mirrors/pico-hsm
1
0
Fork 0
mirror of https://github.com/polhenarejos/pico-hsm.git synced 2026-01-17 09:28:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Added pkcs11 keygen test script.

Browse source 
Signed-off-by: Pol Henarejos <pol.henarejos@cttc.es>
This commit is contained in:
Pol Henarejos 2023-09-26 20:09:43 +02:00
parent d906df2809
commit 37421d9aad
No known key found for this signature in database
GPG key ID: C0095B7870A4CCD3
5 changed files with 61 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
tests/scripts/initialize.sh
View file

@ -1,44 +1,44 @@
#!/bin/bash
python3 tools/pico-hsm-tool.py --pin 648219 initialize --so-pin 57621880 --silent
./tests/scripts/reset.sh > /dev/null 2>&1
test $? -eq 0 || exit $?
# Change SO-PIN
pkcs11-tool --login --login-type so --so-pin 3537363231383830 --change-pin --new-pin 0123456789012345
test $? -eq 0 || exit $?
pkcs11-tool --login --login-type so --so-pin 3537363231383830 --change-pin --new-pin 0123456789012345 > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
pkcs11-tool --login --login-type so --so-pin 0123456789012345 --change-pin --new-pin 3537363231383830
test $? -eq 0 || exit $?
pkcs11-tool --login --login-type so --so-pin 0123456789012345 --change-pin --new-pin 3537363231383830 > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
# Change PIN
pkcs11-tool --login --pin 648219 --change-pin --new-pin 123456
test $? -eq 0 || exit $?
pkcs11-tool --login --pin 648219 --change-pin --new-pin 123456 > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
# Reset PIN
pkcs11-tool --login --login-type so --so-pin 3537363231383830 --init-pin --new-pin 648219
test $? -eq 0 || exit $?
pkcs11-tool --login --login-type so --so-pin 3537363231383830 --init-pin --new-pin 648219 > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
# Change PIN
pkcs11-tool --login --pin 648219 --change-pin --new-pin 123456
test $? -eq 0 || exit $?
pkcs11-tool --login --pin 648219 --change-pin --new-pin 123456 > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
pkcs11-tool --login --pin 123456 --change-pin --new-pin 648219
test $? -eq 0 || exit $?
pkcs11-tool --login --pin 123456 --change-pin --new-pin 648219 > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
# Wrong PIN (1st and 2nd PIN_INCORRECT, 3rd PIN_LOCKED)
e=$(pkcs11-tool --login --pin 123456 -I 2>&1)
test $? -eq 1 || exit $?
grep -q CKR_PIN_INCORRECT <<< $e || exit $?
test $? -eq 1 && echo -n "." || exit $?
grep -q CKR_PIN_INCORRECT <<< $e && echo -n "." || exit $?
e=$(pkcs11-tool --login --pin 123456 -I 2>&1)
test $? -eq 1 || exit $?
grep -q CKR_PIN_INCORRECT <<< $e || exit $?
test $? -eq 1 && echo -n "." || exit $?
grep -q CKR_PIN_INCORRECT <<< $e && echo -n "." || exit $?
e=$(pkcs11-tool --login --pin 123456 -I 2>&1)
test $? -eq 1 || exit $?
grep -q CKR_PIN_LOCKED <<< $e || exit $?
test $? -eq 1 && echo -n "." || exit $?
grep -q CKR_PIN_LOCKED <<< $e && echo -n "." || exit $?
# Reset PIN
pkcs11-tool --login --login-type so --so-pin 3537363231383830 --init-pin --new-pin 648219
test $? -eq 0 || exit $?
pkcs11-tool --login --login-type so --so-pin 3537363231383830 --init-pin --new-pin 648219 > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?
pkcs11-tool --login --pin 648219 -I
test $? -eq 0 || exit $?
pkcs11-tool --login --pin 648219 -I > /dev/null 2>&1
test $? -eq 0 && echo -n "." || exit $?

23
tests/scripts/keygen.sh Normal file
View file

@ -0,0 +1,23 @@
#!/bin/bash
./tests/scripts/reset.sh > /dev/null 2>&1
test $? -eq 0 || exit $?
gen_and_check() {
e=$(pkcs11-tool -l --pin 648219 --keypairgen --key-type $1 --id 1 --label "TestLabel" 2>&1)
test $? -eq 0 || exit $?
grep -q "$2" <<< $e || exit $?
pkcs11-tool -l --pin 648219 --delete-object --type privkey --id 1 > /dev/null 2>&1
}
gen_and_check "rsa:1024" "RSA 1024 bits" && echo -n "." || exit $?
gen_and_check "rsa:2048" "RSA 2048 bits" && echo -n "." || exit $?
gen_and_check "ec:secp192r1" "EC_POINT 192 bits" && echo -n "." || exit $?
gen_and_check "ec:secp256r1" "EC_POINT 256 bits" && echo -n "." || exit $?
gen_and_check "ec:secp384r1" "EC_POINT 384 bits" && echo -n "." || exit $?
gen_and_check "ec:secp521r1" "EC_POINT 528 bits" && echo -n "." || exit $?
gen_and_check "ec:brainpoolP256r1" "EC_POINT 256 bits" && echo -n "." || exit $?
gen_and_check "ec:brainpoolP384r1" "EC_POINT 384 bits" && echo -n "." || exit $?
gen_and_check "ec:brainpoolP512r1" "EC_POINT 512 bits" && echo -n "." || exit $?
gen_and_check "ec:secp192k1" "EC_POINT 192 bits" && echo -n "." || exit $?
gen_and_check "ec:secp256k1" "EC_POINT 256 bits" && echo -n "." || exit $?

9
tests/scripts/pkcs11.sh Normal file
View file

@ -0,0 +1,9 @@
#!/bin/bash
echo -n "Test initialization..."
#./tests/scripts/initialize.sh
test $? -eq 0 && echo -e '\tok' || (echo -e '\tfail' && exit 1)
echo -n "Test keygen..."
./tests/scripts/keygen.sh
test $? -eq 0 && echo -e '\tok' || (echo -e '\tfail' && exit 1)

4
tests/scripts/reset.sh Normal file
View file

@ -0,0 +1,4 @@
#!/bin/bash
python3 tools/pico-hsm-tool.py --pin 648219 initialize --so-pin 57621880 --silent
test $? -eq 0 || exit $?

5
tests/start-up-and-test.sh
View file

@ -12,6 +12,5 @@ pytest tests -W ignore::DeprecationWarning
chmod a+x tests/scripts/*.sh
echo -n "Test initialization... "
./tests/scripts/initialize.sh > /dev/null 2>&1
test $? -eq 0 && echo -e '\tok' || (echo -e '\tfail' && exit 1)
echo "======== PKCS11 Test suite ========"
./tests/scripts/pkcs11.sh