p11test: Avoid possible issues reported by coverity
* The fail_msg() in cmocka has a way not to fail, which confuses coverity. Adding explicit retunr/exit should address this issue * Reformat some code in p11test
This commit is contained in:
parent
2958b71c9a
commit
818aa5b69c
|
@ -30,13 +30,15 @@ char flag_buffer[11];
|
||||||
void always_authenticate(test_cert_t *o, token_info_t *info)
|
void always_authenticate(test_cert_t *o, token_info_t *info)
|
||||||
{
|
{
|
||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
if (!o->always_auth)
|
if (!o->always_auth) {
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
rv = info->function_pointer->C_Login(info->session_handle,
|
rv = info->function_pointer->C_Login(info->session_handle,
|
||||||
CKU_CONTEXT_SPECIFIC, info->pin, info->pin_length);
|
CKU_CONTEXT_SPECIFIC, info->pin, info->pin_length);
|
||||||
if (rv != CKR_OK) {
|
if (rv != CKR_OK) {
|
||||||
fail_msg(" [ SKIP %s ] Re-authentication failed", o->id_str);
|
fail_msg(" [ SKIP %s ] Re-authentication failed", o->id_str);
|
||||||
|
exit(1);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -153,7 +155,7 @@ int callback_certificates(test_certs_t *objects,
|
||||||
CK_ATTRIBUTE template[], unsigned int template_size, CK_OBJECT_HANDLE object_handle)
|
CK_ATTRIBUTE template[], unsigned int template_size, CK_OBJECT_HANDLE object_handle)
|
||||||
{
|
{
|
||||||
EVP_PKEY *evp = NULL;
|
EVP_PKEY *evp = NULL;
|
||||||
const u_char *cp;
|
const u_char *cp = NULL;
|
||||||
test_cert_t *o = NULL;
|
test_cert_t *o = NULL;
|
||||||
|
|
||||||
if (*(CK_CERTIFICATE_TYPE *)template[3].pValue != CKC_X_509)
|
if (*(CK_CERTIFICATE_TYPE *)template[3].pValue != CKC_X_509)
|
||||||
|
@ -166,23 +168,29 @@ int callback_certificates(test_certs_t *objects,
|
||||||
cp = template[1].pValue;
|
cp = template[1].pValue;
|
||||||
if (d2i_X509(&(o->x509), &cp, template[1].ulValueLen) == NULL) {
|
if (d2i_X509(&(o->x509), &cp, template[1].ulValueLen) == NULL) {
|
||||||
fail_msg("d2i_X509");
|
fail_msg("d2i_X509");
|
||||||
|
return -1;
|
||||||
} else if ((evp = X509_get_pubkey(o->x509)) == NULL) {
|
} else if ((evp = X509_get_pubkey(o->x509)) == NULL) {
|
||||||
fail_msg("X509_get_pubkey failed.");
|
fail_msg("X509_get_pubkey failed.");
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (EVP_PKEY_base_id(evp) == EVP_PKEY_RSA) {
|
if (EVP_PKEY_base_id(evp) == EVP_PKEY_RSA) {
|
||||||
/* Extract public RSA key */
|
/* Extract public RSA key */
|
||||||
RSA *rsa = EVP_PKEY_get0_RSA(evp);
|
RSA *rsa = EVP_PKEY_get0_RSA(evp);
|
||||||
if ((o->key.rsa = RSAPublicKey_dup(rsa)) == NULL)
|
if ((o->key.rsa = RSAPublicKey_dup(rsa)) == NULL) {
|
||||||
fail_msg("RSAPublicKey_dup failed");
|
fail_msg("RSAPublicKey_dup failed");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
o->type = EVP_PK_RSA;
|
o->type = EVP_PK_RSA;
|
||||||
o->bits = EVP_PKEY_bits(evp);
|
o->bits = EVP_PKEY_bits(evp);
|
||||||
|
|
||||||
} else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) {
|
} else if (EVP_PKEY_base_id(evp) == EVP_PKEY_EC) {
|
||||||
/* Extract public EC key */
|
/* Extract public EC key */
|
||||||
EC_KEY *ec = EVP_PKEY_get0_EC_KEY(evp);
|
EC_KEY *ec = EVP_PKEY_get0_EC_KEY(evp);
|
||||||
if ((o->key.ec = EC_KEY_dup(ec)) == NULL)
|
if ((o->key.ec = EC_KEY_dup(ec)) == NULL) {
|
||||||
fail_msg("EC_KEY_dup failed");
|
fail_msg("EC_KEY_dup failed");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
o->type = EVP_PK_EC;
|
o->type = EVP_PK_EC;
|
||||||
o->bits = EVP_PKEY_bits(evp);
|
o->bits = EVP_PKEY_bits(evp);
|
||||||
|
|
||||||
|
@ -434,8 +442,10 @@ int search_objects(test_certs_t *objects, token_info_t *info,
|
||||||
if (i >= objects_length) {
|
if (i >= objects_length) {
|
||||||
objects_length += 4; // do not realloc after each row
|
objects_length += 4; // do not realloc after each row
|
||||||
object_handles = realloc(object_handles, objects_length * sizeof(CK_OBJECT_HANDLE_PTR));
|
object_handles = realloc(object_handles, objects_length * sizeof(CK_OBJECT_HANDLE_PTR));
|
||||||
if (object_handles == NULL)
|
if (object_handles == NULL) {
|
||||||
fail_msg("Realloc failed. Need to store object handles.\n");
|
fail_msg("Realloc failed. Need to store object handles.\n");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
object_handles[i++] = object_handle;
|
object_handles[i++] = object_handle;
|
||||||
}
|
}
|
||||||
|
@ -445,6 +455,7 @@ int search_objects(test_certs_t *objects, token_info_t *info,
|
||||||
if (rv != CKR_OK) {
|
if (rv != CKR_OK) {
|
||||||
fprintf(stderr, "C_FindObjectsFinal: rv = 0x%.8lX\n", rv);
|
fprintf(stderr, "C_FindObjectsFinal: rv = 0x%.8lX\n", rv);
|
||||||
fail_msg("Could not find certificate.\n");
|
fail_msg("Could not find certificate.\n");
|
||||||
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
for (i = 0; i < objects_length; i++) {
|
for (i = 0; i < objects_length; i++) {
|
||||||
|
@ -457,24 +468,30 @@ int search_objects(test_certs_t *objects, token_info_t *info,
|
||||||
|
|
||||||
rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
|
rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
|
||||||
&(template[j]), 1);
|
&(template[j]), 1);
|
||||||
if (rv == CKR_ATTRIBUTE_TYPE_INVALID)
|
if (rv == CKR_ATTRIBUTE_TYPE_INVALID) {
|
||||||
continue;
|
continue;
|
||||||
else if (rv != CKR_OK)
|
} else if (rv != CKR_OK) {
|
||||||
fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
|
fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
/* Allocate memory to hold the data we want */
|
/* Allocate memory to hold the data we want */
|
||||||
if (template[j].ulValueLen == 0) {
|
if (template[j].ulValueLen == 0) {
|
||||||
continue;
|
continue;
|
||||||
} else {
|
} else {
|
||||||
template[j].pValue = malloc(template[j].ulValueLen);
|
template[j].pValue = malloc(template[j].ulValueLen);
|
||||||
if (template[j].pValue == NULL)
|
if (template[j].pValue == NULL) {
|
||||||
fail_msg("malloc failed");
|
fail_msg("malloc failed");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
/* Call again to get actual attribute */
|
/* Call again to get actual attribute */
|
||||||
rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
|
rv = fp->C_GetAttributeValue(info->session_handle, object_handles[i],
|
||||||
&(template[j]), 1);
|
&(template[j]), 1);
|
||||||
if (rv != CKR_OK)
|
if (rv != CKR_OK) {
|
||||||
fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
|
fail_msg("C_GetAttributeValue: rv = 0x%.8lX\n", rv);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
callback(objects, template, template_size, object_handles[i]);
|
callback(objects, template, template_size, object_handles[i]);
|
||||||
|
|
|
@ -103,16 +103,19 @@ int is_pss_mechanism(CK_MECHANISM_TYPE mech);
|
||||||
#define P11TEST_PASS(info) do { _P11TEST_FINALIZE(info, "pass") } while(0);
|
#define P11TEST_PASS(info) do { _P11TEST_FINALIZE(info, "pass") } while(0);
|
||||||
|
|
||||||
#define P11TEST_FAIL(info, msg, ...) do { \
|
#define P11TEST_FAIL(info, msg, ...) do { \
|
||||||
if (info->log.fd && info->log.in_test) { \
|
if (info->log.fd && info->log.in_test) { \
|
||||||
fprintf(info->log.fd, ",\n\t\"fail_reason\": \"" msg "\"", ##__VA_ARGS__); \
|
fprintf(info->log.fd, ",\n\t\"fail_reason\": \"" msg "\"", ##__VA_ARGS__); \
|
||||||
} \
|
} \
|
||||||
_P11TEST_FINALIZE(info, "fail") \
|
_P11TEST_FINALIZE(info, "fail") \
|
||||||
fail_msg(msg, ##__VA_ARGS__); \
|
fail_msg(msg, ##__VA_ARGS__); \
|
||||||
|
exit(1); \
|
||||||
} while (0);
|
} while (0);
|
||||||
|
|
||||||
#define P11TEST_DATA_ROW(info, cols, ...) if (info->log.fd) { \
|
#define P11TEST_DATA_ROW(info, cols, ...) if (info->log.fd) { \
|
||||||
if (info->log.in_test == 0) \
|
if (info->log.in_test == 0) {\
|
||||||
fail_msg("Can't add data outside of the test");\
|
fail_msg("Can't add data outside of the test");\
|
||||||
|
exit(1); \
|
||||||
|
} \
|
||||||
if (info->log.in_data == 0) {\
|
if (info->log.in_data == 0) {\
|
||||||
fprintf(info->log.fd, ",\n\t\"data\": [");\
|
fprintf(info->log.fd, ",\n\t\"data\": [");\
|
||||||
info->log.in_data = 1;\
|
info->log.in_data = 1;\
|
||||||
|
|
|
@ -546,8 +546,10 @@ int sign_verify_test(test_cert_t *o, token_info_t *info, test_mech_t *mech,
|
||||||
CK_ULONG sign_length = 0;
|
CK_ULONG sign_length = 0;
|
||||||
int rv = 0;
|
int rv = 0;
|
||||||
|
|
||||||
if (message_length > strlen(SHORT_MESSAGE_TO_SIGN))
|
if (message_length > strlen(SHORT_MESSAGE_TO_SIGN)) {
|
||||||
fail_msg("Truncate is longer than the actual message");
|
fail_msg("Truncate is longer than the actual message");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
if (o->private_handle == CK_INVALID_HANDLE) {
|
if (o->private_handle == CK_INVALID_HANDLE) {
|
||||||
debug_print(" [SKIP %s ] Missing private key", o->id_str);
|
debug_print(" [SKIP %s ] Missing private key", o->id_str);
|
||||||
|
|
|
@ -23,7 +23,9 @@
|
||||||
#include "p11test_helpers.h"
|
#include "p11test_helpers.h"
|
||||||
#include "p11test_loader.h"
|
#include "p11test_loader.h"
|
||||||
|
|
||||||
int open_session(token_info_t *info) {
|
int
|
||||||
|
open_session(token_info_t *info)
|
||||||
|
{
|
||||||
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
|
|
||||||
|
@ -31,56 +33,65 @@ int open_session(token_info_t *info) {
|
||||||
CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR,
|
CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR,
|
||||||
&info->session_handle);
|
&info->session_handle);
|
||||||
|
|
||||||
if(rv != CKR_OK)
|
if (rv != CKR_OK) {
|
||||||
return 1;
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
debug_print("Session was successfully created");
|
debug_print("Session was successfully created");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int initialize_cryptoki(token_info_t *info) {
|
int
|
||||||
|
initialize_cryptoki(token_info_t *info)
|
||||||
|
{
|
||||||
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
|
|
||||||
rv = function_pointer->C_Initialize(NULL_PTR);
|
rv = function_pointer->C_Initialize(NULL_PTR);
|
||||||
if(rv != CKR_OK){
|
if (rv != CKR_OK) {
|
||||||
fprintf(stderr,"Could not initialize CRYPTOKI!\n");
|
fprintf(stderr, "Could not initialize CRYPTOKI!\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(get_slot_with_card(info)) {
|
if (get_slot_with_card(info)) {
|
||||||
function_pointer->C_Finalize(NULL_PTR);
|
function_pointer->C_Finalize(NULL_PTR);
|
||||||
fprintf(stderr,"There is no card present in reader.\n");
|
fprintf(stderr, "There is no card present in reader.\n");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int token_initialize(void **state) {
|
int token_initialize(void **state)
|
||||||
|
{
|
||||||
token_info_t *info = (token_info_t *) *state;
|
token_info_t *info = (token_info_t *) *state;
|
||||||
if(initialize_cryptoki(info)) {
|
if (initialize_cryptoki(info)) {
|
||||||
debug_print("CRYPTOKI couldn't be initialized");
|
debug_print("CRYPTOKI couldn't be initialized");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
void logfile_init(token_info_t *info) {
|
void logfile_init(token_info_t *info)
|
||||||
if (token.log.outfile == NULL)
|
{
|
||||||
|
if (token.log.outfile == NULL) {
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
if ((info->log.fd = fopen(token.log.outfile, "w")) == NULL)
|
if ((info->log.fd = fopen(token.log.outfile, "w")) == NULL) {
|
||||||
fail_msg("Couldn't open file for test results.");
|
fail_msg("Couldn't open file for test results.");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
fprintf(info->log.fd, "{\n\"time\": 0,\n\"results\": [");
|
fprintf(info->log.fd, "{\n\"time\": 0,\n\"results\": [");
|
||||||
info->log.in_test = 0;
|
info->log.in_test = 0;
|
||||||
info->log.first = 1;
|
info->log.first = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
void logfile_finalize(token_info_t *info) {
|
void logfile_finalize(token_info_t *info)
|
||||||
if (info == NULL || info->log.fd == NULL)
|
{
|
||||||
|
if (info == NULL || info->log.fd == NULL) {
|
||||||
return;
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
/* Make sure the JSON object for test is closed */
|
/* Make sure the JSON object for test is closed */
|
||||||
if (info->log.in_test) {
|
if (info->log.in_test) {
|
||||||
|
@ -94,7 +105,6 @@ void logfile_finalize(token_info_t *info) {
|
||||||
|
|
||||||
int group_setup(void **state)
|
int group_setup(void **state)
|
||||||
{
|
{
|
||||||
|
|
||||||
token_info_t * info = calloc(sizeof(token_info_t), 1);
|
token_info_t * info = calloc(sizeof(token_info_t), 1);
|
||||||
|
|
||||||
assert_non_null(info);
|
assert_non_null(info);
|
||||||
|
@ -107,6 +117,7 @@ int group_setup(void **state)
|
||||||
if (load_pkcs11_module(info, token.library_path)) {
|
if (load_pkcs11_module(info, token.library_path)) {
|
||||||
free(info);
|
free(info);
|
||||||
fail_msg("Could not load module!\n");
|
fail_msg("Could not load module!\n");
|
||||||
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
logfile_init(info);
|
logfile_init(info);
|
||||||
|
@ -115,8 +126,8 @@ int group_setup(void **state)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int group_teardown(void **state) {
|
int group_teardown(void **state)
|
||||||
|
{
|
||||||
token_info_t *info = (token_info_t *) *state;
|
token_info_t *info = (token_info_t *) *state;
|
||||||
debug_print("Clearing state after group tests!");
|
debug_print("Clearing state after group tests!");
|
||||||
// XXX do not finalize already Finalized
|
// XXX do not finalize already Finalized
|
||||||
|
@ -134,13 +145,14 @@ int group_teardown(void **state) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int prepare_token(token_info_t *info) {
|
int prepare_token(token_info_t *info)
|
||||||
if(initialize_cryptoki(info)) {
|
{
|
||||||
|
if (initialize_cryptoki(info)) {
|
||||||
debug_print("CRYPTOKI couldn't be initialized");
|
debug_print("CRYPTOKI couldn't be initialized");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(open_session(info)) {
|
if (open_session(info)) {
|
||||||
debug_print("Could not open session to token!");
|
debug_print("Could not open session to token!");
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
@ -148,7 +160,8 @@ int prepare_token(token_info_t *info) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int finalize_token(token_info_t *info) {
|
int finalize_token(token_info_t *info)
|
||||||
|
{
|
||||||
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
||||||
|
|
||||||
info->session_handle = 0;
|
info->session_handle = 0;
|
||||||
|
@ -159,26 +172,31 @@ int finalize_token(token_info_t *info) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int user_login_setup(void **state) {
|
int user_login_setup(void **state)
|
||||||
|
{
|
||||||
token_info_t *info = (token_info_t *) *state;
|
token_info_t *info = (token_info_t *) *state;
|
||||||
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
||||||
CK_RV rv;
|
CK_RV rv;
|
||||||
|
|
||||||
if (prepare_token(info))
|
if (prepare_token(info)) {
|
||||||
fail_msg("Could not prepare token.\n");
|
fail_msg("Could not prepare token.\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
debug_print("Logging in to the token!");
|
debug_print("Logging in to the token!");
|
||||||
rv = function_pointer->C_Login(info->session_handle, CKU_USER,
|
rv = function_pointer->C_Login(info->session_handle, CKU_USER,
|
||||||
token.pin, token.pin_length);
|
token.pin, token.pin_length);
|
||||||
|
|
||||||
if(rv != CKR_OK)
|
if (rv != CKR_OK) {
|
||||||
fail_msg("Could not login to token with user PIN '%s'\n", token.pin);
|
fail_msg("Could not login to token with user PIN '%s'\n", token.pin);
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int after_test_cleanup(void **state) {
|
int after_test_cleanup(void **state)
|
||||||
|
{
|
||||||
token_info_t *info = (token_info_t *) *state;
|
token_info_t *info = (token_info_t *) *state;
|
||||||
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
CK_FUNCTION_LIST_PTR function_pointer = info->function_pointer;
|
||||||
|
|
||||||
|
@ -189,16 +207,20 @@ int after_test_cleanup(void **state) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int token_setup(void **state) {
|
int token_setup(void **state)
|
||||||
|
{
|
||||||
token_info_t *info = (token_info_t *) *state;
|
token_info_t *info = (token_info_t *) *state;
|
||||||
|
|
||||||
if(prepare_token(info))
|
if (prepare_token(info)) {
|
||||||
fail_msg("Could not prepare token.\n");
|
fail_msg("Could not prepare token.\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
int token_cleanup(void **state) {
|
int token_cleanup(void **state)
|
||||||
|
{
|
||||||
token_info_t *info = (token_info_t *) *state;
|
token_info_t *info = (token_info_t *) *state;
|
||||||
|
|
||||||
finalize_token(info);
|
finalize_token(info);
|
||||||
|
|
Loading…
Reference in New Issue