- updated/added tests
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1509 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
23c1e81512
commit
a42044829c
|
@ -13,6 +13,7 @@ if [ -z "$__p15init__" ]; then
|
||||||
p15crypt=$p15base/tools/pkcs15-crypt
|
p15crypt=$p15base/tools/pkcs15-crypt
|
||||||
p15tool=$p15base/tools/pkcs15-tool
|
p15tool=$p15base/tools/pkcs15-tool
|
||||||
p15init=$p15base/tools/pkcs15-init
|
p15init=$p15base/tools/pkcs15-init
|
||||||
|
p15dump=$p15base/tests/p15dump
|
||||||
p11tool=$p15base/tools/pkcs11-tool
|
p11tool=$p15base/tools/pkcs11-tool
|
||||||
p15log=$p15temp/test.log
|
p15log=$p15temp/test.log
|
||||||
|
|
||||||
|
@ -50,6 +51,7 @@ if [ -z "$__p15init__" ]; then
|
||||||
p15crypt="$p15crypt --reader $P15_READER"
|
p15crypt="$p15crypt --reader $P15_READER"
|
||||||
p15tool="$p15tool --reader $P15_READER"
|
p15tool="$p15tool --reader $P15_READER"
|
||||||
p15init="$p15init --reader $P15_READER"
|
p15init="$p15init --reader $P15_READER"
|
||||||
|
p15dump="$p15dump --reader $P15_READER"
|
||||||
osctool="$osctool --reader $P15_READER"
|
osctool="$osctool --reader $P15_READER"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -244,6 +246,28 @@ function p15_set_pin {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function p15_change_pin {
|
||||||
|
|
||||||
|
msg "Changing user PIN ($*)"
|
||||||
|
run_display_output $p15tool \
|
||||||
|
--change-pin \
|
||||||
|
--pin 0000 \
|
||||||
|
--new-pin 2222 \
|
||||||
|
"$@"
|
||||||
|
success
|
||||||
|
}
|
||||||
|
|
||||||
|
function p15_unblock_pin {
|
||||||
|
|
||||||
|
msg "Changing user PIN ($*)"
|
||||||
|
run_display_output $p15tool \
|
||||||
|
--unblock-pin \
|
||||||
|
--puk 111111 \
|
||||||
|
--new-pin 2222 \
|
||||||
|
"$@"
|
||||||
|
success
|
||||||
|
}
|
||||||
|
|
||||||
function p15_gen_key {
|
function p15_gen_key {
|
||||||
|
|
||||||
type=$1
|
type=$1
|
||||||
|
@ -295,6 +319,8 @@ function p15_crypt {
|
||||||
|
|
||||||
function p15_validate {
|
function p15_validate {
|
||||||
|
|
||||||
|
msg "Card contents according to p15dump"
|
||||||
|
run_display_output $p15dump < /dev/null
|
||||||
msg "Validating card using pkcs11-tool"
|
msg "Validating card using pkcs11-tool"
|
||||||
run_display_output $p11tool -t --pin 0000 \
|
run_display_output $p11tool -t --pin 0000 \
|
||||||
--slot-label "OpenSC Test Card" $* < /dev/null
|
--slot-label "OpenSC Test Card" $* < /dev/null
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
|
|
||||||
p15_init --no-so-pin
|
p15_init --no-so-pin
|
||||||
p15_set_pin -a 01
|
p15_set_pin -a 01
|
||||||
p15_gen_key rsa/1024 -a 01 --key-usage sign,decrypt
|
p15_gen_key rsa/1024 -a 01 --split-key --key-usage sign,decrypt
|
||||||
p15_validate
|
p15_validate
|
||||||
p15_erase --secret @01=0000
|
p15_erase --secret @01=0000
|
||||||
|
|
||||||
|
|
|
@ -6,11 +6,11 @@
|
||||||
|
|
||||||
. functions
|
. functions
|
||||||
|
|
||||||
skip_if_card Cryptoflex Cyberflex Multiflex
|
# skip_if_card Cryptoflex Cyberflex Multiflex
|
||||||
|
|
||||||
p15_init --so-pin 999999 --so-puk 88888888
|
p15_init --so-pin 999999 --so-puk 88888888
|
||||||
p15_set_pin -a 27 --so-pin 999999
|
p15_set_pin -a 27 --so-pin 999999
|
||||||
p15_gen_key rsa/1024 -a 27 --so-pin 999999 --key-usage sign,decrypt
|
p15_gen_key rsa/1024 -a 27 --so-pin 999999 --split-key --key-usage sign,decrypt
|
||||||
p15_validate
|
p15_validate
|
||||||
p15_erase --secret @27=0000
|
p15_erase --secret @27=0000
|
||||||
|
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
|
|
||||||
p15_init --no-so-pin
|
p15_init --no-so-pin
|
||||||
p15_set_pin -a 01
|
p15_set_pin -a 01
|
||||||
p15_gen_key rsa/512 -a 01 --key-usage sign,decrypt
|
p15_gen_key rsa/512 -a 01 --split-key --key-usage sign,decrypt
|
||||||
p15_validate
|
p15_validate
|
||||||
p15_erase --secret @01=0000
|
p15_erase --secret @01=0000
|
||||||
|
|
||||||
|
|
|
@ -9,8 +9,8 @@
|
||||||
p15_init --no-so-pin
|
p15_init --no-so-pin
|
||||||
p15_set_pin -a 01
|
p15_set_pin -a 01
|
||||||
p15_set_pin -a 02 --label "User Signature PIN"
|
p15_set_pin -a 02 --label "User Signature PIN"
|
||||||
p15_gen_key rsa/512 -a 01 --key-usage sign,decrypt
|
p15_gen_key rsa/512 -a 01 --split-key --key-usage sign,decrypt
|
||||||
p15_gen_key rsa/512 -a 02 --key-usage nonRepudiation \
|
p15_gen_key rsa/512 -a 02 --split-key --key-usage nonRepudiation \
|
||||||
--id feeb \
|
--id feeb \
|
||||||
--label "Non-Repudiation Key"
|
--label "Non-Repudiation Key"
|
||||||
p15_validate
|
p15_validate
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
|
|
||||||
p15_init --no-so-pin
|
p15_init --no-so-pin
|
||||||
p15_set_pin -a 01
|
p15_set_pin -a 01
|
||||||
p15_store_key test.p12 --format pkcs12 --passphrase "password" -a 01
|
p15_store_key test.p12 --format pkcs12 --passphrase "password" -a 01 --split-key
|
||||||
p15_validate
|
p15_validate
|
||||||
p15_erase --secret @01=0000
|
p15_erase --secret @01=0000
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Test pkcs15-init
|
||||||
|
#
|
||||||
|
# Run this from the regression test directory.
|
||||||
|
|
||||||
|
. functions
|
||||||
|
|
||||||
|
p15_init --profile pkcs15+onepin --so-pin 999999 --so-puk 111111
|
||||||
|
p15_gen_key rsa/1024 -a FF --split-key --key-usage sign,decrypt --pin 999999
|
||||||
|
p15_validate --pin 999999
|
||||||
|
p15_erase
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Test pkcs15-init
|
||||||
|
#
|
||||||
|
# Run this from the regression test directory.
|
||||||
|
|
||||||
|
. functions
|
||||||
|
|
||||||
|
p15_init --no-so-pin
|
||||||
|
p15_set_pin -a 01
|
||||||
|
p15_change_pin -a 01
|
||||||
|
p15_erase --secret @01=2222
|
||||||
|
|
|
@ -0,0 +1,13 @@
|
||||||
|
#!/bin/bash
|
||||||
|
#
|
||||||
|
# Test pkcs15-init
|
||||||
|
#
|
||||||
|
# Run this from the regression test directory.
|
||||||
|
|
||||||
|
. functions
|
||||||
|
|
||||||
|
p15_init --no-so-pin
|
||||||
|
p15_set_pin -a 01
|
||||||
|
p15_unblock_pin -a 01
|
||||||
|
p15_erase --secret @01=2222
|
||||||
|
|
|
@ -19,18 +19,19 @@ while [ $# -gt 0 ]; do
|
||||||
done
|
done
|
||||||
|
|
||||||
if [ -z "$scripts" ]; then
|
if [ -z "$scripts" ]; then
|
||||||
scripts=`ls init* crypt*`
|
scripts=`ls init* crypt* pin*`
|
||||||
fi
|
fi
|
||||||
|
|
||||||
for script in $scripts; do
|
for script in $scripts; do
|
||||||
echo -n "${script}... "
|
echo -n "${script}... "
|
||||||
|
mkdir -p test-data
|
||||||
if ./$script $options >out/$script 2>&1; then
|
if ./$script $options >out/$script 2>&1; then
|
||||||
echo "success"
|
echo "success"
|
||||||
else
|
else
|
||||||
mkdir -p failed
|
mkdir -p failed
|
||||||
failed="failed/$script"
|
failed="failed/$script"
|
||||||
rm -rf $failed
|
|
||||||
mv test-data $failed
|
mv test-data $failed
|
||||||
|
cp out/$script $failed/test.log
|
||||||
echo "fail (test data moved to $failed)"
|
echo "fail (test data moved to $failed)"
|
||||||
if $abort_if_fail; then
|
if $abort_if_fail; then
|
||||||
echo Aborting.
|
echo Aborting.
|
||||||
|
|
Loading…
Reference in New Issue