diff options
author | Jakub Jelen <jjelen@redhat.com> | 2020-10-07 14:29:17 +0200 |
---|---|---|
committer | Jakub Jelen <jjelen@redhat.com> | 2021-01-04 17:33:22 +0100 |
commit | 15e621d8d520fe508efdbdd054d2363082137647 (patch) | |
tree | f5fee52cf0b3df4aab84469463db168ef27c99b7 | |
parent | b2aa029c86ca155b19e6b799306335d6b8329d70 (diff) |
test: Run hwtests with token not supporting raw RSA signatures
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Acked-by: Frediano Ziglio <fziglio@redhat.com>
-rw-r--r-- | tests/meson.build | 10 | ||||
-rwxr-xr-x | tests/setup-softhsm2.sh | 9 |
2 files changed, 19 insertions, 0 deletions
diff --git a/tests/meson.build b/tests/meson.build index 87945a2..1b9a3eb 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -2,6 +2,8 @@ env = environment() env.set('G_TEST_SRCDIR', meson.current_source_dir()) env.set('G_TEST_BUILDDIR', meson.build_root()) env.set('SOFTHSM2_CONF', meson.build_root() / 'softhsm2.conf') +env2 = env +env2.set('SOFTHSM2_CONF', meson.build_root() / 'softhsm2-no-raw.conf') pkcs11_tool_dep = find_program('pkcs11-tool', required: false) p11tool_dep = find_program('p11tool', required: false) @@ -70,3 +72,11 @@ test( depends: [softhsm], env: env, ) + +# again with different softhsm configuration not allowing raw RSA signatures */ +test( + 'hwtests_no_raw', + hwtests_test, + depends: [softhsm], + env: env2, +) diff --git a/tests/setup-softhsm2.sh b/tests/setup-softhsm2.sh index 5341cd3..94b133c 100755 --- a/tests/setup-softhsm2.sh +++ b/tests/setup-softhsm2.sh @@ -3,6 +3,7 @@ SRCDIR=`dirname "$0"` NSSDB=hwdb CONF=softhsm2.conf +CONF2=softhsm2-no-raw.conf SOPIN="12345678" PIN="77777777" export GNUTLS_PIN=$PIN @@ -86,6 +87,14 @@ export SOFTHSM2_CONF="$CONF" if [ ! -f "$CONF" ]; then echo "directories.tokendir = `pwd`/tokens/" > $CONF echo "slots.removable = true" >> $CONF + # One possible configuration is working with a token + # that does not support raw signature, which we need + # to emulate using PKCS#1.5 + cat $CONF > $CONF2 + echo "slots.mechanisms = CKM_RSA_PKCS" >> $CONF2 + # we should be able to use just -CKM_RSA_X_509 but + # it is broken because of a bug + # https://github.com/opendnssec/SoftHSMv2/pull/561 fi # SoftHSM configuration directory |