diff options
118 files changed, 18118 insertions, 5514 deletions
@@ -1,3 +1,14 @@ +0.19.0 (unstable) + * Refactor API to be able to handle managed modules + * Deprecate much of old p11-kit API + * Implement concept of managed modules + * Make C_CloseAllSessions function work for multiple callers + * New dependency on libffi + * Fix possible threading problems reported by hellgrind + * Add log-calls option + * Mark p11_kit_message() as a stable function + * Use our own unit testing framework + 0.18.3 (stable) * Fix reinitialization of trust module [#65401] * Fix crash in trust module C_Initialize diff --git a/automaint.sh b/automaint.sh index 975556d..487bf50 100755 --- a/automaint.sh +++ b/automaint.sh @@ -1,5 +1,7 @@ #!/bin/sh +set -e + NOCONFIGURE=1 ./autogen.sh ARGS="--enable-strict --enable-debug" @@ -41,7 +43,7 @@ done echo ' done' done - for target in distcheck memcheck leakcheck install upload-coverage \ + for target in distcheck memcheck leakcheck hellcheck install upload-coverage \ coverage upload-doc upload-release transifex; do echo "$target:" echo ' $(MAKE) -C ./local' $target diff --git a/build/Makefile.am b/build/Makefile.am index 6f80eab..11337b1 100644 --- a/build/Makefile.am +++ b/build/Makefile.am @@ -2,16 +2,8 @@ SUBDIRS = certs EXTRA_DIST = \ - cutest \ Makefile.tests -noinst_LTLIBRARIES = \ - libcutest.la - -libcutest_la_SOURCES = \ - cutest/CuTest.c \ - cutest/CuTest.h - memcheck: leakcheck: diff --git a/build/Makefile.decl b/build/Makefile.decl index c90c22b..8dca4e7 100644 --- a/build/Makefile.decl +++ b/build/Makefile.decl @@ -9,3 +9,8 @@ leakcheck: @for dir in $(SUBDIRS); do \ test "$$dir" = "." || $(MAKE) -C $$dir leakcheck; \ done + +hellcheck: + @for dir in $(SUBDIRS); do \ + test "$$dir" = "." || $(MAKE) -C $$dir hellcheck; \ + done diff --git a/build/Makefile.tests b/build/Makefile.tests index 3faa7f3..429f5fe 100644 --- a/build/Makefile.tests +++ b/build/Makefile.tests @@ -1,19 +1,21 @@ NULL = -CUTEST_CFLAGS = \ - -I$(top_srcdir)/build/cutest \ +TEST_CFLAGS = \ -DSRCDIR=\"$(abs_srcdir)\" \ -DBUILDDIR=\"$(abs_builddir)\" \ -DP11_KIT_FUTURE_UNSTABLE_API -CUTEST_LIBS = $(top_builddir)/build/libcutest.la - MEMCHECK_ENV = $(TEST_RUNNER) valgrind --error-exitcode=80 --quiet --trace-children=yes LEAKCHECK_ENV = $(TEST_RUNNER) valgrind --error-exitcode=81 --quiet --leak-check=yes +HELLCHECK_ENV = $(TEST_RUNNER) valgrind --error-exitcode=82 --quiet --tool=helgrind + memcheck: all make $(AM_MAKEFLAGS) TESTS_ENVIRONMENT="$(MEMCHECK_ENV)" check-TESTS leakcheck: all make $(AM_MAKEFLAGS) TESTS_ENVIRONMENT="$(LEAKCHECK_ENV)" check-TESTS + +hellcheck: all + make $(AM_MAKEFLAGS) TESTS_ENVIRONMENT="$(HELLCHECK_ENV)" check-TESTS diff --git a/build/cutest/CuTest.c b/build/cutest/CuTest.c deleted file mode 100644 index b033483..0000000 --- a/build/cutest/CuTest.c +++ /dev/null @@ -1,329 +0,0 @@ -#include <assert.h> -#include <setjmp.h> -#include <stdlib.h> -#include <stdio.h> -#include <string.h> -#include <math.h> - -#include "CuTest.h" - -/*-------------------------------------------------------------------------* - * CuStr - *-------------------------------------------------------------------------*/ - -char* CuStrAlloc(int size) -{ - char* newStr = (char*) malloc( sizeof(char) * (size) ); - return newStr; -} - -char* CuStrCopy(const char* old) -{ - int len = strlen(old); - char* newStr = CuStrAlloc(len + 1); - strcpy(newStr, old); - return newStr; -} - -/*-------------------------------------------------------------------------* - * CuString - *-------------------------------------------------------------------------*/ - -void CuStringInit(CuString* str) -{ - str->length = 0; - str->size = STRING_MAX; - str->buffer = (char*) malloc(sizeof(char) * str->size); - str->buffer[0] = '\0'; -} - -CuString* CuStringNew(void) -{ - CuString* str = (CuString*) malloc(sizeof(CuString)); - str->length = 0; - str->size = STRING_MAX; - str->buffer = (char*) malloc(sizeof(char) * str->size); - str->buffer[0] = '\0'; - return str; -} - -void CuStringDelete(CuString *str) -{ - if (!str) return; - free(str->buffer); - free(str); -} - -void CuStringResize(CuString* str, int newSize) -{ - str->buffer = (char*) realloc(str->buffer, sizeof(char) * newSize); - str->size = newSize; -} - -void CuStringAppend(CuString* str, const char* text) -{ - int length; - - if (text == NULL) { - text = "NULL"; - } - - length = strlen(text); - if (str->length + length + 1 >= str->size) - CuStringResize(str, str->length + length + 1 + STRING_INC); - str->length += length; - strcat(str->buffer, text); -} - -void CuStringAppendChar(CuString* str, char ch) -{ - char text[2]; - text[0] = ch; - text[1] = '\0'; - CuStringAppend(str, text); -} - -void CuStringAppendFormat(CuString* str, const char* format, ...) -{ - va_list argp; - char buf[HUGE_STRING_LEN]; - va_start(argp, format); - vsprintf(buf, format, argp); - va_end(argp); - CuStringAppend(str, buf); -} - -void CuStringInsert(CuString* str, const char* text, int pos) -{ - int length = strlen(text); - if (pos > str->length) - pos = str->length; - if (str->length + length + 1 >= str->size) - CuStringResize(str, str->length + length + 1 + STRING_INC); - memmove(str->buffer + pos + length, str->buffer + pos, (str->length - pos) + 1); - str->length += length; - memcpy(str->buffer + pos, text, length); -} - -/*-------------------------------------------------------------------------* - * CuTest - *-------------------------------------------------------------------------*/ - -void CuTestInit(CuTest* t, const char* name, TestFunction function) -{ - t->name = CuStrCopy(name); - t->failed = 0; - t->ran = 0; - t->message = NULL; - t->function = function; - t->jumpBuf = NULL; -} - -CuTest* CuTestNew(const char* name, TestFunction function) -{ - CuTest* tc = CU_ALLOC(CuTest); - CuTestInit(tc, name, function); - return tc; -} - -void CuTestDelete(CuTest *t) -{ - if (!t) return; - free(t->name); - free(t); -} - -void CuTestRun(CuTest* tc) -{ - jmp_buf buf; - tc->jumpBuf = &buf; - if (setjmp(buf) == 0) - { - tc->ran = 1; - (tc->function)(tc); - } - tc->jumpBuf = 0; -} - -static void CuFailInternal(CuTest* tc, const char* file, int line, CuString* string) -{ - char buf[HUGE_STRING_LEN]; - - sprintf(buf, "%s:%d: ", file, line); - CuStringInsert(string, buf, 0); - - tc->failed = 1; - tc->message = string->buffer; - if (tc->jumpBuf != 0) longjmp(*(tc->jumpBuf), 0); -} - -void CuFail_Line(CuTest* tc, const char* file, int line, const char* message2, const char* message) -{ - CuString string; - - CuStringInit(&string); - if (message2 != NULL) - { - CuStringAppend(&string, message2); - CuStringAppend(&string, ": "); - } - CuStringAppend(&string, message); - CuFailInternal(tc, file, line, &string); -} - -void CuAssert_Line(CuTest* tc, const char* file, int line, const char* message, int condition) -{ - if (condition) return; - CuFail_Line(tc, file, line, NULL, message); -} - -void CuAssertStrEquals_LineMsg(CuTest* tc, const char* file, int line, const char* message, - const char* expected, const char* actual) -{ - CuString string; - if ((expected == NULL && actual == NULL) || - (expected != NULL && actual != NULL && - strcmp(expected, actual) == 0)) - { - return; - } - - CuStringInit(&string); - if (message != NULL) - { - CuStringAppend(&string, message); - CuStringAppend(&string, ": "); - } - CuStringAppend(&string, "expected <"); - CuStringAppend(&string, expected); - CuStringAppend(&string, "> but was <"); - CuStringAppend(&string, actual); - CuStringAppend(&string, ">"); - CuFailInternal(tc, file, line, &string); -} - -void CuAssertIntEquals_LineMsg(CuTest* tc, const char* file, int line, const char* message, - int expected, int actual) -{ - char buf[STRING_MAX]; - if (expected == actual) return; - sprintf(buf, "expected <%d> but was <%d>", expected, actual); - CuFail_Line(tc, file, line, message, buf); -} - -void CuAssertPtrEquals_LineMsg(CuTest* tc, const char* file, int line, const char* message, - void* expected, void* actual) -{ - char buf[STRING_MAX]; - if (expected == actual) return; - sprintf(buf, "expected pointer <0x%p> but was <0x%p>", expected, actual); - CuFail_Line(tc, file, line, message, buf); -} - - -/*-------------------------------------------------------------------------* - * CuSuite - *-------------------------------------------------------------------------*/ - -void CuSuiteInit(CuSuite* testSuite) -{ - testSuite->count = 0; - testSuite->failCount = 0; - memset(testSuite->list, 0, sizeof(testSuite->list)); -} - -CuSuite* CuSuiteNew(void) -{ - CuSuite* testSuite = CU_ALLOC(CuSuite); - CuSuiteInit(testSuite); - return testSuite; -} - -void CuSuiteDelete(CuSuite *testSuite) -{ - unsigned int n; - for (n=0; n < MAX_TEST_CASES; n++) - { - if (testSuite->list[n]) - { - CuTestDelete(testSuite->list[n]); - } - } - free(testSuite); - -} - -void CuSuiteAdd(CuSuite* testSuite, CuTest *testCase) -{ - assert(testSuite->count < MAX_TEST_CASES); - testSuite->list[testSuite->count] = testCase; - testSuite->count++; -} - -void CuSuiteAddSuite(CuSuite* testSuite, CuSuite* testSuite2) -{ - int i; - for (i = 0 ; i < testSuite2->count ; ++i) - { - CuTest* testCase = testSuite2->list[i]; - CuSuiteAdd(testSuite, testCase); - } -} - -void CuSuiteRun(CuSuite* testSuite) -{ - int i; - for (i = 0 ; i < testSuite->count ; ++i) - { - CuTest* testCase = testSuite->list[i]; - CuTestRun(testCase); - if (testCase->failed) { testSuite->failCount += 1; } - } -} - -void CuSuiteSummary(CuSuite* testSuite, CuString* summary) -{ - int i; - for (i = 0 ; i < testSuite->count ; ++i) - { - CuTest* testCase = testSuite->list[i]; - CuStringAppend(summary, testCase->failed ? "F" : "."); - } - CuStringAppend(summary, "\n\n"); -} - -void CuSuiteDetails(CuSuite* testSuite, CuString* details) -{ - int i; - int failCount = 0; - - if (testSuite->failCount == 0) - { - int passCount = testSuite->count - testSuite->failCount; - const char* testWord = passCount == 1 ? "test" : "tests"; - CuStringAppendFormat(details, "OK (%d %s)\n", passCount, testWord); - } - else - { - if (testSuite->failCount == 1) - CuStringAppend(details, "There was 1 failure:\n"); - else - CuStringAppendFormat(details, "There were %d failures:\n", testSuite->failCount); - - for (i = 0 ; i < testSuite->count ; ++i) - { - CuTest* testCase = testSuite->list[i]; - if (testCase->failed) - { - failCount++; - CuStringAppendFormat(details, "%d) %s: %s\n", - failCount, testCase->name, testCase->message); - } - } - CuStringAppend(details, "\n!!!FAILURES!!!\n"); - - CuStringAppendFormat(details, "Runs: %d ", testSuite->count); - CuStringAppendFormat(details, "Passes: %d ", testSuite->count - testSuite->failCount); - CuStringAppendFormat(details, "Fails: %d\n", testSuite->failCount); - } -} diff --git a/build/cutest/CuTest.h b/build/cutest/CuTest.h deleted file mode 100644 index b82d05b..0000000 --- a/build/cutest/CuTest.h +++ /dev/null @@ -1,111 +0,0 @@ -#ifndef CU_TEST_H -#define CU_TEST_H - -#include <setjmp.h> -#include <stdarg.h> - -#define CUTEST_VERSION "CuTest 1.5" - -/* CuString */ - -char* CuStrAlloc(int size); -char* CuStrCopy(const char* old); - -#define CU_ALLOC(TYPE) ((TYPE*) malloc(sizeof(TYPE))) - -#define HUGE_STRING_LEN 8192 -#define STRING_MAX 256 -#define STRING_INC 256 - -typedef struct -{ - int length; - int size; - char* buffer; -} CuString; - -void CuStringInit(CuString* str); -CuString* CuStringNew(void); -void CuStringRead(CuString* str, const char* path); -void CuStringAppend(CuString* str, const char* text); -void CuStringAppendChar(CuString* str, char ch); -void CuStringAppendFormat(CuString* str, const char* format, ...); -void CuStringInsert(CuString* str, const char* text, int pos); -void CuStringResize(CuString* str, int newSize); -void CuStringDelete(CuString* str); - -/* CuTest */ - -typedef struct CuTest CuTest; - -typedef void (*TestFunction)(CuTest *); - -struct CuTest -{ - char* name; - TestFunction function; - int failed; - int ran; - const char* message; - jmp_buf *jumpBuf; -}; - -void CuTestInit(CuTest* t, const char* name, TestFunction function); -CuTest* CuTestNew(const char* name, TestFunction function); -void CuTestRun(CuTest* tc); -void CuTestDelete(CuTest *t); - -/* Internal versions of assert functions -- use the public versions */ -void CuFail_Line(CuTest* tc, const char* file, int line, const char* message2, const char* message); -void CuAssert_Line(CuTest* tc, const char* file, int line, const char* message, int condition); -void CuAssertStrEquals_LineMsg(CuTest* tc, - const char* file, int line, const char* message, - const char* expected, const char* actual); -void CuAssertIntEquals_LineMsg(CuTest* tc, - const char* file, int line, const char* message, - int expected, int actual); -void CuAssertPtrEquals_LineMsg(CuTest* tc, - const char* file, int line, const char* message, - void* expected, void* actual); - -/* public assert functions */ - -#define CuFail(tc, ms) CuFail_Line( (tc), __FILE__, __LINE__, NULL, (ms)) -#define CuAssert(tc, ms, cond) CuAssert_Line((tc), __FILE__, __LINE__, (ms), (cond)) -#define CuAssertTrue(tc, cond) CuAssert_Line((tc), __FILE__, __LINE__, "assert failed", (cond)) - -#define CuAssertStrEquals(tc,ex,ac) CuAssertStrEquals_LineMsg((tc),__FILE__,__LINE__,NULL,(ex),(ac)) -#define CuAssertStrEquals_Msg(tc,ms,ex,ac) CuAssertStrEquals_LineMsg((tc),__FILE__,__LINE__,(ms),(ex),(ac)) -#define CuAssertIntEquals(tc,ex,ac) CuAssertIntEquals_LineMsg((tc),__FILE__,__LINE__,NULL,(ex),(ac)) -#define CuAssertIntEquals_Msg(tc,ms,ex,ac) CuAssertIntEquals_LineMsg((tc),__FILE__,__LINE__,(ms),(ex),(ac)) -#define CuAssertPtrEquals(tc,ex,ac) CuAssertPtrEquals_LineMsg((tc),__FILE__,__LINE__,NULL,(ex),(ac)) -#define CuAssertPtrEquals_Msg(tc,ms,ex,ac) CuAssertPtrEquals_LineMsg((tc),__FILE__,__LINE__,(ms),(ex),(ac)) - -#define CuAssertPtrNotNull(tc,p) CuAssert_Line((tc),__FILE__,__LINE__,"null pointer unexpected",(p != NULL)) -#define CuAssertPtrNotNullMsg(tc,msg,p) CuAssert_Line((tc),__FILE__,__LINE__,(msg),(p != NULL)) - -/* CuSuite */ - -#define MAX_TEST_CASES 1024 - -#define SUITE_ADD_TEST(SUITE,TEST) CuSuiteAdd(SUITE, CuTestNew(#TEST, TEST)) - -typedef struct -{ - int count; - CuTest* list[MAX_TEST_CASES]; - int failCount; - -} CuSuite; - - -void CuSuiteInit(CuSuite* testSuite); -CuSuite* CuSuiteNew(void); -void CuSuiteDelete(CuSuite *testSuite); -void CuSuiteAdd(CuSuite* testSuite, CuTest *testCase); -void CuSuiteAddSuite(CuSuite* testSuite, CuSuite* testSuite2); -void CuSuiteRun(CuSuite* testSuite); -void CuSuiteSummary(CuSuite* testSuite, CuString* summary); -void CuSuiteDetails(CuSuite* testSuite, CuString* details); - -#endif /* CU_TEST_H */ diff --git a/build/cutest/README.txt b/build/cutest/README.txt deleted file mode 100644 index 96e8853..0000000 --- a/build/cutest/README.txt +++ /dev/null @@ -1,211 +0,0 @@ -HOW TO USE - -You can use CuTest to create unit tests to drive your development -in the style of Extreme Programming. You can also add unit tests to -existing code to ensure that it works as you suspect. - -Your unit tests are an investment. They let you to change your -code and add new features confidently without worrying about -accidentally breaking earlier features. - - -LICENSING - -For details on licensing see license.txt. - - -GETTING STARTED - -To add unit testing to your C code the only files you need are -CuTest.c and CuTest.h. - -CuTestTest.c and AllTests.c have been included to provide an -example of how to write unit tests and then how to aggregate them -into suites and into a single AllTests.c file. Suites allow you -to put group tests into logical sets. AllTests.c combines all the -suites and runs them. - -You should not have to look inside CuTest.c. Looking in -CuTestTest.c and AllTests.c (for example usage) should be -sufficient. - -After downloading the sources, run your compiler to create an -executable called AllTests.exe. For example, if you are using -Windows with the cl.exe compiler you would type: - - cl.exe AllTests.c CuTest.c CuTestTest.c - AllTests.exe - -This will run all the unit tests associated with CuTest and print -the output on the console. You can replace cl.exe with gcc or -your favorite compiler in the command above. - - -DETAILED EXAMPLE - -Here is a more detailed example. We will work through a simple -test first exercise. The goal is to create a library of string -utilities. First, lets write a function that converts a -null-terminated string to all upper case. - -Ensure that CuTest.c and CuTest.h are accessible from your C -project. Next, create a file called StrUtil.c with these -contents: - - #include "CuTest.h" - - char* StrToUpper(char* str) { - return str; - } - - void TestStrToUpper(CuTest *tc) { - char* input = strdup("hello world"); - char* actual = StrToUpper(input); - char* expected = "HELLO WORLD"; - CuAssertStrEquals(tc, expected, actual); - } - - CuSuite* StrUtilGetSuite() { - CuSuite* suite = CuSuiteNew(); - SUITE_ADD_TEST(suite, TestStrToUpper); - return suite; - } - -Create another file called AllTests.c with these contents: - - #include "CuTest.h" - - CuSuite* StrUtilGetSuite(); - - void RunAllTests(void) { - CuString *output = CuStringNew(); - CuSuite* suite = CuSuiteNew(); - - CuSuiteAddSuite(suite, StrUtilGetSuite()); - - CuSuiteRun(suite); - CuSuiteSummary(suite, output); - CuSuiteDetails(suite, output); - printf("%s\n", output->buffer); - } - - int main(void) { - RunAllTests(); - } - -Then type this on the command line: - - gcc AllTests.c CuTest.c StrUtil.c - -to compile. You can replace gcc with your favorite compiler. -CuTest should be portable enough to handle all Windows and Unix -compilers. Then to run the tests type: - - a.out - -This will print an error because we haven't implemented the -StrToUpper function correctly. We are just returning the string -without changing it to upper case. - - char* StrToUpper(char* str) { - return str; - } - -Rewrite this as follows: - - char* StrToUpper(char* str) { - char* p; - for (p = str ; *p ; ++p) *p = toupper(*p); - return str; - } - -Recompile and run the tests again. The test should pass this -time. - - -WHAT TO DO NEXT - -At this point you might want to write more tests for the -StrToUpper function. Here are some ideas: - -TestStrToUpper_EmptyString : pass in "" -TestStrToUpper_UpperCase : pass in "HELLO WORLD" -TestStrToUpper_MixedCase : pass in "HELLO world" -TestStrToUpper_Numbers : pass in "1234 hello" - -As you write each one of these tests add it to StrUtilGetSuite -function. If you don't the tests won't be run. Later as you write -other functions and write tests for them be sure to include those -in StrUtilGetSuite also. The StrUtilGetSuite function should -include all the tests in StrUtil.c - -Over time you will create another file called FunkyStuff.c -containing other functions unrelated to StrUtil. Follow the same -pattern. Create a FunkyStuffGetSuite function in FunkyStuff.c. -And add FunkyStuffGetSuite to AllTests.c. - -The framework is designed in the way it is so that it is easy to -organize a lot of tests. - -THE BIG PICTURE - -Each individual test corresponds to a CuTest. These are grouped -to form a CuSuite. CuSuites can hold CuTests or other CuSuites. -AllTests.c collects all the CuSuites in the program into a single -CuSuite which it then runs as a single CuSuite. - -The project is open source so feel free to take a peek under the -hood at the CuTest.c file to see how it works. CuTestTest.c -contains tests for CuTest.c. So CuTest tests itself. - -Since AllTests.c has a main() you will need to exclude this when -you are building your product. Here is a nicer way to do this if -you want to avoid messing with multiple builds. Remove the main() -in AllTests.c. Note that it just calls RunAllTests(). Instead -we'll call this directly from the main program. - -Now in the main() of the actual program check to see if the -command line option "--test" was passed. If it was then I call -RunAllTests() from AllTests.c. Otherwise run the real program. - -Shipping the tests with the code can be useful. If you customers -complain about a problem you can ask them to run the unit tests -and send you the output. This can help you to quickly isolate the -piece of your system that is malfunctioning in the customer's -environment. - -CuTest offers a rich set of CuAssert functions. Here is a list: - -void CuAssert(CuTest* tc, char* message, int condition); -void CuAssertTrue(CuTest* tc, int condition); -void CuAssertStrEquals(CuTest* tc, char* expected, char* actual); -void CuAssertIntEquals(CuTest* tc, int expected, int actual); -void CuAssertPtrEquals(CuTest* tc, void* expected, void* actual); -void CuAssertPtrNotNull(CuTest* tc, void* pointer); - -The project is open source and so you can add other more powerful -asserts to make your tests easier to write and more concise. -Please feel free to send me changes you make so that I can -incorporate them into future releases. - -If you see any errors in this document please contact me at -asimjalis@peakprogramming.com. - - -AUTOMATING TEST SUITE GENERATION - -make-tests.sh will grep through all the .c files in the current -directory and generate the code to run all the tests contained in -them. Using this script you don't have to worry about writing -AllTests.c or dealing with any of the other suite code. - - -CREDITS - -These people have contributed useful code changes to the CuTest project. -Thanks! - -- [02.23.2003] Dave Glowacki <dglo@hyde.ssec.wisc.edu> -- [04.17.2009] Tobias Lippert <herrmarder@googlemail.com> -- [11.13.2009] Eli Bendersky <eliben@gmail.com> -- [12.14.2009] Andrew Brown <abrown@datasci.com> diff --git a/build/cutest/license.txt b/build/cutest/license.txt deleted file mode 100644 index 3d94167..0000000 --- a/build/cutest/license.txt +++ /dev/null @@ -1,38 +0,0 @@ -NOTE - -The license is based on the zlib/libpng license. For more details see -http://www.opensource.org/licenses/zlib-license.html. The intent of the -license is to: - -- keep the license as simple as possible -- encourage the use of CuTest in both free and commercial applications - and libraries -- keep the source code together -- give credit to the CuTest contributors for their work - -If you ship CuTest in source form with your source distribution, the -following license document must be included with it in unaltered form. -If you find CuTest useful we would like to hear about it. - -LICENSE - -Copyright (c) 2003 Asim Jalis - -This software is provided 'as-is', without any express or implied -warranty. In no event will the authors be held liable for any damages -arising from the use of this software. - -Permission is granted to anyone to use this software for any purpose, -including commercial applications, and to alter it and redistribute it -freely, subject to the following restrictions: - -1. The origin of this software must not be misrepresented; you must not -claim that you wrote the original software. If you use this software in -a product, an acknowledgment in the product documentation would be -appreciated but is not required. - -2. Altered source versions must be plainly marked as such, and must not -be misrepresented as being the original software. - -3. This notice may not be removed or altered from any source -distribution. diff --git a/common/Makefile.am b/common/Makefile.am index b583a5c..b3e4eaf 100644 --- a/common/Makefile.am +++ b/common/Makefile.am @@ -12,10 +12,11 @@ inc_HEADERS = \ noinst_LTLIBRARIES = \ libp11-common.la \ libp11-library.la \ - libp11-mock.la \ + libp11-test.la \ $(NULL) libp11_common_la_SOURCES = \ + argv.c argv.h \ attrs.c attrs.h \ array.c array.h \ buffer.c buffer.h \ @@ -35,8 +36,9 @@ libp11_library_la_SOURCES = \ library.c library.h \ $(NULL) -libp11_mock_la_SOURCES = \ +libp11_test_la_SOURCES = \ mock.c mock.h \ + test.c test.h \ $(NULL) if WITH_ASN1 diff --git a/common/argv.c b/common/argv.c new file mode 100644 index 0000000..6d91bfa --- /dev/null +++ b/common/argv.c @@ -0,0 +1,115 @@ +/* + * Copyright (C) 2012 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#include "config.h" + +#include "argv.h" +#include "debug.h" + +#include <ctype.h> +#include <stdlib.h> +#include <string.h> + +bool +p11_argv_parse (const char *string, + void (*sink) (char *, void *), + void *argument) +{ + char quote = '\0'; + char *src, *dup, *at, *arg; + bool ret = true; + + return_val_if_fail (string != NULL, false); + return_val_if_fail (sink != NULL, false); + + src = dup = strdup (string); + return_val_if_fail (dup != NULL, false); + + arg = at = src; + for (src = dup; *src; src++) { + + /* Matching quote */ + if (quote == *src) { + quote = '\0'; + + /* Inside of quotes */ + } else if (quote != '\0') { + if (*src == '\\') { + *at++ = *src++; + if (!*src) { + ret = false; + goto done; + } + if (*src != quote) + *at++ = '\\'; + } + *at++ = *src; + + /* Space, not inside of quotes */ + } else if (isspace (*src)) { + *at = 0; + sink (arg, argument); + arg = at; + + /* Other character outside of quotes */ + } else { + switch (*src) { + case '\'': + case '"': + quote = *src; + break; + case '\\': + *at++ = *src++; + if (!*src) { + ret = false; + goto done; + } + /* fall through */ + default: + *at++ = *src; + break; + } + } + } + + + if (at != arg) { + *at = 0; + sink (arg, argument); + } + +done: + free (dup); + return ret; +} diff --git a/common/argv.h b/common/argv.h new file mode 100644 index 0000000..8f95490 --- /dev/null +++ b/common/argv.h @@ -0,0 +1,44 @@ +/* + * Copyright (C) 2012 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#ifndef P11_ARGV_H_ +#define P11_ARGV_H_ + +#include "compat.h" + +bool p11_argv_parse (const char *string, + void (*sink) (char *, void *), + void *argument); + +#endif /* P11_ARGV_H_ */ diff --git a/common/attrs.c b/common/attrs.c index c1e060a..88906f4 100644 --- a/common/attrs.c +++ b/common/attrs.c @@ -808,10 +808,10 @@ format_some_bytes (p11_buffer *buffer, p11_buffer_add (buffer, "\"", 1); } -static void -format_attribute (p11_buffer *buffer, - const CK_ATTRIBUTE *attr, - CK_OBJECT_CLASS klass) +void +p11_attr_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass) { p11_buffer_add (buffer, "{ ", -1); format_attribute_type (buffer, attr->type); @@ -839,10 +839,10 @@ format_attribute (p11_buffer *buffer, p11_buffer_add (buffer, " }", -1); } -static void -format_attributes (p11_buffer *buffer, - const CK_ATTRIBUTE *attrs, - int count) +void +p11_attrs_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attrs, + int count) { CK_BBOOL first = CK_TRUE; CK_OBJECT_CLASS klass; @@ -861,7 +861,7 @@ format_attributes (p11_buffer *buffer, else p11_buffer_add (buffer, ", ", 2); first = CK_FALSE; - format_attribute (buffer, attrs + i, klass); + p11_attr_format (buffer, attrs + i, klass); } p11_buffer_add (buffer, " ]", -1); } @@ -873,7 +873,7 @@ p11_attrs_to_string (const CK_ATTRIBUTE *attrs, p11_buffer buffer; if (!p11_buffer_init_null (&buffer, 128)) return_val_if_reached (NULL); - format_attributes (&buffer, attrs, count); + p11_attrs_format (&buffer, attrs, count); return p11_buffer_steal (&buffer, NULL); } @@ -884,6 +884,6 @@ p11_attr_to_string (const CK_ATTRIBUTE *attr, p11_buffer buffer; if (!p11_buffer_init_null (&buffer, 32)) return_val_if_reached (NULL); - format_attribute (&buffer, attr, klass); + p11_attr_format (&buffer, attr, klass); return p11_buffer_steal (&buffer, NULL); } diff --git a/common/attrs.h b/common/attrs.h index 233ac79..2780013 100644 --- a/common/attrs.h +++ b/common/attrs.h @@ -36,6 +36,7 @@ #ifndef P11_ATTRS_H_ #define P11_ATTRS_H_ +#include "buffer.h" #include "compat.h" #include "pkcs11.h" @@ -112,9 +113,17 @@ bool p11_attrs_matchn (const CK_ATTRIBUTE *attrs, char * p11_attrs_to_string (const CK_ATTRIBUTE *attrs, int count); +void p11_attrs_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attrs, + int count); + char * p11_attr_to_string (const CK_ATTRIBUTE *attr, CK_OBJECT_CLASS klass); +void p11_attr_format (p11_buffer *buffer, + const CK_ATTRIBUTE *attr, + CK_OBJECT_CLASS klass); + bool p11_attr_equal (const void *one, const void *two); diff --git a/common/compat.c b/common/compat.c index 4d8d73c..400e10b 100644 --- a/common/compat.c +++ b/common/compat.c @@ -161,7 +161,7 @@ p11_mutex_init (p11_mutex_t *mutex) int ret; pthread_mutexattr_init (&attr); - pthread_mutexattr_settype (&attr, PTHREAD_MUTEX_RECURSIVE); + pthread_mutexattr_settype (&attr, PTHREAD_MUTEX_DEFAULT); ret = pthread_mutex_init (mutex, &attr); assert (ret == 0); pthread_mutexattr_destroy (&attr); @@ -245,6 +245,12 @@ p11_dl_error (void) return msg_buf; } +void +p11_dl_close (void *dl) +{ + FreeLibrary (dl); +} + int p11_thread_create (p11_thread_t *thread, p11_thread_routine routine, diff --git a/common/compat.h b/common/compat.h index 7435e07..9127f95 100644 --- a/common/compat.h +++ b/common/compat.h @@ -103,6 +103,8 @@ char * strdup_path_mangle (const char *template); #define WIN32_LEAN_AND_MEAN 1 #include <windows.h> +#include <io.h> + /* Oh ... my ... god */ #undef CreateMutex @@ -135,13 +137,13 @@ typedef HMODULE dl_module_t; #define p11_dl_open(f) \ (LoadLibrary (f)) -#define p11_dl_close(d) \ - (FreeLibrary (d)) #define p11_dl_symbol(d, s) \ ((void *)GetProcAddress ((d), (s))) char * p11_dl_error (void); +void p11_dl_close (void * dl); + #define p11_sleep_ms(ms) \ (Sleep (ms)) @@ -164,6 +166,7 @@ void p11_mmap_close (p11_mmap *map); #include <pthread.h> #include <dlfcn.h> #include <time.h> +#include <unistd.h> typedef pthread_mutex_t p11_mutex_t; diff --git a/common/constants.c b/common/constants.c index 918d3e5..3ff93bd 100644 --- a/common/constants.c +++ b/common/constants.c @@ -104,7 +104,7 @@ const p11_constant p11_constant_types[] = { /* CT (CKA_SUBPRIME_BITS) */ CT (CKA_SUB_PRIME_BITS, "subprime-bits") CT (CKA_VALUE_BITS, "value-bits") - CT (CKA_VALUE_LEN, "vaule-len") + CT (CKA_VALUE_LEN, "value-len") CT (CKA_EXTRACTABLE, "extractable") CT (CKA_LOCAL, "local") CT (CKA_NEVER_EXTRACTABLE, "never-extractable") @@ -260,6 +260,338 @@ const p11_constant p11_constant_categories[] = { { CKA_INVALID }, }; +const p11_constant p11_constant_users[] = { + CT (CKU_SO, NULL) + CT (CKU_USER, NULL) + CT (CKU_CONTEXT_SPECIFIC, NULL) + { CKA_INVALID }, +}; + +const p11_constant p11_constant_states[] = { + CT (CKS_RO_PUBLIC_SESSION, NULL) + CT (CKS_RO_USER_FUNCTIONS, NULL) + CT (CKS_RW_PUBLIC_SESSION, NULL) + CT (CKS_RW_USER_FUNCTIONS, NULL) + CT (CKS_RW_SO_FUNCTIONS, NULL) + { CKA_INVALID }, +}; + +const p11_constant p11_constant_returns[] = { + CT (CKR_OK, NULL) + CT (CKR_CANCEL, NULL) + CT (CKR_HOST_MEMORY, NULL) + CT (CKR_SLOT_ID_INVALID, NULL) + CT (CKR_GENERAL_ERROR, NULL) + CT (CKR_FUNCTION_FAILED, NULL) + CT (CKR_ARGUMENTS_BAD, NULL) + CT (CKR_NO_EVENT, NULL) + CT (CKR_NEED_TO_CREATE_THREADS, NULL) + CT (CKR_CANT_LOCK, NULL) + CT (CKR_ATTRIBUTE_READ_ONLY, NULL) + CT (CKR_ATTRIBUTE_SENSITIVE, NULL) + CT (CKR_ATTRIBUTE_TYPE_INVALID, NULL) + CT (CKR_ATTRIBUTE_VALUE_INVALID, NULL) + CT (CKR_DATA_INVALID, NULL) + CT (CKR_DATA_LEN_RANGE, NULL) + CT (CKR_DEVICE_ERROR, NULL) + CT (CKR_DEVICE_MEMORY, NULL) + CT (CKR_DEVICE_REMOVED, NULL) + CT (CKR_ENCRYPTED_DATA_INVALID, NULL) + CT (CKR_ENCRYPTED_DATA_LEN_RANGE, NULL) + CT (CKR_FUNCTION_CANCELED, NULL) + CT (CKR_FUNCTION_NOT_PARALLEL, NULL) + CT (CKR_FUNCTION_NOT_SUPPORTED, NULL) + CT (CKR_KEY_HANDLE_INVALID, NULL) + CT (CKR_KEY_SIZE_RANGE, NULL) + CT (CKR_KEY_TYPE_INCONSISTENT, NULL) + CT (CKR_KEY_NOT_NEEDED, NULL) + CT (CKR_KEY_CHANGED, NULL) + CT (CKR_KEY_NEEDED, NULL) + CT (CKR_KEY_INDIGESTIBLE, NULL) + CT (CKR_KEY_FUNCTION_NOT_PERMITTED, NULL) + CT (CKR_KEY_NOT_WRAPPABLE, NULL) + CT (CKR_KEY_UNEXTRACTABLE, NULL) + CT (CKR_MECHANISM_INVALID, NULL) + CT (CKR_MECHANISM_PARAM_INVALID, NULL) + CT (CKR_OBJECT_HANDLE_INVALID, NULL) + CT (CKR_OPERATION_ACTIVE, NULL) + CT (CKR_OPERATION_NOT_INITIALIZED, NULL) + CT (CKR_PIN_INCORRECT, NULL) + CT (CKR_PIN_INVALID, NULL) + CT (CKR_PIN_LEN_RANGE, NULL) + CT (CKR_PIN_EXPIRED, NULL) + CT (CKR_PIN_LOCKED, NULL) + CT (CKR_SESSION_CLOSED, NULL) + CT (CKR_SESSION_COUNT, NULL) + CT (CKR_SESSION_HANDLE_INVALID, NULL) + CT (CKR_SESSION_PARALLEL_NOT_SUPPORTED, NULL) + CT (CKR_SESSION_READ_ONLY, NULL) + CT (CKR_SESSION_EXISTS, NULL) + CT (CKR_SESSION_READ_ONLY_EXISTS, NULL) + CT (CKR_SESSION_READ_WRITE_SO_EXISTS, NULL) + CT (CKR_SIGNATURE_INVALID, NULL) + CT (CKR_SIGNATURE_LEN_RANGE, NULL) + CT (CKR_TEMPLATE_INCOMPLETE, NULL) + CT (CKR_TEMPLATE_INCONSISTENT, NULL) + CT (CKR_TOKEN_NOT_PRESENT, NULL) + CT (CKR_TOKEN_NOT_RECOGNIZED, NULL) + CT (CKR_TOKEN_WRITE_PROTECTED, NULL) + CT (CKR_UNWRAPPING_KEY_HANDLE_INVALID, NULL) + CT (CKR_UNWRAPPING_KEY_SIZE_RANGE, NULL) + CT (CKR_UNWRAPPING_KEY_TYPE_INCONSISTENT, NULL) + CT (CKR_USER_ALREADY_LOGGED_IN, NULL) + CT (CKR_USER_NOT_LOGGED_IN, NULL) + CT (CKR_USER_PIN_NOT_INITIALIZED, NULL) + CT (CKR_USER_TYPE_INVALID, NULL) + CT (CKR_USER_ANOTHER_ALREADY_LOGGED_IN, NULL) + CT (CKR_USER_TOO_MANY_TYPES, NULL) + CT (CKR_WRAPPED_KEY_INVALID, NULL) + CT (CKR_WRAPPED_KEY_LEN_RANGE, NULL) + CT (CKR_WRAPPING_KEY_HANDLE_INVALID, NULL) + CT (CKR_WRAPPING_KEY_SIZE_RANGE, NULL) + CT (CKR_WRAPPING_KEY_TYPE_INCONSISTENT, NULL) + CT (CKR_RANDOM_SEED_NOT_SUPPORTED, NULL) + CT (CKR_RANDOM_NO_RNG, NULL) + CT (CKR_DOMAIN_PARAMS_INVALID, NULL) + CT (CKR_BUFFER_TOO_SMALL, NULL) + CT (CKR_SAVED_STATE_INVALID, NULL) + CT (CKR_INFORMATION_SENSITIVE, NULL) + CT (CKR_STATE_UNSAVEABLE, NULL) + CT (CKR_CRYPTOKI_NOT_INITIALIZED, NULL) + CT (CKR_CRYPTOKI_ALREADY_INITIALIZED, NULL) + CT (CKR_MUTEX_BAD, NULL) + CT (CKR_MUTEX_NOT_LOCKED, NULL) + CT (CKR_FUNCTION_REJECTED, NULL) + { CKA_INVALID }, +}; + +const p11_constant p11_constant_mechanisms[] = { + CT (CKM_RSA_PKCS_KEY_PAIR_GEN, "rsa-pkcs-key-pair-gen") + CT (CKM_RSA_PKCS, "rsa-pkcs") + CT (CKM_RSA_9796, "rsa-9796") + CT (CKM_RSA_X_509, "rsa-x-509") + CT (CKM_MD2_RSA_PKCS, "md2-rsa-pkcs") + CT (CKM_MD5_RSA_PKCS, "md5-rsa-pkcs") + CT (CKM_SHA1_RSA_PKCS, "sha1-rsa-pkcs") + CT (CKM_RIPEMD128_RSA_PKCS, "ripemd128-rsa-pkcs") + CT (CKM_RIPEMD160_RSA_PKCS, "ripemd160-rsa-pkcs") + CT (CKM_RSA_PKCS_OAEP, "rsa-pkcs-oaep") + CT (CKM_RSA_X9_31_KEY_PAIR_GEN, "rsa-x9-31-key-pair-gen") + CT (CKM_RSA_X9_31, "rsa-x9-31") + CT (CKM_SHA1_RSA_X9_31, "sha1-rsa-x9-31") + CT (CKM_RSA_PKCS_PSS, "rsa-pkcs-pss") + CT (CKM_SHA1_RSA_PKCS_PSS, "sha1-rsa-pkcs-pss") + CT (CKM_DSA_KEY_PAIR_GEN, "dsa-key-pair-gen") + CT (CKM_DSA, NULL) /* "dsa" */ + CT (CKM_DSA_SHA1, "dsa-sha1") + CT (CKM_DH_PKCS_KEY_PAIR_GEN, "dh-pkcs-key-pair-gen") + CT (CKM_DH_PKCS_DERIVE, "dh-pkcs-derive") + CT (CKM_X9_42_DH_KEY_PAIR_GEN, "x9-42-dh-key-pair-gen") + CT (CKM_X9_42_DH_DERIVE, "x9-42-dh-derive") + CT (CKM_X9_42_DH_HYBRID_DERIVE, "x9-42-dh-hybrid-derive") + CT (CKM_X9_42_MQV_DERIVE, "x9-42-mqv-derive") + CT (CKM_SHA256_RSA_PKCS, "sha256-rsa-pkcs") + CT (CKM_SHA384_RSA_PKCS, "sha384-rsa-pkcs") + CT (CKM_SHA512_RSA_PKCS, "sha512-rsa-pkcs") + CT (CKM_SHA256_RSA_PKCS_PSS, "sha256-rsa-pkcs-pss") + CT (CKM_SHA384_RSA_PKCS_PSS, "sha384-rsa-pkcs-pss") + CT (CKM_SHA512_RSA_PKCS_PSS, "sha512-rsa-pkcs-pss") + CT (CKM_RC2_KEY_GEN, "rc2-key-gen") + CT (CKM_RC2_ECB, "rc2-ecb") + CT (CKM_RC2_CBC, "rc2-cbc") + CT (CKM_RC2_MAC, "rc2-mac") + CT (CKM_RC2_MAC_GENERAL, "rc2-mac-general") + CT (CKM_RC2_CBC_PAD, "rc2-cbc-pad") + CT (CKM_RC4_KEY_GEN, "rc4-key-gen") + CT (CKM_RC4, NULL) /* "rc4" */ + CT (CKM_DES_KEY_GEN, "des-key-gen") + CT (CKM_DES_ECB, "des-ecb") + CT (CKM_DES_CBC, "des-cbc") + CT (CKM_DES_MAC, "des-mac") + CT (CKM_DES_MAC_GENERAL, "des-mac-general") + CT (CKM_DES_CBC_PAD, "des-cbc-pad") + CT (CKM_DES2_KEY_GEN, "des2-key-gen") + CT (CKM_DES3_KEY_GEN, "des3-key-gen") + CT (CKM_DES3_ECB, "des3-ecb") + CT (CKM_DES3_CBC, "des3-cbc") + CT (CKM_DES3_MAC, "des3-mac") + CT (CKM_DES3_MAC_GENERAL, "des3-mac-general") + CT (CKM_DES3_CBC_PAD, "des3-cbc-pad") + CT (CKM_CDMF_KEY_GEN, "cdmf-key-gen") + CT (CKM_CDMF_ECB, "cdmf-ecb") + CT (CKM_CDMF_CBC, "cdmf-cbc") + CT (CKM_CDMF_MAC, "cdmf-mac") + CT (CKM_CDMF_MAC_GENERAL, "cdmf-mac-general") + CT (CKM_CDMF_CBC_PAD, "cdmf-cbc-pad") + CT (CKM_DES_OFB64, "des-ofb64") + CT (CKM_DES_OFB8, "des-ofb8") + CT (CKM_DES_CFB64, "des-cfb64") + CT (CKM_DES_CFB8, "des-cfb8") + CT (CKM_MD2, "md2") + CT (CKM_MD2_HMAC, "md2-hmac") + CT (CKM_MD2_HMAC_GENERAL, "md2-hmac-general") + CT (CKM_MD5, "md5") + CT (CKM_MD5_HMAC, "md5-hmac") + CT (CKM_MD5_HMAC_GENERAL, "md5-hmac-general") + CT (CKM_SHA_1, "sha-1") + CT (CKM_SHA_1_HMAC, "sha-1-hmac") + CT (CKM_SHA_1_HMAC_GENERAL, "sha-1-hmac-general") + CT (CKM_RIPEMD128, "ripemd128") + CT (CKM_RIPEMD128_HMAC, "ripemd128-hmac") + CT (CKM_RIPEMD128_HMAC_GENERAL, "ripemd128-hmac-general") + CT (CKM_RIPEMD160, "ripemd160") + CT (CKM_RIPEMD160_HMAC, "ripemd160-hmac") + CT (CKM_RIPEMD160_HMAC_GENERAL, "ripemd160-hmac-general") + CT (CKM_SHA256, "sha256") + CT (CKM_SHA256_HMAC, "sha256-hmac") + CT (CKM_SHA256_HMAC_GENERAL, "sha256-hmac-general") + CT (CKM_SHA384, "sha384") + CT (CKM_SHA384_HMAC, "sha384-hmac") + CT (CKM_SHA384_HMAC_GENERAL, "sha384-hmac-general") + CT (CKM_SHA512, "sha512") + CT (CKM_SHA512_HMAC, "sha512-hmac") + CT (CKM_SHA512_HMAC_GENERAL, "sha512-hmac-general") + CT (CKM_CAST_KEY_GEN, "cast-key-gen") + CT (CKM_CAST_ECB, "cast-ecb") + CT (CKM_CAST_CBC, "cast-cbc") + CT (CKM_CAST_MAC, "cast-mac") + CT (CKM_CAST_MAC_GENERAL, "cast-mac-general") + CT (CKM_CAST_CBC_PAD, "cast-cbc-pad") + CT (CKM_CAST3_KEY_GEN, "cast3-key-gen") + CT (CKM_CAST3_ECB, "cast3-ecb") + CT (CKM_CAST3_CBC, "cast3-cbc") + CT (CKM_CAST3_MAC, "cast3-mac") + CT (CKM_CAST3_MAC_GENERAL, "cast3-mac-general") + CT (CKM_CAST3_CBC_PAD, "cast3-cbc-pad") + CT (CKM_CAST5_KEY_GEN, "cast5-key-gen") + /* CT (CKM_CAST128_KEY_GEN) */ + CT (CKM_CAST5_ECB, "cast5-ecb") + /* CT (CKM_CAST128_ECB) */ + CT (CKM_CAST5_CBC, "cast5-cbc") + /* CT (CKM_CAST128_CBC) */ + CT (CKM_CAST5_MAC, "cast5-mac") + /* CT (CKM_CAST128_MAC) */ + CT (CKM_CAST5_MAC_GENERAL, "cast5-mac-general") + /* CT (CKM_CAST128_MAC_GENERAL) */ + CT (CKM_CAST5_CBC_PAD, "cast5-cbc-pad") + /* CT (CKM_CAST128_CBC_PAD) */ + CT (CKM_RC5_KEY_GEN, "rc5-key-gen") + CT (CKM_RC5_ECB, "rc5-ecb") + CT (CKM_RC5_CBC, "rc5-cbc") + CT (CKM_RC5_MAC, "rc5-mac") + CT (CKM_RC5_MAC_GENERAL, "rc5-mac-general") + CT (CKM_RC5_CBC_PAD, "rc5-cbc-pad") + CT (CKM_IDEA_KEY_GEN, "idea-key-gen") + CT (CKM_IDEA_ECB, "idea-ecb") + CT (CKM_IDEA_CBC, "idea-cbc") + CT (CKM_IDEA_MAC, "idea-mac") + CT (CKM_IDEA_MAC_GENERAL, "idea-mac-general") + CT (CKM_IDEA_CBC_PAD, "idea-cbc-pad") + CT (CKM_GENERIC_SECRET_KEY_GEN, "generic-secret-key-gen") + CT (CKM_CONCATENATE_BASE_AND_KEY, "concatenate-base-and-key") + CT (CKM_CONCATENATE_BASE_AND_DATA, "concatenate-base-and-data") + CT (CKM_CONCATENATE_DATA_AND_BASE, "concatenate-data-and-base") + CT (CKM_XOR_BASE_AND_DATA, "xor-base-and-data") + CT (CKM_EXTRACT_KEY_FROM_KEY, "extract-key-from-key") + CT (CKM_SSL3_PRE_MASTER_KEY_GEN, "ssl3-pre-master-key-gen") + CT (CKM_SSL3_MASTER_KEY_DERIVE, "ssl3-master-key-derive") + CT (CKM_SSL3_KEY_AND_MAC_DERIVE, "ssl3-key-and-mac-derive") + CT (CKM_SSL3_MASTER_KEY_DERIVE_DH, "ssl3-master-key-derive-dh") + CT (CKM_TLS_PRE_MASTER_KEY_GEN, "tls-pre-master-key-gen") + CT (CKM_TLS_MASTER_KEY_DERIVE, "tls-master-key-derive") + CT (CKM_TLS_KEY_AND_MAC_DERIVE, "tls-key-and-mac-derive") + CT (CKM_TLS_MASTER_KEY_DERIVE_DH, "tls-master-key-derive-dh") + /* CT (CKM_TLS_PRF) */ + CT (CKM_SSL3_MD5_MAC, "ssl3-md5-mac") + CT (CKM_SSL3_SHA1_MAC, "ssl3-sha1-mac") + CT (CKM_MD5_KEY_DERIVATION, "md5-key-derivation") + CT (CKM_MD2_KEY_DERIVATION, "md2-key-derivation") + CT (CKM_SHA1_KEY_DERIVATION, "sha1-key-derivation") + CT (CKM_SHA256_KEY_DERIVATION, "sha256-key-derivation") + CT (CKM_SHA384_KEY_DERIVATION, "sha384-key-derivation") + CT (CKM_SHA512_KEY_DERIVATION, "sha512-key-derivation") + CT (CKM_PBE_MD2_DES_CBC, "pbe-md2-des-cbc") + CT (CKM_PBE_MD5_DES_CBC, "pbe-md5-des-cbc") + CT (CKM_PBE_MD5_CAST_CBC, "pbe-md5-cast-cbc") + CT (CKM_PBE_MD5_CAST3_CBC, "pbe-md5-cast3-cbc") + CT (CKM_PBE_MD5_CAST5_CBC, "pbe-md5-cast5-cbc") + /* CT (CKM_PBE_MD5_CAST128_CBC) */ + CT (CKM_PBE_SHA1_CAST5_CBC, "pbe-sha1-cast5-cbc") + /* CT (CKM_PBE_SHA1_CAST128_CBC) */ + CT (CKM_PBE_SHA1_RC4_128, "pbe-sha1-rc4-128") + CT (CKM_PBE_SHA1_RC4_40, "pbe-sha1-rc4-40") + CT (CKM_PBE_SHA1_DES3_EDE_CBC, "pbe-sha1-des3-ede-cbc") + CT (CKM_PBE_SHA1_DES2_EDE_CBC, "pbe-sha1-des2-ede-cbc") + CT (CKM_PBE_SHA1_RC2_128_CBC, "pbe-sha1-rc2-128-cbc") + CT (CKM_PBE_SHA1_RC2_40_CBC, "pbe-sha1-rc2-40-cbc") + CT (CKM_PKCS5_PBKD2, "pkcs5-pbkd2") + CT (CKM_PBA_SHA1_WITH_SHA1_HMAC, "pba-sha1-with-sha1-hmac") + CT (CKM_WTLS_PRE_MASTER_KEY_GEN, "wtls-pre-master-key-gen") + CT (CKM_WTLS_MASTER_KEY_DERIVE, "wtls-master-key-derive") + CT (CKM_WTLS_MASTER_KEY_DERIVE_DH_ECC, "wtls-master-key-derive-dh-ecc") + CT (CKM_WTLS_PRF, "wtls-prf") + CT (CKM_WTLS_SERVER_KEY_AND_MAC_DERIVE, "wtls-server-key-and-mac-derive") + CT (CKM_WTLS_CLIENT_KEY_AND_MAC_DERIVE, "wtls-client-key-and-mac-derive") + CT (CKM_KEY_WRAP_LYNKS, "key-wrap-lynks") + CT (CKM_KEY_WRAP_SET_OAEP, "key-wrap-set-oaep") + CT (CKM_CMS_SIG, "cms-sig") + CT (CKM_SKIPJACK_KEY_GEN, "skipjack-key-gen") + CT (CKM_SKIPJACK_ECB64, "skipjack-ecb64") + CT (CKM_SKIPJACK_CBC64, "skipjack-cbc64") + CT (CKM_SKIPJACK_OFB64, "skipjack-ofb64") + CT (CKM_SKIPJACK_CFB64, "skipjack-cfb64") + CT (CKM_SKIPJACK_CFB32, "skipjack-cfb32") + CT (CKM_SKIPJACK_CFB16, "skipjack-cfb16") + CT (CKM_SKIPJACK_CFB8, "skipjack-cfb8") + CT (CKM_SKIPJACK_WRAP, "skipjack-wrap") + CT (CKM_SKIPJACK_PRIVATE_WRAP, "skipjack-private-wrap") + CT (CKM_SKIPJACK_RELAYX, "skipjack-relayx") + CT (CKM_KEA_KEY_PAIR_GEN, "kea-key-pair-gen") + CT (CKM_KEA_KEY_DERIVE, "kea-key-derive") + CT (CKM_FORTEZZA_TIMESTAMP, "fortezza-timestamp") + CT (CKM_BATON_KEY_GEN, "baton-key-gen") + CT (CKM_BATON_ECB128, "baton-ecb128") + CT (CKM_BATON_ECB96, "baton-ecb96") + CT (CKM_BATON_CBC128, "baton-cbc128") + CT (CKM_BATON_COUNTER, "baton-counter") + CT (CKM_BATON_SHUFFLE, "baton-shuffle") + CT (CKM_BATON_WRAP, "baton-wrap") + CT (CKM_ECDSA_KEY_PAIR_GEN, "ecdsa-key-pair-gen") + /* CT (CKM_EC_KEY_PAIR_GEN) */ + CT (CKM_ECDSA, "ecdsa") + CT (CKM_ECDSA_SHA1, "ecdsa-sha1") + CT (CKM_ECDH1_DERIVE, "ecdh1-derive") + CT (CKM_ECDH1_COFACTOR_DERIVE, "ecdh1-cofactor-derive") + CT (CKM_ECMQV_DERIVE, "ecmqv-derive") + CT (CKM_JUNIPER_KEY_GEN, "juniper-key-gen") + CT (CKM_JUNIPER_ECB128, "juniper-ecb128") + CT (CKM_JUNIPER_CBC128, "juniper-cbc128") + CT (CKM_JUNIPER_COUNTER, "juniper-counter") + CT (CKM_JUNIPER_SHUFFLE, "juniper-shuffle") + CT (CKM_JUNIPER_WRAP, "juniper-wrap") + CT (CKM_FASTHASH, "fasthash") + CT (CKM_AES_KEY_GEN, "aes-key-gen") + CT (CKM_AES_ECB, "aes-ecb") + CT (CKM_AES_CBC, "aes-cbc") + CT (CKM_AES_MAC, "aes-mac") + CT (CKM_AES_MAC_GENERAL, "aes-mac-general") + CT (CKM_AES_CBC_PAD, "aes-cbc-pad") + CT (CKM_BLOWFISH_KEY_GEN, "blowfish-key-gen") + CT (CKM_BLOWFISH_CBC, "blowfish-cbc") + CT (CKM_TWOFISH_KEY_GEN, "twofish-key-gen") + CT (CKM_TWOFISH_CBC, "twofish-cbc") + CT (CKM_DES_ECB_ENCRYPT_DATA, "des-ecb-encrypt-data") + CT (CKM_DES_CBC_ENCRYPT_DATA, "des-cbc-encrypt-data") + CT (CKM_DES3_ECB_ENCRYPT_DATA, "des3-ecb-encrypt-data") + CT (CKM_DES3_CBC_ENCRYPT_DATA, "des3-cbc-encrypt-data") + CT (CKM_AES_ECB_ENCRYPT_DATA, "aes-ecb-encrypt-data") + CT (CKM_AES_CBC_ENCRYPT_DATA, "aes-cbc-encrypt-data") + CT (CKM_DSA_PARAMETER_GEN, "dsa-parameter-gen") + CT (CKM_DH_PKCS_PARAMETER_GEN, "dh-pkcs-parameter-gen") + CT (CKM_X9_42_DH_PARAMETER_GEN, "x9-42-dh-parameter-gen") + { CKA_INVALID }, +}; + #undef CT struct { @@ -272,7 +604,11 @@ struct { { p11_constant_certs, ELEMS (p11_constant_certs) - 1 }, { p11_constant_keys, ELEMS (p11_constant_keys) - 1 }, { p11_constant_asserts, ELEMS (p11_constant_asserts) - 1 }, - { p11_constant_categories, ELEMS (p11_constant_categories) - 1 } + { p11_constant_categories, ELEMS (p11_constant_categories) - 1 }, + { p11_constant_mechanisms, ELEMS (p11_constant_mechanisms) - 1 }, + { p11_constant_states, ELEMS (p11_constant_states) - 1 }, + { p11_constant_users, ELEMS (p11_constant_users) - 1 }, + { p11_constant_returns, ELEMS (p11_constant_returns) - 1 }, }; static int @@ -328,6 +664,7 @@ p11_constant_reverse (bool nick) { const p11_constant *table; p11_dict *lookups; + void *string; int length = -1; int i, j; @@ -339,9 +676,14 @@ p11_constant_reverse (bool nick) length = tables[i].length; for (j = 0; j < length; j++) { - if (!p11_dict_set (lookups, - nick ? (void *)table[j].nick : (void *)table[j].name, - (void *)&table[j].value)) + if (nick) { + if (!table[j].nick) + continue; + string = (void *)table[j].nick; + } else { + string = (void *)table[j].name; + } + if (!p11_dict_set (lookups, string, (void *)&table[j].value)) return_val_if_reached (NULL); } } diff --git a/common/constants.h b/common/constants.h index 82a0879..5b0f3a5 100644 --- a/common/constants.h +++ b/common/constants.h @@ -71,4 +71,12 @@ extern const p11_constant p11_constant_asserts[]; extern const p11_constant p11_constant_categories[]; +extern const p11_constant p11_constant_mechanisms[]; + +extern const p11_constant p11_constant_states[]; + +extern const p11_constant p11_constant_users[]; + +extern const p11_constant p11_constant_returns[]; + #endif /* P11_CONSTANTS_H_ */ diff --git a/common/debug.h b/common/debug.h index f8b2cf4..0dcfeae 100644 --- a/common/debug.h +++ b/common/debug.h @@ -59,8 +59,10 @@ void p11_debug_precond (const char *format, ...) GNUC_PRINTF (1, 2) CLANG_ANALYZER_NORETURN; +#ifndef assert_not_reached #define assert_not_reached() \ (assert (false && "this code should not be reached")) +#endif #define return_val_if_fail(x, v) \ do { if (!(x)) { \ diff --git a/common/mock.c b/common/mock.c index 1a283b9..f1d1c03 100644 --- a/common/mock.c +++ b/common/mock.c @@ -183,8 +183,8 @@ mock_module_take_object (CK_SLOT_ID slot_id, return_if_reached (); } -void -mock_module_reset_objects (CK_SLOT_ID slot_id) +static void +module_reset_objects (CK_SLOT_ID slot_id) { return_if_fail (slot_id == MOCK_SLOT_ONE_ID); @@ -291,6 +291,44 @@ mock_module_reset_objects (CK_SLOT_ID slot_id) p11_dict_set (the_objects, handle_to_pointer (MOCK_PUBLIC_KEY_PREFIX), p11_attrs_dup (attrs)); } +} + +static void +module_finalize (void) +{ + p11_mutex_lock (&init_mutex); + + /* This should stop all other calls in */ + pkcs11_initialized = false; + pkcs11_initialized_pid = 0; + + if (the_objects) + p11_dict_free (the_objects); + the_objects = NULL; + + if (the_sessions) + p11_dict_free (the_sessions); + the_sessions = NULL; + logged_in = false; + the_user_type = 0; + + free (the_pin); + the_pin = NULL; + n_the_pin = 0; + + p11_mutex_unlock (&init_mutex); +} + +bool +mock_module_initialized (void) +{ + return pkcs11_initialized; +} +void +mock_module_reset (void) +{ + module_finalize (); + module_reset_objects (MOCK_SLOT_ONE_ID); } @@ -389,7 +427,7 @@ mock_C_Initialize (CK_VOID_PTR init_args) p11_dict_direct_equal, NULL, free_session); - mock_module_reset_objects (MOCK_SLOT_ONE_ID); + module_reset_objects (MOCK_SLOT_ONE_ID); done: /* Mark us as officially initialized */ @@ -407,6 +445,13 @@ done: } CK_RV +mock_X_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR init_args) +{ + return mock_C_Initialize (init_args); +} + +CK_RV mock_C_Initialize__fails (CK_VOID_PTR init_args) { return CKR_FUNCTION_FAILED; @@ -418,35 +463,16 @@ mock_C_Finalize (CK_VOID_PTR reserved) return_val_if_fail (pkcs11_initialized, CKR_CRYPTOKI_NOT_INITIALIZED); return_val_if_fail (reserved == NULL, CKR_ARGUMENTS_BAD); - p11_mutex_lock (&init_mutex); - - /* This should stop all other calls in */ - pkcs11_initialized = false; - pkcs11_initialized_pid = 0; - - p11_dict_free (the_objects); - the_objects = NULL; - - p11_dict_free (the_sessions); - the_sessions = NULL; - logged_in = false; - the_user_type = 0; - - free (the_pin); - - p11_mutex_unlock (&init_mutex); - + module_finalize (); return CKR_OK; } -static const CK_INFO MOCK_INFO = { - { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, - "MOCK MANUFACTURER ", - 0, - "MOCK LIBRARY ", - { 45, 145 } -}; - +CK_RV +mock_X_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR reserved) +{ + return mock_C_Finalize (reserved); +} CK_RV mock_C_GetInfo (CK_INFO_PTR info) @@ -458,6 +484,13 @@ mock_C_GetInfo (CK_INFO_PTR info) } CK_RV +mock_X_GetInfo (CK_X_FUNCTION_LIST *self, + CK_INFO_PTR info) +{ + return mock_C_GetInfo (info); +} + +CK_RV mock_C_GetFunctionList_not_supported (CK_FUNCTION_LIST_PTR_PTR list) { /* This would be a strange call to receive, should be overridden */ @@ -505,6 +538,18 @@ mock_C_GetSlotList__no_tokens (CK_BBOOL token_present, return CKR_OK; } +CK_RV +mock_X_GetSlotList__no_tokens (CK_X_FUNCTION_LIST *self, + CK_BBOOL token_present, + CK_SLOT_ID_PTR slot_list, + CK_ULONG_PTR count) +{ + return mock_C_GetSlotList__no_tokens (token_present, + slot_list, + count); +; +} + /* Update mock-module.h URIs when updating this */ static const CK_SLOT_INFO MOCK_INFO_ONE = { @@ -569,6 +614,16 @@ mock_C_GetSlotInfo__invalid_slotid (CK_SLOT_ID id, return CKR_SLOT_ID_INVALID; } +CK_RV +mock_X_GetSlotInfo__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_SLOT_INFO_PTR info) +{ + return_val_if_fail (info, CKR_ARGUMENTS_BAD); + + return CKR_SLOT_ID_INVALID; +} + /* Update gck-mock.h URIs when updating this */ static const CK_TOKEN_INFO MOCK_TOKEN_ONE = { @@ -617,6 +672,16 @@ mock_C_GetTokenInfo__invalid_slotid (CK_SLOT_ID slot_id, return CKR_SLOT_ID_INVALID; } +CK_RV +mock_X_GetTokenInfo__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_TOKEN_INFO_PTR info) +{ + return_val_if_fail (info, CKR_ARGUMENTS_BAD); + + return CKR_SLOT_ID_INVALID; +} + /* * TWO mechanisms: * CKM_MOCK_CAPITALIZE @@ -651,8 +716,8 @@ mock_C_GetMechanismList (CK_SLOT_ID slot_id, } CK_RV -mock_C_GetTokenInfo_not_initialized (CK_SLOT_ID slot_id, - CK_TOKEN_INFO_PTR info) +mock_C_GetTokenInfo__not_initialized (CK_SLOT_ID slot_id, + CK_TOKEN_INFO_PTR info) { CK_RV rv; @@ -679,6 +744,17 @@ mock_C_GetMechanismList__invalid_slotid (CK_SLOT_ID id, return CKR_SLOT_ID_INVALID; } +CK_RV +mock_X_GetMechanismList__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_MECHANISM_TYPE_PTR mechanism_list, + CK_ULONG_PTR count) +{ + return_val_if_fail (count, CKR_ARGUMENTS_BAD); + + return CKR_SLOT_ID_INVALID; +} + static const CK_MECHANISM_INFO MOCK_MECH_CAPITALIZE = { 512, 4096, CKF_ENCRYPT | CKF_DECRYPT }; @@ -721,6 +797,17 @@ mock_C_GetMechanismInfo__invalid_slotid (CK_SLOT_ID slot_id, } CK_RV +mock_X_GetMechanismInfo__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO_PTR info) +{ + return_val_if_fail (info, CKR_ARGUMENTS_BAD); + + return CKR_SLOT_ID_INVALID; +} + +CK_RV mock_C_InitToken__specific_args (CK_SLOT_ID slot_id, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len, @@ -757,6 +844,16 @@ mock_C_InitToken__invalid_slotid (CK_SLOT_ID slot_id, } CK_RV +mock_X_InitToken__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len, + CK_UTF8CHAR_PTR label) +{ + return CKR_SLOT_ID_INVALID; +} + +CK_RV mock_C_WaitForSlotEvent (CK_FLAGS flags, CK_SLOT_ID_PTR slot, CK_VOID_PTR reserved) @@ -781,6 +878,17 @@ mock_C_WaitForSlotEvent__no_event (CK_FLAGS flags, } CK_RV +mock_X_WaitForSlotEvent__no_event (CK_X_FUNCTION_LIST *self, + CK_FLAGS flags, + CK_SLOT_ID_PTR slot, + CK_VOID_PTR reserved) +{ + return_val_if_fail (slot, CKR_ARGUMENTS_BAD); + + return CKR_NO_EVENT; +} + +CK_RV mock_C_OpenSession (CK_SLOT_ID slot_id, CK_FLAGS flags, CK_VOID_PTR user_data, @@ -828,6 +936,19 @@ mock_C_OpenSession__invalid_slotid (CK_SLOT_ID slot_id, } CK_RV +mock_X_OpenSession__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_FLAGS flags, + CK_VOID_PTR user_data, + CK_NOTIFY callback, + CK_SESSION_HANDLE_PTR session) +{ + return_val_if_fail (session, CKR_ARGUMENTS_BAD); + + return CKR_SLOT_ID_INVALID; +} + +CK_RV mock_C_OpenSession__fails (CK_SLOT_ID slot_id, CK_FLAGS flags, CK_VOID_PTR user_data, @@ -859,6 +980,13 @@ mock_C_CloseSession__invalid_handle (CK_SESSION_HANDLE session) } CK_RV +mock_X_CloseSession__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_CloseAllSessions (CK_SLOT_ID slot_id) { if (slot_id == MOCK_SLOT_TWO_ID) @@ -877,6 +1005,13 @@ mock_C_CloseAllSessions__invalid_slotid (CK_SLOT_ID slot_id) } CK_RV +mock_X_CloseAllSessions__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id) +{ + return CKR_SLOT_ID_INVALID; +} + +CK_RV mock_C_GetFunctionStatus (CK_SESSION_HANDLE session) { if (!p11_dict_get (the_sessions, handle_to_pointer (session))) @@ -913,7 +1048,7 @@ mock_C_GetSessionInfo (CK_SESSION_HANDLE session, return_val_if_fail (info != NULL, CKR_ARGUMENTS_BAD); sess = p11_dict_get (the_sessions, handle_to_pointer (session)); - if (!session) + if (!sess) return CKR_SESSION_HANDLE_INVALID; if (logged_in) { @@ -942,6 +1077,16 @@ mock_C_GetSessionInfo__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_GetSessionInfo__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_SESSION_INFO_PTR info) +{ + return_val_if_fail (info, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_InitPIN__specific_args (CK_SESSION_HANDLE session, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len) @@ -972,6 +1117,15 @@ mock_C_InitPIN__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_InitPIN__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_SetPIN__specific_args (CK_SESSION_HANDLE session, CK_UTF8CHAR_PTR old_pin, CK_ULONG old_pin_len, @@ -1011,6 +1165,17 @@ mock_C_SetPIN__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SetPIN__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR old_pin, + CK_ULONG old_pin_len, + CK_UTF8CHAR_PTR new_pin, + CK_ULONG new_pin_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_GetOperationState (CK_SESSION_HANDLE session, CK_BYTE_PTR operation_state, CK_ULONG_PTR operation_state_len) @@ -1045,6 +1210,15 @@ mock_C_GetOperationState__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_GetOperationState__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG_PTR operation_state_len) +{ + return CKR_FUNCTION_NOT_SUPPORTED; +} + +CK_RV mock_C_SetOperationState (CK_SESSION_HANDLE session, CK_BYTE_PTR operation_state, CK_ULONG operation_state_len, @@ -1079,6 +1253,17 @@ mock_C_SetOperationState__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SetOperationState__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG operation_state_len, + CK_OBJECT_HANDLE encryption_key, + CK_OBJECT_HANDLE authentication_key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_Login (CK_SESSION_HANDLE session, CK_USER_TYPE user_type, CK_UTF8CHAR_PTR pin, @@ -1127,6 +1312,16 @@ mock_C_Login__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_Login__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_USER_TYPE user_type, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_Logout (CK_SESSION_HANDLE session) { Session *sess; @@ -1150,6 +1345,13 @@ mock_C_Logout__invalid_handle (CK_SESSION_HANDLE session) } CK_RV +mock_X_Logout__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_CreateObject (CK_SESSION_HANDLE session, CK_ATTRIBUTE_PTR template, CK_ULONG count, @@ -1195,6 +1397,18 @@ mock_C_CreateObject__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_CreateObject__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object) +{ + return_val_if_fail (new_object, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_CopyObject (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR template, @@ -1246,6 +1460,19 @@ mock_C_CopyObject__invalid_handle (CK_SESSION_HANDLE session, CK_RV +mock_X_CopyObject__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object) +{ + return_val_if_fail (new_object, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DestroyObject (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object) { @@ -1274,6 +1501,14 @@ mock_C_DestroyObject__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DestroyObject__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_GetObjectSize (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ULONG_PTR size) @@ -1313,6 +1548,17 @@ mock_C_GetObjectSize__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_GetObjectSize__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ULONG_PTR size) +{ + return_val_if_fail (size, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_GetAttributeValue (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR template, @@ -1371,6 +1617,16 @@ mock_C_GetAttributeValue__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_GetAttributeValue__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_GetAttributeValue__fail_first (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR template, @@ -1428,6 +1684,16 @@ mock_C_SetAttributeValue__invalid_handle (CK_SESSION_HANDLE session, return CKR_SESSION_HANDLE_INVALID; } +CK_RV +mock_X_SetAttributeValue__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + return CKR_SESSION_HANDLE_INVALID; +} + typedef struct _FindObjects { CK_ATTRIBUTE *template; CK_ULONG count; @@ -1512,6 +1778,15 @@ mock_C_FindObjectsInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_FindObjectsInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_FindObjectsInit__fails (CK_SESSION_HANDLE session, CK_ATTRIBUTE_PTR template, CK_ULONG count) @@ -1563,6 +1838,18 @@ mock_C_FindObjects__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_FindObjects__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE_PTR objects, + CK_ULONG max_count, + CK_ULONG_PTR count) +{ + return_val_if_fail (count, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_FindObjects__fails (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR objects, CK_ULONG max_count, @@ -1599,6 +1886,13 @@ mock_C_FindObjectsFinal__invalid_handle (CK_SESSION_HANDLE session) } CK_RV +mock_X_FindObjectsFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_EncryptInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) @@ -1634,6 +1928,15 @@ mock_C_EncryptInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_EncryptInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_Encrypt (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -1661,6 +1964,19 @@ mock_C_Encrypt__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_Encrypt__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR encrypted_data, + CK_ULONG_PTR encrypted_data_len) +{ + return_val_if_fail (encrypted_data_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_EncryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len, @@ -1713,6 +2029,19 @@ mock_C_EncryptUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_EncryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + return_val_if_fail (encrypted_part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_EncryptFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR last_encrypted_part, CK_ULONG_PTR last_encrypted_part_len) @@ -1749,6 +2078,17 @@ mock_C_EncryptFinal__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_EncryptFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len) +{ + return_val_if_fail (last_part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DecryptInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) @@ -1784,6 +2124,15 @@ mock_C_DecryptInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DecryptInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_Decrypt (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_data, CK_ULONG encrypted_data_len, @@ -1811,6 +2160,19 @@ mock_C_Decrypt__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_Decrypt__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_data, + CK_ULONG enc_data_len, + CK_BYTE_PTR data, + CK_ULONG_PTR data_len) +{ + return_val_if_fail (data_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DecryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_part, CK_ULONG encrypted_part_len, @@ -1863,6 +2225,19 @@ mock_C_DecryptUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DecryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + return_val_if_fail (part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DecryptFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR last_part, CK_ULONG_PTR last_part_len) @@ -1900,6 +2275,17 @@ mock_C_DecryptFinal__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DecryptFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len) +{ + return_val_if_fail (last_part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DigestInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism) { @@ -1932,6 +2318,14 @@ mock_C_DigestInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DigestInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_Digest (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -1961,6 +2355,19 @@ mock_C_Digest__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_Digest__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + return_val_if_fail (digest_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DigestUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len) @@ -1990,6 +2397,15 @@ mock_C_DigestUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DigestUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DigestKey (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE key) { @@ -2017,6 +2433,14 @@ mock_C_DigestKey__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DigestKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DigestFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR digest, CK_ULONG_PTR digest_len) @@ -2068,6 +2492,17 @@ mock_C_DigestFinal__invalid_handle (CK_SESSION_HANDLE session, return CKR_SESSION_HANDLE_INVALID; } +CK_RV +mock_X_DigestFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + return_val_if_fail (digest_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + static CK_RV prefix_mechanism_init (CK_SESSION_HANDLE session, CK_ATTRIBUTE_TYPE method, @@ -2156,6 +2591,15 @@ mock_C_SignInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SignInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_Sign (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -2184,6 +2628,19 @@ mock_C_Sign__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_Sign__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + return_val_if_fail (signature_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_SignUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len) @@ -2214,6 +2671,17 @@ mock_C_SignUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SignUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + return_val_if_fail (part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_SignFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR signature, CK_ULONG_PTR signature_len) @@ -2270,6 +2738,17 @@ mock_C_SignFinal__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SignFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + return_val_if_fail (signature_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_SignRecoverInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) @@ -2287,6 +2766,15 @@ mock_C_SignRecoverInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SignRecoverInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_SignRecover (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -2345,6 +2833,19 @@ mock_C_SignRecover__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SignRecover__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + return_val_if_fail (signature_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_VerifyInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) @@ -2362,6 +2863,15 @@ mock_C_VerifyInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_VerifyInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_Verify (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -2388,6 +2898,17 @@ mock_C_Verify__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_Verify__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_VerifyUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len) @@ -2416,6 +2937,15 @@ mock_C_VerifyUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_VerifyUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_VerifyFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR signature, CK_ULONG signature_len) @@ -2463,6 +2993,15 @@ mock_C_VerifyFinal__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_VerifyFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_VerifyRecoverInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) @@ -2480,6 +3019,15 @@ mock_C_VerifyRecoverInit__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_VerifyRecoverInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_VerifyRecover (CK_SESSION_HANDLE session, CK_BYTE_PTR signature, CK_ULONG signature_len, @@ -2534,6 +3082,19 @@ mock_C_VerifyRecover__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_VerifyRecover__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len, + CK_BYTE_PTR data, + CK_ULONG_PTR data_len) +{ + return_val_if_fail (data_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DigestEncryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len, @@ -2562,6 +3123,19 @@ mock_C_DigestEncryptUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DigestEncryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, + CK_ULONG_PTR enc_part_len) +{ + return_val_if_fail (enc_part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DecryptDigestUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_part, CK_ULONG encrypted_part_len, @@ -2590,6 +3164,19 @@ mock_C_DecryptDigestUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DecryptDigestUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + return_val_if_fail (part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_SignEncryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len, @@ -2618,6 +3205,19 @@ mock_C_SignEncryptUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SignEncryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, + CK_ULONG_PTR enc_part_len) +{ + return_val_if_fail (enc_part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DecryptVerifyUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_part, CK_ULONG encrypted_part_len, @@ -2646,6 +3246,19 @@ mock_C_DecryptVerifyUpdate__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DecryptVerifyUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + return_val_if_fail (part_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_GenerateKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_ATTRIBUTE_PTR template, @@ -2700,6 +3313,17 @@ mock_C_GenerateKey__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_GenerateKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_GenerateKeyPair (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_ATTRIBUTE_PTR public_key_template, @@ -2772,6 +3396,20 @@ mock_C_GenerateKeyPair__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_GenerateKeyPair__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR pub_template, + CK_ULONG pub_count, + CK_ATTRIBUTE_PTR priv_template, + CK_ULONG priv_count, + CK_OBJECT_HANDLE_PTR pub_key, + CK_OBJECT_HANDLE_PTR priv_key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_WrapKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE wrapping_key, @@ -2848,6 +3486,20 @@ mock_C_WrapKey__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_WrapKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE wrapping_key, + CK_OBJECT_HANDLE key, + CK_BYTE_PTR wrapped_key, + CK_ULONG_PTR wrapped_key_len) +{ + return_val_if_fail (wrapped_key_len, CKR_ARGUMENTS_BAD); + + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_UnwrapKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE unwrapping_key, @@ -2920,6 +3572,20 @@ mock_C_UnwrapKey__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_UnwrapKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE unwrapping_key, + CK_BYTE_PTR wrapped_key, + CK_ULONG wrapped_key_len, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_DeriveKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE base_key, @@ -2985,6 +3651,18 @@ mock_C_DeriveKey__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_DeriveKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE base_key, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_SeedRandom (CK_SESSION_HANDLE session, CK_BYTE_PTR seed, CK_ULONG seed_len) @@ -3012,6 +3690,15 @@ mock_C_SeedRandom__invalid_handle (CK_SESSION_HANDLE session, } CK_RV +mock_X_SeedRandom__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR seed, + CK_ULONG seed_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + +CK_RV mock_C_GenerateRandom (CK_SESSION_HANDLE session, CK_BYTE_PTR random_data, CK_ULONG random_len) @@ -3043,6 +3730,15 @@ mock_C_GenerateRandom__invalid_handle (CK_SESSION_HANDLE session, return CKR_SESSION_HANDLE_INVALID; } +CK_RV +mock_X_GenerateRandom__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR random_data, + CK_ULONG random_len) +{ + return CKR_SESSION_HANDLE_INVALID; +} + CK_FUNCTION_LIST mock_module_no_slots = { { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, /* version */ mock_C_Initialize, @@ -3115,6 +3811,75 @@ CK_FUNCTION_LIST mock_module_no_slots = { mock_C_WaitForSlotEvent__no_event, }; +CK_X_FUNCTION_LIST mock_x_module_no_slots = { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, /* version */ + mock_X_Initialize, + mock_X_Finalize, + mock_X_GetInfo, + mock_X_GetSlotList__no_tokens, + mock_X_GetSlotInfo__invalid_slotid, + mock_X_GetTokenInfo__invalid_slotid, + mock_X_GetMechanismList__invalid_slotid, + mock_X_GetMechanismInfo__invalid_slotid, + mock_X_InitToken__invalid_slotid, + mock_X_InitPIN__invalid_handle, + mock_X_SetPIN__invalid_handle, + mock_X_OpenSession__invalid_slotid, + mock_X_CloseSession__invalid_handle, + mock_X_CloseAllSessions__invalid_slotid, + mock_X_GetSessionInfo__invalid_handle, + mock_X_GetOperationState__invalid_handle, + mock_X_SetOperationState__invalid_handle, + mock_X_Login__invalid_handle, + mock_X_Logout__invalid_handle, + mock_X_CreateObject__invalid_handle, + mock_X_CopyObject__invalid_handle, + mock_X_DestroyObject__invalid_handle, + mock_X_GetObjectSize__invalid_handle, + mock_X_GetAttributeValue__invalid_handle, + mock_X_SetAttributeValue__invalid_handle, + mock_X_FindObjectsInit__invalid_handle, + mock_X_FindObjects__invalid_handle, + mock_X_FindObjectsFinal__invalid_handle, + mock_X_EncryptInit__invalid_handle, + mock_X_Encrypt__invalid_handle, + mock_X_EncryptUpdate__invalid_handle, + mock_X_EncryptFinal__invalid_handle, + mock_X_DecryptInit__invalid_handle, + mock_X_Decrypt__invalid_handle, + mock_X_DecryptUpdate__invalid_handle, + mock_X_DecryptFinal__invalid_handle, + mock_X_DigestInit__invalid_handle, + mock_X_Digest__invalid_handle, + mock_X_DigestUpdate__invalid_handle, + mock_X_DigestKey__invalid_handle, + mock_X_DigestFinal__invalid_handle, + mock_X_SignInit__invalid_handle, + mock_X_Sign__invalid_handle, + mock_X_SignUpdate__invalid_handle, + mock_X_SignFinal__invalid_handle, + mock_X_SignRecoverInit__invalid_handle, + mock_X_SignRecover__invalid_handle, + mock_X_VerifyInit__invalid_handle, + mock_X_Verify__invalid_handle, + mock_X_VerifyUpdate__invalid_handle, + mock_X_VerifyFinal__invalid_handle, + mock_X_VerifyRecoverInit__invalid_handle, + mock_X_VerifyRecover__invalid_handle, + mock_X_DigestEncryptUpdate__invalid_handle, + mock_X_DecryptDigestUpdate__invalid_handle, + mock_X_SignEncryptUpdate__invalid_handle, + mock_X_DecryptVerifyUpdate__invalid_handle, + mock_X_GenerateKey__invalid_handle, + mock_X_GenerateKeyPair__invalid_handle, + mock_X_WrapKey__invalid_handle, + mock_X_UnwrapKey__invalid_handle, + mock_X_DeriveKey__invalid_handle, + mock_X_SeedRandom__invalid_handle, + mock_X_GenerateRandom__invalid_handle, + mock_X_WaitForSlotEvent__no_event, +}; + CK_FUNCTION_LIST mock_module = { { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, /* version */ mock_C_Initialize, diff --git a/common/mock.h b/common/mock.h index d09c8be..9128a63 100644 --- a/common/mock.h +++ b/common/mock.h @@ -37,6 +37,7 @@ #include "compat.h" #include "pkcs11.h" +#include "pkcs11x.h" enum { MOCK_DATA_OBJECT = 2, @@ -86,13 +87,25 @@ enum { MOCK_SLOT_ONE_ID = 52, MOCK_SLOT_TWO_ID = 134, + + MOCK_SLOTS_PRESENT = 1, + MOCK_SLOTS_ALL = 2, }; +static const CK_INFO MOCK_INFO = { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, + "MOCK MANUFACTURER ", + 0, + "MOCK LIBRARY ", + { 45, 145 } +}; extern CK_FUNCTION_LIST mock_module; extern CK_FUNCTION_LIST mock_module_no_slots; +extern CK_X_FUNCTION_LIST mock_x_module_no_slots; + void mock_module_init (void); typedef bool (* mock_enumerator) (CK_OBJECT_HANDLE handle, @@ -106,19 +119,30 @@ void mock_module_enumerate_objects (CK_SESSION_HANDLE sess void mock_module_add_object (CK_SLOT_ID slot_id, const CK_ATTRIBUTE *attrs); +void mock_module_reset (void); + +bool mock_module_initialized (void); + void mock_module_take_object (CK_SLOT_ID slot_id, CK_ATTRIBUTE *attrs); -void mock_module_reset_objects (CK_SLOT_ID slot_id); - CK_RV mock_C_Initialize (CK_VOID_PTR init_args); CK_RV mock_C_Initialize__fails (CK_VOID_PTR init_args); +CK_RV mock_X_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR init_args); + CK_RV mock_C_Finalize (CK_VOID_PTR reserved); +CK_RV mock_X_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR reserved); + CK_RV mock_C_GetInfo (CK_INFO_PTR info); +CK_RV mock_X_GetInfo (CK_X_FUNCTION_LIST *self, + CK_INFO_PTR info); + CK_RV mock_C_GetFunctionList_not_supported (CK_FUNCTION_LIST_PTR_PTR list); CK_RV mock_C_GetSlotList (CK_BBOOL token_present, @@ -140,16 +164,29 @@ CK_RV mock_C_GetSlotList__fail_late (CK_BBOOL token_present CK_RV mock_C_GetSlotInfo (CK_SLOT_ID slot_id, CK_SLOT_INFO_PTR info); +CK_RV mock_X_GetSlotList__no_tokens (CK_X_FUNCTION_LIST *self, + CK_BBOOL token_present, + CK_SLOT_ID_PTR slot_list, + CK_ULONG_PTR count); + CK_RV mock_C_GetSlotInfo__invalid_slotid (CK_SLOT_ID slot_id, CK_SLOT_INFO_PTR info); +CK_RV mock_X_GetSlotInfo__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_SLOT_INFO_PTR info); + CK_RV mock_C_GetTokenInfo (CK_SLOT_ID slot_id, CK_TOKEN_INFO_PTR info); CK_RV mock_C_GetTokenInfo__invalid_slotid (CK_SLOT_ID slot_id, CK_TOKEN_INFO_PTR info); -CK_RV mock_C_GetTokenInfo_not_initialized (CK_SLOT_ID slot_id, +CK_RV mock_X_GetTokenInfo__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_TOKEN_INFO_PTR info); + +CK_RV mock_C_GetTokenInfo__not_initialized (CK_SLOT_ID slot_id, CK_TOKEN_INFO_PTR info); CK_RV mock_C_GetMechanismList (CK_SLOT_ID slot_id, @@ -160,6 +197,11 @@ CK_RV mock_C_GetMechanismList__invalid_slotid (CK_SLOT_ID slot_id, CK_MECHANISM_TYPE_PTR mechanism_list, CK_ULONG_PTR count); +CK_RV mock_X_GetMechanismList__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE_PTR mechanism_list, + CK_ULONG_PTR count); + CK_RV mock_C_GetMechanismInfo (CK_SLOT_ID slot_id, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR info); @@ -168,6 +210,11 @@ CK_RV mock_C_GetMechanismInfo__invalid_slotid (CK_SLOT_ID slot_id, CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR info); +CK_RV mock_X_GetMechanismInfo__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO_PTR info); + CK_RV mock_C_InitToken__specific_args (CK_SLOT_ID slot_id, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len, @@ -178,6 +225,13 @@ CK_RV mock_C_InitToken__invalid_slotid (CK_SLOT_ID slot_id, CK_ULONG pin_len, CK_UTF8CHAR_PTR label); +CK_RV mock_X_InitToken__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len, + CK_UTF8CHAR_PTR label); + + CK_RV mock_C_WaitForSlotEvent (CK_FLAGS flags, CK_SLOT_ID_PTR slot, CK_VOID_PTR reserved); @@ -186,12 +240,24 @@ CK_RV mock_C_WaitForSlotEvent__no_event (CK_FLAGS flags, CK_SLOT_ID_PTR slot, CK_VOID_PTR reserved); +CK_RV mock_X_WaitForSlotEvent__no_event (CK_X_FUNCTION_LIST *self, + CK_FLAGS flags, + CK_SLOT_ID_PTR slot, + CK_VOID_PTR reserved); + CK_RV mock_C_OpenSession__invalid_slotid (CK_SLOT_ID slot_id, CK_FLAGS flags, CK_VOID_PTR user_data, CK_NOTIFY callback, CK_SESSION_HANDLE_PTR session); +CK_RV mock_X_OpenSession__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_FLAGS flags, + CK_VOID_PTR user_data, + CK_NOTIFY callback, + CK_SESSION_HANDLE_PTR session); + CK_RV mock_C_OpenSession__fails (CK_SLOT_ID slot_id, CK_FLAGS flags, CK_VOID_PTR user_data, @@ -208,10 +274,16 @@ CK_RV mock_C_CloseSession (CK_SESSION_HANDLE sess CK_RV mock_C_CloseSession__invalid_handle (CK_SESSION_HANDLE session); +CK_RV mock_X_CloseSession__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session); + CK_RV mock_C_CloseAllSessions (CK_SLOT_ID slot_id); CK_RV mock_C_CloseAllSessions__invalid_slotid (CK_SLOT_ID slot_id); +CK_RV mock_X_CloseAllSessions__invalid_slotid (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id); + CK_RV mock_C_GetFunctionStatus (CK_SESSION_HANDLE session); CK_RV mock_C_GetFunctionStatus__not_parallel (CK_SESSION_HANDLE session); @@ -226,6 +298,10 @@ CK_RV mock_C_GetSessionInfo (CK_SESSION_HANDLE sess CK_RV mock_C_GetSessionInfo__invalid_handle (CK_SESSION_HANDLE session, CK_SESSION_INFO_PTR info); +CK_RV mock_X_GetSessionInfo__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_SESSION_INFO_PTR info); + CK_RV mock_C_InitPIN__specific_args (CK_SESSION_HANDLE session, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len); @@ -234,6 +310,11 @@ CK_RV mock_C_InitPIN__invalid_handle (CK_SESSION_HANDLE sess CK_UTF8CHAR_PTR pin, CK_ULONG pin_len); +CK_RV mock_X_InitPIN__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len); + CK_RV mock_C_SetPIN__specific_args (CK_SESSION_HANDLE session, CK_UTF8CHAR_PTR old_pin, CK_ULONG old_pin_len, @@ -246,6 +327,13 @@ CK_RV mock_C_SetPIN__invalid_handle (CK_SESSION_HANDLE sess CK_UTF8CHAR_PTR new_pin, CK_ULONG new_pin_len); +CK_RV mock_X_SetPIN__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR old_pin, + CK_ULONG old_pin_len, + CK_UTF8CHAR_PTR new_pin, + CK_ULONG new_pin_len); + CK_RV mock_C_GetOperationState (CK_SESSION_HANDLE session, CK_BYTE_PTR operation_state, CK_ULONG_PTR operation_state_len); @@ -254,6 +342,11 @@ CK_RV mock_C_GetOperationState__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR operation_state, CK_ULONG_PTR operation_state_len); +CK_RV mock_X_GetOperationState__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG_PTR operation_state_len); + CK_RV mock_C_SetOperationState (CK_SESSION_HANDLE session, CK_BYTE_PTR operation_state, CK_ULONG operation_state_len, @@ -266,6 +359,13 @@ CK_RV mock_C_SetOperationState__invalid_handle (CK_SESSION_HANDLE sess CK_OBJECT_HANDLE encryption_key, CK_OBJECT_HANDLE authentication_key); +CK_RV mock_X_SetOperationState__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG operation_state_len, + CK_OBJECT_HANDLE encryption_key, + CK_OBJECT_HANDLE authentication_key); + CK_RV mock_C_Login (CK_SESSION_HANDLE session, CK_USER_TYPE user_type, CK_UTF8CHAR_PTR pin, @@ -276,10 +376,19 @@ CK_RV mock_C_Login__invalid_handle (CK_SESSION_HANDLE sess CK_UTF8CHAR_PTR pin, CK_ULONG pin_len); +CK_RV mock_X_Login__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_USER_TYPE user_type, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len); + CK_RV mock_C_Logout (CK_SESSION_HANDLE session); CK_RV mock_C_Logout__invalid_handle (CK_SESSION_HANDLE session); +CK_RV mock_X_Logout__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session); + CK_RV mock_C_CreateObject (CK_SESSION_HANDLE session, CK_ATTRIBUTE_PTR template, CK_ULONG count, @@ -290,6 +399,12 @@ CK_RV mock_C_CreateObject__invalid_handle (CK_SESSION_HANDLE sess CK_ULONG count, CK_OBJECT_HANDLE_PTR new_object); +CK_RV mock_X_CreateObject__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object); + CK_RV mock_C_CopyObject (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR template, @@ -302,12 +417,23 @@ CK_RV mock_C_CopyObject__invalid_handle (CK_SESSION_HANDLE sess CK_ULONG count, CK_OBJECT_HANDLE_PTR new_object); +CK_RV mock_X_CopyObject__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object); + CK_RV mock_C_DestroyObject (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object); CK_RV mock_C_DestroyObject__invalid_handle (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object); +CK_RV mock_X_DestroyObject__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object); + CK_RV mock_C_GetObjectSize (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ULONG_PTR size); @@ -316,6 +442,11 @@ CK_RV mock_C_GetObjectSize__invalid_handle (CK_SESSION_HANDLE sess CK_OBJECT_HANDLE object, CK_ULONG_PTR size); +CK_RV mock_X_GetObjectSize__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ULONG_PTR size); + CK_RV mock_C_GetAttributeValue (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR template, @@ -326,6 +457,12 @@ CK_RV mock_C_GetAttributeValue__invalid_handle (CK_SESSION_HANDLE sess CK_ATTRIBUTE_PTR template, CK_ULONG count); +CK_RV mock_X_GetAttributeValue__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count); + CK_RV mock_C_GetAttributeValue__fail_first (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE object, CK_ATTRIBUTE_PTR template, @@ -346,6 +483,12 @@ CK_RV mock_C_SetAttributeValue__invalid_handle (CK_SESSION_HANDLE sess CK_ATTRIBUTE_PTR template, CK_ULONG count); +CK_RV mock_X_SetAttributeValue__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count); + CK_RV mock_C_FindObjectsInit (CK_SESSION_HANDLE session, CK_ATTRIBUTE_PTR template, CK_ULONG count); @@ -354,6 +497,11 @@ CK_RV mock_C_FindObjectsInit__invalid_handle (CK_SESSION_HANDLE sess CK_ATTRIBUTE_PTR template, CK_ULONG count); +CK_RV mock_X_FindObjectsInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count); + CK_RV mock_C_FindObjectsInit__fails (CK_SESSION_HANDLE session, CK_ATTRIBUTE_PTR template, CK_ULONG count); @@ -368,6 +516,12 @@ CK_RV mock_C_FindObjects__invalid_handle (CK_SESSION_HANDLE sess CK_ULONG max_count, CK_ULONG_PTR count); +CK_RV mock_X_FindObjects__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE_PTR objects, + CK_ULONG max_count, + CK_ULONG_PTR count); + CK_RV mock_C_FindObjects__fails (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR objects, CK_ULONG max_count, @@ -377,6 +531,9 @@ CK_RV mock_C_FindObjectsFinal (CK_SESSION_HANDLE sess CK_RV mock_C_FindObjectsFinal__invalid_handle (CK_SESSION_HANDLE session); +CK_RV mock_X_FindObjectsFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session); + CK_RV mock_C_EncryptInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); @@ -385,6 +542,11 @@ CK_RV mock_C_EncryptInit__invalid_handle (CK_SESSION_HANDLE sess CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); +CK_RV mock_X_EncryptInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key); + CK_RV mock_C_Encrypt (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -397,6 +559,13 @@ CK_RV mock_C_Encrypt__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR encrypted_data, CK_ULONG_PTR encrypted_data_len); +CK_RV mock_X_Encrypt__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR encrypted_data, + CK_ULONG_PTR encrypted_data_len); + CK_RV mock_C_EncryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len, @@ -409,6 +578,13 @@ CK_RV mock_C_EncryptUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR encrypted_part, CK_ULONG_PTR encrypted_part_len); +CK_RV mock_X_EncryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len); + CK_RV mock_C_EncryptFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR last_encrypted_part, CK_ULONG_PTR last_encrypted_part_len); @@ -417,6 +593,11 @@ CK_RV mock_C_EncryptFinal__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR last_part, CK_ULONG_PTR last_part_len); +CK_RV mock_X_EncryptFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len); + CK_RV mock_C_DecryptInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); @@ -425,6 +606,11 @@ CK_RV mock_C_DecryptInit__invalid_handle (CK_SESSION_HANDLE sess CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); +CK_RV mock_X_DecryptInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key); + CK_RV mock_C_Decrypt (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_data, CK_ULONG encrypted_data_len, @@ -437,6 +623,13 @@ CK_RV mock_C_Decrypt__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR data, CK_ULONG_PTR data_len); +CK_RV mock_X_Decrypt__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_data, + CK_ULONG enc_data_len, + CK_BYTE_PTR data, + CK_ULONG_PTR data_len); + CK_RV mock_C_DecryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_part, CK_ULONG encrypted_part_len, @@ -449,6 +642,13 @@ CK_RV mock_C_DecryptUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR part, CK_ULONG_PTR part_len); +CK_RV mock_X_DecryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len); + CK_RV mock_C_DecryptFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR last_part, CK_ULONG_PTR last_part_len); @@ -457,12 +657,21 @@ CK_RV mock_C_DecryptFinal__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR last_part, CK_ULONG_PTR last_part_len); +CK_RV mock_X_DecryptFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len); + CK_RV mock_C_DigestInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism); CK_RV mock_C_DigestInit__invalid_handle (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism); +CK_RV mock_X_DigestInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism); + CK_RV mock_C_Digest (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -475,6 +684,13 @@ CK_RV mock_C_Digest__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR digest, CK_ULONG_PTR digest_len); +CK_RV mock_X_Digest__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len); + CK_RV mock_C_DigestUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len); @@ -483,12 +699,21 @@ CK_RV mock_C_DigestUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR part, CK_ULONG part_len); +CK_RV mock_X_DigestUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len); + CK_RV mock_C_DigestKey (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE key); CK_RV mock_C_DigestKey__invalid_handle (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE key); +CK_RV mock_X_DigestKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE key); + CK_RV mock_C_DigestFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR digest, CK_ULONG_PTR digest_len); @@ -497,6 +722,11 @@ CK_RV mock_C_DigestFinal__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR digest, CK_ULONG_PTR digest_len); +CK_RV mock_X_DigestFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len); + CK_RV mock_C_SignInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); @@ -505,6 +735,11 @@ CK_RV mock_C_SignInit__invalid_handle (CK_SESSION_HANDLE sess CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); +CK_RV mock_X_SignInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key); + CK_RV mock_C_Sign (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -517,6 +752,13 @@ CK_RV mock_C_Sign__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR signature, CK_ULONG_PTR signature_len); +CK_RV mock_X_Sign__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len); + CK_RV mock_C_SignUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len); @@ -525,6 +767,11 @@ CK_RV mock_C_SignUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR part, CK_ULONG part_len); +CK_RV mock_X_SignUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len); + CK_RV mock_C_SignFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR signature, CK_ULONG_PTR signature_len); @@ -533,6 +780,11 @@ CK_RV mock_C_SignFinal__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR signature, CK_ULONG_PTR signature_len); +CK_RV mock_X_SignFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len); + CK_RV mock_C_SignRecoverInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); @@ -541,6 +793,11 @@ CK_RV mock_C_SignRecoverInit__invalid_handle (CK_SESSION_HANDLE sess CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); +CK_RV mock_X_SignRecoverInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key); + CK_RV mock_C_SignRecover (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -553,6 +810,13 @@ CK_RV mock_C_SignRecover__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR signature, CK_ULONG_PTR signature_len); +CK_RV mock_X_SignRecover__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len); + CK_RV mock_C_VerifyInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); @@ -561,6 +825,11 @@ CK_RV mock_C_VerifyInit__invalid_handle (CK_SESSION_HANDLE sess CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); +CK_RV mock_X_VerifyInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key); + CK_RV mock_C_Verify (CK_SESSION_HANDLE session, CK_BYTE_PTR data, CK_ULONG data_len, @@ -573,6 +842,13 @@ CK_RV mock_C_Verify__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR signature, CK_ULONG signature_len); +CK_RV mock_X_Verify__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG signature_len); + CK_RV mock_C_VerifyUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len); @@ -581,6 +857,11 @@ CK_RV mock_C_VerifyUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR part, CK_ULONG part_len); +CK_RV mock_X_VerifyUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len); + CK_RV mock_C_VerifyFinal (CK_SESSION_HANDLE session, CK_BYTE_PTR signature, CK_ULONG signature_len); @@ -589,6 +870,11 @@ CK_RV mock_C_VerifyFinal__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR signature, CK_ULONG signature_len); +CK_RV mock_X_VerifyFinal__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len); + CK_RV mock_C_VerifyRecoverInit (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); @@ -597,6 +883,11 @@ CK_RV mock_C_VerifyRecoverInit__invalid_handle (CK_SESSION_HANDLE sess CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key); +CK_RV mock_X_VerifyRecoverInit__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key); + CK_RV mock_C_VerifyRecover (CK_SESSION_HANDLE session, CK_BYTE_PTR signature, CK_ULONG signature_len, @@ -609,6 +900,13 @@ CK_RV mock_C_VerifyRecover__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR data, CK_ULONG_PTR data_len); +CK_RV mock_X_VerifyRecover__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len, + CK_BYTE_PTR data, + CK_ULONG_PTR data_len); + CK_RV mock_C_DigestEncryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len, @@ -621,6 +919,13 @@ CK_RV mock_C_DigestEncryptUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR enc_part, CK_ULONG_PTR enc_part_len); +CK_RV mock_X_DigestEncryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, + CK_ULONG_PTR enc_part_len); + CK_RV mock_C_DecryptDigestUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_part, CK_ULONG encrypted_part_len, @@ -633,6 +938,13 @@ CK_RV mock_C_DecryptDigestUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR part, CK_ULONG_PTR part_len); +CK_RV mock_X_DecryptDigestUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len); + CK_RV mock_C_SignEncryptUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR part, CK_ULONG part_len, @@ -645,6 +957,13 @@ CK_RV mock_C_SignEncryptUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR enc_part, CK_ULONG_PTR enc_part_len); +CK_RV mock_X_SignEncryptUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, + CK_ULONG_PTR enc_part_len); + CK_RV mock_C_DecryptVerifyUpdate (CK_SESSION_HANDLE session, CK_BYTE_PTR encrypted_part, CK_ULONG encrypted_part_len, @@ -657,6 +976,13 @@ CK_RV mock_C_DecryptVerifyUpdate__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR part, CK_ULONG_PTR part_len); +CK_RV mock_X_DecryptVerifyUpdate__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len); + CK_RV mock_C_GenerateKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_ATTRIBUTE_PTR template, @@ -669,6 +995,13 @@ CK_RV mock_C_GenerateKey__invalid_handle (CK_SESSION_HANDLE sess CK_ULONG count, CK_OBJECT_HANDLE_PTR key); +CK_RV mock_X_GenerateKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key); + CK_RV mock_C_GenerateKeyPair (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_ATTRIBUTE_PTR public_key_template, @@ -687,6 +1020,16 @@ CK_RV mock_C_GenerateKeyPair__invalid_handle (CK_SESSION_HANDLE sess CK_OBJECT_HANDLE_PTR pub_key, CK_OBJECT_HANDLE_PTR priv_key); +CK_RV mock_X_GenerateKeyPair__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR pub_template, + CK_ULONG pub_count, + CK_ATTRIBUTE_PTR priv_template, + CK_ULONG priv_count, + CK_OBJECT_HANDLE_PTR pub_key, + CK_OBJECT_HANDLE_PTR priv_key); + CK_RV mock_C_WrapKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE wrapping_key, @@ -701,6 +1044,14 @@ CK_RV mock_C_WrapKey__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR wrapped_key, CK_ULONG_PTR wrapped_key_len); +CK_RV mock_X_WrapKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE wrapping_key, + CK_OBJECT_HANDLE key, + CK_BYTE_PTR wrapped_key, + CK_ULONG_PTR wrapped_key_len); + CK_RV mock_C_UnwrapKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE unwrapping_key, @@ -719,6 +1070,16 @@ CK_RV mock_C_UnwrapKey__invalid_handle (CK_SESSION_HANDLE sess CK_ULONG count, CK_OBJECT_HANDLE_PTR key); +CK_RV mock_X_UnwrapKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE unwrapping_key, + CK_BYTE_PTR wrapped_key, + CK_ULONG wrapped_key_len, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key); + CK_RV mock_C_DeriveKey (CK_SESSION_HANDLE session, CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE base_key, @@ -733,6 +1094,14 @@ CK_RV mock_C_DeriveKey__invalid_handle (CK_SESSION_HANDLE sess CK_ULONG count, CK_OBJECT_HANDLE_PTR key); +CK_RV mock_X_DeriveKey__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE base_key, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key); + CK_RV mock_C_SeedRandom (CK_SESSION_HANDLE session, CK_BYTE_PTR seed, CK_ULONG seed_len); @@ -741,6 +1110,11 @@ CK_RV mock_C_SeedRandom__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR seed, CK_ULONG seed_len); +CK_RV mock_X_SeedRandom__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR seed, + CK_ULONG seed_len); + CK_RV mock_C_GenerateRandom (CK_SESSION_HANDLE session, CK_BYTE_PTR random_data, CK_ULONG random_len); @@ -749,4 +1123,9 @@ CK_RV mock_C_GenerateRandom__invalid_handle (CK_SESSION_HANDLE sess CK_BYTE_PTR random_data, CK_ULONG random_len); +CK_RV mock_X_GenerateRandom__invalid_handle (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR random_data, + CK_ULONG random_len); + #endif /* __MOCK_H__ */ diff --git a/common/path.c b/common/path.c index bba2c23..a2ba6ec 100644 --- a/common/path.c +++ b/common/path.c @@ -97,6 +97,9 @@ expand_homedir (const char *remainder) { const char *env; + if (remainder[0] == '\0') + remainder = NULL; + env = getenv ("HOME"); if (env && env[0]) { return p11_path_build (env, remainder, NULL); @@ -137,6 +140,9 @@ expand_tempdir (const char *remainder) { const char *env; + if (remainder[0] == '\0') + remainder = NULL; + env = getenv ("TEMP"); if (env && env[0]) { return p11_path_build (env, remainder, NULL); @@ -164,10 +170,10 @@ expand_tempdir (const char *remainder) } } -static bool +static inline bool is_path_component_or_null (char ch) { - return (ch == '0' || ch == '/' + return (ch == '\0' || ch == '/' #ifdef OS_WIN32 || ch == '\\' #endif @@ -181,15 +187,15 @@ p11_path_expand (const char *path) if (strncmp (path, "~", 1) == 0 && is_path_component_or_null (path[1])) { - return expand_homedir (path + 2); + return expand_homedir (path + 1); } else if (strncmp (path, "$HOME", 5) == 0 && is_path_component_or_null (path[5])) { - return expand_homedir (path + 6); + return expand_homedir (path + 5); } else if (strncmp (path, "$TEMP", 5) == 0 && is_path_component_or_null (path[5])) { - return expand_tempdir (path + 6); + return expand_tempdir (path + 5); } else { return strdup (path); @@ -201,11 +207,11 @@ p11_path_absolute (const char *path) { return_val_if_fail (path != NULL, false); -#ifdef OS_UNIX - return (path[0] == '/'); -#else - return (path[0] != '\0' && path[1] == ':' && path[2] == '\\'); + return (path[0] == '/') +#ifdef OS_WIN32 + || (path[0] != '\0' && path[1] == ':' && path[2] == '\\') #endif + ; } char * @@ -256,3 +262,39 @@ p11_path_build (const char *path, built[at] = '\0'; return built; } + +char * +p11_path_parent (const char *path) +{ + const char *e; + char *parent; + bool had = false; + + return_val_if_fail (path != NULL, NULL); + + /* Find the end of the last component */ + e = path + strlen (path); + while (e != path && is_path_component_or_null (*e)) + e--; + + /* Find the beginning of the last component */ + while (e != path && !is_path_component_or_null (*e)) { + had = true; + e--; + } + + /* Find the end of the last component */ + while (e != path && is_path_component_or_null (*e)) + e--; + + if (e == path) { + if (!had) + return NULL; + parent = strdup ("/"); + } else { + parent = strndup (path, (e - path) + 1); + } + + return_val_if_fail (parent != NULL, NULL); + return parent; +} diff --git a/common/path.h b/common/path.h index a518008..1fce607 100644 --- a/common/path.h +++ b/common/path.h @@ -59,4 +59,6 @@ char * p11_path_build (const char *path, bool p11_path_absolute (const char *path); +char * p11_path_parent (const char *path); + #endif /* P11_PATH_H__ */ diff --git a/common/pem.c b/common/pem.c index b0625ef..7fe0076 100644 --- a/common/pem.c +++ b/common/pem.c @@ -242,35 +242,31 @@ p11_pem_parse (const char *data, return nfound; } -char * +bool p11_pem_write (const unsigned char *contents, size_t length, const char *type, - size_t *pem_len) + p11_buffer *buf) { - p11_buffer buffer; size_t estimate; size_t prefix; char *target; int len; - return_val_if_fail (contents || !length, NULL); - return_val_if_fail (type, NULL); - return_val_if_fail (pem_len, NULL); + return_val_if_fail (contents || !length, false); + return_val_if_fail (type, false); + return_val_if_fail (buf, false); /* Estimate from base64 data. Algorithm from Glib reference */ estimate = length * 4 / 3 + 7; estimate += estimate / 64 + 1; - if (!p11_buffer_init_null (&buffer, estimate + 128)) - return_val_if_reached (NULL); + p11_buffer_add (buf, ARMOR_PREF_BEGIN, ARMOR_PREF_BEGIN_L); + p11_buffer_add (buf, type, -1); + p11_buffer_add (buf, ARMOR_SUFF, ARMOR_SUFF_L); - p11_buffer_add (&buffer, ARMOR_PREF_BEGIN, ARMOR_PREF_BEGIN_L); - p11_buffer_add (&buffer, type, -1); - p11_buffer_add (&buffer, ARMOR_SUFF, ARMOR_SUFF_L); - - prefix = buffer.len; - target = p11_buffer_append (&buffer, estimate); + prefix = buf->len; + target = p11_buffer_append (buf, estimate); return_val_if_fail (target != NULL, NULL); /* @@ -282,13 +278,13 @@ p11_pem_write (const unsigned char *contents, assert (len > 0); assert (len <= estimate); - buffer.len = prefix + len; + buf->len = prefix + len; - p11_buffer_add (&buffer, "\n", 1); - p11_buffer_add (&buffer, ARMOR_PREF_END, ARMOR_PREF_END_L); - p11_buffer_add (&buffer, type, -1); - p11_buffer_add (&buffer, ARMOR_SUFF, ARMOR_SUFF_L); - p11_buffer_add (&buffer, "\n", 1); + p11_buffer_add (buf, "\n", 1); + p11_buffer_add (buf, ARMOR_PREF_END, ARMOR_PREF_END_L); + p11_buffer_add (buf, type, -1); + p11_buffer_add (buf, ARMOR_SUFF, ARMOR_SUFF_L); + p11_buffer_add (buf, "\n", 1); - return p11_buffer_steal (&buffer, pem_len); + return p11_buffer_ok (buf); } diff --git a/common/pem.h b/common/pem.h index d84f418..7e4ce63 100644 --- a/common/pem.h +++ b/common/pem.h @@ -35,6 +35,9 @@ #ifndef P11_PEM_H_ #define P11_PEM_H_ +#include "buffer.h" +#include "compat.h" + #include <sys/types.h> typedef void (*p11_pem_sink) (const char *type, @@ -47,9 +50,9 @@ unsigned int p11_pem_parse (const char *input, p11_pem_sink sink, void *user_data); -char * p11_pem_write (const unsigned char *contents, +bool p11_pem_write (const unsigned char *contents, size_t length, const char *type, - size_t *pem_len); + p11_buffer *buf); #endif /* P11_PEM_H_ */ diff --git a/common/pkcs11x.h b/common/pkcs11x.h index 58be460..dfb2a6c 100644 --- a/common/pkcs11x.h +++ b/common/pkcs11x.h @@ -149,6 +149,444 @@ typedef CK_ULONG CK_X_ASSERTION_TYPE; #endif /* CRYPTOKI_X_VENDOR_DEFINED */ +/* ------------------------------------------------------------------- + * SUBCLASSABLE PKCS#11 FUNCTIONS + */ + +typedef struct _CK_X_FUNCTION_LIST CK_X_FUNCTION_LIST; + +typedef CK_RV (* CK_X_Initialize) (CK_X_FUNCTION_LIST *, + CK_VOID_PTR); + +typedef CK_RV (* CK_X_Finalize) (CK_X_FUNCTION_LIST *, + CK_VOID_PTR); + +typedef CK_RV (* CK_X_GetInfo) (CK_X_FUNCTION_LIST *, + CK_INFO_PTR); + +typedef CK_RV (* CK_X_GetSlotList) (CK_X_FUNCTION_LIST *, + CK_BBOOL, + CK_SLOT_ID_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_GetSlotInfo) (CK_X_FUNCTION_LIST *, + CK_SLOT_ID, + CK_SLOT_INFO_PTR); + +typedef CK_RV (* CK_X_GetTokenInfo) (CK_X_FUNCTION_LIST *, + CK_SLOT_ID, + CK_TOKEN_INFO_PTR); + +typedef CK_RV (* CK_X_GetMechanismList) (CK_X_FUNCTION_LIST *, + CK_SLOT_ID, + CK_MECHANISM_TYPE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_GetMechanismInfo) (CK_X_FUNCTION_LIST *, + CK_SLOT_ID, + CK_MECHANISM_TYPE, + CK_MECHANISM_INFO_PTR); + +typedef CK_RV (* CK_X_InitToken) (CK_X_FUNCTION_LIST *, + CK_SLOT_ID, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR); + +typedef CK_RV (* CK_X_InitPIN) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_SetPIN) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_OpenSession) (CK_X_FUNCTION_LIST *, + CK_SLOT_ID, + CK_FLAGS, + CK_VOID_PTR, + CK_NOTIFY, + CK_SESSION_HANDLE_PTR); + +typedef CK_RV (* CK_X_CloseSession) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE); + +typedef CK_RV (* CK_X_CloseAllSessions) (CK_X_FUNCTION_LIST *, + CK_SLOT_ID); + +typedef CK_RV (* CK_X_GetSessionInfo) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_SESSION_INFO_PTR); + +typedef CK_RV (* CK_X_GetOperationState) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_SetOperationState) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_OBJECT_HANDLE, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_Login) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_USER_TYPE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_Logout) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE); + +typedef CK_RV (* CK_X_CreateObject) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_ATTRIBUTE_PTR, + CK_ULONG, + CK_OBJECT_HANDLE_PTR); + +typedef CK_RV (* CK_X_CopyObject) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_OBJECT_HANDLE, + CK_ATTRIBUTE_PTR, + CK_ULONG, + CK_OBJECT_HANDLE_PTR); + +typedef CK_RV (* CK_X_DestroyObject) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_GetObjectSize) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_OBJECT_HANDLE, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_GetAttributeValue) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_OBJECT_HANDLE, + CK_ATTRIBUTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_SetAttributeValue) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_OBJECT_HANDLE, + CK_ATTRIBUTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_FindObjectsInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_ATTRIBUTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_FindObjects) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_OBJECT_HANDLE_PTR, + CK_ULONG, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_FindObjectsFinal) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE); + +typedef CK_RV (* CK_X_EncryptInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_Encrypt) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_EncryptUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_EncryptFinal) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DecryptInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_Decrypt) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DecryptUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DecryptFinal) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DigestInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR); + +typedef CK_RV (* CK_X_Digest) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DigestUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_DigestKey) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_DigestFinal) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_SignInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_Sign) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_SignUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_SignFinal) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_SignRecoverInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_SignRecover) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_VerifyInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_Verify) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_VerifyUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_VerifyFinal) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_VerifyRecoverInit) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE); + +typedef CK_RV (* CK_X_VerifyRecover) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DigestEncryptUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DecryptDigestUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_SignEncryptUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_DecryptVerifyUpdate) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_GenerateKey) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_ATTRIBUTE_PTR, + CK_ULONG, + CK_OBJECT_HANDLE_PTR); + +typedef CK_RV (* CK_X_GenerateKeyPair) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_ATTRIBUTE_PTR, + CK_ULONG, + CK_ATTRIBUTE_PTR, + CK_ULONG, + CK_OBJECT_HANDLE_PTR, + CK_OBJECT_HANDLE_PTR); + +typedef CK_RV (* CK_X_WrapKey) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE, + CK_OBJECT_HANDLE, + CK_BYTE_PTR, + CK_ULONG_PTR); + +typedef CK_RV (* CK_X_UnwrapKey) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE, + CK_BYTE_PTR, + CK_ULONG, + CK_ATTRIBUTE_PTR, + CK_ULONG, + CK_OBJECT_HANDLE_PTR); + +typedef CK_RV (* CK_X_DeriveKey) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_MECHANISM_PTR, + CK_OBJECT_HANDLE, + CK_ATTRIBUTE_PTR, + CK_ULONG, + CK_OBJECT_HANDLE_PTR); + +typedef CK_RV (* CK_X_SeedRandom) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_GenerateRandom) (CK_X_FUNCTION_LIST *, + CK_SESSION_HANDLE, + CK_BYTE_PTR, + CK_ULONG); + +typedef CK_RV (* CK_X_WaitForSlotEvent) (CK_X_FUNCTION_LIST *, + CK_FLAGS, + CK_SLOT_ID_PTR, + CK_VOID_PTR); + +struct _CK_X_FUNCTION_LIST { + CK_VERSION version; + CK_X_Initialize C_Initialize; + CK_X_Finalize C_Finalize; + CK_X_GetInfo C_GetInfo; + CK_X_GetSlotList C_GetSlotList; + CK_X_GetSlotInfo C_GetSlotInfo; + CK_X_GetTokenInfo C_GetTokenInfo; + CK_X_GetMechanismList C_GetMechanismList; + CK_X_GetMechanismInfo C_GetMechanismInfo; + CK_X_InitToken C_InitToken; + CK_X_InitPIN C_InitPIN; + CK_X_SetPIN C_SetPIN; + CK_X_OpenSession C_OpenSession; + CK_X_CloseSession C_CloseSession; + CK_X_CloseAllSessions C_CloseAllSessions; + CK_X_GetSessionInfo C_GetSessionInfo; + CK_X_GetOperationState C_GetOperationState; + CK_X_SetOperationState C_SetOperationState; + CK_X_Login C_Login; + CK_X_Logout C_Logout; + CK_X_CreateObject C_CreateObject; + CK_X_CopyObject C_CopyObject; + CK_X_DestroyObject C_DestroyObject; + CK_X_GetObjectSize C_GetObjectSize; + CK_X_GetAttributeValue C_GetAttributeValue; + CK_X_SetAttributeValue C_SetAttributeValue; + CK_X_FindObjectsInit C_FindObjectsInit; + CK_X_FindObjects C_FindObjects; + CK_X_FindObjectsFinal C_FindObjectsFinal; + CK_X_EncryptInit C_EncryptInit; + CK_X_Encrypt C_Encrypt; + CK_X_EncryptUpdate C_EncryptUpdate; + CK_X_EncryptFinal C_EncryptFinal; + CK_X_DecryptInit C_DecryptInit; + CK_X_Decrypt C_Decrypt; + CK_X_DecryptUpdate C_DecryptUpdate; + CK_X_DecryptFinal C_DecryptFinal; + CK_X_DigestInit C_DigestInit; + CK_X_Digest C_Digest; + CK_X_DigestUpdate C_DigestUpdate; + CK_X_DigestKey C_DigestKey; + CK_X_DigestFinal C_DigestFinal; + CK_X_SignInit C_SignInit; + CK_X_Sign C_Sign; + CK_X_SignUpdate C_SignUpdate; + CK_X_SignFinal C_SignFinal; + CK_X_SignRecoverInit C_SignRecoverInit; + CK_X_SignRecover C_SignRecover; + CK_X_VerifyInit C_VerifyInit; + CK_X_Verify C_Verify; + CK_X_VerifyUpdate C_VerifyUpdate; + CK_X_VerifyFinal C_VerifyFinal; + CK_X_VerifyRecoverInit C_VerifyRecoverInit; + CK_X_VerifyRecover C_VerifyRecover; + CK_X_DigestEncryptUpdate C_DigestEncryptUpdate; + CK_X_DecryptDigestUpdate C_DecryptDigestUpdate; + CK_X_SignEncryptUpdate C_SignEncryptUpdate; + CK_X_DecryptVerifyUpdate C_DecryptVerifyUpdate; + CK_X_GenerateKey C_GenerateKey; + CK_X_GenerateKeyPair C_GenerateKeyPair; + CK_X_WrapKey C_WrapKey; + CK_X_UnwrapKey C_UnwrapKey; + CK_X_DeriveKey C_DeriveKey; + CK_X_SeedRandom C_SeedRandom; + CK_X_GenerateRandom C_GenerateRandom; + CK_X_WaitForSlotEvent C_WaitForSlotEvent; +}; + #if defined(__cplusplus) } #endif diff --git a/common/test.c b/common/test.c new file mode 100644 index 0000000..b6ad012 --- /dev/null +++ b/common/test.c @@ -0,0 +1,271 @@ +/* + * Copyright (c) 2013, Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#include "config.h" + +#define P11_TEST_SOURCE 1 + +#include "test.h" +#include "debug.h" + +#include <assert.h> +#include <setjmp.h> +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +enum { + FIXTURE, + TEST, +}; + +typedef void (*func_with_arg) (void *); + +typedef struct _test_item { + int type; + + union { + struct { + char name[1024]; + func_with_arg func; + void *argument; + int failed; + } test; + struct { + func_with_arg setup; + func_with_arg teardown; + } fix; + } x; + + struct _test_item *next; +} test_item; + +struct { + test_item *suite; + test_item *last; + int number; + jmp_buf jump; +} gl = { NULL, NULL, 0, }; + +void +p11_test_fail (const char *filename, + int line, + const char *function, + const char *message, + ...) +{ + const char *pos; + char *output; + char *from; + char *next; + va_list va; + + assert (gl.last != NULL); + assert (gl.last->type == TEST); + gl.last->x.test.failed = 1; + + printf ("not ok %d %s\n", gl.number, gl.last->x.test.name); + + va_start (va, message); + if (vasprintf (&output, message, va) < 0) + assert (0 && "vasprintf() failed"); + va_end (va); + + for (from = output; from != NULL; ) { + next = strchr (from, '\n'); + if (next) { + next[0] = '\0'; + next += 1; + } + + printf ("# %s\n", from); + from = next; + } + + pos = strrchr (filename, '/'); + if (pos != NULL && pos[1] != '\0') + filename = pos + 1; + + printf ("# in %s() at %s:%d\n", function, filename, line); + + free (output); + + longjmp (gl.jump, 1); +} + +static void +test_push (test_item *it) +{ + test_item *item; + + item = calloc (1, sizeof (test_item)); + assert (item != NULL); + memcpy (item, it, sizeof (test_item)); + + if (!gl.suite) + gl.suite = item; + if (gl.last) + gl.last->next = item; + gl.last = item; +} + +void +p11_test (void (* function) (void), + const char *name, + ...) +{ + test_item item = { TEST, }; + va_list va; + + item.x.test.func = (func_with_arg)function; + + va_start (va, name); + vsnprintf (item.x.test.name, sizeof (item.x.test.name), name, va); + va_end (va); + + test_push (&item); +} + +void +p11_testx (void (* function) (void *), + void *argument, + const char *name, + ...) +{ + test_item item = { TEST, }; + va_list va; + + item.type = TEST; + item.x.test.func = function; + item.x.test.argument = argument; + + va_start (va, name); + vsnprintf (item.x.test.name, sizeof (item.x.test.name), name, va); + va_end (va); + + test_push (&item); +} + +void +p11_fixture (void (* setup) (void *), + void (* teardown) (void *)) +{ + test_item item; + + item.type = FIXTURE; + item.x.fix.setup = setup; + item.x.fix.teardown = teardown; + + test_push (&item); +} + +int +p11_test_run (int argc, + char **argv) +{ + test_item *fixture = NULL; + test_item *item; + test_item *next; + int count; + int ret = 0; + int setup; + + /* p11-kit specific stuff */ + putenv ("P11_KIT_STRICT=1"); + p11_debug_init (); + + assert (gl.number == 0); + gl.last = NULL; + + for (item = gl.suite, count = 0; item != NULL; item = item->next) { + if (item->type == TEST) + count++; + } + + if (count == 0) { + printf ("1..0 # No tests\n"); + return 0; + } + + printf ("1..%d\n", count); + + for (item = gl.suite, gl.number = 0; item != NULL; item = item->next) { + if (item->type == FIXTURE) { + fixture = item; + continue; + } + + assert (item->type == TEST); + gl.last = item; + gl.number++; + setup = 0; + + if (setjmp (gl.jump) == 0) { + if (fixture && fixture->x.fix.setup) + (fixture->x.fix.setup) (item->x.test.argument); + + setup = 1; + + assert (item->x.test.func); + (item->x.test.func)(item->x.test.argument); + + printf ("ok %d %s\n", gl.number, item->x.test.name); + } + + if (setup) { + if (setjmp (gl.jump) == 0) { + if (fixture && fixture->x.fix.teardown) + (fixture->x.fix.teardown) (item->x.test.argument); + } + } + + gl.last = NULL; + } + + for (item = gl.suite; item != NULL; item = next) { + if (item->type == TEST) { + if (item->x.test.failed) + ret++; + } + + next = item->next; + free (item); + } + + gl.suite = NULL; + gl.last = 0; + gl.number = 0; + return ret; +} diff --git a/common/test.h b/common/test.h new file mode 100644 index 0000000..1da3608 --- /dev/null +++ b/common/test.h @@ -0,0 +1,131 @@ +/* + * Copyright (c) 2013, Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#include "compat.h" + +#ifndef P11_TEST_H_ +#define P11_TEST_H_ + +#ifndef P11_TEST_SOURCE + +#include <string.h> + +#ifdef assert_not_reached +#undef assert_not_reached +#endif + +#ifdef assert +#undef assert +#endif + +#define assert(expr) \ + assert_true(expr) +#define assert_true(expr) \ + do { if (expr) ; else \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "assertion failed (%s)", #expr); \ + } while (0) +#define assert_false(expr) \ + do { if (expr) \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "assertion failed (!(%s))", #expr); \ + } while (0) +#define assert_fail(msg, detail) \ + do { const char *__s = (detail); \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "%s%s%s", (msg), __s ? ": ": "", __s ? __s : ""); \ + } while (0) +#define assert_not_reached(msg) \ + do { \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "code should not be reached"); \ + } while (0) +#define assert_ptr_not_null(ptr) \ + do { if ((ptr) != NULL) ; else \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "assertion failed (%s != NULL)", #ptr); \ + } while (0) +#define assert_num_cmp(a1, cmp, a2) \ + do { unsigned long __n1 = (a1); \ + unsigned long __n2 = (a2); \ + if (__n1 cmp __n2) ; else \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "assertion failed (%s %s %s): (%lu %s %lu)", \ + #a1, #cmp, #a2, __n1, #cmp, __n2); \ + } while (0) +#define assert_num_eq(a1, a2) \ + assert_num_cmp(a1, ==, a2) +#define assert_str_cmp(a1, cmp, a2) \ + do { const char *__s1 = (a1); \ + const char *__s2 = (a2); \ + if (__s1 && __s2 && strcmp (__s1, __s2) cmp 0) ; else \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "assertion failed (%s %s %s): (%s %s %s)", \ + #a1, #cmp, #a2, __s1 ? __s1 : "(null)", #cmp, __s2 ? __s2 : "(null)"); \ + } while (0) +#define assert_str_eq(a1, a2) \ + assert_str_cmp(a1, ==, a2) +#define assert_ptr_eq(a1, a2) \ + do { const void *__p1 = (a1); \ + const void *__p2 = (a2); \ + if (__p1 == __p2) ; else \ + p11_test_fail (__FILE__, __LINE__, __FUNCTION__, "assertion failed (%s == %s): (0x%08lx == 0x%08lx)", \ + #a1, #a2, (unsigned long)(size_t)__p1, (unsigned long)(size_t)__p2); \ + } while (0) + +#define assert_str_contains(expr, needle) \ + do { const char *__str = (expr); \ + if (__str && strstr (__str, needle)) ; else \ + p1_test_fail (__FILE__, __LINE__, __FUNCTION__, "assertion failed (%s): '%s' does not contain '%s'", \ + #expr, __str, needle); \ + } while (0) + +#endif /* !P11_TEST_SOURCE */ + + +void p11_test_fail (const char *filename, + int line, + const char *function, + const char *message, + ...) GNUC_PRINTF(4, 5); + +void p11_test (void (* function) (void), + const char *name, + ...) GNUC_PRINTF(2, 3); + +void p11_testx (void (* function) (void *), + void *argument, + const char *name, + ...) GNUC_PRINTF(3, 4); + +void p11_fixture (void (* setup) (void *), + void (* teardown) (void *)); + +int p11_test_run (int argc, + char **argv); + +#endif /* P11_TEST_H_ */ diff --git a/common/tests/Makefile.am b/common/tests/Makefile.am index 6959c4f..942bc12 100644 --- a/common/tests/Makefile.am +++ b/common/tests/Makefile.am @@ -3,11 +3,11 @@ include $(top_srcdir)/build/Makefile.tests COMMON = $(top_srcdir)/common -INCLUDES = \ +AM_CPPFLAGS = \ -I$(top_srcdir) \ -I$(srcdir)/.. \ -I$(COMMON) \ - $(CUTEST_CFLAGS) + $(TEST_CFLAGS) LDADD = \ $(NULL) @@ -34,7 +34,7 @@ LDADD += \ $(LIBTASN1_LIBS) \ $(NULL) -INCLUDES += \ +AM_CPPFLAGS += \ $(LIBTASN1_CFLAGS) \ $(NULL) @@ -61,5 +61,6 @@ endif # WITH_ASN1 TESTS = $(CHECK_PROGS) LDADD += \ + $(top_builddir)/common/libp11-test.la \ $(top_builddir)/common/libp11-common.la \ $(CUTEST_LIBS) diff --git a/common/tests/test-array.c b/common/tests/test-array.c index a796365..8e8f996 100644 --- a/common/tests/test-array.c +++ b/common/tests/test-array.c @@ -33,26 +33,26 @@ */ #include "config.h" -#include "CuTest.h" #include <stdlib.h> #include <stdio.h> #include <string.h> #include "array.h" +#include "test.h" static void -test_p11_array_create (CuTest *tc) +test_create (void) { p11_array *array; array = p11_array_new (NULL); - CuAssertPtrNotNull (tc, array); + assert_ptr_not_null (array); p11_array_free (array); } static void -test_p11_array_free_null (CuTest *tc) +test_free_null (void) { p11_array_free (NULL); } @@ -65,81 +65,81 @@ destroy_value (void *data) } static void -test_p11_array_free_destroys (CuTest *tc) +test_free_destroys (void) { p11_array *array; int value = 0; array = p11_array_new (destroy_value); - CuAssertPtrNotNull (tc, array); + assert_ptr_not_null (array); if (!p11_array_push (array, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); p11_array_free (array); - CuAssertIntEquals (tc, 2, value); + assert_num_eq (2, value); } static void -test_p11_array_add (CuTest *tc) +test_add (void) { char *value = "VALUE"; p11_array *array; array = p11_array_new (NULL); if (!p11_array_push (array, value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); - CuAssertIntEquals (tc, 1, array->num); - CuAssertPtrEquals (tc, array->elem[0], value); + assert_num_eq (1, array->num); + assert_ptr_eq (array->elem[0], value); p11_array_free (array); } static void -test_p11_array_add_remove (CuTest *tc) +test_add_remove (void) { char *value = "VALUE"; p11_array *array; array = p11_array_new (NULL); if (!p11_array_push (array, value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); - CuAssertIntEquals (tc, 1, array->num); + assert_num_eq (1, array->num); - CuAssertPtrEquals (tc, array->elem[0], value); + assert_ptr_eq (array->elem[0], value); p11_array_remove (array, 0); - CuAssertIntEquals (tc, 0, array->num); + assert_num_eq (0, array->num); p11_array_free (array); } static void -test_p11_array_remove_destroys (CuTest *tc) +test_remove_destroys (void) { p11_array *array; int value = 0; array = p11_array_new (destroy_value); if (!p11_array_push (array, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); p11_array_remove (array, 0); - CuAssertIntEquals (tc, 2, value); + assert_num_eq (2, value); /* should not be destroyed again */ value = 0; p11_array_free (array); - CuAssertIntEquals (tc, 0, value); + assert_num_eq (0, value); } static void -test_p11_array_remove_and_count (CuTest *tc) +test_remove_and_count (void) { p11_array *array; int *value; @@ -147,75 +147,62 @@ test_p11_array_remove_and_count (CuTest *tc) array = p11_array_new (free); - CuAssertIntEquals (tc, 0, array->num); + assert_num_eq (0, array->num); for (i = 0; i < 20000; ++i) { value = malloc (sizeof (int)); *value = i; if (!p11_array_push (array, value)) - CuFail (tc, "should not be reached"); - CuAssertIntEquals (tc, i + 1, array->num); + assert_not_reached (); + assert_num_eq (i + 1, array->num); } for (i = 10; i < 20000; ++i) { p11_array_remove (array, 10); - CuAssertIntEquals (tc, 20010 - (i + 1), array->num); + assert_num_eq (20010 - (i + 1), array->num); } - CuAssertIntEquals (tc, 10, array->num); + assert_num_eq (10, array->num); p11_array_free (array); } static void -test_p11_array_clear_destroys (CuTest *tc) +test_clear_destroys (void) { p11_array *array; int value = 0; array = p11_array_new (destroy_value); if (!p11_array_push (array, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); - CuAssertIntEquals (tc, 1, array->num); + assert_num_eq (1, array->num); p11_array_clear (array); - CuAssertIntEquals (tc, 2, value); - CuAssertIntEquals (tc, 0, array->num); + assert_num_eq (2, value); + assert_num_eq (0, array->num); /* should not be destroyed again */ value = 0; p11_array_free (array); - CuAssertIntEquals (tc, 0, value); + assert_num_eq (0, value); } - int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - SUITE_ADD_TEST (suite, test_p11_array_create); - SUITE_ADD_TEST (suite, test_p11_array_add); - SUITE_ADD_TEST (suite, test_p11_array_add_remove); - SUITE_ADD_TEST (suite, test_p11_array_remove_destroys); - SUITE_ADD_TEST (suite, test_p11_array_remove_and_count); - SUITE_ADD_TEST (suite, test_p11_array_free_null); - SUITE_ADD_TEST (suite, test_p11_array_free_destroys); - SUITE_ADD_TEST (suite, test_p11_array_clear_destroys); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_create, "/array/create"); + p11_test (test_add, "/array/add"); + p11_test (test_add_remove, "/array/add-remove"); + p11_test (test_remove_destroys, "/array/remove-destroys"); + p11_test (test_remove_and_count, "/array/remove-and-count"); + p11_test (test_free_null, "/array/free-null"); + p11_test (test_free_destroys, "/array/free-destroys"); + p11_test (test_clear_destroys, "/array/clear-destroys"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-asn1.c b/common/tests/test-asn1.c index 0335fa6..710928c 100644 --- a/common/tests/test-asn1.c +++ b/common/tests/test-asn1.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "asn1.h" #include "debug.h" @@ -49,21 +49,21 @@ struct { } test; static void -setup (CuTest *cu) +setup (void *unused) { test.asn1_defs = p11_asn1_defs_load (); - CuAssertPtrNotNull (cu, test.asn1_defs); + assert_ptr_not_null (test.asn1_defs); } static void -teardown (CuTest *cu) +teardown (void *unused) { p11_dict_free (test.asn1_defs); memset (&test, 0, sizeof (test)); } static void -test_tlv_length (CuTest *cu) +test_tlv_length (void) { struct { const char *der; @@ -79,14 +79,10 @@ test_tlv_length (CuTest *cu) int length; int i; - setup (cu); - for (i = 0; tlv_lengths[i].der != NULL; i++) { length = p11_asn1_tlv_length ((const unsigned char *)tlv_lengths[i].der, tlv_lengths[i].der_len); - CuAssertIntEquals (cu, tlv_lengths[i].expected, length); + assert_num_eq (tlv_lengths[i].expected, length); } - - teardown (cu); } static const unsigned char test_eku_server_and_client[] = { @@ -95,7 +91,7 @@ static const unsigned char test_eku_server_and_client[] = { }; static void -test_asn1_cache (CuTest *cu) +test_asn1_cache (void) { p11_asn1_cache *cache; p11_dict *defs; @@ -103,15 +99,15 @@ test_asn1_cache (CuTest *cu) node_asn *check; cache = p11_asn1_cache_new (); - CuAssertPtrNotNull (cu, cache); + assert_ptr_not_null (cache); defs = p11_asn1_cache_defs (cache); - CuAssertPtrNotNull (cu, defs); + assert_ptr_not_null (defs); asn = p11_asn1_decode (defs, "PKIX1.ExtKeyUsageSyntax", test_eku_server_and_client, sizeof (test_eku_server_and_client), NULL); - CuAssertPtrNotNull (cu, defs); + assert_ptr_not_null (defs); /* Place the parsed data in the cache */ p11_asn1_cache_take (cache, asn, "PKIX1.ExtKeyUsageSyntax", @@ -122,38 +118,27 @@ test_asn1_cache (CuTest *cu) check = p11_asn1_cache_get (cache, "PKIX1.ExtKeyUsageSyntax", test_eku_server_and_client, sizeof (test_eku_server_and_client)); - CuAssertPtrEquals (cu, asn, check); + assert_ptr_eq (asn, check); /* Flush should remove it */ p11_asn1_cache_flush (cache); check = p11_asn1_cache_get (cache, "PKIX1.ExtKeyUsageSyntax", test_eku_server_and_client, sizeof (test_eku_server_and_client)); - CuAssertPtrEquals (cu, NULL, check); + assert_ptr_eq (NULL, check); p11_asn1_cache_free (cache); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_tlv_length); - SUITE_ADD_TEST (suite, test_asn1_cache); + p11_fixture (setup, teardown); + p11_test (test_tlv_length, "/asn1/tlv_length"); - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); + p11_fixture (NULL, NULL); + p11_test (test_asn1_cache, "/asn1/asn1_cache"); - return ret; + return p11_test_run (argc, argv); } diff --git a/common/tests/test-attrs.c b/common/tests/test-attrs.c index 324ed90..6087191 100644 --- a/common/tests/test-attrs.c +++ b/common/tests/test-attrs.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -43,7 +43,7 @@ #include "debug.h" static void -test_terminator (CuTest *tc) +test_terminator (void) { CK_ATTRIBUTE attrs[] = { { CKA_LABEL, "label", 5 }, @@ -51,14 +51,14 @@ test_terminator (CuTest *tc) { CKA_INVALID }, }; - CuAssertIntEquals (tc, true, p11_attrs_terminator (attrs + 2)); - CuAssertIntEquals (tc, true, p11_attrs_terminator (NULL)); - CuAssertIntEquals (tc, false, p11_attrs_terminator (attrs)); - CuAssertIntEquals (tc, false, p11_attrs_terminator (attrs + 1)); + assert_num_eq (true, p11_attrs_terminator (attrs + 2)); + assert_num_eq (true, p11_attrs_terminator (NULL)); + assert_num_eq (false, p11_attrs_terminator (attrs)); + assert_num_eq (false, p11_attrs_terminator (attrs + 1)); } static void -test_count (CuTest *tc) +test_count (void) { CK_BBOOL vtrue = CK_TRUE; @@ -72,13 +72,13 @@ test_count (CuTest *tc) { CKA_INVALID }, }; - CuAssertIntEquals (tc, 2, p11_attrs_count (attrs)); - CuAssertIntEquals (tc, 0, p11_attrs_count (NULL)); - CuAssertIntEquals (tc, 0, p11_attrs_count (empty)); + assert_num_eq (2, p11_attrs_count (attrs)); + assert_num_eq (0, p11_attrs_count (NULL)); + assert_num_eq (0, p11_attrs_count (empty)); } static void -test_build_one (CuTest *tc) +test_build_one (void) { CK_ATTRIBUTE *attrs; CK_ATTRIBUTE add = { CKA_LABEL, "yay", 3 }; @@ -86,18 +86,18 @@ test_build_one (CuTest *tc) attrs = p11_attrs_build (NULL, &add, NULL); /* Test the first attribute */ - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs->type == CKA_LABEL); - CuAssertIntEquals (tc, 3, attrs->ulValueLen); - CuAssertTrue (tc, memcmp (attrs->pValue, "yay", 3) == 0); + assert_ptr_not_null (attrs); + assert (attrs->type == CKA_LABEL); + assert_num_eq (3, attrs->ulValueLen); + assert (memcmp (attrs->pValue, "yay", 3) == 0); - CuAssertTrue (tc, attrs[1].type == CKA_INVALID); + assert (attrs[1].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_build_two (CuTest *tc) +test_build_two (void) { CK_ATTRIBUTE *attrs; CK_ATTRIBUTE one = { CKA_LABEL, "yay", 3 }; @@ -105,23 +105,23 @@ test_build_two (CuTest *tc) attrs = p11_attrs_build (NULL, &one, &two, NULL); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertIntEquals (tc, 3, attrs[0].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "yay", 3) == 0); + assert_ptr_not_null (attrs); + assert (attrs[0].type == CKA_LABEL); + assert_num_eq (3, attrs[0].ulValueLen); + assert (memcmp (attrs[0].pValue, "yay", 3) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 5, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "eight", 5) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (5, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "eight", 5) == 0); - CuAssertTrue (tc, attrs[2].type == CKA_INVALID); + assert (attrs[2].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_build_invalid (CuTest *tc) +test_build_invalid (void) { CK_ATTRIBUTE *attrs; CK_ATTRIBUTE one = { CKA_LABEL, "yay", 3 }; @@ -130,23 +130,23 @@ test_build_invalid (CuTest *tc) attrs = p11_attrs_build (NULL, &one, &invalid, &two, NULL); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertIntEquals (tc, 3, attrs[0].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "yay", 3) == 0); + assert_ptr_not_null (attrs); + assert (attrs[0].type == CKA_LABEL); + assert_num_eq (3, attrs[0].ulValueLen); + assert (memcmp (attrs[0].pValue, "yay", 3) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 5, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "eight", 5) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (5, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "eight", 5) == 0); - CuAssertTrue (tc, attrs[2].type == CKA_INVALID); + assert (attrs[2].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_buildn_two (CuTest *tc) +test_buildn_two (void) { CK_ATTRIBUTE *attrs; CK_ATTRIBUTE add[] = { @@ -157,23 +157,23 @@ test_buildn_two (CuTest *tc) attrs = p11_attrs_buildn (NULL, add, 2); /* Test the first attribute */ - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs->type == CKA_LABEL); - CuAssertIntEquals (tc, 3, attrs->ulValueLen); - CuAssertTrue (tc, memcmp (attrs->pValue, "yay", 3) == 0); + assert_ptr_not_null (attrs); + assert (attrs->type == CKA_LABEL); + assert_num_eq (3, attrs->ulValueLen); + assert (memcmp (attrs->pValue, "yay", 3) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 5, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "eight", 5) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (5, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "eight", 5) == 0); - CuAssertTrue (tc, attrs[2].type == CKA_INVALID); + assert (attrs[2].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_buildn_one (CuTest *tc) +test_buildn_one (void) { CK_ATTRIBUTE *attrs; CK_ATTRIBUTE add = { CKA_LABEL, "yay", 3 }; @@ -181,18 +181,18 @@ test_buildn_one (CuTest *tc) attrs = p11_attrs_buildn (NULL, &add, 1); /* Test the first attribute */ - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs->type == CKA_LABEL); - CuAssertIntEquals (tc, 3, attrs->ulValueLen); - CuAssertTrue (tc, memcmp (attrs->pValue, "yay", 3) == 0); + assert_ptr_not_null (attrs); + assert (attrs->type == CKA_LABEL); + assert_num_eq (3, attrs->ulValueLen); + assert (memcmp (attrs->pValue, "yay", 3) == 0); - CuAssertTrue (tc, attrs[1].type == CKA_INVALID); + assert (attrs[1].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_build_add (CuTest *tc) +test_build_add (void) { CK_ATTRIBUTE initial[] = { { CKA_LABEL, "label", 5 }, @@ -206,28 +206,28 @@ test_build_add (CuTest *tc) attrs = p11_attrs_buildn (NULL, initial, 2); attrs = p11_attrs_build (attrs, &one, &two, NULL); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertIntEquals (tc, 3, attrs[0].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "yay", 3) == 0); + assert_ptr_not_null (attrs); + assert (attrs[0].type == CKA_LABEL); + assert_num_eq (3, attrs[0].ulValueLen); + assert (memcmp (attrs[0].pValue, "yay", 3) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 4, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "nine", 4) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (4, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "nine", 4) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[2].type == CKA_TOKEN); - CuAssertIntEquals (tc, 1, attrs[2].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[2].pValue, "\x01", 1) == 0); + assert_ptr_not_null (attrs); + assert (attrs[2].type == CKA_TOKEN); + assert_num_eq (1, attrs[2].ulValueLen); + assert (memcmp (attrs[2].pValue, "\x01", 1) == 0); - CuAssertTrue (tc, attrs[3].type == CKA_INVALID); + assert (attrs[3].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_build_null (CuTest *tc) +test_build_null (void) { CK_ATTRIBUTE *attrs; CK_ATTRIBUTE add = { CKA_LABEL, NULL, (CK_ULONG)-1 }; @@ -235,16 +235,16 @@ test_build_null (CuTest *tc) attrs = p11_attrs_build (NULL, &add, NULL); /* Test the first attribute */ - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs->type == CKA_LABEL); - CuAssertTrue (tc, attrs->ulValueLen == (CK_ULONG)-1); - CuAssertPtrEquals (tc, NULL, attrs->pValue); + assert_ptr_not_null (attrs); + assert (attrs->type == CKA_LABEL); + assert (attrs->ulValueLen == (CK_ULONG)-1); + assert_ptr_eq (NULL, attrs->pValue); p11_attrs_free (attrs); } static void -test_dup (CuTest *tc) +test_dup (void) { CK_ATTRIBUTE *attrs; CK_ATTRIBUTE original[] = { @@ -256,23 +256,23 @@ test_dup (CuTest *tc) attrs = p11_attrs_dup (original); /* Test the first attribute */ - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs->type == CKA_LABEL); - CuAssertIntEquals (tc, 3, attrs->ulValueLen); - CuAssertTrue (tc, memcmp (attrs->pValue, "yay", 3) == 0); + assert_ptr_not_null (attrs); + assert (attrs->type == CKA_LABEL); + assert_num_eq (3, attrs->ulValueLen); + assert (memcmp (attrs->pValue, "yay", 3) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 5, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "eight", 5) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (5, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "eight", 5) == 0); - CuAssertTrue (tc, attrs[2].type == CKA_INVALID); + assert (attrs[2].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_take (CuTest *tc) +test_take (void) { CK_ATTRIBUTE initial[] = { { CKA_LABEL, "label", 5 }, @@ -284,30 +284,30 @@ test_take (CuTest *tc) attrs = p11_attrs_buildn (NULL, initial, 2); attrs = p11_attrs_take (attrs, CKA_LABEL, strdup ("boooyah"), 7); attrs = p11_attrs_take (attrs, CKA_TOKEN, strdup ("\x01"), 1); - CuAssertPtrNotNull (tc, attrs); + assert_ptr_not_null (attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertIntEquals (tc, 7, attrs[0].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "boooyah", 7) == 0); + assert (attrs[0].type == CKA_LABEL); + assert_num_eq (7, attrs[0].ulValueLen); + assert (memcmp (attrs[0].pValue, "boooyah", 7) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 4, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "nine", 4) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (4, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "nine", 4) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[2].type == CKA_TOKEN); - CuAssertIntEquals (tc, 1, attrs[2].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[2].pValue, "\x01", 1) == 0); + assert_ptr_not_null (attrs); + assert (attrs[2].type == CKA_TOKEN); + assert_num_eq (1, attrs[2].ulValueLen); + assert (memcmp (attrs[2].pValue, "\x01", 1) == 0); - CuAssertTrue (tc, attrs[3].type == CKA_INVALID); + assert (attrs[3].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_merge_replace (CuTest *tc) +test_merge_replace (void) { CK_ATTRIBUTE initial[] = { { CKA_LABEL, "label", 5 }, @@ -325,29 +325,29 @@ test_merge_replace (CuTest *tc) attrs = p11_attrs_buildn (NULL, initial, 2); merge = p11_attrs_buildn (NULL, extra, 2); attrs = p11_attrs_merge (attrs, merge, true); - CuAssertPtrNotNull (tc, attrs); + assert_ptr_not_null (attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertIntEquals (tc, 7, attrs[0].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "boooyah", 7) == 0); + assert (attrs[0].type == CKA_LABEL); + assert_num_eq (7, attrs[0].ulValueLen); + assert (memcmp (attrs[0].pValue, "boooyah", 7) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 4, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "nine", 4) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (4, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "nine", 4) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[2].type == CKA_APPLICATION); - CuAssertIntEquals (tc, 5, attrs[2].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[2].pValue, "disco", 5) == 0); + assert_ptr_not_null (attrs); + assert (attrs[2].type == CKA_APPLICATION); + assert_num_eq (5, attrs[2].ulValueLen); + assert (memcmp (attrs[2].pValue, "disco", 5) == 0); - CuAssertTrue (tc, attrs[3].type == CKA_INVALID); + assert (attrs[3].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_merge_empty (CuTest *tc) +test_merge_empty (void) { CK_ATTRIBUTE extra[] = { { CKA_LABEL, "boooyah", 7 }, @@ -359,14 +359,14 @@ test_merge_empty (CuTest *tc) merge = p11_attrs_buildn (NULL, extra, 2); attrs = p11_attrs_merge (attrs, merge, true); - CuAssertPtrNotNull (tc, attrs); - CuAssertPtrEquals (tc, merge, attrs); + assert_ptr_not_null (attrs); + assert_ptr_eq (merge, attrs); p11_attrs_free (attrs); } static void -test_merge_augment (CuTest *tc) +test_merge_augment (void) { CK_ATTRIBUTE initial[] = { { CKA_LABEL, "label", 5 }, @@ -384,35 +384,35 @@ test_merge_augment (CuTest *tc) attrs = p11_attrs_buildn (NULL, initial, 2); merge = p11_attrs_buildn (NULL, extra, 2); attrs = p11_attrs_merge (attrs, merge, false); - CuAssertPtrNotNull (tc, attrs); + assert_ptr_not_null (attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertIntEquals (tc, 5, attrs[0].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "label", 5) == 0); + assert (attrs[0].type == CKA_LABEL); + assert_num_eq (5, attrs[0].ulValueLen); + assert (memcmp (attrs[0].pValue, "label", 5) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[1].type == CKA_VALUE); - CuAssertIntEquals (tc, 4, attrs[1].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[1].pValue, "nine", 4) == 0); + assert_ptr_not_null (attrs); + assert (attrs[1].type == CKA_VALUE); + assert_num_eq (4, attrs[1].ulValueLen); + assert (memcmp (attrs[1].pValue, "nine", 4) == 0); - CuAssertPtrNotNull (tc, attrs); - CuAssertTrue (tc, attrs[2].type == CKA_APPLICATION); - CuAssertIntEquals (tc, 5, attrs[2].ulValueLen); - CuAssertTrue (tc, memcmp (attrs[2].pValue, "disco", 5) == 0); + assert_ptr_not_null (attrs); + assert (attrs[2].type == CKA_APPLICATION); + assert_num_eq (5, attrs[2].ulValueLen); + assert (memcmp (attrs[2].pValue, "disco", 5) == 0); - CuAssertTrue (tc, attrs[3].type == CKA_INVALID); + assert (attrs[3].type == CKA_INVALID); p11_attrs_free (attrs); } static void -test_free_null (CuTest *tc) +test_free_null (void) { p11_attrs_free (NULL); } static void -test_equal (CuTest *tc) +test_equal (void) { char *data = "extra attribute"; CK_ATTRIBUTE one = { CKA_LABEL, "yay", 3 }; @@ -422,19 +422,19 @@ test_equal (CuTest *tc) CK_ATTRIBUTE overflow = { CKA_VALUE, data, 5 }; CK_ATTRIBUTE content = { CKA_VALUE, "conte", 5 }; - CuAssertTrue (tc, p11_attr_equal (&one, &one)); - CuAssertTrue (tc, !p11_attr_equal (&one, NULL)); - CuAssertTrue (tc, !p11_attr_equal (NULL, &one)); - CuAssertTrue (tc, !p11_attr_equal (&one, &two)); - CuAssertTrue (tc, !p11_attr_equal (&two, &other)); - CuAssertTrue (tc, p11_attr_equal (&other, &overflow)); - CuAssertTrue (tc, !p11_attr_equal (&one, &null)); - CuAssertTrue (tc, !p11_attr_equal (&one, &null)); - CuAssertTrue (tc, !p11_attr_equal (&other, &content)); + assert (p11_attr_equal (&one, &one)); + assert (!p11_attr_equal (&one, NULL)); + assert (!p11_attr_equal (NULL, &one)); + assert (!p11_attr_equal (&one, &two)); + assert (!p11_attr_equal (&two, &other)); + assert (p11_attr_equal (&other, &overflow)); + assert (!p11_attr_equal (&one, &null)); + assert (!p11_attr_equal (&one, &null)); + assert (!p11_attr_equal (&other, &content)); } static void -test_hash (CuTest *tc) +test_hash (void) { char *data = "extra attribute"; CK_ATTRIBUTE one = { CKA_LABEL, "yay", 3 }; @@ -446,18 +446,18 @@ test_hash (CuTest *tc) unsigned int hash; hash = p11_attr_hash (&one); - CuAssertTrue (tc, hash != 0); - - CuAssertTrue (tc, p11_attr_hash (&one) == hash); - CuAssertTrue (tc, p11_attr_hash (&two) != hash); - CuAssertTrue (tc, p11_attr_hash (&other) != hash); - CuAssertTrue (tc, p11_attr_hash (&overflow) != hash); - CuAssertTrue (tc, p11_attr_hash (&null) != hash); - CuAssertTrue (tc, p11_attr_hash (&content) != hash); + assert (hash != 0); + + assert (p11_attr_hash (&one) == hash); + assert (p11_attr_hash (&two) != hash); + assert (p11_attr_hash (&other) != hash); + assert (p11_attr_hash (&overflow) != hash); + assert (p11_attr_hash (&null) != hash); + assert (p11_attr_hash (&content) != hash); } static void -test_to_string (CuTest *tc) +test_to_string (void) { char *data = "extra attribute"; CK_ATTRIBUTE one = { CKA_LABEL, "yay", 3 }; @@ -471,20 +471,20 @@ test_to_string (CuTest *tc) string = p11_attr_to_string (&one, CKA_INVALID); - CuAssertStrEquals (tc, "{ CKA_LABEL = (3) \"yay\" }", string); + assert_str_eq ("{ CKA_LABEL = (3) \"yay\" }", string); free (string); string = p11_attrs_to_string (attrs, -1); - CuAssertStrEquals (tc, "(2) [ { CKA_LABEL = (3) \"yay\" }, { CKA_VALUE = (5) NOT-PRINTED } ]", string); + assert_str_eq ("(2) [ { CKA_LABEL = (3) \"yay\" }, { CKA_VALUE = (5) NOT-PRINTED } ]", string); free (string); string = p11_attrs_to_string (attrs, 1); - CuAssertStrEquals (tc, "(1) [ { CKA_LABEL = (3) \"yay\" } ]", string); + assert_str_eq ("(1) [ { CKA_LABEL = (3) \"yay\" } ]", string); free (string); } static void -test_find (CuTest *tc) +test_find (void) { CK_BBOOL vtrue = CK_TRUE; CK_ATTRIBUTE *attr; @@ -496,17 +496,17 @@ test_find (CuTest *tc) }; attr = p11_attrs_find (attrs, CKA_LABEL); - CuAssertPtrEquals (tc, attrs + 0, attr); + assert_ptr_eq (attrs + 0, attr); attr = p11_attrs_find (attrs, CKA_TOKEN); - CuAssertPtrEquals (tc, attrs + 1, attr); + assert_ptr_eq (attrs + 1, attr); attr = p11_attrs_find (attrs, CKA_VALUE); - CuAssertPtrEquals (tc, NULL, attr); + assert_ptr_eq (NULL, attr); } static void -test_findn (CuTest *tc) +test_findn (void) { CK_BBOOL vtrue = CK_TRUE; CK_ATTRIBUTE *attr; @@ -517,20 +517,20 @@ test_findn (CuTest *tc) }; attr = p11_attrs_findn (attrs, 2, CKA_LABEL); - CuAssertPtrEquals (tc, attrs + 0, attr); + assert_ptr_eq (attrs + 0, attr); attr = p11_attrs_findn (attrs, 2, CKA_TOKEN); - CuAssertPtrEquals (tc, attrs + 1, attr); + assert_ptr_eq (attrs + 1, attr); attr = p11_attrs_findn (attrs, 2, CKA_VALUE); - CuAssertPtrEquals (tc, NULL, attr); + assert_ptr_eq (NULL, attr); attr = p11_attrs_findn (attrs, 1, CKA_TOKEN); - CuAssertPtrEquals (tc, NULL, attr); + assert_ptr_eq (NULL, attr); } static void -test_remove (CuTest *tc) +test_remove (void) { CK_BBOOL vtrue = CK_TRUE; CK_ATTRIBUTE *attr; @@ -543,25 +543,25 @@ test_remove (CuTest *tc) }; attrs = p11_attrs_buildn (NULL, initial, 2); - CuAssertPtrNotNull (tc, attrs); + assert_ptr_not_null (attrs); attr = p11_attrs_find (attrs, CKA_LABEL); - CuAssertPtrEquals (tc, attrs + 0, attr); + assert_ptr_eq (attrs + 0, attr); ret = p11_attrs_remove (attrs, CKA_LABEL); - CuAssertIntEquals (tc, CK_TRUE, ret); + assert_num_eq (CK_TRUE, ret); attr = p11_attrs_find (attrs, CKA_LABEL); - CuAssertPtrEquals (tc, NULL, attr); + assert_ptr_eq (NULL, attr); ret = p11_attrs_remove (attrs, CKA_LABEL); - CuAssertIntEquals (tc, CK_FALSE, ret); + assert_num_eq (CK_FALSE, ret); p11_attrs_free (attrs); } static void -test_match (CuTest *tc) +test_match (void) { CK_BBOOL vtrue = CK_TRUE; @@ -588,14 +588,14 @@ test_match (CuTest *tc) { CKA_INVALID }, }; - CuAssertTrue (tc, p11_attrs_match (attrs, attrs)); - CuAssertTrue (tc, p11_attrs_match (attrs, subset)); - CuAssertTrue (tc, !p11_attrs_match (attrs, different)); - CuAssertTrue (tc, !p11_attrs_match (attrs, extra)); + assert (p11_attrs_match (attrs, attrs)); + assert (p11_attrs_match (attrs, subset)); + assert (!p11_attrs_match (attrs, different)); + assert (!p11_attrs_match (attrs, extra)); } static void -test_matchn (CuTest *tc) +test_matchn (void) { CK_BBOOL vtrue = CK_TRUE; @@ -620,13 +620,13 @@ test_matchn (CuTest *tc) { CKA_TOKEN, &vtrue, sizeof (vtrue) }, }; - CuAssertTrue (tc, p11_attrs_matchn (attrs, subset, 1)); - CuAssertTrue (tc, !p11_attrs_matchn (attrs, different, 2)); - CuAssertTrue (tc, !p11_attrs_matchn (attrs, extra, 3)); + assert (p11_attrs_matchn (attrs, subset, 1)); + assert (!p11_attrs_matchn (attrs, different, 2)); + assert (!p11_attrs_matchn (attrs, extra, 3)); } static void -test_find_bool (CuTest *tc) +test_find_bool (void) { CK_BBOOL vtrue = CK_TRUE; CK_BBOOL vfalse = CK_FALSE; @@ -640,13 +640,13 @@ test_find_bool (CuTest *tc) { CKA_INVALID }, }; - CuAssertTrue (tc, p11_attrs_find_bool (attrs, CKA_TOKEN, &value) && value == CK_TRUE); - CuAssertTrue (tc, !p11_attrs_find_bool (attrs, CKA_LABEL, &value)); - CuAssertTrue (tc, !p11_attrs_find_bool (attrs, CKA_VALUE, &value)); + assert (p11_attrs_find_bool (attrs, CKA_TOKEN, &value) && value == CK_TRUE); + assert (!p11_attrs_find_bool (attrs, CKA_LABEL, &value)); + assert (!p11_attrs_find_bool (attrs, CKA_VALUE, &value)); } static void -test_find_ulong (CuTest *tc) +test_find_ulong (void) { CK_ULONG v33 = 33UL; CK_ULONG v45 = 45UL; @@ -660,13 +660,13 @@ test_find_ulong (CuTest *tc) { CKA_INVALID }, }; - CuAssertTrue (tc, p11_attrs_find_ulong (attrs, CKA_BITS_PER_PIXEL, &value) && value == v33); - CuAssertTrue (tc, !p11_attrs_find_ulong (attrs, CKA_LABEL, &value)); - CuAssertTrue (tc, !p11_attrs_find_ulong (attrs, CKA_VALUE, &value)); + assert (p11_attrs_find_ulong (attrs, CKA_BITS_PER_PIXEL, &value) && value == v33); + assert (!p11_attrs_find_ulong (attrs, CKA_LABEL, &value)); + assert (!p11_attrs_find_ulong (attrs, CKA_VALUE, &value)); } static void -test_find_value (CuTest *tc) +test_find_value (void) { void *value; size_t length; @@ -681,21 +681,21 @@ test_find_value (CuTest *tc) }; value = p11_attrs_find_value (attrs, CKA_LABEL, &length); - CuAssertPtrEquals (tc, attrs[3].pValue, value); - CuAssertIntEquals (tc, 4, length); + assert_ptr_eq (attrs[3].pValue, value); + assert_num_eq (4, length); value = p11_attrs_find_value (attrs, CKA_LABEL, NULL); - CuAssertPtrEquals (tc, attrs[3].pValue, value); + assert_ptr_eq (attrs[3].pValue, value); value = p11_attrs_find_value (attrs, CKA_VALUE, &length); - CuAssertPtrEquals (tc, NULL, value); + assert_ptr_eq (NULL, value); value = p11_attrs_find_value (attrs, CKA_TOKEN, &length); - CuAssertPtrEquals (tc, NULL, value); + assert_ptr_eq (NULL, value); } static void -test_find_valid (CuTest *tc) +test_find_valid (void) { CK_ATTRIBUTE *attr; @@ -709,61 +709,46 @@ test_find_valid (CuTest *tc) }; attr = p11_attrs_find_valid (attrs, CKA_LABEL); - CuAssertPtrEquals (tc, attrs + 3, attr); + assert_ptr_eq (attrs + 3, attr); attr = p11_attrs_find_valid (attrs, CKA_VALUE); - CuAssertPtrEquals (tc, attrs + 4, attr); + assert_ptr_eq (attrs + 4, attr); attr = p11_attrs_find_valid (attrs, CKA_TOKEN); - CuAssertPtrEquals (tc, NULL, attr); + assert_ptr_eq (NULL, attr); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_equal); - SUITE_ADD_TEST (suite, test_hash); - SUITE_ADD_TEST (suite, test_to_string); - - SUITE_ADD_TEST (suite, test_terminator); - SUITE_ADD_TEST (suite, test_count); - SUITE_ADD_TEST (suite, test_build_one); - SUITE_ADD_TEST (suite, test_build_two); - SUITE_ADD_TEST (suite, test_build_invalid); - SUITE_ADD_TEST (suite, test_buildn_one); - SUITE_ADD_TEST (suite, test_buildn_two); - SUITE_ADD_TEST (suite, test_build_add); - SUITE_ADD_TEST (suite, test_build_null); - SUITE_ADD_TEST (suite, test_dup); - SUITE_ADD_TEST (suite, test_take); - SUITE_ADD_TEST (suite, test_merge_replace); - SUITE_ADD_TEST (suite, test_merge_augment); - SUITE_ADD_TEST (suite, test_merge_empty); - SUITE_ADD_TEST (suite, test_free_null); - SUITE_ADD_TEST (suite, test_match); - SUITE_ADD_TEST (suite, test_matchn); - SUITE_ADD_TEST (suite, test_find); - SUITE_ADD_TEST (suite, test_findn); - SUITE_ADD_TEST (suite, test_find_bool); - SUITE_ADD_TEST (suite, test_find_ulong); - SUITE_ADD_TEST (suite, test_find_value); - SUITE_ADD_TEST (suite, test_find_valid); - SUITE_ADD_TEST (suite, test_remove); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_equal, "/attrs/equal"); + p11_test (test_hash, "/attrs/hash"); + p11_test (test_to_string, "/attrs/to-string"); + + p11_test (test_terminator, "/attrs/terminator"); + p11_test (test_count, "/attrs/count"); + p11_test (test_build_one, "/attrs/build-one"); + p11_test (test_build_two, "/attrs/build-two"); + p11_test (test_build_invalid, "/attrs/build-invalid"); + p11_test (test_buildn_one, "/attrs/buildn-one"); + p11_test (test_buildn_two, "/attrs/buildn-two"); + p11_test (test_build_add, "/attrs/build-add"); + p11_test (test_build_null, "/attrs/build-null"); + p11_test (test_dup, "/attrs/dup"); + p11_test (test_take, "/attrs/take"); + p11_test (test_merge_replace, "/attrs/merge-replace"); + p11_test (test_merge_augment, "/attrs/merge-augment"); + p11_test (test_merge_empty, "/attrs/merge-empty"); + p11_test (test_free_null, "/attrs/free-null"); + p11_test (test_match, "/attrs/match"); + p11_test (test_matchn, "/attrs/matchn"); + p11_test (test_find, "/attrs/find"); + p11_test (test_findn, "/attrs/findn"); + p11_test (test_find_bool, "/attrs/find-bool"); + p11_test (test_find_ulong, "/attrs/find-ulong"); + p11_test (test_find_value, "/attrs/find-value"); + p11_test (test_find_valid, "/attrs/find-valid"); + p11_test (test_remove, "/attrs/remove"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-base64.c b/common/tests/test-base64.c index 90c1f49..ce303e8 100644 --- a/common/tests/test-base64.c +++ b/common/tests/test-base64.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "base64.h" #include "debug.h" @@ -45,9 +45,9 @@ #include <stdlib.h> static void -check_decode_msg (CuTest *tc, - const char *file, +check_decode_msg (const char *file, int line, + const char *function, const char *input, ssize_t input_len, const unsigned char *expected, @@ -63,33 +63,38 @@ check_decode_msg (CuTest *tc, length = p11_b64_pton (input, input_len, decoded, sizeof (decoded)); if (expected == NULL) { - CuAssert_Line (tc, file, line, "decoding should have failed", length < 0); + if (length >= 0) + p11_test_fail (file, line, function, "decoding should have failed"); } else { - CuAssert_Line (tc, file, line, "decoding failed", length >= 0); - CuAssertIntEquals_LineMsg (tc, file, line, "wrong length", expected_len, length); - CuAssert_Line (tc, file, line, "decoded wrong", memcmp (decoded, expected, length) == 0); + if (length < 0) + p11_test_fail (file, line, function, "decoding failed"); + if (expected_len != length) + p11_test_fail (file, line, function, "wrong length: (%lu != %lu)", + (unsigned long)expected_len, (unsigned long)length); + if (memcmp (decoded, expected, length) != 0) + p11_test_fail (file, line, function, "decoded wrong"); } } -#define check_decode_success(tc, input, input_len, expected, expected_len) \ - check_decode_msg (tc, __FILE__, __LINE__, input, input_len, expected, expected_len) +#define check_decode_success(input, input_len, expected, expected_len) \ + check_decode_msg (__FILE__, __LINE__, __FUNCTION__, input, input_len, expected, expected_len) -#define check_decode_failure(tc, input, input_len) \ - check_decode_msg (tc, __FILE__, __LINE__, input, input_len, NULL, 0) +#define check_decode_failure(input, input_len) \ + check_decode_msg (__FILE__, __LINE__, __FUNCTION__, input, input_len, NULL, 0) static void -test_decode_simple (CuTest *tc) +test_decode_simple (void) { - check_decode_success (tc, "", 0, (unsigned char *)"", 0); - check_decode_success (tc, "MQ==", 0, (unsigned char *)"1", 0); - check_decode_success (tc, "YmxhaAo=", -1, (unsigned char *)"blah\n", -1); - check_decode_success (tc, "bGVlbGEK", -1, (unsigned char *)"leela\n", -1); - check_decode_success (tc, "bGVlbG9vCg==", -1, (unsigned char *)"leeloo\n", -1); + check_decode_success ("", 0, (unsigned char *)"", 0); + check_decode_success ("MQ==", 0, (unsigned char *)"1", 0); + check_decode_success ("YmxhaAo=", -1, (unsigned char *)"blah\n", -1); + check_decode_success ("bGVlbGEK", -1, (unsigned char *)"leela\n", -1); + check_decode_success ("bGVlbG9vCg==", -1, (unsigned char *)"leeloo\n", -1); } static void -test_decode_thawte (CuTest *tc) +test_decode_thawte (void) { const char *input = "MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCB" @@ -186,28 +191,14 @@ test_decode_thawte (CuTest *tc) 0x31, 0xd4, 0x40, 0x1a, 0x62, 0x34, 0x36, 0x3f, 0x35, 0x01, 0xae, 0xac, 0x63, 0xa0, }; - check_decode_success (tc, input, -1, output, sizeof (output)); + check_decode_success (input, -1, output, sizeof (output)); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_decode_simple); - SUITE_ADD_TEST (suite, test_decode_thawte); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - return ret; + p11_test (test_decode_simple, "/base64/decode-simple"); + p11_test (test_decode_thawte, "/base64/decode-thawte"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-buffer.c b/common/tests/test-buffer.c index baf7b73..4fd060d 100644 --- a/common/tests/test-buffer.c +++ b/common/tests/test-buffer.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -43,41 +43,41 @@ #include "buffer.h" static void -test_init_uninit (CuTest *tc) +test_init_uninit (void) { p11_buffer buffer; p11_buffer_init (&buffer, 10); - CuAssertPtrNotNull (tc, buffer.data); - CuAssertIntEquals (tc, 0, buffer.len); - CuAssertIntEquals (tc, 0, buffer.flags); - CuAssertTrue (tc, buffer.size >= 10); - CuAssertPtrNotNull (tc, buffer.ffree); - CuAssertPtrNotNull (tc, buffer.frealloc); + assert_ptr_not_null (buffer.data); + assert_num_eq (0, buffer.len); + assert_num_eq (0, buffer.flags); + assert (buffer.size >= 10); + assert_ptr_not_null (buffer.ffree); + assert_ptr_not_null (buffer.frealloc); p11_buffer_uninit (&buffer); } static void -test_append (CuTest *tc) +test_append (void) { p11_buffer buffer; p11_buffer_init (&buffer, 10); buffer.len = 5; p11_buffer_append (&buffer, 35); - CuAssertIntEquals (tc, 5 + 35, buffer.len); - CuAssertTrue (tc, buffer.size >= 35 + 5); + assert_num_eq (5 + 35, buffer.len); + assert (buffer.size >= 35 + 5); p11_buffer_append (&buffer, 15); - CuAssertIntEquals (tc, 5 + 35 + 15, buffer.len); - CuAssertTrue (tc, buffer.size >= 5 + 35 + 15); + assert_num_eq (5 + 35 + 15, buffer.len); + assert (buffer.size >= 5 + 35 + 15); p11_buffer_uninit (&buffer); } static void -test_null (CuTest *tc) +test_null (void) { p11_buffer buffer; @@ -85,7 +85,7 @@ test_null (CuTest *tc) p11_buffer_add (&buffer, "Blah", -1); p11_buffer_add (&buffer, " blah", -1); - CuAssertStrEquals (tc, "Blah blah", buffer.data); + assert_str_eq ("Blah blah", buffer.data); p11_buffer_uninit (&buffer); } @@ -109,7 +109,7 @@ mock_free (void *data) } static void -test_init_for_data (CuTest *tc) +test_init_for_data (void) { p11_buffer buffer; unsigned char *ret; @@ -121,29 +121,29 @@ test_init_for_data (CuTest *tc) p11_buffer_init_full (&buffer, (unsigned char *)strdup ("blah"), 4, 0, mock_realloc, mock_free); - CuAssertPtrNotNull (tc, buffer.data); - CuAssertStrEquals (tc, "blah", (char *)buffer.data); - CuAssertIntEquals (tc, 4, buffer.len); - CuAssertIntEquals (tc, 0, buffer.flags); - CuAssertIntEquals (tc, 4, buffer.size); - CuAssertPtrEquals (tc, mock_free, buffer.ffree); - CuAssertPtrEquals (tc, mock_realloc, buffer.frealloc); + assert_ptr_not_null (buffer.data); + assert_str_eq ("blah", (char *)buffer.data); + assert_num_eq (4, buffer.len); + assert_num_eq (0, buffer.flags); + assert_num_eq (4, buffer.size); + assert_ptr_eq (mock_free, buffer.ffree); + assert_ptr_eq (mock_realloc, buffer.frealloc); - CuAssertIntEquals (tc, 0, mock_realloced); - CuAssertIntEquals (tc, 0, mock_freed); + assert_num_eq (0, mock_realloced); + assert_num_eq (0, mock_freed); len = buffer.len; ret = p11_buffer_append (&buffer, 1024); - CuAssertPtrEquals (tc, (char *)buffer.data + len, ret); - CuAssertIntEquals (tc, 1, mock_realloced); + assert_ptr_eq ((char *)buffer.data + len, ret); + assert_num_eq (1, mock_realloced); p11_buffer_uninit (&buffer); - CuAssertIntEquals (tc, 1, mock_realloced); - CuAssertIntEquals (tc, 1, mock_freed); + assert_num_eq (1, mock_realloced); + assert_num_eq (1, mock_freed); } static void -test_steal (CuTest *tc) +test_steal (void) { p11_buffer buffer; char *string; @@ -154,61 +154,46 @@ test_steal (CuTest *tc) p11_buffer_init_full (&buffer, (unsigned char *)strdup ("blah"), 4, P11_BUFFER_NULL, mock_realloc, mock_free); - CuAssertPtrNotNull (tc, buffer.data); - CuAssertStrEquals (tc, "blah", buffer.data); + assert_ptr_not_null (buffer.data); + assert_str_eq ("blah", buffer.data); p11_buffer_add (&buffer, " yada", -1); - CuAssertStrEquals (tc, "blah yada", buffer.data); + assert_str_eq ("blah yada", buffer.data); string = p11_buffer_steal (&buffer, &length); p11_buffer_uninit (&buffer); - CuAssertStrEquals (tc, "blah yada", string); - CuAssertIntEquals (tc, 9, length); - CuAssertIntEquals (tc, 0, mock_freed); + assert_str_eq ("blah yada", string); + assert_num_eq (9, length); + assert_num_eq (0, mock_freed); free (string); } static void -test_add (CuTest *tc) +test_add (void) { p11_buffer buffer; p11_buffer_init (&buffer, 10); p11_buffer_add (&buffer, (unsigned char *)"Planet Express", 15); - CuAssertIntEquals (tc, 15, buffer.len); - CuAssertStrEquals (tc, "Planet Express", (char *)buffer.data); - CuAssertTrue (tc, p11_buffer_ok (&buffer)); + assert_num_eq (15, buffer.len); + assert_str_eq ("Planet Express", (char *)buffer.data); + assert (p11_buffer_ok (&buffer)); p11_buffer_uninit (&buffer); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_init_uninit); - SUITE_ADD_TEST (suite, test_init_for_data); - SUITE_ADD_TEST (suite, test_append); - SUITE_ADD_TEST (suite, test_null); - SUITE_ADD_TEST (suite, test_add); - SUITE_ADD_TEST (suite, test_steal); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_init_uninit, "/buffer/init-uninit"); + p11_test (test_init_for_data, "/buffer/init-for-data"); + p11_test (test_append, "/buffer/append"); + p11_test (test_null, "/buffer/null"); + p11_test (test_add, "/buffer/add"); + p11_test (test_steal, "/buffer/steal"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-compat.c b/common/tests/test-compat.c index 066e723..f1960ce 100644 --- a/common/tests/test-compat.c +++ b/common/tests/test-compat.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -42,36 +42,24 @@ #include "compat.h" static void -test_strndup (CuTest *tc) +test_strndup (void) { char unterminated[] = { 't', 'e', 's', 't', 'e', 'r', 'o', 'n', 'i', 'o' }; char *res; res = strndup (unterminated, 6); - CuAssertStrEquals (tc, res, "tester"); + assert_str_eq (res, "tester"); free (res); res = strndup ("test", 6); - CuAssertStrEquals (tc, res, "test"); + assert_str_eq (res, "test"); free (res); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - SUITE_ADD_TEST (suite, test_strndup); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_strndup, "/test/strndup"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-constants.c b/common/tests/test-constants.c index 4cd4472..9adc81a 100644 --- a/common/tests/test-constants.c +++ b/common/tests/test-constants.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -44,50 +44,38 @@ #include "debug.h" static void -test_constants (CuTest *tc) +test_constants (void *arg) { - const p11_constant *constant; + const p11_constant *constant = arg; p11_dict *nicks, *names; CK_ULONG check; - int i, j; - - static const p11_constant *constants[] = { - p11_constant_types, - p11_constant_classes, - p11_constant_trusts, - p11_constant_certs, - p11_constant_keys, - p11_constant_asserts, - p11_constant_categories, - NULL - }; + int i; nicks = p11_constant_reverse (true); names = p11_constant_reverse (false); - for (j = 0; constants[j] != NULL; j++) { - constant = constants[j]; - for (i = 1; constant[i].value != CKA_INVALID; i++) { - if (constant[i].value < constant[i - 1].value) { - CuFail_Line (tc, __FILE__, __LINE__, - "attr constant out of order", constant[i].name); - } + for (i = 1; constant[i].value != CKA_INVALID; i++) { + if (constant[i].value < constant[i - 1].value) + assert_fail ("attr constant out of order", constant[i].name); + } + for (i = 0; constant[i].value != CKA_INVALID; i++) { + assert_ptr_not_null (constant[i].name); + + if (constant[i].nick) { + assert_str_eq (constant[i].nick, + p11_constant_nick (constant, constant[i].value)); } - for (i = 0; constant[i].value != CKA_INVALID; i++) { - CuAssertPtrNotNull (tc, constant[i].nick); - CuAssertPtrNotNull (tc, constant[i].name); - CuAssertStrEquals (tc, constant[i].nick, - p11_constant_nick (constant, constant[i].value)); - CuAssertStrEquals (tc, constant[i].name, - p11_constant_name (constant, constant[i].value)); + assert_str_eq (constant[i].name, + p11_constant_name (constant, constant[i].value)); + if (constant[i].nick) { check = p11_constant_resolve (nicks, constant[i].nick); - CuAssertIntEquals (tc, constant[i].value, check); - - check = p11_constant_resolve (names, constant[i].name); - CuAssertIntEquals (tc, constant[i].value, check); + assert_num_eq (constant[i].value, check); } + + check = p11_constant_resolve (names, constant[i].name); + assert_num_eq (constant[i].value, check); } p11_dict_free (names); @@ -95,23 +83,20 @@ test_constants (CuTest *tc) } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - SUITE_ADD_TEST (suite, test_constants); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); + p11_testx (test_constants, (void *)p11_constant_types, "/constants/types"); + p11_testx (test_constants, (void *)p11_constant_classes, "/constants/classes"); + p11_testx (test_constants, (void *)p11_constant_trusts, "/constants/trusts"); + p11_testx (test_constants, (void *)p11_constant_certs, "/constants/certs"); + p11_testx (test_constants, (void *)p11_constant_keys, "/constants/keys"); + p11_testx (test_constants, (void *)p11_constant_asserts, "/constants/asserts"); + p11_testx (test_constants, (void *)p11_constant_categories, "/constants/categories"); + p11_testx (test_constants, (void *)p11_constant_mechanisms, "/constants/mechanisms"); + p11_testx (test_constants, (void *)p11_constant_users, "/constants/users"); + p11_testx (test_constants, (void *)p11_constant_states, "/constants/states"); + p11_testx (test_constants, (void *)p11_constant_returns, "/constants/returns"); - return ret; + return p11_test_run (argc, argv); } diff --git a/common/tests/test-dict.c b/common/tests/test-dict.c index fc40b07..7c6f851 100644 --- a/common/tests/test-dict.c +++ b/common/tests/test-dict.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <assert.h> #include <stdlib.h> @@ -43,17 +43,17 @@ #include "dict.h" static void -test_create (CuTest *tc) +test_create (void) { p11_dict *map; map = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal, NULL, NULL); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); p11_dict_free (map); } static void -test_free_null (CuTest *tc) +test_free_null (void) { p11_dict_free (NULL); } @@ -98,24 +98,24 @@ value_destroy (void *data) } static void -test_free_destroys (CuTest *tc) +test_free_destroys (void) { p11_dict *map; Key key = { 8, 0 }; int value = 0; map = p11_dict_new (key_hash, key_equal, key_destroy, value_destroy); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); if (!p11_dict_set (map, &key, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); p11_dict_free (map); - CuAssertIntEquals (tc, true, key.freed); - CuAssertIntEquals (tc, 2, value); + assert_num_eq (true, key.freed); + assert_num_eq (2, value); } static void -test_iterate (CuTest *tc) +test_iterate (void) { p11_dict *map; p11_dictiter iter; @@ -126,19 +126,19 @@ test_iterate (CuTest *tc) int ret; map = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal, NULL, NULL); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); if (!p11_dict_set (map, &key, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); p11_dict_iterate (map, &iter); ret = p11_dict_next (&iter, &pkey, &pvalue); - CuAssertIntEquals (tc, 1, ret); - CuAssertPtrEquals (tc, pkey, &key); - CuAssertPtrEquals (tc, pvalue, &value); + assert_num_eq (1, ret); + assert_ptr_eq (pkey, &key); + assert_ptr_eq (pvalue, &value); ret = p11_dict_next (&iter, &pkey, &pvalue); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_dict_free (map); } @@ -153,7 +153,7 @@ compar_strings (const void *one, } static void -test_iterate_remove (CuTest *tc) +test_iterate_remove (void) { p11_dict *map; p11_dictiter iter; @@ -165,45 +165,45 @@ test_iterate_remove (CuTest *tc) int i; map = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, NULL, NULL); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); for (i = 0; i < 3; i++) { if (!p11_dict_set (map, keys[i], values[i])) - CuFail (tc, "should not be reached"); + assert_not_reached (); } p11_dict_iterate (map, &iter); ret = p11_dict_next (&iter, &okeys[0], &ovalues[0]); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_dict_next (&iter, &okeys[1], &ovalues[1]); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); if (!p11_dict_remove (map, okeys[1])) - CuFail (tc, "should not be reached"); + assert_not_reached (); ret = p11_dict_next (&iter, &okeys[2], &ovalues[2]); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_dict_next (&iter, NULL, NULL); - CuAssertIntEquals (tc, false, ret); + assert_num_eq (false, ret); - CuAssertIntEquals (tc, 2, p11_dict_size (map)); + assert_num_eq (2, p11_dict_size (map)); p11_dict_free (map); qsort (okeys, 3, sizeof (void *), compar_strings); qsort (ovalues, 3, sizeof (void *), compar_strings); for (i = 0; i < 3; i++) { - CuAssertStrEquals (tc, keys[i], okeys[i]); - CuAssertPtrEquals (tc, keys[i], okeys[i]); - CuAssertStrEquals (tc, values[i], ovalues[i]); - CuAssertPtrEquals (tc, values[i], ovalues[i]); + assert_str_eq (keys[i], okeys[i]); + assert_ptr_eq (keys[i], okeys[i]); + assert_str_eq (values[i], ovalues[i]); + assert_ptr_eq (values[i], ovalues[i]); } } static void -test_set_get (CuTest *tc) +test_set_get (void) { char *key = "KEY"; char *value = "VALUE"; @@ -213,13 +213,13 @@ test_set_get (CuTest *tc) map = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, NULL, NULL); p11_dict_set (map, key, value); check = p11_dict_get (map, key); - CuAssertPtrEquals (tc, check, value); + assert_ptr_eq (check, value); p11_dict_free (map); } static void -test_set_get_remove (CuTest *tc) +test_set_get_remove (void) { char *key = "KEY"; char *value = "VALUE"; @@ -230,24 +230,24 @@ test_set_get_remove (CuTest *tc) map = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, NULL, NULL); if (!p11_dict_set (map, key, value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); check = p11_dict_get (map, key); - CuAssertPtrEquals (tc, check, value); + assert_ptr_eq (check, value); ret = p11_dict_remove (map, key); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_dict_remove (map, key); - CuAssertIntEquals (tc, false, ret); + assert_num_eq (false, ret); check = p11_dict_get (map, key); - CuAssert (tc, "should be null", check == NULL); + assert (check == NULL); p11_dict_free (map); } static void -test_set_clear (CuTest *tc) +test_set_clear (void) { char *key = "KEY"; char *value = "VALUE"; @@ -257,18 +257,18 @@ test_set_clear (CuTest *tc) map = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal, NULL, NULL); if (!p11_dict_set (map, key, value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); p11_dict_clear (map); check = p11_dict_get (map, key); - CuAssert (tc, "should be null", check == NULL); + assert (check == NULL); p11_dict_free (map); } static void -test_remove_destroys (CuTest *tc) +test_remove_destroys (void) { p11_dict *map; Key key = { 8, 0 }; @@ -276,23 +276,23 @@ test_remove_destroys (CuTest *tc) bool ret; map = p11_dict_new (key_hash, key_equal, key_destroy, value_destroy); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); if (!p11_dict_set (map, &key, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); ret = p11_dict_remove (map, &key); - CuAssertIntEquals (tc, true, ret); - CuAssertIntEquals (tc, true, key.freed); - CuAssertIntEquals (tc, 2, value); + assert_num_eq (true, ret); + assert_num_eq (true, key.freed); + assert_num_eq (2, value); /* should not be destroyed again */ key.freed = false; value = 0; ret = p11_dict_remove (map, &key); - CuAssertIntEquals (tc, false, ret); - CuAssertIntEquals (tc, false, key.freed); - CuAssertIntEquals (tc, 0, value); + assert_num_eq (false, ret); + assert_num_eq (false, key.freed); + assert_num_eq (0, value); /* should not be destroyed again */ key.freed = false; @@ -300,12 +300,12 @@ test_remove_destroys (CuTest *tc) p11_dict_free (map); - CuAssertIntEquals (tc, false, key.freed); - CuAssertIntEquals (tc, 0, value); + assert_num_eq (false, key.freed); + assert_num_eq (0, value); } static void -test_set_destroys (CuTest *tc) +test_set_destroys (void) { p11_dict *map; Key key = { 8, 0 }; @@ -314,88 +314,88 @@ test_set_destroys (CuTest *tc) bool ret; map = p11_dict_new (key_hash, key_equal, key_destroy, value_destroy); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); if (!p11_dict_set (map, &key, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); key.freed = key2.freed = false; value = value2 = 0; /* Setting same key and value, should not be destroyed */ ret = p11_dict_set (map, &key, &value); - CuAssertIntEquals (tc, true, ret); - CuAssertIntEquals (tc, false, key.freed); - CuAssertIntEquals (tc, false, key2.freed); - CuAssertIntEquals (tc, 0, value); - CuAssertIntEquals (tc, 0, value2); + assert_num_eq (true, ret); + assert_num_eq (false, key.freed); + assert_num_eq (false, key2.freed); + assert_num_eq (0, value); + assert_num_eq (0, value2); key.freed = key2.freed = false; value = value2 = 0; /* Setting a new key same value, key should be destroyed */ ret = p11_dict_set (map, &key2, &value); - CuAssertIntEquals (tc, true, ret); - CuAssertIntEquals (tc, true, key.freed); - CuAssertIntEquals (tc, false, key2.freed); - CuAssertIntEquals (tc, 0, value); - CuAssertIntEquals (tc, 0, value2); + assert_num_eq (true, ret); + assert_num_eq (true, key.freed); + assert_num_eq (false, key2.freed); + assert_num_eq (0, value); + assert_num_eq (0, value2); key.freed = key2.freed = false; value = value2 = 0; /* Setting same key, new value, value should be destroyed */ ret = p11_dict_set (map, &key2, &value2); - CuAssertIntEquals (tc, true, ret); - CuAssertIntEquals (tc, false, key.freed); - CuAssertIntEquals (tc, false, key2.freed); - CuAssertIntEquals (tc, 2, value); - CuAssertIntEquals (tc, 0, value2); + assert_num_eq (true, ret); + assert_num_eq (false, key.freed); + assert_num_eq (false, key2.freed); + assert_num_eq (2, value); + assert_num_eq (0, value2); key.freed = key2.freed = false; value = value2 = 0; /* Setting new key new value, both should be destroyed */ ret = p11_dict_set (map, &key, &value); - CuAssertIntEquals (tc, true, ret); - CuAssertIntEquals (tc, false, key.freed); - CuAssertIntEquals (tc, true, key2.freed); - CuAssertIntEquals (tc, 0, value); - CuAssertIntEquals (tc, 2, value2); + assert_num_eq (true, ret); + assert_num_eq (false, key.freed); + assert_num_eq (true, key2.freed); + assert_num_eq (0, value); + assert_num_eq (2, value2); key.freed = key2.freed = false; value = value2 = 0; p11_dict_free (map); - CuAssertIntEquals (tc, true, key.freed); - CuAssertIntEquals (tc, 2, value); - CuAssertIntEquals (tc, false, key2.freed); - CuAssertIntEquals (tc, 0, value2); + assert_num_eq (true, key.freed); + assert_num_eq (2, value); + assert_num_eq (false, key2.freed); + assert_num_eq (0, value2); } static void -test_clear_destroys (CuTest *tc) +test_clear_destroys (void) { p11_dict *map; Key key = { 18, 0 }; int value = 0; map = p11_dict_new (key_hash, key_equal, key_destroy, value_destroy); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); if (!p11_dict_set (map, &key, &value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); p11_dict_clear (map); - CuAssertIntEquals (tc, true, key.freed); - CuAssertIntEquals (tc, 2, value); + assert_num_eq (true, key.freed); + assert_num_eq (2, value); /* should not be destroyed again */ key.freed = false; value = 0; p11_dict_clear (map); - CuAssertIntEquals (tc, false, key.freed); - CuAssertIntEquals (tc, 0, value); + assert_num_eq (false, key.freed); + assert_num_eq (0, value); /* should not be destroyed again */ key.freed = false; @@ -403,8 +403,8 @@ test_clear_destroys (CuTest *tc) p11_dict_free (map); - CuAssertIntEquals (tc, false, key.freed); - CuAssertIntEquals (tc, 0, value); + assert_num_eq (false, key.freed); + assert_num_eq (0, value); } static unsigned int @@ -415,7 +415,7 @@ test_hash_intptr_with_collisions (const void *data) } static void -test_hash_add_check_lots_and_collisions (CuTest *tc) +test_hash_add_check_lots_and_collisions (void) { p11_dict *map; int *value; @@ -428,20 +428,20 @@ test_hash_add_check_lots_and_collisions (CuTest *tc) value = malloc (sizeof (int)); *value = i; if (!p11_dict_set (map, value, value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); } for (i = 0; i < 20000; ++i) { value = p11_dict_get (map, &i); - CuAssertPtrNotNull (tc, value); - CuAssertIntEquals (tc, i, *value); + assert_ptr_not_null (value); + assert_num_eq (i, *value); } p11_dict_free (map); } static void -test_hash_count (CuTest *tc) +test_hash_count (void) { p11_dict *map; int *value; @@ -450,30 +450,30 @@ test_hash_count (CuTest *tc) map = p11_dict_new (p11_dict_intptr_hash, p11_dict_intptr_equal, NULL, free); - CuAssertIntEquals (tc, 0, p11_dict_size (map)); + assert_num_eq (0, p11_dict_size (map)); for (i = 0; i < 20000; ++i) { value = malloc (sizeof (int)); *value = i; if (!p11_dict_set (map, value, value)) - CuFail (tc, "should not be reached"); - CuAssertIntEquals (tc, i + 1, p11_dict_size (map)); + assert_not_reached (); + assert_num_eq (i + 1, p11_dict_size (map)); } for (i = 0; i < 20000; ++i) { ret = p11_dict_remove (map, &i); - CuAssertIntEquals (tc, true, ret); - CuAssertIntEquals (tc, 20000 - (i + 1), p11_dict_size (map)); + assert_num_eq (true, ret); + assert_num_eq (20000 - (i + 1), p11_dict_size (map)); } p11_dict_clear (map); - CuAssertIntEquals (tc, 0, p11_dict_size (map)); + assert_num_eq (0, p11_dict_size (map)); p11_dict_free (map); } static void -test_hash_ulongptr (CuTest *tc) +test_hash_ulongptr (void) { p11_dict *map; unsigned long *value; @@ -485,47 +485,35 @@ test_hash_ulongptr (CuTest *tc) value = malloc (sizeof (unsigned long)); *value = i; if (!p11_dict_set (map, value, value)) - CuFail (tc, "should not be reached"); + assert_not_reached (); } for (i = 0; i < 20000; ++i) { value = p11_dict_get (map, &i); - CuAssertPtrNotNull (tc, value); - CuAssertIntEquals (tc, i, *value); + assert_ptr_not_null (value); + assert_num_eq (i, *value); } p11_dict_free (map); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - SUITE_ADD_TEST (suite, test_create); - SUITE_ADD_TEST (suite, test_set_get); - SUITE_ADD_TEST (suite, test_set_get_remove); - SUITE_ADD_TEST (suite, test_remove_destroys); - SUITE_ADD_TEST (suite, test_set_clear); - SUITE_ADD_TEST (suite, test_set_destroys); - SUITE_ADD_TEST (suite, test_clear_destroys); - SUITE_ADD_TEST (suite, test_free_null); - SUITE_ADD_TEST (suite, test_free_destroys); - SUITE_ADD_TEST (suite, test_iterate); - SUITE_ADD_TEST (suite, test_iterate_remove); - SUITE_ADD_TEST (suite, test_hash_add_check_lots_and_collisions); - SUITE_ADD_TEST (suite, test_hash_count); - SUITE_ADD_TEST (suite, test_hash_ulongptr); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_create, "/dict/create"); + p11_test (test_set_get, "/dict/set-get"); + p11_test (test_set_get_remove, "/dict/set-get-remove"); + p11_test (test_remove_destroys, "/dict/remove-destroys"); + p11_test (test_set_clear, "/dict/set-clear"); + p11_test (test_set_destroys, "/dict/set-destroys"); + p11_test (test_clear_destroys, "/dict/clear-destroys"); + p11_test (test_free_null, "/dict/free-null"); + p11_test (test_free_destroys, "/dict/free-destroys"); + p11_test (test_iterate, "/dict/iterate"); + p11_test (test_iterate_remove, "/dict/iterate-remove"); + p11_test (test_hash_add_check_lots_and_collisions, "/dict/add-check-lots-and-collisions"); + p11_test (test_hash_count, "/dict/count"); + p11_test (test_hash_ulongptr, "/dict/ulongptr"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-hash.c b/common/tests/test-hash.c index eecf09b..c679cad 100644 --- a/common/tests/test-hash.c +++ b/common/tests/test-hash.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <assert.h> #include <stdint.h> @@ -56,7 +56,7 @@ const char *sha1_checksum[] = { }; static void -test_sha1 (CuTest *cu) +test_sha1 (void) { unsigned char checksum[P11_HASH_SHA1_LEN]; size_t len; @@ -67,28 +67,28 @@ test_sha1 (CuTest *cu) len = strlen (sha1_input[i]); p11_hash_sha1 (checksum, sha1_input[i], len, NULL); - CuAssertTrue (cu, memcmp (sha1_checksum[i], checksum, P11_HASH_SHA1_LEN) == 0); + assert (memcmp (sha1_checksum[i], checksum, P11_HASH_SHA1_LEN) == 0); if (len > 6) { p11_hash_sha1 (checksum, sha1_input[i], 6, sha1_input[i] + 6, len - 6, NULL); - CuAssertTrue (cu, memcmp (sha1_checksum[i], checksum, P11_HASH_SHA1_LEN) == 0); + assert (memcmp (sha1_checksum[i], checksum, P11_HASH_SHA1_LEN) == 0); } } } static void -test_sha1_long (CuTest *cu) +test_sha1_long (void) { unsigned char checksum[P11_HASH_SHA1_LEN]; char *expected = "\x34\xAA\x97\x3C\xD4\xC4\xDA\xA4\xF6\x1E\xEB\x2B\xDB\xAD\x27\x31\x65\x34\x01\x6F"; char *input; input = malloc (1000000); - CuAssertTrue (cu, input != NULL); + assert (input != NULL); memset (input, 'a', 1000000); p11_hash_sha1 (checksum, input, 1000000, NULL); - CuAssertTrue (cu, memcmp (expected, checksum, P11_HASH_SHA1_LEN) == 0); + assert (memcmp (expected, checksum, P11_HASH_SHA1_LEN) == 0); free (input); } @@ -112,7 +112,7 @@ const char *md5_checksum[] = { }; static void -test_md5 (CuTest *cu) +test_md5 (void) { unsigned char checksum[P11_HASH_MD5_LEN]; size_t len; @@ -123,17 +123,17 @@ test_md5 (CuTest *cu) len = strlen (md5_input[i]); p11_hash_md5 (checksum, md5_input[i], len, NULL); - CuAssertTrue (cu, memcmp (md5_checksum[i], checksum, P11_HASH_MD5_LEN) == 0); + assert (memcmp (md5_checksum[i], checksum, P11_HASH_MD5_LEN) == 0); if (len > 5) { p11_hash_md5 (checksum, md5_input[i], 5, md5_input[i] + 5, len - 5, NULL); - CuAssertTrue (cu, memcmp (md5_checksum[i], checksum, P11_HASH_MD5_LEN) == 0); + assert (memcmp (md5_checksum[i], checksum, P11_HASH_MD5_LEN) == 0); } } } static void -test_murmur2 (CuTest *cu) +test_murmur3 (void) { uint32_t one, two, four, seven, eleven, split; @@ -146,23 +146,23 @@ test_murmur2 (CuTest *cu) p11_hash_murmur3 ((unsigned char *)&eleven, "eleven", 6, NULL); p11_hash_murmur3 ((unsigned char *)&split, "ele", 3, "ven", 3, NULL); - CuAssertTrue (cu, one != two); - CuAssertTrue (cu, one != four); - CuAssertTrue (cu, one != seven); - CuAssertTrue (cu, one != eleven); + assert (one != two); + assert (one != four); + assert (one != seven); + assert (one != eleven); - CuAssertTrue (cu, two != four); - CuAssertTrue (cu, two != seven); - CuAssertTrue (cu, two != eleven); + assert (two != four); + assert (two != seven); + assert (two != eleven); - CuAssertTrue (cu, four != seven); - CuAssertTrue (cu, four != eleven); + assert (four != seven); + assert (four != eleven); - CuAssertTrue (cu, split == eleven); + assert (split == eleven); } static void -test_murmur2_incr (CuTest *cu) +test_murmur3_incr (void) { uint32_t first, second; @@ -182,29 +182,17 @@ test_murmur2_incr (CuTest *cu) "!", (size_t)1, NULL); - CuAssertIntEquals (cu, first, second); + assert_num_eq (first, second); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - SUITE_ADD_TEST (suite, test_sha1); - SUITE_ADD_TEST (suite, test_sha1_long); - SUITE_ADD_TEST (suite, test_md5); - SUITE_ADD_TEST (suite, test_murmur2); - SUITE_ADD_TEST (suite, test_murmur2_incr); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_sha1, "/hash/sha1"); + p11_test (test_sha1_long, "/hash/sha1-long"); + p11_test (test_md5, "/hash/md5"); + p11_test (test_murmur3, "/hash/murmur3"); + p11_test (test_murmur3_incr, "/hash/murmur3-incr"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-lexer.c b/common/tests/test-lexer.c index 58d5d65..ff18a89 100644 --- a/common/tests/test-lexer.c +++ b/common/tests/test-lexer.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -62,9 +62,9 @@ on_pem_get_type (const char *type, } static void -check_lex_msg (CuTest *tc, - const char *file, +check_lex_msg (const char *file, int line, + const char *function, const expected_tok *expected, const char *input, bool failure) @@ -77,60 +77,63 @@ check_lex_msg (CuTest *tc, p11_lexer_init (&lexer, "test", input, strlen (input)); for (i = 0; p11_lexer_next (&lexer, &failed); i++) { - CuAssertIntEquals_LineMsg (tc, file, line, - "lexer token type does not match", - expected[i].tok_type, lexer.tok_type); + if (expected[i].tok_type != lexer.tok_type) + p11_test_fail (file, line, function, + "lexer token type does not match: (%d != %d)", + expected[i].tok_type, lexer.tok_type); switch (lexer.tok_type) { case TOK_FIELD: - CuAssertStrEquals_LineMsg (tc, file, line, - "field name doesn't match", - expected[i].name, lexer.tok.field.name); - CuAssertStrEquals_LineMsg (tc, file, line, - "field value doesn't match", - expected[i].value, lexer.tok.field.value); + if (strcmp (expected[i].name, lexer.tok.field.name) != 0) + p11_test_fail (file, line, function, + "field name doesn't match: (%s != %s)", + expected[i].name, lexer.tok.field.name); + if (strcmp (expected[i].value, lexer.tok.field.value) != 0) + p11_test_fail (file, line, function, + "field value doesn't match: (%s != %s)", + expected[i].value, lexer.tok.field.value); break; case TOK_SECTION: - CuAssertStrEquals_LineMsg (tc, file, line, - "section name doesn't match", - expected[i].name, lexer.tok.field.name); + if (strcmp (expected[i].name, lexer.tok.field.name) != 0) + p11_test_fail (file, line, function, + "section name doesn't match: (%s != %s)", + expected[i].name, lexer.tok.field.name); break; case TOK_PEM: type = NULL; count = p11_pem_parse (lexer.tok.pem.begin, lexer.tok.pem.length, on_pem_get_type, &type); - CuAssertIntEquals_LineMsg (tc, file, line, - "wrong number of PEM blocks", - 1, count); - CuAssertStrEquals_LineMsg (tc, file, line, - "wrong type of PEM block", - expected[i].name, type); + if (count != 1) + p11_test_fail (file, line, function, "more than one PEM block: %d", count); + if (strcmp (expected[i].name, type) != 0) + p11_test_fail (file, line, function, + "wrong type of PEM block: (%s != %s)", + expected[i].name, type); free (type); break; case TOK_EOF: - CuFail_Line (tc, file, line, NULL, "eof should not be recieved"); + p11_test_fail (file, line, function, "eof should not be recieved"); break; } } - if (failure) - CuAssert_Line (tc, file, line, "lexing didn't fail", failed); - else - CuAssert_Line (tc, file, line, "lexing failed", !failed); - CuAssertIntEquals_LineMsg (tc, file, line, - "premature end of lexing", - TOK_EOF, expected[i].tok_type); + if (failure && !failed) + p11_test_fail (file, line, function, "lexing didn't fail"); + else if (!failure && failed) + p11_test_fail (file, line, function, "lexing failed"); + if (TOK_EOF != expected[i].tok_type) + p11_test_fail (file, line, function, "premature end of lexing"); p11_lexer_done (&lexer); } -#define check_lex_success(tc, expected, input) \ - check_lex_msg (tc, __FILE__, __LINE__, expected, input, false) +#define check_lex_success(expected, input) \ + check_lex_msg (__FILE__, __LINE__, __FUNCTION__, expected, input, false) -#define check_lex_failure(tc, expected, input) \ - check_lex_msg (tc, __FILE__, __LINE__, expected, input, true) +#define check_lex_failure(expected, input) \ + check_lex_msg (__FILE__, __LINE__, __FUNCTION__, expected, input, true) static void -test_basic (CuTest *tc) +test_basic (void) { const char *input = "[the header]\n" "field: value\n" @@ -145,11 +148,11 @@ test_basic (CuTest *tc) { TOK_EOF } }; - check_lex_success (tc, expected, input); + check_lex_success (expected, input); } static void -test_corners (CuTest *tc) +test_corners (void) { const char *input = "\r\n" /* blankline */ " [the header]\r\n" /* bad line endings */ @@ -175,11 +178,11 @@ test_corners (CuTest *tc) { TOK_EOF } }; - check_lex_success (tc, expected, input); + check_lex_success (expected, input); } static void -test_following (CuTest *tc) +test_following (void) { const char *input = "-----BEGIN BLOCK1-----\n" "aYNNXqshlVxCdo8QfKeXh3GUzd/yn4LYIVgQrx4a\n" @@ -192,11 +195,11 @@ test_following (CuTest *tc) { TOK_EOF } }; - check_lex_success (tc, expected, input); + check_lex_success (expected, input); } static void -test_bad_pem (CuTest *tc) +test_bad_pem (void) { const char *input = "field: value\n" "-----BEGIN BLOCK1-----\n" @@ -209,13 +212,13 @@ test_bad_pem (CuTest *tc) p11_message_quiet (); - check_lex_failure (tc, expected, input); + check_lex_failure (expected, input); p11_message_loud (); } static void -test_bad_section (CuTest *tc) +test_bad_section (void) { const char *input = "field: value\n" "[section\n" @@ -228,13 +231,13 @@ test_bad_section (CuTest *tc) p11_message_quiet (); - check_lex_failure (tc, expected, input); + check_lex_failure (expected, input); p11_message_loud (); } static void -test_bad_value (CuTest *tc) +test_bad_value (void) { const char *input = "field_value\n" "[section\n" @@ -246,35 +249,20 @@ test_bad_value (CuTest *tc) p11_message_quiet (); - check_lex_failure (tc, expected, input); + check_lex_failure (expected, input); p11_message_loud (); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_basic); - SUITE_ADD_TEST (suite, test_corners); - SUITE_ADD_TEST (suite, test_following); - SUITE_ADD_TEST (suite, test_bad_pem); - SUITE_ADD_TEST (suite, test_bad_section); - SUITE_ADD_TEST (suite, test_bad_value); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_basic, "/lexer/basic"); + p11_test (test_corners, "/lexer/corners"); + p11_test (test_following, "/lexer/following"); + p11_test (test_bad_pem, "/lexer/bad-pem"); + p11_test (test_bad_section, "/lexer/bad-section"); + p11_test (test_bad_value, "/lexer/bad-value"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-oid.c b/common/tests/test-oid.c index 71b8278..05945d9 100644 --- a/common/tests/test-oid.c +++ b/common/tests/test-oid.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -47,7 +47,7 @@ #include "pkix.asn.h" static void -test_known_oids (CuTest *cu) +test_known_oids (void) { char buffer[128]; node_asn *definitions = NULL; @@ -79,29 +79,29 @@ test_known_oids (CuTest *cu) }; ret = asn1_array2tree (pkix_asn1_tab, &definitions, NULL); - CuAssertTrue (cu, ret == ASN1_SUCCESS); + assert (ret == ASN1_SUCCESS); for (i = 0; known_oids[i].oid != NULL; i++) { - CuAssertTrue (cu, p11_oid_simple (known_oids[i].oid, known_oids[i].length)); - CuAssertIntEquals (cu, known_oids[i].length, p11_oid_length (known_oids[i].oid)); - CuAssertTrue (cu, p11_oid_equal (known_oids[i].oid, known_oids[i].oid)); + assert (p11_oid_simple (known_oids[i].oid, known_oids[i].length)); + assert_num_eq (known_oids[i].length, p11_oid_length (known_oids[i].oid)); + assert (p11_oid_equal (known_oids[i].oid, known_oids[i].oid)); if (i > 0) - CuAssertTrue (cu, !p11_oid_equal (known_oids[i].oid, known_oids[i - 1].oid)); + assert (!p11_oid_equal (known_oids[i].oid, known_oids[i - 1].oid)); /* AttributeType is a OBJECT IDENTIFIER */ ret = asn1_create_element (definitions, "PKIX1.AttributeType", &node); - CuAssertTrue (cu, ret == ASN1_SUCCESS); + assert (ret == ASN1_SUCCESS); ret = asn1_der_decoding (&node, known_oids[i].oid, known_oids[i].length, NULL); - CuAssertTrue (cu, ret == ASN1_SUCCESS); + assert (ret == ASN1_SUCCESS); len = sizeof (buffer); ret = asn1_read_value (node, "", buffer, &len); - CuAssertTrue (cu, ret == ASN1_SUCCESS); + assert (ret == ASN1_SUCCESS); - CuAssertStrEquals (cu, known_oids[i].string, buffer); + assert_str_eq (known_oids[i].string, buffer); asn1_delete_structure (&node); } @@ -110,24 +110,9 @@ test_known_oids (CuTest *cu) } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_known_oids); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_known_oids, "/oids/known"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-path.c b/common/tests/test-path.c index 8263d1f..ec2c200 100644 --- a/common/tests/test-path.c +++ b/common/tests/test-path.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -43,7 +43,7 @@ #include "path.h" static void -test_base (CuTest *tc) +test_base (void) { struct { const char *in; @@ -70,133 +70,134 @@ test_base (CuTest *tc) for (i = 0; fixtures[i].in != NULL; i++) { out = p11_path_base (fixtures[i].in); - CuAssertStrEquals (tc, fixtures[i].out, out); + assert_str_eq (fixtures[i].out, out); free (out); } } -static void -check_equals_and_free_msg (CuTest *tc, - const char *file, - int line, - const char *ex, - char *ac) -{ - CuAssertStrEquals_LineMsg (tc, file, line, NULL, ex, ac); - free (ac); -} - -#define check_equals_and_free(tc, ex, ac) \ - check_equals_and_free_msg ((tc), __FILE__, __LINE__, (ex), (ac)) +#define check_equals_and_free(ex, ac) \ + do { assert_str_eq (ex, ac); free (ac); } while (0) static void -test_build (CuTest *tc) +test_build (void) { #ifdef OS_UNIX - check_equals_and_free (tc, "/root/second", + check_equals_and_free ("/root/second", p11_path_build ("/root", "second", NULL)); - check_equals_and_free (tc, "/root/second", + check_equals_and_free ("/root/second", p11_path_build ("/root", "/second", NULL)); - check_equals_and_free (tc, "/root/second", + check_equals_and_free ("/root/second", p11_path_build ("/root/", "second", NULL)); - check_equals_and_free (tc, "/root/second/third", + check_equals_and_free ("/root/second/third", p11_path_build ("/root", "second", "third", NULL)); - check_equals_and_free (tc, "/root/second/third", + check_equals_and_free ("/root/second/third", p11_path_build ("/root", "/second/third", NULL)); #else /* OS_WIN32 */ - check_equals_and_free (tc, "C:\\root\\second", + check_equals_and_free ("C:\\root\\second", p11_path_build ("C:\\root", "second", NULL)); - check_equals_and_free (tc, "C:\\root\\second", + check_equals_and_free ("C:\\root\\second", p11_path_build ("C:\\root", "\\second", NULL)); - check_equals_and_free (tc, "C:\\root\\second", + check_equals_and_free ("C:\\root\\second", p11_path_build ("C:\\root\\", "second", NULL)); - check_equals_and_free (tc, "C:\\root\\second\\third", + check_equals_and_free ("C:\\root\\second\\third", p11_path_build ("C:\\root", "second", "third", NULL)); - check_equals_and_free (tc, "C:\\root\\second/third", + check_equals_and_free ("C:\\root\\second/third", p11_path_build ("C:\\root", "second/third", NULL)); #endif } static void -test_expand (CuTest *tc) +test_expand (void) { char *path; #ifdef OS_UNIX putenv ("HOME=/home/blah"); - check_equals_and_free (tc, "/home/blah/my/path", + check_equals_and_free ("/home/blah/my/path", p11_path_expand ("$HOME/my/path")); - check_equals_and_free (tc, "/home/blah/my/path", + check_equals_and_free ("/home/blah/my/path", p11_path_expand ("~/my/path")); + check_equals_and_free ("/home/blah", + p11_path_expand ("$HOME")); + check_equals_and_free ("/home/blah", + p11_path_expand ("~")); putenv ("TEMP=/tmpdir"); - check_equals_and_free (tc, "/tmpdir/my/path", + check_equals_and_free ("/tmpdir/my/path", p11_path_expand ("$TEMP/my/path")); + check_equals_and_free ("/tmpdir", + p11_path_expand ("$TEMP")); #else /* OS_WIN32 */ putenv ("HOME=C:\\Users\\blah"); - check_equals_and_free (tc, "C:\\Users\\blah\\path", + check_equals_and_free ("C:\\Users\\blah\\path", p11_path_expand ("$HOME/path")); - check_equals_and_free (tc, "C:\\Users\\blah\\path", + check_equals_and_free ("C:\\Users\\blah\\path", p11_path_expand ("$HOME\\path")); - check_equals_and_free (tc, "C:\\Users\\blah\\path", + check_equals_and_free ("C:\\Users\\blah\\path", p11_path_expand ("~/path")); - check_equals_and_free (tc, "C:\\Users\\blah\\path", + check_equals_and_free ("C:\\Users\\blah\\path", p11_path_expand ("~\\path")); putenv ("TEMP=C:\\Temp Directory"); - check_equals_and_free (tc, "C:\\Temp Directory\\path", + check_equals_and_free ("C:\\Temp Directory\\path", p11_path_expand ("$TEMP/path")); - check_equals_and_free (tc, "C:\\Temp Directory\\path", + check_equals_and_free ("C:\\Temp Directory\\path", p11_path_expand ("$TEMP\\path")); #endif putenv("HOME="); path = p11_path_expand ("$HOME/this/is/my/path"); - CuAssertTrue (tc, strstr (path, "this/is/my/path") != NULL); + assert (strstr (path, "this/is/my/path") != NULL); free (path); putenv("HOME="); path = p11_path_expand ("~/this/is/my/path"); - CuAssertTrue (tc, strstr (path, "this/is/my/path") != NULL); + assert (strstr (path, "this/is/my/path") != NULL); free (path); putenv("TEMP="); path = p11_path_expand ("$TEMP/this/is/my/path"); - CuAssertTrue (tc, strstr (path, "this/is/my/path") != NULL); + assert (strstr (path, "this/is/my/path") != NULL); free (path); } static void -test_absolute (CuTest *tc) +test_absolute (void) { #ifdef OS_UNIX - CuAssertTrue (tc, p11_path_absolute ("/home")); - CuAssertTrue (tc, !p11_path_absolute ("home")); + assert (p11_path_absolute ("/home")); + assert (!p11_path_absolute ("home")); #else /* OS_WIN32 */ - CuAssertTrue (tc, p11_path_absolute ("C:\\home")); - CuAssertTrue (tc, !p11_path_absolute ("home")); - CuAssertTrue (tc, !p11_path_absolute ("/home")); + assert (p11_path_absolute ("C:\\home")); + assert (!p11_path_absolute ("home")); + assert (p11_path_absolute ("/home")); #endif } +static void +test_parent (void) +{ + check_equals_and_free ("/", p11_path_parent ("/root")); + check_equals_and_free ("/", p11_path_parent ("/root/")); + check_equals_and_free ("/", p11_path_parent ("/root//")); + check_equals_and_free ("/root", p11_path_parent ("/root/second")); + check_equals_and_free ("/root", p11_path_parent ("/root//second")); + check_equals_and_free ("/root", p11_path_parent ("/root//second//")); + check_equals_and_free ("/root", p11_path_parent ("/root///second")); + check_equals_and_free ("/root/second", p11_path_parent ("/root/second/test.file")); + assert_ptr_eq (NULL, p11_path_parent ("/")); + assert_ptr_eq (NULL, p11_path_parent ("//")); + assert_ptr_eq (NULL, p11_path_parent ("")); +} + int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - SUITE_ADD_TEST (suite, test_base); - SUITE_ADD_TEST (suite, test_build); - SUITE_ADD_TEST (suite, test_expand); - SUITE_ADD_TEST (suite, test_absolute); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_base, "/path/base"); + p11_test (test_build, "/path/build"); + p11_test (test_expand, "/path/expand"); + p11_test (test_absolute, "/path/absolute"); + p11_test (test_parent, "/path/parent"); + + return p11_test_run (argc, argv); } diff --git a/common/tests/test-pem.c b/common/tests/test-pem.c index 54a59d6..0c7d60a 100644 --- a/common/tests/test-pem.c +++ b/common/tests/test-pem.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <stdlib.h> #include <stdio.h> @@ -125,7 +125,6 @@ struct { }; typedef struct { - CuTest *cu; int input_index; int output_index; int parsed; @@ -139,8 +138,8 @@ on_parse_pem_success (const char *type, { Closure *cl = user_data; - CuAssertIntEquals (cl->cu, success_fixtures[cl->input_index].output[cl->output_index].length, length); - CuAssertTrue (cl->cu, memcmp (success_fixtures[cl->input_index].output[cl->output_index].data, contents, + assert_num_eq (success_fixtures[cl->input_index].output[cl->output_index].length, length); + assert (memcmp (success_fixtures[cl->input_index].output[cl->output_index].data, contents, success_fixtures[cl->input_index].output[cl->output_index].length) == 0); cl->output_index++; @@ -148,7 +147,7 @@ on_parse_pem_success (const char *type, } static void -test_pem_success (CuTest *cu) +test_pem_success (void) { Closure cl; int ret; @@ -156,7 +155,6 @@ test_pem_success (CuTest *cu) int j; for (i = 0; success_fixtures[i].input != NULL; i++) { - cl.cu = cu; cl.input_index = i; cl.output_index = 0; cl.parsed = 0; @@ -164,12 +162,12 @@ test_pem_success (CuTest *cu) ret = p11_pem_parse (success_fixtures[i].input, strlen (success_fixtures[i].input), on_parse_pem_success, &cl); - CuAssertTrue (cu, success_fixtures[i].output[cl.output_index].type == NULL); + assert (success_fixtures[i].output[cl.output_index].type == NULL); /* Count number of outputs, return from p11_pem_parse() should match */ for (j = 0; success_fixtures[i].output[j].type != NULL; j++); - CuAssertIntEquals (cu, j, ret); - CuAssertIntEquals (cu, ret, cl.parsed); + assert_num_eq (j, ret); + assert_num_eq (ret, cl.parsed); } } @@ -215,20 +213,19 @@ on_parse_pem_failure (const char *type, size_t length, void *user_data) { - CuTest *cu = user_data; - CuAssertTrue (cu, false && "not reached"); + assert (false && "not reached"); } static void -test_pem_failure (CuTest *cu) +test_pem_failure (void) { int ret; int i; for (i = 0; failure_fixtures[i] != NULL; i++) { ret = p11_pem_parse (failure_fixtures[i], strlen (failure_fixtures[i]), - on_parse_pem_failure, cu); - CuAssertIntEquals (cu, 0, ret); + on_parse_pem_failure, NULL); + assert_num_eq (0, ret); } } @@ -239,11 +236,6 @@ typedef struct { const char *output; } WriteFixture; -typedef struct { - CuTest *cu; - WriteFixture *fixture; -} WriteClosure; - static WriteFixture write_fixtures[] = { { "\x69\x83\x4d\x5e\xab\x21\x95\x5c\x42\x76\x8f\x10\x7c\xa7\x97\x87" @@ -303,60 +295,47 @@ on_parse_written (const char *type, size_t length, void *user_data) { - WriteClosure *cl = user_data; + WriteFixture *fixture = user_data; - CuAssertStrEquals (cl->cu, cl->fixture->type, type); - CuAssertIntEquals (cl->cu, cl->fixture->length, length); - CuAssertTrue (cl->cu, memcmp (contents, cl->fixture->input, length) == 0); + assert_str_eq (fixture->type, type); + assert_num_eq (fixture->length, length); + assert (memcmp (contents, fixture->input, length) == 0); } static void -test_pem_write (CuTest *cu) +test_pem_write (void) { WriteFixture *fixture; - WriteClosure cl; - size_t length; - char *output; + p11_buffer buf; unsigned int count; int i; for (i = 0; write_fixtures[i].input != NULL; i++) { fixture = write_fixtures + i; - output = p11_pem_write ((unsigned char *)fixture->input, - fixture->length, - fixture->type, &length); - CuAssertStrEquals (cu, fixture->output, output); - CuAssertIntEquals (cu, strlen (fixture->output), length); + if (!p11_buffer_init_null (&buf, 0)) + assert_not_reached (); - cl.fixture = fixture; - cl.cu = cu; + if (!p11_pem_write ((unsigned char *)fixture->input, + fixture->length, + fixture->type, &buf)) + assert_not_reached (); + assert_str_eq (fixture->output, buf.data); + assert_num_eq (strlen (fixture->output), buf.len); - count = p11_pem_parse (output, length, on_parse_written, &cl); - CuAssertIntEquals (cu, 1, count); + count = p11_pem_parse (buf.data, buf.len, on_parse_written, fixture); + assert_num_eq (1, count); - free (output); + p11_buffer_uninit (&buf); } } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - SUITE_ADD_TEST (suite, test_pem_success); - SUITE_ADD_TEST (suite, test_pem_failure); - SUITE_ADD_TEST (suite, test_pem_write); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_pem_success, "/pem/success"); + p11_test (test_pem_failure, "/pem/failure"); + p11_test (test_pem_write, "/pem/write"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-url.c b/common/tests/test-url.c index ed84f0c..892bf3c 100644 --- a/common/tests/test-url.c +++ b/common/tests/test-url.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "debug.h" #include "message.h" @@ -46,9 +46,9 @@ #include "url.h" static void -check_decode_msg (CuTest *tc, - const char *file, +check_decode_msg (const char *file, int line, + const char *function, const char *input, ssize_t input_len, const char *expected, @@ -62,106 +62,103 @@ check_decode_msg (CuTest *tc, decoded = p11_url_decode (input, input + input_len, "", &length); if (expected == NULL) { - CuAssert_Line (tc, file, line, "decoding should have failed", decoded == NULL); + if (decoded != NULL) + p11_test_fail (file, line, function, "decoding should have failed"); } else { - CuAssert_Line (tc, file, line, "decoding failed", decoded != NULL); - CuAssertIntEquals_LineMsg (tc, file, line, "wrong length", expected_len, length); - CuAssert_Line (tc, file, line, "decoded wrong", memcmp (decoded, expected, length) == 0); + if (decoded == NULL) + p11_test_fail (file, line, function, "decoding failed"); + if (expected_len != length) + p11_test_fail (file, line, function, "wrong length: (%lu != %lu)", + (unsigned long)expected_len, (unsigned long)length); + if (memcmp (decoded, expected, length) != 0) + p11_test_fail (file, line, function, "decoding wrong"); free (decoded); } } -#define check_decode_success(tc, input, input_len, expected, expected_len) \ - check_decode_msg (tc, __FILE__, __LINE__, input, input_len, expected, expected_len) +#define check_decode_success(input, input_len, expected, expected_len) \ + check_decode_msg (__FILE__, __LINE__, __FUNCTION__, input, input_len, expected, expected_len) -#define check_decode_failure(tc, input, input_len) \ - check_decode_msg (tc, __FILE__, __LINE__, input, input_len, NULL, 0) +#define check_decode_failure(input, input_len) \ + check_decode_msg (__FILE__, __LINE__, __FUNCTION__, input, input_len, NULL, 0) static void -test_decode_success (CuTest *tc) +test_decode_success (void) { - check_decode_success (tc, "%54%45%53%54%00", -1, "TEST", 5); - check_decode_success (tc, "%54%45%53%54%00", 6, "TE", 2); - check_decode_success (tc, "%54est%00", -1, "Test", 5); + check_decode_success ("%54%45%53%54%00", -1, "TEST", 5); + check_decode_success ("%54%45%53%54%00", 6, "TE", 2); + check_decode_success ("%54est%00", -1, "Test", 5); } static void -test_decode_skip (CuTest *tc) +test_decode_skip (void) { const char *input = "%54 %45 %53 %54 %00"; unsigned char *decoded; size_t length; decoded = p11_url_decode (input, input + strlen (input), P11_URL_WHITESPACE, &length); - CuAssertStrEquals (tc, "TEST", (char *)decoded); - CuAssertIntEquals (tc, 5, length); + assert_str_eq ("TEST", (char *)decoded); + assert_num_eq (5, length); free (decoded); } static void -test_decode_failure (CuTest *tc) +test_decode_failure (void) { /* Early termination */ - check_decode_failure (tc, "%54%45%53%5", -1); - check_decode_failure (tc, "%54%45%53%", -1); + check_decode_failure ("%54%45%53%5", -1); + check_decode_failure ("%54%45%53%", -1); /* Not hex characters */ - check_decode_failure (tc, "%54%XX%53%54%00", -1); + check_decode_failure ("%54%XX%53%54%00", -1); } static void -test_encode (CuTest *tc) +test_encode (void) { const unsigned char *input = (unsigned char *)"TEST"; - char *encoded; - size_t length; + p11_buffer buf; + + if (!p11_buffer_init_null (&buf, 5)) + assert_not_reached (); - encoded = p11_url_encode (input, input + 5, "", &length); - CuAssertStrEquals (tc, "%54%45%53%54%00", (char *)encoded); - CuAssertIntEquals (tc, 15, length); + p11_url_encode (input, input + 5, "", &buf); + assert (p11_buffer_ok (&buf)); + assert_str_eq ("%54%45%53%54%00", (char *)buf.data); + assert_num_eq (15, buf.len); - free (encoded); + p11_buffer_uninit (&buf); } static void -test_encode_verbatim (CuTest *tc) +test_encode_verbatim (void) { const unsigned char *input = (unsigned char *)"TEST"; - char *encoded; - size_t length; + p11_buffer buf; - encoded = p11_url_encode (input, input + 5, "ES", &length); - CuAssertStrEquals (tc, "%54ES%54%00", (char *)encoded); - CuAssertIntEquals (tc, 11, length); + if (!p11_buffer_init_null (&buf, 5)) + assert_not_reached (); - free (encoded); + p11_url_encode (input, input + 5, "ES", &buf); + assert (p11_buffer_ok (&buf)); + assert_str_eq ("%54ES%54%00", (char *)buf.data); + assert_num_eq (11, buf.len); + + p11_buffer_uninit (&buf); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_decode_success); - SUITE_ADD_TEST (suite, test_decode_skip); - SUITE_ADD_TEST (suite, test_decode_failure); - - SUITE_ADD_TEST (suite, test_encode); - SUITE_ADD_TEST (suite, test_encode_verbatim); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - return ret; + p11_test (test_decode_success, "/url/decode-success"); + p11_test (test_decode_skip, "/url/decode-skip"); + p11_test (test_decode_failure, "/url/decode-failure"); + + p11_test (test_encode, "/url/encode"); + p11_test (test_encode_verbatim, "/url/encode-verbatim"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-utf8.c b/common/tests/test-utf8.c index ed13fa2..9b2c3d5 100644 --- a/common/tests/test-utf8.c +++ b/common/tests/test-utf8.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "utf8.h" @@ -43,7 +43,7 @@ #define ELEMS(x) (sizeof (x) / sizeof (x[0])) static void -test_ucs2be (CuTest *cu) +test_ucs2be (void) { char *output; size_t length; @@ -73,14 +73,14 @@ test_ucs2be (CuTest *cu) fixtures[i].input_len, &length); - CuAssertIntEquals (cu, fixtures[i].output_len, length); - CuAssertStrEquals (cu, fixtures[i].output, output); + assert_num_eq (fixtures[i].output_len, length); + assert_str_eq (fixtures[i].output, output); free (output); } } static void -test_ucs2be_fail (CuTest *cu) +test_ucs2be_fail (void) { char *output; size_t length; @@ -97,12 +97,12 @@ test_ucs2be_fail (CuTest *cu) output = p11_utf8_for_ucs2be (fixtures[i].input, fixtures[i].input_len, &length); - CuAssertPtrEquals (cu, NULL, output); + assert_ptr_eq (NULL, output); } } static void -test_ucs4be (CuTest *cu) +test_ucs4be (void) { char *output; size_t length; @@ -146,15 +146,15 @@ test_ucs4be (CuTest *cu) fixtures[i].input_len, &length); - CuAssertIntEquals (cu, fixtures[i].output_len, length); - CuAssertStrEquals (cu, fixtures[i].output, output); + assert_num_eq (fixtures[i].output_len, length); + assert_str_eq (fixtures[i].output, output); free (output); } } static void -test_ucs4be_fail (CuTest *cu) +test_ucs4be_fail (void) { char *output; size_t length; @@ -179,12 +179,12 @@ test_ucs4be_fail (CuTest *cu) output = p11_utf8_for_ucs4be (fixtures[i].input, fixtures[i].input_len, &length); - CuAssertPtrEquals (cu, NULL, output); + assert_ptr_eq (NULL, output); } } static void -test_utf8 (CuTest *cu) +test_utf8 (void) { bool ret; int i; @@ -203,12 +203,12 @@ test_utf8 (CuTest *cu) for (i = 0; i < ELEMS (fixtures); i++) { ret = p11_utf8_validate (fixtures[i].input, fixtures[i].input_len); - CuAssertIntEquals (cu, true, ret); + assert_num_eq (true, ret); } } static void -test_utf8_fail (CuTest *cu) +test_utf8_fail (void) { bool ret; int i; @@ -226,31 +226,19 @@ test_utf8_fail (CuTest *cu) for (i = 0; i < ELEMS (fixtures); i++) { ret = p11_utf8_validate (fixtures[i].input, fixtures[i].input_len); - CuAssertIntEquals (cu, false, ret); + assert_num_eq (false, ret); } } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - SUITE_ADD_TEST (suite, test_ucs2be); - SUITE_ADD_TEST (suite, test_ucs2be_fail); - SUITE_ADD_TEST (suite, test_ucs4be); - SUITE_ADD_TEST (suite, test_ucs4be_fail); - SUITE_ADD_TEST (suite, test_utf8); - SUITE_ADD_TEST (suite, test_utf8_fail); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_ucs2be, "/utf8/ucs2be"); + p11_test (test_ucs2be_fail, "/utf8/ucs2be_fail"); + p11_test (test_ucs4be, "/utf8/ucs4be"); + p11_test (test_ucs4be_fail, "/utf8/ucs4be_fail"); + p11_test (test_utf8, "/utf8/utf8"); + p11_test (test_utf8_fail, "/utf8/utf8_fail"); + return p11_test_run (argc, argv); } diff --git a/common/tests/test-x509.c b/common/tests/test-x509.c index 2596c9c..9f7d258 100644 --- a/common/tests/test-x509.c +++ b/common/tests/test-x509.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "asn1.h" #include "debug.h" @@ -51,14 +51,14 @@ struct { } test; static void -setup (CuTest *cu) +setup (void *unused) { test.asn1_defs = p11_asn1_defs_load (); - CuAssertPtrNotNull (cu, test.asn1_defs); + assert_ptr_not_null (test.asn1_defs); } static void -teardown (CuTest *cu) +teardown (void *unused) { p11_dict_free (test.asn1_defs); memset (&test, 0, sizeof (test)); @@ -226,29 +226,25 @@ struct { }; static void -test_parse_extended_key_usage (CuTest *cu) +test_parse_extended_key_usage (void) { p11_array *ekus; int i, j, count; - setup (cu); - for (i = 0; extended_key_usage_fixtures[i].eku != NULL; i++) { ekus = p11_x509_parse_extended_key_usage (test.asn1_defs, (const unsigned char *)extended_key_usage_fixtures[i].eku, extended_key_usage_fixtures[i].length); - CuAssertPtrNotNull (cu, ekus); + assert_ptr_not_null (ekus); for (count = 0; extended_key_usage_fixtures[i].expected[count] != NULL; count++); - CuAssertIntEquals (cu, count, ekus->num); + assert_num_eq (count, ekus->num); for (j = 0; j < count; j++) - CuAssertStrEquals (cu, ekus->elem[j], extended_key_usage_fixtures[i].expected[j]); + assert_str_eq (ekus->elem[j], extended_key_usage_fixtures[i].expected[j]); p11_array_free (ekus); } - - teardown (cu); } struct { @@ -263,82 +259,70 @@ struct { }; static void -test_parse_key_usage (CuTest *cu) +test_parse_key_usage (void) { unsigned int ku; int i; bool ret; - setup (cu); - for (i = 0; key_usage_fixtures[i].ku != NULL; i++) { ku = 0; ret = p11_x509_parse_key_usage (test.asn1_defs, (const unsigned char *)key_usage_fixtures[i].ku, key_usage_fixtures[i].length, &ku); - CuAssertIntEquals (cu, true, ret); + assert_num_eq (true, ret); - CuAssertIntEquals (cu, key_usage_fixtures[i].expected, ku); + assert_num_eq (key_usage_fixtures[i].expected, ku); } - - teardown (cu); } static void -test_parse_extension (CuTest *cu) +test_parse_extension (void) { node_asn *cert; unsigned char *ext; size_t length; bool is_ca; - setup (cu); - cert = p11_asn1_decode (test.asn1_defs, "PKIX1.Certificate", test_cacert3_ca_der, sizeof (test_cacert3_ca_der), NULL); - CuAssertPtrNotNull (cu, cert); + assert_ptr_not_null (cert); ext = p11_x509_find_extension (cert, P11_OID_BASIC_CONSTRAINTS, test_cacert3_ca_der, sizeof (test_cacert3_ca_der), &length); - CuAssertPtrNotNull (cu, ext); - CuAssertTrue (cu, length > 0); + assert_ptr_not_null (ext); + assert (length > 0); asn1_delete_structure (&cert); if (!p11_x509_parse_basic_constraints (test.asn1_defs, ext, length, &is_ca)) - CuFail (cu, "failed to parse message"); + assert_fail ("failed to parse message", "basic constraints"); free (ext); - - teardown (cu); } static void -test_parse_extension_not_found (CuTest *cu) +test_parse_extension_not_found (void) { node_asn *cert; unsigned char *ext; size_t length; - setup (cu); - cert = p11_asn1_decode (test.asn1_defs, "PKIX1.Certificate", test_cacert3_ca_der, sizeof (test_cacert3_ca_der), NULL); - CuAssertPtrNotNull (cu, cert); + assert_ptr_not_null (cert); ext = p11_x509_find_extension (cert, P11_OID_OPENSSL_REJECT, test_cacert3_ca_der, sizeof (test_cacert3_ca_der), &length); - CuAssertPtrEquals (cu, NULL, ext); + assert_ptr_eq (NULL, ext); asn1_delete_structure (&cert); - - teardown (cu); } static void -test_directory_string (CuTest *tc) +test_directory_string (void) { struct { unsigned char input[100]; @@ -392,17 +376,17 @@ test_directory_string (CuTest *tc) string = p11_x509_parse_directory_string (fixtures[i].input, fixtures[i].input_len, &unknown, &length); - CuAssertPtrNotNull (tc, string); - CuAssertIntEquals (tc, false, unknown); + assert_ptr_not_null (string); + assert_num_eq (false, unknown); - CuAssertIntEquals (tc, fixtures[i].output_len, length); - CuAssertStrEquals (tc, fixtures[i].output, string); + assert_num_eq (fixtures[i].output_len, length); + assert_str_eq (fixtures[i].output, string); free (string); } } static void -test_directory_string_unknown (CuTest *tc) +test_directory_string_unknown (void) { /* Not a valid choice in DirectoryString */ unsigned char input[] = { 0x05, 0x07, 'A', ' ', ' ', 'n', 'i', 'c', 'e' }; @@ -411,34 +395,22 @@ test_directory_string_unknown (CuTest *tc) size_t length; string = p11_x509_parse_directory_string (input, sizeof (input), &unknown, &length); - CuAssertPtrEquals (tc, NULL, string); - CuAssertIntEquals (tc, true, unknown); + assert_ptr_eq (NULL, string); + assert_num_eq (true, unknown); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_parse_extended_key_usage); - SUITE_ADD_TEST (suite, test_parse_key_usage); - SUITE_ADD_TEST (suite, test_parse_extension); - SUITE_ADD_TEST (suite, test_parse_extension_not_found); - SUITE_ADD_TEST (suite, test_directory_string); - SUITE_ADD_TEST (suite, test_directory_string_unknown); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_fixture (setup, teardown); + p11_test (test_parse_extended_key_usage, "/x509/parse-extended-key-usage"); + p11_test (test_parse_key_usage, "/x509/parse-key-usage"); + p11_test (test_parse_extension, "/x509/parse-extension"); + p11_test (test_parse_extension_not_found, "/x509/parse-extension-not-found"); + + p11_fixture (NULL, NULL); + p11_test (test_directory_string, "/x509/directory-string"); + p11_test (test_directory_string_unknown, "/x509/directory-string-unknown"); + return p11_test_run (argc, argv); } diff --git a/common/url.c b/common/url.c index 6ccf74d..4b7e47b 100644 --- a/common/url.c +++ b/common/url.c @@ -103,40 +103,31 @@ p11_url_decode (const char *value, return result; } -char * +void p11_url_encode (const unsigned char *value, const unsigned char *end, const char *verbatim, - size_t *length) + p11_buffer *buf) { - char *p; - char *result; + char hex[3]; assert (value <= end); - /* Just allocate for worst case */ - result = malloc (((end - value) * 3) + 1); - return_val_if_fail (result != NULL, NULL); - /* Now loop through looking for escapes */ - p = result; while (value != end) { /* These characters we let through verbatim */ if (*value && strchr (verbatim, *value) != NULL) { - *(p++) = *(value++); + p11_buffer_add (buf, value, 1); /* All others get encoded */ } else { - *(p++) = '%'; - *(p++) = HEX_CHARS[((unsigned char)*value) >> 4]; - *(p++) = HEX_CHARS[((unsigned char)*value) & 0x0F]; - ++value; + hex[0] = '%'; + hex[1] = HEX_CHARS[((unsigned char)*value) >> 4]; + hex[2] = HEX_CHARS[((unsigned char)*value) & 0x0F]; + p11_buffer_add (buf, hex, 3); } - } - *p = 0; - if (length) - *length = p - result; - return result; + ++value; + } } diff --git a/common/url.h b/common/url.h index fa7938a..4ab1e43 100644 --- a/common/url.h +++ b/common/url.h @@ -36,6 +36,7 @@ #ifndef P11_URL_H #define P11_URL_H +#include "buffer.h" #include "compat.h" #include <stdlib.h> @@ -51,9 +52,9 @@ unsigned char * p11_url_decode (const char *value, const char *skip, size_t *length); -char * p11_url_encode (const unsigned char *value, +void p11_url_encode (const unsigned char *value, const unsigned char *end, const char *verbatim, - size_t *length); + p11_buffer *buf); #endif /* P11_URL_H */ diff --git a/configure.ac b/configure.ac index 17995e7..8d88540 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ AC_PREREQ(2.61) AC_INIT([p11-kit], - [0.18.3], + [0.19.1], [https://bugs.freedesktop.org/enter_bug.cgi?product=p11-glue], [p11-kit], [http://p11-glue.freedesktop.org/p11-kit.html]) @@ -36,6 +36,7 @@ dnl Checks for programs. AC_PROG_CC AC_PROG_CPP AM_PROG_CC_C_O +PKG_PROG_PKG_CONFIG LINGUAS="" AM_GNU_GETTEXT([external], [need-ngettext]) @@ -156,6 +157,35 @@ AS_IF([test "$with_libtasn1" != "no"], [ AM_CONDITIONAL(WITH_ASN1, test "$with_libtasn1" = "yes") # -------------------------------------------------------------------- +# libffi + +AC_ARG_WITH([libffi], + AS_HELP_STRING([--without-libffi], + [Don't use libffi for building closures])) + +if test "$with_libffi" != "no"; then + PKG_CHECK_MODULES(LIBFFI, [libffi >= 3.0.0]) + AC_DEFINE_UNQUOTED(WITH_FFI, 1, [Use libffi for building closures]) + AC_SUBST(LIBFFI_CFLAGS) + AC_SUBST(LIBFFI_LIBS) + + SAVE_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $LIBFFI_CFLAGS" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <ffi.h>], + [ #if FFI_CLOSURES + #else + #error no closures + #endif + ])], + [], [AC_MSG_ERROR([the libffi on this system has no support for closures.])]) + CFLAGS="$SAVE_CFLAGS" + + with_libffi="yes" +fi + +AM_CONDITIONAL(WITH_FFI, test "$with_libffi" = "yes") + +# -------------------------------------------------------------------- # Trust Module AC_ARG_ENABLE([trust-module], @@ -454,6 +484,7 @@ AC_MSG_NOTICE([build options: Load relative module paths from: $p11_module_path With libtasn1 dependency: $with_libtasn1 + With libffi: $with_libffi Build trust module: $enable_trust_module Trust module paths: $trust_status diff --git a/doc/manual/Makefile.am b/doc/manual/Makefile.am index cf4e49d..e306fb1 100644 --- a/doc/manual/Makefile.am +++ b/doc/manual/Makefile.am @@ -52,14 +52,18 @@ IGNORE_HFILES= \ conf.h \ debug.h \ dict.h \ - mock-module.h \ + log.h \ + mock.h \ + modules.h \ pkcs11.h \ pkcs11x.h \ private.h \ + proxy.h \ util.h \ + virtual.h \ array.h \ compat.h \ - mock-module.h + $(NULL) # Images to copy into HTML directory. # e.g. HTML_IMAGES=$(top_srcdir)/gtk/stock-icons/stock_about_24.png @@ -69,6 +73,7 @@ HTML_IMAGES= # e.g. content_files=running.sgml building.sgml changes-2.0.sgml content_files=p11-kit-config.xml p11-kit-sharing.xml \ p11-kit-devel.xml \ + p11-kit-proxy.xml \ p11-kit-trust.xml \ p11-kit.xml \ pkcs11.conf.xml \ diff --git a/doc/manual/p11-kit-devel.xml b/doc/manual/p11-kit-devel.xml index 96db868..873aff1 100644 --- a/doc/manual/p11-kit-devel.xml +++ b/doc/manual/p11-kit-devel.xml @@ -149,6 +149,9 @@ $ make install during the build, then certain features will be disabled.</para> <itemizedlist> + <listitem><para><command>libffi1</command> for shoring of PKCS#11 modules + between multiple callers in the same process. It is highly recommended that + this dependency be treated as a required dependency.</para></listitem> <listitem><para><command>gtk-doc</command> is required to build the reference manual. Use <literal>--enable-doc</literal> to control this dependency.</para></listitem> diff --git a/doc/manual/p11-kit-docs.xml b/doc/manual/p11-kit-docs.xml index 0397169..5acfb97 100644 --- a/doc/manual/p11-kit-docs.xml +++ b/doc/manual/p11-kit-docs.xml @@ -13,6 +13,7 @@ <xi:include href="p11-kit-config.xml"/> <xi:include href="p11-kit-sharing.xml"/> + <xi:include href="p11-kit-proxy.xml"/> <xi:include href="p11-kit-trust.xml"/> <chapter xml:id="tools"> @@ -28,6 +29,7 @@ <xi:include href="xml/p11-kit-pin.xml"/> <xi:include href="xml/p11-kit-util.xml"/> <xi:include href="xml/p11-kit-future.xml"/> + <xi:include href="xml/p11-kit-deprecated.xml"/> <index id="api-index-full"> <title>API Index</title> diff --git a/doc/manual/p11-kit-proxy.xml b/doc/manual/p11-kit-proxy.xml new file mode 100644 index 0000000..7cc3615 --- /dev/null +++ b/doc/manual/p11-kit-proxy.xml @@ -0,0 +1,29 @@ +<?xml version="1.0"?> +<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd" [ +]> +<chapter xml:id="sharing"> + <title>Proxy Module</title> + + <para>When an application is aware of the fact that coordination + is necessary between multiple consumers of a PKCS#11 module, and wants + to load standard configured PKCS#11 modules, it can link to + <literal>p11-kit</literal> and use the functions there to provide this + functionality.</para> + + <para>However most current consumers of PKCS#11 are ignorant of + this problem, and do not link to p11-kit. In order to solve this + multiple initialization problem for all applications, + <literal>p11-kit</literal> provides a proxy compatibility + module.</para> + + <para>This proxy module acts like a normal PKCS#11 module, but + internally loads a preconfigured set of PKCS#11 modules and + manages their features as described earlier. Each slot in the configured modules + is exposed as a slot of the <literal>p11-kit</literal> proxy module. The proxy + module is then used as a normal PKCS#11 module would be. It can be loaded by + crypto libraries like NSS and behaves as expected.</para> + + <para>The <literal>C_GetFunctionList</literal> exported entry point of the + proxy module returns a new managed PKCS#11 module each time it is called. These + managed instances are released when the proxy module is unloaded.</para> +</chapter> diff --git a/doc/manual/p11-kit-sections.txt b/doc/manual/p11-kit-sections.txt index dc85f2d..5ccba7c 100644 --- a/doc/manual/p11-kit-sections.txt +++ b/doc/manual/p11-kit-sections.txt @@ -52,20 +52,28 @@ p11_kit_pin_file_callback <SECTION> <FILE>p11-kit</FILE> -p11_kit_initialize_registered -p11_kit_finalize_registered -p11_kit_registered_modules -p11_kit_registered_module_to_name -p11_kit_registered_name_to_module -p11_kit_registered_option -p11_kit_initialize_module -p11_kit_load_initialize_module -p11_kit_finalize_module +P11_KIT_MODULE_CRITICAL +P11_KIT_MODULE_UNMANAGED +p11_kit_modules_load_and_initialize +p11_kit_modules_finalize_and_release +p11_kit_modules_load +p11_kit_modules_initialize +p11_kit_modules_finalize +p11_kit_modules_release +p11_kit_module_load +p11_kit_module_initialize +p11_kit_module_finalize +p11_kit_module_release +p11_kit_module_for_name +p11_kit_module_get_name +p11_kit_module_get_flags +p11_kit_config_option </SECTION> <SECTION> <FILE>p11-kit-util</FILE> p11_kit_strerror +p11_kit_message p11_kit_space_strdup p11_kit_space_strlen <SUBSECTION Private> @@ -85,7 +93,6 @@ p11_kit_uri_type_t p11_kit_set_progname p11_kit_be_quiet p11_kit_be_loud -p11_kit_message p11_kit_destroyer P11KitIter p11_kit_iter_new @@ -104,3 +111,17 @@ p11_kit_iter_get_object p11_kit_iter_load_attributes p11_kit_iter_free </SECTION> + +<SECTION> +<FILE>p11-kit-deprecated</FILE> +p11_kit_initialize_registered +p11_kit_finalize_registered +p11_kit_registered_modules +p11_kit_registered_module_to_name +p11_kit_registered_name_to_module +p11_kit_registered_option +p11_kit_initialize_module +p11_kit_load_initialize_module +p11_kit_finalize_module +P11_KIT_DEPRECATED_FOR +</SECTION> diff --git a/doc/manual/p11-kit-sharing.xml b/doc/manual/p11-kit-sharing.xml index e692e3d..bf0ed01 100644 --- a/doc/manual/p11-kit-sharing.xml +++ b/doc/manual/p11-kit-sharing.xml @@ -42,52 +42,63 @@ loosely coupled, backwards compatible, and flexible way.</para> </section> - <section xml:id="sharing-initialize"> - <title>Solution: p11-kit</title> - - <para><literal>p11-kit</literal> provides functions to - coordinate initialization and finalization of any PKCS#11 - module. A module may be initialized any number of times using - the p11_kit_initialize_module() function. The first time that - p11_kit_initialize_module() is called for a module, that module's - C_Initialize function is used. Later invocations for the same - module cause p11-kit to increment an internal initialization - count, rather than calling C_Initialize again.</para> - - <para>The p11_kit_finalize_module() is used to finalize a module. - Each time it is called it decrements the internal initialization - count for that module. When the internal initialization count - reaches zero, the module's C_Finalize function is called.</para> - - <para>This is done in a thread-safe manner. These functions can - be used on modules that the consumer loads themselves.</para> - </section> - - <section xml:id="sharing-module"> - <title>Solution: proxy module</title> - - <para>When an application is aware of the fact that coordination - is necessary between multiple consumers of a PKCS#11 module, it - can link to p11-kit and use the functions there to provide - this coordination.</para> - - <para>However most current consumers of PKCS#11 are ignorant of - this problem, and do not link to p11-kit. In order to solve this - multiple initialization problem for all applications, - <literal>p11-kit</literal> provides a proxy compatibility - module.</para> - - <para>This proxy module acts like a normal PKCS#11 module, but - internally loads a preconfigured set of PKCS#11 modules and - coordinates their initialization and finalization. Each slot - in the configured modules is exposed as a slot of the - <literal>p11-kit</literal> proxy module. The proxy module is - then used as a normal PKCS#11 module would be. It can be loaded by - crypto libraries like NSS and behaves as expected.</para> - - <para>The proxy module bends the PKCS#11 rules slightly. It does - not return the <literal>CKR_CRYPTOKI_ALREADY_INITIALIZED</literal> - error code as specified in PKCS#11. However this is a small - price to pay for this compatibility.</para> + <section xml:id="sharing-managed"> + <title>Managed modules</title> + + <para><literal>p11-kit</literal> wraps PKCS#11 modules to manage + them and customize their functionality so that they are able + to be shared between multiple callers in the same process.</para> + + <para>Each caller that uses the + <link linkend="p11-kit-modules-load"><function>p11_kit_modules_load()</function></link> + or <link linkend="p11-kit-module-load"><function>p11_kit_module_load()</function></link> + function gets independent wrapped PKCS#11 module(s). This is unless a caller + or module configuration specifies that a module should be used in an + unmanaged fashion.</para> + + <para>When modules are managed, the following aspects are wrapped and + coordinated:</para> + + <itemizedlist> + <listitem> + <para>Calls to <literal>C_Initialize</literal> and + <literal>C_Finalize</literal> can be called by multiple + callers.</para> + + <para>The first time that the managed module + <literal>C_Initialize</literal> is called, the PKCS#11 module's actual + <literal>C_Initialize</literal> function is called. Subsequent calls by + other callers will cause <literal>p11-kit</literal> to increment an + internal initialization count, rather than calling + <literal>C_Initialize</literal> again.</para> + + <para>Multiple callers can call the managed + <literal>C_Initialize</literal> function concurrently from different + threads and <literal>p11-kit</literal> will guarantee that this managed + in a thread-safe manner.</para> + </listitem> + <listitem> + <para>When the managed module <literal>C_Finalize</literal> is used + to finalize a module, each time it is called it decrements the internal + initialization count for that module. When the internal initialization + count reaches zero, the module's actual <literal>C_Finalize</literal> + function is called.</para> + + <para>Multiple callers can call the managed <literal>C_Finalize</literal> + function concurrently from different threads and <literal>p11-kit</literal> + will guarantee that this managed in a thread-safe manner.</para> + </listitem> + <listitem> + <para>Call to <literal>C_CloseAllSessions</literal> only close the + sessions that the caller of the managed module has opened. This allows the + <literal>C_CloseAllSessions</literal> function to be used without closing + sessions for other callers of the same PKCS#11 module.</para> + </listitem> + <listitem> + <para>Managed modules have ability to log PKCS#11 method calls for debugging + purposes. See the <link linkend="option-log-calls"><literal>log-calls = yes</literal></link> + module configuration option.</para> + </listitem> + </itemizedlist> </section> </chapter> diff --git a/doc/manual/pkcs11.conf.xml b/doc/manual/pkcs11.conf.xml index 1814377..1ff2562 100644 --- a/doc/manual/pkcs11.conf.xml +++ b/doc/manual/pkcs11.conf.xml @@ -128,6 +128,16 @@ x-custom : text </listitem> </varlistentry> <varlistentry> + <term><option>managed:</option></term> + <listitem> + <para>Set to <literal>no</literal> if the module is not to be managed by + p11-kit. Making a module unmanaged is not recommended, and will cause + problems if multiple callers in a single process share a PKCS#11 module.</para> + + <para>This argument is optonal and defaults to <literal>yes</literal>.</para> + </listitem> + </varlistentry> + <varlistentry> <term><option>priority:</option></term> <listitem> <para>The value should be an integer. When lists of modules are @@ -147,6 +157,15 @@ x-custom : text of trust policy information such as certificate anchors and black lists.</para> </listitem> </varlistentry> + <varlistentry id="option-log-calls"> + <term>log-calls:</term> + <listitem> + <para>Set to <literal>yes</literal> to write a log to stderr of all the + calls into the module. This is only supported for managed modules.</para> + + <para>This argument is optonal and defaults to <literal>no</literal>.</para> + </listitem> + </varlistentry> </variablelist> <para>Do not specify both <literal>enable-in</literal> and <literal>disable-in</literal> @@ -172,6 +191,30 @@ x-custom : text <literal>none</literal>, <literal>merge</literal>, <literal>only</literal>.</para></listitem> </varlistentry> + <varlistentry> + <term><option>managed:</option></term> + <listitem> + <para>Set to <literal>yes</literal> or <literal>no</literal> to + force all modules to be managed or unmanaged by p11-kit. Setting this + setting in a global configuration file will override the + <literal>managed</literal> setting in the individual module configuration + files. Making modules unmanaged is not recommended, and will cause + problems if multiple callers in a single process share a PKCS#11 + module.</para> + + <para>This argument is optonal.</para> + </listitem> + </varlistentry> + <varlistentry> + <term>log-calls:</term> + <listitem> + <para>Set to <literal>yes</literal> to write a log to stderr of all the + calls into all configured modules. This is only supported for managed + modules.</para> + + <para>This argument is optional.</para> + </listitem> + </varlistentry> </variablelist> <para>Other fields may be present, but it is recommended that field names diff --git a/gtk-doc.make b/gtk-doc.make index cbef74b..824d8d6 100644 --- a/gtk-doc.make +++ b/gtk-doc.make @@ -116,7 +116,7 @@ scan-build.stamp: $(HFILE_GLOB) $(CFILE_GLOB) fi @touch scan-build.stamp -$(DOC_MODULE)-decl.txt $(SCANOBJ_FILES) $(DOC_MODULE)-sections.txt $(DOC_MODULE)-overrides.txt: scan-build.stamp +$(DOC_MODULE)-decl.txt $(SCANOBJ_FILES): scan-build.stamp @true #### xml #### diff --git a/p11-kit/Makefile.am b/p11-kit/Makefile.am index 1ab3b3d..2e08e84 100644 --- a/p11-kit/Makefile.am +++ b/p11-kit/Makefile.am @@ -5,7 +5,7 @@ SUBDIRS = . tests COMMON = $(top_srcdir)/common -INCLUDES = \ +AM_CPPFLAGS = \ -I$(top_srcdir) \ -I$(COMMON) \ -DP11_KIT_FUTURE_UNSTABLE_API \ @@ -14,6 +14,7 @@ INCLUDES = \ incdir = $(includedir)/p11-kit-1/p11-kit inc_HEADERS = \ + deprecated.h \ iter.h \ p11-kit.h \ pin.h \ @@ -24,14 +25,16 @@ MODULE_SRCS = \ util.c \ conf.c conf.h \ iter.c \ - modules.c \ + log.c log.h \ + modules.c modules.h \ pkcs11.h \ pin.c \ pkcs11.h \ - proxy.c \ + proxy.c proxy.h \ private.h \ messages.c \ uri.c \ + virtual.c virtual.h \ $(inc_HEADERS) lib_LTLIBRARIES = \ @@ -44,6 +47,7 @@ libp11_kit_la_CFLAGS = \ -DP11_USER_CONFIG_FILE=\""$(p11_user_config_file)"\" \ -DP11_USER_CONFIG_MODULES=\""$(p11_user_config_modules)"\" \ -DP11_MODULE_PATH=\""$(p11_module_path)"\" \ + $(LIBFFI_CFLAGS) \ $(NULL) libp11_kit_la_LDFLAGS = \ @@ -54,9 +58,10 @@ libp11_kit_la_LDFLAGS = \ libp11_kit_la_SOURCES = $(MODULE_SRCS) libp11_kit_la_LIBADD = \ - $(LTLIBINTL) \ $(top_builddir)/common/libp11-common.la \ $(top_builddir)/common/libp11-library.la \ + $(LIBFFI_LIBS) \ + $(LTLIBINTL) \ $(NULL) noinst_LTLIBRARIES = \ @@ -75,6 +80,7 @@ libp11_kit_testable_la_CFLAGS = \ -DP11_USER_CONFIG_FILE=\""$(abs_top_srcdir)/p11-kit/tests/files/user-pkcs11.conf"\" \ -DP11_USER_CONFIG_MODULES=\""$(abs_top_srcdir)/p11-kit/tests/files/user-modules/win32"\" \ -DP11_MODULE_PATH=\""$(abs_top_builddir)/p11-kit/tests/.libs"\" \ + $(LIBFFI_CFLAGS) \ $(NULL) else @@ -86,6 +92,7 @@ libp11_kit_testable_la_CFLAGS = \ -DP11_USER_CONFIG_FILE=\""$(abs_top_srcdir)/p11-kit/tests/files/user-pkcs11.conf"\" \ -DP11_USER_CONFIG_MODULES=\""$(abs_top_srcdir)/p11-kit/tests/files/user-modules"\" \ -DP11_MODULE_PATH=\""$(abs_top_builddir)/p11-kit/tests/.libs"\" \ + $(LIBFFI_CFLAGS) \ $(NULL) endif @@ -98,7 +105,9 @@ example_DATA = pkcs11.conf.example EXTRA_DIST = \ p11-kit-1.pc.in \ - pkcs11.conf.example.in + pkcs11.conf.example.in \ + docs.h \ + $(NULL) # Proxy module is actually same as library, so install a link install-exec-hook: diff --git a/p11-kit/deprecated.h b/p11-kit/deprecated.h new file mode 100644 index 0000000..ffe5d9d --- /dev/null +++ b/p11-kit/deprecated.h @@ -0,0 +1,97 @@ +/* + * Copyright (c) 2013 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#ifndef __P11_KIT_DEPRECATED_H__ +#define __P11_KIT_DEPRECATED_H__ + +#ifndef __P11_KIT_H__ +#error "Please include <p11-kit/p11-kit.h> instead of this file." +#endif + +#ifdef __cplusplus +extern "C" { +#endif + +#ifndef P11_KIT_NO_DEPRECATIONS +#if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) +#define P11_KIT_DEPRECATED_FOR(f) __attribute__((deprecated("Use " #f " instead"))) +#elif __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 1) +#define P11_KIT_DEPRECATED_FOR(f) __attribute__((__deprecated__)) +#endif +#endif + +#ifndef P11_KIT_DEPRECATED_FOR +#define P11_KIT_DEPRECATED_FOR(f) +#endif + +#ifndef P11_KIT_DISABLE_DEPRECATED + +P11_KIT_DEPRECATED_FOR (p11_kit_modules_load) +CK_RV p11_kit_initialize_registered (void); + +P11_KIT_DEPRECATED_FOR (p11_kit_modules_release) +CK_RV p11_kit_finalize_registered (void); + +P11_KIT_DEPRECATED_FOR (p11_kit_modules_release) +CK_FUNCTION_LIST_PTR * p11_kit_registered_modules (void); + +P11_KIT_DEPRECATED_FOR (p11_kit_module_for_name) +CK_FUNCTION_LIST_PTR p11_kit_registered_name_to_module (const char *name); + +P11_KIT_DEPRECATED_FOR (p11_kit_module_get_name) +char * p11_kit_registered_module_to_name (CK_FUNCTION_LIST_PTR module); + +P11_KIT_DEPRECATED_FOR (p11_kit_config_option) +char * p11_kit_registered_option (CK_FUNCTION_LIST_PTR module, + const char *field); + +P11_KIT_DEPRECATED_FOR (module->C_Initialize) +CK_RV p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module); + +P11_KIT_DEPRECATED_FOR (module->C_Finalize) +CK_RV p11_kit_finalize_module (CK_FUNCTION_LIST_PTR module); + +P11_KIT_DEPRECATED_FOR (p11_kit_module_load) +CK_RV p11_kit_load_initialize_module (const char *module_path, + CK_FUNCTION_LIST_PTR *module); + +#endif /* P11_KIT_DISABLE_DEPRECATED */ + +#undef P11_KIT_DEPRECATED_FOR + +#ifdef __cplusplus +} /* extern "C" */ +#endif + +#endif /* __P11_KIT_DEPRECATED_H__ */ diff --git a/p11-kit/docs.h b/p11-kit/docs.h new file mode 100644 index 0000000..7b29e3d --- /dev/null +++ b/p11-kit/docs.h @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2013 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +/* This header is not used by anything, and merely to help gtk-doc be sane */ + +#define P11_KIT_MODULE_UNMANAGED 1 +#define P11_KIT_MODULE_CRITICAL 1 diff --git a/p11-kit/log.c b/p11-kit/log.c new file mode 100644 index 0000000..19377b2 --- /dev/null +++ b/p11-kit/log.c @@ -0,0 +1,2022 @@ +/* + * Copyright (c) 2007, Stefan Walter + * Copyright (c) 2013, Red Hat Inc. + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Stef Walter <stef@memberwebs.com> + */ + +#include "config.h" + +#include "attrs.h" +#include "buffer.h" +#include "constants.h" +#include "debug.h" +#include "log.h" +#include "p11-kit.h" +#include "virtual.h" + +#include <sys/types.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include <stdarg.h> + +bool p11_log_force = false; +bool p11_log_output = true; + +typedef struct { + p11_virtual virt; + CK_X_FUNCTION_LIST *lower; + p11_destroyer destroyer; +} LogData; + +#define LOG_FLAG(buf, flags, had, flag) \ + if ((flags & flag) == flag) { \ + p11_buffer_add (buf, had ? " | " : " = ", 3); \ + p11_buffer_add (buf, #flag, -1); \ + had++; \ + } + +static void +log_CKM (p11_buffer *buf, + CK_MECHANISM_TYPE v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_mechanisms, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKM_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_CKS (p11_buffer *buf, + CK_STATE v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_states, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKS_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_CKU (p11_buffer *buf, + CK_USER_TYPE v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_users, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKU_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_CKR (p11_buffer *buf, + CK_RV v) +{ + char temp[32]; + const char *string; + + string = p11_constant_name (p11_constant_returns, v); + if (string == NULL) { + snprintf (temp, sizeof (temp), "CKR_0x%08lX", v); + p11_buffer_add (buf, temp, -1); + } else { + p11_buffer_add (buf, string, -1); + } +} + +static void +log_some_bytes (p11_buffer *buf, + CK_BYTE_PTR arr, + CK_ULONG num) +{ + CK_ULONG i; + char temp[128]; + char *p, *e; + CK_BYTE ch; + + if(!arr) { + p11_buffer_add (buf, "NULL", 4); + return; + } else if (num == (CK_ULONG)-1) { + p11_buffer_add (buf, "????", 4); + return; + } + + temp[0] = '\"'; + p = temp + 1; + e = temp + (sizeof (temp) - 8); + + for(i = 0; i < num && p < e; ++i, ++p) { + ch = arr[i]; + if (ch == '\t') { + p[0] = '\\'; p[1] = 't'; + ++p; + } else if (ch == '\n') { + p[0] = '\\'; p[1] = 'n'; + ++p; + } else if (ch == '\r') { + p[0] = '\\'; p[1] = 'r'; + ++p; + } else if (ch >= 32 && ch < 127) { + *p = ch; + } else { + p[0] = '\\'; + p[1] = 'x'; + sprintf(p + 2, "%02X", ch); + p += 3; + } + } + + *p = 0; + if (p >= e) + strcpy (e, "..."); + strcat (p, "\""); + p11_buffer_add (buf, temp, -1); +} + +static void +log_pointer (p11_buffer *buf, + const char *pref, + const char *name, + CK_VOID_PTR val, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (val == NULL) { + p11_buffer_add (buf, "NULL\n", 5); + } else { + snprintf (temp, sizeof (temp), "0x%08lX\n", (unsigned long)(size_t)val); + p11_buffer_add (buf, temp, -1); + } +} + +static void +log_attribute_types (p11_buffer *buf, + const char *pref, + const char *name, + CK_ATTRIBUTE_PTR arr, + CK_ULONG num, + CK_RV status) +{ + const char *string; + char temp[32]; + CK_ULONG i; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NONE\n", num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) [ ", num); + p11_buffer_add (buf, temp, -1); + for (i = 0; i < num; i++) { + if (i > 0) + p11_buffer_add (buf, ", ", 2); + string = p11_constant_name (p11_constant_types, arr[i].type); + if (string != NULL) { + p11_buffer_add (buf, string, -1); + } else { + snprintf (temp, sizeof (temp), "CKA_0x%08lX", arr[i].type); + p11_buffer_add (buf, temp, -1); + } + } + + p11_buffer_add (buf, " ]\n", 3); + } +} + +static void +log_attribute_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_ATTRIBUTE_PTR arr, + CK_ULONG num, + CK_RV status) +{ + char temp[32]; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NONE\n", num); + p11_buffer_add (buf, temp, -1); + } else { + p11_attrs_format (buf, arr, num); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_bool (p11_buffer *buf, + const char *pref, + const char *name, + CK_BBOOL val, + CK_RV status) +{ + if (status == CKR_OK) { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + p11_buffer_add (buf, val ? "CK_TRUE" : "CK_FALSE", -1); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_byte_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_BYTE_PTR arr, + CK_ULONG_PTR num, + CK_RV status) +{ + char temp[32]; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (num == NULL) { + p11_buffer_add (buf, "(?) NOTHING\n", -1); + } else if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NOTHING\n", *num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) ", *num); + p11_buffer_add (buf, temp, -1); + log_some_bytes (buf, arr, *num); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tcryptokiVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->cryptokiVersion.major, + (unsigned int)info->cryptokiVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tmanufacturerID: \"", -1); + p11_buffer_add (buf, info->manufacturerID, p11_kit_space_strlen (info->manufacturerID, sizeof (info->manufacturerID))); + p11_buffer_add (buf, "\"\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", info->flags); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tlibraryDescription: \"", -1); + p11_buffer_add (buf, info->libraryDescription, p11_kit_space_strlen (info->libraryDescription, sizeof (info->libraryDescription))); + p11_buffer_add (buf, "\"\n\tlibraryVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->libraryVersion.major, + (unsigned int)info->libraryVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_pInitArgs (p11_buffer *buf, + const char *pref, + const char *name, + CK_VOID_PTR pInitArgs, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (pInitArgs == NULL) + log_pointer (buf, pref, name, pInitArgs, status); + else { + CK_C_INITIALIZE_ARGS *args = (CK_C_INITIALIZE_ARGS*)pInitArgs; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tCreateMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->CreateMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tDestroyMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->DestroyMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tLockMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->LockMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tUnlockMutex: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->UnlockMutex); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", args->flags); + LOG_FLAG (buf, args->flags, had, CKF_OS_LOCKING_OK); + p11_buffer_add (buf, "\n\treserved: ", -1); + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)args->pReserved); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_mechanism_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tulMinKeySize: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMinKeySize); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMaxKeySize: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMaxKeySize); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_HW); + LOG_FLAG (buf, info->flags, had, CKF_ENCRYPT); + LOG_FLAG (buf, info->flags, had, CKF_DECRYPT); + LOG_FLAG (buf, info->flags, had, CKF_DIGEST); + LOG_FLAG (buf, info->flags, had, CKF_SIGN); + LOG_FLAG (buf, info->flags, had, CKF_SIGN_RECOVER); + LOG_FLAG (buf, info->flags, had, CKF_VERIFY); + LOG_FLAG (buf, info->flags, had, CKF_VERIFY_RECOVER); + LOG_FLAG (buf, info->flags, had, CKF_GENERATE); + LOG_FLAG (buf, info->flags, had, CKF_GENERATE_KEY_PAIR); + LOG_FLAG (buf, info->flags, had, CKF_WRAP); + LOG_FLAG (buf, info->flags, had, CKF_UNWRAP); + LOG_FLAG (buf, info->flags, had, CKF_DERIVE); + LOG_FLAG (buf, info->flags, had, CKF_EXTENSION); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_mechanism (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_PTR mech, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tmechanism: ", -1); + log_CKM (buf, mech->mechanism); + p11_buffer_add (buf, "\n\tpParameter: ", -1); + snprintf (temp, sizeof (temp), "(%lu) ", mech->ulParameterLen); + p11_buffer_add (buf, temp, -1); + log_some_bytes (buf, mech->pParameter, mech->ulParameterLen); + p11_buffer_add (buf, "\n }\n", -1); +} + +static void +log_mechanism_type (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_TYPE val, + CK_RV status) +{ + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + log_CKM (buf, val); + p11_buffer_add (buf, "\n", 1); +} + +static void +log_mechanism_type_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_MECHANISM_TYPE_PTR arr, + CK_ULONG_PTR num, + CK_RV status) +{ + char temp[32]; + CK_ULONG i; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + if (status != CKR_OK) + return; + + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (num == NULL) { + p11_buffer_add (buf, "(?) NO-VALUES\n", -1); + } else if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NO-VALUES\n", *num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) [ ", *num); + p11_buffer_add (buf, temp, -1); + for(i = 0; i < *num; ++i) { + if (i > 0) + p11_buffer_add (buf, ", ", 2); + log_CKM (buf, arr[i]); + } + p11_buffer_add (buf, " ]\n", 3); + } +} + +static void +log_session_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_SESSION_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tslotID: ", -1); + snprintf (temp, sizeof (temp), "SL%lu", info->slotID); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tstate: ", -1); + log_CKS (buf, info->state); + p11_buffer_add (buf, "\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lX", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_SERIAL_SESSION); + LOG_FLAG (buf, info->flags, had, CKF_RW_SESSION); + p11_buffer_add (buf, "\n\tulDeviceError: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulDeviceError); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_slot_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_SLOT_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tslotDescription: \"", -1); + p11_buffer_add (buf, info->slotDescription, p11_kit_space_strlen (info->slotDescription, sizeof (info->slotDescription))); + p11_buffer_add (buf, "\"\n\tmanufacturerID: \"", -1); + p11_buffer_add (buf, info->manufacturerID, p11_kit_space_strlen (info->manufacturerID, sizeof (info->manufacturerID))); + p11_buffer_add (buf, "\"\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_TOKEN_PRESENT); + LOG_FLAG (buf, info->flags, had, CKF_REMOVABLE_DEVICE); + LOG_FLAG (buf, info->flags, had, CKF_HW_SLOT); + p11_buffer_add (buf, "\n\thardwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->hardwareVersion.major, + (unsigned int)info->hardwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tfirmwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->firmwareVersion.major, + (unsigned int)info->firmwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_string (p11_buffer *buf, + const char *pref, + const char *name, + CK_UTF8CHAR_PTR str, + const CK_RV status) +{ + if (status != CKR_OK) + return; + if (str == NULL) { + log_pointer (buf, pref, name, str, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = \"", 4); + p11_buffer_add (buf, str, -1); + p11_buffer_add (buf, "\"\n", 2); + } +} + +static void +log_token_number (p11_buffer *buf, + CK_ULONG number) +{ + char temp[32]; + + if (number == 0) { + p11_buffer_add (buf, "CK_UNAVAILABLE_INFORMATION", -1); + } else if (number == (CK_ULONG)-1) { + p11_buffer_add (buf, "CK_EFFECTIVELY_INFINITE", -1); + } else { + snprintf (temp, sizeof (temp), "%lu", number); + p11_buffer_add (buf, temp, -1); + } +} + +static void +log_token_info (p11_buffer *buf, + const char *pref, + const char *name, + CK_TOKEN_INFO_PTR info, + CK_RV status) +{ + char temp[32]; + int had = 0; + + if (status != CKR_OK) + return; + if (info == NULL) { + log_pointer (buf, pref, name, info, status); + } else { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = {\n", 5); + p11_buffer_add (buf, "\tlabel: \"", -1); + p11_buffer_add (buf, info->label, p11_kit_space_strlen (info->label, sizeof (info->label))); + p11_buffer_add (buf, "\"\n\tmanufacturerID: \"", -1); + p11_buffer_add (buf, info->manufacturerID, p11_kit_space_strlen (info->manufacturerID, sizeof (info->manufacturerID))); + p11_buffer_add (buf, "\"\n\tmodel: \"", -1); + p11_buffer_add (buf, info->model, p11_kit_space_strlen (info->model, sizeof (info->model))); + p11_buffer_add (buf, "\"\n\tserialNumber: \"", -1); + p11_buffer_add (buf, info->serialNumber, p11_kit_space_strlen (info->serialNumber, sizeof (info->serialNumber))); + p11_buffer_add (buf, "\"\n\tflags: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->flags); + p11_buffer_add (buf, temp, -1); + LOG_FLAG (buf, info->flags, had, CKF_RNG); + LOG_FLAG (buf, info->flags, had, CKF_WRITE_PROTECTED); + LOG_FLAG (buf, info->flags, had, CKF_LOGIN_REQUIRED); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_INITIALIZED); + LOG_FLAG (buf, info->flags, had, CKF_RESTORE_KEY_NOT_NEEDED); + LOG_FLAG (buf, info->flags, had, CKF_CLOCK_ON_TOKEN); + LOG_FLAG (buf, info->flags, had, CKF_PROTECTED_AUTHENTICATION_PATH); + LOG_FLAG (buf, info->flags, had, CKF_DUAL_CRYPTO_OPERATIONS); + LOG_FLAG (buf, info->flags, had, CKF_TOKEN_INITIALIZED); + LOG_FLAG (buf, info->flags, had, CKF_SECONDARY_AUTHENTICATION); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_COUNT_LOW); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_FINAL_TRY); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_LOCKED); + LOG_FLAG (buf, info->flags, had, CKF_USER_PIN_TO_BE_CHANGED); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_COUNT_LOW); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_FINAL_TRY); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_LOCKED); + LOG_FLAG (buf, info->flags, had, CKF_SO_PIN_TO_BE_CHANGED); + if (!had) { + snprintf (temp, sizeof (temp), "%lu", info->flags); + p11_buffer_add (buf, temp, -1); + } + + p11_buffer_add (buf, "\n\tulMaxSessionCount: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulSessionCount: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulSessionCount); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMaxRwSessionCount: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulRwSessionCount: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulRwSessionCount); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMaxPinLen: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMaxPinLen); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulMinPinLen: ", -1); + snprintf (temp, sizeof (temp), "%lu", info->ulMinPinLen); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tulTotalPublicMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulFreePublicMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulTotalPrivateMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulFreePrivateMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\tulFreePrivateMemory: ", -1); + log_token_number (buf, info->ulMaxSessionCount); + p11_buffer_add (buf, "\n\thardwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->hardwareVersion.major, + (unsigned int)info->hardwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tfirmwareVersion: ", -1); + snprintf (temp, sizeof (temp), "%u.%u", (unsigned int)info->firmwareVersion.major, + (unsigned int)info->firmwareVersion.minor); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n\tutcTime: ", -1); + p11_buffer_add (buf, (info->flags & CKF_CLOCK_ON_TOKEN) ? (const char*)info->utcTime : "", -1); + p11_buffer_add (buf, "\n }\n", -1); + } +} + +static void +log_ulong (p11_buffer *buf, + const char *pref, + const char *name, + CK_ULONG val, + const char* npref, + CK_RV status) +{ + char temp[32]; + + if (!npref) + npref = ""; + if (status == CKR_OK) { + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + p11_buffer_add (buf, npref, -1); + snprintf (temp, sizeof (temp), "%lu", val); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_ulong_array (p11_buffer *buf, + const char *pref, + const char *name, + CK_ULONG_PTR arr, + CK_ULONG_PTR num, + const char *npref, + CK_RV status) +{ + char temp[32]; + CK_ULONG i; + + if (status == CKR_BUFFER_TOO_SMALL) { + arr = NULL; + status = CKR_OK; + } + + if (status != CKR_OK) + return; + if (npref == NULL) + npref = ""; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (num == NULL) { + p11_buffer_add (buf, "(?) NO-VALUES\n", -1); + } else if (arr == NULL) { + snprintf (temp, sizeof (temp), "(%lu) NO-VALUES\n", *num); + p11_buffer_add (buf, temp, -1); + } else { + snprintf (temp, sizeof (temp), "(%lu) [ ", *num); + p11_buffer_add (buf, temp, -1); + for (i = 0; i < *num; ++i) { + if (i > 0) + p11_buffer_add (buf, ", ", 2); + p11_buffer_add (buf, npref, -1); + snprintf (temp, sizeof (temp), "%lu", arr[i]); + p11_buffer_add (buf, temp, -1); + } + p11_buffer_add (buf, " ]\n", 3); + } +} + +static void +log_ulong_pointer (p11_buffer *buf, + const char *pref, + const char *name, + CK_ULONG_PTR val, + const char *npref, + CK_RV status) +{ + char temp[32]; + + if (status != CKR_OK) + return; + if (npref == NULL) + npref = ""; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + if (val == NULL) { + p11_buffer_add (buf, "NULL\n", 5); + } else { + snprintf (temp, sizeof (temp), "0x%08lX", (unsigned long)(size_t)val); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, " = ", 3); + p11_buffer_add (buf, npref, -1); + snprintf (temp, sizeof (temp), "%lu", *val); + p11_buffer_add (buf, temp, -1); + p11_buffer_add (buf, "\n", 1); + } +} + +static void +log_user_type (p11_buffer *buf, + const char *pref, + const char *name, + CK_USER_TYPE val, + CK_RV status) +{ + if (status != CKR_OK) + return; + p11_buffer_add (buf, pref, -1); + p11_buffer_add (buf, name, -1); + p11_buffer_add (buf, " = ", 3); + log_CKU (buf, val); + p11_buffer_add (buf, "\n", 1); +} + +static void +flush_buffer (p11_buffer *buf) +{ + if (p11_log_output) { + fwrite (buf->data, 1, buf->len, stderr); + fflush (stderr); + } + p11_buffer_reset (buf, 128); +} + +#define BEGIN_CALL(name) \ + { \ + LogData *_log = (LogData *)self; \ + const char* _name = "C_" #name; \ + p11_buffer _buf; \ + CK_X_##name _func = _log->lower->C_##name; \ + CK_RV _ret = CKR_OK; \ + p11_buffer_init_null (&_buf, 128); \ + return_val_if_fail (_func != NULL, CKR_DEVICE_ERROR); \ + p11_buffer_add (&_buf, _name, -1); \ + p11_buffer_add (&_buf, "\n", 1); \ + self = _log->lower; + +#define PROCESS_CALL(args) \ + flush_buffer (&_buf); \ + _ret = (_func) args; + +#define DONE_CALL \ + p11_buffer_add (&_buf, _name, -1); \ + p11_buffer_add (&_buf, " = ", 3); \ + log_CKR (&_buf, _ret); \ + p11_buffer_add (&_buf, "\n", 1); \ + flush_buffer (&_buf); \ + p11_buffer_uninit (&_buf); \ + return _ret; \ + } + +#define LIN " IN: " +#define LOUT " OUT: " + +#define IN_ATTRIBUTE_ARRAY(a, n) \ + log_attribute_types (&_buf, LIN, #a, a, n, CKR_OK); + +#define IN_BOOL(a) \ + log_bool (&_buf, LIN, #a, a, CKR_OK); + +#define IN_BYTE_ARRAY(a, n) \ + log_byte_array (&_buf, LIN, #a, a, &n, CKR_OK); + +#define IN_HANDLE(a) \ + log_ulong (&_buf, LIN, #a, a, "H", CKR_OK); + +#define IN_INIT_ARGS(a) \ + log_pInitArgs (&_buf, LIN, #a, a, CKR_OK); + +#define IN_POINTER(a) \ + log_pointer (&_buf, LIN, #a, a, CKR_OK); + +#define IN_MECHANISM(a) \ + log_mechanism (&_buf, LIN, #a, a, CKR_OK); + +#define IN_MECHANISM_TYPE(a) \ + log_mechanism_type (&_buf, LIN, #a, a, CKR_OK); + +#define IN_SESSION(a) \ + log_ulong (&_buf, LIN, #a, a, "S", CKR_OK); + +#define IN_SLOT_ID(a) \ + log_ulong (&_buf, LIN, #a, a, "SL", CKR_OK); + +#define IN_STRING(a) \ + log_string (&_buf, LIN, #a, a, CKR_OK); + +#define IN_ULONG(a) \ + log_ulong (&_buf, LIN, #a, a, NULL, CKR_OK); + +#define IN_ULONG_PTR(a) \ + log_ulong_pointer (&_buf, LIN, #a, a, NULL, CKR_OK); + +#define IN_USER_TYPE(a) \ + log_user_type (&_buf, LIN, #a, a, CKR_OK); + +#define OUT_ATTRIBUTE_ARRAY(a, n) \ + log_attribute_array (&_buf, LOUT, #a, a, n, _ret); + +#define OUT_BYTE_ARRAY(a, n) \ + log_byte_array(&_buf, LOUT, #a, a, n, _ret); + +#define OUT_HANDLE(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, "H", _ret); + +#define OUT_HANDLE_ARRAY(a, n) \ + log_ulong_array (&_buf, LOUT, #a, a, n, "H", _ret); + +#define OUT_INFO(a) \ + log_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_MECHANISM_INFO(a) \ + log_mechanism_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_MECHANISM_TYPE_ARRAY(a, n) \ + log_mechanism_type_array (&_buf, LOUT, #a, a, n, _ret); + +#define OUT_POINTER(a) \ + log_pointer (&_buf, LOUT, #a, a, _ret); + +#define OUT_SESSION(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, "S", _ret); + +#define OUT_SESSION_INFO(a) \ + log_session_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_SLOT_ID_ARRAY(a, n) \ + log_ulong_array (&_buf, LOUT, #a, a, n, "SL", _ret); + +#define OUT_SLOT_ID(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, "SL", _ret); + +#define OUT_SLOT_INFO(a) \ + log_slot_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_TOKEN_INFO(a) \ + log_token_info (&_buf, LOUT, #a, a, _ret); + +#define OUT_ULONG(a) \ + log_ulong_pointer (&_buf, LOUT, #a, a, NULL, _ret); + +#define OUT_ULONG_ARRAY(a, n) \ + log_ulong_array (&_buf, LOUT, #a, a, n, NULL, _ret); + + + +/* ---------------------------------------------------------------- */ + +static CK_RV +log_C_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR pInitArgs) +{ + BEGIN_CALL (Initialize) + IN_INIT_ARGS (pInitArgs) + PROCESS_CALL ((self, pInitArgs)) + DONE_CALL +} + +static CK_RV +log_C_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR pReserved) +{ + BEGIN_CALL (Finalize) + IN_POINTER (pReserved) + PROCESS_CALL ((self, pReserved)) + DONE_CALL +} + +static CK_RV +log_C_GetInfo (CK_X_FUNCTION_LIST *self, + CK_INFO_PTR pInfo) +{ + BEGIN_CALL (GetInfo) + PROCESS_CALL ((self, pInfo)) + OUT_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_GetSlotList (CK_X_FUNCTION_LIST *self, + CK_BBOOL tokenPresent, + CK_SLOT_ID_PTR pSlotList, + CK_ULONG_PTR pulCount) +{ + BEGIN_CALL (GetSlotList) + IN_BOOL (tokenPresent) + IN_ULONG_PTR (pulCount) + PROCESS_CALL ((self, tokenPresent, pSlotList, pulCount)) + OUT_SLOT_ID_ARRAY (pSlotList, pulCount) + DONE_CALL +} + +static CK_RV +log_C_GetSlotInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_SLOT_INFO_PTR pInfo) +{ + BEGIN_CALL (GetSlotInfo) + IN_SLOT_ID (slotID) + PROCESS_CALL ((self, slotID, pInfo)) + OUT_SLOT_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_GetTokenInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_TOKEN_INFO_PTR pInfo) +{ + BEGIN_CALL (GetTokenInfo) + IN_SLOT_ID (slotID) + PROCESS_CALL ((self, slotID, pInfo)) + OUT_TOKEN_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_GetMechanismList (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_MECHANISM_TYPE_PTR pMechanismList, + CK_ULONG_PTR pulCount) +{ + BEGIN_CALL (GetMechanismList) + IN_SLOT_ID (slotID) + IN_ULONG_PTR (pulCount) + PROCESS_CALL ((self, slotID, pMechanismList, pulCount)) + OUT_MECHANISM_TYPE_ARRAY (pMechanismList, pulCount) + DONE_CALL +} + +static CK_RV +log_C_GetMechanismInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO_PTR pInfo) +{ + BEGIN_CALL (GetMechanismInfo) + IN_SLOT_ID (slotID) + IN_MECHANISM_TYPE (type) + PROCESS_CALL ((self, slotID, type, pInfo)) + OUT_MECHANISM_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_InitToken (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_UTF8CHAR_PTR pPin, + CK_ULONG ulPinLen, + CK_UTF8CHAR_PTR pLabel) +{ + BEGIN_CALL (InitToken) + IN_SLOT_ID (slotID) + IN_BYTE_ARRAY (pPin, ulPinLen) + IN_STRING (pLabel) + PROCESS_CALL ((self, slotID, pPin, ulPinLen, pLabel)) + DONE_CALL +} + +static CK_RV +log_C_WaitForSlotEvent (CK_X_FUNCTION_LIST *self, + CK_FLAGS flags, + CK_SLOT_ID_PTR pSlot, + CK_VOID_PTR pReserved) +{ + char temp[32]; + int had = 0; + + BEGIN_CALL (WaitForSlotEvent) + p11_buffer_add (&_buf, " IN: flags = ", -1); + snprintf (temp, sizeof (temp), "%lu", flags); + p11_buffer_add (&_buf, temp, -1); + LOG_FLAG (&_buf, flags, had, CKF_DONT_BLOCK); + p11_buffer_add (&_buf, "\n", 1); + PROCESS_CALL ((self, flags, pSlot, pReserved)) + OUT_SLOT_ID (pSlot) + OUT_POINTER (pReserved) + DONE_CALL +} + +static CK_RV +log_C_OpenSession (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID, + CK_FLAGS flags, + CK_VOID_PTR pApplication, + CK_NOTIFY Notify, + CK_SESSION_HANDLE_PTR phSession) +{ + char temp[32]; + int had = 0; + + BEGIN_CALL (OpenSession) + IN_SLOT_ID (slotID) + p11_buffer_add (&_buf, " IN: flags = ", -1); + snprintf (temp, sizeof (temp), "%lu", flags); + p11_buffer_add (&_buf, temp, -1); + LOG_FLAG (&_buf, flags, had, CKF_SERIAL_SESSION); + LOG_FLAG (&_buf, flags, had, CKF_RW_SESSION); + p11_buffer_add (&_buf, "\n", 1); + IN_POINTER (pApplication); + IN_POINTER (Notify); + PROCESS_CALL ((self, slotID, flags, pApplication, Notify, phSession)); + OUT_SESSION (phSession) + DONE_CALL +} + +static CK_RV +log_C_CloseSession (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession) +{ + BEGIN_CALL (CloseSession) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession)) + DONE_CALL +} + +static CK_RV +log_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slotID) +{ + BEGIN_CALL (CloseAllSessions) + IN_SLOT_ID (slotID) + PROCESS_CALL ((self, slotID)) + DONE_CALL +} + +static CK_RV +log_C_GetSessionInfo (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_SESSION_INFO_PTR pInfo) +{ + BEGIN_CALL (GetSessionInfo) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pInfo)) + OUT_SESSION_INFO (pInfo) + DONE_CALL +} + +static CK_RV +log_C_InitPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_UTF8CHAR_PTR pPin, + CK_ULONG ulPinLen) +{ + BEGIN_CALL (InitPIN) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPin, ulPinLen) + PROCESS_CALL ((self, hSession, pPin, ulPinLen)) + DONE_CALL +} + +static CK_RV +log_C_SetPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_UTF8CHAR_PTR pOldPin, + CK_ULONG ulOldLen, + CK_UTF8CHAR_PTR pNewPin, + CK_ULONG ulNewLen) +{ + BEGIN_CALL (SetPIN) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pOldPin, ulOldLen) + IN_BYTE_ARRAY (pNewPin, ulNewLen); + PROCESS_CALL ((self, hSession, pOldPin, ulOldLen, pNewPin, ulNewLen)) + DONE_CALL +} + +static CK_RV +log_C_GetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pOperationState, + CK_ULONG_PTR pulOperationStateLen) +{ + BEGIN_CALL (GetOperationState) + IN_SESSION (hSession) + IN_ULONG_PTR (pulOperationStateLen) + PROCESS_CALL ((self, hSession, pOperationState, pulOperationStateLen)) + OUT_BYTE_ARRAY (pOperationState, pulOperationStateLen) + DONE_CALL +} + +static CK_RV +log_C_SetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pOperationState, + CK_ULONG ulOperationStateLen, + CK_OBJECT_HANDLE hEncryptionKey, + CK_OBJECT_HANDLE hAuthenticationKey) +{ + BEGIN_CALL (SetOperationState) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pOperationState, ulOperationStateLen) + IN_HANDLE (hEncryptionKey) + IN_HANDLE (hAuthenticationKey) + PROCESS_CALL ((self, hSession, pOperationState, ulOperationStateLen, hEncryptionKey, hAuthenticationKey)) + DONE_CALL +} + +static CK_RV +log_C_Login (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_USER_TYPE userType, + CK_UTF8CHAR_PTR pPin, + CK_ULONG ulPinLen) +{ + BEGIN_CALL (Login) + IN_SESSION (hSession) + IN_USER_TYPE (userType) + IN_BYTE_ARRAY (pPin, ulPinLen); + PROCESS_CALL ((self, hSession, userType, pPin, ulPinLen)) + DONE_CALL +} + +static CK_RV +log_C_Logout (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession) +{ + BEGIN_CALL (Logout) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession)) + DONE_CALL +} + +static CK_RV +log_C_CreateObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR phObject) +{ + BEGIN_CALL (CreateObject) + IN_SESSION (hSession) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, pTemplate, ulCount, phObject)) + OUT_HANDLE (phObject) + DONE_CALL +} + +static CK_RV +log_C_CopyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR phNewObject) +{ + BEGIN_CALL (CopyObject) + IN_SESSION (hSession) + IN_HANDLE (hObject) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, hObject, pTemplate, ulCount, phNewObject)) + OUT_HANDLE (phNewObject) + DONE_CALL +} + + +static CK_RV +log_C_DestroyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject) +{ + BEGIN_CALL (DestroyObject); + IN_SESSION (hSession) + IN_HANDLE (hObject) + PROCESS_CALL ((self, hSession, hObject)) + DONE_CALL +} + +static CK_RV +log_C_GetObjectSize (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ULONG_PTR size) +{ + BEGIN_CALL (GetObjectSize); + IN_SESSION (hSession) + IN_HANDLE (hObject) + PROCESS_CALL ((self, hSession, hObject, size)) + OUT_ULONG (size) + DONE_CALL +} + +static CK_RV +log_C_GetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount) +{ + BEGIN_CALL (GetAttributeValue) + IN_SESSION (hSession) + IN_HANDLE (hObject) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, hObject, pTemplate, ulCount)) + OUT_ATTRIBUTE_ARRAY (pTemplate, ulCount) + DONE_CALL +} + +static CK_RV +log_C_SetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount) +{ + BEGIN_CALL (SetAttributeValue) + IN_SESSION (hSession) + IN_HANDLE (hObject) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, hObject, pTemplate, ulCount)) + DONE_CALL +} + +static CK_RV +log_C_FindObjectsInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount) +{ + BEGIN_CALL (FindObjectsInit) + IN_SESSION (hSession) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, pTemplate, ulCount)) + DONE_CALL +} + +static CK_RV +log_C_FindObjects (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE_PTR object, + CK_ULONG max_object_count, + CK_ULONG_PTR object_count) +{ + BEGIN_CALL (FindObjects) + IN_SESSION (hSession) + IN_ULONG (max_object_count) + PROCESS_CALL ((self, hSession, object, max_object_count, object_count)) + OUT_HANDLE_ARRAY (object, object_count) + DONE_CALL +} + +static CK_RV +log_C_FindObjectsFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession) +{ + BEGIN_CALL (FindObjectsFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession)) + DONE_CALL +} + +static CK_RV +log_C_EncryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (EncryptInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Encrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pEncryptedData, + CK_ULONG_PTR pulEncryptedDataLen) +{ + BEGIN_CALL (Encrypt) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pEncryptedData, pulEncryptedDataLen)) + OUT_BYTE_ARRAY (pEncryptedData, pulEncryptedDataLen) + DONE_CALL +} + +static CK_RV +log_C_EncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG_PTR pulEncryptedPartLen) +{ + BEGIN_CALL (EncryptUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen)) + OUT_BYTE_ARRAY (pEncryptedPart, pulEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_EncryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pLastEncryptedPart, + CK_ULONG_PTR pulLastEncryptedPartLen) +{ + BEGIN_CALL (EncryptFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pLastEncryptedPart, pulLastEncryptedPartLen)) + OUT_BYTE_ARRAY (pLastEncryptedPart, pulLastEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (DecryptInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Decrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedData, + CK_ULONG ulEncryptedDataLen, + CK_BYTE_PTR pData, + CK_ULONG_PTR pulDataLen) +{ + BEGIN_CALL (Decrypt) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedData, ulEncryptedDataLen) + PROCESS_CALL ((self, hSession, pEncryptedData, ulEncryptedDataLen, pData, pulDataLen)) + OUT_BYTE_ARRAY (pData, pulDataLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, + CK_BYTE_PTR pPart, + CK_ULONG_PTR pulPartLen) +{ + BEGIN_CALL (DecryptUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen) + PROCESS_CALL ((self, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen)) + OUT_BYTE_ARRAY (pPart, pulPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pLastPart, + CK_ULONG_PTR pulLastPartLen) +{ + BEGIN_CALL (DecryptFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pLastPart, pulLastPartLen)) + OUT_BYTE_ARRAY (pLastPart, pulLastPartLen) + DONE_CALL +} + +static CK_RV +log_C_DigestInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism) +{ + BEGIN_CALL (DigestInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + PROCESS_CALL ((self, hSession, pMechanism)) + DONE_CALL +} + +static CK_RV +log_C_Digest (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pDigest, + CK_ULONG_PTR pulDigestLen) +{ + BEGIN_CALL (Digest) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pDigest, pulDigestLen)) + OUT_BYTE_ARRAY (pDigest, pulDigestLen) + DONE_CALL +} + +static CK_RV +log_C_DigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen) +{ + BEGIN_CALL (DigestUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen)) + DONE_CALL +} + +static CK_RV +log_C_DigestKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (DigestKey) + IN_SESSION (hSession) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, hKey)) + DONE_CALL +} + +static CK_RV +log_C_DigestFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pDigest, + CK_ULONG_PTR pulDigestLen) +{ + BEGIN_CALL (DigestFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pDigest, pulDigestLen)) + OUT_BYTE_ARRAY (pDigest, pulDigestLen) + DONE_CALL +} + +static CK_RV +log_C_SignInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (SignInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Sign (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, + CK_ULONG_PTR pulSignatureLen) +{ + BEGIN_CALL (Sign) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pSignature, pulSignatureLen)) + OUT_BYTE_ARRAY (pSignature, pulSignatureLen) + DONE_CALL +} + +static CK_RV +log_C_SignUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen) +{ + BEGIN_CALL (SignUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen)) + DONE_CALL +} + +static CK_RV +log_C_SignFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSignature, + CK_ULONG_PTR pulSignatureLen) +{ + BEGIN_CALL (SignFinal) + IN_SESSION (hSession) + PROCESS_CALL ((self, hSession, pSignature, pulSignatureLen)) + OUT_BYTE_ARRAY (pSignature, pulSignatureLen) + DONE_CALL +} + +static CK_RV +log_C_SignRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (SignRecoverInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_SignRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, + CK_ULONG_PTR pulSignatureLen) +{ + BEGIN_CALL (SignRecover) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pSignature, pulSignatureLen)) + OUT_BYTE_ARRAY (pSignature, pulSignatureLen) + DONE_CALL +} + +static CK_RV +log_C_VerifyInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (VerifyInit); + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_Verify (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pData, + CK_ULONG ulDataLen, + CK_BYTE_PTR pSignature, + CK_ULONG ulSignatureLen) +{ + BEGIN_CALL (Verify) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pData, ulDataLen) + IN_BYTE_ARRAY (pSignature, ulSignatureLen) + PROCESS_CALL ((self, hSession, pData, ulDataLen, pSignature, ulSignatureLen)) + DONE_CALL +} + +static CK_RV +log_C_VerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen) +{ + BEGIN_CALL (VerifyUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen)) + DONE_CALL +} + +static CK_RV +log_C_VerifyFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSignature, + CK_ULONG ulSignatureLen) +{ + BEGIN_CALL (VerifyFinal) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pSignature, ulSignatureLen); + PROCESS_CALL ((self, hSession, pSignature, ulSignatureLen)) + DONE_CALL +} + +static CK_RV +log_C_VerifyRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hKey) +{ + BEGIN_CALL (VerifyRecoverInit) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hKey)) + DONE_CALL +} + +static CK_RV +log_C_VerifyRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSignature, + CK_ULONG ulSignatureLen, + CK_BYTE_PTR pData, + CK_ULONG_PTR pulDataLen) +{ + BEGIN_CALL (VerifyRecover) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pSignature, ulSignatureLen) + PROCESS_CALL ((self, hSession, pSignature, ulSignatureLen, pData, pulDataLen)) + OUT_BYTE_ARRAY (pData, pulDataLen) + DONE_CALL +} + +static CK_RV +log_C_DigestEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG_PTR pulEncryptedPartLen) +{ + BEGIN_CALL (DigestEncryptUpdate); + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen)) + OUT_BYTE_ARRAY (pEncryptedPart, pulEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptDigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, + CK_BYTE_PTR pPart, + CK_ULONG_PTR pulPartLen) +{ + BEGIN_CALL (DecryptDigestUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen) + PROCESS_CALL ((self, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen)) + OUT_BYTE_ARRAY (pPart, pulPartLen) + DONE_CALL +} + +static CK_RV +log_C_SignEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, + CK_ULONG ulPartLen, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG_PTR pulEncryptedPartLen) +{ + BEGIN_CALL (SignEncryptUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pPart, ulPartLen) + PROCESS_CALL ((self, hSession, pPart, ulPartLen, pEncryptedPart, pulEncryptedPartLen)) + OUT_BYTE_ARRAY (pEncryptedPart, pulEncryptedPartLen) + DONE_CALL +} + +static CK_RV +log_C_DecryptVerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pEncryptedPart, + CK_ULONG ulEncryptedPartLen, + CK_BYTE_PTR pPart, + CK_ULONG_PTR pulPartLen) +{ + BEGIN_CALL (DecryptVerifyUpdate) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pEncryptedPart, ulEncryptedPartLen) + PROCESS_CALL ((self, hSession, pEncryptedPart, ulEncryptedPartLen, pPart, pulPartLen)) + OUT_BYTE_ARRAY (pPart, pulPartLen) + DONE_CALL +} + +static CK_RV +log_C_GenerateKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulCount, + CK_OBJECT_HANDLE_PTR phKey) +{ + BEGIN_CALL (GenerateKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_ATTRIBUTE_ARRAY (pTemplate, ulCount) + PROCESS_CALL ((self, hSession, pMechanism, pTemplate, ulCount, phKey)) + OUT_HANDLE (phKey) + DONE_CALL +} + +static CK_RV +log_C_GenerateKeyPair (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_ATTRIBUTE_PTR pPublicKeyTemplate, + CK_ULONG ulPublicKeyAttributeCount, + CK_ATTRIBUTE_PTR pPrivateKeyTemplate, + CK_ULONG ulPrivateKeyAttributeCount, + CK_OBJECT_HANDLE_PTR phPublicKey, + CK_OBJECT_HANDLE_PTR phPrivateKey) +{ + BEGIN_CALL (GenerateKeyPair) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_ATTRIBUTE_ARRAY (pPublicKeyTemplate, ulPublicKeyAttributeCount) + IN_ATTRIBUTE_ARRAY (pPrivateKeyTemplate, ulPrivateKeyAttributeCount) + PROCESS_CALL ((self, hSession, pMechanism, pPublicKeyTemplate, ulPublicKeyAttributeCount, + pPrivateKeyTemplate, ulPrivateKeyAttributeCount, phPublicKey, phPrivateKey)) + OUT_HANDLE (phPublicKey) + OUT_HANDLE (phPrivateKey) + DONE_CALL +} + +static CK_RV +log_C_WrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hWrappingKey, + CK_OBJECT_HANDLE hKey, + CK_BYTE_PTR pWrappedKey, + CK_ULONG_PTR pulWrappedKeyLen) +{ + BEGIN_CALL (WrapKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hWrappingKey) + IN_HANDLE (hKey) + PROCESS_CALL ((self, hSession, pMechanism, hWrappingKey, hKey, pWrappedKey, pulWrappedKeyLen)) + OUT_BYTE_ARRAY (pWrappedKey, pulWrappedKeyLen) + DONE_CALL +} + +static CK_RV +log_C_UnwrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hUnwrappingKey, + CK_BYTE_PTR pWrappedKey, + CK_ULONG ulWrappedKeyLen, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, + CK_OBJECT_HANDLE_PTR phKey) +{ + BEGIN_CALL (UnwrapKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hUnwrappingKey) + IN_BYTE_ARRAY (pWrappedKey, ulWrappedKeyLen) + IN_ATTRIBUTE_ARRAY (pTemplate, ulAttributeCount) + PROCESS_CALL ((self, hSession, pMechanism, hUnwrappingKey, pWrappedKey, + ulWrappedKeyLen, pTemplate, ulAttributeCount, phKey)) + OUT_HANDLE (phKey) + DONE_CALL +} + +static CK_RV +log_C_DeriveKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_MECHANISM_PTR pMechanism, + CK_OBJECT_HANDLE hBaseKey, + CK_ATTRIBUTE_PTR pTemplate, + CK_ULONG ulAttributeCount, + CK_OBJECT_HANDLE_PTR phObject) +{ + BEGIN_CALL (DeriveKey) + IN_SESSION (hSession) + IN_MECHANISM (pMechanism) + IN_HANDLE (hBaseKey) + IN_ATTRIBUTE_ARRAY (pTemplate, ulAttributeCount) + PROCESS_CALL ((self, hSession, pMechanism, hBaseKey, pTemplate, ulAttributeCount, phObject)) + OUT_HANDLE (phObject) + DONE_CALL +} + +static CK_RV +log_C_SeedRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pSeed, + CK_ULONG ulSeedLen) +{ + BEGIN_CALL (SeedRandom) + IN_SESSION (hSession) + IN_BYTE_ARRAY (pSeed, ulSeedLen); + PROCESS_CALL ((self, hSession, pSeed, ulSeedLen)) + DONE_CALL +} + +static CK_RV +log_C_GenerateRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pRandomData, + CK_ULONG ulRandomLen) +{ + BEGIN_CALL (GenerateRandom) + IN_SESSION (hSession) + IN_ULONG (ulRandomLen) + PROCESS_CALL ((self, hSession, pRandomData, ulRandomLen)) + OUT_BYTE_ARRAY (pRandomData, &ulRandomLen) + DONE_CALL +} + +static CK_X_FUNCTION_LIST log_functions = { + { -1, -1 }, + log_C_Initialize, + log_C_Finalize, + log_C_GetInfo, + log_C_GetSlotList, + log_C_GetSlotInfo, + log_C_GetTokenInfo, + log_C_GetMechanismList, + log_C_GetMechanismInfo, + log_C_InitToken, + log_C_InitPIN, + log_C_SetPIN, + log_C_OpenSession, + log_C_CloseSession, + log_C_CloseAllSessions, + log_C_GetSessionInfo, + log_C_GetOperationState, + log_C_SetOperationState, + log_C_Login, + log_C_Logout, + log_C_CreateObject, + log_C_CopyObject, + log_C_DestroyObject, + log_C_GetObjectSize, + log_C_GetAttributeValue, + log_C_SetAttributeValue, + log_C_FindObjectsInit, + log_C_FindObjects, + log_C_FindObjectsFinal, + log_C_EncryptInit, + log_C_Encrypt, + log_C_EncryptUpdate, + log_C_EncryptFinal, + log_C_DecryptInit, + log_C_Decrypt, + log_C_DecryptUpdate, + log_C_DecryptFinal, + log_C_DigestInit, + log_C_Digest, + log_C_DigestUpdate, + log_C_DigestKey, + log_C_DigestFinal, + log_C_SignInit, + log_C_Sign, + log_C_SignUpdate, + log_C_SignFinal, + log_C_SignRecoverInit, + log_C_SignRecover, + log_C_VerifyInit, + log_C_Verify, + log_C_VerifyUpdate, + log_C_VerifyFinal, + log_C_VerifyRecoverInit, + log_C_VerifyRecover, + log_C_DigestEncryptUpdate, + log_C_DecryptDigestUpdate, + log_C_SignEncryptUpdate, + log_C_DecryptVerifyUpdate, + log_C_GenerateKey, + log_C_GenerateKeyPair, + log_C_WrapKey, + log_C_UnwrapKey, + log_C_DeriveKey, + log_C_SeedRandom, + log_C_GenerateRandom, + log_C_WaitForSlotEvent, +}; + +void +p11_log_release (void *data) +{ + LogData *log = (LogData *)data; + + return_if_fail (data != NULL); + p11_virtual_uninit (&log->virt); + free (log); +} + +p11_virtual * +p11_log_subclass (p11_virtual *lower, + p11_destroyer destroyer) +{ + LogData *log; + + log = calloc (1, sizeof (LogData)); + return_val_if_fail (log != NULL, NULL); + + p11_virtual_init (&log->virt, &log_functions, lower, destroyer); + log->lower = &lower->funcs; + return &log->virt; +} diff --git a/p11-kit/log.h b/p11-kit/log.h new file mode 100644 index 0000000..d8169e8 --- /dev/null +++ b/p11-kit/log.h @@ -0,0 +1,53 @@ +/* + * Copyright (c) 2013, Red Hat Inc. + * + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * + * CONTRIBUTORS + * Stef Walter <stef@thewalter.net> + */ + +#ifndef P11_LOG_H_ +#define P11_LOG_H_ + +#include "virtual.h" + +p11_virtual * p11_log_subclass (p11_virtual *lower, + p11_destroyer destroyer); + +void p11_log_release (void *logger); + +extern bool p11_log_force; + +extern bool p11_log_output; + +#endif /* P11_LOG_H_ */ diff --git a/p11-kit/modules.c b/p11-kit/modules.c index 19ba895..ef8cea6 100644 --- a/p11-kit/modules.c +++ b/p11-kit/modules.c @@ -35,16 +35,23 @@ #include "config.h" -#include "conf.h" +/* We use and define deprecated functions here */ +#define P11_KIT_NO_DEPRECATIONS #define P11_DEBUG_FLAG P11_DEBUG_LIB + +#include "conf.h" #include "debug.h" #include "dict.h" #include "library.h" +#include "log.h" #include "message.h" +#include "modules.h" #include "path.h" #include "pkcs11.h" #include "p11-kit.h" #include "private.h" +#include "proxy.h" +#include "virtual.h" #include <sys/stat.h> #include <sys/types.h> @@ -70,44 +77,83 @@ * crypto objects (like keys and certificates) and to perform crypto operations. * * In order for applications to behave consistently with regard to the user's - * installed PKCS\#11 modules, each module must be registered so that applications + * installed PKCS\#11 modules, each module must be configured so that applications * or libraries know that they should load it. * - * The functions here provide support for initializing registered modules. The - * p11_kit_initialize_registered() function should be used to load and initialize - * the registered modules. When done, the p11_kit_finalize_registered() function + * When multiple consumers of a module (such as libraries or applications) are + * in the same process, coordination of the initialization and finalization + * of PKCS\#11 modules is required. To do this modules are managed by p11-kit. + * This means that various unsafe methods are coordinated between callers. Unmanaged + * modules are simply the raw PKCS\#11 module pointers without p11-kit getting in the + * way. It is highly recommended that the default managed behavior is used. + * + * The functions here provide support for initializing configured modules. The + * p11_kit_modules_load() function should be used to load and initialize + * the configured modules. When done, the p11_kit_modules_release() function * should be used to release those modules and associated resources. * - * In addition p11_kit_registered_option() can be used to access other parts + * In addition p11_kit_config_option() can be used to access other parts * of the module configuration. * - * When multiple consumers of a module (such as libraries or applications) are - * in the same process, coordination of the initialization and finalization - * of PKCS\#11 modules is required. The functions here automatically provide - * initialization reference counting to make this work. - * * If a consumer wishes to load an arbitrary PKCS\#11 module that's not - * registered, that module should be initialized with p11_kit_initialize_module() - * and finalized with p11_kit_finalize_module(). The module's own - * <code>C_Initialize</code> and <code>C_Finalize</code> methods should not - * be called directly. + * configured use p11_kit_module_load() to do so. And use p11_kit_module_release() + * to later release it. * * Modules are represented by a pointer to their <code>CK_FUNCTION_LIST</code> - * entry points. This means that callers can load modules elsewhere, using - * dlopen() for example, and then still use these methods on them. + * entry points. + */ + +/** + * SECTION:p11-kit-deprecated + * @title: Deprecated + * @short_description: Deprecated functions + * + * These functions have been deprecated from p11-kit and are not recommended for + * general usage. In large part they were deprecated because they did not adequately + * insulate multiple callers of a PKCS\#11 module from another, and could not + * support the 'managed' mode needed to do this. + */ + +/** + * P11_KIT_MODULE_UNMANAGED: + * + * Module is loaded in non 'managed' mode. This is not recommended, + * disables many features, and prevents coordination between multiple + * callers of the same module. + */ + +/** + * P11_KIT_MODULE_CRITICAL: + * + * Flag to load a module in 'critical' mode. Failure to load a critical module + * will prevent all other modules from loading. A failure when loading a + * non-critical module skips that module. */ typedef struct _Module { - CK_FUNCTION_LIST_PTR funcs; + /* + * When using managed modules, this forms the base of the + * virtual stack into which all the other modules call. This is also + * the first field in this structure so we can cast between them. + */ + p11_virtual virt; + + /* The initialize args built from configuration */ CK_C_INITIALIZE_ARGS init_args; int ref_count; + int init_count; /* Registered modules */ char *name; p11_dict *config; + bool critical; - /* Loaded modules */ - dl_module_t dl_module; + /* + * This is a pointer to the actual dl shared module, or perhaps + * the RPC client context. + */ + void *loaded_module; + p11_kit_destroyer loaded_destroy; /* Initialization, mutex must be held */ p11_mutex_t initialize_mutex; @@ -121,6 +167,8 @@ typedef struct _Module { */ static struct _Shared { p11_dict *modules; + p11_dict *unmanaged_by_funcs; + p11_dict *managed_by_closure; p11_dict *config; } gl = { NULL, NULL }; @@ -184,15 +232,19 @@ free_module_unlocked (void *data) assert (mod != NULL); - /* Module must be finalized */ - assert (!mod->initialize_called); - assert (mod->initialize_thread == 0); - /* Module must have no outstanding references */ assert (mod->ref_count == 0); - if (mod->dl_module) - p11_dl_close (mod->dl_module); + if (mod->init_count > 0) { + p11_debug_precond ("module unloaded without C_Finalize having been " + "called for each C_Initialize"); + } else { + assert (!mod->initialize_called); + assert (mod->initialize_thread == 0); + } + + if (mod->loaded_destroy) + mod->loaded_destroy (mod->loaded_module); p11_mutex_uninit (&mod->initialize_mutex); p11_dict_free (mod->config); @@ -215,28 +267,44 @@ alloc_module_unlocked (void) mod->init_args.flags = CKF_OS_LOCKING_OK; p11_mutex_init (&mod->initialize_mutex); + /* + * The default for configured modules is non-critical, but for + * modules loaded explicitly, and not from config, we treat them + * as critical. So this gets overridden for configured modules + * later when the config is loaded. + */ + mod->critical = true; + return mod; } static CK_RV -dlopen_and_get_function_list (Module *mod, const char *path) +dlopen_and_get_function_list (Module *mod, + const char *path, + CK_FUNCTION_LIST **funcs) { CK_C_GetFunctionList gfl; + dl_module_t dl; char *error; CK_RV rv; - assert (mod); - assert (path); + assert (mod != NULL); + assert (path != NULL); + assert (funcs != NULL); - mod->dl_module = p11_dl_open (path); - if (mod->dl_module == NULL) { + dl = p11_dl_open (path); + if (dl == NULL) { error = p11_dl_error (); p11_message ("couldn't load module: %s: %s", path, error); free (error); return CKR_GENERAL_ERROR; } - gfl = p11_dl_symbol (mod->dl_module, "C_GetFunctionList"); + /* When the Module goes away, dlclose the loaded module */ + mod->loaded_destroy = (p11_kit_destroyer)p11_dl_close; + mod->loaded_module = dl; + + gfl = p11_dl_symbol (dl, "C_GetFunctionList"); if (!gfl) { error = p11_dl_error (); p11_message ("couldn't find C_GetFunctionList entry point in module: %s: %s", @@ -245,65 +313,77 @@ dlopen_and_get_function_list (Module *mod, const char *path) return CKR_GENERAL_ERROR; } - rv = gfl (&mod->funcs); + rv = gfl (funcs); if (rv != CKR_OK) { p11_message ("call to C_GetFunctiontList failed in module: %s: %s", path, p11_kit_strerror (rv)); return rv; } + if (p11_proxy_module_check (*funcs)) { + p11_message ("refusing to load the p11-kit-proxy.so module as a registered module"); + return CKR_FUNCTION_FAILED; + } + + p11_virtual_init (&mod->virt, &p11_virtual_base, *funcs, NULL); p11_debug ("opened module: %s", path); return CKR_OK; } static CK_RV -load_module_from_file_unlocked (const char *path, Module **result) +load_module_from_file_inlock (const char *name, + const char *path, + Module **result) { + CK_FUNCTION_LIST *funcs; + char *expand = NULL; Module *mod; Module *prev; CK_RV rv; + assert (path != NULL); + assert (result != NULL); + mod = alloc_module_unlocked (); return_val_if_fail (mod != NULL, CKR_HOST_MEMORY); - rv = dlopen_and_get_function_list (mod, path); + if (!p11_path_absolute (path)) { + p11_debug ("module path is relative, loading from: %s", P11_MODULE_PATH); + path = expand = p11_path_build (P11_MODULE_PATH, path, NULL); + return_val_if_fail (path != NULL, CKR_HOST_MEMORY); + } + + p11_debug ("loading module %s%sfrom path: %s", + name ? name : "", name ? " " : "", path); + + rv = dlopen_and_get_function_list (mod, path, &funcs); + free (expand); + if (rv != CKR_OK) { free_module_unlocked (mod); return rv; } /* Do we have a previous one like this, if so ignore load */ - prev = p11_dict_get (gl.modules, mod->funcs); + prev = p11_dict_get (gl.unmanaged_by_funcs, funcs); + /* If same module was loaded previously, just take over config */ if (prev != NULL) { - p11_debug ("duplicate module %s, using previous", path); + if (!name || prev->name || prev->config) + p11_debug ("duplicate module %s, using previous", path); free_module_unlocked (mod); mod = prev; - } else if (!p11_dict_set (gl.modules, mod->funcs, mod)) { + /* This takes ownership of the module */ + } else if (!p11_dict_set (gl.modules, mod, mod) || + !p11_dict_set (gl.unmanaged_by_funcs, funcs, mod)) { return_val_if_reached (CKR_HOST_MEMORY); } - if (result) - *result= mod; + *result= mod; return CKR_OK; } -static char* -expand_module_path (const char *filename) -{ - char *path; - - if (!p11_path_absolute (filename)) { - p11_debug ("module path is relative, loading from: %s", P11_MODULE_PATH); - path = p11_path_build (P11_MODULE_PATH, filename, NULL); - } else { - path = strdup (filename); - } - - return path; -} - static int is_list_delimiter (char ch) { @@ -360,13 +440,12 @@ is_module_enabled_unlocked (const char *name, } static CK_RV -take_config_and_load_module_unlocked (char **name, - p11_dict **config) +take_config_and_load_module_inlock (char **name, + p11_dict **config, + bool critical) { - Module *mod, *prev; - const char *module_filename; - char *path; - char *key; + const char *filename; + Module *mod; CK_RV rv; assert (name); @@ -377,36 +456,22 @@ take_config_and_load_module_unlocked (char **name, if (!is_module_enabled_unlocked (*name, *config)) return CKR_OK; - module_filename = p11_dict_get (*config, "module"); - if (module_filename == NULL) { + filename = p11_dict_get (*config, "module"); + if (filename == NULL) { p11_debug ("no module path for module, skipping: %s", *name); return CKR_OK; } - path = expand_module_path (module_filename); - return_val_if_fail (path != NULL, CKR_HOST_MEMORY); - - key = strdup ("module"); - return_val_if_fail (key != NULL, CKR_HOST_MEMORY); - - /* The hash map will take ownership of the variable */ - if (!p11_dict_set (*config, key, path)) - return_val_if_reached (CKR_HOST_MEMORY); - - mod = alloc_module_unlocked (); - return_val_if_fail (mod != NULL, CKR_HOST_MEMORY); + rv = load_module_from_file_inlock (*name, filename, &mod); + if (rv != CKR_OK) + return CKR_OK; /* Take ownership of thes evariables */ mod->config = *config; *config = NULL; mod->name = *name; *name = NULL; - - rv = dlopen_and_get_function_list (mod, path); - if (rv != CKR_OK) { - free_module_unlocked (mod); - return rv; - } + mod->critical = critical; /* * We support setting of CK_C_INITIALIZE_ARGS.pReserved from @@ -415,27 +480,6 @@ take_config_and_load_module_unlocked (char **name, */ mod->init_args.pReserved = p11_dict_get (mod->config, "x-init-reserved"); - prev = p11_dict_get (gl.modules, mod->funcs); - - /* If same module was loaded previously, just take over config */ - if (prev && !prev->name && !prev->config) { - prev->name = mod->name; - mod->name = NULL; - prev->config = mod->config; - mod->config = NULL; - free_module_unlocked (mod); - - /* Ignore duplicate module */ - } else if (prev) { - p11_message ("duplicate configured module: %s: %s", mod->name, path); - free_module_unlocked (mod); - - /* Add this new module to our hash table */ - } else { - if (!p11_dict_set (gl.modules, mod->funcs, mod)) - return_val_if_reached (CKR_HOST_MEMORY); - } - return CKR_OK; } @@ -485,8 +529,7 @@ load_registered_modules_unlocked (void) /* Is this a critical module, should abort loading of others? */ critical = _p11_conf_parse_boolean (p11_dict_get (config, "critical"), false); - - rv = take_config_and_load_module_unlocked (&name, &config); + rv = take_config_and_load_module_inlock (&name, &config, critical); /* * These variables will be cleared if ownership is transeferred @@ -510,10 +553,11 @@ load_registered_modules_unlocked (void) } static CK_RV -initialize_module_unlocked_reentrant (Module *mod) +initialize_module_inlock_reentrant (Module *mod) { CK_RV rv = CKR_OK; p11_thread_id_t self; + assert (mod); self = p11_thread_id_self (); @@ -531,23 +575,16 @@ initialize_module_unlocked_reentrant (Module *mod) mod->initialize_thread = self; /* Change over to the module specific mutex */ - p11_mutex_lock (&mod->initialize_mutex); p11_unlock (); + p11_mutex_lock (&mod->initialize_mutex); if (!mod->initialize_called) { - assert (mod->funcs); - - if (mod->funcs == &_p11_proxy_function_list) { - p11_message ("refusing to load the p11-kit-proxy.so module as a registered module"); - rv = CKR_FUNCTION_FAILED; + p11_debug ("C_Initialize: calling"); - } else { - p11_debug ("C_Initialize: calling"); - - rv = mod->funcs->C_Initialize (&mod->init_args); + rv = mod->virt.funcs.C_Initialize (&mod->virt.funcs, + &mod->init_args); - p11_debug ("C_Initialize: result: %lu", rv); - } + p11_debug ("C_Initialize: result: %lu", rv); /* Module was initialized and C_Finalize should be called */ if (rv == CKR_OK) @@ -561,10 +598,14 @@ initialize_module_unlocked_reentrant (Module *mod) p11_mutex_unlock (&mod->initialize_mutex); p11_lock (); - /* Don't claim reference if failed */ - if (rv != CKR_OK) - --mod->ref_count; + if (rv == CKR_OK) { + /* Matches the ref count in finalize_module_inlock_reentrant() */ + if (mod->init_count == 0) + mod->ref_count++; + mod->init_count++; + } + mod->ref_count--; mod->initialize_thread = 0; return rv; } @@ -583,13 +624,13 @@ reinitialize_after_fork (void) if (gl.modules) { p11_dict_iterate (gl.modules, &iter); - while (p11_dict_next (&iter, NULL, (void **)&mod)) + while (p11_dict_next (&iter, (void **)&mod, NULL)) mod->initialize_called = false; } p11_unlock (); - _p11_kit_proxy_after_fork (); + p11_proxy_after_fork (); } #endif /* OS_UNIX */ @@ -600,11 +641,26 @@ init_globals_unlocked (void) static bool once = false; if (!gl.modules) { - gl.modules = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal, - NULL, free_module_unlocked); + gl.modules = p11_dict_new (p11_dict_direct_hash, + p11_dict_direct_equal, + free_module_unlocked, NULL); return_val_if_fail (gl.modules != NULL, CKR_HOST_MEMORY); } + if (!gl.unmanaged_by_funcs) { + gl.unmanaged_by_funcs = p11_dict_new (p11_dict_direct_hash, + p11_dict_direct_equal, + NULL, NULL); + return_val_if_fail (gl.unmanaged_by_funcs != NULL, CKR_HOST_MEMORY); + } + + if (!gl.managed_by_closure) { + gl.managed_by_closure = p11_dict_new (p11_dict_direct_hash, + p11_dict_direct_equal, + NULL, NULL); + return_val_if_fail (gl.managed_by_closure != NULL, CKR_HOST_MEMORY); + } + if (once) return CKR_OK; @@ -624,19 +680,26 @@ free_modules_when_no_refs_unlocked (void) /* Check if any modules have a ref count */ p11_dict_iterate (gl.modules, &iter); - while (p11_dict_next (&iter, NULL, (void **)&mod)) { + while (p11_dict_next (&iter, (void **)&mod, NULL)) { if (mod->ref_count) return; } + p11_dict_free (gl.unmanaged_by_funcs); + gl.unmanaged_by_funcs = NULL; + + p11_dict_free (gl.managed_by_closure); + gl.managed_by_closure = NULL; + p11_dict_free (gl.modules); gl.modules = NULL; + p11_dict_free (gl.config); gl.config = NULL; } static CK_RV -finalize_module_unlocked_reentrant (Module *mod) +finalize_module_inlock_reentrant (Module *mod) { assert (mod); @@ -647,7 +710,7 @@ finalize_module_unlocked_reentrant (Module *mod) if (mod->ref_count == 0) return CKR_ARGUMENTS_BAD; - if (--mod->ref_count > 0) + if (--mod->init_count > 0) return CKR_OK; /* @@ -655,78 +718,58 @@ finalize_module_unlocked_reentrant (Module *mod) * the ref count. This prevents module from being freed out * from ounder us. */ - ++mod->ref_count; - p11_mutex_lock (&mod->initialize_mutex); p11_unlock (); + p11_mutex_lock (&mod->initialize_mutex); if (mod->initialize_called) { - - assert (mod->funcs); - mod->funcs->C_Finalize (NULL); - + mod->virt.funcs.C_Finalize (&mod->virt.funcs, NULL); mod->initialize_called = false; } p11_mutex_unlock (&mod->initialize_mutex); p11_lock (); - /* Match the increment above */ - --mod->ref_count; + /* Match the ref increment in initialize_module_inlock_reentrant() */ + mod->ref_count--; free_modules_when_no_refs_unlocked (); return CKR_OK; } -static Module* -find_module_for_name_unlocked (const char *name) +static CK_RV +initialize_registered_inlock_reentrant (void) { - Module *mod; p11_dictiter iter; - - assert (name); - - p11_dict_iterate (gl.modules, &iter); - while (p11_dict_next (&iter, NULL, (void **)&mod)) - if (mod->ref_count && mod->name && strcmp (name, mod->name) == 0) - return mod; - return NULL; -} - -CK_RV -_p11_kit_initialize_registered_unlocked_reentrant (void) -{ Module *mod; - p11_dictiter iter; - int critical; CK_RV rv; + /* + * This is only called by deprecated code. The caller expects all + * configured and enabled modules to be initialized. + */ + rv = init_globals_unlocked (); if (rv != CKR_OK) return rv; rv = load_registered_modules_unlocked (); if (rv == CKR_OK) { - p11_dict_iterate (gl.modules, &iter); - while (p11_dict_next (&iter, NULL, (void **)&mod)) { + p11_dict_iterate (gl.unmanaged_by_funcs, &iter); + while (rv == CKR_OK && p11_dict_next (&iter, NULL, (void **)&mod)) { - /* Skip all modules that aren't registered */ + /* Skip all modules that aren't registered or enabled */ if (mod->name == NULL || !is_module_enabled_unlocked (mod->name, mod->config)) continue; - rv = initialize_module_unlocked_reentrant (mod); - - /* - * Module failed to initialize. If this is a critical module, - * then this, should abort loading of others. - */ + rv = initialize_module_inlock_reentrant (mod); if (rv != CKR_OK) { - p11_message ("failed to initialize module: %s: %s", - mod->name, p11_kit_strerror (rv)); - - critical = _p11_conf_parse_boolean (p11_dict_get (mod->config, "critical"), false); - if (!critical) { - p11_debug ("ignoring failure, non-critical module: %s", mod->name); + if (mod->critical) { + p11_message ("initialization of critical module '%s' failed: %s", + mod->name, p11_kit_strerror (rv)); + } else { + p11_message ("skipping module '%s' whose initialization failed: %s", + mod->name, p11_kit_strerror (rv)); rv = CKR_OK; } } @@ -736,6 +779,27 @@ _p11_kit_initialize_registered_unlocked_reentrant (void) return rv; } +static Module * +module_for_functions_inlock (CK_FUNCTION_LIST *funcs) +{ + if (p11_virtual_is_wrapper (funcs)) + return p11_dict_get (gl.managed_by_closure, funcs); + else + return p11_dict_get (gl.unmanaged_by_funcs, funcs); +} + +static CK_FUNCTION_LIST * +unmanaged_for_module_inlock (Module *mod) +{ + CK_FUNCTION_LIST *funcs; + + funcs = mod->virt.lower_module; + if (p11_dict_get (gl.unmanaged_by_funcs, funcs) == mod) + return funcs; + + return NULL; +} + /** * p11_kit_initialize_registered: * @@ -751,6 +815,8 @@ _p11_kit_initialize_registered_unlocked_reentrant (void) * If this function fails, then an error message will be available via the * p11_kit_message() function. * + * Deprecated: Since: 0.19.0: Use p11_kit_modules_load() instead. + * * Returns: CKR_OK if the initialization succeeded, or an error code. */ CK_RV @@ -768,7 +834,7 @@ p11_kit_initialize_registered (void) p11_message_clear (); /* WARNING: Reentrancy can occur here */ - rv = _p11_kit_initialize_registered_unlocked_reentrant (); + rv = initialize_registered_inlock_reentrant (); _p11_kit_default_message (rv); @@ -782,29 +848,36 @@ p11_kit_initialize_registered (void) return rv; } -CK_RV -_p11_kit_finalize_registered_unlocked_reentrant (void) +static CK_RV +finalize_registered_inlock_reentrant (void) { Module *mod; p11_dictiter iter; Module **to_finalize; int i, count; + /* + * This is only called from deprecated code. The caller expects all + * modules initialized earlier to be finalized (once). If non-critical + * modules failed to initialize, then it is not possible to completely + * guarantee the internal state. + */ + if (!gl.modules) return CKR_CRYPTOKI_NOT_INITIALIZED; /* WARNING: This function must be reentrant */ - to_finalize = calloc (p11_dict_size (gl.modules), sizeof (Module *)); + to_finalize = calloc (p11_dict_size (gl.unmanaged_by_funcs), sizeof (Module *)); if (!to_finalize) return CKR_HOST_MEMORY; count = 0; - p11_dict_iterate (gl.modules, &iter); + p11_dict_iterate (gl.unmanaged_by_funcs, &iter); while (p11_dict_next (&iter, NULL, (void **)&mod)) { /* Skip all modules that aren't registered */ - if (mod->name) + if (mod->name && mod->init_count) to_finalize[count++] = mod; } @@ -812,7 +885,7 @@ _p11_kit_finalize_registered_unlocked_reentrant (void) for (i = 0; i < count; ++i) { /* WARNING: Reentrant calls can occur here */ - finalize_module_unlocked_reentrant (to_finalize[i]); + finalize_module_inlock_reentrant (to_finalize[i]); } free (to_finalize); @@ -837,6 +910,8 @@ _p11_kit_finalize_registered_unlocked_reentrant (void) * If this function fails, then an error message will be available via the * p11_kit_message() function. * + * Deprecated: Since 0.19.0: Use p11_kit_modules_release() instead. + * * Returns: CKR_OK if the finalization succeeded, or an error code. */ @@ -855,7 +930,7 @@ p11_kit_finalize_registered (void) p11_message_clear (); /* WARNING: Reentrant calls can occur here */ - rv = _p11_kit_finalize_registered_unlocked_reentrant (); + rv = finalize_registered_inlock_reentrant (); _p11_kit_default_message (rv); @@ -875,8 +950,8 @@ compar_priority (const void *one, const char *v1, *v2; int o1, o2; - m1 = p11_dict_get (gl.modules, f1); - m2 = p11_dict_get (gl.modules, f2); + m1 = module_for_functions_inlock (f1); + m2 = module_for_functions_inlock (f2); assert (m1 != NULL && m2 != NULL); v1 = p11_dict_get (m1->config, "priority"); @@ -910,20 +985,27 @@ sort_modules_by_priority (CK_FUNCTION_LIST_PTR *modules, qsort (modules, count, sizeof (CK_FUNCTION_LIST_PTR), compar_priority); } -CK_FUNCTION_LIST_PTR_PTR -_p11_kit_registered_modules_unlocked (void) +static CK_FUNCTION_LIST ** +list_registered_modules_inlock (void) { - CK_FUNCTION_LIST_PTR_PTR result = NULL; + CK_FUNCTION_LIST **result = NULL; + CK_FUNCTION_LIST *funcs; Module *mod; p11_dictiter iter; int i = 0; - if (gl.modules) { - result = calloc (p11_dict_size (gl.modules) + 1, sizeof (CK_FUNCTION_LIST_PTR)); + /* + * This is only called by deprecated code. The caller expects to get + * a list of all registered enabled modules that have been initialized. + */ + + if (gl.unmanaged_by_funcs) { + result = calloc (p11_dict_size (gl.unmanaged_by_funcs) + 1, + sizeof (CK_FUNCTION_LIST *)); return_val_if_fail (result != NULL, NULL); - p11_dict_iterate (gl.modules, &iter); - while (p11_dict_next (&iter, NULL, (void **)&mod)) { + p11_dict_iterate (gl.unmanaged_by_funcs, &iter); + while (p11_dict_next (&iter, (void **)&funcs, (void **)&mod)) { /* * We don't include unreferenced modules. We don't include @@ -936,9 +1018,9 @@ _p11_kit_registered_modules_unlocked (void) * having initialized. This is a corner case, but want to make * sure to cover it. */ - if (mod->ref_count && mod->name && + if (mod->ref_count && mod->name && mod->init_count && is_module_enabled_unlocked (mod->name, mod->config)) { - result[i++] = mod->funcs; + result[i++] = funcs; } } @@ -957,6 +1039,10 @@ _p11_kit_registered_modules_unlocked (void) * The returned value is a <code>NULL</code> terminated array of * <code>CK_FUNCTION_LIST_PTR</code> pointers. * + * The returned modules are unmanaged. + * + * Deprecated: Since 0.19.0: Use p11_kit_modules_load() instead. + * * Returns: A list of all the registered modules. Use the free() function to * free the list. */ @@ -971,7 +1057,7 @@ p11_kit_registered_modules (void) p11_message_clear (); - result = _p11_kit_registered_modules_unlocked (); + result = list_registered_modules_inlock (); p11_unlock (); @@ -987,6 +1073,8 @@ p11_kit_registered_modules (void) * You can use p11_kit_registered_modules() to get a list of all the registered * modules. This name is specified by the registered module configuration. * + * Deprecated: Since 0.19.0: Use p11_kit_module_get_name() instead. + * * Returns: A newly allocated string containing the module name, or * <code>NULL</code> if no such registered module exists. Use free() to * free this string. @@ -994,6 +1082,28 @@ p11_kit_registered_modules (void) char* p11_kit_registered_module_to_name (CK_FUNCTION_LIST_PTR module) { + return_val_if_fail (module != NULL, NULL); + return p11_kit_module_get_name (module); +} + +/** + * p11_kit_module_get_name: + * @module: pointer to a loaded module + * + * Get the configured name of the PKCS\#11 module. + * + * Configured modules are loaded by p11_kit_modules_load(). The module + * passed to this function can be either managed or unmanaged. Non + * configured modules will return %NULL. + * + * Use free() to release the return value when you're done with it. + * + * Returns: a newly allocated string containing the module name, or + * <code>NULL</code> if the module is not a configured module + */ +char * +p11_kit_module_get_name (CK_FUNCTION_LIST *module) +{ Module *mod; char *name = NULL; @@ -1005,9 +1115,11 @@ p11_kit_registered_module_to_name (CK_FUNCTION_LIST_PTR module) p11_message_clear (); - mod = module && gl.modules ? p11_dict_get (gl.modules, module) : NULL; - if (mod && mod->name) - name = strdup (mod->name); + if (gl.modules) { + mod = module_for_functions_inlock (module); + if (mod && mod->name) + name = strdup (mod->name); + } p11_unlock (); @@ -1015,12 +1127,60 @@ p11_kit_registered_module_to_name (CK_FUNCTION_LIST_PTR module) } /** + * p11_kit_module_get_flags: + * @module: the module + * + * Get the flags for this module. + * + * The %P11_KIT_MODULE_UNMANAGED flag will be set if the module is not + * managed by p11-kit. It is a raw PKCS\#11 module function list. + * + * The %P11_KIT_MODULE_CRITICAL flag will be set if the module is configured + * to be critical, and not be skipped over if it fails to initialize or + * load. This flag is also set for modules that are not configured, but have + * been loaded in another fashion. + * + * Returns: the flags for the module + */ +int +p11_kit_module_get_flags (CK_FUNCTION_LIST *module) +{ + Module *mod; + int flags = 0; + + return_val_if_fail (module != NULL, 0); + + p11_library_init_once (); + + p11_lock (); + + p11_message_clear (); + + if (gl.modules) { + if (p11_virtual_is_wrapper (module)) { + mod = p11_dict_get (gl.managed_by_closure, module); + } else { + flags |= P11_KIT_MODULE_UNMANAGED; + mod = p11_dict_get (gl.unmanaged_by_funcs, module); + } + if (!mod || mod->critical) + flags |= P11_KIT_MODULE_CRITICAL; + } + + p11_unlock (); + + return flags; +} + +/** * p11_kit_registered_name_to_module: * @name: name of a registered module * * Lookup a registered PKCS\#11 module by its name. This name is specified by * the registered module configuration. * + * Deprecated: Since 0.19.0: Use p11_kit_module_for_name() instead. + * * Returns: a pointer to a PKCS\#11 module, or <code>NULL</code> if this name was * not found. */ @@ -1028,19 +1188,28 @@ CK_FUNCTION_LIST_PTR p11_kit_registered_name_to_module (const char *name) { CK_FUNCTION_LIST_PTR module = NULL; + CK_FUNCTION_LIST_PTR funcs; + p11_dictiter iter; Module *mod; return_val_if_fail (name != NULL, NULL); p11_lock (); - p11_message_clear (); + p11_message_clear (); - if (gl.modules) { - mod = find_module_for_name_unlocked (name); - if (mod != NULL && is_module_enabled_unlocked (name, mod->config)) - module = mod->funcs; + if (gl.modules) { + + assert (name); + + p11_dict_iterate (gl.unmanaged_by_funcs, &iter); + while (p11_dict_next (&iter, (void **)&funcs, (void **)&mod)) { + if (mod->ref_count && mod->name && strcmp (name, mod->name) == 0) { + module = funcs; + break; + } } + } p11_unlock (); @@ -1048,6 +1217,70 @@ p11_kit_registered_name_to_module (const char *name) } /** + * p11_kit_module_for_name: + * @modules: a list of modules to look through + * @name: the name of the module to find + * + * Look through the list of @modules and return the module whose @name + * matches. + * + * Only configured modules have names. Configured modules are loaded by + * p11_kit_modules_load(). The module passed to this function can be either + * managed or unmanaged. + * + * The return value is not copied or duplicated in anyway. It is still + * 'owned' by the @modules list. + * + * Returns: the module which matches the name, or %NULL if no match. + */ +CK_FUNCTION_LIST * +p11_kit_module_for_name (CK_FUNCTION_LIST **modules, + const char *name) +{ + CK_FUNCTION_LIST *ret = NULL; + Module *mod; + int i; + + return_val_if_fail (name != NULL, NULL); + + if (!modules) + return NULL; + + p11_library_init_once (); + + p11_lock (); + + p11_message_clear (); + + for (i = 0; gl.modules && modules[i] != NULL; i++) { + mod = module_for_functions_inlock (modules[i]); + if (mod && mod->name && strcmp (mod->name, name) == 0) { + ret = modules[i]; + break; + } + } + + p11_unlock (); + + return ret; +} + +static const char * +module_get_option_inlock (Module *mod, + const char *option) +{ + p11_dict *config; + + if (mod == NULL) + config = gl.config; + else + config = mod->config; + if (config == NULL) + return NULL; + return p11_dict_get (config, option); +} + +/** * p11_kit_registered_option: * @module: a pointer to a registered module * @field: the name of the option to lookup. @@ -1056,6 +1289,8 @@ p11_kit_registered_name_to_module (const char *name) * <code>NULL</code> module argument is specified, then this will lookup * the configuration option in the global config file. * + * Deprecated: Since 0.19.0: Use p11_kit_config_option() instead. + * * Returns: A newly allocated string containing the option value, or * <code>NULL</code> if the registered module or the option were not found. * Use free() to free the returned string. @@ -1065,7 +1300,7 @@ p11_kit_registered_option (CK_FUNCTION_LIST_PTR module, const char *field) { Module *mod = NULL; char *option = NULL; - p11_dict *config = NULL; + const char *value; return_val_if_fail (field != NULL, NULL); @@ -1075,24 +1310,824 @@ p11_kit_registered_option (CK_FUNCTION_LIST_PTR module, const char *field) p11_message_clear (); - if (module == NULL) { - config = gl.config; + if (module == NULL) + mod = NULL; + else + mod = gl.unmanaged_by_funcs ? p11_dict_get (gl.unmanaged_by_funcs, module) : NULL; + + value = module_get_option_inlock (mod, field); + if (value) + option = strdup (value); + + p11_unlock (); + + return option; +} + +/** + * p11_kit_config_option: + * @module: the module to retrieve the option for, or %NULL for global options + * @option: the option to retrieve + * + * Retrieve the value for a configured option. + * + * If @module is %NULL, then the global option with the given name will + * be retrieved. Otherwise @module should point to a configured loaded module. + * If no such @option or configured @module exists, then %NULL will be returned. + * + * Use free() to release the returned value. + * + * Returns: the option value or %NULL + */ +char * +p11_kit_config_option (CK_FUNCTION_LIST *module, + const char *option) +{ + Module *mod = NULL; + const char *value = NULL; + char *ret = NULL; + + return_val_if_fail (option != NULL, NULL); + + p11_library_init_once (); + + p11_lock (); + + p11_message_clear (); + + if (gl.modules) { + if (module != NULL) { + mod = module_for_functions_inlock (module); + if (mod == NULL) + goto cleanup; + } + + value = module_get_option_inlock (mod, option); + if (value) + ret = strdup (value); + } + +cleanup: + p11_unlock (); + return ret; +} + +typedef struct { + p11_virtual virt; + Module *mod; + bool initialized; + p11_dict *sessions; +} Managed; + +static CK_RV +managed_C_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR init_args) +{ + Managed *managed = ((Managed *)self); + p11_dict *sessions; + CK_RV rv; + + p11_debug ("in"); + p11_lock (); + + if (managed->initialized) { + rv = CKR_CRYPTOKI_ALREADY_INITIALIZED; + + } else { + sessions = p11_dict_new (p11_dict_ulongptr_hash, + p11_dict_ulongptr_equal, + free, free); + if (!sessions) + rv = CKR_HOST_MEMORY; + else + rv = initialize_module_inlock_reentrant (managed->mod); + if (rv == CKR_OK) { + managed->sessions = sessions; + managed->initialized = true; } else { - mod = gl.modules ? p11_dict_get (gl.modules, module) : NULL; - if (mod) - config = mod->config; + p11_dict_free (sessions); } + } + + p11_unlock (); + p11_debug ("out: %lu", rv); - if (config && field) { - option = p11_dict_get (config, field); - if (option) - option = strdup (option); + return rv; +} + +static CK_RV +managed_track_session_inlock (p11_dict *sessions, + CK_SLOT_ID slot_id, + CK_SESSION_HANDLE session) +{ + void *key; + void *value; + + key = memdup (&session, sizeof (CK_SESSION_HANDLE)); + return_val_if_fail (key != NULL, CKR_HOST_MEMORY); + + value = memdup (&slot_id, sizeof (CK_SESSION_HANDLE)); + return_val_if_fail (value != NULL, CKR_HOST_MEMORY); + + if (!p11_dict_set (sessions, key, value)) + return_val_if_reached (CKR_HOST_MEMORY); + + return CKR_OK; +} + +static void +managed_untrack_session_inlock (p11_dict *sessions, + CK_SESSION_HANDLE session) +{ + p11_dict_remove (sessions, &session); +} + +static CK_SESSION_HANDLE * +managed_steal_sessions_inlock (p11_dict *sessions, + bool matching_slot_id, + CK_SLOT_ID slot_id, + int *count) +{ + CK_SESSION_HANDLE *stolen; + CK_SESSION_HANDLE *key; + CK_SLOT_ID *value; + p11_dictiter iter; + int at, i; + + assert (sessions != NULL); + assert (count != NULL); + + stolen = calloc (p11_dict_size (sessions), sizeof (CK_SESSION_HANDLE)); + return_val_if_fail (stolen != NULL, NULL); + + at = 0; + p11_dict_iterate (sessions, &iter); + while (p11_dict_next (&iter, (void **)&key, (void **)&value)) { + if (!matching_slot_id || slot_id == *value) + stolen[at++] = *key; + } + + /* Removed them all, clear the whole array */ + if (at == p11_dict_size (sessions)) { + p11_dict_clear (sessions); + + /* Only removed some, go through and remove those */ + } else { + for (i = 0; i < at; i++) { + if (!p11_dict_remove (sessions, stolen + at)) + assert_not_reached (); } + } + + *count = at; + return stolen; +} + +static void +managed_close_sessions (CK_X_FUNCTION_LIST *funcs, + CK_SESSION_HANDLE *stolen, + int count) +{ + CK_RV rv; + int i; + + for (i = 0; i < count; i++) { + rv = funcs->C_CloseSession (funcs, stolen[i]); + if (rv != CKR_OK) + p11_message ("couldn't close session: %s", p11_kit_strerror (rv)); + } +} + +static CK_RV +managed_C_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR reserved) +{ + Managed *managed = ((Managed *)self); + CK_SESSION_HANDLE *sessions; + int count; + CK_RV rv; + + p11_debug ("in"); + p11_lock (); + + if (!managed->initialized) { + rv = CKR_CRYPTOKI_NOT_INITIALIZED; + + } else { + sessions = managed_steal_sessions_inlock (managed->sessions, false, 0, &count); + + if (sessions && count) { + /* WARNING: reentrancy can occur here */ + p11_unlock (); + managed_close_sessions (&managed->mod->virt.funcs, sessions, count); + p11_lock (); + } + + free (sessions); + + /* WARNING: reentrancy can occur here */ + rv = finalize_module_inlock_reentrant (managed->mod); + + if (rv == CKR_OK) { + managed->initialized = false; + p11_dict_free (managed->sessions); + managed->sessions = NULL; + } + } p11_unlock (); + p11_debug ("out: %lu", rv); - return option; + return rv; +} + +static CK_RV +managed_C_OpenSession (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_FLAGS flags, + CK_VOID_PTR application, + CK_NOTIFY notify, + CK_SESSION_HANDLE_PTR session) +{ + Managed *managed = ((Managed *)self); + CK_RV rv; + + return_val_if_fail (session != NULL, CKR_ARGUMENTS_BAD); + + self = &managed->mod->virt.funcs; + rv = self->C_OpenSession (self, slot_id, flags, application, notify, session); + + if (rv == CKR_OK) { + p11_lock (); + rv = managed_track_session_inlock (managed->sessions, slot_id, *session); + p11_unlock (); + } + + return rv; +} + +static CK_RV +managed_C_CloseSession (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + Managed *managed = ((Managed *)self); + CK_RV rv; + + self = &managed->mod->virt.funcs; + rv = self->C_CloseSession (self, session); + + if (rv == CKR_OK) { + p11_lock (); + managed_untrack_session_inlock (managed->sessions, session); + p11_unlock (); + } + + return rv; +} + +static CK_RV +managed_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id) +{ + Managed *managed = ((Managed *)self); + CK_SESSION_HANDLE *stolen; + int count; + + p11_lock (); + stolen = managed_steal_sessions_inlock (managed->sessions, true, slot_id, &count); + p11_unlock (); + + self = &managed->mod->virt.funcs; + managed_close_sessions (self, stolen, count); + free (stolen); + + return stolen ? CKR_OK : CKR_GENERAL_ERROR; +} + +static void +managed_free_inlock (void *data) +{ + Managed *managed = data; + managed->mod->ref_count--; + free (managed); +} + +static p11_virtual * +managed_create_inlock (Module *mod) +{ + Managed *managed; + + managed = calloc (1, sizeof (Managed)); + return_val_if_fail (managed != NULL, NULL); + + p11_virtual_init (&managed->virt, &p11_virtual_stack, + &mod->virt, NULL); + managed->virt.funcs.C_Initialize = managed_C_Initialize; + managed->virt.funcs.C_Finalize = managed_C_Finalize; + managed->virt.funcs.C_CloseAllSessions = managed_C_CloseAllSessions; + managed->virt.funcs.C_CloseSession = managed_C_CloseSession; + managed->virt.funcs.C_OpenSession = managed_C_OpenSession; + managed->mod = mod; + mod->ref_count++; + + return &managed->virt; +} + +static bool +lookup_managed_option (Module *mod, + bool supported, + const char *option, + bool def_value) +{ + const char *string; + bool value; + + string = module_get_option_inlock (NULL, option); + if (!string) + string = module_get_option_inlock (mod, option); + if (!string) { + if (!supported) + return false; + return def_value; + } + + value = _p11_conf_parse_boolean (string, def_value); + + if (!supported && value != supported) { + if (!p11_virtual_can_wrap ()) { + /* + * This is because libffi dependency was not built. The libffi dependency + * is highly recommended and building without it results in a large loss + * of functionality. + */ + p11_message ("the '%s' option for module '%s' is not supported on this system", + option, mod->name); + } else { + /* + * This is because the module is running in unmanaged mode, so turn off the + */ + p11_message ("the '%s' option for module '%s' is only supported for managed modules", + option, mod->name); + } + return false; + } + + return value; +} + +static CK_RV +release_module_inlock_rentrant (CK_FUNCTION_LIST *module, + const char *caller_func) +{ + Module *mod; + + assert (module != NULL); + + /* See if a managed module, and finalize if so */ + if (p11_virtual_is_wrapper (module)) { + mod = p11_dict_get (gl.managed_by_closure, module); + if (mod != NULL) { + if (!p11_dict_remove (gl.managed_by_closure, module)) + assert_not_reached (); + p11_virtual_unwrap (module); + } + + /* If an unmanaged module then caller should have finalized */ + } else { + mod = p11_dict_get (gl.unmanaged_by_funcs, module); + } + + if (mod == NULL) { + p11_debug_precond ("invalid module pointer passed to %s", caller_func); + return CKR_ARGUMENTS_BAD; + } + + /* Matches the ref in prepare_module_inlock_reentrant() */ + mod->ref_count--; + return CKR_OK; +} + +CK_RV +p11_modules_release_inlock_reentrant (CK_FUNCTION_LIST **modules) +{ + CK_RV ret = CKR_OK; + CK_RV rv; + int i; + + for (i = 0; modules[i] != NULL; i++) { + rv = release_module_inlock_rentrant (modules[i], __PRETTY_FUNCTION__); + if (rv != CKR_OK) + ret = rv; + } + + free (modules); + + /* In case nothing loaded, free up internal memory */ + free_modules_when_no_refs_unlocked (); + + return ret; +} + +static CK_RV +prepare_module_inlock_reentrant (Module *mod, + int flags, + CK_FUNCTION_LIST **module) +{ + p11_destroyer destroyer; + p11_virtual *virt; + bool is_managed; + bool with_log; + + assert (module != NULL); + + if (flags & P11_KIT_MODULE_UNMANAGED) { + is_managed = false; + with_log = false; + } else { + is_managed = lookup_managed_option (mod, p11_virtual_can_wrap (), "managed", true); + with_log = lookup_managed_option (mod, is_managed, "log-calls", false); + } + + if (is_managed) { + virt = managed_create_inlock (mod); + return_val_if_fail (virt != NULL, CKR_HOST_MEMORY); + destroyer = managed_free_inlock; + + /* Add the logger if configured */ + if (p11_log_force || with_log) { + virt = p11_log_subclass (virt, destroyer); + destroyer = p11_log_release; + } + + *module = p11_virtual_wrap (virt, destroyer); + return_val_if_fail (*module != NULL, CKR_GENERAL_ERROR); + + if (!p11_dict_set (gl.managed_by_closure, *module, mod)) + return_val_if_reached (CKR_HOST_MEMORY); + + } else { + *module = unmanaged_for_module_inlock (mod); + if (*module == NULL) + return CKR_FUNCTION_NOT_SUPPORTED; + } + + /* Matches the deref in release_module_inlock_rentrant() */ + mod->ref_count++; + return CKR_OK; +} + +CK_RV +p11_modules_load_inlock_reentrant (int flags, + CK_FUNCTION_LIST ***results) +{ + CK_FUNCTION_LIST **modules; + Module *mod; + p11_dictiter iter; + CK_RV rv; + int at; + + rv = init_globals_unlocked (); + if (rv != CKR_OK) + return rv; + + rv = load_registered_modules_unlocked (); + if (rv != CKR_OK) + return rv; + + modules = calloc (p11_dict_size (gl.modules) + 1, sizeof (CK_FUNCTION_LIST *)); + return_val_if_fail (modules != NULL, CKR_HOST_MEMORY); + + at = 0; + rv = CKR_OK; + + p11_dict_iterate (gl.modules, &iter); + while (p11_dict_next (&iter, NULL, (void **)&mod)) { + + /* + * We don't include unreferenced modules. We don't include + * modules that have been initialized but aren't in the + * registry. These have a NULL name. + * + * In addition we check again that the module isn't disabled + * using enable-in or disable-in. This is because a caller + * can change the progname we recognize the process as after + * having initialized. This is a corner case, but want to make + * sure to cover it. + */ + if (!mod->name || !is_module_enabled_unlocked (mod->name, mod->config)) + continue; + + rv = prepare_module_inlock_reentrant (mod, flags, modules + at); + if (rv == CKR_OK) + at++; + else if (rv != CKR_FUNCTION_NOT_SUPPORTED) + break; + } + + modules[at] = NULL; + + if (rv != CKR_OK) { + p11_modules_release_inlock_reentrant (modules); + return rv; + } + + sort_modules_by_priority (modules, at); + *results = modules; + return CKR_OK; +} + +/** + * p11_kit_modules_load: + * @reserved: set to %NULL + * @flags: flags to use to load the module + * + * Load the configured PKCS\#11 modules. + * + * If @flags contains the %P11_KIT_MODULE_UNMANAGED flag, then the + * modules will be not be loaded in 'managed' mode regardless of its + * configuration. This is not recommended for general usage. + * + * If @flags contains the %P11_KIT_MODULE_CRITICAL flag then the + * modules will all be treated as 'critical', regardless of the module + * configuration. This means that a failure to load any module will + * cause this funtion to fail. + * + * For unmanaged modules there is no guarantee to the state of the + * modules. Other callers may be using the modules. Using unmanaged + * modules haphazardly is not recommended for this reason. Some + * modules (such as those configured with RPC) cannot be loaded in + * unmanaged mode, and will be skipped. + * + * Use p11_kit_modules_release() to release the modules returned by + * this function. + * + * If this function fails, then an error message will be available via the + * p11_kit_message() function. + * + * Returns: a null terminated list of modules represented as PKCS\#11 + * function lists, or %NULL on failure + */ +CK_FUNCTION_LIST ** +p11_kit_modules_load (const char *reserved, + int flags) +{ + CK_FUNCTION_LIST **modules; + CK_RV rv; + + /* progname attribute not implemented yet */ + return_val_if_fail (reserved == NULL, NULL); + + p11_library_init_once (); + + /* WARNING: This function must be reentrant */ + p11_debug ("in"); + + p11_lock (); + + p11_message_clear (); + + /* WARNING: Reentrancy can occur here */ + rv = p11_modules_load_inlock_reentrant (flags, &modules); + + p11_unlock (); + + if (rv != CKR_OK) + modules = NULL; + + p11_debug ("out: %s", modules ? "success" : "fail"); + return modules; +} + +/** + * p11_kit_modules_initialize: + * @modules: a %NULL terminated list of modules + * @failure_callback: called with modules that fail to initialize + * + * Initialize all the modules in the @modules list by calling their + * <literal>C_Initialize</literal> function. + * + * For managed modules the <literal>C_Initialize</literal> function + * is overridden so that multiple callers can initialize the same + * modules. In addition for managed modules multiple callers can + * initialize from different threads, and still guarantee consistent + * thread-safe behavior. + * + * For unmanaged modules if multiple callers try to initialize + * a module, then one of the calls will return + * <literal>CKR_CRYPTOKI_ALREADY_INITIALIZED</literal> according to the + * PKCS\#11 specification. In addition there are no guarantees that + * thread-safe behavior will occur if multiple callers initialize from + * different threads. + * + * When a module fails to initialize it is removed from the @modules list. + * If the @failure_callback is not %NULL then it is called with the modules that + * fail to initialize. For example, you may pass p11_kit_module_release() + * as a @failure_callback if the @modules list was loaded wit p11_kit_modules_load(). + * + * The return value will return the failure code of the last critical + * module that failed to initialize. Non-critical module failures do not affect + * the return value. If no critical modules failed to initialize then the + * return value will be <literal>CKR_OK</literal>. + * + * When modules are removed, the list will be %NULL terminated at the + * appropriate place so it can continue to be used as a modules list. + * + * This function does not accept a <code>CK_C_INITIALIZE_ARGS</code> argument. + * Custom initialization arguments cannot be supported when multiple consumers + * load the same module. + * + * Returns: <literal>CKR_OK</literal> or the failure code of the last critical + * module that failed to initialize. + */ +CK_RV +p11_kit_modules_initialize (CK_FUNCTION_LIST **modules, + p11_kit_destroyer failure_callback) +{ + CK_RV ret = CKR_OK; + CK_RV rv; + bool critical; + char *name; + int i, out; + + return_val_if_fail (modules != NULL, CKR_ARGUMENTS_BAD); + + for (i = 0, out = 0; modules[i] != NULL; i++, out++) { + rv = modules[i]->C_Initialize (NULL); + if (rv != CKR_OK) { + name = p11_kit_module_get_name (modules[i]); + if (name == NULL) + name = strdup ("(unknown)"); + return_val_if_fail (name != NULL, CKR_HOST_MEMORY); + critical = (p11_kit_module_get_flags (modules[i]) & P11_KIT_MODULE_CRITICAL); + p11_message ("%s: module failed to initialize%s: %s", + name, critical ? "" : ", skipping", p11_kit_strerror (rv)); + if (critical) + ret = rv; + if (failure_callback) + failure_callback (modules[i]); + out--; + free (name); + } + } + + /* NULL terminate after above changes */ + modules[out] = NULL; + return ret; +} + +/** + * p11_kit_modules_load_and_initialize: + * @flags: flags to use to load the modules + * + * Load and initialize configured modules. + * + * If a critical module fails to load or initialize then the function will + * return <literal>NULL</literal>. Non-critical modules will be skipped + * and not included in the returned module list. + * + * Use p11_kit_modules_finalize_and_release() when you're done with the + * modules returned by this function. + * + * Returns: a <literal>NULL</literal> terminated list of modules, or + * <literal>NULL</literal> on failure + */ +CK_FUNCTION_LIST ** +p11_kit_modules_load_and_initialize (int flags) +{ + CK_FUNCTION_LIST **modules; + CK_RV rv; + + modules = p11_kit_modules_load (NULL, flags); + if (modules == NULL) + return NULL; + + rv = p11_kit_modules_initialize (modules, (p11_destroyer)p11_kit_module_release); + if (rv != CKR_OK) { + p11_kit_modules_release (modules); + modules = NULL; + } + + return modules; +} + +/** + * p11_kit_modules_finalize: + * @modules: a <literal>NULL</literal> terminated list of modules + * + * Finalize each module in the @modules list by calling its + * <literal>C_Finalize</literal> function. Regardless of failures, all + * @modules will have their <literal>C_Finalize</literal> function called. + * + * If a module returns a failure from its <literal>C_Finalize</literal> + * method it will be returned. If multiple modules fail, the last failure + * will be returned. + * + * For managed modules the <literal>C_Finalize</literal> function + * is overridden so that multiple callers can finalize the same + * modules. In addition for managed modules multiple callers can + * finalize from different threads, and still guarantee consistent + * thread-safe behavior. + * + * For unmanaged modules if multiple callers try to finalize + * a module, then one of the calls will return + * <literal>CKR_CRYPTOKI_NOT_INITIALIZED</literal> according to the + * PKCS\#11 specification. In addition there are no guarantees that + * thread-safe behavior will occur if multiple callers finalize from + * different threads. + * + * Returns: <literal>CKR_OK</literal> or the failure code of the last + * module that failed to finalize + */ +CK_RV +p11_kit_modules_finalize (CK_FUNCTION_LIST **modules) +{ + CK_RV ret = CKR_OK; + CK_RV rv; + char *name; + int i; + + return_val_if_fail (modules != NULL, CKR_ARGUMENTS_BAD); + + for (i = 0; modules[i] != NULL; i++) { + rv = modules[i]->C_Finalize (NULL); + if (rv != CKR_OK) { + name = p11_kit_module_get_name (modules[i]); + p11_message ("%s: module failed to finalize: %s", + name ? name : "(unknown)", p11_kit_strerror (rv)); + free (name); + ret = rv; + } + } + + return ret; +} + +/** + * p11_kit_modules_release: + * @modules: the modules to release + * + * Release the a set of loaded PKCS\#11 modules. + * + * The modules may be either managed or unmanaged. The array containing + * the module pointers is also freed by this function. + * + * Managed modules will not be actually released until all + * callers using them have done so. If the modules were initialized, they + * should have been finalized first. + */ +void +p11_kit_modules_release (CK_FUNCTION_LIST **modules) +{ + p11_library_init_once (); + + return_if_fail (modules != NULL); + + /* WARNING: This function must be reentrant */ + p11_debug ("in"); + + p11_lock (); + + p11_message_clear (); + p11_modules_release_inlock_reentrant (modules); + + p11_unlock (); + + p11_debug ("out"); +} + +/** + * p11_kit_modules_finalize_and_release: + * @modules: the modules to release + * + * Finalize and then release the a set of loaded PKCS\#11 modules. + * + * The modules may be either managed or unmanaged. The array containing + * the module pointers is also freed by this function. + * + * Modules are released even if their finalization returns an error code. + * Managed modules will not be actually finalized or released until all + * callers using them have done so. + * + * For managed modules the <literal>C_Finalize</literal> function + * is overridden so that multiple callers can finalize the same + * modules. In addition for managed modules multiple callers can + * finalize from different threads, and still guarantee consistent + * thread-safe behavior. + * + * For unmanaged modules if multiple callers try to finalize + * a module, then one of the calls will return + * <literal>CKR_CRYPTOKI_NOT_INITIALIZED</literal> according to the + * PKCS\#11 specification. In addition there are no guarantees that + * thread-safe behavior will occur if multiple callers initialize from + * different threads. + */ +void +p11_kit_modules_finalize_and_release (CK_FUNCTION_LIST **modules) +{ + return_if_fail (modules != NULL); + p11_kit_modules_finalize (modules); + p11_kit_modules_release (modules); } /** @@ -1123,14 +2158,17 @@ p11_kit_registered_option (CK_FUNCTION_LIST_PTR module, const char *field) * If this function fails, then an error message will be available via the * p11_kit_message() function. * + * Deprecated: Since 0.19.0: Use p11_kit_module_initialize() instead. + * * Returns: CKR_OK if the initialization was successful. */ CK_RV p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module) { - Module *allocated = NULL; + CK_FUNCTION_LIST_PTR result; Module *mod; - CK_RV rv = CKR_OK; + int flags; + CK_RV rv; return_val_if_fail (module != NULL, CKR_ARGUMENTS_BAD); @@ -1143,34 +2181,132 @@ p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module) p11_message_clear (); - rv = init_globals_unlocked (); - if (rv == CKR_OK) { + flags = P11_KIT_MODULE_CRITICAL | P11_KIT_MODULE_UNMANAGED; + rv = p11_module_load_inlock_reentrant (module, flags, &result); - mod = p11_dict_get (gl.modules, module); - if (mod == NULL) { - p11_debug ("allocating new module"); - allocated = mod = alloc_module_unlocked (); - if (mod == NULL) - rv = CKR_HOST_MEMORY; - else - mod->funcs = module; - } + /* An unmanaged module should return the same pointer */ + assert (rv != CKR_OK || result == module); - /* If this was newly allocated, add it to the list */ - if (rv == CKR_OK && allocated) { - if (p11_dict_set (gl.modules, allocated->funcs, allocated)) - allocated = NULL; - else - rv = CKR_HOST_MEMORY; + if (rv == CKR_OK) { + mod = p11_dict_get (gl.unmanaged_by_funcs, module); + assert (mod != NULL); + rv = initialize_module_inlock_reentrant (mod); + if (rv != CKR_OK) { + p11_message ("module initialization failed: %s", p11_kit_strerror (rv)); + p11_module_release_inlock_reentrant (module); } + } + + p11_unlock (); + + p11_debug ("out: %lu", rv); + return rv; +} + +CK_RV +p11_module_load_inlock_reentrant (CK_FUNCTION_LIST *module, + int flags, + CK_FUNCTION_LIST **result) +{ + Module *allocated = NULL; + Module *mod; + CK_RV rv = CKR_OK; + + rv = init_globals_unlocked (); + if (rv == CKR_OK) { + + mod = p11_dict_get (gl.unmanaged_by_funcs, module); + if (mod == NULL) { + p11_debug ("allocating new module"); + allocated = mod = alloc_module_unlocked (); + return_val_if_fail (mod != NULL, CKR_HOST_MEMORY); + p11_virtual_init (&mod->virt, &p11_virtual_base, module, NULL); + } + + /* If this was newly allocated, add it to the list */ + if (rv == CKR_OK && allocated) { + if (!p11_dict_set (gl.modules, allocated, allocated) || + !p11_dict_set (gl.unmanaged_by_funcs, module, allocated)) + return_val_if_reached (CKR_HOST_MEMORY); + allocated = NULL; + } + + if (rv == CKR_OK) { + /* WARNING: Reentrancy can occur here */ + rv = prepare_module_inlock_reentrant (mod, flags, result); + } + + free (allocated); + } + + /* + * If initialization failed, we may need to cleanup. + * If we added this module above, then this will + * clean things up as expected. + */ + if (rv != CKR_OK) + free_modules_when_no_refs_unlocked (); + + _p11_kit_default_message (rv); + return rv; +} + +/** + * p11_kit_module_load: + * @module_path: full file path of module library + * @flags: flags to use when loading the module + * + * Load an arbitrary PKCS\#11 module from a dynamic library file, and + * initialize it. Normally using the p11_kit_modules_load() function + * is preferred. + * + * Using this function to load modules allows coordination between multiple + * callers of the same module in a single process. If @flags contains the + * %P11_KIT_MODULE_UNMANAGED flag, then the modules will be not be loaded + * in 'managed' mode and not be coordinated. This is not recommended + * for general usage. + * + * Subsequent calls to this function for the same module will result in an + * initialization count being incremented for the module. It is safe (although + * usually unnecessary) to use this function on registered modules. + * + * The module should be released with p11_kit_module_release(). + * + * If this function fails, then an error message will be available via the + * p11_kit_message() function. + * + * Returns: the loaded module PKCS\#11 functions or %NULL on failure + */ +CK_FUNCTION_LIST * +p11_kit_module_load (const char *module_path, + int flags) +{ + CK_FUNCTION_LIST *module = NULL; + CK_RV rv; + Module *mod; + + return_val_if_fail (module_path != NULL, NULL); + p11_library_init_once (); + + /* WARNING: This function must be reentrant for the same arguments */ + p11_debug ("in: %s", module_path); + + p11_lock (); + + p11_message_clear (); + + rv = init_globals_unlocked (); + if (rv == CKR_OK) { + + rv = load_module_from_file_inlock (NULL, module_path, &mod); if (rv == CKR_OK) { /* WARNING: Reentrancy can occur here */ - rv = initialize_module_unlocked_reentrant (mod); + rv = prepare_module_inlock_reentrant (mod, flags, &module); + if (rv != CKR_OK) + module = NULL; } - - free (allocated); } /* @@ -1181,12 +2317,11 @@ p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module) if (rv != CKR_OK) free_modules_when_no_refs_unlocked (); - _p11_kit_default_message (rv); - p11_unlock (); - p11_debug ("out: %lu", rv); - return rv; + p11_debug ("out: %s", module ? "success" : "fail"); + return module; + } /** @@ -1198,7 +2333,7 @@ p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module) * p11_kit_finalize_registered() instead of this function. * * Using this function to finalize modules allows coordination between - * multiple users of the same module in a single process. The caller should + * multiple users of the same module in a single process. The caller should not * call the module's <code>C_Finalize</code> method. This function will call * <code>C_Finalize</code> as necessary. * @@ -1211,10 +2346,13 @@ p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module) * If this function fails, then an error message will be available via the * p11_kit_message() function. * + * Deprecated: Since 0.19.0: Use p11_kit_module_finalize() and + * p11_kit_module_release() instead. + * * Returns: CKR_OK if the finalization was successful. */ CK_RV -p11_kit_finalize_module (CK_FUNCTION_LIST_PTR module) +p11_kit_finalize_module (CK_FUNCTION_LIST *module) { Module *mod; CK_RV rv = CKR_OK; @@ -1230,13 +2368,13 @@ p11_kit_finalize_module (CK_FUNCTION_LIST_PTR module) p11_message_clear (); - mod = gl.modules ? p11_dict_get (gl.modules, module) : NULL; + mod = gl.unmanaged_by_funcs ? p11_dict_get (gl.unmanaged_by_funcs, module) : NULL; if (mod == NULL) { p11_debug ("module not found"); rv = CKR_ARGUMENTS_BAD; } else { /* WARNING: Rentrancy can occur here */ - rv = finalize_module_unlocked_reentrant (mod); + rv = finalize_module_inlock_reentrant (mod); } _p11_kit_default_message (rv); @@ -1248,6 +2386,130 @@ p11_kit_finalize_module (CK_FUNCTION_LIST_PTR module) } /** + * p11_kit_module_initialize: + * @module: the module to initialize + * + * Initialize a PKCS\#11 module by calling its <literal>C_Initialize</literal> + * function. + * + * For managed modules the <literal>C_Initialize</literal> function + * is overridden so that multiple callers can initialize the same + * modules. In addition for managed modules multiple callers can + * initialize from different threads, and still guarantee consistent + * thread-safe behavior. + * + * For unmanaged modules if multiple callers try to initialize + * a module, then one of the calls will return + * <literal>CKR_CRYPTOKI_ALREADY_INITIALIZED</literal> according to the + * PKCS\#11 specification. In addition there are no guarantees that + * thread-safe behavior will occur if multiple callers initialize from + * different threads. + * + * This function does not accept a <code>CK_C_INITIALIZE_ARGS</code> argument. + * Custom initialization arguments cannot be supported when multiple consumers + * load the same module. + * + * Returns: <literal>CKR_OK</literal> or a failure code + */ +CK_RV +p11_kit_module_initialize (CK_FUNCTION_LIST *module) +{ + char *name; + CK_RV rv; + + return_val_if_fail (module != NULL, CKR_ARGUMENTS_BAD); + + rv = module->C_Initialize (NULL); + if (rv != CKR_OK) { + name = p11_kit_module_get_name (module); + p11_message ("%s: module failed to initialize: %s", + name ? name : "(unknown)", p11_kit_strerror (rv)); + free (name); + } + + return rv; +} + +/** + * p11_kit_module_finalize: + * @module: the module to finalize + * + * Finalize a PKCS\#11 module by calling its <literal>C_Finalize</literal> + * function. + * + * For managed modules the <literal>C_Finalize</literal> function + * is overridden so that multiple callers can finalize the same + * modules. In addition for managed modules multiple callers can + * finalize from different threads, and still guarantee consistent + * thread-safe behavior. + * + * For unmanaged modules if multiple callers try to finalize + * a module, then one of the calls will return + * <literal>CKR_CRYPTOKI_NOT_INITIALIZED</literal> according to the + * PKCS\#11 specification. In addition there are no guarantees that + * thread-safe behavior will occur if multiple callers finalize from + * different threads. + * + * Returns: <literal>CKR_OK</literal> or a failure code + */ +CK_RV +p11_kit_module_finalize (CK_FUNCTION_LIST *module) +{ + char *name; + CK_RV rv; + + return_val_if_fail (module != NULL, CKR_ARGUMENTS_BAD); + + rv = module->C_Finalize (NULL); + if (rv != CKR_OK) { + name = p11_kit_module_get_name (module); + p11_message ("%s: module failed to finalize: %s", + name ? name : "(unknown)", p11_kit_strerror (rv)); + free (name); + } + + return rv; + +} + + +/** + * p11_kit_module_release: + * @module: the module to release + * + * Release the a loaded PKCS\#11 modules. + * + * The module may be either managed or unmanaged. The <literal>C_Finalize</literal> + * function will be called if no other callers are using this module. + */ +void +p11_kit_module_release (CK_FUNCTION_LIST *module) +{ + return_if_fail (module != NULL); + + p11_library_init_once (); + + /* WARNING: This function must be reentrant for the same arguments */ + p11_debug ("in"); + + p11_lock (); + + p11_message_clear (); + + release_module_inlock_rentrant (module, __PRETTY_FUNCTION__); + + p11_unlock (); + + p11_debug ("out"); +} + +CK_RV +p11_module_release_inlock_reentrant (CK_FUNCTION_LIST *module) +{ + return release_module_inlock_rentrant (module, __PRETTY_FUNCTION__); +} + +/** * p11_kit_load_initialize_module: * @module_path: full file path of module library * @module: location to place loaded module pointer @@ -1278,6 +2540,8 @@ p11_kit_finalize_module (CK_FUNCTION_LIST_PTR module) * If this function fails, then an error message will be available via the * p11_kit_message() function. * + * Deprecated: Since 0.19.0: Use p11_kit_module_load() instead. + * * Returns: CKR_OK if the initialization was successful. */ CK_RV @@ -1302,16 +2566,18 @@ p11_kit_load_initialize_module (const char *module_path, rv = init_globals_unlocked (); if (rv == CKR_OK) { - rv = load_module_from_file_unlocked (module_path, &mod); + rv = load_module_from_file_inlock (NULL, module_path, &mod); if (rv == CKR_OK) { /* WARNING: Reentrancy can occur here */ - rv = initialize_module_unlocked_reentrant (mod); + rv = initialize_module_inlock_reentrant (mod); } } - if (rv == CKR_OK && module) - *module = mod->funcs; + if (rv == CKR_OK && module) { + *module = unmanaged_for_module_inlock (mod); + assert (*module != NULL); + } /* * If initialization failed, we may need to cleanup. diff --git a/p11-kit/modules.h b/p11-kit/modules.h new file mode 100644 index 0000000..ca8dac3 --- /dev/null +++ b/p11-kit/modules.h @@ -0,0 +1,51 @@ +/* + * Copyright (c) 2013 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#ifndef __P11_MODULES_H__ +#define __P11_MODULES_H__ + +#include "pkcs11.h" + +CK_RV p11_modules_load_inlock_reentrant (int flags, + CK_FUNCTION_LIST_PTR **results); + +CK_RV p11_modules_release_inlock_reentrant (CK_FUNCTION_LIST_PTR *modules); + +CK_RV p11_module_load_inlock_reentrant (CK_FUNCTION_LIST_PTR module, + int flags, + CK_FUNCTION_LIST_PTR *result); + +CK_RV p11_module_release_inlock_reentrant (CK_FUNCTION_LIST_PTR module); + +#endif /* __P11_MODULES_H__ */ diff --git a/p11-kit/p11-kit.h b/p11-kit/p11-kit.h index f83cbd0..a07bf40 100644 --- a/p11-kit/p11-kit.h +++ b/p11-kit/p11-kit.h @@ -44,54 +44,75 @@ #ifdef CRYPTOKI_GNU typedef ck_rv_t CK_RV; typedef struct ck_function_list* CK_FUNCTION_LIST_PTR; +typedef struct ck_function_list CK_FUNCTION_LIST; #endif +#include "p11-kit/deprecated.h" + #ifdef __cplusplus extern "C" { #endif -CK_RV p11_kit_initialize_registered (void); +enum { + P11_KIT_MODULE_UNMANAGED = 1 << 0, + P11_KIT_MODULE_CRITICAL = 1 << 1, +}; -CK_RV p11_kit_finalize_registered (void); +typedef void (* p11_kit_destroyer) (void *data); -CK_FUNCTION_LIST_PTR* p11_kit_registered_modules (void); +CK_FUNCTION_LIST ** p11_kit_modules_load (const char *reserved, + int flags); -char* p11_kit_registered_module_to_name (CK_FUNCTION_LIST_PTR module); +CK_RV p11_kit_modules_initialize (CK_FUNCTION_LIST **modules, + p11_kit_destroyer failure_callback); -CK_FUNCTION_LIST_PTR p11_kit_registered_name_to_module (const char *name); +CK_FUNCTION_LIST ** p11_kit_modules_load_and_initialize (int flags); -char* p11_kit_registered_option (CK_FUNCTION_LIST_PTR module, - const char *field); +CK_RV p11_kit_modules_finalize (CK_FUNCTION_LIST **modules); -CK_RV p11_kit_initialize_module (CK_FUNCTION_LIST_PTR module); +void p11_kit_modules_release (CK_FUNCTION_LIST **modules); -CK_RV p11_kit_finalize_module (CK_FUNCTION_LIST_PTR module); +void p11_kit_modules_finalize_and_release (CK_FUNCTION_LIST **modules); -CK_RV p11_kit_load_initialize_module (const char *module_path, - CK_FUNCTION_LIST_PTR *module); +CK_FUNCTION_LIST * p11_kit_module_for_name (CK_FUNCTION_LIST **modules, + const char *name); -const char* p11_kit_strerror (CK_RV rv); +char * p11_kit_module_get_name (CK_FUNCTION_LIST *module); -size_t p11_kit_space_strlen (const unsigned char *string, - size_t max_length); +int p11_kit_module_get_flags (CK_FUNCTION_LIST *module); -char* p11_kit_space_strdup (const unsigned char *string, - size_t max_length); +CK_FUNCTION_LIST * p11_kit_module_load (const char *module_path, + int flags); -#ifdef P11_KIT_FUTURE_UNSTABLE_API +CK_RV p11_kit_module_initialize (CK_FUNCTION_LIST *module); + +CK_RV p11_kit_module_finalize (CK_FUNCTION_LIST *module); -void p11_kit_set_progname (const char *progname); +void p11_kit_module_release (CK_FUNCTION_LIST *module); -void p11_kit_be_quiet (void); +char * p11_kit_config_option (CK_FUNCTION_LIST *module, + const char *option); -void p11_kit_be_loud (void); +const char* p11_kit_strerror (CK_RV rv); -const char* p11_kit_message (void); +size_t p11_kit_space_strlen (const unsigned char *string, + size_t max_length); -typedef void (* p11_kit_destroyer) (void *data); +char* p11_kit_space_strdup (const unsigned char *string, + size_t max_length); + +#ifdef P11_KIT_FUTURE_UNSTABLE_API + +void p11_kit_set_progname (const char *progname); + +void p11_kit_be_quiet (void); + +void p11_kit_be_loud (void); #endif +const char * p11_kit_message (void); + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/p11-kit/private.h b/p11-kit/private.h index f862975..0fa221b 100644 --- a/p11-kit/private.h +++ b/p11-kit/private.h @@ -38,16 +38,6 @@ #include "compat.h" #include "pkcs11.h" -extern CK_FUNCTION_LIST _p11_proxy_function_list; - -CK_FUNCTION_LIST_PTR_PTR _p11_kit_registered_modules_unlocked (void); - -CK_RV _p11_kit_initialize_registered_unlocked_reentrant (void); - -CK_RV _p11_kit_finalize_registered_unlocked_reentrant (void); - -void _p11_kit_proxy_after_fork (void); - CK_RV _p11_load_config_files_unlocked (const char *system_conf, const char *user_conf, int *user_mode); diff --git a/p11-kit/proxy.c b/p11-kit/proxy.c index 1908d34..36a43a1 100644 --- a/p11-kit/proxy.c +++ b/p11-kit/proxy.c @@ -35,15 +35,21 @@ #include "config.h" +#include "compat.h" #define P11_DEBUG_FLAG P11_DEBUG_PROXY +#define CRYPTOKI_EXPORTS + #include "debug.h" #include "dict.h" #include "library.h" #include "message.h" -#define CRYPTOKI_EXPORTS +#include "modules.h" #include "pkcs11.h" +#include "pkcs11x.h" #include "p11-kit.h" #include "private.h" +#include "proxy.h" +#include "virtual.h" #include <sys/types.h> #include <assert.h> @@ -70,17 +76,24 @@ typedef struct _Session { CK_SLOT_ID wrap_slot; } Session; -/* - * Shared data between threads, protected by the mutex, a structure so - * we can audit thread safety easier. - */ -static struct _Shared { +typedef struct { + int refs; Mapping *mappings; unsigned int n_mappings; - int mappings_refs; p11_dict *sessions; + CK_FUNCTION_LIST **modules; +} Proxy; + +typedef struct _State { + p11_virtual virt; + struct _State *next; + CK_FUNCTION_LIST *wrapped; CK_ULONG last_handle; -} gl = { NULL, 0, 0, NULL, FIRST_HANDLE }; + Proxy *px; +} State; + +static State *all_instances = NULL; +static State global = { { { { -1, -1 }, NULL, }, }, NULL, NULL, FIRST_HANDLE, NULL }; #define MANUFACTURER_ID "PKCS#11 Kit " #define LIBRARY_DESCRIPTION "PKCS#11 Kit Proxy Module " @@ -92,36 +105,42 @@ static struct _Shared { */ static CK_RV -map_slot_unlocked (CK_SLOT_ID slot, Mapping *mapping) +map_slot_unlocked (Proxy *px, + CK_SLOT_ID slot, + Mapping *mapping) { - assert (mapping); + assert (px != NULL); + assert (mapping != NULL); if (slot < MAPPING_OFFSET) return CKR_SLOT_ID_INVALID; slot -= MAPPING_OFFSET; - if (slot > gl.n_mappings) { + if (slot > px->n_mappings) { return CKR_SLOT_ID_INVALID; } else { - assert (gl.mappings); - memcpy (mapping, &gl.mappings[slot], sizeof (Mapping)); + assert (px->mappings); + memcpy (mapping, &px->mappings[slot], sizeof (Mapping)); return CKR_OK; } } static CK_RV -map_slot_to_real (CK_SLOT_ID_PTR slot, Mapping *mapping) +map_slot_to_real (Proxy *px, + CK_SLOT_ID_PTR slot, + Mapping *mapping) { CK_RV rv; - assert (mapping); + assert (px != NULL); + assert (mapping != NULL); p11_lock (); - if (!gl.mappings) + if (!px) rv = CKR_CRYPTOKI_NOT_INITIALIZED; else - rv = map_slot_unlocked (*slot, mapping); + rv = map_slot_unlocked (px, *slot, mapping); if (rv == CKR_OK) *slot = mapping->real_slot; @@ -131,24 +150,28 @@ map_slot_to_real (CK_SLOT_ID_PTR slot, Mapping *mapping) } static CK_RV -map_session_to_real (CK_SESSION_HANDLE_PTR handle, Mapping *mapping, Session *session) +map_session_to_real (Proxy *px, + CK_SESSION_HANDLE_PTR handle, + Mapping *mapping, + Session *session) { CK_RV rv = CKR_OK; Session *sess; - assert (handle); - assert (mapping); + assert (px != NULL); + assert (handle != NULL); + assert (mapping != NULL); p11_lock (); - if (!gl.sessions) { + if (!px) { rv = CKR_CRYPTOKI_NOT_INITIALIZED; } else { - assert (gl.sessions); - sess = p11_dict_get (gl.sessions, handle); + assert (px->sessions); + sess = p11_dict_get (px->sessions, handle); if (sess != NULL) { *handle = sess->real_session; - rv = map_slot_unlocked (sess->wrap_slot, mapping); + rv = map_slot_unlocked (px, sess->wrap_slot, mapping); if (session != NULL) memcpy (session, sess, sizeof (Session)); } else { @@ -162,45 +185,57 @@ map_session_to_real (CK_SESSION_HANDLE_PTR handle, Mapping *mapping, Session *se } static void -finalize_mappings_unlocked (void) +proxy_free (Proxy *py) { - assert (gl.mappings_refs); - - if (--gl.mappings_refs) - return; - - /* No more mappings */ - free (gl.mappings); - gl.mappings = NULL; - gl.n_mappings = 0; - - /* no more sessions */ - p11_dict_free (gl.sessions); - gl.sessions = NULL; + if (py) { + p11_kit_modules_finalize_and_release (py->modules); + p11_dict_free (py->sessions); + free (py->mappings); + free (py); + } } void -_p11_kit_proxy_after_fork (void) +p11_proxy_after_fork (void) { + p11_array *array; + State *state; + unsigned int i; + /* * After a fork the callers are supposed to call C_Initialize and all. * In addition the underlying libraries may change their state so free * up any mappings and all */ + array = p11_array_new (NULL); + p11_lock (); - gl.mappings_refs = 1; - finalize_mappings_unlocked (); - assert (!gl.mappings); + if (global.px) + p11_array_push (array, global.px); + global.px = NULL; + + for (state = all_instances; state != NULL; state = state->next) { + if (state->px) + p11_array_push (array, state->px); + state->px = NULL; + } p11_unlock (); + + for (i = 0; i < array->num; i++) + proxy_free (array->elem[i]); + p11_array_free (array); } static CK_RV -proxy_C_Finalize (CK_VOID_PTR reserved) +proxy_C_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR reserved) { - CK_RV rv; + Proxy *py = NULL; + State *state = (State *)self; + CK_RV rv = CKR_OK; p11_debug ("in"); @@ -212,17 +247,16 @@ proxy_C_Finalize (CK_VOID_PTR reserved) } else { p11_lock (); - /* WARNING: Reentrancy can occur here */ - rv = _p11_kit_finalize_registered_unlocked_reentrant (); - - /* - * If modules are all gone, then this was the last - * finalize, so cleanup our mappings - */ - if (gl.mappings_refs) - finalize_mappings_unlocked (); + if (!state->px) { + rv = CKR_CRYPTOKI_NOT_INITIALIZED; + } else if (state->px->refs-- == 1) { + py = state->px; + state->px = NULL; + } p11_unlock (); + + proxy_free (py); } p11_debug ("out: %lu", rv); @@ -230,35 +264,50 @@ proxy_C_Finalize (CK_VOID_PTR reserved) } static CK_RV -initialize_mappings_unlocked_reentrant (void) +proxy_create (Proxy **res) { - CK_FUNCTION_LIST_PTR *funcss, *f; + CK_FUNCTION_LIST_PTR *f; CK_FUNCTION_LIST_PTR funcs; - Mapping *mappings = NULL; - int n_mappings = 0; CK_SLOT_ID_PTR slots; CK_ULONG i, count; CK_RV rv = CKR_OK; + Proxy *py; - assert (!gl.mappings); + py = calloc (1, sizeof (Proxy)); + return_val_if_fail (py != NULL, CKR_HOST_MEMORY); - funcss = _p11_kit_registered_modules_unlocked (); - for (f = funcss; *f; ++f) { - funcs = *f; + p11_lock (); - assert (funcs); - slots = NULL; + /* WARNING: Reentrancy can occur here */ + rv = p11_modules_load_inlock_reentrant (0, &py->modules); - p11_unlock (); + p11_unlock (); - /* Ask module for its slots */ - rv = (funcs->C_GetSlotList) (FALSE, NULL, &count); - if (rv == CKR_OK && count) { - slots = calloc (sizeof (CK_SLOT_ID), count); - rv = (funcs->C_GetSlotList) (FALSE, slots, &count); - } + if (rv != CKR_OK) { + proxy_free (py); + free (py); + return rv; + } - p11_lock (); + rv = p11_kit_modules_initialize (py->modules, (p11_destroyer)p11_kit_module_release); + if (rv != CKR_OK) { + p11_kit_modules_release (py->modules); + free (py); + return rv; + } + + for (f = py->modules; *f; ++f) { + funcs = *f; + + assert (funcs != NULL); + slots = NULL; + + /* Ask module for its slots */ + rv = (funcs->C_GetSlotList) (FALSE, NULL, &count); + if (rv == CKR_OK && count) { + slots = calloc (sizeof (CK_SLOT_ID), count); + rv = (funcs->C_GetSlotList) (FALSE, slots, &count); + } if (rv != CKR_OK) { free (slots); @@ -267,41 +316,40 @@ initialize_mappings_unlocked_reentrant (void) return_val_if_fail (count == 0 || slots != NULL, CKR_GENERAL_ERROR); - mappings = realloc (mappings, sizeof (Mapping) * (n_mappings + count)); - return_val_if_fail (mappings != NULL, CKR_HOST_MEMORY); + py->mappings = realloc (py->mappings, sizeof (Mapping) * (py->n_mappings + count)); + return_val_if_fail (py->mappings != NULL, CKR_HOST_MEMORY); /* And now add a mapping for each of those slots */ for (i = 0; i < count; ++i) { - mappings[n_mappings].funcs = funcs; - mappings[n_mappings].wrap_slot = n_mappings + MAPPING_OFFSET; - mappings[n_mappings].real_slot = slots[i]; - ++n_mappings; + py->mappings[py->n_mappings].funcs = funcs; + py->mappings[py->n_mappings].wrap_slot = py->n_mappings + MAPPING_OFFSET; + py->mappings[py->n_mappings].real_slot = slots[i]; + ++py->n_mappings; } free (slots); } - free (funcss); - - /* Another thread raced us here due to above reentrancy */ - if (gl.mappings) { - free (mappings); - return CKR_OK; + if (rv != CKR_OK) { + proxy_free (py); + return rv; } - assert (!gl.sessions); - gl.mappings = mappings; - gl.n_mappings = n_mappings; - gl.sessions = p11_dict_new (p11_dict_ulongptr_hash, p11_dict_ulongptr_equal, NULL, free); - ++gl.mappings_refs; + py->sessions = p11_dict_new (p11_dict_ulongptr_hash, p11_dict_ulongptr_equal, NULL, free); + return_val_if_fail (py->sessions != NULL, CKR_HOST_MEMORY); + py->refs = 1; - /* Any cleanup necessary for failure will happen at caller */ - return rv; + *res = py; + return CKR_OK; } static CK_RV -proxy_C_Initialize (CK_VOID_PTR init_args) +proxy_C_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR init_args) { + State *state = (State *)self; + bool initialize = false; + Proxy *py; CK_RV rv; p11_library_init_once (); @@ -312,27 +360,43 @@ proxy_C_Initialize (CK_VOID_PTR init_args) p11_lock (); - /* WARNING: Reentrancy can occur here */ - rv = _p11_kit_initialize_registered_unlocked_reentrant (); - - /* WARNING: Reentrancy can occur here */ - if (rv == CKR_OK && gl.mappings_refs == 0) - rv = initialize_mappings_unlocked_reentrant (); + if (state->px == NULL) + initialize = true; + else + state->px->refs++; p11_unlock (); - p11_debug ("here"); + if (!initialize) { + p11_debug ("out: already: %lu", CKR_OK); + return CKR_OK; + } - if (rv != CKR_OK) - proxy_C_Finalize (NULL); + rv = proxy_create (&py); + if (rv != CKR_OK) { + p11_debug ("out: %lu", rv); + return rv; + } - p11_debug ("out: %lu", rv); + p11_lock (); + + if (state->px == NULL) { + state->px = py; + py = NULL; + } + + p11_unlock (); + + proxy_free (py); + p11_debug ("out: 0"); return rv; } static CK_RV -proxy_C_GetInfo (CK_INFO_PTR info) +proxy_C_GetInfo (CK_X_FUNCTION_LIST *self, + CK_INFO_PTR info) { + State *state = (State *)self; CK_RV rv = CKR_OK; p11_library_init_once (); @@ -341,7 +405,7 @@ proxy_C_GetInfo (CK_INFO_PTR info) p11_lock (); - if (!gl.mappings) + if (!state->px) rv = CKR_CRYPTOKI_NOT_INITIALIZED; p11_unlock (); @@ -349,6 +413,7 @@ proxy_C_GetInfo (CK_INFO_PTR info) if (rv != CKR_OK) return rv; + memset (info, 0, sizeof (CK_INFO)); info->cryptokiVersion.major = CRYPTOKI_VERSION_MAJOR; info->cryptokiVersion.minor = CRYPTOKI_VERSION_MINOR; info->libraryVersion.major = LIBRARY_VERSION_MAJOR; @@ -360,19 +425,12 @@ proxy_C_GetInfo (CK_INFO_PTR info) } static CK_RV -proxy_C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) -{ - /* Can be called before C_Initialize */ - - return_val_if_fail (list != NULL, CKR_ARGUMENTS_BAD); - *list = &_p11_proxy_function_list; - return CKR_OK; -} - -static CK_RV -proxy_C_GetSlotList (CK_BBOOL token_present, CK_SLOT_ID_PTR slot_list, - CK_ULONG_PTR count) +proxy_C_GetSlotList (CK_X_FUNCTION_LIST *self, + CK_BBOOL token_present, + CK_SLOT_ID_PTR slot_list, + CK_ULONG_PTR count) { + State *state = (State *)self; CK_SLOT_INFO info; Mapping *mapping; CK_ULONG index; @@ -383,14 +441,14 @@ proxy_C_GetSlotList (CK_BBOOL token_present, CK_SLOT_ID_PTR slot_list, p11_lock (); - if (!gl.mappings) { + if (!state->px) { rv = CKR_CRYPTOKI_NOT_INITIALIZED; } else { index = 0; /* Go through and build up a map */ - for (i = 0; i < gl.n_mappings; ++i) { - mapping = &gl.mappings[i]; + for (i = 0; i < state->px->n_mappings; ++i) { + mapping = &state->px->mappings[i]; /* Skip ones without a token if requested */ if (token_present) { @@ -420,84 +478,109 @@ proxy_C_GetSlotList (CK_BBOOL token_present, CK_SLOT_ID_PTR slot_list, } static CK_RV -proxy_C_GetSlotInfo (CK_SLOT_ID id, CK_SLOT_INFO_PTR info) +proxy_C_GetSlotInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_SLOT_INFO_PTR info) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_slot_to_real (&id, &map); + rv = map_slot_to_real (state->px, &id, &map); if (rv != CKR_OK) return rv; return (map.funcs->C_GetSlotInfo) (id, info); } static CK_RV -proxy_C_GetTokenInfo (CK_SLOT_ID id, CK_TOKEN_INFO_PTR info) +proxy_C_GetTokenInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_TOKEN_INFO_PTR info) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_slot_to_real (&id, &map); + rv = map_slot_to_real (state->px, &id, &map); if (rv != CKR_OK) return rv; return (map.funcs->C_GetTokenInfo) (id, info); } static CK_RV -proxy_C_GetMechanismList (CK_SLOT_ID id, CK_MECHANISM_TYPE_PTR mechanism_list, +proxy_C_GetMechanismList (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_MECHANISM_TYPE_PTR mechanism_list, CK_ULONG_PTR count) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_slot_to_real (&id, &map); + rv = map_slot_to_real (state->px, &id, &map); if (rv != CKR_OK) return rv; return (map.funcs->C_GetMechanismList) (id, mechanism_list, count); } static CK_RV -proxy_C_GetMechanismInfo (CK_SLOT_ID id, CK_MECHANISM_TYPE type, +proxy_C_GetMechanismInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_MECHANISM_TYPE type, CK_MECHANISM_INFO_PTR info) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_slot_to_real (&id, &map); + rv = map_slot_to_real (state->px, &id, &map); if (rv != CKR_OK) return rv; return (map.funcs->C_GetMechanismInfo) (id, type, info); } static CK_RV -proxy_C_InitToken (CK_SLOT_ID id, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len, CK_UTF8CHAR_PTR label) +proxy_C_InitToken (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len, + CK_UTF8CHAR_PTR label) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_slot_to_real (&id, &map); + rv = map_slot_to_real (state->px, &id, &map); if (rv != CKR_OK) return rv; return (map.funcs->C_InitToken) (id, pin, pin_len, label); } static CK_RV -proxy_C_WaitForSlotEvent (CK_FLAGS flags, CK_SLOT_ID_PTR slot, CK_VOID_PTR reserved) +proxy_C_WaitForSlotEvent (CK_X_FUNCTION_LIST *self, + CK_FLAGS flags, + CK_SLOT_ID_PTR slot, + CK_VOID_PTR reserved) { return CKR_FUNCTION_NOT_SUPPORTED; } static CK_RV -proxy_C_OpenSession (CK_SLOT_ID id, CK_FLAGS flags, CK_VOID_PTR user_data, - CK_NOTIFY callback, CK_SESSION_HANDLE_PTR handle) +proxy_C_OpenSession (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id, + CK_FLAGS flags, + CK_VOID_PTR user_data, + CK_NOTIFY callback, + CK_SESSION_HANDLE_PTR handle) { + State *state = (State *)self; Session *sess; Mapping map; CK_RV rv; return_val_if_fail (handle != NULL, CKR_ARGUMENTS_BAD); - rv = map_slot_to_real (&id, &map); + rv = map_slot_to_real (state->px, &id, &map); if (rv != CKR_OK) return rv; @@ -506,7 +589,7 @@ proxy_C_OpenSession (CK_SLOT_ID id, CK_FLAGS flags, CK_VOID_PTR user_data, if (rv == CKR_OK) { p11_lock (); - if (!gl.sessions) { + if (!state->px) { /* * The underlying module should have returned an error, so this * code should never be reached with properly behaving modules. @@ -519,8 +602,8 @@ proxy_C_OpenSession (CK_SLOT_ID id, CK_FLAGS flags, CK_VOID_PTR user_data, sess = calloc (1, sizeof (Session)); sess->wrap_slot = map.wrap_slot; sess->real_session = *handle; - sess->wrap_session = ++gl.last_handle; /* TODO: Handle wrapping, and then collisions */ - p11_dict_set (gl.sessions, &sess->wrap_session, sess); + sess->wrap_session = ++state->last_handle; /* TODO: Handle wrapping, and then collisions */ + p11_dict_set (state->px->sessions, &sess->wrap_session, sess); *handle = sess->wrap_session; } @@ -531,14 +614,16 @@ proxy_C_OpenSession (CK_SLOT_ID id, CK_FLAGS flags, CK_VOID_PTR user_data, } static CK_RV -proxy_C_CloseSession (CK_SESSION_HANDLE handle) +proxy_C_CloseSession (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle) { + State *state = (State *)self; CK_SESSION_HANDLE key; Mapping map; CK_RV rv; key = handle; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; rv = (map.funcs->C_CloseSession) (handle); @@ -546,8 +631,8 @@ proxy_C_CloseSession (CK_SESSION_HANDLE handle) if (rv == CKR_OK) { p11_lock (); - if (gl.sessions) - p11_dict_remove (gl.sessions, &key); + if (state->px) + p11_dict_remove (state->px->sessions, &key); p11_unlock (); } @@ -556,8 +641,10 @@ proxy_C_CloseSession (CK_SESSION_HANDLE handle) } static CK_RV -proxy_C_CloseAllSessions (CK_SLOT_ID id) +proxy_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID id) { + State *state = (State *)self; CK_SESSION_HANDLE_PTR to_close; CK_RV rv = CKR_OK; Session *sess; @@ -566,14 +653,15 @@ proxy_C_CloseAllSessions (CK_SLOT_ID id) p11_lock (); - if (!gl.sessions) { + if (!state->px) { rv = CKR_CRYPTOKI_NOT_INITIALIZED; } else { - to_close = calloc (sizeof (CK_SESSION_HANDLE), p11_dict_size (gl.sessions)); + assert (state->px->sessions != NULL); + to_close = calloc (sizeof (CK_SESSION_HANDLE), p11_dict_size (state->px->sessions)); if (!to_close) { rv = CKR_HOST_MEMORY; } else { - p11_dict_iterate (gl.sessions, &iter); + p11_dict_iterate (state->px->sessions, &iter); count = 0; while (p11_dict_next (&iter, NULL, (void**)&sess)) { if (sess->wrap_slot == id && to_close) @@ -588,46 +676,53 @@ proxy_C_CloseAllSessions (CK_SLOT_ID id) return rv; for (i = 0; i < count; ++i) - proxy_C_CloseSession (to_close[i]); + proxy_C_CloseSession (self, to_close[i]); free (to_close); return CKR_OK; } static CK_RV -proxy_C_GetFunctionStatus (CK_SESSION_HANDLE handle) +proxy_C_GetFunctionStatus (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_GetFunctionStatus) (handle); } static CK_RV -proxy_C_CancelFunction (CK_SESSION_HANDLE handle) +proxy_C_CancelFunction (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_CancelFunction) (handle); } static CK_RV -proxy_C_GetSessionInfo (CK_SESSION_HANDLE handle, CK_SESSION_INFO_PTR info) +proxy_C_GetSessionInfo (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_SESSION_INFO_PTR info) { + State *state = (State *)self; Mapping map; CK_RV rv; if (info == NULL) return CKR_ARGUMENTS_BAD; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; @@ -639,12 +734,16 @@ proxy_C_GetSessionInfo (CK_SESSION_HANDLE handle, CK_SESSION_INFO_PTR info) } static CK_RV -proxy_C_InitPIN (CK_SESSION_HANDLE handle, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len) +proxy_C_InitPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; @@ -652,13 +751,18 @@ proxy_C_InitPIN (CK_SESSION_HANDLE handle, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len } static CK_RV -proxy_C_SetPIN (CK_SESSION_HANDLE handle, CK_UTF8CHAR_PTR old_pin, CK_ULONG old_pin_len, - CK_UTF8CHAR_PTR new_pin, CK_ULONG new_pin_len) +proxy_C_SetPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_UTF8CHAR_PTR old_pin, + CK_ULONG old_pin_len, + CK_UTF8CHAR_PTR new_pin, + CK_ULONG new_pin_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; @@ -666,39 +770,51 @@ proxy_C_SetPIN (CK_SESSION_HANDLE handle, CK_UTF8CHAR_PTR old_pin, CK_ULONG old_ } static CK_RV -proxy_C_GetOperationState (CK_SESSION_HANDLE handle, CK_BYTE_PTR operation_state, CK_ULONG_PTR operation_state_len) +proxy_C_GetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR operation_state, + CK_ULONG_PTR operation_state_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_GetOperationState) (handle, operation_state, operation_state_len); } static CK_RV -proxy_C_SetOperationState (CK_SESSION_HANDLE handle, CK_BYTE_PTR operation_state, - CK_ULONG operation_state_len, CK_OBJECT_HANDLE encryption_key, +proxy_C_SetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR operation_state, + CK_ULONG operation_state_len, + CK_OBJECT_HANDLE encryption_key, CK_OBJECT_HANDLE authentication_key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SetOperationState) (handle, operation_state, operation_state_len, encryption_key, authentication_key); } static CK_RV -proxy_C_Login (CK_SESSION_HANDLE handle, CK_USER_TYPE user_type, - CK_UTF8CHAR_PTR pin, CK_ULONG pin_len) +proxy_C_Login (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_USER_TYPE user_type, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; @@ -706,25 +822,31 @@ proxy_C_Login (CK_SESSION_HANDLE handle, CK_USER_TYPE user_type, } static CK_RV -proxy_C_Logout (CK_SESSION_HANDLE handle) +proxy_C_Logout (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_Logout) (handle); } static CK_RV -proxy_C_CreateObject (CK_SESSION_HANDLE handle, CK_ATTRIBUTE_PTR template, - CK_ULONG count, CK_OBJECT_HANDLE_PTR new_object) +proxy_C_CreateObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; @@ -732,592 +854,1447 @@ proxy_C_CreateObject (CK_SESSION_HANDLE handle, CK_ATTRIBUTE_PTR template, } static CK_RV -proxy_C_CopyObject (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE object, - CK_ATTRIBUTE_PTR template, CK_ULONG count, +proxy_C_CopyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, CK_OBJECT_HANDLE_PTR new_object) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_CopyObject) (handle, object, template, count, new_object); } static CK_RV -proxy_C_DestroyObject (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE object) +proxy_C_DestroyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DestroyObject) (handle, object); } static CK_RV -proxy_C_GetObjectSize (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE object, +proxy_C_GetObjectSize (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, CK_ULONG_PTR size) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_GetObjectSize) (handle, object, size); } static CK_RV -proxy_C_GetAttributeValue (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE object, - CK_ATTRIBUTE_PTR template, CK_ULONG count) +proxy_C_GetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_GetAttributeValue) (handle, object, template, count); } static CK_RV -proxy_C_SetAttributeValue (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE object, - CK_ATTRIBUTE_PTR template, CK_ULONG count) +proxy_C_SetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SetAttributeValue) (handle, object, template, count); } static CK_RV -proxy_C_FindObjectsInit (CK_SESSION_HANDLE handle, CK_ATTRIBUTE_PTR template, +proxy_C_FindObjectsInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_ATTRIBUTE_PTR template, CK_ULONG count) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_FindObjectsInit) (handle, template, count); } static CK_RV -proxy_C_FindObjects (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE_PTR objects, - CK_ULONG max_count, CK_ULONG_PTR count) +proxy_C_FindObjects (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE_PTR objects, + CK_ULONG max_count, + CK_ULONG_PTR count) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_FindObjects) (handle, objects, max_count, count); } static CK_RV -proxy_C_FindObjectsFinal (CK_SESSION_HANDLE handle) +proxy_C_FindObjectsFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_FindObjectsFinal) (handle); } static CK_RV -proxy_C_EncryptInit (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, +proxy_C_EncryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_EncryptInit) (handle, mechanism, key); } static CK_RV -proxy_C_Encrypt (CK_SESSION_HANDLE handle, CK_BYTE_PTR data, CK_ULONG data_len, - CK_BYTE_PTR encrypted_data, CK_ULONG_PTR encrypted_data_len) +proxy_C_Encrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR encrypted_data, + CK_ULONG_PTR encrypted_data_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; - return (map.funcs->C_Encrypt) (handle, data, data_len, encrypted_data, encrypted_data_len); + return (map.funcs->C_Encrypt) (handle, input, input_len, encrypted_data, encrypted_data_len); } static CK_RV -proxy_C_EncryptUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR part, - CK_ULONG part_len, CK_BYTE_PTR encrypted_part, +proxy_C_EncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, CK_ULONG_PTR encrypted_part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_EncryptUpdate) (handle, part, part_len, encrypted_part, encrypted_part_len); } static CK_RV -proxy_C_EncryptFinal (CK_SESSION_HANDLE handle, CK_BYTE_PTR last_part, +proxy_C_EncryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR last_part, CK_ULONG_PTR last_part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_EncryptFinal) (handle, last_part, last_part_len); } static CK_RV -proxy_C_DecryptInit (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, +proxy_C_DecryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DecryptInit) (handle, mechanism, key); } static CK_RV -proxy_C_Decrypt (CK_SESSION_HANDLE handle, CK_BYTE_PTR enc_data, - CK_ULONG enc_data_len, CK_BYTE_PTR data, CK_ULONG_PTR data_len) +proxy_C_Decrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_data, + CK_ULONG enc_data_len, + CK_BYTE_PTR output, + CK_ULONG_PTR output_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; - return (map.funcs->C_Decrypt) (handle, enc_data, enc_data_len, data, data_len); + return (map.funcs->C_Decrypt) (handle, enc_data, enc_data_len, output, output_len); } static CK_RV -proxy_C_DecryptUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR enc_part, - CK_ULONG enc_part_len, CK_BYTE_PTR part, CK_ULONG_PTR part_len) +proxy_C_DecryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DecryptUpdate) (handle, enc_part, enc_part_len, part, part_len); } static CK_RV -proxy_C_DecryptFinal (CK_SESSION_HANDLE handle, CK_BYTE_PTR last_part, +proxy_C_DecryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR last_part, CK_ULONG_PTR last_part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DecryptFinal) (handle, last_part, last_part_len); } static CK_RV -proxy_C_DigestInit (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism) +proxy_C_DigestInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DigestInit) (handle, mechanism); } static CK_RV -proxy_C_Digest (CK_SESSION_HANDLE handle, CK_BYTE_PTR data, CK_ULONG data_len, - CK_BYTE_PTR digest, CK_ULONG_PTR digest_len) +proxy_C_Digest (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; - return (map.funcs->C_Digest) (handle, data, data_len, digest, digest_len); + return (map.funcs->C_Digest) (handle, input, input_len, digest, digest_len); } static CK_RV -proxy_C_DigestUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR part, CK_ULONG part_len) +proxy_C_DigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DigestUpdate) (handle, part, part_len); } static CK_RV -proxy_C_DigestKey (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE key) +proxy_C_DigestKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DigestKey) (handle, key); } static CK_RV -proxy_C_DigestFinal (CK_SESSION_HANDLE handle, CK_BYTE_PTR digest, +proxy_C_DigestFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR digest, CK_ULONG_PTR digest_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DigestFinal) (handle, digest, digest_len); } static CK_RV -proxy_C_SignInit (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, +proxy_C_SignInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SignInit) (handle, mechanism, key); } static CK_RV -proxy_C_Sign (CK_SESSION_HANDLE handle, CK_BYTE_PTR data, CK_ULONG data_len, - CK_BYTE_PTR signature, CK_ULONG_PTR signature_len) +proxy_C_Sign (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; - return (map.funcs->C_Sign) (handle, data, data_len, signature, signature_len); + return (map.funcs->C_Sign) (handle, input, input_len, signature, signature_len); } static CK_RV -proxy_C_SignUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR part, CK_ULONG part_len) +proxy_C_SignUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SignUpdate) (handle, part, part_len); } static CK_RV -proxy_C_SignFinal (CK_SESSION_HANDLE handle, CK_BYTE_PTR signature, +proxy_C_SignFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR signature, CK_ULONG_PTR signature_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SignFinal) (handle, signature, signature_len); } static CK_RV -proxy_C_SignRecoverInit (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, +proxy_C_SignRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SignRecoverInit) (handle, mechanism, key); } static CK_RV -proxy_C_SignRecover (CK_SESSION_HANDLE handle, CK_BYTE_PTR data, CK_ULONG data_len, - CK_BYTE_PTR signature, CK_ULONG_PTR signature_len) +proxy_C_SignRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; - return (map.funcs->C_SignRecover) (handle, data, data_len, signature, signature_len); + return (map.funcs->C_SignRecover) (handle, input, input_len, signature, signature_len); } static CK_RV -proxy_C_VerifyInit (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, +proxy_C_VerifyInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_VerifyInit) (handle, mechanism, key); } static CK_RV -proxy_C_Verify (CK_SESSION_HANDLE handle, CK_BYTE_PTR data, CK_ULONG data_len, - CK_BYTE_PTR signature, CK_ULONG signature_len) +proxy_C_Verify (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG signature_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; - return (map.funcs->C_Verify) (handle, data, data_len, signature, signature_len); + return (map.funcs->C_Verify) (handle, input, input_len, signature, signature_len); } static CK_RV -proxy_C_VerifyUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR part, CK_ULONG part_len) +proxy_C_VerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_VerifyUpdate) (handle, part, part_len); } static CK_RV -proxy_C_VerifyFinal (CK_SESSION_HANDLE handle, CK_BYTE_PTR signature, +proxy_C_VerifyFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR signature, CK_ULONG signature_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_VerifyFinal) (handle, signature, signature_len); } static CK_RV -proxy_C_VerifyRecoverInit (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, +proxy_C_VerifyRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, CK_OBJECT_HANDLE key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_VerifyRecoverInit) (handle, mechanism, key); } static CK_RV -proxy_C_VerifyRecover (CK_SESSION_HANDLE handle, CK_BYTE_PTR signature, - CK_ULONG signature_len, CK_BYTE_PTR data, CK_ULONG_PTR data_len) +proxy_C_VerifyRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR signature, + CK_ULONG signature_len, + CK_BYTE_PTR output, + CK_ULONG_PTR output_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; - return (map.funcs->C_VerifyRecover) (handle, signature, signature_len, data, data_len); + return (map.funcs->C_VerifyRecover) (handle, signature, signature_len, output, output_len); } static CK_RV -proxy_C_DigestEncryptUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR part, - CK_ULONG part_len, CK_BYTE_PTR enc_part, +proxy_C_DigestEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, CK_ULONG_PTR enc_part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DigestEncryptUpdate) (handle, part, part_len, enc_part, enc_part_len); } static CK_RV -proxy_C_DecryptDigestUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR enc_part, - CK_ULONG enc_part_len, CK_BYTE_PTR part, +proxy_C_DecryptDigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, CK_ULONG_PTR part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DecryptDigestUpdate) (handle, enc_part, enc_part_len, part, part_len); } static CK_RV -proxy_C_SignEncryptUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR part, - CK_ULONG part_len, CK_BYTE_PTR enc_part, +proxy_C_SignEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, CK_ULONG_PTR enc_part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SignEncryptUpdate) (handle, part, part_len, enc_part, enc_part_len); } static CK_RV -proxy_C_DecryptVerifyUpdate (CK_SESSION_HANDLE handle, CK_BYTE_PTR enc_part, - CK_ULONG enc_part_len, CK_BYTE_PTR part, +proxy_C_DecryptVerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, CK_ULONG_PTR part_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DecryptVerifyUpdate) (handle, enc_part, enc_part_len, part, part_len); } static CK_RV -proxy_C_GenerateKey (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, - CK_ATTRIBUTE_PTR template, CK_ULONG count, +proxy_C_GenerateKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, CK_OBJECT_HANDLE_PTR key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_GenerateKey) (handle, mechanism, template, count, key); } static CK_RV -proxy_C_GenerateKeyPair (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, - CK_ATTRIBUTE_PTR pub_template, CK_ULONG pub_count, - CK_ATTRIBUTE_PTR priv_template, CK_ULONG priv_count, - CK_OBJECT_HANDLE_PTR pub_key, CK_OBJECT_HANDLE_PTR priv_key) +proxy_C_GenerateKeyPair (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR pub_template, + CK_ULONG pub_count, + CK_ATTRIBUTE_PTR priv_template, + CK_ULONG priv_count, + CK_OBJECT_HANDLE_PTR pub_key, + CK_OBJECT_HANDLE_PTR priv_key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_GenerateKeyPair) (handle, mechanism, pub_template, pub_count, priv_template, priv_count, pub_key, priv_key); } static CK_RV -proxy_C_WrapKey (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, - CK_OBJECT_HANDLE wrapping_key, CK_OBJECT_HANDLE key, - CK_BYTE_PTR wrapped_key, CK_ULONG_PTR wrapped_key_len) +proxy_C_WrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE wrapping_key, + CK_OBJECT_HANDLE key, + CK_BYTE_PTR wrapped_key, + CK_ULONG_PTR wrapped_key_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_WrapKey) (handle, mechanism, wrapping_key, key, wrapped_key, wrapped_key_len); } static CK_RV -proxy_C_UnwrapKey (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, - CK_OBJECT_HANDLE unwrapping_key, CK_BYTE_PTR wrapped_key, - CK_ULONG wrapped_key_len, CK_ATTRIBUTE_PTR template, - CK_ULONG count, CK_OBJECT_HANDLE_PTR key) +proxy_C_UnwrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE unwrapping_key, + CK_BYTE_PTR wrapped_key, + CK_ULONG wrapped_key_len, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_UnwrapKey) (handle, mechanism, unwrapping_key, wrapped_key, wrapped_key_len, template, count, key); } static CK_RV -proxy_C_DeriveKey (CK_SESSION_HANDLE handle, CK_MECHANISM_PTR mechanism, - CK_OBJECT_HANDLE base_key, CK_ATTRIBUTE_PTR template, - CK_ULONG count, CK_OBJECT_HANDLE_PTR key) +proxy_C_DeriveKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE base_key, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_DeriveKey) (handle, mechanism, base_key, template, count, key); } static CK_RV -proxy_C_SeedRandom (CK_SESSION_HANDLE handle, CK_BYTE_PTR seed, CK_ULONG seed_len) +proxy_C_SeedRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR seed, + CK_ULONG seed_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_SeedRandom) (handle, seed, seed_len); } static CK_RV -proxy_C_GenerateRandom (CK_SESSION_HANDLE handle, CK_BYTE_PTR random_data, - CK_ULONG random_len) +proxy_C_GenerateRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE handle, + CK_BYTE_PTR random_data, + CK_ULONG random_len) { + State *state = (State *)self; Mapping map; CK_RV rv; - rv = map_session_to_real (&handle, &map, NULL); + rv = map_session_to_real (state->px, &handle, &map, NULL); if (rv != CKR_OK) return rv; return (map.funcs->C_GenerateRandom) (handle, random_data, random_len); } /* -------------------------------------------------------------------- + * Global module functions + */ + +static CK_FUNCTION_LIST module_functions; + +static CK_RV +module_C_Initialize (CK_VOID_PTR init_args) +{ + return proxy_C_Initialize (&global.virt.funcs, init_args); +} + +static CK_RV +module_C_Finalize (CK_VOID_PTR reserved) +{ + return proxy_C_Finalize (&global.virt.funcs, reserved); +} + +static CK_RV +module_C_GetInfo (CK_INFO_PTR info) +{ + return proxy_C_GetInfo (&global.virt.funcs, info); +} + +static CK_RV +module_C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) +{ + return_val_if_fail (list != NULL, CKR_ARGUMENTS_BAD); + *list = &module_functions; + return CKR_OK; +} + +static CK_RV +module_C_GetSlotList (CK_BBOOL token_present, + CK_SLOT_ID_PTR slot_list, + CK_ULONG_PTR count) +{ + return proxy_C_GetSlotList (&global.virt.funcs, token_present, slot_list, count); +} + +static CK_RV +module_C_GetSlotInfo (CK_SLOT_ID id, + CK_SLOT_INFO_PTR info) +{ + return proxy_C_GetSlotInfo (&global.virt.funcs, id, info); +} + +static CK_RV +module_C_GetTokenInfo (CK_SLOT_ID id, + CK_TOKEN_INFO_PTR info) +{ + return proxy_C_GetTokenInfo (&global.virt.funcs, id, info); +} + +static CK_RV +module_C_GetMechanismList (CK_SLOT_ID id, + CK_MECHANISM_TYPE_PTR mechanism_list, + CK_ULONG_PTR count) +{ + return proxy_C_GetMechanismList (&global.virt.funcs, id, mechanism_list, count); +} + +static CK_RV +module_C_GetMechanismInfo (CK_SLOT_ID id, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO_PTR info) +{ + return proxy_C_GetMechanismInfo (&global.virt.funcs, id, type, info); +} + +static CK_RV +module_C_InitToken (CK_SLOT_ID id, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len, + CK_UTF8CHAR_PTR label) +{ + return proxy_C_InitToken (&global.virt.funcs, id, pin, pin_len, label); +} + +static CK_RV +module_C_WaitForSlotEvent (CK_FLAGS flags, + CK_SLOT_ID_PTR slot, + CK_VOID_PTR reserved) +{ + return proxy_C_WaitForSlotEvent (&global.virt.funcs, flags, slot, reserved); +} + +static CK_RV +module_C_OpenSession (CK_SLOT_ID id, + CK_FLAGS flags, + CK_VOID_PTR user_data, + CK_NOTIFY callback, + CK_SESSION_HANDLE_PTR handle) +{ + return proxy_C_OpenSession (&global.virt.funcs, id, flags, user_data, callback, + handle); +} + +static CK_RV +module_C_CloseSession (CK_SESSION_HANDLE handle) +{ + return proxy_C_CloseSession (&global.virt.funcs, handle); +} + +static CK_RV +module_C_CloseAllSessions (CK_SLOT_ID id) +{ + return proxy_C_CloseAllSessions (&global.virt.funcs, id); +} + +static CK_RV +module_C_GetFunctionStatus (CK_SESSION_HANDLE handle) +{ + return proxy_C_GetFunctionStatus (&global.virt.funcs, handle); +} + +static CK_RV +module_C_CancelFunction (CK_SESSION_HANDLE handle) +{ + return proxy_C_CancelFunction (&global.virt.funcs, handle); +} + +static CK_RV +module_C_GetSessionInfo (CK_SESSION_HANDLE handle, + CK_SESSION_INFO_PTR info) +{ + return proxy_C_GetSessionInfo (&global.virt.funcs, handle, info); +} + +static CK_RV +module_C_InitPIN (CK_SESSION_HANDLE handle, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + return proxy_C_InitPIN (&global.virt.funcs, handle, pin, pin_len); +} + +static CK_RV +module_C_SetPIN (CK_SESSION_HANDLE handle, + CK_UTF8CHAR_PTR old_pin, + CK_ULONG old_pin_len, + CK_UTF8CHAR_PTR new_pin, + CK_ULONG new_pin_len) +{ + return proxy_C_SetPIN (&global.virt.funcs, handle, old_pin, old_pin_len, new_pin, + new_pin_len); +} + +static CK_RV +module_C_GetOperationState (CK_SESSION_HANDLE handle, + CK_BYTE_PTR operation_state, + CK_ULONG_PTR operation_state_len) +{ + return proxy_C_GetOperationState (&global.virt.funcs, handle, operation_state, + operation_state_len); +} + +static CK_RV +module_C_SetOperationState (CK_SESSION_HANDLE handle, + CK_BYTE_PTR operation_state, + CK_ULONG operation_state_len, + CK_OBJECT_HANDLE encryption_key, + CK_OBJECT_HANDLE authentication_key) +{ + return proxy_C_SetOperationState (&global.virt.funcs, handle, operation_state, + operation_state_len, encryption_key, + authentication_key); +} + +static CK_RV +module_C_Login (CK_SESSION_HANDLE handle, + CK_USER_TYPE user_type, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + return proxy_C_Login (&global.virt.funcs, handle, user_type, pin, pin_len); +} + +static CK_RV +module_C_Logout (CK_SESSION_HANDLE handle) +{ + return proxy_C_Logout (&global.virt.funcs, handle); +} + +static CK_RV +module_C_CreateObject (CK_SESSION_HANDLE handle, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object) +{ + return proxy_C_CreateObject (&global.virt.funcs, handle, template, count, + new_object); +} + +static CK_RV +module_C_CopyObject (CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object) +{ + return proxy_C_CopyObject (&global.virt.funcs, handle, object, template, count, + new_object); +} + +static CK_RV +module_C_DestroyObject (CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object) +{ + return proxy_C_DestroyObject (&global.virt.funcs, handle, object); +} + +static CK_RV +module_C_GetObjectSize (CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, + CK_ULONG_PTR size) +{ + return proxy_C_GetObjectSize (&global.virt.funcs, handle, object, size); +} + +static CK_RV +module_C_GetAttributeValue (CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + return proxy_C_GetAttributeValue (&global.virt.funcs, handle, object, template, + count); +} + +static CK_RV +module_C_SetAttributeValue (CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + return proxy_C_SetAttributeValue (&global.virt.funcs, handle, object, template, + count); +} + +static CK_RV +module_C_FindObjectsInit (CK_SESSION_HANDLE handle, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + return proxy_C_FindObjectsInit (&global.virt.funcs, handle, template, count); +} + +static CK_RV +module_C_FindObjects (CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE_PTR objects, + CK_ULONG max_count, + CK_ULONG_PTR count) +{ + return proxy_C_FindObjects (&global.virt.funcs, handle, objects, max_count, count); +} + +static CK_RV +module_C_FindObjectsFinal (CK_SESSION_HANDLE handle) +{ + return proxy_C_FindObjectsFinal (&global.virt.funcs, handle); +} + +static CK_RV +module_C_EncryptInit (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return proxy_C_EncryptInit (&global.virt.funcs, handle, mechanism, key); +} + +static CK_RV +module_C_Encrypt (CK_SESSION_HANDLE handle, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR encrypted_data, + CK_ULONG_PTR encrypted_data_len) +{ + return proxy_C_Encrypt (&global.virt.funcs, handle, data, data_len, + encrypted_data, encrypted_data_len); +} + +static CK_RV +module_C_EncryptUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + return proxy_C_EncryptUpdate (&global.virt.funcs, handle, part, part_len, + encrypted_part, encrypted_part_len); +} + +static CK_RV +module_C_EncryptFinal (CK_SESSION_HANDLE handle, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len) +{ + return proxy_C_EncryptFinal (&global.virt.funcs, handle, last_part, last_part_len); +} + +static CK_RV +module_C_DecryptInit (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return proxy_C_DecryptInit (&global.virt.funcs, handle, mechanism, key); +} + +static CK_RV +module_C_Decrypt (CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_data, + CK_ULONG enc_data_len, + CK_BYTE_PTR data, + CK_ULONG_PTR data_len) +{ + return proxy_C_Decrypt (&global.virt.funcs, handle, enc_data, enc_data_len, + data, data_len); +} + +static CK_RV +module_C_DecryptUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + return proxy_C_DecryptUpdate (&global.virt.funcs, handle, enc_part, enc_part_len, + part, part_len); +} + +static CK_RV +module_C_DecryptFinal (CK_SESSION_HANDLE handle, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len) +{ + return proxy_C_DecryptFinal (&global.virt.funcs, handle, last_part, last_part_len); +} + +static CK_RV +module_C_DigestInit (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism) +{ + return proxy_C_DigestInit (&global.virt.funcs, handle, mechanism); +} + +static CK_RV +module_C_Digest (CK_SESSION_HANDLE handle, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + return proxy_C_Digest (&global.virt.funcs, handle, data, data_len, digest, + digest_len); +} + +static CK_RV +module_C_DigestUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + return proxy_C_DigestUpdate (&global.virt.funcs, handle, part, part_len); +} + +static CK_RV +module_C_DigestKey (CK_SESSION_HANDLE handle, + CK_OBJECT_HANDLE key) +{ + return proxy_C_DigestKey (&global.virt.funcs, handle, key); +} + +static CK_RV +module_C_DigestFinal (CK_SESSION_HANDLE handle, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + return proxy_C_DigestFinal (&global.virt.funcs, handle, digest, digest_len); +} + +static CK_RV +module_C_SignInit (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return proxy_C_SignInit (&global.virt.funcs, handle, mechanism, key); +} + +static CK_RV +module_C_Sign (CK_SESSION_HANDLE handle, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + return proxy_C_Sign (&global.virt.funcs, handle, data, data_len, signature, + signature_len); +} + +static CK_RV +module_C_SignUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + return proxy_C_SignUpdate (&global.virt.funcs, handle, part, part_len); +} + +static CK_RV +module_C_SignFinal (CK_SESSION_HANDLE handle, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + return proxy_C_SignFinal (&global.virt.funcs, handle, signature, signature_len); +} + +static CK_RV +module_C_SignRecoverInit (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return proxy_C_SignRecoverInit (&global.virt.funcs, handle, mechanism, key); +} + +static CK_RV +module_C_SignRecover (CK_SESSION_HANDLE handle, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + return proxy_C_SignRecover (&global.virt.funcs, handle, data, data_len, + signature, signature_len); +} + +static CK_RV +module_C_VerifyInit (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return proxy_C_VerifyInit (&global.virt.funcs, handle, mechanism, key); +} + +static CK_RV +module_C_Verify (CK_SESSION_HANDLE handle, + CK_BYTE_PTR data, + CK_ULONG data_len, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + return proxy_C_Verify (&global.virt.funcs, handle, data, data_len, signature, + signature_len); +} + +static CK_RV +module_C_VerifyUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + return proxy_C_VerifyUpdate (&global.virt.funcs, handle, part, part_len); +} + +static CK_RV +module_C_VerifyFinal (CK_SESSION_HANDLE handle, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + return proxy_C_VerifyFinal (&global.virt.funcs, handle, signature, signature_len); +} + +static CK_RV +module_C_VerifyRecoverInit (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + return proxy_C_VerifyRecoverInit (&global.virt.funcs, handle, mechanism, key); +} + +static CK_RV +module_C_VerifyRecover (CK_SESSION_HANDLE handle, + CK_BYTE_PTR signature, + CK_ULONG signature_len, + CK_BYTE_PTR data, + CK_ULONG_PTR data_len) +{ + return proxy_C_VerifyRecover (&global.virt.funcs, handle, signature, signature_len, + data, data_len); +} + +static CK_RV +module_C_DigestEncryptUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, + CK_ULONG_PTR enc_part_len) +{ + return proxy_C_DigestEncryptUpdate (&global.virt.funcs, handle, part, part_len, + enc_part, enc_part_len); +} + +static CK_RV +module_C_DecryptDigestUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + return proxy_C_DecryptDigestUpdate (&global.virt.funcs, handle, enc_part, + enc_part_len, part, part_len); +} + +static CK_RV +module_C_SignEncryptUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR enc_part, + CK_ULONG_PTR enc_part_len) +{ + return proxy_C_SignEncryptUpdate (&global.virt.funcs, handle, part, part_len, + enc_part, enc_part_len); +} + +static CK_RV +module_C_DecryptVerifyUpdate (CK_SESSION_HANDLE handle, + CK_BYTE_PTR enc_part, + CK_ULONG enc_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + return proxy_C_DecryptVerifyUpdate (&global.virt.funcs, handle, enc_part, + enc_part_len, part, part_len); +} + +static CK_RV +module_C_GenerateKey (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + return proxy_C_GenerateKey (&global.virt.funcs, handle, mechanism, template, count, + key); +} + +static CK_RV +module_C_GenerateKeyPair (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR pub_template, + CK_ULONG pub_count, + CK_ATTRIBUTE_PTR priv_template, + CK_ULONG priv_count, + CK_OBJECT_HANDLE_PTR pub_key, + CK_OBJECT_HANDLE_PTR priv_key) +{ + return proxy_C_GenerateKeyPair (&global.virt.funcs, handle, mechanism, pub_template, + pub_count, priv_template, priv_count, + pub_key, priv_key); +} + +static CK_RV +module_C_WrapKey (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE wrapping_key, + CK_OBJECT_HANDLE key, + CK_BYTE_PTR wrapped_key, + CK_ULONG_PTR wrapped_key_len) +{ + return proxy_C_WrapKey (&global.virt.funcs, handle, mechanism, wrapping_key, + key, wrapped_key, wrapped_key_len); +} + +static CK_RV +module_C_UnwrapKey (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE unwrapping_key, + CK_BYTE_PTR wrapped_key, + CK_ULONG wrapped_key_len, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + return proxy_C_UnwrapKey (&global.virt.funcs, handle, mechanism, unwrapping_key, + wrapped_key, wrapped_key_len, template, + count, key); +} + +static CK_RV +module_C_DeriveKey (CK_SESSION_HANDLE handle, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE base_key, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + return proxy_C_DeriveKey (&global.virt.funcs, handle, mechanism, base_key, + template, count, key); +} + +static CK_RV +module_C_SeedRandom (CK_SESSION_HANDLE handle, + CK_BYTE_PTR seed, + CK_ULONG seed_len) +{ + return proxy_C_SeedRandom (&global.virt.funcs, handle, seed, seed_len); +} + +static CK_RV +module_C_GenerateRandom (CK_SESSION_HANDLE handle, + CK_BYTE_PTR random_data, + CK_ULONG random_len) +{ + return proxy_C_GenerateRandom (&global.virt.funcs, handle, random_data, random_len); +} + +/* -------------------------------------------------------------------- * MODULE ENTRY POINT */ -CK_FUNCTION_LIST _p11_proxy_function_list = { - { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, /* version */ +static CK_FUNCTION_LIST module_functions = { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, + module_C_Initialize, + module_C_Finalize, + module_C_GetInfo, + module_C_GetFunctionList, + module_C_GetSlotList, + module_C_GetSlotInfo, + module_C_GetTokenInfo, + module_C_GetMechanismList, + module_C_GetMechanismInfo, + module_C_InitToken, + module_C_InitPIN, + module_C_SetPIN, + module_C_OpenSession, + module_C_CloseSession, + module_C_CloseAllSessions, + module_C_GetSessionInfo, + module_C_GetOperationState, + module_C_SetOperationState, + module_C_Login, + module_C_Logout, + module_C_CreateObject, + module_C_CopyObject, + module_C_DestroyObject, + module_C_GetObjectSize, + module_C_GetAttributeValue, + module_C_SetAttributeValue, + module_C_FindObjectsInit, + module_C_FindObjects, + module_C_FindObjectsFinal, + module_C_EncryptInit, + module_C_Encrypt, + module_C_EncryptUpdate, + module_C_EncryptFinal, + module_C_DecryptInit, + module_C_Decrypt, + module_C_DecryptUpdate, + module_C_DecryptFinal, + module_C_DigestInit, + module_C_Digest, + module_C_DigestUpdate, + module_C_DigestKey, + module_C_DigestFinal, + module_C_SignInit, + module_C_Sign, + module_C_SignUpdate, + module_C_SignFinal, + module_C_SignRecoverInit, + module_C_SignRecover, + module_C_VerifyInit, + module_C_Verify, + module_C_VerifyUpdate, + module_C_VerifyFinal, + module_C_VerifyRecoverInit, + module_C_VerifyRecover, + module_C_DigestEncryptUpdate, + module_C_DecryptDigestUpdate, + module_C_SignEncryptUpdate, + module_C_DecryptVerifyUpdate, + module_C_GenerateKey, + module_C_GenerateKeyPair, + module_C_WrapKey, + module_C_UnwrapKey, + module_C_DeriveKey, + module_C_SeedRandom, + module_C_GenerateRandom, + module_C_GetFunctionStatus, + module_C_CancelFunction, + module_C_WaitForSlotEvent +}; + +static CK_X_FUNCTION_LIST proxy_functions = { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, proxy_C_Initialize, proxy_C_Finalize, proxy_C_GetInfo, - proxy_C_GetFunctionList, proxy_C_GetSlotList, proxy_C_GetSlotInfo, proxy_C_GetTokenInfo, @@ -1379,18 +2356,73 @@ CK_FUNCTION_LIST _p11_proxy_function_list = { proxy_C_DeriveKey, proxy_C_SeedRandom, proxy_C_GenerateRandom, - proxy_C_GetFunctionStatus, - proxy_C_CancelFunction, - proxy_C_WaitForSlotEvent + proxy_C_WaitForSlotEvent, }; #ifdef OS_WIN32 __declspec(dllexport) #endif - CK_RV C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list) { + CK_FUNCTION_LIST_PTR module = NULL; + State *state; + CK_RV rv = CKR_OK; + p11_library_init_once (); - return proxy_C_GetFunctionList (list); + p11_lock (); + + if (p11_virtual_can_wrap ()) { + state = calloc (1, sizeof (State)); + if (!state) { + rv = CKR_HOST_MEMORY; + + } else { + p11_virtual_init (&state->virt, &proxy_functions, state, NULL); + state->last_handle = FIRST_HANDLE; + + module = p11_virtual_wrap (&state->virt, free); + if (module == NULL) { + rv = CKR_GENERAL_ERROR; + + } else { + state->wrapped = module; + state->next = all_instances; + all_instances = state; + } + } + } + + if (rv == CKR_OK) { + if (module == NULL) + module = &module_functions; + + /* We use this as a check below */ + module->C_WaitForSlotEvent = module_C_WaitForSlotEvent; + *list = module; + } + + p11_unlock (); + + return rv; +} + +void +p11_proxy_module_cleanup (void) +{ + State *state, *next; + + state = all_instances; + all_instances = NULL; + + for (; state != NULL; state = next) { + next = state->next; + p11_virtual_unwrap (state->wrapped); + } +} + +bool +p11_proxy_module_check (CK_FUNCTION_LIST_PTR module) +{ + return (module->C_WaitForSlotEvent == module_C_WaitForSlotEvent); } diff --git a/p11-kit/proxy.h b/p11-kit/proxy.h new file mode 100644 index 0000000..df05be0 --- /dev/null +++ b/p11-kit/proxy.h @@ -0,0 +1,45 @@ +/* + * Copyright (c) 2013 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#ifndef __P11_PROXY_H__ +#define __P11_PROXY_H__ + +void p11_proxy_after_fork (void); + +bool p11_proxy_module_check (CK_FUNCTION_LIST_PTR module); + +void p11_proxy_module_cleanup (void); + + +#endif /* __P11_PROXY_H__ */ diff --git a/p11-kit/tests/Makefile.am b/p11-kit/tests/Makefile.am index c7b87ae..6963850 100644 --- a/p11-kit/tests/Makefile.am +++ b/p11-kit/tests/Makefile.am @@ -3,29 +3,41 @@ include $(top_srcdir)/build/Makefile.tests COMMON = $(top_srcdir)/common -INCLUDES = \ +AM_CPPFLAGS = \ -I$(top_srcdir) \ -I$(srcdir)/.. \ -I$(COMMON) \ - $(CUTEST_CFLAGS) + $(TEST_CFLAGS) LDADD = \ $(top_builddir)/p11-kit/libp11-kit-testable.la \ - $(top_builddir)/common/libp11-mock.la \ + $(top_builddir)/common/libp11-test.la \ $(top_builddir)/common/libp11-common.la \ $(CUTEST_LIBS) \ $(LTLIBINTL) CHECK_PROGS = \ - progname-test \ - conf-test \ - uri-test \ - pin-test \ + test-progname \ + test-conf \ + test-uri \ + test-pin \ test-init \ test-modules \ + test-deprecated \ + test-proxy \ test-iter \ $(NULL) +if WITH_FFI + +CHECK_PROGS += \ + test-virtual \ + test-managed \ + test-log \ + $(NULL) + +endif + noinst_PROGRAMS = \ print-messages \ $(CHECK_PROGS) @@ -45,7 +57,7 @@ mock_one_la_CFLAGS = \ $(AM_CFLAGS) mock_one_la_LIBADD = \ - $(top_builddir)/common/libp11-mock.la \ + $(top_builddir)/common/libp11-test.la \ $(top_builddir)/common/libp11-common.la \ $(NULL) @@ -68,4 +80,6 @@ mock_four_la_LDFLAGS = $(mock_one_la_LDFLAGS) mock_four_la_LIBADD = $(mock_one_la_LIBADD) EXTRA_DIST = \ - files + files \ + test-mock.c \ + $(NULL) diff --git a/p11-kit/tests/files/system-pkcs11.conf b/p11-kit/tests/files/system-pkcs11.conf index 20741e7..a3aa273 100644 --- a/p11-kit/tests/files/system-pkcs11.conf +++ b/p11-kit/tests/files/system-pkcs11.conf @@ -1,3 +1,6 @@ # Merge in user config -user-config: merge
\ No newline at end of file +user-config: merge + +# Another option +new: world
\ No newline at end of file diff --git a/p11-kit/tests/files/user-modules/one.module b/p11-kit/tests/files/user-modules/one.module index c371e4a..6f1a2e8 100644 --- a/p11-kit/tests/files/user-modules/one.module +++ b/p11-kit/tests/files/user-modules/one.module @@ -1,2 +1,3 @@ -setting: user1
\ No newline at end of file +setting: user1 +managed: yes
\ No newline at end of file diff --git a/p11-kit/tests/conf-test.c b/p11-kit/tests/test-conf.c index d259cf8..c214bac 100644 --- a/p11-kit/tests/conf-test.c +++ b/p11-kit/tests/test-conf.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <errno.h> #include <stdlib.h> @@ -47,54 +47,54 @@ #include "private.h" static void -test_parse_conf_1 (CuTest *tc) +test_parse_conf_1 (void) { p11_dict *map; const char *value; map = _p11_conf_parse_file (SRCDIR "/files/test-1.conf", 0); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); value = p11_dict_get (map, "key1"); - CuAssertStrEquals (tc, "value1", value); + assert_str_eq ("value1", value); value = p11_dict_get (map, "with-colon"); - CuAssertStrEquals (tc, "value-of-colon", value); + assert_str_eq ("value-of-colon", value); value = p11_dict_get (map, "with-whitespace"); - CuAssertStrEquals (tc, "value-with-whitespace", value); + assert_str_eq ("value-with-whitespace", value); value = p11_dict_get (map, "embedded-comment"); - CuAssertStrEquals (tc, "this is # not a comment", value); + assert_str_eq ("this is # not a comment", value); p11_dict_free (map); } static void -test_parse_ignore_missing (CuTest *tc) +test_parse_ignore_missing (void) { p11_dict *map; map = _p11_conf_parse_file (SRCDIR "/files/non-existant.conf", CONF_IGNORE_MISSING); - CuAssertPtrNotNull (tc, map); + assert_ptr_not_null (map); - CuAssertIntEquals (tc, 0, p11_dict_size (map)); - CuAssertPtrEquals (tc, NULL, (void*)p11_message_last ()); + assert_num_eq (0, p11_dict_size (map)); + assert (p11_message_last () == NULL); p11_dict_free (map); } static void -test_parse_fail_missing (CuTest *tc) +test_parse_fail_missing (void) { p11_dict *map; map = _p11_conf_parse_file (SRCDIR "/files/non-existant.conf", 0); - CuAssertPtrEquals (tc, map, NULL); - CuAssertPtrNotNull (tc, p11_message_last ()); + assert (map == NULL); + assert_ptr_not_null (p11_message_last ()); } static void -test_merge_defaults (CuTest *tc) +test_merge_defaults (void) { p11_dict *values; p11_dict *defaults; @@ -109,19 +109,19 @@ test_merge_defaults (CuTest *tc) p11_dict_set (defaults, strdup ("three"), strdup ("default3")); if (!_p11_conf_merge_defaults (values, defaults)) - CuFail (tc, "should not be reached"); + assert_not_reached (); p11_dict_free (defaults); - CuAssertStrEquals (tc, p11_dict_get (values, "one"), "real1"); - CuAssertStrEquals (tc, p11_dict_get (values, "two"), "real2"); - CuAssertStrEquals (tc, p11_dict_get (values, "three"), "default3"); + assert_str_eq (p11_dict_get (values, "one"), "real1"); + assert_str_eq (p11_dict_get (values, "two"), "real2"); + assert_str_eq (p11_dict_get (values, "three"), "default3"); p11_dict_free (values); } static void -test_load_globals_merge (CuTest *tc) +test_load_globals_merge (void) { int user_mode = -1; p11_dict *config; @@ -131,19 +131,19 @@ test_load_globals_merge (CuTest *tc) config = _p11_conf_load_globals (SRCDIR "/files/test-system-merge.conf", SRCDIR "/files/test-user.conf", &user_mode); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, NULL, p11_message_last ()); - CuAssertIntEquals (tc, CONF_USER_MERGE, user_mode); + assert_ptr_not_null (config); + assert (NULL == p11_message_last ()); + assert_num_eq (CONF_USER_MERGE, user_mode); - CuAssertStrEquals (tc, p11_dict_get (config, "key1"), "system1"); - CuAssertStrEquals (tc, p11_dict_get (config, "key2"), "user2"); - CuAssertStrEquals (tc, p11_dict_get (config, "key3"), "user3"); + assert_str_eq (p11_dict_get (config, "key1"), "system1"); + assert_str_eq (p11_dict_get (config, "key2"), "user2"); + assert_str_eq (p11_dict_get (config, "key3"), "user3"); p11_dict_free (config); } static void -test_load_globals_no_user (CuTest *tc) +test_load_globals_no_user (void) { int user_mode = -1; p11_dict *config; @@ -153,19 +153,19 @@ test_load_globals_no_user (CuTest *tc) config = _p11_conf_load_globals (SRCDIR "/files/test-system-none.conf", SRCDIR "/files/test-user.conf", &user_mode); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, NULL, p11_message_last ()); - CuAssertIntEquals (tc, CONF_USER_NONE, user_mode); + assert_ptr_not_null (config); + assert (NULL == p11_message_last ()); + assert_num_eq (CONF_USER_NONE, user_mode); - CuAssertStrEquals (tc, p11_dict_get (config, "key1"), "system1"); - CuAssertStrEquals (tc, p11_dict_get (config, "key2"), "system2"); - CuAssertStrEquals (tc, p11_dict_get (config, "key3"), "system3"); + assert_str_eq (p11_dict_get (config, "key1"), "system1"); + assert_str_eq (p11_dict_get (config, "key2"), "system2"); + assert_str_eq (p11_dict_get (config, "key3"), "system3"); p11_dict_free (config); } static void -test_load_globals_user_sets_only (CuTest *tc) +test_load_globals_user_sets_only (void) { int user_mode = -1; p11_dict *config; @@ -175,19 +175,19 @@ test_load_globals_user_sets_only (CuTest *tc) config = _p11_conf_load_globals (SRCDIR "/files/test-system-merge.conf", SRCDIR "/files/test-user-only.conf", &user_mode); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, NULL, p11_message_last ()); - CuAssertIntEquals (tc, CONF_USER_ONLY, user_mode); + assert_ptr_not_null (config); + assert (NULL == p11_message_last ()); + assert_num_eq (CONF_USER_ONLY, user_mode); - CuAssertStrEquals (tc, p11_dict_get (config, "key1"), NULL); - CuAssertStrEquals (tc, p11_dict_get (config, "key2"), "user2"); - CuAssertStrEquals (tc, p11_dict_get (config, "key3"), "user3"); + assert (p11_dict_get (config, "key1") == NULL); + assert_str_eq (p11_dict_get (config, "key2"), "user2"); + assert_str_eq (p11_dict_get (config, "key3"), "user3"); p11_dict_free (config); } static void -test_load_globals_system_sets_only (CuTest *tc) +test_load_globals_system_sets_only (void) { int user_mode = -1; p11_dict *config; @@ -197,19 +197,19 @@ test_load_globals_system_sets_only (CuTest *tc) config = _p11_conf_load_globals (SRCDIR "/files/test-system-only.conf", SRCDIR "/files/test-user.conf", &user_mode); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, NULL, p11_message_last ()); - CuAssertIntEquals (tc, CONF_USER_ONLY, user_mode); + assert_ptr_not_null (config); + assert (NULL == p11_message_last ()); + assert_num_eq (CONF_USER_ONLY, user_mode); - CuAssertStrEquals (tc, p11_dict_get (config, "key1"), NULL); - CuAssertStrEquals (tc, p11_dict_get (config, "key2"), "user2"); - CuAssertStrEquals (tc, p11_dict_get (config, "key3"), "user3"); + assert (p11_dict_get (config, "key1") == NULL); + assert_str_eq (p11_dict_get (config, "key2"), "user2"); + assert_str_eq (p11_dict_get (config, "key3"), "user3"); p11_dict_free (config); } static void -test_load_globals_system_sets_invalid (CuTest *tc) +test_load_globals_system_sets_invalid (void) { int user_mode = -1; p11_dict *config; @@ -221,15 +221,15 @@ test_load_globals_system_sets_invalid (CuTest *tc) SRCDIR "/files/non-existant.conf", &user_mode); error = errno; - CuAssertPtrEquals (tc, NULL, config); - CuAssertIntEquals (tc, EINVAL, error); - CuAssertPtrNotNull (tc, p11_message_last ()); + assert_ptr_eq (NULL, config); + assert_num_eq (EINVAL, error); + assert_ptr_not_null (p11_message_last ()); p11_dict_free (config); } static void -test_load_globals_user_sets_invalid (CuTest *tc) +test_load_globals_user_sets_invalid (void) { int user_mode = -1; p11_dict *config; @@ -241,9 +241,9 @@ test_load_globals_user_sets_invalid (CuTest *tc) SRCDIR "/files/test-user-invalid.conf", &user_mode); error = errno; - CuAssertPtrEquals (tc, NULL, config); - CuAssertIntEquals (tc, EINVAL, error); - CuAssertPtrNotNull (tc, p11_message_last ()); + assert_ptr_eq (NULL, config); + assert_num_eq (EINVAL, error); + assert_ptr_not_null (p11_message_last ()); p11_dict_free (config); } @@ -256,7 +256,7 @@ assert_msg_contains (const char *msg, } static void -test_load_modules_merge (CuTest *tc) +test_load_modules_merge (void) { p11_dict *configs; p11_dict *config; @@ -267,29 +267,29 @@ test_load_modules_merge (CuTest *tc) SRCDIR "/files/package-modules", SRCDIR "/files/system-modules", SRCDIR "/files/user-modules"); - CuAssertPtrNotNull (tc, configs); - CuAssertTrue (tc, assert_msg_contains (p11_message_last (), "invalid config filename")); + assert_ptr_not_null (configs); + assert (assert_msg_contains (p11_message_last (), "invalid config filename")); config = p11_dict_get (configs, "one"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-one.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "user1"); + assert_ptr_not_null (config); + assert_str_eq ("mock-one.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "user1"); config = p11_dict_get (configs, "two.badname"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-two.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "system2"); + assert_ptr_not_null (config); + assert_str_eq ("mock-two.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "system2"); config = p11_dict_get (configs, "three"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-three.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "user3"); + assert_ptr_not_null (config); + assert_str_eq ("mock-three.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "user3"); p11_dict_free (configs); } static void -test_load_modules_user_none (CuTest *tc) +test_load_modules_user_none (void) { p11_dict *configs; p11_dict *config; @@ -300,27 +300,27 @@ test_load_modules_user_none (CuTest *tc) SRCDIR "/files/package-modules", SRCDIR "/files/system-modules", SRCDIR "/files/user-modules"); - CuAssertPtrNotNull (tc, configs); - CuAssertTrue (tc, assert_msg_contains (p11_message_last (), "invalid config filename")); + assert_ptr_not_null (configs); + assert (assert_msg_contains (p11_message_last (), "invalid config filename")); config = p11_dict_get (configs, "one"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-one.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "system1"); + assert_ptr_not_null (config); + assert_str_eq ("mock-one.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "system1"); config = p11_dict_get (configs, "two.badname"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-two.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "system2"); + assert_ptr_not_null (config); + assert_str_eq ("mock-two.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "system2"); config = p11_dict_get (configs, "three"); - CuAssertPtrEquals (tc, NULL, config); + assert_ptr_eq (NULL, config); p11_dict_free (configs); } static void -test_load_modules_user_only (CuTest *tc) +test_load_modules_user_only (void) { p11_dict *configs; p11_dict *config; @@ -331,27 +331,27 @@ test_load_modules_user_only (CuTest *tc) SRCDIR "/files/package-modules", SRCDIR "/files/system-modules", SRCDIR "/files/user-modules"); - CuAssertPtrNotNull (tc, configs); - CuAssertPtrEquals (tc, NULL, (void *)p11_message_last ()); + assert_ptr_not_null (configs); + assert_ptr_eq (NULL, (void *)p11_message_last ()); config = p11_dict_get (configs, "one"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, p11_dict_get (config, "module"), NULL); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "user1"); + assert_ptr_not_null (config); + assert (p11_dict_get (config, "module") == NULL); + assert_str_eq (p11_dict_get (config, "setting"), "user1"); config = p11_dict_get (configs, "two.badname"); - CuAssertPtrEquals (tc, NULL, config); + assert_ptr_eq (NULL, config); config = p11_dict_get (configs, "three"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-three.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "user3"); + assert_ptr_not_null (config); + assert_str_eq ("mock-three.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "user3"); p11_dict_free (configs); } static void -test_load_modules_no_user (CuTest *tc) +test_load_modules_no_user (void) { p11_dict *configs; p11_dict *config; @@ -362,67 +362,53 @@ test_load_modules_no_user (CuTest *tc) SRCDIR "/files/package-modules", SRCDIR "/files/system-modules", SRCDIR "/files/non-existant"); - CuAssertPtrNotNull (tc, configs); - CuAssertTrue (tc, assert_msg_contains (p11_message_last (), "invalid config filename")); + assert_ptr_not_null (configs); + assert (assert_msg_contains (p11_message_last (), "invalid config filename")); config = p11_dict_get (configs, "one"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-one.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "system1"); + assert_ptr_not_null (config); + assert_str_eq ("mock-one.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "system1"); config = p11_dict_get (configs, "two.badname"); - CuAssertPtrNotNull (tc, config); - CuAssertStrEquals (tc, "mock-two.so", p11_dict_get (config, "module")); - CuAssertStrEquals (tc, p11_dict_get (config, "setting"), "system2"); + assert_ptr_not_null (config); + assert_str_eq ("mock-two.so", p11_dict_get (config, "module")); + assert_str_eq (p11_dict_get (config, "setting"), "system2"); config = p11_dict_get (configs, "three"); - CuAssertPtrEquals (tc, NULL, config); + assert_ptr_eq (NULL, config); p11_dict_free (configs); } static void -test_parse_boolean (CuTest *tc) +test_parse_boolean (void) { p11_message_quiet (); - CuAssertIntEquals (tc, true, _p11_conf_parse_boolean ("yes", false)); - CuAssertIntEquals (tc, false, _p11_conf_parse_boolean ("no", true)); - CuAssertIntEquals (tc, true, _p11_conf_parse_boolean ("!!!", true)); + assert_num_eq (true, _p11_conf_parse_boolean ("yes", false)); + assert_num_eq (false, _p11_conf_parse_boolean ("no", true)); + assert_num_eq (true, _p11_conf_parse_boolean ("!!!", true)); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_parse_conf_1); - SUITE_ADD_TEST (suite, test_parse_ignore_missing); - SUITE_ADD_TEST (suite, test_parse_fail_missing); - SUITE_ADD_TEST (suite, test_merge_defaults); - SUITE_ADD_TEST (suite, test_load_globals_merge); - SUITE_ADD_TEST (suite, test_load_globals_no_user); - SUITE_ADD_TEST (suite, test_load_globals_system_sets_only); - SUITE_ADD_TEST (suite, test_load_globals_user_sets_only); - SUITE_ADD_TEST (suite, test_load_globals_system_sets_invalid); - SUITE_ADD_TEST (suite, test_load_globals_user_sets_invalid); - SUITE_ADD_TEST (suite, test_load_modules_merge); - SUITE_ADD_TEST (suite, test_load_modules_no_user); - SUITE_ADD_TEST (suite, test_load_modules_user_only); - SUITE_ADD_TEST (suite, test_load_modules_user_none); - SUITE_ADD_TEST (suite, test_parse_boolean); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - return ret; + p11_test (test_parse_conf_1, "/conf/test_parse_conf_1"); + p11_test (test_parse_ignore_missing, "/conf/test_parse_ignore_missing"); + p11_test (test_parse_fail_missing, "/conf/test_parse_fail_missing"); + p11_test (test_merge_defaults, "/conf/test_merge_defaults"); + p11_test (test_load_globals_merge, "/conf/test_load_globals_merge"); + p11_test (test_load_globals_no_user, "/conf/test_load_globals_no_user"); + p11_test (test_load_globals_system_sets_only, "/conf/test_load_globals_system_sets_only"); + p11_test (test_load_globals_user_sets_only, "/conf/test_load_globals_user_sets_only"); + p11_test (test_load_globals_system_sets_invalid, "/conf/test_load_globals_system_sets_invalid"); + p11_test (test_load_globals_user_sets_invalid, "/conf/test_load_globals_user_sets_invalid"); + p11_test (test_load_modules_merge, "/conf/test_load_modules_merge"); + p11_test (test_load_modules_no_user, "/conf/test_load_modules_no_user"); + p11_test (test_load_modules_user_only, "/conf/test_load_modules_user_only"); + p11_test (test_load_modules_user_none, "/conf/test_load_modules_user_none"); + p11_test (test_parse_boolean, "/conf/test_parse_boolean"); + return p11_test_run (argc, argv); } diff --git a/p11-kit/tests/test-deprecated.c b/p11-kit/tests/test-deprecated.c new file mode 100644 index 0000000..7ea8260 --- /dev/null +++ b/p11-kit/tests/test-deprecated.c @@ -0,0 +1,508 @@ +/* + * Copyright (c) 2011, Collabora Ltd. + * Copyright (c) 2012 Red Hat Inc + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#define P11_KIT_NO_DEPRECATIONS + +#include "config.h" +#include "test.h" + +#include "dict.h" +#include "library.h" +#include "p11-kit.h" +#include "private.h" +#include "mock.h" + +#include <sys/types.h> + +#include <assert.h> +#include <errno.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <time.h> +#include <unistd.h> + +static CK_FUNCTION_LIST_PTR_PTR +initialize_and_get_modules (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + CK_RV rv; + + rv = p11_kit_initialize_registered (); + assert_num_eq (CKR_OK, rv); + modules = p11_kit_registered_modules (); + assert (modules != NULL && modules[0] != NULL); + + return modules; +} + +static void +finalize_and_free_modules (CK_FUNCTION_LIST_PTR_PTR modules) +{ + CK_RV rv; + + free (modules); + rv = p11_kit_finalize_registered (); + assert_num_eq (CKR_OK, rv); + +} + +static void +test_no_duplicates (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + p11_dict *paths; + p11_dict *funcs; + char *path; + int i; + + modules = initialize_and_get_modules (); + paths = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, NULL, NULL); + funcs = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal, NULL, NULL); + + /* The loaded modules should not contain duplicates */ + for (i = 0; modules[i] != NULL; i++) { + path = p11_kit_registered_option (modules[i], "module"); + + if (p11_dict_get (funcs, modules[i])) + assert_fail ("found duplicate function list pointer", NULL); + if (p11_dict_get (paths, path)) + assert_fail ("found duplicate path name", NULL); + + if (!p11_dict_set (funcs, modules[i], "")) + assert_not_reached (); + if (!p11_dict_set (paths, path, "")) + assert_not_reached (); + + free (path); + } + + p11_dict_free (paths); + p11_dict_free (funcs); + finalize_and_free_modules (modules); +} + +static CK_FUNCTION_LIST_PTR +lookup_module_with_name (CK_FUNCTION_LIST_PTR_PTR modules, + const char *name) +{ + CK_FUNCTION_LIST_PTR match = NULL; + CK_FUNCTION_LIST_PTR module; + char *module_name; + int i; + + for (i = 0; match == NULL && modules[i] != NULL; i++) { + module_name = p11_kit_registered_module_to_name (modules[i]); + assert_ptr_not_null (module_name); + if (strcmp (module_name, name) == 0) + match = modules[i]; + free (module_name); + } + + /* + * As a side effect, we should check that the results of this function + * matches the above search. + */ + module = p11_kit_registered_name_to_module (name); + if (module != match) + assert_fail ("different result from p11_kit_registered_name_to_module()", NULL); + + return match; +} + +static void +test_disable (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + + /* + * The module four should be present, as we don't match any prognames + * that it has disabled. + */ + + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "four") != NULL); + finalize_and_free_modules (modules); + + /* + * The module two shouldn't have been loaded, because in its config + * file we have: + * + * disable-in: test-disable + */ + + p11_kit_set_progname ("test-disable"); + + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "four") == NULL); + finalize_and_free_modules (modules); + + p11_kit_set_progname (NULL); +} + +static void +test_disable_later (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + CK_RV rv; + + /* + * The module two shouldn't be matched, because in its config + * file we have: + * + * disable-in: test-disable + */ + + rv = p11_kit_initialize_registered (); + assert_num_eq (CKR_OK, rv); + + p11_kit_set_progname ("test-disable"); + + modules = p11_kit_registered_modules (); + assert (modules != NULL && modules[0] != NULL); + + assert (lookup_module_with_name (modules, "two") == NULL); + finalize_and_free_modules (modules); + + p11_kit_set_progname (NULL); +} + +static void +test_enable (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + + /* + * The module three should not be present, as we don't match the current + * program. + */ + + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "three") == NULL); + finalize_and_free_modules (modules); + + /* + * The module three should be loaded here , because in its config + * file we have: + * + * enable-in: test-enable + */ + + p11_kit_set_progname ("test-enable"); + + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "three") != NULL); + finalize_and_free_modules (modules); + + p11_kit_set_progname (NULL); +} + +CK_FUNCTION_LIST module; + +#ifdef OS_UNIX + +#include <sys/wait.h> + +static CK_RV +mock_C_Initialize__with_fork (CK_VOID_PTR init_args) +{ + struct timespec ts = { 0, 100 * 1000 * 1000 }; + CK_RV rv; + pid_t child; + pid_t ret; + int status; + + rv = mock_C_Initialize (init_args); + assert (rv == CKR_OK); + + /* Fork during the initialization */ + child = fork (); + if (child == 0) { + nanosleep (&ts, NULL); + exit (66); + } + + ret = waitpid (child, &status, 0); + assert (ret == child); + assert (WIFEXITED (status)); + assert (WEXITSTATUS (status) == 66); + + return CKR_OK; +} + +static void +test_fork_initialization (void) +{ + CK_RV rv; + + assert (!mock_module_initialized ()); + + /* Build up our own function list */ + memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST)); + module.C_Initialize = mock_C_Initialize__with_fork; + + rv = p11_kit_initialize_module (&module); + assert (rv == CKR_OK); + + rv = p11_kit_finalize_module (&module); + assert (rv == CKR_OK); + + assert (!mock_module_initialized ()); +} + +#endif /* OS_UNIX */ + +static CK_RV +mock_C_Initialize__with_recursive (CK_VOID_PTR init_args) +{ + /* Recursively initialize, this is broken */ + return p11_kit_initialize_module (&module); +} + +static void +test_recursive_initialization (void) +{ + CK_RV rv; + + assert (!mock_module_initialized ()); + + /* Build up our own function list */ + memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST)); + module.C_Initialize = mock_C_Initialize__with_recursive; + + rv = p11_kit_initialize_module (&module); + assert (rv == CKR_FUNCTION_FAILED); + + assert (!mock_module_initialized ()); +} + +static p11_mutex_t race_mutex; +static int initialization_count = 0; +static int finalization_count = 0; + +static CK_RV +mock_C_Initialize__threaded_race (CK_VOID_PTR init_args) +{ + /* Atomically increment value */ + p11_mutex_lock (&race_mutex); + initialization_count += 1; + p11_mutex_unlock (&race_mutex); + + p11_sleep_ms (100); + return CKR_OK; +} + +static CK_RV +mock_C_Finalize__threaded_race (CK_VOID_PTR reserved) +{ + /* Atomically increment value */ + p11_mutex_lock (&race_mutex); + finalization_count += 1; + p11_mutex_unlock (&race_mutex); + + p11_sleep_ms (100); + return CKR_OK; +} + +static void * +initialization_thread (void *data) +{ + CK_RV rv; + + assert_str_eq (data, "thread-data"); + rv = p11_kit_initialize_module (&module); + assert (rv == CKR_OK); + + return "thread-data"; +} + +static void * +finalization_thread (void *data) +{ + CK_RV rv; + + assert_str_eq (data, "thread-data"); + rv = p11_kit_finalize_module (&module); + assert (rv == CKR_OK); + + return "thread-data"; +} + +static void +test_threaded_initialization (void) +{ + static const int num_threads = 2; + p11_thread_t threads[num_threads]; + int ret; + int i; + + assert (!mock_module_initialized ()); + + /* Build up our own function list */ + memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST)); + module.C_Initialize = mock_C_Initialize__threaded_race; + module.C_Finalize = mock_C_Finalize__threaded_race; + + initialization_count = 0; + finalization_count = 0; + + for (i = 0; i < num_threads; i++) { + ret = p11_thread_create (&threads[i], initialization_thread, "thread-data"); + assert_num_eq (0, ret); + assert (threads[i] != 0); + } + + for (i = 0; i < num_threads; i++) { + ret = p11_thread_join (threads[i]); + assert_num_eq (0, ret); + threads[i] = 0; + } + + for (i = 0; i < num_threads; i++) { + ret = p11_thread_create (&threads[i], finalization_thread, "thread-data"); + assert_num_eq (0, ret); + assert (threads[i] != 0); + } + + for (i = 0; i < num_threads; i++) { + ret = p11_thread_join (threads[i]); + assert_num_eq (0, ret); + threads[i] = 0; + } + + /* C_Initialize should have been called exactly once */ + assert_num_eq (1, initialization_count); + assert_num_eq (1, finalization_count); + + assert (!mock_module_initialized ()); +} + +static CK_RV +mock_C_Initialize__test_mutexes (CK_VOID_PTR args) +{ + CK_C_INITIALIZE_ARGS_PTR init_args; + void *mutex = NULL; + CK_RV rv; + + rv = mock_C_Initialize (NULL); + if (rv != CKR_OK) + return rv; + + assert (args != NULL); + init_args = args; + + rv = (init_args->CreateMutex) (&mutex); + assert (rv == CKR_OK); + + rv = (init_args->LockMutex) (mutex); + assert (rv == CKR_OK); + + rv = (init_args->UnlockMutex) (mutex); + assert (rv == CKR_OK); + + rv = (init_args->DestroyMutex) (mutex); + assert (rv == CKR_OK); + + return CKR_OK; +} + +static void +test_mutexes (void) +{ + CK_RV rv; + + assert (!mock_module_initialized ()); + + /* Build up our own function list */ + memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST)); + module.C_Initialize = mock_C_Initialize__test_mutexes; + + rv = p11_kit_initialize_module (&module); + assert (rv == CKR_OK); + + rv = p11_kit_finalize_module (&module); + assert (rv == CKR_OK); + + assert (!mock_module_initialized ()); +} + +static void +test_load_and_initialize (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_INFO info; + CK_RV rv; + int ret; + + rv = p11_kit_load_initialize_module (BUILDDIR "/.libs/mock-one" SHLEXT, &module); + assert (rv == CKR_OK); + assert (module != NULL); + + rv = (module->C_GetInfo) (&info); + assert (rv == CKR_OK); + + ret = memcmp (info.manufacturerID, "MOCK MANUFACTURER ", 32); + assert (ret == 0); + + rv = p11_kit_finalize_module (module); + assert (ret == CKR_OK); +} + +int +main (int argc, + char *argv[]) +{ + p11_mutex_init (&race_mutex); + mock_module_init (); + p11_library_init (); + + p11_test (test_no_duplicates, "/deprecated/test_no_duplicates"); + p11_test (test_disable, "/deprecated/test_disable"); + p11_test (test_disable_later, "/deprecated/test_disable_later"); + p11_test (test_enable, "/deprecated/test_enable"); + +#ifdef OS_UNIX + p11_test (test_fork_initialization, "/deprecated/test_fork_initialization"); +#endif + + p11_test (test_recursive_initialization, "/deprecated/test_recursive_initialization"); + p11_test (test_threaded_initialization, "/deprecated/test_threaded_initialization"); + p11_test (test_mutexes, "/deprecated/test_mutexes"); + p11_test (test_load_and_initialize, "/deprecated/test_load_and_initialize"); + + p11_kit_be_quiet (); + + return p11_test_run (argc, argv); +} diff --git a/p11-kit/tests/test-init.c b/p11-kit/tests/test-init.c index 7df4be9..76805ee 100644 --- a/p11-kit/tests/test-init.c +++ b/p11-kit/tests/test-init.c @@ -33,11 +33,16 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <sys/types.h> #include "library.h" +#include "mock.h" +#include "modules.h" +#include "p11-kit.h" +#include "private.h" +#include "virtual.h" #include <assert.h> #include <stdio.h> @@ -46,11 +51,8 @@ #include <time.h> #include <unistd.h> -#include "p11-kit/p11-kit.h" - -#include "mock.h" - -CK_FUNCTION_LIST module; +static CK_FUNCTION_LIST module; +static p11_mutex_t race_mutex; #ifdef OS_UNIX @@ -84,23 +86,42 @@ mock_C_Initialize__with_fork (CK_VOID_PTR init_args) } static void -test_fork_initialization (CuTest *tc) +test_fork_initialization (void) { + CK_FUNCTION_LIST_PTR result; CK_RV rv; + mock_module_reset (); + /* Build up our own function list */ memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST)); module.C_Initialize = mock_C_Initialize__with_fork; - rv = p11_kit_initialize_module (&module); - CuAssertTrue (tc, rv == CKR_OK); + p11_lock (); + + rv = p11_module_load_inlock_reentrant (&module, 0, &result); + assert (rv == CKR_OK); + + p11_unlock (); + + rv = p11_kit_module_initialize (result); + assert (rv == CKR_OK); + + rv = p11_kit_module_finalize (result); + assert (rv == CKR_OK); - rv = p11_kit_finalize_module (&module); - CuAssertTrue (tc, rv == CKR_OK); + p11_lock (); + + rv = p11_module_release_inlock_reentrant (result); + assert (rv == CKR_OK); + + p11_unlock (); } #endif /* OS_UNIX */ +static CK_FUNCTION_LIST *recursive_managed; + static CK_RV mock_C_Initialize__with_recursive (CK_VOID_PTR init_args) { @@ -109,12 +130,11 @@ mock_C_Initialize__with_recursive (CK_VOID_PTR init_args) rv = mock_C_Initialize (init_args); assert (rv == CKR_OK); - /* Recursively initialize, this is broken */ - return p11_kit_initialize_module (&module); + return p11_kit_module_initialize (recursive_managed); } static void -test_recursive_initialization (CuTest *tc) +test_recursive_initialization (void) { CK_RV rv; @@ -122,16 +142,31 @@ test_recursive_initialization (CuTest *tc) memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST)); module.C_Initialize = mock_C_Initialize__with_recursive; - rv = p11_kit_initialize_module (&module); - CuAssertTrue (tc, rv == CKR_FUNCTION_FAILED); + p11_kit_be_quiet (); + + p11_lock (); + + rv = p11_module_load_inlock_reentrant (&module, 0, &recursive_managed); + assert (rv == CKR_OK); + + p11_unlock (); + + rv = p11_kit_module_initialize (recursive_managed); + assert_num_eq (CKR_FUNCTION_FAILED, rv); + + p11_lock (); + + rv = p11_module_release_inlock_reentrant (recursive_managed); + assert (rv == CKR_OK); + + p11_unlock (); + + p11_kit_be_loud (); } -static p11_mutex_t race_mutex; static int initialization_count = 0; static int finalization_count = 0; -#include "private.h" - static CK_RV mock_C_Initialize__threaded_race (CK_VOID_PTR init_args) { @@ -159,32 +194,36 @@ mock_C_Finalize__threaded_race (CK_VOID_PTR reserved) static void * initialization_thread (void *data) { - CuTest *tc = data; + CK_FUNCTION_LIST *module = data; CK_RV rv; - rv = p11_kit_initialize_module (&module); - CuAssertTrue (tc, rv == CKR_OK); + assert (module != NULL); + rv = p11_kit_module_initialize (module); + assert_num_eq (rv, CKR_OK); - return tc; + return module; } static void * finalization_thread (void *data) { - CuTest *tc = data; + CK_FUNCTION_LIST *module = data; CK_RV rv; - rv = p11_kit_finalize_module (&module); - CuAssertTrue (tc, rv == CKR_OK); + assert (module != NULL); + rv = p11_kit_module_finalize (module); + assert_num_eq (rv, CKR_OK); - return tc; + return module; } static void -test_threaded_initialization (CuTest *tc) +test_threaded_initialization (void) { - static const int num_threads = 2; + static const int num_threads = 1; + CK_FUNCTION_LIST *data[num_threads]; p11_thread_t threads[num_threads]; + CK_RV rv; int ret; int i; @@ -193,36 +232,57 @@ test_threaded_initialization (CuTest *tc) module.C_Initialize = mock_C_Initialize__threaded_race; module.C_Finalize = mock_C_Finalize__threaded_race; + memset (&data, 0, sizeof (data)); initialization_count = 0; finalization_count = 0; + p11_lock (); + + for (i = 0; i < num_threads; i++) { + assert (data[i] == NULL); + rv = p11_module_load_inlock_reentrant (&module, 0, &data[i]); + assert (rv == CKR_OK); + } + + p11_unlock (); + for (i = 0; i < num_threads; i++) { - ret = p11_thread_create (&threads[i], initialization_thread, tc); - CuAssertIntEquals (tc, 0, ret); - CuAssertTrue (tc, threads[i] != 0); + ret = p11_thread_create (&threads[i], initialization_thread, data[i]); + assert_num_eq (0, ret); + assert (threads[i] != 0); } for (i = 0; i < num_threads; i++) { ret = p11_thread_join (threads[i]); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); threads[i] = 0; } for (i = 0; i < num_threads; i++) { - ret = p11_thread_create (&threads[i], finalization_thread, tc); - CuAssertIntEquals (tc, 0, ret); - CuAssertTrue (tc, threads[i] != 0); + ret = p11_thread_create (&threads[i], finalization_thread, data[i]); + assert_num_eq (0, ret); + assert (threads[i] != 0); } for (i = 0; i < num_threads; i++) { ret = p11_thread_join (threads[i]); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); threads[i] = 0; } + p11_lock (); + + for (i = 0; i < num_threads; i++) { + assert (data[i] != NULL); + rv = p11_module_release_inlock_reentrant (data[i]); + assert (rv == CKR_OK); + } + + p11_unlock (); + /* C_Initialize should have been called exactly once */ - CuAssertIntEquals (tc, 1, initialization_count); - CuAssertIntEquals (tc, 1, finalization_count); + assert_num_eq (1, initialization_count); + assert_num_eq (1, finalization_count); } static CK_RV @@ -251,71 +311,106 @@ mock_C_Initialize__test_mutexes (CK_VOID_PTR args) } static void -test_mutexes (CuTest *tc) +test_mutexes (void) { + CK_FUNCTION_LIST_PTR result; CK_RV rv; /* Build up our own function list */ memcpy (&module, &mock_module_no_slots, sizeof (CK_FUNCTION_LIST)); module.C_Initialize = mock_C_Initialize__test_mutexes; - rv = p11_kit_initialize_module (&module); - CuAssertTrue (tc, rv == CKR_OK); + p11_lock (); + + rv = p11_module_load_inlock_reentrant (&module, 0, &result); + assert (rv == CKR_OK); + + rv = p11_module_release_inlock_reentrant (result); + assert (rv == CKR_OK); - rv = p11_kit_finalize_module (&module); - CuAssertTrue (tc, rv == CKR_OK); + p11_unlock (); } static void -test_load_and_initialize (CuTest *tc) +test_load_and_initialize (void) { CK_FUNCTION_LIST_PTR module; CK_INFO info; CK_RV rv; int ret; - rv = p11_kit_load_initialize_module (BUILDDIR "/.libs/mock-one" SHLEXT, &module); - CuAssertTrue (tc, rv == CKR_OK); - CuAssertTrue (tc, module != NULL); + module = p11_kit_module_load (BUILDDIR "/.libs/mock-one" SHLEXT, 0); + assert (module != NULL); + + rv = p11_kit_module_initialize (module); + assert (rv == CKR_OK); rv = (module->C_GetInfo) (&info); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); ret = memcmp (info.manufacturerID, "MOCK MANUFACTURER ", 32); - CuAssertTrue (tc, ret == 0); + assert (ret == 0); - rv = p11_kit_finalize_module (module); - CuAssertTrue (tc, ret == CKR_OK); + rv = p11_kit_module_finalize (module); + assert (rv == CKR_OK); + + p11_kit_module_release (module); } -int -main (void) +static void +test_initalize_fail (void) +{ + CK_FUNCTION_LIST failer; + CK_FUNCTION_LIST *modules[3] = { &mock_module_no_slots, &failer, NULL }; + CK_RV rv; + + memcpy (&failer, &mock_module, sizeof (CK_FUNCTION_LIST)); + failer.C_Initialize = mock_C_Initialize__fails; + + mock_module_reset (); + p11_kit_be_quiet (); + + rv = p11_kit_modules_initialize (modules, NULL); + assert_num_eq (CKR_FUNCTION_FAILED, rv); + + p11_kit_be_loud (); + + /* Failed modules get removed from the list */ + assert_ptr_eq (&mock_module_no_slots, modules[0]); + assert_ptr_eq (NULL, modules[1]); + assert_ptr_eq (NULL, modules[2]); + + p11_kit_modules_finalize (modules); +} + +static void +test_finalize_fail (void) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - putenv ("P11_KIT_STRICT=1"); +} + +int +main (int argc, + char *argv[]) +{ p11_mutex_init (&race_mutex); mock_module_init (); p11_library_init (); + /* These only work when managed */ + if (p11_virtual_can_wrap ()) { + p11_test (test_recursive_initialization, "/init/test_recursive_initialization"); + p11_test (test_threaded_initialization, "/init/test_threaded_initialization"); + p11_test (test_mutexes, "/init/test_mutexes"); + p11_test (test_load_and_initialize, "/init/test_load_and_initialize"); + #ifdef OS_UNIX - SUITE_ADD_TEST (suite, test_fork_initialization); + p11_test (test_fork_initialization, "/init/test_fork_initialization"); #endif + } - SUITE_ADD_TEST (suite, test_recursive_initialization); - SUITE_ADD_TEST (suite, test_threaded_initialization); - SUITE_ADD_TEST (suite, test_mutexes); - SUITE_ADD_TEST (suite, test_load_and_initialize); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); + p11_test (test_initalize_fail, "/init/test_initalize_fail"); + p11_test (test_finalize_fail, "/init/test_finalize_fail"); - return ret; + return p11_test_run (argc, argv); } diff --git a/p11-kit/tests/test-iter.c b/p11-kit/tests/test-iter.c index 08e43b3..18b5ed6 100644 --- a/p11-kit/tests/test-iter.c +++ b/p11-kit/tests/test-iter.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #define P11_KIT_FUTURE_UNSTABLE_API 1 @@ -49,17 +49,14 @@ #include <stdlib.h> static CK_FUNCTION_LIST_PTR_PTR -initialize_and_get_modules (CuTest *tc) +initialize_and_get_modules (void) { CK_FUNCTION_LIST_PTR_PTR modules; - CK_RV rv; p11_message_quiet (); - rv = p11_kit_initialize_registered (); - CuAssertIntEquals (tc, CKR_OK, rv); - modules = p11_kit_registered_modules (); - CuAssertTrue (tc, modules != NULL && modules[0] != NULL); + modules = p11_kit_modules_load_and_initialize (0); + assert (modules != NULL && modules[0] != NULL); p11_message_loud (); @@ -67,14 +64,10 @@ initialize_and_get_modules (CuTest *tc) } static void -finalize_and_free_modules (CuTest *tc, - CK_FUNCTION_LIST_PTR_PTR modules) +finalize_and_free_modules (CK_FUNCTION_LIST_PTR_PTR modules) { - CK_RV rv; - - free (modules); - rv = p11_kit_finalize_registered (); - CuAssertIntEquals (tc, CKR_OK, rv); + p11_kit_modules_finalize (modules); + p11_kit_modules_release (modules); } static int @@ -93,7 +86,7 @@ has_handle (CK_ULONG *objects, static void -test_all (CuTest *tc) +test_all (void) { CK_OBJECT_HANDLE objects[128]; CK_FUNCTION_LIST_PTR *modules; @@ -104,59 +97,60 @@ test_all (CuTest *tc) CK_RV rv; int at; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); iter = p11_kit_iter_new (NULL); p11_kit_iter_begin (iter, modules); at = 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - CuAssertTrue (tc, at < 128); + assert (at < 128); objects[at] = p11_kit_iter_get_object (iter); module = p11_kit_iter_get_module (iter); - CuAssertPtrNotNull (tc, module); + assert_ptr_not_null (module); session = p11_kit_iter_get_session (iter); - CuAssertTrue (tc, session != 0); + assert (session != 0); /* Do something with the object */ size = 0; rv = (module->C_GetObjectSize) (session, objects[at], &size); - CuAssertTrue (tc, rv == CKR_OK); - CuAssertTrue (tc, size > 0); + assert (rv == CKR_OK); + assert (size > 0); at++; } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Three modules, each with 1 slot, and 3 public objects */ - CuAssertIntEquals (tc, 9, at); + assert_num_eq (9, at); - CuAssertTrue (tc, has_handle (objects, at, MOCK_DATA_OBJECT)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_DATA_OBJECT)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static CK_RV on_iter_callback (P11KitIter *iter, - CK_BBOOL *matches, - void *data) + CK_BBOOL *matches, + void *data) { - CuTest *tc = data; CK_OBJECT_HANDLE object; CK_FUNCTION_LIST_PTR module; CK_SESSION_HANDLE session; CK_ULONG size; CK_RV rv; + assert_str_eq (data, "callback"); + object = p11_kit_iter_get_object (iter); if (object != MOCK_PUBLIC_KEY_CAPITALIZE && object != MOCK_PUBLIC_KEY_PREFIX) { *matches = CK_FALSE; @@ -164,22 +158,22 @@ on_iter_callback (P11KitIter *iter, } module = p11_kit_iter_get_module (iter); - CuAssertPtrNotNull (tc, module); + assert_ptr_not_null (module); session = p11_kit_iter_get_session (iter); - CuAssertTrue (tc, session != 0); + assert (session != 0); /* Do something with the object */ size = 0; rv = (module->C_GetObjectSize) (session, object, &size); - CuAssertTrue (tc, rv == CKR_OK); - CuAssertTrue (tc, size > 0); + assert (rv == CKR_OK); + assert (size > 0); return CKR_OK; } static void -test_callback (CuTest *tc) +test_callback (void) { CK_OBJECT_HANDLE objects[128]; CK_FUNCTION_LIST_PTR *modules; @@ -187,33 +181,33 @@ test_callback (CuTest *tc) CK_RV rv; int at; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); iter = p11_kit_iter_new (NULL); - p11_kit_iter_add_callback (iter, on_iter_callback, tc, NULL); + p11_kit_iter_add_callback (iter, on_iter_callback, "callback", NULL); p11_kit_iter_begin (iter, modules); at= 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - CuAssertTrue (tc, at < 128); + assert (at < 128); objects[at] = p11_kit_iter_get_object (iter); at++; } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Three modules, each with 1 slot, and 2 public keys */ - CuAssertIntEquals (tc, 6, at); + assert_num_eq (6, at); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_DATA_OBJECT)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); + assert (!has_handle (objects, at, MOCK_DATA_OBJECT)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static CK_RV @@ -225,30 +219,30 @@ on_callback_fail (P11KitIter *iter, } static void -test_callback_fails (CuTest *tc) +test_callback_fails (void) { CK_FUNCTION_LIST_PTR *modules; P11KitIter *iter; CK_RV rv; int at; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); iter = p11_kit_iter_new (NULL); - p11_kit_iter_add_callback (iter, on_callback_fail, tc, NULL); + p11_kit_iter_add_callback (iter, on_callback_fail, "callback", NULL); p11_kit_iter_begin (iter, modules); at= 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) at++; - CuAssertTrue (tc, rv == CKR_DATA_INVALID); + assert (rv == CKR_DATA_INVALID); /* Shouldn't have succeeded at all */ - CuAssertIntEquals (tc, 0, at); + assert_num_eq (0, at); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void @@ -259,7 +253,7 @@ on_destroy_increment (void *data) } static void -test_callback_destroyer (CuTest *tc) +test_callback_destroyer (void) { P11KitIter *iter; int value = 1; @@ -268,11 +262,11 @@ test_callback_destroyer (CuTest *tc) p11_kit_iter_add_callback (iter, on_callback_fail, &value, on_destroy_increment); p11_kit_iter_free (iter); - CuAssertIntEquals (tc, 2, value); + assert_num_eq (2, value); } static void -test_with_session (CuTest *tc) +test_with_session (void) { CK_OBJECT_HANDLE objects[128]; CK_SESSION_HANDLE session; @@ -282,53 +276,54 @@ test_with_session (CuTest *tc) CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); rv = mock_C_OpenSession (MOCK_SLOT_ONE_ID, CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); iter = p11_kit_iter_new (NULL); p11_kit_iter_begin_with (iter, &mock_module, 0, session); at= 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - CuAssertTrue (tc, at < 128); + assert (at < 128); objects[at] = p11_kit_iter_get_object (iter); slot = p11_kit_iter_get_slot (iter); - CuAssertTrue (tc, slot == MOCK_SLOT_ONE_ID); + assert (slot == MOCK_SLOT_ONE_ID); module = p11_kit_iter_get_module (iter); - CuAssertPtrEquals (tc, module, &mock_module); + assert_ptr_eq (module, &mock_module); - CuAssertTrue (tc, session == p11_kit_iter_get_session (iter)); + assert (session == p11_kit_iter_get_session (iter)); at++; } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* 1 modules, each with 1 slot, and 3 public objects */ - CuAssertIntEquals (tc, 3, at); + assert_num_eq (3, at); - CuAssertTrue (tc, has_handle (objects, at, MOCK_DATA_OBJECT)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_DATA_OBJECT)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); p11_kit_iter_free (iter); /* The session is still valid ... */ rv = mock_module.C_CloseSession (session); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_with_slot (CuTest *tc) +test_with_slot (void) { CK_OBJECT_HANDLE objects[128]; CK_FUNCTION_LIST_PTR module; @@ -337,44 +332,45 @@ test_with_slot (CuTest *tc) CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); iter = p11_kit_iter_new (NULL); p11_kit_iter_begin_with (iter, &mock_module, MOCK_SLOT_ONE_ID, 0); at= 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - CuAssertTrue (tc, at < 128); + assert (at < 128); objects[at] = p11_kit_iter_get_object (iter); slot = p11_kit_iter_get_slot (iter); - CuAssertTrue (tc, slot == MOCK_SLOT_ONE_ID); + assert (slot == MOCK_SLOT_ONE_ID); module = p11_kit_iter_get_module (iter); - CuAssertPtrEquals (tc, module, &mock_module); + assert_ptr_eq (module, &mock_module); at++; } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* 1 modules, each with 1 slot, and 3 public objects */ - CuAssertIntEquals (tc, 3, at); + assert_num_eq (3, at); - CuAssertTrue (tc, has_handle (objects, at, MOCK_DATA_OBJECT)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_DATA_OBJECT)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = (mock_module.C_Finalize) (NULL); + assert (rv == CKR_OK); } static void -test_with_module (CuTest *tc) +test_with_module (void) { CK_OBJECT_HANDLE objects[128]; CK_FUNCTION_LIST_PTR module; @@ -382,68 +378,70 @@ test_with_module (CuTest *tc) CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); iter = p11_kit_iter_new (NULL); p11_kit_iter_begin_with (iter, &mock_module, 0, 0); at= 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - CuAssertTrue (tc, at < 128); + assert (at < 128); objects[at] = p11_kit_iter_get_object (iter); module = p11_kit_iter_get_module (iter); - CuAssertPtrEquals (tc, module, &mock_module); + assert_ptr_eq (module, &mock_module); at++; } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* 1 modules, each with 1 slot, and 3 public objects */ - CuAssertIntEquals (tc, 3, at); + assert_num_eq (3, at); - CuAssertTrue (tc, has_handle (objects, at, MOCK_DATA_OBJECT)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_DATA_OBJECT)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_keep_session (CuTest *tc) +test_keep_session (void) { CK_SESSION_HANDLE session; P11KitIter *iter; CK_RV rv; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); iter = p11_kit_iter_new (NULL); p11_kit_iter_begin_with (iter, &mock_module, 0, 0); rv = p11_kit_iter_next (iter); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); session = p11_kit_iter_keep_session (iter); p11_kit_iter_free (iter); /* The session is still valid ... */ rv = mock_module.C_CloseSession (session); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_unrecognized (CuTest *tc) +test_unrecognized (void) { CK_FUNCTION_LIST_PTR *modules; P11KitIter *iter; @@ -451,7 +449,7 @@ test_unrecognized (CuTest *tc) CK_RV rv; int count; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); uri = p11_kit_uri_new (); p11_kit_uri_set_unrecognized (uri, 1); @@ -464,18 +462,18 @@ test_unrecognized (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) count++; - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Nothing should have matched */ - CuAssertIntEquals (tc, 0, count); + assert_num_eq (0, count); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_uri_with_type (CuTest *tc) +test_uri_with_type (void) { CK_OBJECT_HANDLE objects[128]; CK_FUNCTION_LIST_PTR *modules; @@ -485,11 +483,11 @@ test_uri_with_type (CuTest *tc) int at; int ret; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); uri = p11_kit_uri_new (); ret = p11_kit_uri_parse ("pkcs11:object-type=public", P11_KIT_URI_FOR_OBJECT, uri); - CuAssertIntEquals (tc, ret, P11_KIT_URI_OK); + assert_num_eq (ret, P11_KIT_URI_OK); iter = p11_kit_iter_new (uri); p11_kit_uri_free (uri); @@ -498,29 +496,29 @@ test_uri_with_type (CuTest *tc) at = 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - CuAssertTrue (tc, at < 128); + assert (at < 128); objects[at] = p11_kit_iter_get_object (iter); at++; } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Three modules, each with 1 slot, and 2 public keys */ - CuAssertIntEquals (tc, 6, at); + assert_num_eq (6, at); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_DATA_OBJECT)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); + assert (!has_handle (objects, at, MOCK_DATA_OBJECT)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_filter (CuTest *tc) +test_filter (void) { CK_OBJECT_HANDLE objects[128]; CK_FUNCTION_LIST_PTR *modules; @@ -535,7 +533,7 @@ test_filter (CuTest *tc) { CKA_CLASS, &public_key, sizeof (public_key) }, }; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); iter = p11_kit_iter_new (NULL); p11_kit_iter_add_filter (iter, attrs, 2); @@ -544,29 +542,29 @@ test_filter (CuTest *tc) at = 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - CuAssertTrue (tc, at < 128); + assert (at < 128); objects[at] = p11_kit_iter_get_object (iter); at++; } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Three modules, each with 1 slot, and 2 public keys */ - CuAssertIntEquals (tc, 6, at); + assert_num_eq (6, at); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_DATA_OBJECT)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); - CuAssertTrue (tc, !has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); - CuAssertTrue (tc, has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); + assert (!has_handle (objects, at, MOCK_DATA_OBJECT)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_CAPITALIZE)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_CAPITALIZE)); + assert (!has_handle (objects, at, MOCK_PRIVATE_KEY_PREFIX)); + assert (has_handle (objects, at, MOCK_PUBLIC_KEY_PREFIX)); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_session_flags (CuTest *tc) +test_session_flags (void) { CK_FUNCTION_LIST_PTR *modules; CK_FUNCTION_LIST_PTR module; @@ -575,7 +573,7 @@ test_session_flags (CuTest *tc) P11KitIter *iter; CK_RV rv; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); iter = p11_kit_iter_new (NULL); p11_kit_iter_set_session_flags (iter, CKF_RW_SESSION); @@ -584,26 +582,26 @@ test_session_flags (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { module = p11_kit_iter_get_module (iter); - CuAssertPtrNotNull (tc, module); + assert_ptr_not_null (module); session = p11_kit_iter_get_session (iter); - CuAssertTrue (tc, session != 0); + assert (session != 0); rv = (module->C_GetSessionInfo) (session, &info); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (tc, CKS_RW_PUBLIC_SESSION, info.state); + assert_num_eq (CKS_RW_PUBLIC_SESSION, info.state); } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_module_match (CuTest *tc) +test_module_match (void) { CK_FUNCTION_LIST_PTR *modules; P11KitIter *iter; @@ -612,11 +610,11 @@ test_module_match (CuTest *tc) int count; int ret; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); uri = p11_kit_uri_new (); ret = p11_kit_uri_parse ("pkcs11:library-description=MOCK%20LIBRARY", P11_KIT_URI_FOR_MODULE, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); iter = p11_kit_iter_new (uri); p11_kit_uri_free (uri); @@ -627,18 +625,18 @@ test_module_match (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) count++; - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Three modules, each with 1 slot, and 3 public objects */ - CuAssertIntEquals (tc, 9, count); + assert_num_eq (9, count); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_module_mismatch (CuTest *tc) +test_module_mismatch (void) { CK_FUNCTION_LIST_PTR *modules; P11KitIter *iter; @@ -647,11 +645,11 @@ test_module_mismatch (CuTest *tc) int count; int ret; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); uri = p11_kit_uri_new (); ret = p11_kit_uri_parse ("pkcs11:library-description=blah", P11_KIT_URI_FOR_MODULE, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); iter = p11_kit_iter_new (uri); p11_kit_uri_free (uri); @@ -662,18 +660,18 @@ test_module_mismatch (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) count++; - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Nothing should have matched */ - CuAssertIntEquals (tc, 0, count); + assert_num_eq (0, count); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_token_match (CuTest *tc) +test_token_match (void) { CK_FUNCTION_LIST_PTR *modules; P11KitIter *iter; @@ -682,11 +680,11 @@ test_token_match (CuTest *tc) int count; int ret; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); uri = p11_kit_uri_new (); ret = p11_kit_uri_parse ("pkcs11:manufacturer=TEST%20MANUFACTURER", P11_KIT_URI_FOR_TOKEN, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); iter = p11_kit_iter_new (uri); p11_kit_uri_free (uri); @@ -697,18 +695,18 @@ test_token_match (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) count++; - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Three modules, each with 1 slot, and 3 public objects */ - CuAssertIntEquals (tc, 9, count); + assert_num_eq (9, count); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_token_mismatch (CuTest *tc) +test_token_mismatch (void) { CK_FUNCTION_LIST_PTR *modules; P11KitIter *iter; @@ -717,11 +715,11 @@ test_token_mismatch (CuTest *tc) int count; int ret; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); uri = p11_kit_uri_new (); ret = p11_kit_uri_parse ("pkcs11:manufacturer=blah", P11_KIT_URI_FOR_TOKEN, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); iter = p11_kit_iter_new (uri); p11_kit_uri_free (uri); @@ -732,26 +730,27 @@ test_token_mismatch (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) count++; - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Nothing should have matched */ - CuAssertIntEquals (tc, 0, count); + assert_num_eq (0, count); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_getslotlist_fail_first (CuTest *tc) +test_getslotlist_fail_first (void) { CK_FUNCTION_LIST module; P11KitIter *iter; CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); module.C_GetSlotList = mock_C_GetSlotList__fail_first; @@ -763,27 +762,28 @@ test_getslotlist_fail_first (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) at++; - CuAssertTrue (tc, rv == CKR_VENDOR_DEFINED); + assert (rv == CKR_VENDOR_DEFINED); /* Should fail on the first iteration */ - CuAssertIntEquals (tc, 0, at); + assert_num_eq (0, at); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_getslotlist_fail_late (CuTest *tc) +test_getslotlist_fail_late (void) { CK_FUNCTION_LIST module; P11KitIter *iter; CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); module.C_GetSlotList = mock_C_GetSlotList__fail_late; @@ -795,27 +795,28 @@ test_getslotlist_fail_late (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) at++; - CuAssertTrue (tc, rv == CKR_VENDOR_DEFINED); + assert (rv == CKR_VENDOR_DEFINED); /* Should fail on the first iteration */ - CuAssertIntEquals (tc, 0, at); + assert_num_eq (0, at); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_open_session_fail (CuTest *tc) +test_open_session_fail (void) { CK_FUNCTION_LIST module; P11KitIter *iter; CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); module.C_OpenSession = mock_C_OpenSession__fails; @@ -827,27 +828,28 @@ test_open_session_fail (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) at++; - CuAssertTrue (tc, rv == CKR_DEVICE_ERROR); + assert (rv == CKR_DEVICE_ERROR); /* Should fail on the first iteration */ - CuAssertIntEquals (tc, 0, at); + assert_num_eq (0, at); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_find_init_fail (CuTest *tc) +test_find_init_fail (void) { CK_FUNCTION_LIST module; P11KitIter *iter; CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); module.C_FindObjectsInit = mock_C_FindObjectsInit__fails; @@ -859,27 +861,28 @@ test_find_init_fail (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) at++; - CuAssertTrue (tc, rv == CKR_DEVICE_MEMORY); + assert (rv == CKR_DEVICE_MEMORY); /* Should fail on the first iteration */ - CuAssertIntEquals (tc, 0, at); + assert_num_eq (0, at); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_find_objects_fail (CuTest *tc) +test_find_objects_fail (void) { CK_FUNCTION_LIST module; P11KitIter *iter; CK_RV rv; int at; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); module.C_FindObjects = mock_C_FindObjects__fails; @@ -891,19 +894,19 @@ test_find_objects_fail (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) at++; - CuAssertTrue (tc, rv == CKR_DEVICE_REMOVED); + assert (rv == CKR_DEVICE_REMOVED); /* Should fail on the first iteration */ - CuAssertIntEquals (tc, 0, at); + assert_num_eq (0, at); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_load_attributes (CuTest *tc) +test_load_attributes (void) { CK_FUNCTION_LIST_PTR *modules; P11KitIter *iter; @@ -918,7 +921,7 @@ test_load_attributes (CuTest *tc) { CKA_LABEL }, }; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); iter = p11_kit_iter_new (NULL); p11_kit_iter_begin (iter, modules); @@ -928,24 +931,24 @@ test_load_attributes (CuTest *tc) at = 0; while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { rv = p11_kit_iter_load_attributes (iter, attrs, 2); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); object = p11_kit_iter_get_object (iter); switch (object) { case MOCK_DATA_OBJECT: - CuAssertTrue (tc, p11_attrs_find_ulong (attrs, CKA_CLASS, &ulong) && ulong == CKO_DATA); - CuAssertTrue (tc, p11_attr_match_value (p11_attrs_find (attrs, CKA_LABEL), "TEST LABEL", -1)); + assert (p11_attrs_find_ulong (attrs, CKA_CLASS, &ulong) && ulong == CKO_DATA); + assert (p11_attr_match_value (p11_attrs_find (attrs, CKA_LABEL), "TEST LABEL", -1)); break; case MOCK_PUBLIC_KEY_CAPITALIZE: - CuAssertTrue (tc, p11_attrs_find_ulong (attrs, CKA_CLASS, &ulong) && ulong == CKO_PUBLIC_KEY); - CuAssertTrue (tc, p11_attr_match_value (p11_attrs_find (attrs, CKA_LABEL), "Public Capitalize Key", -1)); + assert (p11_attrs_find_ulong (attrs, CKA_CLASS, &ulong) && ulong == CKO_PUBLIC_KEY); + assert (p11_attr_match_value (p11_attrs_find (attrs, CKA_LABEL), "Public Capitalize Key", -1)); break; case MOCK_PUBLIC_KEY_PREFIX: - CuAssertTrue (tc, p11_attrs_find_ulong (attrs, CKA_CLASS, &ulong) && ulong == CKO_PUBLIC_KEY); - CuAssertTrue (tc, p11_attr_match_value (p11_attrs_find (attrs, CKA_LABEL), "Public prefix key", -1)); + assert (p11_attrs_find_ulong (attrs, CKA_CLASS, &ulong) && ulong == CKO_PUBLIC_KEY); + assert (p11_attr_match_value (p11_attrs_find (attrs, CKA_LABEL), "Public prefix key", -1)); break; default: - CuFail (tc, "Unknown object matched"); + assert_fail ("Unknown object matched", NULL); break; } @@ -954,26 +957,27 @@ test_load_attributes (CuTest *tc) p11_attrs_free (attrs); - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); /* Three modules, each with 1 slot, and 3 public objects */ - CuAssertIntEquals (tc, 9, at); + assert_num_eq (9, at); p11_kit_iter_free (iter); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static void -test_load_attributes_none (CuTest *tc) +test_load_attributes_none (void) { CK_FUNCTION_LIST module; P11KitIter *iter; CK_ATTRIBUTE *attrs; CK_RV rv; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); @@ -983,20 +987,20 @@ test_load_attributes_none (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { attrs = p11_attrs_buildn (NULL, NULL, 0); rv = p11_kit_iter_load_attributes (iter, attrs, 0); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); p11_attrs_free (attrs); } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_load_attributes_fail_first (CuTest *tc) +test_load_attributes_fail_first (void) { CK_ATTRIBUTE label = { CKA_LABEL, }; CK_FUNCTION_LIST module; @@ -1004,8 +1008,9 @@ test_load_attributes_fail_first (CuTest *tc) CK_ATTRIBUTE *attrs; CK_RV rv; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); module.C_GetAttributeValue = mock_C_GetAttributeValue__fail_first; @@ -1016,20 +1021,20 @@ test_load_attributes_fail_first (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { attrs = p11_attrs_build (NULL, &label, NULL); rv = p11_kit_iter_load_attributes (iter, attrs, 1); - CuAssertTrue (tc, rv == CKR_FUNCTION_REJECTED); + assert (rv == CKR_FUNCTION_REJECTED); p11_attrs_free (attrs); } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } static void -test_load_attributes_fail_late (CuTest *tc) +test_load_attributes_fail_late (void) { CK_ATTRIBUTE label = { CKA_LABEL, }; CK_FUNCTION_LIST module; @@ -1037,8 +1042,9 @@ test_load_attributes_fail_late (CuTest *tc) CK_ATTRIBUTE *attrs; CK_RV rv; - rv = p11_kit_initialize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + mock_module_reset (); + rv = mock_module.C_Initialize (NULL); + assert (rv == CKR_OK); memcpy (&module, &mock_module, sizeof (CK_FUNCTION_LIST)); module.C_GetAttributeValue = mock_C_GetAttributeValue__fail_late; @@ -1049,61 +1055,50 @@ test_load_attributes_fail_late (CuTest *tc) while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { attrs = p11_attrs_build (NULL, &label, NULL); rv = p11_kit_iter_load_attributes (iter, attrs, 1); - CuAssertTrue (tc, rv == CKR_FUNCTION_FAILED); + assert (rv == CKR_FUNCTION_FAILED); p11_attrs_free (attrs); } - CuAssertTrue (tc, rv == CKR_CANCEL); + assert (rv == CKR_CANCEL); p11_kit_iter_free (iter); - rv = p11_kit_finalize_module (&mock_module); - CuAssertTrue (tc, rv == CKR_OK); + rv = mock_module.C_Finalize (NULL); + assert (rv == CKR_OK); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); p11_library_init (); mock_module_init (); - SUITE_ADD_TEST (suite, test_all); - SUITE_ADD_TEST (suite, test_unrecognized); - SUITE_ADD_TEST (suite, test_uri_with_type); - SUITE_ADD_TEST (suite, test_session_flags); - SUITE_ADD_TEST (suite, test_callback); - SUITE_ADD_TEST (suite, test_callback_fails); - SUITE_ADD_TEST (suite, test_callback_destroyer); - SUITE_ADD_TEST (suite, test_filter); - SUITE_ADD_TEST (suite, test_with_session); - SUITE_ADD_TEST (suite, test_with_slot); - SUITE_ADD_TEST (suite, test_with_module); - SUITE_ADD_TEST (suite, test_keep_session); - SUITE_ADD_TEST (suite, test_token_match); - SUITE_ADD_TEST (suite, test_token_mismatch); - SUITE_ADD_TEST (suite, test_module_match); - SUITE_ADD_TEST (suite, test_module_mismatch); - SUITE_ADD_TEST (suite, test_getslotlist_fail_first); - SUITE_ADD_TEST (suite, test_getslotlist_fail_late); - SUITE_ADD_TEST (suite, test_open_session_fail); - SUITE_ADD_TEST (suite, test_find_init_fail); - SUITE_ADD_TEST (suite, test_find_objects_fail); - SUITE_ADD_TEST (suite, test_load_attributes); - SUITE_ADD_TEST (suite, test_load_attributes_none); - SUITE_ADD_TEST (suite, test_load_attributes_fail_first); - SUITE_ADD_TEST (suite, test_load_attributes_fail_late); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - return ret; + p11_test (test_all, "/iter/test_all"); + p11_test (test_unrecognized, "/iter/test_unrecognized"); + p11_test (test_uri_with_type, "/iter/test_uri_with_type"); + p11_test (test_session_flags, "/iter/test_session_flags"); + p11_test (test_callback, "/iter/test_callback"); + p11_test (test_callback_fails, "/iter/test_callback_fails"); + p11_test (test_callback_destroyer, "/iter/test_callback_destroyer"); + p11_test (test_filter, "/iter/test_filter"); + p11_test (test_with_session, "/iter/test_with_session"); + p11_test (test_with_slot, "/iter/test_with_slot"); + p11_test (test_with_module, "/iter/test_with_module"); + p11_test (test_keep_session, "/iter/test_keep_session"); + p11_test (test_token_match, "/iter/test_token_match"); + p11_test (test_token_mismatch, "/iter/test_token_mismatch"); + p11_test (test_module_match, "/iter/test_module_match"); + p11_test (test_module_mismatch, "/iter/test_module_mismatch"); + p11_test (test_getslotlist_fail_first, "/iter/test_getslotlist_fail_first"); + p11_test (test_getslotlist_fail_late, "/iter/test_getslotlist_fail_late"); + p11_test (test_open_session_fail, "/iter/test_open_session_fail"); + p11_test (test_find_init_fail, "/iter/test_find_init_fail"); + p11_test (test_find_objects_fail, "/iter/test_find_objects_fail"); + p11_test (test_load_attributes, "/iter/test_load_attributes"); + p11_test (test_load_attributes_none, "/iter/test_load_attributes_none"); + p11_test (test_load_attributes_fail_first, "/iter/test_load_attributes_fail_first"); + p11_test (test_load_attributes_fail_late, "/iter/test_load_attributes_fail_late"); + + return p11_test_run (argc, argv); } diff --git a/p11-kit/tests/test-log.c b/p11-kit/tests/test-log.c new file mode 100644 index 0000000..e7dab70 --- /dev/null +++ b/p11-kit/tests/test-log.c @@ -0,0 +1,112 @@ +/* + * Copyright (c) 2013 Red Hat Inc + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#include "config.h" +#include "test.h" + +#include "dict.h" +#include "library.h" +#include "log.h" +#include "mock.h" +#include "modules.h" +#include "p11-kit.h" +#include "virtual.h" + +#include <errno.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +static CK_FUNCTION_LIST_PTR +setup_mock_module (CK_SESSION_HANDLE *session) +{ + CK_FUNCTION_LIST_PTR module; + CK_RV rv; + + p11_lock (); + p11_log_force = true; + + rv = p11_module_load_inlock_reentrant (&mock_module, 0, &module); + assert (rv == CKR_OK); + assert_ptr_not_null (module); + assert (p11_virtual_is_wrapper (module)); + + p11_unlock (); + + rv = p11_kit_module_initialize (module); + assert (rv == CKR_OK); + + if (session) { + rv = (module->C_OpenSession) (MOCK_SLOT_ONE_ID, + CKF_RW_SESSION | CKF_SERIAL_SESSION, + NULL, NULL, session); + assert (rv == CKR_OK); + } + + return module; +} + +static void +teardown_mock_module (CK_FUNCTION_LIST_PTR module) +{ + CK_RV rv; + + rv = p11_kit_module_finalize (module); + assert (rv == CKR_OK); + + p11_lock (); + + rv = p11_module_release_inlock_reentrant (module); + assert (rv == CKR_OK); + + p11_unlock (); +} + +/* Bring in all the mock module tests */ +#include "test-mock.c" + +int +main (int argc, + char *argv[]) +{ + p11_library_init (); + mock_module_init (); + + test_mock_add_tests ("/log"); + + p11_kit_be_quiet (); + p11_log_output = false; + + return p11_test_run (argc, argv); +} diff --git a/p11-kit/tests/test-managed.c b/p11-kit/tests/test-managed.c new file mode 100644 index 0000000..9fc9ffb --- /dev/null +++ b/p11-kit/tests/test-managed.c @@ -0,0 +1,215 @@ +/* + * Copyright (c) 2012 Red Hat Inc + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#include "config.h" +#include "test.h" + +#include "dict.h" +#include "library.h" +#include "mock.h" +#include "modules.h" +#include "p11-kit.h" +#include "virtual.h" + +#include <errno.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +static CK_FUNCTION_LIST_PTR +setup_mock_module (CK_SESSION_HANDLE *session) +{ + CK_FUNCTION_LIST_PTR module; + CK_RV rv; + + p11_lock (); + + rv = p11_module_load_inlock_reentrant (&mock_module, 0, &module); + assert (rv == CKR_OK); + assert_ptr_not_null (module); + assert (p11_virtual_is_wrapper (module)); + + p11_unlock (); + + rv = p11_kit_module_initialize (module); + assert (rv == CKR_OK); + + if (session) { + rv = (module->C_OpenSession) (MOCK_SLOT_ONE_ID, + CKF_RW_SESSION | CKF_SERIAL_SESSION, + NULL, NULL, session); + assert (rv == CKR_OK); + } + + return module; +} + +static void +teardown_mock_module (CK_FUNCTION_LIST_PTR module) +{ + CK_RV rv; + + rv = p11_kit_module_finalize (module); + assert (rv == CKR_OK); + + p11_lock (); + + rv = p11_module_release_inlock_reentrant (module); + assert (rv == CKR_OK); + + p11_unlock (); +} + +static CK_RV +fail_C_Initialize (void *init_reserved) +{ + return CKR_FUNCTION_FAILED; +} + +static void +test_initialize_finalize (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_RV rv; + + p11_lock (); + + rv = p11_module_load_inlock_reentrant (&mock_module, 0, &module); + assert (rv == CKR_OK); + assert_ptr_not_null (module); + assert (p11_virtual_is_wrapper (module)); + + p11_unlock (); + + rv = module->C_Initialize (NULL); + assert (rv == CKR_OK); + + rv = module->C_Initialize (NULL); + assert (rv == CKR_CRYPTOKI_ALREADY_INITIALIZED); + + rv = module->C_Finalize (NULL); + assert (rv == CKR_OK); + + rv = module->C_Finalize (NULL); + assert (rv == CKR_CRYPTOKI_NOT_INITIALIZED); + + p11_lock (); + + rv = p11_module_release_inlock_reentrant (module); + assert (rv == CKR_OK); + + p11_unlock (); +} + +static void +test_initialize_fail (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_FUNCTION_LIST base; + CK_RV rv; + + memcpy (&base, &mock_module, sizeof (CK_FUNCTION_LIST)); + base.C_Initialize = fail_C_Initialize; + + p11_lock (); + + rv = p11_module_load_inlock_reentrant (&base, 0, &module); + assert (rv == CKR_OK); + + p11_unlock (); + + rv = p11_kit_module_initialize (module); + assert (rv == CKR_FUNCTION_FAILED); +} + +static void +test_separate_close_all_sessions (void) +{ + CK_FUNCTION_LIST *first; + CK_FUNCTION_LIST *second; + CK_SESSION_HANDLE s1; + CK_SESSION_HANDLE s2; + CK_SESSION_INFO info; + CK_RV rv; + + first = setup_mock_module (&s1); + second = setup_mock_module (&s2); + + rv = first->C_GetSessionInfo (s1, &info); + assert (rv == CKR_OK); + + rv = second->C_GetSessionInfo (s2, &info); + assert (rv == CKR_OK); + + first->C_CloseAllSessions (MOCK_SLOT_ONE_ID); + assert (rv == CKR_OK); + + rv = first->C_GetSessionInfo (s1, &info); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = second->C_GetSessionInfo (s2, &info); + assert (rv == CKR_OK); + + second->C_CloseAllSessions (MOCK_SLOT_ONE_ID); + assert (rv == CKR_OK); + + rv = first->C_GetSessionInfo (s1, &info); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = second->C_GetSessionInfo (s2, &info); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + teardown_mock_module (first); + teardown_mock_module (second); +} + +/* Bring in all the mock module tests */ +#include "test-mock.c" + +int +main (int argc, + char *argv[]) +{ + mock_module_init (); + p11_library_init (); + + p11_test (test_initialize_finalize, "/managed/test_initialize_finalize"); + p11_test (test_initialize_fail, "/managed/test_initialize_fail"); + p11_test (test_separate_close_all_sessions, "/managed/test_separate_close_all_sessions"); + test_mock_add_tests ("/managed"); + + p11_kit_be_quiet (); + + return p11_test_run (argc, argv); +} diff --git a/p11-kit/tests/test-mock.c b/p11-kit/tests/test-mock.c new file mode 100644 index 0000000..5fba7ec --- /dev/null +++ b/p11-kit/tests/test-mock.c @@ -0,0 +1,1679 @@ +/* + * Copyright (c) 2012 Stefan Walter + * Copyright (c) 2012-2013 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stef@thewalter.net> + */ + +#include "test.h" + +#include "library.h" +#include "mock.h" +#include "p11-kit.h" + +#include <sys/types.h> +#include <assert.h> +#include <string.h> +#include <stdio.h> +#include <stdlib.h> + +static void +test_get_info (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_INFO info; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_GetInfo) (&info); + assert (rv == CKR_OK); + assert (memcmp (&info, &MOCK_INFO, sizeof (CK_INFO)) == 0); + + teardown_mock_module (module); +} + +static void +test_get_slot_list (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SLOT_ID slot_list[8]; + CK_ULONG count = 0; + CK_RV rv; + + module = setup_mock_module (NULL); + + /* Normal module has 2 slots, one with token present */ + rv = (module->C_GetSlotList) (CK_TRUE, NULL, &count); + assert (rv == CKR_OK); + assert_num_eq (MOCK_SLOTS_PRESENT, count); + rv = (module->C_GetSlotList) (CK_FALSE, NULL, &count); + assert (rv == CKR_OK); + assert_num_eq (MOCK_SLOTS_ALL, count); + + count = 8; + rv = (module->C_GetSlotList) (CK_TRUE, slot_list, &count); + assert (rv == CKR_OK); + assert_num_eq (MOCK_SLOTS_PRESENT, count); + assert_num_eq (MOCK_SLOT_ONE_ID, slot_list[0]); + + count = 8; + rv = (module->C_GetSlotList) (CK_FALSE, slot_list, &count); + assert (rv == CKR_OK); + assert_num_eq (MOCK_SLOTS_ALL, count); + assert_num_eq (MOCK_SLOT_ONE_ID, slot_list[0]); + assert_num_eq (MOCK_SLOT_TWO_ID, slot_list[1]); + + teardown_mock_module (module); +} + +static void +test_get_slot_info (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SLOT_INFO info; + char *string; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_GetSlotInfo) (MOCK_SLOT_ONE_ID, &info); + assert (rv == CKR_OK); + string = p11_kit_space_strdup (info.slotDescription, sizeof (info.slotDescription)); + assert_str_eq ("TEST SLOT", string); + free (string); + string = p11_kit_space_strdup (info.manufacturerID, sizeof (info.manufacturerID)); + assert_str_eq ("TEST MANUFACTURER", string); + free (string); + assert_num_eq (CKF_TOKEN_PRESENT | CKF_REMOVABLE_DEVICE, info.flags); + assert_num_eq (55, info.hardwareVersion.major); + assert_num_eq (155, info.hardwareVersion.minor); + assert_num_eq (65, info.firmwareVersion.major); + assert_num_eq (165, info.firmwareVersion.minor); + + rv = (module->C_GetSlotInfo) (MOCK_SLOT_TWO_ID, &info); + assert (rv == CKR_OK); + assert_num_eq (CKF_REMOVABLE_DEVICE, info.flags); + + rv = (module->C_GetSlotInfo) (0, &info); + assert (rv == CKR_SLOT_ID_INVALID); + + teardown_mock_module (module); +} + +static void +test_get_token_info (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_TOKEN_INFO info; + char *string; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_GetTokenInfo) (MOCK_SLOT_ONE_ID, &info); + assert (rv == CKR_OK); + + string = p11_kit_space_strdup (info.label, sizeof (info.label)); + assert_str_eq ("TEST LABEL", string); + free (string); + string = p11_kit_space_strdup (info.manufacturerID, sizeof (info.manufacturerID)); + assert_str_eq ("TEST MANUFACTURER", string); + free (string); + string = p11_kit_space_strdup (info.model, sizeof (info.model)); + assert_str_eq ("TEST MODEL", string); + free (string); + string = p11_kit_space_strdup (info.serialNumber, sizeof (info.serialNumber)); + assert_str_eq ("TEST SERIAL", string); + free (string); + assert_num_eq (CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_CLOCK_ON_TOKEN | CKF_TOKEN_INITIALIZED, info.flags); + assert_num_eq (1, info.ulMaxSessionCount); + assert_num_eq (2, info.ulSessionCount); + assert_num_eq (3, info.ulMaxRwSessionCount); + assert_num_eq (4, info.ulRwSessionCount); + assert_num_eq (5, info.ulMaxPinLen); + assert_num_eq (6, info.ulMinPinLen); + assert_num_eq (7, info.ulTotalPublicMemory); + assert_num_eq (8, info.ulFreePublicMemory); + assert_num_eq (9, info.ulTotalPrivateMemory); + assert_num_eq (10, info.ulFreePrivateMemory); + assert_num_eq (75, info.hardwareVersion.major); + assert_num_eq (175, info.hardwareVersion.minor); + assert_num_eq (85, info.firmwareVersion.major); + assert_num_eq (185, info.firmwareVersion.minor); + assert (memcmp (info.utcTime, "1999052509195900", sizeof (info.utcTime)) == 0); + + rv = (module->C_GetTokenInfo) (MOCK_SLOT_TWO_ID, &info); + assert (rv == CKR_TOKEN_NOT_PRESENT); + + rv = (module->C_GetTokenInfo) (0, &info); + assert (rv == CKR_SLOT_ID_INVALID); + + teardown_mock_module (module); +} + +static void +test_get_mechanism_list (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_MECHANISM_TYPE mechs[8]; + CK_ULONG count = 0; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_GetMechanismList) (MOCK_SLOT_ONE_ID, NULL, &count); + assert (rv == CKR_OK); + assert_num_eq (2, count); + rv = (module->C_GetMechanismList) (MOCK_SLOT_TWO_ID, NULL, &count); + assert (rv == CKR_TOKEN_NOT_PRESENT); + rv = (module->C_GetMechanismList) (0, NULL, &count); + assert (rv == CKR_SLOT_ID_INVALID); + + count = 8; + rv = (module->C_GetMechanismList) (MOCK_SLOT_ONE_ID, mechs, &count); + assert (rv == CKR_OK); + assert_num_eq (2, count); + assert_num_eq (mechs[0], CKM_MOCK_CAPITALIZE); + assert_num_eq (mechs[1], CKM_MOCK_PREFIX); + + teardown_mock_module (module); +} + +static void +test_get_mechanism_info (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_MECHANISM_INFO info; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_GetMechanismInfo) (MOCK_SLOT_ONE_ID, CKM_MOCK_CAPITALIZE, &info); + assert (rv == CKR_OK); + assert_num_eq (512, info.ulMinKeySize); + assert_num_eq (4096, info.ulMaxKeySize); + assert_num_eq (CKF_ENCRYPT | CKF_DECRYPT, info.flags); + + rv = (module->C_GetMechanismInfo) (MOCK_SLOT_ONE_ID, CKM_MOCK_PREFIX, &info); + assert (rv == CKR_OK); + assert_num_eq (2048, info.ulMinKeySize); + assert_num_eq (2048, info.ulMaxKeySize); + assert_num_eq (CKF_SIGN | CKF_VERIFY, info.flags); + + rv = (module->C_GetMechanismInfo) (MOCK_SLOT_TWO_ID, CKM_MOCK_PREFIX, &info); + assert (rv == CKR_TOKEN_NOT_PRESENT); + rv = (module->C_GetMechanismInfo) (MOCK_SLOT_ONE_ID, 0, &info); + assert (rv == CKR_MECHANISM_INVALID); + rv = (module->C_GetMechanismInfo) (0, CKM_MOCK_PREFIX, &info); + assert (rv == CKR_SLOT_ID_INVALID); + + teardown_mock_module (module); +} + +static void +test_init_token (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_InitToken) (MOCK_SLOT_ONE_ID, (CK_UTF8CHAR_PTR)"TEST PIN", 8, (CK_UTF8CHAR_PTR)"TEST LABEL"); + assert (rv == CKR_OK); + + rv = (module->C_InitToken) (MOCK_SLOT_ONE_ID, (CK_UTF8CHAR_PTR)"OTHER", 5, (CK_UTF8CHAR_PTR)"TEST LABEL"); + assert (rv == CKR_PIN_INVALID); + rv = (module->C_InitToken) (MOCK_SLOT_TWO_ID, (CK_UTF8CHAR_PTR)"TEST PIN", 8, (CK_UTF8CHAR_PTR)"TEST LABEL"); + assert (rv == CKR_TOKEN_NOT_PRESENT); + rv = (module->C_InitToken) (0, (CK_UTF8CHAR_PTR)"TEST PIN", 8, (CK_UTF8CHAR_PTR)"TEST LABEL"); + assert (rv == CKR_SLOT_ID_INVALID); + + teardown_mock_module (module); +} + +static void +test_wait_for_slot_event (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SLOT_ID slot; + CK_RV rv; + +#ifdef MOCK_SKIP_WAIT_TEST + return; +#endif + + module = setup_mock_module (NULL); + + rv = (module->C_WaitForSlotEvent) (0, &slot, NULL); + assert (rv == CKR_OK); + assert_num_eq (slot, MOCK_SLOT_TWO_ID); + + rv = (module->C_WaitForSlotEvent) (CKF_DONT_BLOCK, &slot, NULL); + assert (rv == CKR_NO_EVENT); + + teardown_mock_module (module); +} + +static void +test_open_close_session (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_OpenSession) (MOCK_SLOT_TWO_ID, CKF_SERIAL_SESSION, NULL, NULL, &session); + assert (rv == CKR_TOKEN_NOT_PRESENT); + rv = (module->C_OpenSession) (0, CKF_SERIAL_SESSION, NULL, NULL, &session); + assert (rv == CKR_SLOT_ID_INVALID); + + rv = (module->C_OpenSession) (MOCK_SLOT_ONE_ID, CKF_SERIAL_SESSION, NULL, NULL, &session); + assert (rv == CKR_OK); + assert (session != 0); + + rv = (module->C_CloseSession) (session); + assert (rv == CKR_OK); + + rv = (module->C_CloseSession) (session); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + teardown_mock_module (module); +} + +static void +test_close_all_sessions (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_OpenSession) (MOCK_SLOT_ONE_ID, CKF_SERIAL_SESSION, NULL, NULL, &session); + assert (rv == CKR_OK); + assert (session != 0); + + rv = (module->C_CloseAllSessions) (MOCK_SLOT_ONE_ID); + assert (rv == CKR_OK); + + rv = (module->C_CloseSession) (session); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + teardown_mock_module (module); +} + +static void +test_get_function_status (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_GetFunctionStatus) (session); + assert (rv == CKR_FUNCTION_NOT_PARALLEL); + + teardown_mock_module (module); +} + +static void +test_cancel_function (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_CancelFunction) (session); + assert (rv == CKR_FUNCTION_NOT_PARALLEL); + + teardown_mock_module (module); +} + +static void +test_get_session_info (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_SESSION_INFO info; + CK_RV rv; + + module = setup_mock_module (NULL); + + rv = (module->C_GetSessionInfo) (0, &info); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_OpenSession) (MOCK_SLOT_ONE_ID, CKF_SERIAL_SESSION, NULL, NULL, &session); + assert (rv == CKR_OK); + assert (session != 0); + + rv = (module->C_GetSessionInfo) (session, &info); + assert (rv == CKR_OK); + assert_num_eq (MOCK_SLOT_ONE_ID, info.slotID); + assert_num_eq (CKS_RO_PUBLIC_SESSION, info.state); + assert_num_eq (CKF_SERIAL_SESSION, info.flags); + assert_num_eq (1414, info.ulDeviceError); + + rv = (module->C_OpenSession) (MOCK_SLOT_ONE_ID, CKF_RW_SESSION | CKF_SERIAL_SESSION, NULL, NULL, &session); + assert (rv == CKR_OK); + assert (session != 0); + + rv = (module->C_GetSessionInfo) (session, &info); + assert (rv == CKR_OK); + assert_num_eq (MOCK_SLOT_ONE_ID, info.slotID); + assert_num_eq (CKS_RW_PUBLIC_SESSION, info.state); + assert_num_eq (CKF_SERIAL_SESSION | CKF_RW_SESSION, info.flags); + assert_num_eq (1414, info.ulDeviceError); + + teardown_mock_module (module); +} + +static void +test_init_pin (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_InitPIN) (0, (CK_UTF8CHAR_PTR)"TEST PIN", 8); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_InitPIN) (session, (CK_UTF8CHAR_PTR)"TEST PIN", 8); + assert (rv == CKR_OK); + + rv = (module->C_InitPIN) (session, (CK_UTF8CHAR_PTR)"OTHER", 5); + assert (rv == CKR_PIN_INVALID); + + teardown_mock_module (module); +} + +static void +test_set_pin (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_SetPIN) (0, (CK_UTF8CHAR_PTR)"booo", 4, (CK_UTF8CHAR_PTR)"TEST PIN", 8); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_SetPIN) (session, (CK_UTF8CHAR_PTR)"booo", 4, (CK_UTF8CHAR_PTR)"TEST PIN", 8); + assert (rv == CKR_OK); + + rv = (module->C_SetPIN) (session, (CK_UTF8CHAR_PTR)"other", 5, (CK_UTF8CHAR_PTR)"OTHER", 5); + assert (rv == CKR_PIN_INCORRECT); + + teardown_mock_module (module); +} + +static void +test_operation_state (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_BYTE state[128]; + CK_ULONG state_len; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (&session); + + state_len = sizeof (state); + rv = (module->C_GetOperationState) (0, state, &state_len); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + state_len = sizeof (state); + rv = (module->C_GetOperationState) (session, state, &state_len); + assert (rv == CKR_OK); + + rv = (module->C_SetOperationState) (session, state, state_len, 355, 455); + assert (rv == CKR_OK); + + rv = (module->C_SetOperationState) (0, state, state_len, 355, 455); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + teardown_mock_module (module); +} + +static void +test_login_logout (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_Login) (0, CKU_USER, (CK_UTF8CHAR_PTR)"booo", 4); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_Login) (session, CKU_USER, (CK_UTF8CHAR_PTR)"bo", 2); + assert (rv == CKR_PIN_INCORRECT); + + rv = (module->C_Login) (session, CKU_USER, (CK_UTF8CHAR_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_Logout) (session); + assert (rv == CKR_OK); + + rv = (module->C_Logout) (session); + assert (rv == CKR_USER_NOT_LOGGED_IN); + + teardown_mock_module (module); +} + +static void +test_get_attribute_value (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_ATTRIBUTE attrs[8]; + char label[32]; + CK_OBJECT_CLASS klass; + CK_RV rv; + + module = setup_mock_module (&session); + + attrs[0].type = CKA_CLASS; + attrs[0].pValue = &klass; + attrs[0].ulValueLen = sizeof (klass); + attrs[1].type = CKA_LABEL; + attrs[1].pValue = label; + attrs[1].ulValueLen = 2; /* too small */ + attrs[2].type = CKA_BITS_PER_PIXEL; + attrs[2].pValue = NULL; + attrs[2].ulValueLen = 0; + + rv = (module->C_GetAttributeValue) (session, MOCK_PRIVATE_KEY_CAPITALIZE, attrs, 3); + assert (rv == CKR_USER_NOT_LOGGED_IN); + + rv = (module->C_GetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 2); + assert (rv == CKR_BUFFER_TOO_SMALL); + + /* Get right size */ + attrs[1].pValue = NULL; + attrs[1].ulValueLen = 0; + + rv = (module->C_GetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 2); + assert (rv == CKR_OK); + + rv = (module->C_GetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 3); + assert (rv == CKR_ATTRIBUTE_TYPE_INVALID); + + assert_num_eq (CKO_PUBLIC_KEY, klass); + assert_num_eq (21, attrs[1].ulValueLen); + assert_ptr_eq (NULL, attrs[1].pValue); + attrs[1].pValue = label; + attrs[1].ulValueLen = sizeof (label); + assert ((CK_ULONG)-1 == attrs[2].ulValueLen); + assert_ptr_eq (NULL, attrs[2].pValue); + + rv = (module->C_GetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 3); + assert (rv == CKR_ATTRIBUTE_TYPE_INVALID); + + assert_num_eq (CKO_PUBLIC_KEY, klass); + assert_num_eq (21, attrs[1].ulValueLen); + assert_ptr_eq (label, attrs[1].pValue); + assert (memcmp (label, "Public Capitalize Key", attrs[1].ulValueLen) == 0); + assert ((CK_ULONG)-1 == attrs[2].ulValueLen); + assert_ptr_eq (NULL, attrs[2].pValue); + + teardown_mock_module (module); +} + +static void +test_set_attribute_value (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_ATTRIBUTE attrs[8]; + char label[32]; + CK_ULONG bits; + CK_RV rv; + + module = setup_mock_module (&session); + + strcpy (label, "Blahooo"); + bits = 1555; + + attrs[0].type = CKA_LABEL; + attrs[0].pValue = label; + attrs[0].ulValueLen = strlen (label); + attrs[1].type = CKA_BITS_PER_PIXEL; + attrs[1].pValue = &bits; + attrs[1].ulValueLen = sizeof (bits); + + rv = (module->C_SetAttributeValue) (session, MOCK_PRIVATE_KEY_CAPITALIZE, attrs, 2); + assert (rv == CKR_USER_NOT_LOGGED_IN); + + rv = (module->C_SetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 2); + assert (rv == CKR_OK); + + memset (label, 0, sizeof (label)); + bits = 0; + + rv = (module->C_GetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 2); + assert (rv == CKR_OK); + + assert_num_eq (bits, 1555); + assert_num_eq (7, attrs[0].ulValueLen); + assert (memcmp (label, "Blahooo", attrs[0].ulValueLen) == 0); + + teardown_mock_module (module); +} + +static void +test_create_object (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_OBJECT_HANDLE object; + CK_ATTRIBUTE attrs[8]; + char label[32]; + CK_ULONG bits; + CK_RV rv; + + module = setup_mock_module (&session); + + strcpy (label, "Blahooo"); + bits = 1555; + + attrs[0].type = CKA_LABEL; + attrs[0].pValue = label; + attrs[0].ulValueLen = strlen (label); + attrs[1].type = CKA_BITS_PER_PIXEL; + attrs[1].pValue = &bits; + attrs[1].ulValueLen = sizeof (bits); + + rv = (module->C_CreateObject) (0, attrs, 2, &object); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_CreateObject) (session, attrs, 2, &object); + assert (rv == CKR_OK); + + attrs[0].ulValueLen = sizeof (label); + memset (label, 0, sizeof (label)); + bits = 0; + + rv = (module->C_GetAttributeValue) (session, object, attrs, 2); + assert (rv == CKR_OK); + + assert_num_eq (bits, 1555); + assert_num_eq (7, attrs[0].ulValueLen); + assert (memcmp (label, "Blahooo", attrs[0].ulValueLen) == 0); + + teardown_mock_module (module); +} + +static void +test_copy_object (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_OBJECT_HANDLE object; + CK_ATTRIBUTE attrs[8]; + char label[32]; + CK_ULONG bits; + CK_RV rv; + + module = setup_mock_module (&session); + + bits = 1555; + + attrs[0].type = CKA_BITS_PER_PIXEL; + attrs[0].pValue = &bits; + attrs[0].ulValueLen = sizeof (bits); + + rv = (module->C_CopyObject) (session, 1333, attrs, 1, &object); + assert (rv == CKR_OBJECT_HANDLE_INVALID); + + rv = (module->C_CopyObject) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 1, &object); + assert (rv == CKR_OK); + + attrs[1].type = CKA_LABEL; + attrs[1].pValue = label; + attrs[1].ulValueLen = sizeof (label); + bits = 0; + + rv = (module->C_GetAttributeValue) (session, object, attrs, 2); + assert (rv == CKR_OK); + + assert_num_eq (bits, 1555); + assert_num_eq (21, attrs[1].ulValueLen); + assert (memcmp (label, "Public Capitalize Key", attrs[1].ulValueLen) == 0); + + teardown_mock_module (module); +} + +static void +test_destroy_object (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_ATTRIBUTE attrs[8]; + char label[32]; + CK_RV rv; + + module = setup_mock_module (&session); + + attrs[0].type = CKA_LABEL; + attrs[0].pValue = label; + attrs[0].ulValueLen = sizeof (label); + + rv = (module->C_GetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 1); + assert (rv == CKR_OK); + + rv = (module->C_DestroyObject) (0, MOCK_PUBLIC_KEY_CAPITALIZE); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_DestroyObject) (session, MOCK_PUBLIC_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + rv = (module->C_GetAttributeValue) (session, MOCK_PUBLIC_KEY_CAPITALIZE, attrs, 1); + assert (rv == CKR_OBJECT_HANDLE_INVALID); + + teardown_mock_module (module); +} + +static void +test_get_object_size (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_ULONG size; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_GetObjectSize) (session, 1333, &size); + assert (rv == CKR_OBJECT_HANDLE_INVALID); + + rv = (module->C_GetObjectSize) (session, MOCK_PUBLIC_KEY_CAPITALIZE, &size); + assert (rv == CKR_OK); + + /* The number here is the length of all attributes added up */ + assert_num_eq (sizeof (CK_ULONG) == 8 ? 44 : 36, size); + + teardown_mock_module (module); +} + +static void +test_find_objects (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_OBJECT_CLASS klass = CKO_PUBLIC_KEY; + CK_ATTRIBUTE attr = { CKA_CLASS, &klass, sizeof (klass) }; + CK_OBJECT_HANDLE objects[16]; + CK_ULONG count; + CK_ULONG i; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_FindObjectsInit) (0, &attr, 1); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_FindObjectsInit) (session, &attr, 1); + assert (rv == CKR_OK); + + rv = (module->C_FindObjects) (0, objects, 16, &count); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_FindObjects) (session, objects, 16, &count); + assert (rv == CKR_OK); + + assert (count < 16); + + /* Make sure we get the capitalize public key */ + for (i = 0; i < count; i++) { + if (objects[i] == MOCK_PUBLIC_KEY_CAPITALIZE) + break; + } + assert (i != count); + + /* Make sure we get the prefix public key */ + for (i = 0; i < count; i++) { + if (objects[i] == MOCK_PUBLIC_KEY_PREFIX) + break; + } + assert (i != count); + + /* Make sure all public keys */ + for (i = 0; i < count; i++) { + klass = (CK_ULONG)-1; + rv = (module->C_GetAttributeValue) (session, objects[i], &attr, 1); + assert (rv == CKR_OK); + assert_num_eq (CKO_PUBLIC_KEY, klass); + } + + rv = (module->C_FindObjectsFinal) (session); + assert (rv == CKR_OK); + + rv = (module->C_FindObjectsFinal) (session); + assert (rv == CKR_OPERATION_NOT_INITIALIZED); + + teardown_mock_module (module); +} + +static void +test_encrypt (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_CAPITALIZE, NULL, 0 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_EncryptInit) (session, &mech, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_KEY_HANDLE_INVALID); + + rv = (module->C_EncryptInit) (session, &mech, MOCK_PUBLIC_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_Encrypt) (0, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_Encrypt) (session, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (4, length); + assert (memcmp (data, "BLAH", 4) == 0); + + rv = (module->C_EncryptInit) (session, &mech, MOCK_PUBLIC_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_EncryptUpdate) (0, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_EncryptUpdate) (session, (CK_BYTE_PTR)"sLurm", 5, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (5, length); + assert (memcmp (data, "SLURM", 5) == 0); + + length = sizeof (data); + rv = (module->C_EncryptFinal) (0, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_EncryptFinal) (session, data, &length); + assert (rv == CKR_OK); + + teardown_mock_module (module); +} + +static void +test_decrypt (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_CAPITALIZE, NULL, 0 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_Login) (session, CKU_USER, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_DecryptInit) (session, &mech, MOCK_PRIVATE_KEY_PREFIX); + assert (rv == CKR_KEY_HANDLE_INVALID); + + rv = (module->C_DecryptInit) (session, &mech, MOCK_PRIVATE_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_Decrypt) (0, (CK_BYTE_PTR)"bLAH", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_Decrypt) (session, (CK_BYTE_PTR)"BLAh", 4, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (4, length); + assert (memcmp (data, "blah", 4) == 0); + + rv = (module->C_DecryptInit) (session, &mech, MOCK_PRIVATE_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_DecryptUpdate) (0, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_DecryptUpdate) (session, (CK_BYTE_PTR)"sLuRM", 5, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (5, length); + assert (memcmp (data, "slurm", 5) == 0); + + length = sizeof (data); + rv = (module->C_DecryptFinal) (0, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_DecryptFinal) (session, data, &length); + assert (rv == CKR_OK); + + teardown_mock_module (module); +} + +static void +test_digest (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_COUNT, NULL, 0 }; + CK_BYTE digest[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_DigestInit) (0, &mech); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_DigestInit) (session, &mech); + assert (rv == CKR_OK); + + length = sizeof (digest); + rv = (module->C_Digest) (0, (CK_BYTE_PTR)"bLAH", 4, digest, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (digest); + rv = (module->C_Digest) (session, (CK_BYTE_PTR)"BLAh", 4, digest, &length); + assert (rv == CKR_OK); + + assert_num_eq (1, length); + assert (memcmp (digest, "4", 1) == 0); + + rv = (module->C_DigestInit) (session, &mech); + assert (rv == CKR_OK); + + rv = (module->C_DigestUpdate) (0, (CK_BYTE_PTR)"blah", 4); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_DigestUpdate) (session, (CK_BYTE_PTR)"sLuRM", 5); + assert (rv == CKR_OK); + + /* Adds the the value of object handle to hash: 6 */ + assert_num_eq (6, MOCK_PUBLIC_KEY_PREFIX); + rv = (module->C_DigestKey) (session, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_OK); + + rv = (module->C_DigestUpdate) (session, (CK_BYTE_PTR)"Other", 5); + assert (rv == CKR_OK); + + length = sizeof (digest); + rv = (module->C_DigestFinal) (0, digest, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (digest); + rv = (module->C_DigestFinal) (session, digest, &length); + assert (rv == CKR_OK); + + assert_num_eq (2, length); + assert (memcmp (digest, "16", 2) == 0); + + teardown_mock_module (module); +} + +static void +test_sign (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_PREFIX, "prefix:", 7 }; + CK_BYTE signature[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_Login) (session, CKU_USER, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_SignInit) (0, &mech, MOCK_PRIVATE_KEY_PREFIX); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_SignInit) (session, &mech, MOCK_PRIVATE_KEY_PREFIX); + assert (rv == CKR_OK); + + rv = (module->C_Login) (session, CKU_CONTEXT_SPECIFIC, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + length = sizeof (signature); + rv = (module->C_Sign) (0, (CK_BYTE_PTR)"bLAH", 4, signature, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (signature); + rv = (module->C_Sign) (session, (CK_BYTE_PTR)"BLAh", 4, signature, &length); + assert (rv == CKR_OK); + + assert_num_eq (13, length); + assert (memcmp (signature, "prefix:value4", 13) == 0); + + rv = (module->C_SignInit) (session, &mech, MOCK_PRIVATE_KEY_PREFIX); + assert (rv == CKR_OK); + + rv = (module->C_Login) (session, CKU_CONTEXT_SPECIFIC, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_SignUpdate) (0, (CK_BYTE_PTR)"blah", 4); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_SignUpdate) (session, (CK_BYTE_PTR)"sLuRM", 5); + assert (rv == CKR_OK); + + rv = (module->C_SignUpdate) (session, (CK_BYTE_PTR)"Other", 5); + assert (rv == CKR_OK); + + length = sizeof (signature); + rv = (module->C_SignFinal) (0, signature, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (signature); + rv = (module->C_SignFinal) (session, signature, &length); + assert (rv == CKR_OK); + + assert_num_eq (14, length); + assert (memcmp (signature, "prefix:value10", 2) == 0); + + teardown_mock_module (module); +} + +static void +test_sign_recover (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_PREFIX, "prefix:", 7 }; + CK_BYTE signature[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_Login) (session, CKU_USER, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_SignRecoverInit) (0, &mech, MOCK_PRIVATE_KEY_PREFIX); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_SignRecoverInit) (session, &mech, MOCK_PRIVATE_KEY_PREFIX); + assert (rv == CKR_OK); + + rv = (module->C_Login) (session, CKU_CONTEXT_SPECIFIC, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + length = sizeof (signature); + rv = (module->C_SignRecover) (0, (CK_BYTE_PTR)"bLAH", 4, signature, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (signature); + rv = (module->C_SignRecover) (session, (CK_BYTE_PTR)"BLAh", 4, signature, &length); + assert (rv == CKR_OK); + + assert_num_eq (16, length); + assert (memcmp (signature, "prefix:valueBLAh", 16) == 0); + + teardown_mock_module (module); +} + +static void +test_verify (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_PREFIX, "prefix:", 7 }; + CK_BYTE signature[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_VerifyInit) (0, &mech, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_VerifyInit) (session, &mech, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_OK); + + length = 13; + memcpy (signature, "prefix:value4", length); + rv = (module->C_Verify) (0, (CK_BYTE_PTR)"bLAH", 4, signature, 5); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_Verify) (session, (CK_BYTE_PTR)"BLAh", 4, signature, length); + assert (rv == CKR_OK); + + rv = (module->C_VerifyInit) (session, &mech, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_OK); + + rv = (module->C_VerifyUpdate) (0, (CK_BYTE_PTR)"blah", 4); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_VerifyUpdate) (session, (CK_BYTE_PTR)"sLuRM", 5); + assert (rv == CKR_OK); + + rv = (module->C_VerifyUpdate) (session, (CK_BYTE_PTR)"Other", 5); + assert (rv == CKR_OK); + + length = 14; + memcpy (signature, "prefix:value10", length); + + rv = (module->C_VerifyFinal) (session, signature, 5); + assert (rv == CKR_SIGNATURE_LEN_RANGE); + + rv = (module->C_VerifyFinal) (session, signature, length); + assert (rv == CKR_OK); + + teardown_mock_module (module); +} + +static void +test_verify_recover (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_PREFIX, "prefix:", 7 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_VerifyRecoverInit) (0, &mech, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_VerifyRecoverInit) (session, &mech, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_VerifyRecover) (0, (CK_BYTE_PTR)"prefix:valueBLah", 16, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_VerifyRecover) (session, (CK_BYTE_PTR)"prefix:valueBLah", 16, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (4, length); + assert (memcmp (data, "BLah", 4) == 0); + + teardown_mock_module (module); +} + +static void +test_digest_encrypt (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_CAPITALIZE, NULL, 0 }; + CK_MECHANISM dmech = { CKM_MOCK_COUNT, NULL, 0 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_EncryptInit) (session, &mech, MOCK_PUBLIC_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + rv = (module->C_DigestInit) (session, &dmech); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_DigestEncryptUpdate) (0, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_DigestEncryptUpdate) (session, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (4, length); + assert (memcmp (data, "BLAH", 4) == 0); + + length = sizeof (data); + rv = (module->C_EncryptFinal) (session, data, &length); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_DigestFinal) (session, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (1, length); + assert (memcmp (data, "4", 1) == 0); + + teardown_mock_module (module); +} + +static void +test_decrypt_digest (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_CAPITALIZE, NULL, 0 }; + CK_MECHANISM dmech = { CKM_MOCK_COUNT, NULL, 0 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_Login) (session, CKU_USER, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_DecryptInit) (session, &mech, MOCK_PRIVATE_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + rv = (module->C_DigestInit) (session, &dmech); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_DecryptDigestUpdate) (0, (CK_BYTE_PTR)"BLAH", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_DecryptDigestUpdate) (session, (CK_BYTE_PTR)"BLAH", 4, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (4, length); + assert (memcmp (data, "blah", 4) == 0); + + length = sizeof (data); + rv = (module->C_DecryptFinal) (session, data, &length); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_DigestFinal) (session, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (1, length); + assert (memcmp (data, "4", 1) == 0); + + teardown_mock_module (module); +} + +static void +test_sign_encrypt (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_CAPITALIZE, NULL, 0 }; + CK_MECHANISM smech = { CKM_MOCK_PREFIX, "p:", 2 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_Login) (session, CKU_USER, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_EncryptInit) (session, &mech, MOCK_PUBLIC_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + rv = (module->C_SignInit) (session, &smech, MOCK_PRIVATE_KEY_PREFIX); + assert (rv == CKR_OK); + + rv = (module->C_Login) (session, CKU_CONTEXT_SPECIFIC, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_SignEncryptUpdate) (0, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_SignEncryptUpdate) (session, (CK_BYTE_PTR)"blah", 4, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (4, length); + assert (memcmp (data, "BLAH", 4) == 0); + + length = sizeof (data); + rv = (module->C_EncryptFinal) (session, data, &length); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_SignFinal) (session, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (8, length); + assert (memcmp (data, "p:value4", 1) == 0); + + teardown_mock_module (module); +} + +static void +test_decrypt_verify (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_CAPITALIZE, NULL, 0 }; + CK_MECHANISM vmech = { CKM_MOCK_PREFIX, "p:", 2 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_Login) (session, CKU_USER, (CK_BYTE_PTR)"booo", 4); + assert (rv == CKR_OK); + + rv = (module->C_DecryptInit) (session, &mech, MOCK_PRIVATE_KEY_CAPITALIZE); + assert (rv == CKR_OK); + + rv = (module->C_VerifyInit) (session, &vmech, MOCK_PUBLIC_KEY_PREFIX); + assert (rv == CKR_OK); + + length = sizeof (data); + rv = (module->C_DecryptVerifyUpdate) (0, (CK_BYTE_PTR)"BLAH", 4, data, &length); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + length = sizeof (data); + rv = (module->C_DecryptVerifyUpdate) (session, (CK_BYTE_PTR)"BLAH", 4, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (4, length); + assert (memcmp (data, "blah", 4) == 0); + + length = sizeof (data); + rv = (module->C_DecryptFinal) (session, data, &length); + assert (rv == CKR_OK); + + rv = (module->C_VerifyFinal) (session, (CK_BYTE_PTR)"p:value4", 8); + assert (rv == CKR_OK); + + teardown_mock_module (module); +} + +static void +test_generate_key (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_OBJECT_HANDLE object; + CK_MECHANISM mech = { CKM_MOCK_GENERATE, NULL, 0 }; + CK_ATTRIBUTE attrs[8]; + char label[32]; + char value[64]; + CK_ULONG bits; + CK_RV rv; + + module = setup_mock_module (&session); + + strcpy (label, "Blahooo"); + bits = 1555; + + attrs[0].type = CKA_LABEL; + attrs[0].pValue = label; + attrs[0].ulValueLen = strlen (label); + attrs[1].type = CKA_BITS_PER_PIXEL; + attrs[1].pValue = &bits; + attrs[1].ulValueLen = sizeof (bits); + + rv = (module->C_GenerateKey) (session, &mech, attrs, 2, &object); + assert (rv == CKR_MECHANISM_PARAM_INVALID); + + mech.pParameter = "generate"; + mech.ulParameterLen = 9; + + rv = (module->C_GenerateKey) (session, &mech, attrs, 2, &object); + assert (rv == CKR_OK); + + attrs[0].ulValueLen = sizeof (label); + memset (label, 0, sizeof (label)); + bits = 0; + attrs[2].type = CKA_VALUE; + attrs[2].pValue = value; + attrs[2].ulValueLen = sizeof (value); + + rv = (module->C_GetAttributeValue) (session, object, attrs, 3); + assert (rv == CKR_OK); + + assert_num_eq (bits, 1555); + assert_num_eq (7, attrs[0].ulValueLen); + assert (memcmp (label, "Blahooo", attrs[0].ulValueLen) == 0); + assert_num_eq (9, attrs[2].ulValueLen); + assert (memcmp (value, "generated", attrs[2].ulValueLen) == 0); + + teardown_mock_module (module); +} + +static void +test_generate_key_pair (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_OBJECT_HANDLE pub_object; + CK_OBJECT_HANDLE priv_object; + CK_MECHANISM mech = { CKM_MOCK_GENERATE, "generated", 9 }; + CK_ATTRIBUTE pub_attrs[8]; + CK_ATTRIBUTE priv_attrs[8]; + char pub_label[32]; + char pub_value[64]; + char priv_label[32]; + char priv_value[64]; + CK_ULONG pub_bits; + CK_ULONG priv_bits; + CK_RV rv; + + module = setup_mock_module (&session); + + strcpy (pub_label, "Blahooo"); + pub_bits = 1555; + pub_attrs[0].type = CKA_LABEL; + pub_attrs[0].pValue = pub_label; + pub_attrs[0].ulValueLen = strlen (pub_label); + pub_attrs[1].type = CKA_BITS_PER_PIXEL; + pub_attrs[1].pValue = &pub_bits; + pub_attrs[1].ulValueLen = sizeof (pub_bits); + + strcpy (priv_label, "Private"); + priv_bits = 1666; + priv_attrs[0].type = CKA_LABEL; + priv_attrs[0].pValue = priv_label; + priv_attrs[0].ulValueLen = strlen (priv_label); + priv_attrs[1].type = CKA_BITS_PER_PIXEL; + priv_attrs[1].pValue = &priv_bits; + priv_attrs[1].ulValueLen = sizeof (priv_bits); + + rv = (module->C_GenerateKeyPair) (0, &mech, pub_attrs, 2, priv_attrs, 2, + &pub_object, &priv_object); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + mech.pParameter = "generate"; + mech.ulParameterLen = 9; + + rv = (module->C_GenerateKeyPair) (session, &mech, pub_attrs, 2, priv_attrs, 2, + &pub_object, &priv_object); + assert (rv == CKR_OK); + + pub_bits = 0; + pub_attrs[0].ulValueLen = sizeof (pub_label); + memset (pub_label, 0, sizeof (pub_label)); + pub_attrs[2].type = CKA_VALUE; + pub_attrs[2].pValue = pub_value; + pub_attrs[2].ulValueLen = sizeof (pub_value); + + rv = (module->C_GetAttributeValue) (session, pub_object, pub_attrs, 3); + assert (rv == CKR_OK); + + assert_num_eq (1555, pub_bits); + assert_num_eq (7, pub_attrs[0].ulValueLen); + assert (memcmp (pub_label, "Blahooo", pub_attrs[0].ulValueLen) == 0); + assert_num_eq (9, pub_attrs[2].ulValueLen); + assert (memcmp (pub_value, "generated", pub_attrs[2].ulValueLen) == 0); + + priv_bits = 0; + priv_attrs[0].ulValueLen = sizeof (priv_label); + memset (priv_label, 0, sizeof (priv_label)); + priv_attrs[2].type = CKA_VALUE; + priv_attrs[2].pValue = priv_value; + priv_attrs[2].ulValueLen = sizeof (priv_value); + + rv = (module->C_GetAttributeValue) (session, priv_object, priv_attrs, 3); + assert (rv == CKR_OK); + + assert_num_eq (1666, priv_bits); + assert_num_eq (7, priv_attrs[0].ulValueLen); + assert (memcmp (priv_label, "Private", priv_attrs[0].ulValueLen) == 0); + assert_num_eq (9, priv_attrs[2].ulValueLen); + assert (memcmp (priv_value, "generated", priv_attrs[2].ulValueLen) == 0); + + teardown_mock_module (module); +} + +static void +test_wrap_key (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_MECHANISM mech = { CKM_MOCK_WRAP, NULL, 0 }; + CK_BYTE data[128]; + CK_ULONG length; + CK_RV rv; + + module = setup_mock_module (&session); + + length = sizeof (data); + rv = (module->C_WrapKey) (session, &mech, MOCK_PUBLIC_KEY_PREFIX, MOCK_PUBLIC_KEY_PREFIX, data, &length); + assert (rv == CKR_MECHANISM_PARAM_INVALID); + + mech.pParameter = "wrap"; + mech.ulParameterLen = 4; + + rv = (module->C_WrapKey) (session, &mech, MOCK_PUBLIC_KEY_PREFIX, MOCK_PUBLIC_KEY_PREFIX, data, &length); + assert (rv == CKR_OK); + + assert_num_eq (5, length); + assert (memcmp (data, "value", 5) == 0); + + teardown_mock_module (module); +} + +static void +test_unwrap_key (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_OBJECT_HANDLE object; + CK_MECHANISM mech = { CKM_MOCK_WRAP, NULL, 0 }; + CK_ATTRIBUTE attrs[8]; + char label[32]; + char value[64]; + CK_ULONG bits; + CK_RV rv; + + module = setup_mock_module (&session); + + strcpy (label, "Blahooo"); + bits = 1555; + + attrs[0].type = CKA_LABEL; + attrs[0].pValue = label; + attrs[0].ulValueLen = strlen (label); + attrs[1].type = CKA_BITS_PER_PIXEL; + attrs[1].pValue = &bits; + attrs[1].ulValueLen = sizeof (bits); + + rv = (module->C_UnwrapKey) (session, &mech, MOCK_PUBLIC_KEY_PREFIX, + (CK_BYTE_PTR)"wheee", 5, attrs, 2, &object); + assert (rv == CKR_MECHANISM_PARAM_INVALID); + + mech.pParameter = "wrap"; + mech.ulParameterLen = 4; + + rv = (module->C_UnwrapKey) (session, &mech, MOCK_PUBLIC_KEY_PREFIX, + (CK_BYTE_PTR)"wheee", 5, attrs, 2, &object); + assert (rv == CKR_OK); + + attrs[0].ulValueLen = sizeof (label); + memset (label, 0, sizeof (label)); + bits = 0; + attrs[2].type = CKA_VALUE; + attrs[2].pValue = value; + attrs[2].ulValueLen = sizeof (value); + + rv = (module->C_GetAttributeValue) (session, object, attrs, 3); + assert (rv == CKR_OK); + + assert_num_eq (bits, 1555); + assert_num_eq (7, attrs[0].ulValueLen); + assert (memcmp (label, "Blahooo", attrs[0].ulValueLen) == 0); + assert_num_eq (5, attrs[2].ulValueLen); + assert (memcmp (value, "wheee", attrs[2].ulValueLen) == 0); + + teardown_mock_module (module); +} + +static void +test_derive_key (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_OBJECT_HANDLE object; + CK_MECHANISM mech = { CKM_MOCK_DERIVE, NULL, 0 }; + CK_ATTRIBUTE attrs[8]; + char label[32]; + char value[64]; + CK_ULONG bits; + CK_RV rv; + + module = setup_mock_module (&session); + + strcpy (label, "Blahooo"); + bits = 1555; + + attrs[0].type = CKA_LABEL; + attrs[0].pValue = label; + attrs[0].ulValueLen = strlen (label); + attrs[1].type = CKA_BITS_PER_PIXEL; + attrs[1].pValue = &bits; + attrs[1].ulValueLen = sizeof (bits); + + rv = (module->C_DeriveKey) (session, &mech, MOCK_PUBLIC_KEY_PREFIX, + attrs, 2, &object); + assert (rv == CKR_MECHANISM_PARAM_INVALID); + + mech.pParameter = "derive"; + mech.ulParameterLen = 6; + + rv = (module->C_DeriveKey) (session, &mech, MOCK_PUBLIC_KEY_PREFIX, + attrs, 2, &object); + assert (rv == CKR_OK); + + attrs[0].ulValueLen = sizeof (label); + memset (label, 0, sizeof (label)); + bits = 0; + attrs[2].type = CKA_VALUE; + attrs[2].pValue = value; + attrs[2].ulValueLen = sizeof (value); + + rv = (module->C_GetAttributeValue) (session, object, attrs, 3); + assert (rv == CKR_OK); + + assert_num_eq (bits, 1555); + assert_num_eq (7, attrs[0].ulValueLen); + assert (memcmp (label, "Blahooo", attrs[0].ulValueLen) == 0); + assert_num_eq (7, attrs[2].ulValueLen); + assert (memcmp (value, "derived", attrs[2].ulValueLen) == 0); + + teardown_mock_module (module); +} + +static void +test_random (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_SESSION_HANDLE session = 0; + CK_BYTE data[10]; + CK_RV rv; + + module = setup_mock_module (&session); + + rv = (module->C_SeedRandom) (0, (CK_BYTE_PTR)"seed", 4); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_SeedRandom) (session, (CK_BYTE_PTR)"seed", 4); + assert (rv == CKR_OK); + + rv = (module->C_GenerateRandom) (0, data, sizeof (data)); + assert (rv == CKR_SESSION_HANDLE_INVALID); + + rv = (module->C_GenerateRandom) (session, data, sizeof (data)); + assert (rv == CKR_OK); + + assert (memcmp (data, "seedseedse", sizeof (data)) == 0); + + teardown_mock_module (module); +} + +static void +test_mock_add_tests (const char *prefix) +{ + p11_test (test_get_info, "%s/test_get_info", prefix); + p11_test (test_get_slot_list, "%s/test_get_slot_list", prefix); + p11_test (test_get_slot_info, "%s/test_get_slot_info", prefix); + p11_test (test_get_token_info, "%s/test_get_token_info", prefix); + p11_test (test_get_mechanism_list, "%s/test_get_mechanism_list", prefix); + p11_test (test_get_mechanism_info, "%s/test_get_mechanism_info", prefix); + p11_test (test_init_token, "%s/test_init_token", prefix); + p11_test (test_wait_for_slot_event, "%s/test_wait_for_slot_event", prefix); + p11_test (test_open_close_session, "%s/test_open_close_session", prefix); + p11_test (test_close_all_sessions, "%s/test_close_all_sessions", prefix); + p11_test (test_get_function_status, "%s/test_get_function_status", prefix); + p11_test (test_cancel_function, "%s/test_cancel_function", prefix); + p11_test (test_get_session_info, "%s/test_get_session_info", prefix); + p11_test (test_init_pin, "%s/test_init_pin", prefix); + p11_test (test_set_pin, "%s/test_set_pin", prefix); + p11_test (test_operation_state, "%s/test_operation_state", prefix); + p11_test (test_login_logout, "%s/test_login_logout", prefix); + p11_test (test_get_attribute_value, "%s/test_get_attribute_value", prefix); + p11_test (test_set_attribute_value, "%s/test_set_attribute_value", prefix); + p11_test (test_create_object, "%s/test_create_object", prefix); + p11_test (test_copy_object, "%s/test_copy_object", prefix); + p11_test (test_destroy_object, "%s/test_destroy_object", prefix); + p11_test (test_get_object_size, "%s/test_get_object_size", prefix); + p11_test (test_find_objects, "%s/test_find_objects", prefix); + p11_test (test_encrypt, "%s/test_encrypt", prefix); + p11_test (test_decrypt, "%s/test_decrypt", prefix); + p11_test (test_digest, "%s/test_digest", prefix); + p11_test (test_sign, "%s/test_sign", prefix); + p11_test (test_sign_recover, "%s/test_sign_recover", prefix); + p11_test (test_verify, "%s/test_verify", prefix); + p11_test (test_verify_recover, "%s/test_verify_recover", prefix); + p11_test (test_digest_encrypt, "%s/test_digest_encrypt", prefix); + p11_test (test_decrypt_digest, "%s/test_decrypt_digest", prefix); + p11_test (test_sign_encrypt, "%s/test_sign_encrypt", prefix); + p11_test (test_decrypt_verify, "%s/test_decrypt_verify", prefix); + p11_test (test_generate_key, "%s/test_generate_key", prefix); + p11_test (test_generate_key_pair, "%s/test_generate_key_pair", prefix); + p11_test (test_wrap_key, "%s/test_wrap_key", prefix); + p11_test (test_unwrap_key, "%s/test_unwrap_key", prefix); + p11_test (test_derive_key, "%s/test_derive_key", prefix); + p11_test (test_random, "%s/test_random", prefix); +} diff --git a/p11-kit/tests/test-modules.c b/p11-kit/tests/test-modules.c index 3a6e968..d50b2d5 100644 --- a/p11-kit/tests/test-modules.c +++ b/p11-kit/tests/test-modules.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include <errno.h> #include <stdlib.h> @@ -47,32 +47,24 @@ #include "dict.h" static CK_FUNCTION_LIST_PTR_PTR -initialize_and_get_modules (CuTest *tc) +initialize_and_get_modules (void) { CK_FUNCTION_LIST_PTR_PTR modules; - CK_RV rv; - rv = p11_kit_initialize_registered (); - CuAssertIntEquals (tc, CKR_OK, rv); - modules = p11_kit_registered_modules (); - CuAssertTrue (tc, modules != NULL && modules[0] != NULL); + modules = p11_kit_modules_load_and_initialize (0); + assert (modules != NULL && modules[0] != NULL); return modules; } static void -finalize_and_free_modules (CuTest *tc, - CK_FUNCTION_LIST_PTR_PTR modules) +finalize_and_free_modules (CK_FUNCTION_LIST_PTR_PTR modules) { - CK_RV rv; - - free (modules); - rv = p11_kit_finalize_registered (); - CuAssertIntEquals (tc, CKR_OK, rv); + p11_kit_modules_finalize_and_release (modules); } static void -test_no_duplicates (CuTest *tc) +test_no_duplicates (void) { CK_FUNCTION_LIST_PTR_PTR modules; p11_dict *paths; @@ -80,35 +72,34 @@ test_no_duplicates (CuTest *tc) char *path; int i; - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); paths = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, NULL, NULL); funcs = p11_dict_new (p11_dict_direct_hash, p11_dict_direct_equal, NULL, NULL); /* The loaded modules should not contain duplicates */ for (i = 0; modules[i] != NULL; i++) { - path = p11_kit_registered_option (modules[i], "module"); + path = p11_kit_config_option (modules[i], "module"); if (p11_dict_get (funcs, modules[i])) - CuAssert (tc, "found duplicate function list pointer", 0); + assert_fail ("found duplicate function list pointer", NULL); if (p11_dict_get (paths, path)) - CuAssert (tc, "found duplicate path name", 0); + assert_fail ("found duplicate path name", NULL); if (!p11_dict_set (funcs, modules[i], "")) - CuAssert (tc, "shouldn't be reached", 0); + assert_not_reached (); if (!p11_dict_set (paths, path, "")) - CuAssert (tc, "shouldn't be reached", 0); + assert_not_reached (); free (path); } p11_dict_free (paths); p11_dict_free (funcs); - finalize_and_free_modules (tc, modules); + finalize_and_free_modules (modules); } static CK_FUNCTION_LIST_PTR -lookup_module_with_name (CuTest *tc, - CK_FUNCTION_LIST_PTR_PTR modules, +lookup_module_with_name (CK_FUNCTION_LIST_PTR_PTR modules, const char *name) { CK_FUNCTION_LIST_PTR match = NULL; @@ -117,8 +108,8 @@ lookup_module_with_name (CuTest *tc, int i; for (i = 0; match == NULL && modules[i] != NULL; i++) { - module_name = p11_kit_registered_module_to_name (modules[i]); - CuAssertPtrNotNull (tc, module_name); + module_name = p11_kit_module_get_name (modules[i]); + assert_ptr_not_null (module_name); if (strcmp (module_name, name) == 0) match = modules[i]; free (module_name); @@ -128,15 +119,15 @@ lookup_module_with_name (CuTest *tc, * As a side effect, we should check that the results of this function * matches the above search. */ - module = p11_kit_registered_name_to_module (name); - CuAssert(tc, "different result from p11_kit_registered_name_to_module()", - module == match); + module = p11_kit_module_for_name (modules, name); + if (module != match) + assert_fail ("different result from p11_kit_module_for_name ()", NULL); return match; } static void -test_disable (CuTest *tc) +test_disable (void) { CK_FUNCTION_LIST_PTR_PTR modules; @@ -145,9 +136,9 @@ test_disable (CuTest *tc) * that it has disabled. */ - modules = initialize_and_get_modules (tc); - CuAssertTrue (tc, lookup_module_with_name (tc, modules, "four") != NULL); - finalize_and_free_modules (tc, modules); + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "four") != NULL); + finalize_and_free_modules (modules); /* * The module two shouldn't have been loaded, because in its config @@ -158,18 +149,17 @@ test_disable (CuTest *tc) p11_kit_set_progname ("test-disable"); - modules = initialize_and_get_modules (tc); - CuAssertTrue (tc, lookup_module_with_name (tc, modules, "four") == NULL); - finalize_and_free_modules (tc, modules); + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "four") == NULL); + finalize_and_free_modules (modules); p11_kit_set_progname (NULL); } static void -test_disable_later (CuTest *tc) +test_disable_later (void) { CK_FUNCTION_LIST_PTR_PTR modules; - CK_RV rv; /* * The module two shouldn't be matched, because in its config @@ -178,22 +168,19 @@ test_disable_later (CuTest *tc) * disable-in: test-disable */ - rv = p11_kit_initialize_registered (); - CuAssertIntEquals (tc, CKR_OK, rv); - p11_kit_set_progname ("test-disable"); - modules = p11_kit_registered_modules (); - CuAssertTrue (tc, modules != NULL && modules[0] != NULL); + modules = p11_kit_modules_load_and_initialize (0); + assert (modules != NULL && modules[0] != NULL); - CuAssertTrue (tc, lookup_module_with_name (tc, modules, "two") == NULL); - finalize_and_free_modules (tc, modules); + assert (lookup_module_with_name (modules, "two") == NULL); + finalize_and_free_modules (modules); p11_kit_set_progname (NULL); } static void -test_enable (CuTest *tc) +test_enable (void) { CK_FUNCTION_LIST_PTR_PTR modules; @@ -202,9 +189,9 @@ test_enable (CuTest *tc) * program. */ - modules = initialize_and_get_modules (tc); - CuAssertTrue (tc, lookup_module_with_name (tc, modules, "three") == NULL); - finalize_and_free_modules (tc, modules); + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "three") == NULL); + finalize_and_free_modules (modules); /* * The module three should be loaded here , because in its config @@ -215,15 +202,15 @@ test_enable (CuTest *tc) p11_kit_set_progname ("test-enable"); - modules = initialize_and_get_modules (tc); - CuAssertTrue (tc, lookup_module_with_name (tc, modules, "three") != NULL); - finalize_and_free_modules (tc, modules); + modules = initialize_and_get_modules (); + assert (lookup_module_with_name (modules, "three") != NULL); + finalize_and_free_modules (modules); p11_kit_set_progname (NULL); } static void -test_priority (CuTest *tc) +test_priority (void) { CK_FUNCTION_LIST_PTR_PTR modules; char *name; @@ -242,12 +229,12 @@ test_priority (CuTest *tc) /* This enables module three */ p11_kit_set_progname ("test-enable"); - modules = initialize_and_get_modules (tc); + modules = initialize_and_get_modules (); /* The loaded modules should not contain duplicates */ for (i = 0; modules[i] != NULL; i++) { - name = p11_kit_registered_module_to_name (modules[i]); - CuAssertPtrNotNull (tc, name); + name = p11_kit_module_get_name (modules[i]); + assert_ptr_not_null (name); /* Either one of these can be loaded, as this is a duplicate module */ if (strcmp (name, "two-duplicate") == 0) { @@ -255,38 +242,124 @@ test_priority (CuTest *tc) name = strdup ("two.badname"); } - CuAssertStrEquals (tc, expected[i], name); + assert_str_eq (expected[i], name); free (name); } - CuAssertIntEquals (tc, 4, i); - finalize_and_free_modules (tc, modules); + assert_num_eq (4, i); + finalize_and_free_modules (modules); } -int -main (void) +static void +test_module_name (void) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; + CK_FUNCTION_LIST_PTR_PTR modules; + CK_FUNCTION_LIST_PTR module; + char *name; + + /* + * The module three should not be present, as we don't match the current + * program. + */ + + modules = initialize_and_get_modules (); + + module = p11_kit_module_for_name (modules, "one"); + assert_ptr_not_null (module); + name = p11_kit_module_get_name (module); + assert_str_eq ("one", name); + free (name); + + module = p11_kit_module_for_name (modules, "invalid"); + assert_ptr_eq (NULL, module); + + module = p11_kit_module_for_name (NULL, "one"); + assert_ptr_eq (NULL, module); + + finalize_and_free_modules (modules); +} + +static void +test_module_flags (void) +{ + CK_FUNCTION_LIST **modules; + CK_FUNCTION_LIST **unmanaged; + int flags; + + /* + * The module three should not be present, as we don't match the current + * program. + */ + + modules = initialize_and_get_modules (); - putenv ("P11_KIT_STRICT=1"); + flags = p11_kit_module_get_flags (modules[0]); + assert_num_eq (0, flags); + + unmanaged = p11_kit_modules_load (NULL, P11_KIT_MODULE_UNMANAGED); + assert (unmanaged != NULL && unmanaged[0] != NULL); + + flags = p11_kit_module_get_flags (unmanaged[0]); + assert_num_eq (P11_KIT_MODULE_UNMANAGED, flags); + + finalize_and_free_modules (modules); + p11_kit_modules_release (unmanaged); +} + +static void +test_config_option (void) +{ + CK_FUNCTION_LIST_PTR_PTR modules; + CK_FUNCTION_LIST_PTR module; + char *value; + + /* + * The module three should not be present, as we don't match the current + * program. + */ + + modules = initialize_and_get_modules (); + + value = p11_kit_config_option (NULL, "new"); + assert_str_eq ("world", value); + free (value); + + module = p11_kit_module_for_name (modules, "one"); + assert_ptr_not_null (module); + + value = p11_kit_config_option (module, "setting"); + assert_str_eq ("user1", value); + free (value); + + value = p11_kit_config_option (NULL, "invalid"); + assert_ptr_eq (NULL, value); + + value = p11_kit_config_option (module, "invalid"); + assert_ptr_eq (NULL, value); + + /* Invalid but non-NULL module pointer */ + value = p11_kit_config_option (module + 1, "setting"); + assert_ptr_eq (NULL, value); + + finalize_and_free_modules (modules); +} + +int +main (int argc, + char *argv[]) +{ p11_library_init (); - SUITE_ADD_TEST (suite, test_no_duplicates); - SUITE_ADD_TEST (suite, test_disable); - SUITE_ADD_TEST (suite, test_disable_later); - SUITE_ADD_TEST (suite, test_enable); - SUITE_ADD_TEST (suite, test_priority); + p11_test (test_no_duplicates, "/modules/test_no_duplicates"); + p11_test (test_disable, "/modules/test_disable"); + p11_test (test_disable_later, "/modules/test_disable_later"); + p11_test (test_enable, "/modules/test_enable"); + p11_test (test_priority, "/modules/test_priority"); + p11_test (test_module_name, "/modules/test_module_name"); + p11_test (test_module_flags, "/modules/test_module_flags"); + p11_test (test_config_option, "/modules/test_config_option"); p11_kit_be_quiet (); - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - return ret; + return p11_test_run (argc, argv); } diff --git a/p11-kit/tests/pin-test.c b/p11-kit/tests/test-pin.c index dd020bc..ebe3efc 100644 --- a/p11-kit/tests/pin-test.c +++ b/p11-kit/tests/test-pin.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "library.h" @@ -71,7 +71,7 @@ destroy_data (void *callback_data) } static void -test_pin_register_unregister (CuTest *tc) +test_pin_register_unregister (void) { int data = 33; @@ -81,11 +81,11 @@ test_pin_register_unregister (CuTest *tc) p11_kit_pin_unregister_callback ("/the/pin_source", callback_one, &data); - CuAssertIntEquals (tc, 34, data); + assert_num_eq (34, data); } static void -test_pin_read (CuTest *tc) +test_pin_read (void) { P11KitUri *uri; P11KitPin *pin; @@ -101,10 +101,10 @@ test_pin_read (CuTest *tc) P11_KIT_PIN_FLAGS_USER_LOGIN); p11_kit_uri_free (uri); - CuAssertPtrNotNull (tc, pin); + assert_ptr_not_null (pin); ptr = p11_kit_pin_get_value (pin, &length); - CuAssertIntEquals (tc, 3, length); - CuAssertTrue (tc, memcmp (ptr, "one", 3) == 0); + assert_num_eq (3, length); + assert (memcmp (ptr, "one", 3) == 0); p11_kit_pin_unregister_callback ("/the/pin_source", callback_one, &data); @@ -113,7 +113,7 @@ test_pin_read (CuTest *tc) } static void -test_pin_read_no_match (CuTest *tc) +test_pin_read_no_match (void) { P11KitUri *uri; P11KitPin *pin; @@ -123,11 +123,11 @@ test_pin_read_no_match (CuTest *tc) P11_KIT_PIN_FLAGS_USER_LOGIN); p11_kit_uri_free (uri); - CuAssertPtrEquals (tc, NULL, pin); + assert_ptr_eq (NULL, pin); } static void -test_pin_register_duplicate (CuTest *tc) +test_pin_register_duplicate (void) { P11KitUri *uri; P11KitPin *pin; @@ -147,10 +147,10 @@ test_pin_register_duplicate (CuTest *tc) pin = p11_kit_pin_request ("/the/pin_source", uri, "The token", P11_KIT_PIN_FLAGS_USER_LOGIN); - CuAssertPtrNotNull (tc, pin); + assert_ptr_not_null (pin); ptr = p11_kit_pin_get_value (pin, &length); - CuAssertIntEquals (tc, 6, length); - CuAssertTrue (tc, memcmp (ptr, "secret", length) == 0); + assert_num_eq (6, length); + assert (memcmp (ptr, "secret", length) == 0); p11_kit_pin_unref (pin); p11_kit_pin_unregister_callback ("/the/pin_source", callback_other, @@ -159,10 +159,10 @@ test_pin_register_duplicate (CuTest *tc) pin = p11_kit_pin_request ("/the/pin_source", uri, "The token", P11_KIT_PIN_FLAGS_USER_LOGIN); - CuAssertPtrNotNull (tc, pin); + assert_ptr_not_null (pin); ptr = p11_kit_pin_get_value (pin, &length); - CuAssertIntEquals (tc, 3, length); - CuAssertTrue (tc, memcmp (ptr, "one", length) == 0); + assert_num_eq (3, length); + assert (memcmp (ptr, "one", length) == 0); p11_kit_pin_unref (pin); p11_kit_pin_unregister_callback ("/the/pin_source", callback_one, @@ -171,13 +171,13 @@ test_pin_register_duplicate (CuTest *tc) pin = p11_kit_pin_request ("/the/pin_source", uri, "The token", P11_KIT_PIN_FLAGS_USER_LOGIN); - CuAssertPtrEquals (tc, NULL, pin); + assert_ptr_eq (NULL, pin); p11_kit_uri_free (uri); } static void -test_pin_register_fallback (CuTest *tc) +test_pin_register_fallback (void) { char *value = "secret"; P11KitUri *uri; @@ -194,10 +194,10 @@ test_pin_register_fallback (CuTest *tc) pin = p11_kit_pin_request ("/the/pin_source", uri, "The token", P11_KIT_PIN_FLAGS_USER_LOGIN); - CuAssertPtrNotNull (tc, pin); + assert_ptr_not_null (pin); ptr = p11_kit_pin_get_value (pin, &length); - CuAssertIntEquals (tc, 3, length); - CuAssertTrue (tc, memcmp (ptr, "one", length) == 0); + assert_num_eq (3, length); + assert (memcmp (ptr, "one", length) == 0); p11_kit_pin_unref (pin); p11_kit_pin_register_callback ("/the/pin_source", callback_other, @@ -206,10 +206,10 @@ test_pin_register_fallback (CuTest *tc) pin = p11_kit_pin_request ("/the/pin_source", uri, "The token", P11_KIT_PIN_FLAGS_USER_LOGIN); - CuAssertPtrNotNull (tc, pin); + assert_ptr_not_null (pin); ptr = p11_kit_pin_get_value (pin, &length); - CuAssertIntEquals (tc, 6, length); - CuAssertTrue (tc, memcmp (ptr, "secret", length) == 0); + assert_num_eq (6, length); + assert (memcmp (ptr, "secret", length) == 0); p11_kit_pin_unref (pin); p11_kit_pin_unregister_callback ("/the/pin_source", callback_other, @@ -222,7 +222,7 @@ test_pin_register_fallback (CuTest *tc) } static void -test_pin_file (CuTest *tc) +test_pin_file (void) { P11KitUri *uri; P11KitPin *pin; @@ -237,16 +237,16 @@ test_pin_file (CuTest *tc) pin = p11_kit_pin_request (SRCDIR "/files/test-pinfile", uri, "The token", P11_KIT_PIN_FLAGS_USER_LOGIN); - CuAssertPtrNotNull (tc, pin); + assert_ptr_not_null (pin); ptr = p11_kit_pin_get_value (pin, &length); - CuAssertIntEquals (tc, 12, length); - CuAssertTrue (tc, memcmp (ptr, "yogabbagabba", length) == 0); + assert_num_eq (12, length); + assert (memcmp (ptr, "yogabbagabba", length) == 0); p11_kit_pin_unref (pin); pin = p11_kit_pin_request (SRCDIR "/files/nonexistant", uri, "The token", P11_KIT_PIN_FLAGS_USER_LOGIN); - CuAssertPtrEquals (tc, NULL, pin); + assert_ptr_eq (NULL, pin); p11_kit_pin_unregister_callback (P11_KIT_PIN_FALLBACK, p11_kit_pin_file_callback, NULL); @@ -255,7 +255,7 @@ test_pin_file (CuTest *tc) } static void -test_pin_file_large (CuTest *tc) +test_pin_file_large (void) { P11KitUri *uri; P11KitPin *pin; @@ -270,8 +270,8 @@ test_pin_file_large (CuTest *tc) P11_KIT_PIN_FLAGS_USER_LOGIN); error = errno; - CuAssertPtrEquals (tc, NULL, pin); - CuAssertIntEquals (tc, EFBIG, error); + assert_ptr_eq (NULL, pin); + assert_num_eq (EFBIG, error); p11_kit_pin_unregister_callback (P11_KIT_PIN_FALLBACK, p11_kit_pin_file_callback, NULL); @@ -280,7 +280,7 @@ test_pin_file_large (CuTest *tc) } static void -test_pin_ref_unref (CuTest *tc) +test_pin_ref_unref (void) { P11KitPin *pin; P11KitPin *check; @@ -288,38 +288,26 @@ test_pin_ref_unref (CuTest *tc) pin = p11_kit_pin_new_for_string ("crack of lies"); check = p11_kit_pin_ref (pin); - CuAssertPtrEquals (tc, pin, check); + assert_ptr_eq (pin, check); p11_kit_pin_unref (pin); p11_kit_pin_unref (check); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); p11_library_init (); - SUITE_ADD_TEST (suite, test_pin_register_unregister); - SUITE_ADD_TEST (suite, test_pin_read); - SUITE_ADD_TEST (suite, test_pin_read_no_match); - SUITE_ADD_TEST (suite, test_pin_register_duplicate); - SUITE_ADD_TEST (suite, test_pin_register_fallback); - SUITE_ADD_TEST (suite, test_pin_file); - SUITE_ADD_TEST (suite, test_pin_file_large); - SUITE_ADD_TEST (suite, test_pin_ref_unref); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_pin_register_unregister, "/pin/test_pin_register_unregister"); + p11_test (test_pin_read, "/pin/test_pin_read"); + p11_test (test_pin_read_no_match, "/pin/test_pin_read_no_match"); + p11_test (test_pin_register_duplicate, "/pin/test_pin_register_duplicate"); + p11_test (test_pin_register_fallback, "/pin/test_pin_register_fallback"); + p11_test (test_pin_file, "/pin/test_pin_file"); + p11_test (test_pin_file_large, "/pin/test_pin_file_large"); + p11_test (test_pin_ref_unref, "/pin/test_pin_ref_unref"); + + return p11_test_run (argc, argv); } diff --git a/p11-kit/tests/progname-test.c b/p11-kit/tests/test-progname.c index 18a8c55..76b136d 100644 --- a/p11-kit/tests/progname-test.c +++ b/p11-kit/tests/test-progname.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "library.h" @@ -47,52 +47,40 @@ #include "p11-kit/private.h" static void -test_progname_default (CuTest *tc) +test_progname_default (void) { const char *progname; progname = _p11_get_progname_unlocked (); - CuAssertStrEquals (tc, "progname-test", progname); + assert_str_eq ("test-progname", progname); } static void -test_progname_set (CuTest *tc) +test_progname_set (void) { const char *progname; p11_kit_set_progname ("love-generation"); progname = _p11_get_progname_unlocked (); - CuAssertStrEquals (tc, "love-generation", progname); + assert_str_eq ("love-generation", progname); _p11_set_progname_unlocked (NULL); progname = _p11_get_progname_unlocked (); - CuAssertStrEquals (tc, "progname-test", progname); + assert_str_eq ("test-progname", progname); } /* Defined in util.c */ extern char p11_my_progname[]; int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); p11_library_init (); - SUITE_ADD_TEST (suite, test_progname_default); - SUITE_ADD_TEST (suite, test_progname_set); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - return ret; + p11_test (test_progname_default, "/progname/test_progname_default"); + p11_test (test_progname_set, "/progname/test_progname_set"); + return p11_test_run (argc, argv); } diff --git a/p11-kit/tests/test-proxy.c b/p11-kit/tests/test-proxy.c new file mode 100644 index 0000000..bf5007d --- /dev/null +++ b/p11-kit/tests/test-proxy.c @@ -0,0 +1,195 @@ +/* + * Copyright (c) 2013 Red Hat Inc + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#define CRYPTOKI_EXPORTS + +#include "config.h" +#include "test.h" + +#include "library.h" +#include "mock.h" +#include "p11-kit.h" +#include "pkcs11.h" +#include "proxy.h" + +#include <sys/types.h> + +#include <assert.h> +#include <errno.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> +#include <time.h> +#include <unistd.h> + +/* This is the proxy module entry point in proxy.c, and linked to this test */ +CK_RV C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list); + +static CK_SLOT_ID mock_slot_one_id; +static CK_SLOT_ID mock_slot_two_id; +static CK_ULONG mock_slots_present; +static CK_ULONG mock_slots_all; + +static void +test_initialize_finalize (void) +{ + CK_FUNCTION_LIST_PTR proxy; + CK_RV rv; + + rv = C_GetFunctionList (&proxy); + assert (rv == CKR_OK); + + assert (p11_proxy_module_check (proxy)); + + rv = proxy->C_Initialize (NULL); + assert (rv == CKR_OK); + + rv = proxy->C_Finalize (NULL); + assert (rv == CKR_OK); + + p11_proxy_module_cleanup (); +} + +static void +test_initialize_multiple (void) +{ + CK_FUNCTION_LIST_PTR proxy; + CK_RV rv; + + rv = C_GetFunctionList (&proxy); + assert (rv == CKR_OK); + + assert (p11_proxy_module_check (proxy)); + + rv = proxy->C_Initialize (NULL); + assert (rv == CKR_OK); + + rv = proxy->C_Initialize (NULL); + assert (rv == CKR_OK); + + rv = proxy->C_Finalize (NULL); + assert (rv == CKR_OK); + + rv = proxy->C_Finalize (NULL); + assert (rv == CKR_OK); + + rv = proxy->C_Finalize (NULL); + assert (rv == CKR_CRYPTOKI_NOT_INITIALIZED); + + p11_proxy_module_cleanup (); +} + +static CK_FUNCTION_LIST_PTR +setup_mock_module (CK_SESSION_HANDLE *session) +{ + CK_FUNCTION_LIST_PTR proxy; + CK_SLOT_ID slots[32]; + CK_RV rv; + + rv = C_GetFunctionList (&proxy); + assert (rv == CKR_OK); + + assert (p11_proxy_module_check (proxy)); + + rv = proxy->C_Initialize (NULL); + assert (rv == CKR_OK); + + mock_slots_all = 32; + rv = proxy->C_GetSlotList (CK_FALSE, slots, &mock_slots_all); + assert (rv == CKR_OK); + assert (mock_slots_all >= 2); + + /* Assume this is the slot we want to deal with */ + mock_slot_one_id = slots[0]; + mock_slot_two_id = slots[1]; + + rv = proxy->C_GetSlotList (CK_TRUE, NULL, &mock_slots_present); + assert (rv == CKR_OK); + assert (mock_slots_present > 1); + + if (session) { + rv = (proxy->C_OpenSession) (mock_slot_one_id, + CKF_RW_SESSION | CKF_SERIAL_SESSION, + NULL, NULL, session); + assert (rv == CKR_OK); + } + + return proxy; +} + +static void +teardown_mock_module (CK_FUNCTION_LIST_PTR module) +{ + CK_RV rv; + + rv = module->C_Finalize (NULL); + assert (rv == CKR_OK); +} + +/* + * We redefine the mock module slot id so that the tests in test-mock.c + * use the proxy mapped slot id rather than the hard coded one + */ +#define MOCK_SLOT_ONE_ID mock_slot_one_id +#define MOCK_SLOT_TWO_ID mock_slot_two_id +#define MOCK_SLOTS_PRESENT mock_slots_present +#define MOCK_SLOTS_ALL mock_slots_all +#define MOCK_INFO mock_info +#define MOCK_SKIP_WAIT_TEST + +static const CK_INFO mock_info = { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, + "PKCS#11 Kit ", + 0, + "PKCS#11 Kit Proxy Module ", + { 1, 1 } +}; + +/* Bring in all the mock module tests */ +#include "test-mock.c" + +int +main (int argc, + char *argv[]) +{ + p11_library_init (); + p11_kit_be_quiet (); + + p11_test (test_initialize_finalize, "/proxy/initialize-finalize"); + p11_test (test_initialize_multiple, "/proxy/initialize-multiple"); + + test_mock_add_tests ("/proxy"); + + return p11_test_run (argc, argv); +} diff --git a/p11-kit/tests/uri-test.c b/p11-kit/tests/test-uri.c index 2bc121c..f514f7a 100644 --- a/p11-kit/tests/uri-test.c +++ b/p11-kit/tests/test-uri.c @@ -33,7 +33,7 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "debug.h" #include "message.h" @@ -75,138 +75,138 @@ are_attributes_empty (P11KitUri *uri) } static void -test_uri_parse (CuTest *tc) +test_uri_parse (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:", P11_KIT_URI_FOR_MODULE, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); - CuAssertTrue (tc, is_module_empty (uri)); - CuAssertTrue (tc, is_token_empty (uri)); - CuAssertTrue (tc, are_attributes_empty (uri)); + assert (is_module_empty (uri)); + assert (is_token_empty (uri)); + assert (are_attributes_empty (uri)); p11_kit_uri_free (uri); } static void -test_uri_parse_bad_scheme (CuTest *tc) +test_uri_parse_bad_scheme (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("http:\\example.com\test", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_SCHEME, ret); + assert_num_eq (P11_KIT_URI_BAD_SCHEME, ret); p11_kit_uri_free (uri); } static void -test_uri_parse_with_label (CuTest *tc) +test_uri_parse_with_label (void) { CK_ATTRIBUTE_PTR attr; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=Test%20Label", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); - CuAssertTrue (tc, is_module_empty (uri)); - CuAssertTrue (tc, is_token_empty (uri)); + assert (is_module_empty (uri)); + assert (is_token_empty (uri)); attr = p11_kit_uri_get_attribute (uri, CKA_LABEL); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == strlen ("Test Label")); - CuAssertTrue (tc, memcmp (attr->pValue, "Test Label", attr->ulValueLen) == 0); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == strlen ("Test Label")); + assert (memcmp (attr->pValue, "Test Label", attr->ulValueLen) == 0); p11_kit_uri_free (uri); } static void -test_uri_parse_with_label_and_klass (CuTest *tc) +test_uri_parse_with_label_and_klass (void) { CK_ATTRIBUTE_PTR attr; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=Test%20Label;object-type=cert", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_LABEL); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == strlen ("Test Label")); - CuAssertTrue (tc, memcmp (attr->pValue, "Test Label", attr->ulValueLen) == 0); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == strlen ("Test Label")); + assert (memcmp (attr->pValue, "Test Label", attr->ulValueLen) == 0); attr = p11_kit_uri_get_attribute (uri, CKA_CLASS); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); - CuAssertTrue (tc, *((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_CERTIFICATE); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); + assert (*((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_CERTIFICATE); p11_kit_uri_free (uri); } static void -test_uri_parse_with_id (CuTest *tc) +test_uri_parse_with_id (void) { CK_ATTRIBUTE_PTR attr; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:id=%54%45%53%54%00", P11_KIT_URI_FOR_OBJECT, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); /* Note that there's a NULL in the attribute (end) */ attr = p11_kit_uri_get_attribute (uri, CKA_ID); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == 5); - CuAssertTrue (tc, memcmp (attr->pValue, "TEST", 5) == 0); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == 5); + assert (memcmp (attr->pValue, "TEST", 5) == 0); p11_kit_uri_free (uri); } static void -test_uri_parse_with_bad_string_encoding (CuTest *tc) +test_uri_parse_with_bad_string_encoding (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=Test%", P11_KIT_URI_FOR_OBJECT, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_ENCODING, ret); + assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); } static void -test_uri_parse_with_bad_hex_encoding (CuTest *tc) +test_uri_parse_with_bad_hex_encoding (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=T%xxest", P11_KIT_URI_FOR_OBJECT, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_ENCODING, ret); + assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); } @@ -226,131 +226,131 @@ is_space_string (CK_UTF8CHAR_PTR string, CK_ULONG size, const char *check) } static void -test_uri_parse_with_token (CuTest *tc) +test_uri_parse_with_token (void) { P11KitUri *uri = NULL; CK_TOKEN_INFO_PTR token; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:token=Token%20Label;serial=3333;model=Deluxe;manufacturer=Me", P11_KIT_URI_FOR_TOKEN, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); token = p11_kit_uri_get_token_info (uri); - CuAssertTrue (tc, is_space_string (token->label, sizeof (token->label), "Token Label")); - CuAssertTrue (tc, is_space_string (token->serialNumber, sizeof (token->serialNumber), "3333")); - CuAssertTrue (tc, is_space_string (token->model, sizeof (token->model), "Deluxe")); - CuAssertTrue (tc, is_space_string (token->manufacturerID, sizeof (token->manufacturerID), "Me")); + assert (is_space_string (token->label, sizeof (token->label), "Token Label")); + assert (is_space_string (token->serialNumber, sizeof (token->serialNumber), "3333")); + assert (is_space_string (token->model, sizeof (token->model), "Deluxe")); + assert (is_space_string (token->manufacturerID, sizeof (token->manufacturerID), "Me")); p11_kit_uri_free (uri); } static void -test_uri_parse_with_token_bad_encoding (CuTest *tc) +test_uri_parse_with_token_bad_encoding (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:token=Token%", P11_KIT_URI_FOR_TOKEN, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_ENCODING, ret); + assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); } static void -test_uri_parse_with_bad_syntax (CuTest *tc) +test_uri_parse_with_bad_syntax (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:token", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_SYNTAX, ret); + assert_num_eq (P11_KIT_URI_BAD_SYNTAX, ret); p11_kit_uri_free (uri); } static void -test_uri_parse_with_spaces (CuTest *tc) +test_uri_parse_with_spaces (void) { P11KitUri *uri = NULL; CK_INFO_PTR info; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkc\ns11: lib rary-desc\rrip \n tion =The%20Library;\n\n\nlibrary-manufacturer=\rMe", P11_KIT_URI_FOR_MODULE, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); info = p11_kit_uri_get_module_info (uri); - CuAssertTrue (tc, is_space_string (info->manufacturerID, sizeof (info->manufacturerID), "Me")); - CuAssertTrue (tc, is_space_string (info->libraryDescription, sizeof (info->libraryDescription), "The Library")); + assert (is_space_string (info->manufacturerID, sizeof (info->manufacturerID), "Me")); + assert (is_space_string (info->libraryDescription, sizeof (info->libraryDescription), "The Library")); p11_kit_uri_free (uri); } static void -test_uri_parse_with_library (CuTest *tc) +test_uri_parse_with_library (void) { P11KitUri *uri = NULL; CK_INFO_PTR info; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-description=The%20Library;library-manufacturer=Me", P11_KIT_URI_FOR_MODULE, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); info = p11_kit_uri_get_module_info (uri); - CuAssertTrue (tc, is_space_string (info->manufacturerID, sizeof (info->manufacturerID), "Me")); - CuAssertTrue (tc, is_space_string (info->libraryDescription, sizeof (info->libraryDescription), "The Library")); + assert (is_space_string (info->manufacturerID, sizeof (info->manufacturerID), "Me")); + assert (is_space_string (info->libraryDescription, sizeof (info->libraryDescription), "The Library")); p11_kit_uri_free (uri); } static void -test_uri_parse_with_library_bad_encoding (CuTest *tc) +test_uri_parse_with_library_bad_encoding (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-description=Library%", P11_KIT_URI_FOR_MODULE, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_ENCODING, ret); + assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); } static void -test_uri_build_empty (CuTest *tc) +test_uri_build_empty (void) { P11KitUri *uri; char *string; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertStrEquals (tc, "pkcs11:", string); + assert_num_eq (P11_KIT_URI_OK, ret); + assert_str_eq ("pkcs11:", string); free (string); p11_kit_uri_free (uri); @@ -366,7 +366,7 @@ set_space_string (CK_BYTE_PTR buffer, CK_ULONG length, const char *string) } static void -test_uri_build_with_token_info (CuTest *tc) +test_uri_build_with_token_info (void) { char *string = NULL; P11KitUri *uri; @@ -375,7 +375,7 @@ test_uri_build_with_token_info (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); token = p11_kit_uri_get_token_info (uri); set_space_string (token->label, sizeof (token->label), "The Label"); @@ -384,30 +384,30 @@ test_uri_build_with_token_info (CuTest *tc) set_space_string (token->model, sizeof (token->model), "Deluxe"); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertPtrNotNull (tc, string); + assert_num_eq (P11_KIT_URI_OK, ret); + assert_ptr_not_null (string); check = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, check); + assert_ptr_not_null (check); ret = p11_kit_uri_parse (string, P11_KIT_URI_FOR_TOKEN, check); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); p11_kit_uri_match_token_info (check, p11_kit_uri_get_token_info (uri)); p11_kit_uri_free (uri); p11_kit_uri_free (check); - CuAssertTrue (tc, strstr (string, "token=The%20Label") != NULL); - CuAssertTrue (tc, strstr (string, "serial=44444") != NULL); - CuAssertTrue (tc, strstr (string, "manufacturer=Me") != NULL); - CuAssertTrue (tc, strstr (string, "model=Deluxe") != NULL); + assert (strstr (string, "token=The%20Label") != NULL); + assert (strstr (string, "serial=44444") != NULL); + assert (strstr (string, "manufacturer=Me") != NULL); + assert (strstr (string, "model=Deluxe") != NULL); free (string); } static void -test_uri_build_with_token_null_info (CuTest *tc) +test_uri_build_with_token_null_info (void) { char *string = NULL; P11KitUri *uri; @@ -415,23 +415,23 @@ test_uri_build_with_token_null_info (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); token = p11_kit_uri_get_token_info (uri); set_space_string (token->label, sizeof (token->label), "The Label"); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "token=The%20Label") != NULL); - CuAssertTrue (tc, strstr (string, "serial=") == NULL); + assert (strstr (string, "token=The%20Label") != NULL); + assert (strstr (string, "serial=") == NULL); free (string); p11_kit_uri_free (uri); } static void -test_uri_build_with_token_empty_info (CuTest *tc) +test_uri_build_with_token_empty_info (void) { char *string = NULL; P11KitUri *uri; @@ -439,24 +439,24 @@ test_uri_build_with_token_empty_info (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); token = p11_kit_uri_get_token_info (uri); set_space_string (token->label, sizeof (token->label), ""); set_space_string (token->serialNumber, sizeof (token->serialNumber), ""); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "token=") != NULL); - CuAssertTrue (tc, strstr (string, "serial=") != NULL); + assert (strstr (string, "token=") != NULL); + assert (strstr (string, "serial=") != NULL); free (string); p11_kit_uri_free (uri); } static void -test_uri_build_with_attributes (CuTest *tc) +test_uri_build_with_attributes (void) { char *string = NULL; P11KitUri *uri; @@ -467,7 +467,7 @@ test_uri_build_with_attributes (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); at.type = CKA_LABEL; at.pValue = "The Label"; @@ -486,175 +486,175 @@ test_uri_build_with_attributes (CuTest *tc) ret = p11_kit_uri_set_attribute (uri, &at); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); check = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, check); + assert_ptr_not_null (check); ret = p11_kit_uri_parse (string, P11_KIT_URI_FOR_ANY, check); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (check, CKA_LABEL); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == 9); - CuAssertTrue (tc, memcmp (attr->pValue, "The Label", attr->ulValueLen) == 0); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == 9); + assert (memcmp (attr->pValue, "The Label", attr->ulValueLen) == 0); attr = p11_kit_uri_get_attribute (check, CKA_CLASS); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == sizeof (klass)); - CuAssertTrue (tc, *((CK_OBJECT_CLASS_PTR)attr->pValue) == klass); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == sizeof (klass)); + assert (*((CK_OBJECT_CLASS_PTR)attr->pValue) == klass); attr = p11_kit_uri_get_attribute (check, CKA_ID); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == 5); - CuAssertTrue (tc, memcmp (attr->pValue, "HELLO", attr->ulValueLen) == 0); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == 5); + assert (memcmp (attr->pValue, "HELLO", attr->ulValueLen) == 0); p11_kit_uri_free (check); - CuAssertTrue (tc, strstr (string, "object=The%20Label") != NULL); - CuAssertTrue (tc, strstr (string, "object-type=data") != NULL); - CuAssertTrue (tc, strstr (string, "id=%48%45%4c%4c%4f") != NULL); + assert (strstr (string, "object=The%20Label") != NULL); + assert (strstr (string, "object-type=data") != NULL); + assert (strstr (string, "id=%48%45%4c%4c%4f") != NULL); free (string); p11_kit_uri_free (uri); } static void -test_uri_parse_private_key (CuTest *tc) +test_uri_parse_private_key (void) { P11KitUri *uri; CK_ATTRIBUTE_PTR attr; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object-type=private", P11_KIT_URI_FOR_OBJECT, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_CLASS); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); - CuAssertTrue (tc, *((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_PRIVATE_KEY); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); + assert (*((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_PRIVATE_KEY); p11_kit_uri_free (uri); } static void -test_uri_parse_secret_key (CuTest *tc) +test_uri_parse_secret_key (void) { P11KitUri *uri; CK_ATTRIBUTE_PTR attr; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object-type=secret-key", P11_KIT_URI_FOR_OBJECT, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_CLASS); - CuAssertPtrNotNull (tc, attr); - CuAssertTrue (tc, attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); - CuAssertTrue (tc, *((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_SECRET_KEY); + assert_ptr_not_null (attr); + assert (attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); + assert (*((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_SECRET_KEY); p11_kit_uri_free (uri); } static void -test_uri_parse_library_version (CuTest *tc) +test_uri_parse_library_version (void) { P11KitUri *uri; CK_INFO_PTR info; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-version=2.101", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); info = p11_kit_uri_get_module_info (uri); - CuAssertIntEquals (tc, 2, info->libraryVersion.major); - CuAssertIntEquals (tc, 101, info->libraryVersion.minor); + assert_num_eq (2, info->libraryVersion.major); + assert_num_eq (101, info->libraryVersion.minor); ret = p11_kit_uri_parse ("pkcs11:library-version=23", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); info = p11_kit_uri_get_module_info (uri); - CuAssertIntEquals (tc, 23, info->libraryVersion.major); - CuAssertIntEquals (tc, 0, info->libraryVersion.minor); + assert_num_eq (23, info->libraryVersion.major); + assert_num_eq (0, info->libraryVersion.minor); ret = p11_kit_uri_parse ("pkcs11:library-version=23.", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_VERSION, ret); + assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=a.a", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_VERSION, ret); + assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=.23", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_VERSION, ret); + assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=1000", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_VERSION, ret); + assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=2.1000", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); - CuAssertIntEquals (tc, P11_KIT_URI_BAD_VERSION, ret); + assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); p11_kit_uri_free (uri); } static void -test_uri_parse_parse_unknown_object_type (CuTest *tc) +test_uri_parse_parse_unknown_object_type (void) { P11KitUri *uri; CK_ATTRIBUTE_PTR attr; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object-type=unknown", P11_KIT_URI_FOR_OBJECT, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_CLASS); - CuAssertPtrEquals (tc, NULL, attr); + assert_ptr_eq (NULL, attr); p11_kit_uri_free (uri); } static void -test_uri_parse_unrecognized (CuTest *tc) +test_uri_parse_unrecognized (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:x-blah=some-value", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_any_unrecognized (uri); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); p11_kit_uri_free (uri); } static void -test_uri_parse_too_long_is_unrecognized (CuTest *tc) +test_uri_parse_too_long_is_unrecognized (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:model=a-value-that-is-too-long-for-the-field-that-it-goes-with", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_any_unrecognized (uri); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); p11_kit_uri_free (uri); } @@ -662,7 +662,7 @@ test_uri_parse_too_long_is_unrecognized (CuTest *tc) static void -test_uri_build_object_type_cert (CuTest *tc) +test_uri_build_object_type_cert (void) { CK_ATTRIBUTE attr; CK_OBJECT_CLASS klass; @@ -671,7 +671,7 @@ test_uri_build_object_type_cert (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); klass = CKO_CERTIFICATE; attr.type = CKA_CLASS; @@ -680,15 +680,15 @@ test_uri_build_object_type_cert (CuTest *tc) p11_kit_uri_set_attribute (uri, &attr); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "object-type=cert") != NULL); + assert_num_eq (P11_KIT_URI_OK, ret); + assert (strstr (string, "object-type=cert") != NULL); p11_kit_uri_free (uri); free (string); } static void -test_uri_build_object_type_private (CuTest *tc) +test_uri_build_object_type_private (void) { CK_ATTRIBUTE attr; CK_OBJECT_CLASS klass; @@ -697,7 +697,7 @@ test_uri_build_object_type_private (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); klass = CKO_PRIVATE_KEY; attr.type = CKA_CLASS; @@ -706,15 +706,15 @@ test_uri_build_object_type_private (CuTest *tc) p11_kit_uri_set_attribute (uri, &attr); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "object-type=private") != NULL); + assert_num_eq (P11_KIT_URI_OK, ret); + assert (strstr (string, "object-type=private") != NULL); p11_kit_uri_free (uri); free (string); } static void -test_uri_build_object_type_public (CuTest *tc) +test_uri_build_object_type_public (void) { CK_ATTRIBUTE attr; CK_OBJECT_CLASS klass; @@ -723,7 +723,7 @@ test_uri_build_object_type_public (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); klass = CKO_PUBLIC_KEY; attr.type = CKA_CLASS; @@ -732,15 +732,15 @@ test_uri_build_object_type_public (CuTest *tc) p11_kit_uri_set_attribute (uri, &attr); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "object-type=public") != NULL); + assert_num_eq (P11_KIT_URI_OK, ret); + assert (strstr (string, "object-type=public") != NULL); p11_kit_uri_free (uri); free (string); } static void -test_uri_build_object_type_secret (CuTest *tc) +test_uri_build_object_type_secret (void) { CK_ATTRIBUTE attr; CK_OBJECT_CLASS klass; @@ -749,7 +749,7 @@ test_uri_build_object_type_secret (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); klass = CKO_SECRET_KEY; attr.type = CKA_CLASS; @@ -758,15 +758,15 @@ test_uri_build_object_type_secret (CuTest *tc) p11_kit_uri_set_attribute (uri, &attr); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "object-type=secret-key") != NULL); + assert_num_eq (P11_KIT_URI_OK, ret); + assert (strstr (string, "object-type=secret-key") != NULL); p11_kit_uri_free (uri); free (string); } static void -test_uri_build_with_library (CuTest *tc) +test_uri_build_with_library (void) { CK_INFO_PTR info; P11KitUri *uri; @@ -774,21 +774,21 @@ test_uri_build_with_library (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); info = p11_kit_uri_get_module_info (uri); set_space_string (info->libraryDescription, sizeof (info->libraryDescription), "The Description"); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "library-description=The%20Description") != NULL); + assert_num_eq (P11_KIT_URI_OK, ret); + assert (strstr (string, "library-description=The%20Description") != NULL); p11_kit_uri_free (uri); free (string); } static void -test_uri_build_library_version (CuTest *tc) +test_uri_build_library_version (void) { CK_INFO_PTR info; P11KitUri *uri; @@ -796,121 +796,121 @@ test_uri_build_library_version (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); info = p11_kit_uri_get_module_info (uri); info->libraryVersion.major = 2; info->libraryVersion.minor = 10; ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "library-version=2.10") != NULL); + assert_num_eq (P11_KIT_URI_OK, ret); + assert (strstr (string, "library-version=2.10") != NULL); p11_kit_uri_free (uri); free (string); } static void -test_uri_get_set_unrecognized (CuTest *tc) +test_uri_get_set_unrecognized (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_any_unrecognized (uri); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_set_unrecognized (uri, 1); ret = p11_kit_uri_any_unrecognized (uri); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); p11_kit_uri_set_unrecognized (uri, 0); ret = p11_kit_uri_any_unrecognized (uri); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_free (uri); } static void -test_uri_match_token (CuTest *tc) +test_uri_match_token (void) { CK_TOKEN_INFO token; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:model=Giselle", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); set_space_string (token.label, sizeof (token.label), "A label"); set_space_string (token.model, sizeof (token.model), "Giselle"); ret = p11_kit_uri_match_token_info (uri, &token); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); set_space_string (token.label, sizeof (token.label), "Another label"); ret = p11_kit_uri_match_token_info (uri, &token); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); set_space_string (token.model, sizeof (token.model), "Zoolander"); ret = p11_kit_uri_match_token_info (uri, &token); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_set_unrecognized (uri, 1); ret = p11_kit_uri_match_token_info (uri, &token); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_free (uri); } static void -test_uri_match_module (CuTest *tc) +test_uri_match_module (void) { CK_INFO info; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-description=Quiet", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); set_space_string (info.libraryDescription, sizeof (info.libraryDescription), "Quiet"); set_space_string (info.manufacturerID, sizeof (info.manufacturerID), "Someone"); ret = p11_kit_uri_match_module_info (uri, &info); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); set_space_string (info.manufacturerID, sizeof (info.manufacturerID), "Someone else"); ret = p11_kit_uri_match_module_info (uri, &info); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); set_space_string (info.libraryDescription, sizeof (info.libraryDescription), "Leise"); ret = p11_kit_uri_match_module_info (uri, &info); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_set_unrecognized (uri, 1); ret = p11_kit_uri_match_module_info (uri, &info); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_free (uri); } static void -test_uri_match_version (CuTest *tc) +test_uri_match_version (void) { CK_INFO info; P11KitUri *uri; @@ -919,28 +919,28 @@ test_uri_match_version (CuTest *tc) memset (&info, 0, sizeof (info)); uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-version=5.8", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); info.libraryVersion.major = 5; info.libraryVersion.minor = 8; ret = p11_kit_uri_match_module_info (uri, &info); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); info.libraryVersion.major = 2; info.libraryVersion.minor = 3; ret = p11_kit_uri_match_module_info (uri, &info); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_free (uri); } static void -test_uri_match_attributes (CuTest *tc) +test_uri_match_attributes (void) { CK_ATTRIBUTE attrs[4]; CK_OBJECT_CLASS klass; @@ -965,40 +965,40 @@ test_uri_match_attributes (CuTest *tc) attrs[3].ulValueLen = sizeof (klass); uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=Fancy;id=Blah;object-type=data", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_match_attributes (uri, attrs, 4); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); attrs[1].pValue = "Fancy"; attrs[1].ulValueLen = 5; ret = p11_kit_uri_match_attributes (uri, attrs, 4); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); p11_kit_uri_clear_attribute (uri, CKA_CLASS); ret = p11_kit_uri_match_attributes (uri, attrs, 4); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); attrs[2].pValue = "pink"; ret = p11_kit_uri_match_attributes (uri, attrs, 4); - CuAssertIntEquals (tc, 1, ret); + assert_num_eq (1, ret); p11_kit_uri_set_unrecognized (uri, 1); ret = p11_kit_uri_match_attributes (uri, attrs, 4); - CuAssertIntEquals (tc, 0, ret); + assert_num_eq (0, ret); p11_kit_uri_free (uri); } static void -test_uri_get_set_attribute (CuTest *tc) +test_uri_get_set_attribute (void) { CK_ATTRIBUTE attr; CK_ATTRIBUTE_PTR ptr; @@ -1006,51 +1006,51 @@ test_uri_get_set_attribute (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); ptr = p11_kit_uri_get_attribute (uri, CKA_LABEL); - CuAssertPtrEquals (tc, NULL, ptr); + assert_ptr_eq (NULL, ptr); ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_clear_attribute (uri, CKA_COLOR); - CuAssertIntEquals (tc, P11_KIT_URI_NOT_FOUND, ret); + assert_num_eq (P11_KIT_URI_NOT_FOUND, ret); attr.type = CKA_LABEL; attr.pValue = "Test"; attr.ulValueLen = 4; ret = p11_kit_uri_set_attribute (uri, &attr); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); /* We can set other attributes */ attr.type = CKA_COLOR; ret = p11_kit_uri_set_attribute (uri, &attr); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); /* And get them too */ ptr = p11_kit_uri_get_attribute (uri, CKA_COLOR); - CuAssertPtrNotNull (tc, ptr); + assert_ptr_not_null (ptr); ptr = p11_kit_uri_get_attribute (uri, CKA_LABEL); - CuAssertPtrNotNull (tc, ptr); + assert_ptr_not_null (ptr); - CuAssertTrue (tc, ptr->type == CKA_LABEL); - CuAssertTrue (tc, ptr->ulValueLen == 4); - CuAssertTrue (tc, memcmp (ptr->pValue, "Test", 4) == 0); + assert (ptr->type == CKA_LABEL); + assert (ptr->ulValueLen == 4); + assert (memcmp (ptr->pValue, "Test", 4) == 0); ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); ptr = p11_kit_uri_get_attribute (uri, CKA_LABEL); - CuAssertPtrEquals (tc, NULL, ptr); + assert_ptr_eq (NULL, ptr); p11_kit_uri_free (uri); } static void -test_uri_get_set_attributes (CuTest *tc) +test_uri_get_set_attributes (void) { CK_ATTRIBUTE_PTR attrs; CK_OBJECT_CLASS klass; @@ -1060,39 +1060,39 @@ test_uri_get_set_attributes (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); - CuAssertPtrNotNull (tc, attrs); - CuAssertIntEquals (tc, 0, n_attrs); + assert_ptr_not_null (attrs); + assert_num_eq (0, n_attrs); attr.type = CKA_LABEL; attr.pValue = "Test"; attr.ulValueLen = 4; ret = p11_kit_uri_set_attribute (uri, &attr); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); - CuAssertPtrNotNull (tc, attrs); - CuAssertIntEquals (tc, 1, n_attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertTrue (tc, attrs[0].ulValueLen == 4); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "Test", 4) == 0); + assert_ptr_not_null (attrs); + assert_num_eq (1, n_attrs); + assert (attrs[0].type == CKA_LABEL); + assert (attrs[0].ulValueLen == 4); + assert (memcmp (attrs[0].pValue, "Test", 4) == 0); attr.type = CKA_LABEL; attr.pValue = "Kablooey"; attr.ulValueLen = 8; ret = p11_kit_uri_set_attribute (uri, &attr); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); - CuAssertPtrNotNull (tc, attrs); - CuAssertIntEquals (tc, 1, n_attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertTrue (tc, attrs[0].ulValueLen == 8); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "Kablooey", 8) == 0); + assert_ptr_not_null (attrs); + assert_num_eq (1, n_attrs); + assert (attrs[0].type == CKA_LABEL); + assert (attrs[0].ulValueLen == 8); + assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0); klass = CKO_DATA; attr.type = CKA_CLASS; @@ -1100,52 +1100,52 @@ test_uri_get_set_attributes (CuTest *tc) attr.ulValueLen = sizeof (klass); ret = p11_kit_uri_set_attribute (uri, &attr); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); - CuAssertPtrNotNull (tc, attrs); - CuAssertIntEquals (tc, 2, n_attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertTrue (tc, attrs[0].ulValueLen == 8); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "Kablooey", 8) == 0); - CuAssertTrue (tc, attrs[1].type == CKA_CLASS); - CuAssertTrue (tc, attrs[1].ulValueLen == sizeof (klass)); - CuAssertTrue (tc, memcmp (attrs[1].pValue, &klass, sizeof (klass)) == 0); + assert_ptr_not_null (attrs); + assert_num_eq (2, n_attrs); + assert (attrs[0].type == CKA_LABEL); + assert (attrs[0].ulValueLen == 8); + assert (memcmp (attrs[0].pValue, "Kablooey", 8) == 0); + assert (attrs[1].type == CKA_CLASS); + assert (attrs[1].ulValueLen == sizeof (klass)); + assert (memcmp (attrs[1].pValue, &klass, sizeof (klass)) == 0); ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); - CuAssertPtrNotNull (tc, attrs); - CuAssertIntEquals (tc, 1, n_attrs); - CuAssertTrue (tc, attrs[0].type == CKA_CLASS); - CuAssertTrue (tc, attrs[0].ulValueLen == sizeof (klass)); - CuAssertTrue (tc, memcmp (attrs[0].pValue, &klass, sizeof (klass)) == 0); + assert_ptr_not_null (attrs); + assert_num_eq (1, n_attrs); + assert (attrs[0].type == CKA_CLASS); + assert (attrs[0].ulValueLen == sizeof (klass)); + assert (memcmp (attrs[0].pValue, &klass, sizeof (klass)) == 0); attr.type = CKA_LABEL; attr.pValue = "Three"; attr.ulValueLen = 5; ret = p11_kit_uri_set_attributes (uri, &attr, 1); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); - CuAssertPtrNotNull (tc, attrs); - CuAssertIntEquals (tc, 1, n_attrs); - CuAssertTrue (tc, attrs[0].type == CKA_LABEL); - CuAssertTrue (tc, attrs[0].ulValueLen == 5); - CuAssertTrue (tc, memcmp (attrs[0].pValue, "Three", 5) == 0); + assert_ptr_not_null (attrs); + assert_num_eq (1, n_attrs); + assert (attrs[0].type == CKA_LABEL); + assert (attrs[0].ulValueLen == 5); + assert (memcmp (attrs[0].pValue, "Three", 5) == 0); p11_kit_uri_clear_attributes (uri); attrs = p11_kit_uri_get_attributes (uri, &n_attrs); - CuAssertPtrNotNull (tc, attrs); - CuAssertIntEquals (tc, 0, n_attrs); + assert_ptr_not_null (attrs); + assert_num_eq (0, n_attrs); p11_kit_uri_free (uri); } static void -test_uri_pin_source (CuTest *tc) +test_uri_pin_source (void) { P11KitUri *uri; const char *pin_source; @@ -1153,106 +1153,93 @@ test_uri_pin_source (CuTest *tc) int ret; uri = p11_kit_uri_new (); - CuAssertPtrNotNull (tc, uri); + assert_ptr_not_null (uri); p11_kit_uri_set_pin_source (uri, "|my-pin-source"); pin_source = p11_kit_uri_get_pin_source (uri); - CuAssertStrEquals (tc, "|my-pin-source", pin_source); + assert_str_eq ("|my-pin-source", pin_source); pin_source = p11_kit_uri_get_pinfile (uri); - CuAssertStrEquals (tc, "|my-pin-source", pin_source); + assert_str_eq ("|my-pin-source", pin_source); p11_kit_uri_set_pinfile (uri, "|my-pin-file"); pin_source = p11_kit_uri_get_pin_source (uri); - CuAssertStrEquals (tc, "|my-pin-file", pin_source); + assert_str_eq ("|my-pin-file", pin_source); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); - CuAssertTrue (tc, strstr (string, "pin-source=%7cmy-pin-file") != NULL); + assert_num_eq (P11_KIT_URI_OK, ret); + assert (strstr (string, "pin-source=%7cmy-pin-file") != NULL); free (string); ret = p11_kit_uri_parse ("pkcs11:pin-source=blah%2Fblah", P11_KIT_URI_FOR_ANY, uri); - CuAssertIntEquals (tc, P11_KIT_URI_OK, ret); + assert_num_eq (P11_KIT_URI_OK, ret); pin_source = p11_kit_uri_get_pin_source (uri); - CuAssertStrEquals (tc, "blah/blah", pin_source); + assert_str_eq ("blah/blah", pin_source); p11_kit_uri_free (uri); } static void -test_uri_free_null (CuTest *tc) +test_uri_free_null (void) { p11_kit_uri_free (NULL); } static void -test_uri_message (CuTest *tc) +test_uri_message (void) { - CuAssertTrue (tc, p11_kit_uri_message (P11_KIT_URI_OK) == NULL); - CuAssertPtrNotNull (tc, p11_kit_uri_message (P11_KIT_URI_UNEXPECTED)); - CuAssertPtrNotNull (tc, p11_kit_uri_message (-555555)); + assert (p11_kit_uri_message (P11_KIT_URI_OK) == NULL); + assert_ptr_not_null (p11_kit_uri_message (P11_KIT_URI_UNEXPECTED)); + assert_ptr_not_null (p11_kit_uri_message (-555555)); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_uri_parse); - SUITE_ADD_TEST (suite, test_uri_parse_bad_scheme); - SUITE_ADD_TEST (suite, test_uri_parse_with_label); - SUITE_ADD_TEST (suite, test_uri_parse_with_label_and_klass); - SUITE_ADD_TEST (suite, test_uri_parse_with_id); - SUITE_ADD_TEST (suite, test_uri_parse_with_bad_string_encoding); - SUITE_ADD_TEST (suite, test_uri_parse_with_bad_hex_encoding); - SUITE_ADD_TEST (suite, test_uri_parse_with_token); - SUITE_ADD_TEST (suite, test_uri_parse_with_token_bad_encoding); - SUITE_ADD_TEST (suite, test_uri_parse_with_bad_syntax); - SUITE_ADD_TEST (suite, test_uri_parse_with_spaces); - SUITE_ADD_TEST (suite, test_uri_parse_with_library); - SUITE_ADD_TEST (suite, test_uri_parse_with_library_bad_encoding); - SUITE_ADD_TEST (suite, test_uri_build_empty); - SUITE_ADD_TEST (suite, test_uri_build_with_token_info); - SUITE_ADD_TEST (suite, test_uri_build_with_token_null_info); - SUITE_ADD_TEST (suite, test_uri_build_with_token_empty_info); - SUITE_ADD_TEST (suite, test_uri_build_with_attributes); - SUITE_ADD_TEST (suite, test_uri_parse_private_key); - SUITE_ADD_TEST (suite, test_uri_parse_secret_key); - SUITE_ADD_TEST (suite, test_uri_parse_library_version); - SUITE_ADD_TEST (suite, test_uri_parse_parse_unknown_object_type); - SUITE_ADD_TEST (suite, test_uri_parse_unrecognized); - SUITE_ADD_TEST (suite, test_uri_parse_too_long_is_unrecognized); - SUITE_ADD_TEST (suite, test_uri_build_object_type_cert); - SUITE_ADD_TEST (suite, test_uri_build_object_type_private); - SUITE_ADD_TEST (suite, test_uri_build_object_type_public); - SUITE_ADD_TEST (suite, test_uri_build_object_type_secret); - SUITE_ADD_TEST (suite, test_uri_build_with_library); - SUITE_ADD_TEST (suite, test_uri_build_library_version); - SUITE_ADD_TEST (suite, test_uri_get_set_unrecognized); - SUITE_ADD_TEST (suite, test_uri_match_token); - SUITE_ADD_TEST (suite, test_uri_match_module); - SUITE_ADD_TEST (suite, test_uri_match_version); - SUITE_ADD_TEST (suite, test_uri_match_attributes); - SUITE_ADD_TEST (suite, test_uri_get_set_attribute); - SUITE_ADD_TEST (suite, test_uri_get_set_attributes); - SUITE_ADD_TEST (suite, test_uri_pin_source); - SUITE_ADD_TEST (suite, test_uri_free_null); - SUITE_ADD_TEST (suite, test_uri_message); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - return ret; + p11_test (test_uri_parse, "/uri/test_uri_parse"); + p11_test (test_uri_parse_bad_scheme, "/uri/test_uri_parse_bad_scheme"); + p11_test (test_uri_parse_with_label, "/uri/test_uri_parse_with_label"); + p11_test (test_uri_parse_with_label_and_klass, "/uri/test_uri_parse_with_label_and_klass"); + p11_test (test_uri_parse_with_id, "/uri/test_uri_parse_with_id"); + p11_test (test_uri_parse_with_bad_string_encoding, "/uri/test_uri_parse_with_bad_string_encoding"); + p11_test (test_uri_parse_with_bad_hex_encoding, "/uri/test_uri_parse_with_bad_hex_encoding"); + p11_test (test_uri_parse_with_token, "/uri/test_uri_parse_with_token"); + p11_test (test_uri_parse_with_token_bad_encoding, "/uri/test_uri_parse_with_token_bad_encoding"); + p11_test (test_uri_parse_with_bad_syntax, "/uri/test_uri_parse_with_bad_syntax"); + p11_test (test_uri_parse_with_spaces, "/uri/test_uri_parse_with_spaces"); + p11_test (test_uri_parse_with_library, "/uri/test_uri_parse_with_library"); + p11_test (test_uri_parse_with_library_bad_encoding, "/uri/test_uri_parse_with_library_bad_encoding"); + p11_test (test_uri_build_empty, "/uri/test_uri_build_empty"); + p11_test (test_uri_build_with_token_info, "/uri/test_uri_build_with_token_info"); + p11_test (test_uri_build_with_token_null_info, "/uri/test_uri_build_with_token_null_info"); + p11_test (test_uri_build_with_token_empty_info, "/uri/test_uri_build_with_token_empty_info"); + p11_test (test_uri_build_with_attributes, "/uri/test_uri_build_with_attributes"); + p11_test (test_uri_parse_private_key, "/uri/test_uri_parse_private_key"); + p11_test (test_uri_parse_secret_key, "/uri/test_uri_parse_secret_key"); + p11_test (test_uri_parse_library_version, "/uri/test_uri_parse_library_version"); + p11_test (test_uri_parse_parse_unknown_object_type, "/uri/test_uri_parse_parse_unknown_object_type"); + p11_test (test_uri_parse_unrecognized, "/uri/test_uri_parse_unrecognized"); + p11_test (test_uri_parse_too_long_is_unrecognized, "/uri/test_uri_parse_too_long_is_unrecognized"); + p11_test (test_uri_build_object_type_cert, "/uri/test_uri_build_object_type_cert"); + p11_test (test_uri_build_object_type_private, "/uri/test_uri_build_object_type_private"); + p11_test (test_uri_build_object_type_public, "/uri/test_uri_build_object_type_public"); + p11_test (test_uri_build_object_type_secret, "/uri/test_uri_build_object_type_secret"); + p11_test (test_uri_build_with_library, "/uri/test_uri_build_with_library"); + p11_test (test_uri_build_library_version, "/uri/test_uri_build_library_version"); + p11_test (test_uri_get_set_unrecognized, "/uri/test_uri_get_set_unrecognized"); + p11_test (test_uri_match_token, "/uri/test_uri_match_token"); + p11_test (test_uri_match_module, "/uri/test_uri_match_module"); + p11_test (test_uri_match_version, "/uri/test_uri_match_version"); + p11_test (test_uri_match_attributes, "/uri/test_uri_match_attributes"); + p11_test (test_uri_get_set_attribute, "/uri/test_uri_get_set_attribute"); + p11_test (test_uri_get_set_attributes, "/uri/test_uri_get_set_attributes"); + p11_test (test_uri_pin_source, "/uri/test_uri_pin_source"); + p11_test (test_uri_free_null, "/uri/test_uri_free_null"); + p11_test (test_uri_message, "/uri/test_uri_message"); + + return p11_test_run (argc, argv); } diff --git a/p11-kit/tests/test-virtual.c b/p11-kit/tests/test-virtual.c new file mode 100644 index 0000000..73777d3 --- /dev/null +++ b/p11-kit/tests/test-virtual.c @@ -0,0 +1,171 @@ +/* + * Copyright (c) 2012 Stefan Walter + * Copyright (c) 2012 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stef@thewalter.net> + */ + +#include "config.h" + +#include "library.h" +#include "p11-kit.h" +#include "private.h" +#include "virtual.h" + +#include "test.h" + +#include "mock.h" + +#include <sys/types.h> +#include <assert.h> +#include <string.h> +#include <stdio.h> +#include <stdlib.h> + +/* + * test-managed.c is a pretty good test of the closure code, so we + * just test a few things here. + */ + +typedef struct { + p11_virtual virt; + void *check; +} Override; + +static CK_RV +override_initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR args) +{ + Override *over = (Override *)self; + + assert_str_eq ("initialize-arg", args); + assert_str_eq ("overide-arg", over->check); + + /* An arbitrary error code to check */ + return CKR_NEED_TO_CREATE_THREADS; +} + +static bool test_destroyed = false; + +static void +test_destroyer (void *data) +{ + assert (data == &mock_x_module_no_slots); + assert (test_destroyed == false); + test_destroyed = true; +} + +static void +test_initialize (void) +{ + CK_FUNCTION_LIST_PTR module; + Override over = { }; + CK_RV rv; + + p11_virtual_init (&over.virt, &p11_virtual_stack, &mock_x_module_no_slots, test_destroyer); + over.virt.funcs.C_Initialize = override_initialize; + over.check = "overide-arg"; + test_destroyed = false; + + module = p11_virtual_wrap (&over.virt, (p11_destroyer)p11_virtual_uninit); + assert_ptr_not_null (module); + + rv = (module->C_Initialize) ("initialize-arg"); + assert_num_eq (CKR_NEED_TO_CREATE_THREADS, rv); + + p11_virtual_unwrap (module); + assert_num_eq (true, test_destroyed); +} + +static void +test_fall_through (void) +{ + CK_FUNCTION_LIST_PTR module; + Override over = { }; + p11_virtual base; + CK_RV rv; + + p11_virtual_init (&base, &p11_virtual_base, &mock_module_no_slots, NULL); + p11_virtual_init (&over.virt, &p11_virtual_stack, &base, NULL); + over.virt.funcs.C_Initialize = override_initialize; + over.check = "overide-arg"; + + module = p11_virtual_wrap (&over.virt, NULL); + assert_ptr_not_null (module); + + rv = (module->C_Initialize) ("initialize-arg"); + assert_num_eq (CKR_NEED_TO_CREATE_THREADS, rv); + + /* All other functiosn should have just fallen through */ + assert_ptr_eq (mock_module_no_slots.C_Finalize, module->C_Finalize); + + p11_virtual_unwrap (module); +} + +static void +test_get_function_list (void) +{ + CK_FUNCTION_LIST_PTR module; + CK_FUNCTION_LIST_PTR list; + p11_virtual virt; + CK_RV rv; + + p11_virtual_init (&virt, &p11_virtual_base, &mock_x_module_no_slots, NULL); + module = p11_virtual_wrap (&virt, NULL); + assert_ptr_not_null (module); + + rv = (module->C_GetFunctionList) (&list); + assert_num_eq (CKR_OK, rv); + assert_ptr_eq (module, list); + + rv = (module->C_GetFunctionList) (&list); + assert_num_eq (CKR_OK, rv); + + rv = (module->C_GetFunctionList) (NULL); + assert_num_eq (CKR_ARGUMENTS_BAD, rv); + + p11_virtual_unwrap (module); +} + +int +main (int argc, + char *argv[]) +{ + mock_module_init (); + p11_library_init (); + + assert (p11_virtual_can_wrap ()); + p11_test (test_initialize, "/virtual/test_initialize"); + p11_test (test_fall_through, "/virtual/test_fall_through"); + p11_test (test_get_function_list, "/virtual/test_get_function_list"); + + return p11_test_run (argc, argv); +} diff --git a/p11-kit/uri.c b/p11-kit/uri.c index a811b92..df069f4 100644 --- a/p11-kit/uri.c +++ b/p11-kit/uri.c @@ -625,6 +625,18 @@ p11_kit_uri_new (void) return uri; } +static void +format_name_equals (p11_buffer *buffer, + bool *is_first, + const char *name) +{ + if (!*is_first) + p11_buffer_add (buffer, ";", 1); + p11_buffer_add (buffer, name, -1); + p11_buffer_add (buffer, "=", 1); + *is_first = false; +} + static bool format_raw_string (p11_buffer *buffer, bool *is_first, @@ -635,12 +647,8 @@ format_raw_string (p11_buffer *buffer, if (!value) return true; - if (!*is_first) - p11_buffer_add (buffer, ";", 1); - p11_buffer_add (buffer, name, -1); - p11_buffer_add (buffer, "=", 1); + format_name_equals (buffer, is_first, name); p11_buffer_add (buffer, value, -1); - *is_first = false; return p11_buffer_ok (buffer); } @@ -653,16 +661,14 @@ format_encode_string (p11_buffer *buffer, size_t n_value, bool force) { - char *encoded; - bool ret; + /* Not set */ + if (!value) + return true; - encoded = p11_url_encode (value, value + n_value, - force ? "" : P11_URL_VERBATIM, NULL); - return_val_if_fail (encoded != NULL, false); + format_name_equals (buffer, is_first, name); + p11_url_encode (value, value + n_value, force ? "" : P11_URL_VERBATIM, buffer); - ret = format_raw_string (buffer, is_first, name, encoded); - free (encoded); - return ret; + return p11_buffer_ok (buffer); } diff --git a/p11-kit/util.c b/p11-kit/util.c index c4e5636..14c24f6 100644 --- a/p11-kit/util.c +++ b/p11-kit/util.c @@ -44,6 +44,7 @@ #include "message.h" #include "p11-kit.h" #include "private.h" +#include "proxy.h" #include <assert.h> #include <stdarg.h> @@ -258,6 +259,7 @@ __attribute__((destructor)) void _p11_kit_fini (void) { + p11_proxy_module_cleanup (); p11_library_uninit (); } @@ -280,6 +282,7 @@ DllMain (HINSTANCE instance, p11_library_thread_cleanup (); break; case DLL_PROCESS_DETACH: + p11_proxy_module_cleanup (); p11_library_uninit (); break; default: diff --git a/p11-kit/virtual.c b/p11-kit/virtual.c new file mode 100644 index 0000000..104ece0 --- /dev/null +++ b/p11-kit/virtual.c @@ -0,0 +1,2964 @@ +/* + * Copyright (C) 2008 Stefan Walter + * Copyright (C) 2012 Red Hat Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@gnome.org> + */ + +#include "config.h" + +#include "compat.h" +#define P11_DEBUG_FLAG P11_DEBUG_LIB +#include "debug.h" +#include "library.h" +#include "virtual.h" + +#include <assert.h> +#include <stdarg.h> +#include <stdlib.h> +#include <string.h> + +#ifdef WITH_FFI + +/* + * We use libffi to build closures. Note that even with libffi certain + * platforms do not support using ffi_closure. In this case FFI_CLOSURES will + * not be defined. This is checked in configure.ac + */ + +#include "ffi.h" +#ifndef FFI_CLOSURES +#error "FFI_CLOSURES should be checked in configure.ac" +#endif + +/* There are 66 functions in PKCS#11, with a maximum of 8 args */ +#define MAX_FUNCTIONS 66 +#define MAX_ARGS 10 + +typedef struct { + /* This is first so we can cast between CK_FUNCTION_LIST* and Context* */ + CK_FUNCTION_LIST bound; + + /* The PKCS#11 functions to call into */ + p11_virtual *virt; + p11_destroyer destroyer; + + /* A list of our libffi built closures, for cleanup later */ + ffi_closure *ffi_closures[MAX_FUNCTIONS]; + ffi_cif ffi_cifs[MAX_FUNCTIONS]; + int ffi_used; +} Wrapper; + +static CK_RV +short_C_GetFunctionStatus (CK_SESSION_HANDLE handle) +{ + return CKR_FUNCTION_NOT_PARALLEL; +} + +static CK_RV +short_C_CancelFunction (CK_SESSION_HANDLE handle) +{ + return CKR_FUNCTION_NOT_PARALLEL; +} + +static void +binding_C_GetFunctionList (ffi_cif *cif, + CK_RV *ret, + void* args[], + Wrapper *wrapper) +{ + CK_FUNCTION_LIST_PTR_PTR list = *(CK_FUNCTION_LIST_PTR_PTR *)args[0]; + + if (list == NULL) { + *ret = CKR_ARGUMENTS_BAD; + } else { + *list = &wrapper->bound; + *ret = CKR_OK; + } +} + +static void +binding_C_Initialize (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Initialize (funcs, + *(CK_VOID_PTR *)args[0]); +} + +static void +binding_C_Finalize (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Finalize (funcs, + *(CK_VOID_PTR *)args[0]); +} + +static void +binding_C_GetInfo (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetInfo (funcs, + *(CK_INFO_PTR *)args[0]); +} + +static void +binding_C_GetSlotList (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetSlotList (funcs, + *(CK_BBOOL *)args[0], + *(CK_SLOT_ID_PTR *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_GetSlotInfo (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetSlotInfo (funcs, + *(CK_SLOT_ID *)args[0], + *(CK_SLOT_INFO_PTR *)args[1]); +} + +static void +binding_C_GetTokenInfo (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetTokenInfo (funcs, + *(CK_SLOT_ID *)args[0], + *(CK_TOKEN_INFO_PTR *)args[1]); +} + +static void +binding_C_WaitForSlotEvent (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_WaitForSlotEvent (funcs, + *(CK_FLAGS *)args[0], + *(CK_SLOT_ID_PTR *)args[1], + *(CK_VOID_PTR *)args[2]); +} + +static void +binding_C_GetMechanismList (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetMechanismList (funcs, + *(CK_SLOT_ID *)args[0], + *(CK_MECHANISM_TYPE_PTR *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_GetMechanismInfo (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetMechanismInfo (funcs, + *(CK_SLOT_ID *)args[0], + *(CK_MECHANISM_TYPE *)args[1], + *(CK_MECHANISM_INFO_PTR *)args[2]); +} + +static void +binding_C_InitToken (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_InitToken (funcs, + *(CK_SLOT_ID *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3]); +} + +static void +binding_C_InitPIN (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_InitPIN (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +static void +binding_C_SetPIN (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SetPIN (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG *)args[4]); +} + +static void +binding_C_OpenSession (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_OpenSession (funcs, + *(CK_SLOT_ID *)args[0], + *(CK_FLAGS *)args[1], + *(CK_VOID_PTR *)args[2], + *(CK_NOTIFY *)args[3], + *(CK_SESSION_HANDLE_PTR *)args[4]); +} + +static void +binding_C_CloseSession (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_CloseSession (funcs, + *(CK_SESSION_HANDLE *)args[0]); +} + +static void +binding_C_CloseAllSessions (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_CloseAllSessions (funcs, + *(CK_SLOT_ID *)args[0]); +} + +static void +binding_C_GetSessionInfo (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetSessionInfo (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_SESSION_INFO_PTR *)args[1]); +} + +static void +binding_C_GetOperationState (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetOperationState (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_SetOperationState (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SetOperationState (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_OBJECT_HANDLE *)args[3], + *(CK_OBJECT_HANDLE *)args[4]); +} + +static void +binding_C_Login (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Login (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_USER_TYPE *)args[1], + *(CK_BYTE_PTR *)args[2], + *(CK_ULONG *)args[3]); +} + +static void +binding_C_Logout (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Logout (funcs, + *(CK_SESSION_HANDLE *)args[0]); +} + +static void +binding_C_CreateObject (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_CreateObject (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_ATTRIBUTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_OBJECT_HANDLE_PTR *)args[3]); +} + +static void +binding_C_CopyObject (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_CopyObject (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_OBJECT_HANDLE *)args[1], + *(CK_ATTRIBUTE_PTR *)args[2], + *(CK_ULONG *)args[3], + *(CK_OBJECT_HANDLE_PTR *)args[4]); +} + +static void +binding_C_DestroyObject (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DestroyObject (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_OBJECT_HANDLE *)args[1]); +} + +static void +binding_C_GetObjectSize (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetObjectSize (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_OBJECT_HANDLE *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_GetAttributeValue (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GetAttributeValue (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_OBJECT_HANDLE *)args[1], + *(CK_ATTRIBUTE_PTR *)args[2], + *(CK_ULONG *)args[3]); +} + +static void +binding_C_SetAttributeValue (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SetAttributeValue (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_OBJECT_HANDLE *)args[1], + *(CK_ATTRIBUTE_PTR *)args[2], + *(CK_ULONG *)args[3]); +} + +static void +binding_C_FindObjectsInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_FindObjectsInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_ATTRIBUTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +static void +binding_C_FindObjects (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_FindObjects (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_OBJECT_HANDLE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_ULONG_PTR *)args[3]); +} + +static void +binding_C_FindObjectsFinal (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_FindObjectsFinal (funcs, + *(CK_SESSION_HANDLE *)args[0]); +} + +static void +binding_C_EncryptInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_EncryptInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2]); +} + +static void +binding_C_Encrypt (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Encrypt (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_EncryptUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_EncryptUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_EncryptFinal (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_EncryptFinal (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_DecryptInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DecryptInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2]); +} + +static void +binding_C_Decrypt (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Decrypt (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_DecryptUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DecryptUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_DecryptFinal (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DecryptFinal (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_DigestInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DigestInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1]); +} + +static void +binding_C_Digest (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Digest (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_DigestUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DigestUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +static void +binding_C_DigestKey (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DigestKey (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_OBJECT_HANDLE *)args[1]); +} + +static void +binding_C_DigestFinal (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DigestFinal (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_SignInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SignInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2]); +} + +static void +binding_C_Sign (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Sign (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_SignUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SignUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +static void +binding_C_SignFinal (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SignFinal (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG_PTR *)args[2]); +} + +static void +binding_C_SignRecoverInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SignRecoverInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2]); +} + +static void +binding_C_SignRecover (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SignRecover (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_VerifyInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_VerifyInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2]); +} + +static void +binding_C_Verify (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_Verify (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG *)args[4]); +} + +static void +binding_C_VerifyUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_VerifyUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +static void +binding_C_VerifyFinal (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_VerifyFinal (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +static void +binding_C_VerifyRecoverInit (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_VerifyRecoverInit (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2]); +} + +static void +binding_C_VerifyRecover (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_VerifyRecover (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_DigestEncryptUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DigestEncryptUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_DecryptDigestUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DecryptDigestUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_SignEncryptUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SignEncryptUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_DecryptVerifyUpdate (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DecryptVerifyUpdate (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG_PTR *)args[4]); +} + +static void +binding_C_GenerateKey (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GenerateKey (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_ATTRIBUTE_PTR *)args[2], + *(CK_ULONG *)args[3], + *(CK_OBJECT_HANDLE_PTR *)args[4]); +} + +static void +binding_C_GenerateKeyPair (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GenerateKeyPair (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_ATTRIBUTE_PTR *)args[2], + *(CK_ULONG *)args[3], + *(CK_ATTRIBUTE_PTR *)args[4], + *(CK_ULONG *)args[5], + *(CK_OBJECT_HANDLE_PTR *)args[6], + *(CK_OBJECT_HANDLE_PTR *)args[7]); +} + +static void +binding_C_WrapKey (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_WrapKey (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2], + *(CK_OBJECT_HANDLE *)args[3], + *(CK_BYTE_PTR *)args[4], + *(CK_ULONG_PTR *)args[5]); +} + +static void +binding_C_UnwrapKey (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_UnwrapKey (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2], + *(CK_BYTE_PTR *)args[3], + *(CK_ULONG *)args[4], + *(CK_ATTRIBUTE_PTR *)args[5], + *(CK_ULONG *)args[6], + *(CK_OBJECT_HANDLE_PTR *)args[7]); +} + +static void +binding_C_DeriveKey (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_DeriveKey (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_MECHANISM_PTR *)args[1], + *(CK_OBJECT_HANDLE *)args[2], + *(CK_ATTRIBUTE_PTR *)args[3], + *(CK_ULONG *)args[4], + *(CK_OBJECT_HANDLE_PTR *)args[5]); +} + +static void +binding_C_SeedRandom (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_SeedRandom (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +static void +binding_C_GenerateRandom (ffi_cif *cif, + CK_RV *ret, + void* args[], + CK_X_FUNCTION_LIST *funcs) +{ + *ret = funcs->C_GenerateRandom (funcs, + *(CK_SESSION_HANDLE *)args[0], + *(CK_BYTE_PTR *)args[1], + *(CK_ULONG *)args[2]); +} + +#endif /* WITH_FFI */ + +static CK_RV +stack_C_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR init_args) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Initialize (funcs, init_args); +} + +static CK_RV +stack_C_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR reserved) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Finalize (funcs, reserved); +} + +static CK_RV +stack_C_GetInfo (CK_X_FUNCTION_LIST *self, + CK_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetInfo (funcs, info); +} + +static CK_RV +stack_C_GetSlotList (CK_X_FUNCTION_LIST *self, + CK_BBOOL token_present, + CK_SLOT_ID_PTR slot_list, + CK_ULONG_PTR count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetSlotList (funcs, token_present, slot_list, count); +} + +static CK_RV +stack_C_GetSlotInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_SLOT_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetSlotInfo (funcs, slot_id, info); +} + +static CK_RV +stack_C_GetTokenInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_TOKEN_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetTokenInfo (funcs, slot_id, info); +} + +static CK_RV +stack_C_GetMechanismList (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE_PTR mechanism_list, + CK_ULONG_PTR count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetMechanismList (funcs, slot_id, mechanism_list, count); +} + +static CK_RV +stack_C_GetMechanismInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetMechanismInfo (funcs, slot_id, type, info); +} + +static CK_RV +stack_C_InitToken (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len, + CK_UTF8CHAR_PTR label) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_InitToken (funcs, slot_id, pin, pin_len, label); +} + +static CK_RV +stack_C_OpenSession (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_FLAGS flags, + CK_VOID_PTR application, + CK_NOTIFY notify, + CK_SESSION_HANDLE_PTR session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_OpenSession (funcs, slot_id, flags, application, notify, session); +} + +static CK_RV +stack_C_CloseSession (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CloseSession (funcs, session); +} + +static CK_RV +stack_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CloseAllSessions (funcs, slot_id); +} + +static CK_RV +stack_C_GetSessionInfo (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_SESSION_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetSessionInfo (funcs, session, info); +} + +static CK_RV +stack_C_InitPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_InitPIN (funcs, session, pin, pin_len); +} + +static CK_RV +stack_C_SetPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR old_pin, + CK_ULONG old_len, + CK_UTF8CHAR_PTR new_pin, + CK_ULONG new_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SetPIN (funcs, session, old_pin, old_len, new_pin, new_len); +} + +static CK_RV +stack_C_GetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG_PTR operation_state_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetOperationState (funcs, session, operation_state, operation_state_len); +} + +static CK_RV +stack_C_SetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG operation_state_len, + CK_OBJECT_HANDLE encryption_key, + CK_OBJECT_HANDLE authentication_key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SetOperationState (funcs, session, operation_state, operation_state_len, + encryption_key, authentication_key); +} + +static CK_RV +stack_C_Login (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_USER_TYPE user_type, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Login (funcs, session, user_type, pin, pin_len); +} + +static CK_RV +stack_C_Logout (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Logout (funcs, session); +} + +static CK_RV +stack_C_CreateObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR object) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CreateObject (funcs, session, template, count, object); +} + +static CK_RV +stack_C_CopyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CopyObject (funcs, session, object, template, count, new_object); +} + + +static CK_RV +stack_C_DestroyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DestroyObject (funcs, session, object); +} + +static CK_RV +stack_C_GetObjectSize (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ULONG_PTR size) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetObjectSize (funcs, session, object, size); +} + +static CK_RV +stack_C_GetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetAttributeValue (funcs, session, object, template, count); +} + +static CK_RV +stack_C_SetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SetAttributeValue (funcs, session, object, template, count); +} + +static CK_RV +stack_C_FindObjectsInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_FindObjectsInit (funcs, session, template, count); +} + +static CK_RV +stack_C_FindObjects (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE_PTR object, + CK_ULONG max_object_count, + CK_ULONG_PTR object_count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_FindObjects (funcs, session, object, max_object_count, object_count); +} + +static CK_RV +stack_C_FindObjectsFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_FindObjectsFinal (funcs, session); +} + +static CK_RV +stack_C_EncryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_EncryptInit (funcs, session, mechanism, key); +} + +static CK_RV +stack_C_Encrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR encrypted_data, + CK_ULONG_PTR encrypted_data_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Encrypt (funcs, session, input, input_len, + encrypted_data, encrypted_data_len); +} + +static CK_RV +stack_C_EncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_EncryptUpdate (funcs, session, part, part_len, + encrypted_part, encrypted_part_len); +} + +static CK_RV +stack_C_EncryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_encrypted_part, + CK_ULONG_PTR last_encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_EncryptFinal (funcs, session, last_encrypted_part, + last_encrypted_part_len); +} + +static CK_RV +stack_C_DecryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptInit (funcs, session, mechanism, key); +} + +static CK_RV +stack_C_Decrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_data, + CK_ULONG encrypted_data_len, + CK_BYTE_PTR output, + CK_ULONG_PTR output_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Decrypt (funcs, session, encrypted_data, encrypted_data_len, + output, output_len); +} + +static CK_RV +stack_C_DecryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_part, + CK_ULONG encrypted_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptUpdate (funcs, session, encrypted_part, encrypted_part_len, + part, part_len); +} + +static CK_RV +stack_C_DecryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptFinal (funcs, session, last_part, last_part_len); +} + +static CK_RV +stack_C_DigestInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestInit (funcs, session, mechanism); +} + +static CK_RV +stack_C_Digest (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Digest (funcs, session, input, input_len, digest, digest_len); +} + +static CK_RV +stack_C_DigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestUpdate (funcs, session, part, part_len); +} + +static CK_RV +stack_C_DigestKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestKey (funcs, session, key); +} + +static CK_RV +stack_C_DigestFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestFinal (funcs, session, digest, digest_len); +} + +static CK_RV +stack_C_SignInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignInit (funcs, session, mechanism, key); +} + +static CK_RV +stack_C_Sign (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Sign (funcs, session, input, input_len, + signature, signature_len); +} + +static CK_RV +stack_C_SignUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignUpdate (funcs, session, part, part_len); +} + +static CK_RV +stack_C_SignFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignFinal (funcs, session, signature, signature_len); +} + +static CK_RV +stack_C_SignRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignRecoverInit (funcs, session, mechanism, key); +} + +static CK_RV +stack_C_SignRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignRecover (funcs, session, input, input_len, + signature, signature_len); +} + +static CK_RV +stack_C_VerifyInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyInit (funcs, session, mechanism, key); +} + +static CK_RV +stack_C_Verify (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Verify (funcs, session, input, input_len, + signature, signature_len); +} + +static CK_RV +stack_C_VerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyUpdate (funcs, session, part, part_len); +} + +static CK_RV +stack_C_VerifyFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyFinal (funcs, session, signature, signature_len); +} + +static CK_RV +stack_C_VerifyRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyRecoverInit (funcs, session, mechanism, key); +} + +static CK_RV +stack_C_VerifyRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len, + CK_BYTE_PTR input, + CK_ULONG_PTR input_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyRecover (funcs, session, signature, signature_len, + input, input_len); +} + +static CK_RV +stack_C_DigestEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestEncryptUpdate (funcs, session, part, part_len, + encrypted_part, encrypted_part_len); +} + +static CK_RV +stack_C_DecryptDigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_part, + CK_ULONG encrypted_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptDigestUpdate (funcs, session, encrypted_part, encrypted_part_len, + part, part_len); +} + +static CK_RV +stack_C_SignEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignEncryptUpdate (funcs, session, part, part_len, + encrypted_part, encrypted_part_len); +} + +static CK_RV +stack_C_DecryptVerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_part, + CK_ULONG encrypted_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptVerifyUpdate (funcs, session, encrypted_part, encrypted_part_len, + part, part_len); +} + +static CK_RV +stack_C_GenerateKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GenerateKey (funcs, session, mechanism, template, count, key); +} + +static CK_RV +stack_C_GenerateKeyPair (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR public_key_template, + CK_ULONG public_key_count, + CK_ATTRIBUTE_PTR private_key_template, + CK_ULONG private_key_count, + CK_OBJECT_HANDLE_PTR public_key, + CK_OBJECT_HANDLE_PTR private_key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GenerateKeyPair (funcs, session, mechanism, public_key_template, + public_key_count, private_key_template, + private_key_count, public_key, private_key); +} + +static CK_RV +stack_C_WrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE wrapping_key, + CK_OBJECT_HANDLE key, + CK_BYTE_PTR wrapped_key, + CK_ULONG_PTR wrapped_key_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_WrapKey (funcs, session, mechanism, wrapping_key, key, + wrapped_key, wrapped_key_len); +} + +static CK_RV +stack_C_UnwrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE unwrapping_key, + CK_BYTE_PTR wrapped_key, + CK_ULONG wrapped_key_len, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_UnwrapKey (funcs, session, mechanism, unwrapping_key, wrapped_key, + wrapped_key_len, template, count, key); +} + +static CK_RV +stack_C_DeriveKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE base_key, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DeriveKey (funcs, session, mechanism, base_key, template, count, key); +} + +static CK_RV +stack_C_SeedRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR seed, + CK_ULONG seed_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SeedRandom (funcs, session, seed, seed_len); +} + +static CK_RV +stack_C_GenerateRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR random_data, + CK_ULONG random_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GenerateRandom (funcs, session, random_data, random_len); +} + +static CK_RV +stack_C_WaitForSlotEvent (CK_X_FUNCTION_LIST *self, + CK_FLAGS flags, + CK_SLOT_ID_PTR slot_id, + CK_VOID_PTR reserved) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_X_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_WaitForSlotEvent (funcs, flags, slot_id, reserved); +} + +static CK_RV +base_C_Initialize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR init_args) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Initialize (init_args); +} + +static CK_RV +base_C_Finalize (CK_X_FUNCTION_LIST *self, + CK_VOID_PTR reserved) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Finalize (reserved); +} + +static CK_RV +base_C_GetInfo (CK_X_FUNCTION_LIST *self, + CK_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetInfo (info); +} + +static CK_RV +base_C_GetSlotList (CK_X_FUNCTION_LIST *self, + CK_BBOOL token_present, + CK_SLOT_ID_PTR slot_list, + CK_ULONG_PTR count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetSlotList (token_present, slot_list, count); +} + +static CK_RV +base_C_GetSlotInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_SLOT_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetSlotInfo (slot_id, info); +} + +static CK_RV +base_C_GetTokenInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_TOKEN_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetTokenInfo (slot_id, info); +} + +static CK_RV +base_C_GetMechanismList (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE_PTR mechanism_list, + CK_ULONG_PTR count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetMechanismList (slot_id, mechanism_list, count); +} + +static CK_RV +base_C_GetMechanismInfo (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_MECHANISM_TYPE type, + CK_MECHANISM_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetMechanismInfo (slot_id, type, info); +} + +static CK_RV +base_C_InitToken (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len, + CK_UTF8CHAR_PTR label) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_InitToken (slot_id, pin, pin_len, label); +} + +static CK_RV +base_C_OpenSession (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id, + CK_FLAGS flags, + CK_VOID_PTR application, + CK_NOTIFY notify, + CK_SESSION_HANDLE_PTR session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_OpenSession (slot_id, flags, application, notify, session); +} + +static CK_RV +base_C_CloseSession (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CloseSession (session); +} + +static CK_RV +base_C_CloseAllSessions (CK_X_FUNCTION_LIST *self, + CK_SLOT_ID slot_id) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CloseAllSessions (slot_id); +} + +static CK_RV +base_C_GetSessionInfo (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_SESSION_INFO_PTR info) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetSessionInfo (session, info); +} + +static CK_RV +base_C_InitPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_InitPIN (session, pin, pin_len); +} + +static CK_RV +base_C_SetPIN (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_UTF8CHAR_PTR old_pin, + CK_ULONG old_len, + CK_UTF8CHAR_PTR new_pin, + CK_ULONG new_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SetPIN (session, old_pin, old_len, new_pin, new_len); +} + +static CK_RV +base_C_GetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG_PTR operation_state_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetOperationState (session, operation_state, operation_state_len); +} + +static CK_RV +base_C_SetOperationState (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR operation_state, + CK_ULONG operation_state_len, + CK_OBJECT_HANDLE encryption_key, + CK_OBJECT_HANDLE authentication_key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SetOperationState (session, operation_state, operation_state_len, + encryption_key, authentication_key); +} + +static CK_RV +base_C_Login (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_USER_TYPE user_type, + CK_UTF8CHAR_PTR pin, + CK_ULONG pin_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Login (session, user_type, pin, pin_len); +} + +static CK_RV +base_C_Logout (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Logout (session); +} + +static CK_RV +base_C_CreateObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR object) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CreateObject (session, template, count, object); +} + +static CK_RV +base_C_CopyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR new_object) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_CopyObject (session, object, template, count, new_object); +} + + +static CK_RV +base_C_DestroyObject (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DestroyObject (session, object); +} + +static CK_RV +base_C_GetObjectSize (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ULONG_PTR size) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetObjectSize (session, object, size); +} + +static CK_RV +base_C_GetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GetAttributeValue (session, object, template, count); +} + +static CK_RV +base_C_SetAttributeValue (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE object, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SetAttributeValue (session, object, template, count); +} + +static CK_RV +base_C_FindObjectsInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_ATTRIBUTE_PTR template, + CK_ULONG count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_FindObjectsInit (session, template, count); +} + +static CK_RV +base_C_FindObjects (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE_PTR object, + CK_ULONG max_object_count, + CK_ULONG_PTR object_count) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_FindObjects (session, object, max_object_count, object_count); +} + +static CK_RV +base_C_FindObjectsFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_FindObjectsFinal (session); +} + +static CK_RV +base_C_EncryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_EncryptInit (session, mechanism, key); +} + +static CK_RV +base_C_Encrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR encrypted_data, + CK_ULONG_PTR encrypted_data_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Encrypt (session, input, input_len, + encrypted_data, encrypted_data_len); +} + +static CK_RV +base_C_EncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_EncryptUpdate (session, part, part_len, + encrypted_part, encrypted_part_len); +} + +static CK_RV +base_C_EncryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_encrypted_part, + CK_ULONG_PTR last_encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_EncryptFinal (session, last_encrypted_part, + last_encrypted_part_len); +} + +static CK_RV +base_C_DecryptInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptInit (session, mechanism, key); +} + +static CK_RV +base_C_Decrypt (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_data, + CK_ULONG encrypted_data_len, + CK_BYTE_PTR output, + CK_ULONG_PTR output_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Decrypt (session, encrypted_data, encrypted_data_len, + output, output_len); +} + +static CK_RV +base_C_DecryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_part, + CK_ULONG encrypted_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptUpdate (session, encrypted_part, encrypted_part_len, + part, part_len); +} + +static CK_RV +base_C_DecryptFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR last_part, + CK_ULONG_PTR last_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptFinal (session, last_part, last_part_len); +} + +static CK_RV +base_C_DigestInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestInit (session, mechanism); +} + +static CK_RV +base_C_Digest (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Digest (session, input, input_len, digest, digest_len); +} + +static CK_RV +base_C_DigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestUpdate (session, part, part_len); +} + +static CK_RV +base_C_DigestKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestKey (session, key); +} + +static CK_RV +base_C_DigestFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR digest, + CK_ULONG_PTR digest_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestFinal (session, digest, digest_len); +} + +static CK_RV +base_C_SignInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignInit (session, mechanism, key); +} + +static CK_RV +base_C_Sign (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Sign (session, input, input_len, + signature, signature_len); +} + +static CK_RV +base_C_SignUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignUpdate (session, part, part_len); +} + +static CK_RV +base_C_SignFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignFinal (session, signature, signature_len); +} + +static CK_RV +base_C_SignRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignRecoverInit (session, mechanism, key); +} + +static CK_RV +base_C_SignRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG_PTR signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignRecover (session, input, input_len, + signature, signature_len); +} + +static CK_RV +base_C_VerifyInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyInit (session, mechanism, key); +} + +static CK_RV +base_C_Verify (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR input, + CK_ULONG input_len, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_Verify (session, input, input_len, + signature, signature_len); +} + +static CK_RV +base_C_VerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyUpdate (session, part, part_len); +} + +static CK_RV +base_C_VerifyFinal (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyFinal (session, signature, signature_len); +} + +static CK_RV +base_C_VerifyRecoverInit (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyRecoverInit (session, mechanism, key); +} + +static CK_RV +base_C_VerifyRecover (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR signature, + CK_ULONG signature_len, + CK_BYTE_PTR input, + CK_ULONG_PTR input_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_VerifyRecover (session, signature, signature_len, + input, input_len); +} + +static CK_RV +base_C_DigestEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DigestEncryptUpdate (session, part, part_len, + encrypted_part, encrypted_part_len); +} + +static CK_RV +base_C_DecryptDigestUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_part, + CK_ULONG encrypted_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptDigestUpdate (session, encrypted_part, encrypted_part_len, + part, part_len); +} + +static CK_RV +base_C_SignEncryptUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR part, + CK_ULONG part_len, + CK_BYTE_PTR encrypted_part, + CK_ULONG_PTR encrypted_part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SignEncryptUpdate (session, part, part_len, + encrypted_part, encrypted_part_len); +} + +static CK_RV +base_C_DecryptVerifyUpdate (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR encrypted_part, + CK_ULONG encrypted_part_len, + CK_BYTE_PTR part, + CK_ULONG_PTR part_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DecryptVerifyUpdate (session, encrypted_part, encrypted_part_len, + part, part_len); +} + +static CK_RV +base_C_GenerateKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GenerateKey (session, mechanism, template, count, key); +} + +static CK_RV +base_C_GenerateKeyPair (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_ATTRIBUTE_PTR public_key_template, + CK_ULONG public_key_count, + CK_ATTRIBUTE_PTR private_key_template, + CK_ULONG private_key_count, + CK_OBJECT_HANDLE_PTR public_key, + CK_OBJECT_HANDLE_PTR private_key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GenerateKeyPair (session, mechanism, public_key_template, + public_key_count, private_key_template, + private_key_count, public_key, private_key); +} + +static CK_RV +base_C_WrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE wrapping_key, + CK_OBJECT_HANDLE key, + CK_BYTE_PTR wrapped_key, + CK_ULONG_PTR wrapped_key_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_WrapKey (session, mechanism, wrapping_key, key, + wrapped_key, wrapped_key_len); +} + +static CK_RV +base_C_UnwrapKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE unwrapping_key, + CK_BYTE_PTR wrapped_key, + CK_ULONG wrapped_key_len, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_UnwrapKey (session, mechanism, unwrapping_key, wrapped_key, + wrapped_key_len, template, count, key); +} + +static CK_RV +base_C_DeriveKey (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_MECHANISM_PTR mechanism, + CK_OBJECT_HANDLE base_key, + CK_ATTRIBUTE_PTR template, + CK_ULONG count, + CK_OBJECT_HANDLE_PTR key) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_DeriveKey (session, mechanism, base_key, template, count, key); +} + +static CK_RV +base_C_SeedRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR seed, + CK_ULONG seed_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_SeedRandom (session, seed, seed_len); +} + +static CK_RV +base_C_GenerateRandom (CK_X_FUNCTION_LIST *self, + CK_SESSION_HANDLE session, + CK_BYTE_PTR random_data, + CK_ULONG random_len) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_GenerateRandom (session, random_data, random_len); +} + +static CK_RV +base_C_WaitForSlotEvent (CK_X_FUNCTION_LIST *self, + CK_FLAGS flags, + CK_SLOT_ID_PTR slot_id, + CK_VOID_PTR reserved) +{ + p11_virtual *virt = (p11_virtual *)self; + CK_FUNCTION_LIST *funcs = virt->lower_module; + return funcs->C_WaitForSlotEvent (flags, slot_id, reserved); +} + +void +p11_virtual_init (p11_virtual *virt, + CK_X_FUNCTION_LIST *funcs, + void *lower_module, + p11_destroyer lower_destroy) +{ + memcpy (virt, funcs, sizeof (CK_X_FUNCTION_LIST)); + virt->lower_module = lower_module; + virt->lower_destroy = lower_destroy; +} + +void +p11_virtual_uninit (p11_virtual *virt) +{ + if (virt->lower_destroy) + (virt->lower_destroy) (virt->lower_module); +} + +#ifdef WITH_FFI + +typedef struct { + const char *name; + void *binding_function; + void *stack_fallback; + size_t virtual_offset; + void *base_fallback; + size_t module_offset; + ffi_type *types[MAX_ARGS]; +} FunctionInfo; + +#define STRUCT_OFFSET(struct_type, member) \ + ((size_t) ((unsigned char *) &((struct_type *) 0)->member)) +#define STRUCT_MEMBER_P(struct_p, struct_offset) \ + ((void *) ((unsigned char *) (struct_p) + (long) (struct_offset))) +#define STRUCT_MEMBER(member_type, struct_p, struct_offset) \ + (*(member_type*) STRUCT_MEMBER_P ((struct_p), (struct_offset))) + +#define FUNCTION(name) \ + #name, binding_C_##name, \ + stack_C_##name, STRUCT_OFFSET (CK_X_FUNCTION_LIST, C_##name), \ + base_C_##name, STRUCT_OFFSET (CK_FUNCTION_LIST, C_##name) + +static const FunctionInfo function_info[] = { + { FUNCTION (Initialize), { &ffi_type_pointer, NULL } }, + { FUNCTION (Finalize), { &ffi_type_pointer, NULL } }, + { FUNCTION (GetInfo), { &ffi_type_pointer, NULL } }, + { FUNCTION (GetSlotList), { &ffi_type_uchar, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (GetSlotInfo), { &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (GetTokenInfo), { &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (WaitForSlotEvent), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (GetMechanismList), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (GetMechanismInfo), { &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (InitToken), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (InitPIN), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (SetPIN), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (OpenSession), { &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (CloseSession), { &ffi_type_ulong, NULL } }, + { FUNCTION (CloseAllSessions), { &ffi_type_ulong, NULL } }, + { FUNCTION (GetSessionInfo), { &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (GetOperationState), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (SetOperationState), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_ulong, &ffi_type_ulong, NULL } }, + { FUNCTION (Login), { &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (Logout), { &ffi_type_ulong, NULL } }, + { FUNCTION (CreateObject), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (CopyObject), { &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (DestroyObject), { &ffi_type_ulong, &ffi_type_ulong, NULL } }, + { FUNCTION (GetObjectSize), { &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (GetAttributeValue), { &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (SetAttributeValue), { &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (FindObjectsInit), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (FindObjects), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (FindObjectsFinal), { &ffi_type_ulong, NULL } }, + { FUNCTION (EncryptInit), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (Encrypt), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (EncryptUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (EncryptFinal), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DecryptInit), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (Decrypt), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DecryptUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DecryptFinal), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DigestInit), { &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (Digest), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DigestUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (DigestKey), { &ffi_type_ulong, &ffi_type_ulong, NULL } }, + { FUNCTION (DigestFinal), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (SignInit), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (Sign), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (SignUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (SignFinal), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (SignRecoverInit), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (SignRecover), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (VerifyInit), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (Verify), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (VerifyUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (VerifyFinal), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (VerifyRecoverInit), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (VerifyRecover), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DigestEncryptUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DecryptDigestUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (SignEncryptUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (DecryptVerifyUpdate), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (GenerateKey), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (GenerateKeyPair), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (WrapKey), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_pointer, NULL } }, + { FUNCTION (UnwrapKey), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (DeriveKey), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, &ffi_type_pointer, NULL } }, + { FUNCTION (SeedRandom), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { FUNCTION (GenerateRandom), { &ffi_type_ulong, &ffi_type_pointer, &ffi_type_ulong, NULL } }, + { 0, } +}; + +static bool +lookup_fall_through (p11_virtual *virt, + const FunctionInfo *info, + void **bound_func) +{ + void *func; + + /* + * So the basic concept here is if we have only fall-through functions + * all the way down the stack, then we can just get the actual module + * function, so that calls go right through. + */ + + func = STRUCT_MEMBER (void *, virt, info->virtual_offset); + + /* + * This is a fall-through function and the stack goes down further, so + * ask the next level down for the + */ + if (func == info->stack_fallback) { + return lookup_fall_through (virt->lower_module, info, bound_func); + + /* + * This is a fall-through function at the bottom level of the stack + * so return the function from the module. + */ + } else if (func == info->base_fallback) { + *bound_func = STRUCT_MEMBER (void *, virt->lower_module, info->module_offset); + return true; + } + + return false; +} + +static bool +bind_ffi_closure (Wrapper *wrapper, + void *binding_data, + void *binding_func, + ffi_type **args, + void **bound_func) +{ + ffi_closure *clo; + ffi_cif *cif; + int nargs = 0; + int i = 0; + int ret; + + assert (wrapper->ffi_used < MAX_FUNCTIONS); + cif = wrapper->ffi_cifs + wrapper->ffi_used; + + /* The number of arguments */ + for (i = 0, nargs = 0; args[i] != NULL; i++) + nargs++; + + assert (nargs <= MAX_ARGS); + + /* + * The failures here are unexpected conditions. There's a chance they + * might occur on other esoteric platforms, so we take a little + * extra care to print relevant debugging info, and return a status, + * so that we can get back useful debug info on platforms that we + * don't have access to. + */ + + ret = ffi_prep_cif (cif, FFI_DEFAULT_ABI, nargs, &ffi_type_ulong, args); + if (ret != FFI_OK) { + p11_debug_precond ("ffi_prep_cif failed: %d\n", ret); + return false; + } + + clo = ffi_closure_alloc (sizeof (ffi_closure), bound_func); + if (clo == NULL) { + p11_debug_precond ("ffi_closure_alloc failed\n"); + return false; + } + + ret = ffi_prep_closure_loc (clo, cif, binding_func, binding_data, *bound_func); + if (ret != FFI_OK) { + p11_debug_precond ("ffi_prep_closure_loc failed: %d\n", ret); + return false; + } + + wrapper->ffi_closures[wrapper->ffi_used] = clo; + wrapper->ffi_used++; + return true; +} + +static bool +init_wrapper_funcs (Wrapper *wrapper) +{ + static const ffi_type *get_function_list_args[] = { &ffi_type_pointer, NULL }; + const FunctionInfo *info; + CK_X_FUNCTION_LIST *over; + void **bound; + int i; + + /* Pointer to where our calls go */ + over = &wrapper->virt->funcs; + + for (i = 0; function_info[i].name != NULL; i++) { + info = function_info + i; + + /* Address to where we're placing the bound function */ + bound = &STRUCT_MEMBER (void *, &wrapper->bound, info->module_offset); + + /* + * See if we can just shoot straight through to the module function + * without wrapping at all. If all the stacked virtual modules just + * fall through, then this returns the original module function. + */ + if (!lookup_fall_through (wrapper->virt, info, bound)) { + if (!bind_ffi_closure (wrapper, over, + info->binding_function, + (ffi_type **)info->types, bound)) + return_val_if_reached (false); + } + } + + /* Always bind the C_GetFunctionList function itself */ + if (!bind_ffi_closure (wrapper, wrapper, + binding_C_GetFunctionList, + (ffi_type **)get_function_list_args, + (void **)&wrapper->bound.C_GetFunctionList)) + return_val_if_reached (false); + + /* + * These functions are used as a marker to indicate whether this is + * one of our CK_FUNCTION_LIST_PTR sets of functions or not. These + * functions are defined to always have the same standard implementation + * in PKCS#11 2.x so we don't need to call through to the base for + * these guys. + */ + wrapper->bound.C_CancelFunction = short_C_CancelFunction; + wrapper->bound.C_GetFunctionStatus = short_C_GetFunctionStatus; + + return true; +} + +static void +uninit_wrapper_funcs (Wrapper *wrapper) +{ + int i; + + for (i = 0; i < wrapper->ffi_used; i++) + ffi_closure_free (wrapper->ffi_closures[i]); +} + +CK_FUNCTION_LIST * +p11_virtual_wrap (p11_virtual *virt, + p11_destroyer destroyer) +{ + Wrapper *wrapper; + + return_val_if_fail (virt != NULL, NULL); + + wrapper = calloc (1, sizeof (Wrapper)); + return_val_if_fail (wrapper != NULL, NULL); + + wrapper->virt = virt; + wrapper->destroyer = destroyer; + wrapper->bound.version.major = CRYPTOKI_VERSION_MAJOR; + wrapper->bound.version.minor = CRYPTOKI_VERSION_MINOR; + + if (!init_wrapper_funcs (wrapper)) + return_val_if_reached (NULL); + + assert ((void *)wrapper == (void *)&wrapper->bound); + assert (p11_virtual_is_wrapper (&wrapper->bound)); + assert (wrapper->bound.C_GetFunctionList != NULL); + return &wrapper->bound; +} + +bool +p11_virtual_can_wrap (void) +{ + return TRUE; +} + +bool +p11_virtual_is_wrapper (CK_FUNCTION_LIST_PTR module) +{ + /* + * We use these functions as a marker to indicate whether this is + * one of our CK_FUNCTION_LIST_PTR sets of functions or not. These + * functions are defined to always have the same standard implementation + * in PKCS#11 2.x so we don't need to call through to the base for + * these guys. + */ + return (module->C_GetFunctionStatus == short_C_GetFunctionStatus && + module->C_CancelFunction == short_C_CancelFunction); +} + +void +p11_virtual_unwrap (CK_FUNCTION_LIST_PTR module) +{ + Wrapper *wrapper; + + return_if_fail (p11_virtual_is_wrapper (module)); + + /* The bound CK_FUNCTION_LIST_PTR sits at the front of Context */ + wrapper = (Wrapper *)module; + + /* + * Make sure that the CK_FUNCTION_LIST_PTR is invalid, and that + * p11_virtual_is_wrapper() recognizes this. This is in case the + * destroyer callback tries to do something fancy. + */ + memset (&wrapper->bound, 0xFEEEFEEE, sizeof (wrapper->bound)); + + if (wrapper->destroyer) + (wrapper->destroyer) (wrapper->virt); + + uninit_wrapper_funcs (wrapper); + free (wrapper); +} + +#else /* !WITH_FFI */ + +CK_FUNCTION_LIST * +p11_virtual_wrap (p11_virtual *virt, + p11_destroyer destroyer) +{ + assert_not_reached (); +} + +bool +p11_virtual_can_wrap (void) +{ + return FALSE; +} + +bool +p11_virtual_is_wrapper (CK_FUNCTION_LIST_PTR module) +{ + return FALSE; +} + +void +p11_virtual_unwrap (CK_FUNCTION_LIST_PTR module) +{ + assert_not_reached (); +} + +#endif /* !WITH_FFI */ + +CK_X_FUNCTION_LIST p11_virtual_stack = { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, /* version */ + stack_C_Initialize, + stack_C_Finalize, + stack_C_GetInfo, + stack_C_GetSlotList, + stack_C_GetSlotInfo, + stack_C_GetTokenInfo, + stack_C_GetMechanismList, + stack_C_GetMechanismInfo, + stack_C_InitToken, + stack_C_InitPIN, + stack_C_SetPIN, + stack_C_OpenSession, + stack_C_CloseSession, + stack_C_CloseAllSessions, + stack_C_GetSessionInfo, + stack_C_GetOperationState, + stack_C_SetOperationState, + stack_C_Login, + stack_C_Logout, + stack_C_CreateObject, + stack_C_CopyObject, + stack_C_DestroyObject, + stack_C_GetObjectSize, + stack_C_GetAttributeValue, + stack_C_SetAttributeValue, + stack_C_FindObjectsInit, + stack_C_FindObjects, + stack_C_FindObjectsFinal, + stack_C_EncryptInit, + stack_C_Encrypt, + stack_C_EncryptUpdate, + stack_C_EncryptFinal, + stack_C_DecryptInit, + stack_C_Decrypt, + stack_C_DecryptUpdate, + stack_C_DecryptFinal, + stack_C_DigestInit, + stack_C_Digest, + stack_C_DigestUpdate, + stack_C_DigestKey, + stack_C_DigestFinal, + stack_C_SignInit, + stack_C_Sign, + stack_C_SignUpdate, + stack_C_SignFinal, + stack_C_SignRecoverInit, + stack_C_SignRecover, + stack_C_VerifyInit, + stack_C_Verify, + stack_C_VerifyUpdate, + stack_C_VerifyFinal, + stack_C_VerifyRecoverInit, + stack_C_VerifyRecover, + stack_C_DigestEncryptUpdate, + stack_C_DecryptDigestUpdate, + stack_C_SignEncryptUpdate, + stack_C_DecryptVerifyUpdate, + stack_C_GenerateKey, + stack_C_GenerateKeyPair, + stack_C_WrapKey, + stack_C_UnwrapKey, + stack_C_DeriveKey, + stack_C_SeedRandom, + stack_C_GenerateRandom, + stack_C_WaitForSlotEvent +}; + +CK_X_FUNCTION_LIST p11_virtual_base = { + { CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR }, /* version */ + base_C_Initialize, + base_C_Finalize, + base_C_GetInfo, + base_C_GetSlotList, + base_C_GetSlotInfo, + base_C_GetTokenInfo, + base_C_GetMechanismList, + base_C_GetMechanismInfo, + base_C_InitToken, + base_C_InitPIN, + base_C_SetPIN, + base_C_OpenSession, + base_C_CloseSession, + base_C_CloseAllSessions, + base_C_GetSessionInfo, + base_C_GetOperationState, + base_C_SetOperationState, + base_C_Login, + base_C_Logout, + base_C_CreateObject, + base_C_CopyObject, + base_C_DestroyObject, + base_C_GetObjectSize, + base_C_GetAttributeValue, + base_C_SetAttributeValue, + base_C_FindObjectsInit, + base_C_FindObjects, + base_C_FindObjectsFinal, + base_C_EncryptInit, + base_C_Encrypt, + base_C_EncryptUpdate, + base_C_EncryptFinal, + base_C_DecryptInit, + base_C_Decrypt, + base_C_DecryptUpdate, + base_C_DecryptFinal, + base_C_DigestInit, + base_C_Digest, + base_C_DigestUpdate, + base_C_DigestKey, + base_C_DigestFinal, + base_C_SignInit, + base_C_Sign, + base_C_SignUpdate, + base_C_SignFinal, + base_C_SignRecoverInit, + base_C_SignRecover, + base_C_VerifyInit, + base_C_Verify, + base_C_VerifyUpdate, + base_C_VerifyFinal, + base_C_VerifyRecoverInit, + base_C_VerifyRecover, + base_C_DigestEncryptUpdate, + base_C_DecryptDigestUpdate, + base_C_SignEncryptUpdate, + base_C_DecryptVerifyUpdate, + base_C_GenerateKey, + base_C_GenerateKeyPair, + base_C_WrapKey, + base_C_UnwrapKey, + base_C_DeriveKey, + base_C_SeedRandom, + base_C_GenerateRandom, + base_C_WaitForSlotEvent +}; diff --git a/p11-kit/virtual.h b/p11-kit/virtual.h new file mode 100644 index 0000000..f1fb676 --- /dev/null +++ b/p11-kit/virtual.h @@ -0,0 +1,68 @@ +/* + * Copyright (c) 2013 Red Hat, Inc + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above + * copyright notice, this list of conditions and the + * following disclaimer. + * * Redistributions in binary form must reproduce the + * above copyright notice, this list of conditions and + * the following disclaimer in the documentation and/or + * other materials provided with the distribution. + * * The names of contributors to this software may not be + * used to endorse or promote products derived from this + * software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, + * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS + * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED + * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF + * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Author: Stef Walter <stefw@redhat.com> + */ + +#ifndef __P11_VIRTUAL_H__ +#define __P11_VIRTUAL_H__ + +#include "pkcs11.h" +#include "pkcs11x.h" +#include "array.h" + +typedef struct { + CK_X_FUNCTION_LIST funcs; + void *lower_module; + p11_destroyer lower_destroy; +} p11_virtual; + +CK_X_FUNCTION_LIST p11_virtual_base; + +CK_X_FUNCTION_LIST p11_virtual_stack; + +void p11_virtual_init (p11_virtual *virt, + CK_X_FUNCTION_LIST *funcs, + void *lower_module, + p11_destroyer lower_destroy); + +void p11_virtual_uninit (p11_virtual *virt); + +bool p11_virtual_can_wrap (void); + +CK_FUNCTION_LIST * p11_virtual_wrap (p11_virtual *virt, + p11_destroyer destroyer); + +bool p11_virtual_is_wrapper (CK_FUNCTION_LIST *module); + +void p11_virtual_unwrap (CK_FUNCTION_LIST *module); + +#endif /* __P11_VIRTUAL_H__ */ diff --git a/tools/Makefile.am b/tools/Makefile.am index 5e48149..deda642 100644 --- a/tools/Makefile.am +++ b/tools/Makefile.am @@ -5,7 +5,7 @@ SUBDIRS = . tests COMMON = $(top_srcdir)/common -INCLUDES = \ +AM_CPPFLAGS = \ -I$(top_srcdir) \ -I$(top_srcdir)/common \ -I$(top_srcdir)/p11-kit \ diff --git a/tools/extract-openssl.c b/tools/extract-openssl.c index 2b8005a..91a9965 100644 --- a/tools/extract-openssl.c +++ b/tools/extract-openssl.c @@ -313,33 +313,34 @@ p11_extract_openssl_bundle (P11KitIter *iter, p11_extract_info *ex) { p11_save_file *file; + p11_buffer output; p11_buffer buf; char *comment; bool ret = true; - size_t length; bool first; CK_RV rv; - char *pem; file = p11_save_open_file (ex->destination, ex->flags); if (!file) return false; first = true; + p11_buffer_init (&output, 0); while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { p11_buffer_init (&buf, 1024); + if (!p11_buffer_reset (&output, 2048)) + return_val_if_reached (false); if (prepare_pem_contents (ex, &buf)) { - pem = p11_pem_write (buf.data, buf.len, "TRUSTED CERTIFICATE", &length); - return_val_if_fail (pem != NULL, false); + if (!p11_pem_write (buf.data, buf.len, "TRUSTED CERTIFICATE", &output)) + return_val_if_reached (false); comment = p11_extract_info_comment (ex, first); first = false; ret = p11_save_write (file, comment, -1) && - p11_save_write (file, pem, length); + p11_save_write (file, output.data, output.len); - free (pem); free (comment); } @@ -349,6 +350,8 @@ p11_extract_openssl_bundle (P11KitIter *iter, break; } + p11_buffer_uninit (&output); + if (rv != CKR_OK && rv != CKR_CANCEL) { p11_message ("failed to find certificates: %s", p11_kit_strerror (rv)); ret = false; @@ -584,11 +587,10 @@ p11_extract_openssl_directory (P11KitIter *iter, const char *filename; p11_save_file *file; p11_save_dir *dir; + p11_buffer output; p11_buffer buf; bool ret = true; char *name; - size_t length; - char *pem; CK_RV rv; #ifdef OS_UNIX @@ -600,14 +602,17 @@ p11_extract_openssl_directory (P11KitIter *iter, return false; p11_buffer_init (&buf, 0); + p11_buffer_init (&output, 0); while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { if (!p11_buffer_reset (&buf, 1024)) return_val_if_reached (false); + if (!p11_buffer_reset (&output, 2048)) + return_val_if_reached (false); if (prepare_pem_contents (ex, &buf)) { - pem = p11_pem_write (buf.data, buf.len, "TRUSTED CERTIFICATE", &length); - return_val_if_fail (pem != NULL, false); + if (!p11_pem_write (buf.data, buf.len, "TRUSTED CERTIFICATE", &output)) + return_val_if_reached (false); name = p11_extract_info_filename (ex); return_val_if_fail (name != NULL, false); @@ -645,12 +650,11 @@ p11_extract_openssl_directory (P11KitIter *iter, #endif /* OS_UNIX */ if (ret) - ret = p11_save_write_and_finish (file, pem, length); + ret = p11_save_write_and_finish (file, output.data, output.len); else p11_save_finish_file (file, false); free (name); - free (pem); } if (!ret) @@ -658,6 +662,7 @@ p11_extract_openssl_directory (P11KitIter *iter, } p11_buffer_uninit (&buf); + p11_buffer_uninit (&output); if (rv != CKR_OK && rv != CKR_CANCEL) { p11_message ("failed to find certificates: %s", p11_kit_strerror (rv)); diff --git a/tools/extract-pem.c b/tools/extract-pem.c index a1a0865..0bae3cb 100644 --- a/tools/extract-pem.c +++ b/tools/extract-pem.c @@ -50,34 +50,38 @@ p11_extract_pem_bundle (P11KitIter *iter, p11_extract_info *ex) { char *comment; + p11_buffer buf; p11_save_file *file; bool ret = true; bool first = true; - size_t length; CK_RV rv; - char *pem; file = p11_save_open_file (ex->destination, ex->flags); if (!file) return false; + p11_buffer_init (&buf, 0); while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - pem = p11_pem_write (ex->cert_der, ex->cert_len, "CERTIFICATE", &length); - return_val_if_fail (pem != NULL, false); + if (!p11_buffer_reset (&buf, 2048)) + return_val_if_reached (false); + + if (!p11_pem_write (ex->cert_der, ex->cert_len, "CERTIFICATE", &buf)) + return_val_if_reached (false); comment = p11_extract_info_comment (ex, first); first = false; ret = p11_save_write (file, comment, -1) && - p11_save_write (file, pem, length); + p11_save_write (file, buf.data, buf.len); free (comment); - free (pem); if (!ret) break; } + p11_buffer_uninit (&buf); + if (rv != CKR_OK && rv != CKR_CANCEL) { p11_message ("failed to find certificates: %s", p11_kit_strerror (rv)); ret = false; @@ -98,19 +102,22 @@ p11_extract_pem_directory (P11KitIter *iter, { p11_save_file *file; p11_save_dir *dir; + p11_buffer buf; bool ret = true; char *filename; - size_t length; - char *pem; CK_RV rv; dir = p11_save_open_directory (ex->destination, ex->flags); if (dir == NULL) return false; + p11_buffer_init (&buf, 0); while ((rv = p11_kit_iter_next (iter)) == CKR_OK) { - pem = p11_pem_write (ex->cert_der, ex->cert_len, "CERTIFICATE", &length); - return_val_if_fail (pem != NULL, false); + if (!p11_buffer_reset (&buf, 2048)) + return_val_if_reached (false); + + if (!p11_pem_write (ex->cert_der, ex->cert_len, "CERTIFICATE", &buf)) + return_val_if_reached (false); filename = p11_extract_info_filename (ex); return_val_if_fail (filename != NULL, false); @@ -118,13 +125,14 @@ p11_extract_pem_directory (P11KitIter *iter, file = p11_save_open_file_in (dir, filename, ".pem", NULL); free (filename); - ret = p11_save_write_and_finish (file, pem, length); - free (pem); + ret = p11_save_write_and_finish (file, buf.data, buf.len); if (!ret) break; } + p11_buffer_uninit (&buf); + if (rv != CKR_OK && rv != CKR_CANCEL) { p11_message ("failed to find certificates: %s", p11_kit_strerror (rv)); ret = false; diff --git a/tools/extract.c b/tools/extract.c index cd0f369..3d1fee7 100644 --- a/tools/extract.c +++ b/tools/extract.c @@ -231,7 +231,7 @@ limit_modules_if_necessary (CK_FUNCTION_LIST_PTR *modules, /* TODO: This logic will move once we merge our p11-kit managed code */ for (i = 0, out = 0; modules[i] != NULL; i++) { - string = p11_kit_registered_option (modules[i], "trust-policy"); + string = p11_kit_config_option (modules[i], "trust-policy"); if (string && strcmp (string, "yes") == 0) modules[out++] = modules[i]; else if (string && strcmp (string, "no") != 0) @@ -305,7 +305,6 @@ p11_tool_extract (int argc, CK_ATTRIBUTE *match; P11KitUri *uri; int opt = 0; - CK_RV rv; int ret; enum { @@ -435,13 +434,10 @@ p11_tool_extract (int argc, if (uri && p11_kit_uri_any_unrecognized (uri)) p11_message ("uri contained unrecognized components, nothing will be extracted"); - rv = p11_kit_initialize_registered (); - if (rv != CKR_OK) { - p11_message ("couldn't initialize registered modules: %s", p11_kit_strerror (rv)); + modules = p11_kit_modules_load_and_initialize (0); + if (!modules) return 1; - } - modules = p11_kit_registered_modules (); limit_modules_if_necessary (modules, ex.flags); iter = p11_kit_iter_new (uri); @@ -456,8 +452,9 @@ p11_tool_extract (int argc, p11_extract_info_cleanup (&ex); p11_kit_iter_free (iter); p11_kit_uri_free (uri); - free (modules); - p11_kit_finalize_registered (); + p11_kit_modules_finalize (modules); + p11_kit_modules_release (modules); + return ret; } diff --git a/tools/list.c b/tools/list.c index da99940..fe028ae 100644 --- a/tools/list.c +++ b/tools/list.c @@ -203,20 +203,15 @@ print_modules (void) CK_FUNCTION_LIST_PTR *module_list; char *name; char *path; - CK_RV rv; int i; - rv = p11_kit_initialize_registered (); - if (rv != CKR_OK) { - p11_message ("couldn't initialize registered modules: %s", - p11_kit_strerror (rv)); + module_list = p11_kit_modules_load_and_initialize (0); + if (!module_list) return 1; - } - module_list = p11_kit_registered_modules (); for (i = 0; module_list[i]; i++) { - name = p11_kit_registered_module_to_name (module_list[i]); - path = p11_kit_registered_option (module_list[i], "module"); + name = p11_kit_module_get_name (module_list[i]); + path = p11_kit_config_option (module_list[i], "module"); printf ("%s: %s\n", name ? name : "(null)", @@ -226,9 +221,8 @@ print_modules (void) free (name); free (path); } - free (module_list); - p11_kit_finalize_registered (); + p11_kit_modules_finalize_and_release (module_list); return 0; } diff --git a/tools/tests/Makefile.am b/tools/tests/Makefile.am index f6609ec..9a5ab73 100644 --- a/tools/tests/Makefile.am +++ b/tools/tests/Makefile.am @@ -10,20 +10,20 @@ TOOLS = $(top_srcdir)/tools TEST_RUNNER = libtool --mode=execute -INCLUDES = \ +AM_CPPFLAGS = \ -I$(top_srcdir) \ -I$(top_srcdir)/p11-kit \ -I$(srcdir)/.. \ -I$(COMMON) \ -DP11_KIT_FUTURE_UNSTABLE_API \ $(LIBTASN1_CFLAGS) \ - $(CUTEST_CFLAGS) \ + $(TEST_CFLAGS) \ $(NULL) LDADD = \ $(top_builddir)/p11-kit/libp11-kit.la \ $(top_builddir)/common/libp11-data.la \ - $(top_builddir)/common/libp11-mock.la \ + $(top_builddir)/common/libp11-test.la \ $(top_builddir)/common/libp11-common.la \ $(builddir)/libtestcommon.la \ $(LIBTASN1_LIBS) \ @@ -35,7 +35,7 @@ noinst_LTLIBRARIES = \ libtestcommon.la libtestcommon_la_SOURCES = \ - test.c test.h + test-tools.c test-tools.h CHECK_PROGS = \ test-save \ diff --git a/tools/tests/test-extract.c b/tools/tests/test-extract.c index 74e3c9c..9712e81 100644 --- a/tools/tests/test-extract.c +++ b/tools/tests/test-extract.c @@ -32,8 +32,11 @@ * Author: Stef Walter <stefw@collabora.co.uk> */ +#define P11_KIT_DISABLE_DEPRECATED + #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-tools.h" #include "attrs.h" #include "compat.h" @@ -45,13 +48,12 @@ #include "pkcs11.h" #include "pkcs11x.h" #include "oid.h" -#include "test.h" #include <stdlib.h> #include <string.h> static void -test_file_name_for_label (CuTest *tc) +test_file_name_for_label (void) { CK_ATTRIBUTE label = { CKA_LABEL, "The Label!", 10 }; p11_extract_info ex; @@ -62,14 +64,14 @@ test_file_name_for_label (CuTest *tc) ex.attrs = p11_attrs_build (NULL, &label, NULL); name = p11_extract_info_filename (&ex); - CuAssertStrEquals (tc, "The_Label_", name); + assert_str_eq ("The_Label_", name); free (name); p11_extract_info_cleanup (&ex); } static void -test_file_name_for_class (CuTest *tc) +test_file_name_for_class (void) { p11_extract_info ex; char *name; @@ -79,20 +81,20 @@ test_file_name_for_class (CuTest *tc) ex.klass = CKO_CERTIFICATE; name = p11_extract_info_filename (&ex); - CuAssertStrEquals (tc, "certificate", name); + assert_str_eq ("certificate", name); free (name); ex.klass = CKO_DATA; name = p11_extract_info_filename (&ex); - CuAssertStrEquals (tc, "unknown", name); + assert_str_eq ("unknown", name); free (name); p11_extract_info_cleanup (&ex); } static void -test_comment_for_label (CuTest *tc) +test_comment_for_label (void) { CK_ATTRIBUTE label = { CKA_LABEL, "The Label!", 10 }; p11_extract_info ex; @@ -104,18 +106,18 @@ test_comment_for_label (CuTest *tc) ex.attrs = p11_attrs_build (NULL, &label, NULL); comment = p11_extract_info_comment (&ex, true); - CuAssertStrEquals (tc, "# The Label!\n", comment); + assert_str_eq ("# The Label!\n", comment); free (comment); comment = p11_extract_info_comment (&ex, false); - CuAssertStrEquals (tc, "\n# The Label!\n", comment); + assert_str_eq ("\n# The Label!\n", comment); free (comment); p11_extract_info_cleanup (&ex); } static void -test_comment_not_enabled (CuTest *tc) +test_comment_not_enabled (void) { CK_ATTRIBUTE label = { CKA_LABEL, "The Label!", 10 }; p11_extract_info ex; @@ -126,10 +128,10 @@ test_comment_not_enabled (CuTest *tc) ex.attrs = p11_attrs_build (NULL, &label, NULL); comment = p11_extract_info_comment (&ex, true); - CuAssertPtrEquals (tc, NULL, comment); + assert_ptr_eq (NULL, comment); comment = p11_extract_info_comment (&ex, false); - CuAssertPtrEquals (tc, NULL, comment); + assert_ptr_eq (NULL, comment); p11_extract_info_cleanup (&ex); } @@ -141,14 +143,15 @@ struct { } test; static void -setup (CuTest *tc) +setup (void *unused) { CK_RV rv; + mock_module_reset (); memcpy (&test.module, &mock_module, sizeof (CK_FUNCTION_LIST)); - rv = p11_kit_initialize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); + rv = test.module.C_Initialize (NULL); + assert_num_eq (CKR_OK, rv); test.iter = p11_kit_iter_new (NULL); @@ -156,7 +159,7 @@ setup (CuTest *tc) } static void -teardown (CuTest *tc) +teardown (void *unused) { CK_RV rv; @@ -164,8 +167,8 @@ teardown (CuTest *tc) p11_kit_iter_free (test.iter); - rv = p11_kit_finalize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); + rv = test.module.C_Finalize (NULL); + assert_num_eq (CKR_OK, rv); } static CK_OBJECT_CLASS certificate_class = CKO_CERTIFICATE; @@ -216,15 +219,13 @@ static CK_ATTRIBUTE extension_eku_invalid[] = { }; static void -test_info_simple_certificate (CuTest *tc) +test_info_simple_certificate (void) { void *value; size_t length; CK_RV rv; - setup (tc); - - CuAssertPtrNotNull (tc, test.ex.asn1_defs); + assert_ptr_not_null (test.ex.asn1_defs); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, extension_eku_server_client); @@ -234,55 +235,47 @@ test_info_simple_certificate (CuTest *tc) p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - CuAssertIntEquals (tc, CKO_CERTIFICATE, test.ex.klass); - CuAssertPtrNotNull (tc, test.ex.attrs); + assert_num_eq (CKO_CERTIFICATE, test.ex.klass); + assert_ptr_not_null (test.ex.attrs); value = p11_attrs_find_value (test.ex.attrs, CKA_VALUE, &length); - CuAssertPtrNotNull (tc, value); - CuAssertTrue (tc, memcmp (value, test_cacert3_ca_der, length) == 0); - CuAssertPtrNotNull (tc, test.ex.cert_der); - CuAssertTrue (tc, memcmp (test.ex.cert_der, test_cacert3_ca_der, test.ex.cert_len) == 0); - CuAssertPtrNotNull (tc, test.ex.cert_asn); + assert_ptr_not_null (value); + assert (memcmp (value, test_cacert3_ca_der, length) == 0); + assert_ptr_not_null (test.ex.cert_der); + assert (memcmp (test.ex.cert_der, test_cacert3_ca_der, test.ex.cert_len) == 0); + assert_ptr_not_null (test.ex.cert_asn); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); - - teardown (tc); + assert_num_eq (CKR_CANCEL, rv); } static void -test_info_limit_purposes (CuTest *tc) +test_info_limit_purposes (void) { CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, extension_eku_server_client); /* This should not match the above, with the stapled certificat ext */ - CuAssertPtrEquals (tc, NULL, test.ex.limit_to_purposes); + assert_ptr_eq (NULL, test.ex.limit_to_purposes); p11_extract_info_limit_purpose (&test.ex, "1.1.1"); - CuAssertPtrNotNull (tc, test.ex.limit_to_purposes); + assert_ptr_not_null (test.ex.limit_to_purposes); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); p11_kit_iter_add_filter (test.iter, certificate_filter, 1); p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); - - teardown (tc); + assert_num_eq (CKR_CANCEL, rv); } static void -test_info_invalid_purposes (CuTest *tc) +test_info_invalid_purposes (void) { CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, extension_eku_invalid); @@ -294,20 +287,16 @@ test_info_invalid_purposes (CuTest *tc) /* No results due to invalid purpose on certificate */ rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); + assert_num_eq (CKR_CANCEL, rv); p11_kit_be_loud (); - - teardown (tc); } static void -test_info_skip_non_certificate (CuTest *tc) +test_info_skip_non_certificate (void) { CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -316,25 +305,21 @@ test_info_skip_non_certificate (CuTest *tc) p11_message_quiet (); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - CuAssertIntEquals (tc, CKO_CERTIFICATE, test.ex.klass); + assert_num_eq (CKO_CERTIFICATE, test.ex.klass); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); + assert_num_eq (CKR_CANCEL, rv); p11_message_loud (); - - teardown (tc); } static void -test_limit_to_purpose_match (CuTest *tc) +test_limit_to_purpose_match (void) { CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, extension_eku_server_client); @@ -345,20 +330,16 @@ test_limit_to_purpose_match (CuTest *tc) p11_message_quiet (); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_message_loud (); - - teardown (tc); } static void -test_limit_to_purpose_no_match (CuTest *tc) +test_limit_to_purpose_no_match (void) { CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, extension_eku_server_client); @@ -369,21 +350,17 @@ test_limit_to_purpose_no_match (CuTest *tc) p11_message_quiet (); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); + assert_num_eq (CKR_CANCEL, rv); p11_message_loud (); - - teardown (tc); } static void -test_duplicate_extract (CuTest *tc) +test_duplicate_extract (void) { CK_ATTRIBUTE certificate = { CKA_CLASS, &certificate_class, sizeof (certificate_class) }; CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_distrusted); @@ -392,25 +369,21 @@ test_duplicate_extract (CuTest *tc) p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); - - teardown (tc); + assert_num_eq (CKR_CANCEL, rv); } static void -test_duplicate_collapse (CuTest *tc) +test_duplicate_collapse (void) { CK_ATTRIBUTE certificate = { CKA_CLASS, &certificate_class, sizeof (certificate_class) }; CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_distrusted); @@ -420,23 +393,19 @@ test_duplicate_collapse (CuTest *tc) p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); - - teardown (tc); + assert_num_eq (CKR_CANCEL, rv); } static void -test_trusted_match (CuTest *tc) +test_trusted_match (void) { CK_ATTRIBUTE certificate = { CKA_CLASS, &certificate_class, sizeof (certificate_class) }; CK_BBOOL boolv; CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_distrusted); @@ -446,27 +415,23 @@ test_trusted_match (CuTest *tc) p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); if (!p11_attrs_find_bool (test.ex.attrs, CKA_TRUSTED, &boolv)) boolv = CK_FALSE; - CuAssertIntEquals (tc, CK_TRUE, boolv); + assert_num_eq (CK_TRUE, boolv); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); - - teardown (tc); + assert_num_eq (CKR_CANCEL, rv); } static void -test_distrust_match (CuTest *tc) +test_distrust_match (void) { CK_ATTRIBUTE certificate = { CKA_CLASS, &certificate_class, sizeof (certificate_class) }; CK_BBOOL boolv; CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_distrusted); @@ -476,26 +441,22 @@ test_distrust_match (CuTest *tc) p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); if (!p11_attrs_find_bool (test.ex.attrs, CKA_X_DISTRUSTED, &boolv)) boolv = CK_FALSE; - CuAssertIntEquals (tc, CK_TRUE, boolv); + assert_num_eq (CK_TRUE, boolv); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); - - teardown (tc); + assert_num_eq (CKR_CANCEL, rv); } static void -test_anytrust_match (CuTest *tc) +test_anytrust_match (void) { CK_ATTRIBUTE certificate = { CKA_CLASS, &certificate_class, sizeof (certificate_class) }; CK_RV rv; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_trusted); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_distrusted); @@ -505,51 +466,38 @@ test_anytrust_match (CuTest *tc) p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_kit_iter_next (test.iter); - CuAssertIntEquals (tc, CKR_CANCEL, rv); - - teardown (tc); + assert_num_eq (CKR_CANCEL, rv); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); mock_module_init (); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_file_name_for_label); - SUITE_ADD_TEST (suite, test_file_name_for_class); - SUITE_ADD_TEST (suite, test_comment_for_label); - SUITE_ADD_TEST (suite, test_comment_not_enabled); - SUITE_ADD_TEST (suite, test_info_simple_certificate); - SUITE_ADD_TEST (suite, test_info_limit_purposes); - SUITE_ADD_TEST (suite, test_info_invalid_purposes); - SUITE_ADD_TEST (suite, test_info_skip_non_certificate); - SUITE_ADD_TEST (suite, test_limit_to_purpose_match); - SUITE_ADD_TEST (suite, test_limit_to_purpose_no_match); - SUITE_ADD_TEST (suite, test_duplicate_extract); - SUITE_ADD_TEST (suite, test_duplicate_collapse); - SUITE_ADD_TEST (suite, test_trusted_match); - SUITE_ADD_TEST (suite, test_distrust_match); - SUITE_ADD_TEST (suite, test_anytrust_match); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + + p11_test (test_file_name_for_label, "/extract/test_file_name_for_label"); + p11_test (test_file_name_for_class, "/extract/test_file_name_for_class"); + p11_test (test_comment_for_label, "/extract/test_comment_for_label"); + p11_test (test_comment_not_enabled, "/extract/test_comment_not_enabled"); + + p11_fixture (setup, teardown); + p11_test (test_info_simple_certificate, "/extract/test_info_simple_certificate"); + p11_test (test_info_limit_purposes, "/extract/test_info_limit_purposes"); + p11_test (test_info_invalid_purposes, "/extract/test_info_invalid_purposes"); + p11_test (test_info_skip_non_certificate, "/extract/test_info_skip_non_certificate"); + p11_test (test_limit_to_purpose_match, "/extract/test_limit_to_purpose_match"); + p11_test (test_limit_to_purpose_no_match, "/extract/test_limit_to_purpose_no_match"); + p11_test (test_duplicate_extract, "/extract/test_duplicate_extract"); + p11_test (test_duplicate_collapse, "/extract/test_duplicate_collapse"); + p11_test (test_trusted_match, "/extract/test_trusted_match"); + p11_test (test_distrust_match, "/extract/test_distrust_match"); + p11_test (test_anytrust_match, "/extract/test_anytrust_match"); + + return p11_test_run (argc, argv); } diff --git a/tools/tests/test-openssl.c b/tools/tests/test-openssl.c index 215e0da..d393072 100644 --- a/tools/tests/test-openssl.c +++ b/tools/tests/test-openssl.c @@ -32,8 +32,11 @@ * Author: Stef Walter <stefw@collabora.co.uk> */ +#define P11_KIT_DISABLE_DEPRECATED + #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-tools.h" #include "attrs.h" #include "buffer.h" @@ -47,9 +50,9 @@ #include "pkcs11.h" #include "pkcs11x.h" #include "oid.h" -#include "test.h" #include <assert.h> +#include <stdarg.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -65,15 +68,14 @@ struct { } test; static void -setup (CuTest *tc) +setup (void *unused) { CK_RV rv; + mock_module_reset (); memcpy (&test.module, &mock_module, sizeof (CK_FUNCTION_LIST)); - rv = p11_kit_initialize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); - - mock_module_reset_objects (MOCK_SLOT_ONE_ID); + rv = test.module.C_Initialize (NULL); + assert_num_eq (CKR_OK, rv); test.iter = p11_kit_iter_new (NULL); @@ -85,7 +87,7 @@ setup (CuTest *tc) } static void -teardown (CuTest *tc) +teardown (void *unused) { CK_RV rv; @@ -96,8 +98,8 @@ teardown (CuTest *tc) p11_extract_info_cleanup (&test.ex); p11_kit_iter_free (test.iter); - rv = p11_kit_finalize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); + rv = test.module.C_Finalize (NULL); + assert_num_eq (CKR_OK, rv); } static CK_OBJECT_CLASS certificate_class = CKO_CERTIFICATE; @@ -161,12 +163,10 @@ setup_objects (const CK_ATTRIBUTE *attrs, } static void -test_file (CuTest *tc) +test_file (void) { bool ret; - setup (tc); - setup_objects (cacert3_authority_attrs, extension_eku_server, extension_reject_email, @@ -180,21 +180,19 @@ test_file (CuTest *tc) assert_not_reached (); ret = p11_extract_openssl_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3-trusted-server-alias.pem"); free (test.ex.destination); - teardown (tc); } static void -test_plain (CuTest *tc) +test_plain (void) { bool ret; - setup (tc); setup_objects (cacert3_authority_attrs, NULL); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -205,17 +203,16 @@ test_plain (CuTest *tc) assert_not_reached (); ret = p11_extract_openssl_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3-trusted-alias.pem"); free (test.ex.destination); - teardown (tc); } static void -test_keyid (CuTest *tc) +test_keyid (void) { bool ret; @@ -237,7 +234,6 @@ test_keyid (CuTest *tc) { CKA_INVALID }, }; - setup (tc); setup_objects (cacert3_plain, extension_subject_key_identifier, NULL); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -248,17 +244,16 @@ test_keyid (CuTest *tc) assert_not_reached (); ret = p11_extract_openssl_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3-trusted-keyid.pem"); free (test.ex.destination); - teardown (tc); } static void -test_not_authority (CuTest *tc) +test_not_authority (void) { bool ret; @@ -270,7 +265,6 @@ test_not_authority (CuTest *tc) { CKA_INVALID }, }; - setup (tc); setup_objects (cacert3_not_trusted, NULL); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -281,17 +275,16 @@ test_not_authority (CuTest *tc) assert_not_reached (); ret = p11_extract_openssl_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3-not-trusted.pem"); free (test.ex.destination); - teardown (tc); } static void -test_distrust_all (CuTest *tc) +test_distrust_all (void) { bool ret; @@ -304,8 +297,6 @@ test_distrust_all (CuTest *tc) { CKA_INVALID }, }; - setup (tc); - setup_objects (cacert3_blacklist, NULL); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -316,22 +307,19 @@ test_distrust_all (CuTest *tc) assert_not_reached (); ret = p11_extract_openssl_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3-distrust-all.pem"); free (test.ex.destination); - teardown (tc); } static void -test_file_multiple (CuTest *tc) +test_file_multiple (void) { bool ret; - setup (tc); - setup_objects (cacert3_authority_attrs, extension_eku_server, extension_reject_email, @@ -348,22 +336,19 @@ test_file_multiple (CuTest *tc) assert_not_reached (); ret = p11_extract_openssl_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3-trusted-multiple.pem"); free (test.ex.destination); - teardown (tc); } static void -test_file_without (CuTest *tc) +test_file_without (void) { bool ret; - setup (tc); - p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); p11_kit_iter_add_filter (test.iter, certificate_filter, 1); p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); @@ -372,19 +357,18 @@ test_file_without (CuTest *tc) assert_not_reached (); ret = p11_extract_openssl_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_data (tc, test.directory, "extract.pem", "", 0); + test_check_data (test.directory, "extract.pem", "", 0); free (test.ex.destination); - teardown (tc); } /* From extract-openssl.c */ void p11_openssl_canon_string (char *str, size_t *len); static void -test_canon_string (CuTest *tc) +test_canon_string (void) { struct { char *input; @@ -417,8 +401,8 @@ test_canon_string (CuTest *tc) out = strlen (fixtures[i].output); else out = fixtures[i].output_len; - CuAssertIntEquals (tc, out, len); - CuAssertStrEquals (tc, fixtures[i].output, str); + assert_num_eq (out, len); + assert_str_eq (fixtures[i].output, str); free (str); } @@ -427,7 +411,7 @@ test_canon_string (CuTest *tc) bool p11_openssl_canon_string_der (p11_buffer *der); static void -test_canon_string_der (CuTest *tc) +test_canon_string_der (void) { struct { unsigned char input[100]; @@ -486,10 +470,10 @@ test_canon_string_der (CuTest *tc) fixtures[i].input_len, 0, realloc, free); ret = p11_openssl_canon_string_der (&buf); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - CuAssertIntEquals (tc, fixtures[i].output_len, buf.len); - CuAssertTrue (tc, memcmp (buf.data, fixtures[i].output, buf.len) == 0); + assert_num_eq (fixtures[i].output_len, buf.len); + assert (memcmp (buf.data, fixtures[i].output, buf.len) == 0); p11_buffer_uninit (&buf); } @@ -499,7 +483,7 @@ bool p11_openssl_canon_name_der (p11_dict *asn1_defs, p11_buffer *der); static void -test_canon_name_der (CuTest *tc) +test_canon_name_der (void) { struct { unsigned char input[100]; @@ -541,10 +525,10 @@ test_canon_name_der (CuTest *tc) fixtures[i].input_len, 0, realloc, free); ret = p11_openssl_canon_name_der (asn1_defs, &buf); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - CuAssertIntEquals (tc, fixtures[i].output_len, buf.len); - CuAssertTrue (tc, memcmp (buf.data, fixtures[i].output, buf.len) == 0); + assert_num_eq (fixtures[i].output_len, buf.len); + assert (memcmp (buf.data, fixtures[i].output, buf.len) == 0); p11_buffer_uninit (&buf); } @@ -553,7 +537,7 @@ test_canon_name_der (CuTest *tc) } static void -test_canon_string_der_fail (CuTest *tc) +test_canon_string_der_fail (void) { struct { unsigned char input[100]; @@ -573,19 +557,17 @@ test_canon_string_der_fail (CuTest *tc) fixtures[i].input_len, 0, realloc, free); ret = p11_openssl_canon_string_der (&buf); - CuAssertIntEquals (tc, false, ret); + assert_num_eq (false, ret); p11_buffer_uninit (&buf); } } static void -test_directory (CuTest *tc) +test_directory (void) { bool ret; - setup (tc); - setup_objects (cacert3_authority_attrs, extension_eku_server, extension_reject_email, @@ -604,33 +586,30 @@ test_directory (CuTest *tc) test.ex.destination = test.directory; ret = p11_extract_openssl_directory (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, test.directory, ("Custom_Label.pem", "Custom_Label.1.pem", + test_check_directory (test.directory, ("Custom_Label.pem", "Custom_Label.1.pem", #ifdef OS_UNIX "e5662767.1", "e5662767.0", "590d426f.1", "590d426f.0", #endif NULL)); - test_check_file (tc, test.directory, "Custom_Label.pem", + test_check_file (test.directory, "Custom_Label.pem", SRCDIR "/files/cacert3-trusted-server-alias.pem"); - test_check_file (tc, test.directory, "Custom_Label.1.pem", + test_check_file (test.directory, "Custom_Label.1.pem", SRCDIR "/files/cacert3-trusted-alias.pem"); #ifdef OS_UNIX - test_check_symlink (tc, test.directory, "e5662767.0", "Custom_Label.pem"); - test_check_symlink (tc, test.directory, "e5662767.1", "Custom_Label.1.pem"); - test_check_symlink (tc, test.directory, "590d426f.0", "Custom_Label.pem"); - test_check_symlink (tc, test.directory, "590d426f.1", "Custom_Label.1.pem"); + test_check_symlink (test.directory, "e5662767.0", "Custom_Label.pem"); + test_check_symlink (test.directory, "e5662767.1", "Custom_Label.1.pem"); + test_check_symlink (test.directory, "590d426f.0", "Custom_Label.pem"); + test_check_symlink (test.directory, "590d426f.1", "Custom_Label.1.pem"); #endif - teardown (tc); } static void -test_directory_empty (CuTest *tc) +test_directory_empty (void) { bool ret; - setup (tc); - p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); p11_kit_iter_add_filter (test.iter, certificate_filter, 1); p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); @@ -641,47 +620,35 @@ test_directory_empty (CuTest *tc) test.ex.destination = test.directory; ret = p11_extract_openssl_directory (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, test.directory, (NULL, NULL)); - - teardown (tc); + test_check_directory (test.directory, (NULL, NULL)); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); mock_module_init (); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_file); - SUITE_ADD_TEST (suite, test_plain); - SUITE_ADD_TEST (suite, test_keyid); - SUITE_ADD_TEST (suite, test_not_authority); - SUITE_ADD_TEST (suite, test_distrust_all); - SUITE_ADD_TEST (suite, test_file_multiple); - SUITE_ADD_TEST (suite, test_file_without); - - SUITE_ADD_TEST (suite, test_canon_string); - SUITE_ADD_TEST (suite, test_canon_string_der); - SUITE_ADD_TEST (suite, test_canon_string_der_fail); - SUITE_ADD_TEST (suite, test_canon_name_der); - - SUITE_ADD_TEST (suite, test_directory); - SUITE_ADD_TEST (suite, test_directory_empty); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + + p11_fixture (setup, teardown); + p11_test (test_file, "/openssl/test_file"); + p11_test (test_plain, "/openssl/test_plain"); + p11_test (test_keyid, "/openssl/test_keyid"); + p11_test (test_not_authority, "/openssl/test_not_authority"); + p11_test (test_distrust_all, "/openssl/test_distrust_all"); + p11_test (test_file_multiple, "/openssl/test_file_multiple"); + p11_test (test_file_without, "/openssl/test_file_without"); + + p11_fixture (NULL, NULL); + p11_test (test_canon_string, "/openssl/test_canon_string"); + p11_test (test_canon_string_der, "/openssl/test_canon_string_der"); + p11_test (test_canon_string_der_fail, "/openssl/test_canon_string_der_fail"); + p11_test (test_canon_name_der, "/openssl/test_canon_name_der"); + + p11_fixture (setup, teardown); + p11_test (test_directory, "/openssl/test_directory"); + p11_test (test_directory_empty, "/openssl/test_directory_empty"); + + return p11_test_run (argc, argv); } diff --git a/tools/tests/test-pem.c b/tools/tests/test-pem.c index dc1cb08..c74d0df 100644 --- a/tools/tests/test-pem.c +++ b/tools/tests/test-pem.c @@ -32,8 +32,11 @@ * Author: Stef Walter <stefw@collabora.co.uk> */ +#define P11_KIT_DISABLE_DEPRECATED + #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-tools.h" #include "attrs.h" #include "compat.h" @@ -46,7 +49,6 @@ #include "pkcs11.h" #include "pkcs11x.h" #include "oid.h" -#include "test.h" #include <assert.h> #include <stdio.h> @@ -62,15 +64,14 @@ struct { } test; static void -setup (CuTest *tc) +setup (void *unused) { CK_RV rv; + mock_module_reset (); memcpy (&test.module, &mock_module, sizeof (CK_FUNCTION_LIST)); - rv = p11_kit_initialize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); - - mock_module_reset_objects (MOCK_SLOT_ONE_ID); + rv = test.module.C_Initialize (NULL); + assert_num_eq (CKR_OK, rv); test.iter = p11_kit_iter_new (NULL); @@ -82,7 +83,7 @@ setup (CuTest *tc) } static void -teardown (CuTest *tc) +teardown (void *unused) { CK_RV rv; @@ -93,8 +94,8 @@ teardown (CuTest *tc) p11_extract_info_cleanup (&test.ex); p11_kit_iter_free (test.iter); - rv = p11_kit_finalize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); + rv = test.module.C_Finalize (NULL); + assert_num_eq (CKR_OK, rv); } static CK_OBJECT_CLASS certificate_class = CKO_CERTIFICATE; @@ -116,12 +117,10 @@ static CK_ATTRIBUTE certificate_filter[] = { }; static void -test_file (CuTest *tc) +test_file (void) { bool ret; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -132,21 +131,18 @@ test_file (CuTest *tc) assert_not_reached (); ret = p11_extract_pem_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", SRCDIR "/files/cacert3.pem"); + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3.pem"); free (test.ex.destination); - teardown (tc); } static void -test_file_multiple (CuTest *tc) +test_file_multiple (void) { bool ret; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); @@ -158,21 +154,18 @@ test_file_multiple (CuTest *tc) assert_not_reached (); ret = p11_extract_pem_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.pem", SRCDIR "/files/cacert3-twice.pem"); + test_check_file (test.directory, "extract.pem", SRCDIR "/files/cacert3-twice.pem"); free (test.ex.destination); - teardown (tc); } static void -test_file_without (CuTest *tc) +test_file_without (void) { bool ret; - setup (tc); - p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); p11_kit_iter_add_filter (test.iter, certificate_filter, 1); p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); @@ -181,21 +174,18 @@ test_file_without (CuTest *tc) assert_not_reached (); ret = p11_extract_pem_bundle (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_data (tc, test.directory, "extract.pem", "", 0); + test_check_data (test.directory, "extract.pem", "", 0); free (test.ex.destination); - teardown (tc); } static void -test_directory (CuTest *tc) +test_directory (void) { bool ret; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); @@ -209,22 +199,18 @@ test_directory (CuTest *tc) test.ex.destination = test.directory; ret = p11_extract_pem_directory (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); - - test_check_directory (tc, test.directory, ("Cacert3_Here.pem", "Cacert3_Here.1.pem", NULL)); - test_check_file (tc, test.directory, "Cacert3_Here.pem", SRCDIR "/files/cacert3.pem"); - test_check_file (tc, test.directory, "Cacert3_Here.1.pem", SRCDIR "/files/cacert3.pem"); + assert_num_eq (true, ret); - teardown (tc); + test_check_directory (test.directory, ("Cacert3_Here.pem", "Cacert3_Here.1.pem", NULL)); + test_check_file (test.directory, "Cacert3_Here.pem", SRCDIR "/files/cacert3.pem"); + test_check_file (test.directory, "Cacert3_Here.1.pem", SRCDIR "/files/cacert3.pem"); } static void -test_directory_empty (CuTest *tc) +test_directory_empty (void) { bool ret; - setup (tc); - p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); p11_kit_iter_add_filter (test.iter, certificate_filter, 1); p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); @@ -235,37 +221,22 @@ test_directory_empty (CuTest *tc) test.ex.destination = test.directory; ret = p11_extract_pem_directory (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, test.directory, (NULL, NULL)); - - teardown (tc); + test_check_directory (test.directory, (NULL, NULL)); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); mock_module_init (); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_file); - SUITE_ADD_TEST (suite, test_file_multiple); - SUITE_ADD_TEST (suite, test_file_without); - SUITE_ADD_TEST (suite, test_directory); - SUITE_ADD_TEST (suite, test_directory_empty); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + + p11_fixture (setup, teardown); + p11_test (test_file, "/pem/test_file"); + p11_test (test_file_multiple, "/pem/test_file_multiple"); + p11_test (test_file_without, "/pem/test_file_without"); + p11_test (test_directory, "/pem/test_directory"); + p11_test (test_directory_empty, "/pem/test_directory_empty"); + return p11_test_run (argc, argv); } diff --git a/tools/tests/test-save.c b/tools/tests/test-save.c index b739c21..93af4f9 100644 --- a/tools/tests/test-save.c +++ b/tools/tests/test-save.c @@ -33,7 +33,8 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-tools.h" #include "attrs.h" #include "compat.h" @@ -42,7 +43,6 @@ #include "message.h" #include "path.h" #include "save.h" -#include "test.h" #include <sys/stat.h> #include <sys/types.h> @@ -61,24 +61,23 @@ struct { } test; static void -setup (CuTest *tc) +setup (void *unused) { test.directory = p11_path_expand ("$TEMP/test-extract.XXXXXX"); if (!mkdtemp (test.directory)) - CuFail (tc, "mkdtemp() failed"); + assert_fail ("mkdtemp() failed", strerror (errno)); } static void -teardown (CuTest *tc) +teardown (void *unused) { if (rmdir (test.directory) < 0) - CuFail (tc, strerror (errno)); + assert_fail ("rmdir() failed", strerror (errno)); free (test.directory); } static void -write_zero_file (CuTest *tc, - const char *directory, +write_zero_file (const char *directory, const char *name) { char *filename; @@ -86,409 +85,365 @@ write_zero_file (CuTest *tc, int fd; if (asprintf (&filename, "%s/%s", directory, name) < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); fd = open (filename, O_WRONLY | O_CREAT, S_IRUSR | S_IWUSR); - CuAssertTrue (tc, fd != -1); + assert (fd != -1); res = close (fd); - CuAssertTrue (tc, res >= 0); + assert (res >= 0); free (filename); } static void -test_file_write (CuTest *tc) +test_file_write (void) { p11_save_file *file; char *filename; bool ret; - setup (tc); - if (asprintf (&filename, "%s/%s", test.directory, "extract-file") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); file = p11_save_open_file (filename, 0); - CuAssertPtrNotNull (tc, file); + assert_ptr_not_null (file); ret = p11_save_write_and_finish (file, test_cacert3_ca_der, sizeof (test_cacert3_ca_der)); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); free (filename); - test_check_file (tc, test.directory, "extract-file", SRCDIR "/files/cacert3.der"); - - teardown (tc); + test_check_file (test.directory, "extract-file", SRCDIR "/files/cacert3.der"); } static void -test_file_exists (CuTest *tc) +test_file_exists (void) { p11_save_file *file; char *filename; - setup (tc); - if (asprintf (&filename, "%s/%s", test.directory, "extract-file") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); - write_zero_file (tc, test.directory, "extract-file"); + write_zero_file (test.directory, "extract-file"); p11_message_quiet (); file = p11_save_open_file (filename, 0); - CuAssertTrue (tc, file == NULL); + assert (file == NULL); p11_message_loud (); unlink (filename); free (filename); - teardown (tc); } static void -test_file_bad_directory (CuTest *tc) +test_file_bad_directory (void) { p11_save_file *file; char *filename; - setup (tc); - if (asprintf (&filename, "/non-existent/%s/%s", test.directory, "extract-file") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); p11_message_quiet (); file = p11_save_open_file (filename, 0); - CuAssertTrue (tc, file == NULL); + assert (file == NULL); p11_message_loud (); free (filename); - teardown (tc); } static void -test_file_overwrite (CuTest *tc) +test_file_overwrite (void) { p11_save_file *file; char *filename; bool ret; - setup (tc); - if (asprintf (&filename, "%s/%s", test.directory, "extract-file") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); - write_zero_file (tc, test.directory, "extract-file"); + write_zero_file (test.directory, "extract-file"); file = p11_save_open_file (filename, P11_SAVE_OVERWRITE); - CuAssertPtrNotNull (tc, file); + assert_ptr_not_null (file); ret = p11_save_write_and_finish (file, test_cacert3_ca_der, sizeof (test_cacert3_ca_der)); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); free (filename); - test_check_file (tc, test.directory, "extract-file", SRCDIR "/files/cacert3.der"); - - teardown (tc); + test_check_file (test.directory, "extract-file", SRCDIR "/files/cacert3.der"); } static void -test_file_auto_empty (CuTest *tc) +test_file_auto_empty (void) { p11_save_file *file; char *filename; bool ret; - setup (tc); - if (asprintf (&filename, "%s/%s", test.directory, "extract-file") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); file = p11_save_open_file (filename, 0); - CuAssertPtrNotNull (tc, file); + assert_ptr_not_null (file); ret = p11_save_write_and_finish (file, NULL, -1); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); free (filename); - test_check_file (tc, test.directory, "extract-file", SRCDIR "/files/empty-file"); - - teardown (tc); + test_check_file (test.directory, "extract-file", SRCDIR "/files/empty-file"); } static void -test_file_auto_length (CuTest *tc) +test_file_auto_length (void) { p11_save_file *file; char *filename; bool ret; - setup (tc); - if (asprintf (&filename, "%s/%s", test.directory, "extract-file") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); file = p11_save_open_file (filename, 0); - CuAssertPtrNotNull (tc, file); + assert_ptr_not_null (file); ret = p11_save_write_and_finish (file, "The simple string is hairy", -1); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); free (filename); - test_check_file (tc, test.directory, "extract-file", SRCDIR "/files/simple-string"); - - teardown (tc); + test_check_file (test.directory, "extract-file", SRCDIR "/files/simple-string"); } static void -test_write_with_null (CuTest *tc) +test_write_with_null (void) { bool ret; ret = p11_save_write (NULL, "test", 4); - CuAssertIntEquals (tc, false, ret); + assert_num_eq (false, ret); } static void -test_write_and_finish_with_null (CuTest *tc) +test_write_and_finish_with_null (void) { bool ret; ret = p11_save_write_and_finish (NULL, "test", 4); - CuAssertIntEquals (tc, false, ret); + assert_num_eq (false, ret); } static void -test_file_abort (CuTest *tc) +test_file_abort (void) { struct stat st; p11_save_file *file; char *filename; bool ret; - setup (tc); - if (asprintf (&filename, "%s/%s", test.directory, "extract-file") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); file = p11_save_open_file (filename, 0); - CuAssertPtrNotNull (tc, file); + assert_ptr_not_null (file); ret = p11_save_finish_file (file, false); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); if (stat (filename, &st) >= 0 || errno != ENOENT) - CuFail (tc, "file should not exist"); + assert_fail ("file should not exist", filename); free (filename); - - teardown (tc); } static void -test_directory_empty (CuTest *tc) +test_directory_empty (void) { p11_save_dir *dir; char *subdir; bool ret; - setup (tc); - if (asprintf (&subdir, "%s/%s", test.directory, "extract-dir") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); dir = p11_save_open_directory (subdir, 0); - CuAssertPtrNotNull (tc, dir); + assert_ptr_not_null (dir); ret = p11_save_finish_directory (dir, true); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, subdir, (NULL, NULL)); + test_check_directory (subdir, (NULL, NULL)); - CuAssertTrue (tc, rmdir (subdir) >= 0); + assert (rmdir (subdir) >= 0); free (subdir); - - teardown (tc); } static void -test_directory_files (CuTest *tc) +test_directory_files (void) { const char *filename; p11_save_dir *dir; char *subdir; bool ret; - setup (tc); - if (asprintf (&subdir, "%s/%s", test.directory, "extract-dir") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); dir = p11_save_open_directory (subdir, 0); - CuAssertPtrNotNull (tc, dir); + assert_ptr_not_null (dir); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "blah", ".cer", &filename), test_cacert3_ca_der, sizeof (test_cacert3_ca_der)); - CuAssertIntEquals (tc, true, ret); - CuAssertStrEquals (tc, "blah.cer", filename); + assert_num_eq (true, ret); + assert_str_eq ("blah.cer", filename); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "file", ".txt", &filename), test_text, strlen (test_text)); - CuAssertIntEquals (tc, true, ret); - CuAssertStrEquals (tc, "file.txt", filename); + assert_num_eq (true, ret); + assert_str_eq ("file.txt", filename); #ifdef OS_UNIX ret = p11_save_symlink_in (dir, "link", ".ext", "/the/destination"); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); #endif ret = p11_save_finish_directory (dir, true); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, subdir, ("blah.cer", "file.txt", + test_check_directory (subdir, ("blah.cer", "file.txt", #ifdef OS_UNIX "link.ext", #endif NULL)); - test_check_file (tc, subdir, "blah.cer", SRCDIR "/files/cacert3.der"); - test_check_data (tc, subdir, "file.txt", test_text, strlen (test_text)); + test_check_file (subdir, "blah.cer", SRCDIR "/files/cacert3.der"); + test_check_data (subdir, "file.txt", test_text, strlen (test_text)); #ifdef OS_UNIX - test_check_symlink (tc, subdir, "link.ext", "/the/destination"); + test_check_symlink (subdir, "link.ext", "/the/destination"); #endif - CuAssertTrue (tc, rmdir (subdir) >= 0); + assert (rmdir (subdir) >= 0); free (subdir); - - teardown (tc); } static void -test_directory_dups (CuTest *tc) +test_directory_dups (void) { const char *filename; p11_save_dir *dir; char *subdir; bool ret; - setup (tc); - if (asprintf (&subdir, "%s/%s", test.directory, "extract-dir") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); dir = p11_save_open_directory (subdir, 0); - CuAssertPtrNotNull (tc, dir); + assert_ptr_not_null (dir); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "file", ".txt", &filename), test_text, 5); - CuAssertIntEquals (tc, true, ret); - CuAssertStrEquals (tc, "file.txt", filename); + assert_num_eq (true, ret); + assert_str_eq ("file.txt", filename); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "file", ".txt", &filename), test_text, 10); - CuAssertIntEquals (tc, true, ret); - CuAssertStrEquals (tc, "file.1.txt", filename); + assert_num_eq (true, ret); + assert_str_eq ("file.1.txt", filename); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "file", ".txt", NULL), test_text, 15); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "no-ext", NULL, NULL), test_text, 8); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "no-ext", NULL, NULL), test_text, 16); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "with-num", ".0", NULL), test_text, 14); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "with-num", ".0", NULL), test_text, 15); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); #ifdef OS_UNIX ret = p11_save_symlink_in (dir, "link", ".0", "/destination1"); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); ret = p11_save_symlink_in (dir, "link", ".0", "/destination2"); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); #endif ret = p11_save_finish_directory (dir, true); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, subdir, ("file.txt", "file.1.txt", "file.2.txt", + test_check_directory (subdir, ("file.txt", "file.1.txt", "file.2.txt", "no-ext", "no-ext.1", "with-num.0", "with-num.1", #ifdef OS_UNIX "link.0", "link.1", #endif NULL)); - test_check_data (tc, subdir, "file.txt", test_text, 5); - test_check_data (tc, subdir, "file.1.txt", test_text, 10); - test_check_data (tc, subdir, "file.2.txt", test_text, 15); - test_check_data (tc, subdir, "no-ext", test_text, 8); - test_check_data (tc, subdir, "no-ext.1", test_text, 16); - test_check_data (tc, subdir, "with-num.0", test_text, 14); - test_check_data (tc, subdir, "with-num.1", test_text, 15); + test_check_data (subdir, "file.txt", test_text, 5); + test_check_data (subdir, "file.1.txt", test_text, 10); + test_check_data (subdir, "file.2.txt", test_text, 15); + test_check_data (subdir, "no-ext", test_text, 8); + test_check_data (subdir, "no-ext.1", test_text, 16); + test_check_data (subdir, "with-num.0", test_text, 14); + test_check_data (subdir, "with-num.1", test_text, 15); #ifdef OS_UNIX - test_check_symlink (tc, subdir, "link.0", "/destination1"); - test_check_symlink (tc, subdir, "link.1", "/destination2"); + test_check_symlink (subdir, "link.0", "/destination1"); + test_check_symlink (subdir, "link.1", "/destination2"); #endif - CuAssertTrue (tc, rmdir (subdir) >= 0); + assert (rmdir (subdir) >= 0); free (subdir); - - teardown (tc); } static void -test_directory_exists (CuTest *tc) +test_directory_exists (void) { p11_save_dir *dir; char *subdir; - setup (tc); - if (asprintf (&subdir, "%s/%s", test.directory, "extract-dir") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); #ifdef OS_UNIX if (mkdir (subdir, S_IRWXU) < 0) #else if (mkdir (subdir) < 0) #endif - CuFail (tc, "mkdir() failed"); + assert_fail ("mkdir() failed", subdir); p11_message_quiet (); dir = p11_save_open_directory (subdir, 0); - CuAssertPtrEquals (tc, NULL, dir); + assert_ptr_eq (NULL, dir); p11_message_loud (); rmdir (subdir); free (subdir); - - teardown (tc); } static void -test_directory_overwrite (CuTest *tc) +test_directory_overwrite (void) { const char *filename; p11_save_dir *dir; char *subdir; bool ret; - setup (tc); - if (asprintf (&subdir, "%s/%s", test.directory, "extract-dir") < 0) - CuFail (tc, "asprintf() failed"); + assert_not_reached (); /* Some initial files into this directory, which get overwritten */ dir = p11_save_open_directory (subdir, 0); @@ -496,74 +451,62 @@ test_directory_overwrite (CuTest *tc) p11_save_write_and_finish (p11_save_open_file_in (dir, "another-file", NULL, NULL), "", 0) && p11_save_write_and_finish (p11_save_open_file_in (dir, "third-file", NULL, NULL), "", 0) && p11_save_finish_directory (dir, true); - CuAssertTrue (tc, ret && dir); + assert (ret && dir); /* Now the actual test, using the same directory */ dir = p11_save_open_directory (subdir, P11_SAVE_OVERWRITE); - CuAssertPtrNotNull (tc, dir); + assert_ptr_not_null (dir); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "blah", ".cer", &filename), test_cacert3_ca_der, sizeof (test_cacert3_ca_der)); - CuAssertIntEquals (tc, true, ret); - CuAssertStrEquals (tc, "blah.cer", filename); + assert_num_eq (true, ret); + assert_str_eq ("blah.cer", filename); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "file", ".txt", &filename), test_text, strlen (test_text)); - CuAssertIntEquals (tc, true, ret); - CuAssertStrEquals (tc, "file.txt", filename); + assert_num_eq (true, ret); + assert_str_eq ("file.txt", filename); ret = p11_save_write_and_finish (p11_save_open_file_in (dir, "file", ".txt", &filename), test_text, 10); - CuAssertIntEquals (tc, true, ret); - CuAssertStrEquals (tc, "file.1.txt", filename); + assert_num_eq (true, ret); + assert_str_eq ("file.1.txt", filename); ret = p11_save_finish_directory (dir, true); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, subdir, ("blah.cer", "file.txt", "file.1.txt", NULL)); - test_check_data (tc, subdir, "blah.cer", test_cacert3_ca_der, sizeof (test_cacert3_ca_der)); - test_check_data (tc, subdir, "file.txt", test_text, strlen (test_text)); - test_check_data (tc, subdir, "file.1.txt", test_text, 10); + test_check_directory (subdir, ("blah.cer", "file.txt", "file.1.txt", NULL)); + test_check_data (subdir, "blah.cer", test_cacert3_ca_der, sizeof (test_cacert3_ca_der)); + test_check_data (subdir, "file.txt", test_text, strlen (test_text)); + test_check_data (subdir, "file.1.txt", test_text, 10); - CuAssertTrue (tc, rmdir (subdir) >= 0); + assert (rmdir (subdir) >= 0); free (subdir); - - teardown (tc); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_file_write); - SUITE_ADD_TEST (suite, test_file_exists); - SUITE_ADD_TEST (suite, test_file_bad_directory); - SUITE_ADD_TEST (suite, test_file_overwrite); - SUITE_ADD_TEST (suite, test_file_auto_empty); - SUITE_ADD_TEST (suite, test_file_auto_length); - SUITE_ADD_TEST (suite, test_write_with_null); - SUITE_ADD_TEST (suite, test_write_and_finish_with_null); - SUITE_ADD_TEST (suite, test_file_abort); - - SUITE_ADD_TEST (suite, test_directory_empty); - SUITE_ADD_TEST (suite, test_directory_files); - SUITE_ADD_TEST (suite, test_directory_dups); - SUITE_ADD_TEST (suite, test_directory_exists); - SUITE_ADD_TEST (suite, test_directory_overwrite); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_fixture (setup, teardown); + p11_test (test_file_write, "/save/test_file_write"); + p11_test (test_file_exists, "/save/test_file_exists"); + p11_test (test_file_bad_directory, "/save/test_file_bad_directory"); + p11_test (test_file_overwrite, "/save/test_file_overwrite"); + p11_test (test_file_auto_empty, "/save/test_file_auto_empty"); + p11_test (test_file_auto_length, "/save/test_file_auto_length"); + + p11_fixture (NULL, NULL); + p11_test (test_write_with_null, "/save/test_write_with_null"); + p11_test (test_write_and_finish_with_null, "/save/test_write_and_finish_with_null"); + + p11_fixture (setup, teardown); + p11_test (test_file_abort, "/save/test_file_abort"); + + p11_test (test_directory_empty, "/save/test_directory_empty"); + p11_test (test_directory_files, "/save/test_directory_files"); + p11_test (test_directory_dups, "/save/test_directory_dups"); + p11_test (test_directory_exists, "/save/test_directory_exists"); + p11_test (test_directory_overwrite, "/save/test_directory_overwrite"); + return p11_test_run (argc, argv); } diff --git a/tools/tests/test.c b/tools/tests/test-tools.c index 4ba2162..0c8b624 100644 --- a/tools/tests/test.c +++ b/tools/tests/test-tools.c @@ -33,24 +33,27 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "debug.h" -#include "test.h" +#include "test-tools.h" #include <sys/stat.h> #include <assert.h> #include <dirent.h> +#include <errno.h> #include <fcntl.h> +#include <stdarg.h> #include <stdio.h> +#include <stdlib.h> #include <string.h> #include <unistd.h> static char * -read_file (CuTest *tc, - const char *file, +read_file (const char *file, int line, + const char *function, const char *filename, long *len) { @@ -60,11 +63,11 @@ read_file (CuTest *tc, f = fopen (filename, "rb"); if (f == NULL) - CuFail_Line (tc, file, line, "Couldn't open file", filename); + p11_test_fail (file, line, function, "Couldn't open file: %s", filename); /* Figure out size */ if (stat (filename, &sb) < 0) - CuFail_Line (tc, file, line, "Couldn't stat file", filename); + p11_test_fail (file, line, function, "Couldn't stat file: %s", filename); *len = sb.st_size; data = malloc (*len ? *len : 1); @@ -72,7 +75,7 @@ read_file (CuTest *tc, /* And read in one block */ if (fread (data, 1, *len, f) != *len) - CuFail_Line (tc, file, line, "Couldn't read file", filename); + p11_test_fail (file, line, function, "Couldn't read file: %s", filename); fclose (f); @@ -80,9 +83,9 @@ read_file (CuTest *tc, } void -test_check_file_msg (CuTest *tc, - const char *file, +test_check_file_msg (const char *file, int line, + const char *function, const char *directory, const char *name, const char *reference) @@ -90,15 +93,15 @@ test_check_file_msg (CuTest *tc, char *refdata; long reflen; - refdata = read_file (tc, file, line, reference, &reflen); - test_check_data_msg (tc, file, line, directory, name, refdata, reflen); + refdata = read_file (file, line, function, reference, &reflen); + test_check_data_msg (file, line, function, directory, name, refdata, reflen); free (refdata); } void -test_check_data_msg (CuTest *tc, - const char *file, +test_check_data_msg (const char *file, int line, + const char *function, const char *directory, const char *name, const void *refdata, @@ -109,14 +112,15 @@ test_check_data_msg (CuTest *tc, long filelen; if (asprintf (&filename, "%s/%s", directory, name) < 0) - CuFail_Line (tc, file, line, "asprintf() failed", NULL); + assert_not_reached (); - filedata = read_file (tc, file, line, filename, &filelen); + filedata = read_file (file, line, function, filename, &filelen); if (filelen != reflen || memcmp (filedata, refdata, reflen) != 0) - CuFail_Line (tc, file, line, "File contents not as expected", filename); + p11_test_fail (file, line, function, "File contents not as expected: %s", filename); - CuAssert_Line (tc, file, line, "couldn't remove file", unlink (filename) >= 0); + if (unlink (filename) < 0) + p11_test_fail (file, line, function, "Couldn't remove file: %s", filename); free (filename); free (filedata); } @@ -124,9 +128,9 @@ test_check_data_msg (CuTest *tc, #ifdef OS_UNIX void -test_check_symlink_msg (CuTest *tc, - const char *file, +test_check_symlink_msg (const char *file, int line, + const char *function, const char *directory, const char *name, const char *destination) @@ -135,14 +139,16 @@ test_check_symlink_msg (CuTest *tc, char *filename; if (asprintf (&filename, "%s/%s", directory, name) < 0) - CuFail_Line (tc, file, line, "asprintf() failed", NULL); + assert_not_reached (); if (readlink (filename, buf, sizeof (buf)) < 0) - CuFail_Line (tc, file, line, "Couldn't read symlink", filename); + p11_test_fail (file, line, function, "Couldn't read symlink: %s", filename); - CuAssertStrEquals_LineMsg (tc, file, line, "symlink contents wrong", destination, buf); + if (strcmp (destination, buf) != 0) + p11_test_fail (file, line, function, "Symlink contents wrong: %s != %s", destination, buf); - CuAssert_Line (tc, file, line, "couldn't remove symlink", unlink (filename) >= 0); + if (unlink (filename) < 0) + p11_test_fail (file, line, function, "Couldn't remove symlink: %s", filename); free (filename); } @@ -171,9 +177,9 @@ test_check_directory_files (const char *file, } void -test_check_directory_msg (CuTest *tc, - const char *file, +test_check_directory_msg (const char *file, int line, + const char *function, const char *directory, p11_dict *files) { @@ -184,7 +190,7 @@ test_check_directory_msg (CuTest *tc, dir = opendir (directory); if (dir == NULL) - CuFail_Line (tc, file ,line, "Couldn't open directory", directory); + p11_test_fail (file ,line, function, "Couldn't open directory: %s", directory); while ((dp = readdir (dir)) != NULL) { if (strcmp (dp->d_name, ".") == 0 || @@ -192,18 +198,19 @@ test_check_directory_msg (CuTest *tc, continue; if (!p11_dict_remove (files, dp->d_name)) - CuFail_Line (tc, file, line, "Unexpected file in directory", dp->d_name); + p11_test_fail (file, line, function, "Unexpected file in directory: %s", dp->d_name); } closedir (dir); #ifdef OS_UNIX - CuAssert_Line (tc, file, line, "couldn't chown directory", chmod (directory, S_IRWXU) >= 0); + if (chmod (directory, S_IRWXU) < 0) + p11_test_fail (file, line, function, "couldn't chown directory: %s: %s", directory, strerror (errno)); #endif p11_dict_iterate (files, &iter); while (p11_dict_next (&iter, (void **)&name, NULL)) - CuFail_Line (tc, file, line, "Couldn't find file in directory", name); + p11_test_fail (file, line, function, "Couldn't find file in directory: %s", name); p11_dict_free (files); } diff --git a/tools/tests/test.h b/tools/tests/test-tools.h index de2bdc1..8e66c54 100644 --- a/tools/tests/test.h +++ b/tools/tests/test-tools.h @@ -35,7 +35,7 @@ #ifndef TEST_COMMON_H_ #define TEST_COMMON_H_ -#include "CuTest.h" +#include "test.h" #include "dict.h" @@ -205,16 +205,16 @@ static const char test_eku_none[] = { 0x30, 0x00, }; -void test_check_file_msg (CuTest *tc, - const char *file, +void test_check_file_msg (const char *file, int line, + const char *function, const char *directory, const char *filename, const char *reference); -void test_check_data_msg (CuTest *tc, - const char *file, +void test_check_data_msg (const char *file, int line, + const char *function, const char *directory, const char *filename, const void *refdata, @@ -222,9 +222,9 @@ void test_check_data_msg (CuTest *tc, #ifdef OS_UNIX -void test_check_symlink_msg (CuTest *tc, - const char *file, +void test_check_symlink_msg (const char *file, int line, + const char *function, const char *directory, const char *name, const char *destination); @@ -234,27 +234,27 @@ void test_check_symlink_msg (CuTest *tc, p11_dict * test_check_directory_files (const char *file, ...) GNUC_NULL_TERMINATED; -void test_check_directory_msg (CuTest *tc, - const char *file, +void test_check_directory_msg (const char *file, int line, + const char *function, const char *directory, p11_dict *files); -#define test_check_file(tc, directory, name, reference) \ - (test_check_file_msg (tc, __FILE__, __LINE__, directory, name, reference)) +#define test_check_file(directory, name, reference) \ + (test_check_file_msg (__FILE__, __LINE__, __FUNCTION__, directory, name, reference)) -#define test_check_data(tc, directory, name, data, length) \ - (test_check_data_msg (tc, __FILE__, __LINE__, directory, name, data, length)) +#define test_check_data(directory, name, data, length) \ + (test_check_data_msg (__FILE__, __LINE__, __FUNCTION__, directory, name, data, length)) #ifdef OS_UNIX -#define test_check_symlink(tc, directory, name, destination) \ - (test_check_symlink_msg (tc, __FILE__, __LINE__, directory, name, destination)) +#define test_check_symlink(directory, name, destination) \ + (test_check_symlink_msg (__FILE__, __LINE__, __FUNCTION__, directory, name, destination)) #endif /* OS_UNIX */ -#define test_check_directory(tc, directory, files) \ - (test_check_directory_msg (tc, __FILE__, __LINE__, directory, \ +#define test_check_directory(directory, files) \ + (test_check_directory_msg (__FILE__, __LINE__, __FUNCTION__, directory, \ test_check_directory_files files)) #endif /* TEST_COMMON_H_ */ diff --git a/tools/tests/test-x509.c b/tools/tests/test-x509.c index e952e53..693aaa0 100644 --- a/tools/tests/test-x509.c +++ b/tools/tests/test-x509.c @@ -32,8 +32,11 @@ * Author: Stef Walter <stefw@collabora.co.uk> */ +#define P11_KIT_DISABLE_DEPRECATED + #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-tools.h" #include "attrs.h" #include "compat.h" @@ -46,7 +49,6 @@ #include "pkcs11.h" #include "pkcs11x.h" #include "oid.h" -#include "test.h" #include <assert.h> #include <stdio.h> @@ -62,15 +64,14 @@ struct { } test; static void -setup (CuTest *tc) +setup (void *unused) { CK_RV rv; + mock_module_reset (); memcpy (&test.module, &mock_module, sizeof (CK_FUNCTION_LIST)); - rv = p11_kit_initialize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); - - mock_module_reset_objects (MOCK_SLOT_ONE_ID); + rv = test.module.C_Initialize (NULL); + assert_num_eq (CKR_OK, rv); test.iter = p11_kit_iter_new (NULL); @@ -78,23 +79,23 @@ setup (CuTest *tc) test.directory = p11_path_expand ("$TEMP/test-extract.XXXXXX"); if (!mkdtemp (test.directory)) - CuFail (tc, "mkdtemp() failed"); + assert_fail ("mkdtemp() failed", test.directory); } static void -teardown (CuTest *tc) +teardown (void *unused) { CK_RV rv; if (rmdir (test.directory) < 0) - CuFail (tc, "rmdir() failed"); + assert_fail ("rmdir() failed", test.directory); free (test.directory); p11_extract_info_cleanup (&test.ex); p11_kit_iter_free (test.iter); - rv = p11_kit_finalize_module (&test.module); - CuAssertIntEquals (tc, CKR_OK, rv); + rv = test.module.C_Finalize (NULL); + assert_num_eq (CKR_OK, rv); } static CK_OBJECT_CLASS certificate_class = CKO_CERTIFICATE; @@ -116,12 +117,10 @@ static CK_ATTRIBUTE certificate_filter[] = { }; static void -test_file (CuTest *tc) +test_file (void) { bool ret; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); @@ -132,21 +131,18 @@ test_file (CuTest *tc) assert_not_reached (); ret = p11_extract_x509_file (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_file (tc, test.directory, "extract.cer", SRCDIR "/files/cacert3.der"); + test_check_file (test.directory, "extract.cer", SRCDIR "/files/cacert3.der"); free (test.ex.destination); - teardown (tc); } static void -test_file_multiple (CuTest *tc) +test_file_multiple (void) { bool ret; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); @@ -160,25 +156,22 @@ test_file_multiple (CuTest *tc) p11_message_quiet (); ret = p11_extract_x509_file (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - CuAssertTrue (tc, strstr (p11_message_last (), "multiple certificates") != NULL); + assert (strstr (p11_message_last (), "multiple certificates") != NULL); p11_message_loud (); - test_check_file (tc, test.directory, "extract.cer", SRCDIR "/files/cacert3.der"); + test_check_file (test.directory, "extract.cer", SRCDIR "/files/cacert3.der"); free (test.ex.destination); - teardown (tc); } static void -test_file_without (CuTest *tc) +test_file_without (void) { bool ret; - setup (tc); - p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); p11_kit_iter_add_filter (test.iter, certificate_filter, 1); p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); @@ -189,23 +182,20 @@ test_file_without (CuTest *tc) p11_message_quiet (); ret = p11_extract_x509_file (test.iter, &test.ex); - CuAssertIntEquals (tc, false, ret); + assert_num_eq (false, ret); - CuAssertTrue (tc, strstr (p11_message_last (), "no certificate") != NULL); + assert (strstr (p11_message_last (), "no certificate") != NULL); p11_message_loud (); free (test.ex.destination); - teardown (tc); } static void -test_directory (CuTest *tc) +test_directory (void) { bool ret; - setup (tc); - mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); mock_module_add_object (MOCK_SLOT_ONE_ID, cacert3_authority_attrs); @@ -219,22 +209,18 @@ test_directory (CuTest *tc) test.ex.destination = test.directory; ret = p11_extract_x509_directory (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); - - test_check_directory (tc, test.directory, ("Cacert3_Here.cer", "Cacert3_Here.1.cer", NULL)); - test_check_file (tc, test.directory, "Cacert3_Here.cer", SRCDIR "/files/cacert3.der"); - test_check_file (tc, test.directory, "Cacert3_Here.1.cer", SRCDIR "/files/cacert3.der"); + assert_num_eq (true, ret); - teardown (tc); + test_check_directory (test.directory, ("Cacert3_Here.cer", "Cacert3_Here.1.cer", NULL)); + test_check_file (test.directory, "Cacert3_Here.cer", SRCDIR "/files/cacert3.der"); + test_check_file (test.directory, "Cacert3_Here.1.cer", SRCDIR "/files/cacert3.der"); } static void -test_directory_empty (CuTest *tc) +test_directory_empty (void) { bool ret; - setup (tc); - p11_kit_iter_add_callback (test.iter, p11_extract_info_load_filter, &test.ex, NULL); p11_kit_iter_add_filter (test.iter, certificate_filter, 1); p11_kit_iter_begin_with (test.iter, &test.module, 0, 0); @@ -245,37 +231,22 @@ test_directory_empty (CuTest *tc) test.ex.destination = test.directory; ret = p11_extract_x509_directory (test.iter, &test.ex); - CuAssertIntEquals (tc, true, ret); + assert_num_eq (true, ret); - test_check_directory (tc, test.directory, (NULL, NULL)); - - teardown (tc); + test_check_directory (test.directory, (NULL, NULL)); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); mock_module_init (); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_file); - SUITE_ADD_TEST (suite, test_file_multiple); - SUITE_ADD_TEST (suite, test_file_without); - SUITE_ADD_TEST (suite, test_directory); - SUITE_ADD_TEST (suite, test_directory_empty); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + + p11_fixture (setup, teardown); + p11_test (test_file, "/x509/test_file"); + p11_test (test_file_multiple, "/x509/test_file_multiple"); + p11_test (test_file_without, "/x509/test_file_without"); + p11_test (test_directory, "/x509/test_directory"); + p11_test (test_directory_empty, "/x509/test_directory_empty"); + return p11_test_run (argc, argv); } diff --git a/trust/Makefile.am b/trust/Makefile.am index 875c8c4..6c2c7c8 100644 --- a/trust/Makefile.am +++ b/trust/Makefile.am @@ -5,7 +5,7 @@ SUBDIRS = . tests COMMON = $(top_srcdir)/common -INCLUDES = \ +AM_CPPFLAGS = \ -I$(top_srcdir) \ -I$(top_srcdir)/common \ -DDATADIR=\"$(datadir)\" \ diff --git a/trust/module.c b/trust/module.c index ba41884..5f8692b 100644 --- a/trust/module.c +++ b/trust/module.c @@ -36,6 +36,7 @@ #define CRYPTOKI_EXPORTS +#include "argv.h" #include "array.h" #include "attrs.h" #define P11_DEBUG_FLAG P11_DEBUG_TRUST @@ -133,6 +134,19 @@ lookup_object_inlock (p11_session *session, return NULL; } +static CK_RV +check_index_writable (p11_session *session, + p11_index *index) +{ + if (index == p11_token_index (session->token)) { + if (!p11_token_is_writable (session->token)) + return CKR_TOKEN_WRITE_PROTECTED; + else if (!session->read_write) + return CKR_SESSION_READ_ONLY; + } + + return CKR_OK; +} static CK_RV lookup_slot_inlock (CK_SLOT_ID id, @@ -249,7 +263,8 @@ create_tokens_inlock (p11_array *tokens, } static void -parse_argument (char *arg) +parse_argument (char *arg, + void *unused) { char *value; @@ -268,78 +283,6 @@ parse_argument (char *arg) } } -static void -parse_arguments (const char *string) -{ - char quote = '\0'; - char *src, *dup, *at, *arg; - - if (!string) - return; - - src = dup = strdup (string); - if (!dup) { - p11_message ("couldn't allocate memory for argument string"); - return; - } - - arg = at = src; - for (src = dup; *src; src++) { - - /* Matching quote */ - if (quote == *src) { - quote = '\0'; - - /* Inside of quotes */ - } else if (quote != '\0') { - if (*src == '\\') { - *at++ = *src++; - if (!*src) { - p11_message ("couldn't parse argument string: %s", string); - goto done; - } - if (*src != quote) - *at++ = '\\'; - } - *at++ = *src; - - /* Space, not inside of quotes */ - } else if (isspace(*src)) { - *at = 0; - parse_argument (arg); - arg = at; - - /* Other character outside of quotes */ - } else { - switch (*src) { - case '\'': - case '"': - quote = *src; - break; - case '\\': - *at++ = *src++; - if (!*src) { - p11_message ("couldn't parse argument string: %s", string); - goto done; - } - /* fall through */ - default: - *at++ = *src; - break; - } - } - } - - - if (at != arg) { - *at = 0; - parse_argument (arg); - } - -done: - free (dup); -} - static CK_RV sys_C_Finalize (CK_VOID_PTR reserved) { @@ -440,7 +383,7 @@ sys_C_Initialize (CK_VOID_PTR init_args) p11_debug ("doing initialization"); if (args->pReserved) - parse_arguments ((const char*)args->pReserved); + p11_argv_parse ((const char*)args->pReserved, parse_argument, NULL); gl.sessions = p11_dict_new (p11_dict_ulongptr_hash, p11_dict_ulongptr_equal, @@ -614,7 +557,7 @@ sys_C_GetTokenInfo (CK_SLOT_ID id, info->firmwareVersion.minor = 0; info->hardwareVersion.major = PACKAGE_MAJOR; info->hardwareVersion.minor = PACKAGE_MINOR; - info->flags = CKF_TOKEN_INITIALIZED | CKF_WRITE_PROTECTED; + info->flags = CKF_TOKEN_INITIALIZED; strncpy ((char*)info->manufacturerID, MANUFACTURER_ID, 32); strncpy ((char*)info->model, TOKEN_MODEL, 16); strncpy ((char*)info->serialNumber, TOKEN_SERIAL_NUMBER, 16); @@ -636,6 +579,9 @@ sys_C_GetTokenInfo (CK_SLOT_ID id, length = sizeof (info->label); memset (info->label, ' ', sizeof (info->label)); memcpy (info->label, label, length); + + if (!p11_token_is_writable (token)) + info->flags |= CKF_WRITE_PROTECTED; } p11_unlock (); @@ -677,8 +623,8 @@ sys_C_InitToken (CK_SLOT_ID id, CK_ULONG pin_len, CK_UTF8CHAR_PTR label) { - return_val_if_fail (check_slot (id), CKR_SLOT_ID_INVALID); - return_val_if_reached (CKR_TOKEN_WRITE_PROTECTED); + p11_debug ("not supported"); + return CKR_FUNCTION_NOT_SUPPORTED; } static CK_RV @@ -715,13 +661,16 @@ sys_C_OpenSession (CK_SLOT_ID id, } else if (!(flags & CKF_SERIAL_SESSION)) { rv = CKR_SESSION_PARALLEL_NOT_SUPPORTED; - } else if (flags & CKF_RW_SESSION) { + } else if ((flags & CKF_RW_SESSION) && + !p11_token_is_writable (token)) { rv = CKR_TOKEN_WRITE_PROTECTED; } else { session = p11_session_new (token); if (p11_dict_set (gl.sessions, &session->handle, session)) { rv = CKR_OK; + if (flags & CKF_RW_SESSION) + session->read_write = true; *handle = session->handle; p11_debug ("session: %lu", *handle); } else { @@ -838,7 +787,8 @@ sys_C_InitPIN (CK_SESSION_HANDLE handle, CK_UTF8CHAR_PTR pin, CK_ULONG pin_len) { - return_val_if_reached (CKR_TOKEN_WRITE_PROTECTED); + p11_debug ("not supported"); + return CKR_FUNCTION_NOT_SUPPORTED; } static CK_RV @@ -848,7 +798,8 @@ sys_C_SetPIN (CK_SESSION_HANDLE handle, CK_UTF8CHAR_PTR new_pin, CK_ULONG new_pin_len) { - return_val_if_reached (CKR_TOKEN_WRITE_PROTECTED); + p11_debug ("not supported"); + return CKR_FUNCTION_NOT_SUPPORTED; } static CK_RV @@ -921,7 +872,8 @@ sys_C_CreateObject (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE_PTR new_object) { p11_session *session; - CK_BBOOL token; + p11_index *index; + CK_BBOOL val; CK_RV rv; return_val_if_fail (new_object != NULL, CKR_ARGUMENTS_BAD); @@ -932,12 +884,15 @@ sys_C_CreateObject (CK_SESSION_HANDLE handle, rv = lookup_session (handle, &session); if (rv == CKR_OK) { - if (p11_attrs_findn_bool (template, count, CKA_TOKEN, &token) && token) - rv = CKR_TOKEN_WRITE_PROTECTED; + if (p11_attrs_findn_bool (template, count, CKA_TOKEN, &val) && val) + index = p11_token_index (session->token); + else + index = session->index; + rv = check_index_writable (session, index); } if (rv == CKR_OK) - rv = p11_index_add (session->index, template, count, new_object); + rv = p11_index_add (index, template, count, new_object); p11_unlock (); @@ -958,6 +913,7 @@ sys_C_CopyObject (CK_SESSION_HANDLE handle, p11_session *session; CK_ATTRIBUTE *original; CK_ATTRIBUTE *attrs; + p11_index *index; CK_BBOOL val; CK_RV rv; @@ -969,21 +925,22 @@ sys_C_CopyObject (CK_SESSION_HANDLE handle, rv = lookup_session (handle, &session); if (rv == CKR_OK) { - original = lookup_object_inlock (session, object, NULL); + original = lookup_object_inlock (session, object, &index); if (original == NULL) rv = CKR_OBJECT_HANDLE_INVALID; } if (rv == CKR_OK) { - if (p11_attrs_findn_bool (template, count, CKA_TOKEN, &val) && val) - rv = CKR_TOKEN_WRITE_PROTECTED; + if (p11_attrs_findn_bool (template, count, CKA_TOKEN, &val)) + index = val ? p11_token_index (session->token) : session->index; + rv = check_index_writable (session, index); } if (rv == CKR_OK) { attrs = p11_attrs_dup (original); attrs = p11_attrs_buildn (attrs, template, count); attrs = p11_attrs_build (attrs, &token, NULL); - rv = p11_index_take (session->index, attrs, new_object); + rv = p11_index_take (index, attrs, new_object); } p11_unlock (); @@ -998,6 +955,9 @@ sys_C_DestroyObject (CK_SESSION_HANDLE handle, CK_OBJECT_HANDLE object) { p11_session *session; + CK_ATTRIBUTE *attrs; + p11_index *index; + CK_BBOOL val; CK_RV rv; p11_debug ("in"); @@ -1006,11 +966,19 @@ sys_C_DestroyObject (CK_SESSION_HANDLE handle, rv = lookup_session (handle, &session); if (rv == CKR_OK) { - rv = p11_index_remove (session->index, object); - if (rv == CKR_OBJECT_HANDLE_INVALID) { - if (p11_index_lookup (p11_token_index (session->token), object)) - rv = CKR_TOKEN_WRITE_PROTECTED; + attrs = lookup_object_inlock (session, object, &index); + if (attrs == NULL) + rv = CKR_OBJECT_HANDLE_INVALID; + else + rv = check_index_writable (session, index); + + if (rv == CKR_OK && p11_attrs_find_bool (attrs, CKA_MODIFIABLE, &val) && !val) { + /* TODO: This should be replaced with CKR_ACTION_PROHIBITED */ + rv = CKR_FUNCTION_REJECTED; } + + if (rv == CKR_OK) + rv = p11_index_remove (index, object); } p11_unlock (); @@ -1120,6 +1088,9 @@ sys_C_SetAttributeValue (CK_SESSION_HANDLE handle, CK_ULONG count) { p11_session *session; + CK_ATTRIBUTE *attrs; + p11_index *index; + CK_BBOOL val; CK_RV rv; p11_debug ("in"); @@ -1128,11 +1099,19 @@ sys_C_SetAttributeValue (CK_SESSION_HANDLE handle, rv = lookup_session (handle, &session); if (rv == CKR_OK) { - rv = p11_index_set (session->index, object, template, count); - if (rv == CKR_OBJECT_HANDLE_INVALID) { - if (p11_index_lookup (p11_token_index (session->token), object)) - rv = CKR_TOKEN_WRITE_PROTECTED; + attrs = lookup_object_inlock (session, object, &index); + if (attrs == NULL) { + rv = CKR_OBJECT_HANDLE_INVALID; + + } else if (p11_attrs_find_bool (attrs, CKA_MODIFIABLE, &val) && !val) { + /* TODO: This should be replaced with CKR_ACTION_PROHIBITED */ + rv = CKR_ATTRIBUTE_READ_ONLY; } + + if (rv == CKR_OK) + rv = check_index_writable (session, index); + if (rv == CKR_OK) + rv = p11_index_set (index, object, template, count); } p11_unlock (); diff --git a/trust/parser.c b/trust/parser.c index 7690d6a..21b693b 100644 --- a/trust/parser.c +++ b/trust/parser.c @@ -675,10 +675,14 @@ parse_p11_kit_persist (p11_parser *parser, const unsigned char *data, size_t length) { + CK_BBOOL modifiablev = CK_FALSE; + CK_ATTRIBUTE *attrs; p11_array *objects; bool ret; int i; + CK_ATTRIBUTE modifiable = { CKA_MODIFIABLE, &modifiablev, sizeof (modifiablev) }; + if (!p11_persist_magic (data, length)) return P11_PARSE_UNRECOGNIZED; @@ -692,8 +696,10 @@ parse_p11_kit_persist (p11_parser *parser, ret = p11_persist_read (parser->persist, parser->basename, data, length, objects); if (ret) { - for (i = 0; i < objects->num; i++) - sink_object (parser, objects->elem[i]); + for (i = 0; i < objects->num; i++) { + attrs = p11_attrs_build (objects->elem[i], &modifiable, NULL); + sink_object (parser, attrs); + } } p11_array_free (objects); diff --git a/trust/persist.c b/trust/persist.c index 69af697..ad80683 100644 --- a/trust/persist.c +++ b/trust/persist.c @@ -41,12 +41,15 @@ #include "lexer.h" #include "pem.h" #include "persist.h" +#include "pkcs11.h" +#include "pkcs11x.h" #include "url.h" #include "basic.asn.h" #include <libtasn1.h> +#include <assert.h> #include <stdlib.h> #include <string.h> @@ -55,12 +58,6 @@ struct _p11_persist { p11_dict *constants; node_asn *asn1_defs; - - /* Used during parsing */ - p11_lexer lexer; - CK_ATTRIBUTE *attrs; - bool result; - bool skip; }; bool @@ -127,6 +124,20 @@ parse_string (p11_lexer *lexer, return true; } +static void +format_string (CK_ATTRIBUTE *attr, + p11_buffer *buf) +{ + const unsigned char *value; + + assert (attr->ulValueLen != CK_UNAVAILABLE_INFORMATION); + + p11_buffer_add (buf, "\"", 1); + value = attr->pValue; + p11_url_encode (value, value + attr->ulValueLen, P11_URL_VERBATIM, buf); + p11_buffer_add (buf, "\"", 1); +} + static bool parse_bool (p11_lexer *lexer, CK_ATTRIBUTE *attr) @@ -152,6 +163,56 @@ parse_bool (p11_lexer *lexer, } static bool +format_bool (CK_ATTRIBUTE *attr, + p11_buffer *buf) +{ + const CK_BBOOL *value; + + if (attr->ulValueLen != sizeof (CK_BBOOL)) + return false; + + switch (attr->type) { + case CKA_TOKEN: + case CKA_PRIVATE: + case CKA_TRUSTED: + case CKA_SENSITIVE: + case CKA_ENCRYPT: + case CKA_DECRYPT: + case CKA_WRAP: + case CKA_UNWRAP: + case CKA_SIGN: + case CKA_SIGN_RECOVER: + case CKA_VERIFY: + case CKA_VERIFY_RECOVER: + case CKA_DERIVE: + case CKA_EXTRACTABLE: + case CKA_LOCAL: + case CKA_NEVER_EXTRACTABLE: + case CKA_ALWAYS_SENSITIVE: + case CKA_MODIFIABLE: + case CKA_SECONDARY_AUTH: + case CKA_ALWAYS_AUTHENTICATE: + case CKA_WRAP_WITH_TRUSTED: + case CKA_RESET_ON_INIT: + case CKA_HAS_RESET: + case CKA_COLOR: + break; + default: + return false; + } + + value = attr->pValue; + if (*value == CK_TRUE) + p11_buffer_add (buf, "true", -1); + else if (*value == CK_FALSE) + p11_buffer_add (buf, "false", -1); + else + return false; + + return true; +} + +static bool parse_ulong (p11_lexer *lexer, CK_ATTRIBUTE *attr) { @@ -172,6 +233,66 @@ parse_ulong (p11_lexer *lexer, } static bool +format_ulong (CK_ATTRIBUTE *attr, + p11_buffer *buf) +{ + char string[sizeof (CK_ULONG) * 4]; + const CK_ULONG *value; + + if (attr->ulValueLen != sizeof (CK_ULONG)) + return false; + + switch (attr->type) { + case CKA_CERTIFICATE_CATEGORY: + case CKA_CERTIFICATE_TYPE: + case CKA_CLASS: + case CKA_JAVA_MIDP_SECURITY_DOMAIN: + case CKA_KEY_GEN_MECHANISM: + case CKA_KEY_TYPE: + case CKA_MECHANISM_TYPE: + case CKA_MODULUS_BITS: + case CKA_PRIME_BITS: + case CKA_SUB_PRIME_BITS: + case CKA_VALUE_BITS: + case CKA_VALUE_LEN: + case CKA_TRUST_DIGITAL_SIGNATURE: + case CKA_TRUST_NON_REPUDIATION: + case CKA_TRUST_KEY_ENCIPHERMENT: + case CKA_TRUST_DATA_ENCIPHERMENT: + case CKA_TRUST_KEY_AGREEMENT: + case CKA_TRUST_KEY_CERT_SIGN: + case CKA_TRUST_CRL_SIGN: + case CKA_TRUST_SERVER_AUTH: + case CKA_TRUST_CLIENT_AUTH: + case CKA_TRUST_CODE_SIGNING: + case CKA_TRUST_EMAIL_PROTECTION: + case CKA_TRUST_IPSEC_END_SYSTEM: + case CKA_TRUST_IPSEC_TUNNEL: + case CKA_TRUST_IPSEC_USER: + case CKA_TRUST_TIME_STAMPING: + case CKA_TRUST_STEP_UP_APPROVED: + case CKA_X_ASSERTION_TYPE: + case CKA_AUTH_PIN_FLAGS: + case CKA_HW_FEATURE_TYPE: + case CKA_PIXEL_X: + case CKA_PIXEL_Y: + case CKA_RESOLUTION: + case CKA_CHAR_ROWS: + case CKA_CHAR_COLUMNS: + case CKA_BITS_PER_PIXEL: + break; + default: + return false; + } + + value = attr->pValue; + snprintf (string, sizeof (string), "%lu", *value); + + p11_buffer_add (buf, string, -1); + return true; +} + +static bool parse_constant (p11_persist *persist, p11_lexer *lexer, CK_ATTRIBUTE *attr) @@ -190,6 +311,70 @@ parse_constant (p11_persist *persist, return true; } +static bool +format_constant (CK_ATTRIBUTE *attr, + p11_buffer *buf) +{ + const p11_constant *table; + const CK_ULONG *value; + const char *nick; + + if (attr->ulValueLen != sizeof (CK_ULONG)) + return false; + + switch (attr->type) { + case CKA_TRUST_DIGITAL_SIGNATURE: + case CKA_TRUST_NON_REPUDIATION: + case CKA_TRUST_KEY_ENCIPHERMENT: + case CKA_TRUST_DATA_ENCIPHERMENT: + case CKA_TRUST_KEY_AGREEMENT: + case CKA_TRUST_KEY_CERT_SIGN: + case CKA_TRUST_CRL_SIGN: + case CKA_TRUST_SERVER_AUTH: + case CKA_TRUST_CLIENT_AUTH: + case CKA_TRUST_CODE_SIGNING: + case CKA_TRUST_EMAIL_PROTECTION: + case CKA_TRUST_IPSEC_END_SYSTEM: + case CKA_TRUST_IPSEC_TUNNEL: + case CKA_TRUST_IPSEC_USER: + case CKA_TRUST_TIME_STAMPING: + table = p11_constant_trusts; + break; + case CKA_CLASS: + table = p11_constant_classes; + break; + case CKA_CERTIFICATE_TYPE: + table = p11_constant_certs; + break; + case CKA_KEY_TYPE: + table = p11_constant_keys; + break; + case CKA_X_ASSERTION_TYPE: + table = p11_constant_asserts; + break; + case CKA_CERTIFICATE_CATEGORY: + table = p11_constant_categories; + break; + case CKA_KEY_GEN_MECHANISM: + case CKA_MECHANISM_TYPE: + table = p11_constant_mechanisms; + break; + default: + table = NULL; + }; + + if (!table) + return false; + + value = attr->pValue; + nick = p11_constant_nick (table, *value); + + if (!nick) + return false; + + p11_buffer_add (buf, nick, -1); + return true; +} static bool parse_oid (p11_persist *persist, @@ -249,6 +434,60 @@ parse_oid (p11_persist *persist, } static bool +format_oid (p11_persist *persist, + CK_ATTRIBUTE *attr, + p11_buffer *buf) +{ + char message[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = { 0, }; + node_asn *asn; + char *data; + int len; + int ret; + + if (attr->type != CKA_OBJECT_ID) + return false; + + if (!persist->asn1_defs) { + ret = asn1_array2tree (basic_asn1_tab, &persist->asn1_defs, message); + if (ret != ASN1_SUCCESS) { + p11_debug_precond ("failed to load BASIC definitions: %s: %s\n", + asn1_strerror (ret), message); + return false; + } + } + + ret = asn1_create_element (persist->asn1_defs, "BASIC.ObjectIdentifier", &asn); + if (ret != ASN1_SUCCESS) { + p11_debug_precond ("failed to create ObjectIdentifier element: %s\n", + asn1_strerror (ret)); + return false; + } + + ret = asn1_der_decoding (&asn, attr->pValue, attr->ulValueLen, message); + if (ret != ASN1_SUCCESS) { + p11_debug_precond ("invalid oid value: %s", message); + return false; + } + + len = 0; + ret = asn1_read_value (asn, "", NULL, &len); + return_val_if_fail (ret == ASN1_MEM_ERROR, false); + + data = calloc (len + 1, 1); + return_val_if_fail (data != NULL, false); + + ret = asn1_read_value (asn, "", data, &len); + return_val_if_fail (ret == ASN1_SUCCESS, false); + + asn1_delete_structure (&asn); + + p11_buffer_add (buf, data, len - 1); + free (data); + + return true; +} + +static bool parse_value (p11_persist *persist, p11_lexer *lexer, CK_ATTRIBUTE *attr) @@ -260,16 +499,41 @@ parse_value (p11_persist *persist, parse_oid (persist, lexer, attr); } +static void +format_value (p11_persist *persist, + CK_ATTRIBUTE *attr, + p11_buffer *buf) +{ + assert (attr->ulValueLen != CK_UNAVAILABLE_INFORMATION); + + if (format_bool (attr, buf) || + format_constant (attr, buf) || + format_ulong (attr, buf) || + format_oid (persist, attr, buf)) + return; + + /* Everything else as string */ + format_string (attr, buf); +} + static bool field_to_attribute (p11_persist *persist, - p11_lexer *lexer) + p11_lexer *lexer, + CK_ATTRIBUTE **attrs) { CK_ATTRIBUTE attr = { 0, }; + char *end; - attr.type = p11_constant_resolve (persist->constants, lexer->tok.field.name); - if (attr.type == CKA_INVALID || !p11_constant_name (p11_constant_types, attr.type)) { - p11_lexer_msg (lexer, "invalid or unsupported attribute"); - return false; + end = NULL; + attr.type = strtoul (lexer->tok.field.name, &end, 10); + + /* Not a valid number value, probably a constant */ + if (!end || *end != '\0') { + attr.type = p11_constant_resolve (persist->constants, lexer->tok.field.name); + if (attr.type == CKA_INVALID || !p11_constant_name (p11_constant_types, attr.type)) { + p11_lexer_msg (lexer, "invalid or unsupported attribute"); + return false; + } } if (!parse_value (persist, lexer, &attr)) { @@ -277,51 +541,61 @@ field_to_attribute (p11_persist *persist, return false; } - persist->attrs = p11_attrs_take (persist->attrs, attr.type, - attr.pValue, attr.ulValueLen); + *attrs = p11_attrs_take (*attrs, attr.type, + attr.pValue, attr.ulValueLen); return true; } -static void -on_pem_block (const char *type, - const unsigned char *contents, - size_t length, - void *user_data) +static CK_ATTRIBUTE * +certificate_to_attributes (const unsigned char *der, + size_t length) { CK_OBJECT_CLASS klassv = CKO_CERTIFICATE; CK_CERTIFICATE_TYPE x509 = CKC_X_509; - CK_BBOOL modifiablev = CK_FALSE; - CK_ATTRIBUTE modifiable = { CKA_MODIFIABLE, &modifiablev, sizeof (modifiablev) }; CK_ATTRIBUTE klass = { CKA_CLASS, &klassv, sizeof (klassv) }; CK_ATTRIBUTE certificate_type = { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }; - CK_ATTRIBUTE value = { CKA_VALUE, }; + CK_ATTRIBUTE value = { CKA_VALUE, (void *)der, length }; + + return p11_attrs_build (NULL, &klass, &certificate_type, &value, NULL); +} - p11_persist *store = user_data; +typedef struct { + p11_lexer *lexer; + CK_ATTRIBUTE *attrs; + bool result; +} parse_block; + +static void +on_pem_block (const char *type, + const unsigned char *contents, + size_t length, + void *user_data) +{ + parse_block *pb = user_data; CK_ATTRIBUTE *attrs; if (strcmp (type, "CERTIFICATE") == 0) { - value.pValue = (void *)contents; - value.ulValueLen = length; - attrs = p11_attrs_build (NULL, &klass, &modifiable, &certificate_type, &value, NULL); - store->attrs = p11_attrs_merge (store->attrs, attrs, false); - store->result = true; + attrs = certificate_to_attributes (contents, length); + pb->attrs = p11_attrs_merge (pb->attrs, attrs, false); + pb->result = true; } else { - p11_lexer_msg (&store->lexer, "unsupported pem block in store"); - store->result = false; + p11_lexer_msg (pb->lexer, "unsupported pem block in store"); + pb->result = false; } } static bool -pem_to_attributes (p11_persist *store, - p11_lexer *lexer) +pem_to_attributes (p11_lexer *lexer, + CK_ATTRIBUTE **attrs) { + parse_block pb = { lexer, *attrs, false }; unsigned int count; count = p11_pem_parse (lexer->tok.pem.begin, lexer->tok.pem.length, - on_pem_block, store); + on_pem_block, &pb); if (count == 0) { p11_lexer_msg (lexer, "invalid pem block"); @@ -330,7 +604,8 @@ pem_to_attributes (p11_persist *store, /* The lexer should have only matched one block */ return_val_if_fail (count == 1, false); - return store->result; + *attrs = pb.attrs; + return pb.result; } bool @@ -340,50 +615,53 @@ p11_persist_read (p11_persist *persist, size_t length, p11_array *objects) { - bool failed = false; + p11_lexer lexer; + CK_ATTRIBUTE *attrs; + bool failed; + bool skip; return_val_if_fail (persist != NULL, false); return_val_if_fail (objects != NULL, false); - persist->skip = false; - persist->result = false; - persist->attrs = NULL; + skip = false; + attrs = NULL; + failed = false; - p11_lexer_init (&persist->lexer, filename, (const char *)data, length); - while (p11_lexer_next (&persist->lexer, &failed)) { - switch (persist->lexer.tok_type) { + p11_lexer_init (&lexer, filename, (const char *)data, length); + while (p11_lexer_next (&lexer, &failed)) { + switch (lexer.tok_type) { case TOK_SECTION: - if (persist->attrs && !p11_array_push (objects, persist->attrs)) + if (attrs && !p11_array_push (objects, attrs)) return_val_if_reached (false); - persist->attrs = NULL; - if (strcmp (persist->lexer.tok.section.name, PERSIST_HEADER) != 0) { - p11_lexer_msg (&persist->lexer, "unrecognized or invalid section header"); - persist->skip = true; + attrs = NULL; + if (strcmp (lexer.tok.section.name, PERSIST_HEADER) != 0) { + p11_lexer_msg (&lexer, "unrecognized or invalid section header"); + skip = true; } else { - persist->attrs = p11_attrs_build (NULL, NULL); - return_val_if_fail (persist->attrs != NULL, false); - persist->skip = false; + attrs = p11_attrs_build (NULL, NULL); + return_val_if_fail (attrs != NULL, false); + skip = false; } failed = false; break; case TOK_FIELD: - if (persist->skip) { + if (skip) { failed = false; - } else if (!persist->attrs) { - p11_lexer_msg (&persist->lexer, "attribute before p11-kit section header"); + } else if (!attrs) { + p11_lexer_msg (&lexer, "attribute before p11-kit section header"); failed = true; } else { - failed = !field_to_attribute (persist, &persist->lexer); + failed = !field_to_attribute (persist, &lexer, &attrs); } break; case TOK_PEM: - if (persist->skip) { + if (skip) { failed = false; - } else if (!persist->attrs) { - p11_lexer_msg (&persist->lexer, "pem block before p11-kit section header"); + } else if (!attrs) { + p11_lexer_msg (&lexer, "pem block before p11-kit section header"); failed = true; } else { - failed = !pem_to_attributes (persist, &persist->lexer); + failed = !pem_to_attributes (&lexer, &attrs); } break; } @@ -392,10 +670,72 @@ p11_persist_read (p11_persist *persist, break; } - if (persist->attrs && !p11_array_push (objects, persist->attrs)) + if (attrs && !p11_array_push (objects, attrs)) return_val_if_reached (false); - persist->attrs = NULL; + attrs = NULL; - p11_lexer_done (&persist->lexer); + p11_lexer_done (&lexer); return !failed; } + +static CK_ATTRIBUTE * +find_certificate_value (CK_ATTRIBUTE *attrs) +{ + CK_OBJECT_CLASS klass; + CK_CERTIFICATE_TYPE type; + + if (!p11_attrs_find_ulong (attrs, CKA_CLASS, &klass) || + klass != CKO_CERTIFICATE) + return NULL; + if (!p11_attrs_find_ulong (attrs, CKA_CERTIFICATE_TYPE, &type) || + type != CKC_X_509) + return NULL; + return p11_attrs_find_valid (attrs, CKA_VALUE); +} + +bool +p11_persist_write (p11_persist *persist, + CK_ATTRIBUTE *attrs, + p11_buffer *buf) +{ + char string[sizeof (CK_ULONG) * 4]; + CK_ATTRIBUTE *cert_value; + const char *nick; + int i; + + cert_value = find_certificate_value (attrs); + + p11_buffer_add (buf, "[" PERSIST_HEADER "]\n", -1); + + for (i = 0; !p11_attrs_terminator (attrs + i); i++) { + + /* These are written later? */ + if (cert_value != NULL && + (attrs[i].type == CKA_CLASS || + attrs[i].type == CKA_CERTIFICATE_TYPE || + attrs[i].type == CKA_VALUE)) + continue; + + if (attrs[i].ulValueLen == CK_UNAVAILABLE_INFORMATION) + continue; + + nick = p11_constant_nick (p11_constant_types, attrs[i].type); + if (nick == NULL) { + snprintf (string, sizeof (string), "%lu", attrs[i].type); + nick = string; + } + + p11_buffer_add (buf, nick, -1); + p11_buffer_add (buf, ": ", 2); + format_value (persist, attrs + i, buf); + p11_buffer_add (buf, "\n", 1); + } + + if (cert_value != NULL) { + if (!p11_pem_write (cert_value->pValue, cert_value->ulValueLen, "CERTIFICATE", buf)) + return_val_if_reached (false); + } + + p11_buffer_add (buf, "\n", 1); + return p11_buffer_ok (buf); +} diff --git a/trust/persist.h b/trust/persist.h index 04762f4..0ef142c 100644 --- a/trust/persist.h +++ b/trust/persist.h @@ -54,6 +54,10 @@ bool p11_persist_read (p11_persist *persist, size_t length, p11_array *objects); +bool p11_persist_write (p11_persist *persist, + CK_ATTRIBUTE *object, + p11_buffer *buf); + void p11_persist_free (p11_persist *persist); #endif /* P11_PERSIST_H_ */ diff --git a/trust/session.h b/trust/session.h index b820770..ec394b1 100644 --- a/trust/session.h +++ b/trust/session.h @@ -48,6 +48,7 @@ typedef struct { p11_builder *builder; p11_token *token; CK_BBOOL loaded; + bool read_write; /* Used by various operations */ p11_session_cleanup cleanup; diff --git a/trust/tests/Makefile.am b/trust/tests/Makefile.am index 90b9fb5..abacab6 100644 --- a/trust/tests/Makefile.am +++ b/trust/tests/Makefile.am @@ -1,24 +1,25 @@ include $(top_srcdir)/build/Makefile.tests -INCLUDES = \ +AM_CPPFLAGS = \ -I$(top_srcdir) \ -I$(srcdir)/.. \ -I$(top_srcdir)/common \ -DDATADIR=\"$(datadir)\" \ -DSYSCONFDIR=\"$(sysconfdir)\" \ - $(CUTEST_CFLAGS) + $(TEST_CFLAGS) noinst_LTLIBRARIES = \ libtestdata.la libtestdata_la_SOURCES = \ - test-data.c test-data.h + test-trust.c test-trust.h LDADD = \ $(top_builddir)/trust/libtrust-testable.la \ $(top_builddir)/common/libp11-data.la \ $(top_builddir)/common/libp11-library.la \ + $(top_builddir)/common/libp11-test.la \ $(top_builddir)/common/libp11-common.la \ $(builddir)/libtestdata.la \ $(LIBTASN1_LIBS) \ diff --git a/trust/tests/frob-nss-trust.c b/trust/tests/frob-nss-trust.c index da76795..a81b5e2 100644 --- a/trust/tests/frob-nss-trust.c +++ b/trust/tests/frob-nss-trust.c @@ -102,7 +102,10 @@ dump_trust_module (const char *path) CK_ULONG count = p11_attrs_count (template); - rv = p11_kit_load_initialize_module (path, &module); + module = p11_kit_module_load (path, 0); + return_val_if_fail (module != NULL, 1); + + rv = p11_kit_module_initialize (module); return_val_if_fail (rv == CKR_OK, 1); iter = p11_kit_iter_new (NULL); @@ -120,7 +123,8 @@ dump_trust_module (const char *path) return_val_if_fail (rv == CKR_CANCEL, 1); - p11_kit_finalize_module (module); + p11_kit_module_finalize (module); + p11_kit_module_release (module); return 0; } @@ -152,10 +156,16 @@ compare_trust_modules (const char *path1, { CKA_INVALID, } }; - rv = p11_kit_load_initialize_module (path1, &module1); + module1 = p11_kit_module_load (path1, 0); + return_val_if_fail (module1 != NULL, 1); + + rv = p11_kit_module_initialize (module1); return_val_if_fail (rv == CKR_OK, 1); - rv = p11_kit_load_initialize_module (path2, &module2); + module2 = p11_kit_module_load (path2, 0); + return_val_if_fail (module2 != NULL, 1); + + rv = p11_kit_module_initialize (module2); return_val_if_fail (rv == CKR_OK, 1); iter = p11_kit_iter_new (NULL); @@ -185,8 +195,11 @@ compare_trust_modules (const char *path1, } return_val_if_fail (rv == CKR_CANCEL, 1); - p11_kit_finalize_module (module1); - p11_kit_finalize_module (module2); + p11_kit_module_finalize (module1); + p11_kit_module_release (module1); + + p11_kit_module_finalize (module2); + p11_kit_module_release (module2); return 0; } diff --git a/trust/tests/test-builder.c b/trust/tests/test-builder.c index a875b96..891c722 100644 --- a/trust/tests/test-builder.c +++ b/trust/tests/test-builder.c @@ -33,7 +33,8 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-trust.h" #include <stdlib.h> #include <stdio.h> @@ -48,8 +49,6 @@ #include "oid.h" #include "pkcs11x.h" -#include "test-data.h" - struct { p11_builder *builder; p11_index *index; @@ -73,17 +72,17 @@ static CK_BBOOL truev = CK_TRUE; static CK_BBOOL falsev = CK_FALSE; static void -setup (CuTest *cu) +setup (void *unused) { test.builder = p11_builder_new (P11_BUILDER_FLAG_TOKEN); - CuAssertPtrNotNull (cu, test.builder); + assert_ptr_not_null (test.builder); test.index = p11_index_new (p11_builder_build, p11_builder_changed, test.builder); - CuAssertPtrNotNull (cu, test.index); + assert_ptr_not_null (test.index); } static void -teardown (CuTest *cu) +teardown (void *unused) { p11_builder_free (test.builder); p11_index_free (test.index); @@ -91,20 +90,16 @@ teardown (CuTest *cu) } static void -test_get_cache (CuTest *cu) +test_get_cache (void) { p11_asn1_cache *cache; - setup (cu); - cache = p11_builder_get_cache (test.builder); - CuAssertPtrEquals (cu, NULL, p11_asn1_cache_get (cache, "blah", (unsigned char *)"blah", 4)); - - teardown (cu); + assert_ptr_eq (NULL, p11_asn1_cache_get (cache, "blah", (unsigned char *)"blah", 4)); } static void -test_build_data (CuTest *cu) +test_build_data (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -128,21 +123,17 @@ test_build_data (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, check, attrs); + test_check_attrs (check, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_build_certificate (CuTest *cu) +test_build_certificate (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -171,21 +162,17 @@ test_build_certificate (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_build_certificate_empty (CuTest *cu) +test_build_certificate_empty (void) { unsigned char checksum[P11_HASH_SHA1_LEN]; CK_ULONG domain = 0; @@ -223,19 +210,15 @@ test_build_certificate_empty (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_hash_sha1 (checksum, test_cacert3_ca_der, sizeof (test_cacert3_ca_der), NULL); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static const unsigned char entrust_pretend_ca[] = { @@ -312,7 +295,7 @@ static const unsigned char entrust_pretend_ca[] = { }; static void -test_build_certificate_non_ca (CuTest *cu) +test_build_certificate_non_ca (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -329,20 +312,16 @@ test_build_certificate_non_ca (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_build_certificate_v1_ca (CuTest *cu) +test_build_certificate_v1_ca (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -359,20 +338,16 @@ test_build_certificate_v1_ca (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_build_certificate_staple_ca (CuTest *cu) +test_build_certificate_staple_ca (void) { CK_ULONG category = 2; /* CA */ @@ -400,28 +375,24 @@ test_build_certificate_staple_ca (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - /* Add a stapled certificate */ rv = p11_index_add (test.index, stapled, 4, NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* * Even though the certificate is not a valid CA, the presence of the * stapled certificate extension transforms it into a CA. */ - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_build_certificate_no_type (CuTest *cu) +test_build_certificate_no_type (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -432,23 +403,19 @@ test_build_certificate_no_type (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCOMPLETE, rv); + assert_num_eq (CKR_TEMPLATE_INCOMPLETE, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_build_certificate_bad_type (CuTest *cu) +test_build_certificate_bad_type (void) { CK_CERTIFICATE_TYPE type = CKC_WTLS; @@ -462,23 +429,19 @@ test_build_certificate_bad_type (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCONSISTENT, rv); + assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_build_extension (CuTest *cu) +test_build_extension (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &certificate_extension, sizeof (certificate_extension) }, @@ -502,16 +465,12 @@ test_build_extension (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, check, attrs); + test_check_attrs (check, attrs); p11_attrs_free (attrs); - - teardown (cu); } /* This certificate has and end date in 2067 */ @@ -542,7 +501,7 @@ static const unsigned char cert_distant_end_date[] = { }; static void -test_build_distant_end_date (CuTest *cu) +test_build_distant_end_date (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -560,20 +519,16 @@ test_build_distant_end_date (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_create_not_settable (CuTest *cu) +test_create_not_settable (void) { /* * CKA_TRUSTED cannot be set by the normal user according to spec @@ -591,25 +546,21 @@ test_create_not_settable (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_ATTRIBUTE_READ_ONLY, rv); + assert_num_eq (CKR_ATTRIBUTE_READ_ONLY, rv); p11_attrs_free (merge); p11_message_loud (); p11_attrs_free (attrs); - - teardown (cu); } static void -test_create_but_loadable (CuTest *cu) +test_create_but_loadable (void) { /* * CKA_TRUSTED cannot be set on creation, but can be set if we're @@ -627,24 +578,20 @@ test_create_but_loadable (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - p11_index_batch (test.index); attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); - test_check_attrs (cu, input, attrs); + test_check_attrs (input, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_create_unsupported (CuTest *cu) +test_create_unsupported (void) { CK_OBJECT_CLASS klass = CKO_PRIVATE_KEY; @@ -657,23 +604,19 @@ test_create_unsupported (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCONSISTENT, rv); + assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_create_generated (CuTest *cu) +test_create_generated (void) { CK_OBJECT_CLASS klass = CKO_NSS_TRUST; @@ -686,23 +629,19 @@ test_create_generated (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCONSISTENT, rv); + assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_create_bad_attribute (CuTest *cu) +test_create_bad_attribute (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -715,23 +654,19 @@ test_create_bad_attribute (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCONSISTENT, rv); + assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_create_missing_attribute (CuTest *cu) +test_create_missing_attribute (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &certificate_extension, sizeof (certificate_extension) }, @@ -742,23 +677,19 @@ test_create_missing_attribute (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCOMPLETE, rv); + assert_num_eq (CKR_TEMPLATE_INCOMPLETE, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_create_no_class (CuTest *cu) +test_create_no_class (void) { CK_ATTRIBUTE input[] = { { CKA_VALUE, "the value", 9 }, @@ -769,23 +700,19 @@ test_create_no_class (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCOMPLETE, rv); + assert_num_eq (CKR_TEMPLATE_INCOMPLETE, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_create_token_mismatch (CuTest *cu) +test_create_token_mismatch (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -797,23 +724,19 @@ test_create_token_mismatch (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - p11_message_quiet (); attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_TEMPLATE_INCONSISTENT, rv); + assert_num_eq (CKR_TEMPLATE_INCONSISTENT, rv); p11_attrs_free (merge); p11_message_loud (); - - teardown (cu); } static void -test_modify_success (CuTest *cu) +test_modify_success (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -839,23 +762,19 @@ test_modify_success (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (modify)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_modify_read_only (CuTest *cu) +test_modify_read_only (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -873,29 +792,25 @@ test_modify_read_only (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - attrs = NULL; merge = p11_attrs_dup (input); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_message_quiet (); merge = p11_attrs_dup (modify); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_ATTRIBUTE_READ_ONLY, rv); + assert_num_eq (CKR_ATTRIBUTE_READ_ONLY, rv); p11_attrs_free (merge); p11_message_loud (); p11_attrs_free (attrs); - - teardown (cu); } static void -test_modify_unchanged (CuTest *cu) +test_modify_unchanged (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -924,23 +839,19 @@ test_modify_unchanged (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (modify)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, expected, attrs); + test_check_attrs (expected, attrs); p11_attrs_free (attrs); - - teardown (cu); } static void -test_modify_not_modifiable (CuTest *cu) +test_modify_not_modifiable (void) { CK_ATTRIBUTE input[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -958,24 +869,20 @@ test_modify_not_modifiable (CuTest *cu) CK_ATTRIBUTE *merge; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_builder_build (test.builder, test.index, &attrs, p11_attrs_dup (input)); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_message_quiet (); merge = p11_attrs_dup (modify); rv = p11_builder_build (test.builder, test.index, &attrs, merge); - CuAssertIntEquals (cu, CKR_ATTRIBUTE_READ_ONLY, rv); + assert_num_eq (CKR_ATTRIBUTE_READ_ONLY, rv); p11_attrs_free (merge); p11_message_loud (); p11_attrs_free (attrs); - - teardown (cu); } static CK_ATTRIBUTE cacert3_assert_distrust_server[] = { @@ -1059,7 +966,7 @@ static CK_ATTRIBUTE cacert3_assert_distrust_time[] = { }; static void -test_changed_trusted_certificate (CuTest *cu) +test_changed_trusted_certificate (void) { static CK_ATTRIBUTE cacert3_trusted_certificate[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -1173,38 +1080,34 @@ test_changed_trusted_certificate (CuTest *cu) CK_RV rv; int i; - setup (cu); - /* * A trusted cetrificate, trusted for server and client purposes, * and explicitly rejects the email and timestamping purposes. */ p11_index_batch (test.index); rv = p11_index_take (test.index, p11_attrs_dup (cacert3_trusted_certificate), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_index_take (test.index, p11_attrs_dup (eku_extension_server_and_client), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_index_take (test.index, p11_attrs_dup (reject_extension_email), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); /* The other objects */ for (i = 0; expected[i]; i++) { handle = p11_index_find (test.index, expected[i], 2); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); attrs = p11_index_lookup (test.index, handle); - CuAssertPtrNotNull (cu, attrs); + assert_ptr_not_null (attrs); - test_check_attrs (cu, expected[i], attrs); + test_check_attrs (expected[i], attrs); } - - teardown (cu); } static void -test_changed_distrust_value (CuTest *cu) +test_changed_distrust_value (void) { CK_ATTRIBUTE distrust_cert[] = { { CKA_CLASS, &certificate, sizeof (certificate), }, @@ -1287,37 +1190,33 @@ test_changed_distrust_value (CuTest *cu) CK_RV rv; int i; - setup (cu); - /* * A distrusted certificate with a value, plus some extra * extensions (which should be ignored). */ p11_index_batch (test.index); rv = p11_index_take (test.index, p11_attrs_dup (distrust_cert), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_index_take (test.index, p11_attrs_dup (eku_extension), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_index_take (test.index, p11_attrs_dup (reject_extension), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); /* The other objects */ for (i = 0; expected[i]; i++) { handle = p11_index_find (test.index, expected[i], 2); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); attrs = p11_index_lookup (test.index, handle); - CuAssertPtrNotNull (cu, attrs); + assert_ptr_not_null (attrs); - test_check_attrs (cu, expected[i], attrs); + test_check_attrs (expected[i], attrs); } - - teardown (cu); } static void -test_changed_distrust_serial (CuTest *cu) +test_changed_distrust_serial (void) { CK_ATTRIBUTE distrust_cert[] = { { CKA_CLASS, &certificate, sizeof (certificate), }, @@ -1377,29 +1276,25 @@ test_changed_distrust_serial (CuTest *cu) CK_RV rv; int i; - setup (cu); - /* * A distrusted certificate without a value. */ p11_index_batch (test.index); rv = p11_index_take (test.index, p11_attrs_dup (distrust_cert), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); for (i = 0; expected[i]; i++) { handle = p11_index_find (test.index, expected[i], 2); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); attrs = p11_index_lookup (test.index, handle); - CuAssertPtrNotNull (cu, attrs); - test_check_attrs (cu, expected[i], attrs); + assert_ptr_not_null (attrs); + test_check_attrs (expected[i], attrs); } - - teardown (cu); } static void -test_changed_dup_certificates (CuTest *cu) +test_changed_dup_certificates (void) { static CK_ATTRIBUTE trusted_cert[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -1481,68 +1376,64 @@ test_changed_dup_certificates (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - /* * A trusted certificate, should create trutsed nss trust * and anchor assertions */ p11_index_batch (test.index); rv = p11_index_take (test.index, p11_attrs_dup (trusted_cert), &handle1); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); handle = p11_index_find (test.index, match_nss, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); handle = p11_index_find (test.index, match_assertion, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); handle = p11_index_find (test.index, trusted_nss, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); handle = p11_index_find (test.index, anchor_assertion, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); /* Now we add a distrusted certificate, should update the objects */ p11_index_batch (test.index); rv = p11_index_take (test.index, p11_attrs_dup (distrust_cert), &handle2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); handle = p11_index_find (test.index, trusted_nss, -1); - CuAssertTrue (cu, handle == 0); + assert (handle == 0); handle = p11_index_find (test.index, distrust_nss, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); handle = p11_index_find (test.index, anchor_assertion, -1); - CuAssertTrue (cu, handle == 0); + assert (handle == 0); handle = p11_index_find (test.index, distrust_assertion, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); /* Now remove the trusted cetrificate, should update again */ rv = p11_index_remove (test.index, handle2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); handle = p11_index_find (test.index, trusted_nss, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); handle = p11_index_find (test.index, distrust_nss, -1); - CuAssertTrue (cu, handle == 0); + assert (handle == 0); handle = p11_index_find (test.index, anchor_assertion, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); handle = p11_index_find (test.index, distrust_assertion, -1); - CuAssertTrue (cu, handle == 0); + assert (handle == 0); /* Now remove the original certificate, unknown nss and no assertions */ rv = p11_index_remove (test.index, handle1); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); handle = p11_index_find (test.index, unknown_nss, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); handle = p11_index_find (test.index, match_assertion, -1); - CuAssertTrue (cu, handle == 0); - - teardown (cu); + assert (handle == 0); } static void -test_changed_without_id (CuTest *cu) +test_changed_without_id (void) { static CK_ATTRIBUTE trusted_without_id[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -1568,26 +1459,22 @@ test_changed_without_id (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - p11_index_batch (test.index); rv = p11_index_take (test.index, p11_attrs_dup (trusted_without_id), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); klass = CKO_NSS_TRUST; handle = p11_index_find (test.index, match, -1); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); klass = CKO_X_TRUST_ASSERTION; handle = p11_index_find (test.index, match, -1); - CuAssertTrue (cu, handle != 0); - - teardown (cu); + assert (handle != 0); } static void -test_changed_staple_ca (CuTest *cu) +test_changed_staple_ca (void) { CK_ULONG category = 0; @@ -1616,31 +1503,27 @@ test_changed_staple_ca (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - attrs = NULL; rv = p11_index_take (test.index, p11_attrs_dup (input), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Not a CA at this point, until we staple */ category = 0; - CuAssertTrue (cu, p11_index_find (test.index, match, -1) == 0); + assert (p11_index_find (test.index, match, -1) == 0); /* Add a stapled basic constraint */ rv = p11_index_add (test.index, stapled, 4, NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Now should be a CA */ category = 2; - CuAssertTrue (cu, p11_index_find (test.index, match, -1) != 0); + assert (p11_index_find (test.index, match, -1) != 0); p11_attrs_free (attrs); - - teardown (cu); } static void -test_changed_staple_ku (CuTest *cu) +test_changed_staple_ku (void) { CK_ATTRIBUTE stapled_ds_and_np[] = { { CKA_CLASS, &certificate_extension, sizeof (certificate_extension) }, @@ -1684,74 +1567,55 @@ test_changed_staple_ku (CuTest *cu) CK_ATTRIBUTE *attrs; CK_RV rv; - setup (cu); - p11_index_batch (test.index); rv = p11_index_take (test.index, p11_attrs_dup (input), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = p11_index_take (test.index, p11_attrs_dup (stapled_ds_and_np), NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); p11_index_finish (test.index); handle = p11_index_find (test.index, nss_trust_ds_and_np, 2); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); attrs = p11_index_lookup (test.index, handle); - test_check_attrs (cu, nss_trust_ds_and_np, attrs); - - teardown (cu); + test_check_attrs (nss_trust_ds_and_np, attrs); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - /* p11_message_quiet (); */ - - SUITE_ADD_TEST (suite, test_get_cache); - SUITE_ADD_TEST (suite, test_build_data); - SUITE_ADD_TEST (suite, test_build_certificate); - SUITE_ADD_TEST (suite, test_build_certificate_empty); - SUITE_ADD_TEST (suite, test_build_certificate_non_ca); - SUITE_ADD_TEST (suite, test_build_certificate_v1_ca); - SUITE_ADD_TEST (suite, test_build_certificate_staple_ca); - SUITE_ADD_TEST (suite, test_build_certificate_no_type); - SUITE_ADD_TEST (suite, test_build_certificate_bad_type); - SUITE_ADD_TEST (suite, test_build_extension); - SUITE_ADD_TEST (suite, test_build_distant_end_date); - SUITE_ADD_TEST (suite, test_create_not_settable); - SUITE_ADD_TEST (suite, test_create_but_loadable); - SUITE_ADD_TEST (suite, test_create_unsupported); - SUITE_ADD_TEST (suite, test_create_generated); - SUITE_ADD_TEST (suite, test_create_bad_attribute); - SUITE_ADD_TEST (suite, test_create_missing_attribute); - SUITE_ADD_TEST (suite, test_create_no_class); - SUITE_ADD_TEST (suite, test_create_token_mismatch); - SUITE_ADD_TEST (suite, test_modify_success); - SUITE_ADD_TEST (suite, test_modify_read_only); - SUITE_ADD_TEST (suite, test_modify_unchanged); - SUITE_ADD_TEST (suite, test_modify_not_modifiable); - - SUITE_ADD_TEST (suite, test_changed_trusted_certificate); - SUITE_ADD_TEST (suite, test_changed_distrust_value); - SUITE_ADD_TEST (suite, test_changed_distrust_serial); - SUITE_ADD_TEST (suite, test_changed_without_id); - SUITE_ADD_TEST (suite, test_changed_staple_ca); - SUITE_ADD_TEST (suite, test_changed_staple_ku); - SUITE_ADD_TEST (suite, test_changed_dup_certificates); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_fixture (setup, teardown); + p11_test (test_get_cache, "/builder/get_cache"); + p11_test (test_build_data, "/builder/build_data"); + p11_test (test_build_certificate, "/builder/build_certificate"); + p11_test (test_build_certificate_empty, "/builder/build_certificate_empty"); + p11_test (test_build_certificate_non_ca, "/builder/build_certificate_non_ca"); + p11_test (test_build_certificate_v1_ca, "/builder/build_certificate_v1_ca"); + p11_test (test_build_certificate_staple_ca, "/builder/build_certificate_staple_ca"); + p11_test (test_build_certificate_no_type, "/builder/build_certificate_no_type"); + p11_test (test_build_certificate_bad_type, "/builder/build_certificate_bad_type"); + p11_test (test_build_extension, "/builder/build_extension"); + p11_test (test_build_distant_end_date, "/builder/build_distant_end_date"); + p11_test (test_create_not_settable, "/builder/create_not_settable"); + p11_test (test_create_but_loadable, "/builder/create_but_loadable"); + p11_test (test_create_unsupported, "/builder/create_unsupported"); + p11_test (test_create_generated, "/builder/create_generated"); + p11_test (test_create_bad_attribute, "/builder/create_bad_attribute"); + p11_test (test_create_missing_attribute, "/builder/create_missing_attribute"); + p11_test (test_create_no_class, "/builder/create_no_class"); + p11_test (test_create_token_mismatch, "/builder/create_token_mismatch"); + p11_test (test_modify_success, "/builder/modify_success"); + p11_test (test_modify_read_only, "/builder/modify_read_only"); + p11_test (test_modify_unchanged, "/builder/modify_unchanged"); + p11_test (test_modify_not_modifiable, "/builder/modify_not_modifiable"); + + p11_test (test_changed_trusted_certificate, "/builder/changed_trusted_certificate"); + p11_test (test_changed_distrust_value, "/builder/changed_distrust_value"); + p11_test (test_changed_distrust_serial, "/builder/changed_distrust_serial"); + p11_test (test_changed_without_id, "/builder/changed_without_id"); + p11_test (test_changed_staple_ca, "/builder/changed_staple_ca"); + p11_test (test_changed_staple_ku, "/builder/changed_staple_ku"); + p11_test (test_changed_dup_certificates, "/builder/changed_dup_certificates"); + return p11_test_run (argc, argv); } diff --git a/trust/tests/test-index.c b/trust/tests/test-index.c index 8405061..85c44b7 100644 --- a/trust/tests/test-index.c +++ b/trust/tests/test-index.c @@ -33,8 +33,10 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-trust.h" +#include <stdarg.h> #include <stdlib.h> #include <stdio.h> #include <string.h> @@ -44,28 +46,26 @@ #include "index.h" #include "message.h" -#include "test-data.h" - struct { p11_index *index; } test; static void -setup (CuTest *cu) +setup (void *unused) { test.index = p11_index_new (NULL, NULL, NULL); - CuAssertPtrNotNull (cu, test.index); + assert_ptr_not_null (test.index); } static void -teardown (CuTest *cu) +teardown (void *unused) { p11_index_free (test.index); memset (&test, 0, sizeof (test)); } static void -test_take_lookup (CuTest *cu) +test_take_lookup (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -78,26 +78,22 @@ test_take_lookup (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - attrs = p11_attrs_dup (original); rv = p11_index_take (test.index, attrs, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - test_check_attrs (cu, original, check); + test_check_attrs (original, check); check = p11_index_lookup (test.index, 1UL); - CuAssertPtrEquals (cu, NULL, check); + assert_ptr_eq (NULL, check); check = p11_index_lookup (test.index, 0UL); - CuAssertPtrEquals (cu, NULL, check); - - teardown (cu); + assert_ptr_eq (NULL, check); } static void -test_add_lookup (CuTest *cu) +test_add_lookup (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -109,19 +105,15 @@ test_add_lookup (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - rv = p11_index_add (test.index, original, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - test_check_attrs (cu, original, check); - - teardown (cu); + test_check_attrs (original, check); } static void -test_size (CuTest *cu) +test_size (void) { static CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -131,20 +123,16 @@ test_size (CuTest *cu) CK_RV rv; - setup (cu); - rv = p11_index_add (test.index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = p11_index_add (test.index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = p11_index_add (test.index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); - - CuAssertIntEquals (cu, 3, p11_index_size (test.index)); + assert (rv == CKR_OK); - teardown (cu); + assert_num_eq (3, p11_index_size (test.index)); } static int @@ -162,7 +150,7 @@ compar_ulong (const void *one, } static void -test_snapshot (CuTest *cu) +test_snapshot (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -175,29 +163,26 @@ test_snapshot (CuTest *cu) CK_OBJECT_HANDLE *snapshot; int i; - setup (cu); - for (i = 0; i < NUM; i++) p11_index_add (test.index, original, 2, expected + i); snapshot = p11_index_snapshot (test.index, NULL, NULL, 0); - CuAssertPtrNotNull (cu, snapshot); + assert_ptr_not_null (snapshot); for (i = 0; i < NUM; i++) - CuAssertTrue (cu, snapshot[i] != 0); - CuAssertTrue (cu, snapshot[NUM] == 0); + assert (snapshot[i] != 0); + assert (snapshot[NUM] == 0); qsort (snapshot, NUM, sizeof (CK_OBJECT_HANDLE), compar_ulong); for (i = 0; i < NUM; i++) - CuAssertIntEquals (cu, expected[i], snapshot[i]); + assert_num_eq (expected[i], snapshot[i]); free (snapshot); - teardown (cu); } static void -test_snapshot_base (CuTest *cu) +test_snapshot_base (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -211,31 +196,28 @@ test_snapshot_base (CuTest *cu) CK_RV rv; int i; - setup (cu); - for (i = 0; i < NUM; i++) { rv = p11_index_add (test.index, original, 2, expected + i); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); } snapshot = p11_index_snapshot (test.index, test.index, NULL, 0); - CuAssertPtrNotNull (cu, snapshot); + assert_ptr_not_null (snapshot); for (i = 0; i < NUM * 2; i++) - CuAssertTrue (cu, snapshot[i] != 0); - CuAssertTrue (cu, snapshot[NUM * 2] == 0); + assert (snapshot[i] != 0); + assert (snapshot[NUM * 2] == 0); qsort (snapshot, NUM * 2, sizeof (CK_OBJECT_HANDLE), compar_ulong); for (i = 0; i < NUM * 2; i++) - CuAssertIntEquals (cu, expected[i / 2], snapshot[i]); + assert_num_eq (expected[i / 2], snapshot[i]); free (snapshot); - teardown (cu); } static void -test_remove (CuTest *cu) +test_remove (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -248,29 +230,25 @@ test_remove (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - attrs = p11_attrs_dup (original); rv = p11_index_take (test.index, attrs, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - CuAssertPtrEquals (cu, attrs, check); + assert_ptr_eq (attrs, check); rv = p11_index_remove (test.index, 1UL); - CuAssertTrue (cu, rv == CKR_OBJECT_HANDLE_INVALID); + assert (rv == CKR_OBJECT_HANDLE_INVALID); rv = p11_index_remove (test.index, handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - CuAssertPtrEquals (cu, NULL, check); - - teardown (cu); + assert_ptr_eq (NULL, check); } static void -test_set (CuTest *cu) +test_set (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -291,29 +269,25 @@ test_set (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - attrs = p11_attrs_dup (original); rv = p11_index_take (test.index, attrs, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - test_check_attrs (cu, original, check); + test_check_attrs (original, check); rv = p11_index_set (test.index, handle, &change, 1); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - test_check_attrs (cu, changed, check); + test_check_attrs (changed, check); rv = p11_index_set (test.index, 1UL, &change, 1); - CuAssertTrue (cu, rv == CKR_OBJECT_HANDLE_INVALID); - - teardown (cu); + assert (rv == CKR_OBJECT_HANDLE_INVALID); } static void -test_update (CuTest *cu) +test_update (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -334,31 +308,27 @@ test_update (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - attrs = p11_attrs_dup (original); rv = p11_index_take (test.index, attrs, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - test_check_attrs (cu, original, check); + test_check_attrs (original, check); attrs = p11_attrs_build (NULL, &change, NULL); rv = p11_index_update (test.index, handle, attrs); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (test.index, handle); - test_check_attrs (cu, changed, check); + test_check_attrs (changed, check); attrs = p11_attrs_build (NULL, &change, NULL); rv = p11_index_update (test.index, 1L, attrs); - CuAssertTrue (cu, rv == CKR_OBJECT_HANDLE_INVALID); - - teardown (cu); + assert (rv == CKR_OBJECT_HANDLE_INVALID); } static void -test_find (CuTest *tc) +test_find (void) { CK_ATTRIBUTE first[] = { { CKA_LABEL, "yay", 3 }, @@ -399,31 +369,27 @@ test_find (CuTest *tc) CK_OBJECT_HANDLE two; CK_OBJECT_HANDLE three; - setup (tc); - p11_index_add (test.index, first, 2, &one); p11_index_add (test.index, second, 2, &two); p11_index_add (test.index, third, 2, &three); check = p11_index_find (test.index, match3, -1); - CuAssertIntEquals (tc, three, check); + assert_num_eq (three, check); check = p11_index_find (test.index, match3, 1); - CuAssertIntEquals (tc, three, check); + assert_num_eq (three, check); check = p11_index_find (test.index, match_any, -1); - CuAssertTrue (tc, check == one || check == two || check == three); + assert (check == one || check == two || check == three); check = p11_index_find (test.index, match_any, 1); - CuAssertTrue (tc, check == one || check == two || check == three); + assert (check == one || check == two || check == three); check = p11_index_find (test.index, match_none, -1); - CuAssertIntEquals (tc, 0, check); + assert_num_eq (0, check); check = p11_index_find (test.index, match_none, 2); - CuAssertIntEquals (tc, 0, check); - - teardown (tc); + assert_num_eq (0, check); } static bool @@ -464,7 +430,7 @@ handles_are (CK_OBJECT_HANDLE *handles, } static void -test_find_all (CuTest *tc) +test_find_all (void) { CK_ATTRIBUTE first[] = { { CKA_LABEL, "odd", 3 }, @@ -513,44 +479,40 @@ test_find_all (CuTest *tc) CK_OBJECT_HANDLE two; CK_OBJECT_HANDLE three; - setup (tc); - p11_index_add (test.index, first, 3, &one); p11_index_add (test.index, second, 3, &two); p11_index_add (test.index, third, 3, &three); check = p11_index_find_all (test.index, match_3, -1); - CuAssertTrue (tc, handles_are (check, three, 0UL)); + assert (handles_are (check, three, 0UL)); free (check); check = p11_index_find_all (test.index, match_none, -1); - CuAssertTrue (tc, handles_are (check, 0UL)); + assert (handles_are (check, 0UL)); free (check); check = p11_index_find_all (test.index, match_odd, -1); - CuAssertTrue (tc, handles_are (check, one, three, 0UL)); + assert (handles_are (check, one, three, 0UL)); free (check); check = p11_index_find_all (test.index, match_any, -1); - CuAssertTrue (tc, handles_are (check, one, two, three, 0UL)); + assert (handles_are (check, one, two, three, 0UL)); free (check); check = p11_index_find_all (test.index, match_none, -1); - CuAssertPtrNotNull (tc, check); - CuAssertIntEquals (tc, 0, check[0]); + assert_ptr_not_null (check); + assert_num_eq (0, check[0]); free (check); /* A double check of this method */ one = 0UL; check = &one; - CuAssertTrue (tc, !handles_are (check, 29292929, 0UL)); - CuAssertTrue (tc, !handles_are (NULL, 0UL)); - - teardown (tc); + assert (!handles_are (check, 29292929, 0UL)); + assert (!handles_are (NULL, 0UL)); } static void -test_find_realloc (CuTest *tc) +test_find_realloc (void) { CK_ATTRIBUTE attrs[] = { { CKA_LABEL, "odd", 3 }, @@ -566,24 +528,21 @@ test_find_realloc (CuTest *tc) CK_OBJECT_HANDLE *check; int i; - setup (tc); - for (i = 0; i < 1000; i++) p11_index_add (test.index, attrs, 3, NULL); check = p11_index_find_all (test.index, match, -1); - CuAssertPtrNotNull (tc, check); + assert_ptr_not_null (check); for (i = 0; i < 1000; i++) - CuAssertTrue (tc, check[i] != 0); - CuAssertIntEquals (tc, 0, check[1000]); + assert (check[i] != 0); + assert_num_eq (0, check[1000]); free (check); - teardown (tc); } static void -test_replace_all (CuTest *tc) +test_replace_all (void) { CK_ATTRIBUTE first[] = { { CKA_LABEL, "odd", 3 }, @@ -647,16 +606,14 @@ test_replace_all (CuTest *tc) p11_array *array; CK_RV rv; - setup (tc); - p11_index_add (test.index, first, 3, &one); - CuAssertTrue (tc, one != 0); + assert (one != 0); p11_index_add (test.index, second, 3, &two); - CuAssertTrue (tc, two != 0); + assert (two != 0); p11_index_add (test.index, third, 3, &three); - CuAssertTrue (tc, three != 0); + assert (three != 0); p11_index_add (test.index, fifth, 3, &five); - CuAssertTrue (tc, five != 0); + assert (five != 0); array = p11_array_new (p11_attrs_free); p11_array_push (array, p11_attrs_buildn (NULL, eins, 3)); @@ -664,38 +621,36 @@ test_replace_all (CuTest *tc) p11_array_push (array, p11_attrs_buildn (NULL, neun, 3)); rv = p11_index_replace_all (test.index, match, CKA_VALUE, array); - CuAssertTrue (tc, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (tc, 0, array->num); + assert_num_eq (0, array->num); p11_array_free (array); /* eins should have replaced one */ check = p11_index_find (test.index, eins, -1); - CuAssertIntEquals (tc, one, check); + assert_num_eq (one, check); /* two should still be around */ check = p11_index_find (test.index, second, -1); - CuAssertIntEquals (tc, two, check); + assert_num_eq (two, check); /* three should have been removed */ check = p11_index_find (test.index, third, -1); - CuAssertIntEquals (tc, 0, check); + assert_num_eq (0, check); /* five should have been removed */ check = p11_index_find (test.index, fifth, -1); - CuAssertIntEquals (tc, 0, check); + assert_num_eq (0, check); /* sieben should have been added */ check = p11_index_find (test.index, sieben, -1); - CuAssertTrue (tc, check != one && check != two && check != three && check != five); + assert (check != one && check != two && check != three && check != five); /* neun should have been added */ check = p11_index_find (test.index, neun, -1); - CuAssertTrue (tc, check != one && check != two && check != three && check != five); - - CuAssertIntEquals (tc, 4, p11_index_size (test.index)); + assert (check != one && check != two && check != three && check != five); - teardown (tc); + assert_num_eq (4, p11_index_size (test.index)); } @@ -705,17 +660,16 @@ on_build_populate (void *data, CK_ATTRIBUTE **attrs, CK_ATTRIBUTE *merge) { - CuTest *cu = data; - CK_ATTRIBUTE override[] = { { CKA_APPLICATION, "vigorous", 8 }, { CKA_LABEL, "naay", 4 }, { CKA_INVALID }, }; - CuAssertPtrNotNull (cu, index); - CuAssertPtrNotNull (cu, attrs); - CuAssertPtrNotNull (cu, merge); + assert_str_eq (data, "blah"); + assert_ptr_not_null (index); + assert_ptr_not_null (attrs); + assert_ptr_not_null (merge); *attrs = p11_attrs_merge (*attrs, merge, true); *attrs = p11_attrs_merge (*attrs, p11_attrs_dup (override), true); @@ -723,7 +677,7 @@ on_build_populate (void *data, } static void -test_build_populate (CuTest *cu) +test_build_populate (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -744,24 +698,24 @@ test_build_populate (CuTest *cu) p11_index *index; CK_RV rv; - index = p11_index_new (on_build_populate, NULL, cu); - CuAssertPtrNotNull (cu, index); + index = p11_index_new (on_build_populate, NULL, "blah"); + assert_ptr_not_null (index); rv = p11_index_add (index, original, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (index, handle); - CuAssertPtrNotNull (cu, check); + assert_ptr_not_null (check); - test_check_attrs (cu, after, check); + test_check_attrs (after, check); rv = p11_index_set (index, handle, original, 2); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); check = p11_index_lookup (index, handle); - CuAssertPtrNotNull (cu, check); + assert_ptr_not_null (check); - test_check_attrs (cu, after, check); + test_check_attrs (after, check); p11_index_free (index); } @@ -772,14 +726,13 @@ on_build_fail (void *data, CK_ATTRIBUTE **attrs, CK_ATTRIBUTE *merge) { - CuTest *cu = data; - CK_ATTRIBUTE check[] = { { CKA_LABEL, "nay", 3 }, { CKA_INVALID } }; - CuAssertPtrNotNull (cu, merge); + assert_str_eq (data, "testo"); + assert_ptr_not_null (merge); if (p11_attrs_match (merge, check)) return CKR_DEVICE_ERROR; @@ -790,7 +743,7 @@ on_build_fail (void *data, static void -test_build_fail (CuTest *cu) +test_build_fail (void) { CK_ATTRIBUTE okay[] = { { CKA_LABEL, "yay", 3 }, @@ -808,20 +761,20 @@ test_build_fail (CuTest *cu) p11_index *index; CK_RV rv; - index = p11_index_new (on_build_fail, NULL, cu); - CuAssertPtrNotNull (cu, index); + index = p11_index_new (on_build_fail, NULL, "testo"); + assert_ptr_not_null (index); rv = p11_index_add (index, okay, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = p11_index_add (index, fails, 2, NULL); - CuAssertTrue (cu, rv == CKR_DEVICE_ERROR); + assert (rv == CKR_DEVICE_ERROR); rv = p11_index_set (index, handle, fails, 2); - CuAssertTrue (cu, rv == CKR_DEVICE_ERROR); + assert (rv == CKR_DEVICE_ERROR); rv = p11_index_set (index, handle, okay, 2); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); p11_index_free (index); } @@ -836,8 +789,6 @@ on_change_check (void *data, CK_OBJECT_HANDLE handle, CK_ATTRIBUTE *attrs) { - CuTest *cu = data; - CK_ATTRIBUTE check[] = { { CKA_LABEL, "yay", 3 }, { CKA_VALUE, "eight", 5 }, @@ -845,22 +796,23 @@ on_change_check (void *data, }; - CuAssertPtrNotNull (cu, index); - CuAssertPtrNotNull (cu, attrs); + assert_str_eq (data, "change-check"); + assert_ptr_not_null (index); + assert_ptr_not_null (attrs); if (!on_change_batching) { if (on_change_removing) - CuAssertIntEquals (cu, 0, handle); + assert_num_eq (0, handle); else - CuAssertTrue (cu, handle != 0); + assert (handle != 0); } - test_check_attrs (cu, check, attrs); + test_check_attrs (check, attrs); on_change_called++; } static void -test_change_called (CuTest *cu) +test_change_called (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -873,39 +825,39 @@ test_change_called (CuTest *cu) p11_index *index; CK_RV rv; - index = p11_index_new (NULL, on_change_check, cu); - CuAssertPtrNotNull (cu, index); + index = p11_index_new (NULL, on_change_check, "change-check"); + assert_ptr_not_null (index); on_change_removing = false; on_change_called = 0; rv = p11_index_add (index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 1, on_change_called); + assert_num_eq (1, on_change_called); rv = p11_index_add (index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 2, on_change_called); + assert_num_eq (2, on_change_called); rv = p11_index_add (index, original, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 3, on_change_called); + assert_num_eq (3, on_change_called); on_change_removing = true; rv = p11_index_remove (index, handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 4, on_change_called); + assert_num_eq (4, on_change_called); p11_index_free (index); } static void -test_change_batch (CuTest *cu) +test_change_batch (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -918,38 +870,38 @@ test_change_batch (CuTest *cu) p11_index *index; CK_RV rv; - index = p11_index_new (NULL, on_change_check, cu); - CuAssertPtrNotNull (cu, index); + index = p11_index_new (NULL, on_change_check, "change-check"); + assert_ptr_not_null (index); on_change_batching = true; on_change_called = 0; p11_index_batch (index); - CuAssertTrue (cu, p11_index_in_batch (index)); + assert (p11_index_in_batch (index)); rv = p11_index_add (index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 0, on_change_called); + assert_num_eq (0, on_change_called); rv = p11_index_add (index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 0, on_change_called); + assert_num_eq (0, on_change_called); rv = p11_index_add (index, original, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 0, on_change_called); + assert_num_eq (0, on_change_called); /* Nested batch is a noop */ p11_index_batch (index); rv = p11_index_remove (index, handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); - CuAssertIntEquals (cu, 0, on_change_called); + assert_num_eq (0, on_change_called); /* * Batch finishes when first finish call is called, @@ -957,18 +909,18 @@ test_change_batch (CuTest *cu) */ p11_index_finish (index); - CuAssertTrue (cu, !p11_index_in_batch (index)); + assert (!p11_index_in_batch (index)); /* * Only three calls, because later operations on the * same handle override the earlier one. */ - CuAssertIntEquals (cu, 3, on_change_called); + assert_num_eq (3, on_change_called); /* This is a noop */ p11_index_finish (index); - CuAssertTrue (cu, !p11_index_in_batch (index)); + assert (!p11_index_in_batch (index)); p11_index_free (index); } @@ -979,7 +931,6 @@ on_change_nested (void *data, CK_OBJECT_HANDLE handle, CK_ATTRIBUTE *attrs) { - CuTest *cu = data; CK_RV rv; CK_ATTRIBUTE second[] = { @@ -989,15 +940,16 @@ on_change_nested (void *data, }; + assert_str_eq (data, "change-nested"); on_change_called++; /* A nested call */ rv = p11_index_add (index, second, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); } static void -test_change_nested (CuTest *cu) +test_change_nested (void) { CK_ATTRIBUTE original[] = { { CKA_LABEL, "yay", 3 }, @@ -1009,61 +961,50 @@ test_change_nested (CuTest *cu) p11_index *index; CK_RV rv; - index = p11_index_new (NULL, on_change_nested, cu); - CuAssertPtrNotNull (cu, index); + index = p11_index_new (NULL, on_change_nested, "change-nested"); + assert_ptr_not_null (index); on_change_called = 0; rv = p11_index_add (index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertIntEquals (cu, 1, on_change_called); + assert (rv == CKR_OK); + assert_num_eq (1, on_change_called); on_change_called = 0; p11_index_batch (index); rv = p11_index_add (index, original, 2, NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); p11_index_finish (index); - CuAssertIntEquals (cu, 1, on_change_called); + assert_num_eq (1, on_change_called); p11_index_free (index); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); p11_message_quiet (); - SUITE_ADD_TEST (suite, test_add_lookup); - SUITE_ADD_TEST (suite, test_take_lookup); - SUITE_ADD_TEST (suite, test_size); - SUITE_ADD_TEST (suite, test_remove); - SUITE_ADD_TEST (suite, test_snapshot); - SUITE_ADD_TEST (suite, test_snapshot_base); - SUITE_ADD_TEST (suite, test_set); - SUITE_ADD_TEST (suite, test_update); - SUITE_ADD_TEST (suite, test_find); - SUITE_ADD_TEST (suite, test_find_all); - SUITE_ADD_TEST (suite, test_find_realloc); - SUITE_ADD_TEST (suite, test_replace_all); - SUITE_ADD_TEST (suite, test_build_populate); - SUITE_ADD_TEST (suite, test_build_fail); - SUITE_ADD_TEST (suite, test_change_called); - SUITE_ADD_TEST (suite, test_change_batch); - SUITE_ADD_TEST (suite, test_change_nested); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_fixture (setup, teardown); + p11_test (test_add_lookup, "/index/add_lookup"); + p11_test (test_take_lookup, "/index/take_lookup"); + p11_test (test_size, "/index/size"); + p11_test (test_remove, "/index/remove"); + p11_test (test_snapshot, "/index/snapshot"); + p11_test (test_snapshot_base, "/index/snapshot_base"); + p11_test (test_set, "/index/set"); + p11_test (test_update, "/index/update"); + p11_test (test_find, "/index/find"); + p11_test (test_find_all, "/index/find_all"); + p11_test (test_find_realloc, "/index/find_realloc"); + p11_test (test_replace_all, "/index/replace_all"); + + p11_fixture (NULL, NULL); + p11_test (test_build_populate, "/index/build_populate"); + p11_test (test_build_fail, "/index/build_fail"); + p11_test (test_change_called, "/index/change_called"); + p11_test (test_change_batch, "/index/change_batch"); + p11_test (test_change_nested, "/index/change_nested"); + return p11_test_run (argc, argv); } diff --git a/trust/tests/test-module.c b/trust/tests/test-module.c index 472263a..3d6c00b 100644 --- a/trust/tests/test-module.c +++ b/trust/tests/test-module.c @@ -32,21 +32,21 @@ * Author: Stef Walter <stefw@gnome.org> */ +#define CRYPTOKI_EXPORTS + #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-trust.h" #include <stdlib.h> #include <stdio.h> #include <string.h> -#define CRYPTOKI_EXPORTS - #include "attrs.h" #include "hash.h" #include "library.h" #include "path.h" #include "pkcs11x.h" -#include "test-data.h" #include "token.h" #include <assert.h> @@ -60,14 +60,17 @@ #define NUM_SLOTS 3 static CK_OBJECT_CLASS data = CKO_DATA; +static CK_BBOOL vtrue = CK_TRUE; +static CK_BBOOL vfalse = CK_FALSE; struct { CK_FUNCTION_LIST *module; CK_SLOT_ID slots[NUM_SLOTS]; + char *directory; } test; static void -setup (CuTest *cu) +setup (void *unused) { CK_C_INITIALIZE_ARGS args; const char *paths; @@ -79,89 +82,122 @@ setup (CuTest *cu) /* This is the entry point of the trust module, linked to this test */ rv = C_GetFunctionList (&test.module); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); memset (&args, 0, sizeof (args)); paths = SRCDIR "/input" P11_PATH_SEP \ SRCDIR "/files/self-signed-with-ku.der" P11_PATH_SEP \ SRCDIR "/files/thawte.pem"; if (asprintf (&arguments, "paths='%s'", paths) < 0) - CuAssertTrue (cu, false && "not reached"); + assert (false && "not reached"); args.pReserved = arguments; args.flags = CKF_OS_LOCKING_OK; rv = test.module->C_Initialize (&args); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); free (arguments); count = NUM_SLOTS; rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertTrue (cu, count == NUM_SLOTS); + assert (rv == CKR_OK); + assert (count == NUM_SLOTS); } static void -teardown (CuTest *cu) +teardown (void *unused) { CK_RV rv; rv = test.module->C_Finalize (NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); + + free (test.directory); memset (&test, 0, sizeof (test)); } static void -test_get_slot_list (CuTest *cu) +setup_writable (void *unused) +{ + CK_C_INITIALIZE_ARGS args; + char *arguments; + CK_ULONG count; + CK_RV rv; + + memset (&test, 0, sizeof (test)); + + /* This is the entry point of the trust module, linked to this test */ + rv = C_GetFunctionList (&test.module); + assert (rv == CKR_OK); + + test.directory = p11_path_expand ("$TEMP/test-module.XXXXXX"); + if (!mkdtemp (test.directory)) + assert_not_reached (); + + memset (&args, 0, sizeof (args)); + if (asprintf (&arguments, "paths='%s'", test.directory) < 0) + assert (false && "not reached"); + args.pReserved = arguments; + args.flags = CKF_OS_LOCKING_OK; + + rv = test.module->C_Initialize (&args); + assert (rv == CKR_OK); + + free (arguments); + + count = 1; + rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count); + assert_num_eq (rv, CKR_OK); + assert_num_eq (count, 1); +} + +static void +test_get_slot_list (void) { CK_SLOT_ID slots[NUM_SLOTS]; CK_ULONG count; CK_RV rv; int i; - setup (cu); - rv = test.module->C_GetSlotList (TRUE, NULL, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, NUM_SLOTS, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (NUM_SLOTS, count); count = 1; rv = test.module->C_GetSlotList (TRUE, slots, &count); - CuAssertIntEquals (cu, CKR_BUFFER_TOO_SMALL, rv); - CuAssertIntEquals (cu, NUM_SLOTS, count); + assert_num_eq (CKR_BUFFER_TOO_SMALL, rv); + assert_num_eq (NUM_SLOTS, count); count = NUM_SLOTS; memset (slots, 0, sizeof (slots)); rv = test.module->C_GetSlotList (TRUE, slots, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, NUM_SLOTS, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (NUM_SLOTS, count); for (i = 0; i < NUM_SLOTS; i++) - CuAssertTrue (cu, slots[i] != 0); - - teardown (cu); + assert (slots[i] != 0); } static void -test_null_initialize (CuTest *cu) +test_null_initialize (void) { CK_FUNCTION_LIST *module; CK_RV rv; /* This is the entry point of the trust module, linked to this test */ rv = C_GetFunctionList (&module); - CuAssertTrue (cu, rv == CKR_OK); + assert_num_eq (rv, CKR_OK); rv = module->C_Initialize (NULL); - CuAssertTrue (cu, rv == CKR_OK); + assert_num_eq (rv, CKR_OK); rv = module->C_Finalize (NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); } static void -test_multi_initialize (CuTest *cu) +test_multi_initialize (void) { static CK_C_INITIALIZE_ARGS args = { NULL, NULL, NULL, NULL, CKF_OS_LOCKING_OK, NULL, }; @@ -174,42 +210,42 @@ test_multi_initialize (CuTest *cu) /* This is the entry point of the trust module, linked to this test */ rv = C_GetFunctionList (&module); - CuAssertTrue (cu, rv == CKR_OK); + assert_num_eq (rv, CKR_OK); rv = module->C_Initialize (&args); - CuAssertTrue (cu, rv == CKR_OK); + assert_num_eq (rv, CKR_OK); count = 8; rv = module->C_GetSlotList (CK_TRUE, slots, &count); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertTrue (cu, count > 0); + assert_num_eq (rv, CKR_OK); + assert_num_cmp (count, >, 0); rv = module->C_OpenSession (slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + assert_num_eq (rv, CKR_OK); rv = module->C_GetSessionInfo (session, &info); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertTrue (cu, info.slotID == slots[0]); + assert_num_eq (rv, CKR_OK); + assert_num_eq (info.slotID, slots[0]); rv = module->C_Initialize (&args); - CuAssertTrue (cu, rv == CKR_OK); + assert_num_eq (rv, CKR_OK); rv = module->C_GetSessionInfo (session, &info); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertTrue (cu, info.slotID == slots[0]); + assert_num_eq (rv, CKR_OK); + assert_num_eq (info.slotID, slots[0]); rv = module->C_Finalize (NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = module->C_Finalize (NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = module->C_Finalize (NULL); - CuAssertIntEquals (cu, CKR_CRYPTOKI_NOT_INITIALIZED, rv); + assert_num_eq (CKR_CRYPTOKI_NOT_INITIALIZED, rv); } static void -test_get_slot_info (CuTest *cu) +test_get_slot_info (void) { CK_SLOT_ID slots[NUM_SLOTS]; CK_SLOT_INFO info; @@ -226,30 +262,26 @@ test_get_slot_info (CuTest *cu) SRCDIR "/files/thawte.pem" }; - setup (cu); - count = NUM_SLOTS; rv = test.module->C_GetSlotList (TRUE, slots, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, NUM_SLOTS, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (NUM_SLOTS, count); for (i = 0; i < NUM_SLOTS; i++) { rv = test.module->C_GetSlotInfo (slots[i], &info); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); memset (description, ' ', sizeof (description)); length = strlen(paths[i]); if (length > sizeof (description)) length = sizeof (description); memcpy (description, paths[i], length); - CuAssertTrue (cu, memcmp (info.slotDescription, description, sizeof (description)) == 0); + assert (memcmp (info.slotDescription, description, sizeof (description)) == 0); } - - teardown (cu); } static void -test_get_token_info (CuTest *cu) +test_get_token_info (void) { CK_C_INITIALIZE_ARGS args; CK_FUNCTION_LIST *module; @@ -269,7 +301,7 @@ test_get_token_info (CuTest *cu) /* This is the entry point of the trust module, linked to this test */ rv = C_GetFunctionList (&module); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); memset (&args, 0, sizeof (args)); args.pReserved = "paths='" \ @@ -279,28 +311,28 @@ test_get_token_info (CuTest *cu) args.flags = CKF_OS_LOCKING_OK; rv = module->C_Initialize (&args); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); count = NUM_SLOTS; rv = module->C_GetSlotList (CK_TRUE, slots, &count); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertTrue (cu, count == NUM_SLOTS); + assert (rv == CKR_OK); + assert (count == NUM_SLOTS); for (i = 0; i < NUM_SLOTS; i++) { rv = module->C_GetTokenInfo (slots[i], &info); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); memset (label, ' ', sizeof (label)); memcpy (label, labels[i], strlen (labels[i])); - CuAssertTrue (cu, memcmp (info.label, label, sizeof (label)) == 0); + assert (memcmp (info.label, label, sizeof (label)) == 0); } rv = module->C_Finalize (NULL); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); } static void -test_get_session_info (CuTest *cu) +test_get_session_info (void) { CK_SLOT_ID slots[NUM_SLOTS]; CK_SESSION_HANDLE sessions[NUM_SLOTS]; @@ -309,30 +341,26 @@ test_get_session_info (CuTest *cu) CK_RV rv; int i; - setup (cu); - count = NUM_SLOTS; rv = test.module->C_GetSlotList (TRUE, slots, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, NUM_SLOTS, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (NUM_SLOTS, count); /* Open two sessions with each token */ for (i = 0; i < NUM_SLOTS; i++) { rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i]); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_GetSessionInfo (sessions[i], &info); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - CuAssertIntEquals (cu, slots[i], info.slotID); - CuAssertIntEquals (cu, CKF_SERIAL_SESSION, info.flags); + assert_num_eq (slots[i], info.slotID); + assert_num_eq (CKF_SERIAL_SESSION, info.flags); } - - teardown (cu); } static void -test_close_all_sessions (CuTest *cu) +test_close_all_sessions (void) { CK_SLOT_ID slots[NUM_SLOTS]; CK_SESSION_HANDLE sessions[NUM_SLOTS][2]; @@ -341,52 +369,47 @@ test_close_all_sessions (CuTest *cu) CK_RV rv; int i; - setup (cu); - count = NUM_SLOTS; rv = test.module->C_GetSlotList (TRUE, slots, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, NUM_SLOTS, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (NUM_SLOTS, count); /* Open two sessions with each token */ for (i = 0; i < NUM_SLOTS; i++) { rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i][0]); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_GetSessionInfo (sessions[i][0], &info); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i][1]); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_GetSessionInfo (sessions[i][0], &info); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); } /* Close all the sessions on the first token */ rv = test.module->C_CloseAllSessions (slots[0]); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Those sessions should be closed */ rv = test.module->C_GetSessionInfo (sessions[0][0], &info); - CuAssertIntEquals (cu, CKR_SESSION_HANDLE_INVALID, rv); + assert_num_eq (CKR_SESSION_HANDLE_INVALID, rv); rv = test.module->C_GetSessionInfo (sessions[0][1], &info); - CuAssertIntEquals (cu, CKR_SESSION_HANDLE_INVALID, rv); + assert_num_eq (CKR_SESSION_HANDLE_INVALID, rv); /* Other sessions should still be open */ for (i = 1; i < NUM_SLOTS; i++) { rv = test.module->C_GetSessionInfo (sessions[i][0], &info); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_GetSessionInfo (sessions[i][0], &info); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); } - - teardown (cu); } static CK_ULONG -find_objects (CuTest *cu, - CK_ATTRIBUTE *match, +find_objects (CK_ATTRIBUTE *match, CK_OBJECT_HANDLE *sessions, CK_OBJECT_HANDLE *objects, CK_ULONG max_objects) @@ -400,14 +423,14 @@ find_objects (CuTest *cu, found = 0; for (i = 0; i < NUM_SLOTS; i++) { rv = test.module->C_OpenSession (test.slots[i], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_FindObjectsInit (session, match, p11_attrs_count (match)); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_FindObjects (session, objects + found, max_objects - found, &count); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_FindObjectsFinal (session); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); for (j = found ; j < found + count; j++) sessions[j] = session; @@ -419,8 +442,7 @@ find_objects (CuTest *cu, } static void -check_trust_object_equiv (CuTest *cu, - CK_SESSION_HANDLE session, +check_trust_object_equiv (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE trust, CK_ATTRIBUTE *cert) { @@ -444,14 +466,13 @@ check_trust_object_equiv (CuTest *cu, }; rv = test.module->C_GetAttributeValue (session, trust, equiv, 6); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); - test_check_attrs (cu, equiv, cert); + test_check_attrs (equiv, cert); } static void -check_trust_object_hashes (CuTest *cu, - CK_SESSION_HANDLE session, +check_trust_object_hashes (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE trust, CK_ATTRIBUTE *cert) { @@ -468,21 +489,20 @@ check_trust_object_hashes (CuTest *cu, }; rv = test.module->C_GetAttributeValue (session, trust, hashes, 2); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); value = p11_attrs_find_valid (cert, CKA_VALUE); - CuAssertPtrNotNull (cu, value); + assert_ptr_not_null (value); p11_hash_md5 (check, value->pValue, value->ulValueLen, NULL); - CuAssertTrue (cu, memcmp (md5, check, sizeof (md5)) == 0); + assert (memcmp (md5, check, sizeof (md5)) == 0); p11_hash_sha1 (check, value->pValue, value->ulValueLen, NULL); - CuAssertTrue (cu, memcmp (sha1, check, sizeof (sha1)) == 0); + assert (memcmp (sha1, check, sizeof (sha1)) == 0); } static void -check_has_trust_object (CuTest *cu, - CK_ATTRIBUTE *cert) +check_has_trust_object (CK_ATTRIBUTE *cert) { CK_OBJECT_CLASS trust_object = CKO_NSS_TRUST; CK_ATTRIBUTE klass = { CKA_CLASS, &trust_object, sizeof (trust_object) }; @@ -493,21 +513,20 @@ check_has_trust_object (CuTest *cu, CK_ULONG count; attr = p11_attrs_find_valid (cert, CKA_ID); - CuAssertPtrNotNull (cu, attr); + assert_ptr_not_null (attr); match = p11_attrs_build (NULL, &klass, attr, NULL); - count = find_objects (cu, match, sessions, objects, 2); - CuAssertIntEquals (cu, 1, count); + count = find_objects (match, sessions, objects, 2); + assert_num_eq (1, count); - check_trust_object_equiv (cu, sessions[0], objects[0], cert); - check_trust_object_hashes (cu, sessions[0], objects[0], cert); + check_trust_object_equiv (sessions[0], objects[0], cert); + check_trust_object_hashes (sessions[0], objects[0], cert); p11_attrs_free (match); } static void -check_certificate (CuTest *cu, - CK_SESSION_HANDLE session, +check_certificate (CK_SESSION_HANDLE session, CK_OBJECT_HANDLE handle) { unsigned char label[4096]= { 0, }; @@ -548,7 +567,7 @@ check_certificate (CuTest *cu, /* Note that we don't pass the CKA_INVALID attribute in */ rv = test.module->C_GetAttributeValue (session, handle, attrs, 15); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); /* If this is the cacert3 certificate, check its values */ if (memcmp (value, test_cacert3_ca_der, sizeof (test_cacert3_ca_der)) == 0) { @@ -565,25 +584,25 @@ check_certificate (CuTest *cu, { CKA_INVALID, }, }; - test_check_cacert3_ca (cu, attrs, NULL); + test_check_cacert3_ca (attrs, NULL); /* Get anchor specific attributes */ rv = test.module->C_GetAttributeValue (session, handle, anchor, 1); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); /* It lives in the trusted directory */ - test_check_attrs (cu, check, anchor); + test_check_attrs (check, anchor); /* Other certificates, we can't check the values */ } else { - test_check_object (cu, attrs, CKO_CERTIFICATE, NULL); + test_check_object (attrs, CKO_CERTIFICATE, NULL); } - check_has_trust_object (cu, attrs); + check_has_trust_object (attrs); } static void -test_find_certificates (CuTest *cu) +test_find_certificates (void) { CK_OBJECT_CLASS klass = CKO_CERTIFICATE; @@ -597,23 +616,17 @@ test_find_certificates (CuTest *cu) CK_ULONG count; CK_ULONG i; - setup (cu); - - count = find_objects (cu, match, sessions, objects, 16); - CuAssertIntEquals (cu, 8, count); + count = find_objects (match, sessions, objects, 16); + assert_num_eq (8, count); for (i = 0; i < count; i++) - check_certificate (cu, sessions[i], objects[i]); - - teardown (cu); + check_certificate (sessions[i], objects[i]); } static void -test_find_builtin (CuTest *cu) +test_find_builtin (void) { CK_OBJECT_CLASS klass = CKO_NSS_BUILTIN_ROOT_LIST; - CK_BBOOL vtrue = CK_TRUE; - CK_BBOOL vfalse = CK_FALSE; CK_ATTRIBUTE match[] = { { CKA_CLASS, &klass, sizeof (klass) }, @@ -627,17 +640,13 @@ test_find_builtin (CuTest *cu) CK_SESSION_HANDLE sessions[16]; CK_ULONG count; - setup (cu); - /* One per token */ - count = find_objects (cu, match, sessions, objects, 16); - CuAssertIntEquals (cu, NUM_SLOTS, count); - - teardown (cu); + count = find_objects (match, sessions, objects, 16); + assert_num_eq (NUM_SLOTS, count); } static void -test_session_object (CuTest *cu) +test_session_object (void) { CK_ATTRIBUTE original[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -651,22 +660,18 @@ test_session_object (CuTest *cu) CK_ULONG size; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_CreateObject (session, original, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_GetObjectSize (session, handle, &size); - CuAssertTrue (cu, rv == CKR_OK); - - teardown (cu); + assert (rv == CKR_OK); } static void -test_session_find (CuTest *cu) +test_session_find (void) { CK_ATTRIBUTE original[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -681,30 +686,26 @@ test_session_find (CuTest *cu) CK_ULONG count; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_CreateObject (session, original, 2, &handle); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjectsInit (session, original, 2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjects (session, &check, 1, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, 1, count); - CuAssertIntEquals (cu, handle, check); + assert_num_eq (CKR_OK, rv); + assert_num_eq (1, count); + assert_num_eq (handle, check); rv = test.module->C_FindObjectsFinal (session); - CuAssertIntEquals (cu, CKR_OK, rv); - - teardown (cu); + assert_num_eq (CKR_OK, rv); } static void -test_session_find_no_attr (CuTest *cu) +test_session_find_no_attr (void) { CK_ATTRIBUTE original[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -724,71 +725,59 @@ test_session_find_no_attr (CuTest *cu) CK_ULONG count; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_CreateObject (session, original, 3, &handle); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjectsInit (session, match, 1); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjects (session, &check, 1, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, 0, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (0, count); rv = test.module->C_FindObjectsFinal (session); - CuAssertIntEquals (cu, CKR_OK, rv); - - teardown (cu); + assert_num_eq (CKR_OK, rv); } static void -test_lookup_invalid (CuTest *cu) +test_lookup_invalid (void) { CK_SESSION_HANDLE session; CK_ULONG size; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_GetObjectSize (session, 88888, &size); - CuAssertTrue (cu, rv == CKR_OBJECT_HANDLE_INVALID); - - teardown (cu); + assert (rv == CKR_OBJECT_HANDLE_INVALID); } static void -test_remove_token (CuTest *cu) +test_remove_token (void) { CK_SESSION_HANDLE session; CK_OBJECT_HANDLE handle; CK_ULONG count; CK_RV rv; - setup (cu); - - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session); + assert (rv == CKR_OK); rv = test.module->C_FindObjectsInit (session, NULL, 0); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_FindObjects (session, &handle, 1, &count); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertIntEquals (cu, 1, count); + assert (rv == CKR_OK); + assert_num_eq (1, count); rv = test.module->C_DestroyObject (session, handle); - CuAssertTrue (cu, rv == CKR_TOKEN_WRITE_PROTECTED); - - teardown (cu); + assert_num_eq (rv, CKR_FUNCTION_REJECTED); } static void -test_setattr_token (CuTest *cu) +test_setattr_token (void) { CK_ATTRIBUTE original[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -802,26 +791,22 @@ test_setattr_token (CuTest *cu) CK_ULONG count; CK_RV rv; - setup (cu); - - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session); + assert (rv == CKR_OK); rv = test.module->C_FindObjectsInit (session, NULL, 0); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_FindObjects (session, &handle, 1, &count); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertIntEquals (cu, 1, count); + assert (rv == CKR_OK); + assert_num_eq (1, count); rv = test.module->C_SetAttributeValue (session, handle, original, 2); - CuAssertTrue (cu, rv == CKR_TOKEN_WRITE_PROTECTED); - - teardown (cu); + assert_num_eq (rv, CKR_ATTRIBUTE_READ_ONLY); } static void -test_session_copy (CuTest *cu) +test_session_copy (void) { CK_ATTRIBUTE original[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -836,25 +821,21 @@ test_session_copy (CuTest *cu) CK_ULONG size; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_CreateObject (session, original, 2, &handle); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_CopyObject (session, handle, original, 2, ©); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_GetObjectSize (session, copy, &size); - CuAssertIntEquals (cu, CKR_OK, rv); - - teardown (cu); + assert_num_eq (CKR_OK, rv); } static void -test_session_setattr (CuTest *cu) +test_session_setattr (void) { CK_ATTRIBUTE original[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -867,22 +848,18 @@ test_session_setattr (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_CreateObject (session, original, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_SetAttributeValue (session, handle, original, 2); - CuAssertTrue (cu, rv == CKR_OK); - - teardown (cu); + assert (rv == CKR_OK); } static void -test_session_remove (CuTest *cu) +test_session_remove (void) { CK_ATTRIBUTE original[] = { { CKA_CLASS, &data, sizeof (data) }, @@ -895,25 +872,21 @@ test_session_remove (CuTest *cu) CK_OBJECT_HANDLE handle; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_CreateObject (session, original, 2, &handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_DestroyObject (session, handle); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); rv = test.module->C_DestroyObject (session, handle); - CuAssertTrue (cu, rv == CKR_OBJECT_HANDLE_INVALID); - - teardown (cu); + assert (rv == CKR_OBJECT_HANDLE_INVALID); } static void -test_find_serial_der_decoded (CuTest *cu) +test_find_serial_der_decoded (void) { CK_OBJECT_CLASS nss_trust = CKO_NSS_TRUST; @@ -946,39 +919,35 @@ test_find_serial_der_decoded (CuTest *cu) * See work_around_broken_nss_serial_number_lookups(). */ - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_CreateObject (session, object, 2, &handle); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Do a standard find for the same object */ rv = test.module->C_FindObjectsInit (session, object, 2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjects (session, &check, 1, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, 1, count); - CuAssertIntEquals (cu, handle, check); + assert_num_eq (CKR_OK, rv); + assert_num_eq (1, count); + assert_num_eq (handle, check); rv = test.module->C_FindObjectsFinal (session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Do a find for the serial number decoded */ rv = test.module->C_FindObjectsInit (session, match_decoded, 2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjects (session, &check, 1, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, 1, count); - CuAssertIntEquals (cu, handle, check); + assert_num_eq (CKR_OK, rv); + assert_num_eq (1, count); + assert_num_eq (handle, check); rv = test.module->C_FindObjectsFinal (session); - CuAssertIntEquals (cu, CKR_OK, rv); - - teardown (cu); + assert_num_eq (CKR_OK, rv); } static void -test_find_serial_der_mismatch (CuTest *cu) +test_find_serial_der_mismatch (void) { CK_OBJECT_CLASS nss_trust = CKO_NSS_TRUST; @@ -1000,109 +969,135 @@ test_find_serial_der_mismatch (CuTest *cu) CK_ULONG count; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_CreateObject (session, object, 2, &handle); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Do a find with a null serial number, no match */ rv = test.module->C_FindObjectsInit (session, match, 2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjects (session, &check, 1, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, 0, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (0, count); rv = test.module->C_FindObjectsFinal (session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Do a find with a wrong length, no match */ match[0].pValue = "at"; match[0].ulValueLen = 2; rv = test.module->C_FindObjectsInit (session, match, 2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjects (session, &check, 1, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, 0, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (0, count); rv = test.module->C_FindObjectsFinal (session); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); /* Do a find with a right length, wrong value, no match */ match[0].pValue = "one"; match[0].ulValueLen = 3; rv = test.module->C_FindObjectsInit (session, match, 2); - CuAssertIntEquals (cu, CKR_OK, rv); + assert_num_eq (CKR_OK, rv); rv = test.module->C_FindObjects (session, &check, 1, &count); - CuAssertIntEquals (cu, CKR_OK, rv); - CuAssertIntEquals (cu, 0, count); + assert_num_eq (CKR_OK, rv); + assert_num_eq (0, count); rv = test.module->C_FindObjectsFinal (session); - CuAssertIntEquals (cu, CKR_OK, rv); - - teardown (cu); + assert_num_eq (CKR_OK, rv); } static void -test_login_logout (CuTest *cu) +test_login_logout (void) { CK_SESSION_HANDLE session; CK_RV rv; - setup (cu); - rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, NULL, NULL, &session); - CuAssertTrue (cu, rv == CKR_OK); + assert (rv == CKR_OK); /* Just testing our stubs for now */ rv = test.module->C_Login (session, CKU_USER, NULL, 0); - CuAssertTrue (cu, rv == CKR_USER_TYPE_INVALID); + assert (rv == CKR_USER_TYPE_INVALID); rv = test.module->C_Logout (session); - CuAssertTrue (cu, rv == CKR_USER_NOT_LOGGED_IN); + assert (rv == CKR_USER_NOT_LOGGED_IN); +} + +static void +test_token_writable (void) +{ + CK_TOKEN_INFO info; + CK_RV rv; + + rv = test.module->C_GetTokenInfo (test.slots[0], &info); - teardown (cu); + assert_num_eq (rv, CKR_OK); + assert_num_eq (info.flags & CKF_WRITE_PROTECTED, 0); } -int -main (void) +static void +test_session_read_only_create (void) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; + CK_ATTRIBUTE original[] = { + { CKA_CLASS, &data, sizeof (data) }, + { CKA_LABEL, "yay", 3 }, + { CKA_VALUE, "eight", 5 }, + { CKA_TOKEN, &vtrue, sizeof (vtrue) }, + { CKA_INVALID } + }; + + CK_SESSION_HANDLE session; + CK_OBJECT_HANDLE handle; + CK_RV rv; - putenv ("P11_KIT_STRICT=1"); + /* Read-only session */ + rv = test.module->C_OpenSession (test.slots[0], CKF_SERIAL_SESSION, + NULL, NULL, &session); + assert (rv == CKR_OK); + + /* Create a token object */ + rv = test.module->C_CreateObject (session, original, 4, &handle); + assert_num_eq (rv, CKR_SESSION_READ_ONLY); +} + +int +main (int argc, + char *argv[]) +{ p11_library_init (); - SUITE_ADD_TEST (suite, test_null_initialize); - SUITE_ADD_TEST (suite, test_multi_initialize); - SUITE_ADD_TEST (suite, test_get_slot_list); - SUITE_ADD_TEST (suite, test_get_slot_info); - SUITE_ADD_TEST (suite, test_get_token_info); - SUITE_ADD_TEST (suite, test_get_session_info); - SUITE_ADD_TEST (suite, test_close_all_sessions); - SUITE_ADD_TEST (suite, test_find_certificates); - SUITE_ADD_TEST (suite, test_find_builtin); - SUITE_ADD_TEST (suite, test_lookup_invalid); - SUITE_ADD_TEST (suite, test_remove_token); - SUITE_ADD_TEST (suite, test_setattr_token); - SUITE_ADD_TEST (suite, test_session_object); - SUITE_ADD_TEST (suite, test_session_find); - SUITE_ADD_TEST (suite, test_session_find_no_attr); - SUITE_ADD_TEST (suite, test_session_copy); - SUITE_ADD_TEST (suite, test_session_remove); - SUITE_ADD_TEST (suite, test_session_setattr); - SUITE_ADD_TEST (suite, test_find_serial_der_decoded); - SUITE_ADD_TEST (suite, test_find_serial_der_mismatch); - SUITE_ADD_TEST (suite, test_login_logout); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_fixture (setup, teardown); + p11_test (test_get_slot_list, "/module/get_slot_list"); + p11_test (test_get_slot_info, "/module/get_slot_info"); + + p11_fixture (NULL, NULL); + p11_test (test_null_initialize, "/module/initialize-null"); + p11_test (test_multi_initialize, "/module/initialize-multi"); + p11_test (test_get_token_info, "/module/get_token_info"); + + p11_fixture (setup, teardown); + p11_test (test_get_session_info, "/module/get_session_info"); + p11_test (test_close_all_sessions, "/module/close_all_sessions"); + p11_test (test_find_certificates, "/module/find_certificates"); + p11_test (test_find_builtin, "/module/find_builtin"); + p11_test (test_lookup_invalid, "/module/lookup_invalid"); + p11_test (test_remove_token, "/module/remove_token"); + p11_test (test_setattr_token, "/module/setattr_token"); + p11_test (test_session_object, "/module/session_object"); + p11_test (test_session_find, "/module/session_find"); + p11_test (test_session_find_no_attr, "/module/session_find_no_attr"); + p11_test (test_session_copy, "/module/session_copy"); + p11_test (test_session_remove, "/module/session_remove"); + p11_test (test_session_setattr, "/module/session_setattr"); + p11_test (test_find_serial_der_decoded, "/module/find_serial_der_decoded"); + p11_test (test_find_serial_der_mismatch, "/module/find_serial_der_mismatch"); + p11_test (test_login_logout, "/module/login_logout"); + + p11_fixture (setup_writable, teardown); + p11_test (test_token_writable, "/module/token-writable"); + p11_test (test_session_read_only_create, "/module/session-read-only-create"); + + return p11_test_run (argc, argv); } diff --git a/trust/tests/test-parser.c b/trust/tests/test-parser.c index 147823a..2b60254 100644 --- a/trust/tests/test-parser.c +++ b/trust/tests/test-parser.c @@ -33,7 +33,8 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-trust.h" #include <stdlib.h> #include <stdio.h> @@ -47,7 +48,6 @@ #include "oid.h" #include "parser.h" #include "pkcs11x.h" -#include "test-data.h" struct { p11_parser *parser; @@ -56,16 +56,16 @@ struct { } test; static void -setup (CuTest *cu) +setup (void *unused) { test.index = p11_index_new (NULL, NULL, NULL); test.cache = p11_asn1_cache_new (); test.parser = p11_parser_new (test.index, test.cache); - CuAssertPtrNotNull (cu, test.parser); + assert_ptr_not_null (test.parser); } static void -teardown (CuTest *cu) +teardown (void *unused) { p11_parser_free (test.parser); p11_index_free (test.index); @@ -94,7 +94,7 @@ parsed_attrs (CK_ATTRIBUTE *match) } static void -test_parse_der_certificate (CuTest *cu) +test_parse_der_certificate (void) { CK_ATTRIBUTE *cert; int ret; @@ -109,23 +109,19 @@ test_parse_der_certificate (CuTest *cu) { CKA_INVALID }, }; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", P11_PARSE_FLAG_NONE); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - CuAssertIntEquals (cu, 1, p11_index_size (test.index)); + assert_num_eq (1, p11_index_size (test.index)); cert = parsed_attrs (certificate_match); - test_check_attrs (cu, expected, cert); - - teardown (cu); + test_check_attrs (expected, cert); } static void -test_parse_pem_certificate (CuTest *cu) +test_parse_pem_certificate (void) { CK_ATTRIBUTE *cert; int ret; @@ -140,23 +136,19 @@ test_parse_pem_certificate (CuTest *cu) { CKA_INVALID }, }; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.pem", P11_PARSE_FLAG_NONE); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - CuAssertIntEquals (cu, 1, p11_index_size (test.index)); + assert_num_eq (1, p11_index_size (test.index)); cert = parsed_attrs (certificate_match); - test_check_attrs (cu, expected, cert); - - teardown (cu); + test_check_attrs (expected, cert); } static void -test_parse_p11_kit_persist (CuTest *cu) +test_parse_p11_kit_persist (void) { CK_ATTRIBUTE *cert; int ret; @@ -171,23 +163,19 @@ test_parse_p11_kit_persist (CuTest *cu) { CKA_INVALID }, }; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/input/verisign-v1.p11-kit", P11_PARSE_FLAG_NONE); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - CuAssertIntEquals (cu, 1, p11_index_size (test.index)); + assert_num_eq (1, p11_index_size (test.index)); cert = parsed_attrs (certificate_match); - test_check_attrs (cu, expected, cert); - - teardown (cu); + test_check_attrs (expected, cert); } static void -test_parse_openssl_trusted (CuTest *cu) +test_parse_openssl_trusted (void) { CK_ATTRIBUTE cacert3[] = { { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, @@ -228,40 +216,36 @@ test_parse_openssl_trusted (CuTest *cu) int ret; int i; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3-trusted.pem", P11_PARSE_FLAG_ANCHOR); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); /* * Should have gotten: * - 1 certificate * - 2 stapled extensions */ - CuAssertIntEquals (cu, 3, p11_index_size (test.index)); + assert_num_eq (3, p11_index_size (test.index)); /* The certificate */ cert = parsed_attrs (certificate_match); - test_check_attrs (cu, expected[0], cert); + test_check_attrs (expected[0], cert); /* The other objects */ for (i = 1; expected[i]; i++) { handle = p11_index_find (test.index, expected[i], 2); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); object = p11_index_lookup (test.index, handle); - CuAssertPtrNotNull (cu, object); + assert_ptr_not_null (object); - test_check_attrs (cu, expected[i], object); - test_check_id (cu, cert, object); + test_check_attrs (expected[i], object); + test_check_id (cert, object); } - - teardown (cu); } static void -test_parse_openssl_distrusted (CuTest *cu) +test_parse_openssl_distrusted (void) { CK_ATTRIBUTE distrust_cert[] = { { CKA_CLASS, &certificate, sizeof (certificate), }, @@ -301,42 +285,38 @@ test_parse_openssl_distrusted (CuTest *cu) int ret; int i; - setup (cu); - /* * OpenSSL style is to litter the blacklist in with the anchors, * so we parse this as an anchor, but expect it to be blacklisted */ ret = p11_parse_file (test.parser, SRCDIR "/files/distrusted.pem", P11_PARSE_FLAG_ANCHOR); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); /* * Should have gotten: * - 1 certificate * - 2 stapled extensions */ - CuAssertIntEquals (cu, 3, p11_index_size (test.index)); + assert_num_eq (3, p11_index_size (test.index)); cert = parsed_attrs (certificate_match); - test_check_attrs (cu, expected[0], cert); + test_check_attrs (expected[0], cert); /* The other objects */ for (i = 1; expected[i]; i++) { handle = p11_index_find (test.index, expected[i], 2); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); object = p11_index_lookup (test.index, handle); - CuAssertPtrNotNull (cu, object); + assert_ptr_not_null (object); - test_check_attrs (cu, expected[i], object); - test_check_id (cu, cert, object); + test_check_attrs (expected[i], object); + test_check_id (cert, object); } - - teardown (cu); } static void -test_parse_anchor (CuTest *cu) +test_parse_anchor (void) { CK_ATTRIBUTE cacert3[] = { { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, @@ -351,26 +331,22 @@ test_parse_anchor (CuTest *cu) CK_ATTRIBUTE *cert; int ret; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", P11_PARSE_FLAG_ANCHOR); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); /* * Should have gotten: * - 1 certificate */ - CuAssertIntEquals (cu, 1, p11_index_size (test.index)); + assert_num_eq (1, p11_index_size (test.index)); cert = parsed_attrs (certificate_match); - test_check_attrs (cu, cacert3, cert); - - teardown (cu); + test_check_attrs (cacert3, cert); } static void -test_parse_thawte (CuTest *cu) +test_parse_thawte (void) { CK_ATTRIBUTE *cert; int ret; @@ -384,61 +360,49 @@ test_parse_thawte (CuTest *cu) { CKA_INVALID }, }; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/files/thawte.pem", P11_PARSE_FLAG_NONE); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); /* Should have gotten certificate */ - CuAssertIntEquals (cu, 1, p11_index_size (test.index)); + assert_num_eq (1, p11_index_size (test.index)); cert = parsed_attrs (certificate_match); - test_check_attrs (cu, expected, cert); - - teardown (cu); + test_check_attrs (expected, cert); } /* TODO: A certificate that uses generalTime needs testing */ static void -test_parse_invalid_file (CuTest *cu) +test_parse_invalid_file (void) { int ret; - setup (cu); - p11_message_quiet (); ret = p11_parse_file (test.parser, "/nonexistant", P11_PARSE_FLAG_NONE); - CuAssertIntEquals (cu, P11_PARSE_FAILURE, ret); + assert_num_eq (P11_PARSE_FAILURE, ret); p11_message_loud (); - - teardown (cu); } static void -test_parse_unrecognized (CuTest *cu) +test_parse_unrecognized (void) { int ret; - setup (cu); - p11_message_quiet (); ret = p11_parse_file (test.parser, SRCDIR "/files/unrecognized-file.txt", P11_PARSE_FLAG_NONE); - CuAssertIntEquals (cu, P11_PARSE_UNRECOGNIZED, ret); + assert_num_eq (P11_PARSE_UNRECOGNIZED, ret); p11_message_loud (); - - teardown (cu); } static void -test_duplicate (CuTest *cu) +test_duplicate (void) { CK_ATTRIBUTE cacert3[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -454,36 +418,33 @@ test_duplicate (CuTest *cu) CK_ATTRIBUTE *cert; int ret; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", 0); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); p11_message_quiet (); /* This shouldn't be added, should print a message */ ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", 0); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); - CuAssertTrue (cu, strstr (p11_message_last (), "duplicate") != NULL); + assert (strstr (p11_message_last (), "duplicate") != NULL); p11_message_loud (); /* Should only be one certificate since the above two are identical */ handles = p11_index_find_all (test.index, cacert3, 2); - CuAssertPtrNotNull (cu, handles); - CuAssertTrue (cu, handles[0] != 0); - CuAssertTrue (cu, handles[1] == 0); + assert_ptr_not_null (handles); + assert (handles[0] != 0); + assert (handles[1] == 0); cert = p11_index_lookup (test.index, handles[0]); - test_check_attrs (cu, cacert3, cert); + test_check_attrs (cacert3, cert); free (handles); - teardown (cu); } static void -test_duplicate_priority (CuTest *cu) +test_duplicate_priority (void) { CK_ATTRIBUTE cacert3[] = { { CKA_CLASS, &certificate, sizeof (certificate) }, @@ -515,29 +476,27 @@ test_duplicate_priority (CuTest *cu) CK_ATTRIBUTE *cert; int ret; - setup (cu); - ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", 0); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); p11_message_quiet (); /* This shouldn't be added, should print a message */ ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", P11_PARSE_FLAG_ANCHOR); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); - CuAssertTrue (cu, strstr (p11_message_last (), "duplicate") != NULL); + assert (strstr (p11_message_last (), "duplicate") != NULL); p11_message_loud (); /* We should now find the trusted certificate */ handles = p11_index_find_all (test.index, cacert3, 2); - CuAssertPtrNotNull (cu, handles); - CuAssertTrue (cu, handles[0] != 0); - CuAssertTrue (cu, handles[1] == 0); + assert_ptr_not_null (handles); + assert (handles[0] != 0); + assert (handles[1] == 0); cert = p11_index_lookup (test.index, handles[0]); - test_check_attrs (cu, trusted, cert); + test_check_attrs (trusted, cert); free (handles); /* Now add a distrutsed one, this should override the trusted */ @@ -546,51 +505,35 @@ test_duplicate_priority (CuTest *cu) ret = p11_parse_file (test.parser, SRCDIR "/files/cacert3.der", P11_PARSE_FLAG_BLACKLIST); - CuAssertIntEquals (cu, P11_PARSE_SUCCESS, ret); + assert_num_eq (P11_PARSE_SUCCESS, ret); p11_message_loud (); /* We should now find the distrusted certificate */ handles = p11_index_find_all (test.index, cacert3, 2); - CuAssertPtrNotNull (cu, handles); - CuAssertTrue (cu, handles[0] != 0); - CuAssertTrue (cu, handles[1] == 0); + assert_ptr_not_null (handles); + assert (handles[0] != 0); + assert (handles[1] == 0); cert = p11_index_lookup (test.index, handles[0]); - test_check_attrs (cu, distrust, cert); + test_check_attrs (distrust, cert); free (handles); - - teardown (cu); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_parse_der_certificate); - SUITE_ADD_TEST (suite, test_parse_pem_certificate); - SUITE_ADD_TEST (suite, test_parse_p11_kit_persist); - SUITE_ADD_TEST (suite, test_parse_openssl_trusted); - SUITE_ADD_TEST (suite, test_parse_openssl_distrusted); - SUITE_ADD_TEST (suite, test_parse_anchor); - SUITE_ADD_TEST (suite, test_parse_thawte); - SUITE_ADD_TEST (suite, test_parse_invalid_file); - SUITE_ADD_TEST (suite, test_parse_unrecognized); - SUITE_ADD_TEST (suite, test_duplicate); - SUITE_ADD_TEST (suite, test_duplicate_priority); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_fixture (setup, teardown); + p11_test (test_parse_der_certificate, "/parser/parse_der_certificate"); + p11_test (test_parse_pem_certificate, "/parser/parse_pem_certificate"); + p11_test (test_parse_p11_kit_persist, "/parser/parse_p11_kit_persist"); + p11_test (test_parse_openssl_trusted, "/parser/parse_openssl_trusted"); + p11_test (test_parse_openssl_distrusted, "/parser/parse_openssl_distrusted"); + p11_test (test_parse_anchor, "/parser/parse_anchor"); + p11_test (test_parse_thawte, "/parser/parse_thawte"); + p11_test (test_parse_invalid_file, "/parser/parse_invalid_file"); + p11_test (test_parse_unrecognized, "/parser/parse_unrecognized"); + p11_test (test_duplicate, "/parser/duplicate"); + p11_test (test_duplicate_priority, "/parser/duplicate_priority"); + return p11_test_run (argc, argv); } diff --git a/trust/tests/test-persist.c b/trust/tests/test-persist.c index ee73331..107f131 100644 --- a/trust/tests/test-persist.c +++ b/trust/tests/test-persist.c @@ -33,8 +33,10 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-trust.h" +#include <stdarg.h> #include <stdlib.h> #include <stdio.h> #include <string.h> @@ -48,10 +50,8 @@ #include "pkcs11.h" #include "pkcs11x.h" -#include "test-data.h" - static void -test_magic (CuTest *tc) +test_magic (void) { const char *input = "[p11-kit-object-v1]\n" "class: data\n" @@ -64,10 +64,10 @@ test_magic (CuTest *tc) "value: \"blah\"\n" "application: \"test-persist\"\n"; - CuAssertTrue (tc, p11_persist_magic ((unsigned char *)input, strlen (input))); - CuAssertTrue (tc, !p11_persist_magic ((unsigned char *)input, 5)); - CuAssertTrue (tc, p11_persist_magic ((unsigned char *)other, strlen (other))); - CuAssertTrue (tc, !p11_persist_magic ((unsigned char *)"blah", 4)); + assert (p11_persist_magic ((unsigned char *)input, strlen (input))); + assert (!p11_persist_magic ((unsigned char *)input, 5)); + assert (p11_persist_magic ((unsigned char *)other, strlen (other))); + assert (!p11_persist_magic ((unsigned char *)"blah", 4)); } static p11_array * @@ -94,9 +94,9 @@ args_to_array (void *arg, } static void -check_read_msg (CuTest *tc, - const char *file, +check_read_msg (const char *file, int line, + const char *function, const char *input, p11_array *expected) { @@ -108,14 +108,18 @@ check_read_msg (CuTest *tc, objects = p11_array_new (p11_attrs_free); if (p11_persist_read (persist, "test", (const unsigned char *)input, strlen (input), objects)) { - CuAssert_Line (tc, file, line, "decoding should have failed", expected != NULL); + if (expected == NULL) + p11_test_fail (file, line, function, "decoding should have failed"); for (i = 0; i < expected->num; i++) { - CuAssert_Line (tc, file, line, "too few objects read", i < objects->num); - test_check_attrs_msg (tc, file, line, expected->elem[i], objects->elem[i]); + if (i >= objects->num) + p11_test_fail (file, line, function, "too few objects read"); + test_check_attrs_msg (file, line, function, expected->elem[i], objects->elem[i]); } - CuAssert_Line (tc, file, line, "too many objects read", i == objects->num); + if (i != objects->num) + p11_test_fail (file, line, function, "too many objects read"); } else { - CuAssert_Line (tc, file, line, "decoding failed", expected == NULL); + if (expected != NULL) + p11_test_fail (file, line, function, "decoding failed"); } p11_array_free (objects); @@ -123,11 +127,43 @@ check_read_msg (CuTest *tc, p11_array_free (expected); } -#define check_read_success(tc, input, objs) \ - check_read_msg (tc, __FILE__, __LINE__, input, args_to_array objs) +static void +check_write_msg (const char *file, + int line, + const char *function, + const char *expected, + p11_array *input) +{ + p11_persist *persist; + p11_buffer buf; + int i; + + persist = p11_persist_new (); + p11_buffer_init_null (&buf, 0); + + for (i = 0; i < input->num; i++) { + if (!p11_persist_write (persist, input->elem[i], &buf)) + p11_test_fail (file, line, function, "persist write failed"); + } -#define check_read_failure(tc, input) \ - check_read_msg (tc, __FILE__, __LINE__, input, NULL) + if (strcmp (buf.data, expected) != 0) { + p11_test_fail (file, line, function, "persist doesn't match: (\n%s----\n%s\n)", \ + expected, (char *)buf.data); + } + + p11_buffer_uninit (&buf); + p11_array_free (input); + p11_persist_free (persist); +} + +#define check_read_success(input, objs) \ + check_read_msg (__FILE__, __LINE__, __FUNCTION__, input, args_to_array objs) + +#define check_read_failure(input) \ + check_read_msg (__FILE__, __LINE__, __FUNCTION__, input, NULL) + +#define check_write_success(expected, inputs) \ + check_write_msg (__FILE__, __LINE__, __FUNCTION__, expected, args_to_array inputs) static CK_OBJECT_CLASS certificate = CKO_CERTIFICATE; static CK_CERTIFICATE_TYPE x509 = CKC_X_509; @@ -137,53 +173,55 @@ static CK_BBOOL truev = CK_TRUE; static CK_BBOOL falsev = CK_FALSE; static void -test_simple (CuTest *tc) +test_simple (void) { - const char *input = "[p11-kit-object-v1]\n" + const char *output = "[p11-kit-object-v1]\n" "class: data\n" "value: \"blah\"\n" - "application: \"test-persist\"\n"; + "application: \"test-persist\"\n\n"; - CK_ATTRIBUTE expected[] = { + CK_ATTRIBUTE attrs[] = { { CKA_CLASS, &data, sizeof (data) }, { CKA_VALUE, "blah", 4 }, { CKA_APPLICATION, "test-persist", 12 }, { CKA_INVALID }, }; - check_read_success (tc, input, (expected, NULL)); + check_read_success (output, (attrs, NULL)); + check_write_success (output, (attrs, NULL)); } static void -test_number (CuTest *tc) +test_number (void) { - const char *input = "[p11-kit-object-v1]\n" + const char *output = "[p11-kit-object-v1]\n" "class: data\n" - "value: 29202390\n" - "application: \"test-persist\"\n"; + "value-len: 29202390\n" + "application: \"test-persist\"\n\n"; CK_ULONG value = 29202390; - CK_ATTRIBUTE expected[] = { + CK_ATTRIBUTE attrs[] = { { CKA_CLASS, &data, sizeof (data) }, - { CKA_VALUE, &value, sizeof (value) }, + { CKA_VALUE_LEN, &value, sizeof (value) }, { CKA_APPLICATION, "test-persist", 12 }, { CKA_INVALID }, }; - check_read_success (tc, input, (expected, NULL)); + check_read_success (output, (attrs, NULL)); + check_write_success (output, (attrs, NULL)); } static void -test_bool (CuTest *tc) +test_bool (void) { - const char *input = "[p11-kit-object-v1]\n" + const char *output = "[p11-kit-object-v1]\n" "class: data\n" "private: true\n" "modifiable: false\n" - "application: \"test-persist\"\n"; + "application: \"test-persist\"\n\n"; - CK_ATTRIBUTE expected[] = { + CK_ATTRIBUTE attrs[] = { { CKA_CLASS, &data, sizeof (data) }, { CKA_PRIVATE, &truev, sizeof (truev) }, { CKA_MODIFIABLE, &falsev, sizeof (falsev) }, @@ -191,72 +229,143 @@ test_bool (CuTest *tc) { CKA_INVALID }, }; - check_read_success (tc, input, (expected, NULL)); + check_read_success (output, (attrs, NULL)); + check_write_success (output, (attrs, NULL)); } static void -test_oid (CuTest *tc) +test_oid (void) { - const char *input = "[p11-kit-object-v1]\n" + const char *output = "[p11-kit-object-v1]\n" "class: data\n" - "object-id: 1.2.3.4"; + "object-id: 1.2.3.4\n\n"; - CK_ATTRIBUTE expected[] = { + CK_ATTRIBUTE attrs[] = { { CKA_CLASS, &data, sizeof (data) }, { CKA_OBJECT_ID, "\x06\x03*\x03\x04", 5 }, { CKA_INVALID }, }; - check_read_success (tc, input, (expected, NULL)); + check_read_success (output, (attrs, NULL)); + check_write_success (output, (attrs, NULL)); } static void -test_constant (CuTest *tc) +test_constant (void) { - const char *input = "[p11-kit-object-v1]\n" + const char *output = "[p11-kit-object-v1]\n" "class: data\n" - "trust-server-auth: nss-trust-unknown"; + "certificate-type: x-509-attr-cert\n" + "key-type: rsa\n" + "x-assertion-type: x-pinned-certificate\n" + "certificate-category: authority\n" + "mechanism-type: rsa-pkcs-key-pair-gen\n" + "trust-server-auth: nss-trust-unknown\n\n"; CK_TRUST trust = CKT_NSS_TRUST_UNKNOWN; + CK_CERTIFICATE_TYPE type = CKC_X_509_ATTR_CERT; + CK_X_ASSERTION_TYPE ass = CKT_X_PINNED_CERTIFICATE; + CK_MECHANISM_TYPE mech = CKM_RSA_PKCS_KEY_PAIR_GEN; + CK_ULONG category = 2; + CK_KEY_TYPE key = CKK_RSA; - CK_ATTRIBUTE expected[] = { + CK_ATTRIBUTE attrs[] = { { CKA_CLASS, &data, sizeof (data) }, + { CKA_CERTIFICATE_TYPE, &type, sizeof (type) }, + { CKA_KEY_TYPE, &key, sizeof (key) }, + { CKA_X_ASSERTION_TYPE, &ass, sizeof (ass) }, + { CKA_CERTIFICATE_CATEGORY, &category, sizeof (category) }, + { CKA_MECHANISM_TYPE, &mech, sizeof (mech) }, { CKA_TRUST_SERVER_AUTH, &trust, sizeof (trust) }, { CKA_INVALID }, }; - check_read_success (tc, input, (expected, NULL)); + check_read_success (output, (attrs, NULL)); + check_write_success (output, (attrs, NULL)); } static void -test_multiple (CuTest *tc) +test_unknown (void) { - const char *input = "[p11-kit-object-v1]\n" + const char *output = "[p11-kit-object-v1]\n" "class: data\n" - "object-id: 1.2.3.4\n" + "38383838: \"the-value-here\"\n\n"; + + CK_ATTRIBUTE attrs[] = { + { CKA_CLASS, &data, sizeof (data) }, + { 38383838, "the-value-here", 14 }, + { CKA_INVALID }, + }; + + check_read_success (output, (attrs, NULL)); + check_write_success (output, (attrs, NULL)); +} + +static void +test_multiple (void) +{ + const char *output = "[p11-kit-object-v1]\n" + "class: data\n" + "object-id: 1.2.3.4\n\n" "[p11-kit-object-v1]\n" "class: nss-trust\n" - "trust-server-auth: nss-trust-unknown"; + "trust-server-auth: nss-trust-unknown\n\n"; CK_TRUST trust = CKT_NSS_TRUST_UNKNOWN; - CK_ATTRIBUTE expected1[] = { + CK_ATTRIBUTE attrs1[] = { { CKA_CLASS, &data, sizeof (data) }, { CKA_OBJECT_ID, "\x06\x03*\x03\x04", 5 }, { CKA_INVALID }, }; - CK_ATTRIBUTE expected2[] = { + CK_ATTRIBUTE attrs2[] = { { CKA_CLASS, &nss_trust, sizeof (nss_trust) }, { CKA_TRUST_SERVER_AUTH, &trust, sizeof (trust) }, { CKA_INVALID }, }; - check_read_success (tc, input, (expected1, expected2, NULL)); + check_read_success (output, (attrs1, attrs2, NULL)); + check_write_success (output, (attrs1, attrs2, NULL)); } static void -test_pem_block (CuTest *tc) +test_pem_block (void) +{ + const char *output = "[p11-kit-object-v1]\n" + "id: \"292c92\"\n" + "trusted: true\n" + "-----BEGIN CERTIFICATE-----\n" + "MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkG\n" + "A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz\n" + "cyAxIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2\n" + "MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV\n" + "BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmlt\n" + "YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN\n" + "ADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0f\n" + "zGVuDLDQVoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHi\n" + "TkVWaR94AoDa3EeRKbs2yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0G\n" + "CSqGSIb3DQEBBQUAA4GBAFgVKTk8d6PaXCUDfGD67gmZPCcQcMgMCeazh88K4hiW\n" + "NWLMv5sneYlfycQJ9M61Hd8qveXbhpxoJeUwfLaJFf5n0a3hUKw8fGJLj7qE1xIV\n" + "Gx/KXQ/BUpQqEZnae88MNhPVNdwQGVnqlMEAv3WP2fr9dgTbYruQagPZRjXZ+Hxb\n" + "-----END CERTIFICATE-----\n" + "\n"; + + CK_ATTRIBUTE attrs[] = { + { CKA_CLASS, &certificate, sizeof (certificate) }, + { CKA_ID, "292c92", 6, }, + { CKA_CERTIFICATE_TYPE, &x509, sizeof (x509) }, + { CKA_VALUE, &verisign_v1_ca, sizeof (verisign_v1_ca) }, + { CKA_TRUSTED, &truev, sizeof (truev) }, + { CKA_INVALID }, + }; + + check_read_success (output, (attrs, NULL)); + check_write_success (output, (attrs, NULL)); +} + +static void +test_pem_middle (void) { const char *input = "[p11-kit-object-v1]\n" "class: certificate\n" @@ -286,11 +395,11 @@ test_pem_block (CuTest *tc) { CKA_INVALID }, }; - check_read_success (tc, input, (expected, NULL)); + check_read_success (input, (expected, NULL)); } static void -test_pem_invalid (CuTest *tc) +test_pem_invalid (void) { const char *input = "[p11-kit-object-v1]\n" "class: certificate\n" @@ -311,13 +420,13 @@ test_pem_invalid (CuTest *tc) p11_message_quiet (); - check_read_failure (tc, input); + check_read_failure (input); p11_message_loud (); } static void -test_pem_unsupported (CuTest *tc) +test_pem_unsupported (void) { const char *input = "[p11-kit-object-v1]\n" "class: certificate\n" @@ -327,13 +436,13 @@ test_pem_unsupported (CuTest *tc) p11_message_quiet (); - check_read_failure (tc, input); + check_read_failure (input); p11_message_loud (); } static void -test_pem_first (CuTest *tc) +test_pem_first (void) { const char *input = "-----BEGIN BLOCK1-----\n" "aYNNXqshlVxCdo8QfKeXh3GUzd/yn4LYIVgQrx4a\n" @@ -343,13 +452,13 @@ test_pem_first (CuTest *tc) p11_message_quiet (); - check_read_failure (tc, input); + check_read_failure (input); p11_message_loud (); } static void -test_skip_unknown (CuTest *tc) +test_skip_unknown (void) { const char *input = "[version-2]\n" "class: data\n" @@ -371,13 +480,13 @@ test_skip_unknown (CuTest *tc) p11_message_quiet (); - check_read_success (tc, input, (expected2, NULL)); + check_read_success (input, (expected2, NULL)); p11_message_loud (); } static void -test_bad_value (CuTest *tc) +test_bad_value (void) { const char *input = "[p11-kit-object-v1]\n" "class: data\n" @@ -385,13 +494,13 @@ test_bad_value (CuTest *tc) p11_message_quiet (); - check_read_failure (tc, input); + check_read_failure (input); p11_message_loud (); } static void -test_bad_oid (CuTest *tc) +test_bad_oid (void) { const char *input = "[p11-kit-object-v1]\n" "class: data\n" @@ -399,13 +508,13 @@ test_bad_oid (CuTest *tc) p11_message_quiet (); - check_read_failure (tc, input); + check_read_failure (input); p11_message_loud (); } static void -test_bad_field (CuTest *tc) +test_bad_field (void) { const char *input = "[p11-kit-object-v1]\n" "class: data\n" @@ -413,13 +522,13 @@ test_bad_field (CuTest *tc) p11_message_quiet (); - check_read_failure (tc, input); + check_read_failure (input); p11_message_loud (); } static void -test_attribute_first (CuTest *tc) +test_attribute_first (void) { const char *input = "class: data\n" "[p11-kit-object-v1]\n" @@ -427,45 +536,72 @@ test_attribute_first (CuTest *tc) p11_message_quiet (); - check_read_failure (tc, input); + check_read_failure (input); p11_message_loud (); } +static void +test_not_boolean (void) +{ + const char *output = "[p11-kit-object-v1]\n" + "private: \"x\"\n\n"; + + CK_ATTRIBUTE attrs[] = { + { CKA_PRIVATE, "x", 1 }, + { CKA_INVALID }, + }; + + check_write_success (output, (attrs, NULL)); +} + +static void +test_not_ulong (void) +{ + char buffer[sizeof (CK_ULONG) + 1]; + char *output; + + CK_ATTRIBUTE attrs[] = { + { CKA_BITS_PER_PIXEL, "xx", 2 }, + { CKA_VALUE, buffer, sizeof (CK_ULONG) }, + { CKA_INVALID }, + }; + + memset (buffer, 'x', sizeof (buffer)); + buffer[sizeof (CK_ULONG)] = 0; + + if (asprintf (&output, "[p11-kit-object-v1]\n" + "bits-per-pixel: \"xx\"\n" + "value: \"%s\"\n\n", buffer) < 0) + assert_not_reached (); + + check_write_success (output, (attrs, NULL)); + free (output); +} + int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_magic); - SUITE_ADD_TEST (suite, test_simple); - SUITE_ADD_TEST (suite, test_number); - SUITE_ADD_TEST (suite, test_bool); - SUITE_ADD_TEST (suite, test_oid); - SUITE_ADD_TEST (suite, test_constant); - SUITE_ADD_TEST (suite, test_multiple); - SUITE_ADD_TEST (suite, test_pem_block); - SUITE_ADD_TEST (suite, test_pem_invalid); - SUITE_ADD_TEST (suite, test_pem_unsupported); - SUITE_ADD_TEST (suite, test_pem_first); - SUITE_ADD_TEST (suite, test_bad_value); - SUITE_ADD_TEST (suite, test_bad_oid); - SUITE_ADD_TEST (suite, test_bad_field); - SUITE_ADD_TEST (suite, test_skip_unknown); - SUITE_ADD_TEST (suite, test_attribute_first); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_test (test_magic, "/persist/magic"); + p11_test (test_simple, "/persist/simple"); + p11_test (test_number, "/persist/number"); + p11_test (test_bool, "/persist/bool"); + p11_test (test_oid, "/persist/oid"); + p11_test (test_constant, "/persist/constant"); + p11_test (test_unknown, "/persist/unknown"); + p11_test (test_multiple, "/persist/multiple"); + p11_test (test_pem_block, "/persist/pem_block"); + p11_test (test_pem_middle, "/persist/pem-middle"); + p11_test (test_pem_invalid, "/persist/pem_invalid"); + p11_test (test_pem_unsupported, "/persist/pem_unsupported"); + p11_test (test_pem_first, "/persist/pem_first"); + p11_test (test_bad_value, "/persist/bad_value"); + p11_test (test_bad_oid, "/persist/bad_oid"); + p11_test (test_bad_field, "/persist/bad_field"); + p11_test (test_skip_unknown, "/persist/skip_unknown"); + p11_test (test_attribute_first, "/persist/attribute_first"); + p11_test (test_not_boolean, "/persist/not-boolean"); + p11_test (test_not_ulong, "/persist/not-ulong"); + return p11_test_run (argc, argv); } diff --git a/trust/tests/test-token.c b/trust/tests/test-token.c index ffd733f..d372814 100644 --- a/trust/tests/test-token.c +++ b/trust/tests/test-token.c @@ -33,7 +33,8 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" +#include "test-trust.h" #include <stdlib.h> #include <stdio.h> @@ -41,9 +42,9 @@ #include "attrs.h" #include "debug.h" +#include "path.h" #include "pkcs11x.h" #include "message.h" -#include "test-data.h" #include "token.h" struct { @@ -51,40 +52,35 @@ struct { } test; static void -setup (CuTest *cu, - const char *path) +setup (void *path) { test.token = p11_token_new (333, path, "Label"); - CuAssertPtrNotNull (cu, test.token); + assert_ptr_not_null (test.token); } static void -teardown (CuTest *cu) +teardown (void *path) { p11_token_free (test.token); memset (&test, 0, sizeof (test)); } static void -test_token_load (CuTest *cu) +test_token_load (void *path) { p11_index *index; int count; - setup (cu, SRCDIR "/input"); - count = p11_token_load (test.token); - CuAssertIntEquals (cu, 7, count); + assert_num_eq (7, count); /* A certificate and trust object for each parsed object + builtin */ index = p11_token_index (test.token); - CuAssertTrue (cu, ((count - 1) * 2) + 1 <= p11_index_size (index)); - - teardown (cu); + assert (((count - 1) * 2) + 1 <= p11_index_size (index)); } static void -test_token_flags (CuTest *cu) +test_token_flags (void *path) { CK_OBJECT_CLASS certificate = CKO_CERTIFICATE; CK_BBOOL falsev = CK_FALSE; @@ -178,78 +174,125 @@ test_token_flags (CuTest *cu) CK_ATTRIBUTE *object; int i; - setup (cu, SRCDIR "/input"); - if (p11_token_load (test.token) < 0) - CuFail (cu, "should not be reached"); + assert_not_reached (); /* The other objects */ for (i = 0; expected[i]; i++) { handle = p11_index_find (p11_token_index (test.token), expected[i], 2); - CuAssertTrue (cu, handle != 0); + assert (handle != 0); object = p11_index_lookup (p11_token_index (test.token), handle); - CuAssertPtrNotNull (cu, object); + assert_ptr_not_null (object); - test_check_attrs (cu, expected[i], object); + test_check_attrs (expected[i], object); } +} - teardown (cu); +static void +test_token_path (void *path) +{ + assert_str_eq (path, p11_token_get_path (test.token)); } static void -test_token_path (CuTest *cu) +test_token_label (void *path) { - setup (cu, "/wheee"); + assert_str_eq ("Label", p11_token_get_label (test.token)); +} + +static void +test_token_slot (void *path) +{ + assert_num_eq (333, p11_token_get_slot (test.token)); +} + +static void +test_not_writable (void) +{ + p11_token *token; - CuAssertStrEquals (cu, "/wheee", p11_token_get_path (test.token)); + token = p11_token_new (333, "/", "Label"); + assert (!p11_token_is_writable (token)); + p11_token_free (token); - teardown (cu); + token = p11_token_new (333, "", "Label"); + assert (!p11_token_is_writable (token)); + p11_token_free (token); + + token = p11_token_new (333, "/non-existant", "Label"); + assert (!p11_token_is_writable (token)); + p11_token_free (token); } static void -test_token_label (CuTest *cu) +test_writable_exists (void) { - setup (cu, "/wheee"); + char *directory; + p11_token *token; + + directory = p11_path_expand ("$TEMP/test-module.XXXXXX"); + if (!mkdtemp (directory)) + assert_not_reached (); + + token = p11_token_new (333, directory, "Label"); - CuAssertStrEquals (cu, "Label", p11_token_get_label (test.token)); + /* A writable directory since we created it */ + assert (p11_token_is_writable (token)); - teardown (cu); + p11_token_free (token); + + if (rmdir (directory) < 0) + assert_not_reached (); + + free (directory); } static void -test_token_slot (CuTest *cu) +test_writable_no_exist (void) { - setup (cu, "/unneeded"); + char *directory; + p11_token *token; + char *path; + + directory = p11_path_expand ("$TEMP/test-module.XXXXXX"); + if (!mkdtemp (directory)) + assert_not_reached (); - CuAssertIntEquals (cu, 333, p11_token_get_slot (test.token)); + path = p11_path_build (directory, "subdir", NULL); + assert (path != NULL); - teardown (cu); + token = p11_token_new (333, path, "Label"); + free (path); + + /* A writable directory since parent is writable */ + assert (p11_token_is_writable (token)); + + p11_token_free (token); + + if (rmdir (directory) < 0) + assert_not_reached (); + + free (directory); } int -main (void) +main (int argc, + char *argv[]) { - CuString *output = CuStringNew (); - CuSuite* suite = CuSuiteNew (); - int ret; - - putenv ("P11_KIT_STRICT=1"); - p11_debug_init (); - - SUITE_ADD_TEST (suite, test_token_load); - SUITE_ADD_TEST (suite, test_token_flags); - SUITE_ADD_TEST (suite, test_token_path); - SUITE_ADD_TEST (suite, test_token_label); - SUITE_ADD_TEST (suite, test_token_slot); - - CuSuiteRun (suite); - CuSuiteSummary (suite, output); - CuSuiteDetails (suite, output); - printf ("%s\n", output->buffer); - ret = suite->failCount; - CuSuiteDelete (suite); - CuStringDelete (output); - - return ret; + p11_fixture (setup, teardown); + p11_testx (test_token_load, SRCDIR "/input", "/token/load"); + p11_testx (test_token_flags, SRCDIR "/input", "/token/flags"); + + p11_fixture (setup, teardown); + p11_testx (test_token_path, "/wheee", "/token/path"); + p11_testx (test_token_label, "/wheee", "/token/label"); + p11_testx (test_token_slot, "/unneeded", "/token/slot"); + + p11_fixture (NULL, NULL); + p11_test (test_not_writable, "/token/not-writable"); + p11_test (test_writable_exists, "/token/writable-exists"); + p11_test (test_writable_no_exist, "/token/writable-no-exist"); + + return p11_test_run (argc, argv); } diff --git a/trust/tests/test-data.c b/trust/tests/test-trust.c index 6c55fd0..6a22946 100644 --- a/trust/tests/test-data.c +++ b/trust/tests/test-trust.c @@ -33,10 +33,10 @@ */ #include "config.h" -#include "CuTest.h" +#include "test.h" #include "attrs.h" -#include "test-data.h" +#include "test-trust.h" #include <assert.h> #include <stdlib.h> @@ -44,9 +44,9 @@ #include <string.h> void -test_check_object_msg (CuTest *cu, - const char *file, +test_check_object_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *attrs, CK_OBJECT_CLASS klass, const char *label) @@ -61,13 +61,13 @@ test_check_object_msg (CuTest *cu, { CKA_INVALID }, }; - test_check_attrs_msg (cu, file, line, expected, attrs); + test_check_attrs_msg (file, line, function, expected, attrs); } void -test_check_cacert3_ca_msg (CuTest *cu, - const char *file, +test_check_cacert3_ca_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *attrs, const char *label) { @@ -87,14 +87,14 @@ test_check_cacert3_ca_msg (CuTest *cu, { CKA_INVALID }, }; - test_check_object_msg (cu, file, line, attrs, CKO_CERTIFICATE, label); - test_check_attrs_msg (cu, file, line, expected, attrs); + test_check_object_msg (file, line, function, attrs, CKO_CERTIFICATE, label); + test_check_attrs_msg (file, line, function, expected, attrs); } void -test_check_id_msg (CuTest *cu, - const char *file, +test_check_id_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attr) { @@ -104,13 +104,13 @@ test_check_id_msg (CuTest *cu, one = p11_attrs_find (expected, CKA_ID); two = p11_attrs_find (attr, CKA_ID); - test_check_attr_msg (cu, file, line, CKA_INVALID, one, two); + test_check_attr_msg (file, line, function, CKA_INVALID, one, two); } void -test_check_attrs_msg (CuTest *cu, - const char *file, +test_check_attrs_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attrs) { @@ -122,39 +122,31 @@ test_check_attrs_msg (CuTest *cu, while (!p11_attrs_terminator (expected)) { attr = p11_attrs_find (attrs, expected->type); - test_check_attr_msg (cu, file, line, klass, expected, attr); + test_check_attr_msg (file, line, function, klass, expected, attr); expected++; } } void -test_check_attr_msg (CuTest *cu, - const char *file, +test_check_attr_msg (const char *file, int line, + const char *function, CK_OBJECT_CLASS klass, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attr) { - char *message; assert (expected != NULL); if (attr == NULL) { - asprintf (&message, "expected %s but found NULL", - p11_attr_to_string (expected, klass)); - CuFail_Line (cu, file, line, "attribute does not match", message); + p11_test_fail (file, line, function, + "attribute does not match: (expected %s but found NULL)", + p11_attr_to_string (expected, klass)); } if (!p11_attr_equal (attr, expected)) { - asprintf (&message, "expected %s but found %s", - p11_attr_to_string (expected, klass), - p11_attr_to_string (attr, klass)); - CuFail_Line (cu, file, line, "attribute does not match", message); + p11_test_fail (file, line, function, + "attribute does not match: (expected %s but found %s)", + p11_attr_to_string (expected, klass), + attr ? p11_attr_to_string (attr, klass) : "(null)"); } } - -void -test_fail_attrs_match (CuTest *cu, - const char *file, - const char *line, - CK_ATTRIBUTE *expect, - CK_ATTRIBUTE *attrs); diff --git a/trust/tests/test-data.h b/trust/tests/test-trust.h index 275dd70..672ae64 100644 --- a/trust/tests/test-data.h +++ b/trust/tests/test-trust.h @@ -39,50 +39,50 @@ #ifndef TEST_DATA_H_ #define TEST_DATA_H_ -#define test_check_object(cu, attrs, klass, label) \ - test_check_object_msg (cu, __FILE__, __LINE__, attrs, klass, label) +#define test_check_object(attrs, klass, label) \ + test_check_object_msg (__FILE__, __LINE__, __FUNCTION__, attrs, klass, label) -void test_check_object_msg (CuTest *cu, - const char *file, +void test_check_object_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *attrs, CK_OBJECT_CLASS klass, const char *label); -#define test_check_cacert3_ca(cu, attrs, label) \ - test_check_cacert3_ca_msg (cu, __FILE__, __LINE__, attrs, label) +#define test_check_cacert3_ca(attrs, label) \ + test_check_cacert3_ca_msg (__FILE__, __LINE__, __FUNCTION__, attrs, label) -void test_check_cacert3_ca_msg (CuTest *cu, - const char *file, +void test_check_cacert3_ca_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *attrs, const char *label); -#define test_check_attrs(cu, expected, attrs) \ - test_check_attrs_msg (cu, __FILE__, __LINE__, expected, attrs) +#define test_check_attrs(expected, attrs) \ + test_check_attrs_msg (__FILE__, __LINE__, __FUNCTION__, expected, attrs) -void test_check_attrs_msg (CuTest *cu, - const char *file, +void test_check_attrs_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attrs); -#define test_check_attr(cu, expected, attr) \ - test_check_attr_msg (cu, __FILE__, __LINE__, CKA_INVALID, expected, attr) +#define test_check_attr(expected, attr) \ + test_check_attr_msg (__FILE__, __LINE__, __FUNCTION__, CKA_INVALID, expected, attr) -void test_check_attr_msg (CuTest *cu, - const char *file, +void test_check_attr_msg (const char *file, int line, + const char *function, CK_OBJECT_CLASS klass, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attr); -#define test_check_id(cu, expected, attrs) \ - test_check_id_msg (cu, __FILE__, __LINE__, expected, attrs) +#define test_check_id(expected, attrs) \ + test_check_id_msg (__FILE__, __LINE__, __FUNCTION__, expected, attrs) -void test_check_id_msg (CuTest *cu, - const char *file, +void test_check_id_msg (const char *file, int line, + const char *function, CK_ATTRIBUTE *expected, CK_ATTRIBUTE *attr); diff --git a/trust/token.c b/trust/token.c index f48f66b..c5991df 100644 --- a/trust/token.c +++ b/trust/token.c @@ -65,6 +65,9 @@ struct _p11_token { char *label; CK_SLOT_ID slot; int loaded; + + bool checked_writable; + bool is_writable; }; static int @@ -314,3 +317,47 @@ p11_token_index (p11_token *token) return_val_if_fail (token != NULL, NULL); return token->index; } + +static bool +check_writable_directory (const char *path) +{ + struct stat sb; + char *parent; + bool ret; + + if (access (path, W_OK) == 0) + return stat (path, &sb) == 0 && S_ISDIR (sb.st_mode); + + switch (errno) { + case EACCES: + return false; + case ENOENT: + parent = p11_path_parent (path); + if (parent == NULL) + ret = false; + else + ret = check_writable_directory (parent); + free (parent); + return ret; + default: + p11_message ("couldn't access: %s: %s", path, strerror (errno)); + return false; + } +} + +bool +p11_token_is_writable (p11_token *token) +{ + /* + * This function attempts to determine whether a later write + * to this token will succeed so we can setup the appropriate + * token flags. Yes, it is racy, but that's inherent to the problem. + */ + + if (!token->checked_writable) { + token->is_writable = check_writable_directory (token->path); + token->checked_writable = true; + } + + return token->is_writable; +} diff --git a/trust/token.h b/trust/token.h index d7375e7..49140bb 100644 --- a/trust/token.h +++ b/trust/token.h @@ -57,4 +57,6 @@ const char * p11_token_get_label (p11_token *token); CK_SLOT_ID p11_token_get_slot (p11_token *token); +bool p11_token_is_writable (p11_token *token); + #endif /* P11_TOKEN_H_ */ |