[continued from previous message]
-pkeyopt saltlen:digest
-in ${RAND64FILE}
-rawin
-sigfile ${TMPPDIR}/sha256-rsapps-genpkey-dgstsig.bin Signature Verified Successfully
## Fail DigestSign with RSA PSS because of restricted Digest
openssl
pkeyutl -sign -inkey "${RSAPSS2PRIURI}"
-digest sha384
-pkeyopt pad-mode:pss
-pkeyopt mgf1-digest:sha384
-pkeyopt saltlen:digest
-in ${RAND64FILE}
-rawin
-out ${TMPPDIR}/sha384-rsapps-genpkey-dgstsig.bin 2>&1
## Fail Signing with RSA PKCS1 mech and RSA-PSS key
openssl
pkeyutl -sign -inkey "${RSAPSSPRIURI}"
-digest sha256
-pkeyopt rsa_padding_mode:pkcs1
-in ${RAND64FILE}
-rawin
-out ${TMPPDIR}/sha384-rsa-not-rsapss-sig.bin 2>&1 ==============================================================================
=================================== 53/92 ====================================
test: pkcs11-provider:kryoptic / rsapssam
start time: 10:06:48
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MALLOC_PERTURB_=242 MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper rsapssam-kryoptic.
t
==============================================================================
=================================== 54/92 ====================================
test: pkcs11-provider:softokn / genkey
start time: 10:06:48
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=57 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper genkey-softokn.t
==============================================================================
=================================== 55/92 ====================================
test: pkcs11-provider:softhsm / genkey
start time: 10:06:48
duration: 0.01s
result: exit status 0
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests MALLOC_
PERTURB_=30 ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper genkey-
softhsm.t
----------------------------------- stdout -----------------------------------
Executing /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/tgenkey
Performed tests: 0 ==============================================================================
=================================== 56/92 ====================================
test: pkcs11-provider:kryoptic / genkey
start time: 10:06:48
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=197 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper genkey-kryoptic.t
==============================================================================
=================================== 57/92 ====================================
test: pkcs11-provider:kryoptic.nss / genkey
start time: 10:06:48
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=78 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper genkey-kryoptic.
nss.t
==============================================================================
=================================== 58/92 ====================================
test: pkcs11-provider:softokn / pkey
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=17 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper pkey-softokn.t
==============================================================================
=================================== 59/92 ====================================
test: pkcs11-provider:softhsm / pkey
start time: 10:06:49
duration: 0.19s
result: exit status 0
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MALLOC_PERTURB_=117 MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper pkey-softhsm.t
----------------------------------- stdout -----------------------------------
Executing /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/tpkey
ALL A-OK! ==============================================================================
=================================== 60/92 ====================================
test: pkcs11-provider:kryoptic / pkey
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MALLOC_PERTURB_=189 MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper pkey-kryoptic.t
==============================================================================
=================================== 61/92 ====================================
test: pkcs11-provider:kryoptic.nss / pkey
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: MALLOC_PERTURB_=243 TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper pkey-kryoptic.nss.
t
==============================================================================
=================================== 62/92 ====================================
test: pkcs11-provider:softokn / session
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MESON_TEST_ITERATION=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=174 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper session-softokn.t
==============================================================================
=================================== 63/92 ====================================
test: pkcs11-provider:softhsm / session
start time: 10:06:49
duration: 0.08s
result: exit status 0
command: MALLOC_PERTURB_=203 TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper session-softhsm.t
----------------------------------- stdout -----------------------------------
Executing /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/tsession
ALL A-OK! ==============================================================================
=================================== 64/92 ====================================
test: pkcs11-provider:kryoptic / session
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=60 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper session-kryoptic.t
==============================================================================
=================================== 65/92 ====================================
test: pkcs11-provider:kryoptic.nss / session
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MALLOC_PERTURB_=175 MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper session-kryoptic.
nss.t
==============================================================================
=================================== 66/92 ====================================
test: pkcs11-provider:softokn / rand
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=165 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper rand-softokn.t
==============================================================================
=================================== 67/92 ====================================
test: pkcs11-provider:softhsm / rand
start time: 10:06:49
duration: 0.05s
result: exit status 0
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=20 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper rand-softhsm.t
----------------------------------- stdout -----------------------------------
Executing /build/reproducible-path/pkcs11-provider-1.0/tests/trand
## Test PKCS11 RNG
openssl rand 1
40C71187D97F0000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:../crypto/evp/evp_fetch.c:375:Global default library context, Algorithm (PKCS11-RAND : 0), Properties (<null>)
40C71187D97F0000:error:12000090:random number generator:rand_new_drbg:unable to fetch drbg:../crypto/rand/rand_lib.c:680:
openssl rand 1
� ==============================================================================
=================================== 68/92 ====================================
test: pkcs11-provider:kryoptic / rand
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=247 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper rand-kryoptic.t
==============================================================================
=================================== 69/92 ====================================
test: pkcs11-provider:kryoptic.nss / rand
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=118 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper rand-kryoptic.
nss.t
==============================================================================
=================================== 70/92 ====================================
test: pkcs11-provider:softokn / readkeys
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=134 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper readkeys-softokn.t
==============================================================================
=================================== 71/92 ====================================
test: pkcs11-provider:softhsm / readkeys
start time: 10:06:49
duration: 0.04s
result: exit status 0
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=218 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper readkeys-softhsm.
t
----------------------------------- stdout -----------------------------------
Executing /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/treadkeys
==============================================================================
=================================== 72/92 ====================================
test: pkcs11-provider:kryoptic / readkeys
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=254 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper readkeys-
kryoptic.t
==============================================================================
=================================== 73/92 ====================================
test: pkcs11-provider:kryoptic.nss / readkeys
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=
halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=46 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper readkeys-kryoptic.
nss.t
==============================================================================
=================================== 74/92 ====================================
test: pkcs11-provider:softokn / tls
start time: 10:06:49
duration: 0.01s
result: exit status 77
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MALLOC_PERTURB_=194 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper tls-softokn.t
==============================================================================
=================================== 75/92 ====================================
test: pkcs11-provider:softhsm / tls
start time: 10:06:49
duration: 1.92s
result: exit status 1
command: TEST_PATH=/build/reproducible-path/pkcs11-provider-1.0/tests MALLOC_PERTURB_=189 MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/
tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 /build/reproducible-path/pkcs11-provider-1.0/tests/test-wrapper tls-softhsm.t
----------------------------------- stdout -----------------------------------
Executing /build/reproducible-path/pkcs11-provider-1.0/tests/ttls
## Test SSL_CTX creation
SSL Context works!
## Test setting cert/keys on TLS Context
Cert and Key successfully set on TLS Context!
## Test setting cert/keys on TLS Context w/o pub key
Cert and Key successfully set on TLS Context!
## Test an actual TLS connection
########################################
## TLS with key in provider
## Run sanity test with default values (RSA)
spawn openssl s_client -connect localhost:23456 -CAfile /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/caCert.pem
Connecting to ::1
CONNECTED(00000005)
Can't use SSL_get_servername
depth=1 CN=Issuer
verify return:1
depth=0 O=PKCS11 Provider, CN=My Test Cert
verify return:1
---
Certificate chain
0 s:O=PKCS11 Provider, CN=My Test Cert
i:CN=Issuer
a:PKEY: RSA, 2048 (bit); sigalg: sha256WithRSAEncryption
v:NotBefore: Apr 12 10:06:36 2025 GMT; NotAfter: Apr 12 10:06:36 2026 GMT ---
Server certificate
-----BEGIN CERTIFICATE----- MIIDPzCCAiegAwIBAgIBAzANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZJc3N1 ZXIwHhcNMjUwNDEyMTAwNjM2WhcNMjYwNDEyMTAwNjM2WjAxMRgwFgYDVQQKEw9Q S0NTMTEgUHJvdmlkZXIxFTATBgNVBAMTDE15IFRlc3QgQ2VydDCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAMcui28zjpBTCQCCyxI2Su9brj5yxKb/ccI3 u9ipO7YCde7wVVPpjCZzXIzUmqpQ3tke+2YyBHjqcIeBJnvB+xKt6Oq6sHQ6IKL4 5dt3Vhj8Lvc/nyOFWOjJmeQLJGJvYn+ohqWIQ4Bk/3H9RDsLuam22mJ3LlHPZWcZ 2JAGyOvpZ94mrVcFXbwezCkK8kEoBCR/IZmCT7gWOFrWFEJ21JuWkyr7WZ0xaaNR 9O8EdMZBIZJ4scADmIiDn/rZ7UGQ98fC6RcCJUfZr9SG0JrGzv2ovGECF+Gd1ohT k2QV9xZ/HtV30iVD5slTfapS07ia281Q0f82YNQpgQrgvCuF+vECAwEAAaOBgTB/ MAwGA1UdEwEB/wQCMAAwHwYDVR0RBBgwFoEUdGVzdGNlcnRAZXhhbXBsZS5vcmcw DgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQWBBT0OHyt6wRKSITgknAIlOweeCNYGzAf BgNVHSMEGDAWgBQsoPImCu3nowAZzMgdv4Nr73ioDzANBgkqhkiG9w0BAQsFAAOC AQEAFzMqwcTSQ5mo130cP1oP16oECeUzEDkLJipwEg3aj+3XzagczgGjdgoNqkdH 9swEEivllD3Icrm1/cdqxWeAo8ys0PdFTMfZOqu0eHdIZmW7pV8gGXsIj+V4BWoT CKOsjfJ/rFU1emy8e+ct79VyUI2BxRJPoTKdM9qaYn5c9joC6znKi1tXN5OUho5A ae+VMWvq3crGQEDN2slPPyo56YDl1rhGFY4/pZPy0X7O2EWJzzpSJbq4M0kiXdqA YS+n/1WOx57LgfCl4VDfeZpr8VngfTC+UqCBhKCEASfshkxl9wZ0XlNEn3DxA2c/ rX/Xw3YYk1eMaw1wZ1FuP3hKXw==
-----END CERTIFICATE-----
subject=O=PKCS11 Provider, CN=My Test Cert
issuer=CN=Issuer
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: rsa_pss_rsae_sha256
Negotiated TLS1.3 group: X25519MLKEM768
---
SSL handshake has read 2479 bytes and written 1613 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Protocol: TLSv1.3
Server public key is 2048 bit
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: 075E8CD13C2F02BB3CDC4D905466E5FE9D48A1E1BB70757E3B827CAAEE4B7203
Session-ID-ctx:
Resumption PSK: B56DFD4E95721E6EA507902CF19AE3443FA94C804643C754D53616647E1DE56BEDD8E449D0345DA185F8A1BCF8C35EC5
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 54 5f 44 b7 97 cb c2 89-2d 41 c8 fd 74 f0 a0 ba T_D.....-A..t...
0010 - d4 eb 8e de cb 02 d5 6e-14 5d b4 f1 b7 17 d6 a4 .......n.]......
0020 - 83 0c b4 c9 5e 3a 50 2a-ee ba 18 dd 8d 78 2e 11 ....^:P*.....x..
0030 - 8d 38 37 92 85 31 21 10-cf 65 59 b1 02 c0 ab 6f .87..1!..eY....o
0040 - ef 93 6e 71 6c fe bd ac-50 5b 91 14 a0 8c e7 93 ..nql...P[......
0050 - 19 4d 70 d7 1c b6 7f 6c-af 36 f2 b1 9b 97 9e 05 .Mp....l.6......
0060 - 8e b4 19 51 cb 3a 07 19-fa a1 4d 41 d7 9e e4 f9 ...Q.:....MA....
0070 - 13 d7 18 3c eb 66 d0 2c-2e 61 40 30 16 06 3e 44 ...<.f.,.a@0..>D
0080 - d7 09 bd d4 b1 b8 77 cc-37 e8 4c ef 66 3b c7 8e ......w.7.L.f;..
0090 - c8 1f fc ea 04 bd ba e8-dc a3 56 90 d3 d8 83 37 ..........V....7
00a0 - 07 4c 06 69 8f 2e be 6c-06 a1 bb 28 78 66 2c a9 .L.i...l...(xf,.
00b0 - 67 83 20 81 73 76 74 0f-5a 2b 5c 78 4a 3c a0 f9 g. .svt.Z+\xJ<..
00c0 - d9 f7 31 51 3f 71 02 65-60 6e 74 77 ec 1d 2e b4 ..1Q?q.e`ntw....
Start Time: 1744452409
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
---
Post-Handshake New Session Ticket arrived:
SSL-Session:
Protocol : TLSv1.3
Cipher : TLS_AES_256_GCM_SHA384
Session-ID: 5F5BD454F9422B4957E24AD21B5938710CDBEA5F0329CB653D27BD6698734972
Session-ID-ctx:
Resumption PSK: 215D3114DCF76BA08105B2EC13D326F60AB0A3BB31675A1DF9DAB2326B0FA98CBEA032B2BD17019C5DE31A48075C6136
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 7200 (seconds)
TLS session ticket:
0000 - 54 5f 44 b7 97 cb c2 89-2d 41 c8 fd 74 f0 a0 ba T_D.....-A..t...
0010 - de a3 a2 13 b2 20 44 5a-00 63 52 c5 46 c5 39 42 ..... DZ.cR.F.9B
0020 - d3 17 da b0 43 53 7b 57-c7 a6 26 fd 29 27 6a 83 ....CS{W..&.)'j.
0030 - c3 44 6a d4 97 b3 f8 36-eb 75 8e 49 dc b0 30 42 .Dj....6.u.I..0B
0040 - f2 9d 57 6c 81 5c a1 14-d2 13 da e5 52 0c 3d 7b ..Wl.\......R.={
0050 - 6d c2 37 02 26 ad ce a3-e0 b7 22 3b f8 c9 ee 2f m.7.&.....";.../
0060 - c2 03 fd 84 3e c1 c4 d3-31 ad 6e 6e cb 4b 16 df ....>...1.nn.K..
0070 - 36 15 2f 79 44 6d 4f 23-3f b9 66 00 7d 52 c6 4f 6./yDmO#?.f.}R.O
0080 - f4 49 3b e0 76 85 a0 7f-7a 60 8a c3 e7 02 20 f8 .I;.v...z`.... .
0090 - 3e 8c 81 e4 29 0d 54 82-6d 2b 79 81 ed 73 2e d2 >...).T.m+y..s..
00a0 - 31 4d 6d 01 f2 a7 a9 39-b8 fa 27 05 0f fc fc a5 1Mm....9..'.....
00b0 - 45 b7 1f 33 21 10 79 9e-6e 15 15 38 31 d1 0f 2d E..3!.y.n..81..-
00c0 - f5 6a d7 7e 6e 2d 0b c5-e8 da 74 4a 68 1e 10 c6 .j.~n-....tJh...
Start Time: 1744452409
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---
read R BLOCK
TLS SUCCESSFUL
40B7B301E87F0000:error:0A000126:SSL routines::unexpected eof while reading:../ssl/record/rec_layer_s3.c:691:
Server output:
spawn openssl s_server -accept 23456 -naccept 1 -key pkcs11:type=private;id=%00%01 -cert pkcs11:type=cert;object=testCert
Using default temp DH parameters
ACCEPT
-----BEGIN SSL SESSION PARAMETERS----- MIGDAgEBAgIDBAQCEwIEIMg93mxxUGn+NHJNqsI34JXvZ5nnwcTrgqz6fckdy2g1 BDAhXTEU3PdroIEFsuwT0yb2CrCjuzFnWh352rIyaw+pjL6gMrK9FwGcXeMaSAdc YTahBgIEZ/o7OaIEAgIcIKQGBAQBAAAArgYCBBnbysOzBAICEew=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-CHACHA20-
POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES256-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:ECDHE-ECDSA-
AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA
TLS SUCCESSFUL
Signature Algorithms: id-ml-dsa-65:id-ml-dsa-87:id-ml-dsa-44:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:ecdsa_brainpoolP256r1_sha256:ecdsa_brainpoolP384r1_sha384:ecdsa_brainpoolP512r1_sha512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_
sha512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512
Q
Shared Signature Algorithms: id-ml-dsa-65:id-ml-dsa-87:id-ml-dsa-44:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:ecdsa_brainpoolP256r1_sha256:ecdsa_brainpoolP384r1_sha384:ecdsa_brainpoolP512r1_sha512:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_
pss_pss_sha512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224
Supported groups: X25519MLKEM768:x25519:secp256r1:x448:secp384r1:secp521r1:ffdhe2048:ffdhe3072
Shared groups: X25519MLKEM768:x25519:secp256r1:x448:secp384r1:secp521r1:ffdhe2048:ffdhe3072
CIPHER is TLS_AES_256_GCM_SHA384
This TLS version forbids renegotiation.
DONE
shutdown accept socket
shutting down SSL
CONNECTION CLOSED
0 items in the session cache
0 client connects (SSL_connect())
0 client renegotiates (SSL_connect())
0 client connects that finished
1 server accepts (SSL_accept())
0 server renegotiates (SSL_accept())
1 server accepts that finished
0 session cache hits
0 session cache misses
0 session cache timeouts
0 callback cache hits
0 cache full overflows (128 allowed)
## Run sanity test with default values (RSA-PSS)
## Generating a new selfsigned certificate for pkcs11:type=private;id=%00%10
openssl req -batch -noenc -x509 -new -key ${KEY} ${AARGS} -out ${CERT}
spawn openssl s_client -connect localhost:23456 -CAfile /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/caCert.pem
Connecting to ::1
CONNECTED(00000005)
Can't use SSL_get_servername
depth=0 C=US, ST=New York, L=New York, O=PKCS11 Provider, OU=Testing Harness verify error:num=18:self-signed certificate
verify return:1
depth=0 C=US, ST=New York, L=New York, O=PKCS11 Provider, OU=Testing Harness verify return:1
---
Certificate chain
0 s:C=US, ST=New York, L=New York, O=PKCS11 Provider, OU=Testing Harness
i:C=US, ST=New York, L=New York, O=PKCS11 Provider, OU=Testing Harness
a:PKEY: RSA-PSS, 2048 (bit); sigalg: rsassaPss
v:NotBefore: Apr 12 10:06:49 2025 GMT; NotAfter: May 12 10:06:49 2025 GMT ---
Server certificate
-----BEGIN CERTIFICATE----- MIIEIzCCAtugAwIBAgIUHOD/YALF+FYhNnAB4NHmrw3DAfowPQYJKoZIhvcNAQEK MDCgDTALBglghkgBZQMEAgGhGjAYBgkqhkiG9w0BAQgwCwYJYIZIAWUDBAIBogMC ASAwZzELMAkGA1UEBhMCVVMxETAPBgNVBAgMCE5ldyBZb3JrMREwDwYDVQQHDAhO ZXcgWW9yazEYMBYGA1UECgwPUEtDUzExIFByb3ZpZGVyMRgwFgYDVQQLDA9UZXN0 aW5nIEhhcm5lc3MwHhcNMjUwNDEyMTAwNjQ5WhcNMjUwNTEyMTAwNjQ5WjBnMQsw CQYDVQQGEwJVUzERMA8GA1UECAwITmV3IFlvcmsxETAPBgNVBAcMCE5ldyBZb3Jr MRgwFgYDVQQKDA9QS0NTMTEgUHJvdmlkZXIxGDAWBgNVBAsMD1Rlc3RpbmcgSGFy bmVzczCCASAwCwYJKoZIhvcNAQEKA4IBDwAwggEKAoIBAQCRj1VYA16PESIIha4Q MkpJn2gxwKuOLUeV+nar521mYf1G+bbw/DOzOQR8GvPHV07vufeeyT+DWxQY+yeG mAA2lVFl5S4Yo4jAimMJn0F6PYUZFTYIhVegdqi1MZVRbUmpX/ZXdIzCsQoP6RWC EiipLuZdy8qqWvKF5lIHaDE5FIQLic+kqHDaWlGDIifSXqYHRHl7AiizchnWHFi5 +fBw4+xcQhV4DlMTtVZVJfqvIjHwQ+xa5m4c47Ec6QYtOcvRsZWJJHQ8dVdW8zaV GwZOZwbV+qlzcT85SPcaOWoHeU9d4Wp0My7XHCKawtJBmpsxcxS6hVm1SJmaWBEF YvSzAgMBAAGjaTBnMB0GA1UdDgQWBBRW3mUaJI4DQHtI6oxGkehI59ZW9DAfBgNV HSMEGDAWgBRW3mUaJI4DQHtI6oxGkehI59ZW9DAPBgNVHRMBAf8EBTADAQH/MAkG
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)