Forum: >>> Magnum BBS <<<

Bug#1102965: pkcs11-provider: FTBFS in testing: tests failures (1/12)

From Lucas Nussbaum@21:1/5 to All on Sun Apr 13 14:50:04 2025

Source: pkcs11-provider
Version: 1.0-2
Severity: serious
Justification: FTBFS
Tags: trixie sid ftbfs
User: lucas@debian.org
Usertags: ftbfs-20250412 ftbfs-trixie

Hi,

During a rebuild of all packages in testing (trixie), your package failed
to build on amd64.

Relevant part (hopefully):

==================================== 1/92 ====================================
test: pkcs11-provider:softokn / setup
start time: 10:06:36
duration: 0.03s
result: exit status 0
command: SHARED_EXT=.so TESTSSRCDIR=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 P11KITCLIENTPATH=/usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-client.so LIBSPATH=/

build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/src TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=77 UBSAN_OPTIONS=halt_on_
error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 MESON_TEST_ITERATION=1 SOFTOKNPATH=/usr/lib/x86_64-linux-gnu /build/reproducible-path/pkcs11-provider-1.0/tests/setup.sh softokn

----------------------------------- stdout -----------------------------------
########################################
## Setup NSS Softokn

NSS's certutil command is required
----------------------------------- stderr -----------------------------------
+ source /build/reproducible-path/pkcs11-provider-1.0/tests/helpers.sh
++ : /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ++ helper_emit=1
++ sed --version
++ grep -q 'GNU sed'
++ sed_inplace=('-i')
++ export sed_inplace
+ '[' 1 -ne 1 ']'
+ TOKENTYPE=softokn
+ SUPPORT_ED25519=1
+ SUPPORT_ED448=1
+ SUPPORT_RSA_PKCS1_ENCRYPTION=1
+ SUPPORT_RSA_KEYGEN_PUBLIC_EXPONENT=1
+ SUPPORT_TLSFUZZER=1
+ SUPPORT_ALLOWED_MECHANISMS=0
++ opensc-tool -i
++ grep OpenSC
++ sed -e 's/OpenSC 0\.$[0-9]*$.*/\1/'
Failed to establish context: Unable to load external module
+ OPENSC_VERSION=26
+ [[ 26 -le 25 ]]
+ [[ '' = \1 ]]
++ cat /proc/sys/crypto/fips_enabled
+ [[ 0 = \1 ]]
+ TMPPDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softokn
+ TOKDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softokn/tokens
+ '[' -d /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softokn ']'
+ mkdir /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softokn
+ mkdir /build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softokn/tokens
+ PINVALUE=12345678
+ PINFILE=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softokn/pinfile.txt
+ echo 12345678
+ export GNUTLS_PIN=12345678
+ GNUTLS_PIN=12345678
+ '[' softokn == softhsm ']'
+ '[' softokn == softokn ']'
+ source /build/reproducible-path/pkcs11-provider-1.0/tests/softokn-init.sh ++ title SECTION 'Setup NSS Softokn'
++ case "$1" in
++ shift 1
++ echo '########################################'
++ echo '## Setup NSS Softokn'
++ echo ''
++ command -v certutil
++ echo 'NSS'\''s certutil command is required'
++ exit 0 ==============================================================================

==================================== 2/92 ====================================
test: pkcs11-provider:softhsm / setup
start time: 10:06:36
duration: 2.90s
result: exit status 0
command: TESTSSRCDIR=/build/reproducible-path/pkcs11-provider-1.0/tests MSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 P11KITCLIENTPATH=/usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-client.so LIBSPATH=/build/

reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/src TESTBLDDIR=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests ASAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1 MALLOC_PERTURB_=73 MESON_TEST_ITERATION=1
UBSAN_OPTIONS=halt_on_error=1:abort_on_error=1:print_summary=1:print_stacktrace=1 SHARED_EXT=.so SOFTOKNPATH=/usr/lib/x86_64-linux-gnu /build/reproducible-path/pkcs11-provider-1.0/tests/setup.sh softhsm

----------------------------------- stdout -----------------------------------
########################################
## Searching for SoftHSM PKCS#11 library

Using softhsm path /usr/lib/softhsm/libsofthsm2.so ########################################
## Set up testing system

Slot 0 has a free/uninitialized token.
The token has been initialized and is reassigned to slot 1294896537
Creating new Self Sign CA
Key pair generated:
Private Key Object; RSA
label: caCert
ID: 0000
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0000;object=caCert;type=private
Public Key Object; RSA 2048 bits
label: caCert
ID: 0000
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0000;object=caCert;type=public
Generating a self signed certificate...
X.509 Certificate Information:
Version: 3
Serial Number (hex): 02
Validity:
Not Before: Sat Apr 12 10:06:36 UTC 2025
Not After: Sun Apr 12 10:06:36 UTC 2026
Subject: CN=Issuer
Subject Public Key Algorithm: RSA
Algorithm Security Level: Medium (2048 bits)
Modulus (bits 2048):
00:97:dd:d0:98:d2:97:f5:e2:e2:b8:42:88:c6:db:66
17:2b:86:86:4a:aa:67:38:df:c0:49:cb:d2:4c:af:c9
87:0f:8f:b2:01:45:6d:23:83:67:bc:fc:bc:56:0c:cc
ff:84:11:4e:eb:25:ce:ad:bd:78:f1:c1:96:75:1b:0b
86:de:6a:f8:85:17:c4:2e:94:74:2f:59:d2:c8:52:f8
a1:cf:db:cf:ae:cd:9d:1c:8f:70:61:20:e4:4d:ca:f9
93:cd:55:a4:6d:26:47:0e:db:98:1b:37:63:2d:1f:21
ea:05:1e:50:f0:cf:8d:d7:6a:55:90:c1:d2:9c:3e:6e
92:29:bd:7d:c8:7f:7a:d5:99:c1:73:2e:4d:b9:55:28
85:36:ae:f1:07:93:2f:ad:fe:de:6d:e5:dd:dc:d4:eb
3a:50:d2:ef:9f:6e:8b:47:ae:66:80:44:78:81:7a:9e
29:9f:f1:77:28:3a:64:fd:50:23:f2:68:43:cb:45:c0
9f:d6:a3:f0:54:7e:bd:94:b5:22:f2:fe:ed:75:e8:3c
b7:08:91:d5:2b:16:1e:57:45:eb:e7:5c:cc:3f:6e:43
f4:4e:a7:5d:a3:93:ef:c5:05:e4:d8:a4:f3:ca:48:54
6a:01:16:e7:d7:97:37:f5:59:21:ad:96:d2:38:21:1a
53
Exponent (bits 24):
01:00:01
Extensions:
Basic Constraints (critical):
Certificate Authority (CA): TRUE
Subject Alternative Name (not critical):
RFC822Name: testcert@example.org
Key Usage (critical):
Digital signature.
Certificate signing.
Subject Key Identifier (not critical):
2ca0f2260aede7a30019ccc81dbf836bef78a80f
Other Information:
Public Key ID:
sha1:2ca0f2260aede7a30019ccc81dbf836bef78a80f
sha256:83961662a93ea8af754c29aad083afff485433323225151764a3d7f205a89028
Public Key PIN:
pin-sha256:g5YWYqk+qK91TCmq0IOv/0hUMzIyJRUXZKPX8gWokCg=

Signing certificate...
Created certificate:
Certificate Object; type = X.509 cert
label: caCert
subject: DN: CN=Issuer
serial: 02
ID: 0000
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0000;object=caCert;type=cert
RSA PKCS11 URIS
pkcs11:id=%00%00?pin-value=12345678 pkcs11:id=%00%00?pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%00
pkcs11:type=public;id=%00%00
pkcs11:type=private;id=%00%00
pkcs11:type=cert;object=caCert

Key pair generated:
Private Key Object; RSA
label: testCert
ID: 0001
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0001;object=testCert;type=private
Public Key Object; RSA 2048 bits
label: testCert
ID: 0001
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0001;object=testCert;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: testCert
subject: DN: O=PKCS11 Provider, CN=My Test Cert
serial: 03
ID: 0001
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0001;object=testCert;type=cert
RSA PKCS11 URIS
pkcs11:id=%00%01?pin-value=12345678 pkcs11:id=%00%01?pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%01
pkcs11:type=public;id=%00%01
pkcs11:type=private;id=%00%01
pkcs11:type=cert;object=testCert

Key pair generated:
Private Key Object; EC
label: ecCert
ID: 0002
Usage: decrypt, sign, signRecover, unwrap, derive
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0002;object=ecCert;type=private
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104c1842e81b2469ee3cc032172505d1355731de7ef2f745fe90ee52b485c2b8c3c7cb528a5f4d1c5c5e945d41ecce396f4b648cad5650bc97365933a20d38afdbb
EC_PARAMS: 06082a8648ce3d030107 (OID 1.2.840.10045.3.1.7)
label: ecCert
ID: 0002
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0002;object=ecCert;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: ecCert
subject: DN: O=PKCS11 Provider, CN=My EC Cert
serial: 04
ID: 0002
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0002;object=ecCert;type=cert
Key pair generated:
Private Key Object; EC
label: ecPeerCert
ID: 0003
Usage: decrypt, sign, signRecover, unwrap, derive
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0003;object=ecPeerCert;type=private
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104b1dd6ac3d230be435bdfb42f0f30606b3d08c23d7f754b4f97ecce27f23443579136398c1b4d16e6727de33c2ec2bb3c729c2828ae91fd55b715b3b537b5680b
EC_PARAMS: 06082a8648ce3d030107 (OID 1.2.840.10045.3.1.7)
label: ecPeerCert
ID: 0003
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0003;object=ecPeerCert;type=public
Generating a self signed certificate...
X.509 Certificate Information:
Version: 3
Serial Number (hex): 05
Validity:
Not Before: Sat Apr 12 10:06:36 UTC 2025
Not After: Sun Apr 12 10:06:36 UTC 2026
Subject: CN=My Peer EC Cert
Subject Public Key Algorithm: EC/ECDSA
Algorithm Security Level: High (256 bits)
Curve: SECP256R1
X:
00:b1:dd:6a:c3:d2:30:be:43:5b:df:b4:2f:0f:30:60
6b:3d:08:c2:3d:7f:75:4b:4f:97:ec:ce:27:f2:34:43
57
Y:
00:91:36:39:8c:1b:4d:16:e6:72:7d:e3:3c:2e:c2:bb
3c:72:9c:28:28:ae:91:fd:55:b7:15:b3:b5:37:b5:68
0b
Extensions:
Basic Constraints (critical):
Certificate Authority (CA): TRUE
Subject Alternative Name (not critical):
RFC822Name: testcert@example.org
Key Usage (critical):
Digital signature.
Certificate signing.
Subject Key Identifier (not critical):
22193a45d27d2bbbf5cd054260844f7c3b3f6252
Other Information:
Public Key ID:
sha1:22193a45d27d2bbbf5cd054260844f7c3b3f6252
sha256:7f1d8653aba265791d06af946750031776051cba49d6004b249cf56e27bb1f99
Public Key PIN:
pin-sha256:fx2GU6uiZXkdBq+UZ1ADF3YFHLpJ1gBLJJz1bie7H5k=

Signing certificate...
Created certificate:
Certificate Object; type = X.509 cert
label: ecPeerCert
subject: DN: CN=My Peer EC Cert
serial: 05
ID: 0003
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0003;object=ecPeerCert;type=cert
EC PKCS11 URIS
pkcs11:id=%00%02?pin-value=12345678 pkcs11:id=%00%02?pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%02
pkcs11:type=public;id=%00%02
pkcs11:type=private;id=%00%02
pkcs11:type=cert;object=ecCert
pkcs11:id=%00%03?pin-value=12345678 pkcs11:id=%00%03?pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%03
pkcs11:type=public;id=%00%03
pkcs11:type=private;id=%00%03
pkcs11:type=cert;object=ecPeerCert

Key pair generated:
Private Key Object; EC_EDWARDS
label: edCert
ID: 0004
Usage: decrypt, sign, signRecover, unwrap, derive
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0004;object=edCert;type=private
Public Key Object; EC_EDWARDS EC_POINT 272 bits
EC_POINT: 04209d160e5d8797c5146f6f4727d518dd4e4f976bbbb488d7dcd9ab2141f6137cd2
EC_PARAMS: 130c656477617264733235353139 (PrintableString edwards25519)
label: edCert
ID: 0004
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0004;object=edCert;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: edCert
subject: DN: O=PKCS11 Provider, CN=My ED25519 Cert
serial: 06
ID: 0004
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0004;object=edCert;type=cert
ED25519 PKCS11 URIS
pkcs11:id=%00%04;pin-value=12345678 pkcs11:id=%00%04;pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%04
pkcs11:type=public;id=%00%04
pkcs11:type=private;id=%00%04
pkcs11:type=cert;object=edCert
Key pair generated:
Private Key Object; EC_EDWARDS
label: ed2Cert
ID: 0009
Usage: decrypt, sign, signRecover, unwrap, derive
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0009;object=ed2Cert;type=private
Public Key Object; EC_EDWARDS EC_POINT 472 bits
EC_POINT: 0439063062cb569a5317cd250ad5c7d7af0f4ddb208e4e5ab38ef13674d154836d97b7731a0649c324c996f3c01daa17ed4ed3c64d6e205ca2ad00
EC_PARAMS: 06032b6571 (OID 1.3.101.113)
label: ed2Cert
ID: 0009
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0009;object=ed2Cert;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: ed2Cert
subject: DN: O=PKCS11 Provider, CN=My ED448 Cert
serial: 07
ID: 0009
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0009;object=ed2Cert;type=cert
ED448 PKCS11 URIS
pkcs11:id=%00%09;pin-value=12345678 pkcs11:id=%00%09;pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%09
pkcs11:type=public;id=%00%09
pkcs11:type=private;id=%00%09
pkcs11:type=cert;object=ed2Cert

## generate RSA key pair, self-signed certificate, remove public key
Key pair generated:
Private Key Object; RSA
label: testCert2
ID: 0005
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0005;object=testCert2;type=private
Public Key Object; RSA 2048 bits
label: testCert2
ID: 0005
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0005;object=testCert2;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: testCert2
subject: DN: O=PKCS11 Provider, CN=My Test Cert 2
serial: 08
ID: 0005
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0005;object=testCert2;type=cert
RSA2 PKCS11 URIS
pkcs11:id=%00%05?pin-value=12345678 pkcs11:id=%00%05?pin-source=/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%05
pkcs11:type=private;id=%00%05
pkcs11:type=cert;object=testCert2

## generate EC key pair, self-signed certificate, remove public key
Key pair generated:
Private Key Object; EC
label: ecCert2
ID: 0006
Usage: decrypt, sign, signRecover, unwrap, derive
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0006;object=ecCert2;type=private
Public Key Object; EC EC_POINT 384 bits
EC_POINT: 0461049313e73cc5387cf0db2cd2b99e578eaac40f917f1c866c86a2207f5ca8badff82dc073a8a09d0b0048d899749ad47920d23c57104ff5e3175e8cdd249f0eba16afe0df4363cc8e724f5b08ffb8e67d3e957243fd4bf01556031cacb48722e2f0
EC_PARAMS: 06052b81040022 (OID 1.3.132.0.34)
label: ecCert2
ID: 0006
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0006;object=ecCert2;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: ecCert2
subject: DN: O=PKCS11 Provider, CN=My EC Cert 2
serial: 09
ID: 0006
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0006;object=ecCert2;type=cert
EC2 PKCS11 URIS
pkcs11:id=%00%06?pin-value=12345678 pkcs11:id=%00%06?pin-source=file/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%06
pkcs11:type=private;id=%00%06
pkcs11:type=cert;object=ecCert2

## explicit EC unsupported

## generate EC key pair with ALWAYS AUTHENTICATE flag, self-signed certificate
Key pair generated:
Private Key Object; EC
label: ecCert3
ID: 0008
Usage: decrypt, sign, signRecover, unwrap, derive
Access: always authenticate, sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0008;object=ecCert3;type=private
Public Key Object; EC EC_POINT 528 bits
EC_POINT: 04818504019190ac142bf9254a6a0a3669e0c21a4f972d55bc3128a5844de931bd43370bbc511156aea3e694fc3d382bc87919ee07b9267e38eff4dcbb0a340f20227d6d8e0701427d1509291af9d76b72064fe29990221efd473da46304278c99cabfd1431ee8ce459117bf50b55a5416abdc6289a1ab6

9c0d05e613d017b3c3de8b8d376508817

EC_PARAMS: 06052b81040023 (OID 1.3.132.0.35)
label: ecCert3
ID: 0008
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0008;object=ecCert3;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: ecCert3
subject: DN: O=PKCS11 Provider, CN=My EC Cert 3
serial: 0A
ID: 0008
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0008;object=ecCert3;type=cert
EC3 PKCS11 URIS
pkcs11:id=%00%08?pin-value=12345678 pkcs11:id=%00%08?pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%08
pkcs11:type=public;id=%00%08
pkcs11:type=private;id=%00%08
pkcs11:type=cert;object=ecCert3

Key pair generated:
Private Key Object; RSA
label: testRsaPssCert
ID: 0010
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
Allowed mechanisms: RSA-PKCS-PSS,SHA1-RSA-PKCS-PSS,SHA256-RSA-PKCS-PSS,SHA384-RSA-PKCS-PSS,SHA512-RSA-PKCS-PSS,SHA224-RSA-PKCS-PSS
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0010;object=testRsaPssCert;type=private
Public Key Object; RSA 2048 bits
label: testRsaPssCert
ID: 0010
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0010;object=testRsaPssCert;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: testRsaPssCert
subject: DN: O=PKCS11 Provider, CN=My RsaPss Cert
serial: 0B
ID: 0010
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0010;object=testRsaPssCert;type=cert
RSA-PSS PKCS11 URIS
pkcs11:id=%00%10?pin-value=12345678 pkcs11:id=%00%10?pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%10
pkcs11:type=public;id=%00%10
pkcs11:type=private;id=%00%10
pkcs11:type=cert;object=testRsaPssCert

Key pair generated:
Private Key Object; RSA
label: testRsaPss2Cert
ID: 0011
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
Allowed mechanisms: SHA256-RSA-PKCS-PSS
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0011;object=testRsaPss2Cert;type=private
Public Key Object; RSA 3092 bits
label: testRsaPss2Cert
ID: 0011
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0011;object=testRsaPss2Cert;type=public
Created certificate:
Certificate Object; type = X.509 cert
label: testRsaPss2Cert
subject: DN: O=PKCS11 Provider, CN=My RsaPss2 Cert
serial: 0C
ID: 0011
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0011;object=testRsaPss2Cert;type=cert
RSA-PSS 2 PKCS11 URIS
pkcs11:id=%00%11?pin-value=12345678 pkcs11:id=%00%11?pin-source=file:/build/reproducible-path/pkcs11-provider-1.0/obj-x86_64-linux-gnu/tests/softhsm/pinfile.txt
pkcs11:id=%00%11
pkcs11:type=public;id=%00%11
pkcs11:type=private;id=%00%11
pkcs11:type=cert;object=testRsaPss2Cert

## Show contents of softhsm token
----------------------------------------------------------------------------------------------------
Certificate Object; type = X.509 cert
label: testRsaPss2Cert
subject: DN: O=PKCS11 Provider, CN=My RsaPss2 Cert
serial: 0C
ID: 0011
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0011;object=testRsaPss2Cert;type=cert
Certificate Object; type = X.509 cert
label: testCert2
subject: DN: O=PKCS11 Provider, CN=My Test Cert 2
serial: 08
ID: 0005
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0005;object=testCert2;type=cert
Private Key Object; RSA
label: testRsaPssCert
ID: 0010
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
Allowed mechanisms: RSA-PKCS-PSS,SHA1-RSA-PKCS-PSS,SHA256-RSA-PKCS-PSS,SHA384-RSA-PKCS-PSS,SHA512-RSA-PKCS-PSS,SHA224-RSA-PKCS-PSS
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0010;object=testRsaPssCert;type=private
Certificate Object; type = X.509 cert
label: testRsaPssCert
subject: DN: O=PKCS11 Provider, CN=My RsaPss Cert
serial: 0B
ID: 0010
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0010;object=testRsaPssCert;type=cert
Private Key Object; RSA
label: testCert2
ID: 0005
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0005;object=testCert2;type=private
Private Key Object; EC
label: ecPeerCert
ID: 0003
Usage: decrypt, sign, signRecover, unwrap, derive
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0003;object=ecPeerCert;type=private
Certificate Object; type = X.509 cert
label: testCert
subject: DN: O=PKCS11 Provider, CN=My Test Cert
serial: 03
ID: 0001
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0001;object=testCert;type=cert
Certificate Object; type = X.509 cert
label: ecCert
subject: DN: O=PKCS11 Provider, CN=My EC Cert
serial: 04
ID: 0002
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0002;object=ecCert;type=cert
Public Key Object; EC_EDWARDS EC_POINT 472 bits
EC_POINT: 0439063062cb569a5317cd250ad5c7d7af0f4ddb208e4e5ab38ef13674d154836d97b7731a0649c324c996f3c01daa17ed4ed3c64d6e205ca2ad00
EC_PARAMS: 06032b6571 (OID 1.3.101.113)
label: ed2Cert
ID: 0009
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0009;object=ed2Cert;type=public
Public Key Object; EC EC_POINT 528 bits
EC_POINT: 04818504019190ac142bf9254a6a0a3669e0c21a4f972d55bc3128a5844de931bd43370bbc511156aea3e694fc3d382bc87919ee07b9267e38eff4dcbb0a340f20227d6d8e0701427d1509291af9d76b72064fe29990221efd473da46304278c99cabfd1431ee8ce459117bf50b55a5416abdc6289a1ab6

9c0d05e613d017b3c3de8b8d376508817

EC_PARAMS: 06052b81040023 (OID 1.3.132.0.35)
label: ecCert3
ID: 0008
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0008;object=ecCert3;type=public
Private Key Object; RSA
label: caCert
ID: 0000
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0000;object=caCert;type=private
Public Key Object; EC EC_POINT 256 bits
EC_POINT: 044104b1dd6ac3d230be435bdfb42f0f30606b3d08c23d7f754b4f97ecce27f23443579136398c1b4d16e6727de33c2ec2bb3c729c2828ae91fd55b715b3b537b5680b
EC_PARAMS: 06082a8648ce3d030107 (OID 1.2.840.10045.3.1.7)
label: ecPeerCert
ID: 0003
Usage: encrypt, verify, verifyRecover, wrap, derive
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0003;object=ecPeerCert;type=public
Certificate Object; type = X.509 cert
label: ecCert2
subject: DN: O=PKCS11 Provider, CN=My EC Cert 2
serial: 09
ID: 0006
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0006;object=ecCert2;type=cert
Public Key Object; RSA 3092 bits
label: testRsaPss2Cert
ID: 0011
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0011;object=testRsaPss2Cert;type=public
Public Key Object; RSA 2048 bits
label: testRsaPssCert
ID: 0010
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0010;object=testRsaPssCert;type=public
Certificate Object; type = X.509 cert
label: ecPeerCert
subject: DN: CN=My Peer EC Cert
serial: 05
ID: 0003
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0003;object=ecPeerCert;type=cert
Public Key Object; RSA 2048 bits
label: testCert
ID: 0001
Usage: encrypt, verify, verifyRecover, wrap
Access: local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0001;object=testCert;type=public
Private Key Object; RSA
label: testRsaPss2Cert
ID: 0011
Usage: decrypt, sign, signRecover, unwrap
Access: sensitive, always sensitive, never extractable, local
Allowed mechanisms: SHA256-RSA-PKCS-PSS
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0011;object=testRsaPss2Cert;type=private
Private Key Object; EC_EDWARDS
label: edCert
ID: 0004
Usage: decrypt, sign, signRecover, unwrap, derive
Access: sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0004;object=edCert;type=private
Private Key Object; EC
label: ecCert3
ID: 0008
Usage: decrypt, sign, signRecover, unwrap, derive
Access: always authenticate, sensitive, always sensitive, never extractable, local
uri: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=12ff3650cd2e8d99;token=SoftHSM%20Token;id=%0008;object=ecCert3;type=private

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

From Debian Bug Tracking System@21:1/5 to All on Mon Apr 14 15:40:01 2025

This is a multi-part message in MIME format...

Your message dated Mon, 14 Apr 2025 13:34:47 +0000
with message-id <E1u4JxX-0034S4-6v@fasolo.debian.org>
and subject line Bug#1102965: fixed in pkcs11-provider 1.0-3
has caused the Debian Bug report #1102965,
regarding pkcs11-provider: FTBFS in testing: tests failures
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)

--
1102965: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102965
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

Received: (at submit) by bugs.debian.org; 13 Apr 2025 12:37:46 +0000 X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
(2021-04-09) on buxtehude.debian.org
X-Spam-Level:
X-Spam-Status: No, score=-106.1 required=4.0 tests=BAYES_00,DKIMWL_WL_HIGH,
DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FOURLA,
FROMDEVELOPER,FVGT_m_MULTI_ODD,MD5_SHA1_SUM,SPF_HELO_NONE,SPF_NONE,
UNPARSEABLE_RELAY,USER_IN_DKIM_WELCOMELIST,USER_IN_DKIM_WHITELIST
autolearn=ham autolearn_force=no
version=3.4.6-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 292; hammy, 150; neutral, 322; spammy,
0. spammytokens:
hammytokens:0.000-+--Hx-spam-relays-external:sk:stravin,
0.000-+--H*RT:sk:stravin, 0.000-+--Hx-spam-relays-external:311,
0.000-+--H*RT:311, 0.000-+--H*RT:108
Return-path: <lucas@debian.org>
Received: from stravinsky.debia

Who's Online

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	489
Nodes:	16 (2 / 14)
Uptime:	22:43:45
Calls:	9,665
Files:	13,716
Messages:	6,168,227

Bug#1102965: pkcs11-provider: FTBFS in testing: tests failures (1/12)

Who's Online

System Info