Mock Version: 5.0 Mock Version: 5.0 Mock Version: 5.0 ENTER ['do_with_status'](['bash', '--login', '-c', '/usr/bin/rpmbuild -bs --noclean --target riscv64 --nodeps /builddir/build/SPECS/pkcs11-provider.spec'], chrootPath='/var/lib/mock/f39-build-2085391-50067/root'env={'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOME': '/builddir', 'HOSTNAME': 'mock', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin', 'PROMPT_COMMAND': 'printf "\\033]0;\\007"', 'PS1': ' \\s-\\v\\$ ', 'LANG': 'C.UTF-8'}shell=Falselogger=timeout=864000uid=982gid=135user='mockbuild'nspawn_args=[]unshare_net=TrueprintOutput=False) Executing command: ['bash', '--login', '-c', '/usr/bin/rpmbuild -bs --noclean --target riscv64 --nodeps /builddir/build/SPECS/pkcs11-provider.spec'] with env {'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOME': '/builddir', 'HOSTNAME': 'mock', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin', 'PROMPT_COMMAND': 'printf "\\033]0;\\007"', 'PS1': ' \\s-\\v\\$ ', 'LANG': 'C.UTF-8'} and shell False Building target platforms: riscv64 Building for target riscv64 setting SOURCE_DATE_EPOCH=1689897600 Wrote: /builddir/build/SRPMS/pkcs11-provider-0.2-2.fc39.src.rpm Child return code was: 0 ENTER ['do_with_status'](['bash', '--login', '-c', '/usr/bin/rpmbuild -bb --noclean --target riscv64 --nodeps /builddir/build/SPECS/pkcs11-provider.spec'], chrootPath='/var/lib/mock/f39-build-2085391-50067/root'env={'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOME': '/builddir', 'HOSTNAME': 'mock', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin', 'PROMPT_COMMAND': 'printf "\\033]0;\\007"', 'PS1': ' \\s-\\v\\$ ', 'LANG': 'C.UTF-8'}shell=Falselogger=timeout=864000uid=982gid=135user='mockbuild'nspawn_args=[]unshare_net=TrueprintOutput=False) Executing command: ['bash', '--login', '-c', '/usr/bin/rpmbuild -bb --noclean --target riscv64 --nodeps /builddir/build/SPECS/pkcs11-provider.spec'] with env {'TERM': 'vt100', 'SHELL': '/bin/bash', 'HOME': '/builddir', 'HOSTNAME': 'mock', 'PATH': '/usr/bin:/bin:/usr/sbin:/sbin', 'PROMPT_COMMAND': 'printf "\\033]0;\\007"', 'PS1': ' \\s-\\v\\$ ', 'LANG': 'C.UTF-8'} and shell False Building target platforms: riscv64 Building for target riscv64 setting SOURCE_DATE_EPOCH=1689897600 Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.XjEAyy + umask 022 + cd /builddir/build/BUILD + cd /builddir/build/BUILD + rm -rf pkcs11-provider-0.2 + /usr/lib/rpm/rpmuncompress -x /builddir/build/SOURCES/pkcs11-provider-0.2.tar.xz + STATUS=0 + '[' 0 -ne 0 ']' + cd pkcs11-provider-0.2 + rm -rf /builddir/build/BUILD/pkcs11-provider-0.2-SPECPARTS + /usr/bin/mkdir -p /builddir/build/BUILD/pkcs11-provider-0.2-SPECPARTS + /usr/bin/chmod -Rf a+rX,u+w,g-w,o-w . + RPM_EC=0 ++ jobs -p + exit 0 Executing(%build): /bin/sh -e /var/tmp/rpm-tmp.ImXWYp + umask 022 + cd /builddir/build/BUILD + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-Wl,-z,relro -Clink-arg=-Wl,-z,now -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd pkcs11-provider-0.2 + autoreconf -fi libtoolize: putting auxiliary files in '.'. libtoolize: copying file './ltmain.sh' libtoolize: putting macros in AC_CONFIG_MACRO_DIRS, 'm4'. libtoolize: copying file 'm4/libtool.m4' libtoolize: copying file 'm4/ltoptions.m4' libtoolize: copying file 'm4/ltsugar.m4' libtoolize: copying file 'm4/ltversion.m4' libtoolize: copying file 'm4/lt~obsolete.m4' configure.ac:12: installing './compile' configure.ac:8: installing './missing' src/Makefile.am: installing './depcomp' + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-Wl,-z,relro -Clink-arg=-Wl,-z,now -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + '[' '-flto=auto -ffat-lto-objectsx' '!=' x ']' ++ find . -type f -name configure -print + for file in $(find . -type f -name configure -print) + /usr/bin/sed -r --in-place=.backup 's/^char \(\*f\) \(\) = /__attribute__ ((used)) char (*f) () = /g' ./configure + diff -u ./configure.backup ./configure + mv ./configure.backup ./configure + /usr/bin/sed -r --in-place=.backup 's/^char \(\*f\) \(\);/__attribute__ ((used)) char (*f) ();/g' ./configure + diff -u ./configure.backup ./configure + mv ./configure.backup ./configure + /usr/bin/sed -r --in-place=.backup 's/^char \$2 \(\);/__attribute__ ((used)) char \$2 ();/g' ./configure + diff -u ./configure.backup ./configure --- ./configure.backup 2023-12-21 02:41:08.588313241 +0800 +++ ./configure 2023-12-21 02:41:12.388302245 +0800 @@ -1768,7 +1768,7 @@ #ifdef __cplusplus extern "C" #endif -char $2 (); +__attribute__ ((used)) char $2 (); /* The GNU C library defines this for functions which it implements to always fail with ENOSYS. Some functions are actually named something starting with __ and the normal name is an alias. */ + /usr/bin/sed --in-place=.backup '1{$!N;$!N};$!N;s/int x = 1;\nint y = 0;\nint z;\nint nan;/volatile int x = 1; volatile int y = 0; volatile int z, nan;/;P;D' ./configure + diff -u ./configure.backup ./configure + mv ./configure.backup ./configure + /usr/bin/sed --in-place=.backup 's#^lt_cv_sys_global_symbol_to_cdecl=.*#lt_cv_sys_global_symbol_to_cdecl="sed -n -e '\''s/^T .* \\(.*\\)$/extern int \\1();/p'\'' -e '\''s/^$symcode* .* \\(.*\\)$/extern char \\1;/p'\''"#' ./configure + diff -u ./configure.backup ./configure --- ./configure.backup 2023-12-21 02:41:12.388302245 +0800 +++ ./configure 2023-12-21 02:41:12.458302042 +0800 @@ -7051,7 +7051,7 @@ # Transform an extracted symbol line into a proper C declaration. # Some systems (esp. on ia64) link data and code symbols differently, # so use this general approach. -lt_cv_sys_global_symbol_to_cdecl="$SED -n"\ +lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" $lt_cdecl_hook\ " -e 's/^T .* \(.*\)$/extern int \1();/p'"\ " -e 's/^$symcode$symcode* .* \(.*\)$/extern char \1;/p'" @@ -15312,7 +15312,7 @@ compiler='`$ECHO "$compiler" | $SED "$delay_single_quote_subst"`' GCC='`$ECHO "$GCC" | $SED "$delay_single_quote_subst"`' lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$delay_single_quote_subst"`' -lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`' +lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" lt_cv_sys_global_symbol_to_import='`$ECHO "$lt_cv_sys_global_symbol_to_import" | $SED "$delay_single_quote_subst"`' lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`' lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`' + '[' 1 = 1 ']' +++ dirname ./configure ++ find . -name config.guess -o -name config.sub + for i in $(find $(dirname ./configure) -name config.guess -o -name config.sub) ++ basename ./config.guess + '[' -f /usr/lib/rpm/redhat/config.guess ']' + /usr/bin/rm -f ./config.guess ++ basename ./config.guess + /usr/bin/cp -fv /usr/lib/rpm/redhat/config.guess ./config.guess '/usr/lib/rpm/redhat/config.guess' -> './config.guess' + for i in $(find $(dirname ./configure) -name config.guess -o -name config.sub) ++ basename ./config.sub + '[' -f /usr/lib/rpm/redhat/config.sub ']' + /usr/bin/rm -f ./config.sub ++ basename ./config.sub + /usr/bin/cp -fv /usr/lib/rpm/redhat/config.sub ./config.sub '/usr/lib/rpm/redhat/config.sub' -> './config.sub' + '[' 1 = 1 ']' + '[' x '!=' 'x-Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld' ']' ++ find . -name ltmain.sh + for i in $(find . -name ltmain.sh) + /usr/bin/sed -i.backup -e 's~compiler_flags=$~compiler_flags="-Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld"~' ./ltmain.sh ++ grep -q runstatedir=DIR ./configure ++ echo --runstatedir=/run + ./configure --build=riscv64-koji-linux-gnu --host=riscv64-koji-linux-gnu --program-prefix= --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --runstatedir=/run --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a race-free mkdir -p... /usr/bin/mkdir -p checking for gawk... gawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking for riscv64-koji-linux-gnu-gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether the compiler supports GNU C... yes checking whether gcc accepts -g... yes checking for gcc option to enable C11 features... none needed checking whether gcc understands -c and -o together... yes checking whether make supports the include directive... yes (GNU style) checking dependency style of gcc... none checking for riscv64-koji-linux-gnu-ar... no checking for riscv64-koji-linux-gnu-lib... no checking for riscv64-koji-linux-gnu-link... no checking for ar... ar checking the archiver (ar) interface... ar checking build system type... riscv64-koji-linux-gnu checking host system type... riscv64-koji-linux-gnu checking how to print strings... printf checking for a sed that does not truncate output... /usr/bin/sed checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for fgrep... /usr/bin/grep -F checking for ld used by gcc... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... yes checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B checking the name lister (/usr/bin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 1572864 checking how to convert riscv64-koji-linux-gnu file names to riscv64-koji-linux-gnu format... func_convert_file_noop checking how to convert riscv64-koji-linux-gnu file names to toolchain format... func_convert_file_noop checking for /usr/bin/ld option to reload object files... -r checking for riscv64-koji-linux-gnu-file... no checking for file... file checking for riscv64-koji-linux-gnu-objdump... no checking for objdump... objdump checking how to recognize dependent libraries... pass_all checking for riscv64-koji-linux-gnu-dlltool... no checking for dlltool... no checking how to associate runtime and link libraries... printf %s\n checking for riscv64-koji-linux-gnu-ar... ar checking for archiver @FILE support... @ checking for riscv64-koji-linux-gnu-strip... no checking for strip... strip checking for riscv64-koji-linux-gnu-ranlib... no checking for ranlib... ranlib checking command to parse /usr/bin/nm -B output from gcc object... ./configure: line 7057: -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^[ABCDGIRSTW][ABCDGIRSTW]* .* \(.*\)$/extern char \1;/p': No such file or directory ok checking for sysroot... no checking for a working dd... /usr/bin/dd checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1 checking for riscv64-koji-linux-gnu-mt... no checking for mt... no checking if : is a manifest tool... no checking for stdio.h... yes checking for stdlib.h... yes checking for string.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for strings.h... yes checking for sys/stat.h... yes checking for sys/types.h... yes checking for unistd.h... yes checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fPIC -DPIC checking if gcc PIC flag -fPIC -DPIC works... yes checking if gcc static flag -static works... no checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usr/bin/ld) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes checking for riscv64-koji-linux-gnu-pkg-config... no checking for pkg-config... /usr/bin/pkg-config checking pkg-config is at least version 0.9.0... yes checking whether C compiler accepts -std=c11... yes checking for valgrind... no checking whether C compiler accepts -fno-strict-aliasing... yes checking whether C compiler accepts -Werror -fno-delete-null-pointer-checks... yes checking whether C compiler accepts -fdiagnostics-show-option... yes checking for libcrypto >= 3.0.7... yes checking for libcrypto >= 3.0.7, libssl... yes checking for --with-address-sanitizer... no checking for /usr/lib64/libsoftokn3.so... yes checking for string.h... (cached) yes checking for dlfcn.h... (cached) yes checking for _Bool... yes checking for stdbool.h that conforms to C99... yes checking whether byte ordering is bigendian... no checking for inline... inline checking for size_t... yes checking for strpbrk... yes checking that generated files are newer than configure... done configure: creating ./config.status config.status: creating Makefile config.status: creating docs/Makefile config.status: creating src/Makefile config.status: creating tests/Makefile config.status: creating src/config.h config.status: executing depfiles commands config.status: executing libtool commands + /usr/bin/make -O -j64 V=1 VERBOSE=1 Making all in src /usr/bin/make all-am make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-tls.lo `test -f 'tls.c' || echo './'`tls.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c tls.c -fPIC -DPIC -o .libs/pkcs11_la-tls.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c tls.c -o pkcs11_la-tls.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-random.lo `test -f 'random.c' || echo './'`random.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c random.c -fPIC -DPIC -o .libs/pkcs11_la-random.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c random.c -o pkcs11_la-random.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-debug.lo `test -f 'debug.c' || echo './'`debug.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c debug.c -fPIC -DPIC -o .libs/pkcs11_la-debug.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c debug.c -o pkcs11_la-debug.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-kdf.lo `test -f 'kdf.c' || echo './'`kdf.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c kdf.c -fPIC -DPIC -o .libs/pkcs11_la-kdf.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c kdf.c -o pkcs11_la-kdf.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-exchange.lo `test -f 'exchange.c' || echo './'`exchange.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c exchange.c -fPIC -DPIC -o .libs/pkcs11_la-exchange.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c exchange.c -o pkcs11_la-exchange.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-asymmetric_cipher.lo `test -f 'asymmetric_cipher.c' || echo './'`asymmetric_cipher.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c asymmetric_cipher.c -fPIC -DPIC -o .libs/pkcs11_la-asymmetric_cipher.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c asymmetric_cipher.c -o pkcs11_la-asymmetric_cipher.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-digests.lo `test -f 'digests.c' || echo './'`digests.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c digests.c -fPIC -DPIC -o .libs/pkcs11_la-digests.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c digests.c -o pkcs11_la-digests.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-slot.lo `test -f 'slot.c' || echo './'`slot.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c slot.c -fPIC -DPIC -o .libs/pkcs11_la-slot.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c slot.c -o pkcs11_la-slot.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-store.lo `test -f 'store.c' || echo './'`store.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c store.c -fPIC -DPIC -o .libs/pkcs11_la-store.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c store.c -o pkcs11_la-store.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-encoder.lo `test -f 'encoder.c' || echo './'`encoder.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c encoder.c -fPIC -DPIC -o .libs/pkcs11_la-encoder.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c encoder.c -o pkcs11_la-encoder.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-session.lo `test -f 'session.c' || echo './'`session.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c session.c -fPIC -DPIC -o .libs/pkcs11_la-session.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c session.c -o pkcs11_la-session.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-keymgmt.lo `test -f 'keymgmt.c' || echo './'`keymgmt.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c keymgmt.c -fPIC -DPIC -o .libs/pkcs11_la-keymgmt.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c keymgmt.c -o pkcs11_la-keymgmt.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-util.lo `test -f 'util.c' || echo './'`util.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c util.c -fPIC -DPIC -o .libs/pkcs11_la-util.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c util.c -o pkcs11_la-util.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-interface.lo `test -f 'interface.c' || echo './'`interface.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c interface.c -fPIC -DPIC -o .libs/pkcs11_la-interface.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c interface.c -o pkcs11_la-interface.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-objects.lo `test -f 'objects.c' || echo './'`objects.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c objects.c -fPIC -DPIC -o .libs/pkcs11_la-objects.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c objects.c -o pkcs11_la-objects.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-signature.lo `test -f 'signature.c' || echo './'`signature.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c signature.c -fPIC -DPIC -o .libs/pkcs11_la-signature.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c signature.c -o pkcs11_la-signature.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pkcs11_la-provider.lo `test -f 'provider.c' || echo './'`provider.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c provider.c -fPIC -DPIC -o .libs/pkcs11_la-provider.o libtool: compile: gcc -DHAVE_CONFIG_H -I. -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c provider.c -o pkcs11_la-provider.o >/dev/null 2>&1 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Wall -Werror -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -module -shared -shrext .so -avoid-version -export-symbols "./provider.exports" -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o pkcs11.la -rpath /usr/lib64/ossl-modules pkcs11_la-asymmetric_cipher.lo pkcs11_la-debug.lo pkcs11_la-encoder.lo pkcs11_la-digests.lo pkcs11_la-exchange.lo pkcs11_la-kdf.lo pkcs11_la-keymgmt.lo pkcs11_la-interface.lo pkcs11_la-objects.lo pkcs11_la-provider.lo pkcs11_la-random.lo pkcs11_la-session.lo pkcs11_la-signature.lo pkcs11_la-slot.lo pkcs11_la-store.lo pkcs11_la-tls.lo pkcs11_la-util.lo -lcrypto libtool: link: echo "{ global:" > .libs/pkcs11.ver libtool: link: cat ./provider.exports | /usr/bin/sed -e "s/\(.*\)/\1;/" >> .libs/pkcs11.ver libtool: link: echo "local: *; };" >> .libs/pkcs11.ver libtool: link: gcc -shared -fPIC -DPIC .libs/pkcs11_la-asymmetric_cipher.o .libs/pkcs11_la-debug.o .libs/pkcs11_la-encoder.o .libs/pkcs11_la-digests.o .libs/pkcs11_la-exchange.o .libs/pkcs11_la-kdf.o .libs/pkcs11_la-keymgmt.o .libs/pkcs11_la-interface.o .libs/pkcs11_la-objects.o .libs/pkcs11_la-provider.o .libs/pkcs11_la-random.o .libs/pkcs11_la-session.o .libs/pkcs11_la-signature.o .libs/pkcs11_la-slot.o .libs/pkcs11_la-store.o .libs/pkcs11_la-tls.o .libs/pkcs11_la-util.o -lcrypto -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -O2 -flto=auto -g -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -Wl,-soname -Wl,pkcs11.so -Wl,-version-script -Wl,.libs/pkcs11.ver -o .libs/pkcs11.so libtool: link: ( cd ".libs" && rm -f "pkcs11.la" && ln -s "../pkcs11.la" "pkcs11.la" ) make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' Making all in tests make[1]: Nothing to be done for 'all'. Making all in docs make[1]: Nothing to be done for 'all'. make[1]: Nothing to be done for 'all-am'. + RPM_EC=0 ++ jobs -p + exit 0 Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.0D9nEf + umask 022 + cd /builddir/build/BUILD + '[' /builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64 '!=' / ']' + rm -rf /builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64 ++ dirname /builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64 + mkdir -p /builddir/build/BUILDROOT + mkdir /builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64 + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-Wl,-z,relro -Clink-arg=-Wl,-z,now -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd pkcs11-provider-0.2 + /usr/bin/make install DESTDIR=/builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64 'INSTALL=/usr/bin/install -p' Making install in src make[1]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[2]: Nothing to be done for 'install-exec-am'. /usr/bin/mkdir -p '/builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/lib64/ossl-modules' /bin/sh ../libtool --mode=install /usr/bin/install -p pkcs11.la '/builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/lib64/ossl-modules' libtool: install: /usr/bin/install -p .libs/pkcs11.so /builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/lib64/ossl-modules/pkcs11.so libtool: install: /usr/bin/install -p .libs/pkcs11.lai /builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/lib64/ossl-modules/pkcs11.la libtool: warning: remember to run 'libtool --finish /usr/lib64/ossl-modules' make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[1]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' Making install in tests make[1]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make[2]: Nothing to be done for 'install-data-am'. make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make[1]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' Making install in docs make[1]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/docs' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/docs' make[2]: Nothing to be done for 'install-exec-am'. /usr/bin/mkdir -p '/builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/share/man/man7' /usr/bin/install -p -m 644 provider-pkcs11.7 '/builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/share/man/man7' make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/docs' make[1]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/docs' make[1]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2' make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2' make[2]: Nothing to be done for 'install-exec-am'. /usr/bin/mkdir -p '/builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/share/doc/pkcs11-provider' /usr/bin/install -p -m 644 README.md '/builddir/build/BUILDROOT/pkcs11-provider-0.2-2.fc39.riscv64/usr/share/doc/pkcs11-provider' make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2' make[1]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2' + /usr/bin/find-debuginfo -j64 --strict-build-id -m -i --build-id-seed 0.2-2.fc39 --unique-debug-suffix -0.2-2.fc39.riscv64 --unique-debug-src-base pkcs11-provider-0.2-2.fc39.riscv64 --run-dwz --dwz-low-mem-die-limit 10000000 --dwz-max-die-limit 50000000 -S debugsourcefiles.list /builddir/build/BUILD/pkcs11-provider-0.2 find-debuginfo: starting Extracting debug info from 1 files DWARF-compressing 1 files sepdebugcrcfix: Updated 1 CRC32s, 0 CRC32s did match. Creating .debug symlinks for symlinks to ELF files Copying sources found by 'debugedit -l' to /usr/src/debug/pkcs11-provider-0.2-2.fc39.riscv64 1273 blocks find-debuginfo: done + /usr/lib/rpm/check-buildroot + /usr/lib/rpm/redhat/brp-ldconfig + /usr/lib/rpm/brp-compress + /usr/lib/rpm/redhat/brp-strip-lto /usr/bin/strip + /usr/lib/rpm/brp-strip-static-archive /usr/bin/strip + /usr/lib/rpm/check-rpaths + /usr/lib/rpm/redhat/brp-mangle-shebangs *** WARNING: ./usr/lib64/ossl-modules/pkcs11.la is executable but has no shebang, removing executable bit + /usr/lib/rpm/brp-remove-la-files + env /usr/lib/rpm/redhat/brp-python-bytecompile '' 1 0 -j64 + /usr/lib/rpm/redhat/brp-python-hardlink Executing(%check): /bin/sh -e /var/tmp/rpm-tmp.EfTkb5 + umask 022 + cd /builddir/build/BUILD + CFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CFLAGS + CXXFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer ' + export CXXFLAGS + FFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FFLAGS + FCFLAGS='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -I/usr/lib64/gfortran/modules ' + export FCFLAGS + VALAFLAGS=-g + export VALAFLAGS + RUSTFLAGS='-Copt-level=3 -Cdebuginfo=2 -Ccodegen-units=1 -Cstrip=none -Cforce-frame-pointers=yes -Clink-arg=-Wl,-z,relro -Clink-arg=-Wl,-z,now -Clink-arg=-specs=/usr/lib/rpm/redhat/redhat-package-notes --cap-lints=warn' + export RUSTFLAGS + LDFLAGS='-Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes ' + export LDFLAGS + LT_SYS_LIBRARY_PATH=/usr/lib64: + export LT_SYS_LIBRARY_PATH + CC=gcc + export CC + CXX=g++ + export CXX + cd pkcs11-provider-0.2 + make check Making check in src make[1]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' make[1]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/src' Making check in tests make[1]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make tsession tgenkey tlsctx tdigests treadkeys tfork pincache \ helpers.sh setup-softhsm.sh setup-softokn.sh softhsm-proxy.sh test-wrapper tbasic tcerts tecc tecdh tedwards tdemoca thkdf toaepsha2 trsapss tdigest ttls tpubkey tfork turi trand make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' gcc -DHAVE_CONFIG_H -I. -I../src -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o tsession-tsession.o `test -f 'tsession.c' || echo './'`tsession.c /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tsession tsession-tsession.o -lssl -lcrypto libtool: link: gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tsession tsession-tsession.o -lssl -lcrypto gcc -DHAVE_CONFIG_H -I. -I../src -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o tgenkey-tgenkey.o `test -f 'tgenkey.c' || echo './'`tgenkey.c /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tgenkey tgenkey-tgenkey.o -lssl -lcrypto libtool: link: gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tgenkey tgenkey-tgenkey.o -lssl -lcrypto gcc -DHAVE_CONFIG_H -I. -I../src -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o tlsctx-tlsctx.o `test -f 'tlsctx.c' || echo './'`tlsctx.c /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tlsctx tlsctx-tlsctx.o -lssl -lcrypto libtool: link: gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tlsctx tlsctx-tlsctx.o -lssl -lcrypto gcc -DHAVE_CONFIG_H -I. -I../src -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o tdigests-tdigests.o `test -f 'tdigests.c' || echo './'`tdigests.c /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tdigests tdigests-tdigests.o -lssl -lcrypto libtool: link: gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tdigests tdigests-tdigests.o -lssl -lcrypto gcc -DHAVE_CONFIG_H -I. -I../src -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o treadkeys-treadkeys.o `test -f 'treadkeys.c' || echo './'`treadkeys.c /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o treadkeys treadkeys-treadkeys.o -lssl -lcrypto libtool: link: gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o treadkeys treadkeys-treadkeys.o -lssl -lcrypto gcc -DHAVE_CONFIG_H -I. -I../src -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o tfork-tfork.o `test -f 'tfork.c' || echo './'`tfork.c /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tfork tfork-tfork.o -lssl -lcrypto libtool: link: gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o tfork tfork-tfork.o -lssl -lcrypto gcc -DHAVE_CONFIG_H -I. -I../src -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -c -o pincache-pincache.o `test -f 'pincache.c' || echo './'`pincache.c /bin/sh ../libtool --tag=CC --mode=link gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z,relro -Wl,--as-needed -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o pincache pincache-pincache.o -lssl -lcrypto libtool: link: gcc -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Wno-unused-parameter -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -fasynchronous-unwind-tables -fstack-clash-protection -fno-omit-frame-pointer -std=c11 -Wl,-z -Wl,relro -Wl,--as-needed -Wl,-z -Wl,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -Wl,--build-id=sha1 -specs=/usr/lib/rpm/redhat/redhat-package-notes -o pincache pincache-pincache.o -lssl -lcrypto make[2]: Nothing to be done for 'helpers.sh'. make[2]: Nothing to be done for 'setup-softhsm.sh'. make[2]: Nothing to be done for 'setup-softokn.sh'. make[2]: Nothing to be done for 'softhsm-proxy.sh'. make[2]: Nothing to be done for 'test-wrapper'. make[2]: Nothing to be done for 'tbasic'. make[2]: Nothing to be done for 'tcerts'. make[2]: Nothing to be done for 'tecc'. make[2]: Nothing to be done for 'tecdh'. make[2]: Nothing to be done for 'tedwards'. make[2]: Nothing to be done for 'tdemoca'. make[2]: Nothing to be done for 'thkdf'. make[2]: Nothing to be done for 'toaepsha2'. make[2]: Nothing to be done for 'trsapss'. make[2]: Nothing to be done for 'tdigest'. make[2]: Nothing to be done for 'ttls'. make[2]: Nothing to be done for 'tpubkey'. make[2]: 'tfork' is up to date. make[2]: Nothing to be done for 'turi'. make[2]: Nothing to be done for 'trand'. make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make check-TESTS make[2]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make[3]: Entering directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' LIBSPATH=/builddir/build/BUILD/pkcs11-provider-0.2/src/.libs \ TESTSSRCDIR=/builddir/build/BUILD/pkcs11-provider-0.2/tests \ TESTBLDDIR=/builddir/build/BUILD/pkcs11-provider-0.2/tests \ SHARED_EXT=.so \ SOFTOKNPATH="/usr/lib64/" \ /builddir/build/BUILD/pkcs11-provider-0.2/tests/setup-softokn.sh > setup-softokn.log 2>&1 LIBSPATH=/builddir/build/BUILD/pkcs11-provider-0.2/src/.libs \ TESTSSRCDIR=/builddir/build/BUILD/pkcs11-provider-0.2/tests \ TESTBLDDIR=/builddir/build/BUILD/pkcs11-provider-0.2/tests \ SHARED_EXT=.so \ P11KITCLIENTPATH="/usr/lib64/pkcs11/p11-kit-client.so" \ /builddir/build/BUILD/pkcs11-provider-0.2/tests/setup-softhsm.sh > setup-softhsm.log 2>&1 FAIL: basic-softokn.t FAIL: basic-softhsm.t PASS: pubkey-softokn.t PASS: pubkey-softhsm.t PASS: certs-softokn.t PASS: certs-softhsm.t PASS: ecc-softokn.t PASS: ecc-softhsm.t PASS: edwards-softhsm.t PASS: ecdh-softokn.t PASS: democa-softokn.t PASS: democa-softhsm.t PASS: digest-softokn.t PASS: digest-softhsm.t PASS: fork-softokn.t PASS: fork-softhsm.t PASS: oaepsha2-softokn.t PASS: hkdf-softokn.t PASS: rsapss-softokn.t PASS: genkey-softokn.t PASS: genkey-softhsm.t PASS: session-softokn.t PASS: session-softhsm.t PASS: rand-softokn.t PASS: rand-softhsm.t PASS: readkeys-softokn.t PASS: readkeys-softhsm.t PASS: tls-softokn.t PASS: tls-softhsm.t PASS: uri-softokn.t PASS: uri-softhsm.t ============================================================================ Testsuite summary for pkcs11-provider 0.2 ============================================================================ # TOTAL: 31 # PASS: 29 # SKIP: 0 # XFAIL: 0 # FAIL: 2 # XPASS: 0 # ERROR: 0 ============================================================================ See tests/test-suite.log Please report to simo@redhat.com ============================================================================ make[3]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make[3]: *** [Makefile:1004: test-suite.log] Error 1 make[2]: *** [Makefile:1112: check-TESTS] Error 2 make[2]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make[1]: *** [Makefile:1178: check-am] Error 2 make[1]: Leaving directory '/builddir/build/BUILD/pkcs11-provider-0.2/tests' make: *** [Makefile:476: check-recursive] Error 1 + '[' 2 -ne 0 ']' + cat tests/basic-softhsm.log tests/basic-softokn.log tests/certs-softhsm.log tests/certs-softokn.log tests/democa-softhsm.log tests/democa-softokn.log tests/digest-softhsm.log tests/digest-softokn.log tests/ecc-softhsm.log tests/ecc-softokn.log tests/ecdh-softokn.log tests/edwards-softhsm.log tests/fork-softhsm.log tests/fork-softokn.log tests/genkey-softhsm.log tests/genkey-softokn.log tests/hkdf-softokn.log tests/oaepsha2-softokn.log tests/pubkey-softhsm.log tests/pubkey-softokn.log tests/rand-softhsm.log tests/rand-softokn.log tests/readkeys-softhsm.log tests/readkeys-softokn.log tests/rsapss-softokn.log tests/session-softhsm.log tests/session-softokn.log tests/setup-softhsm.log tests/setup-softokn.log tests/test-suite.log tests/tls-softhsm.log tests/tls-softokn.log tests/uri-softhsm.log tests/uri-softokn.log Executing ./tbasic ## Raw Sign check error openssl pkeyutl -sign -inkey "${BASEURI}" -pkeyopt pad-mode:none -in ${TMPPDIR}/64Brandom.bin -out ${TMPPDIR}/raw-sig.bin Public Key operation error 20B4BBAD3F000000:error:0200007A:rsa routines:p11prov_sig_operate:data too small for key size:signature.c:874: ## Sign and Verify with provided Hash and RSA openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## Sign and Verify with provided Hash and RSA with DigestInfo struct openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -pkeyopt digest:sha256 -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pkeyopt digest:sha256 -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## DigestSign and DigestVerify with RSA openssl pkeyutl -sign -inkey "${BASEURI}" -digest sha256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-dgstsig.bin openssl pkeyutl -verify -inkey "${BASEURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully RSA basic encrypt and decrypt openssl pkeyutl -encrypt -inkey "${PUBURI}" -pubin -in ${SECRETFILE} -out ${SECRETFILE}.enc openssl pkeyutl -decrypt -inkey "${PRIURI}" -in ${SECRETFILE}.enc -out ${SECRETFILE}.dec ## Test Disallow Public Export openssl pkey -in $PUBURI -pubin -pubout -text ## Test CSR generation from RSA private keys openssl req -new -batch -key "${PRIURI}" -out ${TMPPDIR}/rsa_csr.pem openssl req -in ${TMPPDIR}/rsa_csr.pem -verify -noout Certificate request self-signature verify OK ## Test fetching public keys without PIN in config files openssl pkey -in $PUBURI -pubin -pubout -out ${TMPPDIR}/rsa.pub.nopin.pem openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/ec.pub.nopin.pem ## Test fetching public keys with a PIN in URI openssl pkey -in $BASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/rsa.pub.uripin.pem openssl pkey -in $ECBASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/ec.pub.uripin.pem ## Test prompting without PIN in config files Failed to get expected command output Original command output: Enter pass phrase for PKCS#11 Token (Slot 53804816 - SoftHSM slot ID 0x334ff10): PKCS11 RSA Private Key (2048 bits) [Can't export and print private key data] URI pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%01;object=testCert;type=private FAIL basic-softhsm.t (exit status: 1) Executing ./tbasic ## Raw Sign check error openssl pkeyutl -sign -inkey "${BASEURI}" -pkeyopt pad-mode:none -in ${TMPPDIR}/64Brandom.bin -out ${TMPPDIR}/raw-sig.bin Public Key operation error 203438853F000000:error:0200007A:rsa routines:p11prov_sig_operate:data too small for key size:signature.c:874: ## Sign and Verify with provided Hash and RSA openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## Sign and Verify with provided Hash and RSA with DigestInfo struct openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -pkeyopt digest:sha256 -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pkeyopt digest:sha256 -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## DigestSign and DigestVerify with RSA openssl pkeyutl -sign -inkey "${BASEURI}" -digest sha256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-dgstsig.bin openssl pkeyutl -verify -inkey "${BASEURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully RSA basic encrypt and decrypt openssl pkeyutl -encrypt -inkey "${PUBURI}" -pubin -in ${SECRETFILE} -out ${SECRETFILE}.enc openssl pkeyutl -decrypt -inkey "${PRIURI}" -in ${SECRETFILE}.enc -out ${SECRETFILE}.dec ## Test Disallow Public Export openssl pkey -in $PUBURI -pubin -pubout -text ## Test CSR generation from RSA private keys openssl req -new -batch -key "${PRIURI}" -out ${TMPPDIR}/rsa_csr.pem openssl req -in ${TMPPDIR}/rsa_csr.pem -verify -noout Certificate request self-signature verify OK ## Test fetching public keys without PIN in config files openssl pkey -in $PUBURI -pubin -pubout -out ${TMPPDIR}/rsa.pub.nopin.pem openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/ec.pub.nopin.pem ## Test fetching public keys with a PIN in URI openssl pkey -in $BASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/rsa.pub.uripin.pem openssl pkey -in $ECBASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/ec.pub.uripin.pem ## Test prompting without PIN in config files Failed to get expected command output Original command output: Enter pass phrase for PKCS#11 Token (Slot 1 - NSS Internal Cryptographic Services): PKCS11 RSA Private Key (2048 bits) [Can't export and print private key data] URI pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%E0%E0%4A%9A%B9%3D%4D%D4%E9%81%01%95%81%2E%39%80%9F%D6%A8%11;type=private FAIL basic-softokn.t (exit status: 1) Executing ./tcerts ## Check we can fetch certifiatce objects openssl x509 -in ${CRTURI} -subject -out ${TMPPDIR}/crt-subj.txt openssl x509 -in ${ECCRTURI} -subject -out ${TMPPDIR}/eccrt-subj.txt ## Use storeutl command to match specific certs via params openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate PASS certs-softhsm.t (exit status: 0) Executing ./tcerts ## Check we can fetch certifiatce objects openssl x509 -in ${CRTURI} -subject -out ${TMPPDIR}/crt-subj.txt openssl x509 -in ${ECCRTURI} -subject -out ${TMPPDIR}/eccrt-subj.txt ## Use storeutl command to match specific certs via params openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate openssl storeutl -certs -subject "${subj}" -out ${TMPPDIR}/storeutl-crt-subj.txt pkcs11:type=cert 0: Certificate PASS certs-softokn.t (exit status: 0) Executing ./tdemoca ## Set up demoCA ## Generating CA cert if needed openssl req -batch -noenc -x509 -new -key ${PRIURI} -out ${DEMOCA}/cacert.pem ## Generating a new CSR openssl req -batch -noenc -newkey rsa:2048 -subj "/CN=testing-csr-signing/O=PKCS11 Provider/C=US" -keyout ${DEMOCA}/cert.key -out ${DEMOCA}/cert.csr ...+.+.....+.............+..+++++++++++++++++++++++++++++++++++++++*..+...+..+...+......+.......+..+++++++++++++++++++++++++++++++++++++++*..+.+.....+.+........+.+......+...+...+...............+..+.+..+...+.........+......+.+.....+.........................+...+......+..+...............+....+...+...+...+......+......+..+...+.......+........+...............+...+....+......+......+.....................+..............+.+...+...........+...+............+.+.........+...+........+...+.........+...+.........+.............+...+..+..........+...+..+......+.......+........+....+..+.+.....+.......+..+...............+...+.+......+.....+....+.........+...+..................+...........+.+........+.......+..+..........+...+...+..............+............+..........+...+......+.....+................+.....+.........+.+.....+...+..........+...+........+.........+...+.......+........+....+......+..+......+.......+........+.........+...+....+...+............+.....+....+..+.........+.+..+.+.................+....+.........+......+.........+.....+.+.....+....+.................+...+....+..++++++ ...+....+..+...+.........................+........+.......+.....+......+.+..............+++++++++++++++++++++++++++++++++++++++*.+.........+..+...+.+...+..+...............+...+++++++++++++++++++++++++++++++++++++++*..+.............+...............+..+.......+.....++++++ ----- ## Signing the new certificate openssl ca -batch -in ${DEMOCA}/cert.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem Using configuration from /builddir/build/BUILD/pkcs11-provider-0.2/tests/tmp.softhsm/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'testing-csr-signing' organizationName :ASN.1 12:'PKCS11 Provider' countryName :PRINTABLE:'US' Certificate is to be certified until Dec 19 18:42:29 2024 GMT (365 days) 20E43BB63F000000:error:40800054:pkcs11:p11prov_GetOperationState:reason(84):interface.gen.c:279:Error returned by C_GetOperationState Write out database with 1 new entries Database updated ## Set up OCSP openssl req -batch -noenc -new -subj "/CN=OCSP/O=PKCS11 Provider/C=US" -key ${PRIURI} -out ${DEMOCA}/ocspSigning.csr openssl ca -batch -keyfile ${PRIURI} -cert ${DEMOCA}/cacert.pem -in ${DEMOCA}/ocspSigning.csr -out ${DEMOCA}/ocspSigning.pem Using configuration from /builddir/build/BUILD/pkcs11-provider-0.2/tests/tmp.softhsm/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'OCSP' organizationName :ASN.1 12:'PKCS11 Provider' countryName :PRINTABLE:'US' Certificate is to be certified until Dec 19 18:42:29 2024 GMT (365 days) 20A4388A3F000000:error:40800054:pkcs11:p11prov_GetOperationState:reason(84):interface.gen.c:279:Error returned by C_GetOperationState Write out database with 1 new entries Database updated ## Run OCSP ACCEPT 0.0.0.0:12345 PID=2484328 ocsp: waiting for OCSP client connections... openssl ocsp -CAfile ${DEMOCA}/cacert.pem -issuer ${DEMOCA}/cacert.pem -cert ${DEMOCA}/cert.pem -resp_text -noverify -url http://127.0.0.1:${PORT} ocsp: Received request, 1st line: POST / HTTP/1.0 OCSP Request Data: Version: 1 (0x0) Requestor List: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 810C6D581B88B8245F66B67E49B738D99BD5F7BB Issuer Key Hash: 9F8F46BD76231209F1F834122F116ACA2AEE8604 Serial Number: 01 Request Extensions: OCSP Nonce: 0410762A53BE3E8BE4CB0BD5173294494949 OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C = US, O = PKCS11 Provider, CN = OCSP Produced At: Dec 20 18:42:30 2023 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 810C6D581B88B8245F66B67E49B738D99BD5F7BB Issuer Key Hash: 9F8F46BD76231209F1F834122F116ACA2AEE8604 Serial Number: 01 Cert Status: good This Update: Dec 20 18:42:30 2023 GMT Response Extensions: OCSP Nonce: 0410762A53BE3E8BE4CB0BD5173294494949 Signature Algorithm: sha1WithRSAEncryption Signature Value: 18:0a:57:a4:43:41:9e:90:df:26:12:37:e1:81:25:b0:81:6d: bf:f0:b5:0e:f3:a6:7f:38:9f:27:19:0e:a9:2f:85:71:da:01: b4:01:79:f1:5a:98:b8:21:52:5a:e7:df:e9:0c:20:d2:0e:08: 08:52:ff:fe:09:5e:67:ae:46:b5:a2:a9:aa:0e:18:0a:4d:6d: 71:e5:8c:ef:cc:f4:bd:1f:29:8a:1a:b5:2b:39:e2:a4:da:7f: fe:17:9c:4d:3c:db:5c:5d:3d:56:e7:ee:08:8b:9b:fd:ea:7b: d7:a8:06:83:e2:8f:64:85:a4:cc:aa:71:f4:03:bf:53:41:e2: d2:d3:03:8d:01:06:71:89:04:da:98:6b:8e:b1:7f:a0:96:c8: e1:fc:e1:c1:46:4e:ab:86:15:f3:51:0a:06:df:a1:43:57:b0: ce:43:bb:dc:92:66:a3:54:35:8d:03:a5:21:f7:16:c7:44:77: 31:bc:c5:a4:e0:49:2b:58:ef:e3:8c:85:de:61:b7:9d:64:3e: 99:70:73:53:cc:13:ca:e8:1e:9b:64:bf:c1:16:24:f7:a8:0c: ec:8d:2b:0e:cb:fe:00:17:90:fc:c6:c8:51:b5:20:d2:a9:ac: cf:fb:01:36:51:62:86:5e:46:53:06:db:fc:57:93:54:94:a6: f6:ea:25:7b Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=New York, L=New York, O=PKCS11 Provider, OU=Testing Harness Validity Not Before: Dec 20 18:42:29 2023 GMT Not After : Dec 19 18:42:29 2024 GMT Subject: C=US, O=PKCS11 Provider, CN=OCSP Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:cd:4f:22:a3:0a:4e:69:af:6f:5d:81:db:2e:dc: 68:6f:9a:ca:6f:59:ae:43:1f:75:ce:b3:5e:6c:f1: 42:4c:41:70:ec:2b:73:9f:c5:24:dc:c6:a9:77:90: 58:80:bc:5b:c6:10:f7:23:43:d8:6c:95:30:5d:a1: 57:09:3c:05:23:d4:29:b7:b0:66:f8:c3:d4:95:64: b9:14:73:fb:57:64:64:cf:1a:fb:86:71:d2:c7:72: c3:47:b9:fa:de:b2:63:56:11:a5:40:d5:00:f0:d7: 88:13:fc:53:b2:0e:54:1e:10:99:97:df:2f:a0:38: 19:14:32:f9:6b:24:c3:48:4c:f7:39:e1:54:a6:65: f4:f2:9c:29:9a:5b:e6:5f:c9:86:a2:c1:04:e2:16: 70:90:64:31:db:87:2d:d1:f9:0c:83:c2:33:2a:8f: 9d:ae:5f:76:12:c4:8a:c8:3f:b9:46:f5:c1:f8:5d: e5:ea:40:e1:a1:65:57:13:cb:be:33:12:ea:3f:b8: 4f:be:b2:05:c4:3d:d1:dd:77:a5:01:0f:6d:1b:5d: d6:81:e6:6a:b5:94:66:7b:4d:e2:56:d6:7c:f3:a4: 43:32:18:0c:6c:d4:73:9e:95:e2:bc:42:20:91:37: 10:1d:1f:88:ef:8c:07:57:d0:1b:9f:12:ba:22:b5: 64:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: 9F:8F:46:BD:76:23:12:09:F1:F8:34:12:2F:11:6A:CA:2A:EE:86:04 X509v3 Authority Key Identifier: 9F:8F:46:BD:76:23:12:09:F1:F8:34:12:2F:11:6A:CA:2A:EE:86:04 S ## Kill any remaining children and wait for them kill: sending signal to 2484328 failed: No such process /builddir/build/BUILD/pkcs11-provider-0.2/tests/helpers.sh: line 66: 2484328 Killed $CHECKER openssl ocsp -index "${DEMOCA}/index.txt" -rsigner "${DEMOCA}/ocspSigning.pem" -rkey "${PRIURI}" -CA "${DEMOCA}/cacert.pem" -rmd sha1 -port "${PORT}" -text PASS democa-softhsm.t (exit status: 0) Executing ./tdemoca ## Set up demoCA ## Generating CA cert if needed openssl req -batch -noenc -x509 -new -key ${PRIURI} -out ${DEMOCA}/cacert.pem ## Generating a new CSR openssl req -batch -noenc -newkey rsa:2048 -subj "/CN=testing-csr-signing/O=PKCS11 Provider/C=US" -keyout ${DEMOCA}/cert.key -out ${DEMOCA}/cert.csr ...+........+......+......+.+.....+.........+.+.....+...+.+.........+.....+..........+...........+...+...+...+.........+.......+.....+.+.................+...+...+....+++++++++++++++++++++++++++++++++++++++*.+.......+......+..+...+...+......+.+.....+....+...........+.........+....+.........+..+....+.....+....+...+++++++++++++++++++++++++++++++++++++++*.+.+.....+.......+.........+......+..+.+...........+..........+...+...........+......+....+..+...+.........+...+.......+......+..+.......+...+.....+.............+......+.....+.+..+...+..........+..+......+.......+..............+.+..+.+..+.......+..++++++ ......+.....+++++++++++++++++++++++++++++++++++++++*...+.....+...+.......+...+..+.............+............+........+...+....+......+.....+....+..+++++++++++++++++++++++++++++++++++++++*........+.+............+...+.....+....+.....+....+...............+...........+...+.......+...+...+.....+..........+..+......+..........+.........+...............+..+.+.....+.......+...+..+.+...........+....+.........+.....+...+............+.......+......+...+......+.....+.........+.+.........+.....+....+........+....+.........+..+...+....+.....+.++++++ ----- ## Signing the new certificate openssl ca -batch -in ${DEMOCA}/cert.csr -keyfile ${PRIURI} -out ${DEMOCA}/cert.pem Using configuration from /builddir/build/BUILD/pkcs11-provider-0.2/tests/tmp.softokn/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'testing-csr-signing' organizationName :ASN.1 12:'PKCS11 Provider' countryName :PRINTABLE:'US' Certificate is to be certified until Dec 19 18:42:25 2024 GMT (365 days) 20F48B873F000000:error:40800091:pkcs11:p11prov_GetOperationState:There is no active operation of appropriate type in the specified session:interface.gen.c:279:Error returned by C_GetOperationState Write out database with 1 new entries Database updated ## Set up OCSP openssl req -batch -noenc -new -subj "/CN=OCSP/O=PKCS11 Provider/C=US" -key ${PRIURI} -out ${DEMOCA}/ocspSigning.csr openssl ca -batch -keyfile ${PRIURI} -cert ${DEMOCA}/cacert.pem -in ${DEMOCA}/ocspSigning.csr -out ${DEMOCA}/ocspSigning.pem Using configuration from /builddir/build/BUILD/pkcs11-provider-0.2/tests/tmp.softokn/openssl.cnf Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'OCSP' organizationName :ASN.1 12:'PKCS11 Provider' countryName :PRINTABLE:'US' Certificate is to be certified until Dec 19 18:42:26 2024 GMT (365 days) 2024EC9B3F000000:error:40800091:pkcs11:p11prov_GetOperationState:There is no active operation of appropriate type in the specified session:interface.gen.c:279:Error returned by C_GetOperationState Write out database with 1 new entries Database updated ## Run OCSP ACCEPT 0.0.0.0:12345 PID=2484293 ocsp: waiting for OCSP client connections... openssl ocsp -CAfile ${DEMOCA}/cacert.pem -issuer ${DEMOCA}/cacert.pem -cert ${DEMOCA}/cert.pem -resp_text -noverify -url http://127.0.0.1:${PORT} ocsp: Received request, 1st line: POST / HTTP/1.0 OCSP Request Data: Version: 1 (0x0) Requestor List: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 810C6D581B88B8245F66B67E49B738D99BD5F7BB Issuer Key Hash: 7D9606CE2B5195FBA08FD0CF74E0C4A0F6ECE97E Serial Number: 01 Request Extensions: OCSP Nonce: 041077C101C97A3F59722129B298EF6315A4 OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C = US, O = PKCS11 Provider, CN = OCSP Produced At: Dec 20 18:42:28 2023 GMT Responses: Certificate ID: Hash Algorithm: sha1 Issuer Name Hash: 810C6D581B88B8245F66B67E49B738D99BD5F7BB Issuer Key Hash: 7D9606CE2B5195FBA08FD0CF74E0C4A0F6ECE97E Serial Number: 01 Cert Status: good This Update: Dec 20 18:42:28 2023 GMT Response Extensions: OCSP Nonce: 041077C101C97A3F59722129B298EF6315A4 Signature Algorithm: sha1WithRSAEncryption Signature Value: 5b:42:9f:9e:22:53:83:6a:4e:cf:15:e2:fb:8c:fe:c9:86:03: 8b:93:e9:c0:f2:84:31:db:4a:3d:da:1b:c3:bc:6f:28:83:69: 2c:77:66:cf:7c:a2:03:d2:31:cf:20:aa:64:00:72:1b:4f:da: cb:1a:60:5b:e3:5a:44:85:3b:de:15:8f:5c:6e:6b:38:9b:25: 5c:1b:d8:5d:dc:cc:d9:19:95:91:18:68:66:9b:ce:c9:38:d8: b9:14:90:f6:c0:a9:bd:bf:81:ca:ed:33:b0:8c:62:8f:37:50: 4c:e9:41:ea:eb:b3:ea:a0:a7:3e:73:0f:20:1f:de:81:78:e9: 4c:08:96:32:d1:ac:ed:4b:4f:63:c2:c3:a2:de:77:4e:55:03: 84:a0:ff:09:0f:91:6a:1d:10:40:6d:fb:90:19:87:e6:81:61: ec:ef:7c:8c:5a:26:74:bf:de:ab:6a:27:b4:31:f2:fb:6c:d2: 7a:23:27:54:94:ad:18:f0:39:2e:a4:64:a8:df:37:ba:1f:0a: 0c:54:7e:c7:f7:42:6a:72:ff:94:da:a8:d4:f1:56:67:42:9c: 47:96:00:d8:4e:f9:05:84:32:c8:02:06:7e:c6:9a:90:70:38: 87:f7:d2:f1:0a:49:4b:43:ff:97:f6:8f:bb:32:80:f9:e6:2d: ea:1f:2b:3f Certificate: Data: Version: 3 (0x2) Serial Number: 2 (0x2) Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, ST=New York, L=New York, O=PKCS11 Provider, OU=Testing Harness Validity Not Before: Dec 20 18:42:26 2023 GMT Not After : Dec 19 18:42:26 2024 GMT Subject: C=US, O=PKCS11 Provider, CN=OCSP Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b9:31:e7:c1:cb:7a:16:09:b9:f7:c2:4a:e1:57: 0f:34:9a:ff:40:6a:f4:00:00:30:7e:14:49:27:43: f0:e3:6c:77:5e:b6:ac:65:0f:1a:6a:dc:bd:b3:c9: 9e:fc:ba:a3:99:b8:8d:d8:be:19:12:55:30:50:3a: d0:28:d7:c0:77:5b:09:ee:30:26:41:4f:03:9f:0c: 74:70:b2:04:67:e7:6d:ef:07:4e:0a:03:60:2c:20: ab:26:9c:cd:92:34:ec:eb:58:dc:ae:01:0c:4d:6b: 95:c3:80:32:96:60:4f:60:04:b2:b0:15:d4:56:87: d1:5c:d2:9d:1a:ec:40:68:4a:59:db:e8:08:6b:4e: e0:1e:69:55:99:34:bf:86:89:95:7c:ad:6e:ba:de: 08:45:0d:73:d8:5b:2c:51:13:0d:48:e6:ff:2d:f2: 89:f6:5a:33:9d:0c:ee:80:2a:ef:86:a1:5a:81:d2: db:0c:77:1d:ef:95:ef:3b:70:59:e1:34:09:51:c9: 2e:59:e3:6b:fc:9b:c8:31:b3:50:74:d4:51:65:71: 7e:cb:ee:e3:e8:ff:bc:2b:68:fa:9f:f9:54:07:3c: d6:5f:b4:7a:e1:27:c9:09:6e:85:0a:1e:7f:a5:b4: ea:2f:b8:75:b6:64:c5:92:c2:8c:dd:aa:0c:e3:67: bd:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment X509v3 Subject Key Identifier: 7D:96:06:CE:2B:51:95:FB:A0:8F:D0:CF:74:E0:C4:A0:F6:EC:E9:7E X509v3 Authority Key Identifier: 7D:96:06:CE:2B:51:95:FB:A0:8F:D0:CF:74:E0:C4:A0:F6:EC:E9:7E S ## Kill any remaining children and wait for them kill: sending signal to 2484293 failed: No such process /builddir/build/BUILD/pkcs11-provider-0.2/tests/helpers.sh: line 66: 2484293 Killed $CHECKER openssl ocsp -index "${DEMOCA}/index.txt" -rsigner "${DEMOCA}/ocspSigning.pem" -rkey "${PRIURI}" -CA "${DEMOCA}/cacert.pem" -rmd sha1 -port "${PORT}" -text PASS democa-softokn.t (exit status: 0) Executing ./tdigest ## Test Digests support sha512-224: Unsupported by pkcs11 token sha512-256: Unsupported by pkcs11 token sha3-224: Unsupported by pkcs11 token sha3-256: Unsupported by pkcs11 token sha3-384: Unsupported by pkcs11 token sha3-512: Unsupported by pkcs11 token PASS digest-softhsm.t (exit status: 0) Executing ./tdigest ## Test Digests support sha512-224: Unsupported by pkcs11 token sha512-256: Unsupported by pkcs11 token PASS digest-softokn.t (exit status: 0) Executing ./tecc ## Export EC Public key to a file openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/ecout.pub Print EC Public key from private openssl pkey -in $ECPRIURI -pubout -text ## Sign and Verify with provided Hash and EC openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${ECBASEURI}" -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-ecsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-ecsig.bin Signature Verified Successfully openssl pkeyutl -verify -inkey "${TMPPDIR}/ecout.pub" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-ecsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA-256) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA-384) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha384 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha384-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha384 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha384-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA-512) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha512 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha512-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha512 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha512-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA3-256) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha3-256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha3-256-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha3-256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha3-256-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA3-384) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha3-384 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha3-384-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha3-384 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha3-384-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA3-512) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha3-512 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha3-512-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha3-512 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha3-512-ecdgstsig.bin Signature Verified Successfully ## Test CSR generation from private ECC keys openssl req -new -batch -key "${ECPRIURI}" -out ${TMPPDIR}/ecdsa_csr.pem openssl req -in ${TMPPDIR}/ecdsa_csr.pem -verify -noout Certificate request self-signature verify OK PASS ecc-softhsm.t (exit status: 0) Executing ./tecc ## Export EC Public key to a file openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/ecout.pub Print EC Public key from private openssl pkey -in $ECPRIURI -pubout -text ## Sign and Verify with provided Hash and EC openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${ECBASEURI}" -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-ecsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-ecsig.bin Signature Verified Successfully openssl pkeyutl -verify -inkey "${TMPPDIR}/ecout.pub" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-ecsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA-256) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA-384) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha384 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha384-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha384 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha384-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA-512) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha512 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha512-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha512 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha512-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA3-256) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha3-256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha3-256-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha3-256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha3-256-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA3-384) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha3-384 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha3-384-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha3-384 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha3-384-ecdgstsig.bin Signature Verified Successfully ## DigestSign and DigestVerify with ECC (SHA3-512) openssl pkeyutl -sign -inkey "${ECBASEURI}" -digest sha3-512 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha3-512-ecdgstsig.bin openssl pkeyutl -verify -inkey "${ECBASEURI}" -pubin -digest sha3-512 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha3-512-ecdgstsig.bin Signature Verified Successfully ## Test CSR generation from private ECC keys openssl req -new -batch -key "${ECPRIURI}" -out ${TMPPDIR}/ecdsa_csr.pem openssl req -in ${TMPPDIR}/ecdsa_csr.pem -verify -noout Certificate request self-signature verify OK PASS ecc-softokn.t (exit status: 0) Executing ./tecdh ## ECDH Exchange openssl pkeyutl -derive -inkey ${ECBASEURI} -peerkey ${ECPEERPUBURI} -out ${TMPPDIR}/secret.ecdh.bin PASS ecdh-softokn.t (exit status: 0) Executing ./tedwards ## Export ED25519 Public key to a file openssl pkey -in $EDPUBURI -pubin -pubout -out ${TMPPDIR}/edout.pub Print ED25519 Public key from private openssl pkey -in $EDPRIURI -pubout -text ## DigestSign and DigestVerify with ED25519 openssl pkeyutl -sign -inkey "${EDBASEURI}" -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-eddgstsig.bin openssl pkeyutl -verify -inkey "${EDBASEURI}" -pubin -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-eddgstsig.bin Signature Verified Successfully ## Test CSR generation from private ED25519 keys openssl req -new -batch -key "${EDPRIURI}" -out ${TMPPDIR}/ed25519_csr.pem openssl req -in ${TMPPDIR}/ed25519_csr.pem -verify -noout Certificate request self-signature verify OK PASS edwards-softhsm.t (exit status: 0) Executing ./tfork Child Done Child Done ALL A-OK! PASS fork-softhsm.t (exit status: 0) Executing ./tfork Child Done Child Done ALL A-OK! PASS fork-softokn.t (exit status: 0) Executing ./tgenkey ALL A-OK!PASS genkey-softhsm.t (exit status: 0) Executing ./tgenkey ALL A-OK!PASS genkey-softokn.t (exit status: 0) Executing ./thkdf ## HKDF Derivation openssl pkeyutl -derive -kdf HKDF -kdflen 48 -pkeyopt md:SHA256 -pkeyopt mode:EXTRACT_AND_EXPAND -pkeyopt hexkey:${HKDF_HEX_SECRET} -pkeyopt hexsalt:${HKDF_HEX_SALT} -pkeyopt hexinfo:${HKDF_HEX_INFO} -out ${TMPPDIR}/hkdf1-out-pkcs11.bin -propquery provider=pkcs11 openssl pkeyutl -derive -kdf HKDF -kdflen 48 -pkeyopt md:SHA256 -pkeyopt mode:EXTRACT_AND_EXPAND -pkeyopt hexkey:${HKDF_HEX_SECRET} -pkeyopt hexsalt:${HKDF_HEX_SALT} -pkeyopt hexinfo:${HKDF_HEX_INFO} -out ${TMPPDIR}/hkdf1-out.bin openssl pkeyutl -derive -kdf HKDF -kdflen 48 -pkeyopt md:SHA256 -pkeyopt mode:EXTRACT_AND_EXPAND -pkeyopt hexkey:${HKDF_HEX_SECRET} -pkeyopt salt:"${HKDF_SALT}" -pkeyopt info:"${HKDF_INFO}" -out ${TMPPDIR}/hkdf2-out-pkcs11.bin -propquery provider=pkcs11 openssl pkeyutl -derive -kdf HKDF -kdflen 48 -pkeyopt md:SHA256 -pkeyopt mode:EXTRACT_AND_EXPAND -pkeyopt hexkey:${HKDF_HEX_SECRET} -pkeyopt salt:"${HKDF_SALT}" -pkeyopt info:"${HKDF_INFO}" -out ${TMPPDIR}/hkdf2-out.bin PASS hkdf-softokn.t (exit status: 0) Executing ./toaepsha2 ## Encrypt and decrypt with RSA OAEP openssl pkeyutl -encrypt -inkey "${BASEURI}" -pubin -pkeyopt pad-mode:oaep -pkeyopt digest:sha256 -pkeyopt mgf1-digest:sha256 -in ${SECRETFILE} -out ${SECRETFILE}.enc openssl pkeyutl -decrypt -inkey "${PRIURI}" -pkeyopt pad-mode:oaep -pkeyopt digest:sha256 -pkeyopt mgf1-digest:sha256 -in ${SECRETFILE}.enc -out ${SECRETFILE}.dec PASS oaepsha2-softokn.t (exit status: 0) Executing ./tpubkey ## Export RSA Public key to a file openssl pkey -in $BASEURI -pubin -pubout -out ${TMPPDIR}/baseout.pub Export Public key to a file (pub-uri) openssl pkey -in $PUBURI -pubin -pubout -out ${TMPPDIR}/pubout.pub Print Public key from private openssl pkey -in $PRIURI -pubout -text ## Export Public check error openssl pkey -in pkcs11:id=%de%ad -pubin -pubout -out ${TMPPDIR}/pubout-invlid.pub Could not read key of Public Key from pkcs11:id=%de%ad ## Export EC Public key to a file openssl pkey -in $ECBASEURI -pubin -pubout -out ${TMPPDIR}/baseecout.pub Export EC Public key to a file (pub-uri) openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/pubecout.pub Print EC Public key from private openssl pkey -in $ECPRIURI -pubout -text ## Check we can get RSA public keys from certificate objects Export Public key to a file (priv-uri) openssl pkey -in $PRI2URI -pubout -out ${TMPPDIR}/priv-cert.pub Export Public key to a file (base-uri) openssl pkey -in $BASE2URI -pubout -out ${TMPPDIR}/base-cert.pub Export Public EC key to a file (priv-uri) openssl pkey -in $ECPRI2URI -pubout -out ${TMPPDIR}/ec-priv-cert.pub Export Public key to a file (base-uri) openssl pkey -in $ECBASE2URI -pubout -out ${TMPPDIR}/ec-base-cert.pub PASS pubkey-softhsm.t (exit status: 0) Executing ./tpubkey ## Export RSA Public key to a file openssl pkey -in $BASEURI -pubin -pubout -out ${TMPPDIR}/baseout.pub Export Public key to a file (pub-uri) openssl pkey -in $PUBURI -pubin -pubout -out ${TMPPDIR}/pubout.pub Print Public key from private openssl pkey -in $PRIURI -pubout -text ## Export Public check error openssl pkey -in pkcs11:id=%de%ad -pubin -pubout -out ${TMPPDIR}/pubout-invlid.pub Could not read key of Public Key from pkcs11:id=%de%ad ## Export EC Public key to a file openssl pkey -in $ECBASEURI -pubin -pubout -out ${TMPPDIR}/baseecout.pub Export EC Public key to a file (pub-uri) openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/pubecout.pub Print EC Public key from private openssl pkey -in $ECPRIURI -pubout -text PASS pubkey-softokn.t (exit status: 0) Executing ./trand ## Test PKCS11 RNG openssl rand 1 2094E4AC3F000000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:341:Global default library context, Algorithm (PKCS11-RAND : 0), Properties () 2094E4AC3F000000:error:12000090:random number generator:rand_new_drbg:unable to fetch drbg:crypto/rand/rand_lib.c:647: openssl rand 1 ' PASS rand-softhsm.t (exit status: 0) Executing ./trand ## Test PKCS11 RNG openssl rand 1 20E4C8B13F000000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto/evp/evp_fetch.c:341:Global default library context, Algorithm (PKCS11-RAND : 0), Properties () 20E4C8B13F000000:error:12000090:random number generator:rand_new_drbg:unable to fetch drbg:crypto/rand/rand_lib.c:647: openssl rand 1 { PASS rand-softokn.t (exit status: 0) Executing ./treadkeys PASS readkeys-softhsm.t (exit status: 0) Executing ./treadkeys PASS readkeys-softokn.t (exit status: 0) Executing ./trsapss ## DigestSign and DigestVerify with RSA PSS openssl pkeyutl -sign -inkey "${BASEURI}" -digest sha256 -pkeyopt pad-mode:pss -pkeyopt mgf1-digest:sha256 -pkeyopt saltlen:digest -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-dgstsig.bin openssl pkeyutl -verify -inkey "${BASEURI}" -pubin -digest sha256 -pkeyopt pad-mode:pss -pkeyopt mgf1-digest:sha256 -pkeyopt saltlen:digest -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully Re-verify using OpenSSL default provider openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -digest sha256 -pkeyopt pad-mode:pss -pkeyopt mgf1-digest:sha256 -pkeyopt saltlen:digest -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully PASS rsapss-softokn.t (exit status: 0) Executing ./tsession ALL A-OK!PASS session-softhsm.t (exit status: 0) Executing ./tsession ALL A-OK!PASS session-softokn.t (exit status: 0) ######################################## ## Searching for SoftHSM PKCS#11 library Using softhsm path /usr/lib64/pkcs11/libsofthsm2.so ######################################## ## Set up testing system Slot 0 has a free/uninitialized token. The token has been initialized and is reassigned to slot 53804816 Creating new Self Sign CA Using slot 0 with a present token (0x334ff10) Key pair generated: Private Key Object; RSA label: caCert ID: 0000 Usage: decrypt, sign, signRecover, unwrap Access: sensitive, always sensitive, never extractable, local Public Key Object; RSA 2048 bits label: caCert ID: 0000 Usage: encrypt, verify, verifyRecover, wrap Access: local Generating a self signed certificate... X.509 Certificate Information: Version: 3 Serial Number (hex): 01 Validity: Not Before: Wed Dec 20 18:42:03 UTC 2023 Not After: Thu Dec 19 18:42:03 UTC 2024 Subject: CN=Issuer Subject Public Key Algorithm: RSA Algorithm Security Level: Medium (2048 bits) Modulus (bits 2048): 00:d0:b1:a0:43:7f:94:ee:39:64:54:7d:d2:44:7b:6f b5:75:f0:61:a5:30:b6:b1:ee:98:1d:d4:b8:9a:4b:a2 9f:b5:90:ba:65:da:7d:8a:14:a4:64:aa:82:b5:6f:49 12:42:cf:7d:7e:7d:00:75:fb:51:42:34:26:43:11:06 89:f1:cc:e2:b7:67:d6:d2:29:4e:ae:bc:83:93:6e:61 19:da:6b:ba:6a:fe:f7:09:58:3c:b8:4a:cd:bd:2a:58 b8:9e:88:ca:93:19:b0:93:56:ee:78:29:3e:6d:df:44 7c:a4:56:92:9e:9f:47:eb:fb:31:6d:20:69:f7:5c:75 0e:39:5e:02:2e:65:66:15:67:7a:9c:0f:68:df:34:ba 2f:d4:7f:22:45:a1:be:a7:2b:6f:28:13:5f:63:b9:29 d7:f4:28:c1:e1:e0:86:bb:ed:48:04:18:7c:03:d4:bd 85:14:fd:b1:c1:43:a9:38:76:b1:70:e7:34:ed:02:97 2c:13:57:23:d3:8c:5e:ad:f9:f8:ae:eb:16:d5:0a:88 24:ab:e2:74:cd:ce:39:0e:77:0b:55:b5:85:5a:de:51 cd:56:12:cf:f4:6c:79:59:09:a3:7c:f3:ac:e7:3a:b2 85:9b:3f:51:2d:11:02:f8:0c:19:69:05:2e:9d:bb:fc 5f Exponent (bits 24): 01:00:01 Extensions: Basic Constraints (critical): Certificate Authority (CA): TRUE Subject Alternative Name (not critical): RFC822Name: testcert@example.org Key Usage (critical): Digital signature. Subject Key Identifier (not critical): b04f263f8362d2b4894b7626e30878ef5b4015e1 Other Information: Public Key ID: sha1:b04f263f8362d2b4894b7626e30878ef5b4015e1 sha256:ad80492b6e1c092de59d8bc9d8b0a4c0d3d357e15919368c5359e9ae62b18a1e Public Key PIN: pin-sha256:rYBJK24cCS3lnYvJ2LCkwNPTV+FZGTaMU1nprmKxih4= Signing certificate... Using slot 0 with a present token (0x334ff10) Created certificate: Certificate Object; type = X.509 cert label: caCert subject: DN: CN=Issuer serial: 01 ID: 0000 Using slot 0 with a present token (0x334ff10) Key pair generated: Private Key Object; RSA label: testCert ID: 0001 Usage: decrypt, sign, signRecover, unwrap Access: sensitive, always sensitive, never extractable, local Public Key Object; RSA 2048 bits label: testCert ID: 0001 Usage: encrypt, verify, verifyRecover, wrap Access: local Generating a signed certificate... Expiration time: Fri Dec 20 02:42:04 2024 CA expiration time: Fri Dec 20 02:42:03 2024 Warning: The time set exceeds the CA's expiration time X.509 Certificate Information: Version: 3 Serial Number (hex): 03 Validity: Not Before: Wed Dec 20 18:42:04 UTC 2023 Not After: Thu Dec 19 18:42:04 UTC 2024 Subject: CN=My Test Cert,O=PKCS11 Provider Subject Public Key Algorithm: RSA Algorithm Security Level: Medium (2048 bits) Modulus (bits 2048): 00:cd:4f:22:a3:0a:4e:69:af:6f:5d:81:db:2e:dc:68 6f:9a:ca:6f:59:ae:43:1f:75:ce:b3:5e:6c:f1:42:4c 41:70:ec:2b:73:9f:c5:24:dc:c6:a9:77:90:58:80:bc 5b:c6:10:f7:23:43:d8:6c:95:30:5d:a1:57:09:3c:05 23:d4:29:b7:b0:66:f8:c3:d4:95:64:b9:14:73:fb:57 64:64:cf:1a:fb:86:71:d2:c7:72:c3:47:b9:fa:de:b2 63:56:11:a5:40:d5:00:f0:d7:88:13:fc:53:b2:0e:54 1e:10:99:97:df:2f:a0:38:19:14:32:f9:6b:24:c3:48 4c:f7:39:e1:54:a6:65:f4:f2:9c:29:9a:5b:e6:5f:c9 86:a2:c1:04:e2:16:70:90:64:31:db:87:2d:d1:f9:0c 83:c2:33:2a:8f:9d:ae:5f:76:12:c4:8a:c8:3f:b9:46 f5:c1:f8:5d:e5:ea:40:e1:a1:65:57:13:cb:be:33:12 ea:3f:b8:4f:be:b2:05:c4:3d:d1:dd:77:a5:01:0f:6d 1b:5d:d6:81:e6:6a:b5:94:66:7b:4d:e2:56:d6:7c:f3 a4:43:32:18:0c:6c:d4:73:9e:95:e2:bc:42:20:91:37 10:1d:1f:88:ef:8c:07:57:d0:1b:9f:12:ba:22:b5:64 3d Exponent (bits 24): 01:00:01 Extensions: Basic Constraints (critical): Certificate Authority (CA): FALSE Subject Alternative Name (not critical): RFC822Name: testcert@example.org Key Usage (critical): Digital signature. Key encipherment. Subject Key Identifier (not critical): 4d87d1f9943810cf0a120746e7423e78a27915fc Authority Key Identifier (not critical): b04f263f8362d2b4894b7626e30878ef5b4015e1 Other Information: Public Key ID: sha1:4d87d1f9943810cf0a120746e7423e78a27915fc sha256:888a54fa3af56494caaa50450970ca71609f30a2d1a4cd1d6ec4b205a73a0559 Public Key PIN: pin-sha256:iIpU+jr1ZJTKqlBFCXDKcWCfMKLRpM0dbsSyBac6BVk= Signing certificate... Using slot 0 with a present token (0x334ff10) Created certificate: Certificate Object; type = X.509 cert label: testCert subject: DN: O=PKCS11 Provider, CN=My Test Cert serial: 03 ID: 0001 RSA PKCS11 URIS pkcs11:id=%00%01;pin-value=12345678 pkcs11:id=%00%01 pkcs11:type=public;id=%00%01 pkcs11:type=private;id=%00%01 pkcs11:type=cert;object=testCert Using slot 0 with a present token (0x334ff10) Key pair generated: Private Key Object; EC label: ecCert ID: 0002 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Public Key Object; EC EC_POINT 256 bits EC_POINT: 0441049b5d54ed2be31dbacfd158182f2c33e3279f9b685837d4782c543b7146fa416a9330659e9dc12166dd803dece95e61d3a44c141b422ea9311748201ffed67036 EC_PARAMS: 06082a8648ce3d030107 label: ecCert ID: 0002 Usage: encrypt, verify, verifyRecover, wrap, derive Access: local Generating a signed certificate... Expiration time: Fri Dec 20 02:42:04 2024 CA expiration time: Fri Dec 20 02:42:03 2024 Warning: The time set exceeds the CA's expiration time X.509 Certificate Information: Version: 3 Serial Number (hex): 04 Validity: Not Before: Wed Dec 20 18:42:04 UTC 2023 Not After: Thu Dec 19 18:42:04 UTC 2024 Subject: CN=My EC Cert,O=PKCS11 Provider Subject Public Key Algorithm: EC/ECDSA Algorithm Security Level: High (256 bits) Curve: SECP256R1 X: 00:9b:5d:54:ed:2b:e3:1d:ba:cf:d1:58:18:2f:2c:33 e3:27:9f:9b:68:58:37:d4:78:2c:54:3b:71:46:fa:41 6a Y: 00:93:30:65:9e:9d:c1:21:66:dd:80:3d:ec:e9:5e:61 d3:a4:4c:14:1b:42:2e:a9:31:17:48:20:1f:fe:d6:70 36 Extensions: Basic Constraints (critical): Certificate Authority (CA): FALSE Subject Alternative Name (not critical): RFC822Name: testcert@example.org Key Usage (critical): Digital signature. Subject Key Identifier (not critical): f1f0047eb35f0d8ada6f6f0db18216a44483667d Authority Key Identifier (not critical): b04f263f8362d2b4894b7626e30878ef5b4015e1 Other Information: Public Key ID: sha1:f1f0047eb35f0d8ada6f6f0db18216a44483667d sha256:ebfa80c8b2d9f22680ec5c0edd2c8009002cc50461e048801ff79c5bf5421bbc Public Key PIN: pin-sha256:6/qAyLLZ8iaA7FwO3SyACQAsxQRh4EiAH/ecW/VCG7w= Signing certificate... Using slot 0 with a present token (0x334ff10) Created certificate: Certificate Object; type = X.509 cert label: ecCert subject: DN: O=PKCS11 Provider, CN=My EC Cert serial: 04 ID: 0002 Using slot 0 with a present token (0x334ff10) Key pair generated: Private Key Object; EC label: ecPeerCert ID: 0003 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Public Key Object; EC EC_POINT 256 bits EC_POINT: 0441043291d32cd2ea0cacbbac24b37959d29d5b71dd68b0a499e33158362147eeef1db9f00594f410ea1d346e663b21ebf10ec77ed83c27c0089ef25b5828ac52145b EC_PARAMS: 06082a8648ce3d030107 label: ecPeerCert ID: 0003 Usage: encrypt, verify, verifyRecover, wrap, derive Access: local Generating a signed certificate... Expiration time: Fri Dec 20 02:42:04 2024 CA expiration time: Fri Dec 20 02:42:03 2024 Warning: The time set exceeds the CA's expiration time X.509 Certificate Information: Version: 3 Serial Number (hex): 05 Validity: Not Before: Wed Dec 20 18:42:04 UTC 2023 Not After: Thu Dec 19 18:42:04 UTC 2024 Subject: CN=My Peer EC Cert,O=PKCS11 Provider Subject Public Key Algorithm: EC/ECDSA Algorithm Security Level: High (256 bits) Curve: SECP256R1 X: 32:91:d3:2c:d2:ea:0c:ac:bb:ac:24:b3:79:59:d2:9d 5b:71:dd:68:b0:a4:99:e3:31:58:36:21:47:ee:ef:1d Y: 00:b9:f0:05:94:f4:10:ea:1d:34:6e:66:3b:21:eb:f1 0e:c7:7e:d8:3c:27:c0:08:9e:f2:5b:58:28:ac:52:14 5b Extensions: Basic Constraints (critical): Certificate Authority (CA): FALSE Subject Alternative Name (not critical): RFC822Name: testcert@example.org Key Usage (critical): Digital signature. Subject Key Identifier (not critical): cfcf82e72fe9ca65c9be2b1ac2f0c4dc5ed05e27 Authority Key Identifier (not critical): b04f263f8362d2b4894b7626e30878ef5b4015e1 Other Information: Public Key ID: sha1:cfcf82e72fe9ca65c9be2b1ac2f0c4dc5ed05e27 sha256:4e7d19836fad2a6495ea44e34190832da195a3ec3a74798adb2f0971a18dbbe0 Public Key PIN: pin-sha256:Tn0Zg2+tKmSV6kTjQZCDLaGVo+w6dHmK2y8JcaGNu+A= Signing certificate... Using slot 0 with a present token (0x334ff10) Created certificate: Certificate Object; type = X.509 cert label: ecPeerCert subject: DN: O=PKCS11 Provider, CN=My Peer EC Cert serial: 05 ID: 0003 EC PKCS11 URIS pkcs11:id=%00%02;pin-value=12345678 pkcs11:id=%00%02 pkcs11:type=public;id=%00%02 pkcs11:type=private;id=%00%02 pkcs11:type=cert;object=ecCert pkcs11:id=%00%03;pin-value=12345678 pkcs11:id=%00%03 pkcs11:type=public;id=%00%03 pkcs11:type=private;id=%00%03 pkcs11:type=cert;object=ecPeerCert Using slot 0 with a present token (0x334ff10) Key pair generated: Private Key Object; EC_EDWARDS label: edCert ID: 0004 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Public Key Object; EC_EDWARDS EC_POINT 255 bits EC_POINT: 0420aa6a047b7cd088f3343f2be1e5d2b4ead1831100b1ca4fb22f50b2d35af2fc3d EC_PARAMS: 130c656477617264733235353139 (OID 2.21.100.119.97.114.100.115.50.53.53.49.57) label: edCert ID: 0004 Usage: encrypt, verify, verifyRecover, wrap, derive Access: local Generating a signed certificate... Expiration time: Fri Dec 20 02:42:04 2024 CA expiration time: Fri Dec 20 02:42:03 2024 Warning: The time set exceeds the CA's expiration time X.509 Certificate Information: Version: 3 Serial Number (hex): 06 Validity: Not Before: Wed Dec 20 18:42:04 UTC 2023 Not After: Thu Dec 19 18:42:04 UTC 2024 Subject: CN=My ED25519 Cert,O=PKCS11 Provider Subject Public Key Algorithm: EdDSA (Ed25519) Algorithm Security Level: High (256 bits) Curve: Ed25519 X: aa:6a:04:7b:7c:d0:88:f3:34:3f:2b:e1:e5:d2:b4:ea d1:83:11:00:b1:ca:4f:b2:2f:50:b2:d3:5a:f2:fc:3d Extensions: Basic Constraints (critical): Certificate Authority (CA): FALSE Subject Alternative Name (not critical): RFC822Name: testcert@example.org Key Usage (critical): Digital signature. Subject Key Identifier (not critical): 1f44c03a3964a8c1400493fc0976838ca3cc414c Authority Key Identifier (not critical): b04f263f8362d2b4894b7626e30878ef5b4015e1 Other Information: Public Key ID: sha1:1f44c03a3964a8c1400493fc0976838ca3cc414c sha256:6f24148d78ef342322821765978c5832108aa89446a39bcfcf74cae0d4ad7218 Public Key PIN: pin-sha256:byQUjXjvNCMighdll4xYMhCKqJRGo5vPz3TK4NStchg= Signing certificate... Using slot 0 with a present token (0x334ff10) Created certificate: Certificate Object; type = X.509 cert label: edCert subject: DN: O=PKCS11 Provider, CN=My ED25519 Cert serial: 06 ID: 0004 ED25519 PKCS11 URIS pkcs11:id=%00%04 pkcs11:type=public;id=%00%04 pkcs11:type=private;id=%00%04 pkcs11:type=cert;object=edCert ## generate RSA key pair, self-signed certificate, remove public key Using slot 0 with a present token (0x334ff10) Key pair generated: Private Key Object; RSA label: testCert2 ID: 0005 Usage: decrypt, sign, signRecover, unwrap Access: sensitive, always sensitive, never extractable, local Public Key Object; RSA 2048 bits label: testCert2 ID: 0005 Usage: encrypt, verify, verifyRecover, wrap Access: local Generating a signed certificate... Expiration time: Fri Dec 20 02:42:05 2024 CA expiration time: Fri Dec 20 02:42:03 2024 Warning: The time set exceeds the CA's expiration time X.509 Certificate Information: Version: 3 Serial Number (hex): 07 Validity: Not Before: Wed Dec 20 18:42:05 UTC 2023 Not After: Thu Dec 19 18:42:05 UTC 2024 Subject: CN=My Test Cert 2,O=PKCS11 Provider Subject Public Key Algorithm: RSA Algorithm Security Level: Medium (2048 bits) Modulus (bits 2048): 00:d1:5c:fb:d1:c3:0d:6c:78:78:d4:3b:d4:8b:dd:35 c5:af:b9:61:9f:3e:74:9d:5c:3d:fd:18:ff:03:14:18 6e:fd:eb:d0:f6:d4:0c:d4:55:2e:bf:29:28:d7:17:6e 40:f5:e4:e3:1f:a8:32:67:4c:57:db:08:6f:23:2e:d0 f0:f3:5e:4e:36:22:99:49:ca:40:fb:6a:b8:b4:c5:32 89:45:c1:8f:b8:6d:4a:0f:7a:52:14:f3:be:27:c4:08 eb:02:5e:29:da:13:25:5c:76:7a:f7:3c:cf:07:8b:a6 e9:54:b3:49:54:ab:72:0f:4d:fe:e4:f2:86:af:49:3d 02:f3:ae:9b:7c:0f:ed:32:b2:6c:48:12:86:ee:dd:f4 38:11:52:c8:7a:e9:10:ed:74:fe:e2:a1:2f:45:eb:7a db:fb:85:9d:c7:09:b1:7f:e6:63:00:a2:c3:ab:0b:8a e8:35:ec:cc:45:cc:a2:43:5e:2e:99:3b:3d:45:b0:53 f4:01:eb:aa:16:79:58:66:b7:d6:f1:64:49:3a:86:cd e3:25:85:22:ee:41:c9:c0:f9:7d:be:7a:72:f1:a0:57 5e:52:4e:45:1c:42:b6:66:49:33:ee:c6:b0:e5:64:d3 30:bf:86:28:46:82:91:24:93:f0:3d:27:65:70:53:93 fd Exponent (bits 24): 01:00:01 Extensions: Basic Constraints (critical): Certificate Authority (CA): FALSE Subject Alternative Name (not critical): RFC822Name: testcert@example.org Key Usage (critical): Digital signature. Key encipherment. Subject Key Identifier (not critical): 26b0905cf7fa5ff7fb708a8654113ce14c5bf773 Authority Key Identifier (not critical): b04f263f8362d2b4894b7626e30878ef5b4015e1 Other Information: Public Key ID: sha1:26b0905cf7fa5ff7fb708a8654113ce14c5bf773 sha256:5fba1d486c98e8a928ea06ae66e971d4a6b5c0edb484ef512411673d5382736f Public Key PIN: pin-sha256:X7odSGyY6Kko6gauZulx1Ka1wO20hO9RJBFnPVOCc28= Signing certificate... Using slot 0 with a present token (0x334ff10) Created certificate: Certificate Object; type = X.509 cert label: testCert2 subject: DN: O=PKCS11 Provider, CN=My Test Cert 2 serial: 07 ID: 0005 Using slot 0 with a present token (0x334ff10) RSA2 PKCS11 URIS pkcs11:id=%00%05;pin-value=12345678 pkcs11:id=%00%05 pkcs11:type=private;id=%00%05 pkcs11:type=cert;object=testCert2 ## generate EC key pair, self-signed certificate, remove public key Using slot 0 with a present token (0x334ff10) Key pair generated: Private Key Object; EC label: ecCert2 ID: 0006 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Public Key Object; EC EC_POINT 384 bits EC_POINT: 046104382145704111891ad1dca8f18837d460a961409d698a04bbba1d034bde922bbf1f23d104de3186c515d5a0e412eac0932c7eab88546dd4dd72d09df90ce6ea675fd2b2877e7ab97989a0382391ea56b57d97b2854a96d6d9b8c39cd4e8a2e7df EC_PARAMS: 06052b81040022 label: ecCert2 ID: 0006 Usage: encrypt, verify, verifyRecover, wrap, derive Access: local Generating a signed certificate... Expiration time: Fri Dec 20 02:42:05 2024 CA expiration time: Fri Dec 20 02:42:03 2024 Warning: The time set exceeds the CA's expiration time X.509 Certificate Information: Version: 3 Serial Number (hex): 08 Validity: Not Before: Wed Dec 20 18:42:05 UTC 2023 Not After: Thu Dec 19 18:42:05 UTC 2024 Subject: CN=My EC Cert 2,O=PKCS11 Provider Subject Public Key Algorithm: EC/ECDSA Algorithm Security Level: Ultra (384 bits) Curve: SECP384R1 X: 38:21:45:70:41:11:89:1a:d1:dc:a8:f1:88:37:d4:60 a9:61:40:9d:69:8a:04:bb:ba:1d:03:4b:de:92:2b:bf 1f:23:d1:04:de:31:86:c5:15:d5:a0:e4:12:ea:c0:93 Y: 2c:7e:ab:88:54:6d:d4:dd:72:d0:9d:f9:0c:e6:ea:67 5f:d2:b2:87:7e:7a:b9:79:89:a0:38:23:91:ea:56:b5 7d:97:b2:85:4a:96:d6:d9:b8:c3:9c:d4:e8:a2:e7:df Extensions: Basic Constraints (critical): Certificate Authority (CA): FALSE Subject Alternative Name (not critical): RFC822Name: testcert@example.org Key Usage (critical): Digital signature. Subject Key Identifier (not critical): ad5e0ff2b40da74a2450a82fd7fdc9f351f9d053 Authority Key Identifier (not critical): b04f263f8362d2b4894b7626e30878ef5b4015e1 Other Information: Public Key ID: sha1:ad5e0ff2b40da74a2450a82fd7fdc9f351f9d053 sha256:f73f961c6b1d338dd06dba4c3b080e36f293a87520d885b809c50599e3cf46ac Public Key PIN: pin-sha256:9z+WHGsdM43QbbpMOwgONvKTqHUg2IW4CcUFmePPRqw= Signing certificate... Using slot 0 with a present token (0x334ff10) Created certificate: Certificate Object; type = X.509 cert label: ecCert2 subject: DN: O=PKCS11 Provider, CN=My EC Cert 2 serial: 08 ID: 0006 Using slot 0 with a present token (0x334ff10) EC2 PKCS11 URIS pkcs11:id=%00%06;pin-value=12345678 pkcs11:id=%00%06 pkcs11:type=private;id=%00%06 pkcs11:type=cert;object=ecCert2 ## Show contents of softhsm token ---------------------------------------------------------------------------------------------------- Using slot 0 with a present token (0x334ff10) Public Key Object; EC EC_POINT 256 bits EC_POINT: 0441043291d32cd2ea0cacbbac24b37959d29d5b71dd68b0a499e33158362147eeef1db9f00594f410ea1d346e663b21ebf10ec77ed83c27c0089ef25b5828ac52145b EC_PARAMS: 06082a8648ce3d030107 label: ecPeerCert ID: 0003 Usage: encrypt, verify, verifyRecover, wrap, derive Access: local Public Key Object; EC EC_POINT 256 bits EC_POINT: 0441049b5d54ed2be31dbacfd158182f2c33e3279f9b685837d4782c543b7146fa416a9330659e9dc12166dd803dece95e61d3a44c141b422ea9311748201ffed67036 EC_PARAMS: 06082a8648ce3d030107 label: ecCert ID: 0002 Usage: encrypt, verify, verifyRecover, wrap, derive Access: local Public Key Object; RSA 2048 bits label: testCert ID: 0001 Usage: encrypt, verify, verifyRecover, wrap Access: local Certificate Object; type = X.509 cert label: edCert subject: DN: O=PKCS11 Provider, CN=My ED25519 Cert serial: 06 ID: 0004 Certificate Object; type = X.509 cert label: ecCert subject: DN: O=PKCS11 Provider, CN=My EC Cert serial: 04 ID: 0002 Private Key Object; EC_EDWARDS label: edCert ID: 0004 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Private Key Object; RSA label: caCert ID: 0000 Usage: decrypt, sign, signRecover, unwrap Access: sensitive, always sensitive, never extractable, local Certificate Object; type = X.509 cert label: ecCert2 subject: DN: O=PKCS11 Provider, CN=My EC Cert 2 serial: 08 ID: 0006 Certificate Object; type = X.509 cert label: testCert subject: DN: O=PKCS11 Provider, CN=My Test Cert serial: 03 ID: 0001 Private Key Object; EC label: ecPeerCert ID: 0003 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Public Key Object; RSA 2048 bits label: caCert ID: 0000 Usage: encrypt, verify, verifyRecover, wrap Access: local Private Key Object; EC label: ecCert2 ID: 0006 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Certificate Object; type = X.509 cert label: caCert subject: DN: CN=Issuer serial: 01 ID: 0000 Certificate Object; type = X.509 cert label: testCert2 subject: DN: O=PKCS11 Provider, CN=My Test Cert 2 serial: 07 ID: 0005 Private Key Object; RSA label: testCert2 ID: 0005 Usage: decrypt, sign, signRecover, unwrap Access: sensitive, always sensitive, never extractable, local Certificate Object; type = X.509 cert label: ecPeerCert subject: DN: O=PKCS11 Provider, CN=My Peer EC Cert serial: 05 ID: 0003 Private Key Object; EC label: ecCert ID: 0002 Usage: decrypt, sign, signRecover, unwrap, derive Access: sensitive, always sensitive, never extractable, local Private Key Object; RSA label: testCert ID: 0001 Usage: decrypt, sign, signRecover, unwrap Access: sensitive, always sensitive, never extractable, local Public Key Object; EC_EDWARDS EC_POINT 255 bits EC_POINT: 0420aa6a047b7cd088f3343f2be1e5d2b4ead1831100b1ca4fb22f50b2d35af2fc3d EC_PARAMS: 130c656477617264733235353139 (OID 2.21.100.119.97.114.100.115.50.53.53.49.57) label: edCert ID: 0004 Usage: encrypt, verify, verifyRecover, wrap, derive Access: local ---------------------------------------------------------------------------------------------------- ## Output configurations Generate openssl config file Export test variables to tmp.softhsm/testvars ## ######################################## ######################################## ## Set up testing system Creating new NSS Database Creating new Self Sign CA Creating Certificate request for 'My Test Cert' RSA PKCS11 URIS pkcs11:id=%e0%e0%4a%9a%b9%3d%4d%d4%e9%81%01%95%81%2e%39%80%9f%d6%a8%11;pin-value=12345678 pkcs11:id=%e0%e0%4a%9a%b9%3d%4d%d4%e9%81%01%95%81%2e%39%80%9f%d6%a8%11 pkcs11:type=public;id=%e0%e0%4a%9a%b9%3d%4d%d4%e9%81%01%95%81%2e%39%80%9f%d6%a8%11 pkcs11:type=private;id=%e0%e0%4a%9a%b9%3d%4d%d4%e9%81%01%95%81%2e%39%80%9f%d6%a8%11 pkcs11:type=cert;object=testCert Creating Certificate request for 'My EC Cert' Creating Certificate request for 'My Peer EC Cert' EC PKCS11 URIS pkcs11:id=%03%b0%41%70%ba%84%56%9e%bb%8c%49%e0%f3%b5%34%c9%84%48%ac%03;pin-value=12345678 pkcs11:id=%03%b0%41%70%ba%84%56%9e%bb%8c%49%e0%f3%b5%34%c9%84%48%ac%03 pkcs11:type=public;id=%03%b0%41%70%ba%84%56%9e%bb%8c%49%e0%f3%b5%34%c9%84%48%ac%03 pkcs11:type=private;id=%03%b0%41%70%ba%84%56%9e%bb%8c%49%e0%f3%b5%34%c9%84%48%ac%03 pkcs11:type=cert;object=ecCert pkcs11:id=%47%e0%85%4e%1d%e3%89%1d%e3%73%5b%d4%d6%35%88%ff%9c%cc%26%6b pkcs11:type=public;id=%47%e0%85%4e%1d%e3%89%1d%e3%73%5b%d4%d6%35%88%ff%9c%cc%26%6b pkcs11:type=private;id=%47%e0%85%4e%1d%e3%89%1d%e3%73%5b%d4%d6%35%88%ff%9c%cc%26%6b pkcs11:type=cert;object=ecPeerCert ## Show contents of softoken ---------------------------------------------------------------------------------------------------- Certificate Nickname Trust Attributes SSL,S/MIME,JAR/XPI selfCA Cu,Cu,Cu testCert u,u,u ecCert u,u,u ecPeerCert u,u,u certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services" < 0> rsa 4697875f60935a87512a2206041f45ddc4564075 NSS Certificate DB:selfCA < 1> rsa e0e04a9ab93d4dd4e9810195812e39809fd6a811 NSS Certificate DB:testCert < 2> ec 03b04170ba84569ebb8c49e0f3b534c98448ac03 NSS Certificate DB:ecCert < 3> ec 47e0854e1de3891de3735bd4d63588ff9ccc266b NSS Certificate DB:ecPeerCert ---------------------------------------------------------------------------------------------------- ## Output configurations Generate openssl config file Export tests variables to tmp.softokn/testvars ## ######################################## =============================================== pkcs11-provider 0.2: tests/test-suite.log =============================================== # TOTAL: 31 # PASS: 29 # SKIP: 0 # XFAIL: 0 # FAIL: 2 # XPASS: 0 # ERROR: 0 .. contents:: :depth: 2 FAIL: basic-softokn =================== Executing ./tbasic ## Raw Sign check error openssl pkeyutl -sign -inkey "${BASEURI}" -pkeyopt pad-mode:none -in ${TMPPDIR}/64Brandom.bin -out ${TMPPDIR}/raw-sig.bin Public Key operation error 203438853F000000:error:0200007A:rsa routines:p11prov_sig_operate:data too small for key size:signature.c:874: ## Sign and Verify with provided Hash and RSA openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## Sign and Verify with provided Hash and RSA with DigestInfo struct openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -pkeyopt digest:sha256 -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pkeyopt digest:sha256 -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## DigestSign and DigestVerify with RSA openssl pkeyutl -sign -inkey "${BASEURI}" -digest sha256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-dgstsig.bin openssl pkeyutl -verify -inkey "${BASEURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully RSA basic encrypt and decrypt openssl pkeyutl -encrypt -inkey "${PUBURI}" -pubin -in ${SECRETFILE} -out ${SECRETFILE}.enc openssl pkeyutl -decrypt -inkey "${PRIURI}" -in ${SECRETFILE}.enc -out ${SECRETFILE}.dec ## Test Disallow Public Export openssl pkey -in $PUBURI -pubin -pubout -text ## Test CSR generation from RSA private keys openssl req -new -batch -key "${PRIURI}" -out ${TMPPDIR}/rsa_csr.pem openssl req -in ${TMPPDIR}/rsa_csr.pem -verify -noout Certificate request self-signature verify OK ## Test fetching public keys without PIN in config files openssl pkey -in $PUBURI -pubin -pubout -out ${TMPPDIR}/rsa.pub.nopin.pem openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/ec.pub.nopin.pem ## Test fetching public keys with a PIN in URI openssl pkey -in $BASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/rsa.pub.uripin.pem openssl pkey -in $ECBASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/ec.pub.uripin.pem ## Test prompting without PIN in config files Failed to get expected command output Original command output: Enter pass phrase for PKCS#11 Token (Slot 1 - NSS Internal Cryptographic Services): PKCS11 RSA Private Key (2048 bits) [Can't export and print private key data] URI pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%E0%E0%4A%9A%B9%3D%4D%D4%E9%81%01%95%81%2E%39%80%9F%D6%A8%11;type=private FAIL basic-softokn.t (exit status: 1) FAIL: basic-softhsm =================== Executing ./tbasic ## Raw Sign check error openssl pkeyutl -sign -inkey "${BASEURI}" -pkeyopt pad-mode:none -in ${TMPPDIR}/64Brandom.bin -out ${TMPPDIR}/raw-sig.bin Public Key operation error 20B4BBAD3F000000:error:0200007A:rsa routines:p11prov_sig_operate:data too small for key size:signature.c:874: ## Sign and Verify with provided Hash and RSA openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## Sign and Verify with provided Hash and RSA with DigestInfo struct openssl dgst -sha256 -binary -out ${TMPPDIR}/sha256.bin ${SEEDFILE} openssl pkeyutl -sign -inkey "${PRIURI}" -pkeyopt digest:sha256 -in ${TMPPDIR}/sha256.bin -out ${TMPPDIR}/sha256-sig.bin openssl pkeyutl -verify -inkey "${PUBURI}" -pkeyopt digest:sha256 -pubin -in ${TMPPDIR}/sha256.bin -sigfile ${TMPPDIR}/sha256-sig.bin Signature Verified Successfully ## DigestSign and DigestVerify with RSA openssl pkeyutl -sign -inkey "${BASEURI}" -digest sha256 -in ${RAND64FILE} -rawin -out ${TMPPDIR}/sha256-dgstsig.bin openssl pkeyutl -verify -inkey "${BASEURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully openssl pkeyutl -verify -inkey "${PUBURI}" -pubin -digest sha256 -in ${RAND64FILE} -rawin -sigfile ${TMPPDIR}/sha256-dgstsig.bin Signature Verified Successfully RSA basic encrypt and decrypt openssl pkeyutl -encrypt -inkey "${PUBURI}" -pubin -in ${SECRETFILE} -out ${SECRETFILE}.enc openssl pkeyutl -decrypt -inkey "${PRIURI}" -in ${SECRETFILE}.enc -out ${SECRETFILE}.dec ## Test Disallow Public Export openssl pkey -in $PUBURI -pubin -pubout -text ## Test CSR generation from RSA private keys openssl req -new -batch -key "${PRIURI}" -out ${TMPPDIR}/rsa_csr.pem openssl req -in ${TMPPDIR}/rsa_csr.pem -verify -noout Certificate request self-signature verify OK ## Test fetching public keys without PIN in config files openssl pkey -in $PUBURI -pubin -pubout -out ${TMPPDIR}/rsa.pub.nopin.pem openssl pkey -in $ECPUBURI -pubin -pubout -out ${TMPPDIR}/ec.pub.nopin.pem ## Test fetching public keys with a PIN in URI openssl pkey -in $BASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/rsa.pub.uripin.pem openssl pkey -in $ECBASEURIWITHPIN -pubin -pubout -out ${TMPPDIR}/ec.pub.uripin.pem ## Test prompting without PIN in config files Failed to get expected command output Original command output: Enter pass phrase for PKCS#11 Token (Slot 53804816 - SoftHSM slot ID 0x334ff10): PKCS11 RSA Private Key (2048 bits) [Can't export and print private key data] URI pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%01;object=testCert;type=private FAIL basic-softhsm.t (exit status: 1) Executing ./ttls ## Test SSL_CTX creation SSL Context works! ## Test an actual TLS connection Using default temp DH parameters ACCEPT Can't use SSL_get_servername depth=0 O = PKCS11 Provider, CN = My Test Cert verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 O = PKCS11 Provider, CN = My Test Cert verify error:num=21:unable to verify the first certificate verify return:1 depth=0 O = PKCS11 Provider, CN = My Test Cert verify return:1 -----BEGIN SSL SESSION PARAMETERS----- MIGCAgEBAgIDBAQCEwIEIBFxL6kMRyj27ZLhFn0JaN8Cl2jMRLuxqdtl8tNV9jQR BDB++mPwhiAEJP4bVsL4Z8NFxwxLkqyr0CCGEu+8Bfb1rph4ulOS29qC1Maa1Eph NOKhBgIEZYM1qKIEAgIcIKQGBAQBAAAArgYCBGWeaPWzAwIBHQ== -----END SSL SESSION PARAMETERS----- Shared ciphers:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-CCM:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-CCM:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES256-CCM:AES128-GCM-SHA256:AES128-CCM:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-CCM:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-CCM:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512 Shared Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224 Supported groups: x25519:secp256r1:x448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192 Shared groups: x25519:secp256r1:x448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192 CIPHER is TLS_AES_256_GCM_SHA384 This TLS version forbids renegotiation. DONE shutdown accept socket 2024D8B63F000000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:ssl/record/rec_layer_s3.c:303: Check message was successfully delivered over TLS shutting down SSL CONNECTION CLOSED 0 items in the session cache 0 client connects (SSL_connect()) 0 client renegotiates (SSL_connect()) 0 client connects that finished 1 server accepts (SSL_accept()) 0 server renegotiates (SSL_accept()) 1 server accepts that finished 0 session cache hits 0 session cache misses 0 session cache timeouts 0 callback cache hits 0 cache full overflows (128 allowed) TLS SUCCESSFUL ## Kill any remaining children and wait for them kill: sending signal to 2484566 failed: No such process kill: sending signal to 2484569 failed: No such process kill: sending signal to 2484566 failed: No such process kill: sending signal to 2484569 failed: No such process Server output: TLS SUCCESSFUL PASS tls-softhsm.t (exit status: 0) Executing ./ttls ## Test SSL_CTX creation SSL Context works! ## Test an actual TLS connection Using default temp DH parameters ACCEPT Can't use SSL_get_servername depth=0 O = PKCS11 Provider, CN = My Test Cert verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 O = PKCS11 Provider, CN = My Test Cert verify error:num=21:unable to verify the first certificate verify return:1 depth=0 O = PKCS11 Provider, CN = My Test Cert verify return:1 -----BEGIN SSL SESSION PARAMETERS----- MIGCAgEBAgIDBAQCEwIEIKaaGKJsuHVCj/NwnAIByza0/6OKB9tziHmZQ5pyw5C4 BDAgXgyHvSCcVpXebKWre66WlR/ObuaVbPh+GidYQnro0QlmYoOr++ZFhdv1ozQY PFmhBgIEZYM1p6IEAgIcIKQGBAQBAAAArgYCBHnv+VazAwIBHQ== -----END SSL SESSION PARAMETERS----- Shared ciphers:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-CCM:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-CCM:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES256-CCM:AES128-GCM-SHA256:AES128-CCM:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-CCM:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-CCM:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512 Shared Signature Algorithms: ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:Ed25519:Ed448:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA-PSS+SHA256:RSA-PSS+SHA384:RSA-PSS+SHA512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224 Supported groups: x25519:secp256r1:x448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192 Shared groups: x25519:secp256r1:x448:secp521r1:secp384r1:ffdhe2048:ffdhe3072:ffdhe4096:ffdhe6144:ffdhe8192 CIPHER is TLS_AES_256_GCM_SHA384 This TLS version forbids renegotiation. DONE shutdown accept socket 2034D8803F000000:error:0A000126:SSL routines:ssl3_read_n:unexpected eof while reading:ssl/record/rec_layer_s3.c:303: Check message was successfully delivered over TLS TLS SUCCESSFUL shutting down SSL CONNECTION CLOSED 0 items in the session cache 0 client connects (SSL_connect()) 0 client renegotiates (SSL_connect()) 0 client connects that finished 1 server accepts (SSL_accept()) 0 server renegotiates (SSL_accept()) 1 server accepts that finished 0 session cache hits 0 session cache misses 0 session cache timeouts 0 callback cache hits 0 cache full overflows (128 allowed) ## Kill any remaining children and wait for them kill: sending signal to 2484530 failed: No such process kill: sending signal to 2484532 failed: No such process kill: sending signal to 2484530 failed: No such process kill: sending signal to 2484532 failed: No such process Server output: TLS SUCCESSFUL PASS tls-softokn.t (exit status: 0) Executing ./turi ## Check that storeutl returns URIs openssl storeutl -text pkcs11: ## Check returned URIs work to find objects $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%46%1E%36%49%50%15%84%7D%09%18%99%24%DF%B7%B2%C2;object=Test%20EC%20gen%20[%2546%251e%2536];type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%03;object=ecPeerCert;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%02;object=ecCert;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%01;object=testCert;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%AA%E6%85%64%B2%5C%FD%B1%AD%23%02%BF%6C%30%9C%32;object=Test%20RSA%20gen%20[%25aa%25e6%2585];type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%00;object=caCert;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%03;object=ecPeerCert;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%00;object=caCert;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%8D%33%7B%32%79%3B%3D%F2%26%92%95%DB%D0%07%97%97;object=Test%20RSA-PSS%20gen%20[%258d%2533%257b];type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%06;object=ecCert2;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%B4%4C%39%07%AF%B0%B7%CC%1E%E3%B4%91%F9%A0%17%62;object=b44c3907;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%05;object=testCert2;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%8D%33%7B%32%79%3B%3D%F2%26%92%95%DB%D0%07%97%97;object=Test%20RSA-PSS%20gen%20[%258d%2533%257b];type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%B4%4C%39%07%AF%B0%B7%CC%1E%E3%B4%91%F9%A0%17%62;object=b44c3907;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%46%1E%36%49%50%15%84%7D%09%18%99%24%DF%B7%B2%C2;object=Test%20EC%20gen%20[%2546%251e%2536];type=public openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%AA%E6%85%64%B2%5C%FD%B1%AD%23%02%BF%6C%30%9C%32;object=Test%20RSA%20gen%20[%25aa%25e6%2585];type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%02;object=ecCert;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=af290a220334ff10;token=token_name;id=%00%01;object=testCert;type=private openssl storeutl -text "$uri" ## Check each URI component is tested $cmp=pkcs11:model=SoftHSM%20v2 openssl storeutl -text "pkcs11:${cmp}" $cmp=manufacturer=SoftHSM%20project openssl storeutl -text "pkcs11:${cmp}" $cmp=serial=af290a220334ff10 openssl storeutl -text "pkcs11:${cmp}" $cmp=token=token_name openssl storeutl -text "pkcs11:${cmp}" $cmp=id=%46%1E%36%49%50%15%84%7D%09%18%99%24%DF%B7%B2%C2 openssl storeutl -text "pkcs11:${cmp}" $cmp=object=Test%20EC%20gen%20[%2546%251e%2536] openssl storeutl -text "pkcs11:${cmp}" $cmp=type=private openssl storeutl -text "pkcs11:${cmp}" PASS uri-softhsm.t (exit status: 0) Executing ./turi ## Check that storeutl returns URIs openssl storeutl -text pkcs11: ## Check returned URIs work to find objects $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%46%97%87%5F%60%93%5A%87%51%2A%22%06%04%1F%45%DD%C4%56%40%75;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%E0%E0%4A%9A%B9%3D%4D%D4%E9%81%01%95%81%2E%39%80%9F%D6%A8%11;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%03%B0%41%70%BA%84%56%9E%BB%8C%49%E0%F3%B5%34%C9%84%48%AC%03;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%47%E0%85%4E%1D%E3%89%1D%E3%73%5B%D4%D6%35%88%FF%9C%CC%26%6B;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%7E%99%79%B7%D4%21%7D%06%4F%4C%E0%01%7D%CD%77%C0;object=7e9979b7;type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%A3%E5%AA%52%59%46%77%8B%33%61%C6%3D%BB%CD%12%C9;object=Test%20RSA%20gen%20[%25a3%25e5%25aa];type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%3E%B6%53%96%84%40%CE%EE%F1%78%D0%93%23%4E%F5%88;object=Test%20RSA-PSS%20gen%20[%253e%25b6%2553];type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%41%D8%02%FA%13%D1%40%42%43%4B%44%20%99%B8%81%E2;object=Test%20EC%20gen%20[%2541%25d8%2502];type=public openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%46%97%87%5F%60%93%5A%87%51%2A%22%06%04%1F%45%DD%C4%56%40%75;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%E0%E0%4A%9A%B9%3D%4D%D4%E9%81%01%95%81%2E%39%80%9F%D6%A8%11;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%03%B0%41%70%BA%84%56%9E%BB%8C%49%E0%F3%B5%34%C9%84%48%AC%03;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%47%E0%85%4E%1D%E3%89%1D%E3%73%5B%D4%D6%35%88%FF%9C%CC%26%6B;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%7E%99%79%B7%D4%21%7D%06%4F%4C%E0%01%7D%CD%77%C0;object=7e9979b7;type=private openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%A3%E5%AA%52%59%46%77%8B%33%61%C6%3D%BB%CD%12%C9;object=Test%20RSA%20gen%20[%25a3%25e5%25aa];type=private openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%3E%B6%53%96%84%40%CE%EE%F1%78%D0%93%23%4E%F5%88;object=Test%20RSA-PSS%20gen%20[%253e%25b6%2553];type=private openssl storeutl -text "$uri" $uri=pkcs11:model=NSS%203;manufacturer=Mozilla%20Foundation;serial=0000000000000000;token=NSS%20Certificate%20DB;id=%41%D8%02%FA%13%D1%40%42%43%4B%44%20%99%B8%81%E2;object=Test%20EC%20gen%20[%2541%25d8%2502];type=private openssl storeutl -text "$uri" ## Check each URI component is tested $cmp=pkcs11:model=NSS%203 openssl storeutl -text "pkcs11:${cmp}" $cmp=manufacturer=Mozilla%20Foundation openssl storeutl -text "pkcs11:${cmp}" $cmp=serial=0000000000000000 openssl storeutl -text "pkcs11:${cmp}" $cmp=token=NSS%20Certificate%20DB openssl storeutl -text "pkcs11:${cmp}" $cmp=id=%46%97%87%5F%60%93%5A%87%51%2A%22%06%04%1F%45%DD%C4%56%40%75 openssl storeutl -text "pkcs11:${cmp}" $cmp=type=public openssl storeutl -text "pkcs11:${cmp}" PASS uri-softokn.t (exit status: 0) RPM build errors: + exit 1 error: Bad exit status from /var/tmp/rpm-tmp.EfTkb5 (%check) Bad exit status from /var/tmp/rpm-tmp.EfTkb5 (%check) Child return code was: 1 EXCEPTION: [Error('Command failed: \n # bash --login -c /usr/bin/rpmbuild -bb --noclean --target riscv64 --nodeps /builddir/build/SPECS/pkcs11-provider.spec\n', 1)] Traceback (most recent call last): File "/usr/lib/python3.11/site-packages/mockbuild/trace_decorator.py", line 93, in trace result = func(*args, **kw) ^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/site-packages/mockbuild/util.py", line 597, in do_with_status raise exception.Error("Command failed: \n # %s\n%s" % (command, output), child.returncode) mockbuild.exception.Error: Command failed: # bash --login -c /usr/bin/rpmbuild -bb --noclean --target riscv64 --nodeps /builddir/build/SPECS/pkcs11-provider.spec