Comment 14 for bug 2028936
Revision history for this message
| Frank Heimes (fheimes) wrote Re: [24.04 FEAT] [SEC2340] zkey: support for key type PKEY_TYPE_EP11_AES (s390-tools) | #14 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
I remembered LP#1928780 and thought we can run the test from there here as well (for regression testing).
It would be like this:
[Test Case]
* Have an Ubuntu noble or mantic installation on LPAR, z/VM or KVM
and install opencryptoki:
ubuntu@zbox:~$ sudo apt install opencryptoki
* Now check if there is a soft token available (should be by default):
ubuntu@zbox:~$ pkcsconf -t
Token #1 Info:
Label: icatok
Manufacturer: IBM
Model: ICA
Serial Number:
Flags: 0x880045 (RNG|LOGIN_
Sessions: 0/[effectively infinite]
R/W Sessions: 0/[effectively infinite]
PIN Length: 4-8
Public Memory: [information unavailable]
Private Memory: [information unavailable]
Hardware Version: 0.0
Firmware Version: 0.0
Time: 2023062111512600
URI: pkcs11:
Token #3 Info:
Label: softtok
Manufacturer: IBM
Model: Soft
Serial Number:
Flags: 0x880045 (RNG|LOGIN_
Sessions: 0/[effectively infinite]
R/W Sessions: 0/[effectively infinite]
PIN Length: 4-8
Public Memory: [information unavailable]
Private Memory: [information unavailable]
Hardware Version: 0.0
Firmware Version: 0.0
Time: 2023062111512600
URI: pkcs11:
* Now initialize and re-label the soft token:
ubuntu@zbox:~$ pkcsconf -I -c 3
Enter the SO PIN:
Enter a unique token label: mysofttok
* And set the user password to be 1234 (since it's hardcoded in the testfile).
ubuntu@zbox:~$ sudo pkcsconf -c 3 -u
* Now install the opencryptoki lib headers:
ubuntu@zbox:~$ sudo apt install libopencryptoki-dev
* Download this test code:
https:/
and compile it:
ubuntu@zbox:~$ gcc test.c -o test -lopencryptoki
* And run the resulting binary as root:
ubuntu@zbox:~$ sudo ./test
It'll return 56 is the correct key is rejected (0 for the incorrect).