test_data/crypto-openssl-newcsr.js - chromiumos/platform/entd - Git at Google

 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 // This testcase expects that pkcsslotd is NOT running, so we won't be able to
 // create the Pkcs11 object.

 var Slot = entd.crypto.Pkcs11.Slot;
 var Token = entd.crypto.Pkcs11.Token;
 var Session = entd.crypto.Pkcs11.Session;
 var Object = entd.crypto.Pkcs11.Object;
 var CSR = entd.crypto.OpenSSL.CSR;

 const ENGINE_ID = "pkcs11";

 const KEY_ID = "2857967a"
 const KEY_LABEL = "OPENSSL_CSR_TEST";
 const TEST_USER_PIN = "111111";

 function createTestKey(session, id, label) {
   session.generateKeyPair(
     Session.CKM_RSA_PKCS_KEY_PAIR_GEN,
     [
       // Public key properties.
       [Object.CKA_ENCRYPT, true],
       [Object.CKA_VERIFY, true],
       [Object.CKA_WRAP, true],
       [Object.CKA_MODULUS_BITS, 2048],
     ],
     [
       // Private key properties.
       [Object.CKA_PRIVATE, true],
       [Object.CKA_SENSITIVE, true],
       [Object.CKA_SIGN, true],
       [Object.CKA_DECRYPT, true],
       [Object.CKA_UNWRAP, true],
     ],
     [
       // Common properties of public & private.
       [Object.CKA_TOKEN, true],
       [Object.CKA_LABEL, label],
       [Object.CKA_ID, id]
     ]
   );
 }

 function findObjects(session, id, label, type) {
   return session.findObjects(
     [
       [Object.CKA_CLASS, type],
       [Object.CKA_ID, id],
       [Object.CKA_LABEL, label]
     ]
   );
 }

 function keyExists(session, key_to_find_id, key_to_find_label, key_type) {
   try {
     // Search for ID + label.
     var result = findObjects(session, key_to_find_id, key_to_find_label,
                              key_type) || null;
     if (result == null || result.length != 1)
       return false;
   } catch(ex) {
     return println("Failed to search for the key: " + ex);
   }

   return true;
 }

 // Ensures the necessary private key exists to perform the test.
 // This function creates the key if it does not exist.
 function ensureTestKeyExists() {
   var pkcs11 = new entd.crypto.Pkcs11();

   var slot = pkcs11.slots[0];

   if (!(slot.flags & Slot.CKF_TOKEN_PRESENT))
     return println("Expected slot 0 to have a token present");

   var token = slot.token;

   if (!(token instanceof Token))
     return println("Expected instanceof entd.Pkcs11.Token");

   var session = null;
   try {
     token.closeAllSessions();
     session = token.openSession(Token.CKF_RW_SESSION);
   } catch (ex) {
     println('Unable to open session: ' + ex);
     return false;
   }

   if (!(session instanceof Session))
     return println("Expected instanceof entd.Pkcs11.Session.");

   try {
     if (!session.login(Session.CKU_USER, TEST_USER_PIN)) {
       println('Unable to log in user into token.');
       session.close();
       return false;
     }
   } catch (ex) {
     println('Failed to login user into token: ' + ex);
     session.close();
     return false;
   }

   try {
     // If key exists, we are done.
     if (keyExists(session, KEY_ID, KEY_LABEL, Object.CKO_PRIVATE_KEY))
       return true;
   } catch(ex) {
     return println("Expected to create key pair: " + ex);
   }

   try {
     // Key does not exist, create it.
     createTestKey(session, KEY_ID, KEY_LABEL);
   } catch(ex) {
     return println("Expected to create key pair: " + ex);
   }

   try {
     // Key was created, we are done.
     if (keyExists(session, KEY_ID, KEY_LABEL, Object.CKO_PRIVATE_KEY))
       return true;
   } catch(ex) {
     return println("Expected to create key pair: " + ex);
   }

   return println("Did not create the necessary keys.");
 }

 entd.onLoad = function () {
   var engine = new entd.crypto.OpenSSL.Engine(ENGINE_ID);

   if (!ensureTestKeyExists())
     return println("Failed to ensure test key exists.");

   // Positive test.
   var csr = engine.createCSR("id_" + KEY_ID, "/CN=nelsona@google.com");
   if (!(csr instanceof CSR))
     return println("Failed to create X.509 certificate request.");

   var csrText = csr.toFormat(CSR.CSR_FORMAT_PEM_TEXT);
   if (csrText.indexOf("-BEGIN CERTIFICATE REQUEST-") == -1)
     return println("Invalid certificate request");

   // Clears object handles.
   csr.dispose();

   // Negative test.
   try {
     var csr = engine.createCSR("id_" + KEY_ID + "9999",
                                "/CN=nelsona@google.com");
     return println("Created request without corresponding key.");
   } catch(ex) {
     // Exception is expected.
   }

   engine.dispose();

   println("LOOKS OK");
 }
	// Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	// This testcase expects that pkcsslotd is NOT running, so we won't be able to
	// create the Pkcs11 object.

	var Slot = entd.crypto.Pkcs11.Slot;
	var Token = entd.crypto.Pkcs11.Token;
	var Session = entd.crypto.Pkcs11.Session;
	var Object = entd.crypto.Pkcs11.Object;
	var CSR = entd.crypto.OpenSSL.CSR;

	const ENGINE_ID = "pkcs11";

	const KEY_ID = "2857967a"
	const KEY_LABEL = "OPENSSL_CSR_TEST";
	const TEST_USER_PIN = "111111";

	function createTestKey(session, id, label) {
	session.generateKeyPair(
	Session.CKM_RSA_PKCS_KEY_PAIR_GEN,
	[
	// Public key properties.
	[Object.CKA_ENCRYPT, true],
	[Object.CKA_VERIFY, true],
	[Object.CKA_WRAP, true],
	[Object.CKA_MODULUS_BITS, 2048],
	],
	[
	// Private key properties.
	[Object.CKA_PRIVATE, true],
	[Object.CKA_SENSITIVE, true],
	[Object.CKA_SIGN, true],
	[Object.CKA_DECRYPT, true],
	[Object.CKA_UNWRAP, true],
	],
	[
	// Common properties of public & private.
	[Object.CKA_TOKEN, true],
	[Object.CKA_LABEL, label],
	[Object.CKA_ID, id]
	]
	);
	}

	function findObjects(session, id, label, type) {
	return session.findObjects(
	[
	[Object.CKA_CLASS, type],
	[Object.CKA_ID, id],
	[Object.CKA_LABEL, label]
	]
	);
	}

	function keyExists(session, key_to_find_id, key_to_find_label, key_type) {
	try {
	// Search for ID + label.
	var result = findObjects(session, key_to_find_id, key_to_find_label,
	key_type) \|\| null;
	if (result == null \|\| result.length != 1)
	return false;
	} catch(ex) {
	return println("Failed to search for the key: " + ex);
	}

	return true;
	}

	// Ensures the necessary private key exists to perform the test.
	// This function creates the key if it does not exist.
	function ensureTestKeyExists() {
	var pkcs11 = new entd.crypto.Pkcs11();

	var slot = pkcs11.slots[0];

	if (!(slot.flags & Slot.CKF_TOKEN_PRESENT))
	return println("Expected slot 0 to have a token present");

	var token = slot.token;

	if (!(token instanceof Token))
	return println("Expected instanceof entd.Pkcs11.Token");

	var session = null;
	try {
	token.closeAllSessions();
	session = token.openSession(Token.CKF_RW_SESSION);
	} catch (ex) {
	println('Unable to open session: ' + ex);
	return false;
	}

	if (!(session instanceof Session))
	return println("Expected instanceof entd.Pkcs11.Session.");

	try {
	if (!session.login(Session.CKU_USER, TEST_USER_PIN)) {
	println('Unable to log in user into token.');
	session.close();
	return false;
	}
	} catch (ex) {
	println('Failed to login user into token: ' + ex);
	session.close();
	return false;
	}

	try {
	// If key exists, we are done.
	if (keyExists(session, KEY_ID, KEY_LABEL, Object.CKO_PRIVATE_KEY))
	return true;
	} catch(ex) {
	return println("Expected to create key pair: " + ex);
	}

	try {
	// Key does not exist, create it.
	createTestKey(session, KEY_ID, KEY_LABEL);
	} catch(ex) {
	return println("Expected to create key pair: " + ex);
	}

	try {
	// Key was created, we are done.
	if (keyExists(session, KEY_ID, KEY_LABEL, Object.CKO_PRIVATE_KEY))
	return true;
	} catch(ex) {
	return println("Expected to create key pair: " + ex);
	}

	return println("Did not create the necessary keys.");
	}

	entd.onLoad = function () {
	var engine = new entd.crypto.OpenSSL.Engine(ENGINE_ID);

	if (!ensureTestKeyExists())
	return println("Failed to ensure test key exists.");

	// Positive test.
	var csr = engine.createCSR("id_" + KEY_ID, "/CN=nelsona@google.com");
	if (!(csr instanceof CSR))
	return println("Failed to create X.509 certificate request.");

	var csrText = csr.toFormat(CSR.CSR_FORMAT_PEM_TEXT);
	if (csrText.indexOf("-BEGIN CERTIFICATE REQUEST-") == -1)
	return println("Invalid certificate request");

	// Clears object handles.
	csr.dispose();

	// Negative test.
	try {
	var csr = engine.createCSR("id_" + KEY_ID + "9999",
	"/CN=nelsona@google.com");
	return println("Created request without corresponding key.");
	} catch(ex) {
	// Exception is expected.
	}

	engine.dispose();

	println("LOOKS OK");
	}