aboutsummaryrefslogtreecommitdiff
path: root/tests/client.testscript
diff options
context:
space:
mode:
Diffstat (limited to 'tests/client.testscript')
-rw-r--r--tests/client.testscript65
1 files changed, 65 insertions, 0 deletions
diff --git a/tests/client.testscript b/tests/client.testscript
new file mode 100644
index 0000000..dd950cd
--- /dev/null
+++ b/tests/client.testscript
@@ -0,0 +1,65 @@
+# file : tests/client.testscript
+# copyright : Copyright (c) 2014-2018 Code Synthesis Ltd
+# license : MIT; see accompanying LICENSE file
+
+test.arguments += rsautl -sign -keyform engine -engine pkcs11
+
+: args
+:
+{
+ : none
+ :
+ $* 2>'error: -inkey option is required' != 0
+
+ : no-sock
+ :
+ env --unset=OPENSSL_AGENT_PKCS11_SOCK - $* -inkey 'pkcs11:' 2>>EOE != 0
+ error: OPENSSL_AGENT_PKCS11_SOCK environment variable is not set
+ EOE
+}
+
+: pkcs11
+:
+{
+ +sed -e 's/-client$/-agent-pkcs11/' <"$0" | set agent
+
+ : communication
+ :
+ {
+ # Start the agent.
+ #
+ +$agent --simulate success 'pkcs11:?pin-value=123123' | set script
+
+ +sed -n -e 's/^OPENSSL_AGENT_PKCS11_PID=(.+);.+$/\1/p' <"$script" | set pid
+ +sed -n -e 's/^OPENSSL_AGENT_PKCS11_SOCK=(.+);.+;$/\1/p' <"$script" | set sock
+
+ sign = env - OPENSSL_AGENT_PKCS11_SOCK="$sock" $*
+
+ : sign
+ :
+ {
+ $sign --simulate success -inkey 'pkcs11:' >'signature' : simulate-opt
+ $sign -inkey 'pkcs11:' >'signature' : no-simulate-opt
+ }
+
+ : failure
+ :
+ {
+ $sign --simulate failure -inkey 'pkcs11:' 2>>EOE != 0
+ error: unable to sign using simulated private key
+ EOE
+ }
+
+ : wrong-key
+ :
+ {
+ $sign --simulate success -inkey 'pkcs11:object=key' 2>>EOE != 0
+ error: private key doesn't match
+ EOE
+ }
+
+ # Stop the agent.
+ #
+ -kill "$pid"
+ }
+}