This patch enables the make installcheck target to do an automated test run against opencryptoki. In order to make installcheck you must be root, and make will fail if the token is already initialized. To allow a test run to succeed for a $TOKEN, you need to first run rm -rf @localstatedir@/opencryptoki/$TOKEN/*. Requiring this ensures that a user cannot blow away an in-use token accidentally. make installcheck will kill a running pkcsslotd.
This patch modifies - testcases/Makefile.am o add the installcheck target o pre-process init_token.sh.in - testcases/init_token.sh -> testcases/init_token.sh.in - testcases/init_token.sh.in o have the build fill-in the full path to pkcsconf o return an error code to the command line if pkcsconf fails - testcases/ock_tests.sh.in: o put a list of tests to run at the top o process spaces in the output of $PKCONF parsing o call init_token.sh for each slot we test and fail if it fails Thanks, Kent Signed-off-by: Kent Yoder <[email protected]> diff --git a/testcases/Makefile.am b/testcases/Makefile.am index 0a0c878..2eea334 100644 --- a/testcases/Makefile.am +++ b/testcases/Makefile.am @@ -1,8 +1,10 @@ -noinst_SCRIPTS = ock_tests.sh +SUBDIRS=common driver init_tok mkobj oc-digest rsa_keygen rsa_test speed test_crypto threadmkobj tok_obj v2.11 login + +noinst_SCRIPTS = ock_tests.sh init_token.sh -EXTRA_DIST = ock_tests.sh.in +EXTRA_DIST = ock_tests.sh.in init_token.sh.in -CLEANFILES = ock_tests.sh +CLEANFILES = ock_tests.sh init_token.sh ock_tests.sh: ock_tests.sh.in @SED@ -e s...@localstatedir\@!"@localstatedir@"!g \ @@ -11,4 +13,18 @@ ock_tests.sh: ock_tests.sh.in @CHMOD@ a+x $...@-t mv $...@-t $@ -SUBDIRS=common driver init_tok mkobj oc-digest rsa_keygen rsa_test speed test_crypto threadmkobj tok_obj v2.11 login +init_token.sh: init_token.sh.in + @SED@ -e s...@localstatedir\@!"@localstatedir@"!g \ + -e s...@sbindir\@!"@sbindir@"!g \ + -e s...@libdir\@!"@libdir@"!g < $< > $...@-t + @CHMOD@ a+x $...@-t + mv $...@-t $@ + + +installcheck-local: all + killall -HUP pkcsslotd || true + @sbindir@/pkcs11_startup + @sbindir@/pkcsslotd + pkcsl...@libdir@/opencryptoki/libopencryptoki.so PKCS11_SO_PIN=76543210 PKCS11_USER_PIN=01234567 sh ./ock_tests.sh + killall -HUP pkcsslotd + diff --git a/testcases/init_token.sh b/testcases/init_token.sh deleted file mode 100755 index 25ee244..0000000 --- a/testcases/init_token.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/usr/bin/expect -f - -set timeout 5 - -spawn pkcsconf -c [lindex $argv 0] -I -expect "Enter the SO PIN: " -sleep .1 -send "87654321\r" -sleep .1 -expect "label: " -sleep .1 -send "ibmtest\r" -sleep .1 -expect eof - -spawn pkcsconf -c [lindex $argv 0] -P -expect "Enter the SO PIN: " -sleep .1 -send "87654321\r" -sleep .1 -expect "Enter the new SO PIN: " -sleep .1 -send "76543210\r" -sleep .1 -expect "Re-enter the new SO PIN: " -sleep .1 -send "76543210\r" -sleep .1 -expect eof - -spawn pkcsconf -c [lindex $argv 0] -u -expect "Enter the SO PIN: " -sleep .1 -send "76543210\r" -sleep .1 -expect "Enter the new user PIN: " -sleep .1 -send "12345678\r" -sleep .1 -expect "Re-enter the new user PIN: " -sleep .1 -send "12345678\r" -sleep .1 -expect eof - -spawn pkcsconf -c [lindex $argv 0] -p -expect "Enter user PIN: " -sleep .1 -send "12345678\r" -sleep .1 -expect "Enter the new user PIN: " -sleep .1 -send "01234567\r" -sleep .1 -expect "Re-enter the new user PIN: " -sleep .1 -send "01234567\r" -sleep .1 -expect eof diff --git a/testcases/init_token.sh.in b/testcases/init_token.sh.in new file mode 100755 index 0000000..9fe849a --- /dev/null +++ b/testcases/init_token.sh.in @@ -0,0 +1,64 @@ +#!/usr/bin/expect -f + +set timeout 5 + +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -I +expect "Enter the SO PIN: " +sleep .1 +send "87654321\r" +sleep .1 +expect "label: " +sleep .1 +send "ibmtest\r" +sleep .1 +expect eof {} \ +"Incorrect PIN Entered." {exit 1} + +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -P +expect "Enter the SO PIN: " +sleep .1 +send "87654321\r" +sleep .1 +expect "Enter the new SO PIN: " +sleep .1 +send "76543210\r" +sleep .1 +expect "Re-enter the new SO PIN: " +sleep .1 +send "76543210\r" +sleep .1 +expect eof {} \ +"Incorrect PIN Entered." {exit 1} + +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -u +expect "Enter the SO PIN: " +sleep .1 +send "76543210\r" +sleep .1 +expect "Enter the new user PIN: " +sleep .1 +send "12345678\r" +sleep .1 +expect "Re-enter the new user PIN: " +sleep .1 +send "12345678\r" +sleep .1 +expect eof {} \ +"Incorrect PIN Entered." {exit 1} + +spawn @sbindir@/pkcsconf -c [lindex $argv 0] -p +expect "Enter user PIN: " +sleep .1 +send "12345678\r" +sleep .1 +expect "Enter the new user PIN: " +sleep .1 +send "01234567\r" +sleep .1 +expect "Re-enter the new user PIN: " +sleep .1 +send "01234567\r" +sleep .1 +expect eof {} \ +"Incorrect PIN Entered." {exit 1} + diff --git a/testcases/ock_tests.sh.in b/testcases/ock_tests.sh.in index ca474b6..7052d35 100755 --- a/testcases/ock_tests.sh.in +++ b/testcases/ock_tests.sh.in @@ -44,10 +44,22 @@ TCSD="/usr/sbin/tcsd" PKCONF="@localstatedir@/lib/opencryptoki/pk_config_data" PKCSCONFBIN="@sbindir@/pkcsconf" TESTCONF="$PWD/ock-tests.config" -OCKDIR="lib/opencryptoki" +OCKDIR="@localstatedir@/lib/opencryptoki" STDLLDIR="@libdir@/pkcs11/stdll" CONFSTART="@sbindir@/pkcs11_startup" +# +# This is the list of the tests we'll be running once everything is initialized +# +# The order of these tests matters. v2.11/login leaves the token with its USER +# PIN locked, leaving the token unusable until someone manually deletes +# $OCKDIR/$TOKEN/*. Manually deleting this dir is pre-req for starting the +# automated tests anyway, so this is OK. +# +# v2.11/login MUST come last if it appears in this list +# +OCK_TESTS="driver/*tests" + usage() { cat <<-END >&2 @@ -101,6 +113,8 @@ check_slots() exit -1 fi + OLDIFS=$IFS + IFS=$(echo -en "\n\b") #Are all the tokens listed in pk_config_data loaded? for i in $( cat $PKCONF | awk -F \| '{print $3}' ) do @@ -116,6 +130,7 @@ check_slots() echo fi done + IFS=$OLDIFS } check_files() @@ -180,8 +195,11 @@ run_tests() do if [ -z "$SLOT" ] || [ "$SLOT" = "$i" ] then - for j in $( ls driver/*tests ) - do + ./init_token.sh $i + RC=$? + if test $RC -ne 0;then exit $RC;fi + for j in $( ls $OCK_TESTS ) + do echo "=====Now executing '$j'======" $j -slot $i $NO_STOP 2>&1 done ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
