github.com/cactusblossom/fabric-ca@v0.0.0-20200611062428-0082fc643826/lib/capkcs11_test.go (about) 1 // +build pkcs11 2 3 /* 4 Copyright IBM Corp. 2016 All Rights Reserved. 5 6 SPDX-License-Identifier: Apache-2.0 7 */ 8 9 package lib 10 11 import ( 12 "os" 13 "testing" 14 15 dbutil "github.com/hyperledger/fabric-ca/lib/server/db/util" 16 "github.com/hyperledger/fabric/bccsp/factory" 17 "github.com/hyperledger/fabric/bccsp/pkcs11" 18 ) 19 20 func TestCAInit(t *testing.T) { 21 orgwd, err := os.Getwd() 22 if err != nil { 23 t.Fatal("failed to get cwd: ", err) 24 } 25 confDir, err := cdTmpTestDir("TestCAInit") 26 t.Log("confDir: ", confDir) 27 if err != nil { 28 t.Fatal("failed to cd to tmp dir: ", err) 29 } 30 defer func() { 31 err = os.Chdir(orgwd) 32 if err != nil { 33 t.Fatalf("failed to cd to %v: %s", orgwd, err) 34 } 35 }() 36 wd, err := os.Getwd() 37 if err != nil { 38 t.Fatal("failed to get cwd: ", err) 39 } 40 t.Log("Working dir", wd) 41 defer cleanupTmpfiles(t, wd) 42 cfgFile := serverCfgFile(".") 43 server := &Server{ 44 levels: &dbutil.Levels{ 45 Identity: 1, 46 Affiliation: 1, 47 Certificate: 1, 48 }, 49 } 50 ca, err := newCA(cfgFile, &CAConfig{}, server, false) 51 if err != nil { 52 t.Fatal("newCA FAILED") 53 } 54 55 // BCCSP error 56 swo := &factory.SwOpts{} 57 pko := &pkcs11.PKCS11Opts{} 58 ca.Config.CSP = &factory.FactoryOpts{ProviderName: "PKCS11", SwOpts: swo, Pkcs11Opts: pko} 59 ca.HomeDir = "" 60 err = ca.init(false) 61 t.Logf("ca.init error: %v", err) 62 if err == nil { 63 t.Fatalf("Server init should have failed: BCCSP err") 64 } 65 66 // delete everything and start over 67 // initKeyMaterial error 68 os.Chdir(orgwd) 69 70 confDir, err = cdTmpTestDir("TestCAInit") 71 if err != nil { 72 t.Fatal("failed to cd to tmp dir: ", err) 73 } 74 wd2, err := os.Getwd() 75 if err != nil { 76 t.Fatal("failed to get cwd: ", err) 77 } 78 t.Log("changed directory to ", wd2) 79 defer cleanupTmpfiles(t, wd2) 80 81 ca.Config.CSP = &factory.FactoryOpts{ProviderName: "SW", SwOpts: swo, Pkcs11Opts: pko} 82 ca, err = newCA(cfgFile, &CAConfig{}, server, true) 83 if err != nil { 84 t.Fatal("newCA FAILED", err) 85 } 86 ca.Config.CA.Keyfile = caKey 87 ca.Config.CA.Certfile = caCert 88 err = CopyFile("../ec256-1-key.pem", caKey) 89 if err != nil { 90 t.Fatal("Failed to copy file: ", err) 91 } 92 err = CopyFile("../ec256-2-cert.pem", caCert) 93 if err != nil { 94 t.Fatal("Failed to copy file: ", err) 95 } 96 err = ca.init(false) 97 t.Log("init err: ", err) 98 if err == nil { 99 t.Error("Should have failed because key and cert don't match") 100 } 101 102 err = os.Remove(caKey) 103 if err != nil { 104 t.Fatalf("Remove failed: %s", err) 105 } 106 err = os.Remove(caCert) 107 if err != nil { 108 t.Fatalf("Remove failed: %s", err) 109 } 110 ca.Config.CA.Keyfile = "" 111 ca.Config.CA.Certfile = "" 112 ca.Config.DB.Datasource = "" 113 ca, err = newCA(cfgFile, &CAConfig{}, server, false) 114 if err != nil { 115 t.Fatal("newCA FAILED: ", err) 116 } 117 118 err = ca.init(false) 119 if err != nil { 120 t.Fatal("ca init failed", err) 121 } 122 123 // initUserRegistry error 124 ca.Config.LDAP.Enabled = true 125 err = ca.initUserRegistry() 126 t.Log("init err: ", err) 127 if err == nil { 128 t.Fatal("initUserRegistry should have failed") 129 } 130 131 // initEnrollmentSigner error 132 ca.Config.LDAP.Enabled = false 133 ca, err = newCA(cfgFile, &CAConfig{}, server, false) 134 if err != nil { 135 t.Fatal("newCA FAILED") 136 } 137 err = os.RemoveAll("./msp") 138 if err != nil { 139 t.Fatal("os.Remove msp failed: ", err) 140 } 141 err = os.Remove(caCert) 142 if err != nil { 143 t.Fatal("os.Remove failed: ", err) 144 } 145 err = CopyFile("../rsa2048-1-key.pem", caKey) 146 if err != nil { 147 t.Fatal("Failed to copy file: ", err) 148 } 149 err = CopyFile("../rsa2048-1-cert.pem", caCert) 150 if err != nil { 151 t.Fatal("Failed to copy file: ", err) 152 } 153 ca.Config.CA.Keyfile = caKey 154 ca.Config.CA.Certfile = caCert 155 err = ca.init(false) 156 t.Log("init err: ", err) 157 if err == nil { 158 t.Fatal("init should have failed") 159 } 160 }