summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--doc/pkcs11-coverage.py3
-rw-r--r--doc/pkcs11-coverage.txt33
-rw-r--r--src/Makefile.am1
-rw-r--r--src/object.c175
-rw-r--r--src/p11-tests.c1
-rw-r--r--src/p11-tests.h12
-rw-r--r--src/session.c101
7 files changed, 325 insertions, 1 deletions
diff --git a/doc/pkcs11-coverage.py b/doc/pkcs11-coverage.py
index 2184cee..2df744c 100644
--- a/doc/pkcs11-coverage.py
+++ b/doc/pkcs11-coverage.py
@@ -41,7 +41,8 @@ for file in files:
continue
section = match
- coverage[section] = []
+ if section not in coverage:
+ coverage[section] = []
sections = coverage.keys()
sections.sort()
diff --git a/doc/pkcs11-coverage.txt b/doc/pkcs11-coverage.txt
index e5e9847..295df9f 100644
--- a/doc/pkcs11-coverage.txt
+++ b/doc/pkcs11-coverage.txt
@@ -18,11 +18,40 @@ C_CloseSession
- Check open session was closed
- Close twice
+C_CopyObject
+- Not Implemented
+
+C_CreateObject
+- Not Implemented
+
+C_DestroyObject
+- Not Implemented
+
C_Finalize
- With invalid argument
- Normal call
- Double finalize in a row
+C_FindObjects
+- Invalid session
+- Null object count
+- Retrieve count of objects, using NULL buffer
+- Retrieve count of objects
+- Retrieve a single object before remainder
+- Retrieve remaining objects
+- Extra call after retrieving all objects.
+- Out of order call
+
+C_FindObjectsFinal
+- Invalid session
+- Normal call
+- Extra call
+
+C_FindObjectsInit
+- Invalid session
+- Attribute count without buffer
+- Double call.
+
C_GetFunctionList
- See if returns same data as library entry point
@@ -95,6 +124,10 @@ C_Initialize
- Double initialize in a row
C_Login
+- Invalid session
+- Invalid user type
+- Normal login
+- Login changes all session state
- Login as SO not allowed with RO session
- Login as SO
- Login changes all session state
diff --git a/src/Makefile.am b/src/Makefile.am
index 1f8a5ce..0a725c1 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -8,6 +8,7 @@ p11_tests_SOURCES = \
config.c \
module.c \
msg.c \
+ object.c \
p11-tests.c \
session.c \
slot.c
diff --git a/src/object.c b/src/object.c
new file mode 100644
index 0000000..450c795
--- /dev/null
+++ b/src/object.c
@@ -0,0 +1,175 @@
+
+#include "config.h"
+
+#include "p11-tests.h"
+
+#include <stdlib.h>
+
+static void
+create_object(CK_SESSION_HANDLE session_rw, CK_SESSION_HANDLE session_ro)
+{
+ /** C_CreateObject */
+
+ /** - Not Implemented */
+}
+
+static void
+copy_object(CK_SESSION_HANDLE session_rw, CK_SESSION_HANDLE session_ro)
+{
+ /** C_CopyObject */
+
+ /** - Not Implemented */
+}
+
+static void
+destroy_object(CK_SESSION_HANDLE session_rw, CK_SESSION_HANDLE session_ro)
+{
+ /** C_DestroyObject */
+
+ /** - Not Implemented */
+}
+
+static void
+find_all_objects(CK_SESSION_HANDLE session)
+{
+ CK_OBJECT_HANDLE_PTR objects;
+ CK_OBJECT_HANDLE extra;
+ CK_ATTRIBUTE dummy;
+ CK_ULONG object_count, count;
+ CK_RV rv;
+
+ assert(p11t_module_funcs);
+
+ /** C_FindObjectsInit */
+
+ if(p11t_test_unexpected)
+ {
+ /** - Invalid session */
+ rv = (p11t_module_funcs->C_FindObjectsInit)((CK_SESSION_HANDLE)-99, &dummy, 0);
+ p11t_check_returns("C_FindObjectsInit: invalid session", rv, CKR_SESSION_HANDLE_INVALID);
+
+ /** - Attribute count without buffer */
+ rv = (p11t_module_funcs->C_FindObjectsInit)((CK_SESSION_HANDLE)-99, NULL, 1);
+ p11t_check_returns("C_FindObjectsInit: count without buffer", rv, CKR_ARGUMENTS_BAD);
+
+ }
+
+ rv = (p11t_module_funcs->C_FindObjectsInit)(session, &dummy, 0);
+ p11t_check_returns("C_FindObjectsInit: all", rv, CKR_OK);
+
+ if(p11t_test_unexpected)
+ {
+ /** - Double call. */
+ rv = (p11t_module_funcs->C_FindObjectsInit)(session, &dummy, 0);
+ p11t_check_returns("C_FindObjectsInit: all", rv, CKR_OPERATION_ACTIVE);
+
+ }
+
+ /** C_FindObjects */
+
+ if(p11t_test_unexpected)
+ {
+ /** - Invalid session */
+ rv = (p11t_module_funcs->C_FindObjects)((CK_SESSION_HANDLE)-99, NULL, 0, &object_count);
+ p11t_check_returns("C_FindObjects: invalid session", rv, CKR_SESSION_HANDLE_INVALID);
+
+ /** - Null object count */
+ rv = (p11t_module_funcs->C_FindObjects)(session, NULL, 0, NULL);
+ p11t_check_returns("C_FindObjects: invalid session", rv, CKR_ARGUMENTS_BAD);
+
+ /** - Retrieve count of objects, using NULL buffer */
+ rv = (p11t_module_funcs->C_FindObjects)(session, NULL, 0, &object_count);
+ p11t_check_returns("C_FindObjects: retrieve count", rv, CKR_OK);
+ }
+
+ /** - Retrieve count of objects */
+ rv = (p11t_module_funcs->C_FindObjects)(session, &extra, 0, &object_count);
+ p11t_check_returns("C_FindObjects: retrieve count", rv, CKR_OK);
+
+ if(object_count > 0)
+ {
+ if(p11t_test_unexpected)
+ {
+ /** - Retrieve a single object before remainder */
+ rv = (p11t_module_funcs->C_FindObjects)(session, &extra, 1, &count);
+ p11t_check_returns("C_FindObjects: single object", rv, CKR_OK);
+ p11t_check_ulong("C_FindObjects: should return one object", count, 1);
+ --object_count;
+ }
+
+ /** - Retrieve remaining objects */
+ objects = calloc(object_count, sizeof(CK_OBJECT_HANDLE));
+ assert(objects);
+ rv = (p11t_module_funcs->C_FindObjects)(session, objects, object_count, &count);
+ p11t_check_returns("C_FindObjects: all objects", rv, CKR_OK);
+ p11t_check_ulong("C_FindObjects: should return one object", count, object_count);
+ }
+
+ if(p11t_test_unexpected)
+ {
+ /** - Extra call after retrieving all objects. */
+ rv = (p11t_module_funcs->C_FindObjects(session, &extra, 1, &count));
+ p11t_check_returns("C_FindObjects: extra call", rv, CKR_OK);
+ p11t_check_ulong("C_FindObjects: should return no objects in extra call", count, 0);
+ }
+
+ /** C_FindObjectsFinal */
+
+ if(p11t_test_unexpected)
+ {
+ /** - Invalid session */
+ rv = (p11t_module_funcs->C_FindObjectsFinal)((CK_SESSION_HANDLE)-88);
+ p11t_check_returns("C_FindObjectsFinal: invalid session", rv, CKR_SESSION_HANDLE_INVALID);
+ }
+
+ /** - Normal call */
+ rv = (p11t_module_funcs->C_FindObjectsFinal)(session);
+ p11t_check_returns("C_FindObjectsFinal", rv, CKR_OK);
+
+ if(p11t_test_unexpected)
+ {
+ /** - Extra call */
+ rv = (p11t_module_funcs->C_FindObjectsFinal)(session);
+ p11t_check_returns("C_FindObjectsFinal: extra call", rv, CKR_OPERATION_NOT_INITIALIZED);
+
+ /** C_FindObjects */
+
+ /** - Out of order call */
+ rv = (p11t_module_funcs->C_FindObjects)(session, &extra, 1, &count);
+ p11t_check_returns("C_FindObjectsFinal: extra call", rv, CKR_OPERATION_NOT_INITIALIZED);
+ }
+
+}
+
+void
+p11t_object_tests(void)
+{
+ CK_SESSION_HANDLE session_rw;
+ CK_SESSION_HANDLE session_ro;
+ CK_ULONG i;
+
+ for(i = 0; i < p11t_slot_count; ++i)
+ {
+ session_rw = p11t_session_open(p11t_slot_ids[i], 1);
+ session_ro = p11t_session_open(p11t_slot_ids[i], 0);
+
+ /* We need to have the readonly session and log in for tests to proceed */
+ if(session_ro == CK_INVALID)
+ continue;
+
+ if(p11t_session_login(session_ro))
+ continue;
+
+ find_all_objects(session_ro);
+
+ if(session_rw != CK_INVALID)
+ {
+ find_all_objects(session_rw);
+ create_object(session_rw, session_ro);
+ copy_object(session_rw, session_ro);
+ destroy_object(session_rw, session_ro);
+ }
+
+ p11t_session_close_all(p11t_slot_ids[i]);
+ }
+}
diff --git a/src/p11-tests.c b/src/p11-tests.c
index 3346766..689dba4 100644
--- a/src/p11-tests.c
+++ b/src/p11-tests.c
@@ -53,6 +53,7 @@ main(int argc, char* argv[])
p11t_slot_tests();
p11t_session_tests();
+ p11t_object_tests();
/* Remaining module tests */
p11t_module_finalize();
diff --git a/src/p11-tests.h b/src/p11-tests.h
index 425032d..d30e1cc 100644
--- a/src/p11-tests.h
+++ b/src/p11-tests.h
@@ -66,9 +66,21 @@ void p11t_module_initialize(void);
void p11t_module_finalize(void);
/* -------------------------------------------------------------------
+ * object.c
+ */
+
+void p11t_object_tests(void);
+
+/* -------------------------------------------------------------------
* session.c
*/
+CK_SESSION_HANDLE p11t_session_open(CK_SLOT_ID slot, int readwrite);
+int p11t_session_login(CK_SESSION_HANDLE handle);
+int p11t_session_logout(CK_SESSION_HANDLE handle);
+int p11t_session_close(CK_SESSION_HANDLE handle);
+int p11t_session_close_all(CK_SLOT_ID slot);
+
void p11t_session_config(const char *name, const char *value);
void p11t_session_tests(void);
diff --git a/src/session.c b/src/session.c
index 703227c..51bc050 100644
--- a/src/session.c
+++ b/src/session.c
@@ -343,6 +343,106 @@ p11t_session_tests()
}
}
+CK_SESSION_HANDLE
+p11t_session_open(CK_SLOT_ID slot, int readwrite)
+{
+ CK_SESSION_HANDLE session;
+ CK_FLAGS flags;
+
+ assert(p11t_module_funcs);
+
+ flags = CKF_SERIAL_SESSION;
+ if(readwrite)
+ flags |= CKF_RW_SESSION;
+
+ if((p11t_module_funcs->C_OpenSession)(slot, flags, NULL, NULL, &session) != CKR_OK)
+ return CK_INVALID;
+
+ return session;
+}
+
+int
+p11t_session_login(CK_SESSION_HANDLE session)
+{
+ CK_SESSION_INFO info;
+ CK_UTF8CHAR_PTR pin;
+ CK_ULONG n_pin;
+
+ assert(session != CK_INVALID);
+ assert(p11t_module_funcs);
+
+ if((p11t_module_funcs->C_GetSessionInfo)(session, &info) != CKR_OK)
+ return 0;
+
+ switch(info.state)
+ {
+ case CKS_RO_USER_FUNCTIONS:
+ case CKS_RW_USER_FUNCTIONS:
+ case CKS_RW_SO_FUNCTIONS:
+ return 1;
+ }
+
+ pin = calculate_pin(info.slotID, CKU_USER, &n_pin);
+ if((p11t_module_funcs->C_Login)(session, CKU_USER, pin, n_pin) != CKR_OK)
+ return 0;
+
+ return 1;
+}
+
+int
+p11t_session_logout(CK_SESSION_HANDLE session)
+{
+ CK_SESSION_INFO info;
+
+ assert(session != CK_INVALID);
+ assert(p11t_module_funcs);
+
+ if((p11t_module_funcs->C_GetSessionInfo)(session, &info) != CKR_OK)
+ return 0;
+
+ switch(info.state)
+ {
+ case CKS_RO_PUBLIC_SESSION:
+ case CKS_RW_PUBLIC_SESSION:
+ return 1;
+ }
+
+ if((p11t_module_funcs->C_Logout)(session) != CKR_OK)
+ return 0;
+
+ return 1;
+}
+
+int
+p11t_session_close(CK_SESSION_HANDLE session)
+{
+ CK_RV rv;
+
+ assert(session != CK_INVALID);
+ assert(p11t_module_funcs);
+
+ rv = (p11t_module_funcs->C_CloseSession)(session);
+ switch(rv)
+ {
+ case CKR_SESSION_HANDLE_INVALID:
+ case CKR_SESSION_CLOSED:
+ case CKR_OK:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
+int
+p11t_session_close_all(CK_SLOT_ID slot)
+{
+ assert(p11t_module_funcs);
+
+ if((p11t_module_funcs->C_CloseAllSessions)(slot) == CKR_OK)
+ return 1;
+ return 0;
+}
+
void
p11t_session_config(const char *name, const char *value)
{
@@ -351,3 +451,4 @@ p11t_session_config(const char *name, const char *value)
if(strcmp(name, "login-so-pin") == 0)
login_so_pin = value;
}
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-30 07:55:58 +0000