diff options
author | Stef Walter <stef@thewalter.net> | 2013-06-28 13:27:42 +0200 |
---|---|---|
committer | Stef Walter <stef@thewalter.net> | 2013-07-03 11:46:27 +0200 |
commit | 17bc43cb82320f2aba4ccb804bd8599232524c6a (patch) | |
tree | e7ddda708713d052b991a6592c606ba7260f8ec8 /trust/tests | |
parent | 7bb9ad33da0154c9a4317f0123046eee85738349 (diff) |
trust: Implement reloading of token data
* Reload token data whenever a new session is opened.
* Only reload files/directories that have changed.
* Move duplicate anchor/blacklist detection logic into
the extract code. This is in line with the approach
being discussed on the mailing lists and spec document.
* New internal attribute CKA_X_ORIGIN set on all objects
so we can track where an object came from, and replace
it when reloaded.
In general this is a prerequisite for modification of objects
reload before modify is necessary to prevent multiple callers
clobbering each other's changes.
Diffstat (limited to 'trust/tests')
-rw-r--r-- | trust/tests/test-extract.c | 28 | ||||
-rw-r--r-- | trust/tests/test-parser.c | 184 | ||||
-rw-r--r-- | trust/tests/test-token.c | 255 | ||||
-rw-r--r-- | trust/tests/test-trust.c | 75 | ||||
-rw-r--r-- | trust/tests/test-trust.h | 28 |
5 files changed, 378 insertions, 192 deletions
diff --git a/trust/tests/test-extract.c b/trust/tests/test-extract.c index b121b21..ddb4a49 100644 --- a/trust/tests/test-extract.c +++ b/trust/tests/test-extract.c @@ -380,13 +380,18 @@ test_duplicate_extract (void) } static void -test_duplicate_collapse (void) +test_duplicate_distrusted (void) { CK_ATTRIBUTE certificate = { CKA_CLASS, &certificate_class, sizeof (certificate_class) }; + CK_ATTRIBUTE attrs[] = { + { CKA_X_DISTRUSTED, NULL, 0 }, + }; + + CK_BBOOL val; CK_RV rv; - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_distrusted); + mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); test.ex.flags = P11_EXTRACT_COLLAPSE; p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -396,6 +401,12 @@ test_duplicate_collapse (void) rv = p11_kit_iter_next (test.iter); assert_num_eq (CKR_OK, rv); + rv = p11_kit_iter_load_attributes (test.iter, attrs, 1); + assert_num_eq (CKR_OK, rv); + assert (p11_attrs_findn_bool (attrs, 1, CKA_X_DISTRUSTED, &val)); + assert_num_eq (val, CK_TRUE); + free (attrs[0].pValue); + rv = p11_kit_iter_next (test.iter); assert_num_eq (CKR_CANCEL, rv); } @@ -404,7 +415,6 @@ static void test_trusted_match (void) { CK_ATTRIBUTE certificate = { CKA_CLASS, &certificate_class, sizeof (certificate_class) }; - CK_BBOOL boolv; CK_RV rv; mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); @@ -416,13 +426,6 @@ test_trusted_match (void) p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - assert_num_eq (CKR_OK, rv); - - if (!p11_attrs_find_bool (test.ex.attrs, CKA_TRUSTED, &boolv)) - boolv = CK_FALSE; - assert_num_eq (CK_TRUE, boolv); - - rv = p11_kit_iter_next (test.iter); assert_num_eq (CKR_CANCEL, rv); } @@ -470,9 +473,6 @@ test_anytrust_match (void) assert_num_eq (CKR_OK, rv); rv = p11_kit_iter_next (test.iter); - assert_num_eq (CKR_OK, rv); - - rv = p11_kit_iter_next (test.iter); assert_num_eq (CKR_CANCEL, rv); } @@ -495,7 +495,7 @@ main (int argc, p11_test (test_limit_to_purpose_match, "/extract/test_limit_to_purpose_match"); p11_test (test_limit_to_purpose_no_match, "/extract/test_limit_to_purpose_no_match"); p11_test (test_duplicate_extract, "/extract/test_duplicate_extract"); - p11_test (test_duplicate_collapse, "/extract/test_duplicate_collapse"); + p11_test (test_duplicate_distrusted, "/extract/test-duplicate-distrusted"); p11_test (test_trusted_match, "/extract/test_trusted_match"); p11_test (test_distrust_match, "/extract/test_distrust_match"); p11_test (test_anytrust_match, "/extract/test_anytrust_match"); diff --git a/trust/tests/test-parser.c b/trust/tests/test-parser.c index 2b60254..3eee984 100644 --- a/trust/tests/test-parser.c +++ b/trust/tests/test-parser.c @@ -51,24 +51,25 @@ struct { p11_parser *parser; + p11_array *parsed; p11_asn1_cache *cache; - p11_index *index; } test; static void setup (void *unused) { - test.index = p11_index_new (NULL, NULL, NULL); test.cache = p11_asn1_cache_new (); - test.parser = p11_parser_new (test.index, test.cache); + test.parser = p11_parser_new (test.cache); assert_ptr_not_null (test.parser); + + test.parsed = p11_parser_parsed (test.parser); + assert_ptr_not_null (test.parsed); } static void teardown (void *unused) { p11_parser_free (test.parser); - p11_index_free (test.index); p11_asn1_cache_free (test.cache); memset (&test, 0, sizeof (test)); } @@ -85,12 +86,19 @@ static CK_ATTRIBUTE certificate_match[] = { }; static CK_ATTRIBUTE * -parsed_attrs (CK_ATTRIBUTE *match) +parsed_attrs (CK_ATTRIBUTE *match, + int length) { - CK_OBJECT_HANDLE handle; - handle = p11_index_find (test.index, certificate_match, -1); - return p11_index_lookup (test.index, handle); + int i; + + if (length < 0) + length = p11_attrs_count (match); + for (i = 0; i < test.parsed->num; i++) { + if (p11_attrs_matchn (test.parsed->elem[i], match, length)) + return test.parsed->elem[i]; + } + return NULL; } static void @@ -114,9 +122,9 @@ test_parse_der_certificate (void) assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - assert_num_eq (1, p11_index_size (test.index)); + assert_num_eq (1, test.parsed->num); - cert = parsed_attrs (certificate_match); + cert = parsed_attrs (certificate_match, -1); test_check_attrs (expected, cert); } @@ -141,9 +149,9 @@ test_parse_pem_certificate (void) assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - assert_num_eq (1, p11_index_size (test.index)); + assert_num_eq (1, test.parsed->num); - cert = parsed_attrs (certificate_match); + cert = parsed_attrs (certificate_match, -1); test_check_attrs (expected, cert); } @@ -168,9 +176,9 @@ test_parse_p11_kit_persist (void) assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - assert_num_eq (1, p11_index_size (test.index)); + assert_num_eq (1, test.parsed->num); - cert = parsed_attrs (certificate_match); + cert = parsed_attrs (certificate_match, -1); test_check_attrs (expected, cert); } @@ -212,7 +220,6 @@ test_parse_openssl_trusted (void) CK_ATTRIBUTE *cert; CK_ATTRIBUTE *object; - CK_OBJECT_HANDLE handle; int ret; int i; @@ -225,18 +232,15 @@ test_parse_openssl_trusted (void) * - 1 certificate * - 2 stapled extensions */ - assert_num_eq (3, p11_index_size (test.index)); + assert_num_eq (3, test.parsed->num); /* The certificate */ - cert = parsed_attrs (certificate_match); + cert = parsed_attrs (certificate_match, -1); test_check_attrs (expected[0], cert); /* The other objects */ for (i = 1; expected[i]; i++) { - handle = p11_index_find (test.index, expected[i], 2); - assert (handle != 0); - - object = p11_index_lookup (test.index, handle); + object = parsed_attrs (expected[i], 2); assert_ptr_not_null (object); test_check_attrs (expected[i], object); @@ -281,7 +285,6 @@ test_parse_openssl_distrusted (void) CK_ATTRIBUTE *cert; CK_ATTRIBUTE *object; - CK_OBJECT_HANDLE handle; int ret; int i; @@ -298,16 +301,13 @@ test_parse_openssl_distrusted (void) * - 1 certificate * - 2 stapled extensions */ - assert_num_eq (3, p11_index_size (test.index)); - cert = parsed_attrs (certificate_match); + assert_num_eq (3, test.parsed->num); + cert = parsed_attrs (certificate_match, -1); test_check_attrs (expected[0], cert); /* The other objects */ for (i = 1; expected[i]; i++) { - handle = p11_index_find (test.index, expected[i], 2); - assert (handle != 0); - - object = p11_index_lookup (test.index, handle); + object = parsed_attrs (expected[i], 2); assert_ptr_not_null (object); test_check_attrs (expected[i], object); @@ -339,9 +339,9 @@ test_parse_anchor (void) * Should have gotten: * - 1 certificate */ - assert_num_eq (1, p11_index_size (test.index)); + assert_num_eq (1, test.parsed->num); - cert = parsed_attrs (certificate_match); + cert = parsed_attrs (certificate_match, -1); test_check_attrs (cacert3, cert); } @@ -365,9 +365,9 @@ test_parse_thawte (void) assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - assert_num_eq (1, p11_index_size (test.index)); + assert_num_eq (1, test.parsed->num); - cert = parsed_attrs (certificate_match); + cert = parsed_attrs (certificate_match, -1); test_check_attrs (expected, cert); } @@ -401,124 +401,6 @@ test_parse_unrecognized (void) p11_message_loud (); } -static void -test_duplicate (void) -{ - CK_ATTRIBUTE cacert3[] = { - { CKA_CLASS, &certificate, sizeof (certificate) }, - { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, - { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, - { CKA_MODIFIABLE, &falsev, sizeof (falsev) }, - { CKA_TRUSTED, &falsev, sizeof (falsev) }, - { CKA_X_DISTRUSTED, &falsev, sizeof (falsev) }, - { CKA_INVALID }, - }; - - CK_OBJECT_HANDLE *handles; - CK_ATTRIBUTE *cert; - int ret; - - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", 0); - assert_num_eq (P11_PARSE_SUCCESS, ret); - - p11_message_quiet (); - - /* This shouldn't be added, should print a message */ - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", 0); - assert_num_eq (P11_PARSE_SUCCESS, ret); - - assert (strstr (p11_message_last (), "duplicate") != NULL); - - p11_message_loud (); - - /* Should only be one certificate since the above two are identical */ - handles = p11_index_find_all (test.index, cacert3, 2); - assert_ptr_not_null (handles); - assert (handles[0] != 0); - assert (handles[1] == 0); - - cert = p11_index_lookup (test.index, handles[0]); - test_check_attrs (cacert3, cert); - - free (handles); -} - -static void -test_duplicate_priority (void) -{ - CK_ATTRIBUTE cacert3[] = { - { CKA_CLASS, &certificate, sizeof (certificate) }, - { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, - { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, - { CKA_MODIFIABLE, &falsev, sizeof (falsev) }, - { CKA_INVALID }, - }; - - CK_ATTRIBUTE trusted[] = { - { CKA_CLASS, &certificate, sizeof (certificate) }, - { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, - { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, - { CKA_TRUSTED, &truev, sizeof (truev) }, - { CKA_X_DISTRUSTED, &falsev, sizeof (falsev) }, - { CKA_INVALID }, - }; - - CK_ATTRIBUTE distrust[] = { - { CKA_CLASS, &certificate, sizeof (certificate) }, - { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, - { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, - { CKA_TRUSTED, &falsev, sizeof (falsev) }, - { CKA_X_DISTRUSTED, &truev, sizeof (truev) }, - { CKA_INVALID }, - }; - - CK_OBJECT_HANDLE *handles; - CK_ATTRIBUTE *cert; - int ret; - - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", 0); - assert_num_eq (P11_PARSE_SUCCESS, ret); - - p11_message_quiet (); - - /* This shouldn't be added, should print a message */ - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", - P11_PARSE_FLAG_ANCHOR); - assert_num_eq (P11_PARSE_SUCCESS, ret); - - assert (strstr (p11_message_last (), "duplicate") != NULL); - - p11_message_loud (); - - /* We should now find the trusted certificate */ - handles = p11_index_find_all (test.index, cacert3, 2); - assert_ptr_not_null (handles); - assert (handles[0] != 0); - assert (handles[1] == 0); - cert = p11_index_lookup (test.index, handles[0]); - test_check_attrs (trusted, cert); - free (handles); - - /* Now add a distrutsed one, this should override the trusted */ - - p11_message_quiet (); - - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", - P11_PARSE_FLAG_BLACKLIST); - assert_num_eq (P11_PARSE_SUCCESS, ret); - - p11_message_loud (); - - /* We should now find the distrusted certificate */ - handles = p11_index_find_all (test.index, cacert3, 2); - assert_ptr_not_null (handles); - assert (handles[0] != 0); - assert (handles[1] == 0); - cert = p11_index_lookup (test.index, handles[0]); - test_check_attrs (distrust, cert); - free (handles); -} - int main (int argc, char *argv[]) @@ -533,7 +415,5 @@ main (int argc, p11_test (test_parse_thawte, "/parser/parse_thawte"); p11_test (test_parse_invalid_file, "/parser/parse_invalid_file"); p11_test (test_parse_unrecognized, "/parser/parse_unrecognized"); - p11_test (test_duplicate, "/parser/duplicate"); - p11_test (test_duplicate_priority, "/parser/duplicate_priority"); return p11_test_run (argc, argv); } diff --git a/trust/tests/test-token.c b/trust/tests/test-token.c index d372814..a518c9e 100644 --- a/trust/tests/test-token.c +++ b/trust/tests/test-token.c @@ -47,8 +47,14 @@ #include "message.h" #include "token.h" +static CK_OBJECT_CLASS certificate = CKO_CERTIFICATE; +static CK_BBOOL falsev = CK_FALSE; +static CK_BBOOL truev = CK_TRUE; + struct { p11_token *token; + p11_index *index; + char *directory; } test; static void @@ -56,6 +62,19 @@ setup (void *path) { test.token = p11_token_new (333, path, "Label"); assert_ptr_not_null (test.token); + + test.index = p11_token_index (test.token); + assert_ptr_not_null (test.token); +} + +static void +setup_temp (void *unused) +{ + test.directory = p11_path_expand ("$TEMP/test-module.XXXXXX"); + if (!mkdtemp (test.directory)) + assert_not_reached (); + + setup (test.directory); } static void @@ -66,15 +85,23 @@ teardown (void *path) } static void +teardown_temp (void *unused) +{ + test_delete_directory (test.directory); + free (test.directory); + teardown (test.directory); +} + +static void test_token_load (void *path) { p11_index *index; int count; count = p11_token_load (test.token); - assert_num_eq (7, count); + assert_num_eq (6, count); - /* A certificate and trust object for each parsed object + builtin */ + /* A certificate and trust object for each parsed object */ index = p11_token_index (test.token); assert (((count - 1) * 2) + 1 <= p11_index_size (index)); } @@ -82,10 +109,6 @@ test_token_load (void *path) static void test_token_flags (void *path) { - CK_OBJECT_CLASS certificate = CKO_CERTIFICATE; - CK_BBOOL falsev = CK_FALSE; - CK_BBOOL truev = CK_TRUE; - /* * blacklist comes from the input/distrust.pem file. It is not in the blacklist * directory, but is an OpenSSL trusted certificate file, and is marked @@ -228,24 +251,8 @@ test_not_writable (void) static void test_writable_exists (void) { - char *directory; - p11_token *token; - - directory = p11_path_expand ("$TEMP/test-module.XXXXXX"); - if (!mkdtemp (directory)) - assert_not_reached (); - - token = p11_token_new (333, directory, "Label"); - /* A writable directory since we created it */ - assert (p11_token_is_writable (token)); - - p11_token_free (token); - - if (rmdir (directory) < 0) - assert_not_reached (); - - free (directory); + assert (p11_token_is_writable (test.token)); } static void @@ -276,6 +283,196 @@ test_writable_no_exist (void) free (directory); } +static void +test_load_already (void) +{ + CK_ATTRIBUTE cert[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_SUBJECT, (void *)test_cacert3_ca_subject, sizeof (test_cacert3_ca_subject) }, + { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, + { CKA_INVALID }, + }; + + CK_OBJECT_HANDLE handle; + int ret; + + test_write_file (test.directory, "test.cer", test_cacert3_ca_der, + sizeof (test_cacert3_ca_der)); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 1); + handle = p11_index_find (test.index, cert, -1); + assert (handle != 0); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 0); + assert_num_eq (p11_index_find (test.index, cert, -1), handle); +} + +static void +test_load_unreadable (void) +{ + CK_ATTRIBUTE cert[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_SUBJECT, (void *)test_cacert3_ca_subject, sizeof (test_cacert3_ca_subject) }, + { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, + { CKA_INVALID }, + }; + + int ret; + + test_write_file (test.directory, "test.cer", test_cacert3_ca_der, + sizeof (test_cacert3_ca_der)); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 1); + assert (p11_index_find (test.index, cert, -1) != 0); + + test_write_file (test.directory, "test.cer", "", 0); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 0); + assert (p11_index_find (test.index, cert, -1) == 0); +} + +static void +test_load_gone (void) +{ + CK_ATTRIBUTE cert[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_SUBJECT, (void *)test_cacert3_ca_subject, sizeof (test_cacert3_ca_subject) }, + { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, + { CKA_INVALID }, + }; + + int ret; + + test_write_file (test.directory, "test.cer", test_cacert3_ca_der, + sizeof (test_cacert3_ca_der)); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 1); + assert (p11_index_find (test.index, cert, -1) != 0); + + test_delete_file (test.directory, "test.cer"); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 0); + assert (p11_index_find (test.index, cert, -1) == 0); +} + +static void +test_load_found (void) +{ + CK_ATTRIBUTE cert[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_SUBJECT, (void *)test_cacert3_ca_subject, sizeof (test_cacert3_ca_subject) }, + { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, + { CKA_INVALID }, + }; + + int ret; + + ret = p11_token_load (test.token); + assert_num_eq (ret, 0); + assert (p11_index_find (test.index, cert, -1) == 0); + + test_write_file (test.directory, "test.cer", test_cacert3_ca_der, + sizeof (test_cacert3_ca_der)); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 1); + assert (p11_index_find (test.index, cert, -1) != 0); +} + +static void +test_reload_changed (void) +{ + CK_ATTRIBUTE cacert3[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_SUBJECT, (void *)test_cacert3_ca_subject, sizeof (test_cacert3_ca_subject) }, + { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, + { CKA_INVALID }, + }; + + CK_ATTRIBUTE verisign[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_VALUE, (void *)verisign_v1_ca, sizeof (verisign_v1_ca) }, + { CKA_INVALID }, + }; + + CK_ATTRIBUTE *attrs; + CK_OBJECT_HANDLE handle; + int ret; + + /* Just one file */ + test_write_file (test.directory, "test.cer", test_cacert3_ca_der, + sizeof (test_cacert3_ca_der)); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 1); + handle = p11_index_find (test.index, cacert3, -1); + assert (handle != 0); + + /* Replace the file with verisign */ + test_write_file (test.directory, "test.cer", verisign_v1_ca, + sizeof (verisign_v1_ca)); + + /* Add another file with cacert3, but not reloaded */ + test_write_file (test.directory, "another.cer", test_cacert3_ca_der, + sizeof (test_cacert3_ca_der)); + + attrs = p11_index_lookup (test.index, handle); + assert_ptr_not_null (attrs); + p11_token_reload (test.token, attrs); + + assert (p11_index_find (test.index, cacert3, -1) == 0); + assert (p11_index_find (test.index, verisign, -1) != 0); +} + +static void +test_reload_gone (void) +{ + CK_ATTRIBUTE cacert3[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_SUBJECT, (void *)test_cacert3_ca_subject, sizeof (test_cacert3_ca_subject) }, + { CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) }, + { CKA_INVALID }, + }; + + CK_ATTRIBUTE verisign[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_VALUE, (void *)verisign_v1_ca, sizeof (verisign_v1_ca) }, + { CKA_INVALID }, + }; + + CK_ATTRIBUTE *attrs; + CK_OBJECT_HANDLE handle; + int ret; + + /* Just one file */ + test_write_file (test.directory, "cacert3.cer", test_cacert3_ca_der, + sizeof (test_cacert3_ca_der)); + test_write_file (test.directory, "verisign.cer", verisign_v1_ca, + sizeof (verisign_v1_ca)); + + ret = p11_token_load (test.token); + assert_num_eq (ret, 2); + handle = p11_index_find (test.index, cacert3, -1); + assert (handle != 0); + assert (p11_index_find (test.index, verisign, -1) != 0); + + test_delete_file (test.directory, "cacert3.cer"); + test_delete_file (test.directory, "verisign.cer"); + + attrs = p11_index_lookup (test.index, handle); + assert_ptr_not_null (attrs); + p11_token_reload (test.token, attrs); + + assert (p11_index_find (test.index, cacert3, -1) == 0); + assert (p11_index_find (test.index, verisign, -1) != 0); +} + int main (int argc, char *argv[]) @@ -283,16 +480,22 @@ main (int argc, p11_fixture (setup, teardown); p11_testx (test_token_load, SRCDIR "/input", "/token/load"); p11_testx (test_token_flags, SRCDIR "/input", "/token/flags"); - - p11_fixture (setup, teardown); p11_testx (test_token_path, "/wheee", "/token/path"); p11_testx (test_token_label, "/wheee", "/token/label"); p11_testx (test_token_slot, "/unneeded", "/token/slot"); p11_fixture (NULL, NULL); p11_test (test_not_writable, "/token/not-writable"); - p11_test (test_writable_exists, "/token/writable-exists"); p11_test (test_writable_no_exist, "/token/writable-no-exist"); + p11_fixture (setup_temp, teardown_temp); + p11_test (test_writable_exists, "/token/writable-exists"); + p11_test (test_load_found, "/token/load-found"); + p11_test (test_load_already, "/token/load-already"); + p11_test (test_load_unreadable, "/token/load-unreadable"); + p11_test (test_load_gone, "/token/load-gone"); + p11_test (test_reload_changed, "/token/reload-changed"); + p11_test (test_reload_gone, "/token/reload-gone"); + return p11_test_run (argc, argv); } diff --git a/trust/tests/test-trust.c b/trust/tests/test-trust.c index 33ba19e..fceaea7 100644 --- a/trust/tests/test-trust.c +++ b/trust/tests/test-trust.c @@ -324,3 +324,78 @@ test_check_directory_msg (const char *file, p11_dict_free (files); } + +void +test_write_file_msg (const char *file, + int line, + const char *function, + const char *directory, + const char *name, + const void *contents, + size_t length) +{ + char *path; + FILE *f; + + if (asprintf (&path, "%s/%s", directory, name) < 0) + assert_not_reached (); + + f = fopen (path, "wb"); + if (f == NULL) { + p11_test_fail (file, line, function, "Couldn't open file for writing: %s: %s", + path, strerror (errno)); + } + + if (fwrite (contents, 1, length, f) != length || + fclose (f) != 0) { + p11_test_fail (file, line, function, "Couldn't write file: %s: %s", + path, strerror (errno)); + } + + free (path); +} + +void +test_delete_file_msg (const char *file, + int line, + const char *function, + const char *directory, + const char *name) +{ + char *path; + + if (asprintf (&path, "%s/%s", directory, name) < 0) + assert_not_reached (); + + if (unlink (path) < 0) + p11_test_fail (file, line, function, "Couldn't delete file: %s", path); + + free (path); +} + +void +test_delete_directory_msg (const char *file, + int line, + const char *function, + const char *directory) +{ + struct dirent *dp; + DIR *dir; + + dir = opendir (directory); + if (dir == NULL) + p11_test_fail (file ,line, function, "Couldn't open directory: %s", directory); + + while ((dp = readdir (dir)) != NULL) { + if (strcmp (dp->d_name, ".") == 0 || + strcmp (dp->d_name, "..") == 0) + continue; + + test_delete_file_msg (file, line, function, directory, dp->d_name); + } + + closedir (dir); + + if (rmdir (directory) < 0) + p11_test_fail (file, line, function, "Couldn't remove directory: %s", directory); +} diff --git a/trust/tests/test-trust.h b/trust/tests/test-trust.h index 18ca13c..4d2c5bf 100644 --- a/trust/tests/test-trust.h +++ b/trust/tests/test-trust.h @@ -344,4 +344,32 @@ void test_check_directory_msg (const char *file, (test_check_directory_msg (__FILE__, __LINE__, __FUNCTION__, directory, \ test_check_directory_files files)) +#define test_write_file(directory, name, data, length) \ + (test_write_file_msg (__FILE__, __LINE__, __FUNCTION__, directory, name, data, length)) + +void test_write_file_msg (const char *file, + int line, + const char *function, + const char *directory, + const char *name, + const void *contents, + size_t length); + +#define test_delete_file(directory, name) \ + (test_delete_file_msg (__FILE__, __LINE__, __FUNCTION__, directory, name)) + +void test_delete_file_msg (const char *file, + int line, + const char *function, + const char *directory, + const char *name); + +#define test_delete_directory(directory) \ + (test_delete_directory_msg (__FILE__, __LINE__, __FUNCTION__, directory)) + +void test_delete_directory_msg (const char *file, + int line, + const char *function, + const char *directory); + #endif /* TEST_DATA_H_ */ |