From e683c531f6b5797c76ec8a50c738803e0adb67d6 Mon Sep 17 00:00:00 2001 From: Jakub Jelen Date: Wed, 30 Jun 2021 16:22:28 +0200 Subject: [PATCH] Migrate some tests to Github Actions This ads also retention json files with results from p11test to make sure we are not introducing regressions for existing cards. --- .github/build.sh | 38 + .github/push_artifacts.sh | 3 +- .github/setup-linux.sh | 17 + .github/setup-macos.sh | 32 + .github/test-cac.sh | 52 + .github/test-oseid.sh | 51 + .github/workflows/linux.yml | 82 ++ .github/workflows/macos.yml | 39 + src/tests/p11test/virt_cacard_ref.json | 1791 ++++++++++++++++++++++++ 9 files changed, 2104 insertions(+), 1 deletion(-) create mode 100755 .github/build.sh create mode 100755 .github/setup-linux.sh create mode 100755 .github/setup-macos.sh create mode 100755 .github/test-cac.sh create mode 100755 .github/test-oseid.sh create mode 100644 .github/workflows/linux.yml create mode 100644 .github/workflows/macos.yml create mode 100644 src/tests/p11test/virt_cacard_ref.json diff --git a/.github/build.sh b/.github/build.sh new file mode 100755 index 00000000..b4240981 --- /dev/null +++ b/.github/build.sh @@ -0,0 +1,38 @@ +#!/bin/bash -e + +export PKG_CONFIG_PATH=/usr/local/lib/pkgconfig; + +if [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then + PR_NUMBER=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }') + if [ "$GITHUB_BASE_REF" == "master" ]; then + ./bootstrap.ci -s "-pr$PR_NUMBER" + else + ./bootstrap.ci -s "$GITHUB_BASE_REF-pr$PR_NUMBER" + fi +else + BRANCH=$(echo $GITHUB_REF | awk 'BEGIN { FS = "/" } ; { print $3 }') + if [ "$BRANCH" == "master" ]; then + ./bootstrap + else + ./bootstrap.ci -s "$BRANCH" + fi +fi + +if [ "$RUNNER_OS" == "macOS" ]; then + ./MacOSX/build + exit $? +fi + +# normal procedure +./configure --disable-dependency-tracking + +make -j 2 + +make check + +# this is broken in old ubuntu +if [ "$1" == "dist" ]; then + make distcheck +fi + +sudo make install diff --git a/.github/push_artifacts.sh b/.github/push_artifacts.sh index 904b0c34..10491f9d 100755 --- a/.github/push_artifacts.sh +++ b/.github/push_artifacts.sh @@ -6,7 +6,7 @@ BUILDPATH=${PWD} BRANCH="`git log --max-count=1 --date=short --abbrev=8 --pretty=format:"%cd_%h"`" git clone --single-branch https://${GH_TOKEN}@github.com/OpenSC/Nightly.git > /dev/null 2>&1 -cd Nightly +pushd Nightly git checkout -b "${BRANCH}" for file in ${BUILDPATH}/win32/Output/OpenSC*.exe ${BUILDPATH}/opensc*.tar.gz ${BUILDPATH}/OpenSC*.dmg ${BUILDPATH}/OpenSC*.msi ${BUILDPATH}/OpenSC*.zip @@ -33,3 +33,4 @@ do git pull --rebase origin --strategy-option ours "${BRANCH}" i=$(( $i + 1 )) done +popd diff --git a/.github/setup-linux.sh b/.github/setup-linux.sh new file mode 100755 index 00000000..49e0f20b --- /dev/null +++ b/.github/setup-linux.sh @@ -0,0 +1,17 @@ +#!/bin/bash -e + +DEPS="docbook-xsl libpcsclite-dev xsltproc gengetopt libcmocka-dev help2man pcscd check clang-tidy softhsm2 pcsc-tools libtool make autoconf autoconf-archive automake libssl-dev zlib1g-dev pkg-config libreadline-dev openssl git" +if [ "$1" == "cac" ]; then + DEPS="$DEPS libglib2.0-dev libnss3-dev gnutls-bin libusb-dev libudev-dev flex libnss3-tools" +elif [ "$1" == "oseid" ]; then + DEPS="$DEPS socat gawk xxd" +elif [ "$1" == "piv"]; then + DEPS="$DEPS ant cmake" +elif [ "$1" == "mingw" ]; then + DEPS="$DEPS wine binutils-mingw-w64-i686 binutils-mingw-w64-x86-64 gcc-mingw-w64-i686 gcc-mingw-w64-x86-64 mingw-w64" +fi + +# make sure we do not get prompts +export DEBIAN_FRONTEND=noninteractive +sudo apt-get update +sudo apt-get install -y build-essential $DEPS diff --git a/.github/setup-macos.sh b/.github/setup-macos.sh new file mode 100755 index 00000000..c2a3ddc3 --- /dev/null +++ b/.github/setup-macos.sh @@ -0,0 +1,32 @@ +#!/bin/bash + +brew install automake + +# gengetopt +curl https://ftp.gnu.org/gnu/gengetopt/gengetopt-2.23.tar.xz -L --output gengetopt-2.23.tar.xz +tar xfj gengetopt-2.23.tar.xz +pushd gengetopt-2.23 +./configure && make +sudo make install +popd + +# help2man +curl https://ftp.gnu.org/gnu/help2man/help2man-1.47.16.tar.xz -L --output help2man-1.47.16.tar.xz +tar xjf help2man-1.47.16.tar.xz +pushd help2man-1.47.16 +./configure && make +sudo make install +popd + +# openSCToken +export PATH="/usr/local/opt/ccache/libexec:$PATH" +git clone https://github.com/frankmorgner/OpenSCToken.git +sudo rm -rf /Library/Developer/CommandLineTools; + +# TODO make the encrypted key working in github +if [ "$GITHUB_EVENT_NAME" == "pull_request" -a -n "$encrypted_3b9f0b9d36d1_key" ]; then + openssl aes-256-cbc -K $encrypted_3b9f0b9d36d1_key -iv $encrypted_3b9f0b9d36d1_iv -in .github/secrets.tar.enc -out .github/secrets.tar -d; + .github/add_signing_key.sh; +else + unset CODE_SIGN_IDENTITY INSTALLER_SIGN_IDENTITY; +fi diff --git a/.github/test-cac.sh b/.github/test-cac.sh new file mode 100755 index 00000000..770b6167 --- /dev/null +++ b/.github/test-cac.sh @@ -0,0 +1,52 @@ +#!/bin/bash -e + +# install the opensc +sudo make install +export LD_LIBRARY_PATH=/usr/local/lib + +# VSmartcard +if [ ! -d "vsmartcard" ]; then + git clone https://github.com/frankmorgner/vsmartcard.git +fi +pushd vsmartcard/virtualsmartcard +autoreconf -vis && ./configure && make -j2 && sudo make install +popd + +# libcacard +if [ ! -d "libcacard" ]; then + git clone https://gitlab.freedesktop.org/spice/libcacard.git +fi +pushd libcacard +./autogen.sh --prefix=/usr && make -j2 && sudo make install +popd + +# virt_cacard +if [ ! -d "virt_cacard" ]; then + git clone https://github.com/Jakuje/virt_cacard.git +fi +pushd virt_cacard +./autogen.sh && ./configure && make +popd + +sudo /etc/init.d/pcscd restart + +pushd src/tests/p11test/ +./p11test -s 0 -p 12345678 -i -o virt_cacard.json & +sleep 5 +popd + +# virt_cacard startup +pushd virt_cacard +./setup-softhsm2.sh +export SOFTHSM2_CONF=$PWD/softhsm2.conf +./virt_cacard & +wait $(ps aux | grep '[p]11test'| awk '{print $2}') +kill -9 $(ps aux | grep '[v]irt_cacard'| awk '{print $2}') +popd + +# cleanup -- this would break later uses of pcscd +pushd vsmartcard/virtualsmartcard +sudo make uninstall +popd + +diff -u3 src/tests/p11test/virt_cacard{_ref,}.json diff --git a/.github/test-oseid.sh b/.github/test-oseid.sh new file mode 100755 index 00000000..e17767bf --- /dev/null +++ b/.github/test-oseid.sh @@ -0,0 +1,51 @@ +#!/bin/bash -e + +# install the opensc +sudo make install +export LD_LIBRARY_PATH=/usr/local/lib + +if [ ! -d oseid ]; then + git clone https://github.com/popovec/oseid +fi +pushd oseid/src/ +make -f Makefile.console +if [ ! -d tmp ]; then + mkdir tmp +fi +socat -d -d pty,link=tmp/OsEIDsim.socket,raw,echo=0 "exec:build/console/console ...,pty,raw,echo=0" & +PID=$! +sleep 1 +echo "# OsEIDsim" > tmp/reader.conf +echo 'FRIENDLYNAME "OsEIDsim"' >> tmp/reader.conf +echo "DEVICENAME $PWD/tmp/OsEIDsim.socket" >> tmp/reader.conf +echo "LIBPATH $PWD/build/console/libOsEIDsim.so.0.0.1" >> tmp/reader.conf +echo "CHANNELID 1" >> tmp/reader.conf +sudo mv tmp/reader.conf /etc/reader.conf.d/reader.conf +cat /etc/reader.conf.d/reader.conf +popd + +sudo /etc/init.d/pcscd restart + +pushd oseid/tools +echo | ./OsEID-tool INIT +./OsEID-tool RSA-CREATE-KEYS +./OsEID-tool RSA-UPLOAD-KEYS +./OsEID-tool RSA-DECRYPT-TEST +./OsEID-tool RSA-SIGN-PKCS11-TEST +./OsEID-tool EC-CREATE-KEYS +./OsEID-tool EC-UPLOAD-KEYS +./OsEID-tool EC-SIGN-TEST +./OsEID-tool EC-SIGN-PKCS11-TEST +./OsEID-tool EC-ECDH-TEST +popd + +# this does not work as we have random key IDs in here +#pushd src/tests/p11test/ +#./p11test -s 0 -p 11111111 -o oseid.json || true +#diff -u3 oseid_ref.json oseid.json +#popd + +# cleanup -- this would break later uses of pcscd +kill -9 $PID +rm oseid/src/card_mem +sudo rm /etc/reader.conf.d/reader.conf diff --git a/.github/workflows/linux.yml b/.github/workflows/linux.yml new file mode 100644 index 00000000..69dbff0a --- /dev/null +++ b/.github/workflows/linux.yml @@ -0,0 +1,82 @@ +name: Linux + +on: + pull_request: + paths: + - '**.c' + - '**.h' + push: + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - run: .github/setup-linux.sh + - run: .github/build.sh dist + - uses: actions/cache@v2 + id: cache-build + with: + path: ./* + key: ${{ runner.os }}-${{ github.sha }} + + build-ubuntu-18: + runs-on: ubuntu-18.04 + steps: + - uses: actions/checkout@v2 + - run: .github/setup-linux.sh + - run: .github/build.sh + +# test-piv: +# runs-on: ubuntu-latest +# needs: [build] +# steps: +# - uses: actions/checkout@v2 +# - uses: actions/cache@v2 +# id: cache-build +# with: +# path: ./* +# key: ${{ runner.os }}-${{ github.sha }} +# - run: .github/setup-linux.sh piv +# - run: .github/test-piv.sh + + test-cac: + runs-on: ubuntu-latest + needs: [build] + steps: + - uses: actions/checkout@v2 + - uses: actions/cache@v2 + id: cache-build + with: + path: ./* + key: ${{ runner.os }}-${{ github.sha }} + - run: .github/setup-linux.sh cac + - run: .github/test-cac.sh + + test-oseid: + runs-on: ubuntu-latest + needs: [build] + steps: + - uses: actions/checkout@v2 + - uses: actions/cache@v2 + id: cache-build + with: + path: ./* + key: ${{ runner.os }}-${{ github.sha }} + - run: .github/setup-linux.sh oseid + - run: .github/test-oseid.sh + + push-artifacts: + runs-on: ubuntu-latest + needs: [test-cac, test-oseid] + steps: + - uses: actions/checkout@v2 + - uses: actions/cache@v2 + id: cache-build + with: + path: ./* + key: ${{ runner.os }}-${{ github.sha }} + - run: git config --global user.email "builds@github.com" + - run: git config --global user.name "Github Actions"; + - run: cd out && .github/push_artifacts.sh "Github Actions ${GITHUB_REF}" + if: ${{ github.event_name != 'pull_request' && github.repository == 'OpenSC/OpenSC' }} diff --git a/.github/workflows/macos.yml b/.github/workflows/macos.yml new file mode 100644 index 00000000..27e1914f --- /dev/null +++ b/.github/workflows/macos.yml @@ -0,0 +1,39 @@ +name: OSX + +on: + pull_request: + paths: + - '**.c' + - '**.h' + push: + +jobs: + build: + runs-on: macos-latest + steps: + - uses: actions/checkout@v2 + - run: .github/setup-macos.sh + - run: .github/build.sh + - name: Cache build artifacts + uses: actions/upload-artifact@v2 + with: + name: opensc-build-macos + path: + OpenSC*.dmg + + push-artifacts: + runs-on: macos-latest + needs: [build] + steps: + - uses: actions/checkout@v2 + - name: Pull build artifacts + uses: actions/download-artifact@v2 + with: + name: opensc-build-macos + - run: git config --global user.email "builds@github.com" + - run: git config --global user.name "Github Actions"; + - run: echo .github/push_artifacts.sh "Github Actions ${GITHUB_REF}" + if: ${{ github.event_name != 'pull_request' && github.repository == 'OpenSC/OpenSC' }} +# TODO this fails probably because the key is not loaded in keychain before with +# security: SecKeychainDelete: The specified keychain could not be found. +# - run: .github/remove_signing_key.sh; rm -f .github/secrets.tar diff --git a/src/tests/p11test/virt_cacard_ref.json b/src/tests/p11test/virt_cacard_ref.json new file mode 100644 index 00000000..6c6912d2 --- /dev/null +++ b/src/tests/p11test/virt_cacard_ref.json @@ -0,0 +1,1791 @@ +{ +"time": 0, +"results": [ +{ + "test_id": "wait_test", + "result": "pass" +}, +{ + "test_id": "supported_mechanisms_test", + "data": [ + [ + "MECHANISM", + "MIN KEY", + "MAX KEY", + "FLAGS" + ], + [ + "SHA_1", + "0", + "0", + "CKF_DIGEST" + ], + [ + "SHA224", + "0", + "0", + "CKF_DIGEST" + ], + [ + "SHA256", + "0", + "0", + "CKF_DIGEST" + ], + [ + "SHA384", + "0", + "0", + "CKF_DIGEST" + ], + [ + "SHA512", + "0", + "0", + "CKF_DIGEST" + ], + [ + "MD5", + "0", + "0", + "CKF_DIGEST" + ], + [ + "RIPEMD160", + "0", + "0", + "CKF_DIGEST" + ], + [ + "GOSTR3411", + "0", + "0", + "CKF_DIGEST" + ], + [ + "RSA_X_509", + "1024", + "3072", + "0x00002A01" + ], + [ + "RSA_PKCS", + "1024", + "3072", + "0x00002A01" + ], + [ + "SHA1_RSA_PKCS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA224_RSA_PKCS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA256_RSA_PKCS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA384_RSA_PKCS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA512_RSA_PKCS", + "1024", + "3072", + "0x00002800" + ], + [ + "MD5_RSA_PKCS", + "1024", + "3072", + "0x00002800" + ], + [ + "RIPEMD160_RSA_PKCS", + "1024", + "3072", + "0x00002800" + ], + [ + "RSA_PKCS_PSS", + "1024", + "3072", + "0x00002801" + ], + [ + "SHA1_RSA_PKCS_PSS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA224_RSA_PKCS_PSS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA256_RSA_PKCS_PSS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA384_RSA_PKCS_PSS", + "1024", + "3072", + "0x00002800" + ], + [ + "SHA512_RSA_PKCS_PSS", + "1024", + "3072", + "0x00002800" + ]], + "result": "pass" +}, +{ + "test_id": "interface_test", + "result": "pass" +}, +{ + "test_id": "readonly_tests", + "data": [ + [ + "KEY ID", + "MECHANISM", + "SIGN&VERIFY WORKS", + "ENCRYPT&DECRYPT WORKS" + ], + [ + "00:01", + "RSA_X_509", + "YES", + "YES" + ], + [ + "00:01", + "RSA_PKCS", + "YES", + "YES" + ], + [ + "00:01", + "SHA1_RSA_PKCS", + "YES", + "" + ], + [ + "00:01", + "SHA224_RSA_PKCS", + "YES", + "" + ], + [ + "00:01", + "SHA256_RSA_PKCS", + "YES", + "" + ], + [ + "00:01", + "SHA384_RSA_PKCS", + "YES", + "" + ], + [ + "00:01", + "SHA512_RSA_PKCS", + "YES", + "" + ], + [ + "00:01", + "MD5_RSA_PKCS", + "YES", + "" + ], + [ + "00:01", + "RIPEMD160_RSA_PKCS", + "YES", + "" + ], + [ + "00:02", + "RSA_X_509", + "YES", + "YES" + ], + [ + "00:02", + "RSA_PKCS", + "YES", + "YES" + ], + [ + "00:02", + "SHA1_RSA_PKCS", + "YES", + "" + ], + [ + "00:02", + "SHA224_RSA_PKCS", + "YES", + "" + ], + [ + "00:02", + "SHA256_RSA_PKCS", + "YES", + "" + ], + [ + "00:02", + "SHA384_RSA_PKCS", + "YES", + "" + ], + [ + "00:02", + "SHA512_RSA_PKCS", + "YES", + "" + ], + [ + "00:02", + "MD5_RSA_PKCS", + "YES", + "" + ], + [ + "00:02", + "RIPEMD160_RSA_PKCS", + "YES", + "" + ], + [ + "00:03", + "RSA_X_509", + "YES", + "YES" + ], + [ + "00:03", + "RSA_PKCS", + "YES", + "YES" + ], + [ + "00:03", + "SHA1_RSA_PKCS", + "YES", + "" + ], + [ + "00:03", + "SHA224_RSA_PKCS", + "YES", + "" + ], + [ + "00:03", + "SHA256_RSA_PKCS", + "YES", + "" + ], + [ + "00:03", + "SHA384_RSA_PKCS", + "YES", + "" + ], + [ + "00:03", + "SHA512_RSA_PKCS", + "YES", + "" + ], + [ + "00:03", + "MD5_RSA_PKCS", + "YES", + "" + ], + [ + "00:03", + "RIPEMD160_RSA_PKCS", + "YES", + "" + ]], + "result": "pass" +}, +{ + "test_id": "multipart_tests", + "data": [ + [ + "KEY ID", + "MECHANISM", + "MULTIPART SIGN&VERIFY WORKS" + ], + [ + "00:01", + "RSA_X_509", + "YES" + ], + [ + "00:01", + "RSA_PKCS", + "YES" + ], + [ + "00:01", + "SHA1_RSA_PKCS", + "YES" + ], + [ + "00:01", + "SHA224_RSA_PKCS", + "YES" + ], + [ + "00:01", + "SHA256_RSA_PKCS", + "YES" + ], + [ + "00:01", + "SHA384_RSA_PKCS", + "YES" + ], + [ + "00:01", + "SHA512_RSA_PKCS", + "YES" + ], + [ + "00:01", + "MD5_RSA_PKCS", + "YES" + ], + [ + "00:01", + "RIPEMD160_RSA_PKCS", + "YES" + ], + [ + "00:02", + "RSA_X_509", + "YES" + ], + [ + "00:02", + "RSA_PKCS", + "YES" + ], + [ + "00:02", + "SHA1_RSA_PKCS", + "YES" + ], + [ + "00:02", + "SHA224_RSA_PKCS", + "YES" + ], + [ + "00:02", + "SHA256_RSA_PKCS", + "YES" + ], + [ + "00:02", + "SHA384_RSA_PKCS", + "YES" + ], + [ + "00:02", + "SHA512_RSA_PKCS", + "YES" + ], + [ + "00:02", + "MD5_RSA_PKCS", + "YES" + ], + [ + "00:02", + "RIPEMD160_RSA_PKCS", + "YES" + ], + [ + "00:03", + "RSA_X_509", + "YES" + ], + [ + "00:03", + "RSA_PKCS", + "YES" + ], + [ + "00:03", + "SHA1_RSA_PKCS", + "YES" + ], + [ + "00:03", + "SHA224_RSA_PKCS", + "YES" + ], + [ + "00:03", + "SHA256_RSA_PKCS", + "YES" + ], + [ + "00:03", + "SHA384_RSA_PKCS", + "YES" + ], + [ + "00:03", + "SHA512_RSA_PKCS", + "YES" + ], + [ + "00:03", + "MD5_RSA_PKCS", + "YES" + ], + [ + "00:03", + "RIPEMD160_RSA_PKCS", + "YES" + ]], + "result": "pass" +}, +{ + "test_id": "ec_sign_size_test", + "result": "skip" +}, +{ + "test_id": "usage_test", + "data": [ + [ + "KEY ID", + "LABEL", + "TYPE", + "BITS", + "VERIFY PUBKEY", + "SIGN", + "VERIFY", + "ENCRYPT", + "DECRYPT", + "WRAP", + "UNWRAP", + "DERIVE PUBLIC", + "DERIVE PRIVATE", + "ALWAYS AUTH" + ], + [ + "00:01", + "CAC ID Certificate", + "RSA", + "2048", + "YES", + "YES", + "YES", + "YES", + "YES", + "", + "", + "", + "", + "" + ], + [ + "00:02", + "CAC Email Signature Certificate", + "RSA", + "2048", + "YES", + "YES", + "YES", + "YES", + "YES", + "", + "", + "", + "", + "" + ], + [ + "00:03", + "CAC Email Encryption Certificate", + "RSA", + "2048", + "YES", + "YES", + "YES", + "YES", + "YES", + "", + "", + "", + "", + "" + ]], + "result": "pass" +}, +{ + "test_id": "pss_oaep_test", + "data": [ + [ + "KEY ID", + "MECHANISM", + "HASH", + "MGF", + "SALT", + "SIGN&VERIFY WORKS", + "ENCRYPT&DECRYPT WORKS" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:01", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:02", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA224", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA1_RSA_PKCS_PSS", + "SHA_1", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA256_RSA_PKCS_PSS", + "SHA256", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA384_RSA_PKCS_PSS", + "SHA384", + "MGF1_SHA512", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA_1", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA224", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA256", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA384", + "-1", + "YES", + "" + ], + [ + "00:03", + "SHA512_RSA_PKCS_PSS", + "SHA512", + "MGF1_SHA512", + "-1", + "YES", + "" + ]], + "result": "pass" +}, +{ + "test_id": "derive_tests", + "data": [ + [ + "KEY ID", + "MECHANISM", + "DERIVE WORKS" + ]], + "result": "pass" +}] +}