Move hardware tests to "make hwtest", with one warning for all test suites.
- "make check" will mark destructive tests as skipped - "make hwtest" will ask once for user confirmation
This commit is contained in:
+3
-1
@@ -33,7 +33,6 @@ EXTRA_DIST = windows.mk mac.mk tool/tests/basic.sh tools/fasc.pl
|
|||||||
|
|
||||||
EXTRA_DIST += doc/Attestation.adoc doc/YKCS11_release_notes.adoc doc/YubiKey_PIV_introduction.adoc
|
EXTRA_DIST += doc/Attestation.adoc doc/YKCS11_release_notes.adoc doc/YubiKey_PIV_introduction.adoc
|
||||||
|
|
||||||
|
|
||||||
if ENABLE_COV
|
if ENABLE_COV
|
||||||
cov-reset:
|
cov-reset:
|
||||||
rm -fr coverage
|
rm -fr coverage
|
||||||
@@ -68,6 +67,9 @@ doxygen:
|
|||||||
doxygen lib/Doxyfile
|
doxygen lib/Doxyfile
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
hwcheck:
|
||||||
|
@$(srcdir)/tools/confirm.sh && YKPIV_ENV_HWTESTS_CONFIRMED="1" $(MAKE) check
|
||||||
|
|
||||||
check-doc-dist:
|
check-doc-dist:
|
||||||
perl -pe "s,^EXTRA_DIST \+= .*,EXTRA_DIST += `cd $(srcdir) && ls doc/*.adoc | xargs echo`," < $(srcdir)/Makefile.am > check-doc-dist.tmp
|
perl -pe "s,^EXTRA_DIST \+= .*,EXTRA_DIST += `cd $(srcdir) && ls doc/*.adoc | xargs echo`," < $(srcdir)/Makefile.am > check-doc-dist.tmp
|
||||||
diff -ur $(srcdir)/Makefile.am check-doc-dist.tmp || \
|
diff -ur $(srcdir)/Makefile.am check-doc-dist.tmp || \
|
||||||
|
|||||||
+13
-27
@@ -38,7 +38,7 @@
|
|||||||
|
|
||||||
#include <check.h>
|
#include <check.h>
|
||||||
|
|
||||||
int confirm_destruction(void);
|
int destruction_confirmed(void);
|
||||||
|
|
||||||
ykpiv_state *g_state;
|
ykpiv_state *g_state;
|
||||||
const uint8_t g_cert[] = {
|
const uint8_t g_cert[] = {
|
||||||
@@ -54,7 +54,8 @@ void setup(void) {
|
|||||||
|
|
||||||
// Require user confirmation to continue, since this test suite will clear
|
// Require user confirmation to continue, since this test suite will clear
|
||||||
// any data stored on connected keys.
|
// any data stored on connected keys.
|
||||||
ck_assert(confirm_destruction());
|
if (!destruction_confirmed())
|
||||||
|
exit(77); // exit code 77 == skipped tests
|
||||||
|
|
||||||
res = ykpiv_init(&g_state, true);
|
res = ykpiv_init(&g_state, true);
|
||||||
ck_assert_int_eq(res, YKPIV_OK);
|
ck_assert_int_eq(res, YKPIV_OK);
|
||||||
@@ -655,6 +656,7 @@ START_TEST(test_reset) {
|
|||||||
|
|
||||||
// Try wrong PIN
|
// Try wrong PIN
|
||||||
res = ykpiv_verify(g_state, "AAAAAA", &tries);
|
res = ykpiv_verify(g_state, "AAAAAA", &tries);
|
||||||
|
ck_assert_int_eq(res, YKPIV_WRONG_PIN);
|
||||||
|
|
||||||
// Verify 2 PIN retries remaining
|
// Verify 2 PIN retries remaining
|
||||||
tries = 0;
|
tries = 0;
|
||||||
@@ -760,37 +762,21 @@ START_TEST(test_allocator) {
|
|||||||
}
|
}
|
||||||
END_TEST
|
END_TEST
|
||||||
|
|
||||||
int confirm_destruction(void) {
|
int destruction_confirmed(void) {
|
||||||
char verify[16];
|
char *confirmed = getenv("YKPIV_ENV_HWTESTS_CONFIRMED");
|
||||||
|
if (confirmed && confirmed[0] == '1')
|
||||||
|
return 1;
|
||||||
// Use dprintf() to write directly to stdout, since automake eats the standard stdout/stderr pointers.
|
// Use dprintf() to write directly to stdout, since automake eats the standard stdout/stderr pointers.
|
||||||
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
|
dprintf(0, "\n***\n*** Hardware tests skipped. Run \"make hwcheck\".\n***\n\n");
|
||||||
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
|
return 0;
|
||||||
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
|
|
||||||
dprintf(0, "\n");
|
|
||||||
|
|
||||||
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
|
|
||||||
dprintf(0, "\n");
|
|
||||||
dprintf(0, " ALL DATA WILL BE ERASED ON CONNECTED YUBIKEYS \n");
|
|
||||||
dprintf(0, "\n");
|
|
||||||
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
|
|
||||||
dprintf(0, "\n");
|
|
||||||
|
|
||||||
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
|
|
||||||
dprintf(0, "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING\n");
|
|
||||||
dprintf(0, "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******\n");
|
|
||||||
dprintf(0, "\n");
|
|
||||||
dprintf(0, "Are you SURE you wish to proceed? If so, type 'CONFIRM': ");
|
|
||||||
fgets(verify, 32, stdin);
|
|
||||||
return strncmp(verify, "CONFIRM", 7) == 0;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
Suite *test_suite(void) {
|
Suite *test_suite(void) {
|
||||||
Suite *s;
|
Suite *s;
|
||||||
TCase *tc;
|
TCase *tc;
|
||||||
|
|
||||||
s = suite_create("libykpiv util");
|
s = suite_create("libykpiv api");
|
||||||
tc = tcase_create("util");
|
tc = tcase_create("api");
|
||||||
#ifdef HW_TESTS
|
#ifdef HW_TESTS
|
||||||
tcase_add_unchecked_fixture(tc, setup, teardown);
|
tcase_add_unchecked_fixture(tc, setup, teardown);
|
||||||
|
|
||||||
@@ -800,7 +786,7 @@ Suite *test_suite(void) {
|
|||||||
// Authenticate after reset.
|
// Authenticate after reset.
|
||||||
tcase_add_test(tc, test_authenticate);
|
tcase_add_test(tc, test_authenticate);
|
||||||
|
|
||||||
// Test util functionality
|
// Test API functionality
|
||||||
tcase_add_test(tc, test_change_pin);
|
tcase_add_test(tc, test_change_pin);
|
||||||
tcase_add_test(tc, test_change_puk);
|
tcase_add_test(tc, test_change_puk);
|
||||||
tcase_add_test(tc, test_devicemodel);
|
tcase_add_test(tc, test_devicemodel);
|
||||||
|
|||||||
+5
-23
@@ -64,6 +64,11 @@ if [[ $HW_TESTS -eq 0 ]]; then
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Verify that user has confirmed destructive hw-tests
|
||||||
|
if [ "x$YKPIV_ENV_HWTESTS_CONFIRMED" != "x1" ]; then
|
||||||
|
printf "\n***\n*** Hardware tests skipped. Run \"make hwcheck\".\n***\n\n" >&0
|
||||||
|
exit 77 # exit code 77 == skipped tests
|
||||||
|
fi
|
||||||
|
|
||||||
#
|
#
|
||||||
# Run basic import/validation tests on included keys/certs. Test keys generated
|
# Run basic import/validation tests on included keys/certs. Test keys generated
|
||||||
@@ -73,29 +78,6 @@ fi
|
|||||||
# $ openssl rsa -in private.pem -outform PEM -pubout -out public.pem
|
# $ openssl rsa -in private.pem -outform PEM -pubout -out public.pem
|
||||||
# $ openssl req -x509 -key private.pem -out cert.pem -subj "/CN=YubicoTest/OU=YubicoTestUnit/O=yubico.com/" -new
|
# $ openssl req -x509 -key private.pem -out cert.pem -subj "/CN=YubicoTest/OU=YubicoTestUnit/O=yubico.com/" -new
|
||||||
#
|
#
|
||||||
echo >&0
|
|
||||||
echo "Hardware tests enabled!" >&0
|
|
||||||
echo >&0
|
|
||||||
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
|
||||||
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
|
||||||
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
|
||||||
echo >&0
|
|
||||||
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
|
||||||
echo >&0
|
|
||||||
echo " ALL DATA WILL BE ERASED ON CONNECTED YUBIKEYS " >&0
|
|
||||||
echo >&0
|
|
||||||
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
|
||||||
echo >&0
|
|
||||||
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
|
||||||
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
|
||||||
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
|
||||||
echo >&0
|
|
||||||
echo -n "Are you SURE you wish to proceed? If so, type 'CONFIRM': " >&0
|
|
||||||
|
|
||||||
read CONFIRM
|
|
||||||
if [[ "x$CONFIRM" != "xCONFIRM" ]]; then
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Reset
|
# Reset
|
||||||
$BIN -averify-pin -P000000 || true
|
$BIN -averify-pin -P000000 || true
|
||||||
|
|||||||
Executable
+29
@@ -0,0 +1,29 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Output redirected to fd 0 so it can be run from 'make check' scripts.
|
||||||
|
|
||||||
|
echo >&0
|
||||||
|
echo "Hardware tests enabled!" >&0
|
||||||
|
echo >&0
|
||||||
|
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
||||||
|
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
||||||
|
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
||||||
|
echo >&0
|
||||||
|
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
||||||
|
echo >&0
|
||||||
|
echo " ALL DATA WILL BE ERASED ON CONNECTED YUBIKEYS " >&0
|
||||||
|
echo >&0
|
||||||
|
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
||||||
|
echo >&0
|
||||||
|
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
||||||
|
echo "WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING" >&0
|
||||||
|
echo "******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ******* *******" >&0
|
||||||
|
echo >&0
|
||||||
|
echo -n "Are you SURE you wish to proceed? If so, type 'CONFIRM': " >&0
|
||||||
|
|
||||||
|
read CONFIRM
|
||||||
|
if [[ "x$CONFIRM" != "xCONFIRM" ]]; then
|
||||||
|
echo "1"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
echo "0"
|
||||||
@@ -627,6 +627,15 @@ static void test_import_and_sign_all_10_RSA() {
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
int destruction_confirmed(void) {
|
||||||
|
char *confirmed = getenv("YKPIV_ENV_HWTESTS_CONFIRMED");
|
||||||
|
if (confirmed && confirmed[0] == '1')
|
||||||
|
return 1;
|
||||||
|
// Use dprintf() to write directly to stdout, since automake eats the standard stdout/stderr pointers.
|
||||||
|
dprintf(0, "\n***\n*** Hardware tests skipped. Run \"make hwcheck\".\n***\n\n");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
int main(void) {
|
int main(void) {
|
||||||
|
|
||||||
get_functions(&funcs);
|
get_functions(&funcs);
|
||||||
@@ -634,6 +643,11 @@ int main(void) {
|
|||||||
test_lib_info();
|
test_lib_info();
|
||||||
|
|
||||||
#ifdef HW_TESTS
|
#ifdef HW_TESTS
|
||||||
|
// Require user confirmation to continue, since this test suite will clear
|
||||||
|
// any data stored on connected keys.
|
||||||
|
if (!destruction_confirmed())
|
||||||
|
exit(77); // exit code 77 == skipped tests
|
||||||
|
|
||||||
test_initalize();
|
test_initalize();
|
||||||
test_token_info();
|
test_token_info();
|
||||||
test_mechanism_list_and_info();
|
test_mechanism_list_and_info();
|
||||||
|
|||||||
Reference in New Issue
Block a user