Update SoftHSM v2.0 to the latest version

[aaf/sshsm.git] / SoftHSMv2 / src / lib / test / SignVerifyTests.cpp

diff --git a/SoftHSMv2/src/lib/test/SignVerifyTests.cpp b/SoftHSMv2/src/lib/test/SignVerifyTests.cpp
index 06dbf95..c68ed08 100644 (file)
--- a/SoftHSMv2/src/lib/test/SignVerifyTests.cpp
+++ b/SoftHSMv2/src/lib/test/SignVerifyTests.cpp
@@ -165,6 +165,61 @@ CK_RV SignVerifyTests::generateEC(const char* curve, CK_SESSION_HANDLE hSession,
 }
 #endif
 
+#ifdef WITH_EDDSA
+CK_RV SignVerifyTests::generateED(const char* curve, CK_SESSION_HANDLE hSession, CK_BBOOL bTokenPuk, CK_BBOOL bPrivatePuk, CK_BBOOL bTokenPrk, CK_BBOOL bPrivatePrk, CK_OBJECT_HANDLE &hPuk, CK_OBJECT_HANDLE &hPrk)
+{
+       CK_MECHANISM mechanism = { CKM_EC_EDWARDS_KEY_PAIR_GEN, NULL_PTR, 0 };
+       CK_KEY_TYPE keyType = CKK_EC_EDWARDS;
+       CK_BYTE oidEd25519[] = { 0x06, 0x03, 0x2B, 0x65, 0x70 };
+       CK_BYTE label[] = { 0x12, 0x34 }; // dummy
+       CK_BYTE id[] = { 123 } ; // dummy
+       CK_BBOOL bFalse = CK_FALSE;
+       CK_BBOOL bTrue = CK_TRUE;
+
+       CK_ATTRIBUTE pukAttribs[] = {
+               { CKA_EC_PARAMS, NULL, 0 },
+               { CKA_LABEL, &label[0], sizeof(label) },
+               { CKA_ID, &id[0], sizeof(id) },
+               { CKA_KEY_TYPE, &keyType, sizeof(keyType) },
+               { CKA_VERIFY, &bTrue, sizeof(bTrue) },
+               { CKA_ENCRYPT, &bFalse, sizeof(bFalse) },
+               { CKA_WRAP, &bFalse, sizeof(bFalse) },
+               { CKA_TOKEN, &bTokenPuk, sizeof(bTokenPuk) },
+               { CKA_PRIVATE, &bPrivatePuk, sizeof(bPrivatePuk) }
+       };
+       CK_ATTRIBUTE prkAttribs[] = {
+               { CKA_LABEL, &label[0], sizeof(label) },
+               { CKA_ID, &id[0], sizeof(id) },
+               { CKA_KEY_TYPE, &keyType, sizeof(keyType) },
+               { CKA_SIGN, &bTrue, sizeof(bTrue) },
+               { CKA_DECRYPT, &bFalse, sizeof(bFalse) },
+               { CKA_UNWRAP, &bFalse, sizeof(bFalse) },
+               { CKA_SENSITIVE, &bTrue, sizeof(bTrue) },
+               { CKA_TOKEN, &bTokenPrk, sizeof(bTokenPrk) },
+               { CKA_PRIVATE, &bPrivatePrk, sizeof(bPrivatePrk) },
+               { CKA_EXTRACTABLE, &bFalse, sizeof(bFalse) }
+       };
+
+       /* Select the curve */
+       if (strcmp(curve, "Ed25519") == 0)
+       {
+               pukAttribs[0].pValue = oidEd25519;
+               pukAttribs[0].ulValueLen = sizeof(oidEd25519);
+       }
+       else
+       {
+               return CKR_GENERAL_ERROR;
+       }
+
+       hPuk = CK_INVALID_HANDLE;
+       hPrk = CK_INVALID_HANDLE;
+       return CRYPTOKI_F_PTR( C_GenerateKeyPair(hSession, &mechanism,
+                                                        pukAttribs, sizeof(pukAttribs)/sizeof(CK_ATTRIBUTE),
+                                                        prkAttribs, sizeof(prkAttribs)/sizeof(CK_ATTRIBUTE),
+                                                        &hPuk, &hPrk) );
+}
+#endif
+
 void SignVerifyTests::signVerifySingle(CK_MECHANISM_TYPE mechanismType, CK_SESSION_HANDLE hSession, CK_OBJECT_HANDLE hPublicKey, CK_OBJECT_HANDLE hPrivateKey, CK_VOID_PTR param /* = NULL_PTR */, CK_ULONG paramLen /* = 0 */)
 {
        CK_RV rv;
@@ -480,6 +535,61 @@ void SignVerifyTests::testEcSignVerify()
 }
 #endif
 
+#ifdef WITH_EDDSA
+void SignVerifyTests::testEdSignVerify()
+{
+       CK_RV rv;
+       CK_SESSION_HANDLE hSessionRO;
+       CK_SESSION_HANDLE hSessionRW;
+
+       // Just make sure that we finalize any previous tests
+       CRYPTOKI_F_PTR( C_Finalize(NULL_PTR) );
+
+       // Open read-only session on when the token is not initialized should fail
+       rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSessionRO) );
+       CPPUNIT_ASSERT(rv == CKR_CRYPTOKI_NOT_INITIALIZED);
+
+       // Initialize the library and start the test.
+       rv = CRYPTOKI_F_PTR( C_Initialize(NULL_PTR) );
+       CPPUNIT_ASSERT(rv == CKR_OK);
+
+       // Open read-only session
+       rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION, NULL_PTR, NULL_PTR, &hSessionRO) );
+       CPPUNIT_ASSERT(rv == CKR_OK);
+
+       // Open read-write session
+       rv = CRYPTOKI_F_PTR( C_OpenSession(m_initializedTokenSlotID, CKF_SERIAL_SESSION | CKF_RW_SESSION, NULL_PTR, NULL_PTR, &hSessionRW) );
+       CPPUNIT_ASSERT(rv == CKR_OK);
+
+       // Login USER into the sessions so we can create a private objects
+       rv = CRYPTOKI_F_PTR( C_Login(hSessionRO,CKU_USER,m_userPin1,m_userPin1Length) );
+       CPPUNIT_ASSERT(rv==CKR_OK);
+
+       CK_OBJECT_HANDLE hPuk = CK_INVALID_HANDLE;
+       CK_OBJECT_HANDLE hPrk = CK_INVALID_HANDLE;
+
+       // Public Session keys
+       rv = generateED("Ed25519", hSessionRW,IN_SESSION,IS_PUBLIC,IN_SESSION,IS_PUBLIC,hPuk,hPrk);
+       CPPUNIT_ASSERT(rv == CKR_OK);
+       signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+
+       // Private Session Keys
+       rv = generateED("Ed25519", hSessionRW,IN_SESSION,IS_PRIVATE,IN_SESSION,IS_PRIVATE,hPuk,hPrk);
+       CPPUNIT_ASSERT(rv == CKR_OK);
+       signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+
+       // Public Token Keys
+       rv = generateED("Ed25519", hSessionRW,ON_TOKEN,IS_PUBLIC,ON_TOKEN,IS_PUBLIC,hPuk,hPrk);
+       CPPUNIT_ASSERT(rv == CKR_OK);
+       signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+
+       // Private Token Keys
+       rv = generateED("Ed25519", hSessionRW,ON_TOKEN,IS_PRIVATE,ON_TOKEN,IS_PRIVATE,hPuk,hPrk);
+       CPPUNIT_ASSERT(rv == CKR_OK);
+       signVerifySingle(CKM_EDDSA, hSessionRO, hPuk,hPrk);
+}
+#endif
+
 CK_RV SignVerifyTests::generateKey(CK_SESSION_HANDLE hSession, CK_KEY_TYPE keyType, CK_BBOOL bToken, CK_BBOOL bPrivate, CK_OBJECT_HANDLE &hKey)
 {
 #ifndef WITH_BOTAN