11 #if defined( __MVS__ ) || defined( __VMCMS__ )
13 #pragma convlit( suspend )
15 #if defined( __ILEC400__ )
37 #define TEST_INITIALISE_DEVICE 0
45 #if ( TEST_INITIALISE_DEVICE > 0 ) && !defined( TEST_KEYGEN )
53 #define TEST_ALGORITHMS
177 const char *description;
179 const char *keyLabel;
180 } DEVICE_CONFIG_INFO;
182 static const DEVICE_CONFIG_INFO pkcs11DeviceInfo[] = {
183 {
"[Autodetect]",
"Automatically detect device",
"test",
"Test user key" },
184 {
"ActivCard Cryptoki Library",
"ActivCard",
"test",
"Test user key" },
185 {
"Chrystoki",
"Chrysalis Luna",
"test",
"Test user key" },
186 {
"CryptoFlex",
"CryptoFlex",
"ABCD1234",
"012345678901234567890123456789ME" },
187 {
"Cryptographic Token Interface",
"AET SafeSign",
"test",
"Test user key" },
188 {
"Cryptoki for CardMan API",
"Utimaco",
"test",
"Test user key" },
189 {
"Cryptoki for eID",
"Nexus soft-token",
"1234",
"Private key" },
190 {
"Cryptoki for eID",
"Nexus signature token",
"1234",
"eID private nonrepudiation key" },
191 {
"Cryptoki for eID",
"Nexus signature token",
"1234",
"eID private key encipherment key" },
192 {
"Cryptoki PKCS-11",
"Gemplus",
"test",
"Test user key" },
193 {
"CryptoKit Extended Version",
"Eutron (via Cylink)",
"12345678",
"Test user key" },
194 {
"Datakey Cryptoki DLL - NETSCAPE",
"Datakey pre-4.1, post-4.4 driver",
"test",
"Test user key" },
195 {
"Datakey Cryptoki DLL - Version",
"Datakey 4.1-4.4 driver",
"test",
"Test user key" },
196 {
"Eracom Cryptoki",
"Eracom",
"test",
"Test user key" },
197 {
"ERACOM Software Only",
"Eracom 1.x soft-token",
"test",
"Test user key" },
198 {
"Software Only",
"Eracom 2.x soft-token",
"test",
"Test user key" },
199 {
"eToken PKCS#11",
"Aladdin eToken",
"test",
"Test user key" },
200 {
"G&D PKCS#11 Library",
"Giesecke and Devrient",
"test",
"Test user key" },
201 {
"iButton",
"Dallas iButton",
"test",
"Test user key" },
202 {
"iD2 Cryptographic Library::iD2 Smart Card (PIN1)",
"iD2 signature token::Slot 1",
"1234",
"Digital Signature" },
203 {
"iD2 Cryptographic Library::iD2 Smart Card (PIN2)",
"iD2 signature token::Slot 2",
"5678",
"Non Repudiation" },
204 {
"ISG",
"CryptoSwift HSM",
"test",
"Test user key" },
205 {
"ISG Cryptoki API library",
"CryptoSwift card",
"test",
"Test user key" },
206 {
"Lynks/EES Token in SpyrusNATIVE",
"Spyrus Lynks/EES",
"test",
"Test user key" },
207 {
"NShield 75",
"nCipher",
"test",
"Test user key" },
208 {
"PKCS#11 Private Cryptoki",
"GemSAFE",
"1234",
"Test user key" },
209 {
"Safelayer PKCS#11",
"Safelayer",
"test",
"Test user key" },
210 {
"Schlumberger",
"Schlumberger",
"QWERTYUI",
"Test user key" },
211 {
"SignLite security module",
"IBM SignLite",
"test",
"Test user key" },
212 {
"Spyrus Rosetta",
"Spyrus Rosetta",
"test",
"Test user key" },
213 {
"Spyrus Lynks",
"Spyrus Lynks",
"test",
"Test user key" },
214 {
"Sun Metaslot",
"nCipher on Solaris",
"test",
"Test user key" },
215 {
"TCrypt",
"Telesec",
"123456",
"Test user key" },
216 {
"TrustCenter PKCS#11 Library",
"GPKCS11",
"12345678",
"Test user key" },
222 #define FORTEZZA_ZEROISE_PIN "ZeroizedCard"
223 #define FORTEZZA_SSO_DEFAULT_PIN "Mosaic"
224 #define FORTEZZA_SSO_PIN "test"
225 #define FORTEZZA_USER_PIN "test"
227 static const DEVICE_CONFIG_INFO fortezzaDeviceInfo = \
228 {
"[Autodetect]",
"Automatically detect device", FORTEZZA_USER_PIN,
"Test user key" };
232 static const DEVICE_CONFIG_INFO capiDeviceInfo[] = {
233 {
"[Autodetect]",
"Automatically detect device",
"",
"Encryption key" },
234 {
"Microsoft Base Cryptographic Provider v1.0::MY",
"Microsoft Base Cryptographic Provider",
"",
"Encryption key" },
240 static const DEVICE_CONFIG_INFO hardwareDeviceInfo[] = {
241 {
"[Autodetect]",
"Automatically detect device",
"test",
"Test user key" },
242 {
"Dummy device",
"Dummy test device",
"test",
"Test user key" },
280 static const CERT_DATA userCertData[] = {
295 static const CERT_DATA userSigOnlyCertData[] = {
307 static const CERT_DATA userKeyAgreeCertData[] = {
327 static void deleteTestKey(
const CRYPT_DEVICE cryptDevice,
328 const C_STR keyName,
const char *keyDescription )
331 keyName ) ==
CRYPT_OK && keyDescription != NULL )
333 printf(
"(Deleted a %s key object, presumably a leftover from a "
334 "previous run).\n", keyDescription );
342 const char *description,
const char *dumpName,
349 const CERT_DATA *certData = ( isCA ) ? cACertData : \
352 userKeyAgreeCertData;
355 sprintf( labelBuffer,
"Test %s key", description );
358 printf(
"Generating a %s key in the device...", description );
363 printf(
"\ncryptDeviceCreateContext() failed with error code %d, "
364 "line %d.\n", status, __LINE__ );
368 strlen( labelBuffer ) );
373 printf(
"\ncryptGenerateKey() failed with error code %d, line %d.\n",
377 puts(
" succeeded." );
380 printf(
"Generating a certificate for the key..." );
392 status =
cryptSignCert( cryptCert, isCA ? cryptContext : signingKey );
397 printf(
"\nCreation of certificate failed with error code %d, "
398 "line %d.\n", status, __LINE__ );
401 puts(
" succeeded." );
404 if( dumpName != NULL )
410 debugDump( dumpName, certBuffer, certificateLength );
414 printf(
"Updating device with certificate..." );
419 printf(
"\ncryptAddPublicKey() failed with error code %d, line %d.\n",
423 puts(
" succeeded." );
436 static const DEVICE_CONFIG_INFO *checkLogonDevice(
const CRYPT_DEVICE cryptDevice,
437 const DEVICE_CONFIG_INFO *deviceInfo,
442 int loggedOn, tokenLabelSize,
status;
446 tokenLabel, &tokenLabelSize );
448 puts(
"(Device doesn't appear to have a label)." );
451 tokenLabel[ tokenLabelSize ] =
'\0';
452 printf(
"Device label is '%s'.\n", tokenLabel );
462 for( i = 1; deviceInfo[ i ].name != NULL; i++ )
464 if( tokenLabelSize == \
465 (
int ) strlen( deviceInfo[ i ].
name ) && \
466 !memcmp( deviceInfo[ i ].name, tokenLabel,
469 printf(
"Found a match for pre-defined device '%s',\n"
470 " using pre-set parameters.\n",
471 deviceInfo[ i ].description );
472 deviceInfo = &deviceInfo[ i ];
483 puts(
"Couldn't obtain device login status." );
490 puts(
"Device is already logged in, skipping login." );
491 return( deviceInfo );
495 printf(
"Logging on to the device..." );
498 strlen( deviceInfo->password ) );
503 puts(
" device is already logged in." );
504 return( deviceInfo );
509 puts(
" device needs to be initialised." );
511 return( deviceInfo );
512 printf(
"cryptlib will not automatically initialise the device "
513 "during the self-test\n in case it contains data that "
514 "needs to be preserved or requires special\n steps to be "
515 "taken before the initialisation is performed. If you want "
516 "to\n initialise it, set TEST_INITIALISE_DEVICE at the top "
517 "of\n " __FILE__
" to a nonzero value.\n" );
522 printf(
"\nDevice %s failed with error code %d, line %d.\n",
524 "login" :
"initialisation/setup", status, __LINE__ );
529 puts(
"This may be because the device isn't in the user-"
530 "initialised state, in which\n case the standard user "
531 "PIN can't be used to log on to it." );
532 return( deviceInfo );
536 puts(
"This may be because the auto-detection test uses a fixed "
537 "login value rather\n than one specific to the device "
542 puts(
" succeeded." );
543 return( deviceInfo );
556 const DEVICE_CONFIG_INFO *deviceInfo )
559 FORTEZZA_SSO_DEFAULT_PIN : \
560 deviceInfo->password;
562 FORTEZZA_SSO_PIN : deviceInfo->password;
563 const char *userPIN = deviceInfo->password;
574 printf(
"Zeroising device..." );
577 strlen( FORTEZZA_ZEROISE_PIN ) );
580 printf(
"\nZeroise failed with error code %d, line %d.\n",
584 puts(
" succeeded." );
588 printf(
"Initialising device..." );
590 defaultSSOPIN, strlen( defaultSSOPIN ) );
593 printf(
"\nCouldn't initialise device, status = %d, line %d.\n",
597 puts(
" succeeded." );
598 printf(
"Setting SO PIN to '%s'...", ssoPIN );
601 ssoPIN, strlen( ssoPIN ) );
604 printf(
"\nCouldn't set SO PIN, status = %d, line %d.\n", status,
608 puts(
" succeeded." );
621 printf(
"Loading PAA certificate..." );
639 printf(
"\nCreation of certificate failed with error code %d, "
640 "line %d.\n", status, __LINE__ );
647 printf(
"\ncryptAddPublicKey() failed with error code %d, line "
648 "%d.\n", status, __LINE__ );
651 puts(
" succeeded." );
655 printf(
"Setting user PIN to '%s'...", userPIN );
658 userPIN, strlen( userPIN ) );
670 puts(
"Couldn't obtain device login status." );
677 userPIN, strlen( userPIN ) );
682 printf(
"\nCouldn't set user PIN/log on as user, status = %d, line "
683 "%d.\n", status, __LINE__ );
686 puts(
" succeeded." );
700 const char *deviceName,
701 const BOOLEAN isWriteProtected )
704 int testCount = 0, failCount = 0;
706 printf(
"Checking %s capabilities...\n", deviceName );
711 cryptAlgo, NULL ) ) )
714 if( !
testLowlevel( cryptDevice, cryptAlgo, isWriteProtected ) )
724 if( isWriteProtected )
725 puts(
"No tests were performed since the device is write-protected." );
729 printf(
"%d of %d test%s failed.\n", failCount, testCount,
730 ( testCount > 1 ) ?
"s" :
"" );
732 puts(
"Device capabilities test succeeded." );
735 return( ( failCount == testCount ) ?
FALSE :
TRUE );
746 printf(
"Loading a persistent symmetric key into the device..." );
761 printf(
"\nCouldn't create conventional-encryption context in "
762 "device, status = %d, line %d.\n", status, __LINE__ );
775 printf(
"\nCouldn't make device context persistent, status = %d, "
776 "line %d.\n", status, __LINE__ );
782 printf(
"\nCouldn't load key into persistent context, status = %d, "
783 "line %d.\n", status, __LINE__ );
786 puts(
" succeeded." );
793 printf(
"Reading back symmetric key..." );
798 printf(
"\nRead of symmetric key failed, status = %d, line %d.\n",
802 puts(
" succeeded." );
807 printf(
"Re-reading back symmetric key..." );
812 printf(
"\nRe-read of symmetric key failed, status = %d, line %d.\n",
816 puts(
" succeeded." );
819 printf(
"Performing encryption test with recovered key..." );
823 puts(
" succeeded." );
835 const char *keyLabel,
837 const BOOLEAN isWriteProtected )
843 if( !isWriteProtected )
852 if( !createKey( cryptDevice, cryptAlgo,
"CA",
860 TEXT(
"Test CA key" ), NULL );
870 cACertData[ 3 ].stringValue,
885 printf(
"\nRead of CA key failed with error code %d, line %d.\n",
894 status = createKey( cryptDevice, cryptAlgo,
"user",
896 "dp_usrcert" :
"df_usrcert", sigKeyContext );
899 status = createKey( cryptDevice, CRYPT_ALGO_KEA,
"KEA",
900 "df_keacert", sigKeyContext );
909 puts(
"Skipping key generation test, this assumes that the device "
910 "contains pre-\n existing keys." );
930 puts(
"Found a public key in the device, details follow..." );
950 printf(
"Signature on certificate is invalid, status %d, "
951 "line %d.\n", status, __LINE__ );
960 puts(
"Error: Couldn't locate public key in device." );
967 puts(
"Found a private key in the device, details follow..." );
973 puts(
"No public key found, attempting to continue using the "
974 "private key as both a\n public and a private key." );
975 pubKeyContext = privKeyContext;
980 puts(
"Error: Couldn't locate private key in device." );
983 sigKeyContext = privKeyContext;
991 puts(
"Found a key agreement key in the device, details follow..." );
993 pubKeyContext = privKeyContext;
1012 puts(
"\nEnveloping test failed when using the built-in "
1013 "cryptographic hardware device.\nIf this is an "
1014 "emulated device that doesn't fully implement "
1015 "public/private-key\nencryption and the test failed "
1016 "with a CRYPT_ERROR_BADDATA then this isn't\na fatal "
1017 "error, it simply means that cryptlib has detected "
1018 "that the emulation\nisn't performing a genuine "
1019 "crypto operation." );
1029 emailAddress, &length );
1032 printf(
"Couldn't read recipient address from certificate, "
1033 "status %d, line %d.\n", status, __LINE__ );
1036 emailAddress[
length ] =
'\0';
1038 password, emailAddress ) )
1043 puts(
"Public-key enveloping tests skipped because no key was "
1053 puts(
"Signed enveloping tests skipped because no key was "
1059 if( !isWriteProtected )
1061 if( !testPersistentObject( cryptDevice ) )
1071 if( sigKeyContext !=
CRYPT_UNUSED && privKeyContext != sigKeyContext )
1073 if( pubKeyContext !=
CRYPT_UNUSED && pubKeyContext != privKeyContext )
1081 const char *deviceName,
1082 const DEVICE_CONFIG_INFO *deviceInfo )
1094 if( !memcmp( deviceInfo->name,
"[A", 2 ) )
1096 printf(
"\nTesting %s with autodetection...\n", deviceName );
1097 isAutoDetect =
TRUE;
1100 printf(
"\nTesting %s %s...\n", deviceInfo->name, deviceName );
1106 printf(
"\nTesting %s...\n", deviceName );
1112 puts(
"Support for this device type isn't enabled in this build of "
1119 puts(
"Crypto device not detected, skipping test." );
1121 printf(
"cryptDeviceOpen() failed with error code %d, line %d.\n",
1133 deviceInfo = checkLogonDevice( cryptDevice, deviceInfo, isAutoDetect,
1135 if( deviceInfo == NULL )
1160 isWriteProtected =
TRUE;
1169 if( !isWriteProtected )
1180 status = initialiseDevice( cryptDevice, deviceType,
1182 if( status ==
FALSE )
1193 deleteTestKey( cryptDevice,
"Test CA key",
"CA" );
1194 deleteTestKey( cryptDevice, deviceInfo->keyLabel,
"user" );
1203 deleteTestKey( cryptDevice, cACertData[ 3 ].stringValue,
1206 deleteTestKey( cryptDevice, userCertData[ 2 ].stringValue,
1209 deleteTestKey( cryptDevice,
1210 userSigOnlyCertData[ 2 ].stringValue,
1213 deleteTestKey( cryptDevice,
1214 userKeyAgreeCertData[ 2 ].stringValue,
1215 "keyagree-only-cert" );
1218 deleteTestKey( cryptDevice,
"Test KEA key",
"KEA" );
1221 deleteTestKey( cryptDevice,
"Encryption key",
"RSA private" );
1222 deleteTestKey( cryptDevice,
"Signature key",
"secondary RSA private" );
1237 #ifdef TEST_ALGORITHMS
1239 testResult = testDeviceCapabilities( cryptDevice, deviceName,
1242 puts(
"Skipping device algorithm tests." );
1251 partialSuccess = testDeviceHighlevel( cryptDevice, deviceType,
1252 deviceInfo->keyLabel, deviceInfo->password,
1260 printf(
"cryptDeviceClose() failed with error code %d, line %d.\n",
1264 if( !testResult && !partialSuccess )
1266 if( testResult && partialSuccess )
1267 printf(
"\n%s tests succeeded.\n\n", deviceName );
1269 printf(
"\nSome %s tests succeeded.\n\n", deviceName );
1279 for( i = 0; pkcs11DeviceInfo[ i ].name != NULL; i++ )
1282 &pkcs11DeviceInfo[ i ] );
1292 for( i = 0; hardwareDeviceInfo[ i ].name != NULL; i++ )
1295 &hardwareDeviceInfo[ i ] );
1305 for( i = 0; capiDeviceInfo[ i ].name != NULL; i++ )
1308 &capiDeviceInfo[ i ] );
1337 #define SERVER_MACHINE_ADDRESS "161.5.99.22"
1338 #define SERVER_MACHINE_PORT 4080
1339 #define CLIENT_DEVICE_TYPE CRYPT_DEVICE_FORTEZZA
1340 #define SERVER_DEVICE_TYPE CRYPT_DEVICE_FORTEZZA
1341 #define CLIENT_ID "25CHS-UDQBU-BPASM"
1342 #define CLIENT_AUTHENTICATOR "5ZCJ8-34A5C-YSXRD-C9EME"
1343 #define CLIENT_TOKEN_SLOT CRYPT_USE_DEFAULT
1344 #define NET_TIMEOUT 300
1346 #define SERVER_MACHINE_ADDRESS "localhost"
1347 #define SERVER_MACHINE_PORT 80
1348 #define CLIENT_DEVICE_TYPE CRYPT_DEVICE_FORTEZZA
1349 #define SERVER_DEVICE_TYPE CRYPT_DEVICE_FORTEZZA
1350 #define CLIENT_TOKEN_SLOT 1
1351 #define NET_TIMEOUT CRYPT_USE_DEFAULT
1356 #if CLIENT_DEVICE_TYPE == CRYPT_DEVICE_FORTEZZA
1357 #define DEFAULT_SSO_PIN FORTEZZA_SSO_DEFAULT_PIN
1359 #define DEFAULT_SSO_PIN "0000"
1361 #define SSO_PIN "0000"
1362 #define USER_PIN "0000"
1371 const char *address,
const int port,
1378 address, strlen( address ) );
1392 printf(
"cryptSetAttribute/AttributeString() failed with error code "
1393 "%d, line %d.\n", status, __LINE__ );
1402 static const CERT_DATA rootCACertData[] = {
1422 static int createCACert(
const CRYPT_DEVICE cryptDevice )
1429 printf(
"Generating a CA key in the device..." );
1435 printf(
"\ncryptDeviceCreateContext() failed with error code %d, "
1436 "line %d.\n", status, __LINE__ );
1440 "CA key", strlen(
"CA key" ) );
1446 printf(
"\ncryptGenerateKey() failed with error code %d, line %d.\n",
1453 printf(
"Generating a CA certificate for the key..." );
1469 printf(
"\nCreation of certificate failed with error code %d, "
1470 "line %d.\n", status, __LINE__ );
1476 printf(
"Updating device with certificate..." );
1481 printf(
"\ncryptAddPublicKey() failed with error code %d, line %d.\n",
1504 printf(
"Connecting to crypto device in default slot..." );
1505 strcpy( buffer,
"[Autodetect]" );
1509 printf(
"Connecting to crypto device in slot %d...", slotNo );
1510 sprintf( buffer,
"[Autodetect]::%d", slotNo );
1516 puts(
"\nDevice not detected, skipping test." );
1518 printf(
"\ncryptDeviceOpen() failed with error code %d, line "
1519 "%d.\n", status, __LINE__ );
1529 static int logonDevice(
const CRYPT_DEVICE cryptDevice,
const char *userPIN )
1532 int loggedOn, tokenLabelSize,
status;
1536 tokenLabel, &tokenLabelSize );
1538 puts(
"(Device doesn't appear to have a label)." );
1541 tokenLabel[ tokenLabelSize ] =
'\0';
1542 printf(
"Device label is '%s'.\n", tokenLabel );
1550 puts(
"Couldn't obtain device login status." );
1557 puts(
"Device is already logged in, skipping login." );
1562 printf(
"Logging on to the device..." );
1565 strlen( userPIN ) );
1570 puts(
" device is already logged in." );
1576 puts(
" device needs to be initialised." );
1581 printf(
"\nDevice login failed with error code %d, line %d.\n",
1592 const char *defaultSSOPIN,
const char *ssoPIN,
1593 const char *userPIN )
1601 printf(
"Zeroising device..." );
1604 strlen( FORTEZZA_ZEROISE_PIN ) );
1607 printf(
"\nCouldn't zeroise device, status = %d, line %d.\n",
1615 printf(
"Initialising device with default SO PIN '%s'...",
1618 defaultSSOPIN, strlen( defaultSSOPIN ) );
1621 printf(
"\nCouldn't initialise device, status = %d, line %d.\n",
1626 printf(
"Setting SO PIN to '%s'...", ssoPIN );
1629 ssoPIN, strlen( ssoPIN ) );
1632 printf(
"\nCouldn't set SO PIN, status = %d, line %d.\n", status,
1649 printf(
"Loading PAA certificate..." );
1667 printf(
"\nCreation of certificate failed with error code %d, "
1668 "line %d.\n", status, __LINE__ );
1675 printf(
"\ncryptAddPublicKey() failed with error code %d, line "
1676 "%d.\n", status, __LINE__ );
1688 printf(
"Setting user PIN to '%s'...", userPIN );
1691 userPIN, strlen( userPIN ) );
1695 userPIN, strlen( userPIN ) );
1698 printf(
"\nCouldn't set user PIN/log on as user, status = %d, line "
1699 "%d.\n", status, __LINE__ );
1709 static int openCertStore(
CRYPT_KEYSET *cryptCertStore )
1714 *cryptCertStore = -1;
1717 printf(
"Opening CA certificate store..." );
1727 printf(
"\ncryptKeysetOpen() failed with error code %d, line %d.\n",
1738 static int initUserInfo(
const CRYPT_KEYSET cryptCertStore,
1739 const char *userName )
1746 printf(
"Creating PKI user..." );
1751 printf(
"\ncryptCreateCert() failed with error code %d, line %d.\n",
1757 strlen( userName ) );
1759 return(
attrErrorExit( cryptPKIUser,
"cryptSetAttributeString()",
1760 status, __LINE__ ) );
1764 printf(
"Adding PKI user to CA certificate store..." );
1772 printf(
"\nPKI user information is already present from a previous "
1773 "run, re-using existing\n PKI user data..." );
1779 status, __LINE__ ) );
1787 return(
extErrorExit( cryptCertStore,
"cryptCAAddItem()", status,
1802 static int getUserInfo(
char *userID,
char *issuePW )
1815 printf(
"cryptKeysetOpen() failed with error code %d, line %d.\n",
1824 return(
extErrorExit( cryptCertStore,
"cryptCAGetItem()", status,
1839 issuePW[
length ] =
'\0';
1842 return(
attrErrorExit( cryptPKIUser,
"cryptGetAttribute()", status,
1845 strcpy( userID, CLIENT_ID );
1846 strcpy( issuePW, CLIENT_AUTHENTICATOR );
1850 printf(
"Using user name %s, password %s.\n", userID, issuePW );
1861 int caCertTrusted,
status;
1870 printf(
"\nCA certificate store cleanup failed with error code %d, "
1871 "line %d.\n", status, __LINE__ );
1881 printf(
"Making CA certificate trusted for PKIBoot..." );
1892 printf(
"\nCA private key read failed with error code %d, "
1893 "line %d.\n", status, __LINE__ );
1902 printf(
"Creating CMP server session..." );
1907 printf(
"\ncryptCreateSession() failed with error code %d, line "
1908 "%d.\n", status, __LINE__ );
1918 status, __LINE__ ) );
1919 if( !setConnectInfo( cryptSession, SERVER_MACHINE_ADDRESS,
1927 return(
extErrorExit( cryptSession,
"Attempt to activate CMP "
1928 "server session", status, __LINE__ ) );
1932 if( !caCertTrusted )
1941 static int pnpClient(
const CRYPT_DEVICE cryptDevice,
const char *userID,
1942 const char *issuePW )
1949 printf(
"Creating CMP client session..." );
1954 printf(
"\ncryptCreateSession() failed with error code %d, line "
1955 "%d.\n", status, __LINE__ );
1971 printf(
"\nAddition of session information failed with error code "
1972 "%d, line %d.\n", status, __LINE__ );
1975 if( !setConnectInfo( cryptSession, SERVER_MACHINE_ADDRESS,
1981 printf(
"Obtaining keys and certs..." );
1985 printExtError( cryptSession,
"\nAttempt to activate plug-and-play "
1986 "PKI client session", status, __LINE__ );
1999 static int testServer(
void )
2006 status = connectDevice( &cryptDevice, SERVER_DEVICE_TYPE, 0 );
2008 status = openCertStore( &cryptCertStore );
2019 status = initDevice( cryptDevice, DEFAULT_SSO_PIN, SSO_PIN, USER_PIN );
2022 status = connectDevice( &cryptDevice, SERVER_DEVICE_TYPE, 0 );
2024 status = logonDevice( cryptDevice, USER_PIN );
2026 status = createCACert( cryptDevice );
2028 status = logonDevice( cryptDevice, USER_PIN );
2034 status = initUserInfo( cryptCertStore,
"Test user #1" );
2039 status = pnpServer( cryptDevice, cryptCertStore );
2048 static int testClient(
void )
2057 status = connectDevice( &cryptDevice, CLIENT_DEVICE_TYPE,
2058 CLIENT_TOKEN_SLOT );
2060 status = getUserInfo( userID, issuePW );
2066 status = initDevice( cryptDevice, DEFAULT_SSO_PIN, SSO_PIN, USER_PIN );
2069 status = connectDevice( &cryptDevice, CLIENT_DEVICE_TYPE,
2070 CLIENT_TOKEN_SLOT );
2072 status = logonDevice( cryptDevice, USER_PIN );
2074 status = logonDevice( cryptDevice, USER_PIN );
2080 status = pnpClient( cryptDevice, userID, issuePW );
2090 #ifdef WINDOWS_THREADS
2092 unsigned __stdcall serverThread(
void *
dummy )
2099 int testDeviceLifeCycle(
void )
2103 return( testClient() );
2105 return( testServer() );
2113 hThread = (
HANDLE ) _beginthreadex( NULL, 0, serverThread,
2114 NULL, 0, &threadID );
2118 status = testClient();
2119 if( WaitForSingleObject( hThread, 15000 ) == WAIT_TIMEOUT )
2121 puts(
"Warning: Server thread is still active due to session "
2122 "negotiation failure,\n this will cause an error "
2123 "condition when cryptEnd() is called due\n to "
2124 "resources remaining allocated. Press a key to continue." );
2127 CloseHandle( hThread );
2150 puts(
"Testing (minimal) user management functions..." );
2160 TEXT(
"zeroised" ) );
2163 printf(
"cryptLogin() (Primary SO) failed with error code %d, line "
2164 "%d.\n", status, __LINE__ );
2173 printf(
"cryptSetAttributeString() failed with error code %d, "
2174 "line %d.\n", status, __LINE__ );
2184 printf(
"cryptLogout() failed with error code %d, line %d.\n",
2192 printf(
"cryptLogin() (SO) failed with error code %d, line %d.\n",
2199 puts(
"User management tests succeeded.\n" );