-
Notifications
You must be signed in to change notification settings - Fork 1
Little PKCS#11 tester for the DNIe
License
rickyepoderi/dnie-pkcs11-tester
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
# dnie-pkcs11-tester This program is just a lttle PKCS#11 tester for the DNIe (Spanish eID). It is intended to be used with the pkcs11 library provided by Opensc. The auto-tools can be used for compilng it. autoreconf -iv ./configure make This creates a _dnie-pkcs11-tester_ in the current directory you can execute. If you need to use a custom openssl location (cryto library is used to show the certificates inside the card) you can specify it using the --with-ssl option. autoreconf -iv ./configure --with-ssl=/path/to/openssl make If you want you can compile by yourself (maybe it is easier) just execute a command like this: gcc -I. dnie-pkcs11-tester.c -o dnie-pkcs11-tester -lcrypto -ldl Now the tester uses _dlopen_ to access to the PKCS#11 library (previously it was linked to the library in a direct way). So the library to test should be passed as the only argument. Finally the current status of the tests which are executed is the following: Usage: dnie-pkcs11-tester [OPTIONS] pkcs11-lib.so ARGUMENTS: pkcs11-lib.so: PKCS#11 library to test. OPTIONS: --test=TEST -t TEST: Executes the test TEST (order or name of the test). This parameter can be used several times (several tests are run). --all -a: All default tests are executed. --help -h: Prints this usage. TESTS: 1.- name: login description: Login into the DNIe. default: yes 2.- name: list-objects description: List all objects inside the DNIe. default: yes 3.- name: logout description: Test for login, logout and login again. default: yes 4.- name: signature description: Performs two sequential signatures with the sign key. default: yes 5.- name: authentication description: Performs two sequential signatures with the auth key. default: yes 6.- name: interference description: Executes two processes in a way that one steals the secure channel of the other after the login, some sleeps are used for that, this test is 60 seconds in length. default: yes 7.- name: auth-11 description: Executes 11 signatures with the auth key. OpenSC has a default pin cache of 10 uses, DNIe v3.0 needs more. default: no
About
Little PKCS#11 tester for the DNIe
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published