From e5541de6f5e2831ebfc32c3afcfa35ff32341938 Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Thu, 19 Apr 2018 18:36:12 -0400 Subject: Reconstruct the hashsig hash tree(s) on device restart. --- tests/test-rpc_hashsig.c | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) (limited to 'tests') diff --git a/tests/test-rpc_hashsig.c b/tests/test-rpc_hashsig.c index b93f11e..00728c3 100644 --- a/tests/test-rpc_hashsig.c +++ b/tests/test-rpc_hashsig.c @@ -264,7 +264,7 @@ static int test_hashsig_sign(const size_t L, const lms_algorithm_t lms_type, const lmots_algorithm_t lmots_type, size_t iterations, - int save) + int save, int keep) { const hal_client_handle_t client = {HAL_HANDLE_NONE}; const hal_session_handle_t session = {HAL_HANDLE_NONE}; @@ -287,7 +287,7 @@ static int test_hashsig_sign(const size_t L, lose("Error closing %s: %s\n", save_name, strerror(errno)); } - hal_key_flags_t flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE; + hal_key_flags_t flags = HAL_KEY_FLAG_USAGE_DIGITALSIGNATURE | HAL_KEY_FLAG_TOKEN; printf("Starting hashsig key test: L %lu, lms type %u (h=%lu), lmots type %u (w=%lu)\n", L, lms_type, lms_type_to_h(lms_type), lmots_type, lmots_type_to_w(lmots_type)); @@ -399,8 +399,10 @@ static int test_hashsig_sign(const size_t L, } } - if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK) - lose("Could not delete private key: %s\n", hal_error_string(err)); + if (!keep) { + if ((err = hal_rpc_pkey_delete(private_key)) != HAL_OK) + lose("Could not delete private key: %s\n", hal_error_string(err)); + } if ((err = hal_rpc_pkey_delete(public_key)) != HAL_OK) lose("Could not delete public key: %s\n", hal_error_string(err)); @@ -460,7 +462,7 @@ int main(int argc, char *argv[]) size_t L_lo = 0, L_hi = 0; size_t lms_lo = 5, lms_hi = 0; size_t lmots_lo = 3, lmots_hi = 0; - int save = 0; + int save = 0, keep = 0; char *p; hal_error_t err; int ok = 1; @@ -476,11 +478,12 @@ Usage: %s [-d] [-i] [-p pin] [-t] [-L n] [-l n] [-o n] [-n n] [-s] [-r file]\n\ -o: LM-OTS type (1..4)\n\ -n: number of signatures to generate (0..'max')\n\ -s: save generated public key and signatures\n\ + -k: keep (don't delete) the generated keys on the hsm\n\ -r: read and pretty-print a saved signature file\n\ Numeric arguments can be a single number or a range, e.g. '1..4'\n"; int opt; - while ((opt = getopt(argc, argv, "ditp:L:l:o:n:sr:h?")) != -1) { + while ((opt = getopt(argc, argv, "ditp:L:l:o:n:skr:h?")) != -1) { switch (opt) { case 'd': debug = 1; @@ -526,6 +529,9 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n"; case's': save = 1; break; + case 'k': + keep = 1; + break; case 'r': ok &= read_sig(optarg); do_default = 0; @@ -572,7 +578,7 @@ Numeric arguments can be a single number or a range, e.g. '1..4'\n"; for (size_t L = L_lo; L <= L_hi; ++L) { for (lms_algorithm_t lms_type = lms_lo; lms_type <= lms_hi; ++lms_type) { for (lmots_algorithm_t lmots_type = lmots_lo; lmots_type <= lmots_hi; ++lmots_type) { - ok &= test_hashsig_sign(L, lms_type, lmots_type, iterations, save); + ok &= test_hashsig_sign(L, lms_type, lmots_type, iterations, save, keep); } } } -- cgit v1.2.3