Add tests for p11-kit profile commands

Signed-off-by: Zoltan Fridrich <[email protected]>
p11-glue · Oct 2, 2023 · 7a0abdd · 7a0abdd
1 parent a1fbb29
commit 7a0abdd
Show file tree

Hide file tree

Showing 10 changed files with 591 additions and 76 deletions.
diff --git a/common/persist.c b/common/persist.c
@@ -384,6 +384,9 @@ format_constant (CK_ATTRIBUTE *attr,
 	case CKA_MECHANISM_TYPE:
 		table = p11_constant_mechanisms;
 		break;
+	case CKA_PROFILE_ID:
+		table = p11_constant_profiles;
+		break;
 	default:
 		table = NULL;
 	};

diff --git a/p11-kit/Makefile.am b/p11-kit/Makefile.am
@@ -260,8 +260,6 @@ EXTRA_DIST += \
 
 bin_PROGRAMS += p11-kit/p11-kit
 
-p11_kit_p11_kit_CFLAGS = $(COMMON_CFLAGS)
-
 p11_kit_p11_kit_SOURCES = \
 	p11-kit/add-profile.c \
 	p11-kit/delete-object.c \
@@ -275,19 +273,22 @@ p11_kit_p11_kit_SOURCES = \
 	p11-kit/print-config.c \
 	$(NULL)
 
-p11_kit_p11_kit_LDADD = \
-	libp11-kit.la \
-	libp11-kit-internal.la \
-	libp11-tool.la \
-	libp11-common.la \
-	$(LTLIBINTL) \
-	$(NULL)
+p11_kit_p11_kit_CFLAGS = $(COMMON_CFLAGS)
+p11_kit_p11_kit_LDADD =
 
 if WITH_ASN1
 p11_kit_p11_kit_CFLAGS += $(LIBTASN1_CFLAGS)
 p11_kit_p11_kit_LDADD += libp11-asn1.la $(LIBTASN1_LIBS)
 endif
 
+p11_kit_p11_kit_LDADD += \
+	libp11-kit.la \
+	libp11-kit-internal.la \
+	libp11-common.la \
+	libp11-tool.la \
+	$(LTLIBINTL) \
+	$(NULL)
+
 if WITH_BASH_COMPLETION
 bashcomp_DATA += bash-completion/p11-kit
 endif
@@ -306,22 +307,25 @@ p11_kit_p11_kit_testable_SOURCES = \
 	p11-kit/print-config.c \
 	$(NULL)
 
-p11_kit_p11_kit_testable_LDADD = \
-	libp11-tool.la \
+p11_kit_p11_kit_testable_CFLAGS =
+p11_kit_p11_kit_testable_LDADD =
+
+if WITH_ASN1
+p11_kit_p11_kit_testable_CFLAGS += $(LIBTASN1_CFLAGS)
+p11_kit_p11_kit_testable_LDADD += libp11-asn1.la $(LIBTASN1_LIBS)
+endif
+
+p11_kit_p11_kit_testable_LDADD += \
 	libp11-common.la \
+	libp11-tool.la \
 	libp11-kit-testable.la \
 	$(NULL)
 
-p11_kit_p11_kit_testable_CFLAGS = \
+p11_kit_p11_kit_testable_CFLAGS += \
 	-DP11_KIT_TESTABLE \
 	$(COMMON_CFLAGS) \
 	$(NULL)
 
-if WITH_ASN1
-p11_kit_p11_kit_testable_CFLAGS += $(LIBTASN1_CFLAGS)
-p11_kit_p11_kit_testable_LDADD += libp11-asn1.la $(LIBTASN1_LIBS)
-endif
-
 private_PROGRAMS += p11-kit/p11-kit-remote
 
 p11_kit_p11_kit_remote_SOURCES = \
@@ -421,14 +425,16 @@ c_tests += \
 if !OS_WIN32
 c_tests += test-server
 sh_tests += \
-	p11-kit/test-profiles.sh \
 	p11-kit/test-objects.sh \
 	p11-kit/test-lists.sh \
 	p11-kit/test-server.sh \
 	$(NULL)
 
 if WITH_ASN1
-sh_tests += p11-kit/test-export-public.sh
+sh_tests += \
+	p11-kit/test-export-public.sh \
+	p11-kit/test-profiles.sh \
+	$(NULL)
 endif
 
 endif
@@ -538,7 +544,8 @@ check_LTLIBRARIES += \
 	mock-nine.la \
 	mock-ten.la \
 	mock-eleven.la \
-	mock-twelve.la
+	mock-twelve.la \
+	mock-thirteen.la
 
 mock_one_la_SOURCES = p11-kit/mock-module-ep.c
 mock_one_la_LIBADD = libp11-test.la libp11-common.la
@@ -607,6 +614,10 @@ mock_twelve_la_SOURCES = p11-kit/mock-module-ep10.c
 mock_twelve_la_LDFLAGS = $(mock_one_la_LDFLAGS)
 mock_twelve_la_LIBADD = $(mock_one_la_LIBADD)
 
+mock_thirteen_la_SOURCES = p11-kit/mock-module-ep11.c
+mock_thirteen_la_LDFLAGS = $(mock_one_la_LDFLAGS)
+mock_thirteen_la_LIBADD = libp11-asn1.la $(mock_one_la_LIBADD) $(LIBTASN1_LIBS)
+
 EXTRA_DIST += \
 	p11-kit/fixtures \
 	p11-kit/templates \

diff --git a/p11-kit/fixtures/package-modules/thirteen.module b/p11-kit/fixtures/package-modules/thirteen.module
@@ -0,0 +1,4 @@
+
+module: mock-thirteen.so
+managed: yes
+enable-in: p11-kit-testable
diff --git a/p11-kit/meson.build b/p11-kit/meson.build
@@ -382,10 +382,6 @@ if get_option('test')
   p11_kit_tests_env.set('P11_MODULE_PATH', meson.current_build_dir())
 
   if host_system != 'windows'
-    test('test-profiles.sh',
-         find_program('test-profiles.sh'),
-         env: p11_kit_tests_env)
-
     test('test-objects.sh',
          find_program('test-objects.sh'),
          env: p11_kit_tests_env)
@@ -407,6 +403,10 @@ if get_option('test')
     test('test-export-public.sh',
          find_program('test-export-public.sh'),
          env: p11_kit_tests_env)
+
+    test('test-profiles.sh',
+         find_program('test-profiles.sh'),
+         env: p11_kit_tests_env)
   endif
 
   mock_sources = {
@@ -423,7 +423,8 @@ if get_option('test')
                    'mock-nine': ['mock-module-ep7.c'],
                    'mock-ten': ['mock-module-ep8.c'],
                    'mock-eleven': ['mock-module-ep9.c'],
-                   'mock-twelve': ['mock-module-ep10.c']
+                   'mock-twelve': ['mock-module-ep10.c'],
+                   'mock-thirteen': ['mock-module-ep11.c']
                  }
 
   if host_system != 'windows'
@@ -437,7 +438,7 @@ if get_option('test')
                   name_suffix: module_suffix,
                   link_args: p11_module_ldflags,
                   link_depends: [p11_module_symbol_map],
-                  dependencies: [libp11_test_dep])
+                  dependencies: [libp11_test_dep] + libp11_asn1_deps)
   endforeach
 endif
 

diff --git a/p11-kit/mock-module-ep11.c b/p11-kit/mock-module-ep11.c
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 2023, Red Hat Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ *     * Redistributions of source code must retain the above
+ *       copyright notice, this list of conditions and the
+ *       following disclaimer.
+ *     * Redistributions in binary form must reproduce the
+ *       above copyright notice, this list of conditions and
+ *       the following disclaimer in the documentation and/or
+ *       other materials provided with the distribution.
+ *     * The names of contributors to this software may not be
+ *       used to endorse or promote products derived from this
+ *       software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
+ * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
+ * DAMAGE.
+ *
+ * Author: Zoltan Fridrich <[email protected]>
+ */
+
+#include "config.h"
+
+#define CRYPTOKI_EXPORTS 1
+#include "pkcs11.h"
+
+#include "attrs.h"
+#include "debug.h"
+#include "mock.h"
+
+#ifdef WITH_ASN1
+#include "persist.h"
+#endif
+
+#include <stdio.h>
+#include <string.h>
+
+static const CK_TOKEN_INFO MOCK_TOKEN_INFO = {
+	"PROFILE LABEL ONE               ",
+	"PROFILE MANUFACTURER            ",
+	"PROFILE MODEL   ",
+	"PROFILE SERIAL  ",
+	CKF_LOGIN_REQUIRED | CKF_USER_PIN_INITIALIZED | CKF_CLOCK_ON_TOKEN | CKF_TOKEN_INITIALIZED,
+	1,
+	2,
+	3,
+	4,
+	5,
+	6,
+	7,
+	8,
+	9,
+	10,
+	{ 75, 175 },
+	{ 85, 185 },
+	{ '1', '9', '9', '9', '0', '5', '2', '5', '0', '9', '1', '9', '5', '9', '0', '0' }
+};
+
+static CK_RV
+override_C_GetTokenInfo (CK_SLOT_ID slot_id,
+			 CK_TOKEN_INFO_PTR info)
+{
+	return_val_if_fail (info != NULL, CKR_ARGUMENTS_BAD);
+
+	switch (slot_id) {
+	case MOCK_SLOT_ONE_ID:
+		memcpy (info, &MOCK_TOKEN_INFO, sizeof (*info));
+		return CKR_OK;
+	case MOCK_SLOT_TWO_ID:
+		return CKR_TOKEN_NOT_PRESENT;
+	default:
+		return CKR_SLOT_ID_INVALID;
+	}
+}
+
+#ifdef WITH_ASN1
+static CK_RV
+override_C_Initialize (CK_VOID_PTR init_args)
+{
+	bool ok;
+	size_t i, size = 0;
+	void *data = NULL;
+	const char *filename = "test-profiles.p11-kit";
+	p11_mmap *map = NULL;
+	p11_persist *persist = NULL;
+	p11_array *objects = NULL;
+	CK_ATTRIBUTE *attrs = NULL;
+	CK_RV rv;
+
+	map = p11_mmap_open (filename, NULL, &data, &size);
+	if (map == NULL)
+		return mock_C_Initialize (init_args);
+
+	ok = p11_persist_magic (data, size);
+	return_val_if_fail (ok, CKR_GENERAL_ERROR);
+
+	persist = p11_persist_new ();
+	return_val_if_fail (persist != NULL, CKR_HOST_MEMORY);
+
+	objects = p11_array_new (NULL);
+	return_val_if_fail (objects != NULL, CKR_HOST_MEMORY);
+
+	ok = p11_persist_read (persist, filename, (const unsigned char *)data, size, objects);
+	return_val_if_fail (ok, CKR_GENERAL_ERROR);
+
+	rv = mock_C_Initialize (init_args);
+	for (i = 0; i < objects->num; ++i) {
+		attrs = p11_attrs_build (objects->elem[i], NULL);
+		mock_module_add_object (MOCK_SLOT_ONE_ID, attrs);
+		p11_attrs_free (attrs);
+	}
+
+	p11_array_free (objects);
+	p11_persist_free (persist);
+	p11_mmap_close (map);
+	return rv;
+}
+
+static CK_RV
+override_C_Finalize (CK_VOID_PTR reserved)
+{
+	bool ok;
+	FILE *f = NULL;
+	const char *filename = "test-profiles.out.p11-kit";
+	p11_buffer buf;
+	p11_persist *persist = NULL;
+	CK_SESSION_HANDLE session = 0;
+	CK_OBJECT_HANDLE object = 0;
+	CK_ULONG count = 0;
+	CK_OBJECT_CLASS klass = CKO_PROFILE;
+	CK_BBOOL token;
+	CK_PROFILE_ID profile;
+	CK_ATTRIBUTE template = { CKA_CLASS, &klass, sizeof (klass) };
+	CK_ATTRIBUTE attrs[] = {
+		{ CKA_CLASS, &klass, sizeof (klass) },
+		{ CKA_TOKEN, &token, sizeof (token) },
+		{ CKA_PROFILE_ID, &profile, sizeof (profile) },
+		{ CKA_INVALID, NULL, 0 }
+	};
+	CK_ULONG n_attrs = sizeof (attrs) / sizeof (attrs[0]);
+	CK_RV rv;
+
+	ok = p11_buffer_init (&buf, 0);
+	return_val_if_fail (ok, CKR_HOST_MEMORY);
+
+	persist = p11_persist_new ();
+	return_val_if_fail (persist != NULL, CKR_HOST_MEMORY);
+
+	rv = mock_C_OpenSession (MOCK_SLOT_ONE_ID, CKF_SERIAL_SESSION, NULL, NULL, &session);
+	return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+	rv = mock_C_FindObjectsInit (session, &template, 1);
+	return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+	while ((rv = mock_C_FindObjects (session, &object, 1, &count)) == CKR_OK && count > 0) {
+		rv = mock_C_GetAttributeValue (session, object, attrs, n_attrs - 1);
+		return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+		ok = p11_persist_write (persist, attrs, &buf);
+		return_val_if_fail (ok, CKR_GENERAL_ERROR);
+	}
+	return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+	f = fopen (filename, "wb");
+	return_val_if_fail (f != NULL, CKR_HOST_MEMORY);
+	fwrite (buf.data, 1, buf.len, f);
+	fclose (f);
+
+	rv = mock_C_FindObjectsFinal (session);
+	return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+	rv = mock_C_CloseSession (session);
+	return_val_if_fail (rv == CKR_OK, CKR_GENERAL_ERROR);
+
+	p11_persist_free (persist);
+	p11_buffer_uninit (&buf);
+	return mock_C_Finalize (reserved);
+}
+#endif /* WITH_ASN1 */
+
+#ifdef OS_WIN32
+__declspec(dllexport)
+#endif
+CK_RV
+C_GetFunctionList (CK_FUNCTION_LIST_PTR_PTR list)
+{
+	mock_module_init ();
+#ifdef WITH_ASN1
+	mock_module.C_Initialize = override_C_Initialize;
+	mock_module.C_Finalize = override_C_Finalize;
+#endif
+	mock_module.C_GetFunctionList = C_GetFunctionList;
+	mock_module.C_GetTokenInfo = override_C_GetTokenInfo;
+	if (list == NULL)
+		return CKR_ARGUMENTS_BAD;
+	*list = &mock_module;
+	return CKR_OK;
+}
diff --git a/p11-kit/mock-module-ep9.c b/p11-kit/mock-module-ep9.c
@@ -127,7 +127,6 @@ override_initialize (CK_VOID_PTR init_args)
 	CK_RV rv = mock_C_Initialize (init_args);
 	mock_module_add_object (MOCK_SLOT_ONE_ID, cert_attrs);
 	mock_module_add_object (MOCK_SLOT_ONE_ID, pubkey_attrs);
-	mock_module_add_profile (MOCK_SLOT_ONE_ID, CKP_PUBLIC_CERTIFICATES_TOKEN);
 	return rv;
 }