Skip to content

Commit

Permalink
tests: Make test scripts do not rely on current working directory
Browse files Browse the repository at this point in the history 
For better support for out-of-tree builds, this removes assumption in
which directory the test scripts are running.

Signed-off-by: Daiki Ueno <[email protected]>
  • Loading branch information
@ueno
ueno committed Nov 7, 2023
1 parent 7d89b44 commit a48a66d
Show file tree
Hide file tree
Showing 8 changed files with 79 additions and 74 deletions.
2 changes: 2 additions & 0 deletions tests/helpers.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
# Copyright (C) 2022 Simo Sorce <[email protected]>
# SPDX-License-Identifier: Apache-2.0

: "${TESTBLDDIR=.}"

title()
{
case "$1" in
Expand Down
2 changes: 1 addition & 1 deletion tests/openssl.cnf.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ activate = 1
[pkcs11_sect]
module = @libtoollibs@/pkcs11@SHARED_EXT@
pkcs11-module-init-args = configDir=@testsblddir@/tmp.softokn/tokens
pkcs11-module-token-pin = file:@testsblddir@/pinfile.txt
pkcs11-module-token-pin = file:@PINFILE@
#pkcs11-module-allow-export
#pkcs11-module-load-behavior
##QUIRKS
Expand Down
64 changes: 32 additions & 32 deletions tests/setup-softhsm.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,41 +79,41 @@ find_softhsm \

title SECTION "Set up testing system"

TMPPDIR="tmp.softhsm"
TMPPDIR="${TESTBLDDIR}/tmp.softhsm"

if [ -d ${TMPPDIR} ]; then
rm -fr ${TMPPDIR}
if [ -d "${TMPPDIR}" ]; then
rm -fr "${TMPPDIR}"
fi
mkdir ${TMPPDIR}
mkdir "${TMPPDIR}"

PINVALUE="12345678"
PINFILE="${PWD}/pinfile.txt"
PINFILE="${TMPPDIR}/pinfile.txt"
echo ${PINVALUE} > "${PINFILE}"

#RANDOM data
SEEDFILE="${TMPPDIR}/noisefile.bin"
dd if=/dev/urandom of=${SEEDFILE} bs=2048 count=1 >/dev/null 2>&1
dd if=/dev/urandom of="${SEEDFILE}" bs=2048 count=1 >/dev/null 2>&1
RAND64FILE="${TMPPDIR}/64krandom.bin"
dd if=/dev/urandom of=${RAND64FILE} bs=2048 count=32 >/dev/null 2>&1
dd if=/dev/urandom of="${RAND64FILE}" bs=2048 count=32 >/dev/null 2>&1

# Create brand new tokens and certs
TOKDIR="$TMPPDIR/tokens"
if [ -d ${TOKDIR} ]; then
rm -fr ${TOKDIR}
if [ -d "${TOKDIR}" ]; then
rm -fr "${TOKDIR}"
fi
mkdir ${TOKDIR}
mkdir "${TOKDIR}"

# Create SoftHSM configuration file
cat >"$TMPPDIR/softhsm.conf" <<EOF
directories.tokendir = $PWD/$TOKDIR
directories.tokendir = $TOKDIR
objectstore.backend = file
log.level = DEBUG
EOF

export SOFTHSM2_CONF=$TMPPDIR/softhsm.conf

# prepare certtool configuration
cat >> ${TMPPDIR}/cert.cfg <<HEREDOC
cat >> "${TMPPDIR}/cert.cfg" <<HEREDOC
ca
cn = "Issuer"
serial = 1
Expand All @@ -137,14 +137,14 @@ CACRTN="caCert"
pkcs11-tool --keypairgen --key-type="RSA:2048" --login --pin=$PINVALUE \
--module="$P11LIB" --label="${CACRTN}" --id="$KEYID"
"${certtool}" --generate-self-signed --outfile="${CACRT}.crt" \
--template=${TMPPDIR}/cert.cfg --provider="$P11LIB" \
--template="${TMPPDIR}/cert.cfg" --provider="$P11LIB" \
--load-privkey "pkcs11:object=$CACRTN;type=private" \
--load-pubkey "pkcs11:object=$CACRTN;type=public" --outder
pkcs11-tool --write-object "${CACRT}.crt" --type=cert --id=$KEYID \
--label="$CACRTN" --module="$P11LIB"

# the organization identification is not in the CA
echo 'organization = "PKCS11 Provider"' >> ${TMPPDIR}/cert.cfg
echo 'organization = "PKCS11 Provider"' >> "${TMPPDIR}/cert.cfg"

ca_sign() {
CRT=$1
Expand All @@ -158,7 +158,7 @@ ca_sign() {
"${sed_inplace[@]}" \
"${TMPPDIR}/cert.cfg"
"${certtool}" --generate-certificate --outfile="${CRT}.crt" \
--template=${TMPPDIR}/cert.cfg --provider="$P11LIB" \
--template="${TMPPDIR}/cert.cfg" --provider="$P11LIB" \
--load-privkey "pkcs11:object=$LABEL;type=private" \
--load-pubkey "pkcs11:object=$LABEL;type=public" --outder \
--load-ca-certificate "${CACRT}.crt" --inder \
Expand All @@ -177,7 +177,7 @@ TSTCRTN="testCert"

pkcs11-tool --keypairgen --key-type="RSA:2048" --login --pin=$PINVALUE \
--module="$P11LIB" --label="${TSTCRTN}" --id="$KEYID"
ca_sign $TSTCRT $TSTCRTN "My Test Cert" $KEYID
ca_sign "$TSTCRT" $TSTCRTN "My Test Cert" $KEYID

BASEURIWITHPIN="pkcs11:id=${URIKEYID};pin-value=${PINVALUE}"
BASEURI="pkcs11:id=${URIKEYID}"
Expand All @@ -201,7 +201,7 @@ ECCRTN="ecCert"

pkcs11-tool --keypairgen --key-type="EC:secp256r1" --login --pin=$PINVALUE \
--module="$P11LIB" --label="${ECCRTN}" --id="$KEYID"
ca_sign $ECCRT $ECCRTN "My EC Cert" $KEYID
ca_sign "$ECCRT" $ECCRTN "My EC Cert" $KEYID

ECBASEURIWITHPIN="pkcs11:id=${URIKEYID};pin-value=${PINVALUE}"
ECBASEURI="pkcs11:id=${URIKEYID}"
Expand All @@ -216,7 +216,7 @@ ECPEERCRTN="ecPeerCert"

pkcs11-tool --keypairgen --key-type="EC:secp256r1" --login --pin=$PINVALUE \
--module="$P11LIB" --label="$ECPEERCRTN" --id="$KEYID"
ca_sign $ECPEERCRT $ECPEERCRTN "My Peer EC Cert" $KEYID
ca_sign "$ECPEERCRT" $ECPEERCRTN "My Peer EC Cert" $KEYID

ECPEERBASEURIWITHPIN="pkcs11:id=${URIKEYID};pin-value=${PINVALUE}"
ECPEERBASEURI="pkcs11:id=${URIKEYID}"
Expand Down Expand Up @@ -245,7 +245,7 @@ EDCRTN="edCert"

pkcs11-tool --keypairgen --key-type="EC:edwards25519" --login --pin=$PINVALUE --module="$P11LIB" \
--label="${EDCRTN}" --id="$KEYID"
ca_sign $EDCRT $EDCRTN "My ED25519 Cert" $KEYID
ca_sign "$EDCRT" $EDCRTN "My ED25519 Cert" $KEYID

EDBASEURI="pkcs11:id=${URIKEYID}"
EDPUBURI="pkcs11:type=public;id=${URIKEYID}"
Expand Down Expand Up @@ -336,34 +336,34 @@ pkcs11-tool -O --login --pin=$PINVALUE --module="$P11LIB"
echo " ----------------------------------------------------------------------------------------------------"

title PARA "Output configurations"
BASEDIR=$(pwd)
OPENSSL_CONF=${BASEDIR}/${TMPPDIR}/openssl.cnf
OPENSSL_CONF=${TMPPDIR}/openssl.cnf

title LINE "Generate openssl config file"
sed -e "s|@libtoollibs[@]|${LIBSPATH}|g" \
sed -e "s|@libtoollibs@|${LIBSPATH}|g" \
-e "s|@testsblddir@|${TESTBLDDIR}|g" \
-e "s|@testsdir[@]|${BASEDIR}/${TMPPDIR}|g" \
-e "s|@testsdir@|${TMPPDIR}|g" \
-e "s|@SHARED_EXT@|${SHARED_EXT}|g" \
-e "s|@PINFILE@|${PINFILE}|g" \
-e "s|##QUIRKS|pkcs11-module-quirks = no-deinit|g" \
-e "/pkcs11-module-init-args/d" \
"${TESTSSRCDIR}/openssl.cnf.in" > "${OPENSSL_CONF}"

title LINE "Export test variables to ${TMPPDIR}/testvars"
cat >> ${TMPPDIR}/testvars <<DBGSCRIPT
cat >> "${TMPPDIR}/testvars" <<DBGSCRIPT
export P11LIB=${P11LIB}
export P11KITCLIENTPATH=${P11KITCLIENTPATH}
export PKCS11_PROVIDER_MODULE=${P11LIB}
export PKCS11_PROVIDER_DEBUG="file:${BASEDIR}/${TMPPDIR}/p11prov-debug.log"
export PKCS11_PROVIDER_DEBUG="file:${TMPPDIR}/p11prov-debug.log"
export OPENSSL_CONF="${OPENSSL_CONF}"
export SOFTHSM2_CONF=${BASEDIR}/${TMPPDIR}/softhsm.conf
export SOFTHSM2_CONF=${TMPPDIR}/softhsm.conf
export TESTSSRCDIR="${TESTSSRCDIR}"
export TESTBLDDIR="${TESTBLDDIR}"
export TOKDIR="${BASEDIR}/${TOKDIR}"
export TMPPDIR="${BASEDIR}/${TMPPDIR}"
export TOKDIR="${TOKDIR}"
export TMPPDIR="${TMPPDIR}"
export PINVALUE="${PINVALUE}"
export SEEDFILE="${BASEDIR}/${TMPPDIR}/noisefile.bin"
export RAND64FILE="${BASEDIR}/${TMPPDIR}/64krandom.bin"
export SEEDFILE="${TMPPDIR}/noisefile.bin"
export RAND64FILE="${TMPPDIR}/64krandom.bin"
export BASEURIWITHPIN="${BASEURIWITHPIN}"
export BASEURI="${BASEURI}"
Expand Down Expand Up @@ -400,7 +400,7 @@ export ECCRT2URI="${ECCRT2URI}"
DBGSCRIPT

if [ -n "${ECXBASEURI}" ]; then
cat >> ${TMPPDIR}/testvars <<DBGSCRIPT
cat >> "${TMPPDIR}/testvars" <<DBGSCRIPT
export ECXBASEURIWITHPIN="${ECXBASEURIWITHPIN}"
export ECXBASEURI="${ECXBASEURI}"
Expand All @@ -409,7 +409,7 @@ export ECXPRIURI="${ECXPRIURI}"
DBGSCRIPT
fi

cat >> ${TMPPDIR}/testvars <<DBGSCRIPT
cat >> "${TMPPDIR}/testvars" <<DBGSCRIPT
# for listing the separate pkcs11 calls
#export PKCS11SPY="${PKCS11_PROVIDER_MODULE}"
Expand Down
38 changes: 19 additions & 19 deletions tests/setup-softokn.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,28 +12,28 @@ fi

title SECTION "Set up testing system"

TMPPDIR="tmp.softokn"
if [ -d ${TMPPDIR} ]; then
rm -fr ${TMPPDIR}
TMPPDIR="${TESTBLDDIR}/tmp.softokn"
if [ -d "${TMPPDIR}" ]; then
rm -fr "${TMPPDIR}"
fi
mkdir ${TMPPDIR}
mkdir "${TMPPDIR}"

PINVALUE="12345678"
PINFILE="${PWD}/pinfile.txt"
PINFILE="${TMPPDIR}/pinfile.txt"
echo ${PINVALUE} > "${PINFILE}"

#RANDOM data
SEEDFILE="${TMPPDIR}/noisefile.bin"
dd if=/dev/urandom of=${SEEDFILE} bs=2048 count=1 >/dev/null 2>&1
dd if=/dev/urandom of="${SEEDFILE}" bs=2048 count=1 >/dev/null 2>&1
RAND64FILE="${TMPPDIR}/64krandom.bin"
dd if=/dev/urandom of=${RAND64FILE} bs=2048 count=32 >/dev/null 2>&1
dd if=/dev/urandom of="${RAND64FILE}" bs=2048 count=32 >/dev/null 2>&1

# Create brand new tokens and certs
TOKDIR="$TMPPDIR/tokens"
if [ -d ${TOKDIR} ]; then
rm -fr ${TOKDIR}
if [ -d "${TOKDIR}" ]; then
rm -fr "${TOKDIR}"
fi
mkdir ${TOKDIR}
mkdir "${TOKDIR}"

SERIAL=0

Expand Down Expand Up @@ -152,30 +152,30 @@ certutil -K -d "${TOKDIR}" -f "${PINFILE}"
echo " ----------------------------------------------------------------------------------------------------"

title PARA "Output configurations"
BASEDIR=$(pwd)
OPENSSL_CONF=${BASEDIR}/${TMPPDIR}/openssl.cnf
OPENSSL_CONF=${TMPPDIR}/openssl.cnf

title LINE "Generate openssl config file"
sed -e "s|@libtoollibs[@]|${LIBSPATH}|g" \
sed -e "s|@libtoollibs@|${LIBSPATH}|g" \
-e "s|@testsblddir@|${TESTBLDDIR}|g" \
-e "s|@testsdir[@]|${BASEDIR}/${TMPPDIR}|g" \
-e "s|@testsdir@|${TMPPDIR}|g" \
-e "s|@SHARED_EXT@|${SHARED_EXT}|g" \
-e "s|@PINFILE@|${PINFILE}|g" \
"${TESTSSRCDIR}/openssl.cnf.in" > "${OPENSSL_CONF}"

title LINE "Export tests variables to ${TMPPDIR}/testvars"
cat > "${TMPPDIR}/testvars" <<DBGSCRIPT
export PKCS11_PROVIDER_DEBUG="file:${BASEDIR}/${TMPPDIR}/p11prov-debug.log"
export PKCS11_PROVIDER_DEBUG="file:${TMPPDIR}/p11prov-debug.log"
export PKCS11_PROVIDER_MODULE="${SOFTOKNPATH%%/}/libsoftokn3${SHARED_EXT}"
export OPENSSL_CONF="${OPENSSL_CONF}"
export TESTSSRCDIR="${TESTSSRCDIR}"
export TESTBLDDIR="${TESTBLDDIR}"
export PINFILE="${PINFILE}"
export TOKDIR="${BASEDIR}/${TOKDIR}"
export TMPPDIR="${BASEDIR}/${TMPPDIR}"
export TOKDIR="${TOKDIR}"
export TMPPDIR="${TMPPDIR}"
export PINVALUE="${PINVALUE}"
export SEEDFILE="${BASEDIR}/${TMPPDIR}/noisefile.bin"
export RAND64FILE="${BASEDIR}/${TMPPDIR}/64krandom.bin"
export SEEDFILE="${TMPPDIR}/noisefile.bin"
export RAND64FILE="${TMPPDIR}/64krandom.bin"
export BASEURIWITHPIN="${BASEURIWITHPIN}"
export BASEURI="${BASEURI}"
Expand Down
30 changes: 15 additions & 15 deletions tests/tbasic
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,13 +153,13 @@ fi
OPENSSL_CONF=${ORIG_OPENSSL_CONF}

title PARA "Test EVP_PKEY_eq on public RSA key both on token"
$CHECKER ./tcmpkeys "$PUBURI" "$PUBURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$PUBURI" "$PUBURI"
title PARA "Test EVP_PKEY_eq on public EC key both on token"
# shellcheck disable=SC2153 # ECURIs and ECXURIs are not spelling errors
$CHECKER ./tcmpkeys "$ECPUBURI" "$ECPUBURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECPUBURI" "$ECPUBURI"
if [[ -n $ECXPUBURI ]]; then
title PARA "Test EVP_PKEY_eq on public explicit EC key both on token"
$CHECKER ./tcmpkeys "$ECXPUBURI" "$ECXPUBURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECXPUBURI" "$ECXPUBURI"
fi

# It's important to test the commutative property since in the
Expand All @@ -168,40 +168,40 @@ fi
# in the second case it's the other way around.

title PARA "Test EVP_PKEY_eq on public RSA key via import"
$CHECKER ./tcmpkeys "$PUBURI" "${TMPPDIR}"/rsa.pub.uripin.pem
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$PUBURI" "${TMPPDIR}"/rsa.pub.uripin.pem
title PARA "Match private RSA key against public key"
$CHECKER ./tcmpkeys "$PRIURI" "${TMPPDIR}"/rsa.pub.uripin.pem
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$PRIURI" "${TMPPDIR}"/rsa.pub.uripin.pem
title PARA "Match private RSA key against public key (commutativity)"
$CHECKER ./tcmpkeys "${TMPPDIR}"/rsa.pub.uripin.pem "$PRIURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "${TMPPDIR}"/rsa.pub.uripin.pem "$PRIURI"

title PARA "Test EVP_PKEY_eq on public EC key via import"
$CHECKER ./tcmpkeys "$ECPUBURI" "${TMPPDIR}"/ec.pub.uripin.pem
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECPUBURI" "${TMPPDIR}"/ec.pub.uripin.pem
title PARA "Match private EC key against public key"
$CHECKER ./tcmpkeys "$ECPRIURI" "${TMPPDIR}"/ec.pub.uripin.pem
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECPRIURI" "${TMPPDIR}"/ec.pub.uripin.pem
title PARA "Match private EC key against public key (commutativity)"
$CHECKER ./tcmpkeys "${TMPPDIR}"/ec.pub.uripin.pem "$ECPRIURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "${TMPPDIR}"/ec.pub.uripin.pem "$ECPRIURI"

if [[ -n $ECXPUBURI ]]; then
echo "ECXPUBURI is $ECXPUBURI"
title PARA "Test EVP_PKEY_eq on public explicit EC key via import"
$CHECKER ./tcmpkeys "$ECXPUBURI" "${TMPPDIR}"/ecx.pub.uripin.pem
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECXPUBURI" "${TMPPDIR}"/ecx.pub.uripin.pem
title PARA "Match private explicit EC key against public key"
# shellcheck disable=SC2153 # ECURIs and ECXURIs are not spelling errors
$CHECKER ./tcmpkeys "$ECXPRIURI" "${TMPPDIR}"/ecx.pub.uripin.pem
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECXPRIURI" "${TMPPDIR}"/ecx.pub.uripin.pem
title PARA "Match private explicit EC key against public key (commutativity)"
$CHECKER ./tcmpkeys "${TMPPDIR}"/ecx.pub.uripin.pem "$ECXPRIURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "${TMPPDIR}"/ecx.pub.uripin.pem "$ECXPRIURI"
fi

title PARA "Test EVP_PKEY_eq with key exporting disabled"
ORIG_OPENSSL_CONF=${OPENSSL_CONF}
OPENSSL_CONF=${OPENSSL_CONF}.noexport
title PARA "Test RSA key"
$CHECKER ./tcmpkeys "$PUBURI" "$PUBURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$PUBURI" "$PUBURI"
title PARA "Test EC key"
$CHECKER ./tcmpkeys "$ECPUBURI" "$ECPUBURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECPUBURI" "$ECPUBURI"
if [[ -n $ECXPUBURI ]]; then
title PARA "Test explicit EC key"
$CHECKER ./tcmpkeys "$ECXPUBURI" "$ECXPUBURI"
$CHECKER "${TESTBLDDIR}/tcmpkeys" "$ECXPUBURI" "$ECXPUBURI"
fi
OPENSSL_CONF=${ORIG_OPENSSL_CONF}

Expand Down
2 changes: 1 addition & 1 deletion tests/tdigest
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,6 @@ sed "s/#pkcs11-module-load-behavior/pkcs11-module-load-behavior = early/" \
OPENSSL_CONF=${OPENSSL_CONF}.early_load

title PARA "Test Digests support"
$CHECKER ./tdigests
$CHECKER "${TESTBLDDIR}/tdigests"

exit 0
13 changes: 8 additions & 5 deletions tests/test-wrapper
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,30 +2,33 @@
# Copyright (C) 2022 Simo sorce <[email protected]>
# SPDX-License-Identifier: Apache-2.0

TEST_PATH=$(dirname "${1}")
DNAME=$(dirname "${1}")
BNAME=$(basename "${1}")

: "${TEST_PATH=$DNAME}"
: "${TESTBLDDIR=.}"

# the test name is {TEST_NAME}-{TOKEN_DRIVER}.t
# split extension
NAME=${BNAME%.*}
TEST_NAME=${NAME%-*}
TOKEN_DRIVER=${NAME#*-}

if [ -f "./tmp.${TOKEN_DRIVER}/testvars" ]; then
if [ -f "${TESTBLDDIR}/tmp.${TOKEN_DRIVER}/testvars" ]; then
# shellcheck source=/dev/null # we do not care about linting this source
source "./tmp.${TOKEN_DRIVER}/testvars"
source "${TESTBLDDIR}/tmp.${TOKEN_DRIVER}/testvars"
else
exit 77 # token not configured, skip
fi

# some tests are compiled, others are just distributed scripts
# so we need to check both the current tests build dir and the
# source tests dir in the out-of-source buils case (used by
# source tests dir in the out-of-source build case (used by
# make distcheck for example)
if [ -f "${TEST_PATH}/t${TEST_NAME}" ]; then
COMMAND="${TEST_PATH}/t${TEST_NAME}"
else
COMMAND="./t${TEST_NAME}"
COMMAND="${TESTBLDDIR}/t${TEST_NAME}"
fi

# Run the tests under valgrind with appropriate flags
Expand Down
Loading

0 comments on commit a48a66d

Please sign in to comment.