mozilla
/
pjs
зеркало из https://github.com/mozilla/pjs.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bugzilla bug 358785: merged the libpkix test programs (in 

mozilla/security/nss/cmd/libpkix) from the NSS_LIBPKIX_BRANCH onto the
trunk.  Most directories that contained only one test program were
consolidated as suggested by Nelson Bolyard.
This commit is contained in:
wtchang%redhat.com 2007-02-26 19:56:55 +00:00
Родитель aa88239269
Коммит 05222d6ea6
109 изменённых файлов: 30514 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

79
security/nss/cmd/libpkix/Makefile Executable file
Просмотреть файл

@ -0,0 +1,79 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

41
security/nss/cmd/libpkix/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,41 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = .
DIRS = testutil pkix_pl pkix sample_apps perf \
$(NULL)

80
security/nss/cmd/libpkix/perf/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

387
security/nss/cmd/libpkix/perf/libpkix_buildthreads.c Normal file
Просмотреть файл

@ -0,0 +1,387 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* libpkixBuildThreads.c
*
* libpkix Builder Performance Evaluation application (multi-threaded)
*
*/
#include <stdio.h>
#include <string.h>
#include "secutil.h"
#include "nspr.h"
#include "prtypes.h"
#include "prtime.h"
#include "prlong.h"
#include "pk11func.h"
#include "secasn1.h"
#include "cert.h"
#include "cryptohi.h"
#include "secoid.h"
#include "certdb.h"
#include "nss.h"
#include "pkix.h"
#include "pkix_tools.h"
#include "pkix_pl_cert.h"
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
#define PERF_DECREF(obj) \
{ \
PKIX_Error *pkixTempResult = NULL; \
if (obj){ \
pkixTempResult = PKIX_PL_Object_DecRef \
((PKIX_PL_Object *)(obj), plContext); \
obj = NULL; \
} \
}
void finish(char* message, int code);
typedef struct ThreadDataStr tData;
struct ThreadDataStr {
CERTCertificate* anchor;
char* eecertName;
PRIntervalTime duration;
CERTCertDBHandle *handle;
PRUint32 iterations;
};
#define PKIX_LOGGER_ON 1
#ifdef PKIX_LOGGER_ON
char *logLevels[] = {
"None",
"Fatal Error",
"Error",
"Warning",
"Debug",
"Trace"
};
PKIX_Error *loggerCallback(
PKIX_Logger *logger,
PKIX_PL_String *message,
PKIX_UInt32 logLevel,
PKIX_ERRORNUM logComponent,
void *plContext)
{
char *msg = NULL;
static int callCount = 0;
msg = PKIX_String2ASCII(message, plContext);
printf("Logging %s (%s): %s\n",
logLevels[logLevel],
PKIX_ERRORNAMES[logComponent],
msg);
PR_Free((void *)msg);
return(NULL);
}
#endif /* PKIX_LOGGER_ON */
void ThreadEntry(void* data)
{
tData* tdata = (tData*) data;
PRIntervalTime duration = tdata->duration;
PRIntervalTime start = PR_IntervalNow();
PKIX_List *anchors = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_BuildResult *buildResult = NULL;
CERTCertificate* nsseecert;
PKIX_PL_Cert *eeCert = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_PL_Date *nowDate = NULL;
void *state = NULL; /* only relevant with non-blocking I/O */
void *nbioContext = NULL; /* only relevant with non-blocking I/O */
PR_ASSERT(duration);
if (!duration){
return;
}
do {
/* libpkix code */
/* keep more update time, testing cache */
PKIX_PL_Date_Create_UTCTime(NULL, &nowDate, plContext);
/* CertUsage is 0x10 and no NSS arena */
/* We haven't determined how we obtain the value of wincx */
nsseecert = CERT_FindCertByNicknameOrEmailAddr(tdata->handle,
tdata->eecertName);
if (!nsseecert) finish("Unable to find eecert.\n", 1);
pkix_pl_Cert_CreateWithNSSCert
(nsseecert, &eeCert, plContext);
PKIX_List_Create(&anchors, plContext);
/*
* This code is retired.
* pkix_pl_Cert_CreateWithNSSCert
* (tdata->anchor, &anchorCert, NULL);
* PKIX_TrustAnchor_CreateWithCert(anchorCert, &anchor, NULL);
* PKIX_List_AppendItem(anchors, (PKIX_PL_Object *)anchor, NULL);
*/
PKIX_ProcessingParams_Create(anchors, &procParams, plContext);
PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_TRUE, plContext);
PKIX_ProcessingParams_SetDate
(procParams, nowDate, plContext);
/* create CertSelector with target certificate in params */
PKIX_ComCertSelParams_Create(&certSelParams, plContext);
PKIX_ComCertSelParams_SetCertificate
(certSelParams, eeCert, plContext);
PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext);
PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext);
PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext);
PKIX_PL_Pk11CertStore_Create(&certStore, plContext);
PKIX_List_Create(&certStores, plContext);
PKIX_List_AppendItem
(certStores, (PKIX_PL_Object *)certStore, plContext);
PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext);
PKIX_BuildChain
(procParams,
&nbioContext,
&state,
&buildResult,
NULL,
plContext);
/*
* As long as we use only CertStores with blocking I/O, we
* know we must be done at this point.
*/
if (!buildResult){
(void) fprintf(stderr, "libpkix BuildChain failed.\n");
PORT_Assert(0);
return;
}
tdata->iterations ++;
PERF_DECREF(nowDate);
PERF_DECREF(anchors);
PERF_DECREF(procParams);
PERF_DECREF(buildResult);
PERF_DECREF(certStore);
PERF_DECREF(certStores);
PERF_DECREF(certSelParams);
PERF_DECREF(certSelector);
PERF_DECREF(eeCert);
} while ((PR_IntervalNow() - start) < duration);
}
void
Test(
CERTCertificate* anchor,
char* eecertName,
PRIntervalTime duration,
CERTCertDBHandle *handle,
PRUint32 threads)
{
tData data;
tData** alldata;
PRIntervalTime starttime, endtime, elapsed;
PRUint32 msecs;
float total = 0;
PRThread** pthreads = NULL;
PRUint32 i = 0;
data.duration = duration;
data.anchor = anchor;
data.eecertName = eecertName;
data.handle = handle;
data.iterations = 0;
starttime = PR_IntervalNow();
pthreads = (PRThread**)PR_Malloc(threads*sizeof (PRThread*));
alldata = (tData**)PR_Malloc(threads*sizeof (tData*));
for (i = 0; i < threads; i++){
alldata[i] = (tData*)PR_Malloc(sizeof (tData));
*alldata[i] = data;
pthreads[i] =
PR_CreateThread(PR_USER_THREAD,
ThreadEntry,
(void*) alldata[i],
PR_PRIORITY_NORMAL,
PR_GLOBAL_THREAD,
PR_JOINABLE_THREAD,
0);
}
for (i = 0; i < threads; i++) {
tData* args = alldata[i];
PR_JoinThread(pthreads[i]);
total += args->iterations;
PR_Free((void*)args);
}
PR_Free((void*) pthreads);
PR_Free((void*) alldata);
endtime = PR_IntervalNow();
endtime = PR_IntervalNow();
elapsed = endtime - starttime;
msecs = PR_IntervalToMilliseconds(elapsed);
total /= msecs;
total *= 1000;
(void) fprintf(stdout, "%f operations per second.\n", total);
}
void finish(char* message, int code)
{
(void) printf(message);
exit(code);
}
void usage(char* progname)
{
(void) printf("Usage : %s <duration> <threads> <anchorNickname> "
"<eecertNickname>\n\n", progname);
finish("", 0);
}
int main(int argc, char** argv)
{
CERTCertDBHandle *handle = NULL;
CERTCertificate* eecert = NULL;
PRIntervalTime duration = PR_SecondsToInterval(1);
PRUint32 threads = 1;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Logger *logger = NULL;
void *wincx = NULL;
/* if (argc != 5) -- when TrustAnchor used to be on command line */
if (argc != 4)
{
usage(argv[0]);
}
if (atoi(argv[1]) > 0)
{
duration = PR_SecondsToInterval(atoi(argv[1]));
}
if (atoi(argv[2]) > 0)
{
threads = atoi(argv[2]);
}
PKIX_Initialize_SetConfigDir(PKIX_STORE_TYPE_PK11, ".", plContext);
PKIX_Initialize(PKIX_TRUE, /* nssInitNeeded */
PKIX_FALSE, /* useArenas */
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext);
handle = CERT_GetDefaultCertDB();
PR_ASSERT(handle);
#ifdef PKIX_LOGGER_ON
/* set logger to log trace and up */
PKIX_SetLoggers(NULL, plContext);
PKIX_Logger_Create(loggerCallback, NULL, &logger, plContext);
PKIX_Logger_SetMaxLoggingLevel
(logger, PKIX_LOGGER_LEVEL_WARNING, plContext);
PKIX_AddLogger(logger, plContext);
#endif /* PKIX_LOGGER_ON */
/*
* This code is retired
* anchor = CERT_FindCertByNicknameOrEmailAddr(handle, argv[3]);
* if (!anchor) finish("Unable to find anchor.\n", 1);
*
* eecert = CERT_FindCertByNicknameOrEmailAddr(handle, argv[4]);
* if (!eecert) finish("Unable to find eecert.\n", 1);
*
* Test(anchor, eecert, duration, threads);
*/
Test(NULL, argv[3], duration, handle, threads);
PERF_DECREF(logger);
PKIX_Shutdown(plContext);
return (0);
}

51
security/nss/cmd/libpkix/perf/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,51 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = libpkix_buildthreads.c \
nss_threads.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

201
security/nss/cmd/libpkix/perf/nss_threads.c Normal file
Просмотреть файл

@ -0,0 +1,201 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* nssThreads.c
*
* NSS Performance Evaluation application (multi-threaded)
*
*/
#include <stdio.h>
#include <string.h>
#include "secutil.h"
#include "nspr.h"
#include "prtypes.h"
#include "prtime.h"
#include "prlong.h"
#include "pk11func.h"
#include "secasn1.h"
#include "cert.h"
#include "cryptohi.h"
#include "secoid.h"
#include "certdb.h"
#include "nss.h"
typedef struct ThreadDataStr tData;
struct ThreadDataStr {
CERTCertificate* cert;
PRIntervalTime duration;
PRUint32 iterations;
};
void ThreadEntry(void* data)
{
tData* tdata = (tData*) data;
PRIntervalTime duration = tdata->duration;
PRTime now = PR_Now();
PRIntervalTime start = PR_IntervalNow();
PR_ASSERT(duration);
if (!duration)
{
return;
}
do {
SECStatus rv = CERT_VerifyCertificate
(CERT_GetDefaultCertDB(),
tdata->cert,
PR_TRUE,
certificateUsageEmailSigner,
now,
NULL,
NULL,
NULL);
if (rv != SECSuccess)
{
(void) fprintf(stderr, "Validation failed.\n");
PORT_Assert(0);
return;
}
tdata->iterations ++;
} while ((PR_IntervalNow() - start) < duration);
}
void Test(CERTCertificate* cert, PRIntervalTime duration, PRUint32 threads)
{
tData data;
tData** alldata;
PRIntervalTime starttime, endtime, elapsed;
PRUint32 msecs;
float total = 0;
PRThread** pthreads = NULL;
PRUint32 i = 0;
data.duration = duration;
data.cert = cert;
data.iterations = 0;
starttime = PR_IntervalNow();
pthreads = (PRThread**)PR_Malloc(threads*sizeof (PRThread*));
alldata = (tData**)PR_Malloc(threads*sizeof (tData*));
for (i = 0; i < threads; i++)
{
alldata[i] = (tData*)PR_Malloc(sizeof (tData));
*alldata[i] = data;
pthreads[i] =
PR_CreateThread(PR_USER_THREAD,
ThreadEntry,
(void*) alldata[i],
PR_PRIORITY_NORMAL,
PR_GLOBAL_THREAD,
PR_JOINABLE_THREAD,
0);
}
for (i = 0; i < threads; i++)
{
tData* args = alldata[i];
PR_JoinThread(pthreads[i]);
total += args->iterations;
PR_Free((void*)args);
}
PR_Free((void*) pthreads);
PR_Free((void*) alldata);
endtime = PR_IntervalNow();
endtime = PR_IntervalNow();
elapsed = endtime - starttime;
msecs = PR_IntervalToMilliseconds(elapsed);
total /= msecs;
total *= 1000;
(void) fprintf(stdout, "%f operations per second.\n", total);
}
void finish(char* message, int code)
{
(void) printf(message);
exit(code);
}
void usage(char* progname)
{
(void) printf("Usage : %s <duration> <threads> <certnickname>\n\n",
progname);
finish("", 0);
}
int main(int argc, char** argv)
{
SECStatus rv = SECSuccess;
CERTCertDBHandle *handle = NULL;
CERTCertificate* cert = NULL;
PRIntervalTime duration = PR_SecondsToInterval(1);
PRUint32 threads = 1;
if (argc != 4)
{
usage(argv[0]);
}
if (atoi(argv[1]) > 0)
{
duration = PR_SecondsToInterval(atoi(argv[1]));
}
if (atoi(argv[2]) > 0)
{
threads = atoi(argv[2]);
}
rv = NSS_Initialize(".", "", "",
"secmod.db", NSS_INIT_READONLY);
if (SECSuccess != rv)
{
finish("Unable to initialize NSS.\n", 1);
}
handle = CERT_GetDefaultCertDB();
PR_ASSERT(handle);
cert = CERT_FindCertByNicknameOrEmailAddr(handle, argv[3]);
if (!cert)
{
finish("Unable to find certificate.\n", 1);
}
Test(cert, duration, threads);
return (0);
}

80
security/nss/cmd/libpkix/pkix/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

80
security/nss/cmd/libpkix/pkix/certsel/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

51
security/nss/cmd/libpkix/pkix/certsel/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,51 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_certselector.c \
test_comcertselparams.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

1995
security/nss/cmd/libpkix/pkix/certsel/test_certselector.c Normal file
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

953
security/nss/cmd/libpkix/pkix/certsel/test_comcertselparams.c Normal file
Просмотреть файл

@ -0,0 +1,953 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_comcertselparams.c
*
* Test Common Cert Selector Params
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void test_CreateOIDList(PKIX_List *certPolicyInfos, PKIX_List **pPolicyOIDs)
{
PKIX_UInt32 i = 0;
PKIX_UInt32 numInfos = 0;
PKIX_PL_CertPolicyInfo *certPolicyInfo = NULL;
PKIX_PL_OID *policyOID = NULL;
PKIX_List *certPolicies = NULL;
PKIX_TEST_STD_VARS();
/* Convert from List of CertPolicyInfos to List of OIDs */
if (certPolicyInfos) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(certPolicyInfos, &numInfos, plContext));
}
if (numInfos > 0) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&certPolicies, plContext));
}
for (i = 0; i < numInfos; i++) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(certPolicyInfos,
i,
(PKIX_PL_Object **)&certPolicyInfo,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId
(certPolicyInfo, &policyOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(certPolicies, (PKIX_PL_Object *)policyOID, plContext));
PKIX_TEST_DECREF_BC(certPolicyInfo);
PKIX_TEST_DECREF_BC(policyOID);
}
*pPolicyOIDs = certPolicies;
cleanup:
PKIX_TEST_DECREF_AC(certPolicyInfo);
PKIX_TEST_DECREF_AC(policyOID);
PKIX_TEST_RETURN();
}
void test_NameConstraints(char *dirName)
{
PKIX_PL_Cert *goodCert = NULL;
PKIX_PL_CertNameConstraints *getNameConstraints = NULL;
PKIX_PL_CertNameConstraints *setNameConstraints = NULL;
PKIX_ComCertSelParams *goodParams = NULL;
char *expectedAscii =
"[\n"
"\t\tPermitted Name: (OU=permittedSubtree1,"
"O=Test Certificates,C=US, OU=permittedSubtree2,"
"O=Test Certificates,C=US)\n"
"\t\tExcluded Name: (EMPTY)\n"
"\t]\n";
PKIX_TEST_STD_VARS();
subTest("Create Cert for NameConstraints test");
goodCert = createCert
(dirName, "nameConstraintsDN2CACert.crt", plContext);
subTest("PKIX_PL_Cert_GetNameConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints
(goodCert, &setNameConstraints, plContext));
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
subTest("PKIX_ComCertSelParams_SetNameConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetNameConstraints
(goodParams, setNameConstraints, plContext));
subTest("PKIX_ComCertSelParams_GetNameConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetNameConstraints
(goodParams, &getNameConstraints, plContext));
subTest("Compare NameConstraints");
testEqualsHelper((PKIX_PL_Object *)setNameConstraints,
(PKIX_PL_Object *)getNameConstraints,
PKIX_TRUE,
plContext);
subTest("Compare NameConstraints with canned string");
testToStringHelper
((PKIX_PL_Object *)getNameConstraints,
expectedAscii,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodCert);
PKIX_TEST_DECREF_AC(getNameConstraints);
PKIX_TEST_DECREF_AC(setNameConstraints);
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_RETURN();
}
void test_PathToNames(void)
{
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_List *setGenNames = NULL;
PKIX_List *getGenNames = NULL;
PKIX_PL_GeneralName *rfc822GenName = NULL;
PKIX_PL_GeneralName *dnsGenName = NULL;
PKIX_PL_GeneralName *dirGenName = NULL;
PKIX_PL_GeneralName *uriGenName = NULL;
PKIX_PL_GeneralName *oidGenName = NULL;
char *rfc822Name = "john.doe@labs.com";
char *dnsName = "comcast.net";
char *dirName = "cn=john, ou=labs, o=sun, c=us";
char *uriName = "http://comcast.net";
char *oidName = "1.2.840.11";
char *expectedAscii =
"(john.doe@labs.com, "
"comcast.net, "
"CN=john,OU=labs,O=sun,C=us, "
"http://comcast.net)";
char *expectedAsciiAll =
"(john.doe@labs.com, "
"comcast.net, "
"CN=john,OU=labs,O=sun,C=us, "
"http://comcast.net, "
"1.2.840.11)";
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_GeneralName_Create");
dnsGenName = createGeneralName(PKIX_DNS_NAME, dnsName, plContext);
uriGenName = createGeneralName(PKIX_URI_NAME, uriName, plContext);
oidGenName = createGeneralName(PKIX_OID_NAME, oidName, plContext);
dirGenName = createGeneralName(PKIX_DIRECTORY_NAME, dirName, plContext);
rfc822GenName = createGeneralName
(PKIX_RFC822_NAME,
rfc822Name,
plContext);
subTest("PKIX_PL_GeneralName List create and append");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setGenNames, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)rfc822GenName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)dnsGenName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)dirGenName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)uriGenName, plContext));
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
subTest("PKIX_ComCertSelParams_SetPathToNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPathToNames
(goodParams, setGenNames, plContext));
subTest("PKIX_ComCertSelParams_GetPathToNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPathToNames
(goodParams, &getGenNames, plContext));
subTest("Compare GeneralName List");
testEqualsHelper((PKIX_PL_Object *)setGenNames,
(PKIX_PL_Object *)getGenNames,
PKIX_TRUE,
plContext);
subTest("Compare GeneralName List with canned string");
testToStringHelper
((PKIX_PL_Object *)getGenNames,
expectedAscii,
plContext);
subTest("PKIX_ComCertSelParams_AddPathToName");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_AddPathToName
(goodParams, oidGenName, plContext));
PKIX_TEST_DECREF_BC(getGenNames);
subTest("PKIX_ComCertSelParams_GetPathToNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPathToNames
(goodParams, &getGenNames, plContext));
subTest("Compare GeneralName List with canned string");
testToStringHelper
((PKIX_PL_Object *)getGenNames,
expectedAsciiAll,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_DECREF_AC(setGenNames);
PKIX_TEST_DECREF_AC(getGenNames);
PKIX_TEST_DECREF_AC(rfc822GenName);
PKIX_TEST_DECREF_AC(dnsGenName);
PKIX_TEST_DECREF_AC(dirGenName);
PKIX_TEST_DECREF_AC(uriGenName);
PKIX_TEST_DECREF_AC(oidGenName);
PKIX_TEST_RETURN();
}
void test_SubjAltNames(void)
{
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_List *setGenNames = NULL;
PKIX_List *getGenNames = NULL;
PKIX_PL_GeneralName *rfc822GenName = NULL;
PKIX_PL_GeneralName *dnsGenName = NULL;
PKIX_PL_GeneralName *dirGenName = NULL;
PKIX_PL_GeneralName *uriGenName = NULL;
PKIX_PL_GeneralName *oidGenName = NULL;
PKIX_Boolean matchAll = PKIX_TRUE;
char *rfc822Name = "john.doe@labs.com";
char *dnsName = "comcast.net";
char *dirName = "cn=john, ou=labs, o=sun, c=us";
char *uriName = "http://comcast.net";
char *oidName = "1.2.840.11";
char *expectedAscii =
"(john.doe@labs.com, "
"comcast.net, "
"CN=john,OU=labs,O=sun,C=us, "
"http://comcast.net)";
char *expectedAsciiAll =
"(john.doe@labs.com, "
"comcast.net, "
"CN=john,OU=labs,O=sun,C=us, "
"http://comcast.net, "
"1.2.840.11)";
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_GeneralName_Create");
dnsGenName = createGeneralName(PKIX_DNS_NAME, dnsName, plContext);
uriGenName = createGeneralName(PKIX_URI_NAME, uriName, plContext);
oidGenName = createGeneralName(PKIX_OID_NAME, oidName, plContext);
dirGenName = createGeneralName(PKIX_DIRECTORY_NAME, dirName, plContext);
rfc822GenName = createGeneralName
(PKIX_RFC822_NAME,
rfc822Name,
plContext);
subTest("PKIX_PL_GeneralName List create and append");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setGenNames, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)rfc822GenName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)dnsGenName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)dirGenName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setGenNames, (PKIX_PL_Object *)uriGenName, plContext));
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
subTest("PKIX_ComCertSelParams_SetSubjAltNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjAltNames
(goodParams, setGenNames, plContext));
subTest("PKIX_ComCertSelParams_GetSubjAltNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjAltNames
(goodParams, &getGenNames, plContext));
subTest("Compare GeneralName List");
testEqualsHelper((PKIX_PL_Object *)setGenNames,
(PKIX_PL_Object *)getGenNames,
PKIX_TRUE,
plContext);
subTest("Compare GeneralName List with canned string");
testToStringHelper
((PKIX_PL_Object *)getGenNames,
expectedAscii,
plContext);
subTest("PKIX_ComCertSelParams_AddSubjAltName");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_AddSubjAltName
(goodParams, oidGenName, plContext));
PKIX_TEST_DECREF_BC(getGenNames);
subTest("PKIX_ComCertSelParams_GetSubjAltNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjAltNames
(goodParams, &getGenNames, plContext));
subTest("Compare GeneralName List with canned string");
testToStringHelper
((PKIX_PL_Object *)getGenNames,
expectedAsciiAll,
plContext);
subTest("PKIX_ComCertSelParams_GetMatchAllSubjAltNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetMatchAllSubjAltNames
(goodParams, &matchAll, plContext));
if (matchAll != PKIX_TRUE) {
testError("unexpected mismatch <expect TRUE>");
}
subTest("PKIX_ComCertSelParams_SetMatchAllSubjAltNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetMatchAllSubjAltNames
(goodParams, PKIX_FALSE, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetMatchAllSubjAltNames
(goodParams, &matchAll, plContext));
if (matchAll != PKIX_FALSE) {
testError("unexpected mismatch <expect FALSE>");
}
cleanup:
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_DECREF_AC(setGenNames);
PKIX_TEST_DECREF_AC(getGenNames);
PKIX_TEST_DECREF_AC(rfc822GenName);
PKIX_TEST_DECREF_AC(dnsGenName);
PKIX_TEST_DECREF_AC(dirGenName);
PKIX_TEST_DECREF_AC(uriGenName);
PKIX_TEST_DECREF_AC(oidGenName);
PKIX_TEST_RETURN();
}
void test_KeyUsages(void)
{
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_PL_OID *ekuOid = NULL;
PKIX_List *setExtKeyUsage = NULL;
PKIX_List *getExtKeyUsage = NULL;
PKIX_UInt32 getKeyUsage = 0;
PKIX_UInt32 setKeyUsage = 0x1FF;
PKIX_Boolean isEqual = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
subTest("PKIX_ComCertSelParams_SetKeyUsage");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetKeyUsage
(goodParams, setKeyUsage, plContext));
subTest("PKIX_ComCertSelParams_GetKeyUsage");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetKeyUsage
(goodParams, &getKeyUsage, plContext));
if (setKeyUsage != getKeyUsage) {
testError("unexpected KeyUsage mismatch <expect equal>");
}
subTest("PKIX_PL_OID List create and append");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setExtKeyUsage, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
("1.3.6.1.5.5.7.3.1", &ekuOid, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setExtKeyUsage, (PKIX_PL_Object *)ekuOid, plContext));
PKIX_TEST_DECREF_BC(ekuOid);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
("1.3.6.1.5.5.7.3.8", &ekuOid, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setExtKeyUsage, (PKIX_PL_Object *)ekuOid, plContext));
PKIX_TEST_DECREF_BC(ekuOid);
subTest("PKIX_ComCertSelParams_SetExtendedKeyUsage");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetExtendedKeyUsage
(goodParams, setExtKeyUsage, plContext));
subTest("PKIX_ComCertSelParams_GetExtendedKeyUsage");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetExtendedKeyUsage
(goodParams, &getExtKeyUsage, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setExtKeyUsage,
(PKIX_PL_Object *)getExtKeyUsage,
&isEqual,
plContext));
if (isEqual == PKIX_FALSE) {
testError("unexpected ExtKeyUsage mismatch <expect equal>");
}
cleanup:
PKIX_TEST_DECREF_AC(ekuOid);
PKIX_TEST_DECREF_AC(setExtKeyUsage);
PKIX_TEST_DECREF_AC(getExtKeyUsage);
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_RETURN();
}
void test_Version_Issuer_SerialNumber(void)
{
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_UInt32 version = 0;
PKIX_PL_X500Name *setIssuer = NULL;
PKIX_PL_X500Name *getIssuer = NULL;
PKIX_PL_String *str = NULL;
PKIX_PL_BigInt *setSerialNumber = NULL;
PKIX_PL_BigInt *getSerialNumber = NULL;
PKIX_Boolean isEqual = PKIX_FALSE;
char *bigInt = "999999999999999999";
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
/* Version */
subTest("PKIX_ComCertSelParams_SetVersion");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetVersion
(goodParams, 2, plContext));
subTest("PKIX_ComCertSelParams_GetVersion");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetVersion
(goodParams, &version, plContext));
if (version != 2) {
testError("unexpected Version mismatch <expect 2>");
}
/* Issuer */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, "CN=Test,O=Sun,C=US", 0, &str, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Create
(str, &setIssuer, plContext));
PKIX_TEST_DECREF_BC(str);
subTest("PKIX_ComCertSelParams_SetIssuer");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetIssuer
(goodParams, setIssuer, plContext));
subTest("PKIX_ComCertSelParams_GetIssuer");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetIssuer
(goodParams, &getIssuer, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setIssuer,
(PKIX_PL_Object *)getIssuer,
&isEqual,
plContext));
if (isEqual == PKIX_FALSE) {
testError("unexpected Issuer mismatch <expect equal>");
}
/* Serial Number */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, bigInt, PL_strlen(bigInt), &str, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create
(str, &setSerialNumber, plContext));
subTest("PKIX_ComCertSelParams_SetSerialNumber");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSerialNumber
(goodParams, setSerialNumber, plContext));
subTest("PKIX_ComCertSelParams_GetSerialNumber");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSerialNumber
(goodParams, &getSerialNumber, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setSerialNumber,
(PKIX_PL_Object *)getSerialNumber,
&isEqual,
plContext));
if (isEqual == PKIX_FALSE) {
testError("unexpected Serial Number mismatch <expect equal>");
}
cleanup:
PKIX_TEST_DECREF_AC(str);
PKIX_TEST_DECREF_AC(setIssuer);
PKIX_TEST_DECREF_AC(getIssuer);
PKIX_TEST_DECREF_AC(setSerialNumber);
PKIX_TEST_DECREF_AC(getSerialNumber);
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_RETURN();
}
void test_SubjKeyId_AuthKeyId(void)
{
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_PL_ByteArray *setKeyId = NULL;
PKIX_PL_ByteArray *getKeyId = NULL;
PKIX_Boolean isEqual = PKIX_FALSE;
PKIX_TEST_STD_VARS();
/* Subject Key Identifier */
subTest("PKIX_PL_ByteArray_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create
((void*)"66099", 1, &setKeyId, plContext));
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
subTest("PKIX_ComCertSelParams_SetSubjectKeyIdentifier");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjKeyIdentifier
(goodParams, setKeyId, plContext));
subTest("PKIX_ComCertSelParams_GetSubjectKeyIdentifier");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjKeyIdentifier
(goodParams, &getKeyId, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setKeyId,
(PKIX_PL_Object *)getKeyId,
&isEqual,
plContext));
if (isEqual == PKIX_FALSE) {
testError("unexpected Subject Key Id mismatch <expect equal>");
}
PKIX_TEST_DECREF_BC(setKeyId);
PKIX_TEST_DECREF_BC(getKeyId);
/* Authority Key Identifier */
subTest("PKIX_PL_ByteArray_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create
((void*)"11022", 1, &setKeyId, plContext));
subTest("PKIX_ComCertSelParams_SetAuthorityKeyIdentifier");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_SetAuthorityKeyIdentifier
(goodParams, setKeyId, plContext));
subTest("PKIX_ComCertSelParams_GetAuthorityKeyIdentifier");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_GetAuthorityKeyIdentifier
(goodParams, &getKeyId, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setKeyId,
(PKIX_PL_Object *)getKeyId,
&isEqual,
plContext));
if (isEqual == PKIX_FALSE) {
testError("unexpected Auth Key Id mismatch <expect equal>");
}
cleanup:
PKIX_TEST_DECREF_AC(setKeyId);
PKIX_TEST_DECREF_AC(getKeyId);
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_RETURN();
}
void test_SubjAlgId_SubjPublicKey(char *dirName)
{
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_PL_OID *setAlgId = NULL;
PKIX_PL_OID *getAlgId = NULL;
PKIX_PL_Cert *goodCert = NULL;
PKIX_PL_PublicKey *setPublicKey = NULL;
PKIX_PL_PublicKey *getPublicKey = NULL;
PKIX_Boolean isEqual = PKIX_FALSE;
PKIX_TEST_STD_VARS();
/* Subject Algorithm Identifier */
subTest("PKIX_PL_OID_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
("1.1.2.3", &setAlgId, plContext));
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
subTest("PKIX_ComCertSelParams_SetSubjPKAlgId");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjPKAlgId
(goodParams, setAlgId, plContext));
subTest("PKIX_ComCertSelParams_GetSubjPKAlgId");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjPKAlgId
(goodParams, &getAlgId, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setAlgId,
(PKIX_PL_Object *)getAlgId,
&isEqual,
plContext));
if (isEqual == PKIX_FALSE) {
testError("unexpected Subject Public Key Alg mismatch "
"<expect equal>");
}
/* Subject Public Key */
subTest("Getting Cert for Subject Public Key");
goodCert = createCert
(dirName, "nameConstraintsDN2CACert.crt", plContext);
subTest("PKIX_PL_Cert_GetSubjectPublicKey");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey
(goodCert, &setPublicKey, plContext));
subTest("PKIX_ComCertSelParams_SetSubjPubKey");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubjPubKey
(goodParams, setPublicKey, plContext));
subTest("PKIX_ComCertSelParams_GetSubjPubKey");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubjPubKey
(goodParams, &getPublicKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setPublicKey,
(PKIX_PL_Object *)getPublicKey,
&isEqual,
plContext));
if (isEqual == PKIX_FALSE) {
testError("unexpected Subject Public Key mismatch "
"<expect equal>");
}
cleanup:
PKIX_TEST_DECREF_AC(setAlgId);
PKIX_TEST_DECREF_AC(getAlgId);
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_DECREF_AC(goodCert);
PKIX_TEST_DECREF_AC(setPublicKey);
PKIX_TEST_DECREF_AC(getPublicKey);
PKIX_TEST_RETURN();
}
void printUsage(void) {
(void) printf("\nUSAGE:\ttest_comcertselparams <NIST_FILES_DIR> \n\n");
}
int main(int argc, char *argv[]) {
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_PL_Cert *testCert = NULL;
PKIX_PL_Cert *goodCert = NULL;
PKIX_PL_Cert *equalCert = NULL;
PKIX_PL_Cert *diffCert = NULL;
PKIX_PL_CertBasicConstraints *goodBasicConstraints = NULL;
PKIX_PL_CertBasicConstraints *diffBasicConstraints = NULL;
PKIX_List *testPolicyInfos = NULL; /* CertPolicyInfos */
PKIX_List *cert2PolicyInfos = NULL; /* CertPolicyInfos */
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_ComCertSelParams *equalParams = NULL;
PKIX_PL_X500Name *goodSubject = NULL;
PKIX_PL_X500Name *equalSubject = NULL;
PKIX_PL_X500Name *diffSubject = NULL;
PKIX_PL_X500Name *testSubject = NULL;
PKIX_Int32 goodMinPathLength = 0;
PKIX_Int32 equalMinPathLength = 0;
PKIX_Int32 diffMinPathLength = 0;
PKIX_Int32 testMinPathLength = 0;
PKIX_List *goodPolicies = NULL; /* OIDs */
PKIX_List *equalPolicies = NULL; /* OIDs */
PKIX_List *testPolicies = NULL; /* OIDs */
PKIX_List *cert2Policies = NULL; /* OIDs */
PKIX_PL_Date *testDate = NULL;
PKIX_PL_Date *goodDate = NULL;
PKIX_PL_Date *equalDate = NULL;
PKIX_PL_String *stringRep = NULL;
char *asciiRep = NULL;
char *dirName = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
if (argc < 2) {
printUsage();
return (0);
}
startTests("ComCertSelParams");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
dirName = argv[j+1];
asciiRep = "050501000000Z";
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_Create
(PKIX_ESCASCII, asciiRep, 0, &stringRep, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Date_Create_UTCTime(stringRep, &testDate, plContext));
testCert = createCert
(dirName, "PoliciesP1234CACert.crt", plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject
(testCert, &testSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints
(testCert, &goodBasicConstraints, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint
(goodBasicConstraints, &testMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation
(testCert, &testPolicyInfos, plContext));
/* Convert from List of CertPolicyInfos to List of OIDs */
test_CreateOIDList(testPolicyInfos, &testPolicies);
subTest("Create goodParams and set its fields");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&goodParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject
(goodParams, testSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
(goodParams, testMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificateValid
(goodParams, testDate, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPolicy
(goodParams, testPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate
(goodParams, testCert, plContext));
subTest("Duplicate goodParams and verify copy");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
((PKIX_PL_Object *)goodParams,
(PKIX_PL_Object **)&equalParams,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject
(goodParams, &goodSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints
(goodParams, &goodMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_GetCertificate
(goodParams, &goodCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificateValid
(goodParams, &goodDate, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy
(goodParams, &goodPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject
(equalParams, &equalSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints
(equalParams, &equalMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy
(equalParams, &equalPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificate
(equalParams, &equalCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificateValid
(equalParams, &equalDate, plContext));
testEqualsHelper
((PKIX_PL_Object *)goodSubject,
(PKIX_PL_Object *)equalSubject,
PKIX_TRUE,
plContext);
if (goodMinPathLength != equalMinPathLength) {
testError("unexpected mismatch");
(void) printf("goodMinPathLength:\t%d\n", goodMinPathLength);
(void) printf("equalMinPathLength:\t%d\n", equalMinPathLength);
}
testEqualsHelper((PKIX_PL_Object *)goodPolicies,
(PKIX_PL_Object *)equalPolicies,
PKIX_TRUE,
plContext);
testEqualsHelper((PKIX_PL_Object *)goodCert,
(PKIX_PL_Object *)equalCert,
PKIX_TRUE,
plContext);
testEqualsHelper((PKIX_PL_Object *)goodDate,
(PKIX_PL_Object *)equalDate,
PKIX_TRUE,
plContext);
PKIX_TEST_DECREF_BC(equalSubject);
PKIX_TEST_DECREF_BC(equalPolicies);
PKIX_TEST_DECREF_BC(equalCert);
PKIX_TEST_DECREF_AC(equalDate);
subTest("Set different values and verify differences");
diffCert = createCert
(dirName, "pathLenConstraint6CACert.crt", plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject
(diffCert, &diffSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints
(diffCert, &diffBasicConstraints, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint
(diffBasicConstraints, &diffMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation
(diffCert, &cert2PolicyInfos, plContext));
test_CreateOIDList(cert2PolicyInfos, &cert2Policies);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject(
equalParams, diffSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
(equalParams, diffMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPolicy
(equalParams, cert2Policies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject
(equalParams, &equalSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints
(equalParams, &equalMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy
(equalParams, &equalPolicies, plContext));
testEqualsHelper
((PKIX_PL_Object *)goodSubject,
(PKIX_PL_Object *)equalSubject,
PKIX_FALSE,
plContext);
if (goodMinPathLength == equalMinPathLength) {
testError("unexpected match");
(void) printf("goodMinPathLength:\t%d\n", goodMinPathLength);
(void) printf("equalMinPathLength:\t%d\n", equalMinPathLength);
}
testEqualsHelper
((PKIX_PL_Object *)goodPolicies,
(PKIX_PL_Object *)equalPolicies,
PKIX_FALSE,
plContext);
test_NameConstraints(dirName);
test_PathToNames();
test_SubjAltNames();
test_KeyUsages();
test_Version_Issuer_SerialNumber();
test_SubjKeyId_AuthKeyId();
test_SubjAlgId_SubjPublicKey(dirName);
cleanup:
PKIX_TEST_DECREF_AC(testSubject);
PKIX_TEST_DECREF_AC(goodSubject);
PKIX_TEST_DECREF_AC(equalSubject);
PKIX_TEST_DECREF_AC(diffSubject);
PKIX_TEST_DECREF_AC(testSubject);
PKIX_TEST_DECREF_AC(goodPolicies);
PKIX_TEST_DECREF_AC(equalPolicies);
PKIX_TEST_DECREF_AC(testPolicies);
PKIX_TEST_DECREF_AC(cert2Policies);
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_DECREF_AC(equalParams);
PKIX_TEST_DECREF_AC(goodCert);
PKIX_TEST_DECREF_AC(diffCert);
PKIX_TEST_DECREF_AC(testCert);
PKIX_TEST_DECREF_AC(goodBasicConstraints);
PKIX_TEST_DECREF_AC(diffBasicConstraints);
PKIX_TEST_DECREF_AC(testPolicyInfos);
PKIX_TEST_DECREF_AC(cert2PolicyInfos);
PKIX_TEST_DECREF_AC(stringRep);
PKIX_TEST_DECREF_AC(testDate);
PKIX_TEST_DECREF_AC(goodDate);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ComCertSelParams");
return (0);
}

80
security/nss/cmd/libpkix/pkix/checker/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

49
security/nss/cmd/libpkix/pkix/checker/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,49 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_certchainchecker.c
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

261
security/nss/cmd/libpkix/pkix/checker/test_certchainchecker.c Executable file
Просмотреть файл

@ -0,0 +1,261 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_certchainchecker.c
*
* Test Cert Chain Checker
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
PKIX_Error *dummyChecker_Check(
PKIX_CertChainChecker *checker,
PKIX_PL_Cert *cert,
PKIX_List *unresolvedCriticalExtensions,
void **pNBIOContext,
void *plContext)
{
goto cleanup;
cleanup:
return(NULL);
}
void test_CertChainChecker_Duplicate(PKIX_CertChainChecker *original)
{
PKIX_Boolean originalForward = PKIX_FALSE;
PKIX_Boolean copyForward = PKIX_FALSE;
PKIX_Boolean originalForwardDir = PKIX_FALSE;
PKIX_Boolean copyForwardDir = PKIX_FALSE;
PKIX_CertChainChecker *copy = NULL;
PKIX_CertChainChecker_CheckCallback originalCallback = NULL;
PKIX_CertChainChecker_CheckCallback copyCallback = NULL;
PKIX_PL_Object *originalState = NULL;
PKIX_PL_Object *copyState = NULL;
PKIX_List *originalList = NULL;
PKIX_List *copyList = NULL;
PKIX_TEST_STD_VARS();
subTest("CertChainChecker_Duplicate");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
((PKIX_PL_Object *)original,
(PKIX_PL_Object **)&copy,
plContext));
subTest("CertChainChecker_GetCheckCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetCheckCallback
(original, &originalCallback, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_GetCheckCallback
(copy, &copyCallback, plContext));
if (originalCallback != copyCallback) {
pkixTestErrorMsg = "CheckCallback functions are not equal!";
goto cleanup;
}
subTest("CertChainChecker_IsForwardCheckingSupported");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_IsForwardCheckingSupported
(original, &originalForward, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_IsForwardCheckingSupported
(copy, &copyForward, plContext));
if (originalForward != copyForward) {
pkixTestErrorMsg = "ForwardChecking booleans are not equal!";
goto cleanup;
}
subTest("CertChainChecker_IsForwardDirectionExpected");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_IsForwardDirectionExpected
(original, &originalForwardDir, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_IsForwardDirectionExpected
(copy, &copyForwardDir, plContext));
if (originalForwardDir != copyForwardDir) {
pkixTestErrorMsg = "ForwardDirection booleans are not equal!";
goto cleanup;
}
subTest("CertChainChecker_GetCertChainCheckerState");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_GetCertChainCheckerState
(original, &originalState, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_GetCertChainCheckerState
(copy, &copyState, plContext));
testEqualsHelper(originalState, copyState, PKIX_TRUE, plContext);
subTest("CertChainChecker_GetSupportedExtensions");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_GetSupportedExtensions
(original, &originalList, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_GetSupportedExtensions
(copy, &copyList, plContext));
testEqualsHelper
((PKIX_PL_Object *)originalList,
(PKIX_PL_Object *)copyList,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(copy);
PKIX_TEST_DECREF_AC(originalState);
PKIX_TEST_DECREF_AC(copyState);
PKIX_TEST_DECREF_AC(originalList);
PKIX_TEST_DECREF_AC(copyList);
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_UInt32 actualMinorVersion;
PKIX_PL_OID *bcOID = NULL;
PKIX_PL_OID *ncOID = NULL;
PKIX_PL_OID *cpOID = NULL;
PKIX_PL_OID *pmOID = NULL;
PKIX_PL_OID *pcOID = NULL;
PKIX_PL_OID *iaOID = NULL;
PKIX_CertChainChecker *dummyChecker = NULL;
PKIX_List *supportedExtensions = NULL;
PKIX_PL_Object *initialState = NULL;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("CertChainChecker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&supportedExtensions, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_BASICCONSTRAINTS_OID, &bcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)bcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_NAMECONSTRAINTS_OID, &ncOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)ncOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_CERTIFICATEPOLICIES_OID, &cpOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)cpOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_POLICYMAPPINGS_OID, &pmOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)pmOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_POLICYCONSTRAINTS_OID, &pcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)pcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_INHIBITANYPOLICY_OID, &iaOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)iaOID, plContext));
PKIX_TEST_DECREF_BC(bcOID);
PKIX_TEST_DECREF_BC(ncOID);
PKIX_TEST_DECREF_BC(cpOID);
PKIX_TEST_DECREF_BC(pmOID);
PKIX_TEST_DECREF_BC(pcOID);
PKIX_TEST_DECREF_BC(iaOID);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)supportedExtensions, plContext));
initialState = (PKIX_PL_Object *)supportedExtensions;
subTest("CertChainChecker_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_Create
(dummyChecker_Check, /* PKIX_CertChainChecker_CheckCallback */
PKIX_FALSE, /* forwardCheckingSupported */
PKIX_FALSE, /* forwardDirectionExpected */
supportedExtensions,
NULL, /* PKIX_PL_Object *initialState */
&dummyChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_SetCertChainCheckerState
(dummyChecker, initialState, plContext));
test_CertChainChecker_Duplicate(dummyChecker);
subTest("CertChainChecker_Destroy");
PKIX_TEST_DECREF_BC(dummyChecker);
cleanup:
PKIX_TEST_DECREF_AC(dummyChecker);
PKIX_TEST_DECREF_AC(initialState);
PKIX_TEST_DECREF_AC(supportedExtensions);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CertChainChecker");
return (0);
}

80
security/nss/cmd/libpkix/pkix/crlsel/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

51
security/nss/cmd/libpkix/pkix/crlsel/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,51 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_crlselector.c \
test_comcrlselparams.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

478
security/nss/cmd/libpkix/pkix/crlsel/test_comcrlselparams.c Normal file
Просмотреть файл

@ -0,0 +1,478 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_comcrlselparams.c
*
* Test ComCRLSelParams Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testIssuer(PKIX_ComCRLSelParams *goodObject)
{
PKIX_PL_String *issuer1String = NULL;
PKIX_PL_String *issuer2String = NULL;
PKIX_PL_String *issuer3String = NULL;
PKIX_PL_X500Name *issuerName1 = NULL;
PKIX_PL_X500Name *issuerName2 = NULL;
PKIX_PL_X500Name *issuerName3 = NULL;
PKIX_List *setIssuerList = NULL;
PKIX_List *getIssuerList = NULL;
PKIX_PL_String *issuerListString = NULL;
char *name1 = "CN=yassir,OU=bcn,OU=east,O=sun,C=us";
char *name2 = "CN=richard,OU=bcn,OU=east,O=sun,C=us";
char *name3 = "CN=hanfei,OU=bcn,OU=east,O=sun,C=us";
PKIX_Int32 length;
PKIX_Boolean result = PKIX_FALSE;
char *expectedAscii =
"(CN=yassir,OU=bcn,OU=east,O=sun,"
"C=us, CN=richard,OU=bcn,OU=east,O=sun,C=us, "
"CN=hanfei,OU=bcn,OU=east,O=sun,C=us)";
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCRLSelParams Create Issuers");
length = PL_strlen(name1);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_UTF8,
name1,
length,
&issuer1String,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Create(issuer1String,
&issuerName1,
plContext));
length = PL_strlen(name2);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_UTF8,
name2,
length,
&issuer2String,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Create(issuer2String,
&issuerName2,
plContext));
length = PL_strlen(name3);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_UTF8,
name3,
length,
&issuer3String,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Create
(issuer3String,
&issuerName3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setIssuerList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setIssuerList,
(PKIX_PL_Object *)issuerName1,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setIssuerList,
(PKIX_PL_Object *)issuerName2,
plContext));
subTest("PKIX_ComCRLSelParams_AddIssuerName");
/* Test adding an issuer to an empty list */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_AddIssuerName
(goodObject, issuerName3, plContext));
subTest("PKIX_ComCRLSelParams_GetIssuerNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_GetIssuerNames
(goodObject, &getIssuerList, plContext));
/* DECREF for GetIssuerNames */
PKIX_TEST_DECREF_BC(getIssuerList);
/* DECREF for AddIssuerName so next SetIssuerName start clean */
PKIX_TEST_DECREF_BC(getIssuerList);
/* Test setting issuer names on the list */
subTest("PKIX_ComCRLSelParams_SetIssuerNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetIssuerNames
(goodObject, setIssuerList, plContext));
subTest("PKIX_ComCRLSelParams_GetIssuerNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_GetIssuerNames
(goodObject, &getIssuerList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setIssuerList,
(PKIX_PL_Object *)getIssuerList,
&result,
plContext));
if (result != PKIX_TRUE) {
pkixTestErrorMsg = "unexpected Issuers mismatch";
}
/* Test adding an issuer to existing list */
subTest("PKIX_ComCRLSelParams_AddIssuerName");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_AddIssuerName
(goodObject, issuerName3, plContext));
subTest("PKIX_ComCRLSelParams_GetIssuerNames");
PKIX_TEST_DECREF_BC(getIssuerList);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_GetIssuerNames
(goodObject, &getIssuerList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object *)getIssuerList,
&issuerListString,
plContext));
testToStringHelper((PKIX_PL_Object *)getIssuerList,
expectedAscii, plContext);
cleanup:
PKIX_TEST_DECREF_AC(issuer1String);
PKIX_TEST_DECREF_AC(issuer2String);
PKIX_TEST_DECREF_AC(issuer3String);
PKIX_TEST_DECREF_AC(issuerListString);
PKIX_TEST_DECREF_AC(issuerName1);
PKIX_TEST_DECREF_AC(issuerName2);
PKIX_TEST_DECREF_AC(issuerName3);
PKIX_TEST_DECREF_AC(setIssuerList);
PKIX_TEST_DECREF_AC(getIssuerList);
PKIX_TEST_RETURN();
}
void testCertificateChecking(
char *dataCentralDir,
char *goodInput,
PKIX_ComCRLSelParams *goodObject)
{
PKIX_PL_Cert *setCert = NULL;
PKIX_PL_Cert *getCert = NULL;
PKIX_Boolean result = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("Test CertificateChecking Cert Create");
setCert = createCert(dataCentralDir, goodInput, plContext);
if (setCert == NULL) {
pkixTestErrorMsg = "create certificate failed";
goto cleanup;
}
subTest("PKIX_ComCRLSelParams_SetCertificateChecking");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetCertificateChecking
(goodObject, setCert, plContext));
subTest("PKIX_ComCRLSelParams_GetCertificateChecking");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_GetCertificateChecking
(goodObject, &getCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setCert,
(PKIX_PL_Object *)getCert,
&result, plContext));
if (result != PKIX_TRUE) {
pkixTestErrorMsg = "unexpected Cert mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(setCert);
PKIX_TEST_DECREF_AC(getCert);
PKIX_TEST_RETURN();
}
void testDateAndTime(PKIX_ComCRLSelParams *goodObject){
PKIX_PL_Date *setDate = NULL;
PKIX_PL_Date *getDate = NULL;
char *asciiDate = "040329134847Z";
PKIX_Boolean result = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCRLSelParams_Date Create");
setDate = createDate(asciiDate, plContext);
subTest("PKIX_ComCRLSelParams_SetDateAndTime");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCRLSelParams_SetDateAndTime
(goodObject, setDate, plContext));
subTest("PKIX_ComCRLSelParams_GetDateAndTime");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCRLSelParams_GetDateAndTime
(goodObject, &getDate, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setDate,
(PKIX_PL_Object *)getDate,
&result, plContext));
if (result != PKIX_TRUE) {
pkixTestErrorMsg = "unexpected DateAndTime mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(setDate);
PKIX_TEST_DECREF_AC(getDate);
PKIX_TEST_RETURN();
}
void testMaxMinCRLNumbers(PKIX_ComCRLSelParams *goodObject){
PKIX_PL_BigInt *setMaxCrlNumber = NULL;
PKIX_PL_BigInt *getMaxCrlNumber = NULL;
PKIX_PL_BigInt *setMinCrlNumber = NULL;
PKIX_PL_BigInt *getMinCrlNumber = NULL;
char *asciiCrlNumber1 = "01";
char *asciiCrlNumber99999 = "0909090909";
PKIX_PL_String *crlNumber1String = NULL;
PKIX_PL_String *crlNumber99999String = NULL;
PKIX_Boolean result = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCRLSelParams_SetMinCRLNumber");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
asciiCrlNumber1,
PL_strlen(asciiCrlNumber1),
&crlNumber1String,
NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create
(crlNumber1String, &setMinCrlNumber, NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetMinCRLNumber
(goodObject, setMinCrlNumber, NULL));
subTest("PKIX_ComCRLSelParams_GetMinCRLNumber");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCRLSelParams_GetMinCRLNumber
(goodObject, &getMinCrlNumber, NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setMinCrlNumber,
(PKIX_PL_Object *)getMinCrlNumber,
&result, NULL));
if (result != PKIX_TRUE) {
pkixTestErrorMsg = "unexpected Minimum CRL Number mismatch";
}
subTest("PKIX_ComCRLSelParams_SetMaxCRLNumber");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
asciiCrlNumber99999,
PL_strlen(asciiCrlNumber99999),
&crlNumber99999String,
NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create
(crlNumber99999String, &setMaxCrlNumber, NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetMaxCRLNumber
(goodObject, setMaxCrlNumber, NULL));
subTest("PKIX_ComCRLSelParams_GetMaxCRLNumber");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCRLSelParams_GetMaxCRLNumber
(goodObject, &getMaxCrlNumber, NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)setMaxCrlNumber,
(PKIX_PL_Object *)getMaxCrlNumber,
&result, NULL));
if (result != PKIX_TRUE) {
pkixTestErrorMsg = "unexpected Maximum CRL Number mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(setMaxCrlNumber);
PKIX_TEST_DECREF_AC(getMaxCrlNumber);
PKIX_TEST_DECREF_AC(setMinCrlNumber);
PKIX_TEST_DECREF_AC(getMinCrlNumber);
PKIX_TEST_DECREF_AC(crlNumber1String);
PKIX_TEST_DECREF_AC(crlNumber99999String);
PKIX_TEST_RETURN();
}
void testDuplicate(PKIX_ComCRLSelParams *goodObject){
PKIX_ComCRLSelParams *dupObject = NULL;
PKIX_Boolean result = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCRLSelParams_Duplicate");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
((PKIX_PL_Object *)goodObject,
(PKIX_PL_Object **)&dupObject,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)goodObject,
(PKIX_PL_Object *)dupObject,
&result, plContext));
if (result != PKIX_TRUE) {
pkixTestErrorMsg =
"unexpected Duplicate ComCRLSelParams mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(dupObject);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <central-data-dir>\n\n", pName);
}
/* Functional tests for ComCRLSelParams public functions */
int main(int argc, char *argv[]){
char *dataCentralDir = NULL;
char *goodInput = "yassir2yassir";
PKIX_ComCRLSelParams *goodObject = NULL;
PKIX_ComCRLSelParams *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("ComCRLSelParams");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dataCentralDir = argv[j+1];
subTest("PKIX_ComCRLSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create
(&goodObject,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create
(&diffObject,
plContext));
testIssuer(goodObject);
testCertificateChecking(dataCentralDir, goodInput, goodObject);
testDateAndTime(goodObject);
testMaxMinCRLNumbers(goodObject);
testDuplicate(goodObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
goodObject,
diffObject,
NULL,
ComCRLSelParams,
PKIX_TRUE);
cleanup:
PKIX_TEST_DECREF_AC(goodObject);
PKIX_TEST_DECREF_AC(diffObject);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ComCRLSelParams");
return (0);
}

213
security/nss/cmd/libpkix/pkix/crlsel/test_crlselector.c Normal file
Просмотреть файл

@ -0,0 +1,213 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_crlselector.c
*
* Test CRLSelector Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testGetMatchCallback(PKIX_CRLSelector *goodObject)
{
PKIX_CRLSelector_MatchCallback mCallback = NULL;
PKIX_TEST_STD_VARS();
subTest("testGetMatchCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_GetMatchCallback
(goodObject, &mCallback, plContext));
if (mCallback == NULL) {
pkixTestErrorMsg = "MatchCallback is NULL";
}
cleanup:
PKIX_TEST_RETURN();
}
void testGetCRLSelectorContext(PKIX_CRLSelector *goodObject)
{
PKIX_PL_Object *context = NULL;
PKIX_TEST_STD_VARS();
subTest("testGetCRLSelectorContext");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_GetCRLSelectorContext
(goodObject, (void *)&context, plContext));
if (context == NULL) {
pkixTestErrorMsg = "CRLSelectorContext is NULL";
}
cleanup:
PKIX_TEST_DECREF_AC(context);
PKIX_TEST_RETURN();
}
void testCommonCRLSelectorParams(PKIX_CRLSelector *goodObject){
PKIX_ComCRLSelParams *setParams = NULL;
PKIX_ComCRLSelParams *getParams = NULL;
PKIX_PL_Date *setDate = NULL;
char *asciiDate = "040329134847Z";
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCRLSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create
(&setParams,
plContext));
subTest("PKIX_ComCRLSelParams_Date Create");
setDate = createDate(asciiDate, plContext);
subTest("PKIX_ComCRLSelParams_SetDateAndTime");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetDateAndTime
(setParams, setDate, plContext));
subTest("PKIX_CRLSelector_SetCommonCRLSelectorParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_SetCommonCRLSelectorParams(
goodObject, setParams, plContext));
subTest("PKIX_CRLSelector_GetCommonCRLSelectorParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_GetCommonCRLSelectorParams(
goodObject, &getParams, plContext));
testEqualsHelper((PKIX_PL_Object *)setParams,
(PKIX_PL_Object *)getParams,
PKIX_TRUE,
plContext);
testHashcodeHelper((PKIX_PL_Object *)setParams,
(PKIX_PL_Object *)getParams,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(setDate);
PKIX_TEST_DECREF_AC(setParams);
PKIX_TEST_DECREF_AC(getParams);
PKIX_TEST_RETURN();
}
/* Functional tests for CRLSelector public functions */
int main(int argc, char *argv[]){
PKIX_PL_Date *context = NULL;
PKIX_CRLSelector *goodObject = NULL;
PKIX_CRLSelector *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *asciiDate = "040329134847Z";
PKIX_TEST_STD_VARS();
startTests("CRLSelector");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
context = createDate(asciiDate, plContext);
subTest("PKIX_CRLSelector_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create
(NULL,
(PKIX_PL_Object *)context,
&goodObject,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create
(NULL,
(PKIX_PL_Object *)context,
&diffObject,
plContext));
testGetMatchCallback(goodObject);
testGetCRLSelectorContext(goodObject);
testCommonCRLSelectorParams(goodObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
goodObject,
diffObject,
NULL,
CRLSelector,
PKIX_TRUE);
cleanup:
PKIX_TEST_DECREF_AC(goodObject);
PKIX_TEST_DECREF_AC(diffObject);
PKIX_TEST_DECREF_AC(context);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CRLSelector");
return (0);
}

41
security/nss/cmd/libpkix/pkix/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,41 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ..
DIRS = certsel checker crlsel params results store top util \
$(NULL)

80
security/nss/cmd/libpkix/pkix/params/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

53
security/nss/cmd/libpkix/pkix/params/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,53 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_procparams.c \
test_trustanchor.c \
test_valparams.c \
test_resourcelimits.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

219
security/nss/cmd/libpkix/pkix/params/test_buildparams.c Normal file
Просмотреть файл

@ -0,0 +1,219 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_buildparams.c
*
* Test BuildParams Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_BuildParams_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void testGetProcParams(
PKIX_BuildParams *goodObject,
PKIX_BuildParams *equalObject){
PKIX_ProcessingParams *goodProcParams = NULL;
PKIX_ProcessingParams *equalProcParams = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_BuildParams_GetProcessingParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildParams_GetProcessingParams
(goodObject, &goodProcParams, NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildParams_GetProcessingParams
(equalObject, &equalProcParams, NULL));
testEqualsHelper
((PKIX_PL_Object *)goodProcParams,
(PKIX_PL_Object *)equalProcParams,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodProcParams);
PKIX_TEST_DECREF_AC(equalProcParams);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <central-data-dir>\n\n", pName);
}
int main(int argc, char *argv[]) {
PKIX_BuildParams *goodObject = NULL;
PKIX_BuildParams *equalObject = NULL;
PKIX_BuildParams *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *dataCentralDir = NULL;
char *goodInput = "yassir2yassir";
char *diffInput = "yassir2bcn";
char *expectedAscii =
"[\n"
"\tProcessing Params: \n"
"\t********BEGIN PROCESSING PARAMS********\n"
"\t\t"
"[\n"
"\tTrust Anchors: \n"
"\t********BEGIN LIST OF TRUST ANCHORS********\n"
"\t\t"
"([\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
", [\n"
"\tTrusted CA Name: OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
")\n"
"\t********END LIST OF TRUST ANCHORS********\n"
"\tDate: \t\t(null)\n"
"\tTarget Constraints: (null)\n"
"\tInitial Policies: (null)\n"
"\tQualifiers Rejected: FALSE\n"
"\tCert Stores: (EMPTY)\n"
"\tResource Limits: (null)\n"
"\tCRL Checking Enabled: 0\n"
"]\n"
"\n"
"\t********END PROCESSING PARAMS********\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("BuildParams");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dataCentralDir = argv[j+1];
subTest("PKIX_BuildParams_Create");
goodObject = createBuildParams
(dataCentralDir,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
equalObject = createBuildParams
(dataCentralDir,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
diffObject = createBuildParams
(dataCentralDir,
diffInput,
goodInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
testGetProcParams(goodObject, equalObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
BuildParams,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("BuildParams");
return (0);
}

550
security/nss/cmd/libpkix/pkix/params/test_procparams.c Normal file
Просмотреть файл

@ -0,0 +1,550 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_procparams.c
*
* Test ProcessingParams Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void testGetAnchors(
PKIX_ProcessingParams *goodObject,
PKIX_ProcessingParams *equalObject){
PKIX_List *goodAnchors = NULL;
PKIX_List *equalAnchors = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_GetTrustAnchors");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_GetTrustAnchors
(goodObject, &goodAnchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_GetTrustAnchors
(equalObject, &equalAnchors, plContext));
testEqualsHelper((PKIX_PL_Object *)goodAnchors,
(PKIX_PL_Object *)equalAnchors,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodAnchors);
PKIX_TEST_DECREF_AC(equalAnchors);
PKIX_TEST_RETURN();
}
void testGetSetDate(
PKIX_ProcessingParams *goodObject,
PKIX_ProcessingParams *equalObject){
PKIX_PL_Date *setDate = NULL;
PKIX_PL_Date *getDate = NULL;
char *asciiDate = "040329134847Z";
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetDate");
setDate = createDate(asciiDate, plContext);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetDate(goodObject, setDate, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_GetDate
(goodObject, &getDate, plContext));
testEqualsHelper((PKIX_PL_Object *)setDate,
(PKIX_PL_Object *)getDate,
PKIX_TRUE,
plContext);
/* we want to make sure that goodObject and equalObject are "equal" */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetDate
(equalObject, setDate, plContext));
cleanup:
PKIX_TEST_DECREF_AC(setDate);
PKIX_TEST_DECREF_AC(getDate);
PKIX_TEST_RETURN();
}
PKIX_Error *userChecker1cb(
PKIX_CertChainChecker *checker,
PKIX_PL_Cert *cert,
PKIX_List *unresolvedCriticalExtensions, /* list of PKIX_PL_OID */
void **pNBIOContext,
void *plContext)
{
return(NULL);
}
void testGetSetCertChainCheckers(
PKIX_ProcessingParams *goodObject,
PKIX_ProcessingParams *equalObject){
PKIX_CertChainChecker *checker = NULL;
PKIX_List *setCheckersList = NULL;
PKIX_List *getCheckersList = NULL;
PKIX_PL_Date *date = NULL;
char *asciiDate = "040329134847Z";
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetCertChainCheckers");
date = createDate(asciiDate, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_Create
(userChecker1cb,
PKIX_FALSE,
PKIX_FALSE,
NULL,
(PKIX_PL_Object *) date,
&checker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&setCheckersList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setCheckersList, (PKIX_PL_Object *) checker, plContext));
PKIX_TEST_DECREF_BC(checker);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertChainCheckers
(goodObject, setCheckersList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_Create
(userChecker1cb,
PKIX_FALSE,
PKIX_FALSE,
NULL,
(PKIX_PL_Object *) date,
&checker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertChainChecker
(goodObject, checker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_GetCertChainCheckers
(goodObject, &getCheckersList, plContext));
cleanup:
PKIX_TEST_DECREF_AC(setCheckersList);
PKIX_TEST_DECREF_AC(getCheckersList);
PKIX_TEST_DECREF_AC(date);
PKIX_TEST_DECREF_BC(checker);
PKIX_TEST_RETURN();
}
PKIX_Error *userChecker2cb(
PKIX_RevocationChecker *checker,
PKIX_PL_Cert *cert,
PKIX_UInt32 *pResult,
void *plContext)
{
return(NULL);
}
void testGetSetRevocationCheckers(
PKIX_ProcessingParams *goodObject,
PKIX_ProcessingParams *equalObject){
PKIX_RevocationChecker *checker = NULL;
PKIX_List *setCheckersList = NULL;
PKIX_List *getCheckersList = NULL;
PKIX_PL_Date *date = NULL;
char *asciiDate = "040329134847Z";
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetRevocationCheckers");
date = createDate(asciiDate, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_RevocationChecker_Create
(userChecker2cb,
(PKIX_PL_Object *) date,
&checker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&setCheckersList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setCheckersList,
(PKIX_PL_Object *) checker,
plContext));
PKIX_TEST_DECREF_BC(checker);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers
(goodObject, setCheckersList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_RevocationChecker_Create
(userChecker2cb,
(PKIX_PL_Object *) date,
&checker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddRevocationChecker
(goodObject, checker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_GetRevocationCheckers
(goodObject, &getCheckersList, plContext));
cleanup:
PKIX_TEST_DECREF_AC(setCheckersList);
PKIX_TEST_DECREF_AC(getCheckersList);
PKIX_TEST_DECREF_AC(date);
PKIX_TEST_DECREF_BC(checker);
PKIX_TEST_RETURN();
}
void testGetSetResourceLimits(
PKIX_ProcessingParams *goodObject,
PKIX_ProcessingParams *equalObject)
{
PKIX_ResourceLimits *resourceLimits1 = NULL;
PKIX_ResourceLimits *resourceLimits2 = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetResourceLimits");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&resourceLimits1, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&resourceLimits2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(resourceLimits1, 3, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(resourceLimits1, 3, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(resourceLimits1, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetResourceLimits
(goodObject, resourceLimits1, plContext));
PKIX_TEST_DECREF_BC(resourceLimits2);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_GetResourceLimits
(goodObject, &resourceLimits2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetResourceLimits
(equalObject, resourceLimits2, plContext));
cleanup:
PKIX_TEST_DECREF_AC(resourceLimits1);
PKIX_TEST_DECREF_AC(resourceLimits2);
PKIX_TEST_RETURN();
}
void testGetSetConstraints(PKIX_ProcessingParams *goodObject){
PKIX_CertSelector *setConstraints = NULL;
PKIX_CertSelector *getConstraints = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetTargetCertConstraints");
/*
* After createConstraints is implemented
* setConstraints = createConstraints();
*/
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(goodObject, setConstraints, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_GetTargetCertConstraints
(goodObject, &getConstraints, plContext));
testEqualsHelper((PKIX_PL_Object *)setConstraints,
(PKIX_PL_Object *)getConstraints,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(setConstraints);
PKIX_TEST_DECREF_AC(getConstraints);
PKIX_TEST_RETURN();
}
void testGetSetInitialPolicies(
PKIX_ProcessingParams *goodObject,
char *asciiPolicyOID)
{
PKIX_PL_OID *policyOID = NULL;
PKIX_List* setPolicyList = NULL;
PKIX_List* getPolicyList = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetInitialPolicies");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(asciiPolicyOID, &policyOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&setPolicyList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(setPolicyList, (PKIX_PL_Object *)policyOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_SetImmutable(setPolicyList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetInitialPolicies
(goodObject, setPolicyList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_GetInitialPolicies
(goodObject, &getPolicyList, plContext));
testEqualsHelper
((PKIX_PL_Object *)setPolicyList,
(PKIX_PL_Object *)getPolicyList,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(policyOID);
PKIX_TEST_DECREF_AC(setPolicyList);
PKIX_TEST_DECREF_AC(getPolicyList);
PKIX_TEST_RETURN();
}
void testGetSetPolicyQualifiersRejected(
PKIX_ProcessingParams *goodObject,
PKIX_Boolean rejected)
{
PKIX_Boolean getRejected = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("PKIX_ProcessingParams_Get/SetPolicyQualifiersRejected");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetPolicyQualifiersRejected
(goodObject, rejected, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_GetPolicyQualifiersRejected
(goodObject, &getRejected, plContext));
if (rejected != getRejected) {
testError
("GetPolicyQualifiersRejected returned unexpected value");
}
cleanup:
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <central-data-dir>\n\n", pName);
}
int main(int argc, char *argv[]) {
PKIX_ProcessingParams *goodObject = NULL;
PKIX_ProcessingParams *equalObject = NULL;
PKIX_ProcessingParams *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
char *dataCentralDir = NULL;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *oidAnyPolicy = PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID;
char *oidNist1Policy = "2.16.840.1.101.3.2.1.48.2";
char *goodInput = "yassir2yassir";
char *diffInput = "yassir2bcn";
char *expectedAscii =
"[\n"
"\tTrust Anchors: \n"
"\t********BEGIN LIST OF TRUST ANCHORS********\n"
"\t\t"
"([\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
", [\n"
"\tTrusted CA Name: OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
")\n"
"\t********END LIST OF TRUST ANCHORS********\n"
"\tDate: \t\tMon Mar 29 08:48:47 2004\n"
"\tTarget Constraints: (null)\n"
"\tInitial Policies: (2.5.29.32.0)\n"
"\tQualifiers Rejected: FALSE\n"
"\tCert Stores: (EMPTY)\n"
"\tResource Limits: [\n"
"\tMaxTime: 2\n"
"\tMaxFanout: 3\n"
"\tMaxDepth: 3\n"
"]\n\n"
"\tCRL Checking Enabled: 0\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("ProcessingParams");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dataCentralDir = argv[j+1];
subTest("PKIX_ProcessingParams_Create");
goodObject = createProcessingParams
(dataCentralDir,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
equalObject = createProcessingParams
(dataCentralDir,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
diffObject = createProcessingParams
(dataCentralDir,
diffInput,
goodInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
testGetAnchors(goodObject, equalObject);
testGetSetDate(goodObject, equalObject);
testGetSetCertChainCheckers(goodObject, equalObject);
testGetSetRevocationCheckers(goodObject, equalObject);
testGetSetResourceLimits(goodObject, equalObject);
/*
* XXX testGetSetConstraints(goodObject);
*/
testGetSetInitialPolicies(goodObject, oidAnyPolicy);
testGetSetInitialPolicies(equalObject, oidAnyPolicy);
testGetSetInitialPolicies(diffObject, oidNist1Policy);
testGetSetPolicyQualifiersRejected(goodObject, PKIX_FALSE);
testGetSetPolicyQualifiersRejected(equalObject, PKIX_FALSE);
testGetSetPolicyQualifiersRejected(diffObject, PKIX_TRUE);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
NULL, /* expectedAscii, */
ProcessingParams,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ProcessingParams");
return (0);
}

156
security/nss/cmd/libpkix/pkix/params/test_resourcelimits.c Normal file
Просмотреть файл

@ -0,0 +1,156 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_resourcelimits.c
*
* Test ResourceLimits Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_ResourceLimits_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_ResourceLimits *goodObject = NULL;
PKIX_ResourceLimits *equalObject = NULL;
PKIX_ResourceLimits *diffObject = NULL;
PKIX_UInt32 maxTime = 0;
PKIX_UInt32 maxFanout = 0;
PKIX_UInt32 maxDepth = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *expectedAscii =
"[\n"
"\tMaxTime: 10\n"
"\tMaxFanout: 5\n"
"\tMaxDepth: 5\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("ResourceLimits");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_ResourceLimits_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&goodObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&diffObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&equalObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(goodObject, 10, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_GetMaxTime
(goodObject, &maxTime, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(equalObject, maxTime, plContext));
maxTime++;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(diffObject, maxTime, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(goodObject, 5, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_GetMaxFanout
(goodObject, &maxFanout, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(equalObject, maxFanout, plContext));
maxFanout++;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(diffObject, maxFanout, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(goodObject, 5, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_GetMaxDepth
(goodObject, &maxDepth, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(equalObject, maxDepth, plContext));
maxDepth++;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(diffObject, maxDepth, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
ResourceLimits,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ResourceLimits");
return (0);
}

299
security/nss/cmd/libpkix/pkix/params/test_trustanchor.c Normal file
Просмотреть файл

@ -0,0 +1,299 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_trustanchor.c
*
* Test TrustAnchor Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void createTrustAnchors(
char *dirName,
char *goodInput,
PKIX_TrustAnchor **goodObject,
PKIX_TrustAnchor **equalObject,
PKIX_TrustAnchor **diffObject)
{
subTest("PKIX_TrustAnchor_CreateWithNameKeyPair <goodObject>");
*goodObject = createTrustAnchor
(dirName, goodInput, PKIX_FALSE, plContext);
subTest("PKIX_TrustAnchor_CreateWithNameKeyPair <equalObject>");
*equalObject = createTrustAnchor
(dirName, goodInput, PKIX_FALSE, plContext);
subTest("PKIX_TrustAnchor_CreateWithCert <diffObject>");
*diffObject = createTrustAnchor
(dirName, goodInput, PKIX_TRUE, plContext);
}
void testGetCAName(
PKIX_PL_Cert *diffCert,
PKIX_TrustAnchor *equalObject){
PKIX_PL_X500Name *diffCAName = NULL;
PKIX_PL_X500Name *equalCAName = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_TrustAnchor_GetCAName");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject
(diffCert, &diffCAName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetCAName
(equalObject, &equalCAName, plContext));
testEqualsHelper((PKIX_PL_Object *)diffCAName,
(PKIX_PL_Object *)equalCAName,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(diffCAName);
PKIX_TEST_DECREF_AC(equalCAName);
PKIX_TEST_RETURN();
}
void testGetCAPublicKey(
PKIX_PL_Cert *diffCert,
PKIX_TrustAnchor *equalObject){
PKIX_PL_PublicKey *diffPubKey = NULL;
PKIX_PL_PublicKey *equalPubKey = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_TrustAnchor_GetCAPublicKey");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey
(diffCert, &diffPubKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetCAPublicKey
(equalObject, &equalPubKey, plContext));
testEqualsHelper((PKIX_PL_Object *)diffPubKey,
(PKIX_PL_Object *)equalPubKey,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(diffPubKey);
PKIX_TEST_DECREF_AC(equalPubKey);
PKIX_TEST_RETURN();
}
void testGetNameConstraints(char *dirName)
{
PKIX_TrustAnchor *goodObject = NULL;
PKIX_TrustAnchor *equalObject = NULL;
PKIX_TrustAnchor *diffObject = NULL;
PKIX_PL_Cert *diffCert;
PKIX_PL_CertNameConstraints *diffNC = NULL;
PKIX_PL_CertNameConstraints *equalNC = NULL;
char *goodInput = "nameConstraintsDN5CACert.crt";
char *expectedAscii =
"[\n"
"\tTrusted CA Name: CN=nameConstraints DN5 CA,"
"O=Test Certificates,C=US\n"
"\tTrusted CA PublicKey: PKCS #1 RSA Encryption\n"
"\tInitial Name Constraints:[\n"
"\t\tPermitted Name: (OU=permittedSubtree1,"
"O=Test Certificates,C=US)\n"
"\t\tExcluded Name: (OU=excludedSubtree1,"
"OU=permittedSubtree1,O=Test Certificates,C=US)\n"
"\t]\n"
"\n"
"]\n";
PKIX_TEST_STD_VARS();
subTest("Create TrustAnchors and compare");
createTrustAnchors
(dirName, goodInput, &goodObject, &equalObject, &diffObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
TrustAnchor,
PKIX_TRUE);
subTest("PKIX_TrustAnchor_GetTrustedCert");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetTrustedCert
(diffObject, &diffCert, plContext));
subTest("PKIX_PL_Cert_GetNameConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints
(diffCert, &diffNC, plContext));
subTest("PKIX_TrustAnchor_GetNameConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetNameConstraints
(equalObject, &equalNC, plContext));
testEqualsHelper((PKIX_PL_Object *)diffNC,
(PKIX_PL_Object *)equalNC,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(diffNC);
PKIX_TEST_DECREF_AC(equalNC);
PKIX_TEST_DECREF_BC(diffCert);
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
PKIX_TEST_RETURN();
}
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_TrustAnchor_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void printUsage(void) {
(void) printf("\nUSAGE:\ttest_trustanchor <NIST_FILES_DIR> <central-data-dir>\n\n");
}
int main(int argc, char *argv[]) {
PKIX_TrustAnchor *goodObject = NULL;
PKIX_TrustAnchor *equalObject = NULL;
PKIX_TrustAnchor *diffObject = NULL;
PKIX_PL_Cert *diffCert = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
char *goodInput = "yassir2yassir";
char *expectedAscii =
"[\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n";
char *dirName = NULL;
char *dataCentralDir = NULL;
PKIX_TEST_STD_VARS();
startTests("TrustAnchor");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 3) {
printUsage();
return (0);
}
dirName = argv[j+1];
dataCentralDir = argv[j+2];
createTrustAnchors
(dataCentralDir,
goodInput,
&goodObject,
&equalObject,
&diffObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
TrustAnchor,
PKIX_TRUE);
subTest("PKIX_TrustAnchor_GetTrustedCert");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetTrustedCert
(diffObject, &diffCert, plContext));
testGetCAName(diffCert, equalObject);
testGetCAPublicKey(diffCert, equalObject);
testGetNameConstraints(dirName);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_TEST_DECREF_AC(diffCert);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("TrustAnchor");
return (0);
}

307
security/nss/cmd/libpkix/pkix/params/test_valparams.c Normal file
Просмотреть файл

@ -0,0 +1,307 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_valparams.c
*
* Test ValidateParams Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateParams_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void testGetProcParams(
PKIX_ValidateParams *goodObject,
PKIX_ValidateParams *equalObject){
PKIX_ProcessingParams *goodProcParams = NULL;
PKIX_ProcessingParams *equalProcParams = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateParams_GetProcessingParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(goodObject, &goodProcParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(equalObject, &equalProcParams, plContext));
testEqualsHelper
((PKIX_PL_Object *)goodProcParams,
(PKIX_PL_Object *)equalProcParams,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodProcParams);
PKIX_TEST_DECREF_AC(equalProcParams);
PKIX_TEST_RETURN();
}
void testGetCertChain(
PKIX_ValidateParams *goodObject,
PKIX_ValidateParams *equalObject){
PKIX_List *goodChain = NULL;
PKIX_List *equalChain = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateParams_GetCertChain");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetCertChain
(goodObject, &goodChain, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetCertChain
(equalObject, &equalChain, plContext));
testEqualsHelper
((PKIX_PL_Object *)goodChain,
(PKIX_PL_Object *)equalChain,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodChain);
PKIX_TEST_DECREF_AC(equalChain);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <central-data-dir>\n\n", pName);
}
int main(int argc, char *argv[]) {
PKIX_ValidateParams *goodObject = NULL;
PKIX_ValidateParams *equalObject = NULL;
PKIX_ValidateParams *diffObject = NULL;
PKIX_List *chain = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *dirName = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
char *goodInput = "yassir2yassir";
char *diffInput = "yassir2bcn";
char *expectedAscii =
"[\n"
"\tProcessing Params: \n"
"\t********BEGIN PROCESSING PARAMS********\n"
"\t\t"
"[\n"
"\tTrust Anchors: \n"
"\t********BEGIN LIST OF TRUST ANCHORS********\n"
"\t\t"
"([\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
", [\n"
"\tTrusted CA Name: OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
")\n"
"\t********END LIST OF TRUST ANCHORS********\n"
"\tDate: \t\t(null)\n"
"\tTarget Constraints: (null)\n"
"\tInitial Policies: (null)\n"
"\tQualifiers Rejected: FALSE\n"
"\tCert Stores: (EMPTY)\n"
"\tCRL Checking Enabled: 0\n"
"]\n"
"\n"
"\t********END PROCESSING PARAMS********\n"
"\tChain: \t\t"
"([\n"
"\tVersion: v3\n"
"\tSerialNumber: 37bc66ec\n"
"\tIssuer: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tSubject: OU=bcn,OU=east,O=sun,C=us\n"
"\tValidity: [From: Thu Aug 19 16:19:56 1999\n"
"\t To: Fri Aug 18 16:19:56 2000]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
", [\n"
"\tVersion: v3\n"
"\tSerialNumber: 37bc65af\n"
"\tIssuer: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tSubject: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tValidity: [From: Thu Aug 19 16:14:39 1999\n"
"\t To: Fri Aug 18 16:14:39 2000]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("ValidateParams");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dirName = argv[j+1];
subTest("PKIX_ValidateParams_Create");
chain = createCertChain(dirName, diffInput, goodInput, plContext);
goodObject = createValidateParams
(dirName,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
equalObject = createValidateParams
(dirName,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
diffObject = createValidateParams
(dirName,
diffInput,
goodInput,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
testGetProcParams(goodObject, equalObject);
testGetCertChain(goodObject, equalObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
NULL, /* expectedAscii, */
ValidateParams,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_TEST_DECREF_AC(chain);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ValidateParams");
return (0);
}

80
security/nss/cmd/libpkix/pkix/results/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

53
security/nss/cmd/libpkix/pkix/results/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,53 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_buildresult.c \
test_policynode.c \
test_verifynode.c \
test_valresult.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

257
security/nss/cmd/libpkix/pkix/results/test_buildresult.c Normal file
Просмотреть файл

@ -0,0 +1,257 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_buildresult.c
*
* Test BuildResult Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_BuildResult_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void testGetValidateResult(
PKIX_BuildResult *goodObject,
PKIX_BuildResult *equalObject){
PKIX_ValidateResult *goodValResult = NULL;
PKIX_ValidateResult *equalValResult = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_BuildResult_GetValidateResult");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetValidateResult
(goodObject, &goodValResult, NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetValidateResult
(equalObject, &equalValResult, NULL));
testEqualsHelper
((PKIX_PL_Object *)goodValResult,
(PKIX_PL_Object *)equalValResult,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodValResult);
PKIX_TEST_DECREF_AC(equalValResult);
PKIX_TEST_RETURN();
}
void testGetCertChain(
PKIX_BuildResult *goodObject,
PKIX_BuildResult *equalObject){
PKIX_List *goodChain = NULL;
PKIX_List *equalChain = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_BuildResult_GetCertChain");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetCertChain
(goodObject, &goodChain, NULL));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetCertChain
(equalObject, &equalChain, NULL));
testEqualsHelper
((PKIX_PL_Object *)goodChain,
(PKIX_PL_Object *)equalChain,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodChain);
PKIX_TEST_DECREF_AC(equalChain);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <central-data-dir>\n\n", pName);
}
int main(int argc, char *argv[]) {
PKIX_BuildResult *goodObject = NULL;
PKIX_BuildResult *equalObject = NULL;
PKIX_BuildResult *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
char *dirName = NULL;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *goodInput = "yassir2yassir";
char *diffInput = "yassir2bcn";
char *expectedAscii =
"[\n"
"\tValidateResult: \t\t"
"[\n"
"\tTrustAnchor: \t\t"
"[\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
"\tPubKey: \t\t"
"ANSI X9.57 DSA Signature\n"
"\tPolicyTree: \t\t(null)\n"
"]\n"
"\tCertChain: \t\t("
"[\n"
"\tVersion: v3\n"
"\tSerialNumber: 37bc65af\n"
"\tIssuer: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tSubject: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tValidity: [From: Thu Aug 19 16:14:39 1999\n"
"\t To: Fri Aug 18 16:14:39 2000]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
", [\n"
"\tVersion: v3\n"
"\tSerialNumber: 37bc66ec\n"
"\tIssuer: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tSubject: OU=bcn,OU=east,O=sun,C=us\n"
"\tValidity: [From: Thu Aug 19 16:19:56 1999\n"
"\t To: Fri Aug 18 16:19:56 2000]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("BuildResult");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dirName = argv[j+1];
subTest("pkix_BuildResult_Create");
goodObject = createBuildResult
(dirName, goodInput, diffInput, goodInput, diffInput, plContext);
equalObject = createBuildResult
(dirName, goodInput, diffInput, goodInput, diffInput, plContext);
diffObject = createBuildResult
(dirName, diffInput, goodInput, diffInput, goodInput, plContext);
testGetValidateResult(goodObject, equalObject);
testGetCertChain(goodObject, equalObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
NULL, /* expectedAscii, */
BuildResult,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("BuildResult");
return (0);
}

720
security/nss/cmd/libpkix/pkix/results/test_policynode.c Normal file
Просмотреть файл

@ -0,0 +1,720 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_policynode.c
*
* Test PolicyNode Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
test_GetChildren(
PKIX_PolicyNode *goodNode,
PKIX_PolicyNode *equalNode,
PKIX_PolicyNode *diffNode)
{
/*
* Caution: be careful where you insert this test. PKIX_PolicyNode_GetChildren
* is required by the API to return an immutable List, and it does it by setting
* the List immutable. We don't make a copy because the assumption is that
* certificate and policy processing have been completed before the user gets at
* the public API. So subsequent tests of functions that modify the policy tree,
* such as Prune, will fail if called after the execution of this test.
*/
PKIX_Boolean isImmutable = PKIX_FALSE;
PKIX_List *goodList = NULL;
PKIX_List *equalList = NULL;
PKIX_List *diffList = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PolicyNode_GetChildren");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetChildren
(goodNode, &goodList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetChildren
(equalNode, &equalList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetChildren
(diffNode, &diffList, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodList, equalList, diffList, NULL, List, NULL);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable
(goodList, &isImmutable, plContext));
if (isImmutable != PKIX_TRUE) {
testError("PKIX_PolicyNode_GetChildren returned a mutable List");
}
cleanup:
PKIX_TEST_DECREF_AC(goodList);
PKIX_TEST_DECREF_AC(equalList);
PKIX_TEST_DECREF_AC(diffList);
PKIX_TEST_RETURN();
}
static void
test_GetParent(
PKIX_PolicyNode *goodNode,
PKIX_PolicyNode *equalNode,
PKIX_PolicyNode *diffNode,
char *expectedAscii)
{
PKIX_PolicyNode *goodParent = NULL;
PKIX_PolicyNode *equalParent = NULL;
PKIX_PolicyNode *diffParent = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PolicyNode_GetParent");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetParent
(goodNode, &goodParent, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetParent
(equalNode, &equalParent, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetParent
(diffNode, &diffParent, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodParent,
equalParent,
diffParent,
expectedAscii,
CertPolicyNode,
NULL);
cleanup:
PKIX_TEST_DECREF_AC(goodParent);
PKIX_TEST_DECREF_AC(equalParent);
PKIX_TEST_DECREF_AC(diffParent);
PKIX_TEST_RETURN();
}
/*
* This test is the same as testDuplicateHelper, except that it
* produces a more useful "Actual value" and "Expected value"
* in the case of an unexpected mismatch.
*/
static void
test_DuplicateHelper(PKIX_PolicyNode *object, void *plContext)
{
PKIX_PolicyNode *newObject = NULL;
PKIX_Boolean cmpResult;
PKIX_PL_String *original = NULL;
PKIX_PL_String *copy = NULL;
PKIX_TEST_STD_VARS();
subTest("testing pkix_PolicyNode_Duplicate");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
((PKIX_PL_Object *)object,
(PKIX_PL_Object **)&newObject,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)object,
(PKIX_PL_Object *)newObject,
&cmpResult,
plContext));
if (!cmpResult){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)object, &original, plContext));
testError("unexpected mismatch");
(void) printf
("original value:\t%s\n", original->escAsciiString);
if (newObject) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)newObject, &copy, plContext));
(void) printf
("copy value:\t%s\n", copy->escAsciiString);
} else {
(void) printf("copy value:\t(NULL)\n");
}
}
cleanup:
PKIX_TEST_DECREF_AC(newObject);
PKIX_TEST_DECREF_AC(original);
PKIX_TEST_DECREF_AC(copy);
PKIX_TEST_RETURN();
}
static void
test_GetValidPolicy(
PKIX_PolicyNode *goodNode,
PKIX_PolicyNode *equalNode,
PKIX_PolicyNode *diffNode,
char *expectedAscii)
{
PKIX_PL_OID *goodPolicy = NULL;
PKIX_PL_OID *equalPolicy = NULL;
PKIX_PL_OID *diffPolicy = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PolicyNode_GetValidPolicy");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetValidPolicy
(goodNode, &goodPolicy, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetValidPolicy
(equalNode, &equalPolicy, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetValidPolicy
(diffNode, &diffPolicy, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodPolicy, equalPolicy, diffPolicy, expectedAscii, OID, NULL);
cleanup:
PKIX_TEST_DECREF_AC(goodPolicy);
PKIX_TEST_DECREF_AC(equalPolicy);
PKIX_TEST_DECREF_AC(diffPolicy);
PKIX_TEST_RETURN();
}
static void test_GetPolicyQualifiers(
PKIX_PolicyNode *goodNode,
PKIX_PolicyNode *equalNode,
PKIX_PolicyNode *diffNode,
char *expectedAscii)
{
PKIX_Boolean isImmutable = PKIX_FALSE;
PKIX_List *goodList = NULL;
PKIX_List *equalList = NULL;
PKIX_List *diffList = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PolicyNode_GetPolicyQualifiers");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetPolicyQualifiers
(goodNode, &goodList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetPolicyQualifiers
(equalNode, &equalList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetPolicyQualifiers
(diffNode, &diffList, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodList, equalList, diffList, expectedAscii, List, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable
(goodList, &isImmutable, plContext));
if (isImmutable != PKIX_TRUE) {
testError
("PKIX_PolicyNode_GetPolicyQualifiers returned a mutable List");
}
cleanup:
PKIX_TEST_DECREF_AC(goodList);
PKIX_TEST_DECREF_AC(equalList);
PKIX_TEST_DECREF_AC(diffList);
PKIX_TEST_RETURN();
}
static void test_GetExpectedPolicies(
PKIX_PolicyNode *goodNode,
PKIX_PolicyNode *equalNode,
PKIX_PolicyNode *diffNode,
char *expectedAscii)
{
PKIX_Boolean isImmutable = PKIX_FALSE;
PKIX_List *goodList = NULL;
PKIX_List *equalList = NULL;
PKIX_List *diffList = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PolicyNode_GetExpectedPolicies");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetExpectedPolicies
(goodNode, &goodList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetExpectedPolicies
(equalNode, &equalList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetExpectedPolicies
(diffNode, &diffList, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodList, equalList, diffList, expectedAscii, List, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable
(goodList, &isImmutable, plContext));
if (isImmutable != PKIX_TRUE) {
testError
("PKIX_PolicyNode_GetExpectedPolicies returned a mutable List");
}
cleanup:
PKIX_TEST_DECREF_AC(goodList);
PKIX_TEST_DECREF_AC(equalList);
PKIX_TEST_DECREF_AC(diffList);
PKIX_TEST_RETURN();
}
static void test_IsCritical(
PKIX_PolicyNode *goodNode,
PKIX_PolicyNode *equalNode,
PKIX_PolicyNode *diffNode)
{
PKIX_Boolean goodBool = PKIX_FALSE;
PKIX_Boolean equalBool = PKIX_FALSE;
PKIX_Boolean diffBool = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("PKIX_PolicyNode_IsCritical");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_IsCritical
(goodNode, &goodBool, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_IsCritical
(equalNode, &equalBool, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_IsCritical
(diffNode, &diffBool, plContext));
if ((!goodBool) || (!equalBool) || (diffBool)) {
testError("IsCritical returned unexpected value");
}
cleanup:
PKIX_TEST_RETURN();
}
static void test_GetDepth(
PKIX_PolicyNode *depth1Node,
PKIX_PolicyNode *depth2Node,
PKIX_PolicyNode *depth3Node)
{
PKIX_UInt32 depth1 = 0;
PKIX_UInt32 depth2 = 0;
PKIX_UInt32 depth3 = 0;
PKIX_TEST_STD_VARS();
subTest("PKIX_PolicyNode_GetDepth");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetDepth
(depth1Node, &depth1, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetDepth
(depth2Node, &depth2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetDepth
(depth3Node, &depth3, plContext));
if ((depth1 != 1) || (depth2 != 2) || (depth3 != 3)) {
testError("GetDepth returned unexpected value");
}
cleanup:
PKIX_TEST_RETURN();
}
void printUsage(void) {
(void) printf("\nUSAGE:\ttest_policynode <NIST_FILES_DIR> \n\n");
}
int main(int argc, char *argv[]) {
/*
* Create a tree with parent = anyPolicy,
* child1 with Nist1+Nist2, child2 with Nist1.
* Give each child another child, with policies Nist2
* and Nist1, respectively. Pruning with a depth of two
* should have no effect. Give one of the children
* another child. Then pruning with a depth of three
* should reduce the tree to a single strand, as child1
* and child3 are removed.
*
* parent (anyPolicy)
* / \
* child1(Nist1+Nist2) child2(Nist1)
* | |
* child3(Nist2) child4(Nist1)
* |
* child5(Nist1)
*
*/
char *asciiAnyPolicy = "2.5.29.32.0";
PKIX_PL_Cert *cert = NULL;
PKIX_PL_CertPolicyInfo *nist1Policy = NULL;
PKIX_PL_CertPolicyInfo *nist2Policy = NULL;
PKIX_List *policyQualifierList = NULL;
PKIX_PL_OID *oidAnyPolicy = NULL;
PKIX_PL_OID *oidNist1Policy = NULL;
PKIX_PL_OID *oidNist2Policy = NULL;
PKIX_List *expectedAnyList = NULL;
PKIX_List *expectedNist1List = NULL;
PKIX_List *expectedNist2List = NULL;
PKIX_List *expectedNist1Nist2List = NULL;
PKIX_List *emptyList = NULL;
PKIX_PolicyNode *parentNode = NULL;
PKIX_PolicyNode *childNode1 = NULL;
PKIX_PolicyNode *childNode2 = NULL;
PKIX_PolicyNode *childNode3 = NULL;
PKIX_PolicyNode *childNode4 = NULL;
PKIX_PolicyNode *childNode5 = NULL;
PKIX_PL_String *parentString = NULL;
PKIX_Boolean pDelete = PKIX_FALSE;
char *expectedParentAscii =
"{2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5C "
"1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 65"
" 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D 2"
"0 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 69 "
"73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 66"
" 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20 6"
"F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1[(1.3"
".6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 69 7"
"3 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74 69 "
"63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 72 20"
" 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 63 6"
"1 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70 75 "
"72 70 6F 73 65 73 20 6F 6E 6C 79])], 2.16.840.1.101.3"
".2.1.48.2[(1.3.6.1.5.5.7.2.2:[30 5A 1A 58 71 32 3A 20"
" 20 54 68 69 73 20 69 73 20 74 68 65 20 75 73 65 72 2"
"0 6E 6F 74 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 "
"66 69 65 72 20 32 2E 20 20 54 68 69 73 20 75 73 65 72"
" 20 6E 6F 74 69 63 65 20 73 68 6F 75 6C 64 20 6E 6F 7"
"4 20 62 65 20 64 69 73 70 6C 61 79 65 64])]),1}\n"
". {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.2),2}";
char *expectedValidAscii =
"2.16.840.1.101.3.2.1.48.2";
char *expectedQualifiersAscii =
/* "(1.3.6.1.5.5.7.2.2)"; */
"(1.3.6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 "
"69 73 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74"
" 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 7"
"2 20 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 "
"63 61 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70"
" 75 72 70 6F 73 65 73 20 6F 6E 6C 79])";
char *expectedPoliciesAscii =
"(2.16.840.1.101.3.2.1.48.1)";
char *expectedTree =
"{2.5.29.32.0,{},Critical,(2.5.29.32.0),0}\n"
". {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1[(1"
".3.6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 69"
" 73 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74 6"
"9 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 72 "
"20 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 63"
" 61 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70 7"
"5 72 70 6F 73 65 73 20 6F 6E 6C 79])], 2.16.840.1.101"
".3.2.1.48.2[(1.3.6.1.5.5.7.2.2:[30 5A 1A 58 71 32 3A "
"20 20 54 68 69 73 20 69 73 20 74 68 65 20 75 73 65 72"
" 20 6E 6F 74 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 6"
"9 66 69 65 72 20 32 2E 20 20 54 68 69 73 20 75 73 65 "
"72 20 6E 6F 74 69 63 65 20 73 68 6F 75 6C 64 20 6E 6F"
" 74 20 62 65 20 64 69 73 70 6C 61 79 65 64])]"
"),1}\n"
". . {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30"
" 5C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 6"
"8 65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F "
"6D 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68"
" 69 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 2"
"0 66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 "
"20 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.2)"
",2}\n"
". {2.16.840.1.101.3.2.1.48.1,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1),1}\n"
". . {2.16.840.1.101.3.2.1.48.1,(EMPTY),Not Critical,"
"(2.16.840.1.101.3.2.1.48.1),2}\n"
". . . {2.16.840.1.101.3.2.1.48.1,{},Critical,(2.16.84"
"0.1.101.3.2.1.48.1),3}";
char *expectedPrunedTree =
"{2.5.29.32.0,{},Critical,(2.5.29.32.0),0}\n"
". {2.16.840.1.101.3.2.1.48.1,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1),1}\n"
". . {2.16.840.1.101.3.2.1.48.1,(EMPTY),Not Critical,"
"(2.16.840.1.101.3.2.1.48.1),2}\n"
". . . {2.16.840.1.101.3.2.1.48.1,{},Critical,(2.16.84"
"0.1.101.3.2.1.48.1),3}";
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *dirName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 2) {
printUsage();
return (0);
}
startTests("PolicyNode");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
dirName = argv[j+1];
subTest("Creating OID objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(asciiAnyPolicy, &oidAnyPolicy, plContext));
/* Read certificates to get real policies, qualifiers */
cert = createCert
(dirName, "UserNoticeQualifierTest16EE.crt", plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation
(cert, &expectedNist1Nist2List, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(expectedNist1Nist2List,
0,
(PKIX_PL_Object **)&nist1Policy,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(expectedNist1Nist2List,
1,
(PKIX_PL_Object **)&nist2Policy,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers
(nist1Policy, &policyQualifierList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId
(nist1Policy, &oidNist1Policy, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId
(nist2Policy, &oidNist2Policy, plContext));
subTest("Creating expectedPolicy List objects");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&expectedAnyList, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&expectedNist1List, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&expectedNist2List, plContext));
subTest("Populating expectedPolicy List objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(expectedAnyList, (PKIX_PL_Object *)oidAnyPolicy, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(expectedNist1List,
(PKIX_PL_Object *)oidNist1Policy,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(expectedNist2List,
(PKIX_PL_Object *)oidNist2Policy,
plContext));
subTest("Creating PolicyNode objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&emptyList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidAnyPolicy,
NULL,
PKIX_TRUE,
expectedAnyList,
&parentNode,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist2Policy,
policyQualifierList,
PKIX_TRUE,
expectedNist1Nist2List,
&childNode1,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist1Policy,
policyQualifierList,
PKIX_TRUE,
expectedNist1List,
&childNode2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist2Policy,
policyQualifierList,
PKIX_TRUE,
expectedNist2List,
&childNode3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist1Policy,
emptyList,
PKIX_FALSE,
expectedNist1List,
&childNode4,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist1Policy,
NULL,
PKIX_TRUE,
expectedNist1List,
&childNode5,
plContext));
subTest("Creating the PolicyNode tree");
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(parentNode, childNode1, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(parentNode, childNode2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(childNode1, childNode3, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(childNode2, childNode4, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(childNode4, childNode5, plContext));
subTest("Displaying PolicyNode objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)parentNode, &parentString, plContext));
(void) printf("parentNode is\n\t%s\n", parentString->escAsciiString);
testToStringHelper
((PKIX_PL_Object*)parentNode, expectedTree, plContext);
test_DuplicateHelper(parentNode, plContext);
test_GetParent(childNode3, childNode3, childNode4, expectedParentAscii);
test_GetValidPolicy
(childNode1, childNode3, parentNode, expectedValidAscii);
test_GetPolicyQualifiers
(childNode1, childNode3, childNode4, expectedQualifiersAscii);
test_GetExpectedPolicies
(childNode2, childNode4, childNode3, expectedPoliciesAscii);
test_IsCritical(childNode1, childNode2, childNode4);
test_GetDepth(childNode2, childNode4, childNode5);
subTest("pkix_PolicyNode_Prune");
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Prune
(parentNode, 2, &pDelete, plContext));
testToStringHelper
((PKIX_PL_Object*)parentNode, expectedTree, plContext);
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Prune
(parentNode, 3, &pDelete, plContext));
testToStringHelper
((PKIX_PL_Object*)parentNode, expectedPrunedTree, plContext);
test_GetChildren(parentNode, parentNode, childNode2);
cleanup:
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(nist1Policy);
PKIX_TEST_DECREF_AC(nist2Policy);
PKIX_TEST_DECREF_AC(policyQualifierList);
PKIX_TEST_DECREF_AC(oidAnyPolicy);
PKIX_TEST_DECREF_AC(oidNist1Policy);
PKIX_TEST_DECREF_AC(oidNist2Policy);
PKIX_TEST_DECREF_AC(expectedAnyList);
PKIX_TEST_DECREF_AC(expectedNist1List);
PKIX_TEST_DECREF_AC(expectedNist2List);
PKIX_TEST_DECREF_AC(expectedNist1Nist2List);
PKIX_TEST_DECREF_AC(emptyList);
PKIX_TEST_DECREF_AC(parentNode);
PKIX_TEST_DECREF_AC(childNode1);
PKIX_TEST_DECREF_AC(childNode2);
PKIX_TEST_DECREF_AC(childNode3);
PKIX_TEST_DECREF_AC(childNode4);
PKIX_TEST_DECREF_AC(childNode5);
PKIX_TEST_DECREF_AC(parentString);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("PolicyNode");
return (0);
}

245
security/nss/cmd/libpkix/pkix/results/test_valresult.c Normal file
Просмотреть файл

@ -0,0 +1,245 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_valresult.c
*
* Test ValidateResult Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateResult_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void testGetPublicKey(
PKIX_ValidateResult *goodObject,
PKIX_ValidateResult *equalObject){
PKIX_PL_PublicKey *goodPubKey = NULL;
PKIX_PL_PublicKey *equalPubKey = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateResult_GetPublicKey");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPublicKey
(goodObject, &goodPubKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPublicKey
(equalObject, &equalPubKey, plContext));
testEqualsHelper
((PKIX_PL_Object *)goodPubKey,
(PKIX_PL_Object *)equalPubKey,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodPubKey);
PKIX_TEST_DECREF_AC(equalPubKey);
PKIX_TEST_RETURN();
}
void testGetTrustAnchor(
PKIX_ValidateResult *goodObject,
PKIX_ValidateResult *equalObject){
PKIX_TrustAnchor *goodAnchor = NULL;
PKIX_TrustAnchor *equalAnchor = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateResult_GetTrustAnchor");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetTrustAnchor
(goodObject, &goodAnchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetTrustAnchor
(equalObject, &equalAnchor, plContext));
testEqualsHelper
((PKIX_PL_Object *)goodAnchor,
(PKIX_PL_Object *)equalAnchor,
PKIX_TRUE,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodAnchor);
PKIX_TEST_DECREF_AC(equalAnchor);
PKIX_TEST_RETURN();
}
void testGetPolicyTree(
PKIX_ValidateResult *goodObject,
PKIX_ValidateResult *equalObject){
PKIX_PolicyNode *goodTree = NULL;
PKIX_PolicyNode *equalTree = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateResult_GetPolicyTree");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPolicyTree
(goodObject, &goodTree, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPolicyTree
(equalObject, &equalTree, plContext));
if (goodTree) {
testEqualsHelper
((PKIX_PL_Object *)goodTree,
(PKIX_PL_Object *)equalTree,
PKIX_TRUE,
plContext);
} else if (equalTree) {
pkixTestErrorMsg = "Mismatch: NULL and non-NULL Policy Trees";
}
cleanup:
PKIX_TEST_DECREF_AC(goodTree);
PKIX_TEST_DECREF_AC(equalTree);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <central-data-dir>\n\n", pName);
}
int main(int argc, char *argv[]) {
PKIX_ValidateResult *goodObject = NULL;
PKIX_ValidateResult *equalObject = NULL;
PKIX_ValidateResult *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *goodInput = "yassir2yassir";
char *diffInput = "yassir2bcn";
char *dirName = NULL;
char *expectedAscii =
"[\n"
"\tTrustAnchor: \t\t"
"[\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
"\tPubKey: \t\t"
"ANSI X9.57 DSA Signature\n"
"\tPolicyTree: \t\t(null)\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("ValidateResult");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dirName = argv[j+1];
subTest("pkix_ValidateResult_Create");
goodObject = createValidateResult
(dirName, goodInput, diffInput, plContext);
equalObject = createValidateResult
(dirName, goodInput, diffInput, plContext);
diffObject = createValidateResult
(dirName, diffInput, goodInput, plContext);
testGetPublicKey(goodObject, equalObject);
testGetTrustAnchor(goodObject, equalObject);
testGetPolicyTree(goodObject, equalObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
ValidateResult,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ValidateResult");
return (0);
}

161
security/nss/cmd/libpkix/pkix/results/test_verifynode.c Normal file
Просмотреть файл

@ -0,0 +1,161 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_verifynode.c
*
* Test VerifyNode Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void printUsage(void) {
(void) printf("\nUSAGE:\ttest_verifynode path cert1 cert2 cert3\n\n");
}
int main(int argc, char *argv[]) {
/*
* Create a tree with parent = cert1, child=cert2, grandchild=cert3
*/
PKIX_PL_Cert *cert1 = NULL;
PKIX_PL_Cert *cert2 = NULL;
PKIX_PL_Cert *cert3 = NULL;
PKIX_VerifyNode *parentNode = NULL;
PKIX_VerifyNode *childNode = NULL;
PKIX_VerifyNode *grandChildNode = NULL;
PKIX_PL_String *parentString = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *dirName = NULL;
char *twoNodeAscii = "CERT[Issuer:CN=Trust Anchor,O=Test Cert"
"ificates,C=US, Subject:CN=Trust Anchor,O=Test Certif"
"icates,C=US], depth=0, error=(null)\n. CERT[Issuer:C"
"N=Trust Anchor,O=Test Certificates,C=US, Subject:CN="
"Good CA,O=Test Certificates,C=US], depth=1, error=(null)";
char *threeNodeAscii = "CERT[Issuer:CN=Trust Anchor,O=Test Ce"
"rtificates,C=US, Subject:CN=Trust Anchor,O=Test Cert"
"ificates,C=US], depth=0, error=(null)\n. CERT[Issuer"
":CN=Trust Anchor,O=Test Certificates,C=US, Subject:C"
"N=Good CA,O=Test Certificates,C=US], depth=1, error="
"(null)\n. . CERT[Issuer:CN=Good CA,O=Test Certificat"
"es,C=US, Subject:CN=Valid EE Certificate Test1,O=Tes"
"t Certificates,C=US], depth=2, error=(null)";
PKIX_TEST_STD_VARS();
if (argc < 3) {
printUsage();
return (0);
}
startTests("VerifyNode");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
dirName = argv[++j];
subTest("Creating Certs");
cert1 = createCert
(dirName, argv[++j], plContext);
cert2 = createCert
(dirName, argv[++j], plContext);
cert3 = createCert
(dirName, argv[++j], plContext);
subTest("Creating VerifyNode objects");
PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_Create
(cert1, 0, NULL, &parentNode, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_Create
(cert2, 1, NULL, &childNode, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_Create
(cert3, 2, NULL, &grandChildNode, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_AddToChain
(parentNode, childNode, plContext));
subTest("Creating VerifyNode ToString objects");
testToStringHelper
((PKIX_PL_Object *)parentNode, twoNodeAscii, plContext);
PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_AddToChain
(parentNode, grandChildNode, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)parentNode, &parentString, plContext));
(void) printf("parentNode is\n\t%s\n", parentString->escAsciiString);
testToStringHelper
((PKIX_PL_Object *)parentNode, threeNodeAscii, plContext);
cleanup:
PKIX_TEST_DECREF_AC(cert1);
PKIX_TEST_DECREF_AC(cert2);
PKIX_TEST_DECREF_AC(parentNode);
PKIX_TEST_DECREF_AC(childNode);
PKIX_TEST_DECREF_AC(parentString);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("VerifyNode");
return (0);
}

80
security/nss/cmd/libpkix/pkix/store/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

49
security/nss/cmd/libpkix/pkix/store/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,49 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_store.c
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

232
security/nss/cmd/libpkix/pkix/store/test_store.c Executable file
Просмотреть файл

@ -0,0 +1,232 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_certstore.c
*
* Test CertStore Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
PKIX_Error *testCRLCallback(
PKIX_CertStore *store,
PKIX_CRLSelector *selector,
void **pNBIOContext,
PKIX_List **pCrls, /* list of PKIX_PL_Crl */
void *plContext)
{
return (0);
}
PKIX_Error *testCRLContinue(
PKIX_CertStore *store,
PKIX_CRLSelector *selector,
void **pNBIOContext,
PKIX_List **pCrls, /* list of PKIX_PL_Crl */
void *plContext)
{
return (0);
}
PKIX_Error *testCertCallback(
PKIX_CertStore *store,
PKIX_CertSelector *selector,
void **pNBIOContext,
PKIX_List **pCerts, /* list of PKIX_PL_Cert */
void *plContext)
{
return (0);
}
PKIX_Error *testCertContinue(
PKIX_CertStore *store,
PKIX_CertSelector *selector,
void **pNBIOContext,
PKIX_List **pCerts, /* list of PKIX_PL_Cert */
void *plContext)
{
return (0);
}
static char *catDirName(char *platform, char *dir, void *plContext)
{
char *pathName = NULL;
PKIX_UInt32 dirLen;
PKIX_UInt32 platformLen;
PKIX_TEST_STD_VARS();
dirLen = PL_strlen(dir);
platformLen = PL_strlen(platform);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc
(platformLen + dirLen + 2, (void **)&pathName, plContext));
PL_strcpy(pathName, platform);
PL_strcat(pathName, "/");
PL_strcat(pathName, dir);
cleanup:
PKIX_TEST_RETURN();
return (pathName);
}
void testCertStore(char *crlDir)
{
PKIX_PL_String *dirString = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_PL_Object *getCertStoreContext = NULL;
PKIX_CertStore_CertCallback certCallback = NULL;
PKIX_CertStore_CRLCallback crlCallback = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
crlDir,
0,
&dirString,
plContext));
subTest("PKIX_CertStore_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_Create
(testCertCallback,
testCRLCallback,
testCertContinue,
testCRLContinue,
NULL, /* trustCallback */
(PKIX_PL_Object *) dirString,
PKIX_TRUE, /* cacheFlag */
PKIX_TRUE, /* local */
&certStore,
plContext));
subTest("PKIX_CertStore_GetCertCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback
(certStore, &certCallback, plContext));
if (certCallback != testCertCallback) {
testError("PKIX_CertStore_GetCertCallback unexpected mismatch");
}
subTest("PKIX_CertStore_GetCRLCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback
(certStore, &crlCallback, plContext));
if (crlCallback != testCRLCallback) {
testError("PKIX_CertStore_GetCRLCallback unexpected mismatch");
}
subTest("PKIX_CertStore_GetCertStoreContext");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertStore_GetCertStoreContext
(certStore, &getCertStoreContext, plContext));
if ((PKIX_PL_Object *)dirString != getCertStoreContext) {
testError("PKIX_CertStore_GetCertStoreContext unexpected mismatch");
}
cleanup:
PKIX_TEST_DECREF_AC(dirString);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(getCertStoreContext);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s testName <data-dir> <platform-dir>\n\n", pName);
}
/* Functional tests for CertStore public functions */
int main(int argc, char *argv[]) {
char *platformDir = NULL;
char *dataDir = NULL;
char *combinedDir = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < (3 + j)) {
printUsage(argv[0]);
return (0);
}
startTests(argv[1 + j]);
dataDir = argv[2 + j];
platformDir = argv[3 + j];
combinedDir = catDirName(platformDir, dataDir, plContext);
testCertStore(combinedDir);
cleanup:
pkixTestErrorResult = PKIX_PL_Free(combinedDir, plContext);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CertStore");
return (0);
}

80
security/nss/cmd/libpkix/pkix/top/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

63
security/nss/cmd/libpkix/pkix/top/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,63 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_basicchecker.c \
test_basicconstraintschecker.c \
test_buildchain.c \
test_buildchain_uchecker.c \
test_buildchain_partialchain.c \
test_buildchain_resourcelimits.c \
test_customcrlchecker.c \
test_defaultcrlchecker2stores.c \
test_ocsp.c \
test_policychecker.c \
test_subjaltnamechecker.c \
test_validatechain.c \
test_validatechain_bc.c \
test_validatechain_NB.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

280
security/nss/cmd/libpkix/pkix/top/test_basicchecker.c Normal file
Просмотреть файл

@ -0,0 +1,280 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_basicchecker.c
*
* Test Basic Checking
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void testPass(char *dirName, char *goodInput, char *diffInput, char *dateAscii){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_TEST_STD_VARS();
subTest("Basic-Common-Fields <pass>");
/*
* Tests the Expiration, NameChaining, and Signature Checkers
*/
chain = createCertChain(dirName, goodInput, diffInput, plContext);
valParams = createValidateParams
(dirName,
goodInput,
diffInput,
dateAscii,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_RETURN();
}
void testNameChainingFail(
char *dirName,
char *goodInput,
char *diffInput,
char *dateAscii)
{
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_TEST_STD_VARS();
subTest("NameChaining <fail>");
chain = createCertChain(dirName, diffInput, goodInput, plContext);
valParams = createValidateParams
(dirName,
goodInput,
diffInput,
dateAscii,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_RETURN();
}
void testDateFail(char *dirName, char *goodInput, char *diffInput){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_TEST_STD_VARS();
chain = createCertChain(dirName, goodInput, diffInput, plContext);
subTest("Expiration <fail>");
valParams = createValidateParams
(dirName,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
cleanup:
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_RETURN();
}
void testSignatureFail(
char *dirName,
char *goodInput,
char *diffInput,
char *dateAscii)
{
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_TEST_STD_VARS();
subTest("Signature <fail>");
chain = createCertChain(dirName, diffInput, goodInput, plContext);
valParams = createValidateParams
(dirName,
goodInput,
diffInput,
dateAscii,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
cleanup:
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <central-data-dir>\n\n", pName);
}
int main(int argc, char *argv[]) {
char *goodInput = "yassir2yassir";
char *diffInput = "yassir2bcn";
char *dateAscii = "991201000000Z";
char *dirName = NULL;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_TEST_STD_VARS();
startTests("SignatureChecker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dirName = argv[j+1];
/* The NameChaining, Expiration, and Signature Checkers all pass */
testPass(dirName, goodInput, diffInput, dateAscii);
/* Individual Checkers fail */
testNameChainingFail(dirName, goodInput, diffInput, dateAscii);
testDateFail(dirName, goodInput, diffInput);
/*
* XXX
* since the signature check is done last, we need to create
* certs whose name chaining passes, but their signatures fail;
* we currently don't have any such certs.
*/
/* testSignatureFail(goodInput, diffInput, dateAscii); */
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("SignatureChecker");
return (0);
}

184
security/nss/cmd/libpkix/pkix/top/test_basicconstraintschecker.c Normal file
Просмотреть файл

@ -0,0 +1,184 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_basicconstraintschecker.c
*
* Test Basic Constraints Checking
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TEST_MAX_CERTS 10
void *plContext = NULL;
void printUsage1(char *pName){
printf("\nUSAGE: %s test-name [ENE|EE] ", pName);
printf("cert [certs].\n");
}
void printUsageMax(PKIX_UInt32 numCerts){
printf("\nUSAGE ERROR: number of certs %d exceed maximum %d\n",
numCerts, PKIX_TEST_MAX_CERTS);
}
int main(int argc, char *argv[]){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_Boolean testValid = PKIX_FALSE;
char *dirName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 4){
printUsage1(argv[0]);
return (0);
}
startTests("BasicConstraintsChecker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
dirName = argv[3+j];
chainLength = (argc - j) - 4;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[(4+j)+i];
certs[i] = NULL;
}
subTest(argv[1+j]);
subTest("Basic-Constraints - Create Cert Chain");
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
/*
* Error occurs when creating Cert, this is critical and test
* should not continue. Since we expect error, we assume this
* error is the one that is expected, so undo the error count.
*
* This work needs future enhancement. We will introduce another
* flag ESE, in addition to the existing EE(expect validation
* error) and ENE(expect no validation error). ESE stands for
* "expect setup error". When running with ESE, if any of the setup
* calls such creating Cert Chain fails, the test can end and
* considered to be successful.
*/
if (testValid == PKIX_FALSE && chain == NULL) {
testErrorUndo("Cert Error - Create failed");
goto cleanup;
}
subTest("Basic-Constraints - Create Params");
valParams = createValidateParams
(dirName,
argv[4+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("Basic-Constraints - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("BasicConstraintsChecker");
return (0);
}

513
security/nss/cmd/libpkix/pkix/top/test_buildchain.c Normal file
Просмотреть файл

@ -0,0 +1,513 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_buildchain.c
*
* Test BuildChain function
*
*/
/* #define debuggingWithoutRevocation */
#include "testutil.h"
#include "testutil_nss.h"
#define LDAP_PORT 389
PKIX_Boolean usebind = PKIX_FALSE;
PKIX_Boolean useLDAP = PKIX_FALSE;
char buf[PR_NETDB_BUF_SIZE];
char *serverName = NULL;
char *sepPtr = NULL;
PRNetAddr netAddr;
PRHostEnt hostent;
PKIX_UInt32 portNum = 0;
PRIntn hostenum = 0;
PRStatus prstatus = PR_FAILURE;
void *ipaddr = NULL;
void *plContext = NULL;
static void printUsage(void) {
(void) printf("\nUSAGE:\ttest_buildchain [-arenas] [usebind] "
"servername[:port] <testName> [ENE|EE]\n"
"\t <certStoreDirectory> <targetCert>"
" <intermediate Certs...> <trustedCert>\n\n");
(void) printf
("Builds a chain of certificates from <targetCert> to <trustedCert>\n"
"using the certs and CRLs in <certStoreDirectory>. "
"servername[:port] gives\n"
"the address of an LDAP server. If port is not"
" specified, port 389 is used. \"-\" means no LDAP server.\n"
"If ENE is specified, then an Error is Not Expected. "
"EE indicates an Error is Expected.\n");
}
static PKIX_Error *
createLdapCertStore(
char *hostname,
PRIntervalTime timeout,
PKIX_CertStore **pLdapCertStore,
void* plContext)
{
PRIntn backlog = 0;
char *bindname = "";
char *auth = "";
LDAPBindAPI bindAPI;
LDAPBindAPI *bindPtr = NULL;
PKIX_PL_LdapDefaultClient *ldapClient = NULL;
PKIX_CertStore *ldapCertStore = NULL;
PKIX_TEST_STD_VARS();
if (usebind) {
bindPtr = &bindAPI;
bindAPI.selector = SIMPLE_AUTH;
bindAPI.chooser.simple.bindName = bindname;
bindAPI.chooser.simple.authentication = auth;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName
(hostname, timeout, bindPtr, &ldapClient, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create
((PKIX_PL_LdapClient *)ldapClient,
&ldapCertStore,
plContext));
*pLdapCertStore = ldapCertStore;
cleanup:
PKIX_TEST_DECREF_AC(ldapClient);
PKIX_TEST_RETURN();
return (pkixTestErrorResult);
}
int main(int argc, char *argv[])
{
PKIX_BuildResult *buildResult = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_PL_PublicKey *trustedPubKey = NULL;
PKIX_List *anchors = NULL;
PKIX_List *certs = NULL;
PKIX_RevocationChecker *revChecker = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
char *dirName = NULL;
PKIX_PL_String *dirNameString = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_UInt32 actualMinorVersion = 0;
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_CertStore *ldapCertStore = NULL;
PRIntervalTime timeout = PR_INTERVAL_NO_TIMEOUT; /* blocking */
/* PRIntervalTime timeout = PR_INTERVAL_NO_WAIT; =0 for non-blocking */
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
PKIX_List *revCheckers = NULL;
char * asciiResult = NULL;
PKIX_Boolean result = PKIX_FALSE;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_List *expectedCerts = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_PL_String *actualCertsString = NULL;
PKIX_PL_String *expectedCertsString = NULL;
void *state = NULL;
char *actualCertsAscii = NULL;
char *expectedCertsAscii = NULL;
PRPollDesc *pollDesc = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("BuildChain");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/*
* arguments:
* [optional] -arenas
* [optional] usebind
* servername or servername:port ( - for no server)
* testname
* EE or ENE
* cert directory
* target cert (end entity)
* intermediate certs
* trust anchor
*/
/* optional argument "usebind" for Ldap CertStore */
if (argv[j + 1]) {
if (PORT_Strcmp(argv[j + 1], "usebind") == 0) {
usebind = PKIX_TRUE;
j++;
}
}
if (PORT_Strcmp(argv[++j], "-") == 0) {
useLDAP = PKIX_FALSE;
} else {
serverName = argv[j];
useLDAP = PKIX_TRUE;
}
subTest(argv[++j]);
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[++j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
dirName = argv[++j];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext));
for (k = ++j; k < (PKIX_UInt32)argc; k++) {
dirCert = createCert(dirName, argv[k], plContext);
if (k == (PKIX_UInt32)(argc - 1)) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
trustedCert = dirCert;
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(expectedCerts,
(PKIX_PL_Object *)dirCert,
plContext));
if (k == j) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
targetCert = dirCert;
}
}
PKIX_TEST_DECREF_BC(dirCert);
}
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
/* create CertStores */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, dirName, 0, &dirNameString, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
if (useLDAP == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(createLdapCertStore
(serverName, timeout, &ldapCertStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores,
(PKIX_PL_Object *)ldapCertStore,
plContext));
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_CollectionCertStore_Create
(dirNameString, &certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores, (PKIX_PL_Object *)certStore, plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey
(trustedCert, &trustedPubKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(expectedCerts, &numCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_DefaultRevChecker_Initialize
(certStores,
NULL, /* testDate, may be NULL */
trustedPubKey,
numCerts,
&revChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(revCheckers, (PKIX_PL_Object *)revChecker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers
(procParams, revCheckers, plContext));
#ifdef debuggingWithoutRevocation
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
#endif
/* build cert chain using processing params and return buildResult */
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
&verifyTree,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
&verifyTree,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
} else {
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
(void) printf("UNEXPECTED NON-ERROR RECEIVED!\n");
}
}
subTest("Displaying VerifyNode objects");
if (verifyTree == NULL) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, "(null)", 0, &verifyString, plContext));
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
}
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
if (pkixTestErrorResult) {
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
goto cleanup;
}
if (buildResult) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain
(buildResult, &certs, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
/* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, NULL));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals
((PKIX_PL_Object*)certs,
(PKIX_PL_Object*)expectedCerts,
&result,
plContext));
if (!result) {
testError("BUILT CERTCHAIN IS "
"NOT THE ONE THAT WAS EXPECTED");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)certs,
&actualCertsString,
plContext));
actualCertsAscii = PKIX_String2ASCII
(actualCertsString, plContext);
if (actualCertsAscii == NULL) {
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)expectedCerts,
&expectedCertsString,
plContext));
expectedCertsAscii = PKIX_String2ASCII
(expectedCertsString, plContext);
if (expectedCertsAscii == NULL) {
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
(void) printf("Actual value:\t%s\n", actualCertsAscii);
(void) printf("Expected value:\t%s\n",
expectedCertsAscii);
}
}
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_PL_Free(asciiResult, NULL);
PKIX_PL_Free(actualCertsAscii, plContext);
PKIX_PL_Free(expectedCertsAscii, plContext);
PKIX_TEST_DECREF_AC(state);
PKIX_TEST_DECREF_AC(actualCertsString);
PKIX_TEST_DECREF_AC(expectedCertsString);
PKIX_TEST_DECREF_AC(expectedCerts);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(revCheckers);
PKIX_TEST_DECREF_AC(revChecker);
PKIX_TEST_DECREF_AC(ldapCertStore);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(dirNameString);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(trustedPubKey);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("BuildChain");
return (0);
}

863
security/nss/cmd/libpkix/pkix/top/test_buildchain_partialchain.c Normal file
Просмотреть файл

@ -0,0 +1,863 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_buildchain_partialchain.c
*
* Test BuildChain function
*
*/
#define debuggingWithoutRevocation
#include "testutil.h"
#include "testutil_nss.h"
#define LDAP_PORT 389
PKIX_Boolean usebind = PKIX_FALSE;
PKIX_Boolean useLDAP = PKIX_FALSE;
char buf[PR_NETDB_BUF_SIZE];
char *serverName = NULL;
char *sepPtr = NULL;
PRNetAddr netAddr;
PRHostEnt hostent;
PKIX_UInt32 portNum = 0;
PRIntn hostenum = 0;
PRStatus prstatus = PR_FAILURE;
void *ipaddr = NULL;
void *plContext = NULL;
static void printUsage(void) {
(void) printf("\nUSAGE:\ttest_buildchain [-arenas] [usebind] "
"servername[:port] <testName> [ENE|EE]\n"
"\t <certStoreDirectory> <targetCert>"
" <intermediate Certs...> <trustedCert>\n\n");
(void) printf
("Builds a chain of certificates from <targetCert> to <trustedCert>\n"
"using the certs and CRLs in <certStoreDirectory>. "
"servername[:port] gives\n"
"the address of an LDAP server. If port is not"
" specified, port 389 is used. \"-\" means no LDAP server.\n"
"If ENE is specified, then an Error is Not Expected. "
"EE indicates an Error is Expected.\n");
}
static PKIX_Error *
createLdapCertStore(
char *hostname,
PRIntervalTime timeout,
PKIX_CertStore **pLdapCertStore,
void* plContext)
{
PRIntn backlog = 0;
char *bindname = "";
char *auth = "";
LDAPBindAPI bindAPI;
LDAPBindAPI *bindPtr = NULL;
PKIX_PL_LdapDefaultClient *ldapClient = NULL;
PKIX_CertStore *ldapCertStore = NULL;
PKIX_TEST_STD_VARS();
if (usebind) {
bindPtr = &bindAPI;
bindAPI.selector = SIMPLE_AUTH;
bindAPI.chooser.simple.bindName = bindname;
bindAPI.chooser.simple.authentication = auth;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName
(hostname, timeout, bindPtr, &ldapClient, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create
((PKIX_PL_LdapClient *)ldapClient,
&ldapCertStore,
plContext));
*pLdapCertStore = ldapCertStore;
cleanup:
PKIX_TEST_DECREF_AC(ldapClient);
PKIX_TEST_RETURN();
return (pkixTestErrorResult);
}
/* Test with all Certs in the partial list, no leaf */
static PKIX_Error *
testWithNoLeaf(
PKIX_PL_Cert *trustedCert,
PKIX_List *listOfCerts,
PKIX_PL_Cert *targetCert,
PKIX_List *certStores,
PKIX_Boolean testValid,
void* plContext)
{
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 i = 0;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *hintCerts = NULL;
PKIX_List *revCheckers = NULL;
PKIX_List *certs = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_PL_PublicKey *trustedPubKey = NULL;
PKIX_RevocationChecker *revChecker = NULL;
PKIX_BuildResult *buildResult = NULL;
PRPollDesc *pollDesc = NULL;
void *state = NULL;
char *asciiResult = NULL;
PKIX_TEST_STD_VARS();
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with no target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
/* create hintCerts */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
((PKIX_PL_Object *)listOfCerts,
(PKIX_PL_Object **)&hintCerts,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetHintCerts
(procParams, hintCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey
(trustedCert, &trustedPubKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(listOfCerts, &numCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_DefaultRevChecker_Initialize
(certStores,
NULL, /* testDate, may be NULL */
trustedPubKey,
numCerts,
&revChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(revCheckers, (PKIX_PL_Object *)revChecker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers
(procParams, revCheckers, plContext));
#ifdef debuggingWithoutRevocation
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
#endif
/* build cert chain using processing params and return buildResult */
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
goto cleanup;
}
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
(void) printf("UNEXPECTED NON-ERROR RECEIVED!\n");
}
if (buildResult) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain
(buildResult, &certs, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
/* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, NULL));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
}
cleanup:
PKIX_PL_Free(asciiResult, NULL);
PKIX_TEST_DECREF_AC(state);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(revCheckers);
PKIX_TEST_DECREF_AC(revChecker);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(hintCerts);
PKIX_TEST_DECREF_AC(trustedPubKey);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_RETURN();
return (pkixTestErrorResult);
}
/* Test with all Certs in the partial list, leaf duplicates the first one */
static PKIX_Error *
testWithDuplicateLeaf(
PKIX_PL_Cert *trustedCert,
PKIX_List *listOfCerts,
PKIX_PL_Cert *targetCert,
PKIX_List *certStores,
PKIX_Boolean testValid,
void* plContext)
{
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 i = 0;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *hintCerts = NULL;
PKIX_List *revCheckers = NULL;
PKIX_List *certs = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_PL_PublicKey *trustedPubKey = NULL;
PKIX_RevocationChecker *revChecker = NULL;
PKIX_BuildResult *buildResult = NULL;
PRPollDesc *pollDesc = NULL;
void *state = NULL;
char *asciiResult = NULL;
PKIX_TEST_STD_VARS();
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
/* create hintCerts */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
((PKIX_PL_Object *)listOfCerts,
(PKIX_PL_Object **)&hintCerts,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetHintCerts
(procParams, hintCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey
(trustedCert, &trustedPubKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(listOfCerts, &numCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_DefaultRevChecker_Initialize
(certStores,
NULL, /* testDate, may be NULL */
trustedPubKey,
numCerts,
&revChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(revCheckers, (PKIX_PL_Object *)revChecker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers
(procParams, revCheckers, plContext));
#ifdef debuggingWithoutRevocation
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
#endif
/* build cert chain using processing params and return buildResult */
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
goto cleanup;
}
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
(void) printf("UNEXPECTED NON-ERROR RECEIVED!\n");
}
if (buildResult) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain
(buildResult, &certs, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
/* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, NULL));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
}
cleanup:
PKIX_PL_Free(asciiResult, NULL);
PKIX_TEST_DECREF_AC(state);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(revCheckers);
PKIX_TEST_DECREF_AC(revChecker);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(hintCerts);
PKIX_TEST_DECREF_AC(trustedPubKey);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_RETURN();
return (pkixTestErrorResult);
}
/* Test with all Certs except the leaf in the partial list */
static PKIX_Error *
testWithLeafAndChain(
PKIX_PL_Cert *trustedCert,
PKIX_List *listOfCerts,
PKIX_PL_Cert *targetCert,
PKIX_List *certStores,
PKIX_Boolean testValid,
void* plContext)
{
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 i = 0;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *hintCerts = NULL;
PKIX_List *revCheckers = NULL;
PKIX_List *certs = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_PL_PublicKey *trustedPubKey = NULL;
PKIX_RevocationChecker *revChecker = NULL;
PKIX_BuildResult *buildResult = NULL;
PRPollDesc *pollDesc = NULL;
void *state = NULL;
char *asciiResult = NULL;
PKIX_TEST_STD_VARS();
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
/* create hintCerts */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate
((PKIX_PL_Object *)listOfCerts,
(PKIX_PL_Object **)&hintCerts,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_DeleteItem
(hintCerts, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetHintCerts
(procParams, hintCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey
(trustedCert, &trustedPubKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(listOfCerts, &numCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_DefaultRevChecker_Initialize
(certStores,
NULL, /* testDate, may be NULL */
trustedPubKey,
numCerts,
&revChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(revCheckers, (PKIX_PL_Object *)revChecker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers
(procParams, revCheckers, plContext));
#ifdef debuggingWithoutRevocation
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
#endif
/* build cert chain using processing params and return buildResult */
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
goto cleanup;
}
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
(void) printf("UNEXPECTED NON-ERROR RECEIVED!\n");
}
if (buildResult) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain
(buildResult, &certs, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
/* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, NULL));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
}
cleanup:
PKIX_TEST_DECREF_AC(state);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(revCheckers);
PKIX_TEST_DECREF_AC(revChecker);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(hintCerts);
PKIX_TEST_DECREF_AC(trustedPubKey);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_RETURN();
return (pkixTestErrorResult);
}
int main(int argc, char *argv[])
{
PKIX_UInt32 actualMinorVersion = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_Boolean ene = PKIX_TRUE; /* expect no error */
PKIX_List *listOfCerts = NULL;
PKIX_List *certStores = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_PL_Cert *trusted = NULL;
PKIX_PL_Cert *target = NULL;
PKIX_CertStore *ldapCertStore = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_PL_String *dirNameString = NULL;
char *dirName = NULL;
PRIntervalTime timeout = PR_INTERVAL_NO_TIMEOUT; /* blocking */
/* PRIntervalTime timeout = PR_INTERVAL_NO_WAIT; =0 for non-blocking */
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("BuildChain");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/*
* arguments:
* [optional] -arenas
* [optional] usebind
* servername or servername:port ( - for no server)
* testname
* EE or ENE
* cert directory
* target cert (end entity)
* intermediate certs
* trust anchor
*/
/* optional argument "usebind" for Ldap CertStore */
if (argv[j + 1]) {
if (PORT_Strcmp(argv[j + 1], "usebind") == 0) {
usebind = PKIX_TRUE;
j++;
}
}
if (PORT_Strcmp(argv[++j], "-") == 0) {
useLDAP = PKIX_FALSE;
} else {
serverName = argv[j];
useLDAP = PKIX_TRUE;
}
subTest(argv[++j]);
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[++j], "ENE") == 0) {
ene = PKIX_TRUE;
} else if (PORT_Strcmp(argv[j], "EE") == 0) {
ene = PKIX_FALSE;
} else {
printUsage();
return (0);
}
dirName = argv[++j];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&listOfCerts, plContext));
for (k = ++j; k < ((PKIX_UInt32)argc); k++) {
dirCert = createCert(dirName, argv[k], plContext);
if (k == ((PKIX_UInt32)(argc - 1))) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
trusted = dirCert;
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(listOfCerts,
(PKIX_PL_Object *)dirCert,
plContext));
if (k == j) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
target = dirCert;
}
}
PKIX_TEST_DECREF_BC(dirCert);
}
/* create CertStores */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, dirName, 0, &dirNameString, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
if (useLDAP == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(createLdapCertStore
(serverName, timeout, &ldapCertStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores,
(PKIX_PL_Object *)ldapCertStore,
plContext));
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_CollectionCertStore_Create
(dirNameString, &certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores, (PKIX_PL_Object *)certStore, plContext));
}
subTest("testWithNoLeaf");
PKIX_TEST_EXPECT_NO_ERROR(testWithNoLeaf
(trusted, listOfCerts, target, certStores, ene, plContext));
subTest("testWithDuplicateLeaf");
PKIX_TEST_EXPECT_NO_ERROR(testWithDuplicateLeaf
(trusted, listOfCerts, target, certStores, ene, plContext));
subTest("testWithLeafAndChain");
PKIX_TEST_EXPECT_NO_ERROR(testWithLeafAndChain
(trusted, listOfCerts, target, certStores, ene, plContext));
cleanup:
PKIX_TEST_DECREF_AC(listOfCerts);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(ldapCertStore);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(dirNameString);
PKIX_TEST_DECREF_AC(trusted);
PKIX_TEST_DECREF_AC(target);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("BuildChain");
return (0);
}

539
security/nss/cmd/libpkix/pkix/top/test_buildchain_resourcelimits.c Normal file
Просмотреть файл

@ -0,0 +1,539 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_buildchain_resourcelimits.c
*
* Test BuildChain function with constraints on resources
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TESTUSERCHECKER_TYPE (PKIX_NUMTYPES+30)
void *plContext = NULL;
PKIX_Boolean usebind = PKIX_FALSE;
PKIX_Boolean useLDAP = PKIX_FALSE;
char buf[PR_NETDB_BUF_SIZE];
char *serverName = NULL;
static void printUsage(void) {
(void) printf("\nUSAGE:\ttest_buildchain_resourcelimits [-arenas] "
"[usebind] servername[:port]\\\n\t\t<testName> [ENE|EE]"
" <certStoreDirectory>\\\n\t\t<targetCert>"
" <intermediate Certs...> <trustedCert>\n\n");
(void) printf
("Builds a chain of certificates from <targetCert> to <trustedCert>\n"
"using the certs and CRLs in <certStoreDirectory>. "
"servername[:port] gives\n"
"the address of an LDAP server. If port is not"
" specified, port 389 is used.\n\"-\" means no LDAP server.\n\n"
"If ENE is specified, then an Error is Not Expected.\n"
"EE indicates an Error is Expected.\n");
}
static PKIX_Error *
createLdapCertStore(
char *hostname,
PRIntervalTime timeout,
PKIX_CertStore **pLdapCertStore,
void* plContext)
{
PRIntn backlog = 0;
char *bindname = "";
char *auth = "";
LDAPBindAPI bindAPI;
LDAPBindAPI *bindPtr = NULL;
PKIX_PL_LdapDefaultClient *ldapClient = NULL;
PKIX_CertStore *ldapCertStore = NULL;
PKIX_TEST_STD_VARS();
if (usebind) {
bindPtr = &bindAPI;
bindAPI.selector = SIMPLE_AUTH;
bindAPI.chooser.simple.bindName = bindname;
bindAPI.chooser.simple.authentication = auth;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName
(hostname, timeout, bindPtr, &ldapClient, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create
((PKIX_PL_LdapClient *)ldapClient, &ldapCertStore, plContext));
*pLdapCertStore = ldapCertStore;
cleanup:
PKIX_TEST_DECREF_AC(ldapClient);
PKIX_TEST_RETURN();
return (pkixTestErrorResult);
}
static void Test_BuildResult(
PKIX_ProcessingParams *procParams,
PKIX_Boolean testValid,
PKIX_List *expectedCerts,
void *plContext)
{
PKIX_PL_Cert *cert = NULL;
PKIX_List *certs = NULL;
PKIX_PL_String *actualCertsString = NULL;
PKIX_PL_String *expectedCertsString = NULL;
PKIX_BuildResult *buildResult = NULL;
PKIX_Boolean result;
PKIX_Boolean supportForward = PKIX_FALSE;
PKIX_UInt32 numCerts, i;
char *asciiResult = NULL;
char *actualCertsAscii = NULL;
char *expectedCertsAscii = NULL;
void *state = NULL;
PRPollDesc *pollDesc = NULL;
PKIX_TEST_STD_VARS();
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_BuildChain
(procParams,
(void **)&pollDesc,
&state,
&buildResult,
NULL,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED!\n");
}
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
goto cleanup;
}
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
testError("UNEXPECTED NON-ERROR RECEIVED!\n");
}
if (buildResult){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain
(buildResult, &certs, NULL));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
/* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, NULL));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals
((PKIX_PL_Object*)certs,
(PKIX_PL_Object*)expectedCerts,
&result,
plContext));
if (!result){
testError("BUILT CERTCHAIN IS "
"NOT THE ONE THAT WAS EXPECTED");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)certs,
&actualCertsString,
plContext));
actualCertsAscii = PKIX_String2ASCII
(actualCertsString, plContext);
if (actualCertsAscii == NULL){
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)expectedCerts,
&expectedCertsString,
plContext));
expectedCertsAscii = PKIX_String2ASCII
(expectedCertsString, plContext);
if (expectedCertsAscii == NULL){
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
(void) printf("Actual value:\t%s\n", actualCertsAscii);
(void) printf("Expected value:\t%s\n",
expectedCertsAscii);
}
}
cleanup:
PKIX_PL_Free(asciiResult, NULL);
PKIX_PL_Free(actualCertsAscii, plContext);
PKIX_PL_Free(expectedCertsAscii, plContext);
PKIX_TEST_DECREF_AC(state);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(actualCertsString);
PKIX_TEST_DECREF_AC(expectedCertsString);
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[])
{
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_CertChainChecker *checker = NULL;
PKIX_ResourceLimits *resourceLimits = NULL;
char *dirName = NULL;
PKIX_PL_String *dirNameString = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_UInt32 actualMinorVersion = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_CertStore *ldapCertStore = NULL;
PRIntervalTime timeout = 0; /* 0 for non-blocking */
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
PKIX_List *expectedCerts = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_Boolean testValid = PKIX_FALSE;
PKIX_Boolean usebind = PKIX_FALSE;
PKIX_Boolean useLDAP = PKIX_FALSE;
PKIX_TEST_STD_VARS();
if (argc < 5){
printUsage();
return (0);
}
startTests("BuildChain_ResourceLimits");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/*
* arguments:
* [optional] -arenas
* [optional] usebind
* servername or servername:port ( - for no server)
* testname
* EE or ENE
* cert directory
* target cert (end entity)
* intermediate certs
* trust anchor
*/
/* optional argument "usebind" for Ldap CertStore */
if (argv[j + 1]) {
if (PORT_Strcmp(argv[j + 1], "usebind") == 0) {
usebind = PKIX_TRUE;
j++;
}
}
if (PORT_Strcmp(argv[++j], "-") == 0) {
useLDAP = PKIX_FALSE;
} else {
serverName = argv[j];
}
subTest(argv[++j]);
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[++j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
dirName = argv[++j];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext));
for (k = ++j; k < argc; k++) {
dirCert = createCert(dirName, argv[k], plContext);
if (k == (argc - 1)) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
trustedCert = dirCert;
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(expectedCerts,
(PKIX_PL_Object *)dirCert,
plContext));
if (k == j) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
targetCert = dirCert;
}
}
PKIX_TEST_DECREF_BC(dirCert);
}
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
/* create CertStores */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
dirName,
0,
&dirNameString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirNameString, &certStore, plContext));
#if 0
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&certStore, plContext));
#endif
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
if (useLDAP == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(createLdapCertStore
(serverName, timeout, &ldapCertStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores,
(PKIX_PL_Object *)ldapCertStore,
plContext));
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores, (PKIX_PL_Object *)certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
/* set resource limits */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&resourceLimits, plContext));
/* need longer time when running dbx for memory leak checking */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(resourceLimits, 60, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(resourceLimits, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(resourceLimits, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetResourceLimits
(procParams, resourceLimits, plContext));
/* build cert chain using processing params and return buildResult */
subTest("Testing ResourceLimits MaxFanout & MaxDepth - <pass>");
Test_BuildResult
(procParams,
testValid,
expectedCerts,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(resourceLimits, 1, plContext));
subTest("Testing ResourceLimits MaxFanout - <fail>");
Test_BuildResult
(procParams,
PKIX_FALSE,
expectedCerts,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(resourceLimits, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(resourceLimits, 1, plContext));
subTest("Testing ResourceLimits MaxDepth - <fail>");
Test_BuildResult
(procParams,
PKIX_FALSE,
expectedCerts,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(resourceLimits, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(resourceLimits, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(resourceLimits, 0, plContext));
subTest("Testing ResourceLimits No checking - <pass>");
Test_BuildResult
(procParams,
testValid,
expectedCerts,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(expectedCerts);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(ldapCertStore);
PKIX_TEST_DECREF_AC(dirNameString);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(checker);
PKIX_TEST_DECREF_AC(resourceLimits);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("BuildChain_UserChecker");
return (0);
}

429
security/nss/cmd/libpkix/pkix/top/test_buildchain_uchecker.c Normal file
Просмотреть файл

@ -0,0 +1,429 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_buildchain_uchecker.c
*
* Test BuildChain User Checker function
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TESTUSERCHECKER_TYPE (PKIX_NUMTYPES+30)
void *plContext = NULL;
static PKIX_UInt32 numUserCheckerCalled = 0;
void printUsage(void){
(void) printf("\nUSAGE:\ttest_buildchain_uchecker [ENE|EE] "
"[-|[F]<userOID>] "
"<trustedCert> <targetCert> <certStoreDirectory>\n\n");
(void) printf
("Builds a chain of certificates between "
"<trustedCert> and <targetCert>\n"
"using the certs and CRLs in <certStoreDirectory>.\n"
"If <userOID> is not an empty string, its value is used as\n"
"user defined checker's critical extension OID.\n"
"A - for <userOID> is no OID and F is for supportingForward.\n"
"If ENE is specified, then an Error is Not Expected.\n"
"If EE is specified, an Error is Expected.\n");
}
static PKIX_Error *
testUserChecker(
PKIX_CertChainChecker *checker,
PKIX_PL_Cert *cert,
PKIX_List *unresExtOIDs,
void **pNBIOContext,
void *plContext)
{
numUserCheckerCalled++;
return(0);
}
int main(int argc, char *argv[])
{
PKIX_BuildResult *buildResult = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *certs = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_CertChainChecker *checker = NULL;
char *dirName = NULL;
PKIX_PL_String *dirNameString = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_UInt32 actualMinorVersion = 0;
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_UInt32 chainLength = 0;
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
char * asciiResult = NULL;
PKIX_Boolean result;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean supportForward = PKIX_FALSE;
PKIX_List *expectedCerts = NULL;
PKIX_List *userOIDs = NULL;
PKIX_PL_OID *oid = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_PL_String *actualCertsString = NULL;
PKIX_PL_String *expectedCertsString = NULL;
char *actualCertsAscii = NULL;
char *expectedCertsAscii = NULL;
char *oidString = NULL;
void *buildState = NULL; /* needed by pkix_build for non-blocking I/O */
void *nbioContext = NULL; /* needed by pkix_build for non-blocking I/O */
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
if (argc < 5){
printUsage();
return (0);
}
startTests("BuildChain_UserChecker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
/* OID specified at argv[3+j] */
if (*argv[3+j] != '-') {
if (*argv[3+j] == 'F') {
supportForward = PKIX_TRUE;
oidString = argv[3+j]+1;
} else {
oidString = argv[3+j];
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&userOIDs, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(oidString, &oid, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(userOIDs, (PKIX_PL_Object *)oid, plContext));
PKIX_TEST_DECREF_BC(oid);
}
subTest(argv[1+j]);
dirName = argv[4+j];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext));
chainLength = argc - j - 5;
for (k = 0; k < chainLength; k++){
dirCert = createCert(dirName, argv[5+k+j], plContext);
if (k == (chainLength - 1)){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
trustedCert = dirCert;
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(expectedCerts,
(PKIX_PL_Object *)dirCert,
plContext));
if (k == 0){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert,
plContext));
targetCert = dirCert;
}
}
PKIX_TEST_DECREF_BC(dirCert);
}
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
/* create user checker */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_RegisterType
(PKIX_TESTUSERCHECKER_TYPE,
"Extended Key Usage User Object",
NULL,
NULL,
NULL,
NULL,
NULL,
NULL,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_Create
(testUserChecker,
supportForward,
PKIX_FALSE,
userOIDs,
NULL,
&checker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertChainChecker
(procParams, checker, plContext));
/* create CertStores */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
dirName,
0,
&dirNameString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirNameString, &certStore, plContext));
#if 0
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&certStore, plContext));
#endif
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores, (PKIX_PL_Object *)certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
/* build cert chain using processing params and return buildResult */
pkixTestErrorResult = PKIX_BuildChain
(procParams,
&nbioContext,
&buildState,
&buildResult,
NULL,
plContext);
if (testValid == PKIX_TRUE) { /* ENE */
if (pkixTestErrorResult){
(void) printf("UNEXPECTED RESULT RECEIVED!\n");
} else {
(void) printf("EXPECTED RESULT RECEIVED!\n");
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
}
} else { /* EE */
if (pkixTestErrorResult){
(void) printf("EXPECTED RESULT RECEIVED!\n");
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
} else {
testError("UNEXPECTED RESULT RECEIVED");
}
}
if (buildResult){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain
(buildResult, &certs, NULL));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, plContext));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals
((PKIX_PL_Object*)certs,
(PKIX_PL_Object*)expectedCerts,
&result,
plContext));
if (!result){
testError("BUILT CERTCHAIN IS "
"NOT THE ONE THAT WAS EXPECTED");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)certs,
&actualCertsString,
plContext));
actualCertsAscii = PKIX_String2ASCII
(actualCertsString, plContext);
if (actualCertsAscii == NULL){
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)expectedCerts,
&expectedCertsString,
plContext));
expectedCertsAscii = PKIX_String2ASCII
(expectedCertsString, plContext);
if (expectedCertsAscii == NULL){
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
(void) printf("Actual value:\t%s\n", actualCertsAscii);
(void) printf("Expected value:\t%s\n",
expectedCertsAscii);
if (chainLength - 1 != numUserCheckerCalled) {
pkixTestErrorMsg =
"PKIX user defined checker not called";
}
goto cleanup;
}
}
cleanup:
PKIX_PL_Free(asciiResult, plContext);
PKIX_PL_Free(actualCertsAscii, plContext);
PKIX_PL_Free(expectedCertsAscii, plContext);
PKIX_TEST_DECREF_AC(actualCertsString);
PKIX_TEST_DECREF_AC(expectedCertsString);
PKIX_TEST_DECREF_AC(expectedCerts);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(dirNameString);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(userOIDs);
PKIX_TEST_DECREF_AC(checker);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("BuildChain_UserChecker");
return (0);
}

514
security/nss/cmd/libpkix/pkix/top/test_customcrlchecker.c Normal file
Просмотреть файл

@ -0,0 +1,514 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_customcrlchecker.c
*
* Test Custom CRL Checking
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TEST_MAX_CERTS 10
#define PKIX_TEST_COLLECTIONCERTSTORE_NUM_CRLS 5
void *plContext = NULL;
char *dirName = NULL; /* also used in callback */
void printUsage1(char *pName){
printf("\nUSAGE: %s test-purpose [ENE|EE] ", pName);
printf("cert [certs].\n");
}
void printUsageMax(PKIX_UInt32 numCerts){
printf("\nUSAGE ERROR: number of certs %d exceed maximum %d\n",
numCerts, PKIX_TEST_MAX_CERTS);
}
PKIX_Error *
getCRLCallback(
PKIX_CertStore *store,
PKIX_CRLSelector *crlSelector,
void **pNBIOContext,
PKIX_List **pCrlList,
void *plContext)
{
char *crlFileNames[] = {"chem.crl",
"phys.crl",
"prof.crl",
"sci.crl",
"test.crl",
0 };
PKIX_PL_CRL *crl = NULL;
PKIX_List *crlList = NULL;
PKIX_UInt32 i = 0;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&crlList, plContext));
while (crlFileNames[i]) {
crl = createCRL(dirName, crlFileNames[i++], plContext);
if (crl != NULL) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(crlList, (PKIX_PL_Object *)crl, plContext));
PKIX_TEST_DECREF_BC(crl);
}
}
*pCrlList = crlList;
cleanup:
PKIX_TEST_RETURN();
return (0); /* this function is called by libpkix */
}
PKIX_Error *
getCRLContinue(
PKIX_CertStore *store,
PKIX_CRLSelector *crlSelector,
void **pNBIOContext,
PKIX_List **pCrlList,
void *plContext)
{
return (NULL);
}
PKIX_Error *
getCertCallback(
PKIX_CertStore *store,
PKIX_CertSelector *certSelector,
void **pNBIOContext,
PKIX_List **pCerts,
void *plContext)
{
return (NULL);
}
PKIX_Error *
getCertContinue(
PKIX_CertStore *store,
PKIX_CertSelector *certSelector,
void **pNBIOContext,
PKIX_List **pCerts,
void *plContext)
{
return (NULL);
}
PKIX_Error *
testCRLSelectorMatchCallback(
PKIX_CRLSelector *selector,
PKIX_PL_CRL *crl,
void *plContext)
{
PKIX_ComCRLSelParams *comCrlSelParams = NULL;
PKIX_List *issuerList = NULL;
PKIX_PL_X500Name *issuer = NULL;
PKIX_PL_X500Name *crlIssuer = NULL;
PKIX_UInt32 numIssuers = 0;
PKIX_UInt32 i = 0;
PKIX_Boolean result = PKIX_FALSE;
PKIX_Error *error = NULL;
PKIX_PL_String *textString = NULL;
char *errorText = "Not an error, CRL Select mismatch";
PKIX_TEST_STD_VARS();
subTest("Custom_Selector_MatchCallback");
if (selector != NULL) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CRLSelector_GetCommonCRLSelectorParams
(selector, &comCrlSelParams, plContext));
}
if (crl != NULL) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetIssuer
(crl, &crlIssuer, plContext));
}
if (comCrlSelParams != NULL) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCRLSelParams_GetIssuerNames
(comCrlSelParams, &issuerList, plContext));
}
if (issuerList != NULL) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(issuerList, &numIssuers, plContext));
for (i = 0; i < numIssuers; i++){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(issuerList,
i, (PKIX_PL_Object **)&issuer,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object *)crlIssuer,
(PKIX_PL_Object *)issuer,
&result,
plContext));
if (result != PKIX_TRUE) {
break;
}
if (i == numIssuers-1) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_Create
(PKIX_ESCASCII,
(void *) errorText,
0,
&textString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_Error_Create
(0,
NULL,
NULL,
textString,
&error,
plContext));
PKIX_TEST_DECREF_AC(issuer);
issuer = NULL;
break;
}
PKIX_TEST_DECREF_AC(issuer);
}
}
cleanup:
PKIX_TEST_DECREF_AC(comCrlSelParams);
PKIX_TEST_DECREF_AC(crlIssuer);
PKIX_TEST_DECREF_AC(issuer);
PKIX_TEST_DECREF_AC(issuerList);
PKIX_TEST_DECREF_AC(textString);
PKIX_TEST_RETURN();
return (error);
}
PKIX_Error *
testAddIssuerName(PKIX_ComCRLSelParams *comCrlSelParams, char *issuerName)
{
PKIX_PL_String *issuerString = NULL;
PKIX_PL_X500Name *issuer = NULL;
PKIX_UInt32 length = 0;
PKIX_TEST_STD_VARS();
subTest("PKIX_ComCRLSelParams_AddIssuerName");
length = PL_strlen(issuerName);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_UTF8,
issuerName,
length,
&issuerString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Create(issuerString,
&issuer,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_AddIssuerName
(comCrlSelParams, issuer, plContext));
cleanup:
PKIX_TEST_DECREF_AC(issuerString);
PKIX_TEST_DECREF_AC(issuer);
PKIX_TEST_RETURN();
return (0);
}
PKIX_Error *
testCustomCertStore(PKIX_ValidateParams *valParams)
{
PKIX_CertStore_CRLCallback crlCallback;
PKIX_CertStore *certStore = NULL;
PKIX_ProcessingParams *procParams = NULL;
char *issuerName1 = "cn=science,o=mit,c=us";
char *issuerName2 = "cn=physics,o=mit,c=us";
char *issuerName3 = "cn=prof noall,o=mit,c=us";
char *issuerName4 = "cn=testing CRL,o=test,c=us";
PKIX_ComCRLSelParams *comCrlSelParams = NULL;
PKIX_CRLSelector *crlSelector = NULL;
PKIX_List *crlList = NULL;
PKIX_UInt32 numCrl = 0;
void *nbioContext = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CollectionCertStore_Create");
/* Create CRLSelector, link in CollectionCertStore */
subTest("PKIX_ComCRLSelParams_AddIssuerNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create
(&comCrlSelParams, plContext));
testAddIssuerName(comCrlSelParams, issuerName1);
testAddIssuerName(comCrlSelParams, issuerName2);
testAddIssuerName(comCrlSelParams, issuerName3);
testAddIssuerName(comCrlSelParams, issuerName4);
subTest("PKIX_CRLSelector_SetCommonCRLSelectorParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create
(testCRLSelectorMatchCallback,
NULL,
&crlSelector,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_SetCommonCRLSelectorParams
(crlSelector, comCrlSelParams, plContext));
/* Create CertStore, link in CRLSelector */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
subTest("PKIX_CertStore_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_Create
(getCertCallback,
getCRLCallback,
getCertContinue,
getCRLContinue,
NULL, /* trustCallback */
(PKIX_PL_Object *)crlSelector, /* fake */
PKIX_FALSE, /* cacheFlag */
PKIX_TRUE, /* localFlag */
&certStore,
plContext));
subTest("PKIX_ProcessingParams_AddCertStore");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore
(procParams, certStore, plContext));
subTest("PKIX_ProcessingParams_SetRevocationEnabled");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_TRUE, plContext));
subTest("PKIX_CertStore_GetCRLCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback
(certStore,
&crlCallback,
NULL));
subTest("Getting CRL by CRL Callback");
PKIX_TEST_EXPECT_NO_ERROR(crlCallback
(certStore,
crlSelector,
&nbioContext,
&crlList,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(crlList,
&numCrl,
plContext));
if (numCrl != PKIX_TEST_COLLECTIONCERTSTORE_NUM_CRLS) {
pkixTestErrorMsg = "unexpected CRL number mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(crlList);
PKIX_TEST_DECREF_AC(comCrlSelParams);
PKIX_TEST_DECREF_AC(crlSelector);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_RETURN();
return (0);
}
/*
* Validate Certificate Chain with Certificate Revocation List
* Certificate Chain is built based on input certs' sequence.
* CRL is fetched from the directory specified in CollectionCertStore.
* while CollectionCertStore is linked in CertStore Object which then
* linked in ProcessParam. During validation, CRLChecker will invoke
* the crlCallback (this test uses PKIX_PL_CollectionCertStore_GetCRL)
* to get CRL data for revocation check.
* This test set criteria in CRLSelector which is linked in
* CommonCRLSelectorParam. When CRL data is fetched into cache for
* revocation check, CRL's are filtered based on the criteria set.
*/
int main(int argc, char *argv[]){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean useArenas = PKIX_FALSE;
char *anchorName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage1(argv[0]);
return (0);
}
startTests("CRL Checker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
chainLength = (argc - j) - 5;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[(5 + j) +i];
certs[i] = NULL;
}
dirName = argv[3+j];
subTest(argv[1+j]);
subTest("Custom-CRL-Checker - Create Cert Chain");
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest("Custom-CRL-Checker - Create Params");
anchorName = argv[4+j];
valParams = createValidateParams
(dirName,
anchorName,
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("Custom-CRL-Checker - Set Processing Params for CertStore");
testCustomCertStore(valParams);
subTest("Custom-CRL-Checker - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CRL Checker");
return (0);
}

281
security/nss/cmd/libpkix/pkix/top/test_defaultcrlchecker2stores.c Normal file
Просмотреть файл

@ -0,0 +1,281 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_defaultcrlchecker2stores.c
*
* Test Default CRL with multiple CertStore Checking
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TEST_MAX_CERTS 10
void *plContext = NULL;
void printUsage1(char *pName){
printf("\nUSAGE: %s test-purpose [ENE|EE] ", pName);
printf("crl-directory cert [certs].\n");
}
void printUsageMax(PKIX_UInt32 numCerts){
printf("\nUSAGE ERROR: number of certs %d exceed maximum %d\n",
numCerts, PKIX_TEST_MAX_CERTS);
}
PKIX_Error *
getCertCallback(
PKIX_CertStore *store,
PKIX_CertSelector *certSelector,
PKIX_List **pCerts,
void *plContext)
{
return (NULL);
}
PKIX_Error *
testDefaultMultipleCertStores(PKIX_ValidateParams *valParams,
char *crlDir1,
char *crlDir2)
{
PKIX_PL_String *dirString1 = NULL;
PKIX_PL_String *dirString2 = NULL;
PKIX_CertStore *certStore1 = NULL;
PKIX_CertStore *certStore2 = NULL;
PKIX_List *certStoreList = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CollectionCertStore_Create");
/* Create CollectionCertStore */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
crlDir1,
0,
&dirString1,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirString1,
&certStore1,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
crlDir2,
0,
&dirString2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirString2,
&certStore2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
/* Add multiple CollectionCertStores */
subTest("PKIX_ProcessingParams_SetCertStores");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStoreList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(certStoreList, (PKIX_PL_Object *)certStore1, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStoreList, plContext));
subTest("PKIX_ProcessingParams_AddCertStore");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore
(procParams, certStore2, plContext));
subTest("PKIX_ProcessingParams_SetRevocationEnabled");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_TRUE, plContext));
cleanup:
PKIX_TEST_DECREF_AC(dirString1);
PKIX_TEST_DECREF_AC(dirString2);
PKIX_TEST_DECREF_AC(certStore1);
PKIX_TEST_DECREF_AC(certStore2);
PKIX_TEST_DECREF_AC(certStoreList);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_RETURN();
return (0);
}
/*
* Validate Certificate Chain with Certificate Revocation List
* Certificate Chain is build based on input certs' sequence.
* CRL is fetched from the directory specified in CollectionCertStore.
* while CollectionCertStore is linked in CertStore Object which then
* linked in ProcessParam. During validation, CRLChecker will invoke
* the crlCallback (this test uses PKIX_PL_CollectionCertStore_GetCRL)
* to get CRL data for revocation check.
* This test gets CRL's from two CertStores, each has a valid CRL
* required for revocation check to pass.
*/
int main(int argc, char *argv[]){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean useArenas = PKIX_FALSE;
char *dirName = NULL;
char *anchorName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 6) {
printUsage1(argv[0]);
return (0);
}
startTests("CRL Checker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
chainLength = (argc - j) - 7;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[(7+j)+i];
certs[i] = NULL;
}
subTest(argv[1+j]);
subTest("Default-CRL-Checker");
subTest("Default-CRL-Checker - Create Cert Chain");
dirName = argv[3+j];
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest("Default-CRL-Checker - Create Params");
anchorName = argv[6+j];
valParams = createValidateParams
(dirName,
anchorName,
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("Multiple-CertStores");
testDefaultMultipleCertStores(valParams, argv[4+j], argv[5+j]);
subTest("Default-CRL-Checker - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(chain);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CRL Checker");
return (0);
}

360
security/nss/cmd/libpkix/pkix/top/test_ocsp.c Normal file
Просмотреть файл

@ -0,0 +1,360 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_ocspchecker.c
*
* Test OcspChecker function
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void printUsage(void){
(void) printf("\nUSAGE:\nOcspChecker TestName [ENE|EE] "
"<certStoreDirectory> <trustedCert> <targetCert>\n\n");
(void) printf
("Validates a chain of certificates between "
"<trustedCert> and <targetCert>\n"
"using the certs and CRLs in <certStoreDirectory>. "
"If ENE is specified,\n"
"then an Error is Not Expected. "
"If EE is specified, an Error is Expected.\n");
}
char *createFullPathName(
char *dirName,
char *certFile,
void *plContext)
{
PKIX_UInt32 certFileLen;
PKIX_UInt32 dirNameLen;
char *certPathName = NULL;
PKIX_TEST_STD_VARS();
certFileLen = PL_strlen(certFile);
dirNameLen = PL_strlen(dirName);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc
(dirNameLen + certFileLen + 2,
(void **)&certPathName,
plContext));
PL_strcpy(certPathName, dirName);
PL_strcat(certPathName, "/");
PL_strcat(certPathName, certFile);
printf("certPathName = %s\n", certPathName);
cleanup:
PKIX_TEST_RETURN();
return (certPathName);
}
PKIX_Error *
testDefaultCertStore(PKIX_ValidateParams *valParams, char *crlDir)
{
PKIX_PL_String *dirString = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_PL_Date *validity = NULL;
PKIX_List *revCheckers = NULL;
PKIX_RevocationChecker *revChecker = NULL;
PKIX_PL_Object *revCheckerContext = NULL;
PKIX_OcspChecker *ocspChecker = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CollectionCertStoreContext_Create");
/* Create CollectionCertStore */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, crlDir, 0, &dirString, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirString, &certStore, plContext));
/* Create CertStore */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
subTest("PKIX_ProcessingParams_AddCertStore");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore
(procParams, certStore, plContext));
subTest("PKIX_ProcessingParams_SetRevocationEnabled");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
/* create current Date */
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Date_CreateFromPRTime
(PR_Now(), &validity, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext));
/* create revChecker */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_OcspChecker_Initialize
(validity,
NULL, /* pwArg */
NULL, /* Use default responder */
&revChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_RevocationChecker_GetRevCheckerContext
(revChecker, &revCheckerContext, plContext));
/* Check that this object is a ocsp checker */
PKIX_TEST_EXPECT_NO_ERROR(pkix_CheckType
(revCheckerContext, PKIX_OCSPCHECKER_TYPE, plContext));
ocspChecker = (PKIX_OcspChecker *)revCheckerContext;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_OcspChecker_SetVerifyFcn
(ocspChecker,
PKIX_PL_OcspResponse_UseBuildChain,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(revCheckers, (PKIX_PL_Object *)revChecker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers
(procParams, revCheckers, plContext));
cleanup:
PKIX_TEST_DECREF_AC(dirString);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(revCheckers);
PKIX_TEST_DECREF_AC(revChecker);
PKIX_TEST_DECREF_AC(ocspChecker);
PKIX_TEST_DECREF_AC(validity);
PKIX_TEST_RETURN();
return (0);
}
int main(int argc, char *argv[]){
PKIX_ValidateParams *valParams = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_UInt32 chainLength = 0;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_List *chainCerts = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
char *dirCertName = NULL;
char *anchorCertName = NULL;
char *dirName = NULL;
char *databaseDir = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("OcspChecker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
databaseDir = argv[3+j];
/* This must precede the call to PKIX_Initialize! */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize_SetConfigDir
(PKIX_STORE_TYPE_PK11, databaseDir, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
subTest(argv[1+j]);
dirName = databaseDir;
chainLength = argc - j - 5;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext));
for (k = 0; k < chainLength; k++) {
dirCert = createCert(dirName, argv[5+k+j], plContext);
if (k == 0) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
targetCert = dirCert;
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(chainCerts, (PKIX_PL_Object *)dirCert, plContext));
PKIX_TEST_DECREF_BC(dirCert);
}
/* create processing params with list of trust anchors */
anchorCertName = argv[4+j];
trustedCert = createCert(dirName, anchorCertName, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create
(procParams, chainCerts, &valParams, plContext));
testDefaultCertStore(valParams, dirName);
pkixTestErrorResult = PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext);
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
} else {
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED SUCCESSFUL VALIDATION!\n");
} else { /* EE */
(void) printf("UNEXPECTED SUCCESSFUL VALIDATION!\n");
}
}
subTest("Displaying VerifyTree");
if (verifyTree == NULL) {
(void) printf("VerifyTree is NULL\n");
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object *)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n",
verifyString->escAsciiString);
PKIX_TEST_DECREF_BC(verifyString);
PKIX_TEST_DECREF_BC(verifyTree);
}
cleanup:
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(chainCerts);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("OcspChecker");
return (0);
}

598
security/nss/cmd/libpkix/pkix/top/test_policychecker.c Normal file
Просмотреть файл

@ -0,0 +1,598 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_policychecker.c
*
* Test Policy Checking
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TEST_MAX_CERTS 10
void *plContext = NULL;
void printUsage(char *testname) {
char *fmt =
"USAGE: %s testname"
" [ENE|EE] \"{OID[:OID]*}\" [A|E|P] cert [cert]*\n"
"(The quotes are needed around the OID argument for dbx.)\n"
"(The optional arg A indicates initialAnyPolicyInhibit.)\n"
"(The optional arg E indicates initialExplicitPolicy.)\n"
"(The optional arg P indicates initialPolicyMappingInhibit.)\n";
printf(fmt, testname);
}
void printUsageMax(PKIX_UInt32 numCerts)
{
printf("\nUSAGE ERROR: number of certs %d exceed maximum %d\n",
numCerts, PKIX_TEST_MAX_CERTS);
}
PKIX_List *policySetParse(char *policyString)
{
char *p = NULL;
char *oid = NULL;
char c = '\0';
PKIX_Boolean validString = PKIX_FALSE;
PKIX_PL_OID *plOID = NULL;
PKIX_List *policySet = NULL;
PKIX_TEST_STD_VARS();
p = policyString;
/*
* There may or may not be quotes around the initial-policy-set
* string. If they are omitted, dbx will strip off the curly braces.
* If they are included, dbx will strip off the quotes, but if you
* are running directly from a script, without dbx, the quotes will
* not be stripped. We need to be able to handle both cases.
*/
if (*p == '"') {
p++;
}
if ('{' != *p++) {
return (NULL);
}
oid = p;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&policySet, plContext));
/* scan to the end of policyString */
while (!validString) {
/* scan to the end of the current OID string */
c = *oid;
while ((c != '\0') && (c != ':') && (c != '}')) {
c = *++oid;
}
if ((c != ':') || (c != '}')) {
*oid = '\0'; /* store a null terminator */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(p, &plOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(policySet,
(PKIX_PL_Object *)plOID,
plContext));
PKIX_TEST_DECREF_BC(plOID);
plOID = NULL;
if (c == '}') {
/*
* Any exit but this one means
* we were given a badly-formed string.
*/
validString = PKIX_TRUE;
}
p = ++oid;
}
}
cleanup:
if (!validString) {
PKIX_TEST_DECREF_AC(plOID);
PKIX_TEST_DECREF_AC(policySet);
policySet = NULL;
}
PKIX_TEST_RETURN();
return (policySet);
}
/*
* FUNCTION: treeToStringHelper
* This function obtains the string representation of a PolicyNode
* Tree and compares it to the expected value.
* PARAMETERS:
* "parent" - a PolicyNode, the root of a PolicyNodeTree;
* must be non-NULL.
* "expected" - the desired string.
* THREAD SAFETY:
* Thread Safe
*
* Multiple threads can safely call this function without worrying
* about conflicts, even if they're operating on the same object.
* RETURNS:
* Nothing.
*/
void
treeToStringHelper(PKIX_PolicyNode *parent, char *expected)
{
PKIX_PL_String *stringRep = NULL;
char *actual = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object *)parent, &stringRep, plContext));
actual = PKIX_String2ASCII(stringRep, plContext);
if (actual == NULL){
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
if (PL_strcmp(actual, expected) != 0){
testError("unexpected mismatch");
(void) printf("Actual value:\t%s\n", actual);
(void) printf("Expected value:\t%s\n", expected);
}
cleanup:
PKIX_PL_Free(actual, plContext);
PKIX_TEST_DECREF_AC(stringRep);
PKIX_TEST_RETURN();
}
void testPass(char *dirName, char *goodInput, char *diffInput, char *dateAscii){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_TEST_STD_VARS();
subTest("Basic-Common-Fields <pass>");
/*
* Tests the Expiration, NameChaining, and Signature Checkers
*/
chain = createCertChain(dirName, goodInput, diffInput, plContext);
valParams = createValidateParams
(dirName,
goodInput,
diffInput,
dateAscii,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
cleanup:
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_RETURN();
}
void testNistTest1(char *dirName)
{
#define PKIX_TEST_NUM_CERTS 2
char *trustAnchor =
"TrustAnchorRootCertificate.crt";
char *intermediateCert =
"GoodCACert.crt";
char *endEntityCert =
"ValidCertificatePathTest1EE.crt";
char *certNames[PKIX_TEST_NUM_CERTS];
char *asciiAnyPolicy = "2.5.29.32.0";
PKIX_PL_Cert *certs[PKIX_TEST_NUM_CERTS] = { NULL, NULL };
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_List *chain = NULL;
PKIX_PL_OID *anyPolicyOID = NULL;
PKIX_List *initialPolicies = NULL;
char *anchorName = NULL;
PKIX_TEST_STD_VARS();
subTest("testNistTest1: Creating the cert chain");
/*
* Create a chain, but don't include the first certName.
* That's the anchor, and is supplied separately from
* the chain.
*/
certNames[0] = intermediateCert;
certNames[1] = endEntityCert;
chain = createCertChainPlus
(dirName, certNames, certs, PKIX_TEST_NUM_CERTS, plContext);
subTest("testNistTest1: Creating the Validate Parameters");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(asciiAnyPolicy, &anyPolicyOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&initialPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(initialPolicies, (PKIX_PL_Object *)anyPolicyOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable
(initialPolicies, plContext));
valParams = createValidateParams
(dirName,
trustAnchor,
NULL,
NULL,
initialPolicies,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("testNistTest1: Validating the chain");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
cleanup:
PKIX_PL_Free(anchorName, plContext);
PKIX_TEST_DECREF_AC(anyPolicyOID);
PKIX_TEST_DECREF_AC(initialPolicies);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_RETURN();
}
void testNistTest2(char *dirName)
{
#define PKIX_TEST_NUM_CERTS 2
char *trustAnchor =
"TrustAnchorRootCertificate.crt";
char *intermediateCert =
"GoodCACert.crt";
char *endEntityCert =
"ValidCertificatePathTest1EE.crt";
char *certNames[PKIX_TEST_NUM_CERTS];
char *asciiNist1Policy = "2.16.840.1.101.3.2.1.48.1";
PKIX_PL_Cert *certs[PKIX_TEST_NUM_CERTS] = { NULL, NULL };
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_List *chain = NULL;
PKIX_PL_OID *Nist1PolicyOID = NULL;
PKIX_List *initialPolicies = NULL;
char *anchorName = NULL;
PKIX_TEST_STD_VARS();
subTest("testNistTest2: Creating the cert chain");
/*
* Create a chain, but don't include the first certName.
* That's the anchor, and is supplied separately from
* the chain.
*/
certNames[0] = intermediateCert;
certNames[1] = endEntityCert;
chain = createCertChainPlus
(dirName, certNames, certs, PKIX_TEST_NUM_CERTS, plContext);
subTest("testNistTest2: Creating the Validate Parameters");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(asciiNist1Policy, &Nist1PolicyOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&initialPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(initialPolicies, (PKIX_PL_Object *)Nist1PolicyOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetImmutable
(initialPolicies, plContext));
valParams = createValidateParams
(dirName,
trustAnchor,
NULL,
NULL,
initialPolicies,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("testNistTest2: Validating the chain");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
cleanup:
PKIX_PL_Free(anchorName, plContext);
PKIX_TEST_DECREF_AC(Nist1PolicyOID);
PKIX_TEST_DECREF_AC(initialPolicies);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_RETURN();
}
static void printValidPolicyTree(PKIX_ValidateResult *valResult)
{
PKIX_PolicyNode* validPolicyTree = NULL;
PKIX_PL_String *treeString = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPolicyTree
(valResult, &validPolicyTree, plContext));
if (validPolicyTree) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)validPolicyTree,
&treeString,
plContext));
(void) printf("validPolicyTree is\n\t%s\n",
treeString->escAsciiString);
} else {
(void) printf("validPolicyTree is NULL\n");
}
cleanup:
PKIX_TEST_DECREF_AC(validPolicyTree);
PKIX_TEST_DECREF_AC(treeString);
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[])
{
PKIX_Boolean initialPolicyMappingInhibit = PKIX_FALSE;
PKIX_Boolean initialAnyPolicyInhibit = PKIX_FALSE;
PKIX_Boolean initialExplicitPolicy = PKIX_FALSE;
PKIX_Boolean expectedResult = PKIX_FALSE;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 initArgs = 0;
PKIX_UInt32 firstCert = 0;
PKIX_UInt32 i = 0;
PKIX_Int32 j = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_ProcessingParams *procParams = NULL;
char *firstTrustAnchor = "yassir2yassir";
char *secondTrustAnchor = "yassir2bcn";
char *dateAscii = "991201000000Z";
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_List *userInitialPolicySet = NULL; /* List of PKIX_PL_OID */
char *certNames[PKIX_TEST_MAX_CERTS];
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_List *chain = NULL;
PKIX_Error *validationError = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
char *dirName = NULL;
char *dataCentralDir = NULL;
char *anchorName = NULL;
PKIX_TEST_STD_VARS();
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/*
* Perform hard-coded tests if no command line args.
* If command line args are provided, they must be:
* arg[1]: test name
* arg[2]: "ENE" or "EE", for "expect no error" or "expect error"
* arg[3]: directory for certificates
* arg[4]: user-initial-policy-set, consisting of braces
* containing zero or more OID sequences, separated by commas
* arg[5]: (optional) "E", indicating initialExplicitPolicy
* arg[firstCert]: the path and filename of the trust anchor certificate
* arg[firstCert+1..(n-1)]: successive certificates in the chain
* arg[n]: the end entity certificate
*
* Example: test_policychecker test1EE ENE
* {2.5.29.32.0,2.5.29.32.3.6} Anchor CA EndEntity
*/
dirName = argv[3+j];
dataCentralDir = argv[4+j];
if (argc <= 5 || ((6 == argc) && (j))) {
testPass
(dataCentralDir,
firstTrustAnchor,
secondTrustAnchor,
dateAscii);
testNistTest1(dirName);
testNistTest2(dirName);
goto cleanup;
}
if (argc < (7 + j)) {
printUsage(argv[0]);
pkixTestErrorMsg = "Invalid command line arguments.";
goto cleanup;
}
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
expectedResult = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
expectedResult = PKIX_FALSE;
} else {
printUsage(argv[0]);
pkixTestErrorMsg = "Invalid command line arguments.";
goto cleanup;
}
userInitialPolicySet = policySetParse(argv[5+j]);
if (!userInitialPolicySet) {
printUsage(argv[0]);
pkixTestErrorMsg = "Invalid command line arguments.";
goto cleanup;
}
for (initArgs = 0; initArgs < 3; initArgs++) {
if (PORT_Strcmp(argv[6+j+initArgs], "A") == 0) {
initialAnyPolicyInhibit = PKIX_TRUE;
} else if (PORT_Strcmp(argv[6+j+initArgs], "E") == 0) {
initialExplicitPolicy = PKIX_TRUE;
} else if (PORT_Strcmp(argv[6+j+initArgs], "P") == 0) {
initialPolicyMappingInhibit = PKIX_TRUE;
} else {
break;
}
}
firstCert = initArgs + j + 6;
chainLength = argc - (firstCert + 1);
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
pkixTestErrorMsg = "Invalid command line arguments.";
goto cleanup;
}
/*
* Create a chain, but don't include the first certName.
* That's the anchor, and is supplied separately from
* the chain.
*/
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[i + (firstCert + 1)];
certs[i] = NULL;
}
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest(argv[1+j]);
valParams = createValidateParams
(dirName,
argv[firstCert],
NULL,
NULL,
userInitialPolicySet,
initialPolicyMappingInhibit,
initialAnyPolicyInhibit,
initialExplicitPolicy,
PKIX_FALSE,
chain,
plContext);
if (expectedResult == PKIX_TRUE) {
subTest(" (expecting successful validation)");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
printValidPolicyTree(valResult);
} else {
subTest(" (expecting validation to fail)");
validationError = PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext);
if (!validationError) {
printValidPolicyTree(valResult);
pkixTestErrorMsg = "Should have thrown an error here.";
}
PKIX_TEST_DECREF_BC(validationError);
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
cleanup:
PKIX_PL_Free(anchorName, plContext);
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(userInitialPolicySet);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(validationError);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("PolicyChecker");
return (0);
}

304
security/nss/cmd/libpkix/pkix/top/test_subjaltnamechecker.c Normal file
Просмотреть файл

@ -0,0 +1,304 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_subjaltnamechecker.c
*
* Test Subject Alternative Name Checking
*
*/
/*
* There is no subjaltnamechecker. Instead, targetcertchecker is doing
* the job for checking subject alternative names' validity. For testing,
* in order to enter names with various type, we create this test excutable
* to parse different scenario.
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TEST_MAX_CERTS 10
void *plContext = NULL;
void printUsage1(char *pName){
printf("\nUSAGE: %s test-name [ENE|EE] ", pName);
printf("cert [certs].\n");
}
void printUsage2(char *name) {
printf("\ninvalid test-name syntax - %s", name);
printf("\ntest-name syntax: [01][DNORU]:<name>+...");
printf("\n [01] 1 - match all; 0 - match one");
printf("\n name - type can be specified as");
printf("\n [DNORU] D-Directory name");
printf("\n N-DNS name");
printf("\n O-OID name");
printf("\n R-RFC822 name");
printf("\n U-URI name");
printf("\n + separator for more names\n\n");
}
void printUsageMax(PKIX_UInt32 numCerts){
printf("\nUSAGE ERROR: number of certs %d exceed maximum %d\n",
numCerts, PKIX_TEST_MAX_CERTS);
}
PKIX_UInt32 getNameType(char *name){
PKIX_UInt32 nameType;
PKIX_TEST_STD_VARS();
switch (*name) {
case 'D':
nameType = PKIX_DIRECTORY_NAME;
break;
case 'N':
nameType = PKIX_DNS_NAME;
break;
case 'O':
nameType = PKIX_OID_NAME;
break;
case 'R':
nameType = PKIX_RFC822_NAME;
break;
case 'U':
nameType = PKIX_URI_NAME;
break;
default:
printUsage2(name);
nameType = 0xFFFF;
}
goto cleanup;
cleanup:
PKIX_TEST_RETURN();
return (nameType);
}
int main(int argc, char *argv[]){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_CertSelector *selector = NULL;
PKIX_ComCertSelParams *selParams = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_PL_GeneralName *name = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
char *nameStr;
char *nameEnd;
char *names[PKIX_TEST_MAX_CERTS];
PKIX_UInt32 numNames = 0;
PKIX_UInt32 nameType;
PKIX_Boolean matchAll = PKIX_TRUE;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean useArenas = PKIX_FALSE;
char *dirName = NULL;
char *anchorName = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage1(argv[0]);
return (0);
}
startTests("SubjAltNameConstraintChecker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
j++; /* skip test-purpose string */
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
/* taking out leading and trailing ", if any */
nameStr = argv[1+j];
subTest(nameStr);
if (*nameStr == '"'){
nameStr++;
nameEnd = nameStr;
while (*nameEnd != '"' && *nameEnd != '\0') {
nameEnd++;
}
*nameEnd = '\0';
}
/* extract first [0|1] inidcating matchAll or not */
matchAll = (*nameStr == '0')?PKIX_FALSE:PKIX_TRUE;
nameStr++;
numNames = 0;
while (*nameStr != '\0') {
names[numNames++] = nameStr;
while (*nameStr != '+' && *nameStr != '\0') {
nameStr++;
}
if (*nameStr == '+') {
*nameStr = '\0';
nameStr++;
}
}
chainLength = (argc - j) - 4;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[(4+j)+i];
certs[i] = NULL;
}
/* SubjAltName for validation */
subTest("Add Subject Alt Name for NameConstraint checking");
subTest("Create Selector and ComCertSelParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &selector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&selParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_SetCommonCertSelectorParams
(selector, selParams, plContext));
subTest("PKIX_ComCertSelParams_SetMatchAllSubjAltNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetMatchAllSubjAltNames
(selParams, matchAll, plContext));
subTest("PKIX_ComCertSelParams_AddSubjAltName(s)");
for (i = 0; i < numNames; i++) {
nameType = getNameType(names[i]);
if (nameType == 0xFFFF) {
return (0);
}
nameStr = names[i] + 2;
name = createGeneralName(nameType, nameStr, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_AddSubjAltName
(selParams, name, plContext));
PKIX_TEST_DECREF_BC(name);
}
subTest("SubjAltName-Constraints - Create Cert Chain");
dirName = argv[3+j];
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest("SubjAltName-Constraints - Create Params");
valParams = createValidateParams
(dirName,
argv[4+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("PKIX_ValidateParams_getProcessingParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
subTest("PKIX_ProcessingParams_SetTargetCertConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, selector, plContext));
subTest("Subject Alt Name - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
}
cleanup:
PKIX_PL_Free(anchorName, plContext);
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(selector);
PKIX_TEST_DECREF_AC(selParams);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(name);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("SubjAltNameConstraintsChecker");
return (0);
}

272
security/nss/cmd/libpkix/pkix/top/test_validatechain.c Normal file
Просмотреть файл

@ -0,0 +1,272 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_validatechain.c
*
* Test ValidateChain function
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void printUsage(void){
(void) printf("\nUSAGE:\nvalidateChain TestName [ENE|EE] "
"<certStoreDirectory> <trustedCert> <targetCert>\n\n");
(void) printf
("Validates a chain of certificates between "
"<trustedCert> and <targetCert>\n"
"using the certs and CRLs in <certStoreDirectory>. "
"If ENE is specified,\n"
"then an Error is Not Expected. "
"If EE is specified, an Error is Expected.\n");
}
char *createFullPathName(
char *dirName,
char *certFile,
void *plContext)
{
PKIX_UInt32 certFileLen;
PKIX_UInt32 dirNameLen;
char *certPathName = NULL;
PKIX_TEST_STD_VARS();
certFileLen = PL_strlen(certFile);
dirNameLen = PL_strlen(dirName);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc
(dirNameLen + certFileLen + 2,
(void **)&certPathName,
plContext));
PL_strcpy(certPathName, dirName);
PL_strcat(certPathName, "/");
PL_strcat(certPathName, certFile);
printf("certPathName = %s\n", certPathName);
cleanup:
PKIX_TEST_RETURN();
return (certPathName);
}
PKIX_Error *
testDefaultCertStore(PKIX_ValidateParams *valParams, char *crlDir)
{
PKIX_PL_String *dirString = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_PL_Date *validity = NULL;
PKIX_List *revCheckers = NULL;
PKIX_RevocationChecker *ocspChecker = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CollectionCertStoreContext_Create");
/* Create CollectionCertStore */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, crlDir, 0, &dirString, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirString, &certStore, plContext));
/* Create CertStore */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
subTest("PKIX_ProcessingParams_AddCertStore");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore
(procParams, certStore, plContext));
subTest("PKIX_ProcessingParams_SetRevocationEnabled");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_TRUE, plContext));
/* create current Date */
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Date_CreateFromPRTime
(PR_Now(), &validity, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext));
/* create revChecker */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_OcspChecker_Initialize
(validity,
NULL, /* pwArg */
NULL, /* Use default responder */
&ocspChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(revCheckers, (PKIX_PL_Object *)ocspChecker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers
(procParams, revCheckers, plContext));
cleanup:
PKIX_TEST_DECREF_AC(dirString);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(revCheckers);
PKIX_TEST_DECREF_AC(ocspChecker);
PKIX_TEST_RETURN();
return (0);
}
int main(int argc, char *argv[]){
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_UInt32 chainLength = 0;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_List *chainCerts = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
char *dirCertName = NULL;
char *anchorCertName = NULL;
char *dirName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("ValidateChain");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
subTest(argv[1+j]);
dirName = argv[3+j];
chainLength = argc - j - 5;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext));
for (k = 0; k < chainLength; k++) {
dirCert = createCert(dirName, argv[5+k+j], plContext);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(chainCerts, (PKIX_PL_Object *)dirCert, plContext));
PKIX_TEST_DECREF_BC(dirCert);
}
valParams = createValidateParams
(dirName,
argv[4+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chainCerts,
plContext);
testDefaultCertStore(valParams, dirName);
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
}
subTest("Displaying VerifyNode objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(chainCerts);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ValidateChain");
return (0);
}

414
security/nss/cmd/libpkix/pkix/top/test_validatechain_NB.c Normal file
Просмотреть файл

@ -0,0 +1,414 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_validatechain_NB.c
*
* Test ValidateChain (nonblocking I/O) function
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#ifdef _WIN32
extern __declspec(dllimport) const char *PKIX_ERRORNAMES[];
#else
extern const char *PKIX_ERRORNAMES[];
#endif
void *plContext = NULL;
void printUsage(void){
(void) printf("\nUSAGE:\ntest_validateChain_NB TestName [ENE|EE] "
"<certStoreDirectory> <trustedCert> <targetCert>\n\n");
(void) printf
("Validates a chain of certificates between "
"<trustedCert> and <targetCert>\n"
"using the certs and CRLs in <certStoreDirectory>. "
"If ENE is specified,\n"
"then an Error is Not Expected. "
"If EE is specified, an Error is Expected.\n");
}
char *createFullPathName(
char *dirName,
char *certFile,
void *plContext)
{
PKIX_UInt32 certFileLen;
PKIX_UInt32 dirNameLen;
char *certPathName = NULL;
PKIX_TEST_STD_VARS();
certFileLen = PL_strlen(certFile);
dirNameLen = PL_strlen(dirName);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc
(dirNameLen + certFileLen + 2,
(void **)&certPathName,
plContext));
PL_strcpy(certPathName, dirName);
PL_strcat(certPathName, "/");
PL_strcat(certPathName, certFile);
printf("certPathName = %s\n", certPathName);
cleanup:
PKIX_TEST_RETURN();
return (certPathName);
}
PKIX_Error *
testSetupCertStore(PKIX_ValidateParams *valParams, char *ldapName)
{
PKIX_PL_String *dirString = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_PL_LdapDefaultClient *ldapClient = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CollectionCertStoreContext_Create");
/* Create LDAPCertStore */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapDefaultClient_CreateByName
(ldapName,
0, /* timeout */
NULL, /* bindPtr */
&ldapClient,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_LdapCertStore_Create
((PKIX_PL_LdapClient *)ldapClient,
&certStore,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
subTest("PKIX_ProcessingParams_AddCertStore");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertStore
(procParams, certStore, plContext));
subTest("PKIX_ProcessingParams_SetRevocationEnabled");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_TRUE, plContext));
cleanup:
PKIX_TEST_DECREF_AC(dirString);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(ldapClient);
PKIX_TEST_RETURN();
return (0);
}
char *levels[] = {
"None", "Fatal Error", "Error", "Warning", "Debug", "Trace"
};
PKIX_Error *loggerCallback(
PKIX_Logger *logger,
PKIX_PL_String *message,
PKIX_UInt32 logLevel,
PKIX_ERRORNUM logComponent,
void *plContext)
{
#define resultSize 150
char *msg = NULL;
char result[resultSize];
PKIX_TEST_STD_VARS();
msg = PKIX_String2ASCII(message, plContext);
PR_snprintf(result, resultSize,
"Logging %s (%s): %s",
levels[logLevel],
PKIX_ERRORNAMES[logComponent],
msg);
subTest(result);
cleanup:
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(msg, plContext));
PKIX_TEST_RETURN();
}
void testLogErrors(
PKIX_ERRORNUM module,
PKIX_UInt32 loggingLevel,
PKIX_List *loggers,
void *plContext)
{
PKIX_Logger *logger = NULL;
PKIX_PL_String *component = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_Create
(loggerCallback, NULL, &logger, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetLoggingComponent
(logger, module, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetMaxLoggingLevel
(logger, loggingLevel, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(loggers, (PKIX_PL_Object *) logger, plContext));
cleanup:
PKIX_TEST_DECREF_AC(logger);
PKIX_TEST_DECREF_AC(component);
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]){
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_UInt32 chainLength = 0;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_List *chainCerts = NULL;
PKIX_PL_Cert *dirCert = NULL;
char *dirCertName = NULL;
char *anchorCertName = NULL;
char *dirName = NULL;
PKIX_UInt32 certIndex = 0;
PKIX_UInt32 anchorIndex = 0;
PKIX_UInt32 checkerIndex = 0;
PKIX_Boolean revChecking = PKIX_FALSE;
PKIX_List *checkers = NULL;
PRPollDesc *pollDesc = NULL;
PRErrorCode errorCode = 0;
PKIX_PL_Socket *socket = NULL;
char *ldapName = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_List *loggers = NULL;
PKIX_Logger *logger = NULL;
char *logging = NULL;
PKIX_PL_String *component = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("ValidateChain_NB");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
subTest(argv[1+j]);
dirName = argv[3+j];
chainLength = argc - j - 5;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext));
for (k = 0; k < chainLength; k++){
dirCert = createCert(dirName, argv[5+k+j], plContext);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(chainCerts, (PKIX_PL_Object *)dirCert, plContext));
PKIX_TEST_DECREF_BC(dirCert);
}
valParams = createValidateParams
(dirName,
argv[4+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chainCerts,
plContext);
ldapName = PR_GetEnv("LDAP");
/* Is LDAP set in the environment? */
if ((ldapName == NULL) || (*ldapName == '\0')) {
testError("LDAP not set in environment");
goto cleanup;
}
pkixTestErrorResult = pkix_pl_Socket_CreateByName
(PKIX_FALSE, /* isServer */
PR_SecondsToInterval(30), /* try 30 secs for connect */
ldapName,
&errorCode,
&socket,
plContext);
if (pkixTestErrorResult != NULL) {
PKIX_PL_Object_DecRef
((PKIX_PL_Object *)pkixTestErrorResult, plContext);
pkixTestErrorResult = NULL;
testError("Unable to connect to LDAP Server");
goto cleanup;
}
PKIX_TEST_DECREF_BC(socket);
testSetupCertStore(valParams, ldapName);
logging = PR_GetEnv("LOGGING");
/* Is LOGGING set in the environment? */
if ((logging != NULL) && (*logging != '\0')) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&loggers, plContext));
testLogErrors
(PKIX_VALIDATE_ERROR, 2, loggers, plContext);
testLogErrors
(PKIX_CERTCHAINCHECKER_ERROR, 2, loggers, plContext);
testLogErrors
(PKIX_LDAPDEFAULTCLIENT_ERROR, 2, loggers, plContext);
testLogErrors
(PKIX_CERTSTORE_ERROR, 2, loggers, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_SetLoggers(loggers, plContext));
}
pkixTestErrorResult = PKIX_ValidateChain_NB
(valParams,
&certIndex,
&anchorIndex,
&checkerIndex,
&revChecking,
&checkers,
(void **)&pollDesc,
&valResult,
&verifyTree,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_ValidateChain_NB
(valParams,
&certIndex,
&anchorIndex,
&checkerIndex,
&revChecking,
&checkers,
(void **)&pollDesc,
&valResult,
&verifyTree,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
} else {
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
(void) printf("UNEXPECTED NON-ERROR RECEIVED!\n");
}
}
cleanup:
if (verifyTree) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n",
verifyString->escAsciiString);
}
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(checkers);
PKIX_TEST_DECREF_AC(chainCerts);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ValidateChain_NB");
return (0);
}

297
security/nss/cmd/libpkix/pkix/top/test_validatechain_bc.c Normal file
Просмотреть файл

@ -0,0 +1,297 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* validateChainBasicConstraints.c
*
* Tests Cert Chain Validation
*
*/
#include <stdio.h>
#include <string.h>
#include <stddef.h>
#include "pkix_pl_generalname.h"
#include "pkix_pl_cert.h"
#include "pkix.h"
#include "testutil.h"
#include "prlong.h"
#include "plstr.h"
#include "prthread.h"
#include "nspr.h"
#include "prtypes.h"
#include "prtime.h"
#include "pk11func.h"
#include "secasn1.h"
#include "cert.h"
#include "cryptohi.h"
#include "secoid.h"
#include "certdb.h"
#include "secitem.h"
#include "keythi.h"
#include "nss.h"
void *plContext = NULL;
void printUsage(void){
printf("\nUSAGE: incorrect.\n");
}
PKIX_PL_Cert *
createCert(char *inFileName)
{
PKIX_PL_ByteArray *byteArray = NULL;
void *buf = NULL;
PRFileDesc *inFile = NULL;
PKIX_UInt32 len;
SECItem certDER;
SECStatus rv;
/* default: NULL cert (failure case) */
PKIX_PL_Cert *cert = NULL;
PKIX_TEST_STD_VARS();
certDER.data = NULL;
inFile = PR_Open(inFileName, PR_RDONLY, 0);
if (!inFile){
pkixTestErrorMsg = "Unable to open cert file";
goto cleanup;
} else {
rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE);
if (!rv){
buf = (void *)certDER.data;
len = certDER.len;
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_ByteArray_Create
(buf, len, &byteArray, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create
(byteArray, &cert, plContext));
SECITEM_FreeItem(&certDER, PR_FALSE);
} else {
pkixTestErrorMsg = "Unable to read DER from cert file";
goto cleanup;
}
}
cleanup:
if (inFile){
PR_Close(inFile);
}
if (PKIX_TEST_ERROR_RECEIVED){
SECITEM_FreeItem(&certDER, PR_FALSE);
}
PKIX_TEST_DECREF_AC(byteArray);
PKIX_TEST_RETURN();
return (cert);
}
int main(int argc, char *argv[])
{
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *certs = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_PL_X500Name *subject = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
char *trustedCertFile = NULL;
char *chainCertFile = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *chainCert = NULL;
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_TEST_STD_VARS();
if (argc < 3){
printUsage();
return (0);
}
startTests("ValidateChainBasicConstraints");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
chainLength = (argc - j) - 2;
/* create processing params with list of trust anchors */
trustedCertFile = argv[1+j];
trustedCert = createCert(trustedCertFile);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Cert_GetSubject(trustedCert, &subject, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
(certSelParams, -1, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_DECREF_BC(subject);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
PKIX_TEST_DECREF_BC(certSelector);
/* create cert chain */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certs, plContext));
for (i = 0; i < chainLength; i++){
chainCertFile = argv[i + (2+j)];
chainCert = createCert(chainCertFile);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(certs, (PKIX_PL_Object *)chainCert, plContext));
PKIX_TEST_DECREF_BC(chainCert);
}
/* create validate params with processing params and cert chain */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create
(procParams, certs, &valParams, plContext));
/* validate cert chain using processing params and return valResult */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
if (valResult != NULL){
printf("SUCCESSFULLY VALIDATED with Basic Constraint ");
printf("Cert Selector minimum path length to be -1\n");
PKIX_TEST_DECREF_BC(valResult);
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
PKIX_TEST_DECREF_BC(verifyString);
PKIX_TEST_DECREF_BC(verifyTree);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
(certSelParams, 6, plContext));
/* validate cert chain using processing params and return valResult */
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
if (valResult != NULL){
printf("SUCCESSFULLY VALIDATED with Basic Constraint ");
printf("Cert Selector minimum path length to be 6\n");
}
PKIX_TEST_DECREF_BC(trustedCert);
PKIX_TEST_DECREF_BC(anchor);
PKIX_TEST_DECREF_BC(anchors);
PKIX_TEST_DECREF_BC(certs);
PKIX_TEST_DECREF_BC(procParams);
cleanup:
if (PKIX_TEST_ERROR_RECEIVED){
printf("FAILED TO VALIDATE\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("ValidateChainBasicConstraints");
return (0);
}

80
security/nss/cmd/libpkix/pkix/util/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

53
security/nss/cmd/libpkix/pkix/util/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,53 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_error.c \
test_list.c \
test_list2.c \
test_logger.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

471
security/nss/cmd/libpkix/pkix/util/test_error.c Normal file
Просмотреть файл

@ -0,0 +1,471 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_error.c
*
* Tests Error Object Creation, ToString, Callbacks and Destroy
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void createErrors(
PKIX_Error **error,
PKIX_Error **error2,
PKIX_Error **error3,
PKIX_Error **error5,
PKIX_Error **error6,
PKIX_Error **error7,
char *descChar,
char *descChar2,
char *infoChar)
{
PKIX_PL_String *descString = NULL;
PKIX_PL_String *desc2String = NULL;
PKIX_PL_String *infoString = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
descChar,
PL_strlen(descChar),
&descString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
descChar2,
PL_strlen(descChar2),
&desc2String,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
infoChar,
PL_strlen(infoChar),
&infoString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_Error_Create
(PKIX_MEM_ERROR, NULL, NULL, desc2String, error2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_Create
(PKIX_OBJECT_ERROR,
*error2,
(PKIX_PL_Object*)infoString,
descString,
error,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_Create
(PKIX_OBJECT_ERROR,
*error2,
(PKIX_PL_Object*)infoString,
descString,
error3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_Create
(PKIX_OBJECT_ERROR,
NULL,
(PKIX_PL_Object*)infoString,
NULL,
error5,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_Create
(PKIX_MEM_ERROR,
*error5,
(PKIX_PL_Object*)infoString,
NULL,
error6,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_Create
(PKIX_OBJECT_ERROR,
*error6,
(PKIX_PL_Object*)infoString,
NULL,
error7,
plContext));
cleanup:
PKIX_TEST_DECREF_AC(descString);
PKIX_TEST_DECREF_AC(desc2String);
PKIX_TEST_DECREF_AC(infoString);
PKIX_TEST_RETURN();
}
void testGetErrorCode(PKIX_Error *error, PKIX_Error *error2){
PKIX_UInt32 code;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_Error_GetErrorCode(error, &code, plContext));
if (code != PKIX_OBJECT_ERROR) {
testError("Incorrect Code Returned");
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_Error_GetErrorCode(error2, &code, plContext));
if (code != PKIX_MEM_ERROR) {
testError("Incorrect Code Returned");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_GetErrorCode(PKIX_ALLOC_ERROR(),
&code, plContext));
if (code != PKIX_FATAL_ERROR) {
testError("Incorrect Code Returned");
}
cleanup:
PKIX_TEST_RETURN();
}
void testGetDescription(
PKIX_Error *error,
PKIX_Error *error2,
PKIX_Error *error3,
char *descChar,
char *descChar2){
PKIX_PL_String *targetString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_GetDescription
(error, &targetString, plContext));
temp = PKIX_String2ASCII(targetString, plContext);
PKIX_TEST_DECREF_BC(targetString);
if (temp){
if (PL_strcmp(temp, descChar) != 0) {
testError("Incorrect description returned");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_GetDescription
(error2, &targetString, plContext));
temp = PKIX_String2ASCII(targetString, plContext);
PKIX_TEST_DECREF_BC(targetString);
if (temp){
if (PL_strcmp(temp, descChar2) != 0) {
testError("Incorrect description returned");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_GetDescription
(error3, &targetString, plContext));
temp = PKIX_String2ASCII(targetString, plContext);
PKIX_TEST_DECREF_BC(targetString);
if (temp){
if (PL_strcmp(temp, descChar) != 0) {
testError("Incorrect description returned");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
cleanup:
PKIX_TEST_RETURN();
}
void testGetCause(PKIX_Error *error, PKIX_Error *error2, PKIX_Error *error3){
PKIX_Error *error4 = NULL;
PKIX_PL_String *targetString = NULL;
char *temp = NULL;
PKIX_Boolean boolResult;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_Error_GetCause(error, &error4, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object*)error2,
(PKIX_PL_Object*)error4,
&boolResult, plContext));
if (!boolResult)
testError("Incorrect Cause returned");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString((PKIX_PL_Object*)error4,
&targetString, plContext));
temp = PKIX_String2ASCII(targetString, plContext);
if (temp){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(targetString);
PKIX_TEST_DECREF_BC(error4);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_Error_GetCause(error3, &error4, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object*)error2,
(PKIX_PL_Object*)error4,
&boolResult, plContext));
if (!boolResult)
testError("Incorrect Cause returned");
PKIX_TEST_DECREF_BC(error4);
cleanup:
PKIX_TEST_RETURN();
}
void testGetSupplementaryInfo(PKIX_Error *error, char *infoChar){
PKIX_PL_Object *targetString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Error_GetSupplementaryInfo
(error, &targetString, plContext));
temp = PKIX_String2ASCII((PKIX_PL_String*)targetString, plContext);
PKIX_TEST_DECREF_BC(targetString);
if (temp){
if (PL_strcmp(temp, infoChar) != 0) {
testError("Incorrect info returned");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
cleanup:
PKIX_TEST_RETURN();
}
void
testPrimitiveError(void)
{
PKIX_PL_String *targetString = NULL;
PKIX_PL_String *targetStringCopy = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)PKIX_ALLOC_ERROR(),
&targetString, plContext));
temp = PKIX_String2ASCII(targetString, plContext);
if (temp){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
targetStringCopy = targetString;
PKIX_TEST_DECREF_BC(targetString);
/*
* We need to DECREF twice, b/c the PKIX_ALLOC_ERROR object
* which holds a cached copy of the stringRep can never be DECREF'd
*/
PKIX_TEST_DECREF_BC(targetStringCopy);
cleanup:
PKIX_TEST_RETURN();
}
void
testChaining(PKIX_Error *error7)
{
PKIX_PL_String *targetString = NULL;
PKIX_Error *tempError = NULL;
char *temp = NULL;
PKIX_UInt32 i;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString((PKIX_PL_Object*)error7,
&targetString, plContext));
temp = PKIX_String2ASCII(targetString, plContext);
if (temp){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
for (i = 0, tempError = error7; i < 2; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_Error_GetCause(tempError, &tempError, plContext));
if (tempError == NULL) {
testError("Unexpected end to error chain");
break;
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_DecRef
((PKIX_PL_Object*)tempError, plContext));
}
PKIX_TEST_DECREF_BC(targetString);
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(PKIX_Error *error)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(error);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_Error *error, *error2, *error3, *error5, *error6, *error7;
char *descChar = "Error Message";
char *descChar2 = "Another Error Message";
char *infoChar = "Auxiliary Info";
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Errors");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_Error_Create");
createErrors
(&error,
&error2,
&error3,
&error5,
&error6,
&error7,
descChar,
descChar2,
infoChar);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(error,
error,
error2,
NULL,
Error,
PKIX_TRUE);
subTest("PKIX_Error_GetErrorCode");
testGetErrorCode(error, error2);
subTest("PKIX_Error_GetDescription");
testGetDescription(error, error2, error3, descChar, descChar2);
subTest("PKIX_Error_GetCause");
testGetCause(error, error2, error3);
subTest("PKIX_Error_GetSupplementaryInfo");
testGetSupplementaryInfo(error, infoChar);
subTest("Primitive Error Type");
testPrimitiveError();
subTest("Error Chaining");
testChaining(error7);
subTest("PKIX_Error_Destroy");
testDestroy(error);
testDestroy(error2);
testDestroy(error3);
testDestroy(error5);
testDestroy(error6);
testDestroy(error7);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Errors");
return (0);
}

887
security/nss/cmd/libpkix/pkix/util/test_list.c Normal file
Просмотреть файл

@ -0,0 +1,887 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_list.c
*
* Tests List Objects
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void
createLists(PKIX_List **list, PKIX_List **list2)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(list, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(list2, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testReverseList(void)
{
PKIX_List *firstList = NULL;
PKIX_List *reverseList = NULL;
PKIX_UInt32 length, i;
char *testItemString = "one";
char *testItemString2 = "two";
PKIX_PL_String *testItem = NULL;
PKIX_PL_String *testItem2 = NULL;
PKIX_PL_Object *retrievedItem1 = NULL;
PKIX_PL_Object *retrievedItem2 = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&firstList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_ReverseList
(firstList, &reverseList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(reverseList, &length, plContext));
if (length != 0){
testError("Incorrect Length returned");
}
PKIX_TEST_DECREF_BC(reverseList);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString,
0,
&testItem,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString2,
0,
&testItem2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(firstList,
(PKIX_PL_Object*)testItem,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_ReverseList
(firstList, &reverseList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(reverseList, &length, plContext));
if (length != 1){
testError("Incorrect Length returned");
}
PKIX_TEST_DECREF_BC(reverseList);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(firstList,
(PKIX_PL_Object*)testItem2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(firstList,
(PKIX_PL_Object*)testItem,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(firstList,
(PKIX_PL_Object*)testItem2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_ReverseList
(firstList, &reverseList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(reverseList, &length, plContext));
if (length != 4){
testError("Incorrect Length returned");
}
for (i = 0; i < length; i++){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(firstList,
i,
&retrievedItem1,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(reverseList,
(length - 1) - i,
&retrievedItem2,
plContext));
testEqualsHelper
(retrievedItem1, retrievedItem2, PKIX_TRUE, plContext);
PKIX_TEST_DECREF_BC(retrievedItem1);
PKIX_TEST_DECREF_BC(retrievedItem2);
}
cleanup:
PKIX_TEST_DECREF_AC(firstList);
PKIX_TEST_DECREF_AC(reverseList);
PKIX_TEST_DECREF_AC(testItem);
PKIX_TEST_DECREF_AC(testItem2);
PKIX_TEST_DECREF_AC(retrievedItem1);
PKIX_TEST_DECREF_AC(retrievedItem2);
PKIX_TEST_RETURN();
}
void
testZeroLengthList(PKIX_List *list)
{
PKIX_UInt32 length;
PKIX_Boolean empty;
char *testItemString = "hello";
PKIX_PL_String *testItem = NULL;
PKIX_PL_String *retrievedItem = NULL;
PKIX_List *diffList = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&diffList, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(list, &length, plContext));
if (length != 0){
testError("Incorrect Length returned");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsEmpty(list, &empty, plContext));
if (!empty){
testError("Incorrect result for PKIX_List_IsEmpty");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString,
0,
&testItem,
plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_InsertItem
(list, 0, (PKIX_PL_Object *)testItem, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_SetItem
(list, 0, (PKIX_PL_Object *)testItem, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_GetItem
(list,
0,
(PKIX_PL_Object **)&retrievedItem,
plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(list, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(diffList,
(PKIX_PL_Object*)testItem,
plContext));
testDuplicateHelper((PKIX_PL_Object *)diffList, plContext);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(list, list, diffList, "(EMPTY)", List, PKIX_TRUE);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(diffList, &length, plContext));
if (length != 1){
testError("Incorrect Length returned");
}
PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(list, 1, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_DeleteItem(diffList, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(diffList, &length, plContext));
if (length != 0){
testError("Incorrect Length returned");
}
cleanup:
PKIX_TEST_DECREF_AC(testItem);
PKIX_TEST_DECREF_AC(diffList);
PKIX_TEST_RETURN();
}
void
testGetLength(PKIX_List *list)
{
PKIX_UInt32 length;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(list, &length, plContext));
if (length != 3){
testError("Incorrect Length returned");
}
cleanup:
PKIX_TEST_RETURN();
}
void
testGetSetItem(
PKIX_List *list,
char *testItemString,
char *testItemString2,
char *testItemString3,
PKIX_PL_String **testItem,
PKIX_PL_String **testItem2,
PKIX_PL_String **testItem3)
{
PKIX_PL_Object *tempItem = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString,
PL_strlen(testItemString),
testItem,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString2,
PL_strlen(testItemString2),
testItem2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString3,
PL_strlen(testItemString3),
testItem3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)*testItem, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)*testItem, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)*testItem, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetItem
(list, 0, (PKIX_PL_Object*)*testItem, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetItem
(list, 1, (PKIX_PL_Object*)*testItem2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetItem
(list, 2, (PKIX_PL_Object*)*testItem3, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem(list, 0, &tempItem, plContext));
temp = PKIX_String2ASCII((PKIX_PL_String*)tempItem, plContext);
if (temp){
if (PL_strcmp(testItemString, temp) != 0)
testError("GetItem from list is incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(tempItem);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem(list, 1, &tempItem, plContext));
temp = PKIX_String2ASCII((PKIX_PL_String*)tempItem, plContext);
if (temp){
if (PL_strcmp(testItemString2, temp) != 0)
testError("GetItem from list is incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(tempItem);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem(list, 2, &tempItem, plContext));
temp = PKIX_String2ASCII((PKIX_PL_String*)tempItem, plContext);
if (temp){
if (PL_strcmp(testItemString3, temp) != 0)
testError("GetItem from list is incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(tempItem);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetItem
(list, 0, (PKIX_PL_Object*)*testItem3, plContext));
temp = PKIX_String2ASCII(*testItem3, plContext);
if (temp){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem(list, 0, &tempItem, plContext));
temp = PKIX_String2ASCII((PKIX_PL_String*)tempItem, plContext);
if (temp){
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
temp = PKIX_String2ASCII((PKIX_PL_String*)tempItem, plContext);
if (temp){
if (PL_strcmp(testItemString3, temp) != 0)
testError("GetItem from list is incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(tempItem);
cleanup:
PKIX_TEST_RETURN();
}
void
testInsertItem(
PKIX_List *list,
PKIX_PL_String *testItem,
char *testItemString)
{
PKIX_PL_Object *tempItem = NULL;
PKIX_PL_String *outputString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_InsertItem
(list, 0, (PKIX_PL_Object*)testItem, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem(list, 0, &tempItem, plContext));
temp = PKIX_String2ASCII((PKIX_PL_String*)tempItem, plContext);
if (temp){
if (PL_strcmp(testItemString, temp) != 0)
testError("GetItem from list is incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(tempItem);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object*)list,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, c, b, c)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
cleanup:
PKIX_TEST_RETURN();
}
void
testAppendItem(PKIX_List *list, PKIX_PL_String *testItem)
{
PKIX_UInt32 length2;
PKIX_PL_String *outputString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(list, &length2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(list,
(PKIX_PL_Object*)testItem,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object*)list,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, c, b, c, a)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
cleanup:
PKIX_TEST_RETURN();
}
void
testNestedLists(
PKIX_List *list,
PKIX_List *list2,
PKIX_PL_String *testItem,
PKIX_PL_String *testItem2)
{
PKIX_PL_String *outputString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(list2, (PKIX_PL_Object*)testItem, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(list2,
(PKIX_PL_Object*)NULL,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(list2,
(PKIX_PL_Object*)testItem,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString((PKIX_PL_Object*)list2,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, (null), a)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_InsertItem(list, 1,
(PKIX_PL_Object*)list2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object*)list,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, (a, (null), a), c, b, c, a)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
cleanup:
PKIX_TEST_RETURN();
}
void
testDeleteItem(
PKIX_List *list,
PKIX_List *list2,
PKIX_PL_String *testItem2,
PKIX_PL_String *testItem3)
{
PKIX_PL_String *outputString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_DeleteItem(list, 5, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)list,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, (a, (null), a), c, b, c)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_DeleteItem(list, 1, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)list,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, c, b, c)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_DeleteItem(list, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object*)list,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(c, b, c)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_DeleteItem(list2, 1, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString((PKIX_PL_Object*)list2,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, a)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(list2,
(PKIX_PL_Object*)testItem2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString((PKIX_PL_Object*)list2,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, a, b)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_DeleteItem(list2, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString((PKIX_PL_Object*)list2,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, a)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(list2,
(PKIX_PL_Object*)testItem3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString((PKIX_PL_Object*)list2,
&outputString,
plContext));
temp = PKIX_String2ASCII(outputString, plContext);
if (temp){
if (PL_strcmp("(a, a, c)", temp) != 0)
testError("List toString is Incorrect");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(outputString);
PKIX_TEST_DECREF_BC(list2);
cleanup:
PKIX_TEST_RETURN();
}
#if testContainsFunction
/* This test requires pkix_List_Contains to be in nss.def */
void
testContains(void)
{
PKIX_List *list;
PKIX_PL_String *testItem, *testItem2, *testItem3, *testItem4;
char *testItemString = "a";
char *testItemString2 = "b";
char *testItemString3 = "c";
char *testItemString4 = "d";
PKIX_Boolean found = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("pkix_ListContains");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString,
PL_strlen(testItemString),
&testItem,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString2,
PL_strlen(testItemString2),
&testItem2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString3,
PL_strlen(testItemString3),
&testItem3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
testItemString4,
PL_strlen(testItemString4),
&testItem4,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&list, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)testItem, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)testItem2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)testItem3, plContext));
subTest("pkix_List_Contains <object missing>");
PKIX_TEST_EXPECT_NO_ERROR(pkix_List_Contains
(list, (PKIX_PL_Object *)testItem4, &found, plContext));
if (found){
testError("Contains found item that wasn't there!");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)testItem4, plContext));
subTest("pkix_List_Contains <object present>");
PKIX_TEST_EXPECT_NO_ERROR(pkix_List_Contains
(list, (PKIX_PL_Object *)testItem4, &found, plContext));
if (!found){
testError("Contains missed item that was present!");
}
PKIX_TEST_DECREF_BC(list);
PKIX_TEST_DECREF_BC(testItem);
PKIX_TEST_DECREF_BC(testItem2);
PKIX_TEST_DECREF_BC(testItem3);
PKIX_TEST_DECREF_BC(testItem4);
cleanup:
PKIX_TEST_RETURN();
}
#endif
void
testErrorHandling(void)
{
PKIX_List *emptylist = NULL;
PKIX_List *list = NULL;
PKIX_PL_Object *tempItem = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&list, plContext));
PKIX_TEST_EXPECT_ERROR
(PKIX_List_GetItem(list, 4, &tempItem, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_GetItem(list, 1, NULL, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_SetItem(list, 4, tempItem, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_SetItem(NULL, 1, tempItem, plContext));
PKIX_TEST_EXPECT_ERROR
(PKIX_List_InsertItem(list, 4, tempItem, plContext));
PKIX_TEST_EXPECT_ERROR
(PKIX_List_InsertItem(NULL, 1, tempItem, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_AppendItem(NULL, tempItem, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(list, 5, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(NULL, 1, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_List_GetLength(list, NULL, plContext));
PKIX_TEST_DECREF_BC(list);
PKIX_TEST_DECREF_BC(emptylist);
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(PKIX_List *list)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(list);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_List *list, *list2;
PKIX_PL_String *testItem, *testItem2, *testItem3;
char *testItemString = "a";
char *testItemString2 = "b";
char *testItemString3 = "c";
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Lists");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_List_Create");
createLists(&list, &list2);
subTest("pkix_List_ReverseList");
testReverseList();
subTest("Zero-length List");
testZeroLengthList(list);
subTest("PKIX_List_Get/SetItem");
testGetSetItem
(list,
testItemString,
testItemString2,
testItemString3,
&testItem,
&testItem2,
&testItem3);
subTest("PKIX_List_GetLength");
testGetLength(list);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(list,
list,
list2,
"(c, b, c)",
List,
PKIX_TRUE);
subTest("PKIX_List_InsertItem");
testInsertItem(list, testItem, testItemString);
subTest("PKIX_List_AppendItem");
testAppendItem(list, testItem);
subTest("Nested Lists");
testNestedLists(list, list2, testItem, testItem2);
subTest("PKIX_List_DeleteItem");
testDeleteItem(list, list2, testItem2, testItem3);
PKIX_TEST_DECREF_BC(testItem);
PKIX_TEST_DECREF_BC(testItem2);
PKIX_TEST_DECREF_BC(testItem3);
#if testContainsFunction
/* This test requires pkix_List_Contains to be in nss.def */
testContains();
#endif
subTest("PKIX_List Error Handling");
testErrorHandling();
subTest("PKIX_List_Destroy");
testDestroy(list);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Lists");
return (0);
}

163
security/nss/cmd/libpkix/pkix/util/test_list2.c Normal file
Просмотреть файл

@ -0,0 +1,163 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_list2.c
*
* Performs an in-place sort on a list
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
int main(int argc, char *argv[]) {
PKIX_List *list;
char *temp;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_Int32 cmpResult;
PKIX_PL_OID *testOID;
PKIX_PL_String *testString;
PKIX_PL_Object *obj, *obj2;
PKIX_UInt32 size = 10;
char *testOIDString[10] = {
"2.9.999.1.20",
"1.2.3.4.5.6.7",
"0.1",
"1.2.3.5",
"0.39",
"1.2.3.4.7",
"1.2.3.4.6",
"0.39.1",
"1.2.3.4.5",
"0.39.1.300"
};
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_TEST_STD_VARS();
startTests("List Sorting");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("Creating Unsorted Lists");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&list, plContext));
for (i = 0; i < size; i++) {
/* Create a new OID object */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(
testOIDString[i],
&testOID,
plContext));
/* Insert it into the list */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(list, (PKIX_PL_Object*)testOID, plContext));
/* Decref the string object */
PKIX_TEST_DECREF_BC(testOID);
}
subTest("Outputting Unsorted List");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object*)list,
&testString,
plContext));
temp = PKIX_String2ASCII(testString, plContext);
if (temp){
(void) printf("%s \n", temp);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
PKIX_TEST_DECREF_BC(testString);
subTest("Performing Bubble Sort");
for (i = 0; i < size; i++)
for (j = 9; j > i; j--) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem(list, j, &obj, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(list, j-1, &obj2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare
(obj, obj2, &cmpResult, plContext));
if (cmpResult < 0) {
/* Exchange the items */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetItem
(list, j, obj2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_SetItem
(list, j-1, obj, plContext));
}
/* DecRef objects */
PKIX_TEST_DECREF_BC(obj);
PKIX_TEST_DECREF_BC(obj2);
}
subTest("Outputting Sorted List");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object*)list,
&testString,
plContext));
temp = PKIX_String2ASCII(testString, plContext);
if (temp){
(void) printf("%s \n", temp);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(testString);
PKIX_TEST_DECREF_AC(list);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("List Sorting");
return (0);
}

372
security/nss/cmd/libpkix/pkix/util/test_logger.c Normal file
Просмотреть файл

@ -0,0 +1,372 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_logger.c
*
* Tests Logger Objects
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
char *levels[] = {
"None",
"Fatal Error",
"Error",
"Warning",
"Debug",
"Trace"
};
PKIX_Error *testLoggerCallback(
PKIX_Logger *logger,
PKIX_PL_String *message,
PKIX_UInt32 logLevel,
PKIX_ERRORNUM logComponent,
void *plContext)
{
char *comp = NULL;
char *msg = NULL;
char result[100];
static int callCount = 0;
PKIX_TEST_STD_VARS();
msg = PKIX_String2ASCII(message, plContext);
PR_snprintf(result, 100, "Logging %s (%s): %s",
levels[logLevel], PKIX_ERRORNAMES[logComponent], msg);
subTest(result);
callCount++;
if (callCount > 1) {
testError("Incorrect number of Logger Callback <expect 1>");
}
cleanup:
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(msg, plContext));
PKIX_TEST_RETURN();
}
PKIX_Error *testLoggerCallback2(
PKIX_Logger *logger,
PKIX_PL_String *message,
PKIX_UInt32 logLevel,
PKIX_ERRORNUM logComponent,
void *plContext)
{
char *comp = NULL;
char *msg = NULL;
char result[100];
PKIX_TEST_STD_VARS();
msg = PKIX_String2ASCII(message, plContext);
PR_snprintf(result, 100, "Logging %s (%s): %s",
levels[logLevel], PKIX_ERRORNAMES[logComponent], msg);
subTest(result);
cleanup:
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(msg, plContext));
PKIX_TEST_RETURN();
}
void
createLogger(PKIX_Logger **logger,
PKIX_PL_Object *context,
PKIX_Logger_LogCallback cb)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_Create
(cb, context, logger, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testContextCallback(PKIX_Logger *logger, PKIX_Logger *logger2)
{
PKIX_Logger_LogCallback cb = NULL;
PKIX_PL_Object *context = NULL;
PKIX_Boolean cmpResult = PKIX_FALSE;
PKIX_UInt32 length;
PKIX_TEST_STD_VARS();
subTest("PKIX_Logger_GetLoggerContext");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_GetLoggerContext
(logger2, &context, plContext));
testEqualsHelper
((PKIX_PL_Object *)logger, context, PKIX_TRUE, plContext);
subTest("PKIX_Logger_GetLogCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_GetLogCallback
(logger, &cb, plContext));
if (cb != testLoggerCallback) {
testError("Incorrect Logger Callback returned");
}
cleanup:
PKIX_TEST_DECREF_AC(context);
PKIX_TEST_RETURN();
}
void
testComponent(PKIX_Logger *logger)
{
PKIX_ERRORNUM compName = (PKIX_ERRORNUM)NULL;
PKIX_ERRORNUM compNameReturn = (PKIX_ERRORNUM)NULL;
PKIX_Boolean cmpResult = PKIX_FALSE;
PKIX_TEST_STD_VARS();
subTest("PKIX_Logger_GetLoggingComponent");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_GetLoggingComponent
(logger, &compName, plContext));
if (compName != (PKIX_ERRORNUM)NULL) {
testError("Incorrect Logger Component returned. expect <NULL>");
}
subTest("PKIX_Logger_SetLoggingComponent");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetLoggingComponent
(logger, PKIX_LIST_ERROR, plContext));
subTest("PKIX_Logger_GetLoggingComponent");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_GetLoggingComponent
(logger, &compNameReturn, plContext));
if (compNameReturn != PKIX_LIST_ERROR) {
testError("Incorrect Logger Component returned.");
}
cleanup:
PKIX_TEST_RETURN();
}
void
testMaxLoggingLevel(PKIX_Logger *logger)
{
PKIX_UInt32 level = 0;
PKIX_TEST_STD_VARS();
subTest("PKIX_Logger_GetMaxLoggingLevel");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_GetMaxLoggingLevel
(logger, &level, plContext));
if (level != 0) {
testError("Incorrect Logger MaxLoggingLevel returned");
}
subTest("PKIX_Logger_SetMaxLoggingLevel");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetMaxLoggingLevel
(logger, 3, plContext));
subTest("PKIX_Logger_GetMaxLoggingLevel");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_GetMaxLoggingLevel
(logger, &level, plContext));
if (level != 3) {
testError("Incorrect Logger MaxLoggingLevel returned");
}
cleanup:
PKIX_TEST_RETURN();
}
void
testLogger(PKIX_Logger *logger, PKIX_Logger *logger2)
{
PKIX_List *loggerList = NULL;
PKIX_List *checkList = NULL;
PKIX_UInt32 length;
PKIX_Boolean cmpResult = PKIX_FALSE;
char *expectedAscii = "[\n"
"\tLogger: \n"
"\tContext: (null)\n"
"\tMaximum Level: 3\n"
"\tComponent Name: LIST\n"
"]\n";
PKIX_TEST_STD_VARS();
subTest("PKIX_GetLoggers");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_GetLoggers(&loggerList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(loggerList, &length, plContext));
if (length != 0){
testError("Incorrect Logger List returned");
}
PKIX_TEST_DECREF_BC(loggerList);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&loggerList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(loggerList, (PKIX_PL_Object *) logger, plContext));
subTest("PKIX_SetLoggers");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_SetLoggers(loggerList, plContext));
subTest("PKIX_Logger_SetLoggingComponent");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetLoggingComponent
(logger2, PKIX_MUTEX_ERROR, plContext));
subTest("PKIX_Logger_SetMaxLoggingLevel");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Logger_SetMaxLoggingLevel
(logger2, 5, plContext));
subTest("PKIX_AddLogger");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_AddLogger(logger2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&checkList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(checkList, (PKIX_PL_Object *) logger, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(checkList, (PKIX_PL_Object *) logger2, plContext));
PKIX_TEST_DECREF_BC(loggerList);
subTest("PKIX_GetLoggers");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_GetLoggers(&loggerList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(loggerList, &length, plContext));
subTest("pkix_Loggers_Equals");
testEqualsHelper
((PKIX_PL_Object *) loggerList,
(PKIX_PL_Object *) checkList,
PKIX_TRUE,
plContext);
subTest("pkix_Loggers_Duplicate");
testDuplicateHelper((PKIX_PL_Object *)logger, plContext);
subTest("pkix_Loggers_Hashcode");
testHashcodeHelper((PKIX_PL_Object *) logger,
(PKIX_PL_Object *) logger,
PKIX_TRUE,
plContext);
subTest("pkix_Loggers_ToString");
testToStringHelper((PKIX_PL_Object *) logger, expectedAscii, plContext);
subTest("PKIX Logger Callback");
subTest("Expect to have ***Fatal Error (List): Null argument*** once");
PKIX_TEST_EXPECT_ERROR(PKIX_List_AppendItem
(NULL, (PKIX_PL_Object *) NULL, plContext));
cleanup:
PKIX_TEST_DECREF_AC(loggerList);
PKIX_TEST_DECREF_AC(checkList);
PKIX_TEST_RETURN();
}
void
testDestroy(PKIX_Logger *logger)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(logger);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_Logger *logger, *logger2;
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Loggers");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_Logger_Create");
createLogger(&logger, NULL, testLoggerCallback);
createLogger(&logger2, (PKIX_PL_Object *)logger, testLoggerCallback2);
subTest("Logger Context and Callback");
testContextCallback(logger, logger2);
subTest("Logger Component");
testComponent(logger);
subTest("Logger MaxLoggingLevel");
testMaxLoggingLevel(logger);
subTest("Logger List operations");
testLogger(logger, logger2);
subTest("PKIX_Logger_Destroy");
testDestroy(logger);
testDestroy(logger2);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Loggers");
return (0);
}

79
security/nss/cmd/libpkix/pkix_pl/Makefile Executable file
Просмотреть файл

@ -0,0 +1,79 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

41
security/nss/cmd/libpkix/pkix_pl/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,41 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ./..
DIRS = module pki system \
$(NULL)

80
security/nss/cmd/libpkix/pkix_pl/module/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

54
security/nss/cmd/libpkix/pkix_pl/module/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,54 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_colcertstore.c \
test_ekuchecker.c \
test_pk11certstore.c \
test_socket.c \
test_httpcertstore.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

292
security/nss/cmd/libpkix/pkix_pl/module/test_colcertstore.c Normal file
Просмотреть файл

@ -0,0 +1,292 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_colcertstore.c
*
* Test CollectionCertStore Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
/* When CRL IDP is supported, change NUM_CRLS to 9 */
#define PKIX_TEST_COLLECTIONCERTSTORE_NUM_CRLS 4
#define PKIX_TEST_COLLECTIONCERTSTORE_NUM_CERTS 15
void *plContext = NULL;
PKIX_Error *
testCRLSelectorMatchCallback(
PKIX_CRLSelector *selector,
PKIX_PL_CRL *crl,
PKIX_Boolean *pMatch,
void *plContext)
{
*pMatch = PKIX_TRUE;
return (0);
}
PKIX_Error *
testCertSelectorMatchCallback(
PKIX_CertSelector *selector,
PKIX_PL_Cert *cert,
PKIX_Boolean *pResult,
void *plContext)
{
*pResult = PKIX_TRUE;
return (0);
}
PKIX_Error *
getCertCallback(
PKIX_CertStore *store,
PKIX_CertSelector *certSelector,
PKIX_List **pCerts,
void *plContext)
{
return (0);
}
static char *catDirName(char *platform, char *dir, void *plContext)
{
char *pathName = NULL;
PKIX_UInt32 dirLen;
PKIX_UInt32 platformLen;
PKIX_TEST_STD_VARS();
dirLen = PL_strlen(dir);
platformLen = PL_strlen(platform);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc
(platformLen + dirLen + 2, (void **)&pathName, plContext));
PL_strcpy(pathName, platform);
PL_strcat(pathName, "/");
PL_strcat(pathName, dir);
cleanup:
PKIX_TEST_RETURN();
return (pathName);
}
void testGetCRL(char *crlDir)
{
PKIX_PL_String *dirString = NULL;
PKIX_CertStore_CRLCallback crlCallback;
PKIX_CertStore *certStore = NULL;
PKIX_CRLSelector *crlSelector = NULL;
PKIX_List *crlList = NULL;
PKIX_UInt32 numCrl = 0;
void *nbioContext = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
crlDir,
0,
&dirString,
plContext));
subTest("PKIX_PL_CollectionCertStore_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirString,
&certStore,
plContext));
subTest("PKIX_CRLSelector_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create
(testCRLSelectorMatchCallback,
NULL,
&crlSelector,
plContext));
subTest("PKIX_CertStore_GetCRLCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback
(certStore, &crlCallback, NULL));
subTest("Getting data from CRL Callback");
PKIX_TEST_EXPECT_NO_ERROR(crlCallback
(certStore,
crlSelector,
&nbioContext,
&crlList,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(crlList,
&numCrl,
plContext));
if (numCrl != PKIX_TEST_COLLECTIONCERTSTORE_NUM_CRLS) {
pkixTestErrorMsg = "unexpected CRL number mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(dirString);
PKIX_TEST_DECREF_AC(crlList);
PKIX_TEST_DECREF_AC(crlSelector);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_RETURN();
}
void testGetCert(char *certDir)
{
PKIX_PL_String *dirString = NULL;
PKIX_CertStore_CertCallback certCallback;
PKIX_CertStore *certStore = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_List *certList = NULL;
PKIX_UInt32 numCert = 0;
void *nbioContext = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
certDir,
0,
&dirString,
plContext));
subTest("PKIX_PL_CollectionCertStore_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirString,
&certStore,
plContext));
subTest("PKIX_CertSelector_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(testCertSelectorMatchCallback,
NULL,
&certSelector,
plContext));
subTest("PKIX_CertStore_GetCertCallback");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback
(certStore, &certCallback, NULL));
subTest("Getting data from Cert Callback");
PKIX_TEST_EXPECT_NO_ERROR(certCallback
(certStore,
certSelector,
&nbioContext,
&certList,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(certList,
&numCert,
plContext));
if (numCert != PKIX_TEST_COLLECTIONCERTSTORE_NUM_CERTS) {
pkixTestErrorMsg = "unexpected Cert number mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(dirString);
PKIX_TEST_DECREF_AC(certList);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s test-purpose <data-dir> <platform-dir>\n\n", pName);
}
/* Functional tests for CollectionCertStore public functions */
int main(int argc, char *argv[]) {
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
char *platformDir = NULL;
char *dataDir = NULL;
char *combinedDir = NULL;
PKIX_TEST_STD_VARS();
startTests("CollectionCertStore");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < (3 + j)) {
printUsage(argv[0]);
return (0);
}
dataDir = argv[2 + j];
platformDir = argv[3 + j];
combinedDir = catDirName(platformDir, dataDir, plContext);
testGetCRL(combinedDir);
testGetCert(combinedDir);
cleanup:
pkixTestErrorResult = PKIX_PL_Free(combinedDir, plContext);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CollectionCertStore");
return (0);
}

329
security/nss/cmd/libpkix/pkix_pl/module/test_ekuchecker.c Normal file
Просмотреть файл

@ -0,0 +1,329 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_ekuchecker.c
*
* Test Extend Key Usage Checker
*
*/
#include "testutil.h"
#include "testutil_nss.h"
#define PKIX_TEST_MAX_CERTS 10
void *plContext = NULL;
void printUsage1(char *pName){
printf("\nUSAGE: %s test-purpose [ENE|EE] ", pName);
printf("[E]oid[,oid]* <data-dir> cert [certs].\n");
}
void printUsageMax(PKIX_UInt32 numCerts){
printf("\nUSAGE ERROR: number of certs %d exceed maximum %d\n",
numCerts, PKIX_TEST_MAX_CERTS);
}
PKIX_Error *
testCertSelectorMatchCallback(
PKIX_CertSelector *selector,
PKIX_PL_Cert *cert,
PKIX_Boolean *pResult,
void *plContext)
{
*pResult = PKIX_TRUE;
return (0);
}
PKIX_Error *
testEkuSetup(
PKIX_ValidateParams *valParams,
char *ekuOidString,
PKIX_Boolean *only4EE)
{
PKIX_ProcessingParams *procParams = NULL;
PKIX_List *ekuList = NULL;
PKIX_PL_OID *ekuOid = NULL;
PKIX_ComCertSelParams *selParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_Boolean last_token = PKIX_FALSE;
PKIX_UInt32 i, tokeni;
PKIX_TEST_STD_VARS();
subTest("PKIX_ValidateParams_GetProcessingParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
/* Get extended key usage OID(s) from command line, separated by "," */
if (ekuOidString[0] == '"') {
/* erase doble quotes, if any */
i = 1;
while (ekuOidString[i] != '"' && ekuOidString[i] != '\0') {
ekuOidString[i-1] = ekuOidString[i];
i++;
}
ekuOidString[i-1] = '\0';
}
if (ekuOidString[0] == '\0') {
ekuList = NULL;
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&ekuList, plContext));
/* if OID string start with E, only check for last cert */
if (ekuOidString[0] == 'E') {
*only4EE = PKIX_TRUE;
tokeni = 2;
i = 1;
} else {
*only4EE = PKIX_FALSE;
tokeni = 1;
i = 0;
}
while (last_token != PKIX_TRUE) {
while (ekuOidString[tokeni] != ',' &&
ekuOidString[tokeni] != '\0') {
tokeni++;
}
if (ekuOidString[tokeni] == '\0') {
last_token = PKIX_TRUE;
} else {
ekuOidString[tokeni] = '\0';
tokeni++;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(&ekuOidString[i], &ekuOid, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(ekuList, (PKIX_PL_Object *)ekuOid, plContext));
PKIX_TEST_DECREF_BC(ekuOid);
i = tokeni;
}
}
/* Set extended key usage link to processing params */
subTest("PKIX_ComCertSelParams_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&selParams, plContext));
subTest("PKIX_ComCertSelParams_SetExtendedKeyUsage");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetExtendedKeyUsage
(selParams, ekuList, plContext));
subTest("PKIX_CertSelector_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(testCertSelectorMatchCallback,
NULL,
&certSelector,
plContext));
subTest("PKIX_CertSelector_SetCommonCertSelectorParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, selParams, plContext));
subTest("PKIX_ProcessingParams_SetTargetCertConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
cleanup:
PKIX_TEST_DECREF_AC(selParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(ekuOid);
PKIX_TEST_DECREF_AC(ekuList);
PKIX_TEST_RETURN();
return (0);
}
PKIX_Error *
testEkuChecker(
PKIX_ValidateParams *valParams,
PKIX_Boolean only4EE)
{
PKIX_ProcessingParams *procParams = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
subTest("PKIX_ProcessingParams_SetRevocationEnabled - disable");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
if (only4EE == PKIX_FALSE) {
subTest("PKIX_PL_EkuChecker_Initialize");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_EkuChecker_Initialize
(procParams, plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_RETURN();
return (0);
}
int main(int argc, char *argv[]){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
char *dirName = NULL;
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_Boolean testValid = PKIX_FALSE;
PKIX_Boolean only4EE = PKIX_FALSE;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage1(argv[0]);
return (0);
}
startTests("EKU Checker");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
dirName = argv[4+j];
chainLength = (argc - j) - 6;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[6+i+j];
certs[i] = NULL;
}
subTest(argv[1+j]);
subTest("Extended-Key-Usage-Checker");
subTest("Extended-Key-Usage-Checker - Create Cert Chain");
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest("Extended-Key-Usage-Checker - Create Params");
valParams = createValidateParams
(dirName,
argv[5+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("Default CertStore");
testEkuSetup(valParams, argv[3+j], &only4EE);
testEkuChecker(valParams, only4EE);
subTest("Extended-Key-Usage-Checker - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("EKU Checker");
return (0);
}

329
security/nss/cmd/libpkix/pkix_pl/module/test_httpcertstore.c Normal file
Просмотреть файл

@ -0,0 +1,329 @@
/*
* test_httpcertstore.c
*
* Test Httpcertstore Type
*
* Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistribution of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistribution in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Neither the name of Sun Microsystems, Inc. or the names of contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* This software is provided "AS IS," without a warranty of any kind. ALL
* EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
* ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
* OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
* AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
* AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
* DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
* REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
* INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
* OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
* EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
*
* You acknowledge that this software is not designed or intended for use in
* the design, construction, operation or maintenance of any nuclear facility.
*/
#include "testutil.h"
#include "testutil_nss.h"
#include "pkix_pl_common.h"
void *plContext = NULL;
void printUsage(char *testname) {
char *fmt =
"USAGE: %s [-arenas] certDir certName\n";
printf(fmt, "test_httpcertstore");
}
/* Functional tests for Socket public functions */
void do_other_work(void) { /* while waiting for nonblocking I/O to complete */
(void) PR_Sleep(2*60);
}
PKIX_Error *
PKIX_PL_HttpCertStore_Create(
PKIX_PL_HttpClient *client, /* if NULL, use default Client */
PKIX_PL_GeneralName *location,
PKIX_CertStore **pCertStore,
void *plContext);
PKIX_Error *
pkix_pl_HttpCertStore_CreateWithAsciiName(
PKIX_PL_HttpClient *client, /* if NULL, use default Client */
char *location,
PKIX_CertStore **pCertStore,
void *plContext);
PKIX_Error *
getLocation(
PKIX_PL_Cert *certWithAia,
PKIX_PL_GeneralName **pLocation,
void *plContext)
{
PKIX_List *aiaList = NULL;
PKIX_UInt32 size = 0;
PKIX_PL_InfoAccess *aia = NULL;
PKIX_UInt32 iaType = PKIX_INFOACCESS_LOCATION_UNKNOWN;
PKIX_PL_GeneralName *location = NULL;
PKIX_TEST_STD_VARS();
subTest("Getting Authority Info Access");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess
(certWithAia, &aiaList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(aiaList, &size, plContext));
if (size != 1) {
pkixTestErrorMsg = "unexpected number of AIA";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(aiaList, 0, (PKIX_PL_Object **) &aia, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocationType
(aia, &iaType, plContext));
if (iaType != PKIX_INFOACCESS_LOCATION_HTTP) {
pkixTestErrorMsg = "unexpected location type in AIA";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation
(aia, &location, plContext));
*pLocation = location;
cleanup:
PKIX_TEST_DECREF_AC(aiaList);
PKIX_TEST_DECREF_AC(aia);
PKIX_TEST_RETURN();
return (NULL);
}
int main(int argc, char *argv[]) {
PKIX_UInt32 i = 0;
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 numCrls = 0;
int j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 length = 0;
char *certName = NULL;
char *certDir = NULL;
PKIX_PL_Cert *cmdLineCert = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_CertStore *crlStore = NULL;
PKIX_PL_GeneralName *location = NULL;
PKIX_CertStore_CertCallback getCerts = NULL;
PKIX_List *certs = NULL;
char *asciiResult = NULL;
void *nbio = NULL;
PKIX_PL_CRL *crl = NULL;
PKIX_CRLSelector *crlSelector = NULL;
char *crlLocation = "http://betty.nist.gov/pathdiscoverytestsuite/CRL"
"files/BasicHTTPURIPeer2CACRL.crl";
PKIX_CertStore_CRLCallback getCrls = NULL;
PKIX_List *crls = NULL;
PKIX_PL_String *crlString = NULL;
PKIX_TEST_STD_VARS();
startTests("HttpCertStore");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc != (j + 3)) {
printUsage(argv[0]);
pkixTestErrorMsg = "Missing command line argument.";
goto cleanup;
}
certDir = argv[++j];
certName = argv[++j];
cmdLineCert = createCert(certDir, certName, plContext);
if (cmdLineCert == NULL) {
pkixTestErrorMsg = "Unable to create Cert";
goto cleanup;
}
/* muster arguments to create HttpCertStore */
PKIX_TEST_EXPECT_NO_ERROR(getLocation
(cmdLineCert, &location, plContext));
if (location == NULL) {
pkixTestErrorMsg = "Give me a cert with an HTTP URI!";
goto cleanup;
}
/* create HttpCertStore */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HttpCertStore_Create
(NULL, location, &certStore, plContext));
/* get the GetCerts callback */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback
(certStore, &getCerts, plContext));
/* create a CertSelector */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
/* Get the certs */
PKIX_TEST_EXPECT_NO_ERROR(getCerts
(certStore, certSelector, &nbio, &certs, plContext));
while (nbio != NULL) {
/* poll for a completion */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CertContinue
(certStore, certSelector, &nbio, &certs, plContext));
}
if (certs) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
if (numCerts == 0) {
printf("HttpCertStore returned an empty Cert list\n");
goto cleanup;
}
for (i = 0; i < numCerts; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
/* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, NULL));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
} else {
printf("HttpCertStore returned a NULL Cert list\n");
}
/* create HttpCertStore */
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_HttpCertStore_CreateWithAsciiName
(NULL, crlLocation, &crlStore, plContext));
/* get the GetCrls callback */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback
(crlStore, &getCrls, plContext));
/* create a CrlSelector */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create
(NULL, NULL, &crlSelector, plContext));
/* Get the crls */
PKIX_TEST_EXPECT_NO_ERROR(getCrls
(crlStore, crlSelector, &nbio, &crls, plContext));
while (nbio != NULL) {
/* poll for a completion */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_CrlContinue
(crlStore, crlSelector, &nbio, &crls, plContext));
}
if (crls) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(crls, &numCrls, plContext));
if (numCrls == 0) {
printf("HttpCertStore returned an empty CRL list\n");
goto cleanup;
}
for (i = 0; i < numCrls; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(crls,
i,
(PKIX_PL_Object**)&crl,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString(
(PKIX_PL_Object *)crl,
&crlString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded
(crlString,
PKIX_ESCASCII,
(void **)&asciiResult,
&length,
plContext));
printf("CRL[%d]:\n%s\n", i, asciiResult);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, plContext));
PKIX_TEST_DECREF_BC(crlString);
PKIX_TEST_DECREF_BC(crl);
}
} else {
printf("HttpCertStore returned a NULL CRL list\n");
}
cleanup:
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(cmdLineCert);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(crlStore);
PKIX_TEST_DECREF_AC(location);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(crl);
PKIX_TEST_DECREF_AC(crlString);
PKIX_TEST_DECREF_AC(crls);
PKIX_TEST_RETURN();
endTests("HttpDefaultClient");
return (0);
}

676
security/nss/cmd/libpkix/pkix_pl/module/test_pk11certstore.c Normal file
Просмотреть файл

@ -0,0 +1,676 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_pk11certstore.c
*
* Test Pk11CertStore Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
/*
* This function creates a certSelector with ComCertSelParams set up to
* select entries whose Subject Name matches that in the given Cert and
* whose validity window includes the Date specified by "validityDate".
*/
void test_makeSubjectCertSelector(
PKIX_PL_Cert *certNameToMatch,
PKIX_PL_Date *validityDate,
PKIX_CertSelector **pSelector,
void *plContext)
{
PKIX_CertSelector *selector = NULL;
PKIX_ComCertSelParams *subjParams = NULL;
PKIX_PL_X500Name *subjectName = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &selector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&subjParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject
(certNameToMatch, &subjectName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject
(subjParams, subjectName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificateValid
(subjParams, validityDate, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_SetCommonCertSelectorParams
(selector, subjParams, plContext));
*pSelector = selector;
cleanup:
PKIX_TEST_DECREF_AC(subjParams);
PKIX_TEST_DECREF_AC(subjectName);
PKIX_TEST_RETURN();
}
/*
* This function creates a certSelector with ComCertSelParams set up to
* select entries containing a Basic Constraints extension with a path
* length of at least the specified "minPathLength".
*/
void test_makePathCertSelector(
PKIX_Int32 minPathLength,
PKIX_CertSelector **pSelector,
void *plContext)
{
PKIX_CertSelector *selector = NULL;
PKIX_ComCertSelParams *pathParams = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &selector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&pathParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
(pathParams, minPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_SetCommonCertSelectorParams
(selector, pathParams, plContext));
*pSelector = selector;
cleanup:
PKIX_TEST_DECREF_AC(pathParams);
PKIX_TEST_RETURN();
}
/*
* This function reads a directory-file cert specified by "desiredSubjectCert",
* and decodes the SubjectName. It uses that name to set up the CertSelector
* for a Subject Name match, and then queries the database for matching entries.
* It is intended to test a "smart" database query.
*/
void testMatchCertSubject(
char *crlDir,
char *desiredSubjectCert,
char *expectedAscii,
PKIX_PL_Date *validityDate,
void *plContext)
{
PKIX_UInt32 numCert = 0;
PKIX_PL_Cert *certWithDesiredSubject = NULL;
PKIX_CertStore *certStore = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_List *certList = NULL;
PKIX_CertStore_CertCallback getCert = NULL;
void *nbioContext = NULL;
PKIX_TEST_STD_VARS();
certWithDesiredSubject = createCert
(crlDir, desiredSubjectCert, plContext);
test_makeSubjectCertSelector
(certWithDesiredSubject,
validityDate,
&certSelector,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback
(certStore, &getCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(getCert
(certStore,
certSelector,
&nbioContext,
&certList,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(certList, &numCert, plContext));
if (numCert > 0) {
/* List should be immutable */
PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem
(certList, 0, plContext));
}
if (expectedAscii) {
testToStringHelper
((PKIX_PL_Object *)certList, expectedAscii, plContext);
}
cleanup:
PKIX_TEST_DECREF_AC(certWithDesiredSubject);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(certList);
PKIX_TEST_RETURN();
}
/*
* This function uses the minimum path length specified by "minPath" to set up
* a CertSelector for a BasicConstraints match, and then queries the database
* for matching entries. It is intended to test the case where there
* is no "smart" database query, so the database will be asked for all
* available certs and the filtering will be done by the interaction of the
* certstore and the selector.
*/
void testMatchCertMinPath(
PKIX_Int32 minPath,
char *expectedAscii,
void *plContext)
{
PKIX_CertStore *certStore = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_List *certList = NULL;
PKIX_CertStore_CertCallback getCert = NULL;
void *nbioContext = NULL;
PKIX_TEST_STD_VARS();
subTest("Searching Certs for minPath");
test_makePathCertSelector
(minPath, &certSelector, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback
(certStore, &getCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(getCert
(certStore,
certSelector,
&nbioContext,
&certList,
plContext));
if (expectedAscii) {
testToStringHelper
((PKIX_PL_Object *)certList, expectedAscii, plContext);
}
cleanup:
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(certList);
PKIX_TEST_RETURN();
}
/*
* This function creates a crlSelector with ComCrlSelParams set up to
* select entries whose Issuer Name matches that in the given Crl.
*/
void test_makeIssuerCRLSelector(
PKIX_PL_CRL *crlNameToMatch,
PKIX_CRLSelector **pSelector,
void *plContext)
{
PKIX_CRLSelector *selector = NULL;
PKIX_ComCRLSelParams *issuerParams = NULL;
PKIX_PL_X500Name *issuerName = NULL;
PKIX_List *names = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create
(NULL, NULL, &selector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create
(&issuerParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetIssuer
(crlNameToMatch, &issuerName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&names, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(names, (PKIX_PL_Object *)issuerName, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetIssuerNames
(issuerParams, names, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CRLSelector_SetCommonCRLSelectorParams
(selector, issuerParams, plContext));
*pSelector = selector;
cleanup:
PKIX_TEST_DECREF_AC(issuerParams);
PKIX_TEST_DECREF_AC(issuerName);
PKIX_TEST_DECREF_AC(names);
PKIX_TEST_RETURN();
}
/*
* This function creates a crlSelector with ComCrlSelParams set up to
* select entries that would be valid at the Date specified by the Date
* criterion.
*/
void test_makeDateCRLSelector(
PKIX_PL_Date *dateToMatch,
PKIX_CRLSelector **pSelector,
void *plContext)
{
PKIX_CRLSelector *selector = NULL;
PKIX_ComCRLSelParams *dateParams = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CRLSelector_Create
(NULL, NULL, &selector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_Create
(&dateParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCRLSelParams_SetDateAndTime
(dateParams, dateToMatch, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CRLSelector_SetCommonCRLSelectorParams
(selector, dateParams, plContext));
*pSelector = selector;
cleanup:
PKIX_TEST_DECREF_AC(dateParams);
PKIX_TEST_RETURN();
}
/*
* This function reads a directory-file crl specified by "desiredIssuerCrl",
* and decodes the IssuerName. It uses that name to set up the CrlSelector
* for a Issuer Name match, and then queries the database for matching entries.
* It is intended to test the case of a "smart" database query.
*/
void testMatchCrlIssuer(
char *crlDir,
char *desiredIssuerCrl,
char *expectedAscii,
void *plContext)
{
PKIX_UInt32 numCrl = 0;
PKIX_PL_CRL *crlWithDesiredIssuer = NULL;
PKIX_CertStore *crlStore = NULL;
PKIX_CRLSelector *crlSelector = NULL;
PKIX_List *crlList = NULL;
PKIX_CertStore_CRLCallback getCrl = NULL;
void *nbioContext = NULL;
PKIX_TEST_STD_VARS();
subTest("Searching CRLs for matching Issuer");
crlWithDesiredIssuer = createCRL(crlDir, desiredIssuerCrl, plContext);
test_makeIssuerCRLSelector
(crlWithDesiredIssuer, &crlSelector, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&crlStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback
(crlStore, &getCrl, plContext));
PKIX_TEST_EXPECT_NO_ERROR(getCrl
(crlStore,
crlSelector,
&nbioContext,
&crlList,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(crlList, &numCrl, plContext));
if (numCrl > 0) {
/* List should be immutable */
PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem
(crlList, 0, plContext));
}
if (expectedAscii) {
testToStringHelper
((PKIX_PL_Object *)crlList, expectedAscii, plContext);
}
cleanup:
PKIX_TEST_DECREF_AC(crlWithDesiredIssuer);
PKIX_TEST_DECREF_AC(crlStore);
PKIX_TEST_DECREF_AC(crlSelector);
PKIX_TEST_DECREF_AC(crlList);
PKIX_TEST_RETURN();
}
/*
* This function uses the date specified by "matchDate" to set up the
* CrlSelector for a Date match. It is intended to test the case where there
* is no "smart" database query, so the CertStore should throw an error
* rather than ask the database for all available CRLs and then filter the
* results using the selector.
*/
void testMatchCrlDate(
char *dateMatch,
char *expectedAscii,
void *plContext)
{
PKIX_PL_Date *dateCriterion = NULL;
PKIX_CertStore *crlStore = NULL;
PKIX_CRLSelector *crlSelector = NULL;
PKIX_List *crlList = NULL;
PKIX_CertStore_CRLCallback getCrl = NULL;
PKIX_TEST_STD_VARS();
subTest("Searching CRLs for matching Date");
dateCriterion = createDate(dateMatch, plContext);
test_makeDateCRLSelector(dateCriterion, &crlSelector, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&crlStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCRLCallback
(crlStore, &getCrl, plContext));
PKIX_TEST_EXPECT_ERROR(getCrl
(crlStore, crlSelector, NULL, &crlList, plContext));
cleanup:
PKIX_TEST_DECREF_AC(dateCriterion);
PKIX_TEST_DECREF_AC(crlStore);
PKIX_TEST_DECREF_AC(crlSelector);
PKIX_TEST_DECREF_AC(crlList);
PKIX_TEST_RETURN();
}
void printUsage(char *pName){
printf("\nUSAGE: %s <data-dir> <database-dir>\n\n", pName);
}
/* Functional tests for Pk11CertStore public functions */
int main(int argc, char *argv[]) {
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_PL_Date *validityDate = NULL;
PKIX_PL_Date *betweenDate = NULL;
char *crlDir = NULL;
char *databaseDir = NULL;
char *expectedProfAscii = "([\n"
"\tVersion: v3\n"
"\tSerialNumber: 00ca\n"
"\tIssuer: CN=chemistry,O=mit,C=us\n"
"\tSubject: CN=prof noall,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 14:14:06 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(6)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
", [\n"
"\tVersion: v3\n"
"\tSerialNumber: 03\n"
"\tIssuer: CN=physics,O=mit,C=us\n"
"\tSubject: CN=prof noall,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 12:52:26 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")";
char *expectedValidityAscii = "([\n"
"\tVersion: v3\n"
"\tSerialNumber: 03\n"
"\tIssuer: CN=physics,O=mit,C=us\n"
"\tSubject: CN=prof noall,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 12:52:26 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")";
char *expectedMinPathAscii = "([\n"
"\tVersion: v3\n"
"\tSerialNumber: 01\n"
"\tIssuer: CN=science,O=mit,C=us\n"
"\tSubject: CN=science,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 12:47:58 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(10)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")";
char *expectedIssuerAscii = "([\n"
"\tVersion: v2\n"
"\tIssuer: CN=physics,O=mit,C=us\n"
"\tUpdate: [Last: Fri Feb 11 13:51:38 2005\n"
"\t Next: Mon Jan 18, 2105]\n"
"\tSignatureAlgId: 1.2.840.10040.4.3\n"
"\tCRL Number : (null)\n"
"\n"
"\tEntry List: (\n"
"\t[\n"
"\tSerialNumber: 67\n"
"\tReasonCode: 257\n"
"\tRevocationDate: Fri Feb 11 13:51:38 2005\n"
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n"
"\t)\n"
"\n"
"\tCritExtOIDs: (EMPTY)\n"
"]\n"
")";
char *expectedDateAscii = "([\n"
"\tVersion: v2\n"
"\tIssuer: CN=science,O=mit,C=us\n"
"\tUpdate: [Last: Fri Feb 11 13:34:40 2005\n"
"\t Next: Mon Jan 18, 2105]\n"
"\tSignatureAlgId: 1.2.840.10040.4.3\n"
"\tCRL Number : (null)\n"
"\n"
"\tEntry List: (\n"
"\t[\n"
"\tSerialNumber: 65\n"
"\tReasonCode: 260\n"
"\tRevocationDate: Fri Feb 11 13:34:40 2005\n"
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n"
"\t)\n"
"\n"
"\tCritExtOIDs: (EMPTY)\n"
"]\n"
", [\n"
"\tVersion: v2\n"
"\tIssuer: CN=testing CRL,O=test,C=us\n"
"\tUpdate: [Last: Fri Feb 11 13:14:38 2005\n"
"\t Next: Mon Jan 18, 2105]\n"
"\tSignatureAlgId: 1.2.840.10040.4.3\n"
"\tCRL Number : (null)\n"
"\n"
"\tEntry List: (\n"
"\t[\n"
"\tSerialNumber: 67\n"
"\tReasonCode: 258\n"
"\tRevocationDate: Fri Feb 11 13:14:38 2005\n"
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n"
"\t)\n"
"\n"
"\tCritExtOIDs: (EMPTY)\n"
"]\n"
")";
PKIX_TEST_STD_VARS();
startTests("Pk11CertStore");
if (argc < 3) {
printUsage(argv[0]);
return (0);
}
/* too bad we cannot do this after the macro NSSCONTEXT_SETUP */
databaseDir = argv[1];
if (databaseDir[0] == '-') {
/* with -arenas at front */
databaseDir = argv[2];
}
/* This must precede the call to PKIX_Initialize! */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize_SetConfigDir
(PKIX_STORE_TYPE_PK11, databaseDir, plContext));
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
crlDir = argv[j+2];
/* Two certs for prof should be valid now */
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Date_CreateFromPRTime
(PR_Now(), &validityDate, plContext));
subTest("Searching Certs for Subject");
testMatchCertSubject
(crlDir,
"phy2prof.crt",
NULL, /* expectedProfAscii, */
validityDate,
plContext);
/* One of the certs was not yet valid at this time. */
betweenDate = createDate("050210184000Z", plContext);
subTest("Searching Certs for Subject and Validity");
testMatchCertSubject
(crlDir,
"phy2prof.crt",
NULL, /* expectedValidityAscii, */
betweenDate,
plContext);
testMatchCertMinPath
(9,
NULL, /* expectedMinPathAscii, */
plContext);
testMatchCrlIssuer
(crlDir,
"phys.crl",
NULL, /* expectedIssuerAscii, */
plContext);
testMatchCrlDate
("050211184000Z",
NULL, /* expectedDateAscii, */
plContext);
cleanup:
PKIX_TEST_DECREF_AC(validityDate);
PKIX_TEST_DECREF_AC(betweenDate);
PKIX_TEST_RETURN();
endTests("Pk11CertStore");
return (0);
}

600
security/nss/cmd/libpkix/pkix_pl/module/test_socket.c Normal file
Просмотреть файл

@ -0,0 +1,600 @@
/*
* test_socket.c
*
* Test Socket Type
*
* Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistribution of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistribution in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Neither the name of Sun Microsystems, Inc. or the names of contributors may
* be used to endorse or promote products derived from this software without
* specific prior written permission.
*
* This software is provided "AS IS," without a warranty of any kind. ALL
* EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING
* ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE
* OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED. SUN MICROSYSTEMS, INC. ("SUN")
* AND ITS LICENSORS SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE
* AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS
* DERIVATIVES. IN NO EVENT WILL SUN OR ITS LICENSORS BE LIABLE FOR ANY LOST
* REVENUE, PROFIT OR DATA, OR FOR DIRECT, INDIRECT, SPECIAL, CONSEQUENTIAL,
* INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY
* OF LIABILITY, ARISING OUT OF THE USE OF OR INABILITY TO USE THIS SOFTWARE,
* EVEN IF SUN HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
*
* You acknowledge that this software is not designed or intended for use in
* the design, construction, operation or maintenance of any nuclear facility.
*/
#include "testutil.h"
#include "testutil_nss.h"
#include "pkix_pl_common.h"
#define LDAP_PORT 389
void *plContext = NULL;
typedef enum {
SERVER_LISTENING,
SERVER_RECV1,
SERVER_POLL1,
SERVER_SEND2,
SERVER_POLL2,
SERVER_RECV3,
SERVER_POLL3,
SERVER_SEND4,
SERVER_POLL4,
SERVER_DONE,
SERVER_FAILED
} SERVER_STATE;
typedef enum {
CLIENT_WAITFORCONNECT,
CLIENT_SEND1,
CLIENT_POLL1,
CLIENT_RECV2,
CLIENT_POLL2,
CLIENT_SEND3,
CLIENT_POLL3,
CLIENT_RECV4,
CLIENT_POLL4,
CLIENT_DONE,
CLIENT_FAILED
} CLIENT_STATE;
SERVER_STATE serverState;
CLIENT_STATE clientState;
PKIX_PL_Socket *sSock = NULL;
PKIX_PL_Socket *cSock = NULL;
PKIX_PL_Socket *rendezvousSock = NULL;
PKIX_PL_Socket_Callback *sCallbackList;
PKIX_PL_Socket_Callback *cCallbackList;
PKIX_PL_Socket_Callback *rvCallbackList;
PRNetAddr serverNetAddr;
PRNetAddr clientNetAddr;
PRIntn backlog = 0;
PRIntervalTime timeout = 0;
char *sendBuf1 = "Hello, world!";
char *sendBuf2 = "Ack";
char *sendBuf3 = "What do you mean, \"Ack\"?";
char *sendBuf4 = "What do you mean, \"What do you mean, \'Ack\'?\"?";
char rcvBuf1[100];
char rcvBuf2[100];
void printUsage(char *testname) {
char *fmt = "USAGE: %s [-arenas] server:port\n";
printf(fmt, testname);
}
/* Functional tests for Socket public functions */
void do_other_work(void) { /* while waiting for nonblocking I/O to complete */
(void) PR_Sleep(2*60);
}
PKIX_Boolean server()
{
PKIX_Int32 bytesRead = 0;
PKIX_Int32 bytesWritten = 0;
PKIX_Boolean keepGoing = PKIX_FALSE;
PKIX_TEST_STD_VARS();
switch (serverState) {
case SERVER_LISTENING:
subTest("SERVER_LISTENING");
PKIX_TEST_EXPECT_NO_ERROR(sCallbackList->acceptCallback
(sSock, &rendezvousSock, plContext));
if (rendezvousSock) {
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList
(rendezvousSock, &rvCallbackList, plContext));
serverState = SERVER_RECV1;
}
break;
case SERVER_RECV1:
subTest("SERVER_RECV1");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->recvCallback
(rendezvousSock,
rcvBuf1,
sizeof(rcvBuf1),
&bytesRead,
plContext));
if (bytesRead > 0) {
/* confirm that rcvBuf1 = sendBuf1 */
if ((bytesRead != (PRInt32)PL_strlen(sendBuf1) + 1) ||
(strncmp(sendBuf1, rcvBuf1, bytesRead) != 0)) {
testError("Receive buffer mismatch\n");
}
serverState = SERVER_SEND2;
keepGoing = PKIX_TRUE;
} else {
serverState = SERVER_POLL1;
}
break;
case SERVER_POLL1:
subTest("SERVER_POLL1");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback
(rendezvousSock, NULL, &bytesRead, plContext));
if (bytesRead > 0) {
/* confirm that rcvBuf1 = sendBuf1 */
if ((bytesRead != (PRInt32)PL_strlen(sendBuf1) + 1) ||
(strncmp(sendBuf1, rcvBuf1, bytesRead) != 0)) {
testError("Receive buffer mismatch\n");
}
serverState = SERVER_SEND2;
keepGoing = PKIX_TRUE;
}
break;
case SERVER_SEND2:
subTest("SERVER_SEND2");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->sendCallback
(rendezvousSock,
sendBuf2,
strlen(sendBuf2) + 1,
&bytesWritten,
plContext));
if (bytesWritten > 0) {
serverState = SERVER_RECV3;
} else {
serverState = SERVER_POLL2;
}
break;
case SERVER_POLL2:
subTest("SERVER_POLL2");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback
(rendezvousSock, &bytesWritten, NULL, plContext));
if (bytesWritten > 0) {
serverState = SERVER_RECV3;
}
break;
case SERVER_RECV3:
subTest("SERVER_RECV3");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->recvCallback
(rendezvousSock,
rcvBuf1,
sizeof(rcvBuf1),
&bytesRead,
plContext));
if (bytesRead > 0) {
serverState = SERVER_SEND4;
keepGoing = PKIX_TRUE;
} else {
serverState = SERVER_POLL3;
}
break;
case SERVER_POLL3:
subTest("SERVER_POLL3");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback
(rendezvousSock, NULL, &bytesRead, plContext));
if (bytesRead > 0) {
serverState = SERVER_SEND4;
keepGoing = PKIX_TRUE;
}
break;
case SERVER_SEND4:
subTest("SERVER_SEND4");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->sendCallback
(rendezvousSock,
sendBuf4,
strlen(sendBuf4) + 1,
&bytesWritten,
plContext));
if (bytesWritten > 0) {
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->shutdownCallback
(rendezvousSock, plContext));
PKIX_TEST_DECREF_BC(sSock);
PKIX_TEST_DECREF_BC(rendezvousSock);
serverState = SERVER_DONE;
} else {
serverState = SERVER_POLL4;
}
break;
case SERVER_POLL4:
subTest("SERVER_POLL4");
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->pollCallback
(rendezvousSock, &bytesWritten, NULL, plContext));
if (bytesWritten > 0) {
PKIX_TEST_EXPECT_NO_ERROR(rvCallbackList->shutdownCallback
(rendezvousSock, plContext));
PKIX_TEST_DECREF_BC(sSock);
PKIX_TEST_DECREF_BC(rendezvousSock);
serverState = SERVER_DONE;
}
break;
case SERVER_DONE:
default:
subTest("SERVER_DONE");
break;
}
cleanup:
PKIX_TEST_RETURN();
return (keepGoing);
}
PKIX_Boolean client() {
PKIX_Boolean keepGoing = PKIX_FALSE;
PKIX_Int32 bytesRead = 0;
PKIX_Int32 bytesWritten = 0;
PRErrorCode cStat = 0;
/* At 2 seconds each cycle, this should suffice! */
PKIX_UInt32 giveUpCount = 10;
PKIX_TEST_STD_VARS();
switch (clientState) {
case CLIENT_WAITFORCONNECT:
subTest("CLIENT_WAITFORCONNECT");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->connectcontinueCallback
(cSock, &cStat, plContext));
if (cStat == 0) {
clientState = CLIENT_SEND1;
keepGoing = PKIX_TRUE;
} else {
clientState = CLIENT_WAITFORCONNECT;
if (--giveUpCount == 0) {
testError("Client unable to connect");
}
}
break;
case CLIENT_SEND1:
subTest("CLIENT_SEND1");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->sendCallback
(cSock,
sendBuf1,
strlen(sendBuf1) + 1,
&bytesWritten,
plContext));
if (bytesWritten > 0) {
clientState = CLIENT_RECV2;
} else {
clientState = CLIENT_POLL1;
}
break;
case CLIENT_POLL1:
subTest("CLIENT_POLL1");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback
(cSock, &bytesWritten, NULL, plContext));
if (bytesWritten > 0) {
clientState = CLIENT_RECV2;
} else {
clientState = CLIENT_POLL1;
}
break;
case CLIENT_RECV2:
subTest("CLIENT_RECV2");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->recvCallback
(cSock,
rcvBuf2,
sizeof(rcvBuf2),
&bytesRead,
plContext));
if (bytesRead > 0) {
/* confirm that rcvBuf2 = sendBuf2 */
if ((bytesRead != (PRInt32)PL_strlen(sendBuf2) + 1) ||
(strncmp(sendBuf2, rcvBuf2, bytesRead) != 0)) {
testError("Receive buffer mismatch\n");
}
clientState = CLIENT_SEND3;
keepGoing = PKIX_TRUE;
} else {
clientState = CLIENT_POLL2;
}
break;
case CLIENT_POLL2:
subTest("CLIENT_POLL2");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback
(cSock, NULL, &bytesRead, plContext));
if (bytesRead > 0) {
/* confirm that rcvBuf2 = sendBuf2 */
if ((bytesRead != (PRInt32)PL_strlen(sendBuf2) + 1) ||
(strncmp(sendBuf2, rcvBuf2, bytesRead) != 0)) {
testError("Receive buffer mismatch\n");
}
clientState = CLIENT_SEND3;
} else {
clientState = CLIENT_POLL2;
}
break;
case CLIENT_SEND3:
subTest("CLIENT_SEND3");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->sendCallback
(cSock,
sendBuf3,
strlen(sendBuf3) + 1,
&bytesWritten,
plContext));
if (bytesWritten > 0) {
clientState = CLIENT_RECV4;
} else {
clientState = CLIENT_POLL3;
}
break;
case CLIENT_POLL3:
subTest("CLIENT_POLL3");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback
(cSock, &bytesWritten, NULL, plContext));
if (bytesWritten > 0) {
clientState = CLIENT_RECV4;
} else {
clientState = CLIENT_POLL3;
}
break;
case CLIENT_RECV4:
subTest("CLIENT_RECV4");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->recvCallback
(cSock,
rcvBuf2,
sizeof(rcvBuf2),
&bytesRead,
plContext));
if (bytesRead > 0) {
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->shutdownCallback
(cSock, plContext));
PKIX_TEST_DECREF_BC(cSock);
clientState = CLIENT_DONE;
} else {
clientState = CLIENT_POLL4;
}
break;
case CLIENT_POLL4:
subTest("CLIENT_POLL4");
clientState = CLIENT_FAILED;
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->pollCallback
(cSock, NULL, &bytesRead, plContext));
if (bytesRead > 0) {
PKIX_TEST_EXPECT_NO_ERROR(cCallbackList->shutdownCallback
(cSock, plContext));
PKIX_TEST_DECREF_BC(cSock);
clientState = CLIENT_DONE;
} else {
clientState = CLIENT_POLL4;
}
break;
case CLIENT_DONE:
default:
subTest("CLIENT_DONE");
break;
}
cleanup:
PKIX_TEST_RETURN();
return (keepGoing);
}
void dispatcher()
{
PKIX_Boolean keepGoing = PKIX_FALSE;
PKIX_TEST_STD_VARS();
do {
if (serverState < SERVER_DONE) {
do {
keepGoing = server();
} while (keepGoing == PKIX_TRUE);
}
if (clientState < CLIENT_DONE) {
do {
keepGoing = client();
} while (keepGoing == PKIX_TRUE);
}
do_other_work();
} while ((serverState < SERVER_DONE) || (clientState < CLIENT_DONE));
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_Boolean useArenas = PKIX_FALSE;
int j = 0;
PKIX_UInt32 actualMinorVersion;
char buf[PR_NETDB_BUF_SIZE];
char *serverName = NULL;
char *sepPtr = NULL;
PRHostEnt hostent;
PRUint16 portNum = 0;
PRStatus prstatus = PR_FAILURE;
PRErrorCode cStat = 0;
void *ipaddr = NULL;
PKIX_Error *bindError = NULL;
PRIntn hostenum;
PKIX_TEST_STD_VARS();
startTests("Socket");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc != (j + 2)) {
printUsage(argv[0]);
pkixTestErrorMsg = "Missing command line argument.";
goto cleanup;
}
serverName = argv[j + 1];
subTest("Using pkix_pl_Socket_CreateByName");
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_CreateByName
(PKIX_TRUE, timeout, serverName, &cStat, &sSock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList
(sSock, &sCallbackList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(sCallbackList->listenCallback
(sSock, backlog, plContext));
serverState = SERVER_LISTENING;
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_CreateByName
(PKIX_FALSE, timeout, serverName, &cStat, &cSock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList
(cSock, &cCallbackList, plContext));
if ((timeout == 0) && (cStat == PR_IN_PROGRESS_ERROR)) {
clientState = CLIENT_WAITFORCONNECT;
} else {
clientState = CLIENT_SEND1;
}
dispatcher();
subTest("Using pkix_pl_Socket_Create");
sepPtr = strchr(serverName, ':');
/* First strip off the portnum, if present, from the end of the name */
if (sepPtr) {
*sepPtr++ = '\0';
portNum = (PRUint16)atoi(sepPtr);
} else {
portNum = (PRUint16)LDAP_PORT;
}
/*
* The hostname may be a fully-qualified name. Just
* use the leftmost component in our lookup.
*/
sepPtr = strchr(serverName, '.');
if (sepPtr) {
*sepPtr++ = '\0';
}
prstatus = PR_GetHostByName(serverName, buf, sizeof(buf), &hostent);
if ((prstatus != PR_SUCCESS) || (hostent.h_length != 4)) {
printUsage(argv[0]);
pkixTestErrorMsg =
"PR_GetHostByName rejects command line argument.";
goto cleanup;
}
serverNetAddr.inet.family = PR_AF_INET;
serverNetAddr.inet.port = PR_htons(portNum);
serverNetAddr.inet.ip = PR_INADDR_ANY;
hostenum = PR_EnumerateHostEnt(0, &hostent, portNum, &clientNetAddr);
if (hostenum == -1) {
pkixTestErrorMsg =
"PR_EnumerateHostEnt failed.";
goto cleanup;
}
backlog = 5;
/* timeout = PR_INTERVAL_NO_TIMEOUT; */
/* timeout = 0; nonblocking */
timeout = 0;
bindError = pkix_pl_Socket_Create
(PKIX_TRUE, timeout, &serverNetAddr, &cStat, &sSock, plContext);
/* If PR_Bind can't handle INADDR_ANY, try it with the real name */
if (bindError) {
PKIX_TEST_DECREF_BC(bindError);
serverNetAddr.inet.ip = PR_htonl(*(PRUint32 *)ipaddr);
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_Create
(PKIX_TRUE,
timeout,
&serverNetAddr,
&cStat,
&sSock,
plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList
(sSock, &sCallbackList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(sCallbackList->listenCallback
(sSock, backlog, plContext));
serverState = SERVER_LISTENING;
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_Create
(PKIX_FALSE, timeout, &clientNetAddr, &cStat, &cSock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Socket_GetCallbackList
(cSock, &cCallbackList, plContext));
if ((timeout == 0) && (cStat == PR_IN_PROGRESS_ERROR)) {
clientState = CLIENT_WAITFORCONNECT;
} else {
clientState = CLIENT_SEND1;
}
dispatcher();
cleanup:
PKIX_TEST_DECREF_AC(sSock);
PKIX_TEST_DECREF_AC(cSock);
PKIX_TEST_DECREF_AC(rendezvousSock);
PKIX_TEST_RETURN();
endTests("Socket");
return (0);
}

80
security/nss/cmd/libpkix/pkix_pl/pki/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

58
security/nss/cmd/libpkix/pkix_pl/pki/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,58 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = test_cert.c \
test_crl.c \
test_crlentry.c \
test_date.c \
test_generalname.c \
test_nameconstraints.c \
test_x500name.c \
test_authorityinfoaccess.c \
test_subjectinfoaccess.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

157
security/nss/cmd/libpkix/pkix_pl/pki/test_authorityinfoaccess.c Normal file
Просмотреть файл

@ -0,0 +1,157 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_authorityinfoaccess.c
*
* Test Authority InfoAccess Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
int main(int argc, char *argv[]) {
PKIX_PL_Cert *cert = NULL;
PKIX_PL_Cert *certDiff = NULL;
PKIX_List *aiaList = NULL;
PKIX_List *siaList = NULL;
PKIX_PL_InfoAccess *aia = NULL;
PKIX_PL_InfoAccess *aiaDup = NULL;
PKIX_PL_InfoAccess *aiaDiff = NULL;
char *certPathName = NULL;
char *dirName = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 size, i;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *expectedAscii = "[method:caIssuers, location:ldap:"
"//betty.nist.gov/cn=CA,ou=Basic%20LDAP%20URI%20OU1,"
"o=Test%20Certificates,c=US?cACertificate;binary,"
"crossCertificatePair;binary]";
PKIX_TEST_STD_VARS();
startTests("AuthorityInfoAccess");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 5+j) {
printf("Usage: %s <test-purpose> <cert> <diff-cert>\n", argv[0]);
}
dirName = argv[2+j];
certPathName = argv[3+j];
subTest("Creating Cert with Authority Info Access");
cert = createCert(dirName, certPathName, plContext);
certPathName = argv[4+j];
subTest("Creating Cert with Subject Info Access");
certDiff = createCert(dirName, certPathName, plContext);
subTest("Getting Authority Info Access");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess
(cert, &aiaList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(aiaList, &size, plContext));
if (size != 1) {
pkixTestErrorMsg = "unexpected number of AIA";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(aiaList, 0, (PKIX_PL_Object **) &aia, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(aiaList, 0, (PKIX_PL_Object **) &aiaDup, plContext));
subTest("Getting Subject Info Access as difference comparison");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectInfoAccess
(certDiff, &siaList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(siaList, &size, plContext));
if (size != 1) {
pkixTestErrorMsg = "unexpected number of AIA";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(siaList, 0, (PKIX_PL_Object **) &aiaDiff, plContext));
subTest("Checking: Equal, Hash and ToString");
PKIX_TEST_EQ_HASH_TOSTR_DUP
(aia, aiaDup, aiaDiff, expectedAscii, InfoAccess, PKIX_FALSE);
cleanup:
PKIX_TEST_DECREF_AC(aia);
PKIX_TEST_DECREF_AC(aiaDup);
PKIX_TEST_DECREF_AC(aiaDiff);
PKIX_TEST_DECREF_AC(aiaList);
PKIX_TEST_DECREF_AC(siaList);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(certDiff);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Authorityinfoaccess");
return (0);
}

2368
security/nss/cmd/libpkix/pkix_pl/pki/test_cert.c Normal file
Просмотреть файл

Разница между файлами не показана из-за своего большого размера Загрузить разницу

348
security/nss/cmd/libpkix/pkix_pl/pki/test_crl.c Normal file
Просмотреть файл

@ -0,0 +1,348 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_crl.c
*
* Test CRL Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void createCRLs(
char *dataDir,
char *goodInput,
char *diffInput,
PKIX_PL_CRL **goodObject,
PKIX_PL_CRL **equalObject,
PKIX_PL_CRL **diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CRL_Create <goodObject>");
*goodObject = createCRL(dataDir, goodInput, plContext);
subTest("PKIX_PL_CRL_Create <equalObject>");
*equalObject = createCRL(dataDir, goodInput, plContext);
subTest("PKIX_PL_CRL_Create <diffObject>");
*diffObject = createCRL(dataDir, diffInput, plContext);
PKIX_TEST_RETURN();
}
static void testGetCRLEntryForSerialNumber(
PKIX_PL_CRL *goodObject)
{
PKIX_PL_BigInt *bigInt;
PKIX_PL_String *bigIntString = NULL;
PKIX_PL_CRLEntry *crlEntry = NULL;
PKIX_PL_String *crlEntryString = NULL;
char *snAscii = "3039";
char *expectedAscii =
"\n\t[\n"
"\tSerialNumber: 3039\n"
"\tReasonCode: 257\n"
"\tRevocationDate: Fri Jan 07, 2005\n"
/* "\tRevocationDate: Fri Jan 07 15:09:10 2005\n" */
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n\t";
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CRL_GetCRLEntryForSerialNumber");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
snAscii,
PL_strlen(snAscii),
&bigIntString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create(
bigIntString,
&bigInt,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber(
goodObject, bigInt, &crlEntry, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString(
(PKIX_PL_Object *)crlEntry,
&crlEntryString,
plContext));
testToStringHelper((PKIX_PL_Object *)crlEntryString,
expectedAscii, plContext);
cleanup:
PKIX_TEST_DECREF_AC(bigIntString);
PKIX_TEST_DECREF_AC(bigInt);
PKIX_TEST_DECREF_AC(crlEntryString);
PKIX_TEST_DECREF_AC(crlEntry);
PKIX_TEST_RETURN();
}
static void testGetIssuer(
PKIX_PL_CRL *goodObject,
PKIX_PL_CRL *equalObject,
PKIX_PL_CRL *diffObject)
{
PKIX_PL_X500Name *goodIssuer = NULL;
PKIX_PL_X500Name *equalIssuer = NULL;
PKIX_PL_X500Name *diffIssuer = NULL;
char *expectedAscii = "CN=hanfeiyu,O=sun,C=us";
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CRL_GetIssuer");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_CRL_GetIssuer(goodObject, &goodIssuer, plContext));
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_CRL_GetIssuer(equalObject, &equalIssuer, plContext));
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_CRL_GetIssuer(diffObject, &diffIssuer, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodIssuer,
equalIssuer,
diffIssuer,
expectedAscii,
X500Name,
PKIX_TRUE);
cleanup:
PKIX_TEST_DECREF_AC(goodIssuer);
PKIX_TEST_DECREF_AC(equalIssuer);
PKIX_TEST_DECREF_AC(diffIssuer);
PKIX_TEST_RETURN();
}
static void
testCritExtensionsAbsent(PKIX_PL_CRL *crl)
{
PKIX_List *oidList = NULL;
PKIX_UInt32 numOids = 0;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCriticalExtensionOIDs
(crl, &oidList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(oidList, &numOids, plContext));
if (numOids != 0){
pkixTestErrorMsg = "unexpected mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(oidList);
PKIX_TEST_RETURN();
}
static void
testGetCriticalExtensionOIDs(PKIX_PL_CRL *goodObject)
{
subTest("PKIX_PL_CRL_GetCriticalExtensionOIDs "
"<0 element>");
testCritExtensionsAbsent(goodObject);
}
static void testVerifySignature(char *dataCentralDir, PKIX_PL_CRL *crl){
PKIX_PL_Cert *firstCert = NULL;
PKIX_PL_Cert *secondCert = NULL;
PKIX_PL_PublicKey *firstPubKey = NULL;
PKIX_PL_PublicKey *secondPubKey = NULL;
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_Cert_Create <hanfeiyu2hanfeiyu>");
firstCert = createCert(dataCentralDir, "hanfeiyu2hanfeiyu", plContext);
subTest("PKIX_PL_Cert_Create <hy2hy-bc0>");
secondCert = createCert(dataCentralDir, "hy2hy-bc0", plContext);
subTest("PKIX_PL_Cert_GetSubjectPublicKey <hanfeiyu2hanfeiyu>");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Cert_GetSubjectPublicKey
(firstCert, &firstPubKey, plContext));
subTest("PKIX_PL_Cert_GetSubjectPublicKey <hanfei2hanfei>");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Cert_GetSubjectPublicKey
(secondCert, &secondPubKey, plContext));
subTest("PKIX_PL_CRL_VerifySignature <positive>");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_CRL_VerifySignature(crl, firstPubKey, plContext));
subTest("PKIX_PL_CRL_VerifySignature <negative>");
PKIX_TEST_EXPECT_ERROR
(PKIX_PL_CRL_VerifySignature(crl, secondPubKey, plContext));
cleanup:
PKIX_TEST_DECREF_AC(firstCert);
PKIX_TEST_DECREF_AC(secondCert);
PKIX_TEST_DECREF_AC(firstPubKey);
PKIX_TEST_DECREF_AC(secondPubKey);
PKIX_TEST_RETURN();
}
void printUsage(void) {
(void) printf("\nUSAGE:\ttest_crl <test-purpose> <data-central-dir>\n\n");
}
/* Functional tests for CRL public functions */
int main(int argc, char *argv[]) {
PKIX_PL_CRL *goodObject = NULL;
PKIX_PL_CRL *equalObject = NULL;
PKIX_PL_CRL *diffObject = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *dataCentralDir = NULL;
char *goodInput = "crlgood.crl";
char *diffInput = "crldiff.crl";
char *expectedAscii =
"[\n"
"\tVersion: v2\n"
"\tIssuer: CN=hanfeiyu,O=sun,C=us\n"
"\tUpdate: [Last: Fri Jan 07, 2005\n"
/* "\tUpdate: [Last: Fri Jan 07 15:09:10 2005\n" */
"\t Next: Sat Jan 07, 2006]\n"
/* "\t Next: Sat Jan 07 15:09:10 2006]\n" */
"\tSignatureAlgId: 1.2.840.10040.4.3\n"
"\tCRL Number : (null)\n"
"\n\tEntry List: (\n"
"\t[\n"
"\tSerialNumber: 010932\n"
"\tReasonCode: 260\n"
"\tRevocationDate: Fri Jan 07, 2005\n"
/* "\tRevocationDate: Fri Jan 07 15:09:10 2005\n" */
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n\t"
", "
"\n\t[\n"
"\tSerialNumber: 3039\n"
"\tReasonCode: 257\n"
"\tRevocationDate: Fri Jan 07, 2005\n"
/* "\tRevocationDate: Fri Jan 07 15:09:10 2005\n" */
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n\t"
")"
"\n\n"
"\tCritExtOIDs: (EMPTY)\n"
"]\n";
/* Note XXX serialnumber and reasoncode need debug */
PKIX_TEST_STD_VARS();
startTests("CRL");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 3+j) {
printUsage();
return (0);
}
dataCentralDir = argv[2+j];
createCRLs
(dataCentralDir,
goodInput,
diffInput,
&goodObject,
&equalObject,
&diffObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
CRL,
PKIX_TRUE);
testGetIssuer(goodObject, equalObject, diffObject);
testGetCriticalExtensionOIDs(goodObject);
testGetCRLEntryForSerialNumber(goodObject);
testVerifySignature(dataCentralDir, goodObject);
cleanup:
PKIX_TEST_DECREF_AC(goodObject);
PKIX_TEST_DECREF_AC(equalObject);
PKIX_TEST_DECREF_AC(diffObject);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CRL");
return (0);
}

251
security/nss/cmd/libpkix/pkix_pl/pki/test_crlentry.c Normal file
Просмотреть файл

@ -0,0 +1,251 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_crlentry.c
*
* Test CRLENTRY Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void createCRLEntries(
char *dataDir,
char *crlInput,
PKIX_PL_CRL **pCrl,
PKIX_PL_CRLEntry **goodObject,
PKIX_PL_CRLEntry **equalObject,
PKIX_PL_CRLEntry **diffObject)
{
PKIX_PL_CRL *crl = NULL;
PKIX_PL_BigInt *firstSNBigInt = NULL;
PKIX_PL_BigInt *secondSNBigInt = NULL;
PKIX_PL_String *firstSNString = NULL;
PKIX_PL_String *secondSNString = NULL;
char *firstSNAscii = "010932";
char *secondSNAscii = "3039";
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CRL_Create <crl>");
crl = createCRL(dataDir, crlInput, plContext);
subTest("PKIX_PL_CRL_GetCRLEntryForSerialNumber");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
firstSNAscii,
PL_strlen(firstSNAscii),
&firstSNString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create(
firstSNString,
&firstSNBigInt,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber(
crl, firstSNBigInt, goodObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber(
crl, firstSNBigInt, equalObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
secondSNAscii,
PL_strlen(secondSNAscii),
&secondSNString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create(
secondSNString,
&secondSNBigInt,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRL_GetCRLEntryForSerialNumber(
crl, secondSNBigInt, diffObject, plContext));
*pCrl = crl;
cleanup:
PKIX_TEST_DECREF_AC(firstSNBigInt);
PKIX_TEST_DECREF_AC(secondSNBigInt);
PKIX_TEST_DECREF_AC(firstSNString);
PKIX_TEST_DECREF_AC(secondSNString);
PKIX_TEST_RETURN();
}
static void testGetReasonCode(
PKIX_PL_CRLEntry *goodObject)
{
PKIX_Int32 reasonCode = 0;
PKIX_Int32 expectedReasonCode = 260;
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CRLEntry_GetCRLEntryReasonCode");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRLEntry_GetCRLEntryReasonCode(
goodObject, &reasonCode, plContext));
if (reasonCode != expectedReasonCode) {
testError("unexpected value of CRL Entry Reason Code");
(void) printf("Actual value:\t%d\n", reasonCode);
(void) printf("Expected value:\t%d\n", expectedReasonCode);
goto cleanup;
}
cleanup:
PKIX_TEST_RETURN();
}
static void
testCritExtensionsAbsent(PKIX_PL_CRLEntry *crlEntry)
{
PKIX_List *oidList = NULL;
PKIX_UInt32 numOids = 0;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CRLEntry_GetCriticalExtensionOIDs
(crlEntry, &oidList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(oidList, &numOids, plContext));
if (numOids != 0){
pkixTestErrorMsg = "unexpected mismatch";
}
cleanup:
PKIX_TEST_DECREF_AC(oidList);
PKIX_TEST_RETURN();
}
static void
testGetCriticalExtensionOIDs(PKIX_PL_CRLEntry *goodObject)
{
subTest("PKIX_PL_CRL_GetCriticalExtensionOIDs "
"<CritExtensionsAbsent>");
testCritExtensionsAbsent(goodObject);
}
void printUsage(void) {
(void) printf("\nUSAGE:\ttest_crlentry <data-dir>\n\n");
}
/* Functional tests for CRLENTRY public functions */
int main(int argc, char *argv[]) {
PKIX_PL_CRL *crl = NULL;
PKIX_PL_CRLEntry *goodObject = NULL;
PKIX_PL_CRLEntry *equalObject = NULL;
PKIX_PL_CRLEntry *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *dataDir = NULL;
char *goodInput = "crlgood.crl";
char *expectedAscii =
"\n\t[\n"
"\tSerialNumber: 010932\n"
"\tReasonCode: 260\n"
"\tRevocationDate: Fri Jan 07 15:09:10 2005\n"
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n\t";
/* Note XXX serialnumber and reasoncode need debug */
PKIX_TEST_STD_VARS();
startTests("CRLEntry");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 1+j) {
printUsage();
return (0);
}
dataDir = argv[1+j];
createCRLEntries
(dataDir, goodInput, &crl, &goodObject, &equalObject, &diffObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
NULL, /* expectedAscii, */
CRLENTRY,
PKIX_TRUE);
testGetReasonCode(goodObject);
testGetCriticalExtensionOIDs(goodObject);
cleanup:
PKIX_TEST_DECREF_AC(crl);
PKIX_TEST_DECREF_AC(goodObject);
PKIX_TEST_DECREF_AC(equalObject);
PKIX_TEST_DECREF_AC(diffObject);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CRLEntry");
return (0);
}

149
security/nss/cmd/libpkix/pkix_pl/pki/test_date.c Normal file
Просмотреть файл

@ -0,0 +1,149 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_date.c
*
* Test Date Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
createDates(char *goodInput, char *diffInput,
PKIX_PL_Date **goodDate,
PKIX_PL_Date **equalDate,
PKIX_PL_Date **diffDate){
subTest("PKIX_PL_Date_Create <goodDate>");
*goodDate = createDate(goodInput, plContext);
subTest("PKIX_PL_Date_Create <equalDate>");
*equalDate = createDate(goodInput, plContext);
subTest("PKIX_PL_Date_Create <diffDate>");
*diffDate = createDate(diffInput, plContext);
}
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_Date_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void testDate(char *goodInput, char *diffInput){
PKIX_PL_Date *goodDate = NULL;
PKIX_PL_Date *equalDate = NULL;
PKIX_PL_Date *diffDate = NULL;
/*
* The ASCII rep of the date will vary by platform and locale
* This particular string was generated on a SPARC running Solaris 9
* in an English locale
*/
/* char *expectedAscii = "Mon Mar 29 08:48:47 2004"; */
char *expectedAscii = "Mon Mar 29, 2004";
PKIX_TEST_STD_VARS();
createDates(goodInput, diffInput,
&goodDate, &equalDate, &diffDate);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodDate, equalDate, diffDate, expectedAscii, Date, PKIX_TRUE);
testDestroy(goodDate, equalDate, diffDate);
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
char *goodInput = NULL;
char *diffInput = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Date");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
goodInput = "040329134847Z";
diffInput = "050329135847Z";
testDate(goodInput, diffInput);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Date");
return (0);
}

164
security/nss/cmd/libpkix/pkix_pl/pki/test_generalname.c Normal file
Просмотреть файл

@ -0,0 +1,164 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_generalname.c
*
* Test GeneralName Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static void
createGeneralNames(PKIX_UInt32 nameType, char *goodInput, char *diffInput,
PKIX_PL_GeneralName **goodName,
PKIX_PL_GeneralName **equalName,
PKIX_PL_GeneralName **diffName){
subTest("PKIX_PL_GeneralName_Create <goodName>");
*goodName = createGeneralName(nameType, goodInput, plContext);
subTest("PKIX_PL_GeneralName_Create <equalName>");
*equalName = createGeneralName(nameType, goodInput, plContext);
subTest("PKIX_PL_GeneralName_Create <diffName>");
*diffName = createGeneralName(nameType, diffInput, plContext);
}
static void
testDestroy(void *goodObject, void *equalObject, void *diffObject)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_GeneralName_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
cleanup:
PKIX_TEST_RETURN();
}
void testNameType
(PKIX_UInt32 nameType, char *goodInput, char *diffInput, char *expectedAscii){
PKIX_PL_GeneralName *goodName = NULL;
PKIX_PL_GeneralName *equalName = NULL;
PKIX_PL_GeneralName *diffName = NULL;
createGeneralNames(nameType, goodInput, diffInput,
&goodName, &equalName, &diffName);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodName,
equalName,
diffName,
expectedAscii,
GeneralName,
PKIX_TRUE);
testDestroy(goodName, equalName, diffName);
}
int main(int argc, char *argv[]) {
char *goodInput = NULL;
char *diffInput = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("GeneralName");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
goodInput = "john@sun.com";
diffInput = "john@labs.com";
testNameType(PKIX_RFC822_NAME, goodInput, diffInput, goodInput);
goodInput = "example1.com";
diffInput = "ex2.net";
testNameType(PKIX_DNS_NAME, goodInput, diffInput, goodInput);
goodInput = "cn=yassir, ou=labs, o=sun, c=us";
diffInput = "cn=alice, ou=labs, o=sun, c=us";
testNameType(PKIX_DIRECTORY_NAME,
goodInput,
diffInput,
"CN=yassir,OU=labs,O=sun,C=us");
goodInput = "http://example1.com";
diffInput = "http://ex2.net";
testNameType(PKIX_URI_NAME, goodInput, diffInput, goodInput);
goodInput = "1.2.840.11";
diffInput = "1.2.840.115349";
testNameType(PKIX_OID_NAME, goodInput, diffInput, goodInput);
/*
* We don't support creating PKIX_EDIPARTY_NAME,
* PKIX_IP_NAME, OTHER_NAME, X400_ADDRESS from strings
*/
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("GeneralName");
return (0);
}

165
security/nss/cmd/libpkix/pkix_pl/pki/test_nameconstraints.c Normal file
Просмотреть файл

@ -0,0 +1,165 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_nameconstraints.c
*
* Test CERT Name Constraints Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static char *catDirName(char *platform, char *dir, void *plContext)
{
char *pathName = NULL;
PKIX_UInt32 dirLen;
PKIX_UInt32 platformLen;
PKIX_TEST_STD_VARS();
dirLen = PL_strlen(dir);
platformLen = PL_strlen(platform);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc
(platformLen + dirLen + 2, (void **)&pathName, plContext));
PL_strcpy(pathName, platform);
PL_strcat(pathName, "/");
PL_strcat(pathName, dir);
cleanup:
PKIX_TEST_RETURN();
return (pathName);
}
static void
testNameConstraints(char *dataDir)
{
char *goodPname = "nameConstraintsDN5CACert.crt";
PKIX_PL_Cert *goodCert = NULL;
PKIX_PL_CertNameConstraints *goodNC = NULL;
char *expectedAscii =
"[\n"
"\t\tPermitted Name: (OU=permittedSubtree1,"
"O=Test Certificates,C=US)\n"
"\t\tExcluded Name: (OU=excludedSubtree1,"
"OU=permittedSubtree1,O=Test Certificates,C=US)\n"
"\t]\n";
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_CertNameConstraints");
goodCert = createCert(dataDir, goodPname, plContext);
subTest("PKIX_PL_Cert_GetNameConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetNameConstraints
(goodCert, &goodNC, plContext));
testToStringHelper
((PKIX_PL_Object *)goodNC, expectedAscii, plContext);
cleanup:
PKIX_TEST_DECREF_AC(goodNC);
PKIX_TEST_DECREF_AC(goodCert);
PKIX_TEST_RETURN();
}
void printUsage(void) {
(void) printf
("\nUSAGE:\ttest_nameconstraints <test-purpose>"
" <data-dir> <platform-prefix>\n\n");
}
/* Functional tests for CRL public functions */
int main(int argc, char *argv[]) {
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *platformDir = NULL;
char *dataDir = NULL;
char *combinedDir = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
/* Note XXX serialnumber and reasoncode need debug */
PKIX_TEST_STD_VARS();
startTests("NameConstraints");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 3 + j) {
printUsage();
return (0);
}
dataDir = argv[2 + j];
platformDir = argv[3 + j];
combinedDir = catDirName(platformDir, dataDir, plContext);
testNameConstraints(combinedDir);
cleanup:
pkixTestErrorResult = PKIX_PL_Free(combinedDir, plContext);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("NameConstraints");
return (0);
}

175
security/nss/cmd/libpkix/pkix_pl/pki/test_subjectinfoaccess.c Normal file
Просмотреть файл

@ -0,0 +1,175 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_subjectinfoaccess.c
*
* Test Subject InfoAccess Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
int main(int argc, char *argv[]) {
PKIX_PL_Cert *cert = NULL;
PKIX_PL_Cert *certDiff = NULL;
PKIX_List *aiaList = NULL;
PKIX_List *siaList = NULL;
PKIX_PL_InfoAccess *sia = NULL;
PKIX_PL_InfoAccess *siaDup = NULL;
PKIX_PL_InfoAccess *siaDiff = NULL;
PKIX_PL_GeneralName *location = NULL;
char *certPathName = NULL;
char *dirName = NULL;
PKIX_UInt32 method = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 size, i;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *expectedAscii = "[method:caRepository, "
"location:http://betty.nist.gov/pathdiscoverytestsuite/"
"p7cfiles/IssuedByTrustAnchor1.p7c]";
PKIX_TEST_STD_VARS();
startTests("SubjectInfoAccess");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
if (argc < 5+j) {
printf("Usage: %s <test-purpose> <cert> <diff-cert>\n", argv[0]);
}
dirName = argv[2+j];
certPathName = argv[3+j];
subTest("Creating Cert with Subject Info Access");
cert = createCert(dirName, certPathName, plContext);
certPathName = argv[4+j];
subTest("Creating Cert with Subject Info Access");
certDiff = createCert(dirName, certPathName, plContext);
subTest("Getting Subject Info Access");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectInfoAccess
(cert, &siaList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(siaList, &size, plContext));
if (size != 1) {
pkixTestErrorMsg = "unexpected number of AIA";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(siaList, 0, (PKIX_PL_Object **) &sia, plContext));
subTest("PKIX_PL_InfoAccess_GetMethod");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetMethod
(sia, &method, plContext));
if (method != PKIX_INFOACCESS_CA_REPOSITORY) {
pkixTestErrorMsg = "unexpected method of AIA";
goto cleanup;
}
subTest("PKIX_PL_InfoAccess_GetLocation");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_InfoAccess_GetLocation
(sia, &location, plContext));
if (!location) {
pkixTestErrorMsg = "Cannot get AIA location";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(siaList, 0, (PKIX_PL_Object **) &siaDup, plContext));
subTest("Getting Authority Info Access as difference comparison");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetAuthorityInfoAccess
(certDiff, &aiaList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength
(aiaList, &size, plContext));
if (size != 1) {
pkixTestErrorMsg = "unexpected number of AIA";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(aiaList, 0, (PKIX_PL_Object **) &siaDiff, plContext));
subTest("Checking: Equal, Hash and ToString");
PKIX_TEST_EQ_HASH_TOSTR_DUP
(sia, siaDup, siaDiff, expectedAscii, InfoAccess, PKIX_FALSE);
cleanup:
PKIX_TEST_DECREF_AC(location);
PKIX_TEST_DECREF_AC(sia);
PKIX_TEST_DECREF_AC(siaDup);
PKIX_TEST_DECREF_AC(siaDiff);
PKIX_TEST_DECREF_AC(aiaList);
PKIX_TEST_DECREF_AC(siaList);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(certDiff);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Subjectinfoaccess");
return (0);
}

219
security/nss/cmd/libpkix/pkix_pl/pki/test_x500name.c Normal file
Просмотреть файл

@ -0,0 +1,219 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_x500name.c
*
* Test X500Name Type
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static PKIX_PL_X500Name *
createX500Name(char *asciiName, PKIX_Boolean expectedToPass){
PKIX_PL_X500Name *x500Name = NULL;
PKIX_PL_String *plString = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_Create
(PKIX_ESCASCII, asciiName, 0, &plString, plContext));
if (expectedToPass){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_X500Name_Create
(plString, &x500Name, plContext));
} else {
PKIX_TEST_EXPECT_ERROR
(PKIX_PL_X500Name_Create
(plString, &x500Name, plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(plString);
PKIX_TEST_RETURN();
return (x500Name);
}
static void
createX500Names(char *goodInput, char *diffInput, char *diffInputMatch,
PKIX_PL_X500Name **goodObject,
PKIX_PL_X500Name **equalObject,
PKIX_PL_X500Name **diffObject,
PKIX_PL_X500Name **diffObjectMatch)
{
char *badAscii = "cn=yas#sir,ou=labs,o=sun,c=us";
PKIX_PL_X500Name *badObject = NULL;
subTest("PKIX_PL_X500Name_Create <goodObject>");
*goodObject = createX500Name(goodInput, PKIX_TRUE);
subTest("PKIX_PL_X500Name_Create <equalObject>");
*equalObject = createX500Name(goodInput, PKIX_TRUE);
subTest("PKIX_PL_X500Name_Create <diffObject>");
*diffObject = createX500Name(diffInput, PKIX_TRUE);
subTest("PKIX_PL_X500Name_Create <diffObjectMatch>");
*diffObjectMatch = createX500Name(diffInputMatch, PKIX_TRUE);
subTest("PKIX_PL_X500Name_Create <negative>");
badObject = createX500Name(badAscii, PKIX_FALSE);
}
static void testMatchHelper
(PKIX_PL_X500Name *goodName, PKIX_PL_X500Name *otherName, PKIX_Boolean match)
{
PKIX_Boolean cmpResult;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_X500Name_Match
(goodName,
otherName,
&cmpResult,
plContext));
if ((match && !cmpResult) || (!match && cmpResult)){
testError("unexpected mismatch");
(void) printf("Actual value:\t%d\n", cmpResult);
(void) printf("Expected value:\t%d\n", match);
}
cleanup:
PKIX_TEST_RETURN();
}
static void
testMatch(void *goodObject, void *diffObject, void *diffObjectMatch)
{
subTest("PKIX_PL_X500Name_Match <match>");
testMatchHelper((PKIX_PL_X500Name *)diffObject,
(PKIX_PL_X500Name *)diffObjectMatch,
PKIX_TRUE);
subTest("PKIX_PL_X500Name_Match <non-match>");
testMatchHelper((PKIX_PL_X500Name *)goodObject,
(PKIX_PL_X500Name *)diffObject,
PKIX_FALSE);
}
static void testDestroy
(void *goodObject, void *equalObject, void *diffObject, void *diffObjectMatch)
{
PKIX_TEST_STD_VARS();
subTest("PKIX_PL_X500Name_Destroy");
PKIX_TEST_DECREF_BC(goodObject);
PKIX_TEST_DECREF_BC(equalObject);
PKIX_TEST_DECREF_BC(diffObject);
PKIX_TEST_DECREF_BC(diffObjectMatch);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_X500Name *goodObject = NULL;
PKIX_PL_X500Name *equalObject = NULL;
PKIX_PL_X500Name *diffObject = NULL;
PKIX_PL_X500Name *diffObjectMatch = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
/* goodInput is encoded in PKIX_ESCASCII */
char *goodInput = "cn=Strau&#x00Df;,ou=labs,o=sun,c=us";
char *diffInput = "cn=steve,ou=labs,o=sun,c=us";
char *diffInputMatch = "Cn=SteVe,Ou=lABs,o=SUn,c=uS";
char *expectedAscii = "CN=Strau&#x00DF;,OU=labs,O=sun,C=us";
PKIX_TEST_STD_VARS();
startTests("X500Name");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
createX500Names
(goodInput, diffInput, diffInputMatch,
&goodObject, &equalObject, &diffObject, &diffObjectMatch);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
X500Name,
PKIX_TRUE);
testMatch(goodObject, diffObject, diffObjectMatch);
testDestroy(goodObject, equalObject, diffObject, diffObjectMatch);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("X500Name");
return (0);
}

80
security/nss/cmd/libpkix/pkix_pl/system/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

67
security/nss/cmd/libpkix/pkix_pl/system/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,67 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ../..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
# test_rwlock.c is taken out, need to link to libpkix internals
#
# The test is using LIBPKIX PL call directly, which violates our
# code convention.
#
CSRCS = test_bigint.c \
test_bytearray.c \
test_hashtable.c \
test_mem.c \
test_mutex.c \
test_mutex2.c \
test_mutex3.c \
test_monitorlock.c \
test_object.c \
test_oid.c \
stress_test.c \
test_string.c \
test_string2.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

197
security/nss/cmd/libpkix/pkix_pl/system/stress_test.c Normal file
Просмотреть файл

@ -0,0 +1,197 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* stress_test.c
*
* Creates and deletes many objects
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
int main(int argc, char *argv[]) {
PKIX_UInt32 i, k, length, hashcode;
PKIX_UInt32 size = 17576;
char temp[4];
PKIX_Boolean result;
PKIX_PL_String *strings[17576], *tempString;
PKIX_PL_String *utf16strings[17576];
PKIX_PL_ByteArray *byteArrays[17576];
void *dest;
PKIX_PL_HashTable *ht = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Stress Test");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* ---------------------------- */
subTest("Create every three letter String");
for (i = 0; i < 26; i++)
for (j = 0; j < 26; j++)
for (k = 0; k < 26; k++) {
temp[0] = (char)('a'+i);
temp[1] = (char)('a'+j);
temp[2] = (char)('a'+k);
temp[3] = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, temp, 3,
&strings[26*(i*26+j)+k], plContext));
}
/* ---------------------------- */
subTest("Create a bytearray from each string's UTF-16 encoding");
for (i = 0; i < size; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_GetEncoded
(strings[i],
PKIX_UTF16,
&dest,
&length,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create
(dest, length, &byteArrays[i], plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
}
/* ---------------------------- */
subTest("Create a copy string from each bytearray");
for (i = 0; i < size; i++) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_UTF16, *(void **)byteArrays[i], 6,
&utf16strings[i], plContext));
}
/* ---------------------------- */
subTest("Compare each original string with the copy");
for (i = 0; i < size; i++) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object*)strings[i],
(PKIX_PL_Object*)utf16strings[i],
&result,
plContext));
if (result == 0)
testError("Strings do not match");
}
/* ---------------------------- */
subTest("Put each string into a Hashtable");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_HashTable_Create(size/2, 0, &ht, plContext));
for (i = 0; i < size; i++) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Hashcode
((PKIX_PL_Object*)strings[i],
&hashcode,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht,
(void *)&hashcode,
(void*)strings[i],
plContext));
}
/* ---------------------------- */
subTest("Compare each copy string with the hashtable entries ");
for (i = 0; i < size; i++) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Hashcode
((PKIX_PL_Object*)utf16strings[i],
&hashcode,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht,
(void *)&hashcode,
(PKIX_PL_Object**)&tempString,
plContext));
if (tempString == NULL)
testError("String not found in hashtable");
else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object*)tempString,
(PKIX_PL_Object*)utf16strings[i],
&result,
plContext));
if (result == 0)
testError("Strings do not match");
PKIX_TEST_DECREF_BC(tempString);
}
}
cleanup:
/* ---------------------------- */
subTest("Destroy All Objects");
PKIX_TEST_DECREF_AC(ht);
for (i = 0; i < size; i++) {
PKIX_TEST_DECREF_AC(strings[i]);
PKIX_TEST_DECREF_AC(utf16strings[i]);
PKIX_TEST_DECREF_AC(byteArrays[i]);
}
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Stress Test");
return (0);
}

236
security/nss/cmd/libpkix/pkix_pl/system/test_bigint.c Normal file
Просмотреть файл

@ -0,0 +1,236 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_bigint.c
*
* Tests BigInt Types
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void
createBigInt(
PKIX_PL_BigInt **bigInts,
char *bigIntAscii,
PKIX_Boolean errorHandling)
{
PKIX_PL_String *bigIntString = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
bigIntAscii,
PL_strlen(bigIntAscii),
&bigIntString,
plContext));
if (errorHandling){
PKIX_TEST_EXPECT_ERROR(PKIX_PL_BigInt_Create
(bigIntString,
bigInts,
plContext));
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BigInt_Create
(bigIntString,
bigInts,
plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(bigIntString);
PKIX_TEST_RETURN();
}
void
testToString(
PKIX_PL_BigInt *bigInt,
char *expAscii)
{
PKIX_PL_String *bigIntString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)bigInt,
&bigIntString, plContext));
temp = PKIX_String2ASCII(bigIntString, plContext);
if (temp == plContext){
testError("PKIX_String2Ascii failed");
goto cleanup;
}
if (PL_strcmp(temp, expAscii) != 0) {
(void) printf("\tBigInt ToString: %s %s\n", temp, expAscii);
testError("Output string does not match source");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
cleanup:
PKIX_TEST_DECREF_AC(bigIntString);
PKIX_TEST_RETURN();
}
void
testCompare(
PKIX_PL_BigInt *firstBigInt,
PKIX_PL_BigInt *secondBigInt,
PKIX_Int32 *cmpResult)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare
((PKIX_PL_Object*)firstBigInt,
(PKIX_PL_Object*)secondBigInt,
cmpResult, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(
PKIX_PL_BigInt *bigInt)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(bigInt);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_UInt32 size = 4, badSize = 3, i = 0;
PKIX_PL_BigInt *testBigInt[4] = {NULL};
PKIX_Int32 cmpResult;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char *bigIntValue[4] =
{
"03",
"ff",
"1010101010101010101010101010101010101010",
"1010101010101010101010101010101010101010",
};
char *badValue[3] = {"00ff", "fff", "-ff"};
PKIX_TEST_STD_VARS();
startTests("BigInts");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
for (i = 0; i < badSize; i++) {
subTest("PKIX_PL_BigInt_Create <error_handling>");
createBigInt(&testBigInt[i], badValue[i], PKIX_TRUE);
}
for (i = 0; i < size; i++) {
subTest("PKIX_PL_BigInt_Create");
createBigInt(&testBigInt[i], bigIntValue[i], PKIX_FALSE);
}
PKIX_TEST_EQ_HASH_TOSTR_DUP
(testBigInt[2],
testBigInt[3],
testBigInt[1],
bigIntValue[2],
BigInt,
PKIX_TRUE);
for (i = 0; i < size; i++) {
subTest("PKIX_PL_BigInt_ToString");
testToString(testBigInt[i], bigIntValue[i]);
}
subTest("PKIX_PL_BigInt_Compare <gt>");
testCompare(testBigInt[2], testBigInt[1], &cmpResult);
if (cmpResult <= 0){
testError("Invalid Result from String Compare");
}
subTest("PKIX_PL_BigInt_Compare <lt>");
testCompare(testBigInt[1], testBigInt[2], &cmpResult);
if (cmpResult >= 0){
testError("Invalid Result from String Compare");
}
subTest("PKIX_PL_BigInt_Compare <eq>");
testCompare(testBigInt[2], testBigInt[3], &cmpResult);
if (cmpResult != 0){
testError("Invalid Result from String Compare");
}
for (i = 0; i < size; i++) {
subTest("PKIX_PL_BigInt_Destroy");
testDestroy(testBigInt[i]);
}
cleanup:
PKIX_Shutdown(plContext);
endTests("BigInt");
return (0);
}

283
security/nss/cmd/libpkix/pkix_pl/system/test_bytearray.c Normal file
Просмотреть файл

@ -0,0 +1,283 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_bytearray.c
*
* Tests ByteArray types.
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void
createByteArray(
PKIX_PL_ByteArray **byteArray,
char *bytes,
PKIX_UInt32 length)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create
((void*)bytes,
length,
byteArray,
plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testZeroLength(void)
{
PKIX_PL_ByteArray *byteArray = NULL;
void *array = NULL;
PKIX_UInt32 length = 2;
PKIX_TEST_STD_VARS();
createByteArray(&byteArray, NULL, 0);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetLength
(byteArray, &length, plContext));
if (length != 0){
testError("Length should be zero");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetPointer
(byteArray, &array, plContext));
if (array){
testError("Array should be NULL");
}
testToStringHelper((PKIX_PL_Object *)byteArray, "[]", plContext);
cleanup:
PKIX_TEST_DECREF_AC(byteArray);
PKIX_TEST_RETURN();
}
void
testToString(
PKIX_PL_ByteArray *byteArray,
char *expAscii)
{
PKIX_PL_String *string = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)byteArray,
&string, plContext));
temp = PKIX_String2ASCII(string, plContext);
if (temp == NULL){
testError("PKIX_String2Ascii failed");
goto cleanup;
}
if (PL_strcmp(temp, expAscii) != 0) {
(void) printf("\tByteArray ToString: %s %s\n", temp, expAscii);
testError("Output string does not match source");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
cleanup:
PKIX_TEST_DECREF_AC(string);
PKIX_TEST_RETURN();
}
void
testGetLength(
PKIX_PL_ByteArray *byteArray,
PKIX_UInt32 expLength)
{
PKIX_UInt32 arrayLength;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetLength
(byteArray, &arrayLength, plContext));
if (arrayLength != expLength){
(void) printf("\tByteArray GetLength: %d %d\n",
arrayLength, expLength);
testError("Incorrect Array Length returned");
}
cleanup:
PKIX_TEST_RETURN();
}
void
testGetPointer(
PKIX_PL_ByteArray *byteArray,
char *expBytes,
PKIX_UInt32 arrayLength)
{
char *temp = NULL;
PKIX_UInt32 j;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_GetPointer
(byteArray, (void **)&temp, plContext));
for (j = 0; j < arrayLength; j++) {
if (temp[j] != expBytes[j]){
testError("Incorrect Byte Array Contents");
}
}
cleanup:
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
PKIX_TEST_RETURN();
}
void
testDestroy(
PKIX_PL_ByteArray *byteArray)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(byteArray);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_ByteArray *testByteArray[4];
PKIX_UInt32 i, size = 4;
PKIX_UInt32 lengths[4] = {5, 6, 1, 5};
char dArray0[5] = {1, 2, 3, 4, 5};
unsigned char dArray1[6] = {127, 128, 129, 254, 255, 0};
char dArray2[1] = {100};
char dArray3[5] = {1, 2, 3, 4, 5};
char *expected[4] = {
"[001, 002, 003, 004, 005]",
"[127, 128, 129, 254, 255, 000]",
"[100]",
"[001, 002, 003, 004, 005]"
};
char *dummyArray[4];
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
dummyArray[0] = dArray0;
dummyArray[1] = (char*)dArray1;
dummyArray[2] = dArray2;
dummyArray[3] = dArray3;
startTests("ByteArrays");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest ("PKIX_PL_ByteArray_Create <zero length>");
testZeroLength();
for (i = 0; i < size; i++) {
subTest("PKIX_PL_ByteArray_Create");
createByteArray(&testByteArray[i], dummyArray[i], lengths[i]);
}
PKIX_TEST_EQ_HASH_TOSTR_DUP
(testByteArray[0],
testByteArray[3],
testByteArray[1],
"[001, 002, 003, 004, 005]",
ByteArray,
PKIX_TRUE);
for (i = 0; i < size; i++) {
subTest("PKIX_PL_ByteArray_ToString");
testToString(testByteArray[i], expected[i]);
}
for (i = 0; i < size; i++) {
subTest("PKIX_PL_ByteArray_GetLength");
testGetLength(testByteArray[i], lengths[i]);
}
for (i = 0; i < size; i++) {
subTest("PKIX_PL_ByteArray_GetPointer");
testGetPointer(testByteArray[i], dummyArray[i], lengths[i]);
}
for (i = 0; i < size; i++) {
subTest("PKIX_PL_ByteArray_Destroy");
testDestroy(testByteArray[i]);
}
cleanup:
PKIX_Shutdown(plContext);
endTests("ByteArray");
return (0);
}

467
security/nss/cmd/libpkix/pkix_pl/system/test_hashtable.c Normal file
Просмотреть файл

@ -0,0 +1,467 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_hashtable.c
*
* Tests Hashtables
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void
createHashTables(
PKIX_PL_HashTable **ht,
PKIX_PL_HashTable **ht2,
PKIX_PL_HashTable **ht3,
PKIX_PL_HashTable **ht4)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Create
(1, 0, ht, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Create
(5, 0, ht2, plContext));
/* at most two entries per bucket */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Create
(1, 2, ht4, plContext));
*ht3 = *ht;
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_IncRef((PKIX_PL_Object*)*ht3, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testAdd(
PKIX_PL_HashTable *ht,
PKIX_PL_HashTable *ht2,
PKIX_PL_String **testString,
PKIX_PL_String **testString2,
PKIX_PL_String **testString3,
PKIX_PL_OID **testOID)
{
char* dummyString = "test string 1";
char* dummyString2 = "test string 2";
char* dummyString3 = "test string 3";
char* dummyOID = "2.11.22222.33333";
PKIX_TEST_STD_VARS();
/* Make some dummy objects */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_Create(
PKIX_ESCASCII,
dummyString,
PL_strlen(dummyString),
testString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_Create(
PKIX_ESCASCII,
dummyString2,
PL_strlen(dummyString2),
testString2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_Create(
PKIX_ESCASCII,
dummyString3,
PL_strlen(dummyString3),
testString3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_OID_Create(dummyOID, testOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht,
(PKIX_PL_Object *)*testString,
(PKIX_PL_Object *)*testString2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht2,
(PKIX_PL_Object *)*testString,
(PKIX_PL_Object *)*testString2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht,
(PKIX_PL_Object *)*testString2,
(PKIX_PL_Object *)*testString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht2,
(PKIX_PL_Object *)*testString2,
(PKIX_PL_Object *)*testString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht,
(PKIX_PL_Object *)*testOID,
(PKIX_PL_Object *)*testOID,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht2,
(PKIX_PL_Object *)*testOID,
(PKIX_PL_Object *)*testOID,
plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testAddFIFO(
PKIX_PL_HashTable *ht,
PKIX_PL_String **testString,
PKIX_PL_String **testString2,
PKIX_PL_String **testString3)
{
PKIX_PL_String *targetString = NULL;
PKIX_Boolean cmpResult;
PKIX_TEST_STD_VARS();
/*
* ht is created as one bucket, two entries per bucket. Since we add
* three items to the ht, we expect the first one to be deleted.
*/
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht,
(PKIX_PL_Object *)*testString,
(PKIX_PL_Object *)*testString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht,
(PKIX_PL_Object *)*testString2,
(PKIX_PL_Object *)*testString2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Add
(ht,
(PKIX_PL_Object *)*testString3,
(PKIX_PL_Object *)*testString3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht,
(PKIX_PL_Object *)*testString,
(PKIX_PL_Object**)&targetString,
plContext));
if (targetString != NULL) {
testError("HashTable_Lookup retrieved a supposed deleted item");
PKIX_TEST_DECREF_BC(targetString);
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht,
(PKIX_PL_Object *)*testString3,
(PKIX_PL_Object**)&targetString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals(
(PKIX_PL_Object *)targetString,
(PKIX_PL_Object *)*testString3,
&cmpResult,
plContext));
if (cmpResult != PKIX_TRUE){
testError("HashTable_Lookup failed");
}
PKIX_TEST_DECREF_BC(targetString);
cleanup:
PKIX_TEST_RETURN();
}
void
testLookup(
PKIX_PL_HashTable *ht,
PKIX_PL_HashTable *ht2,
PKIX_PL_String *testString,
PKIX_PL_String *testString2,
PKIX_PL_String *testString3,
PKIX_PL_OID *testOID)
{
PKIX_PL_String *targetString = NULL;
PKIX_PL_String *targetOID = NULL;
PKIX_Boolean cmpResult;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht,
(PKIX_PL_Object *)testString,
(PKIX_PL_Object**)&targetString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals(
(PKIX_PL_Object *)targetString,
(PKIX_PL_Object *)testString2,
&cmpResult,
plContext));
if (cmpResult != PKIX_TRUE){
testError("HashTable_Lookup failed");
}
PKIX_TEST_DECREF_BC(targetString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht2,
(PKIX_PL_Object *)testString,
(PKIX_PL_Object**)&targetString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals(
(PKIX_PL_Object *)targetString,
(PKIX_PL_Object *)testString2,
&cmpResult,
plContext));
if (cmpResult != PKIX_TRUE){
testError("HashTable_Lookup failed");
}
PKIX_TEST_DECREF_BC(targetString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht2,
(PKIX_PL_Object *)testString2,
(PKIX_PL_Object**)&targetString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals(
(PKIX_PL_Object *)targetString,
(PKIX_PL_Object *)testString,
&cmpResult,
plContext));
if (cmpResult != PKIX_TRUE){
testError("HashTable_Lookup failed");
}
PKIX_TEST_DECREF_BC(targetString);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht,
(PKIX_PL_Object *)testOID,
(PKIX_PL_Object**)&targetOID,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)targetOID, &targetString, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals(
(PKIX_PL_Object *)targetOID,
(PKIX_PL_Object *)testOID,
&cmpResult,
plContext));
if (cmpResult != PKIX_TRUE){
testError("HashTable_Lookup failed");
}
PKIX_TEST_DECREF_BC(targetString);
PKIX_TEST_DECREF_BC(targetOID);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht2,
(PKIX_PL_Object *)testOID,
(PKIX_PL_Object**)&targetOID,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)targetOID, &targetString, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals(
(PKIX_PL_Object *)targetOID,
(PKIX_PL_Object *)testOID,
&cmpResult,
plContext));
if (cmpResult != PKIX_TRUE){
testError("HashTable_Lookup failed");
}
PKIX_TEST_DECREF_BC(targetString);
PKIX_TEST_DECREF_BC(targetOID);
(void) printf("Looking up item not in HashTable.\n");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Lookup
(ht,
(PKIX_PL_Object *)testString3,
(PKIX_PL_Object**)&targetString,
plContext));
if (targetString == NULL)
(void) printf("\tCorrectly returned NULL.\n");
else
testError("Hashtable did not return NULL value as expected");
cleanup:
PKIX_TEST_RETURN();
}
void
testRemove(
PKIX_PL_HashTable *ht,
PKIX_PL_HashTable *ht2,
PKIX_PL_String *testString,
PKIX_PL_String *testString2,
PKIX_PL_OID *testOID)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Remove
(ht,
(PKIX_PL_Object *)testString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Remove
(ht,
(PKIX_PL_Object *)testOID,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_HashTable_Remove
(ht2,
(PKIX_PL_Object *)testString2,
plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_PL_HashTable_Remove
(ht,
(PKIX_PL_Object *)testString,
plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(
PKIX_PL_HashTable *ht,
PKIX_PL_HashTable *ht2,
PKIX_PL_HashTable *ht3,
PKIX_PL_HashTable *ht4)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(ht);
PKIX_TEST_DECREF_BC(ht2);
PKIX_TEST_DECREF_BC(ht3);
PKIX_TEST_DECREF_BC(ht4);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_HashTable *ht, *ht2, *ht3, *ht4;
PKIX_PL_String *testString, *testString2, *testString3;
PKIX_PL_OID *testOID;
PKIX_UInt32 actualMinorVersion;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("HashTables");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_PL_HashTable_Create");
createHashTables(&ht, &ht2, &ht3, &ht4);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(ht,
ht3,
ht2,
NULL,
HashTable,
PKIX_FALSE);
subTest("PKIX_PL_HashTable_Add");
testAdd(ht, ht2, &testString, &testString2, &testString3, &testOID);
subTest("PKIX_PL_HashTable_ADD - with Bucket Size limit");
testAddFIFO(ht4, &testString, &testString2, &testString3);
subTest("PKIX_PL_HashTable_Lookup");
testLookup(ht, ht2, testString, testString2, testString3, testOID);
subTest("PKIX_PL_HashTable_Remove");
testRemove(ht, ht2, testString, testString2, testOID);
PKIX_TEST_DECREF_BC(testString);
PKIX_TEST_DECREF_BC(testString2);
PKIX_TEST_DECREF_BC(testString3);
PKIX_TEST_DECREF_BC(testOID);
subTest("PKIX_PL_HashTable_Destroy");
testDestroy(ht, ht2, ht3, ht4);
cleanup:
PKIX_Shutdown(plContext);
endTests("BigInt");
return (0);
}

170
security/nss/cmd/libpkix/pkix_pl/system/test_mem.c Normal file
Просмотреть файл

@ -0,0 +1,170 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_mem.c
*
* Tests Malloc, Realloc and Free
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void testMalloc(PKIX_UInt32 **array)
{
PKIX_UInt32 i, arraySize = 10;
PKIX_TEST_STD_VARS();
/* Create an integer array of size 10 */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(
(PKIX_UInt32)(arraySize*sizeof (unsigned int)),
(void **) array, plContext));
/* Fill in some values */
(void) printf ("Setting array[i] = i...\n");
for (i = 0; i < arraySize; i++) {
(*array)[i] = i;
if ((*array)[i] != i)
testError("Array has incorrect contents");
}
/* Memory now reflects changes */
(void) printf("\tArray: a[0] = %d, a[5] = %d, a[7] = %d.\n",
(*array[0]), (*array)[5], (*array)[7]);
cleanup:
PKIX_TEST_RETURN();
}
void testRealloc(PKIX_UInt32 **array)
{
PKIX_UInt32 i, arraySize = 20;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Realloc(*array,
(PKIX_UInt32)(arraySize*sizeof (unsigned int)),
(void **) array, plContext));
/* Fill in the new elements */
(void) printf ("Setting new portion of array to a[i] = i...\n");
for (i = arraySize/2; i < arraySize; i++) {
(*array)[i] = i;
if ((*array)[i] != i)
testError("Array has incorrect contents");
}
/* New elements should be reflected. The old should be the same */
(void) printf("\tArray: a[0] = %d, a[15] = %d, a[17] = %d.\n",
(*array)[0], (*array)[15], (*array)[17]);
cleanup:
PKIX_TEST_RETURN();
}
void testFree(PKIX_UInt32 *array)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(array, plContext));
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
unsigned int *array = NULL;
int arraySize = 10;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("Memory Allocation");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_PL_Malloc");
testMalloc(&array);
subTest("PKIX_PL_Realloc");
testRealloc(&array);
subTest("PKIX_PL_Free");
testFree(array);
/* --Negative Test Cases------------------- */
/* Create an integer array of size 10 */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(
(PKIX_UInt32)(arraySize*sizeof (unsigned int)),
(void **) &array, plContext));
(void) printf("Attempting to reallocate 0 sized memory...\n");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Realloc(array, 0, (void **) &array, plContext));
(void) printf("Attempting to allocate to null pointer...\n");
PKIX_TEST_EXPECT_ERROR(PKIX_PL_Malloc(10, NULL, plContext));
(void) printf("Attempting to reallocate to null pointer...\n");
PKIX_TEST_EXPECT_ERROR(PKIX_PL_Realloc(NULL, 10, NULL, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(array, plContext));
cleanup:
PKIX_Shutdown(plContext);
endTests("Memory Allocation");
return (0);
}

150
security/nss/cmd/libpkix/pkix_pl/system/test_monitorlock.c Normal file
Просмотреть файл

@ -0,0 +1,150 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_monitorlock.c
*
* Tests basic MonitorLock object functionality. No multi-threading.
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void createMonitorLockes(
PKIX_PL_MonitorLock **monitorLock,
PKIX_PL_MonitorLock **monitorLock2,
PKIX_PL_MonitorLock **monitorLock3)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Create
(monitorLock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Create
(monitorLock2, plContext));
*monitorLock3 = *monitorLock;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object*)*monitorLock3, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void testLock(PKIX_PL_MonitorLock *monitorLock)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Enter
(monitorLock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Enter
(monitorLock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Exit
(monitorLock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_MonitorLock_Exit
(monitorLock, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void testDestroy(
PKIX_PL_MonitorLock *monitorLock,
PKIX_PL_MonitorLock *monitorLock2,
PKIX_PL_MonitorLock *monitorLock3)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(monitorLock);
PKIX_TEST_DECREF_BC(monitorLock2);
PKIX_TEST_DECREF_BC(monitorLock3);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_MonitorLock *monitorLock, *monitorLock2, *monitorLock3;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("MonitorLocks");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_PL_MonitorLock_Create");
createMonitorLockes(&monitorLock, &monitorLock2, &monitorLock3);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(monitorLock,
monitorLock3,
monitorLock2,
NULL,
MonitorLock,
PKIX_FALSE);
subTest("PKIX_PL_MonitorLock_Lock/Unlock");
testLock(monitorLock);
subTest("PKIX_PL_MonitorLock_Destroy");
testDestroy(monitorLock, monitorLock2, monitorLock3);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("MonitorLockes");
return (0);
}

142
security/nss/cmd/libpkix/pkix_pl/system/test_mutex.c Normal file
Просмотреть файл

@ -0,0 +1,142 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_mutex.c
*
* Tests basic mutex object functionality. No multi-threading.
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void createMutexes(
PKIX_PL_Mutex **mutex,
PKIX_PL_Mutex **mutex2,
PKIX_PL_Mutex **mutex3)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(mutex, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(mutex2, plContext));
*mutex3 = *mutex;
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_IncRef((PKIX_PL_Object*)*mutex3, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void testLock(PKIX_PL_Mutex *mutex)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Lock(mutex, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Unlock(mutex, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void testDestroy(
PKIX_PL_Mutex *mutex,
PKIX_PL_Mutex *mutex2,
PKIX_PL_Mutex *mutex3)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(mutex);
PKIX_TEST_DECREF_BC(mutex2);
PKIX_TEST_DECREF_BC(mutex3);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_Mutex *mutex, *mutex2, *mutex3;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("Mutexes");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_PL_Mutex_Create");
createMutexes(&mutex, &mutex2, &mutex3);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(mutex,
mutex3,
mutex2,
NULL,
Mutex,
PKIX_FALSE);
subTest("PKIX_PL_Mutex_Lock/Unlock");
testLock(mutex);
subTest("PKIX_PL_Mutex_Destroy");
testDestroy(mutex, mutex2, mutex3);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Mutexes");
return (0);
}

202
security/nss/cmd/libpkix/pkix_pl/system/test_mutex2.c Normal file
Просмотреть файл

@ -0,0 +1,202 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_mutex2.c
*
* Tests multi-threaded functionality of Mutex
*
*/
#include "testutil.h"
#include "testutil_nss.h"
static int box1 = 0, box2 = 0, box3 = 0;
static PKIX_PL_Mutex *mutex;
static PRCondVar *cv;
void *plContext = NULL;
static void consumer(/* ARGSUSED */ void* arg) {
PRStatus status = PR_SUCCESS;
PKIX_Error *errorResult;
int i = 0;
for (i = 0; i < 5; i++) {
(void) PKIX_PL_Mutex_Lock(mutex, plContext);
while (((box1 == 0) ||
(box2 == 0) ||
(box3 == 0)) &&
(status == PR_SUCCESS))
status = PR_WaitCondVar(cv, PR_INTERVAL_NO_TIMEOUT);
(void) printf("\tConsumer got Box1 = %d ", box1);
box1 = 0;
(void) printf("Box2 = %d ", box2);
box2 = 0;
(void) printf("Box3 = %d\n", box3);
box3 = 0;
status = PR_NotifyAllCondVar(cv);
if (status == PR_FAILURE)
(void) printf
("Consumer error while notifying condvar\n");
errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext);
if (errorResult) testError("PKIX_PL_Mutex_Unlock failed");
}
(void) printf("Consumer exiting...\n");
}
static void producer(void* arg) {
PRStatus status = PR_SUCCESS;
int value = *(int*)arg;
int i = 0;
int *box;
PKIX_Error *errorResult;
if (value == 10) box = &box1;
else if (value == 20) box = &box2;
else if (value == 30) box = &box3;
for (i = 0; i < 5; i++) {
(void) PKIX_PL_Mutex_Lock(mutex, plContext);
while ((*box != 0) && (status == PR_SUCCESS))
status = PR_WaitCondVar(cv, PR_INTERVAL_NO_TIMEOUT);
*box = i+1;
(void) printf
("\tProducer %d put value: %d\n", value, *box);
status = PR_NotifyAllCondVar(cv);
if (status == PR_FAILURE)
(void) printf
("Producer %d error while notifying condvar\n",
value);
errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext);
if (errorResult) testError("PKIX_PL_Mutex_Unlock failed");
}
}
int main(int argc, char *argv[]) {
PRThread *consThread, *prodThread, *prodThread2, *prodThread3;
int x = 10, y = 20, z = 30;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("Mutex and Threads");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
(void) printf("Attempting to create new mutex...\n");
subTest("Mutex Creation");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(&mutex, plContext));
cv = PR_NewCondVar(*(PRLock **) mutex);
subTest("Starting consumer thread");
consThread = PR_CreateThread(PR_USER_THREAD,
consumer,
NULL,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
subTest("Starting producer thread 1");
prodThread = PR_CreateThread(PR_USER_THREAD,
producer,
&x,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
subTest("Starting producer thread 2");
prodThread2 = PR_CreateThread(PR_USER_THREAD,
producer,
&y,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
subTest("Starting producer thread 3");
prodThread3 = PR_CreateThread(PR_USER_THREAD,
producer,
&z,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
PR_JoinThread(consThread);
(void) PR_DestroyCondVar(cv);
PKIX_TEST_DECREF_BC(mutex);
/*
* Note: we should also be freeing each thread's stack, but we
* don't have access to the prodThread->stack variable (since
* it is not exported). As a result, we have 120 bytes of memory
* leakage.
*/
PR_Free(prodThread);
PR_Free(prodThread2);
PR_Free(prodThread3);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Mutex and Threads");
return (0);
}

136
security/nss/cmd/libpkix/pkix_pl/system/test_mutex3.c Normal file
Просмотреть файл

@ -0,0 +1,136 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_mutex3.c
*
* Tests multi-threaded functionality of Mutex
*
*/
#include "testutil.h"
#include "testutil_nss.h"
static PKIX_PL_Mutex *mutex;
void *plContext = NULL;
static void t1(/* ARGSUSED */ void* arg) {
PKIX_Error *errorResult;
(void) printf("t1 acquiring lock...\n");
errorResult = PKIX_PL_Mutex_Lock(mutex, plContext);
if (errorResult) testError("PKIX_PL_Mutex_Lock failed");
(void) printf("t1 sleeplng for 3 seconds\n");
PR_Sleep(PR_SecondsToInterval(3));
(void) printf("t1 releasing lock...\n");
errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext);
if (errorResult) testError("PKIX_PL_Mutex_Unlock failed");
(void) printf("t1 exiting...\n");
}
static void t2(/* ARGSUSED */ void* arg) {
PKIX_Error *errorResult;
(void) printf("t2 acquiring lock...\n");
errorResult = PKIX_PL_Mutex_Lock(mutex, plContext);
if (errorResult) testError("PKIX_PL_Mutex_Lock failed");
(void) printf("t2 releasing lock...\n");
errorResult = PKIX_PL_Mutex_Unlock(mutex, plContext);
if (errorResult) testError("PKIX_PL_Mutex_Unlock failed");
(void) printf("t2 exiting...\n");
}
int main(int argc, char *argv[]) {
PRThread *thread, *thread2;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("Mutex and Threads");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("Mutex Creation");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(&mutex, plContext));
subTest("Starting thread");
thread = PR_CreateThread(PR_USER_THREAD,
t1,
NULL,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
thread2 = PR_CreateThread(PR_USER_THREAD,
t2,
NULL,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
PR_JoinThread(thread2);
PR_JoinThread(thread);
cleanup:
PKIX_TEST_DECREF_AC(mutex);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Mutex and Threads");
return (0);
}

328
security/nss/cmd/libpkix/pkix_pl/system/test_object.c Normal file
Просмотреть файл

@ -0,0 +1,328 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_object.c
*
* Test Object Allocation, toString, Equals, Destruction
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
static PKIX_Error *
destructor(
/* ARGSUSED */ PKIX_PL_Object *object,
/* ARGSUSED */ void *plContext)
{
(void) printf("\tUser defined destructor called\n");
return (NULL);
}
static PKIX_Error*
toStringCallback(
PKIX_PL_Object *obj,
PKIX_PL_String **pString,
/* ARGSUSED */ void* plContext) {
PKIX_Error *errorResult;
PKIX_UInt32 type;
char *format = "(addr: %x, type: %d)";
PKIX_PL_String *formatString = NULL;
errorResult = PKIX_PL_String_Create(
PKIX_ESCASCII,
format,
PL_strlen(format),
&formatString,
plContext);
if (errorResult) testError("PKIX_PL_String_Create failed");
if (pString == plContext)
testError("Null String");
type = (unsigned int)0;
(void) PKIX_PL_Object_GetType(obj, &type, plContext);
errorResult = PKIX_PL_Sprintf(pString, plContext,
formatString,
(int)obj, type);
if (errorResult) testError("PKIX_PL_Sprintf failed");
errorResult = PKIX_PL_Object_DecRef((PKIX_PL_Object*)formatString,
plContext);
if (errorResult) testError("PKIX_PL_Object_DecRef failed");
return (NULL);
}
static PKIX_Error *
comparator(
PKIX_PL_Object *first,
PKIX_PL_Object *second,
PKIX_Int32 *pValue,
/* ARGSUSED */ void *plContext)
{
if (*(char *)first > *(char *)second)
*pValue = 1;
else if (*(char *)first < *(char *)second)
*pValue = -1;
else
*pValue = 0;
return (NULL);
}
PKIX_Error *
hashcodeCallback(
PKIX_PL_Object *object,
PKIX_UInt32 *pValue,
/* ARGSUSED */ void *plContext)
{
*pValue = 123456789;
return (NULL);
}
static PKIX_Error*
equalsCallback(
PKIX_PL_Object *first,
PKIX_PL_Object *second,
PKIX_Boolean *result,
void* plContext) {
PKIX_UInt32 firstType = 0, secondType = 0;
if ((first == plContext)||(second == plContext))
testError("Null Object");
(void) PKIX_PL_Object_GetType(first, &firstType, plContext);
(void) PKIX_PL_Object_GetType(second, &secondType, plContext);
*result = (firstType == secondType)?PKIX_TRUE:PKIX_FALSE;
return (NULL);
}
void
createObjects(
PKIX_PL_Object **obj,
PKIX_PL_Object **obj2,
PKIX_PL_Object **obj3,
PKIX_PL_Object **obj4)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_RegisterType
(1000, /* type */
"thousand", /* description */
NULL, /* destructor */
NULL, /* equals */
(PKIX_PL_HashcodeCallback)hashcodeCallback,
NULL, /* toString */
NULL, /* Comparator */
NULL,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Alloc
(1000, /* type */
12, /* size */
obj,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_RegisterType
(2000, /* type */
"two thousand" /* description */,
(PKIX_PL_DestructorCallback)destructor,
(PKIX_PL_EqualsCallback)equalsCallback,
NULL, /* hashcode */
(PKIX_PL_ToStringCallback)toStringCallback,
(PKIX_PL_ComparatorCallback)comparator,
NULL,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Alloc
(2000, /* type */
1, /* size */
obj2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Alloc
(2000, /* type */
1, /* size */
obj4,
plContext));
*obj3 = *obj;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef(*obj3, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testGetType(
PKIX_PL_Object *obj,
PKIX_PL_Object *obj2,
PKIX_PL_Object *obj3)
{
PKIX_UInt32 testType;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_GetType(obj, &testType, plContext));
if (testType != 1000)
testError("Object 1 returned the wrong type");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_GetType(obj2, &testType, plContext));
if (testType != 2000)
testError("Object 2 returned the wrong type");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_GetType(obj3, &testType, plContext));
if (testType != 1000)
testError("Object 3 returned the wrong type");
cleanup:
PKIX_TEST_RETURN();
}
void
testCompare(
PKIX_PL_Object *obj2,
PKIX_PL_Object *obj4)
{
PKIX_Int32 cmpResult;
PKIX_TEST_STD_VARS();
*(char *)obj2 = 0x20;
*(char *)obj4 = 0x10;
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Compare(obj2, obj4, &cmpResult, plContext));
if (cmpResult <= 0) testError("Invalid Result from Object Compare");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Compare(obj4, obj2, &cmpResult, plContext));
if (cmpResult >= 0) testError("Invalid Result from Object Compare");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Compare(obj4, obj4, &cmpResult, plContext));
*(char *)obj2 = 0x10;
if (cmpResult != 0) testError("Invalid Result from Object Compare");
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(
PKIX_PL_Object *obj,
PKIX_PL_Object *obj2,
PKIX_PL_Object *obj3,
PKIX_PL_Object *obj4)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(obj);
PKIX_TEST_DECREF_BC(obj2);
PKIX_TEST_DECREF_BC(obj3);
PKIX_TEST_DECREF_BC(obj4);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_Object *obj, *obj2, *obj3, *obj4;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("Objects");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_PL_Object_Create");
createObjects(&obj, &obj2, &obj3, &obj4);
PKIX_TEST_EQ_HASH_TOSTR_DUP(obj, obj3, obj2, NULL, Object, PKIX_FALSE);
subTest("PKIX_PL_Object_GetType");
testGetType(obj, obj2, obj3);
subTest("PKIX_PL_Object_Compare");
testCompare(obj2, obj4);
subTest("PKIX_PL_Object_Destroy");
testDestroy(obj, obj2, obj3, obj4);
cleanup:
PKIX_Shutdown(plContext);
endTests("Objects");
return (0);
}

255
security/nss/cmd/libpkix/pkix_pl/system/test_oid.c Normal file
Просмотреть файл

@ -0,0 +1,255 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_oid.c
*
* Test OID Types
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void
createOID(
PKIX_PL_OID **testOID,
char *oidAscii,
PKIX_Boolean errorHandling)
{
PKIX_TEST_STD_VARS();
if (errorHandling){
PKIX_TEST_EXPECT_ERROR
(PKIX_PL_OID_Create(oidAscii, testOID, plContext));
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_OID_Create(oidAscii, testOID, plContext));
}
cleanup:
PKIX_TEST_RETURN();
}
void
testToString(
PKIX_PL_OID *oid,
char *expAscii)
{
PKIX_PL_String *oidString = NULL;
char *temp = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)oid,
&oidString, plContext));
temp = PKIX_String2ASCII(oidString, plContext);
if (temp == NULL){
testError("PKIX_String2Ascii failed");
goto cleanup;
}
if (PL_strcmp(temp, expAscii) != 0) {
(void) printf("\tOid ToString: %s %s\n", temp, expAscii);
testError("Output string does not match source");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
cleanup:
PKIX_TEST_DECREF_AC(oidString);
PKIX_TEST_RETURN();
}
void
testCompare(
PKIX_PL_OID *oid0,
PKIX_PL_OID *oid1,
PKIX_PL_OID *oid2,
PKIX_PL_OID *oid3)
{
PKIX_Int32 cmpResult;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object*)oid0,
(PKIX_PL_Object*)oid1,
&cmpResult, plContext));
if (cmpResult <= 0) testError("Invalid Result from OID Compare");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object*)oid1,
(PKIX_PL_Object*)oid0,
&cmpResult, plContext));
if (cmpResult >= 0) testError("Invalid Result from OID Compare");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object*)oid1,
(PKIX_PL_Object*)oid2,
&cmpResult, plContext));
if (cmpResult >= 0) testError("Invalid Result from OID Compare");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object*)oid2,
(PKIX_PL_Object*)oid1,
&cmpResult, plContext));
if (cmpResult <= 0) testError("Invalid Result from OID Compare");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Compare((PKIX_PL_Object*)oid1,
(PKIX_PL_Object*)oid3,
&cmpResult, plContext));
if (cmpResult != 0) testError("Invalid Result from OID Compare");
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(
PKIX_PL_OID *oid)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(oid);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_OID *testOID[6] = {NULL};
PKIX_PL_OID *badTestOID = NULL;
PKIX_UInt32 i, size = 6;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
char* validOID[6] = {
"2.11.22222.33333",
"1.2.3.004.5.6.7",
"2.11.22222.33333",
"1.2.3.4.5.6.7",
"1.2.3",
"2.39.3"
};
char* expected[6] = {
"2.11.22222.33333",
"1.2.3.4.5.6.7",
"2.11.22222.33333",
"1.2.3.4.5.6.7",
"1.2.3",
"2.39.3"
};
char *badOID[11] = {
"1.2.4294967299",
"this. is. a. bad. oid",
"00a1000.002b",
"100.-5.10",
"1.2..3",
".1.2.3",
"1.2.3.",
"00010.1.2.3",
"1.000041.2.3",
"000000000000000000000000000000000000000010.3.2",
"1"
};
PKIX_TEST_STD_VARS();
startTests("OIDs");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
for (i = 0; i < size; i++) {
subTest("PKIX_PL_OID_Create");
createOID(&testOID[i], validOID[i], PKIX_FALSE);
}
PKIX_TEST_EQ_HASH_TOSTR_DUP
(testOID[0],
testOID[2],
testOID[1],
NULL,
OID,
PKIX_FALSE);
for (i = 0; i < size; i++) {
subTest("PKIX_PL_OID_ToString");
testToString(testOID[i], expected[i]);
}
subTest("PKIX_PL_OID_Compare");
testCompare(testOID[0], testOID[1], testOID[2], testOID[3]);
for (i = 0; i < size; i++) {
subTest("PKIX_PL_OID_Destroy");
testDestroy(testOID[i]);
}
for (i = 0; i < 11; i++) {
subTest("PKIX_PL_OID Error Handling");
createOID(&badTestOID, badOID[i], PKIX_TRUE);
}
cleanup:
PKIX_Shutdown(plContext);
endTests("OIDs");
return (0);
}

236
security/nss/cmd/libpkix/pkix_pl/system/test_rwlock.c Normal file
Просмотреть файл

@ -0,0 +1,236 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_rwlock.c
*
*/
#include "testutil.h"
#include "testutil_nss.h"
static PKIX_PL_RWLock *rwlock = NULL, *rwlock2 = NULL, *rwlock3 = NULL;
static PRThread *thread = NULL, *thread2 = NULL, *thread3 = NULL;
void *plContext = NULL;
static void reader(void) {
PKIX_Error *errorResult;
errorResult = PKIX_PL_AcquireReaderLock(rwlock, NULL);
if (errorResult) testError("PKIX_PL_AcquireReaderLock failed");
(void) printf("\t[Thread #1 Read Lock #1.]\n");
(void) printf("\t[Thread #1 Sleeplng for 1 seconds.]\n");
PR_Sleep(PR_SecondsToInterval(1));
PKIX_PL_ReleaseReaderLock(rwlock, NULL);
if (errorResult) testError("PKIX_PL_ReleaseReaderLock failed");
(void) printf("\t[Thread #1 Read UNLock #1.]\n");
}
static void writer(void) {
PKIX_Error *errorResult;
/* This thread should stick here until lock 1 is released */
PKIX_PL_AcquireWriterLock(rwlock, NULL);
if (errorResult) testError("PKIX_PL_AcquireWriterLock failed");
(void) printf("\t[Thread #2 Write Lock #1.]\n");
PKIX_PL_AcquireWriterLock(rwlock2, NULL);
if (errorResult) testError("PKIX_PL_AcquireWriterLock failed");
(void) printf("\t[Thread #2 Write Lock #2.]\n");
(void) printf("\t[Thread #2 Sleeplng for 1 seconds.]\n");
PR_Sleep(PR_SecondsToInterval(1));
PKIX_PL_ReleaseWriterLock(rwlock2, NULL);
if (errorResult) testError("PKIX_PL_ReleaseWriterLock failed");
(void) printf("\t[Thread #2 Write UNLock #2.]\n");
(void) printf("\t[Thread #2 Sleeplng for 1 seconds.]\n");
PR_Sleep(PR_SecondsToInterval(1));
PKIX_PL_ReleaseWriterLock(rwlock, NULL);
if (errorResult) testError("PKIX_PL_ReleaseWriterLock failed");
(void) printf("\t[Thread #2 Write UNLock #1.]\n");
PR_JoinThread(thread3);
}
static void reader2(void) {
PKIX_Error *errorResult;
/* Reader 2 should yield here until the writer is done */
PKIX_PL_AcquireReaderLock(rwlock2, NULL);
if (errorResult) testError("PKIX_PL_AcquireReaderLock failed");
(void) printf("\t[Thread #3 Read Lock #2.]\n");
PKIX_PL_AcquireReaderLock(rwlock3, NULL);
if (errorResult) testError("PKIX_PL_AcquireReaderLock failed");
(void) printf("\t[Thread #3 Read Lock #3.]\n");
(void) printf("\t[Thread #3 Sleeplng for 1 seconds.]\n");
PR_Sleep(PR_SecondsToInterval(1));
PKIX_PL_ReleaseReaderLock(rwlock3, NULL);
if (errorResult) testError("PKIX_PL_ReleaseReaderLock failed");
(void) printf("\t[Thread #3 Read UNLock #3.]\n");
(void) printf("\t[Thread #3 Sleeplng for 1 seconds.]\n");
PR_Sleep(PR_SecondsToInterval(1));
PKIX_PL_ReleaseReaderLock(rwlock2, NULL);
if (errorResult) testError("PKIX_PL_ReleaseReaderLock failed");
(void) printf("\t[Thread #3 Read UNLock #2.]\n");
}
int main() {
PKIX_PL_String* outputString = NULL;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_Boolean bool;
PKIX_UInt32 actualMinorVersion;
PKIX_TEST_STD_VARS();
startTests("RWLocks");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
(void) printf("Attempting to create new rwlock...\n");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_RWLock_Create(&rwlock, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_RWLock_Create(&rwlock2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_RWLock_Create(&rwlock3, plContext));
/* Test toString functionality */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)rwlock, &outputString, plContext));
(void) printf("Testing RWLock toString: %s\n",
PKIX_String2ASCII(outputString));
PKIX_TEST_DECREF_BC(outputString);
/* Call Equals on two different objects */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals
((PKIX_PL_Object*)rwlock,
(PKIX_PL_Object*)rwlock2,
&bool,
plContext));
(void) printf("Testing RWLock Equals: %d (should be 0)\n", bool);
if (bool != 0)
testError("Error in RWLock_Equals");
/* Call Equals on two equal objects */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object*)rwlock,
(PKIX_PL_Object*)rwlock, &bool, plContext));
(void) printf("Testing RWLock Equals: %d (should be 1)\n", bool);
if (bool != 1)
testError("Error in RWLock_Equals");
subTest("Multi-Thread Read/Write Lock Testing");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_AcquireReaderLock(rwlock, plContext));
(void) printf("\t[Main Thread Read Lock #1.]\n");
thread = PR_CreateThread(PR_USER_THREAD,
reader,
NULL,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
thread2 = PR_CreateThread(PR_USER_THREAD,
writer,
NULL,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
thread3 = PR_CreateThread(PR_USER_THREAD,
reader2,
NULL,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
PR_JoinThread(thread);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ReleaseReaderLock
(rwlock, plContext));
(void) printf("\t[Main Thread Read Unlock #1.]\n");
PR_JoinThread(thread2);
cleanup:
/* Test destructor */
subTest("Testing destructor...");
PKIX_TEST_DECREF_AC(rwlock);
PKIX_TEST_DECREF_AC(rwlock2);
PKIX_TEST_DECREF_AC(rwlock3);
pkixTestTempResult = PKIX_Shutdown(plContext);
if (pkixTestTempResult) pkixTestErrorResult = pkixTestTempResult;
PKIX_TEST_RETURN();
endTests("RWLocks");
return (0);
}

488
security/nss/cmd/libpkix/pkix_pl/system/test_string.c Normal file
Просмотреть файл

@ -0,0 +1,488 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_string.c
*
* Tests Strings.
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void
createString(
PKIX_PL_String **testString,
PKIX_UInt32 format,
char *stringAscii,
PKIX_UInt32 length)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_String_Create
(format, stringAscii, length, testString, plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
createStringOther(
PKIX_PL_String **testEscAscii,
PKIX_PL_String **testUtf16,
PKIX_PL_String **ampString,
PKIX_PL_String **testDebugAscii,
PKIX_PL_String **testNullString,
PKIX_UInt32 *utf16data)
{
char *nullText = "Hi&#x0000; there!";
char *escAsciiString =
"&#x00A1;&#x00010000;&#x0FFF;&#x00100001;";
char *debugAsciiString =
"string with&#x000A;newlines and&#x0009;tabs";
char * utfAmp = "\x00&";
PKIX_TEST_STD_VARS();
createString(testEscAscii,
PKIX_ESCASCII,
escAsciiString,
PL_strlen(escAsciiString));
createString(testUtf16, PKIX_UTF16, (char *)utf16data, 12);
createString(ampString, PKIX_UTF16, utfAmp, 2);
createString(testDebugAscii,
PKIX_ESCASCII_DEBUG,
debugAsciiString,
PL_strlen(debugAsciiString));
createString(testNullString,
PKIX_ESCASCII_DEBUG,
nullText,
PL_strlen(nullText));
goto cleanup;
cleanup:
PKIX_TEST_RETURN();
}
void
testGetEncoded(
PKIX_PL_String *testEscAscii,
PKIX_PL_String *testString0,
PKIX_PL_String *testDebugAscii,
PKIX_PL_String *testNullString,
PKIX_UInt32 *utf16data)
{
char *temp = NULL;
void *dest = NULL;
void *dest2 = NULL;
char *plainText = "string with\nnewlines and\ttabs";
PKIX_UInt32 length, length2, i;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testEscAscii,
PKIX_UTF16,
&dest,
&length,
plContext));
for (i = 0; i < length; i++) {
if (((char*)dest)[i] != ((char*)utf16data)[i]) {
testError("UTF-16 Data Differs from Source");
printf("%d-th char is different -%c-%c-\n", i,
((char*)dest)[i], ((char*)utf16data)[i]);
}
}
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testNullString,
PKIX_UTF16,
&dest,
&length,
plContext));
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testString0,
PKIX_ESCASCII_DEBUG,
&dest,
&length,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testDebugAscii,
PKIX_ESCASCII_DEBUG,
&dest2,
&length2,
plContext));
for (i = 0; (i < length) && (i < length2); i++)
if (((char*)dest)[i] != ((char*)dest2)[i]) {
testError("Equivalent strings are unequal");
break;
}
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
length2 = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest2, plContext));
temp = PKIX_String2ASCII(testDebugAscii, plContext);
if (temp){
if (PL_strcmp(plainText, temp) != 0)
testError("Debugged ASCII does not match "
"equivalent EscAscii");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
}
cleanup:
PKIX_TEST_RETURN();
}
void
testSprintf(void)
{
PKIX_Int32 x = 0xCAFE;
PKIX_Int32 y = -12345;
PKIX_PL_String *testString = NULL;
PKIX_PL_String *formatString = NULL;
PKIX_PL_String *sprintfString = NULL;
char *plainText = "Testing Sprintf";
char *format = "%s %x %u %d";
char *convertedFormat = "%s %lx %lu %ld";
char *temp = NULL;
char *temp2 = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
plainText,
PL_strlen(plainText),
&testString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
format,
11,
&formatString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Sprintf(&sprintfString,
plContext,
formatString,
testString, x, y, y));
PKIX_TEST_DECREF_BC(testString);
temp = PR_smprintf(convertedFormat, plainText, x, y, y);
temp2 = PKIX_String2ASCII(sprintfString, plContext);
if (PL_strcmp(temp, temp2) != 0)
testError("Sprintf produced incorrect output");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(temp2, plContext));
PKIX_TEST_DECREF_BC(sprintfString);
PKIX_TEST_DECREF_BC(formatString);
cleanup:
PKIX_TEST_RETURN();
}
void
testErrorHandling(void)
{
char *debugAsciiString =
"string with&#x000A;newlines and&#x0009;tabs";
PKIX_PL_String *testString = NULL;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
NULL,
50,
&testString,
plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII,
"blah", 4, NULL, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_PL_Sprintf(&testString, plContext, NULL));
PKIX_TEST_EXPECT_ERROR
(PKIX_PL_GetString(0, NULL, &testString, plContext));
PKIX_TEST_EXPECT_ERROR(PKIX_PL_GetString(0, "blah", 0, plContext));
/* ---------------------------- */
subTest("Unicode Error Handling");
/* &#x must be followed by 4 hexadecimal digits */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"&#x003k;",
7,
&testString,
plContext));
/* &#x must be followed by 4 hexadecimal digits */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"abc&#x00",
8,
&testString,
plContext));
/* &#x must be between 00010000-0010FFFF */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"&#x00200101;",
11,
&testString,
plContext));
/* &#x must be followed by 8 hexadecimal digits */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"&#x001000",
10,
&testString,
plContext));
/* &#x must be followed by 8 hexadecimal digits */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"&#x0010m00;",
10,
&testString,
plContext));
/* Byte values D800-DFFF are reserved */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"&#xD800;",
7,
&testString,
plContext));
/* Can't use &#x for regular characters */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"&#x0032;",
7,
&testString,
plContext));
/* Can't use non-printable characters */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"\xA1",
1,
&testString,
plContext));
/* Only legal \\ characters are \\, u and U */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
"&blah",
5,
&testString,
plContext));
/* Surrogate pairs must be legal */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_UTF16,
"\xd8\x00\x0\x66",
4,
&testString,
plContext));
/* Debugged EscASCII should not be accepted as EscASCII */
PKIX_TEST_EXPECT_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
debugAsciiString,
PL_strlen(debugAsciiString),
&testString,
plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(
PKIX_PL_String *string)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(string);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_String *testString[6] = {NULL};
PKIX_PL_String *testNullString = NULL;
PKIX_PL_String *testDebugAscii = NULL;
PKIX_PL_String *testEscAscii = NULL;
PKIX_PL_String *testUtf16 = NULL;
PKIX_PL_String *ampString = NULL;
unsigned char utf16Data[] = {0x00, 0xA1, 0xD8, 0x00,
0xDC, 0x00, 0x0F, 0xFF,
0xDB, 0xC0, 0xDC, 0x01};
PKIX_UInt32 i, size = 6;
char *plainText[6] = {
"string with\nnewlines and\ttabs",
"Not an escaped char: &amp;#x0012;",
"Encode &amp; with &amp;amp; in ASCII",
"&#x00A1;",
"&amp;",
"string with\nnewlines and\ttabs"
};
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("Strings");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_PL_String_Create <ascii format>");
for (i = 0; i < size; i++) {
testString[i] = NULL;
createString
(&testString[i],
PKIX_ESCASCII,
plainText[i],
PL_strlen(plainText[i]));
}
subTest("PKIX_PL_String_Create <other formats>");
createStringOther
(&testEscAscii,
&testUtf16,
&ampString,
&testDebugAscii,
&testNullString,
(PKIX_UInt32 *)utf16Data);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(testString[0],
testString[5],
testString[1],
plainText[0],
String,
PKIX_TRUE);
subTest("PKIX_PL_String_GetEncoded");
testGetEncoded
(testEscAscii,
testString[0],
testDebugAscii,
testNullString,
(PKIX_UInt32 *)utf16Data);
subTest("PKIX_PL_Sprintf");
testSprintf();
subTest("PKIX_PL_String_Create <error_handling>");
testErrorHandling();
subTest("PKIX_PL_String_Destroy");
for (i = 0; i < size; i++) {
testDestroy(testString[i]);
}
testDestroy(testEscAscii);
testDestroy(testUtf16);
testDestroy(ampString);
testDestroy(testDebugAscii);
testDestroy(testNullString);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("String");
return (0);
}

384
security/nss/cmd/libpkix/pkix_pl/system/test_string2.c Normal file
Просмотреть файл

@ -0,0 +1,384 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* test_string2.c
*
* Tests International Strings
*
*/
#include "testutil.h"
#include "testutil_nss.h"
void *plContext = NULL;
void
createString(
PKIX_PL_String **vivaEspanaString,
PKIX_PL_String **straussString,
PKIX_PL_String **gorbachevString,
PKIX_PL_String **testUTF16String,
PKIX_PL_String **chineseString,
PKIX_PL_String **jeanRenoString)
{
/* this is meant to fail - it highlights bug 0002 */
unsigned char utf16String[4] = { 0xF8, 0x60,
0xFC, 0x60};
unsigned char chinese[16] = { 0xe7, 0xab, 0xa0,
0xe5, 0xad, 0x90,
0xe6, 0x80, 0xa1,
0x20,
0xe4, 0xb8, 0xad,
0xe5, 0x9b, 0xbd
};
char* jeanReno = "Jean R\303\251no is an actor.";
char* gorbachev = /* This is the name "Gorbachev" in cyrllic */
"\xd0\x93\xd0\xbe\xd1\x80\xd0\xb1\xd0\xb0\xd1\x87\xd1\x91\xd0\xb2";
char *vivaEspana =
"&#x00A1;Viva Espa&#x00f1;a!";
char *strauss =
"Strau&#x00Df; was born in &#x00D6;sterreich";
PKIX_TEST_STD_VARS();
/* ---------------------------- */
subTest("String Creation");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
vivaEspana,
PL_strlen(vivaEspana),
vivaEspanaString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_ESCASCII,
strauss,
PL_strlen(strauss),
straussString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_UTF8,
gorbachev,
PL_strlen(gorbachev),
gorbachevString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_UTF16,
utf16String,
4,
testUTF16String,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_UTF8,
chinese,
16,
chineseString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(
PKIX_UTF8,
jeanReno,
PL_strlen(jeanReno),
jeanRenoString,
plContext));
cleanup:
PKIX_TEST_RETURN();
}
void
testGetEncoded(PKIX_PL_String *string, PKIX_UInt32 format)
{
void *dest = NULL;
PKIX_UInt32 length;
PKIX_TEST_STD_VARS();
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded
(string,
format,
&dest,
&length,
plContext));
if (dest){
(void) printf("\tResult: %s\n", (char *)dest);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
}
cleanup:
PKIX_TEST_RETURN();
}
void
testHTMLOutput(
PKIX_PL_String *vivaEspanaString,
PKIX_PL_String *straussString,
PKIX_PL_String *gorbachevString,
PKIX_PL_String *testUTF16String,
PKIX_PL_String *chineseString,
PKIX_PL_String *jeanRenoString)
{
void *dest = NULL;
PKIX_UInt32 length;
FILE *htmlFile = NULL;
PKIX_TEST_STD_VARS();
/* Opening a file for output */
htmlFile = fopen("utf8.html", "w");
if (htmlFile != plContext) {
(void) fprintf(htmlFile, "<html><head>\n");
(void) fprintf(htmlFile, "<meta http-equiv=\"Content-Type\"");
(void) fprintf(htmlFile,
"content = \"text/html; charset = UTF-8\">\n");
(void) fprintf(htmlFile, "</head><body>\n");
(void) fprintf(htmlFile, "<font size =\"+2\">\n");
} else
(void) printf("Could not open HTML file\n");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(testUTF16String,
PKIX_UTF8,
&dest,
&length,
plContext));
if (htmlFile != plContext) {
(void) printf("%d bytes written to HTML file\n",
fwrite(dest, length, 1, htmlFile));
(void) fprintf(htmlFile, "<BR>\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
dest = NULL;
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(chineseString,
PKIX_UTF8,
&dest,
&length,
plContext));
if (htmlFile != plContext) {
(void) printf("%d bytes written to HTML file\n",
fwrite(dest, length, 1, htmlFile));
(void) fprintf(htmlFile, "<BR>\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
dest = NULL;
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(jeanRenoString,
PKIX_UTF8,
&dest,
&length,
plContext));
if (htmlFile != plContext) {
(void) printf("%d bytes written to HTML file\n",
fwrite(dest, length, 1, htmlFile));
(void) fprintf(htmlFile, "<BR>\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
dest = NULL;
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(vivaEspanaString,
PKIX_UTF8,
&dest,
&length,
plContext));
if (htmlFile != plContext) {
(void) printf("%d bytes written to HTML file\n",
fwrite(dest, length, 1, htmlFile));
(void) fprintf(htmlFile, "<BR>\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
dest = NULL;
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(straussString,
PKIX_UTF8,
&dest,
&length,
plContext));
if (htmlFile != plContext) {
(void) printf("%d bytes written to HTML file\n",
fwrite(dest, length, 1, htmlFile));
(void) fprintf(htmlFile, "<BR>\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
dest = NULL;
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(straussString,
PKIX_UTF8,
&dest,
&length,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
dest = NULL;
length = 0;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_GetEncoded(gorbachevString,
PKIX_UTF8,
&dest,
&length,
plContext));
if (htmlFile != plContext) {
(void) printf("%d bytes written to HTML file\n",
fwrite(dest, length, 1, htmlFile));
(void) fprintf(htmlFile, "<BR>\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(dest, plContext));
dest = NULL;
length = 0;
if (htmlFile != plContext) {
(void) fprintf(htmlFile, "</font>\n");
(void) fprintf(htmlFile, "</body></html>\n");
(void) fclose(htmlFile);
}
cleanup:
PKIX_TEST_RETURN();
}
void
testDestroy(
PKIX_PL_String *string)
{
PKIX_TEST_STD_VARS();
PKIX_TEST_DECREF_BC(string);
cleanup:
PKIX_TEST_RETURN();
}
int main(int argc, char *argv[]) {
PKIX_PL_String *vivaEspanaString, *straussString, *testUTF16String;
PKIX_PL_String *chineseString, *jeanRenoString, *gorbachevString;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
startTests("Unicode Strings");
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
subTest("PKIX_PL_String_Create");
createString(&vivaEspanaString,
&straussString,
&gorbachevString,
&testUTF16String,
&chineseString,
&jeanRenoString);
subTest("Converting UTF-16 to EscASCII");
testGetEncoded(testUTF16String, PKIX_ESCASCII);
subTest("Converting UTF-8 to EscASCII");
testGetEncoded(chineseString, PKIX_ESCASCII);
subTest("Converting UTF-8 to EscASCII");
testGetEncoded(jeanRenoString, PKIX_ESCASCII);
subTest("Converting EscASCII to UTF-16");
testGetEncoded(vivaEspanaString, PKIX_UTF16);
subTest("Converting UTF-8 to UTF-16");
testGetEncoded(chineseString, PKIX_UTF16);
subTest("Creating HTML Output File \'utf8.html\'");
testHTMLOutput(vivaEspanaString,
straussString,
gorbachevString,
testUTF16String,
chineseString,
jeanRenoString);
subTest("Unicode Destructors");
testDestroy(testUTF16String);
testDestroy(chineseString);
testDestroy(jeanRenoString);
testDestroy(vivaEspanaString);
testDestroy(straussString);
testDestroy(gorbachevString);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Unicode Strings");
return (0);
}

59
security/nss/cmd/libpkix/pkixlibs.mk Executable file
Просмотреть файл

@ -0,0 +1,59 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
ifeq (,$(filter-out WIN%,$(OS_TARGET)))
ifdef NS_USE_GCC
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib \
-lpkixutil \
$(NULL)
else # ! NS_USE_GCC
EXTRA_SHARED_LIBS += \
$(DIST)/lib/pkixutil.lib \
$(NULL)
endif # NS_USE_GCC
else
EXTRA_SHARED_LIBS += \
-L$(DIST)/lib/ \
-lpkixutil \
$(NULL)
endif

39
security/nss/cmd/libpkix/pkixrules.mk Executable file
Просмотреть файл

@ -0,0 +1,39 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
CORE_DEPTH = $(PKIX_DEPTH)/../../..
PLAT_DEPTH = $(PKIX_DEPTH)/..

80
security/nss/cmd/libpkix/sample_apps/Makefile Executable file
Просмотреть файл

@ -0,0 +1,80 @@
#! gmake
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1.1/GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
#######################################################################
# (1) Include initial platform-independent assignments (MANDATORY). #
#######################################################################
include manifest.mn
#######################################################################
# (2) Include "global" configuration information. (OPTIONAL) #
#######################################################################
include $(PKIX_DEPTH)/pkixrules.mk
include $(CORE_DEPTH)/coreconf/config.mk
#######################################################################
# (3) Include "component" configuration information. (OPTIONAL) #
#######################################################################
#######################################################################
# (4) Include "local" platform-dependent assignments (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platlibs.mk
include $(PKIX_DEPTH)/pkixlibs.mk
#######################################################################
# (5) Execute "global" rules. (OPTIONAL) #
#######################################################################
include $(CORE_DEPTH)/coreconf/rules.mk
#######################################################################
# (6) Execute "component" rules. (OPTIONAL) #
#######################################################################
#######################################################################
# (7) Execute "local" rules. (OPTIONAL). #
#######################################################################
include $(PLAT_DEPTH)/platrules.mk

297
security/nss/cmd/libpkix/sample_apps/build_chain.c Normal file
Просмотреть файл

@ -0,0 +1,297 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* buildChain.c
*
* Tests Cert Chain Building
*
*/
#include <stdio.h>
#include <string.h>
#include <stddef.h>
#include "pkix_pl_generalname.h"
#include "pkix_pl_cert.h"
#include "pkix.h"
#include "testutil.h"
#include "prlong.h"
#include "plstr.h"
#include "prthread.h"
#include "nspr.h"
#include "prtypes.h"
#include "prtime.h"
#include "pk11func.h"
#include "secasn1.h"
#include "cert.h"
#include "cryptohi.h"
#include "secoid.h"
#include "certdb.h"
#include "secitem.h"
#include "keythi.h"
#include "nss.h"
void *plContext = NULL;
void printUsage(void){
(void) printf("\nUSAGE:\tbuildChain "
"<trustedCert> <targetCert> <certStoreDirectory>\n\n");
(void) printf
("Builds a chain of certificates between "
"<trustedCert> and <targetCert>\n"
"using the certs and CRLs in <certStoreDirectory>.\n");
}
PKIX_PL_Cert *
createCert(char *inFileName)
{
PKIX_PL_ByteArray *byteArray = NULL;
void *buf = NULL;
PRFileDesc *inFile = NULL;
PKIX_UInt32 len;
SECItem certDER;
SECStatus rv;
/* default: NULL cert (failure case) */
PKIX_PL_Cert *cert = NULL;
PKIX_TEST_STD_VARS();
certDER.data = NULL;
inFile = PR_Open(inFileName, PR_RDONLY, 0);
if (!inFile){
pkixTestErrorMsg = "Unable to open cert file";
goto cleanup;
} else {
rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE);
if (!rv){
buf = (void *)certDER.data;
len = certDER.len;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_ByteArray_Create
(buf, len, &byteArray, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_Create
(byteArray, &cert, plContext));
SECITEM_FreeItem(&certDER, PR_FALSE);
} else {
pkixTestErrorMsg = "Unable to read DER from cert file";
goto cleanup;
}
}
cleanup:
if (inFile){
PR_Close(inFile);
}
if (PKIX_TEST_ERROR_RECEIVED){
SECITEM_FreeItem(&certDER, PR_FALSE);
}
PKIX_TEST_DECREF_AC(byteArray);
PKIX_TEST_RETURN();
return (cert);
}
int main(int argc, char *argv[])
{
PKIX_BuildResult *buildResult = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *certs = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
char *trustedCertFile = NULL;
char *targetCertFile = NULL;
char *storeDirAscii = NULL;
PKIX_PL_String *storeDirString = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_UInt32 actualMinorVersion, numCerts, i;
PKIX_UInt32 j = 0;
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
char * asciiResult = NULL;
PKIX_Boolean useArenas = PKIX_FALSE;
void *buildState = NULL; /* needed by pkix_build for non-blocking I/O */
void *nbioContext = NULL;
PKIX_TEST_STD_VARS();
if (argc < 4){
printUsage();
return (0);
}
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext));
/* create processing params with list of trust anchors */
trustedCertFile = argv[j+1];
trustedCert = createCert(trustedCertFile);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
targetCertFile = argv[j+2];
targetCert = createCert(targetCertFile);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
/* create CertStores */
storeDirAscii = argv[j+3];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII, storeDirAscii, 0, &storeDirString, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(storeDirString, &certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(certStores, (PKIX_PL_Object *)certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
/* build cert chain using processing params and return buildResult */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildChain
(procParams,
&nbioContext,
&buildState,
&buildResult,
NULL,
plContext));
/*
* As long as we use only CertStores with blocking I/O, we can omit
* checking for completion with nbioContext.
*/
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain(buildResult, &certs, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs, i, (PKIX_PL_Object**)&cert, plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, plContext));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
cleanup:
if (PKIX_TEST_ERROR_RECEIVED){
(void) printf("FAILED TO BUILD CHAIN\n");
} else {
(void) printf("SUCCESSFULLY BUILT CHAIN\n");
}
PKIX_PL_Free(asciiResult, plContext);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(storeDirString);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
return (0);
}

215
security/nss/cmd/libpkix/sample_apps/dumpcert.c Normal file
Просмотреть файл

@ -0,0 +1,215 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* dumpcert.c
*
* dump certificate sample application
*
*/
#include <stdio.h>
#include "pkix.h"
#include "testutil.h"
#include "prlong.h"
#include "plstr.h"
#include "prthread.h"
#include "plarena.h"
#include "seccomon.h"
#include "secdert.h"
#include "secasn1t.h"
#include "certt.h"
void *plContext = NULL;
void printUsage(void){
(void) printf("\nUSAGE:\tdumpcert <certFile>\n");
(void) printf("\tParses a certificate located at <certFile> "
"and displays it.\n");
}
void printFailure(char *msg){
(void) printf("FAILURE: %s\n", msg);
}
PKIX_PL_Cert *
createCert(char *inFileName)
{
PKIX_PL_ByteArray *byteArray = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_Error *error = NULL;
PRFileDesc *inFile = NULL;
SECItem certDER;
void *buf = NULL;
PKIX_UInt32 len;
SECStatus rv = SECFailure;
certDER.data = NULL;
inFile = PR_Open(inFileName, PR_RDONLY, 0);
if (!inFile){
printFailure("Unable to open cert file");
goto cleanup;
} else {
rv = SECU_ReadDERFromFile(&certDER, inFile, PR_FALSE);
if (!rv){
buf = (void *)certDER.data;
len = certDER.len;
error = PKIX_PL_ByteArray_Create
(buf, len, &byteArray, plContext);
if (error){
printFailure("PKIX_PL_ByteArray_Create failed");
goto cleanup;
}
error = PKIX_PL_Cert_Create
(byteArray, &cert, plContext);
if (error){
printFailure("PKIX_PL_Cert_Create failed");
goto cleanup;
}
} else {
printFailure("Unable to read DER from cert file");
goto cleanup;
}
}
cleanup:
if (inFile){
PR_Close(inFile);
}
if (rv == SECSuccess){
SECITEM_FreeItem(&certDER, PR_FALSE);
}
if (byteArray){
PKIX_PL_Object_DecRef((PKIX_PL_Object *)(byteArray), plContext);
}
return (cert);
}
int main(int argc, char *argv[])
{
PKIX_PL_String *string = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_Error *error = NULL;
char *ascii = NULL;
PKIX_UInt32 length = 0;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_UInt32 actualMinorVersion;
PKIX_TEST_STD_VARS();
if (argc == 1){
printUsage();
return (0);
}
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext);
cert = createCert(argv[1+j]);
if (cert){
error = PKIX_PL_Object_ToString
((PKIX_PL_Object *)cert, &string, plContext);
if (error){
printFailure("Unable to get string representation "
"of cert");
goto cleanup;
}
error = PKIX_PL_String_GetEncoded
(string,
PKIX_ESCASCII,
(void **)&ascii,
&length,
plContext);
if (error || !ascii){
printFailure("Unable to get ASCII encoding of string");
goto cleanup;
}
(void) printf("OUTPUT:\n%s\n", ascii);
} else {
printFailure("Unable to create certificate");
goto cleanup;
}
cleanup:
if (cert){
PKIX_PL_Object_DecRef((PKIX_PL_Object *)(cert), plContext);
}
if (string){
PKIX_PL_Object_DecRef((PKIX_PL_Object *)(string), plContext);
}
if (ascii){
PKIX_PL_Free((PKIX_PL_Object *)(ascii), plContext);
}
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("DUMPCERT");
return (0);
}

218
security/nss/cmd/libpkix/sample_apps/dumpcrl.c Normal file
Просмотреть файл

@ -0,0 +1,218 @@
/* ***** BEGIN LICENSE BLOCK *****
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
*
* The contents of this file are subject to the Mozilla Public License Version
* 1.1 (the "License"); you may not use this file except in compliance with
* the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
* for the specific language governing rights and limitations under the
* License.
*
* The Original Code is the Netscape security libraries.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1994-2000
* the Initial Developer. All Rights Reserved.
*
* Contributor(s):
* Sun Microsystems
*
* Alternatively, the contents of this file may be used under the terms of
* either the GNU General Public License Version 2 or later (the "GPL"), or
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
* in which case the provisions of the GPL or the LGPL are applicable instead
* of those above. If you wish to allow use of your version of this file only
* under the terms of either the GPL or the LGPL, and not to allow others to
* use your version of this file under the terms of the MPL, indicate your
* decision by deleting the provisions above and replace them with the notice
* and other provisions required by the GPL or the LGPL. If you do not delete
* the provisions above, a recipient may use your version of this file under
* the terms of any one of the MPL, the GPL or the LGPL.
*
* ***** END LICENSE BLOCK ***** */
/*
* dumpcrl.c
*
* dump CRL sample application
*
*/
#include <stdio.h>
#include "pkix.h"
#include "testutil.h"
#include "prlong.h"
#include "plstr.h"
#include "prthread.h"
#include "plarena.h"
#include "seccomon.h"
#include "secdert.h"
#include "secasn1t.h"
#include "certt.h"
void *plContext = NULL;
void printUsage(void){
(void) printf("\nUSAGE:\tdumpcrl <crlFile>\n");
(void) printf("\tParses a CRL located at <crlFile> "
"and displays it.\n");
}
void printFailure(char *msg){
(void) printf("FAILURE: %s\n", msg);
}
PKIX_PL_CRL *
createCRL(char *inFileName)
{
PKIX_PL_ByteArray *byteArray = NULL;
PKIX_PL_CRL *crl = NULL;
PKIX_Error *error = NULL;
PRFileDesc *inFile = NULL;
SECItem crlDER;
void *buf = NULL;
PKIX_UInt32 len;
SECStatus rv;
PKIX_TEST_STD_VARS();
crlDER.data = NULL;
inFile = PR_Open(inFileName, PR_RDONLY, 0);
if (!inFile){
printFailure("Unable to open crl file");
goto cleanup;
} else {
rv = SECU_ReadDERFromFile(&crlDER, inFile, PR_FALSE);
if (!rv){
buf = (void *)crlDER.data;
len = crlDER.len;
error = PKIX_PL_ByteArray_Create
(buf, len, &byteArray, plContext);
if (error){
printFailure("PKIX_PL_ByteArray_Create failed");
goto cleanup;
}
error = PKIX_PL_CRL_Create(byteArray, &crl, plContext);
if (error){
printFailure("PKIX_PL_CRL_Create failed");
goto cleanup;
}
SECITEM_FreeItem(&crlDER, PR_FALSE);
} else {
printFailure("Unable to read DER from crl file");
goto cleanup;
}
}
cleanup:
if (inFile){
PR_Close(inFile);
}
if (error){
SECITEM_FreeItem(&crlDER, PR_FALSE);
}
if (byteArray){
PKIX_PL_Object_DecRef((PKIX_PL_Object *)(byteArray), plContext);
}
PKIX_TEST_RETURN();
return (crl);
}
int main(int argc, char *argv[])
{
PKIX_PL_String *string = NULL;
PKIX_PL_CRL *crl = NULL;
PKIX_Error *error = NULL;
char *ascii = NULL;
PKIX_UInt32 length;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_Boolean useArenas = PKIX_FALSE;
PKIX_TEST_STD_VARS();
if (argc == 1){
printUsage();
return (0);
}
useArenas = PKIX_TEST_ARENAS_ARG(argv[1]);
PKIX_Initialize
(PKIX_TRUE, /* nssInitNeeded */
useArenas,
PKIX_MAJOR_VERSION,
PKIX_MINOR_VERSION,
PKIX_MINOR_VERSION,
&actualMinorVersion,
&plContext);
crl = createCRL(argv[j+1]);
if (crl){
error = PKIX_PL_Object_ToString
((PKIX_PL_Object *)crl, &string, plContext);
if (error){
printFailure("Unable to get string representation "
"of crl");
goto cleanup;
}
error = PKIX_PL_String_GetEncoded
(string,
PKIX_ESCASCII,
(void **)&ascii,
&length,
plContext);
if (error || !ascii){
printFailure("Unable to get ASCII encoding of string");
goto cleanup;
}
(void) printf("OUTPUT:\n%s\n", ascii);
} else {
printFailure("Unable to create CRL");
goto cleanup;
}
cleanup:
if (crl){
PKIX_PL_Object_DecRef((PKIX_PL_Object *)(crl), plContext);
}
if (string){
PKIX_PL_Object_DecRef((PKIX_PL_Object *)(string), plContext);
}
if (ascii){
PKIX_PL_Free((PKIX_PL_Object *)(ascii), plContext);
}
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("DUMPCRL");
return (0);
}

53
security/nss/cmd/libpkix/sample_apps/manifest.mn Executable file
Просмотреть файл

@ -0,0 +1,53 @@
#
# ***** BEGIN LICENSE BLOCK *****
# Version: MPL 1GPL 2.0/LGPL 2.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# htt/www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is the Netscape security libraries.
#
# The Initial Developer of the Original Code is
# Netscape Communications Corporation.
# Portions created by the Initial Developer are Copyright (C) 1994-2000
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Alternatively, the contents of this file may be used under the terms of
# either the GNU General Public License Version 2 or later (the "GPL"), or
# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
# in which case the provisions of the GPL or the LGPL are applicable instead
# of those above. If you wish to allow use of your version of this file only
# under the terms of either the GPL or the LGPL, and not to allow others to
# use your version of this file under the terms of the MPL, indicate your
# decision by deleting the provisions above and replace them with the notice
# and other provisions required by the GPL or the LGPL. If you do not delete
# the provisions above, a recipient may use your version of this file under
# the terms of any one of the MPL, the GPL or the LGPL.
#
# ***** END LICENSE BLOCK *****
PKIX_DEPTH = ..
# MODULE public and private header directories are implicitly REQUIRED.
MODULE = nss
CSRCS = dumpcert.c \
dumpcrl.c \
validate_chain.c \
build_chain.c \
$(NULL)
PROGRAMS = $(CSRCS:.c=)
TARGETS = $(PROGRAMS)
NO_MD_RELEASE = 1

Некоторые файлы не были показаны из-за слишком большого количества измененных файлов Показать больше