summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2008-12-06 15:25:46 +0000
committerStef Walter <stef@memberwebs.com>2008-12-06 15:25:46 +0000
commit3a09c5c75038efe0e0c55b73dd234731fbc2c061 (patch)
tree6c4300b8f341cf4dbbdd7110f380f509b71a50f0 /doc
parentb75662dde8a6d3e808c9c8d440a67df4e0899495 (diff)
Update coverage tool for new system.
Diffstat (limited to 'doc')
-rw-r--r--doc/pkcs11-coverage.py34
-rw-r--r--doc/pkcs11-coverage.txt324
2 files changed, 228 insertions, 130 deletions
diff --git a/doc/pkcs11-coverage.py b/doc/pkcs11-coverage.py
index 13d7b6c..55d831c 100644
--- a/doc/pkcs11-coverage.py
+++ b/doc/pkcs11-coverage.py
@@ -13,7 +13,7 @@ We're anxious to complete this, if you have patches please do contribute.
"""
# Matches a comment like /** comment */
-PATTERN = re.compile("""P11T_([A-Z_]+)\("(.+?)"""")
+PATTERN = re.compile(r'\bP11T_([A-Z_]+)\("(.+?)"')
os.chdir("../src")
@@ -23,26 +23,27 @@ files = [ name for name in os.listdir(".") if name[-2:] == ".c" ]
coverage = { }
for file in files:
- data = open(file).read()
+ lines = open(file).readlines()
section = ""
- # Find all the matching comments in this file
- matches = PATTERN.findall(data)
- for match in matches:
+ for line in lines:
- # Strip all the comment stuff out start and of the match
- match = match.strip(" /*\t\n\r")
+ match = PATTERN.search(line)
if not match:
continue
- if match[0] == '-' and section:
- coverage[section].append(match)
- continue
+ name = match.group(1)
+ value = match.group(2)
+
+ if name.find("SECTION") != -1:
+ section = value
+ if section not in coverage:
+ coverage[section] = []
+ elif name.find("CHECK") != -1:
+ if section in coverage:
+ coverage[section].append(value)
- section = match
- if section not in coverage:
- coverage[section] = []
sections = coverage.keys()
sections.sort()
@@ -51,6 +52,9 @@ print HEADER
for section in sections:
print section
- for match in coverage[section]:
- print match
+ checks = list(set(coverage[section]))
+ checks.sort()
+ for check in checks:
+ print " - %s" % check
print
+
diff --git a/doc/pkcs11-coverage.txt b/doc/pkcs11-coverage.txt
index 2885915..5eec19c 100644
--- a/doc/pkcs11-coverage.txt
+++ b/doc/pkcs11-coverage.txt
@@ -6,182 +6,276 @@ This is the test coverage of the p11-tests tool of the PKCS#11 interface.
We're anxious to complete this, if you have patches please do contribute.
+CK_INFO
+ - flags
+ - libraryDescription
+ - manufacturerID
+
+CK_MECHANISM_INFO
+ - Mechanism min key size should not be greater than max
+ - flags
+
+CK_SESSION_INFO
+ - C_Login: open RO session
+ - C_Login: open RW session
+ - flags
+ - slotID
+ - state
+
+CK_SLOT_INFO
+ - CKF_TOKEN_PRESENT flag is equivalent to C_GetSlotList(TRUE, ...)
+ - flags
+ - manufacturerID
+ - slotDescription
+
+CK_TOKEN_INFO
+ - Validate token time when CKF_CLOCK_ON_TOKEN
+ - flags
+ - label
+ - manufacturerID
+ - model
+ - serialNumber
+
C_CloseAllSessions
-- Invalid slot id
-- Normal call
-- Check open session was closed
-- Call when no sessions open
+ - Call when no sessions open
+ - Check open session was closed
+ - Invalid slot id
+ - Normal call
C_CloseSession
-- Invalid session
-- Normal call
-- Check open session was closed
-- Close twice
+ - Check open session was closed
+ - Close twice
+ - Invalid session
+ - Normal call
C_CopyObject
-- Not Implemented
+ - Not Tested
C_CreateObject
-- Not Implemented
+ - Not Tested
C_Decrypt
-- CKM_RSA_PKCS
-- CKM_RSA_X_509
+ - Module encrypted data
+ - Normal call
+ - RSA decrypt failed, mangled data
+ - RSA decrypt failed, wrong length
+ - RSA validate failed, bad data
+ - RSA validate failed, wrong length
+
+C_DecryptInit
+ - Module encrypted data
+ - Normal call
C_DestroyObject
-- Not Implemented
+ - Not Tested
C_Encrypt
-- CKM_RSA_PKCS
-- CKM_RSA_X_509
+ - CKM_RSA_PKCS
+ - CKM_RSA_X_509
+ - Normal call
+ - RSA encrypt failed, wrong length
+
+C_EncryptInit
+ - Normal call
C_Finalize
-- With invalid argument
-- Normal call
-- Double finalize in a row
+ - Double finalize in a row
+ - Normal call
+ - With invalid argument
C_FindObjects
-- Invalid session
-- Null object count
-- Retrieve a single object before remainder
-- Retrieve remaining objects
-- Extra call after retrieving all objects.
-- Out of order call
+ - Extra call after retrieving all objects
+ - If asked for a single object, return one.
+ - Invalid session
+ - Null object count
+ - Out of order call
+ - Retrieve a single object before remainder
+ - Retrieve remaining objects
+ - Should return no objects in extra call
C_FindObjectsFinal
-- Invalid session
-- Normal call
-- Extra call
+ - Extra call
+ - Invalid session
+ - Normal call
C_FindObjectsInit
-- Invalid session
-- Attribute count without buffer
-- Double call.
+ - Attribute count without buffer
+ - Double call
+ - Find all objects
+ - Invalid session
C_GetAttributeValue
-- Invalid session
-- Invalid object
-- No template
-- Buffer too small
-- Retrieve attribute length
-- Retrieve single attribute
-- With one invalid attribute, no buffer.
-- With one invalid attribute, with buffer.
-- Multiple attributes, no buffer.
-- Multiple attributes, some buffers
-- Multiple attributes, one small buffer
-- Multiple attributes, with buffers
+ - Buffer too small
+ - Buffer too small should return size
+ - CKA_CLASS value
+ - CKA_LABEL boolean value
+ - CKA_MODIFIABLE boolean value
+ - CKA_PRIVATE boolean value
+ - CKA_TOKEN boolean value
+ - Invalid object
+ - Invalid session
+ - Multiple attributes, no buffer
+ - Multiple attributes, one small buffer
+ - Multiple attributes, some buffers
+ - Multiple attributes, with buffers
+ - No template
+ - Retrieve attribute length
+ - Retrieve single attribute
+ - Should set attribute size, in partially valid set
+ - Should set invalid attribute to -1
+ - Should set valid attribute to size
+ - Should set valid attribute, in partially valid set
+ - Size of CKA_CLASS
+ - Size of CKA_MODIFIABLE
+ - Size of CKA_PRIVATE
+ - Size of CKA_TOKEN
+ - Size of object class attribute.
+ - With one invalid attribute, no buffer
+ - With one invalid attribute, with buffer
C_GetFunctionList
-- See if returns same data as library entry point
+ - Call through function list
+ - See if returns same data as library entry point
C_GetInfo
-- NULL argument
-- Normal call
-- Space padded strings in CK_INFO
-- No flags set
+ - Normal call
+ - Null argument
C_GetMechanismInfo
-- Invalid mechanism
-- Null arguments
-- Invalid slot id
-- Normal call
+ - Invalid mechanism
+ - Invalid slot id
+ - Normal call
+ - Null arguments
C_GetMechanismList
-- Null arguments
-- Without buffer
-- Zero count but buffer present
-- Low count but buffer present
+ - Call with too much buffer
+ - Invalid Slot
+ - Low count but buffer present
+ - Null arguments
+ - Should return number of mechs
+ - Without buffer
+ - Zero count but buffer present
C_GetObjectSize
-- Not Implemented
+ - Not Tested
C_GetOperationState
-- Not Implemented
+ - Not Tested
C_GetSessionInfo
-- Invalid session
-- NULL arguments
-- Valid call
-- Valid slot id
-- Valid state for session
-- Valid flags for session
+ - Invalid session
+ - Null arguments
+ - Valid call
C_GetSlotInfo
-- NULL argument
-- Normal call
-- Space padded CK_SLOT_INFO fields
-- CK_SLOT_INFO flags are from valid set
-- Track CKF_TOKEN_PRESENT flag and compare to C_GetSlotList(TRUE)
+ - Normal call
+ - Null argument
C_GetSlotList
-- NULL arguments
-- Retrieving the count
-- Passing buffer space along with zero count.
-- Passing buffer space along with low count.
-- Passing too much buffer space.
+ - Count invalid when too much buffer passed
+ - Listing only tokens
+ - Normal call
+ - Null arguments
+ - Number of present tokens doesn't match token info flags. ie: CKF_TOKEN_PRESENT
+ - Passing buffer along with low count
+ - Passing buffer with zero count
+ - Present tokens don't match those in token info flags. ie: CKF_TOKEN_PRESENT
+ - Resulting count when buffer with low count passed
+ - Resulting count when buffer with zero count passed
+ - Retrieving the count
C_GetTokenInfo
-- Null arguments
-- Normal call
-- Space padded CK_TOKEN_INFO fields
-- CK_TOKEN_INFO flags are from valid set
-- Validate token time when CKF_CLOCK_ON_TOKEN
-- Calling on slot without token
+ - Calling on slot without token
+ - Normal call
+ - Null arguments
C_InitPIN
-- Not Implemented
+ - Not Tested
C_InitToken
-- Not Implemented
+ - Not Tested
C_Initialize
-- Normal call
-- Locking: no threads
-- Locking: os locking
-- Locking: app locking
-- Locking: either locking
-- Calls without initializing
-- NULL argument
-- Multiple initialize with C_Finalize between
-- Double initialize in a row
+ - Calls without initializing
+ - Double initialize in a row
+ - Locking: app locking
+ - Locking: either locking
+ - Locking: no threads
+ - Locking: os locking
+ - Multiple initialize with C_Finalize between
+ - Null argument
C_Login
-- Invalid session
-- Invalid user type
-- Normal login
-- Login changes all session state
-- Login as SO not allowed with RO session
-- Login as SO
-- Login changes all session state
-- Can't open RO session when logged in as SO
-- Logout from SO
-- Logout SO changes goes back to public
+ - Invalid session
+ - Invalid user type
+ - Login as SO
+ - Login as SO not allowed with RO session
+ - Login changes all session's state
+ - Normal login
+ - SO login changes all session state
+ - Test closing RO session before login as SO
+ - Test opening RO session before login as SO
C_Logout
-- Invalid session
-- Normal logout
-- Logout changes all session state
+ - C_OpenSession: open RW session
+ - Invalid session
+ - Logout SO changes goes back to public
+ - Logout changes all session state
+ - Logout from SO
+ - Normal logout
C_OpenSession
-- Invalid slot
-- Null arguments
-- No flags
-- Without serial flag
-- Valid flags
-- Read write session
+ - Can't open RO session when logged in as SO
+ - Invalid slot
+ - No flags
+ - Null arguments
+ - Read write session
+ - Valid flags
+ - Without serial flag
C_SetOperationState
-- Not Implemented
+ - Not Tested
C_SetPIN
-- Not Implemented
+ - Not Tested
C_Sign
-- CKM_RSA_PKCS (SHA1)
-- CKM_RSA_PKCS (MD5)
-- CKM_RSA_PKCS (SHA1/MD5/SSL3)
+ - CKM_RSA_PKCS (MD5)
+ - CKM_RSA_PKCS (SHA1)
+ - CKM_RSA_PKCS (SHA1/MD5/SSL3)
+ - CKM_RSA_X_509
+ - C_Sign: rsa x509 result length
+ - Normal call
+ - RSA PKCS#1.5 or SSLv3 signature did not verify
+ - RSA X509 Call
+ - RSA x509 signature did not verify
+ - RSA x509 signature was invalid
+
+C_SignInit
+ - Normal call
+ - RSA X509 Call
C_WaitForSlotEvent
-- Not Implemented
+ - Not Tested
+
+CreateMutex
+ - Arguments should not be null
+
+DestroyMutex
+ - Mutex should not be invalid
+ - Mutex should not be locked
+ - Mutex should not be null
+
+LockMutex
+ - Mutex should not be invalid
+ - Mutex should not deadlock
+ - Thread should not exit without releasing mutex
+ - null mutex
+
+UnlockMutex
+ - Mutex should be locked
+ - Mutex should be valid
+ - Mutex should not be invalid
+ - Mutex should not be locked
+ - Mutex should not be null