From 0a8c248fcad8ad9a2ed383ce7ef007c80c6bba16 Mon Sep 17 00:00:00 2001 From: Aveen Ismail Date: Wed, 15 May 2024 17:20:56 +0200 Subject: [PATCH] YKCS11: Update tests for PKCS11 3.0 --- ykcs11/tests/CMakeLists.txt | 12 ++- ykcs11/tests/ykcs11_interfaces_tests.c | 122 +++++++++++++++++++++++++ ykcs11/tests/ykcs11_tests.c | 19 ++-- ykcs11/tests/ykcs11_tests_util.c | 56 ++++++------ ykcs11/tests/ykcs11_tests_util.h | 48 +++++----- ykcs11/ykcs11.c | 4 +- 6 files changed, 195 insertions(+), 66 deletions(-) create mode 100644 ykcs11/tests/ykcs11_interfaces_tests.c diff --git a/ykcs11/tests/CMakeLists.txt b/ykcs11/tests/CMakeLists.txt index 83394da3..726fb214 100644 --- a/ykcs11/tests/CMakeLists.txt +++ b/ykcs11/tests/CMakeLists.txt @@ -48,14 +48,22 @@ if(NOT DEFINED SKIP_TESTS) ykcs11_tests.c ykcs11_tests_util.c ) - add_executable(test_ykcs11 ${SOURCE_YKCS11_TESTS}) target_link_libraries(test_ykcs11 ykcs11_shared ${LIBCRYPTO_LDFLAGS}) - add_test( NAME test_ykcs11 COMMAND test_ykcs11 WORKING_DIRECTORY ${CMAKE_BINARY_DIR}/ykcs11/tests/ ) set_property(TEST test_ykcs11 APPEND PROPERTY ENVIRONMENT "YKPIV_ENV_HWTESTS_CONFIRMED=${HW_TESTS}") + + set(SOURCE_YKCS11_INTERFACES_TESTS ykcs11_interfaces_tests.c) + add_executable(test_ykcs11_interfaces ${SOURCE_YKCS11_INTERFACES_TESTS}) + target_link_libraries(test_ykcs11_interfaces ykcs11_shared ${LIBCRYPTO_LDFLAGS}) + add_test( + NAME test_ykcs11_interfaces + COMMAND test_ykcs11_interfaces + WORKING_DIRECTORY ${CMAKE_BINARY_DIR}/ykcs11/tests/ + ) + set_property(TEST test_ykcs11_interfaces APPEND PROPERTY ENVIRONMENT "YKPIV_ENV_HWTESTS_CONFIRMED=${HW_TESTS}") endif(NOT DEFINED SKIP_TESTS) \ No newline at end of file diff --git a/ykcs11/tests/ykcs11_interfaces_tests.c b/ykcs11/tests/ykcs11_interfaces_tests.c new file mode 100644 index 00000000..fc255c76 --- /dev/null +++ b/ykcs11/tests/ykcs11_interfaces_tests.c @@ -0,0 +1,122 @@ +/* + * Copyright (c) 2024 Yubico AB + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are + * met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#include "../ykcs11.h" +#include "../ykcs11-config.h" + +#include + +//#pragma clang diagnostic push +//#pragma clang diagnostic ignored "-Wpointer-sign" + +#ifdef _WIN32 +#define dprintf(fd, ...) fprintf(stdout, __VA_ARGS__) +#endif + +CK_VOID_PTR funcs; + +#define asrt(c, e, m) _asrt(__FILE__, __LINE__, c, e, m); + +CK_BBOOL is_neo = CK_FALSE; + +static void _asrt(const char *file, int line, CK_ULONG check, CK_ULONG expected, const char *msg) { + + if (check == expected) + return; + + fprintf(stderr, "%s.%d: <%s> check failed with value %lu (0x%lx), expected %lu (0x%lx)\n", + file, line, msg, check, check, expected, expected); + + exit(EXIT_FAILURE); + +} + +static void get_default_functions() { + CK_INTERFACE_PTR interface; + asrt(C_GetInterface(NULL,NULL,&interface,0), CKR_OK, "C_GetInterface default"); + funcs = interface->pFunctionList; +} + +static void get_named_functions(CK_UTF8CHAR_PTR name) { + CK_INTERFACE_PTR interface; + asrt(C_GetInterface((CK_UTF8CHAR_PTR)"PKCS 11",NULL,&interface,0), CKR_OK, "C_GetInterface named"); + funcs = interface->pFunctionList; +} + +static void get_versioned_functions(CK_BYTE major, CK_BYTE minor) { + CK_INTERFACE_PTR interface; + CK_VERSION version; + version.major=major; + version.minor=minor; + asrt(C_GetInterface(NULL,&version,&interface,0), CKR_OK, "C_GetInterface versioned"); + funcs = interface->pFunctionList; +} + +static void test_lib_info(CK_ULONG vmajor, CK_ULONG vminor) { + dprintf(0, "TEST START: test_lib_info()\n"); + + const CK_CHAR_PTR MANUFACTURER_ID = (const CK_CHAR_PTR)"Yubico (www.yubico.com)"; + const CK_CHAR_PTR YKCS11_DESCRIPTION = (const CK_CHAR_PTR)"PKCS#11 PIV Library (SP-800-73)"; + const CK_ULONG CRYPTOKI_VERSION_MAJ = vmajor; + const CK_ULONG CRYPTOKI_VERSION_MIN = vminor; + + CK_INFO info; + asrt(((CK_FUNCTION_LIST_3_0*)funcs)->C_Initialize(NULL), CKR_OK, "INITIALIZE"); + asrt(((CK_FUNCTION_LIST_3_0*)funcs)->C_GetInfo(&info), CKR_OK, "GET_INFO"); + asrt(strncmp((const char*)info.manufacturerID, (const char*)MANUFACTURER_ID, strlen((const char*)MANUFACTURER_ID)), 0, "MANUFACTURER"); + + asrt(info.cryptokiVersion.major, CRYPTOKI_VERSION_MAJ, "CK_MAJ"); + asrt(info.cryptokiVersion.minor, CRYPTOKI_VERSION_MIN, "CK_MIN"); + asrt(info.libraryVersion.major, YKCS11_VERSION_MAJOR, "LIB_MAJ"); + asrt(info.libraryVersion.minor, ((YKCS11_VERSION_MINOR * 10) + YKCS11_VERSION_PATCH), "LIB_MIN"); + asrt(strncmp((const char*)info.libraryDescription, (const char*)YKCS11_DESCRIPTION, strlen((const char*)YKCS11_DESCRIPTION)), 0, "LIB_DESC"); + asrt(((CK_FUNCTION_LIST_3_0*)funcs)->C_Finalize(NULL), CKR_OK, "FINALIZE"); + dprintf(0, "TEST END: test_lib_info()\n"); +} + + +int main(void) { + get_default_functions(); + test_lib_info(CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR); + asrt(((CK_FUNCTION_LIST_3_0*)funcs)->C_SignMessage(0, NULL, 0, NULL, 0, NULL, NULL), CKR_FUNCTION_NOT_SUPPORTED, "C_SignMessage"); + + get_versioned_functions(CRYPTOKI_LEGACY_VERSION_MAJOR, CRYPTOKI_LEGACY_VERSION_MINOR); + test_lib_info(CRYPTOKI_LEGACY_VERSION_MAJOR, CRYPTOKI_LEGACY_VERSION_MINOR); + + get_versioned_functions(CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR); + test_lib_info(CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR); + + get_named_functions("PKCS 11"); + test_lib_info(CRYPTOKI_VERSION_MAJOR, CRYPTOKI_VERSION_MINOR); + + return EXIT_SUCCESS; +} + +//#pragma clang diagnostic pop \ No newline at end of file diff --git a/ykcs11/tests/ykcs11_tests.c b/ykcs11/tests/ykcs11_tests.c index 766c22c3..09efba71 100644 --- a/ykcs11/tests/ykcs11_tests.c +++ b/ykcs11/tests/ykcs11_tests.c @@ -29,8 +29,8 @@ */ #include "../../common/openssl-compat.h" -#include "ykcs11.h" -#include "ykcs11-config.h" +#include "../ykcs11.h" +#include "../ykcs11-config.h" #include @@ -49,7 +49,7 @@ #define dprintf(fd, ...) fprintf(stdout, __VA_ARGS__) #endif -CK_FUNCTION_LIST_PTR funcs; +CK_FUNCTION_LIST_3_0_PTR funcs; #define N_ALL_KEYS 24 #define N_SELECTED_KEYS 4 @@ -71,12 +71,9 @@ static void _asrt(const char *file, int line, CK_ULONG check, CK_ULONG expected, } static void get_functions() { - - if (C_GetFunctionList(&funcs) != CKR_OK) { - fprintf(stderr, "Get function list failed\n"); - exit(EXIT_FAILURE); - } - + CK_INTERFACE_PTR interface; + asrt(C_GetInterface(NULL,NULL,&interface,0), CKR_OK, "C_GetInterface default"); + funcs = interface->pFunctionList; } static void test_lib_info() { @@ -84,8 +81,8 @@ static void test_lib_info() { const CK_CHAR_PTR MANUFACTURER_ID = (const CK_CHAR_PTR)"Yubico (www.yubico.com)"; const CK_CHAR_PTR YKCS11_DESCRIPTION = (const CK_CHAR_PTR)"PKCS#11 PIV Library (SP-800-73)"; - const CK_ULONG CRYPTOKI_VERSION_MAJ = 2; - const CK_ULONG CRYPTOKI_VERSION_MIN = 40; + const CK_ULONG CRYPTOKI_VERSION_MAJ = CRYPTOKI_VERSION_MAJOR; + const CK_ULONG CRYPTOKI_VERSION_MIN = CRYPTOKI_VERSION_MINOR; CK_INFO info; asrt(funcs->C_Initialize(NULL), CKR_OK, "INITIALIZE"); diff --git a/ykcs11/tests/ykcs11_tests_util.c b/ykcs11/tests/ykcs11_tests_util.c index 0a93642b..c42c7a8b 100644 --- a/ykcs11/tests/ykcs11_tests_util.c +++ b/ykcs11/tests/ykcs11_tests_util.c @@ -39,7 +39,7 @@ #include #include #include -#include "pkcs11y.h" +#include "../pkcs11y.h" #include "ykcs11_tests_util.h" static CK_BYTE SHA1_DIGEST[] = {0x30, 0x21, 0x30, 0x09, 0x06, @@ -75,7 +75,7 @@ static void _asrt(const char *file, int line, CK_ULONG check, CK_ULONG expected, } -static CK_OBJECT_HANDLE get_public_key_handle(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +static CK_OBJECT_HANDLE get_public_key_handle(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE privkey) { CK_OBJECT_HANDLE found_obj[10] = {0}; CK_ULONG n_found_obj = 0; @@ -98,7 +98,7 @@ static CK_OBJECT_HANDLE get_public_key_handle(CK_FUNCTION_LIST_PTR funcs, CK_SES return found_obj[0]; } -void destroy_test_objects(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_cert, CK_ULONG n) { +void destroy_test_objects(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_cert, CK_ULONG n) { CK_ULONG i; asrt(funcs->C_Login(session, CKU_SO, (CK_CHAR_PTR)"010203040506070801020304050607080102030405060708", 48), CKR_OK, "Login SO"); for(i=0; iC_Logout(session), CKR_OK, "Logout SO"); } -void generate_ec_keys_with_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, +void generate_ec_keys_with_policy(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, CK_BYTE* ec_params, CK_ULONG ec_params_len, CK_BYTE touch_attr_val, CK_BYTE pin_attr_val, CK_BBOOL always_auth_val) { CK_ULONG class_k = CKO_PRIVATE_KEY; @@ -630,7 +630,7 @@ void generate_ec_keys_with_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE asrt(funcs->C_Logout(session), CKR_OK, "Logout SO"); } -void generate_rsa_key_with_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, +void generate_rsa_key_with_policy(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, CK_OBJECT_HANDLE_PTR obj_pubkey, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE touch_attr_val, CK_BYTE pin_attr_val, CK_BBOOL always_auth_val) { CK_BYTE e[] = {0x01, 0x00, 0x01}; @@ -667,7 +667,7 @@ void generate_rsa_key_with_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE test_privkey_policy(funcs, session, *obj_pvtkey, touch_attr_val, pin_attr_val, always_auth_val, 4, 30); } -void generate_rsa_keys(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, CK_BYTE n_keys, +void generate_rsa_keys(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, CK_BYTE n_keys, CK_OBJECT_HANDLE_PTR obj_pubkey, CK_OBJECT_HANDLE_PTR obj_pvtkey) { CK_BYTE e[] = {0x01, 0x00, 0x01}; CK_ULONG class_k = CKO_PRIVATE_KEY; @@ -749,7 +749,7 @@ static void construct_der_encoded_sig(CK_BYTE sig[], CK_BYTE_PTR der_encoded, CK der_encoded[1] = der_ptr - der_encoded - 2; } -void test_ec_sign_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_ec_sign_simple(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, EC_KEY *eck, CK_ULONG key_len) { CK_MECHANISM mech = {CKM_ECDSA, NULL, 0}; @@ -782,7 +782,7 @@ void test_ec_sign_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -void test_ec_ecdh_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_ec_ecdh_simple(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, int curve) { CK_BYTE pubkey[128]={0}, pubkey2[128]={0}, secret[128]={0}, secret2[128]={0}; @@ -844,7 +844,7 @@ void test_ec_ecdh_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, EC_KEY_free(tmpkey); } -void test_ec_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_ec_sign_thorough(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_MECHANISM_TYPE mech_type, EC_KEY *eck, CK_ULONG key_len) { CK_MECHANISM mech = {mech_type, NULL, 0}; @@ -898,7 +898,7 @@ void test_ec_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -void test_rsa_sign_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_sign_simple(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, EVP_PKEY* evp) { CK_MECHANISM mech = {CKM_RSA_PKCS, NULL, 0}; @@ -936,7 +936,7 @@ void test_rsa_sign_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -void test_rsa_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_sign_thorough(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, EVP_PKEY* evp, CK_MECHANISM_TYPE mech_type) { CK_MECHANISM mech = {mech_type, NULL, 0}; @@ -1003,7 +1003,7 @@ void test_rsa_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE sessio asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -void test_rsa_sign_pss(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_sign_pss(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, RSA* rsak, CK_MECHANISM_TYPE mech_type) { CK_RSA_PKCS_PSS_PARAMS pss_params = {get_md_of(mech_type), get_md_of(mech_type), EVP_MD_size(get_md_type(get_md_of(mech_type)))}; @@ -1099,7 +1099,7 @@ void test_rsa_sign_pss(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_decrypt(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, RSA* rsak, CK_MECHANISM_TYPE mech_type, CK_ULONG padding) { int data_len; @@ -1160,7 +1160,7 @@ void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_ asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -void test_rsa_decrypt_oaep(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_decrypt_oaep(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, CK_MECHANISM_TYPE mdhash, RSA* rsak) { CK_RSA_PKCS_OAEP_PARAMS params = {mdhash, mdhash, 0, NULL, 0}; @@ -1213,7 +1213,7 @@ void test_rsa_decrypt_oaep(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -void test_rsa_encrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_encrypt(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, RSA* rsak, CK_MECHANISM_TYPE mech_type, CK_ULONG padding) { CK_RSA_PKCS_OAEP_PARAMS params = {0}; @@ -1274,7 +1274,7 @@ void test_rsa_encrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_ asrt(funcs->C_Logout(session), CKR_OK, "Logout USER"); } -static void test_pubkey_basic_attributes(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +static void test_pubkey_basic_attributes(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_type, CK_ULONG key_size, const unsigned char* label) { CK_ULONG obj_class; @@ -1331,7 +1331,7 @@ static void test_pubkey_basic_attributes(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_ asrt(strncmp(obj_label, (char*)label, obj_label_len), 0, "LABEL"); } -void test_pubkey_attributes_rsa(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_pubkey_attributes_rsa(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG modulus_len, CK_BYTE_PTR pubexp, CK_ULONG pubexp_len) { @@ -1352,7 +1352,7 @@ void test_pubkey_attributes_rsa(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE se asrt(memcmp(obj_pubexp, pubexp, pubexp_len), 0, "PUBLIC EXPONENT"); } -void test_pubkey_attributes_ec(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_pubkey_attributes_ec(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG ec_point_len, CK_BYTE_PTR ec_params, CK_ULONG ec_params_len) { @@ -1372,7 +1372,7 @@ void test_pubkey_attributes_ec(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE ses asrt(memcmp(obj_ec_param, ec_params, ec_params_len), 0, "EC PARAMS"); } -static void test_privkey_basic_attributes(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +static void test_privkey_basic_attributes(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE privkey, CK_ULONG key_type, CK_ULONG key_size, const unsigned char* label, CK_BBOOL always_authenticate) { CK_ULONG obj_class; @@ -1443,7 +1443,7 @@ static void test_privkey_basic_attributes(CK_FUNCTION_LIST_PTR funcs, CK_SESSION asrt(strncmp(obj_label, (char*)label, obj_label_len), 0, "LABEL"); } -void test_privkey_attributes_rsa(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_privkey_attributes_rsa(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG modulus_len, CK_BYTE_PTR pubexp, CK_ULONG pubexp_len, @@ -1465,7 +1465,7 @@ void test_privkey_attributes_rsa(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE s asrt(memcmp(obj_pubexp, pubexp, pubexp_len), 0, "PUBLIC EXPONENT"); } -void test_privkey_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_privkey_policy(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE privkey, CK_BYTE touch_attr_val, CK_BYTE pin_attr_val, CK_BBOOL always_auth_val, CK_BYTE major, CK_BYTE minor) { @@ -1510,7 +1510,7 @@ void test_privkey_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, asrt(always_auth, always_auth_val, "ALWAYS AUTH"); } -void test_privkey_attributes_ec(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_privkey_attributes_ec(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG ec_point_len, CK_BYTE_PTR ec_params, CK_ULONG ec_params_len, @@ -1531,7 +1531,7 @@ void test_privkey_attributes_ec(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE se asrt(memcmp(obj_ec_param, ec_params, ec_params_len), 0, "EC PARAMS"); } -void test_find_objects_by_class(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_find_objects_by_class(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG class, CK_BYTE ckaid, CK_ULONG n_expected, CK_OBJECT_HANDLE obj_expected) { CK_OBJECT_HANDLE obj[10] = {0}; diff --git a/ykcs11/tests/ykcs11_tests_util.h b/ykcs11/tests/ykcs11_tests_util.h index 9206b985..d3140d21 100644 --- a/ykcs11/tests/ykcs11_tests_util.h +++ b/ykcs11/tests/ykcs11_tests_util.h @@ -31,77 +31,77 @@ #ifndef TEST_UTIL_H #define TEST_UTIL_H -void test_digest_func(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_MECHANISM_TYPE mech_type); +void test_digest_func(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_MECHANISM_TYPE mech_type); -void destroy_test_objects(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_cert, CK_ULONG n); +void destroy_test_objects(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_cert, CK_ULONG n); -EC_KEY* import_ec_key(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, +EC_KEY* import_ec_key(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, int curve, CK_ULONG key_len, CK_BYTE* ec_params, CK_ULONG ec_params_len, CK_OBJECT_HANDLE_PTR obj_cert, CK_OBJECT_HANDLE_PTR obj_pvtkey); -void generate_ec_keys(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, +void generate_ec_keys(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, CK_BYTE* ec_params, CK_ULONG ec_params_len, CK_OBJECT_HANDLE_PTR obj_pubkey, CK_OBJECT_HANDLE_PTR obj_pvtkey); -void generate_ec_keys_with_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, +void generate_ec_keys_with_policy(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_BYTE n_keys, CK_BYTE* ec_params, CK_ULONG ec_params_len, CK_BYTE touch_attr_val, CK_BYTE pin_attr_val, CK_BBOOL always_auth_val); -void import_rsa_key_with_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, int keylen, CK_BYTE n_keys, +void import_rsa_key_with_policy(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, int keylen, CK_BYTE n_keys, CK_BYTE touch_attr_val, CK_BYTE pin_attr_val, CK_BBOOL always_auth_val); -void import_rsa_key(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, int keylen, EVP_PKEY** evp, RSA** rsak, +void import_rsa_key(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, int keylen, EVP_PKEY** evp, RSA** rsak, CK_BYTE n_keys, CK_OBJECT_HANDLE_PTR obj_cert, CK_OBJECT_HANDLE_PTR obj_pvtkey); -void generate_rsa_key_with_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, +void generate_rsa_key_with_policy(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, CK_OBJECT_HANDLE_PTR obj_pubkey, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE touch_attr_val, CK_BYTE pin_attr_val, CK_BBOOL always_auth_val); -void generate_rsa_keys(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, CK_BYTE n_keys, +void generate_rsa_keys(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG key_size, CK_BYTE n_keys, CK_OBJECT_HANDLE_PTR obj_pubkey, CK_OBJECT_HANDLE_PTR obj_pvtkey); -void test_ec_sign_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_ec_sign_simple(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, EC_KEY *eck, CK_ULONG key_len); -void test_ec_ecdh_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_ec_ecdh_simple(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, int curve); -void test_ec_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_ec_sign_thorough(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_MECHANISM_TYPE mech_type, EC_KEY *eck, CK_ULONG key_len); -void test_rsa_sign_simple(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_sign_simple(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, EVP_PKEY* evp); -void test_rsa_sign_thorough(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_sign_thorough(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, EVP_PKEY* evp, CK_MECHANISM_TYPE mech_type); -void test_rsa_sign_pss(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_sign_pss(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, RSA* rsak, CK_MECHANISM_TYPE mech_type); -void test_rsa_decrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_decrypt(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, RSA* rsak, CK_MECHANISM_TYPE mech_type, CK_ULONG padding); -void test_rsa_decrypt_oaep(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_decrypt_oaep(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, CK_MECHANISM_TYPE mdhash, RSA* rsak); -void test_rsa_encrypt(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, +void test_rsa_encrypt(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE_PTR obj_pvtkey, CK_BYTE n_keys, RSA* rsak, CK_MECHANISM_TYPE mech_type, CK_ULONG padding); -void test_pubkey_attributes_ec(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_pubkey_attributes_ec(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG ec_point_len, CK_BYTE_PTR ec_params, CK_ULONG ec_params_len); -void test_privkey_attributes_ec(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_privkey_attributes_ec(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG ec_point_len, CK_BYTE_PTR ec_params, CK_ULONG ec_params_len, CK_BBOOL always_authenticate); -void test_pubkey_attributes_rsa(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_pubkey_attributes_rsa(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG modulus_len, CK_BYTE* pubexp, CK_ULONG pubexp_len); -void test_privkey_attributes_rsa(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_privkey_attributes_rsa(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE pubkey, CK_ULONG key_size, const unsigned char* label, CK_ULONG modulus_len, CK_BYTE_PTR pubexp, CK_ULONG pubexp_len, CK_BBOOL always_authenticate); -void test_privkey_policy(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_privkey_policy(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_OBJECT_HANDLE privkey, CK_BYTE touch_attr_val, CK_BYTE pin_attr_val, CK_BBOOL always_auth_val, CK_BYTE major, CK_BYTE minor); -void test_find_objects_by_class(CK_FUNCTION_LIST_PTR funcs, CK_SESSION_HANDLE session, +void test_find_objects_by_class(CK_FUNCTION_LIST_3_0_PTR funcs, CK_SESSION_HANDLE session, CK_ULONG class, CK_BYTE ckaid, CK_ULONG n_expected, CK_OBJECT_HANDLE obj_expected); diff --git a/ykcs11/ykcs11.c b/ykcs11/ykcs11.c index b9e013de..8113c848 100644 --- a/ykcs11/ykcs11.c +++ b/ykcs11/ykcs11.c @@ -62,6 +62,7 @@ int verbose; static const CK_FUNCTION_LIST function_list; static const CK_FUNCTION_LIST_3_0 function_list_3; +static struct CK_INTERFACE active_interface; static CK_SESSION_HANDLE get_session_handle(ykcs11_session_t *session) { return (CK_SESSION_HANDLE)(session - sessions + 1); @@ -274,7 +275,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetInfo)( goto info_out; } - pInfo->cryptokiVersion = function_list.version; + pInfo->cryptokiVersion = ((CK_FUNCTION_LIST_3_0 *) active_interface.pFunctionList)->version; pInfo->libraryVersion.major = YKCS11_VERSION_MAJOR; pInfo->libraryVersion.minor = (YKCS11_VERSION_MINOR * 10) + YKCS11_VERSION_PATCH; pInfo->flags = 0; @@ -3954,6 +3955,7 @@ CK_DEFINE_FUNCTION(CK_RV, C_GetInterface) interfaces_list[i].pInterfaceName, func_list->version.major, func_list->version.minor); *ppInterface = (CK_INTERFACE_PTR) &interfaces_list[i]; + active_interface = interfaces_list[i]; rv = CKR_OK; break; }