-
Notifications
You must be signed in to change notification settings - Fork 189
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pkcs11: remove NUL byte from SO PIN and use ASCII characters #658
Conversation
I shall probably provide a small C program to change the SO PIN to the new one on a test board that has already run |
Force-pushed to reword the commit message after @etienne-lms comments. No code change. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
PKCS#11 PINs are UTF-8 character strings. The default SO PIN used in the test suite contains a NUL, which causes issues with for example pkcs11-tool which interprets the NUL byte as the end of the string, thus making the slot impossible to use from the command line. Therefore, and for better compatibility with command-line tools after xtest has been run, use simpler (ASCII) values for both the SO and user PINs. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
eba2f67
to
b1b3e05
Compare
I am updating this PR with two more commits:
(and sorry for the multiple pushes) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
for commits "xtest: pkcs11: fix subcase name mismatch"
and "xtest: pkcs11: update SO PIN automatically if needed".
xtest pkcs11_1003 shows the following warning: o pkcs11_1003.3 Test C_Login()/C_Logout() with PIN based authentication Do_ADBG_EndSubCase: Active SubCase "Test C_Login()/C_Logout() with PIN based authentication" doesn't match supplied title "Test C_Login()/C_Logout() with PIN based authorization" Fix the second label. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
If the system under test is using the now deprecated binary SO PIN ('0x00', '0x01', '0x02' etc), change it to the new one automatically. This is a compatibility patch to avoid failing any test on older systems. Tested on QEMUv8 by running "xtest -t pkcs11" once with optee_test at commit c0a6172 ("regression 1013: lower number of loops when pager is constrained"), in other words: before the SO PIN was changed, then a second time with a build issued from this commit. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
[Edited]
PKCS#11 PINs are UTF-8 character strings. The default SO PIN used in the
test suite contains a NUL, which causes issues with for example
pkcs11-tool which interprets the NUL byte as the end of the string, thus
making the slot impossible to use from the command line.
Therefore, and for better compatibility with command-line tools after
xtest has been run, use simpler (ASCII) values for both the SO and user
PINs.
Signed-off-by: Jerome Forissier jerome.forissier@linaro.org