diff --git a/.ci/client-combined.pem.enc b/.ci/client-combined.pem.enc new file mode 100644 index 00000000..6329d2e1 Binary files /dev/null and b/.ci/client-combined.pem.enc differ diff --git a/.ci/server-crt.pem b/.ci/server-crt.pem new file mode 100644 index 00000000..a9fdb5dd --- /dev/null +++ b/.ci/server-crt.pem @@ -0,0 +1,22 @@ +-----BEGIN CERTIFICATE----- +MIIDnDCCAoSgAwIBAgIJALQYyNn39coUMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV +BAYTAlNFMRIwEAYDVQQHDAlTdG9ja2hvbG0xEjAQBgNVBAoMCVl1YmljbyBBQjEs +MCoGA1UEAwwjaHNtLWNvbm5lY3RvcjAxLnN0aGxtLmluLnl1Ymljby5vcmcwHhcN +MTkwMjI4MTYxNjEyWhcNMjQwMTEzMTYxNjEyWjBjMQswCQYDVQQGEwJTRTESMBAG +A1UEBwwJU3RvY2tob2xtMRIwEAYDVQQKDAlZdWJpY28gQUIxLDAqBgNVBAMMI2hz +bS1jb25uZWN0b3IwMS5zdGhsbS5pbi55dWJpY28ub3JnMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEA1nPcRq9jBuKlv2bheOIHCQo7YwQYF+1kiRpNLOex +vNxSn1pu7yUhXVFZzrhHYr7Eqxd1COiQb2D5Jsbh1rmz9X2ezOcBOjQEMuV91kvC +mXnXRFMMgMhZ4xEg0dauZGKCfcJJJ1P9br7Aznwz+4xQeCfheeC7sBtcskrMOhIq +AVPa30gAxKfy95EX1OOOkuCkm3mlKJwiVCchjoQ9GUOshrxFi7/oXlBAF1rA4P0/ +DKWvPgwX6rISQiEzF3OOGe/+aVwUuEio6GgcFFsE/msBjSJ0idXjFDAU3sMtt8fn +zagNDLI79/plIOE5cyX9iUN68drzr2KBP8tbKjY0uYLDuQIDAQABo1MwUTAdBgNV +HQ4EFgQUcxeu69EtIrKX5n+YYVka+Rr9st4wHwYDVR0jBBgwFoAUcxeu69EtIrKX +5n+YYVka+Rr9st4wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEA +LvwhWxsa/JnIKakcMo+u17r4mN8K0PvcJ5AE05VE56rPTWNEW2PSgX1M7VAflFNY +8QwOn5zsO2v4NIMY22hv0rhazaT97utnn2eiNW212iG+TnoCKXloYW7x9tBeFbNX +SuBvG2lAvL1aLuIViAM9q1NxDPsOcTKTvWIPnRJd+sfirGDviOvCMcZaU8onk6Hj +vLaRdsEHUFE5NvMwxrvw1GVZGOInPb2ApcfnCadDhQVpz5qOhb2vJkhZ6kk14heg +/xg4wMo+Om2Lw5CY+iC6QZfq6/GbGe7e4zpbFjE2w5Ys4POGrqDMU8XfZtH+gNaw +JSBMmMKWl2ksK85NXZfbZw== +-----END CERTIFICATE----- diff --git a/.gitignore b/.gitignore index f1e29320..de918269 100644 --- a/.gitignore +++ b/.gitignore @@ -57,3 +57,4 @@ cscope.* /yhwrap/cmdline.c /yhwrap/cmdline.h lib/*doxygen* +.ci/client-combined.pem diff --git a/.travis.yml b/.travis.yml index 16c12de6..718cab62 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,3 +1,10 @@ +env: + global: + - secure: "hg3zpwTsdl1hawBZjLlZw5ErUMSqQA+FEvnbeAXTPW1d+5oa/Yu5z6bYl9MqnKxx0Kyux9QJdgov/nkqQLTVy88U4w9qkEtQ6auKQxYdku9OWeduFy3P5oeI6IUkhOibxkqY9EDolBRKctTKyyDwKjDanTTttGYFeQq4jz7xkb05WmZ9gB1HPO0QPYljzPJyDw26pt2b4KC6eszeyHkwwOEAPblKkdpKILMrL/AWSiA6XkE9WN6pepHEKgfVf4g9tRupYJ9Ika9NAJpH0xHRIMb5Blu+8ccgXnyFGNVxcWrsgSYrMhXXP5MREMB4GuD2FbZya4bOZJwEGE5h3Q8wbLjneVpJsMk1zTZfWpKFs9o6gvJ4nzFWm0fcpvM7FeDmAmdvUtZk032SKEtQ337heSwS3F8pRjNdo2mqHkuH8CoKIxHI7W3kkRSnVCbLZ0HnvKh6UNcGPrn1Lm+3mfXvudjHLwchMr+XOgY41OahLhtcL+hhQhxvznapJnHbwyn3IItiurK+9x5q66UZ2ZUXwN8QiNrZKWSe4Ixb1ccaC3W7uOhiX859O7JxgCuSBbhrXqpDbUpF2VVn5+m/gJl9//hqPhI/m++EoP+ZgxB5xwD3cn2VZlKRSXSoT80zYP1ZrjG2CMJT9dPTwC4mtGNvdDZ1oUL9HeeUtVvp4E4bqIs=" + +before_install: + - openssl aes-256-cbc -k "$tlspwd" -md sha256 -in ./.ci/client-combined.pem.enc -out ./.ci/client-combined.pem -d + language: c addons: @@ -40,5 +47,11 @@ script: - test -e ./build/lib/libyubihsm.so -o -e ./build/lib/libyubihsm.dylib - test -e ./build/pkcs11/yubihsm_pkcs11.so -o -e ./build/pkcs11/yubihsm_pkcs11.dylib - test -e ./build/yhwrap/yubihsm-wrap + - export krnl="$(uname -s | tr '[:upper:]' '[:lower:]')" + - wget https://github.com/square/ghostunnel/releases/download/v1.3.1/ghostunnel-v1.3.1-$krnl-amd64-with-pkcs11 -O ghostunnel + - chmod +x ./ghostunnel + - ./ghostunnel client --listen localhost:12345 --target hsm-connector01.sthlm.in.yubico.org:8443 --keystore ./.ci/client-combined.pem --cacert ./.ci/server-crt.pem & + - sleep 3 - cd build - - ctest --output-on-failure -R "parsing|pbkdf2" + - ./src/yubihsm-shell -p password -a reset + - ctest --output-on-failure