[pkg-opensc-commit] [libp11] 36/67: Added a test case for private/public key enumeration
Eric Dorland
eric at moszumanska.debian.org
Sat Jan 30 05:34:15 UTC 2016
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository libp11.
commit b7e39dbb8d9347df845d820f567dd1f85655df64
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date: Mon Jan 4 16:53:53 2016 +0100
Added a test case for private/public key enumeration
---
examples/Makefile.am | 2 +-
examples/listkeys.c | 136 +++++++++++++++++++++++++++++++++++++++++++++
tests/Makefile.am | 5 +-
tests/common.sh | 5 ++
tests/pubkey.der | Bin 0 -> 294 bytes
tests/testlistkeys.softhsm | 32 +++++++++++
6 files changed, 177 insertions(+), 3 deletions(-)
diff --git a/examples/Makefile.am b/examples/Makefile.am
index 0a62672..67d8a3d 100644
--- a/examples/Makefile.am
+++ b/examples/Makefile.am
@@ -4,7 +4,7 @@ AM_CPPFLAGS = -I$(srcdir) -I$(top_srcdir)/src \
EXTRA_DIST = README
-noinst_PROGRAMS = auth decrypt getrandom
+noinst_PROGRAMS = auth decrypt getrandom listkeys
LDADD = ../src/libp11.la $(OPENSSL_LIBS)
diff --git a/examples/listkeys.c b/examples/listkeys.c
new file mode 100644
index 0000000..f7a49d8
--- /dev/null
+++ b/examples/listkeys.c
@@ -0,0 +1,136 @@
+/* libp11 example code: listkeys.c
+ *
+ * This examply simply connects to your smart card
+ * and list the keys.
+ *
+ * Feel free to copy all of the code as needed.
+ *
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <termios.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <libp11.h>
+#include <unistd.h>
+
+#define RANDOM_SOURCE "/dev/urandom"
+#define RANDOM_SIZE 20
+#define MAX_SIGSIZE 256
+
+static void list_keys(const char *title,
+ const PKCS11_KEY *keys, const unsigned int nkeys);
+static void error_queue(const char *name);
+
+#define CHECK_ERR(cond, txt, code) \
+ do { \
+ if (cond) { \
+ fprintf(stderr, "%s\n", (txt)); \
+ rc=(code); \
+ goto end; \
+ } \
+ } while (0)
+
+int main(int argc, char *argv[])
+{
+ PKCS11_CTX *ctx=NULL;
+ PKCS11_SLOT *slots=NULL, *slot;
+ PKCS11_KEY *keys;
+ unsigned int nslots, nkeys;
+ char password[20];
+ int rc = 0;
+
+ if (argc < 2) {
+ fprintf(stderr,
+ "usage: %s /usr/lib/opensc-pkcs11.so [PIN]\n",
+ argv[0]);
+ return 1;
+ }
+
+ ctx = PKCS11_CTX_new();
+ error_queue("PKCS11_CTX_new");
+
+ /* load pkcs #11 module */
+ rc = PKCS11_CTX_load(ctx, argv[1]);
+ error_queue("PKCS11_CTX_load");
+ CHECK_ERR(rc < 0, "loading pkcs11 engine failed", 1);
+
+ /* get information on all slots */
+ rc = PKCS11_enumerate_slots(ctx, &slots, &nslots);
+ error_queue("PKCS11_enumerate_slots");
+ CHECK_ERR(rc < 0, "no slots available", 2);
+
+ /* get first slot with a token */
+ slot = PKCS11_find_token(ctx, slots, nslots);
+ error_queue("PKCS11_find_token");
+ CHECK_ERR(!slot || !slot->token, "no token available", 3);
+
+ printf("Slot manufacturer......: %s\n", slot->manufacturer);
+ printf("Slot description.......: %s\n", slot->description);
+ printf("Slot token label.......: %s\n", slot->token->label);
+ printf("Slot token manufacturer: %s\n", slot->token->manufacturer);
+ printf("Slot token model.......: %s\n", slot->token->model);
+ printf("Slot token serialnr....: %s\n", slot->token->serialnr);
+
+ /* get public keys */
+ rc = PKCS11_enumerate_public_keys(slot->token, &keys, &nkeys);
+ error_queue("PKCS11_enumerate_public_keys");
+ CHECK_ERR(rc < 0, "PKCS11_enumerate_public_keys failed", 4);
+ CHECK_ERR(nkeys == 0, "No public keys found", 5);
+ list_keys("Public keys", keys, nkeys);
+
+ if (slot->token->loginRequired && argc > 2) {
+ strcpy(password, argv[2]);
+ /* perform pkcs #11 login */
+ rc = PKCS11_login(slot, 0, password);
+ error_queue("PKCS11_login");
+ memset(password, 0, strlen(password));
+ CHECK_ERR(rc < 0, "PKCS11_login failed", 6);
+ }
+
+ /* get private keys */
+ rc = PKCS11_enumerate_keys(slot->token, &keys, &nkeys);
+ error_queue("PKCS11_enumerate_keys");
+ CHECK_ERR(rc < 0, "PKCS11_enumerate_keys failed", 7);
+ CHECK_ERR(nkeys == 0, "No private keys found", 8);
+ list_keys("Private keys", keys, nkeys);
+
+end:
+ if (slots)
+ PKCS11_release_all_slots(ctx, slots, nslots);
+ if (ctx) {
+ PKCS11_CTX_unload(ctx);
+ PKCS11_CTX_free(ctx);
+ }
+ CRYPTO_cleanup_all_ex_data();
+ ERR_free_strings();
+
+ if (rc)
+ printf("Failed (error code %d).\n", rc);
+ else
+ printf("Success.\n");
+ return rc;
+}
+
+static void list_keys(const char *title, const PKCS11_KEY *keys,
+ const unsigned int nkeys) {
+ unsigned int i;
+
+ printf("\n%s:\n", title);
+ for (i = 0; i < nkeys; i++)
+ printf(" * %s key: %s\n",
+ keys[i].isPrivate ? "Private" : "Public", keys[i].label);
+}
+
+static void error_queue(const char *name)
+{
+ if (ERR_peek_last_error()) {
+ fprintf(stderr, "%s generated errors:\n", name);
+ ERR_print_errors_fp(stderr);
+ }
+}
diff --git a/tests/Makefile.am b/tests/Makefile.am
index e8cac6e..040fad2 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -11,9 +11,10 @@ LDADD = ../src/libp11.la $(OPENSSL_LIBS)
auth_SOURCES = ../examples/auth.c
rawrsasign_SOURCES = ../examples/rawrsasign.c
+listkeys_SOURCES = ../examples/listkeys.c
-check_PROGRAMS = auth fork-test rawrsasign
-dist_check_SCRIPTS = testpkcs11.softhsm testfork.softhsm
+check_PROGRAMS = auth fork-test rawrsasign listkeys
+dist_check_SCRIPTS = testpkcs11.softhsm testfork.softhsm testlistkeys.softhsm
TESTS = $(dist_check_SCRIPTS)
diff --git a/tests/common.sh b/tests/common.sh
index 651db7c..7f70e63 100755
--- a/tests/common.sh
+++ b/tests/common.sh
@@ -95,6 +95,11 @@ if test $? != 0;then
exit 1;
fi
+pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 00010203 -a server-key -l -w ${file_dir}/pubkey.der -y pubkey >/dev/null
+if test $? != 0;then
+ exit 1;
+fi
+
pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 00010203 -a server-key -l -w ${file_dir}/cert.der -y cert >/dev/null
if test $? != 0;then
exit 1;
diff --git a/tests/pubkey.der b/tests/pubkey.der
new file mode 100644
index 0000000..0b9a0d4
Binary files /dev/null and b/tests/pubkey.der differ
diff --git a/tests/testlistkeys.softhsm b/tests/testlistkeys.softhsm
new file mode 100755
index 0000000..34da8ae
--- /dev/null
+++ b/tests/testlistkeys.softhsm
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+# Copyright (C) 2013 Nikos Mavrogiannopoulos
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# This is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+outdir="${srcdir}/output.$$"
+file_dir="${srcdir:-./}"
+
+. ${srcdir}/common.sh
+
+./listkeys $ADDITIONAL_PARAM $PIN
+if test $? != 0;then
+ exit 1;
+fi
+
+rm -rf "$outdir"
+
+exit 0
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git
More information about the pkg-opensc-commit
mailing list