-
Notifications
You must be signed in to change notification settings - Fork 96
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
p11-kit generate-keypair: Support EdDSA key generation
Also add tests for the p11-kit generate-keypair command using SoftHSM2. Signed-off-by: Daiki Ueno <[email protected]>
- Loading branch information
Showing
5 changed files
with
95 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
|
||
module: libsofthsm2.so | ||
managed: yes | ||
enable-in: p11-kit-testable |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,75 @@ | ||
#!/bin/sh | ||
|
||
test "${abs_top_builddir+set}" = set || { | ||
echo "set abs_top_builddir" 1>&2 | ||
exit 1 | ||
} | ||
|
||
. "$abs_top_builddir/common/test-init.sh" | ||
|
||
setup() { | ||
testdir=$PWD/test-objects-$$ | ||
test -d "$testdir" || mkdir "$testdir" | ||
cd "$testdir" | ||
mkdir tokens | ||
cat > softhsm2.conf <<EOF | ||
directories.tokendir = $PWD/tokens/ | ||
EOF | ||
export SOFTHSM2_CONF=$PWD/softhsm2.conf | ||
|
||
: ${SOFTHSM2_UTIL=softhsm2-util} | ||
if ! "$SOFTHSM2_UTIL" --version >/dev/null; then | ||
skip "softhsm2-util not found" | ||
fi | ||
softhsm2-util --init-token --free --label test-genkey --so-pin 12345 --pin 12345 | ||
|
||
: ${PKG_CONFIG=pkg-config} | ||
if ! "$PKG_CONFIG" p11-kit-1 --exists; then | ||
skip "pkgconfig(p11-kit-1) not found" | ||
fi | ||
|
||
module_path=$("$PKG_CONFIG" p11-kit-1 --variable=p11_module_path) | ||
if ! test -e "$module_path/libsofthsm2.so"; then | ||
skip "unable to resolve libsofthsm2.so" | ||
fi | ||
|
||
ln -sf "$module_path"/libsofthsm2.so "$abs_top_builddir"/p11-kit | ||
} | ||
|
||
teardown() { | ||
unset SOFTHSM2_CONF | ||
rm -rf "$testdir" | ||
} | ||
|
||
test_generate_keypair_rsa() { | ||
if ! "$abs_top_builddir"/p11-kit/p11-kit-testable generate-keypair --label=rsa --type=rsa --bits=2048 "pkcs11:token=test-genkey?pin-value=12345"; then | ||
assert_fail "unable to run: p11-kit generate-keypair" | ||
fi | ||
} | ||
|
||
test_generate_keypair_ecdsa() { | ||
for curve in secp256r1 secp384r1 secp521r1; do | ||
if ! "$abs_top_builddir"/p11-kit/p11-kit-testable generate-keypair --label="ecdsa-$curve" --type=ecdsa --curve="$curve" "pkcs11:token=test-genkey?pin-value=12345"; then | ||
assert_fail "unable to run: p11-kit generate-keypair" | ||
fi | ||
done | ||
|
||
if "$abs_top_builddir"/p11-kit/p11-kit-testable generate-keypair --label="ecdsa-unknown" --type=ecdsa --curve=unknown "pkcs11:token=test-genkey?pin-value=12345"; then | ||
assert_fail "p11-kit generate-keypair succeeded for unknown ecdsa curve" | ||
fi | ||
} | ||
|
||
test_generate_keypair_eddsa() { | ||
for curve in ed25519 ed25519; do | ||
if ! "$abs_top_builddir"/p11-kit/p11-kit-testable generate-keypair --label="eddsa-$curve" --type=eddsa --curve="$curve" "pkcs11:token=test-genkey?pin-value=12345"; then | ||
assert_fail "unable to run: p11-kit generate-keypair" | ||
fi | ||
done | ||
|
||
if "$abs_top_builddir"/p11-kit/p11-kit-testable generate-keypair --label="eddsa-unknown" --type=eddsa --curve=unknown "pkcs11:token=test-genkey?pin-value=12345"; then | ||
assert_fail "p11-kit generate-keypair succeeded for unknown eddsa curve" | ||
fi | ||
} | ||
|
||
run test_generate_keypair_rsa test_generate_keypair_ecdsa \ | ||
test_generate_keypair_ecdsa |