obj_mgmt.c now uses a 'real' RSA key and not just 123. speed.c checks for CCA token and skips ECB if CCA. tok_des.c compiler warning fixed. misc_func.c smarter random test and now uses AES instead of DES. sess_perf.c now uses AES instead of DES.
Signed-off-by: Harald Freudenberger <[email protected]> --- testcases/misc_tests/obj_mgmt.c | 19 ++++++++++-- testcases/misc_tests/speed.c | 6 ++++ testcases/misc_tests/tok_des.c | 2 +- testcases/pkcs11/misc_func.c | 63 ++++++++++++++++++++++----------------- testcases/pkcs11/sess_perf.c | 25 +++++++++------- 5 files changed, 73 insertions(+), 42 deletions(-) diff --git a/testcases/misc_tests/obj_mgmt.c b/testcases/misc_tests/obj_mgmt.c index 0c17a00..bd67d3b 100644 --- a/testcases/misc_tests/obj_mgmt.c +++ b/testcases/misc_tests/obj_mgmt.c @@ -66,8 +66,23 @@ CK_RV do_CreateSessionObject(void) CK_OBJECT_HANDLE h_key; CK_OBJECT_CLASS key_class = CKO_PUBLIC_KEY; CK_KEY_TYPE key_type = CKK_RSA; - CK_BYTE key_modulus[] = "1234567890987654321"; - CK_BYTE key_exponent[] = "123"; + CK_BYTE key_modulus[] = { 0xa5,0x6e,0x4a,0x0e,0x70,0x10,0x17,0x58, + 0x9a,0x51,0x87,0xdc,0x7e,0xa8,0x41,0xd1, + 0x56,0xf2,0xec,0x0e,0x36,0xad,0x52,0xa4, + 0x4d,0xfe,0xb1,0xe6,0x1f,0x7a,0xd9,0x91, + 0xd8,0xc5,0x10,0x56,0xff,0xed,0xb1,0x62, + 0xb4,0xc0,0xf2,0x83,0xa1,0x2a,0x88,0xa3, + 0x94,0xdf,0xf5,0x26,0xab,0x72,0x91,0xcb, + 0xb3,0x07,0xce,0xab,0xfc,0xe0,0xb1,0xdf, + 0xd5,0xcd,0x95,0x08,0x09,0x6d,0x5b,0x2b, + 0x8b,0x6d,0xf5,0xd6,0x71,0xef,0x63,0x77, + 0xc0,0x92,0x1c,0xb2,0x3c,0x27,0x0a,0x70, + 0xe2,0x59,0x8e,0x6f,0xf8,0x9d,0x19,0xf1, + 0x05,0xac,0xc2,0xd3,0xf0,0xcb,0x35,0xf2, + 0x92,0x80,0xe1,0x38,0x6b,0x6f,0x64,0xc4, + 0xef,0x22,0xe1,0xe1,0xf2,0x0d,0x0c,0xe8, + 0xcf,0xfb,0x22,0x49,0xbd,0x9a,0x21,0x37 }; + CK_BYTE key_exponent[] = { 0x01, 0x00, 0x01 }; CK_ATTRIBUTE key_attribs[] = { {CKA_CLASS, &key_class, sizeof(key_class) }, diff --git a/testcases/misc_tests/speed.c b/testcases/misc_tests/speed.c index 9b404f1..79d63a6 100755 --- a/testcases/misc_tests/speed.c +++ b/testcases/misc_tests/speed.c @@ -489,6 +489,12 @@ int do_DES3_EncrDecr(const char* mode) testcase_begin("DES3 Encrypt with mode=%s datalen=%d\n", mode, BIG_REQUEST); + if (is_cca_token(SLOT_ID) && strcmp(mode, "ECB") == 0) { + testcase_skip("Slot %u doesn't support DES3 ECB En/Decrypt\n", + (unsigned) SLOT_ID); + return TRUE; + } + testcase_rw_session(); testcase_user_login(); diff --git a/testcases/misc_tests/tok_des.c b/testcases/misc_tests/tok_des.c index d0ec221..d477c19 100644 --- a/testcases/misc_tests/tok_des.c +++ b/testcases/misc_tests/tok_des.c @@ -79,7 +79,7 @@ do_VerifyTokenSymKey(CK_SESSION_HANDLE sess, CK_BYTE *label) /* The public exponent is element 0 and modulus is element 1 */ if (tmpl[0].ulValueLen > 256 || tmpl[0].ulValueLen < 8) { - PRINT_ERR("secret key value (%lu) OOB!", tmpl[1].ulValueLen); + PRINT_ERR("secret key value (%lu) OOB!", tmpl[0].ulValueLen); return CKR_FUNCTION_FAILED; } diff --git a/testcases/pkcs11/misc_func.c b/testcases/pkcs11/misc_func.c index e361c29..28e0ca1 100644 --- a/testcases/pkcs11/misc_func.c +++ b/testcases/pkcs11/misc_func.c @@ -14,6 +14,7 @@ #include "pkcs11types.h" #include "regress.h" #include "pkcs32.h" +#include "common.c" #define BAD_USER_PIN "534566346" #define BAD_USER_PIN_LEN strlen(BAD_USER_PIN) @@ -893,7 +894,7 @@ CK_RV do_GenerateRandomData( void ) rc = funcs->C_SeedRandom(h1, rand_seed,sizeof(rand_seed)); - if (rc != CKR_OK){ + if (rc != CKR_OK && rc != CKR_RANDOM_SEED_NOT_SUPPORTED) { show_error(" C_SeedRandom #1",rc); return rc; } @@ -922,18 +923,18 @@ CK_RV do_GenerateRandomData( void ) } -// //1) generate a DES key from a RO, PUBLIC session. should fail -// //2) generate a DES key from a RW, PUBLIC session. should fail -// 3) generate a DES key from a RO, USER session. -// 4) generate a DES key from a RW, USER session. +// //1) generate a AES key from a RO, PUBLIC session. should fail +// //2) generate a AES key from a RW, PUBLIC session. should fail +// 3) generate a AES key from a RO, USER session. +// 4) generate a AES key from a RW, USER session. // -// 5) generate a DES key from a RO, PUBLIC session. specify template for PUBLIC object -// 6) generate a DES key from a RO, PUBLIC session. specify template for PUBLIC object +// 5) generate a AES key from a RO, PUBLIC session. specify template for PUBLIC object +// 6) generate a AES key from a RO, PUBLIC session. specify template for PUBLIC object // -// 7) generate a DES key from a RW, USER session. specify wrong class -// 8) generate a DES key from a RW, USER session. specify right class -// 9) generate a DES key from a RW, USER session. specify wrong key type -// 10) generate a DES key from a RW, USER session. specify right key type +// 7) generate a AES key from a RW, USER session. specify wrong class +// 8) generate a AES key from a RW, USER session. specify right class +// 9) generate a AES key from a RW, USER session. specify wrong key type +// 10) generate a AES key from a RW, USER session. specify right key type // // CK_RV do_GenerateKey( void ) @@ -956,7 +957,7 @@ CK_RV do_GenerateKey( void ) return CKR_FUNCTION_FAILED; user_pin_len = (CK_ULONG)strlen((char *)user_pin); - mech.mechanism = CKM_DES_KEY_GEN; + mech.mechanism = CKM_AES_KEY_GEN; mech.ulParameterLen = 0; mech.pParameter = NULL; @@ -983,7 +984,7 @@ CK_RV do_GenerateKey( void ) // } // // - // // 2) generate a DES key from RW PUBLIC session. this should also fail. + // // 2) generate a AES key from RW PUBLIC session. this should also fail. // // // flags = CKF_SERIAL_SESSION | CKF_RW_SESSION; // rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session ); @@ -1006,7 +1007,7 @@ CK_RV do_GenerateKey( void ) // } - // 3) generate a DES key from RO USER session + // 3) generate a AES key from RO USER session // flags = CKF_SERIAL_SESSION; rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session ); @@ -1034,7 +1035,7 @@ CK_RV do_GenerateKey( void ) } - // 4) generate a DES key from RW USER session + // 4) generate a AES key from RW USER session // flags = CKF_SERIAL_SESSION; rc = funcs->C_OpenSession( slot_id, flags, NULL, NULL, &session ); @@ -1062,7 +1063,7 @@ CK_RV do_GenerateKey( void ) } - // 5) generate a DES key from a RO PUBLIC session. specify a template + // 5) generate a AES key from a RO PUBLIC session. specify a template // to indicate this is a public object // { @@ -1092,7 +1093,7 @@ CK_RV do_GenerateKey( void ) } - // 6) generate a DES key from a RW PUBLIC session. specify a template + // 6) generate a AES key from a RW PUBLIC session. specify a template // to indicate this is a public object // { @@ -1122,7 +1123,7 @@ CK_RV do_GenerateKey( void ) } - // 7) generate a DES key from a RW USER session. specify a template + // 7) generate a AES key from a RW USER session. specify a template // to that specifies the wrong CKA_CLASS // { @@ -1160,7 +1161,7 @@ CK_RV do_GenerateKey( void ) } - // 8) generate a DES key from a RW USER session. specify a template + // 8) generate a AES key from a RW USER session. specify a template // to that specifies the correct CKA_CLASS // { @@ -1197,7 +1198,7 @@ CK_RV do_GenerateKey( void ) } - // 9) generate a DES key from a RW USER session. specify a template + // 9) generate a AES key from a RW USER session. specify a template // to that specifies the wrong CKA_KEY_TYPE // { @@ -1235,11 +1236,11 @@ CK_RV do_GenerateKey( void ) } - // 10) generate a DES key from a RW USER session. specify a template + // 10) generate a AES key from a RW USER session. specify a template // to that specifies the correct CKA_KEY_TYPE // { - CK_KEY_TYPE keytype = CKK_DES; + CK_KEY_TYPE keytype = CKK_AES; CK_ATTRIBUTE tmpl[] = { {CKA_KEY_TYPE, &keytype, sizeof(keytype) } @@ -1367,24 +1368,30 @@ do_ExtractableSensitiveTest() mech.ulParameterLen = 0; mech.pParameter = NULL; - rc |= test_ExtractableAndSensitive(session, &mech, sens_tmpl, 1, "Sensitive DES key"); - rc |= test_ExtractableAndSensitive(session, &mech, ext_tmpl, 1, "Extractable DES key"); + if (mech_supported(slot_id, mech.mechanism)){ + rc |= test_ExtractableAndSensitive(session, &mech, sens_tmpl, 1, "Sensitive DES key"); + rc |= test_ExtractableAndSensitive(session, &mech, ext_tmpl, 1, "Extractable DES key"); + } /* TEST 2: 3DES key */ mech.mechanism = CKM_DES3_KEY_GEN; mech.ulParameterLen = 0; mech.pParameter = NULL; - rc |= test_ExtractableAndSensitive(session, &mech, sens_tmpl, 1, "Sensitive 3DES key"); - rc |= test_ExtractableAndSensitive(session, &mech, ext_tmpl, 1, "Extractable 3DES key"); + if (mech_supported(slot_id, mech.mechanism)){ + rc |= test_ExtractableAndSensitive(session, &mech, sens_tmpl, 1, "Sensitive 3DES key"); + rc |= test_ExtractableAndSensitive(session, &mech, ext_tmpl, 1, "Extractable 3DES key"); + } /* TEST 3: SSLv3 key */ mech.mechanism = CKM_SSL3_PRE_MASTER_KEY_GEN; mech.ulParameterLen = sizeof(CK_VERSION); mech.pParameter = &version; - rc |= test_ExtractableAndSensitive(session, &mech, sens_tmpl, 1, "Sensitive SSLv3 key"); - rc |= test_ExtractableAndSensitive(session, &mech, ext_tmpl, 1, "Extractable SSLv3 key"); + if (mech_supported(slot_id, mech.mechanism)){ + rc |= test_ExtractableAndSensitive(session, &mech, sens_tmpl, 1, "Sensitive SSLv3 key"); + rc |= test_ExtractableAndSensitive(session, &mech, ext_tmpl, 1, "Extractable SSLv3 key"); + } /* TEST 4: AES 128 key */ mech.mechanism = CKM_AES_KEY_GEN; diff --git a/testcases/pkcs11/sess_perf.c b/testcases/pkcs11/sess_perf.c index 930de21..db0e2e1 100644 --- a/testcases/pkcs11/sess_perf.c +++ b/testcases/pkcs11/sess_perf.c @@ -53,7 +53,9 @@ int create_des_encrypt_context(CK_SESSION_HANDLE_PTR hsess, CK_OBJECT_HANDLE_PTR CK_SLOT_ID slot_id; CK_FLAGS flags; CK_RV rc; - CK_MECHANISM mech; + CK_MECHANISM mech; + CK_ULONG key_len = 16; + CK_ATTRIBUTE tkey = {CKA_VALUE_LEN, &key_len, sizeof(CK_ULONG)}; /* create session */ slot_id = SLOT_ID; @@ -66,20 +68,20 @@ int create_des_encrypt_context(CK_SESSION_HANDLE_PTR hsess, CK_OBJECT_HANDLE_PTR } /* generate key in this specific session */ - mech.mechanism = CKM_DES_KEY_GEN; + mech.mechanism = CKM_AES_KEY_GEN; mech.ulParameterLen = 0; mech.pParameter = NULL; - rc = funcs->C_GenerateKey(*hsess, &mech, NULL, 0, hkey); + rc = funcs->C_GenerateKey(*hsess, &mech, &tkey, 1, hkey); if (rc != CKR_OK) { show_error(" C_GenerateKey #1", rc); return FALSE; } /* Get Random for Initialization Vector */ - mech.mechanism = CKM_DES_CBC; - mech.ulParameterLen = 8; - mech.pParameter = "12345678"; + mech.mechanism = CKM_AES_CBC; + mech.ulParameterLen = 16; + mech.pParameter = "1234567890123456"; /* Create encryption context using this session and key */ rc = funcs->C_EncryptInit(*hsess, &mech, *hkey); @@ -91,10 +93,11 @@ int create_des_encrypt_context(CK_SESSION_HANDLE_PTR hsess, CK_OBJECT_HANDLE_PTR return TRUE; } -int encrypt_DATA(CK_SESSION_HANDLE hsess, CK_OBJECT_HANDLE hkey, CK_ULONG blocklen) { +int encrypt_DATA(CK_SESSION_HANDLE hsess, CK_OBJECT_HANDLE hkey, CK_ULONG blocklen) +{ CK_RV rc; - CK_ULONG outlen = 8; - unsigned long int i; + CK_ULONG outlen = 16; + unsigned long int i; for (i = 0; i < DATALEN; i+=outlen) { rc = funcs->C_EncryptUpdate(hsess, (CK_BYTE_PTR)(DATA + i) , blocklen, @@ -175,14 +178,14 @@ int do_SessionPerformance(unsigned int count) /* Time encrypt operation in the first and last session */ GetSystemTime(&t1); - rc = encrypt_DATA(t[0].hsess, t[0].hkey, 8); + rc = encrypt_DATA(t[0].hsess, t[0].hkey, 16); if (rc == FALSE) { show_error(" encrypt_DATA #1", (CK_RV)0); return FALSE; } - rc = encrypt_DATA(t[count - 1].hsess, t[count - 1].hkey, 8); + rc = encrypt_DATA(t[count - 1].hsess, t[count - 1].hkey, 16); if (rc == FALSE) { show_error(" encrypt_DATA #2", (CK_RV)0); return FALSE; -- 1.7.9.5 ------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/ _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
