1 files changed, 71 insertions, 0 deletions

diff --git a/tests/agent-pkcs11.testscript b/tests/agent-pkcs11.testscript
new file mode 100644
index 0000000..de7ecf2
--- /dev/null
+++ b/tests/agent-pkcs11.testscript
@@ -0,0 +1,71 @@
+# file      : tests/agent-pkcs11.testscript
+# copyright : Copyright (c) 2014-2018 Code Synthesis Ltd
+# license   : MIT; see accompanying LICENSE file
+
+: args
+:
+{
+  : none
+  :
+  $* 2>'error: private key URL argument expected' != 0
+
+  : invalid-url
+  :
+  $* 'http://key' 2>'error: invalid PKCS#11 URL: invalid scheme' != 0
+}
+
+: existent-module
+:
+{
+  url = 'pkcs11:?pin-value=123123'
+
+  : failure
+  :
+  $* --simulate failure "$url" 2>>EOE != 0
+    error: no matching private key found
+    EOE
+
+  : success
+  :
+  {
+    $* --simulate success "$url" | set script;
+
+    sed -n -e 's/^OPENSSL_AGENT_PKCS11_PID=(.+);.+;$/\1/p' <"$script" | \
+    set pid;
+
+    echo "$script" >>~"%EOO%";
+      %OPENSSL_AGENT_PKCS11_SOCK=.+; export OPENSSL_AGENT_PKCS11_SOCK;%
+      OPENSSL_AGENT_PKCS11_PID=$pid; export OPENSSL_AGENT_PKCS11_PID;
+      echo Agent pid $pid
+      EOO
+
+    kill -0 "$pid";         # Make sure the agent is running.
+    kill    "$pid";         # Signal the agent to terminate.
+    sleep 2;                # Wait a bit while the agent is terminating.
+    kill -0 "$pid" 2>! != 0 # Make sure the agent is not running.
+  }
+}
+
+: non-existent-module
+:
+{
+  url = 'pkcs11:?pin-value=123123&module-name=non-existing-pkcs11-module'
+
+  : failure
+  :
+  $* --simulate failure "$url" 2>>EOE != 0
+    error: no matching private key found
+    EOE
+
+  : success
+  :
+  {
+    $* --simulate success "$url" | set script;
+
+    sed -n -e 's/^OPENSSL_AGENT_PKCS11_PID=(.+);.+;$/\1/p' <"$script" | \
+    set pid;
+
+    kill -0 "$pid"; # Make sure the agent is running.
+    kill    "$pid"  # Signal the agent to terminate.
+  }
+}