giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
OpenSC fork, with some Italian healthcare smart card utils
6,938 Commits 1 Branch 30 Tags 20 MiB
C 95.9%
M4 1.2%
Shell 1.1%
Makefile 0.8%
C++ 0.5%
Other 0.5%
Go to file
Jakub Jelen 9858d05589 PKCS#11 testsuite (#1224) 
* Initial version of pkcs11 testsuite

* Refactor test cases to several files, clean up awful and unused stuff

* Static mechanism list based on the actual token offer

* Get rid of magic numbers

* Documentation

* License update based on the original project

* Verbose readme

* Cleanup unused code, long lines and method order

* Typo; More verbose errors

* Use fallback mechanisms

* Refactor object allocation and certificate search

* PKCS11SPY mentioned, more TODO

* add SHA mechanisms

* Do not try to Finalize already finalized cryptoki

* Add more flags and mechanisms

* Do not list table for no results

* Logical order of the tests (regression last)

* read ALWAYS_AUTHENTICATE from correct place

* ALWAYS_AUTHENTICATE for decryption

* Test EC key length signature based on the actual key length

* Shorten CKM_ list output, add keygen types detection

* Skip decrypting on non-supported mechanisms

* Fail hard if the C_Login fails

* Reorganize local FLAGS_ constants

* Test RSA Digest mechanisms

* Correct mechanisms naming, typos

* Do not attempt to do signature using empty keys

* CKM_ECDSA_SHA1 support

* Correct type cast when getting attributes

* Report failures from all mechanisms

* Standardize return values, eliminate complete fails, documentation interface

* Wait for slot event test

* Add switch to allow interaction with a card (WaitForSlotEvent)

* At least try to verify using C_Verify, if it fails, fall back to openssl

* Get rid of function_pointers

* Get rid of additional newline

* Share always_authenticate() function between the test cases

* Refactor Encrypt&decrypt test to functions

* Do not overwrite bits if they are not provided by CKA, indentation

* Cleanup and Break to more functions Sign&Verify test

* CKM_RSA_X_509 sign and verify with openssl padding

* More TODO's

* Proper abstracted padding with RSA_X_509 mechanism

* Add ongoing tasks from different TODO list

* Update instructions. Another todo

* Variables naming

* Increase mechanism list size, use different static buffers for flags and mechanism names

* nonstandard mechanism CKM_SHA224_RSA_PKCS supported by some softotkens

* Get rid of loop initial declarations

* Loop initial declaration, typos, strict warnings

* Move the p11test to the new folder to avoid problems with dynamically linked opensc.so

* Update path in README

* Possibility to validate the testsuite agains software tokens

* Add possibility to select slot ID on command-line (when there are more cards present)

* Clean up readme to reflect current options and TODOs

* Do not attempt to use keys without advertised sign&verify bits to avoid false positives

* Get and present more object attributes in readonly test; refactor table

* New test checking if the set of attributes (usage flags) is reasonable

* Test multipart signatures. There is not reasonable mechanism supporting multipart encryption

* Use PKCS#11 encryption if possible (with openssl fallback)

* Identify few more mechanisms (PSS) in the lest

* Resize table to fit new mechanisms

* Remove initial loop declaration from multipart test

* Use pkcs11-tool instead of p11tool form most of the operations (master have most of the features)

* Preparation for machine readable results

* Refactor log variables out of the main context, try to export generic data

* Do not write to non-existing FD if not logging

* Export missing data into the log file in JSON

* Store database in json

* Sanity check

* Avoid uninitialized structure fields using in state structure

* Dump always_authenticate attribute too

* Manual selection of slots with possibility to use slots without tokens

* Do not free before finalizing

* Proper cleanup of message in all cases

* Proper allocation and deallocation of messages

* Sanitize missing cases (memory leaks)

* Suppressions for testing under valgrind

* Better handling message_lengt during sign&verify (avoid invalid access)

* Suppress another PCSC error

* Do not use default PIN. Fail if none specified

* Sanitize initialization. Skip incomplete key pairs

* Add missing newline in errors

* Fix condition for certificate search

* Avoid several calls for attributes of zero length

* Handle if the private key is not present on the card

* Improve memory handling, silent GCC warning of 'unused' variable

* Fail early with missing private key, cleanup the messages

* Use correct padding for encryption

* Cache if the card supports Verify/Encrypt and avoid trying over and over again

* Loosen the condition for the Usage flags

* OpenSSL 1.1.0 compatibility

* Add missing mechanisms

* Do not require certificates on the card and pass valid data for RSA_PKCS mechanisms

* Add missing PIN argument in runtest.sh

* Add OpenSSL < 1.1 comatible bits

* Add SHA2 ECDSA mechanisms handling

* Use public key from PKCS#11 if the certificate is missing (or compare it with certificate)

* Avoid long definitions in OpenSSL compat layer

* In older OpenSSL, the header file is ecdsa.h

* Add missing config.h to apply compat OpenSSL layer

* ASN1_STRING_get0_data() is also new in 1.1.0

* Return back RSA_X_509 mechanism

* Drop bogus CKM_* in the definitions

* Drop CKM_SHA224_RSA_PKCS as it is already in pkcs11.h

* Update documentation

* Use NDEBUG as intended

* typos, cleanup

* Typos, cleanup, update copyright

* Additional check for OpenCryptoki, generate more key types on soft tokens

* Prepare for RSA-PSS and RSA-OAEP

* Use usage&result flags for the tests, gracefully ignore PSS&OAEP

* pkcs11.h: Add missing definitions for PSS

* PSS and OAEP tests

readonly: Typos, reformat

* Working version, memory leak

* Tweak message lengths for OAEP and PSS

* Skip tests that are not aplicable for tokens

* configure.ac: New switch --enable-tests

Do not attempt to build tests if cmocka is not available or
--enable-tests is provided. It makes also more lightweight release
builds out of the box (or with --disable-tests).

* travis: Install cmocka if not available

* Do not build tests on Windows and make dist pass

* Try to install cmocka from apt and from brew

* Do not require sudo (cmocka from apt and brew works)
 		2018-05-18 12:31:55 +02:00
.github Slightly adjust pull request template 2018-04-24 12:31:48 +02:00
MacOSX macOS: disable notifications only in PKCS#11 module 2018-04-27 23:16:14 +02:00
doc manuals: added missing "Authors" section 2018-05-16 13:43:25 +02:00
etc fix typos 2018-04-15 09:34:45 +02:00
m4 opensc-notify: notify for card events 2017-08-02 19:04:09 +02:00
packaging/debian.templates fix LGPL version 2013-09-29 20:55:41 +02:00
solaris fix typos 2018-04-15 09:34:45 +02:00
src PKCS#11 testsuite (#1224) 2018-05-18 12:31:55 +02:00
win32 PKCS#11 testsuite (#1224) 2018-05-18 12:31:55 +02:00
.gitignore PKCS#11 testsuite (#1224) 2018-05-18 12:31:55 +02:00
.travis.yml PKCS#11 testsuite (#1224) 2018-05-18 12:31:55 +02:00
COPYING - changed license to LGPL 2001-11-06 18:34:19 +00:00
Makefile.am build: bootstrap script has expected content 2014-05-11 09:15:27 +02:00
Makefile.mak fixed and cleaned up nmake Makefiles 2016-06-23 07:35:53 +02:00
NEWS Updated NEWS for 0.18.0 2018-05-16 13:48:37 +02:00
README link README to README.md 2015-11-02 23:54:36 +01:00
README.md include branch in CI links 2017-10-30 21:14:52 +01:00
appveyor.yml Updated NEWS for 0.18.0 2018-05-16 13:48:37 +02:00
bootstrap build: bootstrap script has expected content 2014-05-11 09:15:27 +02:00
bootstrap.ci tools: print package revision 2016-03-04 14:16:06 +01:00
configure.ac PKCS#11 testsuite (#1224) 2018-05-18 12:31:55 +02:00
version.m4 tools: print package revision 2016-03-04 14:16:06 +01:00

README.md

OpenSC documentation

Wiki is available online

Please take a look at the documentation before trying to use OpenSC.

Travis CI Build Status AppVeyor CI Build Status Coverity Scan Status