tests: added checks to verify behavior in writing pkcs11 objects

That is, verify that private keys are marked as private by default,
and public objects are marked as non-private by default.

1 files changed, 20 insertions, 0 deletions

diff --git a/tests/suite/testpkcs11.sh b/tests/suite/testpkcs11.sh
index f4e1db315d..a17ee55591 100755
--- a/tests/suite/testpkcs11.sh
+++ b/tests/suite/testpkcs11.sh
@@ -69,6 +69,14 @@ write_privkey () {
 		exit_error
 	fi
 
+	echo -n "* Checking whether object was marked private... "
+	${P11TOOL} ${ADDITIONAL_PARAM} --list-privkeys "${token};object=gnutls-client2" 2>/dev/null | grep 'Label\:' >>"${TMPFILE}" 2>&1
+	if test $? = 0; then
+		echo "private object was public"
+		exit_error
+	fi
+	echo ok
+
 }
 
 # $1: token
@@ -409,6 +417,18 @@ write_certificate_test () {
 		return
 	fi
 
+	echo -n "* Checking whether object was public... "
+	${P11TOOL} ${ADDITIONAL_PARAM} --list-all-certs "${token};object=gnutls-client;id=%01%a1%b1%03" 2>&1 | grep 'ID: 01:a1:b1:03' >>"${TMPFILE}" 2>&1
+	if test $? != 0; then
+		echo "certificate object was not public"
+		exit_error
+	fi
+	echo ok
+
+	if test -n "${BROKEN_SOFTHSM2}";then
+		return
+	fi
+
 	echo -n "* Writing certificate of client's CA... "
 	${P11TOOL} ${ADDITIONAL_PARAM} --login --mark-trusted --mark-ca --write --label gnutls-ca --load-certificate "${cacert}" "${token}" >>"${TMPFILE}" 2>&1
 	ret=$?