2.6.0: test suite fails in `asym_wrap_test` unit

[kloczek]

Looks like something is wrong with new version and ctest fails in one unit

+ cd yubihsm-shell-2.6.0
+ /usr/bin/ctest --test-dir x86_64-redhat-linux-gnu --output-on-failure --force-new-ctest-process -j48 ' ' -E '^(attest|generate_ec|generate_hmac|import_authkey|import_rsa|info|wrap|wrap_da
ta|yubico_otp|echo|asym_auth|import_ec|generate_rsa|logs|ssh|decrypt_rsa|decrypt_ec|import_ed|change_authkey|encrypt_aes|aes_encrypt_test|ecdh_derive_test|rsa_enc_test|pkcs11test|bash_tests
|ecdh_sp800_test|pss_sign_test)'
Internal ctest changing into directory: /home/tkloczko/rpmbuild/BUILD/yubihsm-shell-2.6.0/x86_64-redhat-linux-gnu
Test project /home/tkloczko/rpmbuild/BUILD/yubihsm-shell-2.6.0/x86_64-redhat-linux-gnu
    Start 1: parsing
    Start 2: pbkdf2
    Start 3: engine_tests
    Start 4: asym_wrap_test
    Start 5: pkcs11_interfaces_test
1/5 Test #1: parsing ..........................   Passed    0.01 sec
2/5 Test #3: engine_tests .....................   Passed    0.01 sec
3/5 Test #2: pbkdf2 ...........................   Passed    0.02 sec
4/5 Test #5: pkcs11_interfaces_test ...........   Passed    0.02 sec
5/5 Test #4: asym_wrap_test ...................Subprocess aborted***Exception:   0.09 sec
asym_wrap_test: /home/tkloczko/rpmbuild/BUILD/yubihsm-shell-2.6.0/pkcs11/tests/common.c:71: open_session: Assertion `rv == CKR_OK' failed.

80% tests passed, 1 tests failed out of 5

Total Test time (real) =   0.10 sec

The following tests FAILED:
          4 - asym_wrap_test (Subprocess aborted)
Errors while running CTest

[aveenismail]

It looks like it's unable to open a session to begin with. Is the connector running and accessible? Is the default authentication key still in the device?

[kloczek]

Connector? Nothing else is running in the build system. What exactly needs to be running?

Simple up to now test suite was ok. Nevertheless if anything needs to be running I thing that it is possible to start it into ctest session https://cmake.org/cmake/help/latest/prop_test/FIXTURES_REQUIRED.html

[aveenismail]

All other tests that passed (aka parsing, pbkdf2, engine_tests and pkcs11_interfaces_test) do not attempt to open a session with a YubiHSM. All tests that do require an authenticated session with the device are already excluded by the ctest command. So if you do want to exclude all tests that require a real YubiHSM to run, you can add asym_wrap_test to the excluded tests in the ctest command:

+ /usr/bin/ctest --test-dir x86_64-redhat-linux-gnu --output-on-failure --force-new-ctest-process -j48 ' ' -E '^(attest|generate_ec|generate_hmac|import_authkey|import_rsa|info|wrap|wrap_da
ta|yubico_otp|echo|asym_auth|import_ec|generate_rsa|logs|ssh|decrypt_rsa|decrypt_ec|import_ed|change_authkey|encrypt_aes|aes_encrypt_test|ecdh_derive_test|rsa_enc_test|pkcs11test|bash_tests
|ecdh_sp800_test|pss_sign_test|asym_wrap_test)

Otherwise, the test assumes that a YubiHSM device with the default authentication key still present is accessible either via yubihsm-connector or direct USB communication. See https://docs.yubico.com/hardware/yubihsm-2/hsm-2-user-guide/hsm2-sdk-tools-libraries.html#http-connector for connector references.