diff --git a/src/tests/regression/functions b/src/tests/regression/functions index 38f60a7c..432a56f1 100755 --- a/src/tests/regression/functions +++ b/src/tests/regression/functions @@ -74,9 +74,8 @@ cp /dev/null $p15log function atexit { - test "$p15temp" && rm -rf $p15temp - if ! $test_failed; then + test "$p15temp" && rm -rf $p15temp msg <<-EOF ::: ::: ${__green}Test set completed successfully${__black} @@ -184,7 +183,7 @@ function p15_init { ::: Testing pkcs15-init ::: ::: The PINs used by this test script (if applicable) are - ::: Test SO PIN abcdef + ::: Test SO PIN 999999 ::: Test User PIN 0000 ::: EOF @@ -226,7 +225,6 @@ function p15_gen_key { msg "Generating key ($*)" run_display_output $p15init -G $type \ - --split-key \ --pin 0000 \ --id 45 \ --label "Test User Key" \ @@ -234,6 +232,20 @@ function p15_gen_key { success } +function p15_exp_key { + + keyfile=$1 + shift + + msg "Generating key ($*)" + run_display_output $p15tool \ + --pin 0000 \ + --read-public-key 45 \ + --output $p15temp/$keyfile \ + "$@" + success +} + function p15_store_key { keyfile=$1 @@ -241,7 +253,6 @@ function p15_store_key { msg "Storing private key $keyfile ($*)" run_display_output $p15init -S $keyfile \ - --split-key \ --pin 0000 \ --id 45 \ --label "Test User Key" \ diff --git a/src/tests/regression/init0003 b/src/tests/regression/init0003 index 87ab4329..58f05101 100755 --- a/src/tests/regression/init0003 +++ b/src/tests/regression/init0003 @@ -7,7 +7,8 @@ . functions p15_init --no-so-pin -p15_gen_key rsa/1024 --key-usage decrypt --insecure -p15_validate +p15_set_pin -a 01 +p15_gen_key rsa/1024 --key-usage decrypt -a 01 +p15_validate p15_erase diff --git a/src/tests/regression/init0004 b/src/tests/regression/init0004 index 429ef4b3..71b9f45f 100755 --- a/src/tests/regression/init0004 +++ b/src/tests/regression/init0004 @@ -7,7 +7,8 @@ . functions p15_init --no-so-pin -p15_gen_key rsa/1024 --insecure --key-usage sign +p15_set_pin -a 01 +p15_gen_key rsa/1024 -a 01 --key-usage sign p15_validate p15_erase diff --git a/src/tests/regression/init0005 b/src/tests/regression/init0005 index 8a400d37..3478de55 100755 --- a/src/tests/regression/init0005 +++ b/src/tests/regression/init0005 @@ -7,7 +7,8 @@ . functions p15_init --no-so-pin -p15_gen_key rsa/512 --insecure --key-usage sign,decrypt +p15_set_pin -a 01 +p15_gen_key rsa/512 -a 01 --key-usage sign,decrypt p15_validate p15_erase diff --git a/src/tests/regression/init0006 b/src/tests/regression/init0006 index b9e4e0a8..2514664d 100755 --- a/src/tests/regression/init0006 +++ b/src/tests/regression/init0006 @@ -9,12 +9,13 @@ k=$p15temp/private.pem p15_init --no-so-pin +p15_set_pin -a 01 msg "Generating key with OpenSSL" run_check_status openssl genrsa -out $k -f4 1024 success -p15_store_key $k --insecure +p15_store_key $k -a 01 p15_validate p15_erase diff --git a/src/tests/regression/init0008 b/src/tests/regression/init0008 index 9fb8ea4b..4826a1b0 100755 --- a/src/tests/regression/init0008 +++ b/src/tests/regression/init0008 @@ -7,7 +7,8 @@ . functions p15_init --no-so-pin -p15_store_key test.p12 --format pkcs12 --passphrase "password" --insecure +p15_set_pin -a 01 +p15_store_key test.p12 --format pkcs12 --passphrase "password" -a 01 p15_validate p15_erase diff --git a/src/tests/regression/init0009 b/src/tests/regression/init0009 new file mode 100755 index 00000000..38f694e4 --- /dev/null +++ b/src/tests/regression/init0009 @@ -0,0 +1,30 @@ +#!/bin/bash +# +# Test pkcs15-init +# +# Run this from the regression test directory. + +. functions + +p15_init --no-so-pin +p15_set_pin -a 01 +p15_gen_key rsa/1024 -a 01 --key-usage decrypt +p15_exp_key key.pem + +msg "Encrypting message (pkcs1 padding)" +echo lalla > $p15temp/message +run_check_status openssl rsautl -encrypt \ + -pubin -inkey $p15temp/key.pem \ + -in $p15temp/message \ + -out $p15temp/encrypted + +run_check_status $p15crypt --decipher --pkcs1 \ + --input $p15temp/encrypted \ + --output $p15temp/decrypted \ + --pin 0000 + +cmp $p15temp/message $p15temp/decrypted \ + || fail "Decrypted file does not match plain text file" +success + +p15_erase diff --git a/src/tests/regression/init0010 b/src/tests/regression/init0010 new file mode 100755 index 00000000..e3a4308e --- /dev/null +++ b/src/tests/regression/init0010 @@ -0,0 +1,35 @@ +#!/bin/bash +# +# Test pkcs15-init +# +# Run this from the regression test directory. + +. functions + +p15_init --no-so-pin +p15_set_pin -a 01 +p15_gen_key rsa/1024 -a 01 --key-usage sign +p15_exp_key key.pem + +echo lalla > $p15temp/message + +msg "Digesting the message" +run_check_status openssl dgst -md5 \ + -binary -out $p15temp/md5value \ + $p15temp/message + +msg "Signing message (with key)" +run_check_status $p15crypt --sign --md5 --pkcs1 \ + --input $p15temp/md5value \ + --output $p15temp/signature \ + --pin 0000 + +msg "Verifying message (with software)" +run_check_output "Verified OK" openssl dgst -md5 \ + -verify $p15temp/key.pem \ + -signature $p15temp/signature \ + $p15temp/message + +success + +p15_erase diff --git a/src/tests/regression/init0011 b/src/tests/regression/init0011 new file mode 100755 index 00000000..0978f24a --- /dev/null +++ b/src/tests/regression/init0011 @@ -0,0 +1,35 @@ +#!/bin/bash +# +# Test pkcs15-init +# +# Run this from the regression test directory. + +. functions + +p15_init --no-so-pin +p15_set_pin -a 01 +p15_gen_key rsa/1024 -a 01 --key-usage sign +p15_exp_key key.pem + +echo lalla > $p15temp/message + +msg "Digesting the message" +run_check_status openssl dgst -sha1 \ + -binary -out $p15temp/sha1value \ + $p15temp/message + +msg "Signing message (with key)" +run_check_status $p15crypt --sign --sha-1 --pkcs1 \ + --input $p15temp/sha1value \ + --output $p15temp/signature \ + --pin 0000 + +msg "Verifying message (with software)" +run_check_output "Verified OK" openssl dgst -sha1 \ + -verify $p15temp/key.pem \ + -signature $p15temp/signature \ + $p15temp/message + +success + +p15_erase