Skip to content

Run CI against NSS softokn #269

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
Draft

Run CI against NSS softokn #269

wants to merge 12 commits into from

Conversation

Jakuje
Copy link
Collaborator

@Jakuje Jakuje commented May 5, 2025
edited
Loading

There is one more PKCS#11 implementation that we test against and it is a NSS's softoken.

This makes the basic tests run, but there are still some odd cases where it does not work. For example:

  • EDDSA mechanisms are correctly announced, but generating key does not work
  • The CMAC signature and verification is announced in supported mechanisms, but only signature works (could be the verification requires the VerifySignature API from PKCS#11 3.2?)
  • ...

@Jakuje Jakuje marked this pull request as draft May 5, 2025 19:12
@Jakuje Jakuje force-pushed the softokn branch 2 times, most recently from 42d5225 to d55b473 Compare May 5, 2025 19:17
Jakuje added 12 commits May 27, 2025 13:22
@Jakuje
tests: Reset pin to the original value
7e0d445 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Allow more configuration for test token
c6f9048 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Softokn reports different error for UniqueId
e45e70d 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
encryption/decryption: Workaround tokens finalizing operation when th…
95cd2aa 
…ere is nothing to return

The NSS softokn finalizes the multipart operation even though the NULL
return argument was passed.

Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Delete keys to avoid search mismatch on rerun
6ad7825 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Use smaller symmetric key to work with Softokn
5a732fe 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
Softokn does not have SO user and PIN
27fce37 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Explicitly set attributes that are checked for KBKDF
cb6eba1 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Adjust inuque_id test for softokn
db9a7dd 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Softokn (correctly) requires PublicExponent when generating a key
dd25e7a 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
tests: Adjust copy test for Softokn
e55706f 
Signed-off-by: Jakub Jelen <[email protected]>
@Jakuje
Run CI against NSS softokn
9a82d86 
Signed-off-by: Jakub Jelen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@Jakuje