int main () { pkcs11h_certificate_id_list_t issuers, certs, temp; pkcs11h_certificate_t cert; CK_RV rv; printf ("Initializing pkcs11-helper\n"); if ((rv = pkcs11h_initialize ()) != CKR_OK) { fatal ("pkcs11h_initialize failed", rv); } printf ("Registering pkcs11-helper hooks\n"); if ((rv = pkcs11h_setLogHook (_pkcs11h_hooks_log, NULL)) != CKR_OK) { fatal ("pkcs11h_setLogHook failed", rv); } pkcs11h_setLogLevel (TEST_LOG_LEVEL); if ((rv = pkcs11h_setTokenPromptHook (_pkcs11h_hooks_token_prompt, NULL)) != CKR_OK) { fatal ("pkcs11h_setTokenPromptHook failed", rv); } if ((rv = pkcs11h_setPINPromptHook (_pkcs11h_hooks_pin_prompt, NULL)) != CKR_OK) { fatal ("pkcs11h_setPINPromptHook failed", rv); } printf ("Adding provider '%s'\n", TEST_PROVIDER); if ( (rv = pkcs11h_addProvider ( TEST_PROVIDER, TEST_PROVIDER, FALSE, PKCS11H_PRIVATEMODE_MASK_AUTO, PKCS11H_SLOTEVENT_METHOD_AUTO, 0, FALSE )) != CKR_OK ) { fatal ("pkcs11h_addProvider failed", rv); } mypause ("Please remove all tokens, press <Enter>: "); printf ("Enumerating token certificate (list should be empty, no prompt)\n"); if ( (rv = pkcs11h_certificate_enumCertificateIds ( PKCS11H_ENUM_METHOD_CACHE, NULL, PKCS11H_PROMPT_MASK_ALLOW_ALL, &issuers, &certs )) != CKR_OK ) { fatal ("pkcs11h_certificate_enumCertificateIds failed", rv); } if (issuers != NULL || certs != NULL) { fatal ("No certificates should be found", rv); } mypause ("Please insert token, press <Enter>: "); printf ("Getting certificate cache, should be available certificates\n"); if ( (rv = pkcs11h_certificate_enumCertificateIds ( PKCS11H_ENUM_METHOD_CACHE, NULL, PKCS11H_PROMPT_MASK_ALLOW_ALL, &issuers, &certs )) != CKR_OK ) { fatal ("pkcs11h_certificate_enumCertificateIds failed", rv); } for (temp = issuers;temp != NULL;temp = temp->next) { printf ("Issuer: %s\n", temp->certificate_id->displayName); } for (temp = certs;temp != NULL;temp = temp->next) { printf ("Certificate: %s\n", temp->certificate_id->displayName); } if (certs == NULL) { fatal ("No certificates found", rv); } pkcs11h_certificate_freeCertificateIdList (issuers); pkcs11h_certificate_freeCertificateIdList (certs); mypause ("Please remove token, press <Enter>: "); printf ("Getting certificate cache, should be similar to last\n"); if ( (rv = pkcs11h_certificate_enumCertificateIds ( PKCS11H_ENUM_METHOD_CACHE, NULL, PKCS11H_PROMPT_MASK_ALLOW_ALL, &issuers, &certs )) != CKR_OK ) { fatal ("pkcs11h_certificate_enumCertificateIds failed", rv); } for (temp = issuers;temp != NULL;temp = temp->next) { printf ("Issuer: %s\n", temp->certificate_id->displayName); } for (temp = certs;temp != NULL;temp = temp->next) { printf ("Certificate: %s\n", temp->certificate_id->displayName); } if (certs == NULL) { fatal ("No certificates found", rv); } printf ("Creating certificate context\n"); if ( (rv = pkcs11h_certificate_create ( certs->certificate_id, NULL, PKCS11H_PROMPT_MASK_ALLOW_ALL, PKCS11H_PIN_CACHE_INFINITE, &cert )) != CKR_OK ) { fatal ("pkcs11h_certificate_create failed", rv); } printf ("Perforing signature #1 (you should be prompt for token and PIN)\n"); sign_test (cert); printf ("Perforing signature #2 (you should NOT be prompt for anything)\n"); sign_test (cert); mypause ("Please remove and insert token, press <Enter>: "); printf ("Perforing signature #3 (you should be prompt only for PIN)\n"); sign_test (cert); printf ("Perforing signature #4 (you should NOT be prompt for anything)\n"); if ((rv = pkcs11h_certificate_freeCertificate (cert)) != CKR_OK) { fatal ("pkcs11h_certificate_free failed", rv); } if ( (rv = pkcs11h_certificate_create ( certs->certificate_id, NULL, PKCS11H_PROMPT_MASK_ALLOW_ALL, PKCS11H_PIN_CACHE_INFINITE, &cert )) != CKR_OK ) { fatal ("pkcs11h_certificate_create failed", rv); } sign_test (cert); printf ("Terminating pkcs11-helper\n"); if ((rv = pkcs11h_certificate_freeCertificate (cert)) != CKR_OK) { fatal ("pkcs11h_certificate_free failed", rv); } pkcs11h_certificate_freeCertificateIdList (issuers); pkcs11h_certificate_freeCertificateIdList (certs); if ((rv = pkcs11h_terminate ()) != CKR_OK) { fatal ("pkcs11h_terminate failed", rv); } exit (0); return 0; }
static void soter_sign_test() { testsuite_fail_if(sign_test(SOTER_SIGN_rsa_pss_pkcs8),"soter sign SOTER_SIGN_rsa_pss_pkcs8"); testsuite_fail_if(sign_test(SOTER_SIGN_ecdsa_none_pkcs8),"soter sign SOTER_SIGN_ecdsa_none_pkcs8"); }