Пример #1
0
static void
testGetCert(char *certDir)
{
    PKIX_PL_String *dirString = NULL;
    PKIX_CertStore_CertCallback certCallback;
    PKIX_CertStore *certStore = NULL;
    PKIX_CertSelector *certSelector = NULL;
    PKIX_List *certList = NULL;
    PKIX_UInt32 numCert = 0;
    void *nbioContext = NULL;

    PKIX_TEST_STD_VARS();

    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_String_Create(PKIX_ESCASCII,
                                                    certDir,
                                                    0,
                                                    &dirString,
                                                    plContext));

    subTest("PKIX_PL_CollectionCertStore_Create");
    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CollectionCertStore_Create(dirString,
                                                                 &certStore,
                                                                 plContext));

    subTest("PKIX_CertSelector_Create");
    PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertSelector_Create(testCertSelectorMatchCallback,
                                                       NULL,
                                                       &certSelector,
                                                       plContext));

    subTest("PKIX_CertStore_GetCertCallback");
    PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &certCallback, NULL));

    subTest("Getting data from Cert Callback");
    PKIX_TEST_EXPECT_NO_ERROR(certCallback(certStore,
                                           certSelector,
                                           &nbioContext,
                                           &certList,
                                           plContext));

    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certList,
                                                  &numCert,
                                                  plContext));

    if (numCert != PKIX_TEST_COLLECTIONCERTSTORE_NUM_CERTS) {
        pkixTestErrorMsg = "unexpected Cert number mismatch";
    }

cleanup:

    PKIX_TEST_DECREF_AC(dirString);
    PKIX_TEST_DECREF_AC(certList);
    PKIX_TEST_DECREF_AC(certSelector);
    PKIX_TEST_DECREF_AC(certStore);

    PKIX_TEST_RETURN();
}
Пример #2
0
/*
 * This function reads a directory-file cert specified by "desiredSubjectCert",
 * and decodes the SubjectName. It uses that name to set up the CertSelector
 * for a Subject Name match, and then queries the database for matching entries.
 * It is intended to test a "smart" database query.
 */
static void
testMatchCertSubject(
    char *crlDir,
    char *desiredSubjectCert,
    char *expectedAscii,
    PKIX_PL_Date *validityDate,
    void *plContext)
{
    PKIX_UInt32 numCert = 0;
    PKIX_PL_Cert *certWithDesiredSubject = NULL;
    PKIX_CertStore *certStore = NULL;
    PKIX_CertSelector *certSelector = NULL;
    PKIX_List *certList = NULL;
    PKIX_CertStore_CertCallback getCert = NULL;
    void *nbioContext = NULL;

    PKIX_TEST_STD_VARS();

    certWithDesiredSubject = createCert(crlDir, desiredSubjectCert, plContext);

    test_makeSubjectCertSelector(certWithDesiredSubject,
                                 validityDate,
                                 &certSelector,
                                 plContext);

    PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create(&certStore, plContext));

    PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback(certStore, &getCert, plContext));

    PKIX_TEST_EXPECT_NO_ERROR(getCert(certStore,
                                      certSelector,
                                      &nbioContext,
                                      &certList,
                                      plContext));

    PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetLength(certList, &numCert, plContext));

    if (numCert > 0) {
        /* List should be immutable */
        PKIX_TEST_EXPECT_ERROR(PKIX_List_DeleteItem(certList, 0, plContext));
    }

    if (expectedAscii) {
        testToStringHelper((PKIX_PL_Object *)certList, expectedAscii, plContext);
    }

cleanup:

    PKIX_TEST_DECREF_AC(certWithDesiredSubject);
    PKIX_TEST_DECREF_AC(certStore);
    PKIX_TEST_DECREF_AC(certSelector);
    PKIX_TEST_DECREF_AC(certList);

    PKIX_TEST_RETURN();
}
Пример #3
0
/*
 * This function uses the minimum path length specified by "minPath" to set up
 * a CertSelector for a BasicConstraints match, and then queries the database
 * for matching entries. It is intended to test the case where there
 * is no "smart" database query, so the database will be asked for all
 * available certs and the filtering will be done by the interaction of the
 * certstore and the selector.
 */
static 
void testMatchCertMinPath(
        PKIX_Int32 minPath,
        char *expectedAscii,
        void *plContext)
{
        PKIX_CertStore *certStore = NULL;
        PKIX_CertSelector *certSelector = NULL;
        PKIX_List *certList = NULL;
        PKIX_CertStore_CertCallback getCert = NULL;
	void *nbioContext = NULL;

        PKIX_TEST_STD_VARS();

        subTest("Searching Certs for minPath");

        test_makePathCertSelector
                (minPath, &certSelector, plContext);

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Pk11CertStore_Create
                (&certStore, plContext));

        PKIX_TEST_EXPECT_NO_ERROR(PKIX_CertStore_GetCertCallback
                (certStore, &getCert, plContext));

        PKIX_TEST_EXPECT_NO_ERROR(getCert
                (certStore,
		certSelector,
		&nbioContext,
		&certList,
		plContext));

        if (expectedAscii) {
                testToStringHelper
                        ((PKIX_PL_Object *)certList, expectedAscii, plContext);
        }

cleanup:

        PKIX_TEST_DECREF_AC(certStore);
        PKIX_TEST_DECREF_AC(certSelector);
        PKIX_TEST_DECREF_AC(certList);

        PKIX_TEST_RETURN();
}