[Spice-devel] [PATCH libcacard 16/45] tests: Verify we can parse properties of PKI object
Jakub Jelen
jjelen at redhat.com
Tue Jul 31 14:50:10 UTC 2018
* Also verify the key size inside matches expectation
* This involves parsing SimpleTLV structures
Signed-off-by: Jakub Jelen <jjelen at redhat.com>
Reviewed-by: Robert Relyea <rrelyea at redhat.com>
---
tests/libcacard.c | 61 +++++++++++++++++++++++++++++++++++++++++++----
1 file changed, 56 insertions(+), 5 deletions(-)
diff --git a/tests/libcacard.c b/tests/libcacard.c
index fb2a8ca..38a5ae7 100644
--- a/tests/libcacard.c
+++ b/tests/libcacard.c
@@ -1,5 +1,6 @@
#include <glib.h>
#include "libcacard.h"
+#include "simpletlv.h"
#define ARGS "db=\"sql:%s\" use_hw=no soft=(,Test,CAC,,cert1,cert2,cert3)"
@@ -9,6 +10,12 @@ static guint nreaders;
static GMutex mutex;
static GCond cond;
+enum {
+ TEST_PKI,
+ TEST_CCC,
+ TEST_ACA
+};
+
static gpointer
events_thread(gpointer arg)
{
@@ -140,15 +147,16 @@ static void test_xfer(void)
vreader_free(reader); /* get by id ref */
}
-static void get_properties(VReader *reader)
+static void get_properties(VReader *reader, int object_type)
{
int dwRecvLength = APDUBufSize;
VReaderStatus status;
- uint8_t pbRecvBuffer[APDUBufSize];
+ uint8_t pbRecvBuffer[APDUBufSize], *p, *p_end;
uint8_t get_properties[] = {
/* Get properties */
0x80, 0x56, 0x01, 0x00, 0x00
};
+ int verified_pki_properties = 0;
status = vreader_xfr_bytes(reader,
get_properties, sizeof(get_properties),
@@ -158,6 +166,49 @@ static void get_properties(VReader *reader)
g_assert_cmpint(pbRecvBuffer[dwRecvLength-2], ==, VCARD7816_SW1_SUCCESS);
g_assert_cmpint(pbRecvBuffer[dwRecvLength-1], ==, 0x00);
+ /* try to parse the response, if it makes sense */
+ p = pbRecvBuffer;
+ p_end = p + dwRecvLength - 2;
+ while (p < p_end) {
+ uint8_t tag;
+ size_t vlen;
+ if (simpletlv_read_tag(&p, p_end - p, &tag, &vlen) < 0) {
+ g_debug("The generated SimpleTLV can not be parsed");
+ g_assert_not_reached();
+ }
+ g_assert_cmpint(vlen, <=, p_end - p);
+ g_debug("Tag: 0x%02x, Len: %lu", tag, vlen);
+
+ if (tag == 0x51 /* PKI OBJECT */) {
+ /* recursive SimpleTLV structure */
+ uint8_t *p2 = p, *p2_end = p + vlen;
+ while (p2 < p2_end) {
+ uint8_t tag2;
+ size_t vlen2;
+ if (simpletlv_read_tag(&p2, p2_end - p2, &tag2, &vlen2) < 0) {
+ g_debug("The generated SimpleTLV can not be parsed");
+ g_assert_not_reached();
+ }
+ g_assert_cmpint(vlen2, <=, p2_end - p2);
+ g_debug(" Tag: 0x%02x, Len: %lu", tag2, vlen2);
+
+ if (tag2 == 0x43 /* PKI PROPERTIES */) {
+ /* For now, expecting 2048 b RSA keys */
+ g_assert_cmphex(p2[0], ==, 0x06);
+ g_assert_cmphex(p2[1], ==, (2048 / 8 / 8));
+ g_assert_cmphex(p2[2], ==, 0x01);
+ g_assert_cmphex(p2[3], ==, 0x01);
+ verified_pki_properties = 1;
+ }
+ p2 += vlen2;
+ }
+ }
+ p += vlen;
+ }
+
+ if (object_type == TEST_PKI) {
+ g_assert_cmpint(verified_pki_properties, ==, 1);
+ }
}
static void get_acr(VReader *reader)
@@ -397,7 +448,7 @@ static void test_cac_pki(void)
g_assert_cmphex(pbRecvBuffer[1], ==, 0x00);
/* get properties */
- get_properties(reader);
+ get_properties(reader, TEST_PKI);
/* get the TAG buffer length */
read_buffer(reader, CAC_FILE_TAG);
@@ -428,7 +479,7 @@ static void test_cac_ccc(void)
g_assert_cmphex(pbRecvBuffer[1], ==, 0x00);
/* get properties */
- get_properties(reader);
+ get_properties(reader, TEST_CCC);
/* get the TAG buffer length */
read_buffer(reader, CAC_FILE_TAG);
@@ -459,7 +510,7 @@ static void test_cac_aca(void)
g_assert_cmphex(pbRecvBuffer[1], ==, 0x00);
/* get properties */
- get_properties(reader);
+ get_properties(reader, TEST_ACA);
/* get ACR */
get_acr(reader);
--
2.17.1
More information about the Spice-devel
mailing list