Skip to content

Commit

Permalink
Test kryoptic with NSS DB
Browse files Browse the repository at this point in the history 
The NSSDB backend is now super-slow so I am bumping the timeout to
60s/test. The kryoptic build is also adjusted to include this
non-default feature.

Signed-off-by: Jakub Jelen <[email protected]>
  • Loading branch information
@Jakuje
Jakuje committed Dec 12, 2024
1 parent 755cbc8 commit 1cc4e0f
Show file tree
Hide file tree
Showing 5 changed files with 56 additions and 28 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/kryoptic.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,8 +75,8 @@ jobs:
- name: Build Kryoptic
run: |
cd kryoptic
cargo build --features standard
cargo test --features standard | tee testout.log 2>&1
cargo build --features standard,nssdb
cargo test --features standard,nssdb | tee testout.log 2>&1
grep -q "0 failed" testout.log
- name: Setup
Expand Down
6 changes: 3 additions & 3 deletions tests/kryoptic-init.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,10 +27,10 @@ find_kryoptic \
title LINE "Creating Kyroptic database"

# Kryoptic configuration
export KRYOPTIC_CONF="$TOKDIR/kryoptic.sql"
export KRYOPTIC_CONF="${KRYOPTIC_CONF:-$TOKDIR/kryoptic.sql}"

export TOKENLABEL="Kryoptic Token"
export TOKENLABELURI="Kryoptic%20Token"
export TOKENLABEL="${TOKENLABEL:-Kryoptic Token}"
export TOKENLABELURI="${TOKENLABELURI:-Kryoptic%20Token}"

# init token
pkcs11-tool --module "${P11LIB}" --init-token \
Expand Down
25 changes: 25 additions & 0 deletions tests/kryoptic.nss-init.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
#!/bin/bash -ex
# Copyright (C) 2024 Jakub Jelen <[email protected]>
# SPDX-License-Identifier: Apache-2.0
#

export KRYOPTIC_CONF="${TMPPDIR}/kryoptic.conf"
cat >"${KRYOPTIC_CONF}" <<_EOF
[[slots]]
slot = 42
dbtype = "nssdb"
dbargs = "configDir='${TOKDIR}' flags='passwordRequired'"
description = "Kryoptic Soft Token"
_EOF

# this overrides what we define in the generic init
# the NSS DB can not store custom labels
export TOKENLABEL="Kryoptic Soft Token"
export TOKENLABELURI="Kryoptic%20Soft%20Token"

# the rest is the same
source "${TESTSSRCDIR}/kryoptic-init.sh"

export TOKENCONFIGVARS="export KRYOPTIC_CONF=${TMPPDIR}/kryoptic.conf"
export TOKENOPTIONS="pkcs11-module-quirks = no-allowed-mechanisms"
export TESTPORT="35000"
47 changes: 24 additions & 23 deletions tests/meson.build
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ if nss_softokn.found()
endif

setup_script=find_program('setup.sh')
foreach suite : ['softokn', 'softhsm', 'kryoptic']
foreach suite : ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']
test(
'setup',
setup_script,
Expand Down Expand Up @@ -118,29 +118,29 @@ foreach t, sources : test_programs
endforeach

tests = {
'basic': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'pubkey': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'certs': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'ecc': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'edwards': {'suites': ['softhsm', 'kryoptic']},
'ecdh': {'suites': ['softokn', 'kryoptic']},
'democa': {'suites': ['softokn', 'softhsm', 'kryoptic'], 'is_parallel': false},
'digest': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'fork': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'oaepsha2': {'suites': ['softokn', 'kryoptic']},
'hkdf': {'suites': ['softokn', 'kryoptic']},
'imported' : {'suites': ['softokn', 'kryoptic']},
'rsapss': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'basic': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'pubkey': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'certs': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'ecc': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'edwards': {'suites': ['softhsm', 'kryoptic', 'kryoptic.nss']},
'ecdh': {'suites': ['softokn', 'kryoptic', 'kryoptic.nss']},
'democa': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss'], 'is_parallel': false},
'digest': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'fork': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'oaepsha2': {'suites': ['softokn', 'kryoptic', 'kryoptic.nss']},
'hkdf': {'suites': ['softokn', 'kryoptic', 'kryoptic.nss']},
'imported' : {'suites': ['softokn', 'kryoptic', 'kryoptic.nss']},
'rsapss': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'rsapssam': {'suites': ['softhsm']},
'genkey': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'session': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'rand': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'readkeys': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'tls': {'suites': ['softokn', 'softhsm', 'kryoptic'], 'is_parallel': false},
'tlsfuzzer': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'uri': {'suites': ['softokn', 'softhsm', 'kryoptic']},
'ecxc': {'suites': ['softhsm', 'kryoptic']},
'cms': {'suites': ['softokn', 'kryoptic']},
'genkey': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'session': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'rand': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'readkeys': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'tls': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss'], 'is_parallel': false},
'tlsfuzzer': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'uri': {'suites': ['softokn', 'softhsm', 'kryoptic', 'kryoptic.nss']},
'ecxc': {'suites': ['softhsm', 'kryoptic', 'kryoptic.nss']},
'cms': {'suites': ['softokn', 'kryoptic', 'kryoptic.nss']},
'pinlock': {'suites': ['kryoptic']},
}

Expand All @@ -157,6 +157,7 @@ foreach t, extra_args : tests
env: test_env,
depends: test_executables,
is_parallel: false,
timeout: 60,
)
endforeach
endforeach
2 changes: 2 additions & 0 deletions tests/setup.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@ elif [ "${TOKENTYPE}" == "softokn" ]; then
source "${TESTSSRCDIR}/softokn-init.sh"
elif [ "${TOKENTYPE}" == "kryoptic" ]; then
source "${TESTSSRCDIR}/kryoptic-init.sh"
elif [ "${TOKENTYPE}" == "kryoptic.nss" ]; then
source "${TESTSSRCDIR}/kryoptic.nss-init.sh"
else
echo "Unknown token type: $1"
exit 1
Expand Down

0 comments on commit 1cc4e0f

Please sign in to comment.