int main(int argc, char *argv[])
{
plan_lazy();
dnssec_crypto_init();
// PKCS #11 initialization
dnssec_keystore_t *store = NULL;
int r = dnssec_keystore_init_pkcs11(&store);
if (r == DNSSEC_NOT_IMPLEMENTED_ERROR) {
skip_all("not supported");
goto done;
}
ok(r == DNSSEC_EOK && store, "dnssec_keystore_init_pkcs11()");
char *dso_name = libsofthsm_dso();
if (!dso_name) {
skip_all("%s not found, set %s environment variable",
SOFTHSM_DSO, ENV_SOFTHSM_DSO);
goto done;
}
ok(dso_name != NULL, "find token DSO");
bool success = token_init();
if (!success) {
skip_all("failed to configure and initialize the token");
goto done;
}
ok(success, "initialize the token");
char config[4096] = { 0 };
r = snprintf(config, sizeof(config), "pkcs11:token=%s;pin-value=%s %s",
TOKEN_LABEL, TOKEN_PIN, dso_name);
free(dso_name);
ok(r > 0 && r < sizeof(config), "build configuration");
// key store access
r = dnssec_keystore_init(store, config);
ok(r == DNSSEC_NOT_IMPLEMENTED_ERROR, "dnssec_keystore_init(), not implemented");
r = dnssec_keystore_open(store, config);
ok(r == DNSSEC_EOK, "dnssec_keystore_open()");
dnssec_list_t *keys = NULL;
r = dnssec_keystore_list_keys(store, &keys);
ok(r == DNSSEC_EOK && dnssec_list_size(keys) == 0, "dnssec_keystore_list_keys(), empty");
dnssec_list_free_full(keys, NULL, NULL);
// key manipulation
static const int KEYS_COUNT = 3;
static const key_parameters_t *KEYS[] = {
&SAMPLE_RSA_KEY,
&SAMPLE_ECDSA_KEY,
&SAMPLE_DSA_KEY,
};
assert(KEYS_COUNT == sizeof(KEYS) / sizeof(*KEYS));
for (int i = 0; i < KEYS_COUNT; i++) {
test_algorithm(store, KEYS[i]);
}
test_key_listing(store, KEYS, KEYS_COUNT);
r = dnssec_keystore_close(store);
ok(r == DNSSEC_EOK, "dnssec_keystore_close()");
done:
dnssec_keystore_deinit(store);
dnssec_crypto_cleanup();
token_cleanup();
return 0;
}
void kr_crypto_cleanup(void)
{
dnssec_crypto_cleanup();
}
