diff --git a/tests/tbasic b/tests/tbasic index a82449ce..bc0e4b97 100755 --- a/tests/tbasic +++ b/tests/tbasic @@ -211,15 +211,58 @@ sed "s/^pkcs11-module-token-pin.*$/pkcs11-module-cache-pins = cache/" \ "${OPENSSL_CONF}" > "${OPENSSL_CONF}.pincaching" OPENSSL_CONF=${OPENSSL_CONF}.pincaching $CHECKER "${TESTBLDDIR}/pincache" - -if [[ -n $ECPRI3URI ]]; then - echo "ECPRI3URI is $ECPRI3URI" - title PARA "Test the Login is repeated when ALWAYS AUTHENTICATE is set" - $CHECKER "${TESTBLDDIR}/pincache" "$EC3PRIURI" - # TODO no way to check from logs that this really happen -fi - +$CHECKER "${TESTBLDDIR}/pincache" "$ECPRIURI" OPENSSL_CONF=${ORIG_OPENSSL_CONF} +if [[ -n $ECBASE3URI ]]; then + OPENSSL_CONF=${OPENSSL_CONF}.nopin + title PARA "Test interactive Login repeated for operation on key with ALWAYS AUTHENTICATE" + output=$(expect -c "spawn -noecho $CHECKER ${TESTBLDDIR}/tsession \"$ECBASE3URI\"; + expect \"Enter PIN for PKCS#11 Token (Slot *:\" { + send \"${PINVALUE}\r\"; exp_continue; } + expect \"ALL A-OK\";") + FAIL=0 + echo "$output" | grep "Enter PIN for PKCS#11 Token (Slot .*):" > /dev/null 2>&1 || FAIL=1 + prompts=$(echo "$output" | grep "Enter PIN for PKCS#11 Token (Slot .*):" | wc -l 2>&1) + # 1 login to read key + 16 signatures from 2 processes + if [ $prompts -ne 33 ]; then + echo "Failed receive expected amount of prompts (got $prompts, expected 33)" + FAIL=2 + fi + if [ $FAIL -eq 1 ]; then + echo "Failed to obtain expected prompt" + fi + if [ $FAIL -ne 0 ]; then + echo + echo "Original command output:" + echo "$output" + echo + exit 1 + fi + title PARA "Test interactive Login on key without ALWAYS AUTHENTICATE" + output=$(expect -c "spawn -noecho $CHECKER ${TESTBLDDIR}/tsession \"$BASEURI\"; + expect \"Enter PIN for PKCS#11 Token (Slot *:\" { + send \"${PINVALUE}\r\"; exp_continue; } + expect \"ALL A-OK\";") + FAIL=0 + echo "$output" | grep "Enter PIN for PKCS#11 Token (Slot .*):" > /dev/null 2>&1 || FAIL=1 + prompts=$(echo "$output" | grep "Enter PIN for PKCS#11 Token (Slot .*):" | wc -l 2>&1) + # 1 login to read key only + if [ $prompts -ne 1 ]; then + echo "Failed receive expected amount of prompts (got $prompts, expected 1)" + FAIL=2 + fi + if [ $FAIL -eq 1 ]; then + echo "Failed to obtain expected prompt" + fi + if [ $FAIL -ne 0 ]; then + echo + echo "Original command output:" + echo "$output" + echo + exit 1 + fi + OPENSSL_CONF=${ORIG_OPENSSL_CONF} +fi exit 0