MainWindow::MainWindow(QWidget *parent) : QMainWindow(parent)
{
showFullScreen();
startInfo = new StartDialog(this);
testArea = new TestEnv(numTargets,200,20,this);
QObject::connect(testArea, SIGNAL(emitHit(const int&)), this, SLOT(setRem(const int&)));
QObject::connect(testArea, SIGNAL(emitError(const int&)), this, SLOT(setErr(const int&)));
QObject::connect(testArea, SIGNAL(emitFinish()), this, SLOT(startTests()));
QObject::connect(testArea, SIGNAL(retResults(const int&, const int&, const double&)), this, SLOT(saveResults(const int&, const int&, const double&)));
testArea2 = new TestEnv(numTargets,200,20,this);
QObject::connect(testArea2, SIGNAL(emitHit(const int&)), this, SLOT(setRem(const int&)));
QObject::connect(testArea2, SIGNAL(emitError(const int&)), this, SLOT(setErr(const int&)));
QObject::connect(testArea2, SIGNAL(emitFinish()), this, SLOT(startTests()));
QObject::connect(testArea2, SIGNAL(retResults(const int&, const int&, const double&)), this, SLOT(saveResults(const int&, const int&, const double&)));
QHBoxLayout *layout = new QHBoxLayout();
layout->addWidget(testArea);
layout->addWidget(testArea2);
QWidget *temp = new QWidget();
temp->setLayout(layout);
setCentralWidget(temp);
createDock();
getInfo();
loadCursors();
displayInformation();
startTests();
}
int test_date(int argc, char *argv[]) {
char *goodInput = NULL;
char *diffInput = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Date");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
goodInput = "040329134847Z";
diffInput = "050329135847Z";
testDate(goodInput, diffInput);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Date");
return (0);
}
void test_pointers(struct test_printf_info *tpi) {
startTests(tpi, __func__);
zap++; // prevent variable zap to be optimized away
TEST("0", "%p", 0); // MacOS: "0x0" [3]
TEST("0", "%#p", 0); // MacOS: "0x0" [3]
TEST("00000000", "%08p", 0); // MacOS: "0x000000" [8]
TEST("00000000", "%#08p", 0); // MacOS: "0x000000" [8]
TEST("00000000", "%08.8p", 0); // MacOS: "0x00000000" [10]
TEST("00000000", "%#08.8p", 0); // MacOS: "0x00000000" [10]
TESTHOST("%p", (void*) zap);
TESTHOST("%#p", (void*) zap);
TESTHOST("%8p", (void*) zap);
TESTHOST("%#8p", (void*) zap);
TESTHOST("%08p", (void*) zap);
TESTHOST("%#08p", (void*) zap);
TESTHOST("%.8p", (void*) zap);
TESTHOST("%#.8p", (void*) zap);
TESTHOST("%0.8p", (void*) zap);
TESTHOST("%#0.8p", (void*) zap);
TESTHOST("%08.8p", (void*) zap);
TESTHOST("%#08.8p", (void*) zap);
endTests(tpi);
}
int main(int argc, char *argv[])
{
// print version, help or run tests
if (argc == 2 || argc == 3) {
const char *arg = argv[1];
if ( argc == 2 && needsVersion(arg) ) {
evaluate("version", NULL);
return 0;
} else if ( needsHelp(arg) ) {
evaluate("help", argc == 3 ? argv[2] : NULL);
return 0;
#ifdef HAS_TESTS
} else if ( needsTests(arg) ) {
// Skip the "tests" argument and pass the rest to tests.
return startTests(argc - 1, argv + 1);
#endif
}
}
if (argc == 1) {
// if server hasn't been run yet and no argument were specified
// then run this process as server
return startServer(argc, argv);
} else if (argc == 3 && strcmp(argv[1], "monitor") == 0) {
// if first argument is monitor (second is monitor server name/ID)
// then run this process as monitor
return startMonitor(argc, argv);
} else {
// if argument specified and server is running
// then run this process as client
return startClient(argc, argv);
}
}
int
test_generalname(int argc, char *argv[])
{
char *goodInput = NULL;
char *diffInput = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("GeneralName");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
goodInput = "*****@*****.**";
diffInput = "*****@*****.**";
testNameType(PKIX_RFC822_NAME, goodInput, diffInput, goodInput);
goodInput = "example1.com";
diffInput = "ex2.net";
testNameType(PKIX_DNS_NAME, goodInput, diffInput, goodInput);
goodInput = "cn=yassir, ou=labs, o=sun, c=us";
diffInput = "cn=alice, ou=labs, o=sun, c=us";
testNameType(PKIX_DIRECTORY_NAME,
goodInput,
diffInput,
"CN=yassir,OU=labs,O=sun,C=us");
goodInput = "http://example1.com";
diffInput = "http://ex2.net";
testNameType(PKIX_URI_NAME, goodInput, diffInput, goodInput);
goodInput = "1.2.840.11";
diffInput = "1.2.840.115349";
testNameType(PKIX_OID_NAME, goodInput, diffInput, goodInput);
/*
* We don't support creating PKIX_EDIPARTY_NAME,
* PKIX_IP_NAME, OTHER_NAME, X400_ADDRESS from strings
*/
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("GeneralName");
return (0);
}
int test_mem(int argc, char *argv[]) {
unsigned int *array = NULL;
int arraySize = 10;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Memory Allocation");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
subTest("PKIX_PL_Malloc");
testMalloc(&array);
subTest("PKIX_PL_Realloc");
testRealloc(&array);
subTest("PKIX_PL_Free");
testFree(array);
/* --Negative Test Cases------------------- */
/* Create an integer array of size 10 */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Malloc(
(PKIX_UInt32)(arraySize*sizeof (unsigned int)),
(void **) &array, plContext));
(void) printf("Attempting to reallocate 0 sized memory...\n");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Realloc(array, 0, (void **) &array, plContext));
(void) printf("Attempting to allocate to null pointer...\n");
PKIX_TEST_EXPECT_ERROR(PKIX_PL_Malloc(10, NULL, plContext));
(void) printf("Attempting to reallocate to null pointer...\n");
PKIX_TEST_EXPECT_ERROR(PKIX_PL_Realloc(NULL, 10, NULL, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(array, plContext));
cleanup:
PKIX_Shutdown(plContext);
endTests("Memory Allocation");
return (0);
}
int test_x500name(int argc, char *argv[]) {
PKIX_PL_X500Name *goodObject = NULL;
PKIX_PL_X500Name *equalObject = NULL;
PKIX_PL_X500Name *diffObject = NULL;
PKIX_PL_X500Name *diffObjectMatch = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
/* goodInput is encoded in PKIX_ESCASCII */
char *goodInput = "cn=Strauß,ou=labs,o=sun,c=us";
char *diffInput = "cn=steve,ou=labs,o=sun,c=us";
char *diffInputMatch = "Cn=SteVe,Ou=lABs,o=SUn,c=uS";
char *expectedAscii = "CN=Strauß,OU=labs,O=sun,C=us";
PKIX_TEST_STD_VARS();
startTests("X500Name");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
createX500Names
(goodInput, diffInput, diffInputMatch,
&goodObject, &equalObject, &diffObject, &diffObjectMatch);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
X500Name,
PKIX_TRUE);
testMatch(goodObject, diffObject, diffObjectMatch);
testDestroy(goodObject, equalObject, diffObject, diffObjectMatch);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("X500Name");
return (0);
}
int test_logger(int argc, char *argv[]) {
PKIX_Logger *logger, *logger2;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Loggers");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
subTest("PKIX_Logger_Create");
createLogger(&logger, NULL, testLoggerCallback);
createLogger(&logger2, (PKIX_PL_Object *)logger, testLoggerCallback2);
subTest("Logger Context and Callback");
testContextCallback(logger, logger2);
subTest("Logger Component");
testComponent(logger);
subTest("Logger MaxLoggingLevel");
testMaxLoggingLevel(logger);
subTest("Logger List operations");
testLogger(logger, logger2);
subTest("PKIX_Logger_Destroy");
testDestroy(logger);
testDestroy(logger2);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Loggers");
return (0);
}
int
test_colcertstore(int argc, char *argv[])
{
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *platformDir = NULL;
char *dataDir = NULL;
char *combinedDir = NULL;
PKIX_TEST_STD_VARS();
startTests("CollectionCertStore");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
if (argc < (3 + j)) {
printUsage(argv[0]);
return (0);
}
dataDir = argv[2 + j];
platformDir = argv[3 + j];
combinedDir = catDirName(platformDir, dataDir, plContext);
testGetCRL(combinedDir);
testGetCert(combinedDir);
cleanup:
pkixTestErrorResult = PKIX_PL_Free(combinedDir, plContext);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CollectionCertStore");
return (0);
}
int test_mutex(int argc, char *argv[]) {
PKIX_PL_Mutex *mutex, *mutex2, *mutex3;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Mutexes");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
subTest("PKIX_PL_Mutex_Create");
createMutexes(&mutex, &mutex2, &mutex3);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(mutex,
mutex3,
mutex2,
NULL,
Mutex,
PKIX_FALSE);
subTest("PKIX_PL_Mutex_Lock/Unlock");
testLock(mutex);
subTest("PKIX_PL_Mutex_Destroy");
testDestroy(mutex, mutex2, mutex3);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Mutexes");
return (0);
}
int test_nameconstraints(int argc, char *argv[]) {
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *platformDir = NULL;
char *dataDir = NULL;
char *combinedDir = NULL;
/* Note XXX serialnumber and reasoncode need debug */
PKIX_TEST_STD_VARS();
startTests("NameConstraints");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
if (argc < 3 + j) {
printUsage();
return (0);
}
dataDir = argv[2 + j];
platformDir = argv[3 + j];
combinedDir = catDirName(platformDir, dataDir, plContext);
testNameConstraints(combinedDir);
cleanup:
pkixTestErrorResult = PKIX_PL_Free(combinedDir, plContext);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("NameConstraints");
return (0);
}
int
test_object(int argc, char *argv[])
{
#ifdef PKIX_USER_OBJECT_TYPE
PKIX_PL_Object *obj, *obj2, *obj3, *obj4;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Objects");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
subTest("PKIX_PL_Object_Create");
createObjects(&obj, &obj2, &obj3, &obj4);
PKIX_TEST_EQ_HASH_TOSTR_DUP(obj, obj3, obj2, NULL, Object, PKIX_FALSE);
subTest("PKIX_PL_Object_GetType");
testGetType(obj, obj2, obj3);
subTest("PKIX_PL_Object_Compare");
testCompare(obj2, obj4);
subTest("PKIX_PL_Object_Destroy");
testDestroy(obj, obj2, obj3, obj4);
cleanup:
PKIX_Shutdown(plContext);
endTests("Objects");
#endif /* PKIX_USER_OBJECT_TYPE */
return (0);
}
int test_buildchain_uchecker(int argc, char *argv[])
{
PKIX_BuildResult *buildResult = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *certs = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_CertChainChecker *checker = NULL;
char *dirName = NULL;
PKIX_PL_String *dirNameString = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_UInt32 chainLength = 0;
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
char * asciiResult = NULL;
PKIX_Boolean result;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_Boolean supportForward = PKIX_FALSE;
PKIX_List *expectedCerts = NULL;
PKIX_List *userOIDs = NULL;
PKIX_PL_OID *oid = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_PL_String *actualCertsString = NULL;
PKIX_PL_String *expectedCertsString = NULL;
char *actualCertsAscii = NULL;
char *expectedCertsAscii = NULL;
char *oidString = NULL;
void *buildState = NULL; /* needed by pkix_build for non-blocking I/O */
void *nbioContext = NULL; /* needed by pkix_build for non-blocking I/O */
PKIX_TEST_STD_VARS();
if (argc < 5){
printUsage();
return (0);
}
startTests("BuildChain_UserChecker");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
/* OID specified at argv[3+j] */
if (*argv[3+j] != '-') {
if (*argv[3+j] == 'F') {
supportForward = PKIX_TRUE;
oidString = argv[3+j]+1;
} else {
oidString = argv[3+j];
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&userOIDs, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(oidString, &oid, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(userOIDs, (PKIX_PL_Object *)oid, plContext));
PKIX_TEST_DECREF_BC(oid);
}
subTest(argv[1+j]);
dirName = argv[4+j];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext));
chainLength = argc - j - 5;
for (k = 0; k < chainLength; k++){
dirCert = createCert(dirName, argv[5+k+j], plContext);
if (k == (chainLength - 1)){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert, plContext));
trustedCert = dirCert;
} else {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(expectedCerts,
(PKIX_PL_Object *)dirCert,
plContext));
if (k == 0){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)dirCert,
plContext));
targetCert = dirCert;
}
}
PKIX_TEST_DECREF_BC(dirCert);
}
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_SetCertificate
(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_Create
(testUserChecker,
supportForward,
PKIX_FALSE,
userOIDs,
NULL,
&checker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_AddCertChainChecker
(procParams, checker, plContext));
/* create CertStores */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create
(PKIX_ESCASCII,
dirName,
0,
&dirNameString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create
(dirNameString, &certStore, plContext));
#if 0
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&certStore, plContext));
#endif
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(certStores, (PKIX_PL_Object *)certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores
(procParams, certStores, plContext));
/* build cert chain using processing params and return buildResult */
pkixTestErrorResult = PKIX_BuildChain
(procParams,
&nbioContext,
&buildState,
&buildResult,
NULL,
plContext);
if (testValid == PKIX_TRUE) { /* ENE */
if (pkixTestErrorResult){
(void) printf("UNEXPECTED RESULT RECEIVED!\n");
} else {
(void) printf("EXPECTED RESULT RECEIVED!\n");
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
}
} else { /* EE */
if (pkixTestErrorResult){
(void) printf("EXPECTED RESULT RECEIVED!\n");
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
} else {
testError("UNEXPECTED RESULT RECEIVED");
}
}
if (buildResult){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_BuildResult_GetCertChain
(buildResult, &certs, NULL));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++){
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_GetItem
(certs,
i,
(PKIX_PL_Object**)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Free(asciiResult, plContext));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_Equals
((PKIX_PL_Object*)certs,
(PKIX_PL_Object*)expectedCerts,
&result,
plContext));
if (!result){
testError("BUILT CERTCHAIN IS "
"NOT THE ONE THAT WAS EXPECTED");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)certs,
&actualCertsString,
plContext));
actualCertsAscii = PKIX_String2ASCII
(actualCertsString, plContext);
if (actualCertsAscii == NULL){
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Object_ToString
((PKIX_PL_Object *)expectedCerts,
&expectedCertsString,
plContext));
expectedCertsAscii = PKIX_String2ASCII
(expectedCertsString, plContext);
if (expectedCertsAscii == NULL){
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
(void) printf("Actual value:\t%s\n", actualCertsAscii);
(void) printf("Expected value:\t%s\n",
expectedCertsAscii);
if (chainLength - 1 != numUserCheckerCalled) {
pkixTestErrorMsg =
"PKIX user defined checker not called";
}
goto cleanup;
}
}
cleanup:
PKIX_PL_Free(asciiResult, plContext);
PKIX_PL_Free(actualCertsAscii, plContext);
PKIX_PL_Free(expectedCertsAscii, plContext);
PKIX_TEST_DECREF_AC(actualCertsString);
PKIX_TEST_DECREF_AC(expectedCertsString);
PKIX_TEST_DECREF_AC(expectedCerts);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(dirNameString);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(userOIDs);
PKIX_TEST_DECREF_AC(checker);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("BuildChain_UserChecker");
return (0);
}
int
test_comcertselparams(int argc, char *argv[])
{
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_PL_Cert *testCert = NULL;
PKIX_PL_Cert *goodCert = NULL;
PKIX_PL_Cert *equalCert = NULL;
PKIX_PL_Cert *diffCert = NULL;
PKIX_PL_CertBasicConstraints *goodBasicConstraints = NULL;
PKIX_PL_CertBasicConstraints *diffBasicConstraints = NULL;
PKIX_List *testPolicyInfos = NULL; /* CertPolicyInfos */
PKIX_List *cert2PolicyInfos = NULL; /* CertPolicyInfos */
PKIX_ComCertSelParams *goodParams = NULL;
PKIX_ComCertSelParams *equalParams = NULL;
PKIX_PL_X500Name *goodSubject = NULL;
PKIX_PL_X500Name *equalSubject = NULL;
PKIX_PL_X500Name *diffSubject = NULL;
PKIX_PL_X500Name *testSubject = NULL;
PKIX_Int32 goodMinPathLength = 0;
PKIX_Int32 equalMinPathLength = 0;
PKIX_Int32 diffMinPathLength = 0;
PKIX_Int32 testMinPathLength = 0;
PKIX_List *goodPolicies = NULL; /* OIDs */
PKIX_List *equalPolicies = NULL; /* OIDs */
PKIX_List *testPolicies = NULL; /* OIDs */
PKIX_List *cert2Policies = NULL; /* OIDs */
PKIX_PL_Date *testDate = NULL;
PKIX_PL_Date *goodDate = NULL;
PKIX_PL_Date *equalDate = NULL;
PKIX_PL_String *stringRep = NULL;
char *asciiRep = NULL;
char *dirName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 2) {
printUsage();
return (0);
}
startTests("ComCertSelParams");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
dirName = argv[j + 1];
asciiRep = "050501000000Z";
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, asciiRep, 0, &stringRep, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Date_Create_UTCTime(stringRep, &testDate, plContext));
testCert = createCert(dirName, "PoliciesP1234CACert.crt", plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(testCert, &testSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints(testCert, &goodBasicConstraints, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint(goodBasicConstraints, &testMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(testCert, &testPolicyInfos, plContext));
/* Convert from List of CertPolicyInfos to List of OIDs */
test_CreateOIDList(testPolicyInfos, &testPolicies);
subTest("Create goodParams and set its fields");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&goodParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject(goodParams, testSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints(goodParams, testMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificateValid(goodParams, testDate, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPolicy(goodParams, testPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate(goodParams, testCert, plContext));
subTest("Duplicate goodParams and verify copy");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate((PKIX_PL_Object *)goodParams,
(PKIX_PL_Object **)&equalParams,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject(goodParams, &goodSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints(goodParams, &goodMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificate(goodParams, &goodCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificateValid(goodParams, &goodDate, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy(goodParams, &goodPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject(equalParams, &equalSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints(equalParams, &equalMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy(equalParams, &equalPolicies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificate(equalParams, &equalCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetCertificateValid(equalParams, &equalDate, plContext));
testEqualsHelper((PKIX_PL_Object *)goodSubject,
(PKIX_PL_Object *)equalSubject,
PKIX_TRUE,
plContext);
if (goodMinPathLength != equalMinPathLength) {
testError("unexpected mismatch");
(void)printf("goodMinPathLength:\t%d\n", goodMinPathLength);
(void)printf("equalMinPathLength:\t%d\n", equalMinPathLength);
}
testEqualsHelper((PKIX_PL_Object *)goodPolicies,
(PKIX_PL_Object *)equalPolicies,
PKIX_TRUE,
plContext);
testEqualsHelper((PKIX_PL_Object *)goodCert,
(PKIX_PL_Object *)equalCert,
PKIX_TRUE,
plContext);
testEqualsHelper((PKIX_PL_Object *)goodDate,
(PKIX_PL_Object *)equalDate,
PKIX_TRUE,
plContext);
PKIX_TEST_DECREF_BC(equalSubject);
PKIX_TEST_DECREF_BC(equalPolicies);
PKIX_TEST_DECREF_BC(equalCert);
PKIX_TEST_DECREF_AC(equalDate);
subTest("Set different values and verify differences");
diffCert = createCert(dirName, "pathLenConstraint6CACert.crt", plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubject(diffCert, &diffSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetBasicConstraints(diffCert, &diffBasicConstraints, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_BasicConstraints_GetPathLenConstraint(diffBasicConstraints, &diffMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(diffCert, &cert2PolicyInfos, plContext));
test_CreateOIDList(cert2PolicyInfos, &cert2Policies);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetSubject(
equalParams, diffSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints(equalParams, diffMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetPolicy(equalParams, cert2Policies, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetSubject(equalParams, &equalSubject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetBasicConstraints(equalParams, &equalMinPathLength, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_GetPolicy(equalParams, &equalPolicies, plContext));
testEqualsHelper((PKIX_PL_Object *)goodSubject,
(PKIX_PL_Object *)equalSubject,
PKIX_FALSE,
plContext);
if (goodMinPathLength == equalMinPathLength) {
testError("unexpected match");
(void)printf("goodMinPathLength:\t%d\n", goodMinPathLength);
(void)printf("equalMinPathLength:\t%d\n", equalMinPathLength);
}
testEqualsHelper((PKIX_PL_Object *)goodPolicies,
(PKIX_PL_Object *)equalPolicies,
PKIX_FALSE,
plContext);
test_NameConstraints(dirName);
test_PathToNames();
test_SubjAltNames();
test_KeyUsages();
test_Version_Issuer_SerialNumber();
test_SubjKeyId_AuthKeyId();
test_SubjAlgId_SubjPublicKey(dirName);
cleanup:
PKIX_TEST_DECREF_AC(testSubject);
PKIX_TEST_DECREF_AC(goodSubject);
PKIX_TEST_DECREF_AC(equalSubject);
PKIX_TEST_DECREF_AC(diffSubject);
PKIX_TEST_DECREF_AC(testSubject);
PKIX_TEST_DECREF_AC(goodPolicies);
PKIX_TEST_DECREF_AC(equalPolicies);
PKIX_TEST_DECREF_AC(testPolicies);
PKIX_TEST_DECREF_AC(cert2Policies);
PKIX_TEST_DECREF_AC(goodParams);
PKIX_TEST_DECREF_AC(equalParams);
PKIX_TEST_DECREF_AC(goodCert);
PKIX_TEST_DECREF_AC(diffCert);
PKIX_TEST_DECREF_AC(testCert);
PKIX_TEST_DECREF_AC(goodBasicConstraints);
PKIX_TEST_DECREF_AC(diffBasicConstraints);
PKIX_TEST_DECREF_AC(testPolicyInfos);
PKIX_TEST_DECREF_AC(cert2PolicyInfos);
PKIX_TEST_DECREF_AC(stringRep);
PKIX_TEST_DECREF_AC(testDate);
PKIX_TEST_DECREF_AC(goodDate);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ComCertSelParams");
return (0);
}
int
test_pk11certstore(int argc, char *argv[])
{
PKIX_UInt32 j = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_PL_Date *validityDate = NULL;
PKIX_PL_Date *betweenDate = NULL;
char *crlDir = NULL;
char *expectedProfAscii = "([\n"
"\tVersion: v3\n"
"\tSerialNumber: 00ca\n"
"\tIssuer: CN=chemistry,O=mit,C=us\n"
"\tSubject: CN=prof noall,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 14:14:06 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(6)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
", [\n"
"\tVersion: v3\n"
"\tSerialNumber: 03\n"
"\tIssuer: CN=physics,O=mit,C=us\n"
"\tSubject: CN=prof noall,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 12:52:26 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")";
char *expectedValidityAscii = "([\n"
"\tVersion: v3\n"
"\tSerialNumber: 03\n"
"\tIssuer: CN=physics,O=mit,C=us\n"
"\tSubject: CN=prof noall,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 12:52:26 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(0)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")";
char *expectedMinPathAscii = "([\n"
"\tVersion: v3\n"
"\tSerialNumber: 01\n"
"\tIssuer: CN=science,O=mit,C=us\n"
"\tSubject: CN=science,O=mit,C=us\n"
"\tValidity: [From: Fri Feb 11 12:47:58 2005\n"
"\t To: Mon Jan 18, 2105]\n"
"\tSubjectAltNames: (null)\n"
"\tAuthorityKeyId: (null)\n"
"\tSubjectKeyId: (null)\n"
"\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n"
"\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n"
"\tExtKeyUsages: (null)\n"
"\tBasicConstraint: CA(10)\n"
"\tCertPolicyInfo: (null)\n"
"\tPolicyMappings: (null)\n"
"\tExplicitPolicy: -1\n"
"\tInhibitMapping: -1\n"
"\tInhibitAnyPolicy:-1\n"
"\tNameConstraints: (null)\n"
"]\n"
")";
char *expectedIssuerAscii = "([\n"
"\tVersion: v2\n"
"\tIssuer: CN=physics,O=mit,C=us\n"
"\tUpdate: [Last: Fri Feb 11 13:51:38 2005\n"
"\t Next: Mon Jan 18, 2105]\n"
"\tSignatureAlgId: 1.2.840.10040.4.3\n"
"\tCRL Number : (null)\n"
"\n"
"\tEntry List: (\n"
"\t[\n"
"\tSerialNumber: 67\n"
"\tReasonCode: 257\n"
"\tRevocationDate: Fri Feb 11 13:51:38 2005\n"
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n"
"\t)\n"
"\n"
"\tCritExtOIDs: (EMPTY)\n"
"]\n"
")";
char *expectedDateAscii = "([\n"
"\tVersion: v2\n"
"\tIssuer: CN=science,O=mit,C=us\n"
"\tUpdate: [Last: Fri Feb 11 13:34:40 2005\n"
"\t Next: Mon Jan 18, 2105]\n"
"\tSignatureAlgId: 1.2.840.10040.4.3\n"
"\tCRL Number : (null)\n"
"\n"
"\tEntry List: (\n"
"\t[\n"
"\tSerialNumber: 65\n"
"\tReasonCode: 260\n"
"\tRevocationDate: Fri Feb 11 13:34:40 2005\n"
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n"
"\t)\n"
"\n"
"\tCritExtOIDs: (EMPTY)\n"
"]\n"
", [\n"
"\tVersion: v2\n"
"\tIssuer: CN=testing CRL,O=test,C=us\n"
"\tUpdate: [Last: Fri Feb 11 13:14:38 2005\n"
"\t Next: Mon Jan 18, 2105]\n"
"\tSignatureAlgId: 1.2.840.10040.4.3\n"
"\tCRL Number : (null)\n"
"\n"
"\tEntry List: (\n"
"\t[\n"
"\tSerialNumber: 67\n"
"\tReasonCode: 258\n"
"\tRevocationDate: Fri Feb 11 13:14:38 2005\n"
"\tCritExtOIDs: (EMPTY)\n"
"\t]\n"
"\t)\n"
"\n"
"\tCritExtOIDs: (EMPTY)\n"
"]\n"
")";
PKIX_TEST_STD_VARS();
startTests("Pk11CertStore");
if (argc < 3) {
printUsage(argv[0]);
return (0);
}
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
crlDir = argv[j + 2];
/* Two certs for prof should be valid now */
PKIX_TEST_EXPECT_NO_ERROR(pkix_pl_Date_CreateFromPRTime(PR_Now(), &validityDate, plContext));
subTest("Searching Certs for Subject");
testMatchCertSubject(crlDir,
"phy2prof.crt",
NULL, /* expectedProfAscii, */
validityDate,
plContext);
/* One of the certs was not yet valid at this time. */
betweenDate = createDate("050210184000Z", plContext);
subTest("Searching Certs for Subject and Validity");
testMatchCertSubject(crlDir,
"phy2prof.crt",
NULL, /* expectedValidityAscii, */
betweenDate,
plContext);
testMatchCertMinPath(9,
NULL, /* expectedMinPathAscii, */
plContext);
testMatchCrlIssuer(crlDir,
"phys.crl",
NULL, /* expectedIssuerAscii, */
plContext);
testMatchCrlDate("050211184000Z",
NULL, /* expectedDateAscii, */
plContext);
cleanup:
PKIX_TEST_DECREF_AC(validityDate);
PKIX_TEST_DECREF_AC(betweenDate);
PKIX_TEST_RETURN();
endTests("Pk11CertStore");
return (0);
}
int main(int argc, char *argv[])
{
QApplication app(argc, argv);
#if QT_VERSION < 0x050000
// Removed in Qt5
QTextCodec::setCodecForTr(QTextCodec::codecForName("UTF-8"));
QTextCodec::setCodecForCStrings(QTextCodec::codecForName("UTF-8"));
#endif
app.setApplicationName(BINARY_NAME);
app.setOrganizationName(BINARY_NAME);
app.setApplicationVersion(PACKAGE_VERSION);
QStringList args = qApp->arguments();
if (args.contains("--version") ||
args.contains("-version") ||
args.contains("-v")) {
std::cout << qPrintable(VERSION_MESSAGE);
return 0;
}
if (args.contains("--help") ||
args.contains("-help") ||
args.contains("-h")) {
std::cout << qPrintable(HELP_MESSAGE);
return 0;
}
// Create plugins manager
ExtensionSystem::PluginManager pluginManager;
pluginManager.setFileExtension(QString("pluginspec"));
// Getting & feeding libraries/plugins path
QStringList libpath;
#ifdef LIBRARY_BASENAME
libpath << Utils::applicationPluginsPath(QString(BINARY_NAME), QString(LIBRARY_BASENAME));
#else
libpath << Utils::applicationPluginsPath(QString(BINARY_NAME), "");
#endif
if (libpath.isEmpty())
return 123;
pluginManager.setPluginPaths(libpath);
// Add some debugging information
Utils::Log::logCompilationConfiguration();
// Manage plugin manager options
QStringList arguments = app.arguments(); // adapted arguments list is passed to plugin manager later
QMap<QString, QString> foundAppOptions;
if (arguments.size() > 1) {
QMap<QString, bool> appOptions;
QString errorMessage;
if (!pluginManager.parseOptions(arguments, appOptions, &foundAppOptions, &errorMessage)) {
// qWarning() << errorMessage;
// qWarning() << HELP_MESSAGE;
// return -1;
}
}
const PluginSpecSet plugins = pluginManager.plugins();
ExtensionSystem::PluginSpec *coreplugin = 0;
if (WarnAllPluginSpecs) {
foreach (ExtensionSystem::PluginSpec *spec, plugins) {
qWarning() << "PluginSpecs :::"<< spec->filePath() << spec->name() << spec->version();
}
}
foreach (ExtensionSystem::PluginSpec *spec, plugins) {
if (spec->name() == QString(COREPLUGINSNAME)) {
coreplugin = spec;
break;
}
}
ExtensionSystem::PluginSpec *userplugin = 0;
foreach (ExtensionSystem::PluginSpec *spec, plugins) {
if (spec->name() == QString(USERPLUGINSNAME)) {
userplugin = spec;
break;
}
}
if (!coreplugin) {
const QString reason = QCoreApplication::translate("Application", "Couldn't find 'Core.pluginspec' in %1").arg(qApp->libraryPaths().join("; "));
qWarning() << reason;
// displayError(msgCoreLoadFailure(reason));
return 1;
}
if (!userplugin) {
const QString reason = QCoreApplication::translate("Application", "Couldn't find 'UserManager.pluginspec' in %1").arg(qApp->libraryPaths().join("; "));
qWarning() << reason;
// displayError(msgCoreLoadFailure(reason));
return 1;
}
if (coreplugin->hasError()) {
qWarning() << coreplugin->errorString();
// displayError(msgCoreLoadFailure(coreplugin->errorString()));
return 1;
}
if (userplugin->hasError()) {
qWarning() << userplugin->errorString();
// displayError(msgCoreLoadFailure(coreplugin->errorString()));
return 1;
}
// if (foundAppOptions.contains(QLatin1String(VERSION_OPTION))) {
// printVersion(coreplugin, pluginManager);
// return 0;
// }
// if (foundAppOptions.contains(QLatin1String(HELP_OPTION1))
// || foundAppOptions.contains(QLatin1String(HELP_OPTION2))
// || foundAppOptions.contains(QLatin1String(HELP_OPTION3))
// || foundAppOptions.contains(QLatin1String(HELP_OPTION4))) {
// printHelp(QFileInfo(app.applicationFilePath()).baseName(), pluginManager);
// return 0;
// }
// const bool isFirstInstance = !app.isRunning();
// if (!isFirstInstance && foundAppOptions.contains(QLatin1String(CLIENT_OPTION)))
// return sendArguments(app, pluginManager.arguments()) ? 0 : -1;
// foreach (ExtensionSystem::PluginSpec *spec, plugins) {
// qWarning() << "PlugInSpec" << spec->name() << spec->errorString() << spec->state();
// }
pluginManager.loadPlugins();
if (WarnAllPluginSpecs) {
foreach (ExtensionSystem::PluginSpec *spec, plugins) {
qWarning() << "PluginSpecs :::"<< spec->name() << "hasError:" << spec->hasError() << spec->errorString();
}
}
if (coreplugin->hasError()) {
qWarning() << coreplugin->errorString();
return 1;
}
if (userplugin->hasError()) {
qWarning() << userplugin->errorString();
// displayError(msgCoreLoadFailure(coreplugin->errorString()));
return 1;
}
// if (isFirstInstance) {
// // Set up lock and remote arguments for the first instance only.
// // Silently fallback to unconnected instances for any subsequent
// // instances.
// app.initialize();
// QObject::connect(&app, SIGNAL(messageReceived(QString)), coreplugin->plugin(), SLOT(remoteArgument(QString)));
// }
// QObject::connect(&app, SIGNAL(fileOpenRequest(QString)), coreplugin->plugin(), SLOT(remoteArgument(QString)));
// shutdown plugin manager on the exit
QObject::connect(&app, SIGNAL(aboutToQuit()), &pluginManager, SLOT(shutdown()));
#ifdef WITH_TESTS
// Do this after the event loop has started
if (pluginManager.runningTests())
QTimer::singleShot(100, &pluginManager, SLOT(startTests()));
#endif
int r = app.exec();
// Utils::Log::saveLog();
return r;
}
int test_ekuchecker(int argc, char *argv[]) {
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
char *dirName = NULL;
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_Boolean testValid = PKIX_FALSE;
PKIX_Boolean only4EE = PKIX_FALSE;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage1(argv[0]);
return (0);
}
startTests("EKU Checker");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
dirName = argv[4+j];
chainLength = (argc - j) - 6;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[6+i+j];
certs[i] = NULL;
}
subTest(argv[1+j]);
subTest("Extended-Key-Usage-Checker");
subTest("Extended-Key-Usage-Checker - Create Cert Chain");
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest("Extended-Key-Usage-Checker - Create Params");
valParams = createValidateParams
(dirName,
argv[5+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("Default CertStore");
testEkuSetup(valParams, argv[3+j], &only4EE);
testEkuChecker(valParams, only4EE);
subTest("Extended-Key-Usage-Checker - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, NULL, plContext));
}
cleanup:
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("EKU Checker");
return (0);
}
int test_defaultcrlchecker2stores(int argc, char *argv[]){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_Boolean testValid = PKIX_TRUE;
char *dirName = NULL;
char *anchorName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 6) {
printUsage1(argv[0]);
return (0);
}
startTests("CRL Checker");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
chainLength = (argc - j) - 7;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[(7+j)+i];
certs[i] = NULL;
}
subTest(argv[1+j]);
subTest("Default-CRL-Checker");
subTest("Default-CRL-Checker - Create Cert Chain");
dirName = argv[3+j];
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest("Default-CRL-Checker - Create Params");
anchorName = argv[6+j];
valParams = createValidateParams
(dirName,
anchorName,
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("Multiple-CertStores");
testDefaultMultipleCertStores(valParams, argv[4+j], argv[5+j]);
subTest("Default-CRL-Checker - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(chain);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CRL Checker");
return (0);
}
void test_BrunoHaible(struct test_printf_info *tpi) {
startTests(tpi, __func__);
/* Here we don't test output that may be platform dependent.
The bulk of the tests is done as part of the 'vasnprintf-posix' module. */
/* Test support of size specifiers as in C99. */
TESTHOST("%ju %d\n", (uintmax_t) 12345671, 33, 44, 55);
TESTHOST("%zu %d\n", (size_t) 12345672, 33, 44, 55);
TESTHOST("%tu %d\n", (ptrdiff_t) 12345673, 33, 44, 55);
// /* Test the support of the 'a' and 'A' conversion specifier for hexadecimal
// output of floating-point numbers. */
//
// /* Positive zero. */
// TESTHOST("%a %d\n", 0.0, 33, 44, 55);
//
// /* Positive infinity. */
// TESTHOST("%a %d\n", 1.0 / 0.0, 33, 44, 55);
//
// /* Negative infinity. */
// TESTHOST("%a %d\n", -1.0 / 0.0, 33, 44, 55);
//
// /* FLAG_ZERO with infinite number. */
// /* "0000000inf 33" is not a valid result; see
// <http://lists.gnu.org/archive/html/bug-gnulib/2007-04/msg00107.html> */
// TESTHOST("%010a %d\n", 1.0 / 0.0, 33, 44, 55);
/* Test the support of the %f format directive. */
/* A positive number. */
TESTHOST("%f %d\n", 12.75, 33, 44, 55);
/* A larger positive number. */
TESTHOST("%f %d\n", 1234567.0, 33, 44, 55);
/* A negative number. */
TESTHOST("%f %d\n", -0.03125, 33, 44, 55);
/* Positive zero. */
TESTHOST("%f %d\n", 0.0, 33, 44, 55);
/* FLAG_ZERO. */
TESTHOST("%015f %d\n", 1234.0, 33, 44, 55);
/* Precision. */
TESTHOST("%.f %d\n", 1234.0, 33, 44, 55);
/* A positive number. */
TESTHOST("%Lf %d\n", 12.75L, 33, 44, 55);
/* A larger positive number. */
TESTHOST("%Lf %d\n", 1234567.0L, 33, 44, 55);
/* A negative number. */
TESTHOST("%Lf %d\n", -0.03125L, 33, 44, 55);
/* Positive zero. */
TESTHOST("%Lf %d\n", 0.0L, 33, 44, 55);
/* FLAG_ZERO. */
TESTHOST("%015Lf %d\n", 1234.0L, 33, 44, 55);
/* Precision. */
TESTHOST("%.Lf %d\n", 1234.0L, 33, 44, 55);
/* Test the support of the %F format directive. */
/* A positive number. */
TESTHOST("%F %d\n", 12.75, 33, 44, 55);
/* A larger positive number. */
TESTHOST("%F %d\n", 1234567.0, 33, 44, 55);
/* A negative number. */
TESTHOST("%F %d\n", -0.03125, 33, 44, 55);
/* Positive zero. */
TESTHOST("%F %d\n", 0.0, 33, 44, 55);
/* FLAG_ZERO. */
TESTHOST("%015F %d\n", 1234.0, 33, 44, 55);
/* Precision. */
TESTHOST("%.F %d\n", 1234.0, 33, 44, 55);
/* A positive number. */
TESTHOST("%LF %d\n", 12.75L, 33, 44, 55);
/* A larger positive number. */
TESTHOST("%LF %d\n", 1234567.0L, 33, 44, 55);
/* A negative number. */
TESTHOST("%LF %d\n", -0.03125L, 33, 44, 55);
/* Positive zero. */
TESTHOST("%LF %d\n", 0.0L, 33, 44, 55);
/* FLAG_ZERO. */
TESTHOST("%015LF %d\n", 1234.0L, 33, 44, 55);
/* Precision. */
TESTHOST("%.LF %d\n", 1234.0L, 33, 44, 55);
/* Test the support of the POSIX/XSI format strings with positions. */
// TESTHOST("%2$d %1$d\n", 33, 55);
endTests(tpi);
}
int
test_trustanchor(int argc, char *argv[])
{
PKIX_TrustAnchor *goodObject = NULL;
PKIX_TrustAnchor *equalObject = NULL;
PKIX_TrustAnchor *diffObject = NULL;
PKIX_PL_Cert *diffCert = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *goodInput = "yassir2yassir";
char *expectedAscii =
"[\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n";
char *dirName = NULL;
char *dataCentralDir = NULL;
PKIX_TEST_STD_VARS();
startTests("TrustAnchor");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
if (argc < 3) {
printUsage();
return (0);
}
dirName = argv[j + 1];
dataCentralDir = argv[j + 2];
createTrustAnchors(dataCentralDir,
goodInput,
&goodObject,
&equalObject,
&diffObject);
PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject,
equalObject,
diffObject,
expectedAscii,
TrustAnchor,
PKIX_TRUE);
subTest("PKIX_TrustAnchor_GetTrustedCert");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_GetTrustedCert(diffObject, &diffCert, plContext));
testGetCAName(diffCert, equalObject);
testGetCAPublicKey(diffCert, equalObject);
testGetNameConstraints(dirName);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_TEST_DECREF_AC(diffCert);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("TrustAnchor");
return (0);
}
int test_validatechain_bc(int argc, char *argv[])
{
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_List *certs = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_PL_X500Name *subject = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
char *trustedCertFile = NULL;
char *chainCertFile = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *chainCert = NULL;
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_TEST_STD_VARS();
if (argc < 3){
printUsage();
return (0);
}
startTests("ValidateChainBasicConstraints");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
chainLength = (argc - j) - 2;
/* create processing params with list of trust anchors */
trustedCertFile = argv[1+j];
trustedCert = createCert(trustedCertFile);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_PL_Cert_GetSubject(trustedCert, &subject, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
(certSelParams, -1, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_Create
(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams
(certSelector, certSelParams, plContext));
PKIX_TEST_DECREF_BC(subject);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert
(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create
(anchors, &procParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled
(procParams, PKIX_FALSE, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, certSelector, plContext));
PKIX_TEST_DECREF_BC(certSelector);
/* create cert chain */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certs, plContext));
for (i = 0; i < chainLength; i++){
chainCertFile = argv[i + (2+j)];
chainCert = createCert(chainCertFile);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(certs, (PKIX_PL_Object *)chainCert, plContext));
PKIX_TEST_DECREF_BC(chainCert);
}
/* create validate params with processing params and cert chain */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_Create
(procParams, certs, &valParams, plContext));
/* validate cert chain using processing params and return valResult */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
if (valResult != NULL){
printf("SUCCESSFULLY VALIDATED with Basic Constraint ");
printf("Cert Selector minimum path length to be -1\n");
PKIX_TEST_DECREF_BC(valResult);
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
PKIX_TEST_DECREF_BC(verifyString);
PKIX_TEST_DECREF_BC(verifyTree);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetBasicConstraints
(certSelParams, 6, plContext));
/* validate cert chain using processing params and return valResult */
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
if (valResult != NULL){
printf("SUCCESSFULLY VALIDATED with Basic Constraint ");
printf("Cert Selector minimum path length to be 6\n");
}
PKIX_TEST_DECREF_BC(trustedCert);
PKIX_TEST_DECREF_BC(anchor);
PKIX_TEST_DECREF_BC(anchors);
PKIX_TEST_DECREF_BC(certs);
PKIX_TEST_DECREF_BC(procParams);
cleanup:
if (PKIX_TEST_ERROR_RECEIVED){
printf("FAILED TO VALIDATE\n");
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n", verifyString->escAsciiString);
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("ValidateChainBasicConstraints");
return (0);
}
int test_validatechain_NB(int argc, char *argv[]){
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_UInt32 chainLength = 0;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_List *chainCerts = NULL;
PKIX_PL_Cert *dirCert = NULL;
char *dirCertName = NULL;
char *anchorCertName = NULL;
char *dirName = NULL;
PKIX_UInt32 certIndex = 0;
PKIX_UInt32 anchorIndex = 0;
PKIX_UInt32 checkerIndex = 0;
PKIX_Boolean revChecking = PKIX_FALSE;
PKIX_List *checkers = NULL;
PRPollDesc *pollDesc = NULL;
PRErrorCode errorCode = 0;
PKIX_PL_Socket *socket = NULL;
char *ldapName = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_List *loggers = NULL;
PKIX_Logger *logger = NULL;
char *logging = NULL;
PKIX_PL_String *component = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("ValidateChain_NB");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
subTest(argv[1+j]);
dirName = argv[3+j];
chainLength = argc - j - 5;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&chainCerts, plContext));
for (k = 0; k < chainLength; k++){
dirCert = createCert(dirName, argv[5+k+j], plContext);
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(chainCerts, (PKIX_PL_Object *)dirCert, plContext));
PKIX_TEST_DECREF_BC(dirCert);
}
valParams = createValidateParams
(dirName,
argv[4+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chainCerts,
plContext);
ldapName = PR_GetEnv("LDAP");
/* Is LDAP set in the environment? */
if ((ldapName == NULL) || (*ldapName == '\0')) {
testError("LDAP not set in environment");
goto cleanup;
}
pkixTestErrorResult = pkix_pl_Socket_CreateByName
(PKIX_FALSE, /* isServer */
PR_SecondsToInterval(30), /* try 30 secs for connect */
ldapName,
&errorCode,
&socket,
plContext);
if (pkixTestErrorResult != NULL) {
PKIX_PL_Object_DecRef
((PKIX_PL_Object *)pkixTestErrorResult, plContext);
pkixTestErrorResult = NULL;
testError("Unable to connect to LDAP Server");
goto cleanup;
}
PKIX_TEST_DECREF_BC(socket);
testSetupCertStore(valParams, ldapName);
logging = PR_GetEnv("LOGGING");
/* Is LOGGING set in the environment? */
if ((logging != NULL) && (*logging != '\0')) {
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&loggers, plContext));
testLogErrors
(PKIX_VALIDATE_ERROR, 2, loggers, plContext);
testLogErrors
(PKIX_CERTCHAINCHECKER_ERROR, 2, loggers, plContext);
testLogErrors
(PKIX_LDAPDEFAULTCLIENT_ERROR, 2, loggers, plContext);
testLogErrors
(PKIX_CERTSTORE_ERROR, 2, loggers, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_SetLoggers(loggers, plContext));
}
pkixTestErrorResult = PKIX_ValidateChain_NB
(valParams,
&certIndex,
&anchorIndex,
&checkerIndex,
&revChecking,
&checkers,
(void **)&pollDesc,
&valResult,
&verifyTree,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_ValidateChain_NB
(valParams,
&certIndex,
&anchorIndex,
&checkerIndex,
&revChecking,
&checkers,
(void **)&pollDesc,
&valResult,
&verifyTree,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void) printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
} else {
if (testValid == PKIX_TRUE) { /* ENE */
(void) printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
(void) printf("UNEXPECTED NON-ERROR RECEIVED!\n");
}
}
cleanup:
if (verifyTree) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)verifyTree, &verifyString, plContext));
(void) printf("verifyTree is\n%s\n",
verifyString->escAsciiString);
}
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(checkers);
PKIX_TEST_DECREF_AC(chainCerts);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ValidateChain_NB");
return (0);
}
int
test_buildchain(int argc, char *argv[])
{
PKIX_BuildResult *buildResult = NULL;
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_PL_PublicKey *trustedPubKey = NULL;
PKIX_List *anchors = NULL;
PKIX_List *certs = NULL;
PKIX_RevocationChecker *revChecker = NULL;
PKIX_PL_Cert *cert = NULL;
PKIX_ProcessingParams *procParams = NULL;
char *dirName = NULL;
PKIX_PL_String *dirNameString = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_UInt32 actualMinorVersion = 0;
PKIX_UInt32 numCerts = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_CertStore *ldapCertStore = NULL;
PRIntervalTime timeout = PR_INTERVAL_NO_TIMEOUT; /* blocking */
/* PRIntervalTime timeout = PR_INTERVAL_NO_WAIT; =0 for non-blocking */
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
PKIX_List *revCheckers = NULL;
char *asciiResult = NULL;
PKIX_Boolean result = PKIX_FALSE;
PKIX_Boolean testValid = PKIX_TRUE;
PKIX_List *expectedCerts = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_PL_String *actualCertsString = NULL;
PKIX_PL_String *expectedCertsString = NULL;
void *state = NULL;
char *actualCertsAscii = NULL;
char *expectedCertsAscii = NULL;
PRPollDesc *pollDesc = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("BuildChain");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
/*
* arguments:
* [optional] -arenas
* [optional] usebind
* servername or servername:port ( - for no server)
* testname
* EE or ENE
* cert directory
* target cert (end entity)
* intermediate certs
* trust anchor
*/
/* optional argument "usebind" for Ldap CertStore */
if (argv[j + 1]) {
if (PORT_Strcmp(argv[j + 1], "usebind") == 0) {
usebind = PKIX_TRUE;
j++;
}
}
if (PORT_Strcmp(argv[++j], "-") == 0) {
useLDAP = PKIX_FALSE;
} else {
serverName = argv[j];
useLDAP = PKIX_TRUE;
}
subTest(argv[++j]);
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[++j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
dirName = argv[++j];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext));
for (k = ++j; k < (PKIX_UInt32)argc; k++) {
dirCert = createCert(dirName, argv[k], plContext);
if (k == (PKIX_UInt32)(argc - 1)) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)dirCert, plContext));
trustedCert = dirCert;
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(expectedCerts,
(PKIX_PL_Object *)dirCert,
plContext));
if (k == j) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)dirCert, plContext));
targetCert = dirCert;
}
}
PKIX_TEST_DECREF_BC(dirCert);
}
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints(procParams, certSelector, plContext));
/* create CertStores */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, dirName, 0, &dirNameString, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
if (useLDAP == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(createLdapCertStore(serverName, timeout, &ldapCertStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certStores,
(PKIX_PL_Object *)ldapCertStore,
plContext));
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(dirNameString, &certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certStores, (PKIX_PL_Object *)certStore, plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores(procParams, certStores, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&revCheckers, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetSubjectPublicKey(trustedCert, &trustedPubKey, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(expectedCerts, &numCerts, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_DefaultRevChecker_Initialize(certStores,
NULL, /* testDate, may be NULL */
trustedPubKey,
numCerts,
&revChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(revCheckers, (PKIX_PL_Object *)revChecker, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationCheckers(procParams, revCheckers, plContext));
#ifdef debuggingWithoutRevocation
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetRevocationEnabled(procParams, PKIX_FALSE, plContext));
#endif
/* build cert chain using processing params and return buildResult */
pkixTestErrorResult = PKIX_BuildChain(procParams,
(void **)&pollDesc,
&state,
&buildResult,
&verifyTree,
plContext);
while (pollDesc != NULL) {
if (PR_Poll(pollDesc, 1, 0) < 0) {
testError("PR_Poll failed");
}
pkixTestErrorResult = PKIX_BuildChain(procParams,
(void **)&pollDesc,
&state,
&buildResult,
&verifyTree,
plContext);
}
if (pkixTestErrorResult) {
if (testValid == PKIX_FALSE) { /* EE */
(void)printf("EXPECTED ERROR RECEIVED!\n");
} else { /* ENE */
testError("UNEXPECTED ERROR RECEIVED");
}
} else {
if (testValid == PKIX_TRUE) { /* ENE */
(void)printf("EXPECTED NON-ERROR RECEIVED!\n");
} else { /* EE */
(void)printf("UNEXPECTED NON-ERROR RECEIVED!\n");
}
}
subTest("Displaying VerifyNode objects");
if (verifyTree == NULL) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, "(null)", 0, &verifyString, plContext));
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)verifyTree, &verifyString, plContext));
}
(void)printf("verifyTree is\n%s\n", verifyString->escAsciiString);
if (pkixTestErrorResult) {
PKIX_TEST_DECREF_BC(pkixTestErrorResult);
goto cleanup;
}
if (buildResult) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetCertChain(buildResult, &certs, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certs, &numCerts, plContext));
printf("\n");
for (i = 0; i < numCerts; i++) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(certs,
i,
(PKIX_PL_Object **)&cert,
plContext));
asciiResult = PKIX_Cert2ASCII(cert);
printf("CERT[%d]:\n%s\n", i, asciiResult);
/* PKIX_Cert2ASCII used PKIX_PL_Malloc(...,,NULL) */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Free(asciiResult, NULL));
asciiResult = NULL;
PKIX_TEST_DECREF_BC(cert);
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object *)certs,
(PKIX_PL_Object *)expectedCerts,
&result,
plContext));
if (!result) {
testError("BUILT CERTCHAIN IS "
"NOT THE ONE THAT WAS EXPECTED");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)certs,
&actualCertsString,
plContext));
actualCertsAscii = PKIX_String2ASCII(actualCertsString, plContext);
if (actualCertsAscii == NULL) {
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)expectedCerts,
&expectedCertsString,
plContext));
expectedCertsAscii = PKIX_String2ASCII(expectedCertsString, plContext);
if (expectedCertsAscii == NULL) {
pkixTestErrorMsg = "PKIX_String2ASCII Failed";
goto cleanup;
}
(void)printf("Actual value:\t%s\n", actualCertsAscii);
(void)printf("Expected value:\t%s\n",
expectedCertsAscii);
}
}
cleanup:
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_PL_Free(asciiResult, NULL);
PKIX_PL_Free(actualCertsAscii, plContext);
PKIX_PL_Free(expectedCertsAscii, plContext);
PKIX_TEST_DECREF_AC(state);
PKIX_TEST_DECREF_AC(actualCertsString);
PKIX_TEST_DECREF_AC(expectedCertsString);
PKIX_TEST_DECREF_AC(expectedCerts);
PKIX_TEST_DECREF_AC(buildResult);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(revCheckers);
PKIX_TEST_DECREF_AC(revChecker);
PKIX_TEST_DECREF_AC(ldapCertStore);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(dirNameString);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(trustedPubKey);
PKIX_TEST_DECREF_AC(certs);
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("BuildChain");
return (0);
}
int
test_buildchain_resourcelimits(int argc, char *argv[])
{
PKIX_ComCertSelParams *certSelParams = NULL;
PKIX_CertSelector *certSelector = NULL;
PKIX_TrustAnchor *anchor = NULL;
PKIX_List *anchors = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_CertChainChecker *checker = NULL;
PKIX_ResourceLimits *resourceLimits = NULL;
char *dirName = NULL;
PKIX_PL_String *dirNameString = NULL;
PKIX_PL_Cert *trustedCert = NULL;
PKIX_PL_Cert *targetCert = NULL;
PKIX_PL_Cert *dirCert = NULL;
PKIX_UInt32 actualMinorVersion = 0;
PKIX_UInt32 j = 0;
PKIX_UInt32 k = 0;
PKIX_CertStore *ldapCertStore = NULL;
PRIntervalTime timeout = 0; /* 0 for non-blocking */
PKIX_CertStore *certStore = NULL;
PKIX_List *certStores = NULL;
PKIX_List *expectedCerts = NULL;
PKIX_Boolean testValid = PKIX_FALSE;
PKIX_Boolean usebind = PKIX_FALSE;
PKIX_Boolean useLDAP = PKIX_FALSE;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage();
return (0);
}
startTests("BuildChain_ResourceLimits");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
/*
* arguments:
* [optional] -arenas
* [optional] usebind
* servername or servername:port ( - for no server)
* testname
* EE or ENE
* cert directory
* target cert (end entity)
* intermediate certs
* trust anchor
*/
/* optional argument "usebind" for Ldap CertStore */
if (argv[j + 1]) {
if (PORT_Strcmp(argv[j + 1], "usebind") == 0) {
usebind = PKIX_TRUE;
j++;
}
}
if (PORT_Strcmp(argv[++j], "-") == 0) {
useLDAP = PKIX_FALSE;
} else {
serverName = argv[j];
}
subTest(argv[++j]);
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[++j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage();
return (0);
}
dirName = argv[++j];
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedCerts, plContext));
for (k = ++j; k < argc; k++) {
dirCert = createCert(dirName, argv[k], plContext);
if (k == (argc - 1)) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)dirCert, plContext));
trustedCert = dirCert;
} else {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(expectedCerts,
(PKIX_PL_Object *)dirCert,
plContext));
if (k == j) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef((PKIX_PL_Object *)dirCert, plContext));
targetCert = dirCert;
}
}
PKIX_TEST_DECREF_BC(dirCert);
}
/* create processing params with list of trust anchors */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_TrustAnchor_CreateWithCert(trustedCert, &anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&anchors, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(anchors, (PKIX_PL_Object *)anchor, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_Create(anchors, &procParams, plContext));
/* create CertSelector with target certificate in params */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create(&certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetCertificate(certSelParams, targetCert, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(NULL, NULL, &certSelector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_SetCommonCertSelectorParams(certSelector, certSelParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints(procParams, certSelector, plContext));
/* create CertStores */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII,
dirName,
0,
&dirNameString,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(dirNameString, &certStore, plContext));
#if 0
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
(&certStore, plContext));
#endif
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&certStores, plContext));
if (useLDAP == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(createLdapCertStore(serverName, timeout, &ldapCertStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certStores,
(PKIX_PL_Object *)ldapCertStore,
plContext));
}
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(certStores, (PKIX_PL_Object *)certStore, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetCertStores(procParams, certStores, plContext));
/* set resource limits */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create(&resourceLimits, plContext));
/* need longer time when running dbx for memory leak checking */
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime(resourceLimits, 60, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth(resourceLimits, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetResourceLimits(procParams, resourceLimits, plContext));
/* build cert chain using processing params and return buildResult */
subTest("Testing ResourceLimits MaxFanout & MaxDepth - <pass>");
Test_BuildResult(procParams,
testValid,
expectedCerts,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 1, plContext));
subTest("Testing ResourceLimits MaxFanout - <fail>");
Test_BuildResult(procParams,
PKIX_FALSE,
expectedCerts,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth(resourceLimits, 1, plContext));
subTest("Testing ResourceLimits MaxDepth - <fail>");
Test_BuildResult(procParams,
PKIX_FALSE,
expectedCerts,
plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout(resourceLimits, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth(resourceLimits, 0, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime(resourceLimits, 0, plContext));
subTest("Testing ResourceLimits No checking - <pass>");
Test_BuildResult(procParams,
testValid,
expectedCerts,
plContext);
cleanup:
PKIX_TEST_DECREF_AC(expectedCerts);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(certStores);
PKIX_TEST_DECREF_AC(certStore);
PKIX_TEST_DECREF_AC(ldapCertStore);
PKIX_TEST_DECREF_AC(dirNameString);
PKIX_TEST_DECREF_AC(trustedCert);
PKIX_TEST_DECREF_AC(targetCert);
PKIX_TEST_DECREF_AC(anchors);
PKIX_TEST_DECREF_AC(anchor);
PKIX_TEST_DECREF_AC(certSelParams);
PKIX_TEST_DECREF_AC(certSelector);
PKIX_TEST_DECREF_AC(checker);
PKIX_TEST_DECREF_AC(resourceLimits);
PKIX_TEST_RETURN();
PKIX_Shutdown(plContext);
endTests("BuildChain_UserChecker");
return (0);
}
int test_procparams(int argc, char *argv[]) {
PKIX_ProcessingParams *goodObject = NULL;
PKIX_ProcessingParams *equalObject = NULL;
PKIX_ProcessingParams *diffObject = NULL;
PKIX_UInt32 actualMinorVersion;
char *dataCentralDir = NULL;
PKIX_UInt32 j = 0;
char *oidAnyPolicy = PKIX_CERTIFICATEPOLICIES_ANYPOLICY_OID;
char *oidNist1Policy = "2.16.840.1.101.3.2.1.48.2";
char *goodInput = "yassir2yassir";
char *diffInput = "yassir2bcn";
char *expectedAscii =
"[\n"
"\tTrust Anchors: \n"
"\t********BEGIN LIST OF TRUST ANCHORS********\n"
"\t\t"
"([\n"
"\tTrusted CA Name: "
"CN=yassir,OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
", [\n"
"\tTrusted CA Name: OU=bcn,OU=east,O=sun,C=us\n"
"\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n"
"\tInitial Name Constraints:(null)\n"
"]\n"
")\n"
"\t********END LIST OF TRUST ANCHORS********\n"
"\tDate: \t\tMon Mar 29 08:48:47 2004\n"
"\tTarget Constraints: (null)\n"
"\tInitial Policies: (2.5.29.32.0)\n"
"\tQualifiers Rejected: FALSE\n"
"\tCert Stores: (EMPTY)\n"
"\tResource Limits: [\n"
"\tMaxTime: 2\n"
"\tMaxFanout: 3\n"
"\tMaxDepth: 3\n"
"]\n\n"
"\tCRL Checking Enabled: 0\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("ProcessingParams");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
if (argc < 2){
printUsage(argv[0]);
return (0);
}
dataCentralDir = argv[j+1];
subTest("PKIX_ProcessingParams_Create");
goodObject = createProcessingParams
(dataCentralDir,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
equalObject = createProcessingParams
(dataCentralDir,
goodInput,
diffInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
diffObject = createProcessingParams
(dataCentralDir,
diffInput,
goodInput,
NULL,
NULL,
PKIX_FALSE,
plContext);
testGetAnchors(goodObject, equalObject);
testGetSetDate(goodObject, equalObject);
testGetSetCertChainCheckers(goodObject, equalObject);
testGetSetRevocationCheckers(goodObject, equalObject);
testGetSetResourceLimits(goodObject, equalObject);
/*
* XXX testGetSetConstraints(goodObject);
*/
testGetSetInitialPolicies(goodObject, oidAnyPolicy);
testGetSetInitialPolicies(equalObject, oidAnyPolicy);
testGetSetInitialPolicies(diffObject, oidNist1Policy);
testGetSetPolicyQualifiersRejected(goodObject, PKIX_FALSE);
testGetSetPolicyQualifiersRejected(equalObject, PKIX_FALSE);
testGetSetPolicyQualifiersRejected(diffObject, PKIX_TRUE);
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
NULL, /* expectedAscii, */
ProcessingParams,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ProcessingParams");
return (0);
}
int test_policynode(int argc, char *argv[]) {
/*
* Create a tree with parent = anyPolicy,
* child1 with Nist1+Nist2, child2 with Nist1.
* Give each child another child, with policies Nist2
* and Nist1, respectively. Pruning with a depth of two
* should have no effect. Give one of the children
* another child. Then pruning with a depth of three
* should reduce the tree to a single strand, as child1
* and child3 are removed.
*
* parent (anyPolicy)
* / \
* child1(Nist1+Nist2) child2(Nist1)
* | |
* child3(Nist2) child4(Nist1)
* |
* child5(Nist1)
*
*/
char *asciiAnyPolicy = "2.5.29.32.0";
PKIX_PL_Cert *cert = NULL;
PKIX_PL_CertPolicyInfo *nist1Policy = NULL;
PKIX_PL_CertPolicyInfo *nist2Policy = NULL;
PKIX_List *policyQualifierList = NULL;
PKIX_PL_OID *oidAnyPolicy = NULL;
PKIX_PL_OID *oidNist1Policy = NULL;
PKIX_PL_OID *oidNist2Policy = NULL;
PKIX_List *expectedAnyList = NULL;
PKIX_List *expectedNist1List = NULL;
PKIX_List *expectedNist2List = NULL;
PKIX_List *expectedNist1Nist2List = NULL;
PKIX_List *emptyList = NULL;
PKIX_PolicyNode *parentNode = NULL;
PKIX_PolicyNode *childNode1 = NULL;
PKIX_PolicyNode *childNode2 = NULL;
PKIX_PolicyNode *childNode3 = NULL;
PKIX_PolicyNode *childNode4 = NULL;
PKIX_PolicyNode *childNode5 = NULL;
PKIX_PL_String *parentString = NULL;
PKIX_Boolean pDelete = PKIX_FALSE;
char *expectedParentAscii =
"{2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5C "
"1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 65"
" 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D 2"
"0 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 69 "
"73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 66"
" 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20 6"
"F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1[(1.3"
".6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 69 7"
"3 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74 69 "
"63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 72 20"
" 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 63 6"
"1 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70 75 "
"72 70 6F 73 65 73 20 6F 6E 6C 79])], 2.16.840.1.101.3"
".2.1.48.2[(1.3.6.1.5.5.7.2.2:[30 5A 1A 58 71 32 3A 20"
" 20 54 68 69 73 20 69 73 20 74 68 65 20 75 73 65 72 2"
"0 6E 6F 74 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 "
"66 69 65 72 20 32 2E 20 20 54 68 69 73 20 75 73 65 72"
" 20 6E 6F 74 69 63 65 20 73 68 6F 75 6C 64 20 6E 6F 7"
"4 20 62 65 20 64 69 73 70 6C 61 79 65 64])]),1}\n"
". {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.2),2}";
char *expectedValidAscii =
"2.16.840.1.101.3.2.1.48.2";
char *expectedQualifiersAscii =
/* "(1.3.6.1.5.5.7.2.2)"; */
"(1.3.6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 "
"69 73 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74"
" 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 7"
"2 20 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 "
"63 61 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70"
" 75 72 70 6F 73 65 73 20 6F 6E 6C 79])";
char *expectedPoliciesAscii =
"(2.16.840.1.101.3.2.1.48.1)";
char *expectedTree =
"{2.5.29.32.0,{},Critical,(2.5.29.32.0),0}\n"
". {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1[(1"
".3.6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 69"
" 73 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74 6"
"9 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 72 "
"20 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 63"
" 61 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70 7"
"5 72 70 6F 73 65 73 20 6F 6E 6C 79])], 2.16.840.1.101"
".3.2.1.48.2[(1.3.6.1.5.5.7.2.2:[30 5A 1A 58 71 32 3A "
"20 20 54 68 69 73 20 69 73 20 74 68 65 20 75 73 65 72"
" 20 6E 6F 74 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 6"
"9 66 69 65 72 20 32 2E 20 20 54 68 69 73 20 75 73 65 "
"72 20 6E 6F 74 69 63 65 20 73 68 6F 75 6C 64 20 6E 6F"
" 74 20 62 65 20 64 69 73 70 6C 61 79 65 64])]"
"),1}\n"
". . {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30"
" 5C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 6"
"8 65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F "
"6D 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68"
" 69 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 2"
"0 66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 "
"20 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.2)"
",2}\n"
". {2.16.840.1.101.3.2.1.48.1,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1),1}\n"
". . {2.16.840.1.101.3.2.1.48.1,(EMPTY),Not Critical,"
"(2.16.840.1.101.3.2.1.48.1),2}\n"
". . . {2.16.840.1.101.3.2.1.48.1,{},Critical,(2.16.84"
"0.1.101.3.2.1.48.1),3}";
char *expectedPrunedTree =
"{2.5.29.32.0,{},Critical,(2.5.29.32.0),0}\n"
". {2.16.840.1.101.3.2.1.48.1,(1.3.6.1.5.5.7.2.2:[30 5"
"C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 "
"65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D"
" 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6"
"9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 "
"66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20"
" 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1),1}\n"
". . {2.16.840.1.101.3.2.1.48.1,(EMPTY),Not Critical,"
"(2.16.840.1.101.3.2.1.48.1),2}\n"
". . . {2.16.840.1.101.3.2.1.48.1,{},Critical,(2.16.84"
"0.1.101.3.2.1.48.1),3}";
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *dirName = NULL;
PKIX_TEST_STD_VARS();
if (argc < 2) {
printUsage();
return (0);
}
startTests("PolicyNode");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
dirName = argv[j+1];
subTest("Creating OID objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(asciiAnyPolicy, &oidAnyPolicy, plContext));
/* Read certificates to get real policies, qualifiers */
cert = createCert
(dirName, "UserNoticeQualifierTest16EE.crt", plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation
(cert, &expectedNist1Nist2List, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(expectedNist1Nist2List,
0,
(PKIX_PL_Object **)&nist1Policy,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem
(expectedNist1Nist2List,
1,
(PKIX_PL_Object **)&nist2Policy,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers
(nist1Policy, &policyQualifierList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId
(nist1Policy, &oidNist1Policy, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId
(nist2Policy, &oidNist2Policy, plContext));
subTest("Creating expectedPolicy List objects");
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&expectedAnyList, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&expectedNist1List, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_Create(&expectedNist2List, plContext));
subTest("Populating expectedPolicy List objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(expectedAnyList, (PKIX_PL_Object *)oidAnyPolicy, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_List_AppendItem
(expectedNist1List,
(PKIX_PL_Object *)oidNist1Policy,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(expectedNist2List,
(PKIX_PL_Object *)oidNist2Policy,
plContext));
subTest("Creating PolicyNode objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&emptyList, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidAnyPolicy,
NULL,
PKIX_TRUE,
expectedAnyList,
&parentNode,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist2Policy,
policyQualifierList,
PKIX_TRUE,
expectedNist1Nist2List,
&childNode1,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist1Policy,
policyQualifierList,
PKIX_TRUE,
expectedNist1List,
&childNode2,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist2Policy,
policyQualifierList,
PKIX_TRUE,
expectedNist2List,
&childNode3,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist1Policy,
emptyList,
PKIX_FALSE,
expectedNist1List,
&childNode4,
plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create
(oidNist1Policy,
NULL,
PKIX_TRUE,
expectedNist1List,
&childNode5,
plContext));
subTest("Creating the PolicyNode tree");
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(parentNode, childNode1, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(parentNode, childNode2, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(childNode1, childNode3, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(childNode2, childNode4, plContext));
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent
(childNode4, childNode5, plContext));
subTest("Displaying PolicyNode objects");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString
((PKIX_PL_Object*)parentNode, &parentString, plContext));
(void) printf("parentNode is\n\t%s\n", parentString->escAsciiString);
testToStringHelper
((PKIX_PL_Object*)parentNode, expectedTree, plContext);
test_DuplicateHelper(parentNode, plContext);
test_GetParent(childNode3, childNode3, childNode4, expectedParentAscii);
test_GetValidPolicy
(childNode1, childNode3, parentNode, expectedValidAscii);
test_GetPolicyQualifiers
(childNode1, childNode3, childNode4, expectedQualifiersAscii);
test_GetExpectedPolicies
(childNode2, childNode4, childNode3, expectedPoliciesAscii);
test_IsCritical(childNode1, childNode2, childNode4);
test_GetDepth(childNode2, childNode4, childNode5);
subTest("pkix_PolicyNode_Prune");
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Prune
(parentNode, 2, &pDelete, plContext));
testToStringHelper
((PKIX_PL_Object*)parentNode, expectedTree, plContext);
PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Prune
(parentNode, 3, &pDelete, plContext));
testToStringHelper
((PKIX_PL_Object*)parentNode, expectedPrunedTree, plContext);
test_GetChildren(parentNode, parentNode, childNode2);
cleanup:
PKIX_TEST_DECREF_AC(cert);
PKIX_TEST_DECREF_AC(nist1Policy);
PKIX_TEST_DECREF_AC(nist2Policy);
PKIX_TEST_DECREF_AC(policyQualifierList);
PKIX_TEST_DECREF_AC(oidAnyPolicy);
PKIX_TEST_DECREF_AC(oidNist1Policy);
PKIX_TEST_DECREF_AC(oidNist2Policy);
PKIX_TEST_DECREF_AC(expectedAnyList);
PKIX_TEST_DECREF_AC(expectedNist1List);
PKIX_TEST_DECREF_AC(expectedNist2List);
PKIX_TEST_DECREF_AC(expectedNist1Nist2List);
PKIX_TEST_DECREF_AC(emptyList);
PKIX_TEST_DECREF_AC(parentNode);
PKIX_TEST_DECREF_AC(childNode1);
PKIX_TEST_DECREF_AC(childNode2);
PKIX_TEST_DECREF_AC(childNode3);
PKIX_TEST_DECREF_AC(childNode4);
PKIX_TEST_DECREF_AC(childNode5);
PKIX_TEST_DECREF_AC(parentString);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("PolicyNode");
return (0);
}
int
test_mutex2(int argc, char *argv[])
{
PRThread *consThread, *prodThread, *prodThread2, *prodThread3;
int x = 10, y = 20, z = 30;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("Mutex and Threads");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
(void)printf("Attempting to create new mutex...\n");
subTest("Mutex Creation");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Mutex_Create(&mutex, plContext));
cv = PR_NewCondVar(*(PRLock **)mutex);
subTest("Starting consumer thread");
consThread = PR_CreateThread(PR_USER_THREAD,
consumer,
NULL,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
subTest("Starting producer thread 1");
prodThread = PR_CreateThread(PR_USER_THREAD,
producer,
&x,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
subTest("Starting producer thread 2");
prodThread2 = PR_CreateThread(PR_USER_THREAD,
producer,
&y,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
subTest("Starting producer thread 3");
prodThread3 = PR_CreateThread(PR_USER_THREAD,
producer,
&z,
PR_PRIORITY_NORMAL,
PR_LOCAL_THREAD,
PR_JOINABLE_THREAD,
0);
PR_JoinThread(consThread);
(void)PR_DestroyCondVar(cv);
PKIX_TEST_DECREF_BC(mutex);
/*
* Note: we should also be freeing each thread's stack, but we
* don't have access to the prodThread->stack variable (since
* it is not exported). As a result, we have 120 bytes of memory
* leakage.
*/
PR_Free(prodThread);
PR_Free(prodThread2);
PR_Free(prodThread3);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("Mutex and Threads");
return (0);
}
int test_subjaltnamechecker(int argc, char *argv[]){
PKIX_List *chain = NULL;
PKIX_ValidateParams *valParams = NULL;
PKIX_ValidateResult *valResult = NULL;
PKIX_CertSelector *selector = NULL;
PKIX_ComCertSelParams *selParams = NULL;
PKIX_ProcessingParams *procParams = NULL;
PKIX_PL_GeneralName *name = NULL;
PKIX_UInt32 actualMinorVersion;
char *certNames[PKIX_TEST_MAX_CERTS];
PKIX_PL_Cert *certs[PKIX_TEST_MAX_CERTS];
PKIX_UInt32 chainLength = 0;
PKIX_UInt32 i = 0;
PKIX_UInt32 j = 0;
char *nameStr;
char *nameEnd;
char *names[PKIX_TEST_MAX_CERTS];
PKIX_UInt32 numNames = 0;
PKIX_UInt32 nameType;
PKIX_Boolean matchAll = PKIX_TRUE;
PKIX_Boolean testValid = PKIX_TRUE;
char *dirName = NULL;
char *anchorName = NULL;
PKIX_VerifyNode *verifyTree = NULL;
PKIX_PL_String *verifyString = NULL;
PKIX_TEST_STD_VARS();
if (argc < 5) {
printUsage1(argv[0]);
return (0);
}
startTests("SubjAltNameConstraintChecker");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
j++; /* skip test-purpose string */
/* ENE = expect no error; EE = expect error */
if (PORT_Strcmp(argv[2+j], "ENE") == 0) {
testValid = PKIX_TRUE;
} else if (PORT_Strcmp(argv[2+j], "EE") == 0) {
testValid = PKIX_FALSE;
} else {
printUsage1(argv[0]);
return (0);
}
/* taking out leading and trailing ", if any */
nameStr = argv[1+j];
subTest(nameStr);
if (*nameStr == '"'){
nameStr++;
nameEnd = nameStr;
while (*nameEnd != '"' && *nameEnd != '\0') {
nameEnd++;
}
*nameEnd = '\0';
}
/* extract first [0|1] inidcating matchAll or not */
matchAll = (*nameStr == '0')?PKIX_FALSE:PKIX_TRUE;
nameStr++;
numNames = 0;
while (*nameStr != '\0') {
names[numNames++] = nameStr;
while (*nameStr != '+' && *nameStr != '\0') {
nameStr++;
}
if (*nameStr == '+') {
*nameStr = '\0';
nameStr++;
}
}
chainLength = (argc - j) - 4;
if (chainLength > PKIX_TEST_MAX_CERTS) {
printUsageMax(chainLength);
}
for (i = 0; i < chainLength; i++) {
certNames[i] = argv[(4+j)+i];
certs[i] = NULL;
}
/* SubjAltName for validation */
subTest("Add Subject Alt Name for NameConstraint checking");
subTest("Create Selector and ComCertSelParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create
(NULL, NULL, &selector, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_Create
(&selParams, plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertSelector_SetCommonCertSelectorParams
(selector, selParams, plContext));
subTest("PKIX_ComCertSelParams_SetMatchAllSubjAltNames");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_SetMatchAllSubjAltNames
(selParams, matchAll, plContext));
subTest("PKIX_ComCertSelParams_AddSubjAltName(s)");
for (i = 0; i < numNames; i++) {
nameType = getNameType(names[i]);
if (nameType == 0xFFFF) {
return (0);
}
nameStr = names[i] + 2;
name = createGeneralName(nameType, nameStr, plContext);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ComCertSelParams_AddSubjAltName
(selParams, name, plContext));
PKIX_TEST_DECREF_BC(name);
}
subTest("SubjAltName-Constraints - Create Cert Chain");
dirName = argv[3+j];
chain = createCertChainPlus
(dirName, certNames, certs, chainLength, plContext);
subTest("SubjAltName-Constraints - Create Params");
valParams = createValidateParams
(dirName,
argv[4+j],
NULL,
NULL,
NULL,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
PKIX_FALSE,
chain,
plContext);
subTest("PKIX_ValidateParams_getProcessingParams");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateParams_GetProcessingParams
(valParams, &procParams, plContext));
subTest("PKIX_ProcessingParams_SetTargetCertConstraints");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ProcessingParams_SetTargetCertConstraints
(procParams, selector, plContext));
subTest("Subject Alt Name - Validate Chain");
if (testValid == PKIX_TRUE) {
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
} else {
PKIX_TEST_EXPECT_ERROR(PKIX_ValidateChain
(valParams, &valResult, &verifyTree, plContext));
}
cleanup:
PKIX_PL_Free(anchorName, plContext);
PKIX_TEST_DECREF_AC(verifyString);
PKIX_TEST_DECREF_AC(verifyTree);
PKIX_TEST_DECREF_AC(chain);
PKIX_TEST_DECREF_AC(valParams);
PKIX_TEST_DECREF_AC(valResult);
PKIX_TEST_DECREF_AC(selector);
PKIX_TEST_DECREF_AC(selParams);
PKIX_TEST_DECREF_AC(procParams);
PKIX_TEST_DECREF_AC(name);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("SubjAltNameConstraintsChecker");
return (0);
}
int test_resourcelimits(int argc, char *argv[]) {
PKIX_ResourceLimits *goodObject = NULL;
PKIX_ResourceLimits *equalObject = NULL;
PKIX_ResourceLimits *diffObject = NULL;
PKIX_UInt32 maxTime = 0;
PKIX_UInt32 maxFanout = 0;
PKIX_UInt32 maxDepth = 0;
PKIX_UInt32 actualMinorVersion;
PKIX_UInt32 j = 0;
char *expectedAscii =
"[\n"
"\tMaxTime: 10\n"
"\tMaxFanout: 5\n"
"\tMaxDepth: 5\n"
"]\n";
PKIX_TEST_STD_VARS();
startTests("ResourceLimits");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
subTest("PKIX_ResourceLimits_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&goodObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&diffObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_Create
(&equalObject, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(goodObject, 10, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_GetMaxTime
(goodObject, &maxTime, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(equalObject, maxTime, plContext));
maxTime++;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxTime
(diffObject, maxTime, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(goodObject, 5, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_GetMaxFanout
(goodObject, &maxFanout, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(equalObject, maxFanout, plContext));
maxFanout++;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxFanout
(diffObject, maxFanout, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(goodObject, 5, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_GetMaxDepth
(goodObject, &maxDepth, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(equalObject, maxDepth, plContext));
maxDepth++;
PKIX_TEST_EXPECT_NO_ERROR(PKIX_ResourceLimits_SetMaxDepth
(diffObject, maxDepth, plContext));
PKIX_TEST_EQ_HASH_TOSTR_DUP
(goodObject,
equalObject,
diffObject,
expectedAscii,
ResourceLimits,
PKIX_FALSE);
testDestroy(goodObject, equalObject, diffObject);
cleanup:
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("ResourceLimits");
return (0);
}
int test_certchainchecker(int argc, char *argv[]) {
PKIX_UInt32 actualMinorVersion;
PKIX_PL_OID *bcOID = NULL;
PKIX_PL_OID *ncOID = NULL;
PKIX_PL_OID *cpOID = NULL;
PKIX_PL_OID *pmOID = NULL;
PKIX_PL_OID *pcOID = NULL;
PKIX_PL_OID *iaOID = NULL;
PKIX_CertChainChecker *dummyChecker = NULL;
PKIX_List *supportedExtensions = NULL;
PKIX_PL_Object *initialState = NULL;
PKIX_UInt32 j = 0;
PKIX_TEST_STD_VARS();
startTests("CertChainChecker");
PKIX_TEST_EXPECT_NO_ERROR(
PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create
(&supportedExtensions, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_BASICCONSTRAINTS_OID, &bcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)bcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_NAMECONSTRAINTS_OID, &ncOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)ncOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_CERTIFICATEPOLICIES_OID, &cpOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)cpOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_POLICYMAPPINGS_OID, &pmOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)pmOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_POLICYCONSTRAINTS_OID, &pcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)pcOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create
(PKIX_INHIBITANYPOLICY_OID, &iaOID, plContext));
PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem
(supportedExtensions, (PKIX_PL_Object *)iaOID, plContext));
PKIX_TEST_DECREF_BC(bcOID);
PKIX_TEST_DECREF_BC(ncOID);
PKIX_TEST_DECREF_BC(cpOID);
PKIX_TEST_DECREF_BC(pmOID);
PKIX_TEST_DECREF_BC(pcOID);
PKIX_TEST_DECREF_BC(iaOID);
PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_IncRef
((PKIX_PL_Object *)supportedExtensions, plContext));
initialState = (PKIX_PL_Object *)supportedExtensions;
subTest("CertChainChecker_Create");
PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertChainChecker_Create
(dummyChecker_Check, /* PKIX_CertChainChecker_CheckCallback */
PKIX_FALSE, /* forwardCheckingSupported */
PKIX_FALSE, /* forwardDirectionExpected */
supportedExtensions,
NULL, /* PKIX_PL_Object *initialState */
&dummyChecker,
plContext));
PKIX_TEST_EXPECT_NO_ERROR
(PKIX_CertChainChecker_SetCertChainCheckerState
(dummyChecker, initialState, plContext));
test_CertChainChecker_Duplicate(dummyChecker);
subTest("CertChainChecker_Destroy");
PKIX_TEST_DECREF_BC(dummyChecker);
cleanup:
PKIX_TEST_DECREF_AC(dummyChecker);
PKIX_TEST_DECREF_AC(initialState);
PKIX_TEST_DECREF_AC(supportedExtensions);
PKIX_Shutdown(plContext);
PKIX_TEST_RETURN();
endTests("CertChainChecker");
return (0);
}