static void testGetCert(char *certDir) { PKIX_PL_String *dirString = NULL; PKIX_CertStore_CertCallback certCallback; PKIX_CertStore *certStore = NULL; PKIX_CertSelector *certSelector = NULL; PKIX_List *certList = NULL; PKIX_UInt32 numCert = 0; void *nbioContext = NULL; PKIX_TEST_STD_VARS(); PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII, certDir, 0, &dirString, plContext)); subTest("PKIX_PL_CollectionCertStore_Create"); PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(dirString, &certStore, plContext)); subTest("PKIX_CertSelector_Create"); PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(testCertSelectorMatchCallback, NULL, &certSelector, plContext)); subTest("PKIX_CertStore_GetCertCallback"); PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &certCallback, NULL)); subTest("Getting data from Cert Callback"); PKIX_TEST_EXPECT_NO_ERROR(certCallback(certStore, certSelector, &nbioContext, &certList, plContext)); PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certList, &numCert, plContext)); if (numCert != PKIX_TEST_COLLECTIONCERTSTORE_NUM_CERTS) { pkixTestErrorMsg = "unexpected Cert number mismatch"; } cleanup: PKIX_TEST_DECREF_AC(dirString); PKIX_TEST_DECREF_AC(certList); PKIX_TEST_DECREF_AC(certSelector); PKIX_TEST_DECREF_AC(certStore); PKIX_TEST_RETURN(); }
/* * This function reads a directory-file cert specified by "desiredSubjectCert", * and decodes the SubjectName. It uses that name to set up the CertSelector * for a Subject Name match, and then queries the database for matching entries. * It is intended to test a "smart" database query. */ static void testMatchCertSubject( char *crlDir, char *desiredSubjectCert, char *expectedAscii, PKIX_PL_Date *validityDate, void *plContext) { PKIX_UInt32 numCert = 0; PKIX_PL_Cert *certWithDesiredSubject = NULL; PKIX_CertStore *certStore = NULL; PKIX_CertSelector *certSelector = NULL; PKIX_List *certList = NULL; PKIX_CertStore_CertCallback getCert = NULL; void *nbioContext = NULL; PKIX_TEST_STD_VARS(); certWithDesiredSubject = createCert(crlDir, desiredSubjectCert, plContext); test_makeSubjectCertSelector(certWithDesiredSubject, validityDate, &certSelector, plContext); PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create(&certStore, plContext)); PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCert, plContext)); PKIX_TEST_EXPECT_NO_ERROR(getCert(certStore, certSelector, &nbioContext, &certList, plContext)); PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certList, &numCert, plContext)); if (numCert > 0) { /* List should be immutable */ PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(certList, 0, plContext)); } if (expectedAscii) { testToStringHelper((PKIX_PL_Object *)certList, expectedAscii, plContext); } cleanup: PKIX_TEST_DECREF_AC(certWithDesiredSubject); PKIX_TEST_DECREF_AC(certStore); PKIX_TEST_DECREF_AC(certSelector); PKIX_TEST_DECREF_AC(certList); PKIX_TEST_RETURN(); }
/* * This function uses the minimum path length specified by "minPath" to set up * a CertSelector for a BasicConstraints match, and then queries the database * for matching entries. It is intended to test the case where there * is no "smart" database query, so the database will be asked for all * available certs and the filtering will be done by the interaction of the * certstore and the selector. */ static void testMatchCertMinPath( PKIX_Int32 minPath, char *expectedAscii, void *plContext) { PKIX_CertStore *certStore = NULL; PKIX_CertSelector *certSelector = NULL; PKIX_List *certList = NULL; PKIX_CertStore_CertCallback getCert = NULL; void *nbioContext = NULL; PKIX_TEST_STD_VARS(); subTest("Searching Certs for minPath"); test_makePathCertSelector (minPath, &certSelector, plContext); PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create (&certStore, plContext)); PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback (certStore, &getCert, plContext)); PKIX_TEST_EXPECT_NO_ERROR(getCert (certStore, certSelector, &nbioContext, &certList, plContext)); if (expectedAscii) { testToStringHelper ((PKIX_PL_Object *)certList, expectedAscii, plContext); } cleanup: PKIX_TEST_DECREF_AC(certStore); PKIX_TEST_DECREF_AC(certSelector); PKIX_TEST_DECREF_AC(certList); PKIX_TEST_RETURN(); }