|
|
@ -209,13 +209,13 @@ func TestPKCS11_CreateKey(t *testing.T) {
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}, false},
|
|
|
|
}, false},
|
|
|
|
{"default extractable", args{&apiv1.CreateKeyRequest{
|
|
|
|
{"default extractable", args{&apiv1.CreateKeyRequest{
|
|
|
|
Name: testObjectAlt,
|
|
|
|
Name: testObject,
|
|
|
|
Extractable: true,
|
|
|
|
Extractable: true,
|
|
|
|
}}, &apiv1.CreateKeyResponse{
|
|
|
|
}}, &apiv1.CreateKeyResponse{
|
|
|
|
Name: testObjectAlt,
|
|
|
|
Name: testObject,
|
|
|
|
PublicKey: &ecdsa.PublicKey{},
|
|
|
|
PublicKey: &ecdsa.PublicKey{},
|
|
|
|
CreateSignerRequest: apiv1.CreateSignerRequest{
|
|
|
|
CreateSignerRequest: apiv1.CreateSignerRequest{
|
|
|
|
SigningKey: testObjectAlt,
|
|
|
|
SigningKey: testObject,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}, false},
|
|
|
|
}, false},
|
|
|
|
{"RSA SHA256WithRSA", args{&apiv1.CreateKeyRequest{
|
|
|
|
{"RSA SHA256WithRSA", args{&apiv1.CreateKeyRequest{
|
|
|
@ -573,6 +573,7 @@ func TestPKCS11_StoreCertificate(t *testing.T) {
|
|
|
|
// Make sure to delete the created certificate
|
|
|
|
// Make sure to delete the created certificate
|
|
|
|
t.Cleanup(func() {
|
|
|
|
t.Cleanup(func() {
|
|
|
|
k.DeleteCertificate(testObject)
|
|
|
|
k.DeleteCertificate(testObject)
|
|
|
|
|
|
|
|
k.DeleteCertificate(testObjectAlt)
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
|
|
type args struct {
|
|
|
|
type args struct {
|
|
|
@ -587,6 +588,11 @@ func TestPKCS11_StoreCertificate(t *testing.T) {
|
|
|
|
Name: testObject,
|
|
|
|
Name: testObject,
|
|
|
|
Certificate: cert,
|
|
|
|
Certificate: cert,
|
|
|
|
}}, false},
|
|
|
|
}}, false},
|
|
|
|
|
|
|
|
{"ok extractable", args{&apiv1.StoreCertificateRequest{
|
|
|
|
|
|
|
|
Name: testObjectAlt,
|
|
|
|
|
|
|
|
Certificate: cert,
|
|
|
|
|
|
|
|
Extractable: true,
|
|
|
|
|
|
|
|
}}, false},
|
|
|
|
{"fail already exists", args{&apiv1.StoreCertificateRequest{
|
|
|
|
{"fail already exists", args{&apiv1.StoreCertificateRequest{
|
|
|
|
Name: testObject,
|
|
|
|
Name: testObject,
|
|
|
|
Certificate: cert,
|
|
|
|
Certificate: cert,
|
|
|
@ -614,6 +620,11 @@ func TestPKCS11_StoreCertificate(t *testing.T) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
|
|
for _, tt := range tests {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
|
|
|
|
if tt.args.req.Extractable {
|
|
|
|
|
|
|
|
if testModule == "SoftHSM2" {
|
|
|
|
|
|
|
|
t.Skip("Extractable certificates are not supported on SoftHSM2")
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
if err := k.StoreCertificate(tt.args.req); (err != nil) != tt.wantErr {
|
|
|
|
if err := k.StoreCertificate(tt.args.req); (err != nil) != tt.wantErr {
|
|
|
|
t.Errorf("PKCS11.StoreCertificate() error = %v, wantErr %v", err, tt.wantErr)
|
|
|
|
t.Errorf("PKCS11.StoreCertificate() error = %v, wantErr %v", err, tt.wantErr)
|
|
|
|
}
|
|
|
|
}
|
|
|
|