pkcs11: 1003: test C_InitPIN()
Test C_InitPIN().
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
diff --git a/host/xtest/pkcs11_1000.c b/host/xtest/pkcs11_1000.c
index 29938ae..e90d0d8 100644
--- a/host/xtest/pkcs11_1000.c
+++ b/host/xtest/pkcs11_1000.c
@@ -425,6 +425,9 @@
* These define the genuine PINs and label to be used with the test token.
*/
static CK_UTF8CHAR test_token_so_pin[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8 , 9, 10, };
+static CK_UTF8CHAR test_token_user_pin[] = {
+ 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12,
+};
static CK_UTF8CHAR test_token_label[] = "PKCS11 TA test token";
static CK_RV init_test_token(CK_SLOT_ID slot)
@@ -433,6 +436,55 @@
test_token_label);
}
+/* Login as user, eventually reset user PIN if needed */
+static CK_RV init_user_test_token(CK_SLOT_ID slot)
+{
+ CK_FLAGS session_flags = CKF_SERIAL_SESSION | CKF_RW_SESSION;
+ CK_SESSION_HANDLE session = CK_INVALID_HANDLE;
+ CK_RV rv = CKR_GENERAL_ERROR;
+
+ rv = C_OpenSession(slot, session_flags, NULL, 0, &session);
+ if (rv)
+ return rv;
+
+ rv = C_Login(session, CKU_USER, test_token_user_pin,
+ sizeof(test_token_user_pin));
+ if (rv == CKR_OK) {
+ C_Logout(session);
+ C_CloseSession(session);
+ return rv;
+ }
+
+ rv = C_Login(session, CKU_SO, test_token_so_pin,
+ sizeof(test_token_so_pin));
+ if (rv) {
+ C_CloseSession(session);
+
+ rv = init_test_token(slot);
+ if (rv)
+ return rv;
+
+ rv = C_OpenSession(slot, session_flags, NULL, 0, &session);
+ if (rv)
+ return rv;
+
+ rv = C_Login(session, CKU_SO, test_token_so_pin,
+ sizeof(test_token_so_pin));
+ if (rv) {
+ C_CloseSession(session);
+ return rv;
+ }
+ }
+
+ rv = C_InitPIN(session, test_token_user_pin,
+ sizeof(test_token_user_pin));
+
+ C_Logout(session);
+ C_CloseSession(session);
+
+ return rv;
+}
+
static CK_RV test_already_initialized_token(ADBG_Case_t *c, CK_SLOT_ID slot)
{
CK_RV rv = CKR_GENERAL_ERROR;
@@ -493,6 +545,27 @@
!ADBG_EXPECT_TRUE(c, !(flags & CKF_ERROR_STATE)) ||
!ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_INITIALIZED))) {
rv = CKR_GENERAL_ERROR;
+ goto out;
+ }
+
+ rv = init_user_test_token(slot);
+ if (!ADBG_EXPECT_CK_OK(c, rv))
+ goto out;
+
+ rv = C_GetTokenInfo(slot, &token_info);
+ if (!ADBG_EXPECT_CK_OK(c, rv))
+ goto out;
+
+ flags = token_info.flags;
+
+ if (!ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_COUNT_LOW)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_FINAL_TRY)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_LOCKED)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_TO_BE_CHANGED)) ||
+ !ADBG_EXPECT_TRUE(c, !!(flags & CKF_USER_PIN_INITIALIZED)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_ERROR_STATE))) {
+ rv = CKR_GENERAL_ERROR;
+ goto out;
}
out:
@@ -523,8 +596,28 @@
!ADBG_EXPECT_TRUE(c, !(flags & CKF_ERROR_STATE)) ||
!ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_INITIALIZED))) {
rv = CKR_GENERAL_ERROR;
+ goto out;
}
+ rv = init_user_test_token(slot);
+ if (!ADBG_EXPECT_CK_OK(c, rv))
+ goto out;
+
+ rv = C_GetTokenInfo(slot, &token_info);
+ if (!ADBG_EXPECT_CK_OK(c, rv))
+ goto out;
+
+ flags = token_info.flags;
+
+ if (!ADBG_EXPECT_TRUE(c, !!(flags & CKF_TOKEN_INITIALIZED)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_COUNT_LOW)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_FINAL_TRY)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_LOCKED)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_USER_PIN_TO_BE_CHANGED)) ||
+ !ADBG_EXPECT_TRUE(c, !!(flags & CKF_USER_PIN_INITIALIZED)) ||
+ !ADBG_EXPECT_TRUE(c, !(flags & CKF_ERROR_STATE)))
+ rv = CKR_GENERAL_ERROR;
+
out:
Do_ADBG_EndSubCase(c, "C_InitToken() on uninitialized token");
@@ -540,7 +633,9 @@
rv = C_GetFunctionList(&ckfunc_list);
if (!ADBG_EXPECT_CK_OK(c, rv) ||
- !ADBG_EXPECT_NOT_NULL(c, ckfunc_list->C_InitToken))
+ !ADBG_EXPECT_NOT_NULL(c, ckfunc_list->C_InitToken) ||
+ !ADBG_EXPECT_NOT_NULL(c, ckfunc_list->C_InitPIN) ||
+ !ADBG_EXPECT_NOT_NULL(c, ckfunc_list->C_SetPIN))
goto out;
rv = init_lib_and_find_token_slot(&slot);