[FAB-7654] Run PKCS11 tests w/o root privileges

The README currently describes how to run the PKCS11 tests locally with SoftHSM. By default, SoftHSM requires root privileges in order to run the required commands. In order to allow users without root privileges to run the tests, a config file has been added and the README was updated accordingly. Change-Id: Ie47ba3202e62665b5aa8bcef73d593eb6d1b7d22 Signed-off-by: Gari Singh <gari.r.singh@gmail.com>
hyperledger · Feb 17, 2018 · 90881bb · 90881bb
1 parent 0ace8d1
commit 90881bb
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -68,13 +68,18 @@ The SDK has experimental support for PKCS#11 interface in order to allow applica
 
 * set environment variable "PKCS11_TESTS" to "true"
 * install a software emulator of the PKCS#11 interface. The unit tests have been tried with SoftHSM2:
-  * install openssl 1.0.0+ or botan 1.10.0+
-  * download the source code from https://dist.opendnssec.org/source/softhsm-2.2.0.tar.gz
-  * `tar -xvf softhsm-2.2.0.tar.gz`
-  * `cd softhsm-2.2.0`
-  * `./configure --disable-gost` (would require additional libraries, turn it off unless you need gost algorithm support for the Russian market)
-  * `make`
-  * `sudo make install`
+  * install using the package manager for your host system:
+    * Ubuntu:  apt-get install softhsm2
+    * macOS: brew install softhsm
+  * or install from source:
+    * install openssl 1.0.0+ or botan 1.10.0+
+    * download the source code from https://dist.opendnssec.org/source/softhsm-2.2.0.tar.gz
+    * `tar -xvf softhsm-2.2.0.tar.gz`
+    * `cd softhsm-2.2.0`
+    * `./configure --disable-gost` (would require additional libraries, turn it off unless you need gost algorithm support for the Russian market)
+    * `make`
+    * `sudo make install`
+  * set environment variable "SOFTHSM2_CONF" to "./test/fixtures/softhsm2.conf"
   * create a token to store keys inside slot 0: `softhsm2-util --init-token --slot 0 --label "My token 1"`, you will be prompted two PINs: SO (Security Officer) PIN that can be used to re-initialize the token, and user PIN to be used by applications to access the token for generating and retrieving keys
 
 The unit test assumes slot '0' and user PIN `98765432`. If your configuration is different, use these environment variables to pass in the values:

diff --git a/test/fixtures/softhsm2.conf b/test/fixtures/softhsm2.conf
@@ -0,0 +1,8 @@
+# SoftHSM v2 configuration file
+
+directories.tokendir = /tmp/
+objectstore.backend = file
+
+# ERROR, WARNING, INFO, DEBUG
+log.level = INFO
+