Set p11_test component paths from the environment

Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>

Author: c00kiemon5ter

src/xmlsec/test/__init__.py

@@ -5,6 +5,11 @@
 __author__ = 'leifj'
 
 
+def paths_for_component(component, default_paths):
+    env_path = os.environ.get(component)
+    return [env_path] if env_path else default_paths
+
+
 def find_alts(alts):
     for a in alts:
         if os.path.exists(a):

src/xmlsec/test/p11_test.py

@@ -17,6 +17,7 @@
 from lxml import etree
 
 import xmlsec
+from xmlsec.test import paths_for_component
 from xmlsec.test import find_alts
 from xmlsec.test import run_cmd
 
@@ -28,36 +29,58 @@
 except ImportError:
     raise unittest.SkipTest("PyKCS11 not installed")
 
-P11_MODULE = find_alts(['/usr/lib/libsofthsm.so', '/usr/lib/softhsm/libsofthsm.so', '/usr/lib/softhsm/libsofthsm2.so'])
-P11_ENGINE = find_alts(['/usr/lib/ssl/engines/libpkcs11.so','/usr/lib/engines/engine_pkcs11.so'])
-P11_SPY = find_alts(['/usr/lib/pkcs11/pkcs11-spy.so'])
-PKCS11_TOOL = find_alts(['/usr/bin/pkcs11-tool'])
-OPENSC_TOOL = find_alts(['/usr/bin/opensc-tool'])
-SOFTHSM = find_alts(['/usr/bin/softhsm','/usr/bin/softhsm2-util'])
-OPENSSL = find_alts(['/usr/bin/openssl'])
-
 try:
     import xmlsec.pk11 as pk11
 except Exception:
     raise unittest.SkipTest("PyKCS11 not installed")
 
-if OPENSSL is None:
-    raise unittest.SkipTest("OpenSSL not installed")
-
-if SOFTHSM is None:
-    raise unittest.SkipTest("SoftHSM2 not installed")
-
-if OPENSC_TOOL is None:
-    raise unittest.SkipTest("OpenSC not installed")
-
-if PKCS11_TOOL is None:
-    raise unittest.SkipTest("pkcs11-tool not installed")
 
-if P11_ENGINE is None:
-    raise unittest.SkipTest("libengine-pkcs11-openssl is not installed")
+component_default_paths = {
+    'P11_MODULE': [
+        '/usr/lib/libsofthsm.so',
+        '/usr/lib/softhsm/libsofthsm.so',
+        '/usr/lib/softhsm/libsofthsm2.so',
+    ],
+    'P11_ENGINE': [
+        '/usr/lib/ssl/engines/libpkcs11.so',
+        '/usr/lib/engines/engine_pkcs11.so',
+        '/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so',
+    ],
+    'P11_SPY': [
+        '/usr/lib/pkcs11/pkcs11-spy.so',
+    ],
+    'PKCS11_TOOL': [
+        '/usr/bin/pkcs11-tool',
+    ],
+    'OPENSC_TOOL': [
+        '/usr/bin/opensc-tool',
+    ],
+    'SOFTHSM': [
+        '/usr/bin/softhsm',
+        '/usr/bin/softhsm2-util',
+    ],
+    'OPENSSL': [
+        '/usr/bin/openssl',
+    ],
+}
+
+component_path = {
+    component: find_alts(
+        paths_for_component(component, component_default_paths[component])
+    )
+    for component in component_default_paths.keys()
+}
+
+if any(path is None for component, path in component_path.items()):
+    missing = [
+        component
+        for component, path in component_path.items()
+        if path is None
+    ]
+    raise unittest.SkipTest("Required components missing: {}".format(missing))
 
 softhsm_version = 1
-if SOFTHSM == '/usr/bin/softhsm2-util':
+if component_path['SOFTHSM'] == '/usr/bin/softhsm2-util':
     softhsm_version = 2
 
 p11_test_files = []
@@ -79,7 +102,7 @@ def _td():
     return d
 
 
-@unittest.skipIf(P11_MODULE is None, "SoftHSM PKCS11 module not installed")
+@unittest.skipIf(component_path['P11_MODULE'] is None, "SoftHSM PKCS11 module not installed")
 def setup():
     logging.debug("Creating test pkcs11 token using softhsm")
     try:
@@ -101,24 +124,24 @@ def setup():
                 f.write("#Generated by pyXMLSecurity test\n0:%s\n" % softhsm_db)
 
         logging.debug("Initializing the token")
-        run_cmd([SOFTHSM,
+        run_cmd([component_path['SOFTHSM'],
                  '--slot', '0',
                  '--label', 'test',
                  '--init-token',
                  '--pin', 'secret1',
                  '--so-pin', 'secret2'], softhsm_conf=softhsm_conf)
         logging.debug("Generating 1024 bit RSA key in token")
-        run_cmd([PKCS11_TOOL,
-                 '--module', P11_MODULE,
+        run_cmd([component_path['PKCS11_TOOL'],
+                 '--module', component_path['P11_MODULE'],
                  '-l',
                  '-k',
                  '--key-type', 'rsa:1024',
                  '--slot-index', '0',
                  '--id', 'a1b2',
                  '--label', 'test',
                  '--pin', 'secret1'], softhsm_conf=softhsm_conf)
-        run_cmd([PKCS11_TOOL,
-                 '--module', P11_MODULE,
+        run_cmd([component_path['PKCS11_TOOL'],
+                 '--module', component_path['P11_MODULE'],
                  '-l',
                  '--pin', 'secret1', '-O'], softhsm_conf=softhsm_conf)
         global signer_cert_der
@@ -147,12 +170,12 @@ def setup():
 distinguished_name = req_distinguished_name
 
 [req_distinguished_name]
-                """ % (P11_ENGINE, P11_MODULE))
+""" % (component_path['P11_ENGINE'], component_path['P11_MODULE']))
 
         signer_cert_der = _tf()
 
         logging.debug("Generating self-signed certificate")
-        run_cmd([OPENSSL, 'req',
+        run_cmd([component_path['OPENSSL'], 'req',
                  '-new',
                  '-x509',
                  '-subj', "/CN=Test Signer",
@@ -163,16 +186,16 @@ def setup():
                  '-passin', 'pass:secret1',
                  '-out', signer_cert_pem], softhsm_conf=softhsm_conf)
 
-        run_cmd([OPENSSL, 'x509',
+        run_cmd([component_path['OPENSSL'], 'x509',
                  '-inform', 'PEM',
                  '-outform', 'DER',
                  '-in', signer_cert_pem,
                  '-out', signer_cert_der], softhsm_conf=softhsm_conf)
 
         logging.debug("Importing certificate into token")
 
-        run_cmd([PKCS11_TOOL,
-                 '--module', P11_MODULE,
+        run_cmd([component_path['PKCS11_TOOL'],
+                 '--module', component_path['P11_MODULE'],
                  '-l',
                  '--slot-index', '0',
                  '--id', 'a1b2',
@@ -216,13 +239,13 @@ def setUp(self):
 
         self.cases = load_test_data('data/signverify')
 
-    @unittest.skipIf(P11_MODULE is None, "SoftHSM PKCS11 module not installed")
+    @unittest.skipIf(component_path['P11_MODULE'] is None, "SoftHSM PKCS11 module not installed")
     def test_open_session(self):
         session = None
         try:
             os.environ['SOFTHSM_CONF'] = softhsm_conf
             os.environ['SOFTHSM2_CONF'] = softhsm_conf
-            session = pk11._session(P11_MODULE, pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
+            session = pk11._session(component_path['P11_MODULE'], pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
             assert session is not None
         except Exception, ex:
             traceback.print_exc()
@@ -231,13 +254,13 @@ def test_open_session(self):
             if session is not None:
                 pk11._close_session(session)
 
-    @unittest.skipIf(P11_MODULE is None, "SoftHSM PKCS11 module not installed")
+    @unittest.skipIf(component_path['P11_MODULE'] is None, "SoftHSM PKCS11 module not installed")
     def test_open_session_no_pin(self):
         session = None
         try:
             os.environ['SOFTHSM_CONF'] = softhsm_conf
             os.environ['SOFTHSM2_CONF'] = softhsm_conf
-            session = pk11._session(P11_MODULE, pk11_uri="pkcs11://%s/test" % P11_MODULE)
+            session = pk11._session(component_path['P11_MODULE'], pk11_uri="pkcs11://%s/test" % P11_MODULE)
             assert session is not None
         except Exception, ex:
             traceback.print_exc()
@@ -246,15 +269,15 @@ def test_open_session_no_pin(self):
             if session is not None:
                 pk11._close_session(session)
 
-    @unittest.skipIf(P11_MODULE is None, "SoftHSM PKCS11 module not installed")
+    @unittest.skipIf(component_path['P11_MODULE'] is None, "SoftHSM PKCS11 module not installed")
     def test_two_sessions(self):
         session1 = None
         session2 = None
         try:
             os.environ['SOFTHSM_CONF'] = softhsm_conf
             os.environ['SOFTHSM2_CONF'] = softhsm_conf
-            session1 = pk11._session(P11_MODULE, pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
-            session2 = pk11._session(P11_MODULE, pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
+            session1 = pk11._session(component_path['P11_MODULE'], pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
+            session2 = pk11._session(component_path['P11_MODULE'], pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
             assert session1 != session2
             assert session1 is not None
             assert session2 is not None
@@ -266,24 +289,24 @@ def test_two_sessions(self):
             if session2 is not None:
                 pk11._close_session(session2)
 
-    @unittest.skipIf(P11_MODULE is None, "SoftHSM PKCS11 module not installed")
+    @unittest.skipIf(component_path['P11_MODULE'] is None, "SoftHSM PKCS11 module not installed")
     def test_bad_login(self):
         os.environ['SOFTHSM_CONF'] = softhsm_conf
         os.environ['SOFTHSM2_CONF'] = softhsm_conf
         try:
-            session = pk11._session(P11_MODULE, pk11_uri="pkcs11://%s/test?pin=wrong" % P11_MODULE)
+            session = pk11._session(component_path['P11_MODULE'], pk11_uri="pkcs11://%s/test?pin=wrong" % P11_MODULE)
             assert False, "We should have failed the last login"
         except PyKCS11Error, ex:
             assert ex.value == CKR_PIN_INCORRECT
             pass
 
-    @unittest.skipIf(P11_MODULE is None, "SoftHSM PKCS11 module not installed")
+    @unittest.skipIf(component_path['P11_MODULE'] is None, "SoftHSM PKCS11 module not installed")
     def test_find_key(self):
         session = None
         try:
             os.environ['SOFTHSM_CONF'] = softhsm_conf
             os.environ['SOFTHSM2_CONF'] = softhsm_conf
-            session = pk11._session(P11_MODULE, pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
+            session = pk11._session(component_path['P11_MODULE'], pk11_uri="pkcs11://%s/test?pin=secret1" % P11_MODULE)
             key, cert = pk11._find_key(session, "test")
             assert key is not None
             assert cert is not None
@@ -294,7 +317,7 @@ def test_find_key(self):
             if session is not None:
                 pk11._close_session(session)
 
-    @unittest.skipIf(P11_MODULE is None, "SoftHSM PKCS11 module not installed")
+    @unittest.skipIf(component_path['P11_MODULE'] is None, "SoftHSM PKCS11 module not installed")
     def test_SAML_sign_with_pkcs11(self):
         """
         Test signing a SAML assertion using PKCS#11 and then verifying it using plain file.
@@ -306,7 +329,7 @@ def test_SAML_sign_with_pkcs11(self):
         os.environ['SOFTHSM2_CONF'] = softhsm_conf
 
         signed = xmlsec.sign(case.as_etree('in.xml'),
-                             key_spec="pkcs11://%s/test?pin=secret1" % P11_MODULE)
+                             key_spec="pkcs11://%s/test?pin=secret1" % component_path['P11_MODULE'])
 
         # verify signature using the public key
         res = xmlsec.verify(signed, signer_cert_pem)
@@ -323,7 +346,7 @@ def test_SAML_sign_with_pkcs11_cert(self):
         os.environ['SOFTHSM2_CONF'] = softhsm_conf
 
         signed = xmlsec.sign(case.as_etree('in2.xml'),
-                             key_spec="pkcs11://%s/test?pin=secret1" % P11_MODULE)
+                             key_spec="pkcs11://%s/test?pin=secret1" % component_path['P11_MODULE'])
 
         print("XML output :\n{}\n\n".format(etree.tostring(signed)))
         # verify signature using the public key