Allow override of PKCS11_[U]LONG type (#72)

The standard PKCS#11 header file maps the `PKCS11_[U]LONG` types to `[unsigned] long int`, which has a size that is compiler/machine dependent. Add the ability to force the `PKCS11_[U]LONG` type to be of a specified size (32 or 64 bits), in case the local compiler's opinion of the sizes doesn't match that of the PKCS#11 library under test. Triggered by passing `PKCS11_LONG_SIZE=32` to `make` and/or as a `#define`. Update README to mention the override options.
google · Apr 18, 2023 · 2cbe462 · 2cbe462
1 parent 18c46f4
commit 2cbe462
Show file tree

Hide file tree

Showing 7 changed files with 47 additions and 16 deletions.
diff --git a/README.md b/README.md
@@ -29,6 +29,14 @@ common Linux PKCS#11 implementations:
 
 This is NOT an official Google product.
 
+Additional make options:
+ - `PKCS11_LONG_SIZE=32` - set `CK_LONG`/`CK_ULONG` size to `int32_t`/`uint32_t`. Normally set to `long int`, which is machine/compiler dependent.
+ - `STRICT_P11=1` - set structures to packed, which tests against fully compliant PKCS11 implementations.
+
+Example:
+```
+make PKCS11_LONG_SIZE=32 STRICT_P11=1
+```
 
 Test Options
 ------------

diff --git a/cipher.cc b/cipher.cc
@@ -577,7 +577,7 @@ TEST_F(ReadOnlySessionTest, CreateSecretKeyAttributes) {
     {CKA_DECRYPT, (CK_VOID_PTR)&g_ck_true, sizeof(CK_BBOOL)},
     {CKA_CLASS, &key_class, sizeof(key_class)},
     {CKA_KEY_TYPE, (CK_VOID_PTR)&key_type, sizeof(key_type)},
-    {CKA_VALUE, (CK_VOID_PTR)key.data(), key.size()},
+    {CKA_VALUE, (CK_VOID_PTR)key.data(), (CK_ULONG)key.size()},
   };
   CK_OBJECT_HANDLE key_object;
   ASSERT_CKR_OK(g_fns->C_CreateObject(session_, attrs.data(), attrs.size(), &key_object));
@@ -626,7 +626,7 @@ TEST_F(ReadOnlySessionTest, SecretKeyTestVectors) {
         {CKA_DECRYPT, (CK_VOID_PTR)&g_ck_true, sizeof(CK_BBOOL)},
         {CKA_CLASS, &key_class, sizeof(key_class)},
         {CKA_KEY_TYPE, (CK_VOID_PTR)&key_type, sizeof(key_type)},
-        {CKA_VALUE, (CK_VOID_PTR)key.data(), key.size()},
+        {CKA_VALUE, (CK_VOID_PTR)key.data(), (CK_ULONG)key.size()},
       };
       CK_OBJECT_HANDLE key_object;
       ASSERT_CKR_OK(g_fns->C_CreateObject(session_, attrs.data(), attrs.size(), &key_object));

diff --git a/hmac.cc b/hmac.cc
@@ -188,7 +188,7 @@ TEST_F(ReadOnlySessionTest, HmacTestVectors) {
         {CKA_VERIFY, (CK_VOID_PTR)&g_ck_true, sizeof(CK_BBOOL)},
         {CKA_CLASS, &key_class, sizeof(key_class)},
         {CKA_KEY_TYPE, (CK_VOID_PTR)&key_type, sizeof(key_type)},
-        {CKA_VALUE, (CK_VOID_PTR)key.data(), key.size()},
+        {CKA_VALUE, (CK_VOID_PTR)key.data(), (CK_ULONG)key.size()},
       };
       CK_OBJECT_HANDLE key_object;
       ASSERT_CKR_OK(g_fns->C_CreateObject(session_, attrs.data(), attrs.size(), &key_object));

diff --git a/keypair.cc b/keypair.cc
@@ -234,8 +234,8 @@ TEST_F(ReadOnlySessionTest, CreateKeyPairObjects) {
     {CKA_PRIVATE, (CK_VOID_PTR)&g_ck_false, sizeof(CK_BBOOL)},
     {CKA_CLASS, &public_key_class, sizeof(public_key_class)},
     {CKA_KEY_TYPE, (CK_VOID_PTR)&key_type, sizeof(key_type)},
-    {CKA_PUBLIC_EXPONENT, (CK_VOID_PTR)public_exponent.data(), public_exponent.size()},
-    {CKA_MODULUS, (CK_VOID_PTR)public_modulus.data(), public_modulus.size()},
+    {CKA_PUBLIC_EXPONENT, (CK_VOID_PTR)public_exponent.data(), (CK_ULONG)public_exponent.size()},
+    {CKA_MODULUS, (CK_VOID_PTR)public_modulus.data(), (CK_ULONG)public_modulus.size()},
   };
   EXPECT_CKR_OK(g_fns->C_CreateObject(session_,
                                       public_attrs.data(),
@@ -254,34 +254,34 @@ TEST_F(ReadOnlySessionTest, CreateKeyPairObjects) {
     {CKA_PRIVATE, (CK_VOID_PTR)&g_ck_false, sizeof(CK_BBOOL)},
     {CKA_CLASS, &private_key_class, sizeof(private_key_class)},
     {CKA_KEY_TYPE, (CK_VOID_PTR)&key_type, sizeof(key_type)},
-    {CKA_PUBLIC_EXPONENT, (CK_VOID_PTR)public_exponent.data(), public_exponent.size()},
-    {CKA_PRIVATE_EXPONENT, (CK_BYTE_PTR)private_exponent.data(), private_exponent.size()},
-    {CKA_MODULUS, (CK_VOID_PTR)public_modulus.data(), public_modulus.size()},
+    {CKA_PUBLIC_EXPONENT, (CK_VOID_PTR)public_exponent.data(), (CK_ULONG)public_exponent.size()},
+    {CKA_PRIVATE_EXPONENT, (CK_BYTE_PTR)private_exponent.data(), (CK_ULONG)private_exponent.size()},
+    {CKA_MODULUS, (CK_VOID_PTR)public_modulus.data(), (CK_ULONG)public_modulus.size()},
   };
   string prime1data;
   if (!keydata.prime1.empty()) {
     prime1data = hex_decode(keydata.prime1);
-    private_attrs.push_back({CKA_PRIME_1, (CK_BYTE_PTR)prime1data.data(), prime1data.size()});
+    private_attrs.push_back({CKA_PRIME_1, (CK_BYTE_PTR)prime1data.data(), (CK_ULONG)prime1data.size()});
   }
   string prime2data;
   if (!keydata.prime2.empty()) {
     prime2data = hex_decode(keydata.prime2);
-    private_attrs.push_back({CKA_PRIME_2, (CK_BYTE_PTR)prime2data.data(), prime2data.size()});
+    private_attrs.push_back({CKA_PRIME_2, (CK_BYTE_PTR)prime2data.data(), (CK_ULONG)prime2data.size()});
   }
   string exponent1data;
   if (!keydata.exponent1.empty()) {
     exponent1data = hex_decode(keydata.exponent1);
-    private_attrs.push_back({CKA_EXPONENT_1, (CK_BYTE_PTR)exponent1data.data(), exponent1data.size()});
+    private_attrs.push_back({CKA_EXPONENT_1, (CK_BYTE_PTR)exponent1data.data(), (CK_ULONG)exponent1data.size()});
   }
   string exponent2data;
   if (!keydata.exponent2.empty()) {
     exponent2data = hex_decode(keydata.exponent2);
-    private_attrs.push_back({CKA_EXPONENT_2, (CK_BYTE_PTR)exponent2data.data(), exponent2data.size()});
+    private_attrs.push_back({CKA_EXPONENT_2, (CK_BYTE_PTR)exponent2data.data(), (CK_ULONG)exponent2data.size()});
   }
   string coefficientdata;
   if (!keydata.coefficient.empty()) {
     coefficientdata = hex_decode(keydata.coefficient);
-    private_attrs.push_back({CKA_COEFFICIENT, (CK_BYTE_PTR)coefficientdata.data(), coefficientdata.size()});
+    private_attrs.push_back({CKA_COEFFICIENT, (CK_BYTE_PTR)coefficientdata.data(), (CK_ULONG)coefficientdata.size()});
   }
   EXPECT_CKR_OK(g_fns->C_CreateObject(session_,
                                       private_attrs.data(),

diff --git a/makefile b/makefile
@@ -1,5 +1,4 @@
 all: pkcs11test
-
 SLOT_ID ?= 0
 test_opencryptoki: pkcs11test
 	./pkcs11test -m libopencryptoki.so -l /usr/lib/opencryptoki -s ${SLOT_ID}
@@ -12,6 +11,9 @@ dump_opencryptoki: pkcs11test
 ifneq (, $(STRICT_P11))
     CXXFLAGS+=-DSTRICT_P11
 endif
+ifneq (, $(PKCS11_LONG_SIZE))
+    CXXFLAGS+=-DPKCS11_LONG_SIZE=$(PKCS11_LONG_SIZE)
+endif
 
 GTEST_DIR=gtest-1.10.0/googletest
 GTEST_INC=-isystem $(GTEST_DIR)/include

diff --git a/pkcs11-env.h b/pkcs11-env.h
@@ -29,6 +29,23 @@
 #define NULL_PTR 0
 #endif
 
+#ifdef PKCS11_LONG_SIZE
+ #include <stdint.h>
+ #if PKCS11_LONG_SIZE==32
+ typedef uint32_t PKCS11_ULONG_TYPE;
+ typedef int32_t PKCS11_LONG_TYPE;
+ #elif PKCS11_LONG_SIZE==64
+ typedef uint64_t PKCS11_ULONG_TYPE;
+ typedef int64_t PKCS11_LONG_TYPE;
+ #else
+ #error "Invalid value for PKCS11_LONG_SIZE, defaulting to long"
+ typedef unsigned long int PKCS11_ULONG_TYPE;
+ typedef long int PKCS11_LONG_TYPE;
+ #endif
+#else
+ typedef unsigned long int PKCS11_ULONG_TYPE;
+ typedef long int PKCS11_LONG_TYPE;
+#endif
 #include <pkcs11.h>
 
 #if defined(STRICT_P11)

diff --git a/third_party/pkcs11/pkcs11t.h b/third_party/pkcs11/pkcs11t.h
@@ -52,12 +52,16 @@ typedef CK_BYTE           CK_UTF8CHAR;
 /* a BYTE-sized Boolean flag */
 typedef CK_BYTE           CK_BBOOL;
 
+/* Local modification: the CK_LONG/CK_ULONG types are mapped to local typedefs
+ * to allow the tests to run against PKCS11 libraries that use a CK_[U]LONG type
+ * that is a different size from 'long int'. */ 
+
 /* an unsigned value, at least 32 bits long */
-typedef unsigned long int CK_ULONG;
+typedef PKCS11_ULONG_TYPE CK_ULONG;
 
 /* a signed value, the same size as a CK_ULONG */
 /* CK_LONG is new for v2.0 */
-typedef long int          CK_LONG;
+typedef PKCS11_LONG_TYPE  CK_LONG;
 
 /* at least 32 bits; each bit is a Boolean flag */
 typedef CK_ULONG          CK_FLAGS;