diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
commit | 2aa4a82499d4becd2284cdb482213d541b8804dd (patch) | |
tree | b80bf8bf13c3766139fbacc530efd0dd9d54394c /security/nss/cmd/libpkix/pkix/results | |
parent | Initial commit. (diff) | |
download | firefox-upstream.tar.xz firefox-upstream.zip |
Adding upstream version 86.0.1.upstream/86.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/cmd/libpkix/pkix/results')
-rwxr-xr-x | security/nss/cmd/libpkix/pkix/results/Makefile | 45 | ||||
-rwxr-xr-x | security/nss/cmd/libpkix/pkix/results/manifest.mn | 24 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/pkix/results/test_buildresult.c | 212 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/pkix/results/test_policynode.c | 612 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/pkix/results/test_valresult.c | 199 | ||||
-rw-r--r-- | security/nss/cmd/libpkix/pkix/results/test_verifynode.c | 112 |
6 files changed, 1204 insertions, 0 deletions
diff --git a/security/nss/cmd/libpkix/pkix/results/Makefile b/security/nss/cmd/libpkix/pkix/results/Makefile new file mode 100755 index 0000000000..802e7729d9 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/results/Makefile @@ -0,0 +1,45 @@ +#! gmake +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +####################################################################### +# (1) Include initial platform-independent assignments (MANDATORY). # +####################################################################### + +include manifest.mn + +####################################################################### +# (2) Include "global" configuration information. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/config.mk + +####################################################################### +# (3) Include "component" configuration information. (OPTIONAL) # +####################################################################### + +####################################################################### +# (4) Include "local" platform-dependent assignments (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platlibs.mk + +####################################################################### +# (5) Execute "global" rules. (OPTIONAL) # +####################################################################### + +include $(CORE_DEPTH)/coreconf/rules.mk + +####################################################################### +# (6) Execute "component" rules. (OPTIONAL) # +####################################################################### + + + +####################################################################### +# (7) Execute "local" rules. (OPTIONAL). # +####################################################################### + +include $(PLAT_DEPTH)/platrules.mk diff --git a/security/nss/cmd/libpkix/pkix/results/manifest.mn b/security/nss/cmd/libpkix/pkix/results/manifest.mn new file mode 100755 index 0000000000..7e4caeac60 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/results/manifest.mn @@ -0,0 +1,24 @@ +# +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +PKIX_DEPTH = ../.. +PLAT_DEPTH = $(PKIX_DEPTH)/.. +CORE_DEPTH = $(PKIX_DEPTH)/../../.. + +# MODULE public and private header directories are implicitly REQUIRED. +MODULE = nss + +CSRCS = test_buildresult.c \ + test_policynode.c \ + test_verifynode.c \ + test_valresult.c \ + $(NULL) + +LIBRARY_NAME = pkixtoolresults +SHARED_LIBRARY = $(NULL) + +SOURCE_LIB_DIR=$(PKIX_DEPTH)/$(OBJDIR) + +NO_MD_RELEASE = 1 diff --git a/security/nss/cmd/libpkix/pkix/results/test_buildresult.c b/security/nss/cmd/libpkix/pkix/results/test_buildresult.c new file mode 100644 index 0000000000..8b13e8eea6 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/results/test_buildresult.c @@ -0,0 +1,212 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_buildresult.c + * + * Test BuildResult Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +testDestroy(void *goodObject, void *equalObject, void *diffObject) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_BuildResult_Destroy"); + + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testGetValidateResult( + PKIX_BuildResult *goodObject, + PKIX_BuildResult *equalObject) +{ + + PKIX_ValidateResult *goodValResult = NULL; + PKIX_ValidateResult *equalValResult = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_BuildResult_GetValidateResult"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetValidateResult(goodObject, &goodValResult, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetValidateResult(equalObject, &equalValResult, NULL)); + + testEqualsHelper((PKIX_PL_Object *)goodValResult, + (PKIX_PL_Object *)equalValResult, + PKIX_TRUE, + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(goodValResult); + PKIX_TEST_DECREF_AC(equalValResult); + + PKIX_TEST_RETURN(); +} + +static void +testGetCertChain( + PKIX_BuildResult *goodObject, + PKIX_BuildResult *equalObject) +{ + + PKIX_List *goodChain = NULL; + PKIX_List *equalChain = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_BuildResult_GetCertChain"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetCertChain(goodObject, &goodChain, NULL)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_BuildResult_GetCertChain(equalObject, &equalChain, NULL)); + + testEqualsHelper((PKIX_PL_Object *)goodChain, + (PKIX_PL_Object *)equalChain, + PKIX_TRUE, + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(goodChain); + PKIX_TEST_DECREF_AC(equalChain); + + PKIX_TEST_RETURN(); +} + +static void +printUsage(char *pName) +{ + printf("\nUSAGE: %s <central-data-dir>\n\n", pName); +} + +int +test_buildresult(int argc, char *argv[]) +{ + + PKIX_BuildResult *goodObject = NULL; + PKIX_BuildResult *equalObject = NULL; + PKIX_BuildResult *diffObject = NULL; + PKIX_UInt32 actualMinorVersion; + char *dirName = NULL; + PKIX_UInt32 j = 0; + + char *goodInput = "yassir2yassir"; + char *diffInput = "yassir2bcn"; + + char *expectedAscii = + "[\n" + "\tValidateResult: \t\t" + "[\n" + "\tTrustAnchor: \t\t" + "[\n" + "\tTrusted CA Name: " + "CN=yassir,OU=bcn,OU=east,O=sun,C=us\n" + "\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n" + "\tInitial Name Constraints:(null)\n" + "]\n" + "\tPubKey: \t\t" + "ANSI X9.57 DSA Signature\n" + "\tPolicyTree: \t\t(null)\n" + "]\n" + "\tCertChain: \t\t(" + "[\n" + "\tVersion: v3\n" + "\tSerialNumber: 37bc65af\n" + "\tIssuer: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n" + "\tSubject: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n" + "\tValidity: [From: Thu Aug 19 16:14:39 1999\n" + "\t To: Fri Aug 18 16:14:39 2000]\n" + "\tSubjectAltNames: (null)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: CA(0)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "]\n" + ", [\n" + "\tVersion: v3\n" + "\tSerialNumber: 37bc66ec\n" + "\tIssuer: CN=yassir,OU=bcn,OU=east,O=sun,C=us\n" + "\tSubject: OU=bcn,OU=east,O=sun,C=us\n" + "\tValidity: [From: Thu Aug 19 16:19:56 1999\n" + "\t To: Fri Aug 18 16:19:56 2000]\n" + "\tSubjectAltNames: (null)\n" + "\tAuthorityKeyId: (null)\n" + "\tSubjectKeyId: (null)\n" + "\tSubjPubKeyAlgId: ANSI X9.57 DSA Signature\n" + "\tCritExtOIDs: (2.5.29.15, 2.5.29.19)\n" + "\tExtKeyUsages: (null)\n" + "\tBasicConstraint: CA(0)\n" + "\tCertPolicyInfo: (null)\n" + "\tPolicyMappings: (null)\n" + "\tExplicitPolicy: -1\n" + "\tInhibitMapping: -1\n" + "\tInhibitAnyPolicy:-1\n" + "\tNameConstraints: (null)\n" + "]\n" + ")\n" + "]\n"; + + PKIX_TEST_STD_VARS(); + + startTests("BuildResult"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 2) { + printUsage(argv[0]); + return (0); + } + + dirName = argv[j + 1]; + + subTest("pkix_BuildResult_Create"); + + goodObject = createBuildResult(dirName, goodInput, diffInput, goodInput, diffInput, plContext); + equalObject = createBuildResult(dirName, goodInput, diffInput, goodInput, diffInput, plContext); + diffObject = createBuildResult(dirName, diffInput, goodInput, diffInput, goodInput, plContext); + + testGetValidateResult(goodObject, equalObject); + testGetCertChain(goodObject, equalObject); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + NULL, /* expectedAscii, */ + BuildResult, + PKIX_FALSE); + + testDestroy(goodObject, equalObject, diffObject); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("BuildResult"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix/results/test_policynode.c b/security/nss/cmd/libpkix/pkix/results/test_policynode.c new file mode 100644 index 0000000000..38ac1d95e6 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/results/test_policynode.c @@ -0,0 +1,612 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_policynode.c + * + * Test PolicyNode Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +test_GetChildren( + PKIX_PolicyNode *goodNode, + PKIX_PolicyNode *equalNode, + PKIX_PolicyNode *diffNode) +{ + + /* + * Caution: be careful where you insert this test. PKIX_PolicyNode_GetChildren + * is required by the API to return an immutable List, and it does it by setting + * the List immutable. We don't make a copy because the assumption is that + * certificate and policy processing have been completed before the user gets at + * the public API. So subsequent tests of functions that modify the policy tree, + * such as Prune, will fail if called after the execution of this test. + */ + + PKIX_Boolean isImmutable = PKIX_FALSE; + PKIX_List *goodList = NULL; + PKIX_List *equalList = NULL; + PKIX_List *diffList = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PolicyNode_GetChildren"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetChildren(goodNode, &goodList, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetChildren(equalNode, &equalList, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetChildren(diffNode, &diffList, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodList, equalList, diffList, NULL, List, NULL); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable(goodList, &isImmutable, plContext)); + + if (isImmutable != PKIX_TRUE) { + testError("PKIX_PolicyNode_GetChildren returned a mutable List"); + } + +cleanup: + PKIX_TEST_DECREF_AC(goodList); + PKIX_TEST_DECREF_AC(equalList); + PKIX_TEST_DECREF_AC(diffList); + + PKIX_TEST_RETURN(); +} + +static void +test_GetParent( + PKIX_PolicyNode *goodNode, + PKIX_PolicyNode *equalNode, + PKIX_PolicyNode *diffNode, + char *expectedAscii) +{ + PKIX_PolicyNode *goodParent = NULL; + PKIX_PolicyNode *equalParent = NULL; + PKIX_PolicyNode *diffParent = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PolicyNode_GetParent"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetParent(goodNode, &goodParent, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetParent(equalNode, &equalParent, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetParent(diffNode, &diffParent, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodParent, + equalParent, + diffParent, + expectedAscii, + CertPolicyNode, + NULL); + +cleanup: + PKIX_TEST_DECREF_AC(goodParent); + PKIX_TEST_DECREF_AC(equalParent); + PKIX_TEST_DECREF_AC(diffParent); + + PKIX_TEST_RETURN(); +} + +/* + * This test is the same as testDuplicateHelper, except that it + * produces a more useful "Actual value" and "Expected value" + * in the case of an unexpected mismatch. + */ +static void +test_DuplicateHelper(PKIX_PolicyNode *object, void *plContext) +{ + PKIX_PolicyNode *newObject = NULL; + PKIX_Boolean cmpResult; + PKIX_PL_String *original = NULL; + PKIX_PL_String *copy = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("testing pkix_PolicyNode_Duplicate"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Duplicate((PKIX_PL_Object *)object, + (PKIX_PL_Object **)&newObject, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_Equals((PKIX_PL_Object *)object, + (PKIX_PL_Object *)newObject, + &cmpResult, + plContext)); + + if (!cmpResult) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)object, &original, plContext)); + testError("unexpected mismatch"); + (void)printf("original value:\t%s\n", original->escAsciiString); + + if (newObject) { + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)newObject, ©, plContext)); + (void)printf("copy value:\t%s\n", copy->escAsciiString); + } else { + (void)printf("copy value:\t(NULL)\n"); + } + } + +cleanup: + + PKIX_TEST_DECREF_AC(newObject); + PKIX_TEST_DECREF_AC(original); + PKIX_TEST_DECREF_AC(copy); + + PKIX_TEST_RETURN(); +} + +static void +test_GetValidPolicy( + PKIX_PolicyNode *goodNode, + PKIX_PolicyNode *equalNode, + PKIX_PolicyNode *diffNode, + char *expectedAscii) +{ + PKIX_PL_OID *goodPolicy = NULL; + PKIX_PL_OID *equalPolicy = NULL; + PKIX_PL_OID *diffPolicy = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PolicyNode_GetValidPolicy"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetValidPolicy(goodNode, &goodPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetValidPolicy(equalNode, &equalPolicy, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetValidPolicy(diffNode, &diffPolicy, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodPolicy, equalPolicy, diffPolicy, expectedAscii, OID, NULL); + +cleanup: + PKIX_TEST_DECREF_AC(goodPolicy); + PKIX_TEST_DECREF_AC(equalPolicy); + PKIX_TEST_DECREF_AC(diffPolicy); + + PKIX_TEST_RETURN(); +} + +static void +test_GetPolicyQualifiers( + PKIX_PolicyNode *goodNode, + PKIX_PolicyNode *equalNode, + PKIX_PolicyNode *diffNode, + char *expectedAscii) +{ + PKIX_Boolean isImmutable = PKIX_FALSE; + PKIX_List *goodList = NULL; + PKIX_List *equalList = NULL; + PKIX_List *diffList = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PolicyNode_GetPolicyQualifiers"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetPolicyQualifiers(goodNode, &goodList, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetPolicyQualifiers(equalNode, &equalList, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetPolicyQualifiers(diffNode, &diffList, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodList, equalList, diffList, expectedAscii, List, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable(goodList, &isImmutable, plContext)); + + if (isImmutable != PKIX_TRUE) { + testError("PKIX_PolicyNode_GetPolicyQualifiers returned a mutable List"); + } +cleanup: + PKIX_TEST_DECREF_AC(goodList); + PKIX_TEST_DECREF_AC(equalList); + PKIX_TEST_DECREF_AC(diffList); + + PKIX_TEST_RETURN(); +} + +static void +test_GetExpectedPolicies( + PKIX_PolicyNode *goodNode, + PKIX_PolicyNode *equalNode, + PKIX_PolicyNode *diffNode, + char *expectedAscii) +{ + PKIX_Boolean isImmutable = PKIX_FALSE; + PKIX_List *goodList = NULL; + PKIX_List *equalList = NULL; + PKIX_List *diffList = NULL; + + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PolicyNode_GetExpectedPolicies"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetExpectedPolicies(goodNode, &goodList, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetExpectedPolicies(equalNode, &equalList, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetExpectedPolicies(diffNode, &diffList, plContext)); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodList, equalList, diffList, expectedAscii, List, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_IsImmutable(goodList, &isImmutable, plContext)); + + if (isImmutable != PKIX_TRUE) { + testError("PKIX_PolicyNode_GetExpectedPolicies returned a mutable List"); + } +cleanup: + PKIX_TEST_DECREF_AC(goodList); + PKIX_TEST_DECREF_AC(equalList); + PKIX_TEST_DECREF_AC(diffList); + + PKIX_TEST_RETURN(); +} + +static void +test_IsCritical( + PKIX_PolicyNode *goodNode, + PKIX_PolicyNode *equalNode, + PKIX_PolicyNode *diffNode) +{ + PKIX_Boolean goodBool = PKIX_FALSE; + PKIX_Boolean equalBool = PKIX_FALSE; + PKIX_Boolean diffBool = PKIX_FALSE; + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PolicyNode_IsCritical"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_IsCritical(goodNode, &goodBool, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_IsCritical(equalNode, &equalBool, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_IsCritical(diffNode, &diffBool, plContext)); + + if ((!goodBool) || (!equalBool) || (diffBool)) { + testError("IsCritical returned unexpected value"); + } +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +test_GetDepth( + PKIX_PolicyNode *depth1Node, + PKIX_PolicyNode *depth2Node, + PKIX_PolicyNode *depth3Node) +{ + PKIX_UInt32 depth1 = 0; + PKIX_UInt32 depth2 = 0; + PKIX_UInt32 depth3 = 0; + PKIX_TEST_STD_VARS(); + + subTest("PKIX_PolicyNode_GetDepth"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetDepth(depth1Node, &depth1, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetDepth(depth2Node, &depth2, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PolicyNode_GetDepth(depth3Node, &depth3, plContext)); + + if ((depth1 != 1) || (depth2 != 2) || (depth3 != 3)) { + testError("GetDepth returned unexpected value"); + } + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_policynode <NIST_FILES_DIR> \n\n"); +} + +int +test_policynode(int argc, char *argv[]) +{ + + /* + * Create a tree with parent = anyPolicy, + * child1 with Nist1+Nist2, child2 with Nist1. + * Give each child another child, with policies Nist2 + * and Nist1, respectively. Pruning with a depth of two + * should have no effect. Give one of the children + * another child. Then pruning with a depth of three + * should reduce the tree to a single strand, as child1 + * and child3 are removed. + * + * parent (anyPolicy) + * / \ + * child1(Nist1+Nist2) child2(Nist1) + * | | + * child3(Nist2) child4(Nist1) + * | + * child5(Nist1) + * + */ + char *asciiAnyPolicy = "2.5.29.32.0"; + PKIX_PL_Cert *cert = NULL; + PKIX_PL_CertPolicyInfo *nist1Policy = NULL; + PKIX_PL_CertPolicyInfo *nist2Policy = NULL; + PKIX_List *policyQualifierList = NULL; + PKIX_PL_OID *oidAnyPolicy = NULL; + PKIX_PL_OID *oidNist1Policy = NULL; + PKIX_PL_OID *oidNist2Policy = NULL; + PKIX_List *expectedAnyList = NULL; + PKIX_List *expectedNist1List = NULL; + PKIX_List *expectedNist2List = NULL; + PKIX_List *expectedNist1Nist2List = NULL; + PKIX_List *emptyList = NULL; + PKIX_PolicyNode *parentNode = NULL; + PKIX_PolicyNode *childNode1 = NULL; + PKIX_PolicyNode *childNode2 = NULL; + PKIX_PolicyNode *childNode3 = NULL; + PKIX_PolicyNode *childNode4 = NULL; + PKIX_PolicyNode *childNode5 = NULL; + PKIX_PL_String *parentString = NULL; + PKIX_Boolean pDelete = PKIX_FALSE; + char *expectedParentAscii = + "{2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5C " + "1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 65" + " 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D 2" + "0 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 69 " + "73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 66" + " 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20 6" + "F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1[(1.3" + ".6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 69 7" + "3 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74 69 " + "63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 72 20" + " 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 63 6" + "1 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70 75 " + "72 70 6F 73 65 73 20 6F 6E 6C 79])], 2.16.840.1.101.3" + ".2.1.48.2[(1.3.6.1.5.5.7.2.2:[30 5A 1A 58 71 32 3A 20" + " 20 54 68 69 73 20 69 73 20 74 68 65 20 75 73 65 72 2" + "0 6E 6F 74 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 " + "66 69 65 72 20 32 2E 20 20 54 68 69 73 20 75 73 65 72" + " 20 6E 6F 74 69 63 65 20 73 68 6F 75 6C 64 20 6E 6F 7" + "4 20 62 65 20 64 69 73 70 6C 61 79 65 64])]),1}\n" + ". {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5" + "C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 " + "65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D" + " 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6" + "9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 " + "66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20" + " 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.2),2}"; + char *expectedValidAscii = + "2.16.840.1.101.3.2.1.48.2"; + char *expectedQualifiersAscii = + /* "(1.3.6.1.5.5.7.2.2)"; */ + "(1.3.6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 " + "69 73 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74" + " 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 7" + "2 20 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 " + "63 61 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70" + " 75 72 70 6F 73 65 73 20 6F 6E 6C 79])"; + char *expectedPoliciesAscii = + "(2.16.840.1.101.3.2.1.48.1)"; + char *expectedTree = + "{2.5.29.32.0,{},Critical,(2.5.29.32.0),0}\n" + ". {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30 5" + "C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 " + "65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D" + " 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6" + "9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 " + "66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20" + " 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1[(1" + ".3.6.1.5.5.7.2.2:[30 5C 1A 5A 71 31 3A 20 20 54 68 69" + " 73 20 69 73 20 74 68 65 20 75 73 65 72 20 6E 6F 74 6" + "9 63 65 20 66 72 6F 6D 20 71 75 61 6C 69 66 69 65 72 " + "20 31 2E 20 20 54 68 69 73 20 63 65 72 74 69 66 69 63" + " 61 74 65 20 69 73 20 66 6F 72 20 74 65 73 74 20 70 7" + "5 72 70 6F 73 65 73 20 6F 6E 6C 79])], 2.16.840.1.101" + ".3.2.1.48.2[(1.3.6.1.5.5.7.2.2:[30 5A 1A 58 71 32 3A " + "20 20 54 68 69 73 20 69 73 20 74 68 65 20 75 73 65 72" + " 20 6E 6F 74 69 63 65 20 66 72 6F 6D 20 71 75 61 6C 6" + "9 66 69 65 72 20 32 2E 20 20 54 68 69 73 20 75 73 65 " + "72 20 6E 6F 74 69 63 65 20 73 68 6F 75 6C 64 20 6E 6F" + " 74 20 62 65 20 64 69 73 70 6C 61 79 65 64])]" + "),1}\n" + ". . {2.16.840.1.101.3.2.1.48.2,(1.3.6.1.5.5.7.2.2:[30" + " 5C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 6" + "8 65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F " + "6D 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68" + " 69 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 2" + "0 66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 " + "20 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.2)" + ",2}\n" + ". {2.16.840.1.101.3.2.1.48.1,(1.3.6.1.5.5.7.2.2:[30 5" + "C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 " + "65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D" + " 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6" + "9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 " + "66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20" + " 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1),1}\n" + ". . {2.16.840.1.101.3.2.1.48.1,(EMPTY),Not Critical," + "(2.16.840.1.101.3.2.1.48.1),2}\n" + ". . . {2.16.840.1.101.3.2.1.48.1,{},Critical,(2.16.84" + "0.1.101.3.2.1.48.1),3}"; + char *expectedPrunedTree = + "{2.5.29.32.0,{},Critical,(2.5.29.32.0),0}\n" + ". {2.16.840.1.101.3.2.1.48.1,(1.3.6.1.5.5.7.2.2:[30 5" + "C 1A 5A 71 31 3A 20 20 54 68 69 73 20 69 73 20 74 68 " + "65 20 75 73 65 72 20 6E 6F 74 69 63 65 20 66 72 6F 6D" + " 20 71 75 61 6C 69 66 69 65 72 20 31 2E 20 20 54 68 6" + "9 73 20 63 65 72 74 69 66 69 63 61 74 65 20 69 73 20 " + "66 6F 72 20 74 65 73 74 20 70 75 72 70 6F 73 65 73 20" + " 6F 6E 6C 79]),Critical,(2.16.840.1.101.3.2.1.48.1),1}\n" + ". . {2.16.840.1.101.3.2.1.48.1,(EMPTY),Not Critical," + "(2.16.840.1.101.3.2.1.48.1),2}\n" + ". . . {2.16.840.1.101.3.2.1.48.1,{},Critical,(2.16.84" + "0.1.101.3.2.1.48.1),3}"; + + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + char *dirName = NULL; + + PKIX_TEST_STD_VARS(); + + if (argc < 2) { + printUsage(); + return (0); + } + + startTests("PolicyNode"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + dirName = argv[j + 1]; + + subTest("Creating OID objects"); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_OID_Create(asciiAnyPolicy, &oidAnyPolicy, plContext)); + + /* Read certificates to get real policies, qualifiers */ + + cert = createCert(dirName, "UserNoticeQualifierTest16EE.crt", plContext); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Cert_GetPolicyInformation(cert, &expectedNist1Nist2List, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(expectedNist1Nist2List, + 0, + (PKIX_PL_Object **)&nist1Policy, + plContext)); + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_GetItem(expectedNist1Nist2List, + 1, + (PKIX_PL_Object **)&nist2Policy, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolQualifiers(nist1Policy, &policyQualifierList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId(nist1Policy, &oidNist1Policy, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_CertPolicyInfo_GetPolicyId(nist2Policy, &oidNist2Policy, plContext)); + + subTest("Creating expectedPolicy List objects"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedAnyList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedNist1List, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&expectedNist2List, plContext)); + + subTest("Populating expectedPolicy List objects"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(expectedAnyList, (PKIX_PL_Object *)oidAnyPolicy, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(expectedNist1List, + (PKIX_PL_Object *)oidNist1Policy, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_AppendItem(expectedNist2List, + (PKIX_PL_Object *)oidNist2Policy, + plContext)); + + subTest("Creating PolicyNode objects"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_List_Create(&emptyList, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create(oidAnyPolicy, + NULL, + PKIX_TRUE, + expectedAnyList, + &parentNode, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create(oidNist2Policy, + policyQualifierList, + PKIX_TRUE, + expectedNist1Nist2List, + &childNode1, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create(oidNist1Policy, + policyQualifierList, + PKIX_TRUE, + expectedNist1List, + &childNode2, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create(oidNist2Policy, + policyQualifierList, + PKIX_TRUE, + expectedNist2List, + &childNode3, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create(oidNist1Policy, + emptyList, + PKIX_FALSE, + expectedNist1List, + &childNode4, + plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Create(oidNist1Policy, + NULL, + PKIX_TRUE, + expectedNist1List, + &childNode5, + plContext)); + + subTest("Creating the PolicyNode tree"); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent(parentNode, childNode1, plContext)); + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent(parentNode, childNode2, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent(childNode1, childNode3, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent(childNode2, childNode4, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_AddToParent(childNode4, childNode5, plContext)); + + subTest("Displaying PolicyNode objects"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)parentNode, &parentString, plContext)); + (void)printf("parentNode is\n\t%s\n", parentString->escAsciiString); + + testToStringHelper((PKIX_PL_Object *)parentNode, expectedTree, plContext); + + test_DuplicateHelper(parentNode, plContext); + + test_GetParent(childNode3, childNode3, childNode4, expectedParentAscii); + test_GetValidPolicy(childNode1, childNode3, parentNode, expectedValidAscii); + test_GetPolicyQualifiers(childNode1, childNode3, childNode4, expectedQualifiersAscii); + test_GetExpectedPolicies(childNode2, childNode4, childNode3, expectedPoliciesAscii); + test_IsCritical(childNode1, childNode2, childNode4); + test_GetDepth(childNode2, childNode4, childNode5); + + subTest("pkix_PolicyNode_Prune"); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Prune(parentNode, 2, &pDelete, plContext)); + + testToStringHelper((PKIX_PL_Object *)parentNode, expectedTree, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_PolicyNode_Prune(parentNode, 3, &pDelete, plContext)); + + testToStringHelper((PKIX_PL_Object *)parentNode, expectedPrunedTree, plContext); + + test_GetChildren(parentNode, parentNode, childNode2); + +cleanup: + + PKIX_TEST_DECREF_AC(cert); + PKIX_TEST_DECREF_AC(nist1Policy); + PKIX_TEST_DECREF_AC(nist2Policy); + PKIX_TEST_DECREF_AC(policyQualifierList); + PKIX_TEST_DECREF_AC(oidAnyPolicy); + PKIX_TEST_DECREF_AC(oidNist1Policy); + PKIX_TEST_DECREF_AC(oidNist2Policy); + PKIX_TEST_DECREF_AC(expectedAnyList); + PKIX_TEST_DECREF_AC(expectedNist1List); + PKIX_TEST_DECREF_AC(expectedNist2List); + PKIX_TEST_DECREF_AC(expectedNist1Nist2List); + PKIX_TEST_DECREF_AC(emptyList); + PKIX_TEST_DECREF_AC(parentNode); + PKIX_TEST_DECREF_AC(childNode1); + PKIX_TEST_DECREF_AC(childNode2); + PKIX_TEST_DECREF_AC(childNode3); + PKIX_TEST_DECREF_AC(childNode4); + PKIX_TEST_DECREF_AC(childNode5); + PKIX_TEST_DECREF_AC(parentString); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("PolicyNode"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix/results/test_valresult.c b/security/nss/cmd/libpkix/pkix/results/test_valresult.c new file mode 100644 index 0000000000..7760a431e3 --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/results/test_valresult.c @@ -0,0 +1,199 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_valresult.c + * + * Test ValidateResult Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +testDestroy(void *goodObject, void *equalObject, void *diffObject) +{ + PKIX_TEST_STD_VARS(); + + subTest("PKIX_ValidateResult_Destroy"); + + PKIX_TEST_DECREF_BC(goodObject); + PKIX_TEST_DECREF_BC(equalObject); + PKIX_TEST_DECREF_BC(diffObject); + +cleanup: + + PKIX_TEST_RETURN(); +} + +static void +testGetPublicKey( + PKIX_ValidateResult *goodObject, + PKIX_ValidateResult *equalObject) +{ + + PKIX_PL_PublicKey *goodPubKey = NULL; + PKIX_PL_PublicKey *equalPubKey = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_ValidateResult_GetPublicKey"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPublicKey(goodObject, &goodPubKey, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPublicKey(equalObject, &equalPubKey, plContext)); + + testEqualsHelper((PKIX_PL_Object *)goodPubKey, + (PKIX_PL_Object *)equalPubKey, + PKIX_TRUE, + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(goodPubKey); + PKIX_TEST_DECREF_AC(equalPubKey); + + PKIX_TEST_RETURN(); +} + +static void +testGetTrustAnchor( + PKIX_ValidateResult *goodObject, + PKIX_ValidateResult *equalObject) +{ + + PKIX_TrustAnchor *goodAnchor = NULL; + PKIX_TrustAnchor *equalAnchor = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_ValidateResult_GetTrustAnchor"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetTrustAnchor(goodObject, &goodAnchor, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetTrustAnchor(equalObject, &equalAnchor, plContext)); + + testEqualsHelper((PKIX_PL_Object *)goodAnchor, + (PKIX_PL_Object *)equalAnchor, + PKIX_TRUE, + plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(goodAnchor); + PKIX_TEST_DECREF_AC(equalAnchor); + + PKIX_TEST_RETURN(); +} + +static void +testGetPolicyTree( + PKIX_ValidateResult *goodObject, + PKIX_ValidateResult *equalObject) +{ + + PKIX_PolicyNode *goodTree = NULL; + PKIX_PolicyNode *equalTree = NULL; + + PKIX_TEST_STD_VARS(); + subTest("PKIX_ValidateResult_GetPolicyTree"); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPolicyTree(goodObject, &goodTree, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_ValidateResult_GetPolicyTree(equalObject, &equalTree, plContext)); + + if (goodTree) { + testEqualsHelper((PKIX_PL_Object *)goodTree, + (PKIX_PL_Object *)equalTree, + PKIX_TRUE, + plContext); + } else if (equalTree) { + pkixTestErrorMsg = "Mismatch: NULL and non-NULL Policy Trees"; + } + +cleanup: + + PKIX_TEST_DECREF_AC(goodTree); + PKIX_TEST_DECREF_AC(equalTree); + + PKIX_TEST_RETURN(); +} + +static void +printUsage(char *pName) +{ + printf("\nUSAGE: %s <central-data-dir>\n\n", pName); +} + +int +test_valresult(int argc, char *argv[]) +{ + + PKIX_ValidateResult *goodObject = NULL; + PKIX_ValidateResult *equalObject = NULL; + PKIX_ValidateResult *diffObject = NULL; + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + + char *goodInput = "yassir2yassir"; + char *diffInput = "yassir2bcn"; + char *dirName = NULL; + + char *expectedAscii = + "[\n" + "\tTrustAnchor: \t\t" + "[\n" + "\tTrusted CA Name: " + "CN=yassir,OU=bcn,OU=east,O=sun,C=us\n" + "\tTrusted CA PublicKey: ANSI X9.57 DSA Signature\n" + "\tInitial Name Constraints:(null)\n" + "]\n" + "\tPubKey: \t\t" + "ANSI X9.57 DSA Signature\n" + "\tPolicyTree: \t\t(null)\n" + "]\n"; + + PKIX_TEST_STD_VARS(); + + startTests("ValidateResult"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + if (argc < 2) { + printUsage(argv[0]); + return (0); + } + + dirName = argv[j + 1]; + + subTest("pkix_ValidateResult_Create"); + + goodObject = createValidateResult(dirName, goodInput, diffInput, plContext); + equalObject = createValidateResult(dirName, goodInput, diffInput, plContext); + diffObject = createValidateResult(dirName, diffInput, goodInput, plContext); + + testGetPublicKey(goodObject, equalObject); + testGetTrustAnchor(goodObject, equalObject); + testGetPolicyTree(goodObject, equalObject); + + PKIX_TEST_EQ_HASH_TOSTR_DUP(goodObject, + equalObject, + diffObject, + expectedAscii, + ValidateResult, + PKIX_FALSE); + + testDestroy(goodObject, equalObject, diffObject); + +cleanup: + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("ValidateResult"); + + return (0); +} diff --git a/security/nss/cmd/libpkix/pkix/results/test_verifynode.c b/security/nss/cmd/libpkix/pkix/results/test_verifynode.c new file mode 100644 index 0000000000..21c61aa96c --- /dev/null +++ b/security/nss/cmd/libpkix/pkix/results/test_verifynode.c @@ -0,0 +1,112 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* + * test_verifynode.c + * + * Test VerifyNode Type + * + */ + +#include "testutil.h" +#include "testutil_nss.h" + +static void *plContext = NULL; + +static void +printUsage(void) +{ + (void)printf("\nUSAGE:\ttest_verifynode path cert1 cert2 cert3\n\n"); +} + +int +test_verifynode(int argc, char *argv[]) +{ + + /* + * Create a tree with parent = cert1, child=cert2, grandchild=cert3 + */ + PKIX_PL_Cert *cert1 = NULL; + PKIX_PL_Cert *cert2 = NULL; + PKIX_PL_Cert *cert3 = NULL; + PKIX_VerifyNode *parentNode = NULL; + PKIX_VerifyNode *childNode = NULL; + PKIX_VerifyNode *grandChildNode = NULL; + PKIX_PL_String *parentString = NULL; + + PKIX_UInt32 actualMinorVersion; + PKIX_UInt32 j = 0; + char *dirName = NULL; + char *twoNodeAscii = "CERT[Issuer:CN=Trust Anchor,O=Test Cert" + "ificates,C=US, Subject:CN=Trust Anchor,O=Test Certif" + "icates,C=US], depth=0, error=(null)\n. CERT[Issuer:C" + "N=Trust Anchor,O=Test Certificates,C=US, Subject:CN=" + "Good CA,O=Test Certificates,C=US], depth=1, error=(null)"; + char *threeNodeAscii = "CERT[Issuer:CN=Trust Anchor,O=Test Ce" + "rtificates,C=US, Subject:CN=Trust Anchor,O=Test Cert" + "ificates,C=US], depth=0, error=(null)\n. CERT[Issuer" + ":CN=Trust Anchor,O=Test Certificates,C=US, Subject:C" + "N=Good CA,O=Test Certificates,C=US], depth=1, error=" + "(null)\n. . CERT[Issuer:CN=Good CA,O=Test Certificat" + "es,C=US, Subject:CN=Valid EE Certificate Test1,O=Tes" + "t Certificates,C=US], depth=2, error=(null)"; + + PKIX_TEST_STD_VARS(); + + if (argc < 3) { + printUsage(); + return (0); + } + + startTests("VerifyNode"); + + PKIX_TEST_EXPECT_NO_ERROR( + PKIX_PL_NssContext_Create(0, PKIX_FALSE, NULL, &plContext)); + + dirName = argv[++j]; + + subTest("Creating Certs"); + + cert1 = createCert(dirName, argv[++j], plContext); + + cert2 = createCert(dirName, argv[++j], plContext); + + cert3 = createCert(dirName, argv[++j], plContext); + + subTest("Creating VerifyNode objects"); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_Create(cert1, 0, NULL, &parentNode, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_Create(cert2, 1, NULL, &childNode, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_Create(cert3, 2, NULL, &grandChildNode, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_AddToChain(parentNode, childNode, plContext)); + + subTest("Creating VerifyNode ToString objects"); + + testToStringHelper((PKIX_PL_Object *)parentNode, twoNodeAscii, plContext); + + PKIX_TEST_EXPECT_NO_ERROR(pkix_VerifyNode_AddToChain(parentNode, grandChildNode, plContext)); + + PKIX_TEST_EXPECT_NO_ERROR(PKIX_PL_Object_ToString((PKIX_PL_Object *)parentNode, &parentString, plContext)); + (void)printf("parentNode is\n\t%s\n", parentString->escAsciiString); + + testToStringHelper((PKIX_PL_Object *)parentNode, threeNodeAscii, plContext); + +cleanup: + + PKIX_TEST_DECREF_AC(cert1); + PKIX_TEST_DECREF_AC(cert2); + PKIX_TEST_DECREF_AC(parentNode); + PKIX_TEST_DECREF_AC(childNode); + PKIX_TEST_DECREF_AC(parentString); + + PKIX_Shutdown(plContext); + + PKIX_TEST_RETURN(); + + endTests("VerifyNode"); + + return (0); +} |