Add test to check that token can import keys

Disabled in softhsm because it ends up looping on itself due to
the usal problem that sofhtsm links to openssl without using a custom
libctx.

Signed-off-by: Simo Sorce <[email protected]>

tests/meson.build

@@ -129,6 +129,7 @@ tests = {
   'fork': {'suites': ['softokn', 'softhsm', 'kryoptic']},
   'oaepsha2': {'suites': ['softokn', 'kryoptic']},
   'hkdf': {'suites': ['softokn', 'kryoptic']},
+  'imported' : {'suites': ['softokn', 'kryoptic']},
   'rsapss': {'suites': ['softokn', 'softhsm', 'kryoptic']},
   'rsapssam': {'suites': ['softhsm']},
   'genkey': {'suites': ['softokn', 'softhsm', 'kryoptic']},

tests/timported

@@ -0,0 +1,36 @@
+#!/bin/bash -e
+# Copyright (C) 2024 Simo Sorce <[email protected]>
+# SPDX-License-Identifier: Apache-2.0
+
+source "${TESTSSRCDIR}/helpers.sh"
+
+
+title PARA "Test imported key in token session"
+
+title LINE "Generate keypair in files"
+ossl 'genpkey -algorithm EC -out ${TMPPDIR}/file.ec.key.pem
+              -pkeyopt ec_paramgen_curve:P-256
+              -pkeyopt ec_param_enc:named_curve
+              -outpubkey ${TMPPDIR}/file.ec.pub.key.pem'
+
+#After key generation force all operations to happen on the token
+ORIG_OPENSSL_CONF=${OPENSSL_CONF}
+sed -e "s/#MORECONF/alg_section = algorithm_sec\n\n[algorithm_sec]\ndefault_properties = ?provider=pkcs11/" \
+    "${OPENSSL_CONF}" > "${OPENSSL_CONF}.forcetoken"
+OPENSSL_CONF=${OPENSSL_CONF}.forcetoken
+
+title LINE "Test Signing with private key imported from file"
+ossl 'pkeyutl -sign
+              -inkey ${TMPPDIR}/file.ec.key.pem
+              -in ${TMPPDIR}/sha256.bin
+              -out ${TMPPDIR}/file.ec.sig.bin'
+
+title LINE "Test Verifying with public key imported from file"
+ossl 'pkeyutl -verify -pubin
+              -inkey ${TMPPDIR}/file.ec.pub.key.pem
+              -sigfile ${TMPPDIR}/file.ec.sig.bin
+              -in ${TMPPDIR}/sha256.bin'
+
+OPENSSL_CONF=${ORIG_OPENSSL_CONF}
+
+exit 0