessions[i], objects[i]);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_find_extensions (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass = CKO_X_CERTIFICATE_EXTENSION;
|
|
Packit Service |
3749ba |
unsigned char spki[] = {
|
|
Packit Service |
3749ba |
0x30, 0x81, 0x9f, 0x30, 0x0d, 0x06, 0x09, 0x2a,
|
|
Packit Service |
3749ba |
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
|
|
Packit Service |
3749ba |
0x05, 0x00, 0x03, 0x81, 0x8d, 0x00, 0x30, 0x81,
|
|
Packit Service |
3749ba |
0x89, 0x02, 0x81, 0x81, 0x00, 0xd1, 0xb5, 0x36,
|
|
Packit Service |
3749ba |
0xa3, 0x89, 0xee, 0xaa, 0x80, 0x2f, 0x53, 0xfd,
|
|
Packit Service |
3749ba |
0x12, 0x75, 0x3e, 0xf3, 0x7a, 0x9e, 0xd6, 0xaf,
|
|
Packit Service |
3749ba |
0xfa, 0xbc, 0x1c, 0x60, 0x10, 0x4b, 0x26, 0x81,
|
|
Packit Service |
3749ba |
0x13, 0x1a, 0x59, 0xe3, 0xfe, 0x45, 0x6c, 0x38,
|
|
Packit Service |
3749ba |
0x04, 0x39, 0x27, 0x46, 0x57, 0xfd, 0xd5, 0xbc,
|
|
Packit Service |
3749ba |
0x8d, 0x8a, 0x10, 0xb6, 0x3b, 0xd4, 0x0a, 0x81,
|
|
Packit Service |
3749ba |
0x5a, 0x45, 0x2f, 0xec, 0x3e, 0x81, 0xf0, 0xd9,
|
|
Packit Service |
3749ba |
0x4e, 0x4f, 0x97, 0xdf, 0x4b, 0x32, 0x0f, 0x08,
|
|
Packit Service |
3749ba |
0xb1, 0x26, 0xa2, 0xbd, 0x69, 0x61, 0x5d, 0x66,
|
|
Packit Service |
3749ba |
0x39, 0x63, 0x2f, 0x10, 0x70, 0x35, 0xfb, 0x07,
|
|
Packit Service |
3749ba |
0x85, 0x0a, 0xff, 0x57, 0x12, 0xc1, 0xf4, 0x83,
|
|
Packit Service |
3749ba |
0x1d, 0xf9, 0xc6, 0xd3, 0xa4, 0xb6, 0x70, 0x2b,
|
|
Packit Service |
3749ba |
0x80, 0xa1, 0x40, 0x7f, 0x48, 0x4e, 0xd9, 0xad,
|
|
Packit Service |
3749ba |
0xeb, 0x80, 0xcc, 0xcf, 0x92, 0xc1, 0xd1, 0x83,
|
|
Packit Service |
3749ba |
0x64, 0x01, 0x23, 0x47, 0x8e, 0xbd, 0x31, 0x98,
|
|
Packit Service |
3749ba |
0x05, 0x6b, 0x6b, 0x7c, 0x37, 0x02, 0x03, 0x01,
|
|
Packit Service |
3749ba |
0x00, 0x01
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE match[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &klass, sizeof (klass) },
|
|
Packit Service |
3749ba |
{ CKA_PUBLIC_KEY_INFO, spki, sizeof (spki) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE objects[16];
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE sessions[16];
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = find_objects (match, sessions, objects, 16);
|
|
Packit Service |
3749ba |
assert_num_eq (1, count);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_find_builtin (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS klass = CKO_NSS_BUILTIN_ROOT_LIST;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE match[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &klass, sizeof (klass) },
|
|
Packit Service |
3749ba |
{ CKA_TOKEN, &vtrue, sizeof (vtrue) },
|
|
Packit Service |
3749ba |
{ CKA_PRIVATE, &vfalse, sizeof (vfalse) },
|
|
Packit Service |
3749ba |
{ CKA_MODIFIABLE, &vfalse, sizeof (vfalse) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID, }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE objects[16];
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE sessions[16];
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* One per token */
|
|
Packit Service |
3749ba |
count = find_objects (match, sessions, objects, 16);
|
|
Packit Service |
3749ba |
assert_num_eq (NUM_SLOTS, count);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_session_object (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_ULONG size;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 2, &handle);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetObjectSize (session, handle, &size);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_session_find (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE check;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 2, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, original, 2);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &check, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (1, count);
|
|
Packit Service |
3749ba |
assert_num_eq (handle, check);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_session_find_no_attr (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE match[] = {
|
|
Packit Service |
3749ba |
{ CKA_COLOR, "blah", 4 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE check;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 3, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, match, 1);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &check, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (0, count);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_lookup_invalid (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_ULONG size;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetObjectSize (session, 88888, &size);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OBJECT_HANDLE_INVALID);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_remove_token (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, NULL, 0);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &handle, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
assert_num_eq (1, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_DestroyObject (session, handle);
|
|
Packit Service |
3749ba |
if (rv != CKR_TOKEN_WRITE_PROTECTED)
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_SESSION_READ_ONLY);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_setattr_token (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, NULL, 0);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &handle, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
assert_num_eq (1, count);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_SetAttributeValue (session, handle, original, 2);
|
|
Packit Service |
3749ba |
if (rv != CKR_TOKEN_WRITE_PROTECTED)
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_ATTRIBUTE_READ_ONLY);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_session_copy (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE copy;
|
|
Packit Service |
3749ba |
CK_ULONG size;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 2, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CopyObject (session, handle, original, 2, ©);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetObjectSize (session, copy, &size);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_session_setattr (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 2, &handle);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_SetAttributeValue (session, handle, original, 2);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_session_remove (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 2, &handle);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_DestroyObject (session, handle);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_DestroyObject (session, handle);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OBJECT_HANDLE_INVALID);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_find_serial_der_decoded (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS nss_trust = CKO_NSS_TRUST;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE object[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &nss_trust, sizeof (nss_trust) },
|
|
Packit Service |
3749ba |
{ CKA_SERIAL_NUMBER, "\x02\x03\x01\x02\x03", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE match_decoded[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &nss_trust, sizeof (nss_trust) },
|
|
Packit Service |
3749ba |
{ CKA_SERIAL_NUMBER, "\x01\x02\x03", 3 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE check;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/*
|
|
Packit Service |
3749ba |
* WORKAROUND: NSS calls us asking for CKA_SERIAL_NUMBER items that are
|
|
Packit Service |
3749ba |
* not DER encoded. It shouldn't be doing this. We never return any certificate
|
|
Packit Service |
3749ba |
* serial numbers that are not DER encoded.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* So work around the issue here while the NSS guys fix this issue.
|
|
Packit Service |
3749ba |
* This code should be removed in future versions.
|
|
Packit Service |
3749ba |
*
|
|
Packit Service |
3749ba |
* See work_around_broken_nss_serial_number_lookups().
|
|
Packit Service |
3749ba |
*/
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, object, 2, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Do a standard find for the same object */
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, object, 2);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &check, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (1, count);
|
|
Packit Service |
3749ba |
assert_num_eq (handle, check);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Do a find for the serial number decoded */
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, match_decoded, 2);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &check, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (1, count);
|
|
Packit Service |
3749ba |
assert_num_eq (handle, check);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_find_serial_der_mismatch (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_OBJECT_CLASS nss_trust = CKO_NSS_TRUST;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE object[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &nss_trust, sizeof (nss_trust) },
|
|
Packit Service |
3749ba |
{ CKA_SERIAL_NUMBER, "\x02\x03\x01\x02\x03", 5 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE match[] = {
|
|
Packit Service |
3749ba |
{ CKA_SERIAL_NUMBER, NULL, 0 },
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &nss_trust, sizeof (nss_trust) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE check;
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, object, 2, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Do a find with a null serial number, no match */
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, match, 2);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &check, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (0, count);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Do a find with a wrong length, no match */
|
|
Packit Service |
3749ba |
match[0].pValue = "at";
|
|
Packit Service |
3749ba |
match[0].ulValueLen = 2;
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, match, 2);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &check, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (0, count);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Do a find with a right length, wrong value, no match */
|
|
Packit Service |
3749ba |
match[0].pValue = "one";
|
|
Packit Service |
3749ba |
match[0].ulValueLen = 3;
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsInit (session, match, 2);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjects (session, &check, 1, &count);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
assert_num_eq (0, count);
|
|
Packit Service |
3749ba |
rv = test.module->C_FindObjectsFinal (session);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_login_logout (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Just testing our stubs for now */
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_Login (session, CKU_USER, NULL, 0);
|
|
Packit Service |
3749ba |
assert (rv == CKR_USER_TYPE_INVALID);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_Logout (session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_USER_NOT_LOGGED_IN);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_token_writable (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_TOKEN_INFO info;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_GetTokenInfo (test.slots[0], &info;;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
assert_num_eq (info.flags & CKF_WRITE_PROTECTED, 0);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_session_read_only_create (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_TOKEN, &vtrue, sizeof (vtrue) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Read-only session */
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION,
|
|
Packit Service |
3749ba |
NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Create a token object */
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 4, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_SESSION_READ_ONLY);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_create_and_write (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_TOKEN, &vtrue, sizeof (vtrue) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE expected[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_APPLICATION, "", 0 },
|
|
Packit Service |
3749ba |
{ CKA_OBJECT_ID, "", 0 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
p11_array *parsed;
|
|
Packit Service |
3749ba |
char *path;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int ret;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Read-only session */
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION | CKF_RW_SESSION,
|
|
Packit Service |
3749ba |
NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Create a token object */
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 4, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* The expected file name */
|
|
Packit Service |
3749ba |
path = p11_path_build (test.directory, "yay.p11-kit", NULL);
|
|
Packit Service |
3749ba |
p11_parser_formats (test.parser, p11_parser_format_persist, NULL);
|
|
Packit Service |
3749ba |
ret = p11_parse_file (test.parser, path, NULL, 0);
|
|
Packit Service |
3749ba |
assert_num_eq (ret, P11_PARSE_SUCCESS);
|
|
Packit Service |
3749ba |
free (path);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
parsed = p11_parser_parsed (test.parser);
|
|
Packit Service |
3749ba |
assert_num_eq (parsed->num, 1);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test_check_attrs (expected, parsed->elem[0]);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_modify_and_write (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE original[] = {
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "eight", 5 },
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_TOKEN, &vtrue, sizeof (vtrue) },
|
|
Packit Service |
3749ba |
{ CKA_MODIFIABLE, &vtrue, sizeof (vtrue) },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_ATTRIBUTE expected[] = {
|
|
Packit Service |
3749ba |
{ CKA_CLASS, &data, sizeof (data) },
|
|
Packit Service |
3749ba |
{ CKA_LABEL, "yay", 3 },
|
|
Packit Service |
3749ba |
{ CKA_VALUE, "nine", 4 },
|
|
Packit Service |
3749ba |
{ CKA_APPLICATION, "", 0 },
|
|
Packit Service |
3749ba |
{ CKA_OBJECT_ID, "", 0 },
|
|
Packit Service |
3749ba |
{ CKA_INVALID }
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
CK_SESSION_HANDLE session;
|
|
Packit Service |
3749ba |
CK_OBJECT_HANDLE handle;
|
|
Packit Service |
3749ba |
p11_array *parsed;
|
|
Packit Service |
3749ba |
char *path;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int ret;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Read-only session */
|
|
Packit Service |
3749ba |
rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION | CKF_RW_SESSION,
|
|
Packit Service |
3749ba |
NULL, NULL, &session);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Create a token object */
|
|
Packit Service |
3749ba |
rv = test.module->C_CreateObject (session, original, 5, &handle);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* Now modify the object */
|
|
Packit Service |
3749ba |
original[0].pValue = "nine";
|
|
Packit Service |
3749ba |
original[0].ulValueLen = 4;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = test.module->C_SetAttributeValue (session, handle, original, 5);
|
|
Packit Service |
3749ba |
assert_num_eq (rv, CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* The expected file name */
|
|
Packit Service |
3749ba |
path = p11_path_build (test.directory, "yay.p11-kit", NULL);
|
|
Packit Service |
3749ba |
ret = p11_parse_file (test.parser, path, NULL, 0);
|
|
Packit Service |
3749ba |
assert_num_eq (ret, P11_PARSE_SUCCESS);
|
|
Packit Service |
3749ba |
free (path);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
parsed = p11_parser_parsed (test.parser);
|
|
Packit Service |
3749ba |
assert_num_eq (parsed->num, 1);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
test_check_attrs (expected, parsed->elem[0]);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
static void
|
|
Packit Service |
3749ba |
test_token_write_protected (void)
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
CK_C_INITIALIZE_ARGS args;
|
|
Packit Service |
3749ba |
CK_FUNCTION_LIST *module;
|
|
Packit Service |
3749ba |
CK_SLOT_ID slots[NUM_SLOTS];
|
|
Packit Service |
3749ba |
CK_TOKEN_INFO info;
|
|
Packit Service |
3749ba |
char label[32];
|
|
Packit Service |
3749ba |
CK_ULONG count;
|
|
Packit Service |
3749ba |
CK_RV rv;
|
|
Packit Service |
3749ba |
int i;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* These are the paths passed in in setup() */
|
|
Packit Service |
3749ba |
const char *labels[] = {
|
|
Packit Service |
3749ba |
"System Trust",
|
|
Packit Service |
3749ba |
"Default Trust",
|
|
Packit Service |
3749ba |
"the-basename",
|
|
Packit Service |
3749ba |
};
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
/* This is the entry point of the trust module, linked to this test */
|
|
Packit Service |
3749ba |
rv = C_GetFunctionList (&module);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (&args, 0, sizeof (args));
|
|
Packit Service |
3749ba |
args.pReserved = "paths='" \
|
|
Packit Service |
3749ba |
P11_SYSTEM_TRUST_PREFIX "/trust/input" P11_PATH_SEP \
|
|
Packit Service |
3749ba |
P11_DEFAULT_TRUST_PREFIX "/trust/fixtures/blah" P11_PATH_SEP \
|
|
Packit Service |
3749ba |
"/some/other/path/the-basename'";
|
|
Packit Service |
3749ba |
args.flags = CKF_OS_LOCKING_OK;
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Initialize (&args);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
count = NUM_SLOTS;
|
|
Packit Service |
3749ba |
rv = module->C_GetSlotList (CK_TRUE, slots, &count);
|
|
Packit Service |
3749ba |
assert (rv == CKR_OK);
|
|
Packit Service |
3749ba |
assert (count == NUM_SLOTS);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
for (i = 0; i < NUM_SLOTS; i++) {
|
|
Packit Service |
3749ba |
rv = module->C_GetTokenInfo (slots[i], &info;;
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
memset (label, ' ', sizeof (label));
|
|
Packit Service |
3749ba |
memcpy (label, labels[i], strlen (labels[i]));
|
|
Packit Service |
3749ba |
assert (memcmp (info.label, label, sizeof (label)) == 0);
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
switch (i) {
|
|
Packit Service |
3749ba |
case 0:
|
|
Packit Service |
3749ba |
assert_num_cmp (0, ==, info.flags & CKF_WRITE_PROTECTED);
|
|
Packit Service |
3749ba |
break;
|
|
Packit Service |
3749ba |
case 1:
|
|
Packit Service |
3749ba |
assert_num_cmp (0, !=, info.flags & CKF_WRITE_PROTECTED);
|
|
Packit Service |
3749ba |
break;
|
|
Packit Service |
3749ba |
default:
|
|
Packit Service |
3749ba |
break;
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
rv = module->C_Finalize (NULL);
|
|
Packit Service |
3749ba |
assert_num_eq (CKR_OK, rv);
|
|
Packit Service |
3749ba |
}
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
int
|
|
Packit Service |
3749ba |
main (int argc,
|
|
Packit Service |
3749ba |
char *argv[])
|
|
Packit Service |
3749ba |
{
|
|
Packit Service |
3749ba |
p11_library_init ();
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_fixture (setup, teardown);
|
|
Packit Service |
3749ba |
p11_test (test_get_slot_list, "/module/get_slot_list");
|
|
Packit Service |
3749ba |
p11_test (test_get_slot_info, "/module/get_slot_info");
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_fixture (NULL, NULL);
|
|
Packit Service |
3749ba |
p11_test (test_null_initialize, "/module/initialize-null");
|
|
Packit Service |
3749ba |
p11_test (test_multi_initialize, "/module/initialize-multi");
|
|
Packit Service |
3749ba |
p11_test (test_get_token_info, "/module/get_token_info");
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_fixture (setup, teardown);
|
|
Packit Service |
3749ba |
p11_test (test_get_session_info, "/module/get_session_info");
|
|
Packit Service |
3749ba |
p11_test (test_close_all_sessions, "/module/close_all_sessions");
|
|
Packit Service |
3749ba |
p11_test (test_find_certificates, "/module/find_certificates");
|
|
Packit Service |
3749ba |
p11_test (test_find_extensions, "/module/find_extensions");
|
|
Packit Service |
3749ba |
p11_test (test_find_builtin, "/module/find_builtin");
|
|
Packit Service |
3749ba |
p11_test (test_lookup_invalid, "/module/lookup_invalid");
|
|
Packit Service |
3749ba |
p11_test (test_remove_token, "/module/remove_token");
|
|
Packit Service |
3749ba |
p11_test (test_setattr_token, "/module/setattr_token");
|
|
Packit Service |
3749ba |
p11_test (test_session_object, "/module/session_object");
|
|
Packit Service |
3749ba |
p11_test (test_session_find, "/module/session_find");
|
|
Packit Service |
3749ba |
p11_test (test_session_find_no_attr, "/module/session_find_no_attr");
|
|
Packit Service |
3749ba |
p11_test (test_session_copy, "/module/session_copy");
|
|
Packit Service |
3749ba |
p11_test (test_session_remove, "/module/session_remove");
|
|
Packit Service |
3749ba |
p11_test (test_session_setattr, "/module/session_setattr");
|
|
Packit Service |
3749ba |
p11_test (test_find_serial_der_decoded, "/module/find_serial_der_decoded");
|
|
Packit Service |
3749ba |
p11_test (test_find_serial_der_mismatch, "/module/find_serial_der_mismatch");
|
|
Packit Service |
3749ba |
p11_test (test_login_logout, "/module/login_logout");
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_fixture (setup_writable, teardown);
|
|
Packit Service |
3749ba |
p11_test (test_token_writable, "/module/token-writable");
|
|
Packit Service |
3749ba |
p11_test (test_session_read_only_create, "/module/session-read-only-create");
|
|
Packit Service |
3749ba |
p11_test (test_create_and_write, "/module/create-and-write");
|
|
Packit Service |
3749ba |
p11_test (test_modify_and_write, "/module/modify-and-write");
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_fixture (NULL, NULL);
|
|
Packit Service |
3749ba |
p11_test (test_token_write_protected, "/module/token-write-protected");
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
p11_fixture (setup_unreadable, teardown);
|
|
Packit Service |
3749ba |
p11_test (test_find_certificates, "/module/unreadable");
|
|
Packit Service |
3749ba |
|
|
Packit Service |
3749ba |
return p11_test_run (argc, argv);
|
|
Packit Service |
3749ba |
}
|