summaryrefslogtreecommitdiff
path: root/trust/tests
diff options
context:
space:
mode:
authorStef Walter <stef@thewalter.net>2013-07-08 18:38:38 +0200
committerStef Walter <stef@thewalter.net>2013-07-08 18:38:38 +0200
commitdcca67d72544e394f43a8c62840692c85d5b5b29 (patch)
tree3da7943c17378457d40e10a9d72a96f725221922 /trust/tests
parent3318c443b7a3660f0aee80cfa0d5e915d3a21734 (diff)
trust: Fix various issues writing objects in trust token
* Create directory before trying to write files to it * Handle write failures appropriately Refactor how we build and store objects in the index to handle the above cases properly.
Diffstat (limited to 'trust/tests')
-rw-r--r--trust/tests/test-builder.c238
-rw-r--r--trust/tests/test-index.c32
2 files changed, 186 insertions, 84 deletions
diff --git a/trust/tests/test-builder.c b/trust/tests/test-builder.c
index 72ee151..3f71b14 100644
--- a/trust/tests/test-builder.c
+++ b/trust/tests/test-builder.c
@@ -77,7 +77,7 @@ setup (void *unused)
test.builder = p11_builder_new (P11_BUILDER_FLAG_TOKEN);
assert_ptr_not_null (test.builder);
- test.index = p11_index_new (p11_builder_build, p11_builder_changed, test.builder);
+ test.index = p11_index_new (p11_builder_build, NULL, p11_builder_changed, test.builder);
assert_ptr_not_null (test.index);
}
@@ -121,13 +121,18 @@ test_build_data (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, merge, true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (check, attrs);
p11_attrs_free (attrs);
}
@@ -160,13 +165,18 @@ test_build_certificate (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, merge, true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (expected, attrs);
p11_attrs_free (attrs);
}
@@ -208,15 +218,20 @@ test_build_certificate_empty (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_hash_sha1 (checksum, test_cacert3_ca_der, sizeof (test_cacert3_ca_der), NULL);
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, merge, true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (expected, attrs);
p11_attrs_free (attrs);
}
@@ -332,12 +347,17 @@ test_build_certificate_non_ca (void)
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (expected, attrs);
p11_attrs_free (attrs);
}
@@ -358,12 +378,17 @@ test_build_certificate_v1_ca (void)
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (expected, attrs);
p11_attrs_free (attrs);
}
@@ -394,6 +419,7 @@ test_build_certificate_staple_ca (void)
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
/* Add a stapled certificate */
@@ -401,9 +427,13 @@ test_build_certificate_staple_ca (void)
assert_num_eq (CKR_OK, rv);
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
/*
* Even though the certificate is not a valid CA, the presence of the
* stapled certificate extension transforms it into a CA.
@@ -422,13 +452,15 @@ test_build_certificate_no_type (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCOMPLETE, rv);
p11_attrs_free (merge);
@@ -448,13 +480,14 @@ test_build_certificate_bad_type (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv);
p11_attrs_free (merge);
@@ -484,12 +517,17 @@ test_build_extension (void)
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (check, attrs);
p11_attrs_free (attrs);
}
@@ -538,12 +576,17 @@ test_build_distant_end_date (void)
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (expected, attrs);
p11_attrs_free (attrs);
}
@@ -552,6 +595,7 @@ static void
test_valid_bool (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_BBOOL value = CK_TRUE;
CK_RV rv;
@@ -562,16 +606,17 @@ test_valid_bool (void)
{ CKA_INVALID },
};
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- p11_attrs_free (attrs);
+ p11_attrs_free (extra);
}
static void
test_invalid_bool (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -585,13 +630,13 @@ test_invalid_bool (void)
input[0].pValue = "123";
input[0].ulValueLen = 3;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = NULL;
input[0].ulValueLen = sizeof (CK_BBOOL);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
p11_message_loud ();
@@ -601,6 +646,7 @@ static void
test_valid_ulong (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_ULONG value = 2;
CK_RV rv;
@@ -611,16 +657,17 @@ test_valid_ulong (void)
{ CKA_INVALID },
};
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- p11_attrs_free (attrs);
+ p11_attrs_free (extra);
}
static void
test_invalid_ulong (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -634,13 +681,13 @@ test_invalid_ulong (void)
input[0].pValue = "123";
input[0].ulValueLen = 3;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = NULL;
input[0].ulValueLen = sizeof (CK_ULONG);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
p11_message_loud ();
@@ -650,6 +697,7 @@ static void
test_valid_utf8 (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -661,16 +709,17 @@ test_valid_utf8 (void)
input[0].pValue = NULL;
input[0].ulValueLen = 0;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- p11_attrs_free (attrs);
+ p11_attrs_free (extra);
}
static void
test_invalid_utf8 (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -684,13 +733,13 @@ test_invalid_utf8 (void)
input[0].pValue = "\xfex23";
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = NULL;
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
p11_message_loud ();
@@ -700,6 +749,7 @@ static void
test_valid_dates (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_DATE date;
CK_RV rv;
@@ -711,14 +761,14 @@ test_valid_dates (void)
};
memcpy (&date, "20001010", sizeof (date));
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
p11_attrs_free (attrs);
attrs = NULL;
input[0].ulValueLen = 0;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
p11_attrs_free (attrs);
@@ -728,6 +778,7 @@ static void
test_invalid_dates (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_DATE date;
CK_RV rv;
@@ -741,15 +792,15 @@ test_invalid_dates (void)
p11_message_quiet ();
memcpy (&date, "AAAABBCC", sizeof (date));
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
memcpy (&date, "20001580", sizeof (date));
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
p11_message_loud ();
@@ -759,6 +810,7 @@ static void
test_valid_name (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -770,7 +822,7 @@ test_valid_name (void)
input[0].pValue = NULL;
input[0].ulValueLen = 0;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
p11_attrs_free (attrs);
@@ -778,7 +830,7 @@ test_valid_name (void)
input[0].pValue = (void *)test_cacert3_ca_issuer;
input[0].ulValueLen = sizeof (test_cacert3_ca_issuer);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
p11_attrs_free (attrs);
@@ -788,6 +840,7 @@ static void
test_invalid_name (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -801,12 +854,12 @@ test_invalid_name (void)
input[0].pValue = "blah";
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = NULL;
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
p11_message_loud ();
@@ -816,6 +869,7 @@ static void
test_valid_serial (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -827,24 +881,25 @@ test_valid_serial (void)
input[0].pValue = NULL;
input[0].ulValueLen = 0;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- p11_attrs_free (attrs);
+ p11_attrs_free (extra);
attrs = NULL;
input[0].pValue = (void *)test_cacert3_ca_serial;
input[0].ulValueLen = sizeof (test_cacert3_ca_serial);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- p11_attrs_free (attrs);
+ p11_attrs_free (extra);
}
static void
test_invalid_serial (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -858,17 +913,17 @@ test_invalid_serial (void)
input[0].pValue = "blah";
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = (void *)test_cacert3_ca_subject;
input[0].ulValueLen = sizeof (test_cacert3_ca_subject);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = NULL;
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
p11_message_loud ();
@@ -878,6 +933,7 @@ static void
test_valid_cert (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -889,24 +945,25 @@ test_valid_cert (void)
input[0].pValue = NULL;
input[0].ulValueLen = 0;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- p11_attrs_free (attrs);
+ p11_attrs_free (extra);
attrs = NULL;
input[0].pValue = (void *)test_cacert3_ca_der;
input[0].ulValueLen = sizeof (test_cacert3_ca_der);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- p11_attrs_free (attrs);
+ p11_attrs_free (extra);
}
static void
test_invalid_cert (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -920,17 +977,17 @@ test_invalid_cert (void)
input[0].pValue = "blah";
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = (void *)test_cacert3_ca_subject;
input[0].ulValueLen = sizeof (test_cacert3_ca_subject);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
input[0].pValue = NULL;
input[0].ulValueLen = 4;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_ATTRIBUTE_VALUE_INVALID, rv);
p11_message_loud ();
@@ -940,6 +997,7 @@ static void
test_invalid_schema (void)
{
CK_ATTRIBUTE *attrs = NULL;
+ CK_ATTRIBUTE *extra = NULL;
CK_RV rv;
CK_ATTRIBUTE input[] = {
@@ -952,7 +1010,7 @@ test_invalid_schema (void)
p11_message_quiet ();
/* Missing CKA_HASH_OF_SUBJECT_PUBLIC_KEY and CKA_HASH_OF_ISSUER_PUBLIC_KEY */
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv);
p11_message_loud ();
@@ -962,26 +1020,27 @@ static void
test_create_not_settable (void)
{
/*
- * CKA_TRUSTED cannot be set by the normal user according to spec
+ * CKA_X_PUBLIC_KEY_INFO cannot be created/modified
*/
CK_ATTRIBUTE input[] = {
{ CKA_CLASS, &certificate, sizeof (certificate) },
{ CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) },
- { CKA_TRUSTED, &falsev, sizeof (falsev) },
{ CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) },
+ { CKA_X_PUBLIC_KEY_INFO, (void *)verisign_v1_ca_public_key, sizeof (verisign_v1_ca_public_key) },
{ CKA_INVALID },
};
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_ATTRIBUTE_READ_ONLY, rv);
p11_attrs_free (merge);
@@ -994,29 +1053,33 @@ static void
test_create_but_loadable (void)
{
/*
- * CKA_TRUSTED cannot be set on creation, but can be set if we're
+ * CKA_X_PUBLIC_KEY_INFO cannot be set on creation, but can be set if we're
* loading from our store. This is signified by batching.
*/
CK_ATTRIBUTE input[] = {
{ CKA_CLASS, &certificate, sizeof (certificate) },
{ CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) },
- { CKA_TRUSTED, &falsev, sizeof (falsev) },
{ CKA_VALUE, (void *)test_cacert3_ca_der, sizeof (test_cacert3_ca_der) },
+ { CKA_X_PUBLIC_KEY_INFO, (void *)verisign_v1_ca_public_key, sizeof (verisign_v1_ca_public_key) },
{ CKA_INVALID },
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_index_load (test.index);
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
p11_index_finish (test.index);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (input, attrs);
p11_attrs_free (attrs);
}
@@ -1033,13 +1096,15 @@ test_create_unsupported (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv);
p11_attrs_free (merge);
@@ -1058,13 +1123,15 @@ test_create_generated (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv);
p11_attrs_free (merge);
@@ -1083,13 +1150,15 @@ test_create_bad_attribute (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv);
p11_attrs_free (merge);
@@ -1106,13 +1175,15 @@ test_create_missing_attribute (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCOMPLETE, rv);
p11_attrs_free (merge);
@@ -1129,13 +1200,15 @@ test_create_no_class (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCOMPLETE, rv);
p11_attrs_free (merge);
@@ -1153,13 +1226,15 @@ test_create_token_mismatch (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
p11_message_quiet ();
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv);
p11_attrs_free (merge);
@@ -1191,15 +1266,24 @@ test_modify_success (void)
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (modify));
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, modify, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (modify), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (expected, attrs);
p11_attrs_free (attrs);
}
@@ -1221,17 +1305,23 @@ test_modify_read_only (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
+ extra = NULL;
merge = p11_attrs_dup (input);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, merge, true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
p11_message_quiet ();
+ extra = NULL;
merge = p11_attrs_dup (modify);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_ATTRIBUTE_READ_ONLY, rv);
p11_attrs_free (merge);
@@ -1268,15 +1358,23 @@ test_modify_unchanged (void)
};
CK_ATTRIBUTE *attrs;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (modify));
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, modify, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (modify), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
test_check_attrs (expected, attrs);
p11_attrs_free (attrs);
}
@@ -1298,16 +1396,22 @@ test_modify_not_modifiable (void)
CK_ATTRIBUTE *attrs;
CK_ATTRIBUTE *merge;
+ CK_ATTRIBUTE *extra;
CK_RV rv;
attrs = NULL;
- rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input));
+ extra = NULL;
+ rv = p11_builder_build (test.builder, test.index, attrs, input, &extra);
assert_num_eq (CKR_OK, rv);
+ attrs = p11_attrs_merge (attrs, p11_attrs_dup (input), true);
+ attrs = p11_attrs_merge (attrs, extra, false);
+
p11_message_quiet ();
+ extra = NULL;
merge = p11_attrs_dup (modify);
- rv = p11_builder_build (test.builder, test.index, &attrs, merge);
+ rv = p11_builder_build (test.builder, test.index, attrs, merge, &extra);
assert_num_eq (CKR_ATTRIBUTE_READ_ONLY, rv);
p11_attrs_free (merge);
diff --git a/trust/tests/test-index.c b/trust/tests/test-index.c
index 8932da6..73fc359 100644
--- a/trust/tests/test-index.c
+++ b/trust/tests/test-index.c
@@ -53,7 +53,7 @@ struct {
static void
setup (void *unused)
{
- test.index = p11_index_new (NULL, NULL, NULL);
+ test.index = p11_index_new (NULL, NULL, NULL, NULL);
assert_ptr_not_null (test.index);
}
@@ -657,22 +657,20 @@ test_replace_all (void)
static CK_RV
on_build_populate (void *data,
p11_index *index,
- CK_ATTRIBUTE **attrs,
- CK_ATTRIBUTE *merge)
+ CK_ATTRIBUTE *attrs,
+ CK_ATTRIBUTE *merge,
+ CK_ATTRIBUTE **populate)
{
- CK_ATTRIBUTE override[] = {
+ CK_ATTRIBUTE more[] = {
{ CKA_APPLICATION, "vigorous", 8 },
{ CKA_LABEL, "naay", 4 },
- { CKA_INVALID },
};
assert_str_eq (data, "blah");
assert_ptr_not_null (index);
- assert_ptr_not_null (attrs);
assert_ptr_not_null (merge);
- *attrs = p11_attrs_merge (*attrs, merge, true);
- *attrs = p11_attrs_merge (*attrs, p11_attrs_dup (override), true);
+ *populate = p11_attrs_buildn (*populate, more, 2);
return CKR_OK;
}
@@ -687,7 +685,7 @@ test_build_populate (void)
};
CK_ATTRIBUTE after[] = {
- { CKA_LABEL, "naay", 4 },
+ { CKA_LABEL, "yay", 3 },
{ CKA_VALUE, "eight", 5 },
{ CKA_APPLICATION, "vigorous", 8 },
{ CKA_INVALID }
@@ -698,7 +696,7 @@ test_build_populate (void)
p11_index *index;
CK_RV rv;
- index = p11_index_new (on_build_populate, NULL, "blah");
+ index = p11_index_new (on_build_populate, NULL, NULL, "blah");
assert_ptr_not_null (index);
rv = p11_index_add (index, original, 2, &handle);
@@ -723,8 +721,9 @@ test_build_populate (void)
static CK_RV
on_build_fail (void *data,
p11_index *index,
- CK_ATTRIBUTE **attrs,
- CK_ATTRIBUTE *merge)
+ CK_ATTRIBUTE *attrs,
+ CK_ATTRIBUTE *merge,
+ CK_ATTRIBUTE **populate)
{
CK_ATTRIBUTE check[] = {
{ CKA_LABEL, "nay", 3 },
@@ -737,7 +736,6 @@ on_build_fail (void *data,
if (p11_attrs_match (merge, check))
return CKR_DEVICE_ERROR;
- *attrs = p11_attrs_merge (*attrs, merge, true);
return CKR_OK;
}
@@ -761,7 +759,7 @@ test_build_fail (void)
p11_index *index;
CK_RV rv;
- index = p11_index_new (on_build_fail, NULL, "testo");
+ index = p11_index_new (on_build_fail, NULL, NULL, "testo");
assert_ptr_not_null (index);
rv = p11_index_add (index, okay, 2, &handle);
@@ -825,7 +823,7 @@ test_change_called (void)
p11_index *index;
CK_RV rv;
- index = p11_index_new (NULL, on_change_check, "change-check");
+ index = p11_index_new (NULL, NULL, on_change_check, "change-check");
assert_ptr_not_null (index);
on_change_removing = false;
@@ -870,7 +868,7 @@ test_change_batch (void)
p11_index *index;
CK_RV rv;
- index = p11_index_new (NULL, on_change_check, "change-check");
+ index = p11_index_new (NULL, NULL, on_change_check, "change-check");
assert_ptr_not_null (index);
on_change_batching = true;
@@ -961,7 +959,7 @@ test_change_nested (void)
p11_index *index;
CK_RV rv;
- index = p11_index_new (NULL, on_change_nested, "change-nested");
+ index = p11_index_new (NULL, NULL, on_change_nested, "change-nested");
assert_ptr_not_null (index);
on_change_called = 0;