static void test_uri_parse_with_empty_id (void) { CK_ATTRIBUTE_PTR attr; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:id=;type=cert", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_ID); assert_ptr_not_null (attr); p11_kit_uri_free (uri); /* really empty */ uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:type=cert", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_ID); assert (attr == NULL); p11_kit_uri_free (uri); }
static void test_uri_match_version (void) { CK_INFO info; P11KitUri *uri; int ret; memset (&info, 0, sizeof (info)); uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-version=5.8", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); info.libraryVersion.major = 5; info.libraryVersion.minor = 8; ret = p11_kit_uri_match_module_info (uri, &info); assert_num_eq (1, ret); info.libraryVersion.major = 2; info.libraryVersion.minor = 3; ret = p11_kit_uri_match_module_info (uri, &info); assert_num_eq (0, ret); p11_kit_uri_free (uri); }
static void test_uri_build_object_type_secret (void) { CK_ATTRIBUTE attr; CK_OBJECT_CLASS klass; P11KitUri *uri; char *string; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); klass = CKO_SECRET_KEY; attr.type = CKA_CLASS; attr.pValue = &klass; attr.ulValueLen = sizeof (klass); p11_kit_uri_set_attribute (uri, &attr); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert (strstr (string, "type=secret-key") != NULL); p11_kit_uri_free (uri); free (string); }
static void test_uri_pin_value (void) { P11KitUri *uri; const char *pin_value; char *string; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); p11_kit_uri_set_pin_value (uri, "123456"); pin_value = p11_kit_uri_get_pin_value (uri); assert_str_eq ("123456", pin_value); p11_kit_uri_set_pin_value (uri, "1*&#%&@("); pin_value = p11_kit_uri_get_pin_value (uri); assert_str_eq ("1*&#%&@(", pin_value); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert (strstr (string, "pkcs11:?pin-value=1%2a%26%23%25%26%40%28") != NULL); free (string); ret = p11_kit_uri_parse ("pkcs11:?pin-value=blah%2Fblah", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); pin_value = p11_kit_uri_get_pin_value (uri); assert_str_eq ("blah/blah", pin_value); p11_kit_uri_free (uri); }
static void test_uri_parse_with_label_and_new_klass (void) { CK_ATTRIBUTE_PTR attr; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=Test%20Label;type=cert", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_LABEL); assert_ptr_not_null (attr); assert (attr->ulValueLen == strlen ("Test Label")); assert (memcmp (attr->pValue, "Test Label", attr->ulValueLen) == 0); attr = p11_kit_uri_get_attribute (uri, CKA_CLASS); assert_ptr_not_null (attr); assert (attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); assert (*((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_CERTIFICATE); p11_kit_uri_free (uri); }
static void test_uri_slot_id (void) { P11KitUri *uri; CK_SLOT_ID slot_id; char *string; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); p11_kit_uri_set_slot_id (uri, 12345); slot_id = p11_kit_uri_get_slot_id (uri); assert_num_eq (12345, slot_id); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert (strstr (string, "pkcs11:slot-id=12345") != NULL); free (string); ret = p11_kit_uri_parse ("pkcs11:slot-id=67890", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); slot_id = p11_kit_uri_get_slot_id (uri); assert_num_eq (67890, slot_id); p11_kit_uri_free (uri); }
/** * gnutls_pkcs11_privkey_init: * @key: A pointer to the type to be initialized * * This function will initialize an private key structure. This * structure can be used for accessing an underlying PKCS#11 object. * * In versions of GnuTLS later than 3.5.11 the object is protected * using locks and a single %gnutls_pkcs11_privkey_t can be re-used * by many threads. However, for performance it is recommended to utilize * one object per key per thread. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key) { int ret; FAIL_IF_LIB_ERROR; *key = gnutls_calloc(1, sizeof(struct gnutls_pkcs11_privkey_st)); if (*key == NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } (*key)->uinfo = p11_kit_uri_new(); if ((*key)->uinfo == NULL) { free(*key); gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } ret = gnutls_mutex_init(&(*key)->mutex); if (ret < 0) { gnutls_assert(); p11_kit_uri_free((*key)->uinfo); free(*key); return GNUTLS_E_LOCKING_ERROR; } return 0; }
static void test_uri_match_attributes (void) { CK_ATTRIBUTE attrs[4]; CK_OBJECT_CLASS klass; P11KitUri *uri; int ret; attrs[0].type = CKA_ID; attrs[0].pValue = "Blah"; attrs[0].ulValueLen = 4; attrs[1].type = CKA_LABEL; attrs[1].pValue = "Junk"; attrs[1].ulValueLen = 4; attrs[2].type = CKA_COLOR; attrs[2].pValue = "blue"; attrs[2].ulValueLen = 4; klass = CKO_DATA; attrs[3].type = CKA_CLASS; attrs[3].pValue = &klass; attrs[3].ulValueLen = sizeof (klass); uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=Fancy;id=Blah;type=data", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_match_attributes (uri, attrs, 4); assert_num_eq (0, ret); attrs[1].pValue = "Fancy"; attrs[1].ulValueLen = 5; ret = p11_kit_uri_match_attributes (uri, attrs, 4); assert_num_eq (1, ret); p11_kit_uri_clear_attribute (uri, CKA_CLASS); ret = p11_kit_uri_match_attributes (uri, attrs, 4); assert_num_eq (1, ret); attrs[2].pValue = "pink"; ret = p11_kit_uri_match_attributes (uri, attrs, 4); assert_num_eq (1, ret); p11_kit_uri_set_unrecognized (uri, 1); ret = p11_kit_uri_match_attributes (uri, attrs, 4); assert_num_eq (0, ret); p11_kit_uri_free (uri); }
static void test_uri_build_with_token_info (void) { char *string = NULL; P11KitUri *uri; P11KitUri *check; CK_TOKEN_INFO_PTR token; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); token = p11_kit_uri_get_token_info (uri); set_space_string (token->label, sizeof (token->label), "The Label"); set_space_string (token->serialNumber, sizeof (token->serialNumber), "44444"); set_space_string (token->manufacturerID, sizeof (token->manufacturerID), "Me"); set_space_string (token->model, sizeof (token->model), "Deluxe"); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert_ptr_not_null (string); check = p11_kit_uri_new (); assert_ptr_not_null (check); ret = p11_kit_uri_parse (string, P11_KIT_URI_FOR_TOKEN, check); assert_num_eq (P11_KIT_URI_OK, ret); p11_kit_uri_match_token_info (check, p11_kit_uri_get_token_info (uri)); p11_kit_uri_free (uri); p11_kit_uri_free (check); assert (strstr (string, "token=The%20Label") != NULL); assert (strstr (string, "serial=44444") != NULL); assert (strstr (string, "manufacturer=Me") != NULL); assert (strstr (string, "model=Deluxe") != NULL); free (string); }
static void test_uri_get_set_attribute (void) { CK_ATTRIBUTE attr; CK_ATTRIBUTE_PTR ptr; P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ptr = p11_kit_uri_get_attribute (uri, CKA_LABEL); assert_ptr_eq (NULL, ptr); ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL); assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_clear_attribute (uri, CKA_COLOR); assert_num_eq (P11_KIT_URI_NOT_FOUND, ret); attr.type = CKA_LABEL; attr.pValue = "Test"; attr.ulValueLen = 4; ret = p11_kit_uri_set_attribute (uri, &attr); assert_num_eq (P11_KIT_URI_OK, ret); /* We can set other attributes */ attr.type = CKA_COLOR; ret = p11_kit_uri_set_attribute (uri, &attr); assert_num_eq (P11_KIT_URI_OK, ret); /* And get them too */ ptr = p11_kit_uri_get_attribute (uri, CKA_COLOR); assert_ptr_not_null (ptr); ptr = p11_kit_uri_get_attribute (uri, CKA_LABEL); assert_ptr_not_null (ptr); assert (ptr->type == CKA_LABEL); assert (ptr->ulValueLen == 4); assert (memcmp (ptr->pValue, "Test", 4) == 0); ret = p11_kit_uri_clear_attribute (uri, CKA_LABEL); assert_num_eq (P11_KIT_URI_OK, ret); ptr = p11_kit_uri_get_attribute (uri, CKA_LABEL); assert_ptr_eq (NULL, ptr); p11_kit_uri_free (uri); }
static void test_uri_parse_with_library_bad_encoding (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-description=Library%", P11_KIT_URI_FOR_MODULE, uri); assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); }
static void test_uri_parse_with_bad_syntax (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:token", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_BAD_SYNTAX, ret); p11_kit_uri_free (uri); }
static void test_uri_parse_with_token_bad_encoding (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:token=Token%", P11_KIT_URI_FOR_TOKEN, uri); assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); }
static void test_uri_parse_with_bad_hex_encoding (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:object=T%xxest", P11_KIT_URI_FOR_OBJECT, uri); assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); }
static void test_uri_slot_id_bad (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:slot-id=123^456", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_BAD_SYNTAX, ret); p11_kit_uri_free (uri); }
static void test_uri_pin_value_bad (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:?pin-value=blahblah%2", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_BAD_ENCODING, ret); p11_kit_uri_free (uri); }
static void test_uri_parse_bad_scheme (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("http:\\example.com\test", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_BAD_SCHEME, ret); p11_kit_uri_free (uri); }
static void test_uri_build_with_slot_info (void) { char *string = NULL; P11KitUri *uri; P11KitUri *check; CK_SLOT_INFO_PTR slot; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); slot = p11_kit_uri_get_slot_info (uri); set_space_string (slot->slotDescription, sizeof (slot->slotDescription), "The Slot Description"); set_space_string (slot->manufacturerID, sizeof (slot->manufacturerID), "Me"); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert_ptr_not_null (string); check = p11_kit_uri_new (); assert_ptr_not_null (check); ret = p11_kit_uri_parse (string, P11_KIT_URI_FOR_SLOT, check); assert_num_eq (P11_KIT_URI_OK, ret); p11_kit_uri_match_slot_info (check, p11_kit_uri_get_slot_info (uri)); p11_kit_uri_free (uri); p11_kit_uri_free (check); assert (strstr (string, "slot-description=The%20Slot%20Description") != NULL); assert (strstr (string, "slot-manufacturer=Me") != NULL); free (string); }
static void test_uri_parse_unrecognized (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:x-blah=some-value", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_any_unrecognized (uri); assert_num_eq (1, ret); p11_kit_uri_free (uri); }
static void test_uri_build_empty (void) { P11KitUri *uri; char *string; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert_str_eq ("pkcs11:", string); free (string); p11_kit_uri_free (uri); }
static void test_uri_parse_too_long_is_unrecognized (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:model=a-value-that-is-too-long-for-the-field-that-it-goes-with", P11_KIT_URI_FOR_ANY, uri); assert_num_eq (P11_KIT_URI_OK, ret); ret = p11_kit_uri_any_unrecognized (uri); assert_num_eq (1, ret); p11_kit_uri_free (uri); }
static void test_uri_parse_parse_unknown_object_type (void) { P11KitUri *uri; CK_ATTRIBUTE_PTR attr; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:type=unknown", P11_KIT_URI_FOR_OBJECT, uri); assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_CLASS); assert_ptr_eq (NULL, attr); p11_kit_uri_free (uri); }
/** * gnutls_pkcs11_privkey_init: * @key: The structure to be initialized * * This function will initialize an private key structure. * * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a * negative error value. **/ int gnutls_pkcs11_privkey_init(gnutls_pkcs11_privkey_t * key) { FAIL_IF_LIB_ERROR; *key = gnutls_calloc(1, sizeof(struct gnutls_pkcs11_privkey_st)); if (*key == NULL) { gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } (*key)->info = p11_kit_uri_new(); if ((*key)->info == NULL) { free(*key); gnutls_assert(); return GNUTLS_E_MEMORY_ERROR; } return 0; }
static void test_uri_parse (void) { P11KitUri *uri; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:", P11_KIT_URI_FOR_MODULE, uri); assert_num_eq (P11_KIT_URI_OK, ret); assert (is_module_empty (uri)); assert (is_slot_empty (uri)); assert (is_token_empty (uri)); assert (are_attributes_empty (uri)); p11_kit_uri_free (uri); }
static void test_uri_parse_with_slot (void) { P11KitUri *uri = NULL; CK_SLOT_INFO_PTR slot; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:slot-description=Slot%20Description;slot-manufacturer=Me", P11_KIT_URI_FOR_SLOT, uri); assert_num_eq (P11_KIT_URI_OK, ret); slot = p11_kit_uri_get_slot_info (uri); assert (is_space_string (slot->slotDescription, sizeof (slot->slotDescription), "Slot Description")); assert (is_space_string (slot->manufacturerID, sizeof (slot->manufacturerID), "Me")); p11_kit_uri_free (uri); }
static void test_uri_parse_secret_key (void) { P11KitUri *uri; CK_ATTRIBUTE_PTR attr; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:type=secret-key", P11_KIT_URI_FOR_OBJECT, uri); assert_num_eq (P11_KIT_URI_OK, ret); attr = p11_kit_uri_get_attribute (uri, CKA_CLASS); assert_ptr_not_null (attr); assert (attr->ulValueLen == sizeof (CK_OBJECT_CLASS)); assert (*((CK_OBJECT_CLASS_PTR)attr->pValue) == CKO_SECRET_KEY); p11_kit_uri_free (uri); }
static void test_uri_parse_library_version (void) { P11KitUri *uri; CK_INFO_PTR info; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-version=2.101", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); assert_num_eq (P11_KIT_URI_OK, ret); info = p11_kit_uri_get_module_info (uri); assert_num_eq (2, info->libraryVersion.major); assert_num_eq (101, info->libraryVersion.minor); ret = p11_kit_uri_parse ("pkcs11:library-version=23", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); assert_num_eq (P11_KIT_URI_OK, ret); info = p11_kit_uri_get_module_info (uri); assert_num_eq (23, info->libraryVersion.major); assert_num_eq (0, info->libraryVersion.minor); ret = p11_kit_uri_parse ("pkcs11:library-version=23.", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=a.a", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=.23", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=1000", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); ret = p11_kit_uri_parse ("pkcs11:library-version=2.1000", P11_KIT_URI_FOR_MODULE_WITH_VERSION, uri); assert_num_eq (P11_KIT_URI_BAD_VERSION, ret); p11_kit_uri_free (uri); }
static void test_uri_build_with_library (void) { CK_INFO_PTR info; P11KitUri *uri; char *string; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); info = p11_kit_uri_get_module_info (uri); set_space_string (info->libraryDescription, sizeof (info->libraryDescription), "The Description"); ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert (strstr (string, "library-description=The%20Description") != NULL); p11_kit_uri_free (uri); free (string); }
static void test_uri_parse_with_library (void) { P11KitUri *uri = NULL; CK_INFO_PTR info; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); ret = p11_kit_uri_parse ("pkcs11:library-description=The%20Library;library-manufacturer=Me", P11_KIT_URI_FOR_MODULE, uri); assert_num_eq (P11_KIT_URI_OK, ret); info = p11_kit_uri_get_module_info (uri); assert (is_space_string (info->manufacturerID, sizeof (info->manufacturerID), "Me")); assert (is_space_string (info->libraryDescription, sizeof (info->libraryDescription), "The Library")); p11_kit_uri_free (uri); }
static void test_uri_build_library_version (void) { CK_INFO_PTR info; P11KitUri *uri; char *string; int ret; uri = p11_kit_uri_new (); assert_ptr_not_null (uri); info = p11_kit_uri_get_module_info (uri); info->libraryVersion.major = 2; info->libraryVersion.minor = 10; ret = p11_kit_uri_format (uri, P11_KIT_URI_FOR_ANY, &string); assert_num_eq (P11_KIT_URI_OK, ret); assert (strstr (string, "library-version=2.10") != NULL); p11_kit_uri_free (uri); free (string); }