Giter Site home page Giter Site logo

pkcs11test's Introduction

pkcs11Test: A PKCS#11 Test Suite

Warning: Do not run this test suite against a PKCS#11 token that contains real data; some of the tests may erase or permanently lock the token.

This repository holds a test suite for, and is therefore derived from, the RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki).

The test suite exercises v2.2 of the PKCS#11 interface, and covers:

  • library management (init.cc)
  • slot and token management (slot.cc)
  • session management (session.cc, login.cc)
  • object management (object.cc)
  • key management (key.cc)
  • symmetric encryption and decryption (cipher.cc)
  • asymmetric encryption and decryption (cipher.cc)
  • signing and verification (sign.cc, hmac.cc)
  • message digesting (digest.cc)
  • dual-function mechanisms (dual.cc)

To build the test program on Linux, just run make. To run the tests against common Linux PKCS#11 implementations:

This is NOT an official Google product.

Additional make options:

  • PKCS11_LONG_SIZE=32 - set CK_LONG/CK_ULONG size to int32_t/uint32_t. Normally set to long int, which is machine/compiler dependent.
  • STRICT_P11=1 - set structures to packed, which tests against fully compliant PKCS11 implementations.

Example:

make PKCS11_LONG_SIZE=32 STRICT_P11=1

Test Options

The test program requires the following command-line parameters to be set:

  • -m libname: Provide the name of the PKCS#11 library to test.
  • -l libpath: Provide the path holding the PKCS#11 library.

There are also several optional command-line parameters:

  • -s slotid: Provide the slot ID that will be used for the tests
  • -v: Generate verbose output.
  • -u pwd: Provide the user PIN/password.
  • -o pwd: Provide the security officer PIN/password.
  • -w cnm: Name of cipher to use for keys being wrapped in key-wrapping tests. One of { 3DES-CBC, 3DES-ECB, AES-CBC , AES-ECB, ARIA-CBC, ARIA-CBC-PAD , ARIA-ECB, CAMELLIA-CBC, CAMELLIA-CBC-PAD , CAMELLIA-ECB, DES-CBC, DES-ECB , IDEA-CBC, IDEA-ECB }
  • -I: Perform token initialization tests. This will wipe the contents of the PKCS#11 token

The test program uses Google Test, and the Google Test command line options are also available. In particular, --gtest_filter=<filter> can be used to run a subset of the tests.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.