[pkg-opensc-commit] [libp11] 36/67: Added a test case for private/public key enumeration

Eric Dorland eric at moszumanska.debian.org
Sat Jan 30 05:34:15 UTC 2016 

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository libp11.

commit b7e39dbb8d9347df845d820f567dd1f85655df64
Author: Michał Trojnara <Michal.Trojnara at stunnel.org>
Date:   Mon Jan 4 16:53:53 2016 +0100

    Added a test case for private/public key enumeration
---
 examples/Makefile.am       |   2 +-
 examples/listkeys.c        | 136 +++++++++++++++++++++++++++++++++++++++++++++
 tests/Makefile.am          |   5 +-
 tests/common.sh            |   5 ++
 tests/pubkey.der           | Bin 0 -> 294 bytes
 tests/testlistkeys.softhsm |  32 +++++++++++
 6 files changed, 177 insertions(+), 3 deletions(-)

diff --git a/examples/Makefile.am b/examples/Makefile.am
index 0a62672..67d8a3d 100644
--- a/examples/Makefile.am
+++ b/examples/Makefile.am
@@ -4,7 +4,7 @@ AM_CPPFLAGS = -I$(srcdir) -I$(top_srcdir)/src \
 
 EXTRA_DIST = README
 
-noinst_PROGRAMS = auth decrypt getrandom
+noinst_PROGRAMS = auth decrypt getrandom listkeys
 
 LDADD = ../src/libp11.la $(OPENSSL_LIBS)
 
diff --git a/examples/listkeys.c b/examples/listkeys.c
new file mode 100644
index 0000000..f7a49d8
--- /dev/null
+++ b/examples/listkeys.c
@@ -0,0 +1,136 @@
+/* libp11 example code: listkeys.c
+ *
+ * This examply simply connects to your smart card
+ * and list the keys.
+ *
+ * Feel free to copy all of the code as needed.
+ *
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <termios.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+#include <libp11.h>
+#include <unistd.h>
+
+#define RANDOM_SOURCE "/dev/urandom"
+#define RANDOM_SIZE 20
+#define MAX_SIGSIZE 256
+
+static void list_keys(const char *title,
+	const PKCS11_KEY *keys, const unsigned int nkeys);
+static void error_queue(const char *name);
+
+#define CHECK_ERR(cond, txt, code) \
+	do { \
+		if (cond) { \
+			fprintf(stderr, "%s\n", (txt)); \
+			rc=(code); \
+			goto end; \
+		} \
+	} while (0)
+
+int main(int argc, char *argv[])
+{
+	PKCS11_CTX *ctx=NULL;
+	PKCS11_SLOT *slots=NULL, *slot;
+	PKCS11_KEY *keys;
+	unsigned int nslots, nkeys;
+	char password[20];
+	int rc = 0;
+
+	if (argc < 2) {
+		fprintf(stderr,
+			"usage: %s /usr/lib/opensc-pkcs11.so [PIN]\n",
+			argv[0]);
+		return 1;
+	}
+
+	ctx = PKCS11_CTX_new();
+	error_queue("PKCS11_CTX_new");
+
+	/* load pkcs #11 module */
+	rc = PKCS11_CTX_load(ctx, argv[1]);
+	error_queue("PKCS11_CTX_load");
+	CHECK_ERR(rc < 0, "loading pkcs11 engine failed", 1);
+
+	/* get information on all slots */
+	rc = PKCS11_enumerate_slots(ctx, &slots, &nslots);
+	error_queue("PKCS11_enumerate_slots");
+	CHECK_ERR(rc < 0, "no slots available", 2);
+
+	/* get first slot with a token */
+	slot = PKCS11_find_token(ctx, slots, nslots);
+	error_queue("PKCS11_find_token");
+	CHECK_ERR(!slot || !slot->token, "no token available", 3);
+
+	printf("Slot manufacturer......: %s\n", slot->manufacturer);
+	printf("Slot description.......: %s\n", slot->description);
+	printf("Slot token label.......: %s\n", slot->token->label);
+	printf("Slot token manufacturer: %s\n", slot->token->manufacturer);
+	printf("Slot token model.......: %s\n", slot->token->model);
+	printf("Slot token serialnr....: %s\n", slot->token->serialnr);
+
+	/* get public keys */
+	rc = PKCS11_enumerate_public_keys(slot->token, &keys, &nkeys);
+	error_queue("PKCS11_enumerate_public_keys");
+	CHECK_ERR(rc < 0, "PKCS11_enumerate_public_keys failed", 4);
+	CHECK_ERR(nkeys == 0, "No public keys found", 5);
+	list_keys("Public keys", keys, nkeys);
+
+	if (slot->token->loginRequired && argc > 2) {
+		strcpy(password, argv[2]);
+		/* perform pkcs #11 login */
+		rc = PKCS11_login(slot, 0, password);
+		error_queue("PKCS11_login");
+		memset(password, 0, strlen(password));
+		CHECK_ERR(rc < 0, "PKCS11_login failed", 6);
+	}
+
+	/* get private keys */
+	rc = PKCS11_enumerate_keys(slot->token, &keys, &nkeys);
+	error_queue("PKCS11_enumerate_keys");
+	CHECK_ERR(rc < 0, "PKCS11_enumerate_keys failed", 7);
+	CHECK_ERR(nkeys == 0, "No private keys found", 8);
+	list_keys("Private keys", keys, nkeys);
+
+end:
+	if (slots)
+		PKCS11_release_all_slots(ctx, slots, nslots);
+	if (ctx) {
+		PKCS11_CTX_unload(ctx);
+		PKCS11_CTX_free(ctx);
+	}
+	CRYPTO_cleanup_all_ex_data();
+	ERR_free_strings();
+
+	if (rc)
+		printf("Failed (error code %d).\n", rc);
+	else
+		printf("Success.\n");
+	return rc;
+}
+
+static void list_keys(const char *title, const PKCS11_KEY *keys,
+		const unsigned int nkeys) {
+	unsigned int i;
+
+	printf("\n%s:\n", title);
+	for (i = 0; i < nkeys; i++)
+		printf(" * %s key: %s\n",
+			keys[i].isPrivate ? "Private" : "Public", keys[i].label);
+}
+
+static void error_queue(const char *name)
+{
+	if (ERR_peek_last_error()) {
+		fprintf(stderr, "%s generated errors:\n", name);
+		ERR_print_errors_fp(stderr);
+	}
+}
diff --git a/tests/Makefile.am b/tests/Makefile.am
index e8cac6e..040fad2 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -11,9 +11,10 @@ LDADD = ../src/libp11.la $(OPENSSL_LIBS)
 
 auth_SOURCES = ../examples/auth.c
 rawrsasign_SOURCES = ../examples/rawrsasign.c
+listkeys_SOURCES = ../examples/listkeys.c
 
-check_PROGRAMS = auth fork-test rawrsasign
-dist_check_SCRIPTS = testpkcs11.softhsm testfork.softhsm
+check_PROGRAMS = auth fork-test rawrsasign listkeys
+dist_check_SCRIPTS = testpkcs11.softhsm testfork.softhsm testlistkeys.softhsm
 
 TESTS = $(dist_check_SCRIPTS)
 
diff --git a/tests/common.sh b/tests/common.sh
index 651db7c..7f70e63 100755
--- a/tests/common.sh
+++ b/tests/common.sh
@@ -95,6 +95,11 @@ if test $? != 0;then
 	exit 1;
 fi
 
+pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 00010203 -a server-key -l -w ${file_dir}/pubkey.der -y pubkey >/dev/null
+if test $? != 0;then
+	exit 1;
+fi
+
 pkcs11-tool -p $PIN --module $ADDITIONAL_PARAM -d 00010203 -a server-key -l -w ${file_dir}/cert.der -y cert >/dev/null
 if test $? != 0;then
 	exit 1;
diff --git a/tests/pubkey.der b/tests/pubkey.der
new file mode 100644
index 0000000..0b9a0d4
Binary files /dev/null and b/tests/pubkey.der differ
diff --git a/tests/testlistkeys.softhsm b/tests/testlistkeys.softhsm
new file mode 100755
index 0000000..34da8ae
--- /dev/null
+++ b/tests/testlistkeys.softhsm
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+# Copyright (C) 2013 Nikos Mavrogiannopoulos
+# Copyright (C) 2015 Red Hat, Inc.
+#
+# This is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 3 of the License, or (at
+# your option) any later version.
+#
+# GnuTLS is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+outdir="${srcdir}/output.$$"
+file_dir="${srcdir:-./}"
+
+. ${srcdir}/common.sh
+
+./listkeys $ADDITIONAL_PARAM $PIN
+if test $? != 0;then
+	exit 1;
+fi
+
+rm -rf "$outdir"
+
+exit 0

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/libp11.git

More information about the pkg-opensc-commit mailing list