aboutsummaryrefslogtreecommitdiffstats
path: root/SoftHSMv2/src/lib/test/SignVerifyTests.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'SoftHSMv2/src/lib/test/SignVerifyTests.cpp')
-rw-r--r--SoftHSMv2/src/lib/test/SignVerifyTests.cpp110
1 files changed, 110 insertions, 0 deletions
diff --git a/SoftHSMv2/src/lib/test/SignVerifyTests.cpp b/SoftHSMv2/src/lib/test/SignVerifyTests.cpp
index 06dbf95..c68ed08 100644
--- a/SoftHSMv2/src/lib/test/SignVerifyTests.cpp
+++ b/SoftHSMv2/src/lib/test/SignVerifyTests.cpp
@@ -165,6 +165,61 @@ CK_RV SignVerifyTests::generateEC(const char* curve, CK_SESSION_HANDLE hSession,
}
#endif
+#ifdef WITH_EDDSA
+CK_RV SignVerifyTests::generateED(const char* curve, CK_SESSION_HANDLE hSession, CK_BBOOL bTokenPuk, CK_BBOOL bPrivatePuk, CK_BBOOL bTokenPrk, CK_BBOOL bPrivatePrk, CK_OBJECT_HANDLE &hPuk, CK_OBJECT_HANDLE &hPrk)
+{
+ CK_MECHANISM mechanism = { CKM_EC_EDWARDS_KEY_PAIR_GEN, NULL_PTR, 0 };
+ CK_KEY_TYPE keyType = CKK_EC_EDWARDS;
+ CK_BYTE oidEd25519[] = { 0x06, 0x03, 0x2B, 0x65, 0x70 };
+ CK_BYTE label[] = { 0x12, 0x34 }; // dummy
+ CK_BYTE id[] = { 123 } ; // dummy
+ CK_BBOOL bFalse = CK_FALSE;
+ CK_BBOOL bTrue = CK_TRUE;
+
+ CK_ATTRIBUTE pukAttribs[] = {
+ { CKA_EC_PARAMS, NULL, 0 },
+ { CKA_LABEL, &label[0], sizeof(label) },
+ { CKA_ID, &id[0], sizeof(id) },
+ { CKA_KEY_TYPE, &keyType, sizeof(keyType) },
+ { CKA_VERIFY, &bTrue, sizeof(bTrue) },
+ { CKA_ENCRYPT, &bFalse, sizeof(bFalse) },
+ { CKA_WRAP, &bFalse, sizeof(bFalse) },
+ { CKA_TOKEN, &bTokenPuk, sizeof(bTokenPuk) },
+ { CKA_PRIVATE, &bPrivatePuk, sizeof(bPrivatePuk) }
+ };
+ CK_ATTRIBUTE prkAttribs[] = {
+ { CKA_LABEL, &label[0], sizeof(label) },
+ { CKA_ID, &id[0], sizeof(id) },
+ { CKA_KEY_TYPE, &keyType, sizeof(keyType) },
+ { CKA_SIGN, &bTrue, sizeof(bTrue) },
+ { CKA_DECRYPT, &bFalse, sizeof(bFalse) },
+ { CKA_UNWRAP, &bFalse, sizeof(bFalse) },
+ { CKA_SENSITIVE, &bTrue, sizeof(bTrue) },
+ { CKA_TOKEN, &bTokenPrk, sizeof(bTokenPrk) },
+ { CKA_PRIVATE, &bPrivatePrk, sizeof(bPrivatePrk) },
+ { CKA_EXTRACTABLE, &bFalse, sizeof(bFalse) }
+ };
+
+ /* Select the curve */
+ if (strcmp(curve, "Ed25519") == 0)
+ {
+ pukAttribs[0].pValue = oidEd25519;
+ pukAttribs[0].ulValueLen = sizeof(oidEd25519);
+ }
+ else
+ {
+ return CKR_GENERAL_ERROR;
+ }
+
+ hPuk = CK_INVALID_HANDLE;
+ hPrk = CK_INVALID_HANDLE;
+ return CRYPTOKI_F_PTR( C_GenerateKeyPair(hSession, &mechanism,
+ pukAttribs, sizeof(pukAttribs)/sizeof(CK_ATTRIBUTE),
+ prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE),
+ &hPuk, &hPrk) );
+}
+#endif
+
void SignVerifyTests::signVerifySingle(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey, CK_VOID_PTR param /* = NULL_PTR */, CK_ULONG paramLen /* = 0 */)
{
CK_RV rv;
@@ -480,6 +535,61 @@ void SignVerifyTests::testEcSignVerify()
}
#endif
+#ifdef WITH_EDDSA
+void SignVerifyTests::testEdSignVerify()
+{
+ CK_RV rv;
+ CK_SESSION_HANDLE hSessionRO;
+ CK_SESSION_HANDLE hSessionRW;
+
+ // Just make sure that we finalize any previous tests
+ CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
+
+ // Open read-only session on when the token is not initialized should fail
+ rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSessionRO) );
+ CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
+
+ // Initialize the library and start the test.
+ rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) );
+ CPPUNIT_ASSERT(rv == CKR_OK);
+
+ // Open read-only session
+ rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSessionRO) );
+ CPPUNIT_ASSERT(rv == CKR_OK);
+
+ // Open read-write session
+ rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSessionRW) );
+ CPPUNIT_ASSERT(rv == CKR_OK);
+
+ // Login USER into the sessions so we can create a private objects
+ rv = CRYPTOKI_F_PTR( C_Login(hSessionRO,CKU_USER,m_userPin1,m_userPin1Length) );
+ CPPUNIT_ASSERT(rv==CKR_OK);
+
+ CK_OBJECT_HANDLE hPuk = CK_INVALID_HANDLE;
+ CK_OBJECT_HANDLE hPrk = CK_INVALID_HANDLE;
+
+ // Public Session keys
+ rv = generateED("Ed25519", hSessionRW,IN_SESSION,IS_PUBLIC,IN_SESSION,IS_PUBLIC,hPuk,hPrk);
+ CPPUNIT_ASSERT(rv == CKR_OK);
+ signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+
+ // Private Session Keys
+ rv = generateED("Ed25519", hSessionRW,IN_SESSION,IS_PRIVATE,IN_SESSION,IS_PRIVATE,hPuk,hPrk);
+ CPPUNIT_ASSERT(rv == CKR_OK);
+ signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+
+ // Public Token Keys
+ rv = generateED("Ed25519", hSessionRW,ON_TOKEN,IS_PUBLIC,ON_TOKEN,IS_PUBLIC,hPuk,hPrk);
+ CPPUNIT_ASSERT(rv == CKR_OK);
+ signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+
+ // Private Token Keys
+ rv = generateED("Ed25519", hSessionRW,ON_TOKEN,IS_PRIVATE,ON_TOKEN,IS_PRIVATE,hPuk,hPrk);
+ CPPUNIT_ASSERT(rv == CKR_OK);
+ signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+}
+#endif
+
CK_RV SignVerifyTests::generateKey(CK_SESSION_HANDLE hSession, CK_KEY_TYPE keyType, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey)
{
#ifndef WITH_BOTAN