Login
Log in using an SSO provider:
Fedora Account System
Red Hat Associate
Red Hat Customer
Login using a Red Hat Bugzilla account
Forgot Password
Create an Account
Red Hat Bugzilla – Attachment 1701538 Details for
Bug 1701233
[RFE] support setting supported signature methods on the token
Home
New
Search
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh92 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
[?]
This site requires JavaScript to be enabled to function correctly, please enable it.
verification steps with console output
attach.txt (text/plain), 9.97 KB, created by
Kaleem
on 2020-07-17 11:04:07 UTC
(
hide
)
Description:
verification steps with console output
Filename:
MIME Type:
Creator:
Kaleem
Created:
2020-07-17 11:04:07 UTC
Size:
9.97 KB
patch
obsolete
>TC1 : token.mechanisms is set to ALL > token.mechanisms = ALL >Expected Output : All mechahism shown > >Actual Output : >[root@master tokens]# grep -r slots.mechanisms /etc/softhsm2.conf ># Enable and disable PKCS#11 mechanisms using slots.mechanisms. >slots.mechanisms = ALL >[root@master tokens]# pkcs11-tool -M --module /usr/lib64/libsofthsm2.so >Using slot 0 with a present token (0x73e7cba2) >Supported mechanisms: > AES-CBC, keySize={16,32}, encrypt, decrypt, wrap > AES-CBC-ENCRYPT-DATA, derive > AES-CBC-PAD, keySize={16,32}, encrypt, decrypt > AES-CMAC, keySize={16,32}, sign, verify > AES-CTR, keySize={16,32}, encrypt, decrypt > AES-ECB, keySize={16,32}, encrypt, decrypt > AES-ECB-ENCRYPT-DATA, derive > AES-GCM, keySize={16,32}, encrypt, decrypt > AES-KEY-GEN, keySize={16,32}, generate > AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap > mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap > DES2-KEY-GEN, generate > DES3-CBC, encrypt, decrypt, wrap > DES3-CBC-ENCRYPT-DATA, derive > DES3-CBC-PAD, encrypt, decrypt > DES3-CMAC, sign, verify > DES3-ECB, encrypt, decrypt > DES3-ECB-ENCRYPT-DATA, derive > DES3-KEY-GEN, generate > DES-CBC, encrypt, decrypt, wrap > DES-CBC-ENCRYPT-DATA, derive > DES-CBC-PAD, encrypt, decrypt, wrap > DES-ECB, encrypt, decrypt, wrap > DES-ECB-ENCRYPT-DATA, derive > DES-KEY-GEN, generate > DH-PKCS-DERIVE, keySize={512,10000}, derive > DH-PKCS-KEY-PAIR-GEN, keySize={512,10000}, generate_key_pair > DH-PKCS-PARAMETER-GEN, keySize={512,10000}, generate > DSA, keySize={512,1024}, sign, verify > DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair > DSA-PARAMETER-GEN, keySize={512,1024}, generate > DSA-SHA1, keySize={512,1024}, sign, verify > DSA-SHA224, keySize={512,1024}, sign, verify > DSA-SHA256, keySize={512,1024}, sign, verify > DSA-SHA384, keySize={512,1024}, sign, verify > DSA-SHA512, keySize={512,1024}, sign, verify > ECDH1-DERIVE, keySize={112,521}, derive > ECDSA, keySize={112,521}, sign, verify, other flags=0x1900000 > mechtype-0x1055, keySize={256,456}, generate_key_pair > ECDSA-KEY-PAIR-GEN, keySize={112,521}, generate_key_pair, other flags=0x1900000 > mechtype-0x1057, keySize={256,456}, sign, verify > GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate > MD5, digest > MD5-HMAC, keySize={16,512}, sign, verify > MD5-RSA-PKCS, keySize={512,16384}, sign, verify > RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify, wrap, unwrap > RSA-PKCS-KEY-PAIR-GEN, keySize={512,16384}, generate_key_pair > RSA-PKCS-OAEP, keySize={512,16384}, encrypt, decrypt, wrap, unwrap > RSA-PKCS-PSS, keySize={512,16384}, sign, verify > RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify > SHA1-RSA-PKCS, keySize={512,16384}, sign, verify > SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA224, digest > SHA224-HMAC, keySize={28,512}, sign, verify > SHA224-RSA-PKCS, keySize={512,16384}, sign, verify > SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA256, digest > SHA256-HMAC, keySize={32,512}, sign, verify > SHA256-RSA-PKCS, keySize={512,16384}, sign, verify > SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA384, digest > SHA384-HMAC, keySize={48,512}, sign, verify > SHA384-RSA-PKCS, keySize={512,16384}, sign, verify > SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA512, digest > SHA512-HMAC, keySize={64,512}, sign, verify > SHA512-RSA-PKCS, keySize={512,16384}, sign, verify > SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA-1, digest > SHA-1-HMAC, keySize={20,512}, sign, verify >[root@master tokens]# > >Result : PASS > >################################################################################################################################################################################### > >TC2 : token.mechanisms is not present > #token.mechanisms = ALL >Expected Output : All mechahism shown > >Actual Output : >[root@master tokens]# grep -r slots.mechanisms /etc/softhsm2.conf ># Enable and disable PKCS#11 mechanisms using slots.mechanisms. >#slots.mechanisms = ALL >[root@master tokens]# pkcs11-tool -M --module /usr/lib64/libsofthsm2.so >Using slot 0 with a present token (0x73e7cba2) >Supported mechanisms: > AES-CBC, keySize={16,32}, encrypt, decrypt, wrap > AES-CBC-ENCRYPT-DATA, derive > AES-CBC-PAD, keySize={16,32}, encrypt, decrypt > AES-CMAC, keySize={16,32}, sign, verify > AES-CTR, keySize={16,32}, encrypt, decrypt > AES-ECB, keySize={16,32}, encrypt, decrypt > AES-ECB-ENCRYPT-DATA, derive > AES-GCM, keySize={16,32}, encrypt, decrypt > AES-KEY-GEN, keySize={16,32}, generate > AES-KEY-WRAP, keySize={16,2147483648}, wrap, unwrap > mechtype-0x210A, keySize={1,2147483648}, wrap, unwrap > DES2-KEY-GEN, generate > DES3-CBC, encrypt, decrypt, wrap > DES3-CBC-ENCRYPT-DATA, derive > DES3-CBC-PAD, encrypt, decrypt > DES3-CMAC, sign, verify > DES3-ECB, encrypt, decrypt > DES3-ECB-ENCRYPT-DATA, derive > DES3-KEY-GEN, generate > DES-CBC, encrypt, decrypt, wrap > DES-CBC-ENCRYPT-DATA, derive > DES-CBC-PAD, encrypt, decrypt, wrap > DES-ECB, encrypt, decrypt, wrap > DES-ECB-ENCRYPT-DATA, derive > DES-KEY-GEN, generate > DH-PKCS-DERIVE, keySize={512,10000}, derive > DH-PKCS-KEY-PAIR-GEN, keySize={512,10000}, generate_key_pair > DH-PKCS-PARAMETER-GEN, keySize={512,10000}, generate > DSA, keySize={512,1024}, sign, verify > DSA-KEY-PAIR-GEN, keySize={512,1024}, generate_key_pair > DSA-PARAMETER-GEN, keySize={512,1024}, generate > DSA-SHA1, keySize={512,1024}, sign, verify > DSA-SHA224, keySize={512,1024}, sign, verify > DSA-SHA256, keySize={512,1024}, sign, verify > DSA-SHA384, keySize={512,1024}, sign, verify > DSA-SHA512, keySize={512,1024}, sign, verify > ECDH1-DERIVE, keySize={112,521}, derive > ECDSA, keySize={112,521}, sign, verify, other flags=0x1900000 > mechtype-0x1055, keySize={256,456}, generate_key_pair > ECDSA-KEY-PAIR-GEN, keySize={112,521}, generate_key_pair, other flags=0x1900000 > mechtype-0x1057, keySize={256,456}, sign, verify > GENERIC-SECRET-KEY-GEN, keySize={1,2147483648}, generate > MD5, digest > MD5-HMAC, keySize={16,512}, sign, verify > MD5-RSA-PKCS, keySize={512,16384}, sign, verify > RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify, wrap, unwrap > RSA-PKCS-KEY-PAIR-GEN, keySize={512,16384}, generate_key_pair > RSA-PKCS-OAEP, keySize={512,16384}, encrypt, decrypt, wrap, unwrap > RSA-PKCS-PSS, keySize={512,16384}, sign, verify > RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify > SHA1-RSA-PKCS, keySize={512,16384}, sign, verify > SHA1-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA224, digest > SHA224-HMAC, keySize={28,512}, sign, verify > SHA224-RSA-PKCS, keySize={512,16384}, sign, verify > SHA224-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA256, digest > SHA256-HMAC, keySize={32,512}, sign, verify > SHA256-RSA-PKCS, keySize={512,16384}, sign, verify > SHA256-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA384, digest > SHA384-HMAC, keySize={48,512}, sign, verify > SHA384-RSA-PKCS, keySize={512,16384}, sign, verify > SHA384-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA512, digest > SHA512-HMAC, keySize={64,512}, sign, verify > SHA512-RSA-PKCS, keySize={512,16384}, sign, verify > SHA512-RSA-PKCS-PSS, keySize={512,16384}, sign, verify > SHA-1, digest > SHA-1-HMAC, keySize={20,512}, sign, verify >[root@master tokens]# > >Result : PASS > >################################################################################################################################################################################### > >TC3 : custom options in token.mechanisms > token.mechanisms = CKM_RSA_X_509,CKM_RSA_PKCS >Expected Output : only specified mechahisms shown > >Actual Output : >[root@master tokens]# grep -r slots.mechanisms /etc/softhsm2.conf ># Enable and disable PKCS#11 mechanisms using slots.mechanisms. >slots.mechanisms = CKM_RSA_X_509,CKM_RSA_PKCS >[root@master tokens]# pkcs11-tool -M --module /usr/lib64/libsofthsm2.so >Using slot 0 with a present token (0x73e7cba2) >Supported mechanisms: > RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify > RSA-PKCS, keySize={512,16384}, encrypt, decrypt, sign, verify, wrap, unwrap >[root@master tokens]# > >Result : PASS > >################################################################################################################################################################################### > >TC4 : custom negative options in token.mechanisms > token.mechanisms = - CKM_RSA_X_509,CKM_RSA_PKCS >Expected Output : Specified mechahism not shown > >Actual Output : >Reported https://bugzilla.redhat.com/show_bug.cgi?id=1857272 > >Result : FAIL > >################################################################################################################################################################################### > >TC5 : one wrong option in token.mechanisms > token.mechanisms = CKM_UNKNOWN >Expected Output : no mechahism shown > >Actual Output : >[root@master tokens]# grep -r slots.mechanisms /etc/softhsm2.conf ># Enable and disable PKCS#11 mechanisms using slots.mechanisms. >slots.mechanisms = CKM_UNKNOWN >[root@master tokens]# pkcs11-tool -M --module /usr/lib64/libsofthsm2.so >Using slot 0 with a present token (0x73e7cba2) >Supported mechanisms: >[root@master tokens]# > > >Result : PASS > >################################################################################################################################################################################### > >TC6 : one wrong mechanism in multiple mechanisms specified in token.mechanisms > token.mechanisms = CKM_RSA_X_509,CKM_UNKNOWN >Expected Output : all mechahism except wrong one shown > >Actual Output : >[root@master tokens]# grep -r slots.mechanisms /etc/softhsm2.conf ># Enable and disable PKCS#11 mechanisms using slots.mechanisms. >slots.mechanisms = CKM_RSA_X_509,CKM_UNKNOWN >[root@master tokens]# pkcs11-tool -M --module /usr/lib64/libsofthsm2.so >Using slot 0 with a present token (0x73e7cba2) >Supported mechanisms: > RSA-X-509, keySize={512,16384}, encrypt, decrypt, sign, verify >[root@master tokens]# > > >Result : PASS > > >Version tested with : > >[root@master tokens]# rpm -q softhsm >softhsm-2.6.0-3.module+el8.3.0+6909+fb33717d.x86_64 >[root@master tokens]#
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1701538">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1701233
: 1701538