Fix the check for non-operational algs 15 and 16 in PKCS#11

2020-04-30 15:26:27 +02:00
parent 101672f664
commit 57c39ddbe3
2 changed files with 8 additions and 7 deletions
--- a/bin/tests/system/dnssec/tests.sh
+++ b/bin/tests/system/dnssec/tests.sh
@@ -3237,6 +3237,7 @@ ret=0
 alg=1
 until test $alg -eq 256
 do
+    zone="keygen-$alg."
    case $alg in
 	2) # Diffie Helman
 	    alg=$((alg+1))
@@ -3245,21 +3246,21 @@ do
 	    alg=$((alg+1))
 	    continue;;
 	1|5|7|8|10) # RSA algorithms
-	    key1=$($KEYGEN -a "$alg" -b "1024" -n zone example 2> keygen.err || true)
+	    key1=$($KEYGEN -a "$alg" -b "1024" -n zone "$zone" 2> "keygen-$alg.err" || true)
 	    ;;
 	15|16)
-	    key1=$($KEYGEN -a "$alg" -b "1024" -n zone example 2> keygen.err || true)
+	    key1=$($KEYGEN -a "$alg" -n zone "$zone" 2> "keygen-$alg.err" || true)
 	    # Soft-fail	in case HSM doesn't support Edwards curves
-	    if grep "not found" keygen.err > /dev/null && [ "$CRYPTO" = "pkcs11" ]; then
+	    if grep "not found" "keygen-$alg.err" > /dev/null && [ "$CRYPTO" = "pkcs11" ]; then
 		echo_i "Algorithm $alg not supported by HSM: skipping"
 		alg=$((alg+1))
 		continue
 	    fi
 	    ;;
 	*)
-	    key1=$($KEYGEN -a "$alg" -n zone example 2> keygen.err || true)
+	    key1=$($KEYGEN -a "$alg" -n zone "$zone" 2> "keygen-$alg.err" || true)
    esac
-    if grep "unsupported algorithm" keygen.err > /dev/null
+    if grep "unsupported algorithm" "keygen-$alg.err" > /dev/null
    then
 	alg=$((alg+1))
 	continue
@@ -3267,7 +3268,7 @@ do
    if test -z "$key1"
    then
 	echo_i "'$KEYGEN -a $alg': failed"
-	cat keygen.err
+	cat "keygen-$alg.err"
 	ret=1
 	alg=$((alg+1))
 	continue