diff options
author | Karen Arutyunov <karen@codesynthesis.com> | 2018-10-15 21:08:04 +0300 |
---|---|---|
committer | Karen Arutyunov <karen@codesynthesis.com> | 2018-10-17 15:02:42 +0300 |
commit | de91921561092689369b56c54950474e0a86e66f (patch) | |
tree | a9949058021d911db1106b1a2e4d9e0e9281de16 /openssl/agent/pkcs11/private-key.test.cxx | |
parent | fb65c93daaf369157bd712f2c4c20161c4840b94 (diff) |
Add implementation
Diffstat (limited to 'openssl/agent/pkcs11/private-key.test.cxx')
-rw-r--r-- | openssl/agent/pkcs11/private-key.test.cxx | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/openssl/agent/pkcs11/private-key.test.cxx b/openssl/agent/pkcs11/private-key.test.cxx new file mode 100644 index 0000000..52e6186 --- /dev/null +++ b/openssl/agent/pkcs11/private-key.test.cxx @@ -0,0 +1,72 @@ +// file : openssl/agent/pkcs11/private-key.test.cxx -*- C++ -*- +// copyright : Copyright (c) 2014-2018 Code Synthesis Ltd +// license : MIT; see accompanying LICENSE file + +#include <iostream> + +#include <openssl/agent/pkcs11/url.hxx> +#include <openssl/agent/pkcs11/private-key.hxx> + +// Usage: argv[0] <pkcs11-url> +// +// Create private_key object referenced by the <pkcs11-url>. Read data from +// stdin, sign it with the private key, and print the signature to stdout. +// +int +main (int argc, char* argv[]) +{ + using namespace std; + using namespace openssl::agent::pkcs11; + + if (argc != 2) + { + cerr << "usage: " << argv[0] << " <pkcs11-url>" << endl; + return 1; + } + + cin.exceptions (ios::badbit); + cout.exceptions (ios::failbit | ios::badbit); + + try + { + url u (argv[1]); + identity idn (u); + access acc (u); + + vector<char> data ((istreambuf_iterator<char> (cin)), + istreambuf_iterator<char> ()); + + vector<char> signature; + + // Stress the API a bit recreating, reusing and having concurrent keys. + // + for (size_t i (0); i < 5; ++i) + { + private_key key1 (idn, acc, nullptr /* secure_pin */); + private_key key2 (idn, acc, nullptr /* secure_pin */); + + for (size_t i (0); i < 10; ++i) + { + vector<char> sign ((i % 2 == 0 ? key1 : key2).sign (data)); + + if (signature.empty ()) + signature = move (sign); + else if (sign != signature) + throw runtime_error ("sign operation is unreliable"); + } + } + + cout.write (signature.data (), signature.size ()); + return 0; + } + catch (const invalid_argument& e) + { + cerr << e << endl; + return 1; + } + catch (const runtime_error& e) + { + cerr << e << endl; + return 1; + } +} |