From a7082c4f7fab7120c7226c18030efe9077c680ca Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Wed, 4 Sep 2024 16:26:15 -0400
Subject: [PATCH] Add test to check that token can import keys

Disabled in softhsm because it ends up looping on itself due to
the usal problem that sofhtsm links to openssl without using a custom
libctx.

Signed-off-by: Simo Sorce <simo@redhat.com>
---
 tests/meson.build |  1 +
 tests/timported   | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 37 insertions(+)
 create mode 100755 tests/timported

diff --git a/tests/meson.build b/tests/meson.build
index d4b42285..7e7f00bd 100644
--- a/tests/meson.build
+++ b/tests/meson.build
@@ -129,6 +129,7 @@ tests = {
   'fork': {'suites': ['softokn', 'softhsm', 'kryoptic']},
   'oaepsha2': {'suites': ['softokn', 'kryoptic']},
   'hkdf': {'suites': ['softokn', 'kryoptic']},
+  'imported' : {'suites': ['softokn', 'kryoptic']},
   'rsapss': {'suites': ['softokn', 'softhsm', 'kryoptic']},
   'rsapssam': {'suites': ['softhsm']},
   'genkey': {'suites': ['softokn', 'softhsm', 'kryoptic']},
diff --git a/tests/timported b/tests/timported
new file mode 100755
index 00000000..97e8536c
--- /dev/null
+++ b/tests/timported
@@ -0,0 +1,36 @@
+#!/bin/bash -e
+# Copyright (C) 2024 Simo Sorce <simo@redhat.com>
+# SPDX-License-Identifier: Apache-2.0
+
+source "${TESTSSRCDIR}/helpers.sh"
+
+
+title PARA "Test imported key in token session"
+
+title LINE "Generate keypair in files"
+ossl 'genpkey -algorithm EC -out ${TMPPDIR}/file.ec.key.pem
+              -pkeyopt ec_paramgen_curve:P-256
+              -pkeyopt ec_param_enc:named_curve
+              -outpubkey ${TMPPDIR}/file.ec.pub.key.pem'
+
+#After key generation force all operations to happen on the token
+ORIG_OPENSSL_CONF=${OPENSSL_CONF}
+sed -e "s/#MORECONF/alg_section = algorithm_sec\n\n[algorithm_sec]\ndefault_properties = ?provider=pkcs11/" \
+    "${OPENSSL_CONF}" > "${OPENSSL_CONF}.forcetoken"
+OPENSSL_CONF=${OPENSSL_CONF}.forcetoken
+
+title LINE "Test Signing with private key imported from file"
+ossl 'pkeyutl -sign
+              -inkey ${TMPPDIR}/file.ec.key.pem
+              -in ${TMPPDIR}/sha256.bin
+              -out ${TMPPDIR}/file.ec.sig.bin'
+
+title LINE "Test Verifying with public key imported from file"
+ossl 'pkeyutl -verify -pubin
+              -inkey ${TMPPDIR}/file.ec.pub.key.pem
+              -sigfile ${TMPPDIR}/file.ec.sig.bin
+              -in ${TMPPDIR}/sha256.bin'
+
+OPENSSL_CONF=${ORIG_OPENSSL_CONF}
+
+exit 0