summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/pkcs11-coverage.txt37
-rw-r--r--src/Makefile.am1
-rw-r--r--src/check.c2
-rw-r--r--src/p11-tests.c1
-rw-r--r--src/p11-tests.h31
-rw-r--r--src/session.c165
-rw-r--r--src/slot.c8
7 files changed, 233 insertions, 12 deletions
diff --git a/doc/pkcs11-coverage.txt b/doc/pkcs11-coverage.txt
index 538d487..b864f49 100644
--- a/doc/pkcs11-coverage.txt
+++ b/doc/pkcs11-coverage.txt
@@ -6,6 +6,18 @@ This is the test coverage of the p11-tests tool of the PKCS#11 interface.
We're anxious to complete this, if you have patches please do contribute.
+C_CloseAllSessions
+- Invalid slot id
+- Normal call
+- Check open session was closed
+- Call when no sessions open
+
+C_CloseSession
+- Invalid session
+- Normal call
+- Check open session was closed
+- Close twice
+
C_Finalize
- Normal call
- Double finalize in a row
@@ -32,6 +44,14 @@ C_GetMechanismList
- Zero count but buffer present
- Low count but buffer present
+C_GetSessionInfo
+- Invalid session
+- NULL arguments
+- Valid call
+- Valid slot id
+- Valid state for session
+- Valid flags for session
+
C_GetSlotInfo
- NULL argument
- Normal call
@@ -54,6 +74,12 @@ C_GetTokenInfo
- Validate token time when CKF_CLOCK_ON_TOKEN
- Calling on slot without token
+C_InitPIN
+- Not Implemented
+
+C_InitToken
+- Not Implemented
+
C_Initialize
- Normal call
- Locking: no threads
@@ -65,6 +91,17 @@ C_Initialize
- Multiple initialize with C_Finalize between
- Double initialize in a row
+C_OpenSession
+- Invalid slot
+- Null arguments
+- No flags
+- Without serial flag
+- Valid flags
+- Read write session
+
+C_SetPIN
+- Not Implemented
+
C_WaitForSlotEvent
- Not Implemented
diff --git a/src/Makefile.am b/src/Makefile.am
index ee3290a..49a9801 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -8,5 +8,6 @@ p11_tests_SOURCES = \
module.c \
msg.c \
p11-tests.c \
+ session.c \
slot.c
diff --git a/src/check.c b/src/check.c
index a72cf87..e8bc31f 100644
--- a/src/check.c
+++ b/src/check.c
@@ -71,7 +71,7 @@ p11t_check_mask(const char *message, CK_ULONG flags, CK_ULONG mask)
int
p11t_check_flag(const char *message, CK_ULONG flags, CK_ULONG flag)
{
- if((flags & flag) == 0)
+ if((flags & flag) == flag)
{
p11t_msg_print("%s: flag 0x%08x should be set in: 0x%08x",
message, flag, flags);
diff --git a/src/p11-tests.c b/src/p11-tests.c
index 2adf6e9..a77ccea 100644
--- a/src/p11-tests.c
+++ b/src/p11-tests.c
@@ -40,6 +40,7 @@ main(int argc, char* argv[])
p11t_module_initialize(argc == 2 ? argv[1] : NULL);
p11t_slot_tests();
+ p11t_session_tests();
/* Remaining module tests */
p11t_module_finalize();
diff --git a/src/p11-tests.h b/src/p11-tests.h
index 4a79ffd..21b6064 100644
--- a/src/p11-tests.h
+++ b/src/p11-tests.h
@@ -6,6 +6,8 @@
#include <assert.h>
#include <stdarg.h>
+#define CK_INVALID ((CK_ULONG)-1)
+\
/* -------------------------------------------------------------------
* msg.c
*/
@@ -40,6 +42,24 @@ int p11t_check_flag(const char *message, CK_ULONG flags, CK_ULONG flag);
int p11t_check_nflag(const char *message, CK_ULONG flags, CK_ULONG nflag);
/* -------------------------------------------------------------------
+ * module.c
+ */
+
+extern CK_FUNCTION_LIST_PTR p11t_module_funcs;
+
+void p11t_module_load(const char *filename);
+void p11t_module_unload(void);
+
+void p11t_module_initialize(const char *initstr);
+void p11t_module_finalize(void);
+
+/* -------------------------------------------------------------------
+ * session.c
+ */
+
+void p11t_session_tests(void);
+
+/* -------------------------------------------------------------------
* slot.c
*/
@@ -55,16 +75,5 @@ extern CK_MECHANISM_INFO_PTR* p11t_slot_mech_info;
void p11t_slot_tests(void);
-/* -------------------------------------------------------------------
- * module.c
- */
-
-extern CK_FUNCTION_LIST_PTR p11t_module_funcs;
-
-void p11t_module_load(const char *filename);
-void p11t_module_unload(void);
-
-void p11t_module_initialize(const char *initstr);
-void p11t_module_finalize(void);
#endif /* P11TESTST_H_ */
diff --git a/src/session.c b/src/session.c
new file mode 100644
index 0000000..414a50e
--- /dev/null
+++ b/src/session.c
@@ -0,0 +1,165 @@
+
+#include "config.h"
+
+#include "p11-tests.h"
+
+void
+session_info(CK_SESSION_HANDLE session, CK_SLOT_ID slot, CK_FLAGS flags, CK_STATE state)
+{
+ CK_SESSION_INFO info;
+ CK_RV rv;
+
+ if(session == CK_INVALID)
+ return;
+
+ /** C_GetSessionInfo */
+
+ /** - Invalid session */
+ rv = (p11t_module_funcs->C_GetSessionInfo)((CK_SESSION_HANDLE)-33, &info);
+ p11t_check_returns("C_GetSessionInfo with invalid session", rv, CKR_SESSION_HANDLE_INVALID);
+
+ /** - NULL arguments */
+ rv = (p11t_module_funcs->C_GetSessionInfo)(session, NULL);
+ p11t_check_returns("C_GetSessionInfo with null", rv, CKR_ARGUMENTS_BAD);
+
+ /** - Valid call */
+ rv = (p11t_module_funcs->C_GetSessionInfo)(session, &info);
+ if(!p11t_check_returns("C_GetSessionInfo", rv, CKR_OK))
+ return;
+
+ /** - Valid slot id */
+ p11t_check_ulong("CK_SESSION_INFO.slotID", info.slotID, slot);
+
+ /** - Valid state for session */
+ p11t_check_ulong("CK_SESSION_INFO.state", info.state, state);
+
+ /** - Valid flags for session */
+ p11t_check_flag("CK_SESSION_INFO.flags", info.flags, flags);
+}
+
+void
+session_main(CK_SLOT_ID slot)
+{
+ CK_SESSION_HANDLE session_ro = CK_INVALID;
+ CK_SESSION_HANDLE session_rw = CK_INVALID;
+ CK_SESSION_HANDLE session_ro2 = CK_INVALID;
+ CK_SESSION_INFO info;
+ CK_RV rv;
+
+ assert(p11t_module_funcs);
+
+ /** C_OpenSession */
+
+ /** - Invalid slot */
+ rv = (p11t_module_funcs->C_OpenSession)((CK_SLOT_ID)-5, 0, NULL, NULL, &session_ro);
+ p11t_check_returns("C_OpenSession with invalid slot", rv, CKR_SLOT_ID_INVALID);
+
+ /** - Null arguments */
+ rv = (p11t_module_funcs->C_OpenSession)(slot, 0, NULL, NULL, NULL);
+ p11t_check_returns("C_OpenSession with invalid slot", rv, CKR_ARGUMENTS_BAD);
+
+ /** - No flags */
+ rv = (p11t_module_funcs->C_OpenSession)(slot, 0, NULL, NULL, &session_ro);
+ p11t_check_returns("C_OpenSession with 0 flags", rv, CKR_SESSION_PARALLEL_NOT_SUPPORTED);
+
+ /** - Without serial flag */
+ rv = (p11t_module_funcs->C_OpenSession)(slot, CKF_RW_SESSION, NULL, NULL, &session_ro);
+ p11t_check_returns("C_OpenSession with RW flags", rv, CKR_SESSION_PARALLEL_NOT_SUPPORTED);
+
+ /** - Valid flags */
+ rv = (p11t_module_funcs->C_OpenSession)(slot, CKF_SERIAL_SESSION, NULL, NULL, &session_ro);
+ p11t_check_returns("C_OpenSession with serial flags", rv, CKR_OK);
+ rv = (p11t_module_funcs->C_OpenSession)(slot, CKF_SERIAL_SESSION, NULL, NULL, &session_ro2);
+ p11t_check_returns("C_OpenSession with serial flags", rv, CKR_OK);
+
+ /** - Read write session */
+ rv = (p11t_module_funcs->C_OpenSession)(slot, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL, NULL, &session_rw);
+ if(rv == CKR_TOKEN_WRITE_PROTECTED)
+ session_rw = CK_INVALID;
+ else
+ p11t_check_returns("C_OpenSession with read write flags", rv, CKR_OK);
+
+ /* Test all the sessions and validate their state */
+ session_info(session_ro, slot, CKF_SERIAL_SESSION, CKS_RO_PUBLIC_SESSION);
+ session_info(session_ro2, slot, CKF_SERIAL_SESSION, CKS_RO_PUBLIC_SESSION);
+ if(session_rw)
+ session_info(session_rw, slot, CKF_SERIAL_SESSION | CKF_RW_SESSION, CKS_RW_PUBLIC_SESSION);
+
+ /** C_CloseSession */
+
+ /** - Invalid session */
+ rv = (p11t_module_funcs->C_CloseSession)((CK_SESSION_HANDLE)-10);
+ p11t_check_returns("C_CloseSession invalid handle", rv, CKR_SESSION_HANDLE_INVALID);
+
+ if(session_ro != CK_INVALID)
+ {
+ /** - Normal call */
+ rv = (p11t_module_funcs->C_CloseSession)(session_ro);
+ p11t_check_returns("C_CloseSession valid", rv, CKR_OK);
+
+ /** - Check open session was closed */
+ rv = (p11t_module_funcs->C_GetSessionInfo)(session_ro, &info);
+ p11t_check_returns("C_GetSessionInfo after close", rv, CKR_SESSION_HANDLE_INVALID);
+
+
+ /** - Close twice */
+
+ /*
+ * Note that CKR_SESSION_CLOSED is a valid return in this case.
+ * That should only be returned in the rare case when a session
+ * was closed during the execution of a function. A corner case.
+ */
+
+ rv = (p11t_module_funcs->C_CloseSession)(session_ro);
+ p11t_check_returns("C_CloseSession valid", rv, CKR_SESSION_HANDLE_INVALID);
+ }
+
+ if(session_rw != CK_INVALID)
+ {
+ rv = (p11t_module_funcs->C_CloseSession)(session_rw);
+ p11t_check_returns("C_CloseSession read write", rv, CKR_OK);
+ }
+
+ /** C_CloseAllSessions */
+
+ /** - Invalid slot id */
+ rv = (p11t_module_funcs->C_CloseAllSessions)((CK_SLOT_ID)-34);
+ p11t_check_returns("C_CloseAllSessions invalid slot", rv, CKR_SLOT_ID_INVALID);
+
+ /** - Normal call */
+ rv = (p11t_module_funcs->C_CloseAllSessions)(slot);
+ p11t_check_returns("C_CloseAllSessions", rv, CKR_OK);
+
+ /** - Check open session was closed */
+ rv = (p11t_module_funcs->C_GetSessionInfo)(session_ro2, &info);
+ p11t_check_returns("C_GetSessionInfo after close all", rv, CKR_SESSION_HANDLE_INVALID);
+
+ /** - Call when no sessions open */
+ rv = (p11t_module_funcs->C_CloseAllSessions)(slot);
+ p11t_check_returns("C_CloseAllSessions", rv, CKR_OK);
+}
+
+void
+session_pin(CK_SLOT_ID slot)
+{
+ /** C_InitPIN */
+
+ /** - Not Implemented */
+
+ /** C_SetPIN */
+
+ /** - Not Implemented */
+}
+
+void
+p11t_session_tests()
+{
+ CK_ULONG i;
+
+ for(i = 0; i < p11t_slot_count; ++i)
+ {
+ CK_SLOT_ID slot = p11t_slot_ids[i];
+ session_pin(slot);
+ session_main(slot);
+ }
+}
diff --git a/src/slot.c b/src/slot.c
index a8733cf..5424cb6 100644
--- a/src/slot.c
+++ b/src/slot.c
@@ -349,6 +349,14 @@ slot_mechanisms(void)
}
void
+slot_init_token(void)
+{
+ /** C_InitToken */
+
+ /** - Not Implemented */
+}
+
+void
p11t_slot_tests(void)
{
slot_global();