diff options
Diffstat (limited to 'trust/tests')
| -rw-r--r-- | trust/tests/frob-token.c | 4 | ||||
| -rw-r--r-- | trust/tests/test-module.c | 283 | ||||
| -rw-r--r-- | trust/tests/test-session.c | 2 | ||||
| -rw-r--r-- | trust/tests/test-token.c | 33 |
4 files changed, 281 insertions, 41 deletions
diff --git a/trust/tests/frob-token.c b/trust/tests/frob-token.c index 23856cf..976fb2b 100644 --- a/trust/tests/frob-token.c +++ b/trust/tests/frob-token.c @@ -48,11 +48,11 @@ main (int argc, int count; if (argc != 2) { - fprintf (stderr, "usage: frob-token anchor:paths\n"); + fprintf (stderr, "usage: frob-token path\n"); return 2; } - token = p11_token_new (argv[1]); + token = p11_token_new (1, argv[1]); count = p11_token_load (token); printf ("%d files loaded\n", count); diff --git a/trust/tests/test-module.c b/trust/tests/test-module.c index 52fbe03..d811f1d 100644 --- a/trust/tests/test-module.c +++ b/trust/tests/test-module.c @@ -49,10 +49,19 @@ #include "test-data.h" #include "token.h" +#include <assert.h> + +/* + * This is the number of input paths. Should match the + * paths below near : + * + * paths='%s' + */ +#define NUM_SLOTS 3 + struct { CK_FUNCTION_LIST *module; - CK_SLOT_ID slot; - CK_SESSION_HANDLE session; + CK_SLOT_ID slots[NUM_SLOTS]; } test; static void @@ -71,7 +80,7 @@ setup (CuTest *cu) CuAssertTrue (cu, rv == CKR_OK); memset (&args, 0, sizeof (args)); - paths = SRCDIR "/input:" SRCDIR "/files/cacert-ca.der"; + paths = SRCDIR "/input:" SRCDIR "/files/cacert-ca.der:" SRCDIR "/files/testing-server.der"; if (asprintf (&arguments, "paths='%s'", paths) < 0) CuAssertTrue (cu, false && "not reached"); args.pReserved = arguments; @@ -82,13 +91,10 @@ setup (CuTest *cu) free (arguments); - count = 1; - rv = test.module->C_GetSlotList (CK_TRUE, &test.slot, &count); - CuAssertTrue (cu, rv == CKR_OK); - CuAssertTrue (cu, count == 1); - - rv = test.module->C_OpenSession (test.slot, CKF_SERIAL_SESSION, NULL, NULL, &test.session); + count = NUM_SLOTS; + rv = test.module->C_GetSlotList (CK_TRUE, test.slots, &count); CuAssertTrue (cu, rv == CKR_OK); + CuAssertTrue (cu, count == NUM_SLOTS); } static void @@ -96,38 +102,238 @@ teardown (CuTest *cu) { CK_RV rv; - rv = test.module->C_CloseSession (test.session); - CuAssertTrue (cu, rv == CKR_OK); - rv = test.module->C_Finalize (NULL); CuAssertTrue (cu, rv == CKR_OK); memset (&test, 0, sizeof (test)); } +static void +test_get_slot_list (CuTest *cu) +{ + CK_SLOT_ID slots[NUM_SLOTS]; + CK_ULONG count; + CK_RV rv; + int i; + + setup (cu); + + rv = test.module->C_GetSlotList (TRUE, NULL, &count); + CuAssertIntEquals (cu, CKR_OK, rv); + CuAssertIntEquals (cu, NUM_SLOTS, count); + + count = 1; + rv = test.module->C_GetSlotList (TRUE, slots, &count); + CuAssertIntEquals (cu, CKR_BUFFER_TOO_SMALL, rv); + CuAssertIntEquals (cu, NUM_SLOTS, count); + + count = NUM_SLOTS; + memset (slots, 0, sizeof (slots)); + rv = test.module->C_GetSlotList (TRUE, slots, &count); + CuAssertIntEquals (cu, CKR_OK, rv); + CuAssertIntEquals (cu, NUM_SLOTS, count); + + for (i = 0; i < NUM_SLOTS; i++) + CuAssertTrue (cu, slots[i] != 0); + + teardown (cu); +} + +static void +test_get_slot_info (CuTest *cu) +{ + CK_SLOT_ID slots[NUM_SLOTS]; + CK_SLOT_INFO info; + char description[64]; + CK_ULONG count; + CK_RV rv; + int i; + + /* These are the paths passed in in setup() */ + const char *paths[] = { + SRCDIR "/input", + SRCDIR "/files/cacert-ca.der", + SRCDIR "/files/testing-server.der" + }; + + setup (cu); + + count = NUM_SLOTS; + rv = test.module->C_GetSlotList (TRUE, slots, &count); + CuAssertIntEquals (cu, CKR_OK, rv); + CuAssertIntEquals (cu, NUM_SLOTS, count); + + for (i = 0; i < NUM_SLOTS; i++) { + rv = test.module->C_GetSlotInfo (slots[i], &info); + CuAssertIntEquals (cu, CKR_OK, rv); + + memset (description, ' ', sizeof (description)); + assert (strlen (paths[i]) <= sizeof (description)); + memcpy (description, paths[i], strlen (paths[i])); + CuAssertTrue (cu, memcmp (info.slotDescription, description, sizeof (description)) == 0); + } + + teardown (cu); +} + +static void +test_get_token_info (CuTest *cu) +{ + CK_SLOT_ID slots[NUM_SLOTS]; + CK_TOKEN_INFO info; + char label[32]; + CK_ULONG count; + CK_RV rv; + int i; + + /* These are the paths passed in in setup() */ + const char *labels[] = { + "input", + "cacert-ca.der", + "testing-server.der" + }; + + setup (cu); + + count = NUM_SLOTS; + rv = test.module->C_GetSlotList (TRUE, slots, &count); + CuAssertIntEquals (cu, CKR_OK, rv); + CuAssertIntEquals (cu, NUM_SLOTS, count); + + for (i = 0; i < NUM_SLOTS; i++) { + rv = test.module->C_GetTokenInfo (slots[i], &info); + CuAssertIntEquals (cu, CKR_OK, rv); + + memset (label, ' ', sizeof (label)); + memcpy (label, labels[i], strlen (labels[i])); + CuAssertTrue (cu, memcmp (info.label, label, sizeof (label)) == 0); + } + + teardown (cu); +} + +static void +test_get_session_info (CuTest *cu) +{ + CK_SLOT_ID slots[NUM_SLOTS]; + CK_SESSION_HANDLE sessions[NUM_SLOTS]; + CK_SESSION_INFO info; + CK_ULONG count; + CK_RV rv; + int i; + + setup (cu); + + count = NUM_SLOTS; + rv = test.module->C_GetSlotList (TRUE, slots, &count); + CuAssertIntEquals (cu, CKR_OK, rv); + CuAssertIntEquals (cu, NUM_SLOTS, count); + + /* Open two sessions with each token */ + for (i = 0; i < NUM_SLOTS; i++) { + rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i]); + CuAssertIntEquals (cu, CKR_OK, rv); + + rv = test.module->C_GetSessionInfo (sessions[i], &info); + CuAssertIntEquals (cu, CKR_OK, rv); + + CuAssertIntEquals (cu, slots[i], info.slotID); + CuAssertIntEquals (cu, CKF_SERIAL_SESSION, info.flags); + } + + teardown (cu); +} + +static void +test_close_all_sessions (CuTest *cu) +{ + CK_SLOT_ID slots[NUM_SLOTS]; + CK_SESSION_HANDLE sessions[NUM_SLOTS][2]; + CK_SESSION_INFO info; + CK_ULONG count; + CK_RV rv; + int i; + + setup (cu); + + count = NUM_SLOTS; + rv = test.module->C_GetSlotList (TRUE, slots, &count); + CuAssertIntEquals (cu, CKR_OK, rv); + CuAssertIntEquals (cu, NUM_SLOTS, count); + + /* Open two sessions with each token */ + for (i = 0; i < NUM_SLOTS; i++) { + rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i][0]); + CuAssertIntEquals (cu, CKR_OK, rv); + + rv = test.module->C_GetSessionInfo (sessions[i][0], &info); + CuAssertIntEquals (cu, CKR_OK, rv); + + rv = test.module->C_OpenSession (slots[i], CKF_SERIAL_SESSION, NULL, NULL, &sessions[i][1]); + CuAssertIntEquals (cu, CKR_OK, rv); + + rv = test.module->C_GetSessionInfo (sessions[i][0], &info); + CuAssertIntEquals (cu, CKR_OK, rv); + } + + /* Close all the sessions on the first token */ + rv = test.module->C_CloseAllSessions (slots[0]); + CuAssertIntEquals (cu, CKR_OK, rv); + + /* Those sessions should be closed */ + rv = test.module->C_GetSessionInfo (sessions[0][0], &info); + CuAssertIntEquals (cu, CKR_SESSION_HANDLE_INVALID, rv); + rv = test.module->C_GetSessionInfo (sessions[0][1], &info); + CuAssertIntEquals (cu, CKR_SESSION_HANDLE_INVALID, rv); + + /* Other sessions should still be open */ + for (i = 1; i < NUM_SLOTS; i++) { + rv = test.module->C_GetSessionInfo (sessions[i][0], &info); + CuAssertIntEquals (cu, CKR_OK, rv); + rv = test.module->C_GetSessionInfo (sessions[i][0], &info); + CuAssertIntEquals (cu, CKR_OK, rv); + } + + teardown (cu); +} + static CK_ULONG find_objects (CuTest *cu, CK_ATTRIBUTE *match, + CK_OBJECT_HANDLE *sessions, CK_OBJECT_HANDLE *objects, - CK_ULONG num_objects) + CK_ULONG max_objects) { + CK_SESSION_HANDLE session; CK_RV rv; + CK_ULONG found; CK_ULONG count; + int i, j; - count = p11_attrs_count (match); + found = 0; + for (i = 0; i < NUM_SLOTS; i++) { + rv = test.module->C_OpenSession (test.slots[i], CKF_SERIAL_SESSION, NULL, NULL, &session); + CuAssertTrue (cu, rv == CKR_OK); - rv = test.module->C_FindObjectsInit (test.session, match, count); - CuAssertTrue (cu, rv == CKR_OK); - rv = test.module->C_FindObjects (test.session, objects, num_objects, &num_objects); - CuAssertTrue (cu, rv == CKR_OK); - rv = test.module->C_FindObjectsFinal (test.session); - CuAssertTrue (cu, rv == CKR_OK); + rv = test.module->C_FindObjectsInit (session, match, p11_attrs_count (match)); + CuAssertTrue (cu, rv == CKR_OK); + rv = test.module->C_FindObjects (session, objects + found, max_objects - found, &count); + CuAssertTrue (cu, rv == CKR_OK); + rv = test.module->C_FindObjectsFinal (session); + CuAssertTrue (cu, rv == CKR_OK); - return num_objects; + for (j = found ; j < found + count; j++) + sessions[j] = session; + found += count; + } + + assert (found < max_objects); + return found; } static void check_trust_object_equiv (CuTest *cu, + CK_SESSION_HANDLE session, CK_OBJECT_HANDLE trust, CK_ATTRIBUTE *cert) { @@ -150,7 +356,7 @@ check_trust_object_equiv (CuTest *cu, { CKA_INVALID, }, }; - rv = test.module->C_GetAttributeValue (test.session, trust, equiv, 6); + rv = test.module->C_GetAttributeValue (session, trust, equiv, 6); CuAssertTrue (cu, rv == CKR_OK); test_check_attrs (cu, equiv, cert); @@ -158,6 +364,7 @@ check_trust_object_equiv (CuTest *cu, static void check_trust_object_hashes (CuTest *cu, + CK_SESSION_HANDLE session, CK_OBJECT_HANDLE trust, CK_ATTRIBUTE *cert) { @@ -173,7 +380,7 @@ check_trust_object_hashes (CuTest *cu, { CKA_INVALID, }, }; - rv = test.module->C_GetAttributeValue (test.session, trust, hashes, 2); + rv = test.module->C_GetAttributeValue (session, trust, hashes, 2); CuAssertTrue (cu, rv == CKR_OK); value = p11_attrs_find (cert, CKA_VALUE); @@ -193,6 +400,7 @@ check_has_trust_object (CuTest *cu, CK_OBJECT_CLASS trust_object = CKO_NSS_TRUST; CK_ATTRIBUTE klass = { CKA_CLASS, &trust_object, sizeof (trust_object) }; CK_OBJECT_HANDLE objects[2]; + CK_SESSION_HANDLE sessions[2]; CK_ATTRIBUTE *match; CK_ATTRIBUTE *attr; CK_ULONG count; @@ -201,15 +409,16 @@ check_has_trust_object (CuTest *cu, CuAssertPtrNotNull (cu, attr); match = p11_attrs_build (NULL, &klass, attr, NULL); - count = find_objects (cu, match, objects, 2); + count = find_objects (cu, match, sessions, objects, 2); CuAssertIntEquals (cu, 1, count); - check_trust_object_equiv (cu, objects[0], cert); - check_trust_object_hashes (cu, objects[0], cert); + check_trust_object_equiv (cu, sessions[0], objects[0], cert); + check_trust_object_hashes (cu, sessions[0], objects[0], cert); } static void check_certificate (CuTest *cu, + CK_SESSION_HANDLE session, CK_OBJECT_HANDLE handle) { unsigned char label[4096]= { 0, }; @@ -249,7 +458,7 @@ check_certificate (CuTest *cu, }; /* Note that we don't pass the CKA_INVALID attribute in */ - rv = test.module->C_GetAttributeValue (test.session, handle, attrs, 15); + rv = test.module->C_GetAttributeValue (session, handle, attrs, 15); CuAssertTrue (cu, rv == CKR_OK); /* If this is the cacert3 certificate, check its values */ @@ -270,7 +479,7 @@ check_certificate (CuTest *cu, test_check_cacert3_ca (cu, attrs, NULL); /* Get anchor specific attributes */ - rv = test.module->C_GetAttributeValue (test.session, handle, anchor, 1); + rv = test.module->C_GetAttributeValue (session, handle, anchor, 1); CuAssertTrue (cu, rv == CKR_OK); /* It lives in the trusted directory */ @@ -295,16 +504,17 @@ test_find_certificates (CuTest *cu) }; CK_OBJECT_HANDLE objects[16]; + CK_SESSION_HANDLE sessions[16]; CK_ULONG count; CK_ULONG i; setup (cu); - count = find_objects (cu, match, objects, 16); - CuAssertIntEquals (cu, 6, count); + count = find_objects (cu, match, sessions, objects, 16); + CuAssertIntEquals (cu, 7, count); for (i = 0; i < count; i++) - check_certificate (cu, objects[i]); + check_certificate (cu, sessions[i], objects[i]); teardown (cu); } @@ -325,12 +535,14 @@ test_find_builtin (CuTest *cu) }; CK_OBJECT_HANDLE objects[16]; + CK_SESSION_HANDLE sessions[16]; CK_ULONG count; setup (cu); - count = find_objects (cu, match, objects, 16); - CuAssertIntEquals (cu, 1, count); + /* One per token */ + count = find_objects (cu, match, sessions, objects, 16); + CuAssertIntEquals (cu, NUM_SLOTS, count); teardown (cu); } @@ -346,6 +558,11 @@ main (void) p11_library_init (); p11_debug_init (); + SUITE_ADD_TEST (suite, test_get_slot_list); + SUITE_ADD_TEST (suite, test_get_slot_info); + SUITE_ADD_TEST (suite, test_get_token_info); + SUITE_ADD_TEST (suite, test_get_session_info); + SUITE_ADD_TEST (suite, test_close_all_sessions); SUITE_ADD_TEST (suite, test_find_certificates); SUITE_ADD_TEST (suite, test_find_builtin); diff --git a/trust/tests/test-session.c b/trust/tests/test-session.c index e9031f2..6183e7c 100644 --- a/trust/tests/test-session.c +++ b/trust/tests/test-session.c @@ -53,7 +53,7 @@ struct { static void setup (CuTest *cu) { - test.token = p11_token_new (""); + test.token = p11_token_new (1, "/nonexistant"); CuAssertPtrNotNull (cu, test.token); test.session = p11_session_new (test.token); diff --git a/trust/tests/test-token.c b/trust/tests/test-token.c index c566406..96f7a6c 100644 --- a/trust/tests/test-token.c +++ b/trust/tests/test-token.c @@ -51,9 +51,10 @@ struct { } test; static void -setup (CuTest *cu) +setup (CuTest *cu, + const char *path) { - test.token = p11_token_new (SRCDIR "/input:" SRCDIR "/files/self-server.der:" SRCDIR "/files/cacert-ca.der"); + test.token = p11_token_new (333, path); CuAssertPtrNotNull (cu, test.token); } @@ -70,10 +71,10 @@ test_token_load (CuTest *cu) p11_dict *objects; int count; - setup (cu); + setup (cu, SRCDIR "/input"); count = p11_token_load (test.token); - CuAssertIntEquals (cu, 7, count); + CuAssertIntEquals (cu, 6, count); /* A certificate and trust object for each parsed object + builtin */ objects = p11_token_objects (test.token); @@ -183,7 +184,7 @@ test_token_flags (CuTest *cu) { CKA_INVALID }, }; - setup (cu); + setup (cu, SRCDIR "/input"); if (p11_token_load (test.token) < 0) CuFail (cu, "should not be reached"); @@ -197,6 +198,26 @@ test_token_flags (CuTest *cu) teardown (cu); } +static void +test_token_path (CuTest *cu) +{ + setup (cu, "/wheee"); + + CuAssertStrEquals (cu, "/wheee", p11_token_get_path (test.token)); + + teardown (cu); +} + +static void +test_token_slot (CuTest *cu) +{ + setup (cu, "/unneeded"); + + CuAssertIntEquals (cu, 333, p11_token_get_slot (test.token)); + + teardown (cu); +} + int main (void) { @@ -211,6 +232,8 @@ main (void) SUITE_ADD_TEST (suite, test_token_load); SUITE_ADD_TEST (suite, test_token_flags); + SUITE_ADD_TEST (suite, test_token_path); + SUITE_ADD_TEST (suite, test_token_slot); CuSuiteRun (suite); CuSuiteSummary (suite, output); |