diff --git a/.appveyor.yml b/.appveyor.yml index dd8c99e61..1541d85bb 100644 --- a/.appveyor.yml +++ b/.appveyor.yml @@ -2,6 +2,7 @@ version: 2.6.0-{build} configuration: Release platform: - x86 +- x64 init: - ps: >- If ($env:Platform -Match "x86") { @@ -58,29 +59,24 @@ install: # Update vcpkg - cd c:\tools\vcpkg - cmd: git fetch -- cmd: git checkout 2021.05.12 - cmd: bootstrap-vcpkg.bat +- cmd: vcpkg update +- cmd: vcpkg upgrade --no-dry-run - cmd: vcpkg install sqlite3:x86-windows -- cmd: vcpkg install openssl-windows:x86-windows +- cmd: vcpkg install openssl-windows:x84-windows +- cmd: vcpkg install openssl-windows:x64-windows - cmd: vcpkg install botan:x86-windows - cmd: vcpkg install cppunit:x86-windows -# static link is forbidden with components under GNU license -# switch to a source code under a more permissive NETBSD license -#- cmd: vcpkg install getopt-win32:x86-windows-static -- cmd: vcpkg update -- cmd: vcpkg upgrade --no-dry-run +- cmd: vcpkg integrate install build_script: -- cmd: if exist "C:\projects\softhsmv2\build" rd /s /q C:\projects\softhsmv2\build +- cmd: if exist "C:\projects\softhsmv2\build" rmdir /s /q C:\projects\softhsmv2\build - cmd: mkdir C:\projects\softhsmv2\build -- cmd: cd C:\projects\softhsmv2\build -- cmd: vcpkg integrate install -- cmd: cmake .. -DCMAKE_TOOLCHAIN_FILE=C:/Tools/vcpkg/scripts/buildsystems/vcpkg.cmake -DWITH_OBJECTSTORE_BACKEND_DB=%DB_BACKEND% -DWITH_CRYPTO_BACKEND=%CRYPTO_BACKEND% -DBUILD_TESTS=ON -DDISABLE_NON_PAGED_MEMORY=ON -DENABLE_GOST=OFF -- cmd: cmake --build . --config RelWithDebInfo -- cmd: ctest -C RelWithDebInfo --progress --verbose -- cmd: cmake -DCMAKE_INSTALL_PREFIX=build/SoftHSMv2-$(Platform) -DCMAKE_INSTALL_CONFIG_NAME=RelWithDebInfo -P cmake_install.cmake -#on_finish: -# - ps: $blockRdp = $true; iex ((new-object net.webclient).DownloadString('https://raw.githubusercontent.com/appveyor/ci/master/scripts/enable-rdp.ps1')) -#test: off +- cmd: cmake -Bbuild -DCMAKE_TOOLCHAIN_FILE=C:\Tools\vcpkg\scripts\buildsystems\vcpkg.cmake -DWITH_OBJECTSTORE_BACKEND_DB=%DB_BACKEND% -DWITH_CRYPTO_BACKEND=%CRYPTO_BACKEND% -DBUILD_TESTS=ON -DDISABLE_NON_PAGED_MEMORY=ON -DENABLE_GOST=OFF +- cmd: cmake -Bbuild --build . --config RelWithDebInfo +- cmd: ctest -Bbuild -C RelWithDebInfo --progress --verbose +- cmd: cmake -Bbuild -DCMAKE_INSTALL_PREFIX=build/SoftHSMv2-$(Platform) -DCMAKE_INSTALL_CONFIG_NAME=RelWithDebInfo -P cmake_install.cmake +- cmd: IF "%ENV_PLATFORM%"=="x86" ( CD win32\Release ) ELSE ( CD win32\x64\Release) +test: on artifacts: - path: build/SoftHSMv2-$(Platform) name: SoftHSMv2-$(PACKAGE_VERSION_NAME)-$(Platform) diff --git a/.travis.yml b/.travis.yml index c8de5b13e..cad669876 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,7 @@ before_install: - sudo apt-get install build-essential autoconf automake libtool libcppunit-dev libsqlite3-dev sqlite3 libbotan-2-dev libssl-dev p11-kit script: sh testing/travis/travis.sh env: + - CPP_LIBRARY_ASSERTIONS=yes CRYPTO=openssl OBJSTORE=file - CRYPTO=openssl OBJSTORE=file - CRYPTO=openssl OBJSTORE=sqlite - CRYPTO=botan OBJSTORE=file diff --git a/CMakeLists.txt b/CMakeLists.txt index b3ae297a0..ca2ab3b59 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -6,8 +6,8 @@ option(BUILD_TESTS "Compile tests along with libraries" OFF) option(DISABLE_NON_PAGED_MEMORY "Disable non-paged memory for secure storage" OFF) option(DISABLE_VISIBILITY "Disables and unsets -fvisibility=hidden" OFF) option(ENABLE_64bit "Enable 64-bit compiling" OFF) -option(ENABLE_ECC "Enable support for ECC" OFF) -option(ENABLE_EDDSA "Enable support for EDDSA" OFF) +option(ENABLE_ECC "Enable support for ECC" ON) +option(ENABLE_EDDSA "Enable support for EDDSA" ON) option(ENABLE_GOST "Enable support for GOST" OFF) option(ENABLE_FIPS "Enable support for FIPS 140-2 mode" OFF) option(ENABLE_P11_KIT "Enable p11-kit integration" ON) @@ -58,7 +58,7 @@ set(DEFAULT_TOKENDIR "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/lib/softhsm/tokens/" CACHE STRING "The default location of the token directory") set(DEFAULT_UMASK "0077" CACHE STRING "The default file mode creation mask") - + set(MAX_PIN_LEN 255 CACHE STRING "Maximum PIN length") set(MIN_PIN_LEN 4 CACHE STRING "Minimum PIN length") @@ -134,11 +134,6 @@ if(ENABLE_P11_KIT) ) endif(ENABLE_P11_KIT) -#get_cmake_property(_variableNames VARIABLES) -#foreach (_variableName ${_variableNames}) -# message(STATUS "${_variableName}=${${_variableName}}") -#endforeach() - # Packaging set(CPACK_PACKAGE_NAME ${PACKAGE_NAME}) set(CPACK_PACKAGE_VENDOR "OpenDNSSEC") diff --git a/config.h.in.cmake b/config.h.in.cmake index 0d310d2ce..4f7f2a6c5 100644 --- a/config.h.in.cmake +++ b/config.h.in.cmake @@ -242,4 +242,4 @@ int setenv(const char *name, const char *value, int overwrite); // #pragma warning(disable: 4996) -#endif \ No newline at end of file +#endif diff --git a/modules/CompilerOptions.cmake b/modules/CompilerOptions.cmake index 094de1402..658b58433 100644 --- a/modules/CompilerOptions.cmake +++ b/modules/CompilerOptions.cmake @@ -443,13 +443,8 @@ if(WITH_SQLITE3) message(STATUS "SQLite3: Includes: ${SQLITE3_INCLUDES}") message(STATUS "SQLite3: Libs: ${SQLITE3_LIBS}") - set(HAVE_SQLITE3_H 1) - #check_include_files(sqlite3.h HAVE_SQLITE3_H) - #check_library_exists(sqlite3 sqlite3_prepare_v2 "" HAVE_LIBSQLITE3) - #find_program(SQLITE3_COMMAND NAMES sqlite3) - #if(SQLITE3_COMMAND MATCHES "-NOTFOUND") - # message(FATAL_ERROR "SQLite3: Command was not found") - #endif(SQLITE3_COMMAND MATCHES "-NOTFOUND") + check_include_files(sqlite3.h HAVE_SQLITE3_H) + check_library_exists(sqlite3 sqlite3_prepare_v2 "" HAVE_LIBSQLITE3) else(WITH_SQLITE3) message(STATUS "Not including SQLite3 in build") endif(WITH_SQLITE3) @@ -486,17 +481,18 @@ else(ENABLE_P11_KIT) endif(ENABLE_P11_KIT) if(BUILD_TESTS) + # Find CppUnit (equivalent of acx_cppunit.m4) set(CppUnit_FIND_QUIETLY OFF) - - # Find CppUnit (equivalent of acx_cppunit.m4) include(FindCppUnit) - - if(NOT CppUnit_FOUND) - message(FATAL_ERROR "Failed to find CppUnit, try to set the path to CppUnit root folder in the system variable CPPUNIT_INCLUDE_DIR and library path in CPPUNIT_LIBRARY!") - else() - message(STATUS "CppUnit tests enabled.") - endif(NOT CppUnit_FOUND) - + if(NOT CPPUNIT_FOUND) + message(FATAL_ERROR "Failed to find CppUnit!") + endif(NOT CPPUNIT_FOUND) + + set(CPPUNIT_INCLUDES ${CPPUNIT_INCLUDE_DIR}) + set(CPPUNIT_LIBS ${CPPUNIT_LIBRARY}) + set(CPPUNIT_LIBRARIES ${CPPUNIT_LIBRARIES}) + message(STATUS "CppUnit: Includes: ${CPPUNIT_INCLUDES}") + message(STATUS "CppUnit: Libs: ${CPPUNIT_LIBS}") else(BUILD_TESTS) message(STATUS "Not building tests") endif(BUILD_TESTS) diff --git a/modules/FindCppUnit.cmake b/modules/FindCppUnit.cmake index c6f365aba..a0956c11b 100644 --- a/modules/FindCppUnit.cmake +++ b/modules/FindCppUnit.cmake @@ -1,38 +1,76 @@ +# - try to find cppunit library # -# http://root.cern.ch/viewvc/trunk/cint/reflex/cmake/modules/FindCppUnit.cmake +# Cache Variables: (probably not for direct use in your scripts) +# CPPUNIT_INCLUDE_DIR +# CPPUNIT_LIBRARY # -# - Find CppUnit -# This module finds an installed CppUnit package. +# Non-cache variables you might use in your CMakeLists.txt: +# CPPUNIT_FOUND +# CPPUNIT_INCLUDE_DIRS +# CPPUNIT_LIBRARIES # -# It sets the following variables: -# CPPUNIT_FOUND - Set to false, or undefined, if CppUnit isn't found. -# CPPUNIT_INCLUDE_DIR - The CppUnit include directory. -# CPPUNIT_LIBRARY - The CppUnit library to link against. +# Requires these CMake modules: +# SelectLibraryConfigurations (included with CMake >= 2.8.0) +# FindPackageHandleStandardArgs (known included with CMake >=2.6.2) +# +# Original Author: +# 2009-2011 Ryan Pavlik +# http://academic.cleardefinition.com +# Iowa State University HCI Graduate Program/VRAC +# +# Copyright 2009-2011, Iowa State University +# Distributed under the Boost Software License, Version 1.0. +# (See accompanying file LICENSE_1_0.txt or copy at +# http://www.boost.org/LICENSE_1_0.txt) +# SPDX-License-Identifier: BSL-1.0 -find_package(CppUnit CONFIG) +set(CPPUNIT_ROOT_DIR + "${CPPUNIT_ROOT_DIR}" + CACHE + PATH + "Directory to search") -if(NOT CPPUNIT_FOUND) - pkg_check_modules(cppunit CPPUNIT_FOUND) -endif() +find_library(CPPUNIT_LIBRARY_RELEASE + NAMES + cppunit + HINTS + "${CPPUNIT_ROOT_DIR}") + +find_library(CPPUNIT_LIBRARY_DEBUG + NAMES + cppunitd + HINTS + "${CPPUNIT_ROOT_DIR}") + +include(SelectLibraryConfigurations) +select_library_configurations(CPPUNIT) -if(NOT CPPUNIT_FOUND) - FIND_PATH(CPPUNIT_INCLUDE_DIR cppunit/Test.h) - FIND_LIBRARY(CPPUNIT_LIBRARY NAMES cppunit) - - IF (CPPUNIT_INCLUDE_DIR AND CPPUNIT_LIBRARY) - SET(CPPUNIT_FOUND TRUE) - ENDIF (CPPUNIT_INCLUDE_DIR AND CPPUNIT_LIBRARY) - - IF (CPPUNIT_FOUND) - # show which CppUnit was found only if not quiet - IF (NOT CppUnit_FIND_QUIETLY) - MESSAGE(STATUS "Found CppUnit: ${CPPUNIT_LIBRARY}") - ENDIF (NOT CppUnit_FIND_QUIETLY) - ELSE (CPPUNIT_FOUND) - # fatal error if CppUnit is required but not found - IF (CppUnit_FIND_REQUIRED) - MESSAGE(FATAL_ERROR "Could not find CppUnit") - ENDIF (CppUnit_FIND_REQUIRED) - ENDIF (CPPUNIT_FOUND) +# Might want to look close to the library first for the includes. +get_filename_component(_libdir "${CPPUNIT_LIBRARY_RELEASE}" PATH) +find_path(CPPUNIT_INCLUDE_DIR + NAMES + cppunit/TestCase.h + HINTS + "${_libdir}/.." + PATHS + "${CPPUNIT_ROOT_DIR}" + PATH_SUFFIXES + include/) + + +include(FindPackageHandleStandardArgs) +find_package_handle_standard_args(cppunit + DEFAULT_MSG + CPPUNIT_LIBRARY + CPPUNIT_INCLUDE_DIR) + +if(CPPUNIT_FOUND) + set(CPPUNIT_LIBRARIES ${CPPUNIT_LIBRARY} ${CMAKE_DL_LIBS}) + set(CPPUNIT_INCLUDE_DIRS "${CPPUNIT_INCLUDE_DIR}") + mark_as_advanced(CPPUNIT_ROOT_DIR) endif() + +mark_as_advanced(CPPUNIT_INCLUDE_DIR + CPPUNIT_LIBRARY_RELEASE + CPPUNIT_LIBRARY_DEBUG) diff --git a/src/bin/dump/CMakeLists.txt b/src/bin/dump/CMakeLists.txt index e69640bfc..2fbc124bd 100644 --- a/src/bin/dump/CMakeLists.txt +++ b/src/bin/dump/CMakeLists.txt @@ -16,7 +16,7 @@ target_compile_options(${PROJECT_NAME}-file PRIVATE ${COMPILE_OPTIONS}) if(WITH_OBJECTSTORE_BACKEND_DB) add_executable(${PROJECT_NAME}-db softhsm2-dump-db.cpp) - target_compile_options(${PROJECT_NAME}-db PRIVATE ${COMPILE_OPTIONS}) + target_compile_options(${PROJECT_NAME}-db PRIVATE ${COMPILE_OPTIONS}) target_link_libraries(${PROJECT_NAME}-db ${SQLITE3_LIBS} ${YIELD_LIB}) list(APPEND INSTALL_TARGETS ${PROJECT_NAME}-db) list(APPEND INSTALL_MAN_FILES ${PROJECT_NAME}-db.1) diff --git a/src/bin/keyconv/CMakeLists.txt b/src/bin/keyconv/CMakeLists.txt index dd6e4adec..5895f2eef 100644 --- a/src/bin/keyconv/CMakeLists.txt +++ b/src/bin/keyconv/CMakeLists.txt @@ -19,9 +19,9 @@ if(WITH_BOTAN) endif(WITH_BOTAN) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../win32) - list(APPEND SOURCES ${PROJECT_SOURCE_DIR}/../win32/getopt.cpp) - list(APPEND CRYPTO_LIBS "Ws2_32.lib;Crypt32.lib") + list(APPEND INCLUDE_DIRS ${CMAKE_CURRENT_SOURCE_DIR}/../win32) + list(APPEND SOURCES ${PROJECT_SOURCE_DIR}/../win32/getopt.cpp) + list(APPEND CRYPTO_LIBS "Ws2_32.lib;Crypt32.lib") endif() include_directories(${INCLUDE_DIRS}) diff --git a/src/bin/migrate/CMakeLists.txt b/src/bin/migrate/CMakeLists.txt index 72d3d5239..2f53bc3e1 100644 --- a/src/bin/migrate/CMakeLists.txt +++ b/src/bin/migrate/CMakeLists.txt @@ -12,16 +12,15 @@ if(BUILD_MIGRATE) ${PROJECT_SOURCE_DIR}/../common/library.cpp ) - if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../../lib/win32 - ${CMAKE_CURRENT_SOURCE_DIR}/../win32) - list(APPEND SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../win32/getopt.cpp) - endif() + if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") + list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../../lib/win32 ${CMAKE_CURRENT_SOURCE_DIR}/../win32) + list(APPEND SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../win32/getopt.cpp) + endif() include_directories(${INCLUDE_DIRS}) add_executable(${PROJECT_NAME} ${SOURCES}) target_link_libraries(${PROJECT_NAME} ${SQLITE3_LIBS} ${YIELD_LIB} ${CMAKE_DL_LIBS}) - target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) + target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) install(TARGETS ${PROJECT_NAME} DESTINATION ${CMAKE_INSTALL_BINDIR} diff --git a/src/bin/util/CMakeLists.txt b/src/bin/util/CMakeLists.txt index df300c4e2..bdde0caa5 100644 --- a/src/bin/util/CMakeLists.txt +++ b/src/bin/util/CMakeLists.txt @@ -27,9 +27,8 @@ if(WITH_BOTAN) endif(WITH_BOTAN) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../../lib/win32 - ${CMAKE_CURRENT_SOURCE_DIR}/../win32) - list(APPEND SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../win32/getopt.cpp) + list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../../lib/win32 ${CMAKE_CURRENT_SOURCE_DIR}/../win32) + list(APPEND SOURCES ${CMAKE_CURRENT_SOURCE_DIR}/../win32/getopt.cpp) endif() include_directories(${INCLUDE_DIRS}) diff --git a/src/lib/SoftHSM.cpp b/src/lib/SoftHSM.cpp index 7e168a00e..bd5b0253c 100644 --- a/src/lib/SoftHSM.cpp +++ b/src/lib/SoftHSM.cpp @@ -1,4 +1,5 @@ /* + * Copyright (c) 2022 NLnet Labs * Copyright (c) 2010 SURFnet bv * Copyright (c) 2010 .SE (The Internet Infrastructure Foundation) * All rights reserved. @@ -861,7 +862,6 @@ void SoftHSM::prepareSupportedMecahnisms(std::mapflags = CKF_WRAP | CKF_UNWRAP; - // falls through + /* FALLTHROUGH */ #ifndef WITH_FIPS case CKM_DES_ECB: + /* FALLTHROUGH */ case CKM_DES_CBC: + /* FALLTHROUGH */ #endif case CKM_DES3_CBC: pInfo->flags |= CKF_WRAP; - // falls through + /* FALLTHROUGH */ case CKM_DES3_ECB: // Key size is not in use pInfo->ulMinKeySize = 0; @@ -1154,10 +1157,9 @@ CK_RV SoftHSM::C_GetMechanismInfo(CK_SLOT_ID slotID, CK_MECHANISM_TYPE type, CK_ break; case CKM_AES_CBC_PAD: pInfo->flags = CKF_UNWRAP | CKF_WRAP; - // falls through + /* FALLTHROUGH */ case CKM_AES_CBC: pInfo->flags |= CKF_WRAP; - // falls through case CKM_AES_ECB: case CKM_AES_CTR: case CKM_AES_GCM: @@ -2347,7 +2349,8 @@ CK_RV SoftHSM::SymEncryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech iv.resize(CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulIvLen); memcpy(&iv[0], CK_GCM_PARAMS_PTR(pMechanism->pParameter)->pIv, CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulIvLen); aad.resize(CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen); - memcpy(&aad[0], CK_GCM_PARAMS_PTR(pMechanism->pParameter)->pAAD, CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen); + if (CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen > 0) + memcpy(&aad[0], CK_GCM_PARAMS_PTR(pMechanism->pParameter)->pAAD, CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen); tagBytes = CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulTagBits; if (tagBytes > 128 || tagBytes % 8 != 0) { @@ -3067,7 +3070,8 @@ CK_RV SoftHSM::SymDecryptInit(CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMech iv.resize(CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulIvLen); memcpy(&iv[0], CK_GCM_PARAMS_PTR(pMechanism->pParameter)->pIv, CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulIvLen); aad.resize(CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen); - memcpy(&aad[0], CK_GCM_PARAMS_PTR(pMechanism->pParameter)->pAAD, CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen); + if (CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen > 0) + memcpy(&aad[0], CK_GCM_PARAMS_PTR(pMechanism->pParameter)->pAAD, CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulAADLen); tagBytes = CK_GCM_PARAMS_PTR(pMechanism->pParameter)->ulTagBits; if (tagBytes > 128 || tagBytes % 8 != 0) { @@ -7121,8 +7125,10 @@ CK_RV SoftHSM::C_UnwrapKey { OSObject* osobject = (OSObject*)handleManager->getObject(*hKey); if (osobject == NULL_PTR || !osobject->isValid()) + { rv = CKR_FUNCTION_FAILED; - if (osobject->startTransaction()) + } + else if (osobject->startTransaction()) { bool bOK = true; @@ -7780,9 +7786,12 @@ CK_RV SoftHSM::generateAES if (rv == CKR_OK) { OSObject* osobject = (OSObject*)handleManager->getObject(*phKey); - if (osobject == NULL_PTR || !osobject->isValid()) { + if (osobject == NULL_PTR || !osobject->isValid()) + { rv = CKR_FUNCTION_FAILED; - } else if (osobject->startTransaction()) { + } + else if (osobject->startTransaction()) + { bool bOK = true; // Common Attributes diff --git a/src/lib/crypto/BotanSymmetricAlgorithm.cpp b/src/lib/crypto/BotanSymmetricAlgorithm.cpp index 51ee162d6..15b2b0624 100644 --- a/src/lib/crypto/BotanSymmetricAlgorithm.cpp +++ b/src/lib/crypto/BotanSymmetricAlgorithm.cpp @@ -169,27 +169,6 @@ bool BotanSymmetricAlgorithm::encryptInit(const SymmetricKey* key, const SymMode try { Botan::SymmetricKey botanKey = Botan::SymmetricKey(key->getKeyBits().const_byte_str(), key->getKeyBits().size()); -/* - if (mode == SymMode::ECB) - { - // ECB cipher mode was dropped in Botan 2.0 - const std::vector algo_parts = split_on_delim(cipherName, '/'); - const std::string cipher_name = algo_parts[0]; - bool with_pkcs7_padding; - if (algo_parts.size() == 3 && algo_parts[2] == "PKCS7") - { - with_pkcs7_padding = true; - } - else - { - with_pkcs7_padding = false; - } - std::unique_ptr bc(Botan::BlockCipher::create(cipher_name)); - Botan::Keyed_Filter* cipher = new Botan::Cipher_Mode_Filter(new Botan::ECB_Encryption(bc.release(), with_pkcs7_padding)); - cipher->set_key(botanKey); - cryption = new Botan::Pipe(cipher); - } - else */ if (mode == SymMode::GCM) { Botan::AEAD_Mode* aead = Botan::get_aead(cipherName, Botan::ENCRYPTION); @@ -406,26 +385,6 @@ bool BotanSymmetricAlgorithm::decryptInit(const SymmetricKey* key, const SymMode try { Botan::SymmetricKey botanKey = Botan::SymmetricKey(key->getKeyBits().const_byte_str(), key->getKeyBits().size()); - /*if (mode == SymMode::ECB) - { - // ECB cipher mode was dropped in Botan 2.0 - const std::vector algo_parts = split_on_delim(cipherName, '/'); - const std::string cipher_name = algo_parts[0]; - bool with_pkcs7_padding; - if (algo_parts.size() == 3 && algo_parts[2] == "PKCS7") - { - with_pkcs7_padding = true; - } - else - { - with_pkcs7_padding = false; - } - std::unique_ptr bc(Botan::BlockCipher::create(cipher_name)); - Botan::Keyed_Filter* cipher = new Botan::Cipher_Mode_Filter(new Botan::ECB_Decryption(bc.release(),with_pkcs7_padding)); - cipher->set_key(botanKey); - cryption = new Botan::Pipe(cipher); - } - else */ if (mode == SymMode::GCM) { Botan::AEAD_Mode* aead = Botan::get_aead(cipherName, Botan::DECRYPTION); diff --git a/src/lib/crypto/test/AESTests.h b/src/lib/crypto/test/AESTests.h index f2dafc2f2..a0c29dc28 100644 --- a/src/lib/crypto/test/AESTests.h +++ b/src/lib/crypto/test/AESTests.h @@ -41,7 +41,7 @@ class AESTests : public CppUnit::TestFixture CPPUNIT_TEST_SUITE(AESTests); CPPUNIT_TEST(testBlockSize); CPPUNIT_TEST(testCBC); - //CPPUNIT_TEST(testECB); + CPPUNIT_TEST(testECB); CPPUNIT_TEST(testCTR); CPPUNIT_TEST(testGCM); #ifdef HAVE_AES_KEY_WRAP diff --git a/src/lib/crypto/test/CMakeLists.txt b/src/lib/crypto/test/CMakeLists.txt index 6bfff9c58..f952c847b 100644 --- a/src/lib/crypto/test/CMakeLists.txt +++ b/src/lib/crypto/test/CMakeLists.txt @@ -33,7 +33,7 @@ set(SOURCES cryptotest.cpp include_directories(${INCLUDE_DIRS}) add_executable(${PROJECT_NAME} ${SOURCES}) -target_link_libraries(${PROJECT_NAME} softhsm2-static CppUnit) +target_link_libraries(${PROJECT_NAME} softhsm2-static ${CPPUNIT_LIBRARIES}) target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) add_test(${PROJECT_NAME} ${PROJECT_NAME}) diff --git a/src/lib/crypto/test/DESTests.h b/src/lib/crypto/test/DESTests.h index 8994f74d9..083446287 100644 --- a/src/lib/crypto/test/DESTests.h +++ b/src/lib/crypto/test/DESTests.h @@ -41,7 +41,7 @@ class DESTests : public CppUnit::TestFixture CPPUNIT_TEST_SUITE(DESTests); CPPUNIT_TEST(testBlockSize); CPPUNIT_TEST(testCBC); - //CPPUNIT_TEST(testECB); + CPPUNIT_TEST(testECB); CPPUNIT_TEST(testOFB); CPPUNIT_TEST(testCFB); CPPUNIT_TEST_SUITE_END(); diff --git a/src/lib/data_mgr/CMakeLists.txt b/src/lib/data_mgr/CMakeLists.txt index 2f393a3e7..a0e0c172e 100644 --- a/src/lib/data_mgr/CMakeLists.txt +++ b/src/lib/data_mgr/CMakeLists.txt @@ -14,7 +14,7 @@ set(SOURCES ByteString.cpp ) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) + list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) ENDIF() include_directories(${INCLUDE_DIRS}) diff --git a/src/lib/data_mgr/test/CMakeLists.txt b/src/lib/data_mgr/test/CMakeLists.txt index 00771c8bc..8b6c80fe6 100644 --- a/src/lib/data_mgr/test/CMakeLists.txt +++ b/src/lib/data_mgr/test/CMakeLists.txt @@ -8,8 +8,8 @@ set(INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/.. ${PROJECT_SOURCE_DIR}/../../pkcs11 ${PROJECT_SOURCE_DIR}/../../session_mgr ${PROJECT_SOURCE_DIR}/../../slot_mgr - ${CppUnit_INCLUDE_DIR}/.. - ${CRYPTO_INCLUDES} + ${CPPUNIT_INCLUDE_DIRS}/.. + ${CRYPTO_INCLUDES} ) set(SOURCES datamgrtest.cpp @@ -21,7 +21,7 @@ set(SOURCES datamgrtest.cpp include_directories(${INCLUDE_DIRS}) add_executable(${PROJECT_NAME} ${SOURCES}) -target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} CppUnit) +target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} ${CPPUNIT_LIBRARIES}) target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) add_test(${PROJECT_NAME} ${PROJECT_NAME}) diff --git a/src/lib/handle_mgr/CMakeLists.txt b/src/lib/handle_mgr/CMakeLists.txt index 27068ffe9..71269519b 100644 --- a/src/lib/handle_mgr/CMakeLists.txt +++ b/src/lib/handle_mgr/CMakeLists.txt @@ -14,7 +14,7 @@ set(SOURCES HandleManager.cpp ) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) + list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) ENDIF() include_directories(${INCLUDE_DIRS}) diff --git a/src/lib/handle_mgr/test/CMakeLists.txt b/src/lib/handle_mgr/test/CMakeLists.txt index 84f018d76..e78ffe326 100644 --- a/src/lib/handle_mgr/test/CMakeLists.txt +++ b/src/lib/handle_mgr/test/CMakeLists.txt @@ -9,7 +9,7 @@ set(INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/.. ${PROJECT_SOURCE_DIR}/../../pkcs11 ${PROJECT_SOURCE_DIR}/../../session_mgr ${PROJECT_SOURCE_DIR}/../../slot_mgr - ${CppUnit_INCLUDE_DIR}/.. + ${CPPUNIT_INCLUDES} ) set(SOURCES handlemgrtest.cpp @@ -19,7 +19,7 @@ set(SOURCES handlemgrtest.cpp include_directories(${INCLUDE_DIRS}) add_executable(${PROJECT_NAME} ${SOURCES}) -target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} CppUnit) +target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} ${CPPUNIT_LIBRARIES}) target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) add_test(${PROJECT_NAME} ${PROJECT_NAME}) diff --git a/src/lib/handle_mgr/test/handlemgrtest.cpp b/src/lib/handle_mgr/test/handlemgrtest.cpp index 64219a860..5f8581a66 100644 --- a/src/lib/handle_mgr/test/handlemgrtest.cpp +++ b/src/lib/handle_mgr/test/handlemgrtest.cpp @@ -114,7 +114,7 @@ int main(int /*argc*/, char** /*argv*/) runner.addTest(registry.makeTest()); runner.run(controller); - + std::ofstream xmlFileOut("test-results.xml"); CppUnit::XmlOutputter xmlOut(&result, xmlFileOut); xmlOut.write(); diff --git a/src/lib/object_store/CMakeLists.txt b/src/lib/object_store/CMakeLists.txt index 0507885cb..d777a939f 100644 --- a/src/lib/object_store/CMakeLists.txt +++ b/src/lib/object_store/CMakeLists.txt @@ -30,8 +30,8 @@ if(WITH_OBJECTSTORE_BACKEND_DB) endif(WITH_OBJECTSTORE_BACKEND_DB) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) -ENDIF() + list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) +endif() include_directories(${INCLUDE_DIRS}) add_library(${PROJECT_NAME} OBJECT ${SOURCES}) diff --git a/src/lib/object_store/DB.cpp b/src/lib/object_store/DB.cpp index 0a8fb52e1..548f346ee 100644 --- a/src/lib/object_store/DB.cpp +++ b/src/lib/object_store/DB.cpp @@ -155,9 +155,7 @@ static time_t sqlite3_gmtime(struct tm *tm) // Use gmtime_r to convert the POSIX time back to a tm struct. // No time adjustment is done this time because POSIX time is // defined in terms of UTC. - //gmtime_r(&posix_time, &ref_tm); - struct tm *newtime=&ref_tm; - newtime = gmtime(&posix_time); + gmtime_r(&posix_time, &ref_tm); if (ref_tm.tm_isdst != 0) { DB::logError("expected gmtime_r to return zero in tm_isdst member of tm struct"); @@ -757,7 +755,6 @@ const std::string &DB::Connection::dbpath() } DB::Statement DB::Connection::prepare(const std::string format, ...){ -//DB::Statement DB::Connection::prepare(const char *format, ...){ // pstatement will hold a dynamically allocated string that needs to be deleted. char *pstatement = NULL; diff --git a/src/lib/object_store/DB.h b/src/lib/object_store/DB.h index 863134ea6..124bb818a 100644 --- a/src/lib/object_store/DB.h +++ b/src/lib/object_store/DB.h @@ -154,7 +154,6 @@ class Connection { const std::string &dbpath(); Statement prepare(const std::string format, ...); - //Statement prepare(const char *format, ...); Result perform(Statement &statement); bool execute(Statement &statement); diff --git a/src/lib/object_store/Directory.cpp b/src/lib/object_store/Directory.cpp index d387759e7..8776c6422 100644 --- a/src/lib/object_store/Directory.cpp +++ b/src/lib/object_store/Directory.cpp @@ -229,7 +229,7 @@ bool Directory::mkdir(std::string name, int umask) #ifndef _WIN32 int rv = ::mkdir(fullPath.c_str(), S_IFDIR | ((S_IRWXU | S_IRWXG | S_IRWXO) & ~umask)); #else - umask; + (void)umask; int rv = _mkdir(fullPath.c_str()); #endif diff --git a/src/lib/object_store/File.cpp b/src/lib/object_store/File.cpp index 1165ba791..74f1adfb2 100644 --- a/src/lib/object_store/File.cpp +++ b/src/lib/object_store/File.cpp @@ -103,7 +103,7 @@ File::File(std::string inPath, int umask, bool forRead /* = true */, bool forWri // Open the stream valid = ((stream = fdopen(fd, fileMode.c_str())) != NULL); #else - umask; + (void)umask; flags = _O_BINARY; if (forRead && !forWrite) flags |= _O_RDONLY; if (!forRead && forWrite) flags |= _O_WRONLY | _O_CREAT | _O_TRUNC; diff --git a/src/lib/object_store/test/CMakeLists.txt b/src/lib/object_store/test/CMakeLists.txt index 0c19de003..f4ae4825d 100644 --- a/src/lib/object_store/test/CMakeLists.txt +++ b/src/lib/object_store/test/CMakeLists.txt @@ -33,7 +33,7 @@ endif(WITH_OBJECTSTORE_BACKEND_DB) include_directories(${INCLUDE_DIRS}) add_executable(${PROJECT_NAME} ${SOURCES}) -target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} CppUnit ${SQLITE3_LIBS}) +target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} ${CPPUNIT_LIBRARIES} ${SQLITE3_LIBS}) target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) add_test(${PROJECT_NAME} ${PROJECT_NAME}) diff --git a/src/lib/object_store/test/DBTokenTests.cpp b/src/lib/object_store/test/DBTokenTests.cpp index b7e0e3e60..4a76ef300 100644 --- a/src/lib/object_store/test/DBTokenTests.cpp +++ b/src/lib/object_store/test/DBTokenTests.cpp @@ -489,7 +489,7 @@ void test_a_dbtoken::support_clearing_a_token() CPPUNIT_ASSERT(newToken->createObject() != NULL); delete newToken; -#if 0 +#if 1 // Reopen the newly created token and keep a reference around. DBToken referencingToken("testdir", "newToken", DEFAULT_UMASK); CPPUNIT_ASSERT(referencingToken.isValid()); @@ -529,7 +529,7 @@ void test_a_dbtoken::support_clearing_a_token() DBToken clearedToken("testdir", "newToken", DEFAULT_UMASK); CPPUNIT_ASSERT(!clearedToken.isValid()); -#if 0 +#if 1 // Verify that it is no longer possible to access the database... CPPUNIT_ASSERT(!referencingToken.getSOPIN(retrievedSOPIN)); CPPUNIT_ASSERT(retrievedSOPIN == soPIN); diff --git a/src/lib/session_mgr/CMakeLists.txt b/src/lib/session_mgr/CMakeLists.txt index ca2be4176..d70d547f8 100644 --- a/src/lib/session_mgr/CMakeLists.txt +++ b/src/lib/session_mgr/CMakeLists.txt @@ -14,8 +14,8 @@ set(SOURCES SessionManager.cpp ) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) -ENDIF() + list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) +endif() include_directories(${INCLUDE_DIRS}) add_library(${PROJECT_NAME} OBJECT ${SOURCES}) diff --git a/src/lib/session_mgr/test/CMakeLists.txt b/src/lib/session_mgr/test/CMakeLists.txt index 05418b7c2..797806ea9 100644 --- a/src/lib/session_mgr/test/CMakeLists.txt +++ b/src/lib/session_mgr/test/CMakeLists.txt @@ -18,7 +18,7 @@ set(SOURCES sessionmgrtest.cpp include_directories(${INCLUDE_DIRS}) add_executable(${PROJECT_NAME} ${SOURCES}) -target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} CppUnit ${SQLITE3_LIBS}) +target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} ${CPPUNIT_LIBRARIES} ${SQLITE3_LIBS}) target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) add_test(${PROJECT_NAME} ${PROJECT_NAME}) diff --git a/src/lib/slot_mgr/CMakeLists.txt b/src/lib/slot_mgr/CMakeLists.txt index 4119da7c5..a8da06f79 100644 --- a/src/lib/slot_mgr/CMakeLists.txt +++ b/src/lib/slot_mgr/CMakeLists.txt @@ -15,7 +15,7 @@ set(SOURCES SlotManager.cpp ) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) + list(APPEND INCLUDE_DIRS ${PROJECT_SOURCE_DIR}/../win32) ENDIF() include_directories(${INCLUDE_DIRS}) diff --git a/src/lib/slot_mgr/test/CMakeLists.txt b/src/lib/slot_mgr/test/CMakeLists.txt index 6b2ae43d8..f30fee638 100644 --- a/src/lib/slot_mgr/test/CMakeLists.txt +++ b/src/lib/slot_mgr/test/CMakeLists.txt @@ -18,7 +18,7 @@ set(SOURCES slotmgrtest.cpp include_directories(${INCLUDE_DIRS}) add_executable(${PROJECT_NAME} ${SOURCES}) -target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} CppUnit ${SQLITE3_LIBS}) +target_link_libraries(${PROJECT_NAME} softhsm2-static ${CRYPTO_LIBS} ${CPPUNIT_LIBRARIES} ${SQLITE3_LIBS}) target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) add_test(${PROJECT_NAME} ${PROJECT_NAME}) diff --git a/src/lib/test/CMakeLists.txt b/src/lib/test/CMakeLists.txt index 8fda624d9..2a19522b7 100644 --- a/src/lib/test/CMakeLists.txt +++ b/src/lib/test/CMakeLists.txt @@ -4,7 +4,11 @@ set(INCLUDE_DIRS ${PROJECT_SOURCE_DIR} ${PROJECT_SOURCE_DIR}/.. ${PROJECT_SOURCE_DIR}/../common ${PROJECT_SOURCE_DIR}/../pkcs11 + ${CPPUNIT_INCLUDES} ) +if (WIN32) + set(INCLUDE_DIRS ${INCLUDE_DIRS} ${PROJECT_SOURCE_DIR}/../win32) +endif (WIN32) set(SOURCES p11test.cpp SymmetricAlgorithmTests.cpp @@ -25,26 +29,21 @@ set(SOURCES p11test.cpp ../common/log.cpp ../common/osmutex.cpp ) +add_executable(${PROJECT_NAME} ${SOURCES}) if(CMAKE_CXX_COMPILER_ID STREQUAL "MSVC") - list(APPEND SOURCES ${PROJECT_SOURCE_DIR}/../win32/setenv.cpp - ${PROJECT_SOURCE_DIR}/../win32/syslog.cpp - ) - list(APPEND COMPILE_OPTIONS "/DCRYPTOKI_STATIC") + list(APPEND SOURCES ${PROJECT_SOURCE_DIR}/../win32/setenv.cpp ${PROJECT_SOURCE_DIR}/../win32/syslog.cpp) + list(APPEND COMPILE_OPTIONS "/DCRYPTOKI_STATIC") else() - list(APPEND SOURCES "ForkTests.cpp") - set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS -pthread) + list(APPEND SOURCES "ForkTests.cpp") + set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS -pthread) endif() include_directories(${INCLUDE_DIRS}) -add_executable(${PROJECT_NAME} ${SOURCES}) -target_link_libraries(${PROJECT_NAME} - softhsm2-static - ${SQLITE3_LIBS} - CppUnit -) +target_link_libraries(${PROJECT_NAME} softhsm2-static ${SQLITE3_LIBS} ${CPPUNIT_LIBRARIES}) +set_target_properties(${PROJECT_NAME} PROPERTIES LINK_FLAGS -pthread) target_compile_options(${PROJECT_NAME} PRIVATE ${COMPILE_OPTIONS}) diff --git a/src/lib/test/DeriveTests.h b/src/lib/test/DeriveTests.h index 5a74ed27e..2514d30fb 100644 --- a/src/lib/test/DeriveTests.h +++ b/src/lib/test/DeriveTests.h @@ -46,8 +46,7 @@ class DeriveTests : public TestsBase #ifdef WITH_EDDSA CPPUNIT_TEST_PARAMETERIZED(testEddsaDerive, {"X25519", "X448"}); #endif - //TODO: test fails - //CPPUNIT_TEST(testSymDerive); + CPPUNIT_TEST(testSymDerive); CPPUNIT_TEST(testMiscDerivations); CPPUNIT_TEST_SUITE_END(); @@ -64,7 +63,7 @@ class DeriveTests : public TestsBase protected: CK_RV generateDhKeyPair(CK_SESSION_HANDLE hSession, CK_BBOOL bTokenPuk, CK_BBOOL bPrivatePuk, CK_BBOOL bTokenPrk, CK_BBOOL bPrivatePrk, CK_OBJECT_HANDLE &hPuk, CK_OBJECT_HANDLE &hPrk); - CK_RV createAesKey(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_BBOOL bSensitive, CK_BBOOL bExtractable, CK_BBOOL bDerive, CK_OBJECT_HANDLE &hKey); + CK_RV createAesKey(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_BBOOL bSensitive, CK_BBOOL bExtractable, CK_BBOOL bDerive, CK_OBJECT_HANDLE &hKey); CK_RV generateAesKey(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey); #ifndef WITH_FIPS CK_RV generateDesKey(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey); diff --git a/src/lib/test/ObjectTests.h b/src/lib/test/ObjectTests.h index 2de6f4bb6..b15ae48ed 100644 --- a/src/lib/test/ObjectTests.h +++ b/src/lib/test/ObjectTests.h @@ -60,8 +60,7 @@ class ObjectTests : public TestsBase CPPUNIT_TEST(testAllowedMechanisms); CPPUNIT_TEST(testReAuthentication); CPPUNIT_TEST(testTemplateAttribute); - //TODO: check CKA_CHECK_VALUE error - //CPPUNIT_TEST(testCreateSecretKey); + CPPUNIT_TEST(testCreateSecretKey); CPPUNIT_TEST_SUITE_END(); public: diff --git a/src/lib/test/SymmetricAlgorithmTests.cpp b/src/lib/test/SymmetricAlgorithmTests.cpp index ff3087157..1a174068b 100644 --- a/src/lib/test/SymmetricAlgorithmTests.cpp +++ b/src/lib/test/SymmetricAlgorithmTests.cpp @@ -802,7 +802,7 @@ CK_RV SymmetricAlgorithmTests::generateDes3Key(CK_SESSION_HANDLE hSession, CK_BB } void SymmetricAlgorithmTests::encryptDecrypt( - const CK_MECHANISM_TYPE mechanismType, + const CK_MECHANISM mechanism, const size_t blockSize, const CK_SESSION_HANDLE hSession, const CK_OBJECT_HANDLE hKey, @@ -850,56 +850,10 @@ void SymmetricAlgorithmTests::encryptDecrypt( CPPUNIT_ASSERT_EQUAL( (CK_RV)CKR_OK, CRYPTOKI_F_PTR( C_GenerateRandom(hSession, (CK_BYTE_PTR)&vData.front(), messageSize) ) ); - const CK_MECHANISM mechanism = { mechanismType, NULL_PTR, 0 }; CK_MECHANISM_PTR pMechanism((CK_MECHANISM_PTR)&mechanism); - CK_AES_CTR_PARAMS ctrParams = - { - 32, - { - 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 - } - }; - CK_BYTE gcmIV[] = { - 0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, - 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88 - }; - CK_BYTE gcmAAD[] = { - 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF, - 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF, - 0xAB, 0xAD, 0xDA, 0xD2 - }; - CK_GCM_PARAMS gcmParams = - { - &gcmIV[0], - sizeof(gcmIV), - sizeof(gcmIV)*8, - &gcmAAD[0], - sizeof(gcmAAD), - 16*8 - }; - - switch (mechanismType) - { - case CKM_DES_CBC: - case CKM_DES_CBC_PAD: - case CKM_DES3_CBC: - case CKM_DES3_CBC_PAD: - case CKM_AES_CBC: - case CKM_AES_CBC_PAD: - pMechanism->pParameter = (CK_VOID_PTR)&vData.front(); - pMechanism->ulParameterLen = blockSize; - break; - case CKM_AES_CTR: - pMechanism->pParameter = &ctrParams; - pMechanism->ulParameterLen = sizeof(ctrParams); - break; - case CKM_AES_GCM: - pMechanism->pParameter = &gcmParams; - pMechanism->ulParameterLen = sizeof(gcmParams); - break; - default: - break; + if (pMechanism->pParameter == NULL_PTR) { + pMechanism->pParameter = (CK_VOID_PTR)&vData.front(); + pMechanism->ulParameterLen = blockSize; } // Single-part encryption @@ -1569,6 +1523,43 @@ void SymmetricAlgorithmTests::testAesEncryptDecrypt() CK_SESSION_HANDLE hSessionRO; CK_SESSION_HANDLE hSessionRW; + CK_AES_CTR_PARAMS ctrParams = + { + 32, + { + 0x00, 0x00, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01 + } + }; + CK_BYTE gcmIV[] = { + 0xCA, 0xFE, 0xBA, 0xBE, 0xFA, 0xCE, + 0xDB, 0xAD, 0xDE, 0xCA, 0xF8, 0x88 + }; + CK_BYTE gcmAAD[] = { + 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF, + 0xFE, 0xED, 0xFA, 0xCE, 0xDE, 0xAD, 0xBE, 0xEF, + 0xAB, 0xAD, 0xDA, 0xD2 + }; + CK_GCM_PARAMS gcmParamsWithAAD = + { + &gcmIV[0], + sizeof(gcmIV), + sizeof(gcmIV)*8, + &gcmAAD[0], + sizeof(gcmAAD), + 16*8 + }; + CK_GCM_PARAMS gcmParamsWithoutAAD = + { + &gcmIV[0], + sizeof(gcmIV), + sizeof(gcmIV)*8, + NULL_PTR, + 0, + 16*8 + }; + + // Just make sure that we finalize any previous tests CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) ); @@ -1602,19 +1593,23 @@ void SymmetricAlgorithmTests::testAesEncryptDecrypt() // with padding all message sizes could be encrypted-decrypted. // without padding the message size must be a multiple of the block size. const int blockSize(0x10); - encryptDecrypt(CKM_AES_CBC_PAD,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); - encryptDecrypt(CKM_AES_CBC_PAD,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); - encryptDecrypt(CKM_AES_CBC_PAD,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_AES_CBC,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_AES_CBC,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); - //encryptDecrypt(CKM_AES_ECB,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); - //encryptDecrypt(CKM_AES_ECB,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); - encryptDecrypt(CKM_AES_CTR,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); - encryptDecrypt(CKM_AES_CTR,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); - encryptDecrypt(CKM_AES_CTR,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_AES_GCM,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); - encryptDecrypt(CKM_AES_GCM,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); - encryptDecrypt(CKM_AES_GCM,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + + encryptDecrypt({CKM_AES_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); + encryptDecrypt({CKM_AES_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); + encryptDecrypt({CKM_AES_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_AES_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_AES_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_AES_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_AES_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_AES_CTR,&ctrParams,sizeof(ctrParams)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); + encryptDecrypt({CKM_AES_CTR,&ctrParams,sizeof(ctrParams)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); + encryptDecrypt({CKM_AES_CTR,&ctrParams,sizeof(ctrParams)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_AES_GCM,&gcmParamsWithAAD,sizeof(gcmParamsWithAAD)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); + encryptDecrypt({CKM_AES_GCM,&gcmParamsWithAAD,sizeof(gcmParamsWithAAD)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); + encryptDecrypt({CKM_AES_GCM,&gcmParamsWithAAD,sizeof(gcmParamsWithAAD)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_AES_GCM,&gcmParamsWithoutAAD,sizeof(gcmParamsWithoutAAD)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); + encryptDecrypt({CKM_AES_GCM,&gcmParamsWithoutAAD,sizeof(gcmParamsWithoutAAD)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); + encryptDecrypt({CKM_AES_GCM,&gcmParamsWithoutAAD,sizeof(gcmParamsWithoutAAD)},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); } @@ -1714,13 +1709,13 @@ void SymmetricAlgorithmTests::testDesEncryptDecrypt() rv = generateDesKey(hSessionRW,IN_SESSION,IS_PUBLIC,hKey); CPPUNIT_ASSERT(rv == CKR_OK); - encryptDecrypt(CKM_DES_CBC_PAD,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); - encryptDecrypt(CKM_DES_CBC_PAD,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); - encryptDecrypt(CKM_DES_CBC_PAD,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_DES_CBC,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_DES_CBC,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); - //encryptDecrypt(CKM_DES_ECB,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); - //encryptDecrypt(CKM_DES_ECB,blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_DES_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST-1); + encryptDecrypt({CKM_DES_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1); + encryptDecrypt({CKM_DES_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_DES_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); CK_OBJECT_HANDLE hKey2 = CK_INVALID_HANDLE; @@ -1728,13 +1723,13 @@ void SymmetricAlgorithmTests::testDesEncryptDecrypt() rv = generateDes2Key(hSessionRW,IN_SESSION,IS_PUBLIC,hKey2); CPPUNIT_ASSERT(rv == CKR_OK); - encryptDecrypt(CKM_DES3_CBC_PAD,blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST-1); - encryptDecrypt(CKM_DES3_CBC_PAD,blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST+1); - encryptDecrypt(CKM_DES3_CBC_PAD,blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_DES3_CBC,blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_DES3_CBC,blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); - //encryptDecrypt(CKM_DES3_ECB,blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST); - //encryptDecrypt(CKM_DES3_ECB,blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_DES3_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST-1); + encryptDecrypt({CKM_DES3_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST+1); + encryptDecrypt({CKM_DES3_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES3_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES3_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_DES3_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES3_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey2,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); #endif CK_OBJECT_HANDLE hKey3 = CK_INVALID_HANDLE; @@ -1743,13 +1738,13 @@ void SymmetricAlgorithmTests::testDesEncryptDecrypt() rv = generateDes3Key(hSessionRW,IN_SESSION,IS_PUBLIC,hKey3); CPPUNIT_ASSERT(rv == CKR_OK); - encryptDecrypt(CKM_DES3_CBC_PAD,blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST-1); - encryptDecrypt(CKM_DES3_CBC_PAD,blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST+1); - encryptDecrypt(CKM_DES3_CBC_PAD,blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_DES3_CBC,blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST); - encryptDecrypt(CKM_DES3_CBC,blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); - //encryptDecrypt(CKM_DES3_ECB,blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST); - //encryptDecrypt(CKM_DES3_ECB,blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_DES3_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST-1); + encryptDecrypt({CKM_DES3_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST+1); + encryptDecrypt({CKM_DES3_CBC_PAD,NULL_PTR,0},blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES3_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES3_CBC,NULL_PTR,0},blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); + encryptDecrypt({CKM_DES3_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST); + encryptDecrypt({CKM_DES3_ECB,NULL_PTR,0},blockSize,hSessionRO,hKey3,blockSize*NR_OF_BLOCKS_IN_TEST+1, false); } void SymmetricAlgorithmTests::testDesWrapUnwrap() diff --git a/src/lib/test/SymmetricAlgorithmTests.h b/src/lib/test/SymmetricAlgorithmTests.h index f42b665ab..270a14bb0 100644 --- a/src/lib/test/SymmetricAlgorithmTests.h +++ b/src/lib/test/SymmetricAlgorithmTests.h @@ -79,7 +79,7 @@ class SymmetricAlgorithmTests : public TestsBase #endif CK_RV generateDes3Key(CK_SESSION_HANDLE hSession, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey); void encryptDecrypt( - CK_MECHANISM_TYPE mechanismType, + CK_MECHANISM mechanism, size_t sizeOfIV, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hKey, diff --git a/testing/travis/travis.sh b/testing/travis/travis.sh index 826fbc42f..3cb2089c7 100644 --- a/testing/travis/travis.sh +++ b/testing/travis/travis.sh @@ -1,8 +1,14 @@ #!/bin/sh +CONF_CPP_LIBRARY_ASSERTIONS="" CONF_CRYPTO="" CONF_OBJSTORE="" +case $CPP_LIBRARY_ASSERTIONS in +yes) + CONF_CPP_LIBRARY_ASSERTIONS="$CONF_CPP_LIBRARY_ASSERTIONS -D_LIBCPP_DEBUG_LEVEL=1 -D_GLIBCXX_ASSERTIONS=1" +esac + case $CRYPTO in botan) CONF_CRYPTO="$CONF_CRYPTO --with-crypto-backend=botan --with-botan=/usr" @@ -31,5 +37,5 @@ sqlite) esac sh autogen.sh && \ -./configure $CONF_CRYPTO $CONF_OBJSTORE && \ +env CXXFLAGS="${CXXFLAGS} ${CONF_CPP_LIBRARY_ASSERTIONS}" ./configure $CONF_CRYPTO $CONF_OBJSTORE && \ make all check